[#1560] Restricted AP- & OStatus-related routes for non-federating instances.
This commit is contained in:
parent
1961a680ec
commit
0cf1d4fcd0
10 changed files with 166 additions and 158 deletions
|
@ -21,6 +21,9 @@ def call(conn, _) do
|
|||
defp enabled?, do: Pleroma.Config.get([:static_fe, :enabled], false)
|
||||
|
||||
defp accepts_html?(conn) do
|
||||
conn |> get_req_header("accept") |> List.first() |> String.contains?("text/html")
|
||||
conn
|
||||
|> get_req_header("accept")
|
||||
|> List.first()
|
||||
|> String.contains?("text/html")
|
||||
end
|
||||
end
|
||||
|
|
|
@ -30,7 +30,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
|||
when action in [:activity, :object]
|
||||
)
|
||||
|
||||
plug(Pleroma.Web.FederatingPlug when action in [:inbox, :relay])
|
||||
plug(Pleroma.Web.FederatingPlug)
|
||||
plug(:set_requester_reachable when action in [:inbox])
|
||||
plug(:relay_active? when action in [:relay])
|
||||
|
||||
|
|
|
@ -16,6 +16,8 @@ defmodule Pleroma.Web.OStatus.OStatusController do
|
|||
alias Pleroma.Web.Metadata.PlayerView
|
||||
alias Pleroma.Web.Router
|
||||
|
||||
plug(Pleroma.Web.FederatingPlug)
|
||||
|
||||
plug(
|
||||
RateLimiter,
|
||||
[name: :ap_routes, params: ["uuid"]] when action in [:object, :activity]
|
||||
|
|
|
@ -16,6 +16,8 @@ defmodule Pleroma.Web.TwitterAPI.RemoteFollowController do
|
|||
|
||||
@status_types ["Article", "Event", "Note", "Video", "Page", "Question"]
|
||||
|
||||
plug(Pleroma.Web.FederatingPlug)
|
||||
|
||||
# Note: follower can submit the form (with password auth) not being signed in (having no token)
|
||||
plug(
|
||||
OAuthScopesPlug,
|
||||
|
|
|
@ -17,6 +17,8 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
|
|||
alias Pleroma.Web.CommonAPI
|
||||
alias Pleroma.Web.WebFinger
|
||||
|
||||
plug(Pleroma.Web.FederatingPlug when action == :remote_subscribe)
|
||||
|
||||
plug(
|
||||
OAuthScopesPlug,
|
||||
%{scopes: ["follow", "write:follows"]}
|
||||
|
|
|
@ -23,6 +23,10 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
|
|||
:ok
|
||||
end
|
||||
|
||||
clear_config_all([:instance, :federating]) do
|
||||
Pleroma.Config.put([:instance, :federating], true)
|
||||
end
|
||||
|
||||
describe "gather_webfinger_links/1" do
|
||||
test "it returns links" do
|
||||
user = insert(:user)
|
||||
|
|
|
@ -8,13 +8,19 @@ defmodule Pleroma.Web.Feed.UserControllerTest do
|
|||
import Pleroma.Factory
|
||||
import SweetXml
|
||||
|
||||
alias Pleroma.Config
|
||||
alias Pleroma.Object
|
||||
alias Pleroma.User
|
||||
|
||||
clear_config_all([:instance, :federating]) do
|
||||
Config.put([:instance, :federating], true)
|
||||
end
|
||||
|
||||
describe "feed" do
|
||||
clear_config([:feed])
|
||||
|
||||
test "gets a feed", %{conn: conn} do
|
||||
Pleroma.Config.put(
|
||||
Config.put(
|
||||
[:feed, :post_title],
|
||||
%{max_length: 10, omission: "..."}
|
||||
)
|
||||
|
@ -27,7 +33,9 @@ test "gets a feed", %{conn: conn} do
|
|||
"content" => "This is :moominmamma: note ",
|
||||
"attachment" => [
|
||||
%{
|
||||
"url" => [%{"mediaType" => "image/png", "href" => "https://pleroma.gov/image.png"}]
|
||||
"url" => [
|
||||
%{"mediaType" => "image/png", "href" => "https://pleroma.gov/image.png"}
|
||||
]
|
||||
}
|
||||
],
|
||||
"inReplyTo" => activity.data["id"]
|
||||
|
@ -40,7 +48,10 @@ test "gets a feed", %{conn: conn} do
|
|||
note2 =
|
||||
insert(:note,
|
||||
user: user,
|
||||
data: %{"content" => "42 This is :moominmamma: note ", "inReplyTo" => activity.data["id"]}
|
||||
data: %{
