mirror of
https://github.com/mastodon/mastodon.git
synced 2024-12-22 22:15:23 +01:00
Move controller specs for well-known
endpoints to request specs (#27855)
This commit is contained in:
parent
bd575a1dd6
commit
3de9145613
8 changed files with 340 additions and 345 deletions
|
@ -1,22 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe WellKnown::HostMetaController do
|
||||
render_views
|
||||
|
||||
describe 'GET #show' do
|
||||
it 'returns http success' do
|
||||
get :show, format: :xml
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/xrd+xml'
|
||||
expect(response.body).to eq <<~XML
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0">
|
||||
<Link rel="lrdd" template="https://cb6e6126.ngrok.io/.well-known/webfinger?resource={uri}"/>
|
||||
</XRD>
|
||||
XML
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,41 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe WellKnown::NodeInfoController do
|
||||
render_views
|
||||
|
||||
describe 'GET #index' do
|
||||
it 'returns json document pointing to node info' do
|
||||
get :index
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/json'
|
||||
|
||||
json = body_as_json
|
||||
|
||||
expect(json[:links]).to be_an Array
|
||||
expect(json[:links][0][:rel]).to eq 'http://nodeinfo.diaspora.software/ns/schema/2.0'
|
||||
expect(json[:links][0][:href]).to include 'nodeinfo/2.0'
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #show' do
|
||||
it 'returns json document with node info properties' do
|
||||
get :show
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/json'
|
||||
|
||||
json = body_as_json
|
||||
foo = { 'foo' => 0 }
|
||||
|
||||
expect(foo).to_not match_json_schema('nodeinfo_2.0')
|
||||
expect(json).to match_json_schema('nodeinfo_2.0')
|
||||
expect(json[:version]).to eq '2.0'
|
||||
expect(json[:usage]).to be_a Hash
|
||||
expect(json[:software]).to be_a Hash
|
||||
expect(json[:protocols]).to be_an Array
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,235 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe WellKnown::WebfingerController do
|
||||
include RoutingHelper
|
||||
|
||||
render_views
|
||||
|
||||
describe 'GET #show' do
|
||||
subject(:perform_show!) do
|
||||
get :show, params: { resource: resource }, format: :json
|
||||
end
|
||||
|
||||
let(:alternate_domains) { [] }
|
||||
let(:alice) { Fabricate(:account, username: 'alice') }
|
||||
let(:resource) { nil }
|
||||
|
||||
around do |example|
|
||||
tmp = Rails.configuration.x.alternate_domains
|
||||
Rails.configuration.x.alternate_domains = alternate_domains
|
||||
example.run
|
||||
Rails.configuration.x.alternate_domains = tmp
|
||||
end
|
||||
|
||||
shared_examples 'a successful response' do
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'does not set a Vary header' do
|
||||
expect(response.headers['Vary']).to be_nil
|
||||
end
|
||||
|
||||
it 'returns application/jrd+json' do
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
|
||||
it 'returns links for the account' do
|
||||
json = body_as_json
|
||||
expect(json[:subject]).to eq 'acct:alice@cb6e6126.ngrok.io'
|
||||
expect(json[:aliases]).to include('https://cb6e6126.ngrok.io/@alice', 'https://cb6e6126.ngrok.io/users/alice')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account exists' do
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
before do
|
||||
perform_show!
|
||||
end
|
||||
|
||||
it_behaves_like 'a successful response'
|
||||
end
|
||||
|
||||
context 'when an account is temporarily suspended' do
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
before do
|
||||
alice.suspend!
|
||||
perform_show!
|
||||
end
|
||||
|
||||
it_behaves_like 'a successful response'
|
||||
end
|
||||
|
||||
context 'when an account is permanently suspended or deleted' do
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
before do
|
||||
alice.suspend!
|
||||
alice.deletion_request.destroy
|
||||
perform_show!
|
||||
end
|
||||
|
||||
it 'returns http gone' do
|
||||
expect(response).to have_http_status(410)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account is not found' do
|
||||
let(:resource) { 'acct:not@existing.com' }
|
||||
|
||||
before do
|
||||
perform_show!
|
||||
end
|
||||
|
||||
it 'returns http not found' do
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with an alternate domain' do
|
||||
let(:alternate_domains) { ['foo.org'] }
|
||||
|
||||
before do
|
||||
perform_show!
