git.squeep.com Git - akkoma/blob - lib/pleroma/web/admin_api/admin_api_controller.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   6   use Pleroma.Web, :controller
   7   alias Pleroma.User
   8   alias Pleroma.Web.ActivityPub.Relay
   9
  10   import Pleroma.Web.ControllerHelper, only: [json_response: 3]
  11
  12   require Logger
  13
  14   action_fallback(:errors)
  15
  16   def user_delete(conn, %{"nickname" => nickname}) do
  17     user = User.get_by_nickname(nickname)
  18
  19     if user.local == true do
  20       User.delete(user)
  21     else
  22       User.delete(user)
  23     end
  24
  25     conn
  26     |> json(nickname)
  27   end
  28
  29   def user_create(
  30         conn,
  31         %{"nickname" => nickname, "email" => email, "password" => password}
  32       ) do
  33     user_data = %{
  34       nickname: nickname,
  35       name: nickname,
  36       email: email,
  37       password: password,
  38       password_confirmation: password,
  39       bio: "."
  40     }
  41
  42     changeset = User.register_changeset(%User{}, user_data, confirmed: true)
  43     {:ok, user} = User.register(changeset)
  44
  45     conn
  46     |> json(user.nickname)
  47   end
  48
  49   def tag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
  50     with {:ok, _} <- User.tag(nicknames, tags),
  51          do: json_response(conn, :no_content, "")
  52   end
  53
  54   def untag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
  55     with {:ok, _} <- User.untag(nicknames, tags),
  56          do: json_response(conn, :no_content, "")
  57   end
  58
  59   def right_add(conn, %{"permission_group" => permission_group, "nickname" => nickname})
  60       when permission_group in ["moderator", "admin"] do
  61     user = User.get_by_nickname(nickname)
  62
  63     info =
  64       %{}
  65       |> Map.put("is_" <> permission_group, true)
  66
  67     info_cng = User.Info.admin_api_update(user.info, info)
  68
  69     cng =
  70       user
  71       |> Ecto.Changeset.change()
  72       |> Ecto.Changeset.put_embed(:info, info_cng)
  73
  74     {:ok, _user} = User.update_and_set_cache(cng)
  75
  76     json(conn, info)
  77   end
  78
  79   def right_add(conn, _) do
  80     conn
  81     |> put_status(404)
  82     |> json(%{error: "No such permission_group"})
  83   end
  84
  85   def right_get(conn, %{"nickname" => nickname}) do
  86     user = User.get_by_nickname(nickname)
  87
  88     conn
  89     |> json(%{
  90       is_moderator: user.info.is_moderator,
  91       is_admin: user.info.is_admin
  92     })
  93   end
  94
  95   def right_delete(
  96         %{assigns: %{user: %User{:nickname => admin_nickname}}} = conn,
  97         %{
  98           "permission_group" => permission_group,
  99           "nickname" => nickname
 100         }
 101       )
 102       when permission_group in ["moderator", "admin"] do
 103     if admin_nickname == nickname do
 104       conn
 105       |> put_status(403)
 106       |> json(%{error: "You can't revoke your own admin status."})
 107     else
 108       user = User.get_by_nickname(nickname)
 109
 110       info =
 111         %{}
 112         |> Map.put("is_" <> permission_group, false)
 113
 114       info_cng = User.Info.admin_api_update(user.info, info)
 115
 116       cng =
 117         Ecto.Changeset.change(user)
 118         |> Ecto.Changeset.put_embed(:info, info_cng)
 119
 120       {:ok, _user} = User.update_and_set_cache(cng)
 121
 122       json(conn, info)
 123     end
 124   end
 125
 126   def right_delete(conn, _) do
 127     conn
 128     |> put_status(404)
 129     |> json(%{error: "No such permission_group"})
 130   end
 131
 132   def relay_follow(conn, %{"relay_url" => target}) do
 133     with {:ok, _message} <- Relay.follow(target) do
 134       json(conn, target)
 135     else
 136       _ ->
 137         conn
 138         |> put_status(500)
 139         |> json(target)
 140     end
 141   end
 142
 143   def relay_unfollow(conn, %{"relay_url" => target}) do
 144     with {:ok, _message} <- Relay.unfollow(target) do
 145       json(conn, target)
 146     else
 147       _ ->
 148         conn
 149         |> put_status(500)
 150         |> json(target)
 151     end
 152   end
 153
 154   @doc "Sends registration invite via email"
 155   def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params) do
 156     with true <-
 157            Pleroma.Config.get([:instance, :invites_enabled]) &&
 158              !Pleroma.Config.get([:instance, :registrations_open]),
 159          {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(),
 160          email <-
 161            Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]),
 162          {:ok, _} <- Pleroma.Mailer.deliver(email) do
 163       json_response(conn, :no_content, "")
 164     end
 165   end
 166
 167   @doc "Get a account registeration invite token (base64 string)"
 168   def get_invite_token(conn, _params) do
 169     {:ok, token} = Pleroma.UserInviteToken.create_token()
 170
 171     conn
 172     |> json(token.token)
 173   end
 174
 175   @doc "Get a password reset token (base64 string) for given nickname"
 176   def get_password_reset(conn, %{"nickname" => nickname}) do
 177     (%User{local: true} = user) = User.get_by_nickname(nickname)
 178     {:ok, token} = Pleroma.PasswordResetToken.create_token(user)
 179
 180     conn
 181     |> json(token.token)
 182   end
 183
 184   def errors(conn, {:param_cast, _}) do
 185     conn
 186     |> put_status(400)
 187     |> json("Invalid parameters")
 188   end
 189
 190   def errors(conn, _) do
 191     conn
 192     |> put_status(500)
 193     |> json("Something went wrong")
 194   end
 195 end