From fd1fa5a2ec922575bc8b75dabe224337977c8e3e Mon Sep 17 00:00:00 2001
From: Sadposter <hannah+pleroma@coffee-and-dreams.uk>
Date: Tue, 23 Jul 2019 15:05:19 +0100
Subject: [PATCH] add tests for unauthed reqs to liked/reblogged_by

---
 .../mastodon_api_controller_test.exs          | 28 +++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs
index a3e4c4136..00ca320d3 100644
--- a/test/web/mastodon_api/mastodon_api_controller_test.exs
+++ b/test/web/mastodon_api/mastodon_api_controller_test.exs
@@ -3786,6 +3786,20 @@ test "does not return users who have favorited the status but are blocked", %{
 
       assert Enum.empty?(response)
     end
+
+    test "does not fail on an unauthententicated request", %{conn: conn, activity: activity} do
+        other_user = insert(:user)
+        {:ok, _, _} = CommonAPI.favorite(activity.id, other_user)
+
+        response =
+            conn
+            |> assign(:user, nil)
+            |> get("/api/v1/#{activity.id}/favourited_by")
+            |> json_response(:ok)
+
+        [%{"id" => id}] = response
+        assert id == other_user.id
+    end
   end
 
   describe "GET /api/v1/statuses/:id/reblogged_by" do
@@ -3843,6 +3857,20 @@ test "does not return users who have reblogged the status but are blocked", %{
 
       assert Enum.empty?(response)
     end
+
+    test "does not fail on an unauthententicated request", %{conn: conn, activity: activity} do
+        other_user = insert(:user)
+        {:ok, _, _} = CommonAPI.favorite(activity.id, other_user)
+
+        response =
+            conn
+            |> assign(:user, nil)
+            |> get("/api/v1/#{activity.id}/reblogged_by")
+            |> json_response(:ok)
+
+        [%{"id" => id}] = response
+        assert id == other_user.id
+    end
   end
 
   describe "POST /auth/password, with valid parameters" do