tests/admin_moderation.rs at main · scanash.com/bspds-sandbox

PDS software with bells & whistles you didn’t even know you needed. will move this to its own account when ready.
bspds-sandbox / tests / admin_moderation.rs
at main 8.6 kB view raw
  1mod common;
  2
  3use common::*;
  4use reqwest::StatusCode;
  5use serde_json::{Value, json};
  6
  7#[tokio::test]
  8async fn test_get_subject_status_user_success() {
  9    let client = client();
 10    let (access_jwt, did) = create_admin_account_and_login(&client).await;
 11    let res = client
 12        .get(format!(
 13            "{}/xrpc/com.atproto.admin.getSubjectStatus",
 14            base_url().await
 15        ))
 16        .bearer_auth(&access_jwt)
 17        .query(&[("did", did.as_str())])
 18        .send()
 19        .await
 20        .expect("Failed to send request");
 21    assert_eq!(res.status(), StatusCode::OK);
 22    let body: Value = res.json().await.expect("Response was not valid JSON");
 23    assert!(body["subject"].is_object());
 24    assert_eq!(body["subject"]["$type"], "com.atproto.admin.defs#repoRef");
 25    assert_eq!(body["subject"]["did"], did);
 26}
 27
 28#[tokio::test]
 29async fn test_get_subject_status_not_found() {
 30    let client = client();
 31    let (access_jwt, _did) = create_admin_account_and_login(&client).await;
 32    let res = client
 33        .get(format!(
 34            "{}/xrpc/com.atproto.admin.getSubjectStatus",
 35            base_url().await
 36        ))
 37        .bearer_auth(&access_jwt)
 38        .query(&[("did", "did:plc:nonexistent")])
 39        .send()
 40        .await
 41        .expect("Failed to send request");
 42    assert_eq!(res.status(), StatusCode::NOT_FOUND);
 43    let body: Value = res.json().await.expect("Response was not valid JSON");
 44    assert_eq!(body["error"], "SubjectNotFound");
 45}
 46
 47#[tokio::test]
 48async fn test_get_subject_status_no_param() {
 49    let client = client();
 50    let (access_jwt, _did) = create_admin_account_and_login(&client).await;
 51    let res = client
 52        .get(format!(
 53            "{}/xrpc/com.atproto.admin.getSubjectStatus",
 54            base_url().await
 55        ))
 56        .bearer_auth(&access_jwt)
 57        .send()
 58        .await
 59        .expect("Failed to send request");
 60    assert_eq!(res.status(), StatusCode::BAD_REQUEST);
 61    let body: Value = res.json().await.expect("Response was not valid JSON");
 62    assert_eq!(body["error"], "InvalidRequest");
 63}
 64
 65#[tokio::test]
 66async fn test_get_subject_status_no_auth() {
 67    let client = client();
 68    let res = client
 69        .get(format!(
 70            "{}/xrpc/com.atproto.admin.getSubjectStatus",
 71            base_url().await
 72        ))
 73        .query(&[("did", "did:plc:test")])
 74        .send()
 75        .await
 76        .expect("Failed to send request");
 77    assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
 78}
 79
 80#[tokio::test]
 81async fn test_update_subject_status_takedown_user() {
 82    let client = client();
 83    let (admin_jwt, _) = create_admin_account_and_login(&client).await;
 84    let (_, target_did) = create_account_and_login(&client).await;
 85    let payload = json!({
 86        "subject": {
 87            "$type": "com.atproto.admin.defs#repoRef",
 88            "did": target_did
 89        },
 90        "takedown": {
 91            "applied": true,
 92            "ref": "mod-action-123"
 93        }
 94    });
 95    let res = client
 96        .post(format!(
 97            "{}/xrpc/com.atproto.admin.updateSubjectStatus",
 98            base_url().await
 99        ))
100        .bearer_auth(&admin_jwt)
101        .json(&payload)
102        .send()
103        .await
104        .expect("Failed to send request");
105    assert_eq!(res.status(), StatusCode::OK);
106    let body: Value = res.json().await.expect("Response was not valid JSON");
107    assert!(body["takedown"].is_object());
108    assert_eq!(body["takedown"]["applied"], true);
109    assert_eq!(body["takedown"]["ref"], "mod-action-123");
110    let status_res = client
111        .get(format!(
112            "{}/xrpc/com.atproto.admin.getSubjectStatus",
113            base_url().await
114        ))
115        .bearer_auth(&admin_jwt)
116        .query(&[("did", target_did.as_str())])
117        .send()
118        .await
119        .expect("Failed to send request");
120    let status_body: Value = status_res.json().await.unwrap();
121    assert!(status_body["takedown"].is_object());
122    assert_eq!(status_body["takedown"]["applied"], true);
123    assert_eq!(status_body["takedown"]["ref"], "mod-action-123");
124}
125
126#[tokio::test]
127async fn test_update_subject_status_remove_takedown() {
128    let client = client();
129    let (admin_jwt, _) = create_admin_account_and_login(&client).await;