|
||||
"content" => "42 This is :moominmamma: note ",
|
||||
"inReplyTo" => activity.data["id"]
|
||||
}
|
||||
)
|
||||
|
||||
_note_activity2 = insert(:note_activity, note: note2)
|
||||
|
@ -69,6 +80,7 @@ test "returns 404 for a missing feed", %{conn: conn} do
|
|||
|
||||
assert response(conn, 404)
|
||||
end
|
||||
end
|
||||
|
||||
describe "feed_redirect" do
|
||||
test "undefined format. it redirects to feed", %{conn: conn} do
|
||||
|
@ -248,4 +260,29 @@ test "html format. it returns error when user not found", %{conn: conn} do
|
|||
assert response == %{"error" => "Not found"}
|
||||
end
|
||||
end
|
||||
|
||||
describe "feed_redirect (depending on federation enabled state)" do
|
||||
setup %{conn: conn} do
|
||||
user = insert(:user)
|
||||
conn = put_req_header(conn, "accept", "application/json")
|
||||
|
||||
%{conn: conn, user: user}
|
||||
end
|
||||
|
||||
clear_config([:instance, :federating])
|
||||
|
||||
test "renders if instance is federating", %{conn: conn, user: user} do
|
||||
Config.put([:instance, :federating], true)
|
||||
|
||||
conn = get(conn, "/users/#{user.nickname}")
|
||||
assert json_response(conn, 200)
|
||||
end
|
||||
|
||||
test "renders 404 if instance is NOT federating", %{conn: conn, user: user} do
|
||||
Config.put([:instance, :federating], false)
|
||||
|
||||
conn = get(conn, "/users/#{user.nickname}")
|
||||
assert json_response(conn, 404)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,56 +1,42 @@
|
|||
defmodule Pleroma.Web.StaticFE.StaticFEControllerTest do
|
||||
use Pleroma.Web.ConnCase
|
||||
|
||||
alias Pleroma.Activity
|
||||
alias Pleroma.Config
|
||||
alias Pleroma.Web.ActivityPub.Transmogrifier
|
||||
alias Pleroma.Web.CommonAPI
|
||||
|
||||
import Pleroma.Factory
|
||||
|
||||
clear_config_all([:static_fe, :enabled]) do
|
||||
Pleroma.Config.put([:static_fe, :enabled], true)
|
||||
Config.put([:static_fe, :enabled], true)
|
||||
end
|
||||
|
||||
describe "user profile page" do
|
||||
test "just the profile as HTML", %{conn: conn} do
|
||||
setup %{conn: conn} do
|
||||
conn = put_req_header(conn, "accept", "text/html")
|
||||
user = insert(:user)
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/users/#{user.nickname}")
|
||||
%{conn: conn, user: user}
|
||||
end
|
||||
|
||||
describe "user profile html" do
|
||||
test "just the profile as HTML", %{conn: conn, user: user} do
|
||||
conn = get(conn, "/users/#{user.nickname}")
|
||||
|
||||
assert html_response(conn, 200) =~ user.nickname
|
||||
end
|
||||
|
||||
test "renders json unless there's an html accept header", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "application/json")
|
||||
|> get("/users/#{user.nickname}")
|
||||
|
||||
assert json_response(conn, 200)
|
||||
end
|
||||
|
||||
test "404 when user not found", %{conn: conn} do
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/users/limpopo")
|
||||
conn = get(conn, "/users/limpopo")
|
||||
|
||||
assert html_response(conn, 404) =~ "not found"
|
||||
end
|
||||
|
||||
test "profile does not include private messages", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
test "profile does not include private messages", %{conn: conn, user: user} do
|
||||
CommonAPI.post(user, %{"status" => "public"})
|
||||
CommonAPI.post(user, %{"status" => "private", "visibility" => "private"})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/users/#{user.nickname}")
|
||||
conn = get(conn, "/users/#{user.nickname}")
|
||||
|
||||
html = html_response(conn, 200)
|
||||
|
