Improve Federation boundaries

test/mobilizon_web/plugs/federating_test.exs

@@ -0,0 +1,28 @@
+# Portions of this file are derived from Pleroma:
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule MobilizonWeb.Plug.FederatingTest do
+  use MobilizonWeb.ConnCase
+
+  alias MobilizonWeb.Plugs.Federating
+
+  test "returns and halt the conn when federating is disabled" do
+    Mobilizon.Config.put([:instance, :federating], false)
+
+    conn = Federating.call(build_conn(), %{})
+
+    assert conn.status == 404
+    assert conn.halted
+  end
+
+  test "does nothing when federating is enabled" do
+    Mobilizon.Config.put([:instance, :federating], true)
+
+    conn = Federating.call(build_conn(), %{})
+
+    refute conn.status
+    refute conn.halted
+  end
+end

test/mobilizon_web/plugs/mapped_identity_to_signature_test.exs

@@ -0,0 +1,61 @@
+# Portions of this file are derived from Pleroma:
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule MobilizonWeb.Plugs.MappedSignatureToIdentityTest do
+  use MobilizonWeb.ConnCase
+  use ExVCR.Mock, adapter: ExVCR.Adapter.Hackney
+
+  alias MobilizonWeb.Plugs.MappedSignatureToIdentity
+
+  defp set_signature(conn, key_id) do
+    conn
+    |> put_req_header("signature", "keyId=\"#{key_id}\"")
+    |> assign(:valid_signature, true)
+  end
+
+  test "it successfully maps a valid identity with a valid signature" do
+    use_cassette "activity_pub/signature/valid" do
+      conn =
+        build_conn(:get, "/doesntmattter")
+        |> set_signature("https://framapiaf.org/users/admin")
+        |> MappedSignatureToIdentity.call(%{})
+
+      refute is_nil(conn.assigns.actor)
+    end
+  end
+
+  test "it successfully maps a valid identity with a valid signature with payload" do
+    use_cassette "activity_pub/signature/valid_payload" do
+      conn =
+        build_conn(:post, "/doesntmattter", %{"actor" => "https://framapiaf.org/users/admin"})
+        |> set_signature("https://framapiaf.org/users/admin")
+        |> MappedSignatureToIdentity.call(%{})
+
+      refute is_nil(conn.assigns.actor)
+    end
+  end
+
+  test "it considers a mapped identity to be invalid when it mismatches a payload" do
+    use_cassette "activity_pub/signature/invalid_payload" do
+      conn =
+        build_conn(:post, "/doesntmattter", %{"actor" => "https://framapiaf.org/users/admin"})
+        |> set_signature("https://niu.moe/users/rye")
+        |> MappedSignatureToIdentity.call(%{})
+
+      assert %{valid_signature: false} == conn.assigns
+    end
+  end
+
+  test "it considers a mapped identity to be invalid when the identity cannot be found" do
+    use_cassette "activity_pub/signature/invalid_not_found" do
+      conn =
+        build_conn(:post, "/doesntmattter", %{"actor" => "https://framapiaf.org/users/admin"})
+        |> set_signature("http://niu.moe/users/rye")
+        |> MappedSignatureToIdentity.call(%{})
+
+      assert %{valid_signature: false} == conn.assigns
+    end
+  end
+end

test/mobilizon_web/resolvers/event_test.exs

@@ -158,7 +158,11 @@ defmodule MobilizonWeb.Resolvers.EventResolverTest do
 
       assert json_response(res, 200)["data"]["createEvent"]["title"] == "come to my event"
       {id, ""} = json_response(res, 200)["data"]["createEvent"]["id"] |> Integer.parse()
-      assert_enqueued(worker: Workers.BuildSearch, args: %{event_id: id, op: :insert_search_event})
+
+      assert_enqueued(
+        worker: Workers.BuildSearch,
+        args: %{event_id: id, op: :insert_search_event}
+      )
     end
 
     test "create_event/3 creates an event and escapes title and description", %{
@@ -204,7 +208,11 @@ defmodule MobilizonWeb.Resolvers.EventResolverTest do
                "<b>My description</b> <img src=\"http://placekitten.com/g/200/300\" />"
 
