315 lines
10 KiB
Ruby
315 lines
10 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'rails_helper'
|
|
|
|
RSpec.describe ActivityPub::ProcessAccountService, type: :service do
|
|
subject { described_class.new }
|
|
|
|
context 'with property values' do
|
|
let(:payload) do
|
|
{
|
|
id: 'https://foo.test',
|
|
type: 'Actor',
|
|
inbox: 'https://foo.test/inbox',
|
|
attachment: [
|
|
{ type: 'PropertyValue', name: 'Pronouns', value: 'They/them' },
|
|
{ type: 'PropertyValue', name: 'Occupation', value: 'Unit test' },
|
|
{ type: 'PropertyValue', name: 'non-string', value: %w(foo bar) },
|
|
],
|
|
}.with_indifferent_access
|
|
end
|
|
|
|
it 'parses out of attachment' do
|
|
account = subject.call('alice', 'example.com', payload)
|
|
expect(account.fields).to be_a Array
|
|
expect(account.fields.size).to eq 2
|
|
expect(account.fields[0]).to be_a Account::Field
|
|
expect(account.fields[0].name).to eq 'Pronouns'
|
|
expect(account.fields[0].value).to eq 'They/them'
|
|
expect(account.fields[1]).to be_a Account::Field
|
|
expect(account.fields[1].name).to eq 'Occupation'
|
|
expect(account.fields[1].value).to eq 'Unit test'
|
|
end
|
|
end
|
|
|
|
context 'when account is not suspended' do
|
|
subject { described_class.new.call('alice', 'example.com', payload) }
|
|
|
|
let!(:account) { Fabricate(:account, username: 'alice', domain: 'example.com') }
|
|
|
|
let(:payload) do
|
|
{
|
|
id: 'https://foo.test',
|
|
type: 'Actor',
|
|
inbox: 'https://foo.test/inbox',
|
|
suspended: true,
|
|
}.with_indifferent_access
|
|
end
|
|
|
|
before do
|
|
allow(Admin::SuspensionWorker).to receive(:perform_async)
|
|
end
|
|
|
|
it 'suspends account remotely' do
|
|
expect(subject.suspended?).to be true
|
|
expect(subject.suspension_origin_remote?).to be true
|
|
end
|
|
|
|
it 'queues suspension worker' do
|
|
subject
|
|
expect(Admin::SuspensionWorker).to have_received(:perform_async)
|
|
end
|
|
end
|
|
|
|
context 'when account is suspended' do
|
|
subject { described_class.new.call('alice', 'example.com', payload) }
|
|
|
|
let!(:account) { Fabricate(:account, username: 'alice', domain: 'example.com', display_name: '') }
|
|
|
|
let(:payload) do
|
|
{
|
|
id: 'https://foo.test',
|
|
type: 'Actor',
|
|
inbox: 'https://foo.test/inbox',
|
|
suspended: false,
|
|
name: 'Hoge',
|
|
}.with_indifferent_access
|
|
end
|
|
|
|
before do
|
|
allow(Admin::UnsuspensionWorker).to receive(:perform_async)
|
|
|
|
account.suspend!(origin: suspension_origin)
|
|
end
|
|
|
|
context 'when locally' do
|
|
let(:suspension_origin) { :local }
|
|
|
|
it 'does not unsuspend it' do
|
|
expect(subject.suspended?).to be true
|
|
end
|
|
|
|
it 'does not update any attributes' do
|
|
expect(subject.display_name).to_not eq 'Hoge'
|
|
end
|
|
end
|
|
|
|
context 'when remotely' do
|
|
let(:suspension_origin) { :remote }
|
|
|
|
it 'unsuspends it' do
|
|
expect(subject.suspended?).to be false
|
|
end
|
|
|
|
it 'queues unsuspension worker' do
|
|
subject
|
|
expect(Admin::UnsuspensionWorker).to have_received(:perform_async)
|
|
end
|
|
|
|
it 'updates attributes' do
|
|
expect(subject.display_name).to eq 'Hoge'
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when discovering many subdomains in a short timeframe' do
|
|
subject do
|
|
8.times do |i|
|
|
domain = "test#{i}.testdomain.com"
