summaryrefslogtreecommitdiff
path: root/internal/api/client
diff options
context:
space:
mode:
Diffstat (limited to 'internal/api/client')
-rw-r--r--internal/api/client/admin/reportsget_test.go27
-rw-r--r--internal/api/client/statuses/statusboost_test.go73
-rw-r--r--internal/api/client/statuses/statusfave_test.go73
-rw-r--r--internal/api/client/statuses/statusmute_test.go18
4 files changed, 102 insertions, 89 deletions
diff --git a/internal/api/client/admin/reportsget_test.go b/internal/api/client/admin/reportsget_test.go
index ebcd799f8..5dead789a 100644
--- a/internal/api/client/admin/reportsget_test.go
+++ b/internal/api/client/admin/reportsget_test.go
@@ -532,19 +532,22 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() {
"interaction_policy": {
"can_favourite": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reply": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reblog": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
}
@@ -774,19 +777,22 @@ func (suite *ReportsGetTestSuite) TestReportsGetCreatedByAccount() {
"interaction_policy": {
"can_favourite": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reply": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reblog": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
}
@@ -1016,19 +1022,22 @@ func (suite *ReportsGetTestSuite) TestReportsGetTargetAccount() {
"interaction_policy": {
"can_favourite": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reply": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reblog": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
}
diff --git a/internal/api/client/statuses/statusboost_test.go b/internal/api/client/statuses/statusboost_test.go
index 25aa2ea0f..f6f589a5c 100644
--- a/internal/api/client/statuses/statusboost_test.go
+++ b/internal/api/client/statuses/statusboost_test.go
@@ -173,43 +173,42 @@ func (suite *StatusBoostTestSuite) TestPostBoostOwnFollowersOnly() {
}
// try to boost a status that's not boostable / visible to us
-// TODO: sort this out with new interaction policies
-// func (suite *StatusBoostTestSuite) TestPostUnboostable() {
-// t := suite.testTokens["local_account_1"]
-// oauthToken := oauth.DBTokenToToken(t)
-
-// targetStatus := suite.testStatuses["local_account_2_status_4"]
-
-// // setup
-// recorder := httptest.NewRecorder()
-// ctx, _ := testrig.CreateGinTestContext(recorder, nil)
-// ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
-// ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
-// ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
-// ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
-// ctx.Request = httptest.NewRequest(http.MethodPost, fmt.Sprintf("http://localhost:8080%s", strings.Replace(statuses.ReblogPath, ":id", targetStatus.ID, 1)), nil) // the endpoint we're hitting
-// ctx.Request.Header.Set("accept", "application/json")
-
-// // normally the router would populate these params from the path values,
-// // but because we're calling the function directly, we need to set them manually.
-// ctx.Params = gin.Params{
-// gin.Param{
-// Key: statuses.IDKey,
-// Value: targetStatus.ID,
-// },
-// }
-
-// suite.statusModule.StatusBoostPOSTHandler(ctx)
-
-// // check response
-// suite.Equal(http.StatusNotFound, recorder.Code) // we 404 unboostable statuses
-
-// result := recorder.Result()
-// defer result.Body.Close()
-// b, err := ioutil.ReadAll(result.Body)
-// suite.NoError(err)
-// suite.Equal(`{"error":"Not Found"}`, string(b))
-// }
+func (suite *StatusBoostTestSuite) TestPostUnboostable() {
+ t := suite.testTokens["local_account_1"]
+ oauthToken := oauth.DBTokenToToken(t)
+
+ targetStatus := suite.testStatuses["local_account_2_status_4"]
+
+ // setup
+ recorder := httptest.NewRecorder()
+ ctx, _ := testrig.CreateGinTestContext(recorder, nil)
+ ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
+ ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
+ ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
+ ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
+ ctx.Request = httptest.NewRequest(http.MethodPost, fmt.Sprintf("http://localhost:8080%s", strings.Replace(statuses.ReblogPath, ":id", targetStatus.ID, 1)), nil) // the endpoint we're hitting
+ ctx.Request.Header.Set("accept", "application/json")
+
+ // normally the router would populate these params from the path values,
+ // but because we're calling the function directly, we need to set them manually.
