# Pleroma: A lightweight social networking server # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Object.FetcherTest do use Pleroma.DataCase alias Pleroma.Activity alias Pleroma.Object alias Pleroma.Object.Fetcher import Tesla.Mock import Mock setup do mock(fn %{method: :get, url: "https://mastodon.example.org/users/userisgone"} -> %Tesla.Env{status: 410} %{method: :get, url: "https://mastodon.example.org/users/userisgone404"} -> %Tesla.Env{status: 404} env -> apply(HttpRequestMock, :request, [env]) end) :ok end describe "max thread distance restriction" do @ap_id "http://mastodon.example.org/@admin/99541947525187367" clear_config([:instance, :federation_incoming_replies_max_depth]) test "it returns thread depth exceeded error if thread depth is exceeded" do Pleroma.Config.put([:instance, :federation_incoming_replies_max_depth], 0) assert {:error, "Max thread distance exceeded."} = Fetcher.fetch_object_from_id(@ap_id, depth: 1) end test "it fetches object if max thread depth is restricted to 0 and depth is not specified" do Pleroma.Config.put([:instance, :federation_incoming_replies_max_depth], 0) assert {:ok, _} = Fetcher.fetch_object_from_id(@ap_id) end test "it fetches object if requested depth does not exceed max thread depth" do Pleroma.Config.put([:instance, :federation_incoming_replies_max_depth], 10) assert {:ok, _} = Fetcher.fetch_object_from_id(@ap_id, depth: 10) end end describe "actor origin containment" do test "it rejects objects with a bogus origin" do {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity.json") end test "it rejects objects when attributedTo is wrong (variant 1)" do {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity2.json") end test "it rejects objects when attributedTo is wrong (variant 2)" do {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity3.json") end end describe "fetching an object" do test "it fetches an object" do {:ok, object} = Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367") assert activity = Activity.get_create_by_object_ap_id(object.data["id"]) assert activity.data["id"] {:ok, object_again} = Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367") assert [attachment] = object.data["attachment"] assert is_list(attachment["url"]) assert object == object_again end end describe "implementation quirks" do test "it can fetch plume articles" do {:ok, object} = Fetcher.fetch_object_from_id( "https://baptiste.gelez.xyz/~/PlumeDevelopment/this-month-in-plume-june-2018/" ) assert object end test "it can fetch peertube videos" do {:ok, object} = Fetcher.fetch_object_from_id( "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3" ) assert object end test "it can fetch Mobilizon events" do {:ok, object} = Fetcher.fetch_object_from_id( "https://mobilizon.org/events/252d5816-00a3-4a89-a66f-15bf65c33e39" ) assert object end test "it can fetch wedistribute articles" do {:ok, object} = Fetcher.fetch_object_from_id("https://wedistribute.org/wp-json/pterotype/v1/object/85810") assert object end test "all objects with fake directions are rejected by the object fetcher" do assert {:error, _} = Fetcher.fetch_and_contain_remote_object_from_id( "https://info.pleroma.site/activity4.json" ) end test "handle HTTP 410 Gone response" do assert {:error, "Object has been deleted"} == Fetcher.fetch_and_contain_remote_object_from_id( "https://mastodon.example.org/users/userisgone" ) end test "handle HTTP 404 response" do assert {:error, "Object has been deleted"} == Fetcher.fetch_and_contain_remote_object_from_id( "https://mastodon.example.org/users/userisgone404" ) end end describe "pruning" do test "it can refetch pruned objects" do object_id = "http://mastodon.example.org/@admin/99541947525187367" {:ok, object} = Fetcher.fetch_object_from_id(object_id) assert object {:ok, _object} = Object.prune(object) refute Object.get_by_ap_id(object_id) {:ok, %Object{} = object_two} = Fetcher.fetch_object_from_id(object_id) assert object.data["id"] == object_two.data["id"] assert object.id != object_two.id end end describe "signed fetches" do clear_config([:activitypub, :sign_object_fetches]) test_with_mock "it signs fetches when configured to do so", Pleroma.Signature, [:passthrough], [] do Pleroma.Config.put([:activitypub, :sign_object_fetches], true) Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367") assert called(Pleroma.Signature.sign(:_, :_)) end test_with_mock "it doesn't sign fetches when not configured to do so", Pleroma.Signature, [:passthrough], [] do Pleroma.Config.put([:activitypub, :sign_object_fetches], false) Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367") refute called(Pleroma.Signature.sign(:_, :_)) end end end