|
|
json = {
|
|
id: "https://#{domain}/users/1",
|
|
type: 'Actor',
|
|
inbox: "https://#{domain}/inbox",
|
|
}.with_indifferent_access
|
|
described_class.new.call('alice', domain, json)
|
|
end
|
|
end
|
|
|
|
before do
|
|
stub_const 'ActivityPub::ProcessAccountService::SUBDOMAINS_RATELIMIT', 5
|
|
end
|
|
|
|
it 'creates at least some accounts' do
|
|
expect { subject }.to change { Account.remote.count }.by_at_least(2)
|
|
end
|
|
|
|
it 'creates no more account than the limit allows' do
|
|
expect { subject }.to change { Account.remote.count }.by_at_most(5)
|
|
end
|
|
end
|
|
|
|
context 'when Accounts referencing other accounts' do
|
|
let(:payload) do
|
|
{
|
|
'@context': ['https://www.w3.org/ns/activitystreams'],
|
|
id: 'https://foo.test/users/1',
|
|
type: 'Person',
|
|
inbox: 'https://foo.test/inbox',
|
|
featured: 'https://foo.test/users/1/featured',
|
|
preferredUsername: 'user1',
|
|
}.with_indifferent_access
|
|
end
|
|
|
|
before do
|
|
stub_const 'ActivityPub::ProcessAccountService::DISCOVERIES_PER_REQUEST', 5
|
|
|
|
8.times do |i|
|
|
actor_json = {
|
|
'@context': ['https://www.w3.org/ns/activitystreams'],
|
|
id: "https://foo.test/users/#{i}",
|
|
type: 'Person',
|
|
inbox: 'https://foo.test/inbox',
|
|
featured: "https://foo.test/users/#{i}/featured",
|
|
preferredUsername: "user#{i}",
|
|
}.with_indifferent_access
|
|
status_json = {
|
|
'@context': ['https://www.w3.org/ns/activitystreams'],
|
|
id: "https://foo.test/users/#{i}/status",
|
|
attributedTo: "https://foo.test/users/#{i}",
|
|
type: 'Note',
|
|
content: "@user#{i + 1} test",
|
|
tag: [
|
|
{
|
|
type: 'Mention',
|
|
href: "https://foo.test/users/#{i + 1}",
|
|
name: "@user#{i + 1}",
|
|
},
|
|
],
|
|
to: ['as:Public', "https://foo.test/users/#{i + 1}"],
|
|
}.with_indifferent_access
|
|
featured_json = {
|
|
'@context': ['https://www.w3.org/ns/activitystreams'],
|
|
id: "https://foo.test/users/#{i}/featured",
|
|
type: 'OrderedCollection',
|
|
totalItems: 1,
|
|
orderedItems: [status_json],
|
|
}.with_indifferent_access
|
|
webfinger = {
|
|
subject: "acct:user#{i}@foo.test",
|
|
links: [{ rel: 'self', href: "https://foo.test/users/#{i}" }],
|
|
}.with_indifferent_access
|
|
stub_request(:get, "https://foo.test/users/#{i}").to_return(status: 200, body: actor_json.to_json, headers: { 'Content-Type': 'application/activity+json' })
|
|
stub_request(:get, "https://foo.test/users/#{i}/featured").to_return(status: 200, body: featured_json.to_json, headers: { 'Content-Type': 'application/activity+json' })
|
|
stub_request(:get, "https://foo.test/users/#{i}/status").to_return(status: 200, body: status_json.to_json, headers: { 'Content-Type': 'application/activity+json' })
|
|
stub_request(:get, "https://foo.test/.well-known/webfinger?resource=acct:user#{i}@foo.test").to_return(body: webfinger.to_json, headers: { 'Content-Type': 'application/jrd+json' })
|
|
end
|
|
end
|
|
|
|
it 'creates at least some accounts' do
|
|
expect { subject.call('user1', 'foo.test', payload) }.to change { Account.remote.count }.by_at_least(2)
|
|
end
|
|
|
|
it 'creates no more account than the limit allows' do
|
|
expect { subject.call('user1', 'foo.test', payload) }.to change { Account.remote.count }.by_at_most(5)
|
|
end
|
|
end
|
|
|
|
context 'TreehouseAutomodExt' do
|
|