|
||||
end
|
||||
|
||||
context 'when an account exists' do
|
||||
let(:resource) do
|
||||
username, = alice.to_webfinger_s.split('@')
|
||||
"#{username}@foo.org"
|
||||
end
|
||||
|
||||
it_behaves_like 'a successful response'
|
||||
end
|
||||
|
||||
context 'when the domain is wrong' do
|
||||
let(:resource) do
|
||||
username, = alice.to_webfinger_s.split('@')
|
||||
"#{username}@bar.org"
|
||||
end
|
||||
|
||||
it 'returns http not found' do
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the old name scheme is used to query the instance actor' do
|
||||
let(:resource) do
|
||||
"#{Rails.configuration.x.local_domain}@#{Rails.configuration.x.local_domain}"
|
||||
end
|
||||
|
||||
before do
|
||||
perform_show!
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'does not set a Vary header' do
|
||||
expect(response.headers['Vary']).to be_nil
|
||||
end
|
||||
|
||||
it 'returns application/jrd+json' do
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
|
||||
it 'returns links for the internal account' do
|
||||
json = body_as_json
|
||||
expect(json[:subject]).to eq 'acct:mastodon.internal@cb6e6126.ngrok.io'
|
||||
expect(json[:aliases]).to eq ['https://cb6e6126.ngrok.io/actor']
|
||||
end
|
||||
end
|
||||
|
||||
context 'with no resource parameter' do
|
||||
let(:resource) { nil }
|
||||
|
||||
before do
|
||||
perform_show!
|
||||
end
|
||||
|
||||
it 'returns http bad request' do
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with a nonsense parameter' do
|
||||
let(:resource) { 'df/:dfkj' }
|
||||
|
||||
before do
|
||||
perform_show!
|
||||
end
|
||||
|
||||
it 'returns http bad request' do
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account has an avatar' do
|
||||
let(:alice) { Fabricate(:account, username: 'alice', avatar: attachment_fixture('attachment.jpg')) }
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
it 'returns avatar in response' do
|
||||
perform_show!
|
||||
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to_not be_nil
|
||||
expect(avatar_link[:type]).to eq alice.avatar.content_type
|
||||
expect(avatar_link[:href]).to eq full_asset_url(alice.avatar)
|
||||
end
|
||||
|
||||
context 'with limited federation mode' do
|
||||
before do
|
||||
allow(Rails.configuration.x).to receive(:limited_federation_mode).and_return(true)
|
||||
end
|
||||
|
||||
it 'does not return avatar in response' do
|
||||
perform_show!
|
||||
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
context 'when enabling DISALLOW_UNAUTHENTICATED_API_ACCESS' do
|
||||
around do |example|
|
||||
ClimateControl.modify DISALLOW_UNAUTHENTICATED_API_ACCESS: 'true' do
|
||||
example.run
|
||||
end
|
||||
end
|
||||
|
||||
it 'does not return avatar in response' do
|
||||
perform_show!
|
||||
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to be_nil
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account does not have an avatar' do
|
||||
let(:alice) { Fabricate(:account, username: 'alice', avatar: nil) }
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
before do
|
||||
perform_show!
|
||||
end
|
||||
|
||||
it 'does not return avatar in response' do
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to be_nil
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def get_avatar_link(json)
|
||||
json[:links].find { |link| link[:rel] == 'http://webfinger.net/rel/avatar' }
|
||||
end
|
||||
end
|
|
@ -1,14 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe 'The host_meta route' do
|
||||
describe 'requested without accepts headers' do
|
||||
it 'returns an xml response' do
|
||||
get host_meta_url
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/xrd+xml'
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,33 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe 'The webfinger route' do
|
||||
let(:alice) { Fabricate(:account, username: 'alice') }
|
||||
|
||||
describe 'requested with standard accepts headers' do
|
||||
it 'returns a json response' do
|
||||
get webfinger_url(resource: alice.to_webfinger_s)
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
end
|
||||
|
||||
describe 'asking for json format' do
|
||||
it 'returns a json response for json format' do
|
||||
get webfinger_url(resource: alice.to_webfinger_s, format: :json)
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
|
||||
it 'returns a json response for json accept header' do
|
||||
headers = { 'HTTP_ACCEPT' => 'application/jrd+json' }
|
||||
get webfinger_url(resource: alice.to_webfinger_s), headers: headers
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
