git.squeep.com Git - akkoma/blob - lib/pleroma/web/admin_api/admin_api_controller.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   6   use Pleroma.Web, :controller
   7   alias Pleroma.User
   8   alias Pleroma.Web.ActivityPub.Relay
   9
  10   import Pleroma.Web.ControllerHelper, only: [json_response: 3]
  11
  12   require Logger
  13
  14   action_fallback(:errors)
  15
  16   def user_delete(conn, %{"nickname" => nickname}) do
  17     User.get_by_nickname(nickname)
  18     |> User.delete()
  19
  20     conn
  21     |> json(nickname)
  22   end
  23
  24   def user_create(
  25         conn,
  26         %{"nickname" => nickname, "email" => email, "password" => password}
  27       ) do
  28     user_data = %{
  29       nickname: nickname,
  30       name: nickname,
  31       email: email,
  32       password: password,
  33       password_confirmation: password,
  34       bio: "."
  35     }
  36
  37     changeset = User.register_changeset(%User{}, user_data, confirmed: true)
  38     {:ok, user} = User.register(changeset)
  39
  40     conn
  41     |> json(user.nickname)
  42   end
  43
  44   def tag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
  45     with {:ok, _} <- User.tag(nicknames, tags),
  46          do: json_response(conn, :no_content, "")
  47   end
  48
  49   def untag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
  50     with {:ok, _} <- User.untag(nicknames, tags),
  51          do: json_response(conn, :no_content, "")
  52   end
  53
  54   def right_add(conn, %{"permission_group" => permission_group, "nickname" => nickname})
  55       when permission_group in ["moderator", "admin"] do
  56     user = User.get_by_nickname(nickname)
  57
  58     info =
  59       %{}
  60       |> Map.put("is_" <> permission_group, true)
  61
  62     info_cng = User.Info.admin_api_update(user.info, info)
  63
  64     cng =
  65       user
  66       |> Ecto.Changeset.change()
  67       |> Ecto.Changeset.put_embed(:info, info_cng)
  68
  69     {:ok, _user} = User.update_and_set_cache(cng)
  70
  71     json(conn, info)
  72   end
  73
  74   def right_add(conn, _) do
  75     conn
  76     |> put_status(404)
  77     |> json(%{error: "No such permission_group"})
  78   end
  79
  80   def right_get(conn, %{"nickname" => nickname}) do
  81     user = User.get_by_nickname(nickname)
  82
  83     conn
  84     |> json(%{
  85       is_moderator: user.info.is_moderator,
  86       is_admin: user.info.is_admin
  87     })
  88   end
  89
  90   def right_delete(
  91         %{assigns: %{user: %User{:nickname => admin_nickname}}} = conn,
  92         %{
  93           "permission_group" => permission_group,
  94           "nickname" => nickname
  95         }
  96       )
  97       when permission_group in ["moderator", "admin"] do
  98     if admin_nickname == nickname do
  99       conn
 100       |> put_status(403)
 101       |> json(%{error: "You can't revoke your own admin status."})
 102     else
 103       user = User.get_by_nickname(nickname)
 104
 105       info =
 106         %{}
 107         |> Map.put("is_" <> permission_group, false)
 108
 109       info_cng = User.Info.admin_api_update(user.info, info)
 110
 111       cng =
 112         Ecto.Changeset.change(user)
 113         |> Ecto.Changeset.put_embed(:info, info_cng)
 114
 115       {:ok, _user} = User.update_and_set_cache(cng)
 116
 117       json(conn, info)
 118     end
 119   end
 120
 121   def right_delete(conn, _) do
 122     conn
 123     |> put_status(404)
 124     |> json(%{error: "No such permission_group"})
 125   end
 126
 127   def relay_follow(conn, %{"relay_url" => target}) do
 128     with {:ok, _message} <- Relay.follow(target) do
 129       json(conn, target)
 130     else
 131       _ ->
 132         conn
 133         |> put_status(500)
 134         |> json(target)
 135     end
 136   end
 137
 138   def relay_unfollow(conn, %{"relay_url" => target}) do
 139     with {:ok, _message} <- Relay.unfollow(target) do
 140       json(conn, target)
 141     else
 142       _ ->
 143         conn
 144         |> put_status(500)
 145         |> json(target)
 146     end
 147   end
 148
 149   @doc "Sends registration invite via email"
 150   def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params) do
 151     with true <-
 152            Pleroma.Config.get([:instance, :invites_enabled]) &&
 153              !Pleroma.Config.get([:instance, :registrations_open]),
 154          {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(),
 155          email <-
 156            Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]),
 157          {:ok, _} <- Pleroma.Mailer.deliver(email) do
 158       json_response(conn, :no_content, "")
 159     end
 160   end
 161
 162   @doc "Get a account registeration invite token (base64 string)"
 163   def get_invite_token(conn, _params) do
 164     {:ok, token} = Pleroma.UserInviteToken.create_token()
 165
 166     conn
 167     |> json(token.token)
 168   end
 169
 170   @doc "Get a password reset token (base64 string) for given nickname"
 171   def get_password_reset(conn, %{"nickname" => nickname}) do
 172     (%User{local: true} = user) = User.get_by_nickname(nickname)
 173     {:ok, token} = Pleroma.PasswordResetToken.create_token(user)
 174
 175     conn
 176     |> json(token.token)
 177   end
 178
 179   def errors(conn, {:param_cast, _}) do
 180     conn
 181     |> put_status(400)
 182     |> json("Invalid parameters")
 183   end
 184
 185   def errors(conn, _) do
 186     conn
 187     |> put_status(500)
 188     |> json("Something went wrong")
 189   end
 190 end