projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add compressed background
[akkoma] / test / web / admin_api / admin_api_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
7
8 alias Pleroma.User
9 alias Pleroma.UserInviteToken
10 import Pleroma.Factory
11
12 describe "/api/pleroma/admin/user" do
13 test "Delete" do
14 admin = insert(:user, info: %{is_admin: true})
15 user = insert(:user)
16
17 conn =
18 build_conn()
19 |> assign(:user, admin)
20 |> put_req_header("accept", "application/json")
21 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
22
23 assert json_response(conn, 200) == user.nickname
24 end
25
26 test "Create" do
27 admin = insert(:user, info: %{is_admin: true})
28
29 conn =
30 build_conn()
31 |> assign(:user, admin)
32 |> put_req_header("accept", "application/json")
33 |> post("/api/pleroma/admin/user", %{
34 "nickname" => "lain",
35 "email" => "lain@example.org",
36 "password" => "test"
37 })
38
39 assert json_response(conn, 200) == "lain"
40 end
41 end
42
43 describe "/api/pleroma/admin/users/:nickname" do
44 test "Show", %{conn: conn} do
45 admin = insert(:user, info: %{is_admin: true})
46 user = insert(:user)
47
48 conn =
49 conn
50 |> assign(:user, admin)
51 |> get("/api/pleroma/admin/users/#{user.nickname}")
52
53 expected = %{
54 "deactivated" => false,
55 "id" => to_string(user.id),
56 "local" => true,
57 "nickname" => user.nickname,
58 "roles" => %{"admin" => false, "moderator" => false},
59 "tags" => []
60 }
61
62 assert expected == json_response(conn, 200)
63 end
64
65 test "when the user doesn't exist", %{conn: conn} do
66 admin = insert(:user, info: %{is_admin: true})
67 user = build(:user)
68
69 conn =
70 conn
71 |> assign(:user, admin)
72 |> get("/api/pleroma/admin/users/#{user.nickname}")
73
74 assert "Not found" == json_response(conn, 404)
75 end
76 end
77
78 describe "/api/pleroma/admin/user/follow" do
79 test "allows to force-follow another user" do
80 admin = insert(:user, info: %{is_admin: true})
81 user = insert(:user)
82 follower = insert(:user)
83
84 build_conn()
85 |> assign(:user, admin)
86 |> put_req_header("accept", "application/json")
87 |> post("/api/pleroma/admin/user/follow", %{
88 "follower" => follower.nickname,
89 "followed" => user.nickname
90 })
91
92 user = User.get_by_id(user.id)
93 follower = User.get_by_id(follower.id)
94
95 assert User.following?(follower, user)
96 end
97 end
98
99 describe "/api/pleroma/admin/user/unfollow" do
100 test "allows to force-unfollow another user" do
101 admin = insert(:user, info: %{is_admin: true})
102 user = insert(:user)
103 follower = insert(:user)
104
105 User.follow(follower, user)
106
107 build_conn()
108 |> assign(:user, admin)
109 |> put_req_header("accept", "application/json")
110 |> post("/api/pleroma/admin/user/unfollow", %{
111 "follower" => follower.nickname,
112 "followed" => user.nickname
113 })
114
115 user = User.get_by_id(user.id)
116 follower = User.get_by_id(follower.id)
117
118 refute User.following?(follower, user)
119 end
120 end
121
122 describe "PUT /api/pleroma/admin/users/tag" do
123 setup do
124 admin = insert(:user, info: %{is_admin: true})
125 user1 = insert(:user, %{tags: ["x"]})
126 user2 = insert(:user, %{tags: ["y"]})
127 user3 = insert(:user, %{tags: ["unchanged"]})
128
129 conn =
130 build_conn()
131 |> assign(:user, admin)
132 |> put_req_header("accept", "application/json")
133 |> put(
134 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
135 user2.nickname
136 }&tags[]=foo&tags[]=bar"
137 )
138
139 %{conn: conn, user1: user1, user2: user2, user3: user3}
140 end
141
142 test "it appends specified tags to users with specified nicknames", %{
143 conn: conn,
144 user1: user1,
145 user2: user2
146 } do
147 assert json_response(conn, :no_content)
148 assert User.get_by_id(user1.id).tags == ["x", "foo", "bar"]
149 assert User.get_by_id(user2.id).tags == ["y", "foo", "bar"]
150 end
151
152 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
153 assert json_response(conn, :no_content)
154 assert User.get_by_id(user3.id).tags == ["unchanged"]
155 end
156 end
157
158 describe "DELETE /api/pleroma/admin/users/tag" do
