test: noteの匿名のときのテストを追加

2023-11-11 17:37:22 +09:00 · 2023-11-11 17:37:22 +09:00 · 59298f77c2
parent ee0ad59d40
commit 59298f77c2
6 changed files with 140 additions and 2 deletions
--- a/src/intTest/kotlin/activitypub/note/NoteTest.kt
+++ b/src/intTest/kotlin/activitypub/note/NoteTest.kt
@ -0,0 +1,91 @@
+package activitypub.note
+
+import dev.usbharu.hideout.SpringApplication
+import org.junit.jupiter.api.BeforeEach
+import org.junit.jupiter.api.Test
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc
+import org.springframework.boot.test.context.SpringBootTest
+import org.springframework.http.MediaType
+import org.springframework.security.test.context.support.WithAnonymousUser
+import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity
+import org.springframework.test.context.jdbc.Sql
+import org.springframework.test.web.servlet.MockMvc
+import org.springframework.test.web.servlet.get
+import org.springframework.test.web.servlet.setup.DefaultMockMvcBuilder
+import org.springframework.test.web.servlet.setup.MockMvcBuilders
+import org.springframework.transaction.annotation.Transactional
+import org.springframework.web.context.WebApplicationContext
+
+@SpringBootTest(classes = [SpringApplication::class])
+@AutoConfigureMockMvc
+@Transactional
+class NoteTest {
+    private lateinit var mockMvc: MockMvc
+
+    @Autowired
+    private lateinit var context: WebApplicationContext
+
+    @BeforeEach
+    fun setUp() {
+        mockMvc = MockMvcBuilders.webAppContextSetup(context).apply<DefaultMockMvcBuilder>(springSecurity()).build()
+    }
+
+    @Test
+    @WithAnonymousUser
+    @Sql("/sql/note/匿名でpublic投稿を取得できる.sql")
+    fun `匿名でpublic投稿を取得できる`() {
+        mockMvc
+            .get("/users/test-user/posts/1234") {
+                accept(MediaType("application", "activity+json"))
+            }
+            .asyncDispatch()
+            .andDo { print() }
+            .andExpect { status { isOk() } }
+            .andExpect { content { contentType("application/activity+json") } }
+            .andExpect { jsonPath("\$.type") { value("Note") } }
+            .andExpect { jsonPath("\$.to") { value("https://www.w3.org/ns/activitystreams#Public") } }
+            .andExpect { jsonPath("\$.cc") { value("https://www.w3.org/ns/activitystreams#Public") } }
+    }
+
+    @Test
+    @Sql("/sql/note/匿名でunlisted投稿を取得できる.sql")
+    @WithAnonymousUser
+    fun 匿名でunlisted投稿を取得できる() {
+        mockMvc
+            .get("/users/test-user2/posts/1235") {
+                accept(MediaType("application", "activity+json"))
+            }
+            .asyncDispatch()
+            .andDo { print() }
+            .andExpect { status { isOk() } }
+            .andExpect { content { contentType("application/activity+json") } }
+            .andExpect { jsonPath("\$.type") { value("Note") } }
+            .andExpect { jsonPath("\$.to") { value("https://example.com/users/test-user2/followers") } }
+            .andExpect { jsonPath("\$.cc") { value("https://www.w3.org/ns/activitystreams#Public") } }
+    }
+
+    @Test
+    @Transactional
+    @WithAnonymousUser
+    @Sql("/sql/note/匿名でfollowers投稿を取得できる.sql")
+    fun 匿名でfollowers投稿を取得しようとすると404() {
+        mockMvc
+            .get("/users/test-user2/posts/1236") {
+                accept(MediaType("application", "activity+json"))
+            }
+            .asyncDispatch()
+            .andExpect { status { isNotFound() } }
+    }
+
+    @Test
+    @WithAnonymousUser
+    fun 匿名でdirect投稿を取得しようとすると404() {
+        mockMvc
+            .get("/users/test-user2/posts/1236") {
+                accept(MediaType("application", "activity+json"))
+            }
+            .asyncDispatch()
+            .andExpect { status { isNotFound() } }
+    }
+}
--- a/src/intTest/resources/sql/note/匿名でfollowers投稿を取得できる.sql
+++ b/src/intTest/resources/sql/note/匿名でfollowers投稿を取得できる.sql
@ -0,0 +1,14 @@
+insert into "USERS" (ID, NAME, DOMAIN, SCREEN_NAME, DESCRIPTION, PASSWORD, INBOX, OUTBOX, URL, PUBLIC_KEY, PRIVATE_KEY,
+                     CREATED_AT, KEY_ID, FOLLOWING, FOLLOWERS)
+VALUES (3, 'test-user3', 'example.com', 'Im test user3.', 'THis account is test user3.',
+        '5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8',
+        'https://example.com/users/test-user3/inbox',
+        'https://example.com/users/test-user3/outbox', 'https://example.com/users/test-user3',
+        '-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----',
+        '-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----', 12345678,
+        'https://example.com/users/test-user3#pubkey', 'https://example.com/users/test-user3/following',
+        'https://example.com/users/test-user3/followers');
