mirror of
https://framagit.org/framasoft/mobilizon.git
synced 2024-12-27 02:10:27 +00:00
beb35a09c6
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
768 lines
21 KiB
Elixir
768 lines
21 KiB
Elixir
defmodule Mobilizon.GraphQL.Resolvers.PersonTest do
|
|
use Oban.Testing, repo: Mobilizon.Storage.Repo
|
|
use Mobilizon.Web.ConnCase
|
|
|
|
import Mobilizon.Factory
|
|
|
|
alias Mobilizon.Actors.Actor
|
|
alias Mobilizon.Service.Workers
|
|
|
|
alias Mobilizon.GraphQL.AbsintheHelpers
|
|
|
|
alias Mobilizon.Web.Endpoint
|
|
|
|
@non_existent_username "nonexistent"
|
|
|
|
describe "Person Resolver" do
|
|
test "get_person/3 returns a person by its username", %{conn: conn} do
|
|
user = insert(:user)
|
|
actor = insert(:actor, user: user)
|
|
|
|
query = """
|
|
{
|
|
person(id: "#{actor.id}") {
|
|
preferredUsername,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "person"))
|
|
|
|
assert json_response(res, 200)["data"]["person"]["preferredUsername"] ==
|
|
actor.preferred_username
|
|
|
|
query = """
|
|
{
|
|
person(id: "6895567") {
|
|
preferredUsername,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "person"))
|
|
|
|
assert json_response(res, 200)["data"]["person"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Person with ID 6895567 not found"
|
|
end
|
|
|
|
test "find_person/3 returns a person by its username", context do
|
|
user = insert(:user)
|
|
actor = insert(:actor, user: user)
|
|
|
|
query = """
|
|
{
|
|
fetchPerson(preferredUsername: "#{actor.preferred_username}") {
|
|
preferredUsername,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "person"))
|
|
|
|
assert json_response(res, 200)["errors"] == nil
|
|
|
|
assert json_response(res, 200)["data"]["fetchPerson"]["preferredUsername"] ==
|
|
actor.preferred_username
|
|
|
|
query = """
|
|
{
|
|
fetchPerson(preferredUsername: "#{@non_existent_username}") {
|
|
preferredUsername,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "person"))
|
|
|
|
assert json_response(res, 200)["data"]["fetchPerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Person with username #{@non_existent_username} not found"
|
|
end
|
|
|
|
test "get_current_person/3 returns the current logged-in actor", context do
|
|
user = insert(:user)
|
|
actor = insert(:actor, user: user)
|
|
|
|
query = """
|
|
{
|
|
loggedPerson {
|
|
avatar {
|
|
url
|
|
},
|
|
preferredUsername,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "logged_person"))
|
|
|
|
assert json_response(res, 200)["data"]["loggedPerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"You need to be logged-in to view current person"
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "logged_person"))
|
|
|
|
assert json_response(res, 200)["data"]["loggedPerson"]["preferredUsername"] ==
|
|
actor.preferred_username
|
|
|
|
assert json_response(res, 200)["data"]["loggedPerson"]["avatar"]["url"] =~ Endpoint.url()
|
|
end
|
|
|
|
test "create_person/3 creates a new identity", context do
|
|
user = insert(:user)
|
|
actor = insert(:actor, user: user)
|
|
|
|
mutation = """
|
|
mutation {
|
|
createPerson(
|
|
preferredUsername: "new_identity",
|
|
name: "secret person",
|
|
summary: "no-one will know who I am"
|
|
) {
|
|
id,
|
|
preferredUsername
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["data"]["createPerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"You need to be logged-in to create a new identity"
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["data"]["createPerson"]["preferredUsername"] ==
|
|
"new_identity"
|
|
|
|
query = """
|
|
{
|
|
identities {
|
|
avatar {
|
|
url
|
|
},
|
|
preferredUsername,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "identities"))
|
|
|
|
assert json_response(res, 200)["data"]["identities"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"You need to be logged-in to view your list of identities"
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "identities"))
|
|
|
|
assert json_response(res, 200)["data"]["identities"]
|
|
|> Enum.map(fn identity -> Map.get(identity, "preferredUsername") end)
|
|
|> MapSet.new() ==
|
|
MapSet.new([actor.preferred_username, "new_identity"])
|
|
end
|
|
|
|
test "create_person/3 with an avatar and an banner creates a new identity", context do
|
|
