added tests for OstatusController

2019-07-29 05:02:20 +00:00 · 2019-07-29 05:02:20 +00:00 · 159bbec570
parent b38d21060e
commit 159bbec570
2 changed files with 585 additions and 215 deletions
--- a/lib/pleroma/web/ostatus/ostatus_controller.ex
+++ b/lib/pleroma/web/ostatus/ostatus_controller.ex
@ -5,6 +5,7 @@
 defmodule Pleroma.Web.OStatus.OStatusController do
  use Pleroma.Web, :controller

+  alias Fallback.RedirectController
  alias Pleroma.Activity
  alias Pleroma.Object
  alias Pleroma.User
@ -12,42 +13,44 @@ defmodule Pleroma.Web.OStatus.OStatusController do
  alias Pleroma.Web.ActivityPub.ActivityPubController
  alias Pleroma.Web.ActivityPub.ObjectView
  alias Pleroma.Web.ActivityPub.Visibility
+  alias Pleroma.Web.Endpoint
  alias Pleroma.Web.Federator
+  alias Pleroma.Web.Metadata.PlayerView
  alias Pleroma.Web.OStatus
  alias Pleroma.Web.OStatus.ActivityRepresenter
  alias Pleroma.Web.OStatus.FeedRepresenter
+  alias Pleroma.Web.Router
  alias Pleroma.Web.XML

  plug(Pleroma.Web.FederatingPlug when action in [:salmon_incoming])

+  plug(
+    Pleroma.Plugs.SetFormatPlug
+    when action in [:feed_redirect, :object, :activity, :notice]
+  )
+
  action_fallback(:errors)

+  def feed_redirect(%{assigns: %{format: "html"}} = conn, %{"nickname" => nickname}) do
+    with {_, %User{} = user} <-
+           {:fetch_user, User.get_cached_by_nickname_or_id(nickname)} do
+      RedirectController.redirector_with_meta(conn, %{user: user})
+    end
+  end
+
+  def feed_redirect(%{assigns: %{format: format}} = conn, _params)
+      when format in ["json", "activity+json"] do
+    ActivityPubController.call(conn, :user)
+  end
+
  def feed_redirect(conn, %{"nickname" => nickname}) do
-    case get_format(conn) do
-      "html" ->
-        with %User{} = user <- User.get_cached_by_nickname_or_id(nickname) do
-          Fallback.RedirectController.redirector_with_meta(conn, %{user: user})
-        else
-          nil -> {:error, :not_found}
-        end
-
-      "activity+json" ->
-        ActivityPubController.call(conn, :user)
-
-      "json" ->
-        ActivityPubController.call(conn, :user)
-
-      _ ->
-        with %User{} = user <- User.get_cached_by_nickname(nickname) do
-          redirect(conn, external: OStatus.feed_path(user))
-        else
-          nil -> {:error, :not_found}
-        end
+    with {_, %User{} = user} <- {:fetch_user, User.get_cached_by_nickname(nickname)} do
+      redirect(conn, external: OStatus.feed_path(user))
    end
  end

  def feed(conn, %{"nickname" => nickname} = params) do
-    with %User{} = user <- User.get_cached_by_nickname(nickname) do
+    with {_, %User{} = user} <- {:fetch_user, User.get_cached_by_nickname(nickname)} do
      query_params =
        Map.take(params, ["max_id"])
        |> Map.merge(%{"whole_db" => true, "actor_id" => user.ap_id})
@ -65,8 +68,6 @@ defmodule Pleroma.Web.OStatus.OStatusController do
      conn
      |> put_resp_content_type("application/atom+xml")
      |> send_resp(200, response)
-    else
-      nil -> {:error, :not_found}
    end
  end

@ -97,93 +98,82 @@ defmodule Pleroma.Web.OStatus.OStatusController do
    |> send_resp(200, "")
  end

-  def object(conn, %{"uuid" => uuid}) do
-    if get_format(conn) in ["activity+json", "json"] do
-      ActivityPubController.call(conn, :object)
-    else
-      with id <- o_status_url(conn, :object, uuid),
-           {_, %Activity{} = activity} <-
-             {:activity, Activity.get_create_by_object_ap_id_with_object(id)},
-           {_, true} <- {:public?, Visibility.is_public?(activity)},
-           %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
-        case get_format(conn) do
-          "html" -> redirect(conn, to: "/notice/#{activity.id}")
-          _ -> represent_activity(conn, nil, activity, user)
-        end
-      else
-        {:public?, false} ->
-          {:error, :not_found}
+  def object(%{assigns: %{format: format}} = conn, %{"uuid" => _uuid})
+      when format in ["json", "activity+json"] do
+    ActivityPubController.call(conn, :object)
+  end