+
+insert into POSTS (ID, "userId", OVERVIEW, TEXT, "createdAt", VISIBILITY, URL, "repostId", "replyId", SENSITIVE, AP_ID)
+VALUES (1236, 3, null, 'test post', 12345680, 2, 'https://example.com/users/test-user3/posts/1236', null, null, false,
+        'https://example.com/users/test-user3/posts/1236')
--- a/src/intTest/resources/sql/note/匿名でpublic投稿を取得できる.sql
+++ b/src/intTest/resources/sql/note/匿名でpublic投稿を取得できる.sql
@ -0,0 +1,13 @@
+insert into "USERS" (ID, NAME, DOMAIN, SCREEN_NAME, DESCRIPTION, PASSWORD, INBOX, OUTBOX, URL, PUBLIC_KEY, PRIVATE_KEY,
+                     CREATED_AT, KEY_ID, FOLLOWING, FOLLOWERS)
+VALUES (1, 'test-user', 'example.com', 'Im test user.', 'THis account is test user.',
+        '5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8', 'https://example.com/users/test-user/inbox',
+        'https://example.com/users/test-user/outbox', 'https://example.com/users/test-user',
+        '-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----',
+        '-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----', 12345678,
+        'https://example.com/users/test-user#pubkey', 'https://example.com/users/test-user/following',
+        'https://example.com/users/test-users/followers');
+
+insert into POSTS (ID, "userId", OVERVIEW, TEXT, "createdAt", VISIBILITY, URL, "repostId", "replyId", SENSITIVE, AP_ID)
+VALUES (1234, 1, null, 'test post', 12345680, 0, 'https://example.com/users/test-user/posts/1234', null, null, false,
+        'https://example.com/users/test-user/posts/1234')
--- a/src/intTest/resources/sql/note/匿名でunlisted投稿を取得できる.sql
+++ b/src/intTest/resources/sql/note/匿名でunlisted投稿を取得できる.sql
@ -0,0 +1,14 @@
+insert into "USERS" (ID, NAME, DOMAIN, SCREEN_NAME, DESCRIPTION, PASSWORD, INBOX, OUTBOX, URL, PUBLIC_KEY, PRIVATE_KEY,
+                     CREATED_AT, KEY_ID, FOLLOWING, FOLLOWERS)
+VALUES (2, 'test-user2', 'example.com', 'Im test user2.', 'THis account is test user2.',
+        '5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8',
+        'https://example.com/users/test-user2/inbox',
+        'https://example.com/users/test-user2/outbox', 'https://example.com/users/test-user2',
+        '-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----',
+        '-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----', 12345678,
+        'https://example.com/users/test-user2#pubkey', 'https://example.com/users/test-user2/following',
+        'https://example.com/users/test-user2/followers');
+
+insert into POSTS (ID, "userId", OVERVIEW, TEXT, "createdAt", VISIBILITY, URL, "repostId", "replyId", SENSITIVE, AP_ID)
+VALUES (1235, 2, null, 'test post', 12345680, 1, 'https://example.com/users/test-user2/posts/1235', null, null, false,
+        'https://example.com/users/test-user2/posts/1235')
--- a/src/main/kotlin/dev/usbharu/hideout/activitypub/service/objects/note/NoteApApiServiceImpl.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/activitypub/service/objects/note/NoteApApiServiceImpl.kt
@ -3,6 +3,7 @@ package dev.usbharu.hideout.activitypub.service.objects.note
 import dev.usbharu.hideout.activitypub.domain.model.Note
 import dev.usbharu.hideout.activitypub.query.NoteQueryService
 import dev.usbharu.hideout.application.external.Transaction
+import dev.usbharu.hideout.core.domain.exception.FailedToGetResourcesException
 import dev.usbharu.hideout.core.domain.model.post.Visibility
 import dev.usbharu.hideout.core.query.FollowerQueryService
 import org.springframework.stereotype.Service
@ -14,7 +15,11 @@ class NoteApApiServiceImpl(
    private val transaction: Transaction
 ) : NoteApApiService {
    override suspend fun getNote(postId: Long, userId: Long?): Note? = transaction.transaction {
-        val findById = noteQueryService.findById(postId)
+        val findById = try {
+            noteQueryService.findById(postId)
+        } catch (_: FailedToGetResourcesException) {
+            return@transaction null
+        }
        when (findById.second.visibility) {
            Visibility.PUBLIC, Visibility.UNLISTED -> {
                return@transaction findById.first
--- a/src/main/kotlin/dev/usbharu/hideout/application/config/SecurityConfig.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/application/config/SecurityConfig.kt
@ -82,7 +82,8 @@ class SecurityConfig {
                HttpSignatureFilter::class.java
            )
            .authorizeHttpRequests {
-                it.anyRequest().authenticated()
+                it.requestMatchers("/inbox", "/outbox", "/users/*/inbox", "/users/*/outbox").authenticated()
+                it.anyRequest().permitAll()
            }
            .csrf {
                it.disable()