       {id, ""} = res["data"]["createEvent"]["id"] |> Integer.parse()
-      assert_enqueued(worker: Workers.BuildSearch, args: %{event_id: id, op: :insert_search_event})
+
+      assert_enqueued(
+        worker: Workers.BuildSearch,
+        args: %{event_id: id, op: :insert_search_event}
+      )
     end
 
     test "create_event/3 creates an event as a draft", %{conn: conn, actor: actor, user: user} do

test/mobilizon_web/resolvers/user_test.exs

@@ -5,10 +5,8 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
 
   use Bamboo.Test
 
-  alias Mobilizon.{Actors, Users}
+  alias Mobilizon.{Actors, Config, Users}
   alias Mobilizon.Actors.Actor
-  alias Mobilizon.Service.Users.ResetPassword
-  alias Mobilizon.Users
   alias Mobilizon.Users.User
 
   alias MobilizonWeb.{AbsintheHelpers, Email}
@@ -321,8 +319,8 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
     end
 
     test "create_user/3 doesn't allow registration when registration is closed", %{conn: conn} do
-      Mobilizon.Config.put([:instance, :registrations_open], false)
-      Mobilizon.Config.put([:instance, :registration_email_whitelist], [])
+      Config.put([:instance, :registrations_open], false)
+      Config.put([:instance, :registration_email_whitelist], [])
 
       mutation = """
           mutation createUser($email: String!, $password: String!) {
@@ -344,14 +342,14 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
         )
 
       assert hd(res["errors"])["message"] == "Registrations are not enabled"
-      Mobilizon.Config.put([:instance, :registrations_open], true)
+      Config.put([:instance, :registrations_open], true)
     end
 
     test "create_user/3 doesn't allow registration when user email is not on the whitelist", %{
       conn: conn
     } do
-      Mobilizon.Config.put([:instance, :registrations_open], false)
-      Mobilizon.Config.put([:instance, :registration_email_whitelist], ["random.org"])
+      Config.put([:instance, :registrations_open], false)
+      Config.put([:instance, :registration_email_whitelist], ["random.org"])
 
       mutation = """
           mutation createUser($email: String!, $password: String!) {
@@ -373,15 +371,15 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
         )
 
       assert hd(res["errors"])["message"] == "Your email is not on the whitelist"
-      Mobilizon.Config.put([:instance, :registrations_open], true)
-      Mobilizon.Config.put([:instance, :registration_email_whitelist], [])
+      Config.put([:instance, :registrations_open], true)
+      Config.put([:instance, :registration_email_whitelist], [])
     end
 
     test "create_user/3 allows registration when user email domain is on the whitelist", %{
       conn: conn
     } do
-      Mobilizon.Config.put([:instance, :registrations_open], false)
-      Mobilizon.Config.put([:instance, :registration_email_whitelist], ["demo.tld"])
+      Config.put([:instance, :registrations_open], false)
+      Config.put([:instance, :registration_email_whitelist], ["demo.tld"])
 
       mutation = """
           mutation createUser($email: String!, $password: String!) {
@@ -404,13 +402,13 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
 
       refute res["errors"]
       assert res["data"]["createUser"]["email"] == @user_creation.email
-      Mobilizon.Config.put([:instance, :registrations_open], true)
-      Mobilizon.Config.put([:instance, :registration_email_whitelist], [])
+      Config.put([:instance, :registrations_open], true)
+      Config.put([:instance, :registration_email_whitelist], [])
     end
 
     test "create_user/3 allows registration when user email is on the whitelist", %{conn: conn} do
-      Mobilizon.Config.put([:instance, :registrations_open], false)
-      Mobilizon.Config.put([:instance, :registration_email_whitelist], [@user_creation.email])
+      Config.put([:instance, :registrations_open], false)
+      Config.put([:instance, :registration_email_whitelist], [@user_creation.email])
 