user = insert(:user)
|
|
insert(:actor, user: user)
|
|
|
|
mutation = """
|
|
mutation {
|
|
createPerson(
|
|
preferredUsername: "new_identity",
|
|
name: "secret person",
|
|
summary: "no-one will know who I am",
|
|
banner: {
|
|
picture: {
|
|
file: "landscape.jpg",
|
|
name: "irish landscape",
|
|
alt: "The beautiful atlantic way"
|
|
}
|
|
}
|
|
) {
|
|
id,
|
|
preferredUsername
|
|
avatar {
|
|
id,
|
|
url
|
|
},
|
|
banner {
|
|
id,
|
|
name,
|
|
url
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
map = %{
|
|
"query" => mutation,
|
|
"landscape.jpg" => %Plug.Upload{
|
|
path: "test/fixtures/picture.png",
|
|
filename: "landscape.jpg"
|
|
}
|
|
}
|
|
|
|
res =
|
|
context.conn
|
|
|> put_req_header("content-type", "multipart/form-data")
|
|
|> post("/api", map)
|
|
|
|
assert json_response(res, 200)["data"]["createPerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"You need to be logged-in to create a new identity"
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> put_req_header("content-type", "multipart/form-data")
|
|
|> post("/api", map)
|
|
|
|
assert json_response(res, 200)["data"]["createPerson"]["preferredUsername"] ==
|
|
"new_identity"
|
|
|
|
assert json_response(res, 200)["data"]["createPerson"]["banner"]["id"]
|
|
|
|
assert json_response(res, 200)["data"]["createPerson"]["banner"]["name"] ==
|
|
"The beautiful atlantic way"
|
|
|
|
assert json_response(res, 200)["data"]["createPerson"]["banner"]["url"] =~
|
|
Endpoint.url() <> "/media/"
|
|
end
|
|
|
|
test "update_person/3 updates an existing identity", context do
|
|
user = insert(:user)
|
|
%Actor{id: person_id} = insert(:actor, user: user, preferred_username: "riri")
|
|
|
|
mutation = """
|
|
mutation {
|
|
updatePerson(
|
|
id: "#{person_id}",
|
|
name: "riri updated",
|
|
summary: "summary updated",
|
|
banner: {
|
|
picture: {
|
|
file: "landscape.jpg",
|
|
name: "irish landscape",
|
|
alt: "The beautiful atlantic way"
|
|
}
|
|
}
|
|
) {
|
|
id,
|
|
preferredUsername,
|
|
name,
|
|
summary,
|
|
avatar {
|
|
id,
|
|
url
|
|
},
|
|
banner {
|
|
id,
|
|
name,
|
|
url
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
map = %{
|
|
"query" => mutation,
|
|
"landscape.jpg" => %Plug.Upload{
|
|
path: "test/fixtures/picture.png",
|
|
filename: "landscape.jpg"
|
|
}
|
|
}
|
|
|
|
res =
|
|
context.conn
|
|
|> put_req_header("content-type", "multipart/form-data")
|
|
|> post("/api", map)
|
|
|
|
assert json_response(res, 200)["data"]["updatePerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"You need to be logged-in to update an identity"
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> put_req_header("content-type", "multipart/form-data")
|
|
|> post("/api", map)
|
|
|
|
res_person = json_response(res, 200)["data"]["updatePerson"]
|
|
|
|
assert res_person["preferredUsername"] == "riri"
|
|
assert res_person["name"] == "riri updated"
|
|
assert res_person["summary"] == "summary updated"
|
|
|
|
assert res_person["banner"]["id"]
|
|
assert res_person["banner"]["name"] == "The beautiful atlantic way"
|
|
assert res_person["banner"]["url"] =~ Endpoint.url() <> "/media/"
|
|
end
|
|
|
|
test "update_person/3 should fail to update a not owned identity", context do
|
|
user1 = insert(:user)
|
|
user2 = insert(:user)
|
|
%Actor{id: person_id} = insert(:actor, user: user2, preferred_username: "riri")
|
|
|
|
mutation = """
|
|
mutation {
|
|
updatePerson(
|
|
id: "#{person_id}",
|
|
name: "riri updated",
|
|
) {
|
|
id,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user1)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["data"]["updatePerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Actor is not owned by authenticated user"
|
|
end
|
|
|
|
test "update_person/3 should fail to update a not existing identity", context do
|
|
user = insert(:user)
|
|
insert(:actor, user: user, preferred_username: "riri")
|
|
|
|
mutation = """
|
|
mutation {
|
|
updatePerson(
|
|
id: "48918",
|
|
name: "riri updated",
|
|
) {
|
|
id,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["data"]["updatePerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Actor not found"
|
|
end
|
|
|
|
test "delete_person/3 should fail to update a not owned identity", context do
|
|
user1 = insert(:user)