+ ctx.Params = gin.Params{
+ gin.Param{
+ Key: statuses.IDKey,
+ Value: targetStatus.ID,
+ },
+ }
+
+ suite.statusModule.StatusBoostPOSTHandler(ctx)
+
+ // check response
+ suite.Equal(http.StatusForbidden, recorder.Code)
+
+ result := recorder.Result()
+ defer result.Body.Close()
+ b, err := ioutil.ReadAll(result.Body)
+ suite.NoError(err)
+ suite.Equal(`{"error":"Forbidden: you do not have permission to boost this status"}`, string(b))
+}
// try to boost a status that's not visible to the user
func (suite *StatusBoostTestSuite) TestPostNotVisible() {
diff --git a/internal/api/client/statuses/statusfave_test.go b/internal/api/client/statuses/statusfave_test.go
index 5a35351e4..d1042b10e 100644
--- a/internal/api/client/statuses/statusfave_test.go
+++ b/internal/api/client/statuses/statusfave_test.go
@@ -89,43 +89,42 @@ func (suite *StatusFaveTestSuite) TestPostFave() {
}
// try to fave a status that's not faveable
-// TODO: replace this when interaction policies enforced.
-// func (suite *StatusFaveTestSuite) TestPostUnfaveable() {
-// t := suite.testTokens["local_account_1"]
-// oauthToken := oauth.DBTokenToToken(t)
-
-// targetStatus := suite.testStatuses["local_account_2_status_3"] // this one is unlikeable and unreplyable
-
-// // setup
-// recorder := httptest.NewRecorder()
-// ctx, _ := testrig.CreateGinTestContext(recorder, nil)
-// ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
-// ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
-// ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
-// ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
-// ctx.Request = httptest.NewRequest(http.MethodPost, fmt.Sprintf("http://localhost:8080%s", strings.Replace(statuses.FavouritePath, ":id", targetStatus.ID, 1)), nil) // the endpoint we're hitting
-// ctx.Request.Header.Set("accept", "application/json")
-
-// // normally the router would populate these params from the path values,
-// // but because we're calling the function directly, we need to set them manually.
-// ctx.Params = gin.Params{
-// gin.Param{
-// Key: statuses.IDKey,
-// Value: targetStatus.ID,
-// },
-// }
-
-// suite.statusModule.StatusFavePOSTHandler(ctx)
-
-// // check response
-// suite.EqualValues(http.StatusForbidden, recorder.Code)
-
-// result := recorder.Result()
-// defer result.Body.Close()
-// b, err := ioutil.ReadAll(result.Body)
-// assert.NoError(suite.T(), err)
-// assert.Equal(suite.T(), `{"error":"Forbidden: status is not faveable"}`, string(b))
-// }
+func (suite *StatusFaveTestSuite) TestPostUnfaveable() {
+ t := suite.testTokens["admin_account"]
+ oauthToken := oauth.DBTokenToToken(t)
+
+ targetStatus := suite.testStatuses["local_account_1_status_3"] // this one is unlikeable
+
+ // setup
+ recorder := httptest.NewRecorder()
+ ctx, _ := testrig.CreateGinTestContext(recorder, nil)
+ ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
+ ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
+ ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["admin_account"])
+ ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["admin_account"])
+ ctx.Request = httptest.NewRequest(http.MethodPost, fmt.Sprintf("http://localhost:8080%s", strings.Replace(statuses.FavouritePath, ":id", targetStatus.ID, 1)), nil) // the endpoint we're hitting
+ ctx.Request.Header.Set("accept", "application/json")
+
+ // normally the router would populate these params from the path values,
+ // but because we're calling the function directly, we need to set them manually.
+ ctx.Params = gin.Params{
+ gin.Param{
+ Key: statuses.IDKey,
+ Value: targetStatus.ID,
+ },
+ }
+
+ suite.statusModule.StatusFavePOSTHandler(ctx)
+
+ // check response
+ suite.EqualValues(http.StatusForbidden, recorder.Code)
+
+ result := recorder.Result()
+ defer result.Body.Close()
+ b, err := ioutil.ReadAll(result.Body)
+ assert.NoError(suite.T(), err)
+ assert.Equal(suite.T(), `{"error":"Forbidden: you do not have permission to fave this status"}`, string(b))
+}
func TestStatusFaveTestSuite(t *testing.T) {
suite.Run(t, new(StatusFaveTestSuite))
diff --git a/internal/api/client/statuses/statusmute_test.go b/internal/api/client/statuses/statusmute_test.go
index 2fb94443a..62be671fa 100644
--- a/internal/api/client/statuses/statusmute_test.go
+++ b/internal/api/client/statuses/statusmute_test.go
@@ -151,19 +151,22 @@ func (suite *StatusMuteTestSuite) TestMuteUnmuteStatus() {
"interaction_policy": {
"can_favourite": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reply": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reblog": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
}
@@ -236,19 +239,22 @@ func (suite *StatusMuteTestSuite) TestMuteUnmuteStatus() {
"interaction_policy": {
"can_favourite": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reply": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
},
"can_reblog": {
"always": [
- "public"
+ "public",
+ "me"
],
"with_approval": []
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-13 12:32:08 +0000