130    let (_, target_did) = create_account_and_login(&client).await;
131    let takedown_payload = json!({
132        "subject": {
133            "$type": "com.atproto.admin.defs#repoRef",
134            "did": target_did
135        },
136        "takedown": {
137            "applied": true,
138            "ref": "mod-action-456"
139        }
140    });
141    let _ = client
142        .post(format!(
143            "{}/xrpc/com.atproto.admin.updateSubjectStatus",
144            base_url().await
145        ))
146        .bearer_auth(&admin_jwt)
147        .json(&takedown_payload)
148        .send()
149        .await;
150    let remove_payload = json!({
151        "subject": {
152            "$type": "com.atproto.admin.defs#repoRef",
153            "did": target_did
154        },
155        "takedown": {
156            "applied": false
157        }
158    });
159    let res = client
160        .post(format!(
161            "{}/xrpc/com.atproto.admin.updateSubjectStatus",
162            base_url().await
163        ))
164        .bearer_auth(&admin_jwt)
165        .json(&remove_payload)
166        .send()
167        .await
168        .expect("Failed to send request");
169    assert_eq!(res.status(), StatusCode::OK);
170    let status_res = client
171        .get(format!(
172            "{}/xrpc/com.atproto.admin.getSubjectStatus",
173            base_url().await
174        ))
175        .bearer_auth(&admin_jwt)
176        .query(&[("did", target_did.as_str())])
177        .send()
178        .await
179        .expect("Failed to send request");
180    let status_body: Value = status_res.json().await.unwrap();
181    assert!(
182        status_body["takedown"].is_null()
183            || !status_body["takedown"]["applied"]
184                .as_bool()
185                .unwrap_or(false)
186    );
187}
188
189#[tokio::test]
190async fn test_update_subject_status_deactivate_user() {
191    let client = client();
192    let (admin_jwt, _) = create_admin_account_and_login(&client).await;
193    let (_, target_did) = create_account_and_login(&client).await;
194    let payload = json!({
195        "subject": {
196            "$type": "com.atproto.admin.defs#repoRef",
197            "did": target_did
198        },
199        "deactivated": {
200            "applied": true
201        }
202    });
203    let res = client
204        .post(format!(
205            "{}/xrpc/com.atproto.admin.updateSubjectStatus",
206            base_url().await
207        ))
208        .bearer_auth(&admin_jwt)
209        .json(&payload)
210        .send()
211        .await
212        .expect("Failed to send request");
213    assert_eq!(res.status(), StatusCode::OK);
214    let status_res = client
215        .get(format!(
216            "{}/xrpc/com.atproto.admin.getSubjectStatus",
217            base_url().await
218        ))
219        .bearer_auth(&admin_jwt)
220        .query(&[("did", target_did.as_str())])
221        .send()
222        .await
223        .expect("Failed to send request");
224    let status_body: Value = status_res.json().await.unwrap();
225    assert!(status_body["deactivated"].is_object());
226    assert_eq!(status_body["deactivated"]["applied"], true);
227}
228
229#[tokio::test]
230async fn test_update_subject_status_invalid_type() {
231    let client = client();
232    let (access_jwt, _did) = create_admin_account_and_login(&client).await;
233    let payload = json!({
234        "subject": {
235            "$type": "invalid.type",
236            "did": "did:plc:test"
237        },
238        "takedown": {
239            "applied": true
240        }
241    });
242    let res = client
243        .post(format!(
244            "{}/xrpc/com.atproto.admin.updateSubjectStatus",
245            base_url().await
246        ))
247        .bearer_auth(&access_jwt)
248        .json(&payload)
249        .send()
250        .await
251        .expect("Failed to send request");
252    assert_eq!(res.status(), StatusCode::BAD_REQUEST);
253    let body: Value = res.json().await.expect("Response was not valid JSON");
254    assert_eq!(body["error"], "InvalidRequest");
255}
256
257#[tokio::test]
258async fn test_update_subject_status_no_auth() {
259    let client = client();
260    let payload = json!({
261        "subject": {
262            "$type": "com.atproto.admin.defs#repoRef",
263            "did": "did:plc:test"
264        },
265        "takedown": {
266            "applied": true
267        }
268    });
269    let res = client
270        .post(format!(
271            "{}/xrpc/com.atproto.admin.updateSubjectStatus",
272            base_url().await
273        ))
274        .json(&payload)
275        .send()
276        .await
277        .expect("Failed to send request");
278    assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
279}