159 setup do
160 admin = insert(:user, info: %{is_admin: true})
161 user1 = insert(:user, %{tags: ["x"]})
162 user2 = insert(:user, %{tags: ["y", "z"]})
163 user3 = insert(:user, %{tags: ["unchanged"]})
164
165 conn =
166 build_conn()
167 |> assign(:user, admin)
168 |> put_req_header("accept", "application/json")
169 |> delete(
170 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
171 user2.nickname
172 }&tags[]=x&tags[]=z"
173 )
174
175 %{conn: conn, user1: user1, user2: user2, user3: user3}
176 end
177
178 test "it removes specified tags from users with specified nicknames", %{
179 conn: conn,
180 user1: user1,
181 user2: user2
182 } do
183 assert json_response(conn, :no_content)
184 assert User.get_by_id(user1.id).tags == []
185 assert User.get_by_id(user2.id).tags == ["y"]
186 end
187
188 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
189 assert json_response(conn, :no_content)
190 assert User.get_by_id(user3.id).tags == ["unchanged"]
191 end
192 end
193
194 describe "/api/pleroma/admin/permission_group" do
195 test "GET is giving user_info" do
196 admin = insert(:user, info: %{is_admin: true})
197
198 conn =
199 build_conn()
200 |> assign(:user, admin)
201 |> put_req_header("accept", "application/json")
202 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
203
204 assert json_response(conn, 200) == %{
205 "is_admin" => true,
206 "is_moderator" => false
207 }
208 end
209
210 test "/:right POST, can add to a permission group" do
211 admin = insert(:user, info: %{is_admin: true})
212 user = insert(:user)
213
214 conn =
215 build_conn()
216 |> assign(:user, admin)
217 |> put_req_header("accept", "application/json")
218 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
219
220 assert json_response(conn, 200) == %{
221 "is_admin" => true
222 }
223 end
224
225 test "/:right DELETE, can remove from a permission group" do
226 admin = insert(:user, info: %{is_admin: true})
227 user = insert(:user, info: %{is_admin: true})
228
229 conn =
230 build_conn()
231 |> assign(:user, admin)
232 |> put_req_header("accept", "application/json")
233 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
234
235 assert json_response(conn, 200) == %{
236 "is_admin" => false
237 }
238 end
239 end
240
241 describe "PUT /api/pleroma/admin/activation_status" do
242 setup %{conn: conn} do
243 admin = insert(:user, info: %{is_admin: true})
244
245 conn =
246 conn
247 |> assign(:user, admin)
248 |> put_req_header("accept", "application/json")
249
250 %{conn: conn}
251 end
252
253 test "deactivates the user", %{conn: conn} do
254 user = insert(:user)
255
256 conn =
257 conn
258 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
259
260 user = User.get_by_id(user.id)
261 assert user.info.deactivated == true
262 assert json_response(conn, :no_content)
263 end
264
265 test "activates the user", %{conn: conn} do
266 user = insert(:user, info: %{deactivated: true})
267
268 conn =
269 conn
270 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
271
272 user = User.get_by_id(user.id)
273 assert user.info.deactivated == false
274 assert json_response(conn, :no_content)
275 end
276
277 test "returns 403 when requested by a non-admin", %{conn: conn} do
278 user = insert(:user)
279
280 conn =
281 conn
282 |> assign(:user, user)
283 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
284
285 assert json_response(conn, :forbidden)
286 end
287 end
288
289 describe "POST /api/pleroma/admin/email_invite, with valid config" do
290 setup do
291 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
292 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
293 Pleroma.Config.put([:instance, :registrations_open], false)
294 Pleroma.Config.put([:instance, :invites_enabled], true)
295
296 on_exit(fn ->
297 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
298 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
299 :ok
300 end)
301
302 [user: insert(:user, info: %{is_admin: true})]
303 end
304
305 test "sends invitation and returns 204", %{conn: conn, user: user} do
306 recipient_email = "foo@bar.com"
307 recipient_name = "J. D."
