FloatingGhost
98cb255d12
Some checks failed
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
ci/woodpecker/pr/test Pipeline failed
ci/woodpecker/pr/build-amd64 unknown status
ci/woodpecker/pr/build-arm64 unknown status
ci/woodpecker/pr/docs unknown status
OTP builds to 1.15
Changelog entry
Ensure policies are fully loaded
Fix :warn
use main branch for linkify
Fix warn in tests
Migrations for phoenix 1.17
Revert "Migrations for phoenix 1.17"
This reverts commit 6a3b2f15b7
.
Oban upgrade
Add default empty whitelist
mix format
limit test to amd64
OTP 26 tests for 1.15
use OTP_VERSION tag
baka
just 1.15
Massive deps update
Update locale, deps
Mix format
shell????
multiline???
?
max cases 1
use assert_recieve
don't put_env in async tests
don't async conn/fs tests
mix format
FIx some uploader issues
Fix tests
123 lines
4.2 KiB
Elixir
123 lines
4.2 KiB
Elixir
# Pleroma: A lightweight social networking server
|
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
defmodule Pleroma.Web.Plugs.MappedSignatureToIdentityPlugTest do
|
|
use Pleroma.Web.ConnCase, async: false
|
|
alias Pleroma.Web.Plugs.MappedSignatureToIdentityPlug
|
|
|
|
import Tesla.Mock
|
|
import Plug.Conn
|
|
|
|
import Pleroma.Tests.Helpers, only: [clear_config: 2]
|
|
|
|
setup do
|
|
mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
|
|
:ok
|
|
end
|
|
|
|
defp set_signature(conn, key_id) do
|
|
conn
|
|
|> put_req_header("signature", "keyId=\"#{key_id}\"")
|
|
|> assign(:valid_signature, true)
|
|
end
|
|
|
|
test "it successfully maps a valid identity with a valid signature" do
|
|
conn =
|
|
build_conn(:get, "/doesntmattter")
|
|
|> set_signature("http://mastodon.example.org/users/admin")
|
|
|> MappedSignatureToIdentityPlug.call(%{})
|
|
|
|
refute is_nil(conn.assigns.user)
|
|
end
|
|
|
|
test "it successfully maps a valid identity with a valid signature with payload" do
|
|
conn =
|
|
build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
|
|
|> set_signature("http://mastodon.example.org/users/admin")
|
|
|> MappedSignatureToIdentityPlug.call(%{})
|
|
|
|
refute is_nil(conn.assigns.user)
|
|
end
|
|
|
|
test "it considers a mapped identity to be invalid when it mismatches a payload" do
|
|
conn =
|
|
build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
|
|
|> set_signature("https://niu.moe/users/rye")
|
|
|> MappedSignatureToIdentityPlug.call(%{})
|
|
|
|
assert %{valid_signature: false} == conn.assigns
|
|
end
|
|
|
|
test "it considers a mapped identity to be invalid when the associated instance is blocked" do
|
|
clear_config([:activitypub, :authorized_fetch_mode], true)
|
|
|
|
clear_config([:mrf_simple, :reject], [
|
|
{"mastodon.example.org", "anime is banned"}
|
|
])
|
|
|
|
on_exit(fn ->
|
|
Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false)
|
|
Pleroma.Config.put([:mrf_simple, :reject], [])
|
|
end)
|
|
|
|
conn =
|
|
build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
|
|
|> set_signature("http://mastodon.example.org/users/admin")
|
|
|> MappedSignatureToIdentityPlug.call(%{})
|
|
|
|
assert %{valid_signature: false} == conn.assigns
|
|
end
|
|
|
|
test "allowlist federation: it considers a mapped identity to be valid when the associated instance is allowed" do
|
|
clear_config([:activitypub, :authorized_fetch_mode], true)
|
|
|
|
clear_config([:mrf_simple, :accept], [
|
|
{"mastodon.example.org", "anime is allowed"}
|
|
])
|
|
|
|
on_exit(fn ->
|
|
Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false)
|
|
Pleroma.Config.put([:mrf_simple, :accept], [])
|
|
end)
|
|
|
|
conn =
|
|
build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
|
|
|> set_signature("http://mastodon.example.org/users/admin")
|
|
|> MappedSignatureToIdentityPlug.call(%{})
|
|
|
|
assert conn.assigns[:valid_signature]
|
|
refute is_nil(conn.assigns.user)
|
|
end
|
|
|
|
test "allowlist federation: it considers a mapped identity to be invalid when the associated instance is not allowed" do
|
|
clear_config([:activitypub, :authorized_fetch_mode], true)
|
|
|
|
clear_config([:mrf_simple, :accept], [
|
|
{"misskey.example.org", "anime is allowed"}
|
|
])
|
|
|
|
on_exit(fn ->
|
|
Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false)
|
|
Pleroma.Config.put([:mrf_simple, :accept], [])
|
|
end)
|
|
|
|
conn =
|
|
build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
|
|
|> set_signature("http://mastodon.example.org/users/admin")
|
|
|> MappedSignatureToIdentityPlug.call(%{})
|
|
|
|
assert %{valid_signature: false} == conn.assigns
|
|
end
|
|
|
|
@tag skip: "known breakage; the testsuite presently depends on it"
|
|
test "it considers a mapped identity to be invalid when the identity cannot be found" do
|
|
conn =
|
|
build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
|
|
|> set_signature("http://niu.moe/users/rye")
|
|
|> MappedSignatureToIdentityPlug.call(%{})
|
|
|
|
assert %{valid_signature: false} == conn.assigns
|
|
end
|
|
end
|