closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9303 Commits
4 Branches
567 MiB
Tree: 93dd413a47
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '93dd413a47'
${ noResults }
mastodon/spec/controllers/statuses_controller_spec.rb

837 lines
24 KiB
Raw Normal View History

More coverage yes more even more (#2627) * Add coverage for admin/confirmations controller * Coverage for statuses controller show action * Add coverage for admin/domain_blocks controller * Add coverage for settings/profiles#update
7 years ago
Fix RSS feeds not being cachable (#14368) * Add tests for some cachable responses This only covers responses that we should have managed to make cachable so far. It's not the case of all responses that should be cachable in the end. * Fix RSS feeds not being cachable
3 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
More coverage yes more even more (#2627) * Add coverage for admin/confirmations controller * Coverage for statuses controller show action * Add coverage for admin/domain_blocks controller * Add coverage for settings/profiles#update
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Fetch reblogs as Announce activity instead of Note object (#4672) * Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Fetch reblogs as Announce activity instead of Note object (#4672) * Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Fix RSS feeds not being cachable (#14368) * Add tests for some cachable responses This only covers responses that we should have managed to make cachable so far. It's not the case of all responses that should be cachable in the end. * Fix RSS feeds not being cachable
3 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Fetch reblogs as Announce activity instead of Note object (#4672) * Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Fix RSS feeds not being cachable (#14368) * Add tests for some cachable responses This only covers responses that we should have managed to make cachable so far. It's not the case of all responses that should be cachable in the end. * Fix RSS feeds not being cachable
3 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Use raw status code on have_http_status (#7214)
6 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
More coverage yes more even more (#2627) * Add coverage for admin/confirmations controller * Coverage for statuses controller show action * Add coverage for admin/domain_blocks controller * Add coverage for settings/profiles#update
7 years ago
 
  1. # frozen_string_literal: true
  2. 

  3. require 'rails_helper'
  4. 

  5. describe StatusesController do
  6.   render_views
  7. 

  8.   shared_examples 'cachable response' do
  9.     it 'does not set cookies' do
  10.       expect(response.cookies).to be_empty
  11.       expect(response.headers['Set-Cookies']).to be nil
  12.     end
  13. 

  14.     it 'does not set sessions' do
  15.       expect(session).to be_empty
  16.     end
  17. 

  18.     it 'returns public Cache-Control header' do
  19.       expect(response.headers['Cache-Control']).to include 'public'
  20.     end
  21.   end
  22. 

  23.   describe 'GET #show' do
  24.     let(:account) { Fabricate(:account) }
  25.     let(:status)  { Fabricate(:status, account: account) }
  26. 

  27.     context 'when account is suspended' do
  28.       let(:account) { Fabricate(:account, suspended: true) }
  29. 

  30.       before do
  31.         get :show, params: { account_username: account.username, id: status.id }
  32.       end
  33. 

  34.       it 'returns http gone' do
  35.         expect(response).to have_http_status(410)
  36.       end
  37.     end
  38. 

  39.     context 'when status is a reblog' do
  40.       let(:original_account) { Fabricate(:account, domain: 'example.com') }
  41.       let(:original_status) { Fabricate(:status, account: original_account, url: 'https://example.com/123') }
  42.       let(:status) { Fabricate(:status, account: account, reblog: original_status) }
  43. 

  44.       before do
  45.         get :show, params: { account_username: status.account.username, id: status.id }
  46.       end
  47. 

  48.       it 'redirects to the original status' do
  49.         expect(response).to redirect_to(original_status.url)
  50.       end
  51.     end
  52. 

  53.     context 'when status is public' do
  54.       before do
  55.         get :show, params: { account_username: status.account.username, id: status.id, format: format }
  56.       end
  57. 

  58.       context 'as HTML' do
  59.         let(:format) { 'html' }
  60. 

  61.         it 'returns http success' do
  62.           expect(response).to have_http_status(200)
  63.         end
  64. 