-        {:activity, nil} ->
-          {:error, :not_found}
-
-        e ->
-          e
+  def object(%{assigns: %{format: format}} = conn, %{"uuid" => uuid}) do
+    with id <- o_status_url(conn, :object, uuid),
+         {_, %Activity{} = activity} <-
+           {:activity, Activity.get_create_by_object_ap_id_with_object(id)},
+         {_, true} <- {:public?, Visibility.is_public?(activity)},
+         %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
+      case format do
+        "html" -> redirect(conn, to: "/notice/#{activity.id}")
+        _ -> represent_activity(conn, nil, activity, user)
      end
+    else
+      reason when reason in [{:public?, false}, {:activity, nil}] ->
+        {:error, :not_found}
+
+      e ->
+        e
    end
  end

-  def activity(conn, %{"uuid" => uuid}) do
-    if get_format(conn) in ["activity+json", "json"] do
-      ActivityPubController.call(conn, :activity)
-    else
-      with id <- o_status_url(conn, :activity, uuid),
-           {_, %Activity{} = activity} <- {:activity, Activity.normalize(id)},
-           {_, true} <- {:public?, Visibility.is_public?(activity)},
-           %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
-        case format = get_format(conn) do
-          "html" -> redirect(conn, to: "/notice/#{activity.id}")
-          _ -> represent_activity(conn, format, activity, user)
-        end
-      else
-        {:public?, false} ->
-          {:error, :not_found}
+  def activity(%{assigns: %{format: format}} = conn, %{"uuid" => _uuid})
+      when format in ["json", "activity+json"] do
+    ActivityPubController.call(conn, :activity)
+  end

-        {:activity, nil} ->
-          {:error, :not_found}
-
-        e ->
-          e
+  def activity(%{assigns: %{format: format}} = conn, %{"uuid" => uuid}) do
+    with id <- o_status_url(conn, :activity, uuid),
+         {_, %Activity{} = activity} <- {:activity, Activity.normalize(id)},
+         {_, true} <- {:public?, Visibility.is_public?(activity)},
+         %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
+      case format do
+        "html" -> redirect(conn, to: "/notice/#{activity.id}")
+        _ -> represent_activity(conn, format, activity, user)
      end
+    else
+      reason when reason in [{:public?, false}, {:activity, nil}] ->
+        {:error, :not_found}
+
+      e ->
+        e
    end
  end

-  def notice(conn, %{"id" => id}) do
+  def notice(%{assigns: %{format: format}} = conn, %{"id" => id}) do
    with {_, %Activity{} = activity} <- {:activity, Activity.get_by_id_with_object(id)},
         {_, true} <- {:public?, Visibility.is_public?(activity)},
         %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
-      case format = get_format(conn) do
-        "html" ->
-          if activity.data["type"] == "Create" do
-            %Object{} = object = Object.normalize(activity)
+      cond do
+        format == "html" && activity.data["type"] == "Create" ->
+          %Object{} = object = Object.normalize(activity)

-            Fallback.RedirectController.redirector_with_meta(conn, %{
+          RedirectController.redirector_with_meta(
+            conn,
+            %{
              activity_id: activity.id,
              object: object,
-              url:
-                Pleroma.Web.Router.Helpers.o_status_url(
-                  Pleroma.Web.Endpoint,
-                  :notice,
-                  activity.id
-                ),
+              url: Router.Helpers.o_status_url(Endpoint, :notice, activity.id),
              user: user
-            })
-          else
-            Fallback.RedirectController.redirector(conn, nil)
-          end
+            }
+          )

-        _ ->
+        format == "html" ->
+          RedirectController.redirector(conn, nil)
+
+        true ->
          represent_activity(conn, format, activity, user)
      end
    else
-      {:public?, false} ->
+      reason when reason in [{:public?, false}, {:activity, nil}] ->
        conn
        |> put_status(404)
-        |> Fallback.RedirectController.redirector(nil, 404)
-
-      {:activity, nil} ->
-        conn
-        |> Fallback.RedirectController.redirector(nil, 404)
+        |> RedirectController.redirector(nil, 404)

      e ->
        e
@ -204,13 +194,13 @@ defmodule Pleroma.Web.OStatus.OStatusController do
        "content-security-policy",
        "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
      )
-      |> put_view(Pleroma.Web.Metadata.PlayerView)
+      |> put_view(PlayerView)
      |> render("player.html", url)
    else
      _error ->
        conn
        |> put_status(404)
-        |> Fallback.RedirectController.redirector(nil, 404)
+        |> RedirectController.redirector(nil, 404)
    end
  end

