Merge remote-tracking branch 'upstream/develop' into simplepolicy-announce-leak
[akkoma] / lib / pleroma / web / api_spec / operations / admin / user_operation.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.ApiSpec.Admin.UserOperation do
6 alias OpenApiSpex.Operation
7 alias OpenApiSpex.Schema
8 alias Pleroma.Web.ApiSpec.Schemas.ActorType
9 alias Pleroma.Web.ApiSpec.Schemas.ApiError
10
11 import Pleroma.Web.ApiSpec.Helpers
12
13 def open_api_operation(action) do
14 operation = String.to_existing_atom("#{action}_operation")
15 apply(__MODULE__, operation, [])
16 end
17
18 def index_operation do
19 %Operation{
20 tags: ["User administration"],
21 summary: "List users",
22 operationId: "AdminAPI.UserController.index",
23 security: [%{"oAuth" => ["admin:read:accounts"]}],
24 parameters: [
25 Operation.parameter(:filters, :query, :string, "Comma separated list of filters"),
26 Operation.parameter(:query, :query, :string, "Search users query"),
27 Operation.parameter(:name, :query, :string, "Search by display name"),
28 Operation.parameter(:email, :query, :string, "Search by email"),
29 Operation.parameter(:page, :query, :integer, "Page Number"),
30 Operation.parameter(:page_size, :query, :integer, "Number of users to return per page"),
31 Operation.parameter(
32 :actor_types,
33 :query,
34 %Schema{type: :array, items: ActorType},
35 "Filter by actor type"
36 ),
37 Operation.parameter(
38 :tags,
39 :query,
40 %Schema{type: :array, items: %Schema{type: :string}},
41 "Filter by tags"
42 )
43 | admin_api_params()
44 ],
45 responses: %{
46 200 =>
47 Operation.response(
48 "Response",
49 "application/json",
50 %Schema{
51 type: :object,
52 properties: %{
53 users: %Schema{type: :array, items: user()},
54 count: %Schema{type: :integer},
55 page_size: %Schema{type: :integer}
56 }
57 }
58 ),
59 403 => Operation.response("Forbidden", "application/json", ApiError)
60 }
61 }
62 end
63
64 def create_operation do
65 %Operation{
66 tags: ["User administration"],
67 summary: "Create a single or multiple users",
68 operationId: "AdminAPI.UserController.create",
69 security: [%{"oAuth" => ["admin:write:accounts"]}],
70 parameters: admin_api_params(),
71 requestBody:
72 request_body(
73 "Parameters",
74 %Schema{
75 description: "POST body for creating users",
76 type: :object,
77 properties: %{
78 users: %Schema{
79 type: :array,
80 items: %Schema{
81 type: :object,
82 properties: %{
83 nickname: %Schema{type: :string},
84 email: %Schema{type: :string},
85 password: %Schema{type: :string}
86 }
87 }
88 }
89 }
90 }
91 ),
92 responses: %{
93 200 =>
94 Operation.response("Response", "application/json", %Schema{
95 type: :array,
96 items: %Schema{
97 type: :object,
98 properties: %{
99 code: %Schema{type: :integer},
100 type: %Schema{type: :string},
101 data: %Schema{
102 type: :object,
103 properties: %{
104 email: %Schema{type: :string, format: :email},
105 nickname: %Schema{type: :string}
106 }
107 }
108 }
109 }
110 }),
111 403 => Operation.response("Forbidden", "application/json", ApiError),
112 409 =>
113 Operation.response("Conflict", "application/json", %Schema{
114 type: :array,
115 items: %Schema{
116 type: :object,
117 properties: %{
118 code: %Schema{type: :integer},
119 error: %Schema{type: :string},
120 type: %Schema{type: :string},
121 data: %Schema{
122 type: :object,
123 properties: %{
124 email: %Schema{type: :string, format: :email},
125 nickname: %Schema{type: :string}
126 }
127 }
128 }
129 }
130 })
131 }
132 }
133 end
134
135 def show_operation do
136 %Operation{
137 tags: ["User administration"],
138 summary: "Show user",
139 operationId: "AdminAPI.UserController.show",
140 security: [%{"oAuth" => ["admin:read:accounts"]}],
141 parameters: [
142 Operation.parameter(
143 :nickname,
144 :path,
145 :string,
146 "User nickname or ID"
147 )
148 | admin_api_params()
149 ],
150 responses: %{
151 200 => Operation.response("Response", "application/json", user()),
152 403 => Operation.response("Forbidden", "application/json", ApiError),
153 404 => Operation.response("Not Found", "application/json", ApiError)
154 }
155 }
156 end
157
158 def follow_operation do
159 %Operation{
160 tags: ["User administration"],
161 summary: "Follow",
162 operationId: "AdminAPI.UserController.follow",
163 security: [%{"oAuth" => ["admin:write:follows"]}],
164 parameters: admin_api_params(),
165 requestBody:
166 request_body(
167 "Parameters",
168 %Schema{
169 type: :object,
170 properties: %{
171 follower: %Schema{type: :string, description: "Follower nickname"},
172 followed: %Schema{type: :string, description: "Followed nickname"}
173 }
174 }
175 ),
176 responses: %{
177 200 => Operation.response("Response", "application/json", %Schema{type: :string}),
178 403 => Operation.response("Forbidden", "application/json", ApiError)
179 }
180 }
181 end
182
183 def unfollow_operation do
184 %Operation{
185 tags: ["User administration"],
186 summary: "Unfollow",
187 operationId: "AdminAPI.UserController.unfollow",
188 security: [%{"oAuth" => ["admin:write:follows"]}],
189 parameters: admin_api_params(),
190 requestBody:
191 request_body(
192 "Parameters",
193 %Schema{