  65.         it 'returns Link header' do
  66.           expect(response.headers['Link'].to_s).to include 'activity+json'
  67.         end
  68. 

  69.         it 'returns Vary header' do
  70.           expect(response.headers['Vary']).to eq 'Accept'
  71.         end
  72. 

  73.         it 'returns public Cache-Control header' do
  74.           expect(response.headers['Cache-Control']).to include 'public'
  75.         end
  76. 

  77.         it 'renders status' do
  78.           expect(response).to render_template(:show)
  79.           expect(response.body).to include status.text
  80.         end
  81.       end
  82. 

  83.       context 'as JSON' do
  84.         let(:format) { 'json' }
  85. 

  86.         it 'returns http success' do
  87.           expect(response).to have_http_status(200)
  88.         end
  89. 

  90.         it 'returns Link header' do
  91.           expect(response.headers['Link'].to_s).to include 'activity+json'
  92.         end
  93. 

  94.         it 'returns Vary header' do
  95.           expect(response.headers['Vary']).to eq 'Accept'
  96.         end
  97. 

  98.         it_behaves_like 'cachable response'
  99. 

  100.         it 'returns Content-Type header' do
  101.           expect(response.headers['Content-Type']).to include 'application/activity+json'
  102.         end
  103. 

  104.         it 'renders ActivityPub Note object' do
  105.           json = body_as_json
  106.           expect(json[:content]).to include status.text
  107.         end
  108.       end
  109.     end
  110. 

  111.     context 'when status is private' do
  112.       let(:status) { Fabricate(:status, account: account, visibility: :private) }
  113. 

  114.       before do
  115.         get :show, params: { account_username: status.account.username, id: status.id, format: format }
  116.       end
  117. 

  118.       context 'as JSON' do
  119.         let(:format) { 'json' }
  120. 

  121.         it 'returns http not found' do
  122.           expect(response).to have_http_status(404)
  123.         end
  124.       end
  125. 

  126.       context 'as HTML' do
  127.         let(:format) { 'html' }
  128. 

  129.         it 'returns http not found' do
  130.           expect(response).to have_http_status(404)
  131.         end
  132.       end
  133.     end
  134. 

  135.     context 'when status is direct' do
  136.       let(:status) { Fabricate(:status, account: account, visibility: :direct) }
  137. 

  138.       before do
  139.         get :show, params: { account_username: status.account.username, id: status.id, format: format }
  140.       end
  141. 

  142.       context 'as JSON' do
  143.         let(:format) { 'json' }
  144. 

  145.         it 'returns http not found' do
  146.           expect(response).to have_http_status(404)
  147.         end
  148.       end
  149. 

  150.       context 'as HTML' do
  151.         let(:format) { 'html' }
  152. 

  153.         it 'returns http not found' do
  154.           expect(response).to have_http_status(404)
  155.         end
  156.       end
  157.     end
  158. 

  159.     context 'when signed-in' do
  160.       let(:user) { Fabricate(:user) }
  161. 

  162.       before do
  163.         sign_in(user)
  164.       end
  165. 

  166.       context 'when account blocks user' do
  167.         before do
  168.           account.block!(user.account)
  169.           get :show, params: { account_username: status.account.username, id: status.id }
  170.         end
  171. 

  172.         it 'returns http not found' do
  173.           expect(response).to have_http_status(404)
  174.         end
  175.       end
  176. 

  177.       context 'when status is public' do
  178.         before do
  179.           get :show, params: { account_username: status.account.username, id: status.id, format: format }
  180.         end
  181. 

  182.         context 'as HTML' do
  183.           let(:format) { 'html' }
  184. 

  185.           it 'returns http success' do
  186.             expect(response).to have_http_status(200)
  187.           end
  188. 

  189.           it 'returns Link header' do
  190.             expect(response.headers['Link'].to_s).to include 'activity+json'
  191.           end
  192. 

