Add more API endpoints, better tests

2026-03-13 05:49:16 +01:00 · 2023-09-21 12:42:59 -10:00 · 2023-09-21 12:42:59 -10:00 · 6d2f9072ac
commit 6d2f9072ac
parent dacbc5a00b
15 changed files with 628 additions and 153 deletions
--- a/tests/actor.test.ts
+++ b/tests/actor.test.ts
@ -0,0 +1,103 @@
+/* eslint-disable @typescript-eslint/no-unsafe-member-access */
+/* eslint-disable @typescript-eslint/no-explicit-any */
+import { getConfig } from "@config";
+import { APActor } from "activitypub-types";
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
+import { AppDataSource } from "~database/datasource";
+import { RawActivity } from "~database/entities/RawActivity";
+import { Token } from "~database/entities/Token";
+import { User } from "~database/entities/User";
+
+const config = getConfig();
+
+beforeAll(async () => {
+	if (!AppDataSource.isInitialized) await AppDataSource.initialize();
+
+	// Initialize test user
+	await User.createNew({
+		email: "test@test.com",
+		username: "test",
+		password: "test",
+		display_name: "",
+	});
+});
+
+describe("POST /@test", () => {
+	test("should return a valid ActivityPub Actor when querying an existing user", async () => {
+		const response = await fetch(
+			`${config.http.base_url}:${config.http.port}/@test`,
+			{
+				method: "GET",
+				headers: {
+					Accept: "application/activity+json",
+				},
+			}
+		);
+
+		expect(response.status).toBe(200);
+		expect(response.headers.get("content-type")).toBe(
+			"application/activity+json"
+		);
+
+		const actor: APActor = await response.json();
+
+		expect(actor.type).toBe("Person");
+		expect(actor.id).toBe(
+			`${config.http.base_url}:${config.http.port}/@test`
+		);
+		expect(actor.preferredUsername).toBe("test");
+		expect(actor.inbox).toBe(
+			`${config.http.base_url}:${config.http.port}/@test/inbox`
+		);
+		expect(actor.outbox).toBe(
+			`${config.http.base_url}:${config.http.port}/@test/outbox`
+		);
+		expect(actor.followers).toBe(
+			`${config.http.base_url}:${config.http.port}/@test/followers`
+		);
+		expect(actor.following).toBe(
+			`${config.http.base_url}:${config.http.port}/@test/following`
+		);
+		expect((actor as any).publicKey).toBeDefined();
+		expect((actor as any).publicKey.id).toBeDefined();
+		expect((actor as any).publicKey.owner).toBe(
+			`${config.http.base_url}:${config.http.port}/@test`
+		);
+		expect((actor as any).publicKey.publicKeyPem).toBeDefined();
+	});
+});
+
+afterAll(async () => {
+	// Clean up user
+	const user = await User.findOneBy({
+		username: "test",
+	});
+
+	// Clean up tokens
+	const tokens = await Token.findBy({
+		user: {
+			username: "test",
+		},
+	});
+
+	const activities = await RawActivity.createQueryBuilder("activity")
+		.where("activity.data->>'actor' = :actor", {
+			actor: `${config.http.base_url}:${config.http.port}/@test`,
+		})
+		.leftJoinAndSelect("activity.objects", "objects")
+		.getMany();
+
+	// Delete all created objects and activities as part of testing
+	await Promise.all(
+		activities.map(async activity => {
+			await Promise.all(
+				activity.objects.map(async object => await object.remove())
+			);
+			await activity.remove();
+		})
+	);
+
+	await Promise.all(tokens.map(async token => await token.remove()));
+
+	if (user) await user.remove();
+});
--- a/tests/api.test.ts
+++ b/tests/api.test.ts
@ -0,0 +1,189 @@
+/* eslint-disable @typescript-eslint/no-unsafe-member-access */
+/* eslint-disable @typescript-eslint/no-explicit-any */
+import { getConfig } from "@config";
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
+import { AppDataSource } from "~database/datasource";
+import { Application } from "~database/entities/Application";
+import { RawActivity } from "~database/entities/RawActivity";
+import { Token, TokenType } from "~database/entities/Token";
+import { User } from "~database/entities/User";
+import { APIAccount } from "~types/entities/account";
+import { APIStatus } from "~types/entities/status";
+
+const config = getConfig();
+
+let token: Token;
+let user: User;
+
+beforeAll(async () => {
+	if (!AppDataSource.isInitialized) await AppDataSource.initialize();
+
+	// Initialize test user
+	user = await User.createNew({
+		email: "test@test.com",
+		username: "test",
+		password: "test",
+		display_name: "",
+	});
+
+	const app = new Application();
+
+	app.name = "Test Application";
+	app.website = "https://example.com";
+	app.client_id = "test";
+	app.redirect_uris = "https://example.com";
+	app.scopes = "read write";
+	app.secret = "test";
+	app.vapid_key = null;
+
+	await app.save();
+
+	// Initialize test token
+	token = new Token();