@ -248,6 +238,8 @@ defmodule Pleroma.Web.OStatus.OStatusController do
    render_error(conn, :not_found, "Not found")
  end

+  def errors(conn, {:fetch_user, nil}), do: errors(conn, {:error, :not_found})
+
  def errors(conn, _) do
    render_error(conn, :internal_server_error, "Something went wrong")
  end
--- a/test/web/ostatus/ostatus_controller_test.exs
+++ b/test/web/ostatus/ostatus_controller_test.exs
@ -101,160 +101,538 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
    assert response(conn, 404)
  end

-  test "gets an object", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    object = Object.normalize(note_activity)
-    user = User.get_cached_by_ap_id(note_activity.data["actor"])
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
-    url = "/objects/#{uuid}"
+  describe "GET object/2" do
+    test "gets an object", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Object.normalize(note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+      url = "/objects/#{uuid}"
+
+      conn =
+        conn
+        |> put_req_header("accept", "application/xml")
+        |> get(url)
+
+      expected =
+        ActivityRepresenter.to_simple_form(note_activity, user, true)
+        |> ActivityRepresenter.wrap_with_entry()
+        |> :xmerl.export_simple(:xmerl_xml)
+        |> to_string
+
+      assert response(conn, 200) == expected
+    end
+
+    test "redirects to /notice/id for html format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Object.normalize(note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+      url = "/objects/#{uuid}"
+
+      conn =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get(url)
+
+      assert redirected_to(conn) == "/notice/#{note_activity.id}"
+    end
+
+    test "500s when user not found", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Object.normalize(note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+      User.invalidate_cache(user)
+      Pleroma.Repo.delete(user)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+      url = "/objects/#{uuid}"
+
+      conn =
+        conn
+        |> put_req_header("accept", "application/xml")
+        |> get(url)
+
+      assert response(conn, 500) == ~S({"error":"Something went wrong"})
+    end
+
+    test "404s on private objects", %{conn: conn} do
+      note_activity = insert(:direct_note_activity)
+      object = Object.normalize(note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+
+      conn
+      |> get("/objects/#{uuid}")
+      |> response(404)
+    end
+
+    test "404s on nonexisting objects", %{conn: conn} do
+      conn
+      |> get("/objects/123")
+      |> response(404)
+    end
+  end
+
+  describe "GET activity/2" do
+    test "gets an activity in xml format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))

-    conn =
      conn
      |> put_req_header("accept", "application/xml")
-      |> get(url)
+      |> get("/activities/#{uuid}")
+      |> response(200)
+    end

-    expected =
-      ActivityRepresenter.to_simple_form(note_activity, user, true)
-      |> ActivityRepresenter.wrap_with_entry()
-      |> :xmerl.export_simple(:xmerl_xml)
-      |> to_string
+    test "redirects to /notice/id for html format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))

-    assert response(conn, 200) == expected
+      conn =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get("/activities/#{uuid}")
+
+      assert redirected_to(conn) == "/notice/#{note_activity.id}"
+    end
+
+    test "505s when user not found", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+      User.invalidate_cache(user)
+      Pleroma.Repo.delete(user)
+
+      conn =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get("/activities/#{uuid}")
+
+      assert response(conn, 500) == ~S({"error":"Something went wrong"})
+    end
+
+    test "404s on deleted objects", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Object.normalize(note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+
+      conn
+      |> put_req_header("accept", "application/xml")
+      |> get("/objects/#{uuid}")
+      |> response(200)
+
+      Object.delete(object)
+
+      conn
+      |> put_req_header("accept", "application/xml")
+      |> get("/objects/#{uuid}")
+      |> response(404)
+    end
+
+    test "404s on private activities", %{conn: conn} do
+      note_activity = insert(:direct_note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
+
+      conn
+      |> get("/activities/#{uuid}")
+      |> response(404)
+    end
+
+    test "404s on nonexistent activities", %{conn: conn} do
+      conn
+      |> get("/activities/123")
+      |> response(404)
+    end
+
+    test "gets an activity in AS2 format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
+      url = "/activities/#{uuid}"
+
+      conn =
+        conn
+        |> put_req_header("accept", "application/activity+json")
+        |> get(url)
+
+      assert json_response(conn, 200)
+    end
  end