  193.           it 'returns Vary header' do
  194.             expect(response.headers['Vary']).to eq 'Accept'
  195.           end
  196. 

  197.           it 'returns no Cache-Control header' do
  198.             expect(response.headers).to_not include 'Cache-Control'
  199.           end
  200. 

  201.           it 'renders status' do
  202.             expect(response).to render_template(:show)
  203.             expect(response.body).to include status.text
  204.           end
  205.         end
  206. 

  207.         context 'as JSON' do
  208.           let(:format) { 'json' }
  209. 

  210.           it 'returns http success' do
  211.             expect(response).to have_http_status(200)
  212.           end
  213. 

  214.           it 'returns Link header' do
  215.             expect(response.headers['Link'].to_s).to include 'activity+json'
  216.           end
  217. 

  218.           it 'returns Vary header' do
  219.             expect(response.headers['Vary']).to eq 'Accept'
  220.           end
  221. 

  222.           it 'returns public Cache-Control header' do
  223.             expect(response.headers['Cache-Control']).to include 'public'
  224.           end
  225. 

  226.           it 'returns Content-Type header' do
  227.             expect(response.headers['Content-Type']).to include 'application/activity+json'
  228.           end
  229. 

  230.           it 'renders ActivityPub Note object' do
  231.             json = body_as_json
  232.             expect(json[:content]).to include status.text
  233.           end
  234.         end
  235.       end
  236. 

  237.       context 'when status is private' do
  238.         let(:status) { Fabricate(:status, account: account, visibility: :private) }
  239. 

  240.         context 'when user is authorized to see it' do
  241.           before do
  242.             user.account.follow!(account)
  243.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  244.           end
  245. 

  246.           context 'as HTML' do
  247.             let(:format) { 'html' }
  248. 

  249.             it 'returns http success' do
  250.               expect(response).to have_http_status(200)
  251.             end
  252. 

  253.             it 'returns Link header' do
  254.               expect(response.headers['Link'].to_s).to include 'activity+json'
  255.             end
  256. 

  257.             it 'returns Vary header' do
  258.               expect(response.headers['Vary']).to eq 'Accept'
  259.             end
  260. 

  261.             it 'returns no Cache-Control header' do
  262.               expect(response.headers).to_not include 'Cache-Control'
  263.             end
  264. 

  265.             it 'renders status' do
  266.               expect(response).to render_template(:show)
  267.               expect(response.body).to include status.text
  268.             end
  269.           end
  270. 

  271.           context 'as JSON' do
  272.             let(:format) { 'json' }
  273. 

  274.             it 'returns http success' do
  275.               expect(response).to have_http_status(200)
  276.             end
  277. 

  278.             it 'returns Link header' do
  279.               expect(response.headers['Link'].to_s).to include 'activity+json'
  280.             end
  281. 

  282.             it 'returns Vary header' do
  283.               expect(response.headers['Vary']).to eq 'Accept'
  284.             end
  285. 

  286.             it 'returns private Cache-Control header' do
  287.               expect(response.headers['Cache-Control']).to include 'private'
  288.             end
  289. 

  290.             it 'returns Content-Type header' do
  291.               expect(response.headers['Content-Type']).to include 'application/activity+json'
  292.             end
  293. 

  294.             it 'renders ActivityPub Note object' do
  295.               json = body_as_json
  296.               expect(json[:content]).to include status.text
  297.             end
  298.           end
  299.         end
  300. 

  301.         context 'when user is not authorized to see it' do
  302.           before do
  303.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  304.           end
  305. 

  306.           context 'as JSON' do
  307.             let(:format) { 'json' }
  308. 

  309.             it 'returns http not found' do
  310.               expect(response).to have_http_status(404)
  311.             end
  312.           end
  313. 

  314.           context 'as HTML' do
  315.             let(:format) { 'html' }
  316. 