+
+	token.access_token = "test";
+	token.application = app;
+	token.code = "test";
+	token.scope = "read write";
+	token.token_type = TokenType.BEARER;
+	token.user = user;
+
+	await token.save();
+});
+
+describe("POST /api/v1/accounts/:id", () => {
+	test("should return a 404 error when trying to update a non-existent user", async () => {
+		const response = await fetch(
+			`${config.http.base_url}:${config.http.port}/api/v1/accounts/999999`,
+			{
+				method: "GET",
+				headers: {
+					Authorization: `Bearer ${token.access_token}`,
+					"Content-Type": "application/json",
+				},
+			}
+		);
+
+		expect(response.status).toBe(404);
+		expect(response.headers.get("content-type")).toBe("application/json");
+	});
+});
+
+describe("POST /api/v1/statuses", () => {
+	test("should create a new status and return an APIStatus object", async () => {
+		const response = await fetch(
+			`${config.http.base_url}:${config.http.port}/api/v1/statuses`,
+			{
+				method: "POST",
+				headers: {
+					Authorization: `Bearer ${token.access_token}`,
+					"Content-Type": "application/json",
+				},
+				body: JSON.stringify({
+					status: "Hello, world!",
+					visibility: "public",
+				}),
+			}
+		);
+
+		expect(response.status).toBe(200);
+		expect(response.headers.get("content-type")).toBe("application/json");
+
+		const status: APIStatus = await response.json();
+
+		expect(status.content).toBe("Hello, world!");
+		expect(status.visibility).toBe("public");
+		expect(status.account.id).toBe(
+			`${config.http.base_url}:${config.http.port}/@test`
+		);
+		expect(status.replies_count).toBe(0);
+		expect(status.favourites_count).toBe(0);
+		expect(status.reblogged).toBe(false);
+		expect(status.favourited).toBe(false);
+		expect(status.reblog?.content).toBe("Hello, world!");
+		expect(status.reblog?.visibility).toBe("public");
+		expect(status.reblog?.account.id).toBe(
+			`${config.http.base_url}:${config.http.port}/@test`
+		);
+		expect(status.reblog?.replies_count).toBe(0);
+		expect(status.reblog?.favourites_count).toBe(0);
+		expect(status.reblog?.reblogged).toBe(false);
+		expect(status.reblog?.favourited).toBe(false);
+		expect(status.media_attachments).toEqual([]);
+		expect(status.mentions).toEqual([]);
+		expect(status.tags).toEqual([]);
+		expect(status.application).toBeNull();
+		expect(status.sensitive).toBe(false);
+		expect(status.spoiler_text).toBe("");
+		expect(status.language).toBeNull();
+		expect(status.pinned).toBe(false);
+		expect(status.visibility).toBe("public");
+		expect(status.card).toBeNull();
+		expect(status.poll).toBeNull();
+		expect(status.emojis).toEqual([]);
+		expect(status.in_reply_to_id).toBeNull();
+		expect(status.in_reply_to_account_id).toBeNull();
+		expect(status.reblog?.in_reply_to_id).toBeNull();
+		expect(status.reblog?.in_reply_to_account_id).toBeNull();
+	});
+});
+
+describe("POST /api/v1/accounts/update_credentials", () => {
+	test("should update the authenticated user's display name", async () => {
+		const response = await fetch(
+			`${config.http.base_url}:${config.http.port}/api/v1/accounts/update_credentials`,
+			{
+				method: "POST",
+				headers: {
+					Authorization: `Bearer ${token.access_token}`,
+					"Content-Type": "application/json",
+				},
+				body: JSON.stringify({
+					display_name: "New Display Name",
+				}),
+			}
+		);
+
+		expect(response.status).toBe(200);
+		expect(response.headers.get("content-type")).toBe("application/json");
+
+		const user: APIAccount = await response.json();
+
+		expect(user.display_name).toBe("New Display Name");
+	});
+});
+
+afterAll(async () => {
+	// Clean up user
+	const user = await User.findOneBy({
+		username: "test",
+	});
+
+	// Clean up tokens
+	const tokens = await Token.findBy({
+		user: {
+			username: "test",
+		},
+	});
+
+	const activities = await RawActivity.createQueryBuilder("activity")
+		.where("activity.data->>'actor' = :actor", {
+			actor: `${config.http.base_url}:${config.http.port}/@test`,
+		})
+		.leftJoinAndSelect("activity.objects", "objects")
+		.getMany();
+
+	// Delete all created objects and activities as part of testing
+	await Promise.all(
+		activities.map(async activity => {
+			await Promise.all(
+				activity.objects.map(async object => await object.remove())
+			);
+			await activity.remove();
+		})
+	);
+
+	await Promise.all(tokens.map(async token => await token.remove()));
+
+	if (user) await user.remove();
+});
--- a/tests/inbox.test.ts
+++ b/tests/inbox.test.ts
@ -11,21 +11,18 @@ beforeAll(async () => {
 	if (!AppDataSource.isInitialized) await AppDataSource.initialize();

