diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2022-03-15 16:12:35 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2022-03-15 16:12:35 +0100 |
| commit | 532c4cc6978a7fe707373106eebade237c89693a (patch) | |
| tree | 937bf0a44ef2a8d8d366786693decf2c65b20db5 /internal/api/s2s | |
| parent | [performance] Add dereference shortcuts to avoid making http calls to self (#... (diff) | |
| download | gotosocial-532c4cc6978a7fe707373106eebade237c89693a.tar.xz | |
[feature] Federate local account deletion (#431)
* add account delete to API
* model account delete request
* add AccountDeleteLocal
* federate local account deletes
* add DeleteLocal
* update transport (controller) to allow shortcuts
* delete logic + testing
* update swagger docs
* more tests + fixes
Diffstat (limited to 'internal/api/s2s')
| -rw-r--r-- | internal/api/s2s/user/userget_test.go | 93 |
1 files changed, 86 insertions, 7 deletions
diff --git a/internal/api/s2s/user/userget_test.go b/internal/api/s2s/user/userget_test.go index a764f6993..a2e1b0806 100644 --- a/internal/api/s2s/user/userget_test.go +++ b/internal/api/s2s/user/userget_test.go @@ -25,13 +25,15 @@ import ( "net/http" "net/http/httptest" "testing" + "time" "github.com/gin-gonic/gin" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/suite" "github.com/superseriousbusiness/activity/streams" "github.com/superseriousbusiness/activity/streams/vocab" + apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" "github.com/superseriousbusiness/gotosocial/internal/api/s2s/user" + "github.com/superseriousbusiness/gotosocial/internal/oauth" "github.com/superseriousbusiness/gotosocial/testrig" ) @@ -80,24 +82,101 @@ func (suite *UserGetTestSuite) TestGetUser() { result := recorder.Result() defer result.Body.Close() b, err := ioutil.ReadAll(result.Body) - assert.NoError(suite.T(), err) + suite.NoError(err) // should be a Person m := make(map[string]interface{}) err = json.Unmarshal(b, &m) - assert.NoError(suite.T(), err) + suite.NoError(err) t, err := streams.ToType(context.Background(), m) - assert.NoError(suite.T(), err) + suite.NoError(err) person, ok := t.(vocab.ActivityStreamsPerson) - assert.True(suite.T(), ok) + suite.True(ok) // convert person to account // since this account is already known, we should get a pretty full model of it from the conversion a, err := suite.tc.ASRepresentationToAccount(context.Background(), person, false) - assert.NoError(suite.T(), err) - assert.EqualValues(suite.T(), targetAccount.Username, a.Username) + suite.NoError(err) + suite.EqualValues(targetAccount.Username, a.Username) +} + +// TestGetUserPublicKeyDeleted checks whether the public key of a deleted account can still be dereferenced. +// This is needed by remote instances for authenticating delete requests and stuff like that. +func (suite *UserGetTestSuite) TestGetUserPublicKeyDeleted() { + targetAccount := suite.testAccounts["local_account_1"] + + // first delete the account, as though zork had deleted himself + authed := &oauth.Auth{ + Application: suite.testApplications["local_account_1"], + User: suite.testUsers["local_account_1"], + Account: suite.testAccounts["local_account_1"], + } + suite.processor.AccountDeleteLocal(context.Background(), authed, &apimodel.AccountDeleteRequest{ + Password: "password", + DeleteOriginID: targetAccount.ID, + }) + + // now wait just a sec for it to go through.... + time.Sleep(1 * time.Second) + + // the dereference we're gonna use + derefRequests := testrig.NewTestDereferenceRequests(suite.testAccounts) + signedRequest := derefRequests["foss_satan_dereference_zork_public_key"] + + tc := testrig.NewTestTransportController(testrig.NewMockHTTPClient(nil), suite.db) + federator := testrig.NewTestFederator(suite.db, tc, suite.storage, suite.mediaManager) + emailSender := testrig.NewEmailSender("../../../../web/template/", nil) + processor := testrig.NewTestProcessor(suite.db, suite.storage, federator, emailSender, suite.mediaManager) + userModule := user.New(processor).(*user.Module) + + // setup request + recorder := httptest.NewRecorder() + ctx, _ := gin.CreateTestContext(recorder) + ctx.Request = httptest.NewRequest(http.MethodGet, targetAccount.PublicKeyURI, nil) // the endpoint we're hitting + ctx.Request.Header.Set("accept", "application/activity+json") + ctx.Request.Header.Set("Signature", signedRequest.SignatureHeader) + ctx.Request.Header.Set("Date", signedRequest.DateHeader) + + // we need to pass the context through signature check first to set appropriate values on it + suite.securityModule.SignatureCheck(ctx) + + // normally the router would populate these params from the path values, + // but because we're calling the function directly, we need to set them manually. + ctx.Params = gin.Params{ + gin.Param{ + Key: user.UsernameKey, + Value: targetAccount.Username, + }, + } + + // trigger the function being tested + userModule.UsersGETHandler(ctx) + + // check response + suite.EqualValues(http.StatusOK, recorder.Code) + + result := recorder.Result() + defer result.Body.Close() + b, err := ioutil.ReadAll(result.Body) + suite.NoError(err) + + // should be a Person + m := make(map[string]interface{}) + err = json.Unmarshal(b, &m) + suite.NoError(err) + + t, err := streams.ToType(context.Background(), m) + suite.NoError(err) + + person, ok := t.(vocab.ActivityStreamsPerson) + suite.True(ok) + + // convert person to account + a, err := suite.tc.ASRepresentationToAccount(context.Background(), person, false) + suite.NoError(err) + suite.EqualValues(targetAccount.Username, a.Username) } func TestUserGetTestSuite(t *testing.T) { |