||||
|
@ -58,14 +44,10 @@ test "profile does not include private messages", %{conn: conn} do
|
|||
refute html =~ ">private<"
|
||||
end
|
||||
|
||||
test "pagination", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
test "pagination", %{conn: conn, user: user} do
|
||||
Enum.map(1..30, fn i -> CommonAPI.post(user, %{"status" => "test#{i}"}) end)
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/users/#{user.nickname}")
|
||||
conn = get(conn, "/users/#{user.nickname}")
|
||||
|
||||
html = html_response(conn, 200)
|
||||
|
||||
|
@ -75,15 +57,11 @@ test "pagination", %{conn: conn} do
|
|||
refute html =~ ">test1<"
|
||||
end
|
||||
|
||||
test "pagination, page 2", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
test "pagination, page 2", %{conn: conn, user: user} do
|
||||
activities = Enum.map(1..30, fn i -> CommonAPI.post(user, %{"status" => "test#{i}"}) end)
|
||||
{:ok, a11} = Enum.at(activities, 11)
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/users/#{user.nickname}?max_id=#{a11.id}")
|
||||
conn = get(conn, "/users/#{user.nickname}?max_id=#{a11.id}")
|
||||
|
||||
html = html_response(conn, 200)
|
||||
|
||||
|
@ -94,15 +72,11 @@ test "pagination, page 2", %{conn: conn} do
|
|||
end
|
||||
end
|
||||
|
||||
describe "notice rendering" do
|
||||
test "single notice page", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
describe "notice html" do
|
||||
test "single notice page", %{conn: conn, user: user} do
|
||||
{:ok, activity} = CommonAPI.post(user, %{"status" => "testing a thing!"})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/notice/#{activity.id}")
|
||||
conn = get(conn, "/notice/#{activity.id}")
|
||||
|
||||
html = html_response(conn, 200)
|
||||
assert html =~ "<header>"
|
||||
|
@ -110,8 +84,7 @@ test "single notice page", %{conn: conn} do
|
|||
assert html =~ "testing a thing!"
|
||||
end
|
||||
|
||||
test "shows the whole thread", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
test "shows the whole thread", %{conn: conn, user: user} do
|
||||
{:ok, activity} = CommonAPI.post(user, %{"status" => "space: the final frontier"})
|
||||
|
||||
CommonAPI.post(user, %{
|
||||
|
@ -119,70 +92,47 @@ test "shows the whole thread", %{conn: conn} do
|
|||
"in_reply_to_status_id" => activity.id
|
||||
})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/notice/#{activity.id}")
|
||||
conn = get(conn, "/notice/#{activity.id}")
|
||||
|
||||
html = html_response(conn, 200)
|
||||
assert html =~ "the final frontier"
|
||||
assert html =~ "voyages"
|
||||
end
|
||||
|
||||
test "redirect by AP object ID", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
|
||||
test "redirect by AP object ID", %{conn: conn, user: user} do
|
||||
{:ok, %Activity{data: %{"object" => object_url}}} =
|
||||
CommonAPI.post(user, %{"status" => "beam me up"})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get(URI.parse(object_url).path)
|
||||
conn = get(conn, URI.parse(object_url).path)
|
||||
|
||||
assert html_response(conn, 302) =~ "redirected"
|
||||
end
|
||||
|
||||
test "redirect by activity ID", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
|
||||
test "redirect by activity ID", %{conn: conn, user: user} do
|
||||
{:ok, %Activity{data: %{"id" => id}}} =
|
||||
CommonAPI.post(user, %{"status" => "I'm a doctor, not a devops!"})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get(URI.parse(id).path)
|
||||
conn = get(conn, URI.parse(id).path)
|
||||
|
||||
assert html_response(conn, 302) =~ "redirected"
|