 	// Initialize test user
-	const user = new User();
-
-	user.email = "test@test.com";
-	user.username = "test";
-	user.password = await Bun.password.hash("test");
-	user.display_name = "";
-	user.note = "";
-
-	await user.generateKeys();
-
-	await user.save();
+	await User.createNew({
+		email: "test@test.com",
+		username: "test",
+		password: "test",
+		display_name: "",
+	});
 });

 describe("POST /@test/inbox", () => {
 	test("should store a new Note object", async () => {
+		const activityId = `https://example.com/objects/${crypto.randomUUID()}`;
+
 		const response = await fetch(
 			`${config.http.base_url}:${config.http.port}/@test/inbox/`,
 			{
@ -36,8 +33,12 @@ describe("POST /@test/inbox", () => {
 				body: JSON.stringify({
 					"@context": "https://www.w3.org/ns/activitystreams",
 					type: "Create",
-					id: "https://example.com/notes/1/activity",
-					actor: `${config.http.base_url}:${config.http.port}/@test`,
+					id: activityId,
+					actor: {
+						id: `${config.http.base_url}:${config.http.port}/@test`,
+						type: "Person",
+						preferredUsername: "test",
+					},
 					to: ["https://www.w3.org/ns/activitystreams#Public"],
 					cc: [],
 					published: "2021-01-01T00:00:00.000Z",
@ -57,16 +58,13 @@ describe("POST /@test/inbox", () => {
 		expect(response.status).toBe(200);
 		expect(response.headers.get("content-type")).toBe("application/json");

-		const activity = await RawActivity.getLatestById(
-			"https://example.com/notes/1/activity"
-		);
+		const activity = await RawActivity.getLatestById(activityId);

 		expect(activity).not.toBeUndefined();
 		expect(activity?.data).toEqual({
 			"@context": "https://www.w3.org/ns/activitystreams",
 			type: "Create",
-			id: "https://example.com/notes/1/activity",
-			actor: `${config.http.base_url}:${config.http.port}/@test`,
+			id: activityId,
 			to: ["https://www.w3.org/ns/activitystreams#Public"],
 			cc: [],
 			published: "2021-01-01T00:00:00.000Z",
@ -85,6 +83,8 @@ describe("POST /@test/inbox", () => {
 	});

 	test("should try to update that Note object", async () => {
+		const activityId = `https://example.com/objects/${crypto.randomUUID()}`;
+
 		const response = await fetch(
 			`${config.http.base_url}:${config.http.port}/@test/inbox/`,
 			{
@ -95,8 +95,12 @@ describe("POST /@test/inbox", () => {
 				body: JSON.stringify({
 					"@context": "https://www.w3.org/ns/activitystreams",
 					type: "Update",
-					id: "https://example.com/notes/1/activity",
-					actor: `${config.http.base_url}:${config.http.port}/@test`,
+					id: activityId,
+					actor: {
+						id: `${config.http.base_url}:${config.http.port}/@test`,
+						type: "Person",
+						preferredUsername: "test",
+					},
 					to: ["https://www.w3.org/ns/activitystreams#Public"],
 					cc: [],
 					published: "2021-01-02T00:00:00.000Z",
@ -116,16 +120,13 @@ describe("POST /@test/inbox", () => {
 		expect(response.status).toBe(200);
 		expect(response.headers.get("content-type")).toBe("application/json");

-		const activity = await RawActivity.getLatestById(
-			"https://example.com/notes/1/activity"
-		);
+		const activity = await RawActivity.getLatestById(activityId);

 		expect(activity).not.toBeUndefined();
 		expect(activity?.data).toEqual({
 			"@context": "https://www.w3.org/ns/activitystreams",
 			type: "Update",
-			id: "https://example.com/notes/1/activity",
-			actor: `${config.http.base_url}:${config.http.port}/@test`,
+			id: activityId,
 			to: ["https://www.w3.org/ns/activitystreams#Public"],
 			cc: [],
 			published: "2021-01-02T00:00:00.000Z",
@ -144,6 +145,7 @@ describe("POST /@test/inbox", () => {
 	});