subject { described_class.new.call(account_username, 'foo.test', payload) }
|
|
let(:account_username) { 'evil' }
|
|
let(:account_display_name) { 'evil display name' }
|
|
let(:account_payload_suspended) { false }
|
|
|
|
let(:automod_account_username) { nil }
|
|
|
|
let(:payload) do
|
|
{
|
|
id: 'https://foo.test',
|
|
type: 'Actor',
|
|
inbox: 'https://foo.test/inbox',
|
|
suspended: account_payload_suspended,
|
|
name: account_display_name,
|
|
}.with_indifferent_access
|
|
end
|
|
|
|
let(:name_hash_hash) do
|
|
{
|
|
# 'evil' => 'evil display name'
|
|
'4034a346ccee15292d823416f7510a2f' => Set['225e44a7c4a792ee22a4ada2032da7cd']
|
|
}
|
|
end
|
|
|
|
before do
|
|
stub_const('ActivityPub::ProcessAccountService::TreehouseAutomodExt::HEURISTIC_AUTO_SUSPEND_ACTIVE', true)
|
|
stub_const('ActivityPub::ProcessAccountService::TreehouseAutomodExt::AUTOMOD_ACCOUNT_USERNAME', automod_account_username)
|
|
|
|
stub_const('ActivityPub::ProcessAccountService::TreehouseAutomodExt::HEURISTIC_NAMES', name_hash_hash)
|
|
stub_const('ActivityPub::ProcessAccountService::TreehouseAutomodExt::HEURISTIC_MAX_LEN', 20)
|
|
end
|
|
|
|
context 'new account' do
|
|
context 'heuristic matching' do
|
|
it 'suspends the user locally' do
|
|
expect(subject.suspended?).to be true
|
|
expect(subject.suspension_origin_local?).to be true
|
|
end
|
|
end
|
|
|
|
context 'heuristic not matching' do
|
|
let(:account_display_name) { '' }
|
|
it 'does nothing' do
|
|
expect(subject.suspended?).to be false
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'existing account' do
|
|
let!(:account) { Fabricate(:account, username: account_username, domain: 'foo.test', display_name: account_display_name) }
|
|
|
|
before do
|
|
allow(Admin::SuspensionWorker).to receive(:perform_async)
|
|
end
|
|
|
|
context 'heuristic matching' do
|
|
it 'suspends the user locally' do
|
|
expect(subject.suspended?).to be true
|
|
expect(subject.suspension_origin_local?).to be true
|
|
end
|
|
end
|
|
|
|
context 'heuristic not matching' do
|
|
let(:account_display_name) { 'not evil display name' }
|
|
|
|
it 'does nothing' do
|
|
expect(subject.suspended?).to be false
|
|
end
|
|
|
|
context 'suspended locally' do
|
|
before do
|
|
account.suspend!(origin: :local)
|
|
end
|
|
|
|
it 'does nothing' do
|
|
expect(subject.suspended?).to be true
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'tracking report' do
|
|
let(:automod_account_username) { 'automod_test' }
|
|
|
|
let!(:automod_user_role) { Fabricate(:user_role, name: 'Automod', permissions: UserRole::FLAGS[:administrator]) }
|
|
|
|
let!(:automod_account) do
|
|
account = Fabricate(:account, username: automod_account_username)
|
|
account.user.role_id = automod_user_role.id
|
|
account.user.save!
|
|
account
|
|
end
|
|
|
|
it 'creates report' do
|
|
expect(subject.targeted_reports.empty?).to be_falsy
|
|
|
|
report = Report.find_by(target_account_id: subject.id, account_id: automod_account.id, assigned_account_id: automod_account.id)
|
|
expect(report.comment.starts_with?('Tracking Report - automatically created by TreehouseAutomodExt')).to be_truthy
|
|
end
|
|
|
|
it 'creates account action' do
|
|
subject
|
|
expect(Admin::ActionLog.find_by(account_id: automod_account.id, target_id: subject.id)).not_to be nil
|
|
end
|
|
end
|
|
end
|
|
end
|