||||
end
|
||||
|
||||
test "404 when notice not found", %{conn: conn} do
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/notice/88c9c317")
|
||||
conn = get(conn, "/notice/88c9c317")
|
||||
|
||||
assert html_response(conn, 404) =~ "not found"
|
||||
end
|
||||
|
||||
test "404 for private status", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
|
||||
test "404 for private status", %{conn: conn, user: user} do
|
||||
{:ok, activity} =
|
||||
CommonAPI.post(user, %{"status" => "don't show me!", "visibility" => "private"})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/notice/#{activity.id}")
|
||||
conn = get(conn, "/notice/#{activity.id}")
|
||||
|
||||
assert html_response(conn, 404) =~ "not found"
|
||||
end
|
||||
|
||||
test "302 for remote cached status", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
|
||||
test "302 for remote cached status", %{conn: conn, user: user} do
|
||||
message = %{
|
||||
"@context" => "https://www.w3.org/ns/activitystreams",
|
||||
"to" => user.follower_address,
|
||||
|
@ -199,10 +149,7 @@ test "302 for remote cached status", %{conn: conn} do
|
|||
|
||||
assert {:ok, activity} = Transmogrifier.handle_incoming(message)
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "text/html")
|
||||
|> get("/notice/#{activity.id}")
|
||||
conn = get(conn, "/notice/#{activity.id}")
|
||||
|
||||
assert html_response(conn, 302) =~ "redirected"
|
||||
end
|
||||
|
|
|
@ -5,8 +5,10 @@
|
|||
defmodule Pleroma.Web.TwitterAPI.RemoteFollowControllerTest do
|
||||
use Pleroma.Web.ConnCase
|
||||
|
||||
alias Pleroma.Config
|
||||
alias Pleroma.User
|
||||
alias Pleroma.Web.CommonAPI
|
||||
|
||||
import ExUnit.CaptureLog
|
||||
import Pleroma.Factory
|
||||
|
||||
|
@ -15,6 +17,10 @@ defmodule Pleroma.Web.TwitterAPI.RemoteFollowControllerTest do
|
|||
:ok
|
||||
end
|
||||
|
||||
clear_config_all([:instance, :federating]) do
|
||||
Config.put([:instance, :federating], true)
|
||||
end
|
||||
|
||||
clear_config([:instance])
|
||||
clear_config([:frontend_configurations, :pleroma_fe])
|
||||
clear_config([:user, :deny_follow_blocked])
|
||||
|
|
|
@ -6,6 +6,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
|
|||
use Pleroma.Web.ConnCase
|
||||
use Oban.Testing, repo: Pleroma.Repo
|
||||
|
||||
alias Pleroma.Config
|
||||
alias Pleroma.Tests.ObanHelpers
|
||||
alias Pleroma.User
|
||||
|
||||
|
@ -178,7 +179,7 @@ test "it updates notification privacy option", %{user: user, conn: conn} do
|
|||
|
||||
describe "GET /api/statusnet/config" do
|
||||
test "it returns config in xml format", %{conn: conn} do
|
||||
instance = Pleroma.Config.get(:instance)
|
||||
instance = Config.get(:instance)
|
||||
|
||||
response =
|
||||
conn
|
||||
|
@ -195,12 +196,12 @@ test "it returns config in xml format", %{conn: conn} do
|
|||
end
|
||||
|
||||
test "it returns config in json format", %{conn: conn} do
|
||||
instance = Pleroma.Config.get(:instance)
|
||||
Pleroma.Config.put([:instance, :managed_config], true)
|
||||
Pleroma.Config.put([:instance, :registrations_open], false)
|
||||
Pleroma.Config.put([:instance, :invites_enabled], true)
|
||||
Pleroma.Config.put([:instance, :public], false)
|
||||
Pleroma.Config.put([:frontend_configurations, :pleroma_fe], %{theme: "asuka-hospital"})
|
||||
instance = Config.get(:instance)
|
||||
Config.put([:instance, :managed_config], true)
|
||||
Config.put([:instance, :registrations_open], false)
|
||||
Config.put([:instance, :invites_enabled], true)
|
||||
Config.put([:instance, :public], false)
