Test that anonymous users cannot see local-only posts
Ref: fix-local-public
This commit is contained in:
parent
6dc7deaa07
commit
9e11838a85
1 changed files with 5 additions and 8 deletions
|
@ -1877,7 +1877,7 @@ test "posting a local only status" do
|
|||
|
||||
test "other users can read local-only posts" do
|
||||
user = insert(:user)
|
||||
%{user: reader, conn: conn} = oauth_access(["read:statuses"])
|
||||
%{user: _reader, conn: conn} = oauth_access(["read:statuses"])
|
||||
|
||||
{:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
|
||||
|
||||
|
@ -1889,18 +1889,15 @@ test "other users can read local-only posts" do
|
|||
assert received["id"] == activity.id
|
||||
end
|
||||
|
||||
test "other users can see local-only posts" do
|
||||
test "anonymous users cannot see local-only posts" do
|
||||
user = insert(:user)
|
||||
%{user: _reader, conn: conn} = oauth_access(["read:statuses"])
|
||||
|
||||
{:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
|
||||
|
||||
received =
|
||||
conn
|
||||
_received =
|
||||
build_conn()
|
||||
|> get("/api/v1/statuses/#{activity.id}")
|
||||
|> json_response_and_validate_schema(:ok)
|
||||
|
||||
assert received["id"] == activity.id
|
||||
|> json_response_and_validate_schema(:not_found)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in a new issue