308
309 conn =
310 conn
311 |> assign(:user, user)
312 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
313
314 assert json_response(conn, :no_content)
315
316 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
317 assert token_record
318 refute token_record.used
319
320 Swoosh.TestAssertions.assert_email_sent(
321 Pleroma.Emails.UserEmail.user_invitation_email(
322 user,
323 token_record,
324 recipient_email,
325 recipient_name
326 )
327 )
328 end
329
330 test "it returns 403 if requested by a non-admin", %{conn: conn} do
331 non_admin_user = insert(:user)
332
333 conn =
334 conn
335 |> assign(:user, non_admin_user)
336 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
337
338 assert json_response(conn, :forbidden)
339 end
340 end
341
342 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
343 setup do
344 [user: insert(:user, info: %{is_admin: true})]
345 end
346
347 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
348 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
349 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
350 Pleroma.Config.put([:instance, :registrations_open], false)
351 Pleroma.Config.put([:instance, :invites_enabled], false)
352
353 on_exit(fn ->
354 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
355 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
356 :ok
357 end)
358
359 conn =
360 conn
361 |> assign(:user, user)
362 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
363
364 assert json_response(conn, :internal_server_error)
365 end
366
367 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
368 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
369 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
370 Pleroma.Config.put([:instance, :registrations_open], true)
371 Pleroma.Config.put([:instance, :invites_enabled], true)
372
373 on_exit(fn ->
374 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
375 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
376 :ok
377 end)
378
379 conn =
380 conn
381 |> assign(:user, user)
382 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
383
384 assert json_response(conn, :internal_server_error)
385 end
386 end
387
388 test "/api/pleroma/admin/invite_token" do
389 admin = insert(:user, info: %{is_admin: true})
390
391 conn =
392 build_conn()
393 |> assign(:user, admin)
394 |> put_req_header("accept", "application/json")
395 |> get("/api/pleroma/admin/invite_token")
396
397 assert conn.status == 200
398 end
399
400 test "/api/pleroma/admin/password_reset" do
401 admin = insert(:user, info: %{is_admin: true})
402 user = insert(:user)
403
404 conn =
405 build_conn()
406 |> assign(:user, admin)
407 |> put_req_header("accept", "application/json")
408 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
409
410 assert conn.status == 200
411 end
412
413 describe "GET /api/pleroma/admin/users" do
414 test "renders users array for the first page" do
415 admin = insert(:user, info: %{is_admin: true})
416 user = insert(:user, local: false, tags: ["foo", "bar"])
417
418 conn =
419 build_conn()
420 |> assign(:user, admin)
421 |> get("/api/pleroma/admin/users?page=1")
422
423 assert json_response(conn, 200) == %{
424 "count" => 2,
425 "page_size" => 50,
426 "users" => [
427 %{
428 "deactivated" => admin.info.deactivated,
429 "id" => admin.id,
430 "nickname" => admin.nickname,
431 "roles" => %{"admin" => true, "moderator" => false},
432 "local" => true,
433 "tags" => []
434 },
435 %{
436 "deactivated" => user.info.deactivated,
437 "id" => user.id,
438 "nickname" => user.nickname,
439 "roles" => %{"admin" => false, "moderator" => false},
440 "local" => false,
441 "tags" => ["foo", "bar"]
442 }
443 ]
444 }
445 end
446
447 test "renders empty array for the second page" do
448 admin = insert(:user, info: %{is_admin: true})
449 insert(:user)
450
451 conn =
452 build_conn()
453 |> assign(:user, admin)
454 |> get("/api/pleroma/admin/users?page=2")
455
456 assert json_response(conn, 200) == %{
457 "count" => 2,