  317.             it 'returns http not found' do
  318.               expect(response).to have_http_status(404)
  319.             end
  320.           end
  321.         end
  322.       end
  323. 

  324.       context 'when status is direct' do
  325.         let(:status) { Fabricate(:status, account: account, visibility: :direct) }
  326. 

  327.         context 'when user is authorized to see it' do
  328.           before do
  329.             Fabricate(:mention, account: user.account, status: status)
  330.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  331.           end
  332. 

  333.           context 'as HTML' do
  334.             let(:format) { 'html' }
  335. 

  336.             it 'returns http success' do
  337.               expect(response).to have_http_status(200)
  338.             end
  339. 

  340.             it 'returns Link header' do
  341.               expect(response.headers['Link'].to_s).to include 'activity+json'
  342.             end
  343. 

  344.             it 'returns Vary header' do
  345.               expect(response.headers['Vary']).to eq 'Accept'
  346.             end
  347. 

  348.             it 'returns no Cache-Control header' do
  349.               expect(response.headers).to_not include 'Cache-Control'
  350.             end
  351. 

  352.             it 'renders status' do
  353.               expect(response).to render_template(:show)
  354.               expect(response.body).to include status.text
  355.             end
  356.           end
  357. 

  358.           context 'as JSON' do
  359.             let(:format) { 'json' }
  360. 

  361.             it 'returns http success' do
  362.               expect(response).to have_http_status(200)
  363.             end
  364. 

  365.             it 'returns Link header' do
  366.               expect(response.headers['Link'].to_s).to include 'activity+json'
  367.             end
  368. 

  369.             it 'returns Vary header' do
  370.               expect(response.headers['Vary']).to eq 'Accept'
  371.             end
  372. 

  373.             it 'returns private Cache-Control header' do
  374.               expect(response.headers['Cache-Control']).to include 'private'
  375.             end
  376. 

  377.             it 'returns Content-Type header' do
  378.               expect(response.headers['Content-Type']).to include 'application/activity+json'
  379.             end
  380. 

  381.             it 'renders ActivityPub Note object' do
  382.               json = body_as_json
  383.               expect(json[:content]).to include status.text
  384.             end
  385.           end
  386.         end
  387. 

  388.         context 'when user is not authorized to see it' do
  389.           before do
  390.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  391.           end
  392. 

  393.           context 'as JSON' do
  394.             let(:format) { 'json' }
  395. 

  396.             it 'returns http not found' do
  397.               expect(response).to have_http_status(404)
  398.             end
  399.           end
  400. 

  401.           context 'as HTML' do
  402.             let(:format) { 'html' }
  403. 

  404.             it 'returns http not found' do
  405.               expect(response).to have_http_status(404)
  406.             end
  407.           end
  408.         end
  409.       end
  410.     end
  411. 

  412.     context 'with signature' do
  413.       let(:remote_account) { Fabricate(:account, domain: 'example.com') }
  414. 

  415.       before do
  416.         allow(controller).to receive(:signed_request_account).and_return(remote_account)
  417.       end
  418. 

  419.       context 'when account blocks account' do
  420.         before do
  421.           account.block!(remote_account)
  422.           get :show, params: { account_username: status.account.username, id: status.id }
  423.         end
  424. 

  425.         it 'returns http not found' do
  426.           expect(response).to have_http_status(404)
  427.         end
  428.       end
  429. 

  430.       context 'when account domain blocks account' do
  431.         before do
  432.           account.block_domain!(remote_account.domain)
  433.           get :show, params: { account_username: status.account.username, id: status.id }
  434.         end
  435. 

  436.         it 'returns http not found' do
  437.           expect(response).to have_http_status(404)
  438.         end
  439.       end
  440. 

  441.       context 'when status is public' do
  442.         before do
  443.           get :show, params: { account_username: status.account.username, id: status.id, format: format }
  444.         end
  445. 

