Add federating plug & public tests

lib/pleroma/web/twitter_api/twitter_api_controller.ex

@@ -527,6 +527,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
     else
       conn
       |> forbidden_json_reply("Invalid credentials.")
+      |> halt()
     end
   end
 

test/web/node_info_test.exs

@@ -14,4 +14,36 @@ defmodule Pleroma.Web.NodeInfoTest do
 
     assert user.ap_id in result["metadata"]["staffAccounts"]
   end
+
+  test "returns 404 when federation is disabled" do
+    instance =
+      Application.get_env(:pleroma, :instance)
+      |> Keyword.put(:federating, false)
+
+    Application.put_env(:pleroma, :instance, instance)
+
+    conn
+    |> get("/.well-known/nodeinfo")
+    |> json_response(404)
+
+    conn
+    |> get("/nodeinfo/2.0.json")
+    |> json_response(404)
+
+    instance =
+      Application.get_env(:pleroma, :instance)
+      |> Keyword.put(:federating, true)
+
+    Application.put_env(:pleroma, :instance, instance)
+  end
+
+  test "returns 200 when federation is enabled" do
+    conn
+    |> get("/.well-known/nodeinfo")
+    |> json_response(200)
+
+    conn
+    |> get("/nodeinfo/2.0.json")
+    |> json_response(200)
+  end
 end

test/web/plugs/federating_plug_test.exs

@@ -0,0 +1,33 @@
+defmodule Pleroma.Web.FederatingPlugTest do
+  use Pleroma.Web.ConnCase
+
+  test "returns and halt the conn when federating is disabled" do
+    instance =
+      Application.get_env(:pleroma, :instance)
+      |> Keyword.put(:federating, false)
+
+    Application.put_env(:pleroma, :instance, instance)
+
+    conn =
+      build_conn()
+      |> Pleroma.Web.FederatingPlug.call(%{})
+
+    assert conn.status == 404
+    assert conn.halted
+
+    instance =
+      Application.get_env(:pleroma, :instance)
+      |> Keyword.put(:federating, true)
+
+    Application.put_env(:pleroma, :instance, instance)
+  end
+
+  test "does nothing when federating is enabled" do
+    conn =
+      build_conn()
+      |> Pleroma.Web.FederatingPlug.call(%{})
+
+    refute conn.status
+    refute conn.halted
+  end
+end

test/web/twitter_api/twitter_api_controller_test.exs

@@ -100,6 +100,56 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
 
       assert length(response) == 10
     end
+
+    test "returns 403 to unauthenticated request when the instance is not public" do
+      instance =
+        Application.get_env(:pleroma, :instance)
+        |> Keyword.put(:public, false)
+
+      Application.put_env(:pleroma, :instance, instance)
+
+      conn
+      |> get("/api/statuses/public_timeline.json")
+      |> json_response(403)
+
+      instance =
+        Application.get_env(:pleroma, :instance)
+        |> Keyword.put(:public, true)
+
+      Application.put_env(:pleroma, :instance, instance)
+    end
+
+    test "returns 200 to unauthenticated request when the instance is public" do
+      conn
+      |> get("/api/statuses/public_timeline.json")
+      |> json_response(200)
+    end
+  end
+
+  describe "GET /statuses/public_and_external_timeline.json" do
+    test "returns 403 to unauthenticated request when the instance is not public" do
+      instance =
+        Application.get_env(:pleroma, :instance)
+        |> Keyword.put(:public, false)
+
+      Application.put_env(:pleroma, :instance, instance)
+
+      conn
+      |> get("/api/statuses/public_and_external_timeline.json")
+      |> json_response(403)
+
+      instance =
+        Application.get_env(:pleroma, :instance)
+        |> Keyword.put(:public, true)
+
+      Application.put_env(:pleroma, :instance, instance)
+    end
+
+    test "returns 200 to unauthenticated request when the instance is public" do
+      conn
+      |> get("/api/statuses/public_and_external_timeline.json")
+      |> json_response(200)
+    end
   end
 
   describe "GET /statuses/show/:id.json" do