|
|
user2 = insert(:user)
|
|
%Actor{id: person_id} = insert(:actor, user: user2, preferred_username: "riri")
|
|
|
|
mutation = """
|
|
mutation {
|
|
deletePerson(id: "#{person_id}") {
|
|
id,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user1)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["data"]["deletePerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Actor is not owned by authenticated user"
|
|
end
|
|
|
|
test "delete_person/3 should fail to delete a not existing identity", context do
|
|
user = insert(:user)
|
|
insert(:actor, user: user, preferred_username: "riri")
|
|
|
|
mutation = """
|
|
mutation {
|
|
deletePerson(id: "9798665") {
|
|
id,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["data"]["deletePerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Actor not found"
|
|
end
|
|
|
|
test "delete_person/3 should fail to delete the last user identity", context do
|
|
user = insert(:user)
|
|
%Actor{id: person_id} = insert(:actor, user: user, preferred_username: "riri")
|
|
|
|
mutation = """
|
|
mutation {
|
|
deletePerson(id: "#{person_id}") {
|
|
id,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["data"]["deletePerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Cannot remove the last identity of a user"
|
|
end
|
|
|
|
test "delete_person/3 should fail to delete an identity that is the last admin of a group",
|
|
context do
|
|
group = insert(:group)
|
|
classic_user = insert(:user)
|
|
classic_actor = insert(:actor, user: classic_user, preferred_username: "classic_user")
|
|
|
|
admin_user = insert(:user)
|
|
admin_actor = insert(:actor, user: admin_user, preferred_username: "last_admin")
|
|
insert(:actor, user: admin_user)
|
|
|
|
insert(:member, %{actor: admin_actor, role: :creator, parent: group})
|
|
insert(:member, %{actor: classic_actor, role: :member, parent: group})
|
|
|
|
mutation = """
|
|
mutation {
|
|
deletePerson(id: "#{admin_actor.id}") {
|
|
id,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(admin_user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["data"]["deletePerson"] == nil
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Cannot remove the last administrator of a group"
|
|
end
|
|
|
|
test "delete_person/3 should delete an actor identity", context do
|
|
user = insert(:user)
|
|
%Actor{id: person_id} = insert(:actor, user: user, preferred_username: "riri")
|
|
insert(:actor, user: user, preferred_username: "fifi")
|
|
|
|
mutation = """
|
|
mutation {
|
|
deletePerson(id: "#{person_id}") {
|
|
id,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["errors"] == nil
|
|
|
|
assert_enqueued(
|
|
worker: Workers.Background,
|
|
args: %{"actor_id" => person_id, "op" => "delete_actor", "reserve_username" => true}
|
|
)
|
|
|
|
assert %{success: 1, failure: 0} == Oban.drain_queue(:background)
|
|
|
|
query = """
|
|
{
|
|
person(id: "#{person_id}") {
|
|
id,
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "person"))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Person with ID #{person_id} not found"
|
|
end
|
|
end
|
|
|
|
describe "get_current_person/3" do
|
|
test "get_current_person/3 can return the events the person is going to", context do
|
|
user = insert(:user)
|
|
actor = insert(:actor, user: user)
|
|
|
|
query = """
|
|
{
|
|
loggedPerson {
|
|
participations {
|
|
elements {
|
|
event {
|
|
uuid,
|
|
title
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "logged_person"))
|
|
|
|
assert json_response(res, 200)["data"]["loggedPerson"]["participations"]["elements"] == []
|
|
|
|
event = insert(:event, %{organizer_actor: actor})
|
|
insert(:participant, %{actor: actor, event: event})
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "logged_person"))
|
|
|
|
assert json_response(res, 200)["data"]["loggedPerson"]["participations"]["elements"] == [
|
|
%{"event" => %{"title" => event.title, "uuid" => event.uuid}}
|
|
]
|
|
end
|
|
|
|
@person_participations """
|
|
query PersonParticipations($actorId: ID!) {
|
|
person(id: $actorId) {
|
|
participations {
|
|
total,
|
|
elements {
|
|
event {
|
|
uuid,
|
|
title
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
test "find_person/3 can return the events an identity is going to if it's the same actor",
|
|