|
||||
Config.put([:frontend_configurations, :pleroma_fe], %{theme: "asuka-hospital"})
|
||||
|
||||
response =
|
||||
conn
|
||||
|
@ -234,7 +235,7 @@ test "it returns config in json format", %{conn: conn} do
|
|||
end
|
||||
|
||||
test "returns the state of safe_dm_mentions flag", %{conn: conn} do
|
||||
Pleroma.Config.put([:instance, :safe_dm_mentions], true)
|
||||
Config.put([:instance, :safe_dm_mentions], true)
|
||||
|
||||
response =
|
||||
conn
|
||||
|
@ -243,7 +244,7 @@ test "returns the state of safe_dm_mentions flag", %{conn: conn} do
|
|||
|
||||
assert response["site"]["safeDMMentionsEnabled"] == "1"
|
||||
|
||||
Pleroma.Config.put([:instance, :safe_dm_mentions], false)
|
||||
Config.put([:instance, :safe_dm_mentions], false)
|
||||
|
||||
response =
|
||||
conn
|
||||
|
@ -254,8 +255,8 @@ test "returns the state of safe_dm_mentions flag", %{conn: conn} do
|
|||
end
|
||||
|
||||
test "it returns the managed config", %{conn: conn} do
|
||||
Pleroma.Config.put([:instance, :managed_config], false)
|
||||
Pleroma.Config.put([:frontend_configurations, :pleroma_fe], %{theme: "asuka-hospital"})
|
||||
Config.put([:instance, :managed_config], false)
|
||||
Config.put([:frontend_configurations, :pleroma_fe], %{theme: "asuka-hospital"})
|
||||
|
||||
response =
|
||||
conn
|
||||
|
@ -264,7 +265,7 @@ test "it returns the managed config", %{conn: conn} do
|
|||
|
||||
refute response["site"]["pleromafe"]
|
||||
|
||||
Pleroma.Config.put([:instance, :managed_config], true)
|
||||
Config.put([:instance, :managed_config], true)
|
||||
|
||||
response =
|
||||
conn
|
||||
|
@ -287,7 +288,7 @@ test "returns everything in :pleroma, :frontend_configurations", %{conn: conn} d
|
|||
}
|
||||
]
|
||||
|
||||
Pleroma.Config.put(:frontend_configurations, config)
|
||||
Config.put(:frontend_configurations, config)
|
||||
|
||||
response =
|
||||
conn
|
||||
|
@ -320,7 +321,7 @@ test "returns json with custom emoji with tags", %{conn: conn} do
|
|||
clear_config([:instance, :healthcheck])
|
||||
|
||||
test "returns 503 when healthcheck disabled", %{conn: conn} do
|
||||
Pleroma.Config.put([:instance, :healthcheck], false)
|
||||
Config.put([:instance, :healthcheck], false)
|
||||
|
||||
response =
|
||||
conn
|
||||
|
@ -331,7 +332,7 @@ test "returns 503 when healthcheck disabled", %{conn: conn} do
|
|||
end
|
||||
|
||||
test "returns 200 when healthcheck enabled and all ok", %{conn: conn} do
|
||||
Pleroma.Config.put([:instance, :healthcheck], true)
|
||||
Config.put([:instance, :healthcheck], true)
|
||||
|
||||
with_mock Pleroma.Healthcheck,
|
||||
system_info: fn -> %Pleroma.Healthcheck{healthy: true} end do
|
||||
|
@ -351,7 +352,7 @@ test "returns 200 when healthcheck enabled and all ok", %{conn: conn} do
|
|||
end
|
||||
|
||||
test "returns 503 when healthcheck enabled and health is false", %{conn: conn} do
|
||||
Pleroma.Config.put([:instance, :healthcheck], true)
|
||||
Config.put([:instance, :healthcheck], true)
|
||||
|
||||
with_mock Pleroma.Healthcheck,
|
||||
system_info: fn -> %Pleroma.Healthcheck{healthy: false} end do
|
||||
|
@ -426,6 +427,10 @@ test "it returns version in json format", %{conn: conn} do
|
|||
end
|
||||
|
||||
describe "POST /main/ostatus - remote_subscribe/2" do
|
||||
clear_config([:instance, :federating]) do
|
||||
Config.put([:instance, :federating], true)
|
||||
end
|
||||
|
||||
test "renders subscribe form", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
|
||||
|
|
Loading…
Reference in a new issue