end
|
||||
end
|
27
spec/requests/well_known/host_meta_spec.rb
Normal file
27
spec/requests/well_known/host_meta_spec.rb
Normal file
|
@ -0,0 +1,27 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe 'The /.well-known/host-meta request' do
|
||||
it 'returns http success with valid XML response' do
|
||||
get '/.well-known/host-meta'
|
||||
|
||||
expect(response)
|
||||
.to have_http_status(200)
|
||||
.and have_attributes(
|
||||
media_type: 'application/xrd+xml',
|
||||
body: host_meta_xml_template
|
||||
)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def host_meta_xml_template
|
||||
<<~XML
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0">
|
||||
<Link rel="lrdd" template="https://cb6e6126.ngrok.io/.well-known/webfinger?resource={uri}"/>
|
||||
</XRD>
|
||||
XML
|
||||
end
|
||||
end
|
58
spec/requests/well_known/node_info_spec.rb
Normal file
58
spec/requests/well_known/node_info_spec.rb
Normal file
|
@ -0,0 +1,58 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe 'The well-known node-info endpoints' do
|
||||
describe 'The /.well-known/node-info endpoint' do
|
||||
it 'returns JSON document pointing to node info' do
|
||||
get '/.well-known/nodeinfo'
|
||||
|
||||
expect(response)
|
||||
.to have_http_status(200)
|
||||
.and have_attributes(
|
||||
media_type: 'application/json'
|
||||
)
|
||||
|
||||
expect(body_as_json).to include(
|
||||
links: be_an(Array).and(
|
||||
contain_exactly(
|
||||
include(
|
||||
rel: 'http://nodeinfo.diaspora.software/ns/schema/2.0',
|
||||
href: include('nodeinfo/2.0')
|
||||
)
|
||||
)
|
||||
)
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'The /nodeinfo/2.0 endpoint' do
|
||||
it 'returns JSON document with node info properties' do
|
||||
get '/nodeinfo/2.0'
|
||||
|
||||
expect(response)
|
||||
.to have_http_status(200)
|
||||
.and have_attributes(
|
||||
media_type: 'application/json'
|
||||
)
|
||||
|
||||
expect(non_matching_hash)
|
||||
.to_not match_json_schema('nodeinfo_2.0')
|
||||
|
||||
expect(body_as_json)
|
||||
.to match_json_schema('nodeinfo_2.0')
|
||||
.and include(
|
||||
version: '2.0',
|
||||
usage: be_a(Hash),
|
||||
software: be_a(Hash),
|
||||
protocols: be_a(Array)
|
||||
)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def non_matching_hash
|
||||
{ 'foo' => 0 }
|
||||
end
|
||||
end
|
||||
end
|
255
spec/requests/well_known/webfinger_spec.rb
Normal file
255
spec/requests/well_known/webfinger_spec.rb
Normal file
|
@ -0,0 +1,255 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe 'The /.well-known/webfinger endpoint' do
|
||||
subject(:perform_request!) { get webfinger_url(resource: resource) }
|
||||
|
||||
let(:alternate_domains) { [] }
|
||||
let(:alice) { Fabricate(:account, username: 'alice') }
|
||||
let(:resource) { nil }
|
||||
|
||||
around do |example|
|
||||
tmp = Rails.configuration.x.alternate_domains
|
||||
Rails.configuration.x.alternate_domains = alternate_domains
|
||||
example.run
|
||||
Rails.configuration.x.alternate_domains = tmp
|
||||
end
|
||||
|
||||
shared_examples 'a successful response' do
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'sets only a Vary Origin header' do
|
||||
expect(response.headers['Vary']).to eq('Origin')
|
||||
end
|
||||
|
||||
it 'returns application/jrd+json' do
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
|
||||
it 'returns links for the account' do
|
||||
json = body_as_json
|
||||
expect(json[:subject]).to eq 'acct:alice@cb6e6126.ngrok.io'
|
||||
expect(json[:aliases]).to include('https://cb6e6126.ngrok.io/@alice', 'https://cb6e6126.ngrok.io/users/alice')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account exists' do
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
before do
|
||||
perform_request!
|
||||
end
|
||||
|
||||
it_behaves_like 'a successful response'
|
||||
end
|
||||
|
||||
context 'when an account is temporarily suspended' do
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
before do
|
||||
alice.suspend!
|
||||
perform_request!
|
||||
end
|
||||
|
||||
it_behaves_like 'a successful response'
|
||||
end
|
||||
|
||||
context 'when an account is permanently suspended or deleted' do
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
before do
|
||||
alice.suspend!
|
||||
alice.deletion_request.destroy
|
||||
perform_request!
|
||||
end
|
||||
|
||||
it 'returns http gone' do
|
||||
expect(response).to have_http_status(410)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account is not found' do
|
||||
let(:resource) { 'acct:not@existing.com' }
|
||||
|
||||
before do
|
||||
perform_request!
