Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into develop
[akkoma] / test / pleroma / web / admin_api / controllers / report_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
6 use Pleroma.Web.ConnCase, async: true
7
8 import Pleroma.Factory
9
10 alias Pleroma.Activity
11 alias Pleroma.ModerationLog
12 alias Pleroma.Repo
13 alias Pleroma.ReportNote
14 alias Pleroma.Web.CommonAPI
15
16 setup do
17 admin = insert(:user, is_admin: true)
18 token = insert(:oauth_admin_token, user: admin)
19
20 conn =
21 build_conn()
22 |> assign(:user, admin)
23 |> assign(:token, token)
24
25 {:ok, %{admin: admin, token: token, conn: conn}}
26 end
27
28 describe "GET /api/pleroma/admin/reports/:id" do
29 test "returns report by its id", %{conn: conn} do
30 [reporter, target_user] = insert_pair(:user)
31 activity = insert(:note_activity, user: target_user)
32
33 {:ok, %{id: report_id}} =
34 CommonAPI.report(reporter, %{
35 account_id: target_user.id,
36 comment: "I feel offended",
37 status_ids: [activity.id]
38 })
39
40 conn
41 |> put_req_header("content-type", "application/json")
42 |> post("/api/pleroma/admin/reports/#{report_id}/notes", %{
43 content: "this is an admin note"
44 })
45
46 response =
47 conn
48 |> get("/api/pleroma/admin/reports/#{report_id}")
49 |> json_response_and_validate_schema(:ok)
50
51 assert response["id"] == report_id
52
53 [notes] = response["notes"]
54 assert notes["content"] == "this is an admin note"
55 end
56
57 test "returns 404 when report id is invalid", %{conn: conn} do
58 conn = get(conn, "/api/pleroma/admin/reports/test")
59
60 assert json_response_and_validate_schema(conn, :not_found) == %{"error" => "Not found"}
61 end
62 end
63
64 describe "PATCH /api/pleroma/admin/reports" do
65 setup do
66 [reporter, target_user] = insert_pair(:user)
67 activity = insert(:note_activity, user: target_user)
68
69 {:ok, %{id: report_id}} =
70 CommonAPI.report(reporter, %{
71 account_id: target_user.id,
72 comment: "I feel offended",
73 status_ids: [activity.id]
74 })
75
76 {:ok, %{id: second_report_id}} =
77 CommonAPI.report(reporter, %{
78 account_id: target_user.id,
79 comment: "I feel very offended",
80 status_ids: [activity.id]
81 })
82
83 %{
84 id: report_id,
85 second_report_id: second_report_id
86 }
87 end
88
89 test "requires admin:write:reports scope", %{conn: conn, id: id, admin: admin} do
90 read_token = insert(:oauth_token, user: admin, scopes: ["admin:read"])
91 write_token = insert(:oauth_token, user: admin, scopes: ["admin:write:reports"])
92
93 response =
94 conn
95 |> assign(:token, read_token)
96 |> put_req_header("content-type", "application/json")
97 |> patch("/api/pleroma/admin/reports", %{
98 "reports" => [%{"state" => "resolved", "id" => id}]
99 })
100 |> json_response_and_validate_schema(403)
101
102 assert response == %{
103 "error" => "Insufficient permissions: admin:write:reports."
104 }
105
106 conn
107 |> assign(:token, write_token)
108 |> put_req_header("content-type", "application/json")
109 |> patch("/api/pleroma/admin/reports", %{
110 "reports" => [%{"state" => "resolved", "id" => id}]
111 })
112 |> json_response_and_validate_schema(:no_content)
113 end
114
115 test "mark report as resolved", %{conn: conn, id: id, admin: admin} do
116 conn
117 |> put_req_header("content-type", "application/json")
118 |> patch("/api/pleroma/admin/reports", %{
119 "reports" => [
120 %{"state" => "resolved", "id" => id}
121 ]
122 })
123 |> json_response_and_validate_schema(:no_content)
124
125 activity = Activity.get_by_id_with_user_actor(id)
126 assert activity.data["state"] == "resolved"
127
128 log_entry = Repo.one(ModerationLog)
129
130 assert ModerationLog.get_log_entry_message(log_entry) ==
131 "@#{admin.nickname} updated report ##{id} (on user @#{activity.user_actor.nickname}) with 'resolved' state"
132 end
133
134 test "closes report", %{conn: conn, id: id, admin: admin} do
135 conn
136 |> put_req_header("content-type", "application/json")
137 |> patch("/api/pleroma/admin/reports", %{
138 "reports" => [
139 %{"state" => "closed", "id" => id}
140 ]
141 })
142 |> json_response_and_validate_schema(:no_content)
143
144 activity = Activity.get_by_id_with_user_actor(id)
145 assert activity.data["state"] == "closed"
146
147 log_entry = Repo.one(ModerationLog)
148
149 assert ModerationLog.get_log_entry_message(log_entry) ==
150 "@#{admin.nickname} updated report ##{id} (on user @#{activity.user_actor.nickname}) with 'closed' state"
151 end
152
153 test "returns 400 when state is unknown", %{conn: conn, id: id} do
154 conn =
155 conn
156 |> put_req_header("content-type", "application/json")
157 |> patch("/api/pleroma/admin/reports", %{
158 "reports" => [
159 %{"state" => "test", "id" => id}
160 ]
161 })
162
163 assert "Unsupported state" =
164 hd(json_response_and_validate_schema(conn, :bad_request))["error"]
165 end
166
167 test "returns 404 when report is not exist", %{conn: conn} do
168 conn =
169 conn
170 |> put_req_header("content-type", "application/json")
171 |> patch("/api/pleroma/admin/reports", %{
172 "reports" => [
173 %{"state" => "closed", "id" => "test"}
174 ]
175 })
176
177 assert hd(json_response_and_validate_schema(conn, :bad_request))["error"] == "not_found"
178 end
179
180 test "updates state of multiple reports", %{
181 conn: conn,
182 id: id,
183 admin: admin,
184 second_report_id: second_report_id
185 } do
186 conn
187 |> put_req_header("content-type", "application/json")
188 |> patch("/api/pleroma/admin/reports", %{
189 "reports" => [
190 %{"state" => "resolved", "id" => id},
191 %{"state" => "closed", "id" => second_report_id}
192 ]
193 })
194 |> json_response_and_validate_schema(:no_content)
195
196 activity = Activity.get_by_id_with_user_actor(id)
197 second_activity = Activity.get_by_id_with_user_actor(second_report_id)
198 assert activity.data["state"] == "resolved"
199 assert second_activity.data["state"] == "closed"
200
201 [first_log_entry, second_log_entry] = Repo.all(ModerationLog)
202
203 assert ModerationLog.get_log_entry_message(first_log_entry) ==
204 "@#{admin.nickname} updated report ##{id} (on user @#{activity.user_actor.nickname}) with 'resolved' state"
205
206 assert ModerationLog.get_log_entry_message(second_log_entry) ==
207 "@#{admin.nickname} updated report ##{second_report_id} (on user @#{
208 second_activity.user_actor.nickname
209 }) with 'closed' state"
210 end
211 end
212
213 describe "GET /api/pleroma/admin/reports" do
214 test "returns empty response when no reports created", %{conn: conn} do
215 response =
216 conn
217 |> get(report_path(conn, :index))
218 |> json_response_and_validate_schema(:ok)
219
220 assert Enum.empty?(response["reports"])
221 assert response["total"] == 0
222 end
223
224 test "returns reports", %{conn: conn} do
225 [reporter, target_user] = insert_pair(:user)
226 activity = insert(:note_activity, user: target_user)
227
228 {:ok, %{id: report_id}} =
229 CommonAPI.report(reporter, %{
230 account_id: target_user.id,
231 comment: "I feel offended",
232 status_ids: [activity.id]
233 })
234
235 response =
236 conn
237 |> get(report_path(conn, :index))
238 |> json_response_and_validate_schema(:ok)
239
240 [report] = response["reports"]
241
242 assert length(response["reports"]) == 1
243 assert report["id"] == report_id
244
245 assert response["total"] == 1
246 end
247
248 test "returns reports with specified state", %{conn: conn} do
249 [reporter, target_user] = insert_pair(:user)
250 activity = insert(:note_activity, user: target_user)
251
252 {:ok, %{id: first_report_id}} =
253 CommonAPI.report(reporter, %{
254 account_id: target_user.id,
255 comment: "I feel offended",
256 status_ids: [activity.id]
257 })
258
259 {:ok, %{id: second_report_id}} =
260 CommonAPI.report(reporter, %{
261 account_id: target_user.id,
262 comment: "I don't like this user"
263 })
264
265 CommonAPI.update_report_state(second_report_id, "closed")
266
267 response =
268 conn
269 |> get(report_path(conn, :index, %{state: "open"}))
270 |> json_response_and_validate_schema(:ok)
271
272 assert [open_report] = response["reports"]
273
274 assert length(response["reports"]) == 1
275 assert open_report["id"] == first_report_id
276
277 assert response["total"] == 1
278
279 response =
280 conn
281 |> get(report_path(conn, :index, %{state: "closed"}))
282 |> json_response_and_validate_schema(:ok)
283
284 assert [closed_report] = response["reports"]
285
286 assert length(response["reports"]) == 1
287 assert closed_report["id"] == second_report_id
288
289 assert response["total"] == 1
290
291 assert %{"total" => 0, "reports" => []} ==
292 conn
293 |> get(report_path(conn, :index, %{state: "resolved"}))
294 |> json_response_and_validate_schema(:ok)
295 end
296
297 test "returns 403 when requested by a non-admin" do
298 user = insert(:user)
299 token = insert(:oauth_token, user: user)
300
301 conn =
302 build_conn()
303 |> assign(:user, user)
304 |> assign(:token, token)
305 |> get("/api/pleroma/admin/reports")
306
307 assert json_response(conn, :forbidden) ==
308 %{"error" => "User is not an admin."}
309 end
310
311 test "returns 403 when requested by anonymous" do
312 conn = get(build_conn(), "/api/pleroma/admin/reports")
313
314 assert json_response(conn, :forbidden) == %{
315 "error" => "Invalid credentials."
316 }
317 end
318 end
319
320 describe "POST /api/pleroma/admin/reports/:id/notes" do
321 setup %{conn: conn, admin: admin} do
322 [reporter, target_user] = insert_pair(:user)
323 activity = insert(:note_activity, user: target_user)
324
325 {:ok, %{id: report_id}} =
326 CommonAPI.report(reporter, %{
327 account_id: target_user.id,
328 comment: "I feel offended",
329 status_ids: [activity.id]
330 })
331
332 conn
333 |> put_req_header("content-type", "application/json")
334 |> post("/api/pleroma/admin/reports/#{report_id}/notes", %{
335 content: "this is disgusting!"
336 })
337
338 conn
339 |> put_req_header("content-type", "application/json")
340 |> post("/api/pleroma/admin/reports/#{report_id}/notes", %{
341 content: "this is disgusting2!"
342 })
343
344 %{
345 admin_id: admin.id,
346 report_id: report_id
347 }
348 end
349
350 test "it creates report note", %{admin_id: admin_id, report_id: report_id} do
351 assert [note, _] = Repo.all(ReportNote)
352
353 assert %{
354 activity_id: ^report_id,
355 content: "this is disgusting!",
356 user_id: ^admin_id
357 } = note
358 end
359
360 test "it returns reports with notes", %{conn: conn, admin: admin} do
361 conn = get(conn, "/api/pleroma/admin/reports")
362
363 response = json_response_and_validate_schema(conn, 200)
364 notes = hd(response["reports"])["notes"]
365 [note, _] = notes
366
367 assert note["user"]["nickname"] == admin.nickname
368 assert note["content"] == "this is disgusting!"
369 assert note["created_at"]
370 assert response["total"] == 1
371 end
372
373 test "it deletes the note", %{conn: conn, report_id: report_id} do
374 assert ReportNote |> Repo.all() |> length() == 2
375 assert [note, _] = Repo.all(ReportNote)
376
377 delete(conn, "/api/pleroma/admin/reports/#{report_id}/notes/#{note.id}")
378
379 assert ReportNote |> Repo.all() |> length() == 1
380 end
381 end
382 end