 	test("should delete the Note object", async () => {
+		const activityId = `https://example.com/objects/${crypto.randomUUID()}`;
 		const response = await fetch(
 			`${config.http.base_url}:${config.http.port}/@test/inbox/`,
 			{
@ -154,8 +156,12 @@ describe("POST /@test/inbox", () => {
 				body: JSON.stringify({
 					"@context": "https://www.w3.org/ns/activitystreams",
 					type: "Delete",
-					id: "https://example.com/notes/1/activity",
-					actor: `${config.http.base_url}:${config.http.port}/@test`,
+					id: activityId,
+					actor: {
+						id: `${config.http.base_url}:${config.http.port}/@test`,
+						type: "Person",
+						preferredUsername: "test",
+					},
 					to: ["https://www.w3.org/ns/activitystreams#Public"],
 					cc: [],
 					published: "2021-01-03T00:00:00.000Z",
@ -175,21 +181,25 @@ describe("POST /@test/inbox", () => {
 		expect(response.status).toBe(200);
 		expect(response.headers.get("content-type")).toBe("application/json");

-		const activity = await RawActivity.getLatestById(
-			"https://example.com/notes/1/activity"
-		);
+		const activity = await RawActivity.getLatestById(activityId);

 		expect(activity).not.toBeUndefined();
 		expect(activity?.data).toEqual({
 			"@context": "https://www.w3.org/ns/activitystreams",
 			type: "Delete",
-			id: "https://example.com/notes/1/activity",
-			actor: `${config.http.base_url}:${config.http.port}/@test`,
+			id: activityId,
 			to: ["https://www.w3.org/ns/activitystreams#Public"],
 			cc: [],
 			published: "2021-01-03T00:00:00.000Z",
 		});

+		expect(activity?.actors).toHaveLength(1);
+		expect(activity?.actors[0].data).toEqual({
+			preferredUsername: "test",
+			id: `${config.http.base_url}:${config.http.port}/@test`,
+			type: "Person",
+		});
+
 		// Can be 0 or 1 length depending on whether config.activitypub.use_tombstone is true or false
 		if (config.activitypub.use_tombstones) {
 			expect(activity?.objects).toHaveLength(1);
@ -197,6 +207,41 @@ describe("POST /@test/inbox", () => {
 			expect(activity?.objects).toHaveLength(0);
 		}
 	});
+
+	test("should return a 404 error when trying to delete a non-existent Note object", async () => {
+		const activityId = `https://example.com/objects/${crypto.randomUUID()}`;
+
+		const response = await fetch(
+			`${config.http.base_url}:${config.http.port}/@test/inbox/`,
+			{
+				method: "POST",
+				headers: {
+					"Content-Type": "application/activity+json",
+				},
+				body: JSON.stringify({
+					"@context": "https://www.w3.org/ns/activitystreams",
+					type: "Delete",
+					id: activityId,
+					actor: {
+						id: `${config.http.base_url}:${config.http.port}/@test`,
+						type: "Person",
+						preferredUsername: "test",
+					},
+					to: ["https://www.w3.org/ns/activitystreams#Public"],
+					cc: [],
+					published: "2021-01-03T00:00:00.000Z",
+					object: {
+						"@context": "https://www.w3.org/ns/activitystreams",
+						id: "https://example.com/notes/2345678909876543",
+						type: "Note",
+					},
+				}),
+			}
+		);
+
+		expect(response.status).toBe(404);
+		expect(response.headers.get("content-type")).toBe("application/json");
+	});
 });

 afterAll(async () => {
@ -213,10 +258,16 @@ afterAll(async () => {
 	});

 	const activities = await RawActivity.createQueryBuilder("activity")
-		.where("activity.data->>'actor' = :actor", {
-			actor: `${config.http.base_url}:${config.http.port}/@test`,
-		})
+		// Join objects
 		.leftJoinAndSelect("activity.objects", "objects")
+		.leftJoinAndSelect("activity.actors", "actors")
+		// activity.actors is a many-to-many relationship with Actor objects (it is an array of Actor objects)
+		// Get the actors of the activity that have data.id as `${config.http.base_url}:${config.http.port}/@test`
+		.where("actors.data @> :data", {
+			data: JSON.stringify({
+				id: `${config.http.base_url}:${config.http.port}/@test`,
+			}),
+		})
 		.getMany();

 	// Delete all created objects and activities as part of testing
--- a/tests/oauth.test.ts
+++ b/tests/oauth.test.ts
@ -15,17 +15,12 @@ beforeAll(async () => {
 	if (!AppDataSource.isInitialized) await AppDataSource.initialize();

 	// Initialize test user
-	const user = new User();
-
-	user.email = "test@test.com";
-	user.username = "test";
-	user.password = await Bun.password.hash("test");
-	user.display_name = "";
-	user.note = "";
-
-	await user.generateKeys();
-
-	await user.save();
+	await User.createNew({
+		email: "test@test.com",
+		username: "test",
+		password: "test",
+		display_name: "",
+	});
 });

 describe("POST /v1/apps/", () => {