194 type: :object,
195 properties: %{
196 follower: %Schema{type: :string, description: "Follower nickname"},
197 followed: %Schema{type: :string, description: "Followed nickname"}
198 }
199 }
200 ),
201 responses: %{
202 200 => Operation.response("Response", "application/json", %Schema{type: :string}),
203 403 => Operation.response("Forbidden", "application/json", ApiError)
204 }
205 }
206 end
207
208 def approve_operation do
209 %Operation{
210 tags: ["User administration"],
211 summary: "Approve multiple users",
212 operationId: "AdminAPI.UserController.approve",
213 security: [%{"oAuth" => ["admin:write:accounts"]}],
214 parameters: admin_api_params(),
215 requestBody:
216 request_body(
217 "Parameters",
218 %Schema{
219 description: "POST body for deleting multiple users",
220 type: :object,
221 properties: %{
222 nicknames: %Schema{
223 type: :array,
224 items: %Schema{type: :string}
225 }
226 }
227 }
228 ),
229 responses: %{
230 200 =>
231 Operation.response("Response", "application/json", %Schema{
232 type: :object,
233 properties: %{user: %Schema{type: :array, items: user()}}
234 }),
235 403 => Operation.response("Forbidden", "application/json", ApiError)
236 }
237 }
238 end
239
240 def toggle_activation_operation do
241 %Operation{
242 tags: ["User administration"],
243 summary: "Toggle user activation",
244 operationId: "AdminAPI.UserController.toggle_activation",
245 security: [%{"oAuth" => ["admin:write:accounts"]}],
246 parameters: [
247 Operation.parameter(:nickname, :path, :string, "User nickname")
248 | admin_api_params()
249 ],
250 responses: %{
251 200 => Operation.response("Response", "application/json", user()),
252 403 => Operation.response("Forbidden", "application/json", ApiError)
253 }
254 }
255 end
256
257 def activate_operation do
258 %Operation{
259 tags: ["User administration"],
260 summary: "Activate multiple users",
261 operationId: "AdminAPI.UserController.activate",
262 security: [%{"oAuth" => ["admin:write:accounts"]}],
263 parameters: admin_api_params(),
264 requestBody:
265 request_body(
266 "Parameters",
267 %Schema{
268 description: "POST body for deleting multiple users",
269 type: :object,
270 properties: %{
271 nicknames: %Schema{
272 type: :array,
273 items: %Schema{type: :string}
274 }
275 }
276 }
277 ),
278 responses: %{
279 200 =>
280 Operation.response("Response", "application/json", %Schema{
281 type: :object,
282 properties: %{user: %Schema{type: :array, items: user()}}
283 }),
284 403 => Operation.response("Forbidden", "application/json", ApiError)
285 }
286 }
287 end
288
289 def deactivate_operation do
290 %Operation{
291 tags: ["User administration"],
292 summary: "Deactivates multiple users",
293 operationId: "AdminAPI.UserController.deactivate",
294 security: [%{"oAuth" => ["admin:write:accounts"]}],
295 parameters: admin_api_params(),
296 requestBody:
297 request_body(
298 "Parameters",
299 %Schema{
300 description: "POST body for deleting multiple users",
301 type: :object,
302 properties: %{
303 nicknames: %Schema{
304 type: :array,
305 items: %Schema{type: :string}
306 }
307 }
308 }
309 ),
310 responses: %{
311 200 =>
312 Operation.response("Response", "application/json", %Schema{
313 type: :object,
314 properties: %{user: %Schema{type: :array, items: user()}}
315 }),
316 403 => Operation.response("Forbidden", "application/json", ApiError)
317 }
318 }
319 end
320
321 def delete_operation do
322 %Operation{
323 tags: ["User administration"],
324 summary: "Removes a single or multiple users",
325 operationId: "AdminAPI.UserController.delete",
326 security: [%{"oAuth" => ["admin:write:accounts"]}],
327 parameters: [
328 Operation.parameter(
329 :nickname,
330 :query,
331 :string,
332 "User nickname"
333 )
334 | admin_api_params()
335 ],
336 requestBody:
337 request_body(
338 "Parameters",
339 %Schema{
340 description: "POST body for deleting multiple users",
341 type: :object,
342 properties: %{
343 nicknames: %Schema{
344 type: :array,
345 items: %Schema{type: :string}
346 }
347 }
348 }
349 ),
350 responses: %{
351 200 =>
352 Operation.response("Response", "application/json", %Schema{
353 description: "Array of nicknames",
354 type: :array,
355 items: %Schema{type: :string}
356 }),
357 403 => Operation.response("Forbidden", "application/json", ApiError)
358 }
359 }
360 end
361
362 defp user do
363 %Schema{
364 type: :object,
365 properties: %{
366 id: %Schema{type: :string},
367 email: %Schema{type: :string, format: :email},
368 avatar: %Schema{type: :string, format: :uri},
369 nickname: %Schema{type: :string},
370 display_name: %Schema{type: :string},
371 is_active: %Schema{type: :boolean},
372 local: %Schema{type: :boolean},
373 roles: %Schema{
374 type: :object,
375 properties: %{
376 admin: %Schema{type: :boolean},
377 moderator: %Schema{type: :boolean}
378 }
379 },
380 tags: %Schema{type: :array, items: %Schema{type: :string}},
381 is_confirmed: %Schema{type: :boolean},
382 is_approved: %Schema{type: :boolean},
383 url: %Schema{type: :string, format: :uri},
384 registration_reason: %Schema{type: :string, nullable: true},
385 actor_type: %Schema{type: :string}
386 }
387 }
388 end
389 end