projects / akkoma / blob
? search:


9721a40342bad8cc9ca71fb41aeb42af59b035c0
[akkoma] / test / web / admin_api / admin_api_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
7
8 alias Pleroma.Activity
9 alias Pleroma.User
10 alias Pleroma.UserInviteToken
11 alias Pleroma.Web.CommonAPI
12 import Pleroma.Factory
13
14 describe "/api/pleroma/admin/users" do
15 test "Delete" do
16 admin = insert(:user, info: %{is_admin: true})
17 user = insert(:user)
18
19 conn =
20 build_conn()
21 |> assign(:user, admin)
22 |> put_req_header("accept", "application/json")
23 |> delete("/api/pleroma/admin/users?nickname=#{user.nickname}")
24
25 assert json_response(conn, 200) == user.nickname
26 end
27
28 test "Create" do
29 admin = insert(:user, info: %{is_admin: true})
30
31 conn =
32 build_conn()
33 |> assign(:user, admin)
34 |> put_req_header("accept", "application/json")
35 |> post("/api/pleroma/admin/users", %{
36 "users" => [
37 %{
38 "nickname" => "lain",
39 "email" => "lain@example.org",
40 "password" => "test"
41 },
42 %{
43 "nickname" => "lain2",
44 "email" => "lain2@example.org",
45 "password" => "test"
46 }
47 ]
48 })
49
50 assert json_response(conn, 200) == [
51 %{
52 "code" => 200,
53 "data" => %{
54 "email" => "lain@example.org",
55 "nickname" => "lain"
56 },
57 "type" => "success"
58 },
59 %{
60 "code" => 200,
61 "data" => %{
62 "email" => "lain2@example.org",
63 "nickname" => "lain2"
64 },
65 "type" => "success"
66 }
67 ]
68 end
69
70 test "Cannot create user with exisiting email" do
71 admin = insert(:user, info: %{is_admin: true})
72 user = insert(:user)
73
74 conn =
75 build_conn()
76 |> assign(:user, admin)
77 |> put_req_header("accept", "application/json")
78 |> post("/api/pleroma/admin/users", %{
79 "users" => [
80 %{
81 "nickname" => "lain",
82 "email" => user.email,
83 "password" => "test"
84 }
85 ]
86 })
87
88 assert json_response(conn, 409) == [
89 %{
90 "code" => 409,
91 "data" => %{
92 "email" => user.email,
93 "nickname" => "lain"
94 },
95 "error" => "email has already been taken",
96 "type" => "error"
97 }
98 ]
99 end
100
101 test "Cannot create user with exisiting nickname" do
102 admin = insert(:user, info: %{is_admin: true})
103 user = insert(:user)
104
105 conn =
106 build_conn()
107 |> assign(:user, admin)
108 |> put_req_header("accept", "application/json")
109 |> post("/api/pleroma/admin/users", %{
110 "users" => [
111 %{
112 "nickname" => user.nickname,
113 "email" => "someuser@plerama.social",
114 "password" => "test"
115 }
116 ]
117 })
118
119 assert json_response(conn, 409) == [
120 %{
121 "code" => 409,
122 "data" => %{
123 "email" => "someuser@plerama.social",
124 "nickname" => user.nickname
125 },
126 "error" => "nickname has already been taken",
127 "type" => "error"
128 }
129 ]
130 end
131
132 test "Multiple user creation works in transaction" do
133 admin = insert(:user, info: %{is_admin: true})
134 user = insert(:user)
135
136 conn =
137 build_conn()
138 |> assign(:user, admin)
139 |> put_req_header("accept", "application/json")
140 |> post("/api/pleroma/admin/users", %{
141 "users" => [
142 %{
143 "nickname" => "newuser",
144 "email" => "newuser@pleroma.social",
145 "password" => "test"
146 },
147 %{
148 "nickname" => "lain",
149 "email" => user.email,
150 "password" => "test"
151 }
152 ]
153 })
154
155 assert json_response(conn, 409) == [
156 %{
157 "code" => 409,
158 "data" => %{
159 "email" => user.email,
160 "nickname" => "lain"
161 },
162 "error" => "email has already been taken",
163 "type" => "error"
164 },
165 %{
166 "code" => 409,
167 "data" => %{
168 "email" => "newuser@pleroma.social",
169 "nickname" => "newuser"
170 },
171 "error" => "",
172 "type" => "error"
173 }
174 ]
175
176 assert User.get_by_nickname("newuser") === nil
177 end
178 end
179
180 describe "/api/pleroma/admin/users/:nickname" do
