closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8800 Commits
4 Branches
567 MiB
Tree: 988b0493fe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '988b0493fe'
${ noResults }
mastodon/spec/controllers/statuses_controller_spec.rb

826 lines
23 KiB
Raw Normal View History

More coverage yes more even more (#2627) * Add coverage for admin/confirmations controller * Coverage for statuses controller show action * Add coverage for admin/domain_blocks controller * Add coverage for settings/profiles#update
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
More coverage yes more even more (#2627) * Add coverage for admin/confirmations controller * Coverage for statuses controller show action * Add coverage for admin/domain_blocks controller * Add coverage for settings/profiles#update
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Fetch reblogs as Announce activity instead of Note object (#4672) * Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Fetch reblogs as Announce activity instead of Note object (#4672) * Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Fetch reblogs as Announce activity instead of Note object (#4672) * Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Paginate descendant statuses in public page (#7148)
6 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Use raw status code on have_http_status (#7214)
6 years ago
Cover StatusesController more (#3259)
7 years ago
Add more tests for ActivityPub controllers (#13585)
4 years ago
Cover StatusesController more (#3259)
7 years ago
More coverage yes more even more (#2627) * Add coverage for admin/confirmations controller * Coverage for statuses controller show action * Add coverage for admin/domain_blocks controller * Add coverage for settings/profiles#update
7 years ago
 
  1. # frozen_string_literal: true
  2. 

  3. require 'rails_helper'
  4. 

  5. describe StatusesController do
  6.   render_views
  7. 

  8.   describe 'GET #show' do
  9.     let(:account) { Fabricate(:account) }
  10.     let(:status)  { Fabricate(:status, account: account) }
  11. 

  12.     context 'when account is suspended' do
  13.       let(:account) { Fabricate(:account, suspended: true) }
  14. 

  15.       before do
  16.         get :show, params: { account_username: account.username, id: status.id }
  17.       end
  18. 

  19.       it 'returns http gone' do
  20.         expect(response).to have_http_status(410)
  21.       end
  22.     end
  23. 

  24.     context 'when status is a reblog' do
  25.       let(:original_account) { Fabricate(:account, domain: 'example.com') }
  26.       let(:original_status) { Fabricate(:status, account: original_account, url: 'https://example.com/123') }
  27.       let(:status) { Fabricate(:status, account: account, reblog: original_status) }
  28. 

  29.       before do
  30.         get :show, params: { account_username: status.account.username, id: status.id }
  31.       end
  32. 

  33.       it 'redirects to the original status' do
  34.         expect(response).to redirect_to(original_status.url)
  35.       end
  36.     end
  37. 

  38.     context 'when status is public' do
  39.       before do
  40.         get :show, params: { account_username: status.account.username, id: status.id, format: format }
  41.       end
  42. 

  43.       context 'as HTML' do
  44.         let(:format) { 'html' }
  45. 

  46.         it 'returns http success' do
  47.           expect(response).to have_http_status(200)
  48.         end
  49. 

  50.         it 'returns Link header' do
  51.           expect(response.headers['Link'].to_s).to include 'activity+json'
  52.         end
  53. 

  54.         it 'returns Vary header' do
  55.           expect(response.headers['Vary']).to eq 'Accept'
  56.         end
  57. 

  58.         it 'returns public Cache-Control header' do
  59.           expect(response.headers['Cache-Control']).to include 'public'
  60.         end
  61. 

  62.         it 'renders status' do
  63.           expect(response).to render_template(:show)
  64.           expect(response.body).to include status.text
  65.         end
  66.       end
  67. 

  68.       context 'as JSON' do
  69.         let(:format) { 'json' }
  70. 

  71.         it 'returns http success' do
  72.           expect(response).to have_http_status(200)
  73.         end
  74. 

  75.         it 'returns Link header' do
  76.           expect(response.headers['Link'].to_s).to include 'activity+json'
  77.         end
  78. 

  79.         it 'returns Vary header' do
  80.           expect(response.headers['Vary']).to eq 'Accept'
  81.         end
  82. 

  83.         it 'returns public Cache-Control header' do
  84.           expect(response.headers['Cache-Control']).to include 'public'
  85.         end
  86. 

  87.         it 'returns Content-Type header' do
  88.           expect(response.headers['Content-Type']).to include 'application/activity+json'
  89.         end
  90. 