458 "page_size" => 50,
459 "users" => []
460 }
461 end
462
463 test "regular search" do
464 admin = insert(:user, info: %{is_admin: true})
465 user = insert(:user, nickname: "bob")
466
467 conn =
468 build_conn()
469 |> assign(:user, admin)
470 |> get("/api/pleroma/admin/users?query=bo")
471
472 assert json_response(conn, 200) == %{
473 "count" => 1,
474 "page_size" => 50,
475 "users" => [
476 %{
477 "deactivated" => user.info.deactivated,
478 "id" => user.id,
479 "nickname" => user.nickname,
480 "roles" => %{"admin" => false, "moderator" => false},
481 "local" => true,
482 "tags" => []
483 }
484 ]
485 }
486 end
487
488 test "regular search with page size" do
489 admin = insert(:user, info: %{is_admin: true})
490 user = insert(:user, nickname: "aalice")
491 user2 = insert(:user, nickname: "alice")
492
493 conn =
494 build_conn()
495 |> assign(:user, admin)
496 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=1")
497
498 assert json_response(conn, 200) == %{
499 "count" => 2,
500 "page_size" => 1,
501 "users" => [
502 %{
503 "deactivated" => user.info.deactivated,
504 "id" => user.id,
505 "nickname" => user.nickname,
506 "roles" => %{"admin" => false, "moderator" => false},
507 "local" => true,
508 "tags" => []
509 }
510 ]
511 }
512
513 conn =
514 build_conn()
515 |> assign(:user, admin)
516 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=2")
517
518 assert json_response(conn, 200) == %{
519 "count" => 2,
520 "page_size" => 1,
521 "users" => [
522 %{
523 "deactivated" => user2.info.deactivated,
524 "id" => user2.id,
525 "nickname" => user2.nickname,
526 "roles" => %{"admin" => false, "moderator" => false},
527 "local" => true,
528 "tags" => []
529 }
530 ]
531 }
532 end
533
534 test "only local users" do
535 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
536 user = insert(:user, nickname: "bob")
537
538 insert(:user, nickname: "bobb", local: false)
539
540 conn =
541 build_conn()
542 |> assign(:user, admin)
543 |> get("/api/pleroma/admin/users?query=bo&filters=local")
544
545 assert json_response(conn, 200) == %{
546 "count" => 1,
547 "page_size" => 50,
548 "users" => [
549 %{
550 "deactivated" => user.info.deactivated,
551 "id" => user.id,
552 "nickname" => user.nickname,
553 "roles" => %{"admin" => false, "moderator" => false},
554 "local" => true,
555 "tags" => []
556 }
557 ]
558 }
559 end
560
561 test "only local users with no query" do
562 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
563 user = insert(:user, nickname: "bob")
564
565 insert(:user, nickname: "bobb", local: false)
566
567 conn =
568 build_conn()
569 |> assign(:user, admin)
570 |> get("/api/pleroma/admin/users?filters=local")
571
572 assert json_response(conn, 200) == %{
573 "count" => 2,
574 "page_size" => 50,
575 "users" => [
576 %{
577 "deactivated" => user.info.deactivated,
578 "id" => user.id,
579 "nickname" => user.nickname,
580 "roles" => %{"admin" => false, "moderator" => false},
581 "local" => true,
582 "tags" => []
583 },
584 %{
585 "deactivated" => admin.info.deactivated,
586 "id" => admin.id,
587 "nickname" => admin.nickname,
588 "roles" => %{"admin" => true, "moderator" => false},
589 "local" => true,
590 "tags" => []
591 }
592 ]
593 }
594 end
595
596 test "it works with multiple filters" do
597 admin = insert(:user, nickname: "john", info: %{is_admin: true})
598 user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
599
600 insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
601 insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
602
603 conn =
604 build_conn()
605 |> assign(:user, admin)
606 |> get("/api/pleroma/admin/users?filters=deactivated,external")
607
608 assert json_response(conn, 200) == %{
609 "count" => 1,
610 "page_size" => 50,
611 "users" => [
612 %{
613 "deactivated" => user.info.deactivated,
614 "id" => user.id,
615 "nickname" => user.nickname,
616 "roles" => %{"admin" => false, "moderator" => false},
617 "local" => user.local,
618 "tags" => []
619 }
620 ]
621 }
622 end
623 end
624
625 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
626 admin = insert(:user, info: %{is_admin: true})
627 user = insert(:user)
628
629 conn =
630 build_conn()
631 |> assign(:user, admin)
632 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
633
634 assert json_response(conn, 200) ==
635 %{
636 "deactivated" => !user.info.deactivated,
637 "id" => user.id,
638 "nickname" => user.nickname,
639 "roles" => %{"admin" => false, "moderator" => false},
640 "local" => true,
641 "tags" => []
642 }
643 end
644
645 describe "GET /api/pleroma/admin/invite_token" do
646 test "without options" do
647 admin = insert(:user, info: %{is_admin: true})
648
649 conn =
650 build_conn()
651 |> assign(:user, admin)
652 |> get("/api/pleroma/admin/invite_token")
653
654 token = json_response(conn, 200)
655 invite = UserInviteToken.find_by_token!(token)
656 refute invite.used
657 refute invite.expires_at
658 refute invite.max_use
659 assert invite.invite_type == "one_time"
660 end
661
662 test "with expires_at" do
663 admin = insert(:user, info: %{is_admin: true})
664
665 conn =
666 build_conn()
667 |> assign(:user, admin)
668 |> get("/api/pleroma/admin/invite_token", %{
669 "invite" => %{"expires_at" => Date.to_string(Date.utc_today())}
670 })
671
672 token = json_response(conn, 200)
673 invite = UserInviteToken.find_by_token!(token)
674
675 refute invite.used
676 assert invite.expires_at == Date.utc_today()
677 refute invite.max_use
678 assert invite.invite_type == "date_limited"
679 end
680
681 test "with max_use" do
682 admin = insert(:user, info: %{is_admin: true})
683
684 conn =
685 build_conn()
686 |> assign(:user, admin)
687 |> get("/api/pleroma/admin/invite_token", %{
688 "invite" => %{"max_use" => 150}
689 })
690
691 token = json_response(conn, 200)
692 invite = UserInviteToken.find_by_token!(token)
693 refute invite.used
694 refute invite.expires_at
695 assert invite.max_use == 150
696 assert invite.invite_type == "reusable"
697 end
698
699 test "with max use and expires_at" do
700 admin = insert(:user, info: %{is_admin: true})
701
702 conn =
703 build_conn()
704 |> assign(:user, admin)
705 |> get("/api/pleroma/admin/invite_token", %{
706 "invite" => %{"max_use" => 150, "expires_at" => Date.to_string(Date.utc_today())}
707 })
708
709 token = json_response(conn, 200)
710 invite = UserInviteToken.find_by_token!(token)
711 refute invite.used
712 assert invite.expires_at == Date.utc_today()
713 assert invite.max_use == 150
714 assert invite.invite_type == "reusable_date_limited"
715 end
716 end
717
718 describe "GET /api/pleroma/admin/invites" do
719 test "no invites" do
720 admin = insert(:user, info: %{is_admin: true})
721
722 conn =
723 build_conn()
724 |> assign(:user, admin)
725 |> get("/api/pleroma/admin/invites")
726
727 assert json_response(conn, 200) == %{"invites" => []}
728 end
729
730 test "with invite" do
731 admin = insert(:user, info: %{is_admin: true})
732 {:ok, invite} = UserInviteToken.create_invite()
733
734 conn =
735 build_conn()
736 |> assign(:user, admin)
737 |> get("/api/pleroma/admin/invites")
738
739 assert json_response(conn, 200) == %{
740 "invites" => [
741 %{
742 "expires_at" => nil,
743 "id" => invite.id,
744 "invite_type" => "one_time",
745 "max_use" => nil,
746 "token" => invite.token,
747 "used" => false,
748 "uses" => 0
749 }
750 ]
751 }
752 end
753 end
754
755 describe "POST /api/pleroma/admin/revoke_invite" do
756 test "with token" do
757 admin = insert(:user, info: %{is_admin: true})
758 {:ok, invite} = UserInviteToken.create_invite()
759
760 conn =
761 build_conn()
762 |> assign(:user, admin)
763 |> post("/api/pleroma/admin/revoke_invite", %{"token" => invite.token})
764
765 assert json_response(conn, 200) == %{
766 "expires_at" => nil,
767 "id" => invite.id,
768 "invite_type" => "one_time",
769 "max_use" => nil,
770 "token" => invite.token,
771 "used" => true,
772 "uses" => 0
773 }
774 end
775 end
776 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git