mirror of
https://framagit.org/framasoft/mobilizon.git
synced 2024-12-30 20:06:07 +00:00
cde9f8873e
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
340 lines
8 KiB
Elixir
340 lines
8 KiB
Elixir
defmodule Mobilizon.GraphQL.Resolvers.FeedTokenTest do
|
|
use Mobilizon.Web.ConnCase
|
|
|
|
import Mobilizon.Factory
|
|
|
|
alias Mobilizon.GraphQL.AbsintheHelpers
|
|
|
|
setup %{conn: conn} do
|
|
user = insert(:user)
|
|
actor = insert(:actor, user: user, preferred_username: "test")
|
|
insert(:actor, user: user)
|
|
|
|
{:ok, conn: conn, actor: actor, user: user}
|
|
end
|
|
|
|
describe "Feed Token Resolver" do
|
|
test "create_feed_token/3 should create a feed token", %{conn: conn, user: user} do
|
|
actor2 = insert(:actor, user: user)
|
|
|
|
mutation = """
|
|
mutation {
|
|
createFeedToken(
|
|
actor_id: #{actor2.id},
|
|
) {
|
|
token,
|
|
actor {
|
|
id
|
|
},
|
|
user {
|
|
id
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["errors"] == nil
|
|
token = json_response(res, 200)["data"]["createFeedToken"]["token"]
|
|
assert is_binary(token)
|
|
# TODO: Investigate why user id is a string when actor id is a number
|
|
assert json_response(res, 200)["data"]["createFeedToken"]["user"]["id"] ==
|
|
to_string(user.id)
|
|
|
|
assert json_response(res, 200)["data"]["createFeedToken"]["actor"]["id"] ==
|
|
to_string(actor2.id)
|
|
|
|
# The token is present for the user
|
|
query = """
|
|
{
|
|
loggedUser {
|
|
feedTokens {
|
|
token
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "loggedUser"))
|
|
|
|
assert json_response(res, 200)["data"]["loggedUser"] ==
|
|
%{
|
|
"feedTokens" => [%{"token" => token}]
|
|
}
|
|
|
|
# But not for this identity
|
|
query = """
|
|
{
|
|
loggedPerson {
|
|
feedTokens {
|
|
token
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "loggedPerson"))
|
|
|
|
assert json_response(res, 200)["data"]["loggedPerson"] ==
|
|
%{
|
|
"feedTokens" => []
|
|
}
|
|
|
|
mutation = """
|
|
mutation {
|
|
createFeedToken {
|
|
token,
|
|
user {
|
|
id
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["errors"] == nil
|
|
token2 = json_response(res, 200)["data"]["createFeedToken"]["token"]
|
|
assert is_binary(token2)
|
|
assert is_nil(json_response(res, 200)["data"]["createFeedToken"]["actor"])
|
|
|
|
assert json_response(res, 200)["data"]["createFeedToken"]["user"]["id"] ==
|
|
to_string(user.id)
|
|
|
|
# The token is present for the user
|
|
query = """
|
|
{
|
|
loggedUser {
|
|
feedTokens {
|
|
token
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "loggedUser"))
|
|
|
|
assert json_response(res, 200)["data"]["loggedUser"] ==
|
|
%{
|
|
"feedTokens" => [%{"token" => token}, %{"token" => token2}]
|
|
}
|
|
end
|
|
|
|
test "create_feed_token/3 should check the actor is owned by the user", %{
|
|
conn: conn,
|
|
user: user
|
|
} do
|
|
actor = insert(:actor)
|
|
|
|
mutation = """
|
|
mutation {
|
|
createFeedToken(
|
|
actor_id: #{actor.id}
|
|
) {
|
|
token
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "not owned"
|
|
end
|
|
|
|
test "delete_feed_token/3 should delete a feed token", %{
|
|
conn: conn,
|
|
user: user,
|
|
actor: actor
|
|
} do
|
|
feed_token = insert(:feed_token, user: user, actor: actor)
|
|
|
|
query = """
|
|
{
|
|
loggedPerson {
|
|
feedTokens {
|
|
token
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "loggedPerson"))
|
|
|
|
assert json_response(res, 200)["data"]["loggedPerson"] ==
|
|
%{
|
|
"feedTokens" => [
|
|
%{
|
|
"token" => ShortUUID.encode!(feed_token.token)
|
|
}
|
|
]
|
|
}
|
|
|
|
mutation = """
|
|
mutation {
|
|
deleteFeedToken(
|
|
token: "#{ShortUUID.encode!(feed_token.token)}",
|
|
) {
|
|
actor {
|
|
id
|
|
},
|
|
user {
|
|
id
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["errors"] == nil
|
|
|
|
assert json_response(res, 200)["data"]["deleteFeedToken"]["user"]["id"] ==
|
|
to_string(user.id)
|
|
|
|
assert json_response(res, 200)["data"]["deleteFeedToken"]["actor"]["id"] ==
|
|
to_string(actor.id)
|
|
|
|
query = """
|
|
{
|
|
loggedPerson {
|
|
feedTokens {
|
|
token
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "loggedPerson"))
|
|
|
|
assert json_response(res, 200)["data"]["loggedPerson"] ==
|
|
%{
|
|
"feedTokens" => []
|
|
}
|
|
end
|
|
|
|
test "delete_feed_token/3 should check the user is logged in", %{conn: conn} do
|
|
mutation = """
|
|
mutation {
|
|
deleteFeedToken(
|
|
token: "random",
|
|
) {
|
|
actor {
|
|
id
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "if not connected"
|
|
end
|
|
|
|
test "delete_feed_token/3 should check the correct user is logged in", %{
|
|
conn: conn,
|
|
user: user
|
|
} do
|
|
user2 = insert(:user)
|
|
feed_token = insert(:feed_token, user: user2)
|
|
|
|
mutation = """
|
|
mutation {
|
|
deleteFeedToken(
|
|
token: "#{ShortUUID.encode!(feed_token.token)}",
|
|
) {
|
|
actor {
|
|
id
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "don't have permission"
|
|
end
|
|
|
|
test "delete_feed_token/3 should check the token is a valid UUID", %{
|
|
conn: conn,
|
|
user: user
|
|
} do
|
|
mutation = """
|
|
mutation {
|
|
deleteFeedToken(
|
|
token: "really random"
|
|
) {
|
|
actor {
|
|
id
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "Token is not a valid UUID"
|
|
end
|
|
|
|
test "delete_feed_token/3 should check the token exists", %{
|
|
conn: conn,
|
|
user: user
|
|
} do
|
|
uuid = Ecto.UUID.generate()
|
|
|
|
mutation = """
|
|
mutation {
|
|
deleteFeedToken(
|
|
token: "#{ShortUUID.encode!(uuid)}"
|
|
) {
|
|
actor {
|
|
id
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "does not exist"
|
|
end
|
|
end
|
|
end
|