  91.         it 'renders ActivityPub Note object' do
  92.           json = body_as_json
  93.           expect(json[:content]).to include status.text
  94.         end
  95.       end
  96.     end
  97. 

  98.     context 'when status is private' do
  99.       let(:status) { Fabricate(:status, account: account, visibility: :private) }
  100. 

  101.       before do
  102.         get :show, params: { account_username: status.account.username, id: status.id, format: format }
  103.       end
  104. 

  105.       context 'as JSON' do
  106.         let(:format) { 'json' }
  107. 

  108.         it 'returns http not found' do
  109.           expect(response).to have_http_status(404)
  110.         end
  111.       end
  112. 

  113.       context 'as HTML' do
  114.         let(:format) { 'html' }
  115. 

  116.         it 'returns http not found' do
  117.           expect(response).to have_http_status(404)
  118.         end
  119.       end
  120.     end
  121. 

  122.     context 'when status is direct' do
  123.       let(:status) { Fabricate(:status, account: account, visibility: :direct) }
  124. 

  125.       before do
  126.         get :show, params: { account_username: status.account.username, id: status.id, format: format }
  127.       end
  128. 

  129.       context 'as JSON' do
  130.         let(:format) { 'json' }
  131. 

  132.         it 'returns http not found' do
  133.           expect(response).to have_http_status(404)
  134.         end
  135.       end
  136. 

  137.       context 'as HTML' do
  138.         let(:format) { 'html' }
  139. 

  140.         it 'returns http not found' do
  141.           expect(response).to have_http_status(404)
  142.         end
  143.       end
  144.     end
  145. 

  146.     context 'when signed-in' do
  147.       let(:user) { Fabricate(:user) }
  148. 

  149.       before do
  150.         sign_in(user)
  151.       end
  152. 

  153.       context 'when account blocks user' do
  154.         before do
  155.           account.block!(user.account)
  156.           get :show, params: { account_username: status.account.username, id: status.id }
  157.         end
  158. 

  159.         it 'returns http not found' do
  160.           expect(response).to have_http_status(404)
  161.         end
  162.       end
  163. 

  164.       context 'when status is public' do
  165.         before do
  166.           get :show, params: { account_username: status.account.username, id: status.id, format: format }
  167.         end
  168. 

  169.         context 'as HTML' do
  170.           let(:format) { 'html' }
  171. 

  172.           it 'returns http success' do
  173.             expect(response).to have_http_status(200)
  174.           end
  175. 

  176.           it 'returns Link header' do
  177.             expect(response.headers['Link'].to_s).to include 'activity+json'
  178.           end
  179. 

  180.           it 'returns Vary header' do
  181.             expect(response.headers['Vary']).to eq 'Accept'
  182.           end
  183. 

  184.           it 'returns no Cache-Control header' do
  185.             expect(response.headers).to_not include 'Cache-Control'
  186.           end
  187. 

  188.           it 'renders status' do
  189.             expect(response).to render_template(:show)
  190.             expect(response.body).to include status.text
  191.           end
  192.         end
  193. 

  194.         context 'as JSON' do
  195.           let(:format) { 'json' }
  196. 

  197.           it 'returns http success' do
  198.             expect(response).to have_http_status(200)
  199.           end
  200. 

  201.           it 'returns Link header' do
  202.             expect(response.headers['Link'].to_s).to include 'activity+json'
  203.           end
  204. 

  205.           it 'returns Vary header' do
  206.             expect(response.headers['Vary']).to eq 'Accept'
  207.           end
  208. 

  209.           it 'returns public Cache-Control header' do
  210.             expect(response.headers['Cache-Control']).to include 'public'
  211.           end
  212. 

  213.           it 'returns Content-Type header' do
  214.             expect(response.headers['Content-Type']).to include 'application/activity+json'
  215.           end
  216. 

  217.           it 'renders ActivityPub Note object' do
  218.             json = body_as_json
  219.             expect(json[:content]).to include status.text
  220.           end
  221.         end
  222.       end
  223. 

  224.       context 'when status is private' do
  225.         let(:status) { Fabricate(:status, account: account, visibility: :private) }
  226. 

  227.         context 'when user is authorized to see it' do
  228.           before do
  229.             user.account.follow!(account)
  230.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  231.           end
  232. 

  233.           context 'as HTML' do
  234.             let(:format) { 'html' }
  235. 

  236.             it 'returns http success' do
  237.               expect(response).to have_http_status(200)
  238.             end
  239. 

  240.             it 'returns Link header' do
  241.               expect(response.headers['Link'].to_s).to include 'activity+json'
  242.             end
  243. 

  244.             it 'returns Vary header' do
  245.               expect(response.headers['Vary']).to eq 'Accept'
  246.             end
  247. 

  248.             it 'returns no Cache-Control header' do
  249.               expect(response.headers).to_not include 'Cache-Control'
  250.             end
  251. 

  252.             it 'renders status' do
  253.               expect(response).to render_template(:show)
  254.               expect(response.body).to include status.text
  255.             end
  256.           end
  257. 

  258.           context 'as JSON' do
  259.             let(:format) { 'json' }
  260. 

  261.             it 'returns http success' do
  262.               expect(response).to have_http_status(200)
  263.             end
  264. 

  265.             it 'returns Link header' do
  266.               expect(response.headers['Link'].to_s).to include 'activity+json'
  267.             end
  268. 

  269.             it 'returns Vary header' do
  270.               expect(response.headers['Vary']).to eq 'Accept'
  271.             end
  272. 

  273.             it 'returns private Cache-Control header' do
  274.               expect(response.headers['Cache-Control']).to include 'private'
  275.             end
  276. 

  277.             it 'returns Content-Type header' do
  278.               expect(response.headers['Content-Type']).to include 'application/activity+json'
  279.             end
  280. 

  281.             it 'renders ActivityPub Note object' do
  282.               json = body_as_json
  283.               expect(json[:content]).to include status.text
  284.             end
  285.           end
  286.         end
  287. 

  288.         context 'when user is not authorized to see it' do
  289.           before do
  290.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  291.           end
  292. 

  293.           context 'as JSON' do
  294.             let(:format) { 'json' }
  295. 

  296.             it 'returns http not found' do
  297.               expect(response).to have_http_status(404)
  298.             end
  299.           end
  300. 

  301.           context 'as HTML' do
  302.             let(:format) { 'html' }
  303. 

  304.             it 'returns http not found' do
  305.               expect(response).to have_http_status(404)
  306.             end
  307.           end
  308.         end
  309.       end
  310. 

  311.       context 'when status is direct' do
  312.         let(:status) { Fabricate(:status, account: account, visibility: :direct) }
  313. 

  314.         context 'when user is authorized to see it' do
  315.           before do
  316.             Fabricate(:mention, account: user.account, status: status)
  317.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  318.           end
  319. 

  320.           context 'as HTML' do
  321.             let(:format) { 'html' }
  322. 

  323.             it 'returns http success' do
  324.               expect(response).to have_http_status(200)
  325.             end
  326. 

  327.             it 'returns Link header' do
  328.               expect(response.headers['Link'].to_s).to include 'activity+json'
  329.             end
  330. 

  331.             it 'returns Vary header' do
  332.               expect(response.headers['Vary']).to eq 'Accept'
  333.             end
  334. 

  335.             it 'returns no Cache-Control header' do
  336.               expect(response.headers).to_not include 'Cache-Control'
  337.             end
  338. 

  339.             it 'renders status' do
  340.               expect(response).to render_template(:show)
  341.               expect(response.body).to include status.text
  342.             end
  343.           end
  344. 

  345.           context 'as JSON' do
  346.             let(:format) { 'json' }
  347. 

  348.             it 'returns http success' do
  349.               expect(response).to have_http_status(200)
  350.             end
  351. 

  352.             it 'returns Link header' do
  353.               expect(response.headers['Link'].to_s).to include 'activity+json'
  354.             end
  355. 

  356.             it 'returns Vary header' do
  357.               expect(response.headers['Vary']).to eq 'Accept'
  358.             end
  359. 

  360.             it 'returns private Cache-Control header' do
  361.               expect(response.headers['Cache-Control']).to include 'private'
  362.             end
  363. 

  364.             it 'returns Content-Type header' do
  365.               expect(response.headers['Content-Type']).to include 'application/activity+json'
  366.             end
  367. 

  368.             it 'renders ActivityPub Note object' do
  369.               json = body_as_json
  370.               expect(json[:content]).to include status.text
  371.             end
  372.           end
  373.         end
  374. 

  375.         context 'when user is not authorized to see it' do
  376.           before do
  377.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  378.           end
  379. 

  380.           context 'as JSON' do
  381.             let(:format) { 'json' }
  382. 

  383.             it 'returns http not found' do
  384.               expect(response).to have_http_status(404)
  385.             end
  386.           end
  387. 

  388.           context 'as HTML' do
  389.             let(:format) { 'html' }
  390. 

  391.             it 'returns http not found' do
  392.               expect(response).to have_http_status(404)
  393.             end
  394.           end
  395.         end
  396.       end
  397.     end
  398. 

  399.     context 'with signature' do
  400.       let(:remote_account) { Fabricate(:account, domain: 'example.com') }
  401. 

  402.       before do
  403.         allow(controller).to receive(:signed_request_account).and_return(remote_account)
  404.       end
  405. 

  406.       context 'when account blocks account' do
  407.         before do
  408.           account.block!(remote_account)
  409.           get :show, params: { account_username: status.account.username, id: status.id }
  410.         end
  411. 

  412.         it 'returns http not found' do
  413.           expect(response).to have_http_status(404)
  414.         end
  415.       end
  416. 

  417.       context 'when account domain blocks account' do
  418.         before do
  419.           account.block_domain!(remote_account.domain)
  420.           get :show, params: { account_username: status.account.username, id: status.id }
  421.         end
  422. 

  423.         it 'returns http not found' do
  424.           expect(response).to have_http_status(404)
  425.         end
  426.       end
  427. 

  428.       context 'when status is public' do
  429.         before do
  430.           get :show, params: { account_username: status.account.username, id: status.id, format: format }
  431.         end
  432. 

  433.         context 'as HTML' do
  434.           let(:format) { 'html' }
  435. 

  436.           it 'returns http success' do
  437.             expect(response).to have_http_status(200)
  438.           end
  439. 

  440.           it 'returns Link header' do
  441.             expect(response.headers['Link'].to_s).to include 'activity+json'
  442.           end
  443. 

  444.           it 'returns Vary header' do
  445.             expect(response.headers['Vary']).to eq 'Accept'
  446.           end
  447. 

  448.           it 'returns no Cache-Control header' do
  449.             expect(response.headers).to_not include 'Cache-Control'
  450.           end
  451. 

  452.           it 'renders status' do
  453.             expect(response).to render_template(:show)
  454.             expect(response.body).to include status.text
  455.           end
  456.         end
  457. 

  458.         context 'as JSON' do
  459.           let(:format) { 'json' }
  460. 

  461.           it 'returns http success' do
  462.             expect(response).to have_http_status(200)
  463.           end
  464. 

  465.           it 'returns Link header' do
  466.             expect(response.headers['Link'].to_s).to include 'activity+json'
  467.           end
  468. 

  469.           it 'returns Vary header' do
  470.             expect(response.headers['Vary']).to eq 'Accept'
  471.           end
  472. 

  473.           it 'returns public Cache-Control header' do
  474.             expect(response.headers['Cache-Control']).to include 'public'
  475.           end
  476. 

  477.           it 'returns Content-Type header' do
  478.             expect(response.headers['Content-Type']).to include 'application/activity+json'
  479.           end
  480. 

  481.           it 'renders ActivityPub Note object' do
  482.             json = body_as_json
  483.             expect(json[:content]).to include status.text
  484.           end
  485.         end
  486.       end
  487. 

  488.       context 'when status is private' do
  489.         let(:status) { Fabricate(:status, account: account, visibility: :private) }
  490. 

  491.         context 'when user is authorized to see it' do
  492.           before do
  493.             remote_account.follow!(account)
  494.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  495.           end
  496. 

  497.           context 'as HTML' do
  498.             let(:format) { 'html' }
  499. 

  500.             it 'returns http success' do
  501.               expect(response).to have_http_status(200)
  502.             end
  503. 

  504.             it 'returns Link header' do
  505.               expect(response.headers['Link'].to_s).to include 'activity+json'
  506.             end
  507. 

  508.             it 'returns Vary header' do
  509.               expect(response.headers['Vary']).to eq 'Accept'
  510.             end
  511. 

  512.             it 'returns no Cache-Control header' do
  513.               expect(response.headers).to_not include 'Cache-Control'
  514.             end
  515. 

  516.             it 'renders status' do
  517.               expect(response).to render_template(:show)
  518.               expect(response.body).to include status.text
  519.             end
  520.           end
  521. 

  522.           context 'as JSON' do
  523.             let(:format) { 'json' }
  524. 

  525.             it 'returns http success' do
  526.               expect(response).to have_http_status(200)
  527.             end
  528. 

  529.             it 'returns Link header' do
  530.               expect(response.headers['Link'].to_s).to include 'activity+json'
  531.             end
  532. 

  533.             it 'returns Vary header' do
  534.               expect(response.headers['Vary']).to eq 'Accept'
  535.             end
  536. 

  537.             it 'returns private Cache-Control header' do
  538.               expect(response.headers['Cache-Control']).to include 'private'
  539.             end
  540. 

  541.             it 'returns Content-Type header' do
  542.               expect(response.headers['Content-Type']).to include 'application/activity+json'
  543.             end
  544. 

  545.             it 'renders ActivityPub Note object' do
  546.               json = body_as_json
  547.               expect(json[:content]).to include status.text
  548.             end
  549.           end
  550.         end
  551. 

  552.         context 'when user is not authorized to see it' do
  553.           before do
  554.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  555.           end
  556. 

  557.           context 'as JSON' do
  558.             let(:format) { 'json' }
  559. 

  560.             it 'returns http not found' do
  561.               expect(response).to have_http_status(404)
  562.             end
  563.           end
  564. 

  565.           context 'as HTML' do
  566.             let(:format) { 'html' }
  567. 

  568.             it 'returns http not found' do
  569.               expect(response).to have_http_status(404)
  570.             end
  571.           end
  572.         end
  573.       end
  574. 

  575.       context 'when status is direct' do
  576.         let(:status) { Fabricate(:status, account: account, visibility: :direct) }
  577. 

  578.         context 'when user is authorized to see it' do
  579.           before do
  580.             Fabricate(:mention, account: remote_account, status: status)
  581.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  582.           end
  583. 

  584.           context 'as HTML' do
  585.             let(:format) { 'html' }
  586. 

  587.             it 'returns http success' do
  588.               expect(response).to have_http_status(200)
  589.             end
  590. 

  591.             it 'returns Link header' do
  592.               expect(response.headers['Link'].to_s).to include 'activity+json'
  593.             end
  594. 

  595.             it 'returns Vary header' do
  596.               expect(response.headers['Vary']).to eq 'Accept'
  597.             end
  598. 

  599.             it 'returns no Cache-Control header' do
  600.               expect(response.headers).to_not include 'Cache-Control'
  601.             end
  602. 

  603.             it 'renders status' do
  604.               expect(response).to render_template(:show)
  605.               expect(response.body).to include status.text
  606.             end
  607.           end
  608. 

  609.           context 'as JSON' do
  610.             let(:format) { 'json' }
  611. 

  612.             it 'returns http success' do
  613.               expect(response).to have_http_status(200)
  614.             end
  615. 

  616.             it 'returns Link header' do
  617.               expect(response.headers['Link'].to_s).to include 'activity+json'
  618.             end
  619. 

  620.             it 'returns Vary header' do
  621.               expect(response.headers['Vary']).to eq 'Accept'
  622.             end
  623. 

  624.             it 'returns private Cache-Control header' do
  625.               expect(response.headers['Cache-Control']).to include 'private'
  626.             end
  627. 

  628.             it 'returns Content-Type header' do
  629.               expect(response.headers['Content-Type']).to include 'application/activity+json'
  630.             end
  631. 

  632.             it 'renders ActivityPub Note object' do
  633.               json = body_as_json
  634.               expect(json[:content]).to include status.text
  635.             end
  636.           end
  637.         end
  638. 

  639.         context 'when user is not authorized to see it' do
  640.           before do
  641.             get :show, params: { account_username: status.account.username, id: status.id, format: format }
  642.           end
  643. 

  644.           context 'as JSON' do
  645.             let(:format) { 'json' }
  646. 

  647.             it 'returns http not found' do
  648.               expect(response).to have_http_status(404)
  649.             end
  650.           end
  651. 

  652.           context 'as HTML' do
  653.             let(:format) { 'html' }
  654. 

  655.             it 'returns http not found' do
  656.               expect(response).to have_http_status(404)
  657.             end
  658.           end
  659.         end
  660.       end
  661.     end
  662.   end
  663. 

  664.   describe 'GET #activity' do
  665.     let(:account) { Fabricate(:account) }
  666.     let(:status)  { Fabricate(:status, account: account) }
  667. 

  668.     context 'when account is suspended' do
  669.       let(:account) { Fabricate(:account, suspended: true) }
  670. 

  671.       before do
  672.         get :activity, params: { account_username: account.username, id: status.id }
  673.       end
  674. 

  675.       it 'returns http gone' do
  676.         expect(response).to have_http_status(410)
  677.       end
  678.     end
  679. 

  680.     context 'when status is public' do
  681.       pending
  682.     end
  683. 

  684.     context 'when status is private' do
  685.       pending
  686.     end
  687. 

  688.     context 'when status is direct' do
  689.       pending
  690.     end
  691. 

  692.     context 'when signed-in' do
  693.       context 'when status is public' do
  694.         pending
  695.       end
  696. 

  697.       context 'when status is private' do
  698.         context 'when user is authorized to see it' do
  699.           pending
  700.         end
  701. 

  702.         context 'when user is not authorized to see it' do
  703.           pending
  704.         end
  705.       end
  706. 

  707.       context 'when status is direct' do
  708.         context 'when user is authorized to see it' do
  709.           pending
  710.         end
  711. 

  712.         context 'when user is not authorized to see it' do
  713.           pending
  714.         end
  715.       end
  716.     end
  717. 

  718.     context 'with signature' do
  719.       context 'when status is public' do
  720.         pending
  721.       end
  722. 

  723.       context 'when status is private' do
  724.         context 'when user is authorized to see it' do
  725.           pending
  726.         end
  727. 

  728.         context 'when user is not authorized to see it' do
  729.           pending
  730.         end
  731.       end
  732. 

  733.       context 'when status is direct' do
  734.         context 'when user is authorized to see it' do
  735.           pending
  736.         end
  737. 

  738.         context 'when user is not authorized to see it' do
  739.           pending
  740.         end
  741.       end
  742.     end
  743.   end
  744. 

  745.   describe 'GET #embed' do
  746.     let(:account) { Fabricate(:account) }
  747.     let(:status)  { Fabricate(:status, account: account) }
  748. 

  749.     context 'when account is suspended' do
  750.       let(:account) { Fabricate(:account, suspended: true) }
  751. 

  752.       before do
  753.         get :embed, params: { account_username: account.username, id: status.id }
  754.       end
  755. 

  756.       it 'returns http gone' do
  757.         expect(response).to have_http_status(410)
  758.       end
  759.     end
  760. 

  761.     context 'when status is a reblog' do
  762.       let(:original_account) { Fabricate(:account, domain: 'example.com') }
  763.       let(:original_status) { Fabricate(:status, account: original_account, url: 'https://example.com/123') }
  764.       let(:status) { Fabricate(:status, account: account, reblog: original_status) }
  765. 

  766.       before do
  767.         get :embed, params: { account_username: status.account.username, id: status.id }
  768.       end
  769. 

  770.       it 'returns http not found' do
  771.         expect(response).to have_http_status(404)
  772.       end
  773.     end
  774. 

  775.     context 'when status is public' do
  776.       before do
  777.         get :embed, params: { account_username: status.account.username, id: status.id }
  778.       end
  779. 

  780.       it 'returns http success' do
  781.         expect(response).to have_http_status(200)
  782.       end
  783. 

  784.       it 'returns Link header' do
  785.         expect(response.headers['Link'].to_s).to include 'activity+json'
  786.       end
  787. 

  788.       it 'returns Vary header' do
  789.         expect(response.headers['Vary']).to eq 'Accept'
  790.       end
  791. 

  792.       it 'returns public Cache-Control header' do
  793.         expect(response.headers['Cache-Control']).to include 'public'
  794.       end
  795. 

  796.       it 'renders status' do
  797.         expect(response).to render_template(:embed)
  798.         expect(response.body).to include status.text
  799.       end
  800.     end
  801. 

  802.     context 'when status is private' do
  803.       let(:status) { Fabricate(:status, account: account, visibility: :private) }
  804. 

  805.       before do
  806.         get :embed, params: { account_username: status.account.username, id: status.id }
  807.       end
  808. 

  809.       it 'returns http not found' do
  810.         expect(response).to have_http_status(404)
  811.       end
  812.     end
  813. 

  814.     context 'when status is direct' do
  815.       let(:status) { Fabricate(:status, account: account, visibility: :direct) }
  816. 

  817.       before do
  818.         get :embed, params: { account_username: status.account.username, id: status.id }
  819.       end
  820. 

  821.       it 'returns http not found' do
  822.         expect(response).to have_http_status(404)
  823.       end
  824.     end
  825.   end
  826. end