  446.         context 'as HTML' do
  447.           let(:format) { 'html' }
  448. 

  449.           it 'returns http success' do
  450.             expect(response).to have_http_status(200)
  451.           end
  452. 

  453.           it 'returns Link header' do
  454.             expect(response.headers['Link'].to_s).to include 'activity+json'
  455.           end
  456. 

  457.           it 'returns Vary header' do
  458.             expect(response.headers['Vary']).to eq 'Accept'
  459.           end
  460. 

  461.           it 'returns no Cache-Control header' do
  462.             expect(response.headers).to_not include 'Cache-Control'
  463.           end
  464. 

  465.           it 'renders status' do
  466.             expect(response).to render_template(:show)
  467.             expect(response.body).to include status.text
  468.           end
  469.         end
  470. 

  471.         context 'as JSON' do
  472.           let(:format) { 'json' }
  473. 

  474.           it 'returns http success' do
  475.             expect(response).to have_http_status(200)
  476.           end
  477. 

  478.           it 'returns Link header' do
  479.             expect(response.headers['Link'].to_s).to include 'activity+json'
  480.           end
  481. 

  482.           it 'returns Vary header' do
  483.             expect(response.headers['Vary']).to eq 'Accept'
  484.           end
  485. 

  486.           it_behaves_like 'cachable response'
  487. 

  488.           it 'returns Content-Type header' do
  489.             expect(response.headers['Content-Type']).to include 'application/activity+json'
  490.           end
  491. 

  492.           it 'renders ActivityPub Note object' do
  493.             json = body_as_json
  494.             expect(json[:content]).to include status.text
  495.           end
  496.         end
  497.       end
  498. 

  499.       context 'when status is private' do
  500.         let(:status) { Fabricate(:status, account: account, visibility: :private) }
  501. 

  502.         context 'when user is authorized to see it' do
  503.           before do
  504.             remote_account.follow!(account)
  505.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  506.           end
  507. 

  508.           context 'as HTML' do
  509.             let(:format) { 'html' }
  510. 

  511.             it 'returns http success' do
  512.               expect(response).to have_http_status(200)
  513.             end
  514. 

  515.             it 'returns Link header' do
  516.               expect(response.headers['Link'].to_s).to include 'activity+json'
  517.             end
  518. 

  519.             it 'returns Vary header' do
  520.               expect(response.headers['Vary']).to eq 'Accept'
  521.             end
  522. 

  523.             it 'returns no Cache-Control header' do
  524.               expect(response.headers).to_not include 'Cache-Control'
  525.             end
  526. 

  527.             it 'renders status' do
  528.               expect(response).to render_template(:show)
  529.               expect(response.body).to include status.text
  530.             end
  531.           end
  532. 

  533.           context 'as JSON' do
  534.             let(:format) { 'json' }
  535. 

  536.             it 'returns http success' do
  537.               expect(response).to have_http_status(200)
  538.             end
  539. 

  540.             it 'returns Link header' do
  541.               expect(response.headers['Link'].to_s).to include 'activity+json'
  542.             end
  543. 

  544.             it 'returns Vary header' do
  545.               expect(response.headers['Vary']).to eq 'Accept'
  546.             end
  547. 

  548.             it 'returns private Cache-Control header' do
  549.               expect(response.headers['Cache-Control']).to include 'private'
  550.             end
  551. 

  552.             it 'returns Content-Type header' do
  553.               expect(response.headers['Content-Type']).to include 'application/activity+json'
  554.             end
  555. 

  556.             it 'renders ActivityPub Note object' do
  557.               json = body_as_json
  558.               expect(json[:content]).to include status.text
  559.             end
  560.           end
  561.         end
  562. 

  563.         context 'when user is not authorized to see it' do
  564.           before do
  565.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  566.           end
  567. 

  568.           context 'as JSON' do
  569.             let(:format) { 'json' }
  570. 