|
||||
end
|
||||
|
||||
it 'returns http not found' do
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with an alternate domain' do
|
||||
let(:alternate_domains) { ['foo.org'] }
|
||||
|
||||
before do
|
||||
perform_request!
|
||||
end
|
||||
|
||||
context 'when an account exists' do
|
||||
let(:resource) do
|
||||
username, = alice.to_webfinger_s.split('@')
|
||||
"#{username}@foo.org"
|
||||
end
|
||||
|
||||
it_behaves_like 'a successful response'
|
||||
end
|
||||
|
||||
context 'when the domain is wrong' do
|
||||
let(:resource) do
|
||||
username, = alice.to_webfinger_s.split('@')
|
||||
"#{username}@bar.org"
|
||||
end
|
||||
|
||||
it 'returns http not found' do
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the old name scheme is used to query the instance actor' do
|
||||
let(:resource) do
|
||||
"#{Rails.configuration.x.local_domain}@#{Rails.configuration.x.local_domain}"
|
||||
end
|
||||
|
||||
before do
|
||||
perform_request!
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'sets only a Vary Origin header' do
|
||||
expect(response.headers['Vary']).to eq('Origin')
|
||||
end
|
||||
|
||||
it 'returns application/jrd+json' do
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
|
||||
it 'returns links for the internal account' do
|
||||
json = body_as_json
|
||||
expect(json[:subject]).to eq 'acct:mastodon.internal@cb6e6126.ngrok.io'
|
||||
expect(json[:aliases]).to eq ['https://cb6e6126.ngrok.io/actor']
|
||||
end
|
||||
end
|
||||
|
||||
context 'with no resource parameter' do
|
||||
let(:resource) { nil }
|
||||
|
||||
before do
|
||||
perform_request!
|
||||
end
|
||||
|
||||
it 'returns http bad request' do
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with a nonsense parameter' do
|
||||
let(:resource) { 'df/:dfkj' }
|
||||
|
||||
before do
|
||||
perform_request!
|
||||
end
|
||||
|
||||
it 'returns http bad request' do
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account has an avatar' do
|
||||
let(:alice) { Fabricate(:account, username: 'alice', avatar: attachment_fixture('attachment.jpg')) }
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
it 'returns avatar in response' do
|
||||
perform_request!
|
||||
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to_not be_nil
|
||||
expect(avatar_link[:type]).to eq alice.avatar.content_type
|
||||
expect(avatar_link[:href]).to eq Addressable::URI.new(host: Rails.configuration.x.local_domain, path: alice.avatar.to_s, scheme: 'https').to_s
|
||||
end
|
||||
|
||||
context 'with limited federation mode' do
|
||||
before do
|
||||
allow(Rails.configuration.x).to receive(:limited_federation_mode).and_return(true)
|
||||
end
|
||||
|
||||
it 'does not return avatar in response' do
|
||||
perform_request!
|
||||
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
context 'when enabling DISALLOW_UNAUTHENTICATED_API_ACCESS' do
|
||||
around do |example|
|
||||
ClimateControl.modify DISALLOW_UNAUTHENTICATED_API_ACCESS: 'true' do
|
||||
example.run
|
||||
end
|
||||
end
|
||||
|
||||
it 'does not return avatar in response' do
|
||||
perform_request!
|
||||
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to be_nil
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account does not have an avatar' do
|
||||
let(:alice) { Fabricate(:account, username: 'alice', avatar: nil) }
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
before do
|
||||
perform_request!
|
||||
end
|
||||
|
||||
it 'does not return avatar in response' do
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
context 'with different headers' do
|
||||
describe 'requested with standard accepts headers' do
|
||||
it 'returns a json response' do
|
||||
get webfinger_url(resource: alice.to_webfinger_s)
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
end
|
||||
|
||||
describe 'asking for json format' do
|
||||
it 'returns a json response for json format' do
|
||||
get webfinger_url(resource: alice.to_webfinger_s, format: :json)
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
|
||||
it 'returns a json response for json accept header' do
|
||||
headers = { 'HTTP_ACCEPT' => 'application/jrd+json' }
|
||||
get webfinger_url(resource: alice.to_webfinger_s), headers: headers
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.media_type).to eq 'application/jrd+json'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def get_avatar_link(json)
|
||||
json[:links].find { |link| link[:rel] == 'http://webfinger.net/rel/avatar' }
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue