1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.InviteControllerTest do
6 use Pleroma.Web.ConnCase, async: true
11 alias Pleroma.UserInviteToken
14 admin = insert(:user, is_admin: true)
15 token = insert(:oauth_admin_token, user: admin)
19 |> assign(:user, admin)
20 |> assign(:token, token)
22 {:ok, %{admin: admin, token: token, conn: conn}}
25 describe "POST /api/v1/pleroma/admin/users/email_invite, with valid config" do
26 setup do: clear_config([:instance, :registrations_open], false)
27 setup do: clear_config([:instance, :invites_enabled], true)
29 test "sends invitation and returns 204", %{admin: admin, conn: conn} do
30 recipient_email = "foo@bar.com"
31 recipient_name = "J. D."
35 |> put_req_header("content-type", "application/json;charset=utf-8")
36 |> post("/api/v1/pleroma/admin/users/email_invite", %{
37 email: recipient_email,
41 assert json_response_and_validate_schema(conn, :no_content)
43 token_record = List.last(Repo.all(Pleroma.UserInviteToken))
45 refute token_record.used
47 notify_email = Config.get([:instance, :notify_email])
48 instance_name = Config.get([:instance, :name])
51 Pleroma.Emails.UserEmail.user_invitation_email(
58 Swoosh.TestAssertions.assert_email_sent(
59 from: {instance_name, notify_email},
60 to: {recipient_name, recipient_email},
61 html_body: email.html_body
65 test "it returns 403 if requested by a non-admin" do
66 non_admin_user = insert(:user)
67 token = insert(:oauth_token, user: non_admin_user)
71 |> assign(:user, non_admin_user)
72 |> assign(:token, token)
73 |> put_req_header("content-type", "application/json;charset=utf-8")
74 |> post("/api/v1/pleroma/admin/users/email_invite", %{
79 assert json_response(conn, :forbidden)
82 test "email with +", %{conn: conn, admin: admin} do
83 recipient_email = "foo+bar@baz.com"
86 |> put_req_header("content-type", "application/json;charset=utf-8")
87 |> post("/api/v1/pleroma/admin/users/email_invite", %{email: recipient_email})
88 |> json_response_and_validate_schema(:no_content)
91 Pleroma.UserInviteToken
96 refute token_record.used
98 notify_email = Config.get([:instance, :notify_email])
99 instance_name = Config.get([:instance, :name])
102 Pleroma.Emails.UserEmail.user_invitation_email(
108 Swoosh.TestAssertions.assert_email_sent(
109 from: {instance_name, notify_email},
111 html_body: email.html_body
116 describe "POST /api/v1/pleroma/admin/users/email_invite, with invalid config" do
117 setup do: clear_config([:instance, :registrations_open])
118 setup do: clear_config([:instance, :invites_enabled])
120 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn} do
121 clear_config([:instance, :registrations_open], false)
122 clear_config([:instance, :invites_enabled], false)
126 |> put_req_header("content-type", "application/json")
127 |> post("/api/v1/pleroma/admin/users/email_invite", %{
128 email: "foo@bar.com",
132 assert json_response_and_validate_schema(conn, :bad_request) ==
135 "To send invites you need to set the `invites_enabled` option to true."
139 test "it returns 500 if `registrations_open` is enabled", %{conn: conn} do
140 clear_config([:instance, :registrations_open], true)
141 clear_config([:instance, :invites_enabled], true)
145 |> put_req_header("content-type", "application/json")
146 |> post("/api/v1/pleroma/admin/users/email_invite", %{
147 email: "foo@bar.com",
151 assert json_response_and_validate_schema(conn, :bad_request) ==
154 "To send invites you need to set the `registrations_open` option to false."
159 describe "POST /api/v1/pleroma/admin/users/invite_token" do
160 test "without options", %{conn: conn} do
163 |> put_req_header("content-type", "application/json")
164 |> post("/api/v1/pleroma/admin/users/invite_token")
166 invite_json = json_response_and_validate_schema(conn, 200)
167 invite = UserInviteToken.find_by_token!(invite_json["token"])
169 refute invite.expires_at
170 refute invite.max_use
171 assert invite.invite_type == "one_time"
174 test "with expires_at", %{conn: conn} do
177 |> put_req_header("content-type", "application/json")
178 |> post("/api/v1/pleroma/admin/users/invite_token", %{
179 "expires_at" => Date.to_string(Date.utc_today())
182 invite_json = json_response_and_validate_schema(conn, 200)
183 invite = UserInviteToken.find_by_token!(invite_json["token"])
186 assert invite.expires_at == Date.utc_today()
187 refute invite.max_use
188 assert invite.invite_type == "date_limited"
191 test "with max_use", %{conn: conn} do
194 |> put_req_header("content-type", "application/json")
195 |> post("/api/v1/pleroma/admin/users/invite_token", %{"max_use" => 150})
197 invite_json = json_response_and_validate_schema(conn, 200)
198 invite = UserInviteToken.find_by_token!(invite_json["token"])
200 refute invite.expires_at
201 assert invite.max_use == 150
202 assert invite.invite_type == "reusable"
205 test "with max use and expires_at", %{conn: conn} do
208 |> put_req_header("content-type", "application/json")
209 |> post("/api/v1/pleroma/admin/users/invite_token", %{
211 "expires_at" => Date.to_string(Date.utc_today())
214 invite_json = json_response_and_validate_schema(conn, 200)
215 invite = UserInviteToken.find_by_token!(invite_json["token"])
217 assert invite.expires_at == Date.utc_today()
218 assert invite.max_use == 150
219 assert invite.invite_type == "reusable_date_limited"
223 describe "GET /api/v1/pleroma/admin/users/invites" do
224 test "no invites", %{conn: conn} do
225 conn = get(conn, "/api/v1/pleroma/admin/users/invites")
227 assert json_response_and_validate_schema(conn, 200) == %{"invites" => []}
230 test "with invite", %{conn: conn} do
231 {:ok, invite} = UserInviteToken.create_invite()
233 conn = get(conn, "/api/v1/pleroma/admin/users/invites")
235 assert json_response_and_validate_schema(conn, 200) == %{
240 "invite_type" => "one_time",
242 "token" => invite.token,
251 describe "POST /api/v1/pleroma/admin/users/revoke_invite" do
252 test "with token", %{conn: conn} do
253 {:ok, invite} = UserInviteToken.create_invite()
257 |> put_req_header("content-type", "application/json")
258 |> post("/api/v1/pleroma/admin/users/revoke_invite", %{"token" => invite.token})
260 assert json_response_and_validate_schema(conn, 200) == %{
263 "invite_type" => "one_time",
265 "token" => invite.token,
271 test "with invalid token", %{conn: conn} do
274 |> put_req_header("content-type", "application/json")
275 |> post("/api/v1/pleroma/admin/users/revoke_invite", %{"token" => "foo"})
277 assert json_response_and_validate_schema(conn, :not_found) == %{"error" => "Not found"}