-  test "404s on private objects", %{conn: conn} do
-    note_activity = insert(:direct_note_activity)
-    object = Object.normalize(note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+  describe "GET notice/2" do
+    test "gets a notice in xml format", %{conn: conn} do
+      note_activity = insert(:note_activity)

-    conn
-    |> get("/objects/#{uuid}")
-    |> response(404)
-  end
+      conn
+      |> get("/notice/#{note_activity.id}")
+      |> response(200)
+    end

-  test "404s on nonexisting objects", %{conn: conn} do
-    conn
-    |> get("/objects/123")
-    |> response(404)
-  end
+    test "gets a notice in AS2 format", %{conn: conn} do
+      note_activity = insert(:note_activity)

-  test "gets an activity in xml format", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
-
-    conn
-    |> put_req_header("accept", "application/xml")
-    |> get("/activities/#{uuid}")
-    |> response(200)
-  end
-
-  test "404s on deleted objects", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    object = Object.normalize(note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
-
-    conn
-    |> put_req_header("accept", "application/xml")
-    |> get("/objects/#{uuid}")
-    |> response(200)
-
-    Object.delete(object)
-
-    conn
-    |> put_req_header("accept", "application/xml")
-    |> get("/objects/#{uuid}")
-    |> response(404)
-  end
-
-  test "404s on private activities", %{conn: conn} do
-    note_activity = insert(:direct_note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
-
-    conn
-    |> get("/activities/#{uuid}")
-    |> response(404)
-  end
-
-  test "404s on nonexistent activities", %{conn: conn} do
-    conn
-    |> get("/activities/123")
-    |> response(404)
-  end
-
-  test "gets a notice in xml format", %{conn: conn} do
-    note_activity = insert(:note_activity)
-
-    conn
-    |> get("/notice/#{note_activity.id}")
-    |> response(200)
-  end
-
-  test "gets a notice in AS2 format", %{conn: conn} do
-    note_activity = insert(:note_activity)
-
-    conn
-    |> put_req_header("accept", "application/activity+json")
-    |> get("/notice/#{note_activity.id}")
-    |> json_response(200)
-  end
-
-  test "only gets a notice in AS2 format for Create messages", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    url = "/notice/#{note_activity.id}"
-
-    conn =
      conn
      |> put_req_header("accept", "application/activity+json")
-      |> get(url)
+      |> get("/notice/#{note_activity.id}")
+      |> json_response(200)
+    end

-    assert json_response(conn, 200)
+    test "500s when actor not found", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+      User.invalidate_cache(user)
+      Pleroma.Repo.delete(user)

-    user = insert(:user)
+      conn =
+        conn
+        |> get("/notice/#{note_activity.id}")

-    {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
-    url = "/notice/#{like_activity.id}"
+      assert response(conn, 500) == ~S({"error":"Something went wrong"})
+    end

-    assert like_activity.data["type"] == "Like"
+    test "only gets a notice in AS2 format for Create messages", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      url = "/notice/#{note_activity.id}"

-    conn =
-      build_conn()
-      |> put_req_header("accept", "application/activity+json")
-      |> get(url)
+      conn =
+        conn
+        |> put_req_header("accept", "application/activity+json")
+        |> get(url)

-    assert response(conn, 404)
+      assert json_response(conn, 200)
+
+      user = insert(:user)
+
+      {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
+      url = "/notice/#{like_activity.id}"
+
+      assert like_activity.data["type"] == "Like"
+
+      conn =
+        build_conn()
+        |> put_req_header("accept", "application/activity+json")
+        |> get(url)
+
+      assert response(conn, 404)
+    end
+
+    test "render html for redirect for html format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+
+      resp =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get("/notice/#{note_activity.id}")
+        |> response(200)
+
+      assert resp =~
+               "<meta content=\"#{Pleroma.Web.base_url()}/notice/#{note_activity.id}\" property=\"og:url\">"
+
+      user = insert(:user)
+
+      {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
+
+      assert like_activity.data["type"] == "Like"
+
+      resp =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get("/notice/#{like_activity.id}")
+        |> response(200)
+
+      assert resp =~ "<!--server-generated-meta-->"
+    end
+
+    test "404s a private notice", %{conn: conn} do
+      note_activity = insert(:direct_note_activity)
+      url = "/notice/#{note_activity.id}"
+
+      conn =
+        conn
+        |> get(url)
+
+      assert response(conn, 404)
+    end
+
+    test "404s a nonexisting notice", %{conn: conn} do
+      url = "/notice/123"
+
+      conn =
+        conn
+        |> get(url)
+
+      assert response(conn, 404)
+    end
  end