       mutation = """
           mutation createUser($email: String!, $password: String!) {
@@ -433,8 +431,8 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
 
       refute res["errors"]
       assert res["data"]["createUser"]["email"] == @user_creation.email
-      Mobilizon.Config.put([:instance, :registrations_open], true)
-      Mobilizon.Config.put([:instance, :registration_email_whitelist], [])
+      Config.put([:instance, :registrations_open], true)
+      Config.put([:instance, :registration_email_whitelist], [])
     end
 
     test "register_person/3 doesn't register a profile from an unknown email", context do
@@ -637,7 +635,7 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
                "You requested again a confirmation email too soon"
 
       # Hammer time !
-      Mobilizon.Users.update_user(user, %{
+      Users.update_user(user, %{
         confirmation_sent_at: Timex.shift(user.confirmation_sent_at, hours: -3)
       })
 
@@ -709,8 +707,8 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
     test "test reset_password/3 with valid email", context do
       {:ok, %User{} = user} = Users.register(%{email: "toto@tata.tld", password: "p4ssw0rd"})
       %Actor{} = insert(:actor, user: user)
-      {:ok, _email_sent} = ResetPassword.send_password_reset_email(user)
-      %User{reset_password_token: reset_password_token} = Mobilizon.Users.get_user!(user.id)
+      {:ok, _email_sent} = Email.User.send_password_reset_email(user)
+      %User{reset_password_token: reset_password_token} = Users.get_user!(user.id)
 
       mutation = """
           mutation {
@@ -734,8 +732,8 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
 
     test "test reset_password/3 with a password too short", context do
       %User{} = user = insert(:user)
-      {:ok, _email_sent} = ResetPassword.send_password_reset_email(user)
-      %User{reset_password_token: reset_password_token} = Mobilizon.Users.get_user!(user.id)
+      {:ok, _email_sent} = Email.User.send_password_reset_email(user)
+      %User{reset_password_token: reset_password_token} = Users.get_user!(user.id)
 
       mutation = """
           mutation {
@@ -760,8 +758,8 @@ defmodule MobilizonWeb.Resolvers.UserResolverTest do
 
     test "test reset_password/3 with an invalid token", context do
       %User{} = user = insert(:user)
-      {:ok, _email_sent} = ResetPassword.send_password_reset_email(user)
-      %User{} = Mobilizon.Users.get_user!(user.id)
+      {:ok, _email_sent} = Email.User.send_password_reset_email(user)
+      %User{} = Users.get_user!(user.id)
 
       mutation = """
           mutation {

test/mobilizon_web/upload/upload_test.exs

@@ -9,6 +9,7 @@ defmodule Mobilizon.UploadTest do
   alias Mobilizon.Config
 
   alias MobilizonWeb.Upload
+  alias MobilizonWeb.Upload.Uploader
 
   describe "Storing a file with the Local uploader" do
     setup [:ensure_local_uploader]
@@ -184,7 +185,7 @@ defmodule Mobilizon.UploadTest do
 
     test "delete a not existing file" do
       file =
-        Config.get!([MobilizonWeb.Uploaders.Local, :uploads]) <>
+        Config.get!([Uploader.Local, :uploads]) <>
           "/not_existing/definitely.jpg"
 
       refute File.exists?(file)
@@ -214,6 +215,6 @@ defmodule Mobilizon.UploadTest do
     assert String.starts_with?(url, MobilizonWeb.Endpoint.url() <> "/media/")
 
     %URI{path: "/media/" <> path} = URI.parse(url)
-    {Config.get!([MobilizonWeb.Uploaders.Local, :uploads]) <> "/" <> path, url}
+    {Config.get!([Uploader.Local, :uploads]) <> "/" <> path, url}
   end
 end