  571.             it 'returns http not found' do
  572.               expect(response).to have_http_status(404)
  573.             end
  574.           end
  575. 

  576.           context 'as HTML' do
  577.             let(:format) { 'html' }
  578. 

  579.             it 'returns http not found' do
  580.               expect(response).to have_http_status(404)
  581.             end
  582.           end
  583.         end
  584.       end
  585. 

  586.       context 'when status is direct' do
  587.         let(:status) { Fabricate(:status, account: account, visibility: :direct) }
  588. 

  589.         context 'when user is authorized to see it' do
  590.           before do
  591.             Fabricate(:mention, account: remote_account, status: status)
  592.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  593.           end
  594. 

  595.           context 'as HTML' do
  596.             let(:format) { 'html' }
  597. 

  598.             it 'returns http success' do
  599.               expect(response).to have_http_status(200)
  600.             end
  601. 

  602.             it 'returns Link header' do
  603.               expect(response.headers['Link'].to_s).to include 'activity+json'
  604.             end
  605. 

  606.             it 'returns Vary header' do
  607.               expect(response.headers['Vary']).to eq 'Accept'
  608.             end
  609. 

  610.             it 'returns no Cache-Control header' do
  611.               expect(response.headers).to_not include 'Cache-Control'
  612.             end
  613. 

  614.             it 'renders status' do
  615.               expect(response).to render_template(:show)
  616.               expect(response.body).to include status.text
  617.             end
  618.           end
  619. 

  620.           context 'as JSON' do
  621.             let(:format) { 'json' }
  622. 

  623.             it 'returns http success' do
  624.               expect(response).to have_http_status(200)
  625.             end
  626. 

  627.             it 'returns Link header' do
  628.               expect(response.headers['Link'].to_s).to include 'activity+json'
  629.             end
  630. 

  631.             it 'returns Vary header' do
  632.               expect(response.headers['Vary']).to eq 'Accept'
  633.             end
  634. 

  635.             it 'returns private Cache-Control header' do
  636.               expect(response.headers['Cache-Control']).to include 'private'
  637.             end
  638. 

  639.             it 'returns Content-Type header' do
  640.               expect(response.headers['Content-Type']).to include 'application/activity+json'
  641.             end
  642. 

  643.             it 'renders ActivityPub Note object' do
  644.               json = body_as_json
  645.               expect(json[:content]).to include status.text
  646.             end
  647.           end
  648.         end
  649. 

  650.         context 'when user is not authorized to see it' do
  651.           before do
  652.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  653.           end
  654. 

  655.           context 'as JSON' do
  656.             let(:format) { 'json' }
  657. 

  658.             it 'returns http not found' do
  659.               expect(response).to have_http_status(404)
  660.             end
  661.           end
  662. 

  663.           context 'as HTML' do
  664.             let(:format) { 'html' }
  665. 

  666.             it 'returns http not found' do
  667.               expect(response).to have_http_status(404)
  668.             end
  669.           end
  670.         end
  671.       end
  672.     end
  673.   end
  674. 

  675.   describe 'GET #activity' do
  676.     let(:account) { Fabricate(:account) }
  677.     let(:status)  { Fabricate(:status, account: account) }
  678. 

  679.     context 'when account is suspended' do
  680.       let(:account) { Fabricate(:account, suspended: true) }
  681. 

  682.       before do
  683.         get :activity, params: { account_username: account.username, id: status.id }
  684.       end
  685. 

  686.       it 'returns http gone' do
  687.         expect(response).to have_http_status(410)
  688.       end
  689.     end
  690. 

  691.     context 'when status is public' do
  692.       pending
  693.     end
  694. 

  695.     context 'when status is private' do
  696.       pending
  697.     end
  698. 

  699.     context 'when status is direct' do
  700.       pending
  701.     end
  702. 

  703.     context 'when signed-in' do
  704.       context 'when status is public' do
  705.         pending
  706.       end
  707. 