context do
|
|
user = insert(:user)
|
|
actor = insert(:actor, user: user)
|
|
insert(:actor, user: user)
|
|
actor_from_other_user = insert(:actor)
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @person_participations,
|
|
variables: %{actorId: actor.id}
|
|
)
|
|
|
|
assert res["data"]["person"]["participations"]["elements"] == []
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @person_participations,
|
|
variables: %{actorId: actor_from_other_user.id}
|
|
)
|
|
|
|
assert res["data"]["person"]["participations"]["elements"] == nil
|
|
|
|
assert hd(res["errors"])["message"] ==
|
|
"Actor id is not owned by authenticated user"
|
|
end
|
|
|
|
test "find_person/3 can return the participation for an identity on a specific event",
|
|
context do
|
|
user = insert(:user)
|
|
actor = insert(:actor, user: user)
|
|
event = insert(:event, organizer_actor: actor)
|
|
insert(:participant, event: event, actor: actor)
|
|
|
|
query = """
|
|
{
|
|
person(id: "#{actor.id}") {
|
|
participations(eventId: "#{event.id}") {
|
|
elements {
|
|
event {
|
|
uuid,
|
|
title
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
context.conn
|
|
|> auth_conn(user)
|
|
|> get("/api", AbsintheHelpers.query_skeleton(query, "person"))
|
|
|
|
assert json_response(res, 200)["data"]["person"]["participations"]["elements"] == [
|
|
%{
|
|
"event" => %{
|
|
"uuid" => event.uuid,
|
|
"title" => event.title
|
|
}
|
|
}
|
|
]
|
|
end
|
|
end
|
|
|
|
describe "suspend_profile/3" do
|
|
@suspend_profile_mutation """
|
|
mutation SuspendProfile($id: ID!) {
|
|
suspendProfile(id: $id) {
|
|
id
|
|
}
|
|
}
|
|
"""
|
|
|
|
@person_query """
|
|
query Person($id: ID!) {
|
|
person(id: $id) {
|
|
id,
|
|
suspended
|
|
}
|
|
}
|
|
"""
|
|
|
|
@moderation_logs_query """
|
|
{
|
|
actionLogs {
|
|
action,
|
|
actor {
|
|
id,
|
|
preferredUsername
|
|
},
|
|
object {
|
|
...on Person {
|
|
id,
|
|
preferredUsername
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
test "suspends a remote profile", %{conn: conn} do
|
|
modo = insert(:user, role: :moderator)
|
|
%Actor{id: modo_actor_id} = insert(:actor, user: modo)
|
|
%Actor{id: remote_profile_id} = insert(:actor, domain: "mobilizon.org", user: nil)
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(modo)
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @suspend_profile_mutation,
|
|
variables: %{id: remote_profile_id}
|
|
)
|
|
|
|
assert is_nil(res["errors"])
|
|
assert res["data"]["suspendProfile"]["id"] == to_string(remote_profile_id)
|
|
|
|
assert %{success: 1, failure: 0} == Oban.drain_queue(:background)
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(modo)
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @person_query,
|
|
variables: %{id: remote_profile_id}
|
|
)
|
|
|
|
assert res["data"]["person"]["suspended"] == true
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(modo)
|
|
|> AbsintheHelpers.graphql_query(query: @moderation_logs_query)
|
|
|
|
actionlog = hd(res["data"]["actionLogs"])
|
|
refute is_nil(actionlog)
|
|
assert actionlog["action"] == "ACTOR_SUSPENSION"
|
|
assert actionlog["actor"]["id"] == to_string(modo_actor_id)
|
|
assert actionlog["object"]["id"] == to_string(remote_profile_id)
|
|
end
|
|
|
|
test "doesn't suspend if profile is local", %{conn: conn} do
|
|
modo = insert(:user, role: :moderator)
|
|
%Actor{} = insert(:actor, user: modo)
|
|
%Actor{id: profile_id} = insert(:actor)
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(modo)
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @suspend_profile_mutation,
|
|
variables: %{id: profile_id}
|
|
)
|
|
|
|
assert hd(res["errors"])["message"] == "No remote profile found with this ID"
|
|
end
|
|
|
|
test "doesn't suspend if user is not at least moderator", %{conn: conn} do
|
|
fake_modo = insert(:user)
|
|
%Actor{} = insert(:actor, user: fake_modo)
|
|
%Actor{id: remote_profile_id} = insert(:actor, domain: "mobilizon.org", user: nil)
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(fake_modo)
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @suspend_profile_mutation,
|
|
variables: %{id: remote_profile_id}
|
|
)
|
|
|
|
assert hd(res["errors"])["message"] ==
|
|
"Only moderators and administrators can suspend a profile"
|
|
end
|
|
end
|
|
end
|