-  test "gets an activity in AS2 format", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
-    url = "/activities/#{uuid}"
+  describe "feed_redirect" do
+    test "undefined format. it redirects to feed", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])

-    conn =
-      conn
-      |> put_req_header("accept", "application/activity+json")
-      |> get(url)
+      response =
+        conn
+        |> put_req_header("accept", "application/xml")
+        |> get("/users/#{user.nickname}")
+        |> response(302)

-    assert json_response(conn, 200)
+      assert response ==
+               "<html><body>You are being <a href=\"#{Pleroma.Web.base_url()}/users/#{
+                 user.nickname
+               }/feed.atom\">redirected</a>.</body></html>"
+    end
+
+    test "undefined format. it returns error when user not found", %{conn: conn} do
+      response =
+        conn
+        |> put_req_header("accept", "application/xml")
+        |> get("/users/jimm")
+        |> response(404)
+
+      assert response == ~S({"error":"Not found"})
+    end
+
+    test "activity+json format. it redirects on actual feed of user", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+
+      response =
+        conn
+        |> put_req_header("accept", "application/activity+json")
+        |> get("/users/#{user.nickname}")
+        |> json_response(200)
+
+      assert response["endpoints"] == %{
+               "oauthAuthorizationEndpoint" => "#{Pleroma.Web.base_url()}/oauth/authorize",
+               "oauthRegistrationEndpoint" => "#{Pleroma.Web.base_url()}/api/v1/apps",
+               "oauthTokenEndpoint" => "#{Pleroma.Web.base_url()}/oauth/token",
+               "sharedInbox" => "#{Pleroma.Web.base_url()}/inbox"
+             }
+
+      assert response["@context"] == [
+               "https://www.w3.org/ns/activitystreams",
+               "http://localhost:4001/schemas/litepub-0.1.jsonld",
+               %{"@language" => "und"}
+             ]
+
+      assert Map.take(response, [
+               "followers",
+               "following",
+               "id",
+               "inbox",
+               "manuallyApprovesFollowers",
+               "name",
+               "outbox",
+               "preferredUsername",
+               "summary",
+               "tag",
+               "type",
+               "url"
+             ]) == %{
+               "followers" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/followers",
+               "following" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/following",
+               "id" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}",
+               "inbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/inbox",
+               "manuallyApprovesFollowers" => false,
+               "name" => user.name,
+               "outbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/outbox",
+               "preferredUsername" => user.nickname,
+               "summary" => user.bio,
+               "tag" => [],
+               "type" => "Person",
+               "url" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}"
+             }
+    end
+
+    test "activity+json format. it returns error whe use not found", %{conn: conn} do
+      response =
+        conn
+        |> put_req_header("accept", "application/activity+json")
+        |> get("/users/jimm")
+        |> json_response(404)
+
+      assert response == "Not found"
+    end
+
+    test "json format. it redirects on actual feed of user", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+
+      response =
+        conn
+        |> put_req_header("accept", "application/json")
+        |> get("/users/#{user.nickname}")
+        |> json_response(200)
+
+      assert response["endpoints"] == %{
+               "oauthAuthorizationEndpoint" => "#{Pleroma.Web.base_url()}/oauth/authorize",
+               "oauthRegistrationEndpoint" => "#{Pleroma.Web.base_url()}/api/v1/apps",
+               "oauthTokenEndpoint" => "#{Pleroma.Web.base_url()}/oauth/token",
+               "sharedInbox" => "#{Pleroma.Web.base_url()}/inbox"
+             }
+
+      assert response["@context"] == [
+               "https://www.w3.org/ns/activitystreams",
+               "http://localhost:4001/schemas/litepub-0.1.jsonld",
+               %{"@language" => "und"}
+             ]
+
+      assert Map.take(response, [
+               "followers",
+               "following",
+               "id",
+               "inbox",
+               "manuallyApprovesFollowers",
+               "name",
+               "outbox",
+               "preferredUsername",
+               "summary",
+               "tag",
+               "type",
+               "url"
+             ]) == %{
+               "followers" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/followers",
+               "following" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/following",
+               "id" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}",
+               "inbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/inbox",
+               "manuallyApprovesFollowers" => false,
+               "name" => user.name,
+               "outbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/outbox",
+               "preferredUsername" => user.nickname,
+               "summary" => user.bio,
+               "tag" => [],
+               "type" => "Person",
+               "url" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}"
+             }
+    end
+
+    test "json format. it returns error whe use not found", %{conn: conn} do
+      response =
+        conn
+        |> put_req_header("accept", "application/json")
+        |> get("/users/jimm")
+        |> json_response(404)
+
+      assert response == "Not found"
+    end
+
+    test "html format. it redirects on actual feed of user", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+
+      response =
+        conn
+        |> get("/users/#{user.nickname}")
+        |> response(200)
+
+      assert response ==
+               Fallback.RedirectController.redirector_with_meta(
+                 conn,
+                 %{user: user}
+               ).resp_body
+    end
+
+    test "html format. it returns error when user not found", %{conn: conn} do
+      response =
+        conn
+        |> get("/users/jimm")
+        |> json_response(404)
+
+      assert response == %{"error" => "Not found"}
+    end
  end

-  test "404s a private notice", %{conn: conn} do
-    note_activity = insert(:direct_note_activity)
-    url = "/notice/#{note_activity.id}"
+  describe "GET /notice/:id/embed_player" do
+    test "render embed player", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Pleroma.Object.normalize(note_activity)

-    conn =
-      conn
-      |> get(url)
+      object_data =
+        Map.put(object.data, "attachment", [
+          %{
+            "url" => [
+              %{
+                "href" =>
+                  "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
+                "mediaType" => "video/mp4",
+                "type" => "Link"
+              }
+            ]
+          }
+        ])

-    assert response(conn, 404)
-  end
+      object
+      |> Ecto.Changeset.change(data: object_data)
+      |> Pleroma.Repo.update()

-  test "404s a nonexisting notice", %{conn: conn} do
-    url = "/notice/123"
+      conn =
+        conn
+        |> get("/notice/#{note_activity.id}/embed_player")

-    conn =
-      conn
-      |> get(url)
+      assert Plug.Conn.get_resp_header(conn, "x-frame-options") == ["ALLOW"]

-    assert response(conn, 404)
+      assert Plug.Conn.get_resp_header(
+               conn,
+               "content-security-policy"
+             ) == [
+               "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
+             ]
+
+      assert response(conn, 200) =~
+               "<video controls loop><source src=\"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4\" type=\"video/mp4\">Your browser does not support video/mp4 playback.</video>"
+    end
+
+    test "404s when activity isn't create", %{conn: conn} do
+      note_activity = insert(:note_activity, data_attrs: %{"type" => "Like"})
+
+      assert conn
+             |> get("/notice/#{note_activity.id}/embed_player")
+             |> response(404)
+    end
+
+    test "404s when activity is direct message", %{conn: conn} do
+      note_activity = insert(:note_activity, data_attrs: %{"directMessage" => true})
+
+      assert conn
+             |> get("/notice/#{note_activity.id}/embed_player")
+             |> response(404)
+    end
+
+    test "404s when attachment is empty", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Pleroma.Object.normalize(note_activity)
+      object_data = Map.put(object.data, "attachment", [])
+
+      object
+      |> Ecto.Changeset.change(data: object_data)
+      |> Pleroma.Repo.update()
+
+      assert conn
+             |> get("/notice/#{note_activity.id}/embed_player")
+             |> response(404)
+    end
+
+    test "404s when attachment isn't audio or video", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Pleroma.Object.normalize(note_activity)
+
+      object_data =
+        Map.put(object.data, "attachment", [
+          %{
+            "url" => [
+              %{
+                "href" => "https://peertube.moe/static/webseed/480.jpg",
+                "mediaType" => "image/jpg",
+                "type" => "Link"
+              }
+            ]
+          }
+        ])
+
+      object
+      |> Ecto.Changeset.change(data: object_data)
+      |> Pleroma.Repo.update()
+
+      assert conn
+             |> get("/notice/#{note_activity.id}/embed_player")
+             |> response(404)
+    end
  end
 end