  708.       context 'when status is private' do
  709.         context 'when user is authorized to see it' do
  710.           pending
  711.         end
  712. 

  713.         context 'when user is not authorized to see it' do
  714.           pending
  715.         end
  716.       end
  717. 

  718.       context 'when status is direct' do
  719.         context 'when user is authorized to see it' do
  720.           pending
  721.         end
  722. 

  723.         context 'when user is not authorized to see it' do
  724.           pending
  725.         end
  726.       end
  727.     end
  728. 

  729.     context 'with signature' do
  730.       context 'when status is public' do
  731.         pending
  732.       end
  733. 

  734.       context 'when status is private' do
  735.         context 'when user is authorized to see it' do
  736.           pending
  737.         end
  738. 

  739.         context 'when user is not authorized to see it' do
  740.           pending
  741.         end
  742.       end
  743. 

  744.       context 'when status is direct' do
  745.         context 'when user is authorized to see it' do
  746.           pending
  747.         end
  748. 

  749.         context 'when user is not authorized to see it' do
  750.           pending
  751.         end
  752.       end
  753.     end
  754.   end
  755. 

  756.   describe 'GET #embed' do
  757.     let(:account) { Fabricate(:account) }
  758.     let(:status)  { Fabricate(:status, account: account) }
  759. 

  760.     context 'when account is suspended' do
  761.       let(:account) { Fabricate(:account, suspended: true) }
  762. 

  763.       before do
  764.         get :embed, params: { account_username: account.username, id: status.id }
  765.       end
  766. 

  767.       it 'returns http gone' do
  768.         expect(response).to have_http_status(410)
  769.       end
  770.     end
  771. 

  772.     context 'when status is a reblog' do
  773.       let(:original_account) { Fabricate(:account, domain: 'example.com') }
  774.       let(:original_status) { Fabricate(:status, account: original_account, url: 'https://example.com/123') }
  775.       let(:status) { Fabricate(:status, account: account, reblog: original_status) }
  776. 

  777.       before do
  778.         get :embed, params: { account_username: status.account.username, id: status.id }
  779.       end
  780. 

  781.       it 'returns http not found' do
  782.         expect(response).to have_http_status(404)
  783.       end
  784.     end
  785. 

  786.     context 'when status is public' do
  787.       before do
  788.         get :embed, params: { account_username: status.account.username, id: status.id }
  789.       end
  790. 

  791.       it 'returns http success' do
  792.         expect(response).to have_http_status(200)
  793.       end
  794. 

  795.       it 'returns Link header' do
  796.         expect(response.headers['Link'].to_s).to include 'activity+json'
  797.       end
  798. 

  799.       it 'returns Vary header' do
  800.         expect(response.headers['Vary']).to eq 'Accept'
  801.       end
  802. 

  803.       it 'returns public Cache-Control header' do
  804.         expect(response.headers['Cache-Control']).to include 'public'
  805.       end
  806. 

  807.       it 'renders status' do
  808.         expect(response).to render_template(:embed)
  809.         expect(response.body).to include status.text
  810.       end
  811.     end
  812. 

  813.     context 'when status is private' do
  814.       let(:status) { Fabricate(:status, account: account, visibility: :private) }
  815. 

  816.       before do
  817.         get :embed, params: { account_username: status.account.username, id: status.id }
  818.       end
  819. 

  820.       it 'returns http not found' do
  821.         expect(response).to have_http_status(404)
  822.       end
  823.     end
  824. 

  825.     context 'when status is direct' do
  826.       let(:status) { Fabricate(:status, account: account, visibility: :direct) }
  827. 

  828.       before do
  829.         get :embed, params: { account_username: status.account.username, id: status.id }
  830.       end
  831. 

  832.       it 'returns http not found' do
  833.         expect(response).to have_http_status(404)
  834.       end
  835.     end
  836.   end
  837. end