181 test "Show", %{conn: conn} do
182 admin = insert(:user, info: %{is_admin: true})
183 user = insert(:user)
184
185 conn =
186 conn
187 |> assign(:user, admin)
188 |> get("/api/pleroma/admin/users/#{user.nickname}")
189
190 expected = %{
191 "deactivated" => false,
192 "id" => to_string(user.id),
193 "local" => true,
194 "nickname" => user.nickname,
195 "roles" => %{"admin" => false, "moderator" => false},
196 "tags" => []
197 }
198
199 assert expected == json_response(conn, 200)
200 end
201
202 test "when the user doesn't exist", %{conn: conn} do
203 admin = insert(:user, info: %{is_admin: true})
204 user = build(:user)
205
206 conn =
207 conn
208 |> assign(:user, admin)
209 |> get("/api/pleroma/admin/users/#{user.nickname}")
210
211 assert "Not found" == json_response(conn, 404)
212 end
213 end
214
215 describe "/api/pleroma/admin/users/follow" do
216 test "allows to force-follow another user" do
217 admin = insert(:user, info: %{is_admin: true})
218 user = insert(:user)
219 follower = insert(:user)
220
221 build_conn()
222 |> assign(:user, admin)
223 |> put_req_header("accept", "application/json")
224 |> post("/api/pleroma/admin/users/follow", %{
225 "follower" => follower.nickname,
226 "followed" => user.nickname
227 })
228
229 user = User.get_cached_by_id(user.id)
230 follower = User.get_cached_by_id(follower.id)
231
232 assert User.following?(follower, user)
233 end
234 end
235
236 describe "/api/pleroma/admin/users/unfollow" do
237 test "allows to force-unfollow another user" do
238 admin = insert(:user, info: %{is_admin: true})
239 user = insert(:user)
240 follower = insert(:user)
241
242 User.follow(follower, user)
243
244 build_conn()
245 |> assign(:user, admin)
246 |> put_req_header("accept", "application/json")
247 |> post("/api/pleroma/admin/users/unfollow", %{
248 "follower" => follower.nickname,
249 "followed" => user.nickname
250 })
251
252 user = User.get_cached_by_id(user.id)
253 follower = User.get_cached_by_id(follower.id)
254
255 refute User.following?(follower, user)
256 end
257 end
258
259 describe "PUT /api/pleroma/admin/users/tag" do
260 setup do
261 admin = insert(:user, info: %{is_admin: true})
262 user1 = insert(:user, %{tags: ["x"]})
263 user2 = insert(:user, %{tags: ["y"]})
264 user3 = insert(:user, %{tags: ["unchanged"]})
265
266 conn =
267 build_conn()
268 |> assign(:user, admin)
269 |> put_req_header("accept", "application/json")
270 |> put(
271 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
272 user2.nickname
273 }&tags[]=foo&tags[]=bar"
274 )
275
276 %{conn: conn, user1: user1, user2: user2, user3: user3}
277 end
278
279 test "it appends specified tags to users with specified nicknames", %{
280 conn: conn,
281 user1: user1,
282 user2: user2
283 } do
284 assert json_response(conn, :no_content)
285 assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"]
286 assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"]
287 end
288
289 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
290 assert json_response(conn, :no_content)
291 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
292 end
293 end
294
295 describe "DELETE /api/pleroma/admin/users/tag" do
296 setup do
297 admin = insert(:user, info: %{is_admin: true})
298 user1 = insert(:user, %{tags: ["x"]})
299 user2 = insert(:user, %{tags: ["y", "z"]})
300 user3 = insert(:user, %{tags: ["unchanged"]})
301
302 conn =
303 build_conn()
304 |> assign(:user, admin)
305 |> put_req_header("accept", "application/json")
306 |> delete(
307 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
308 user2.nickname
309 }&tags[]=x&tags[]=z"
310 )
311
312 %{conn: conn, user1: user1, user2: user2, user3: user3}
313 end
314
315 test "it removes specified tags from users with specified nicknames", %{
316 conn: conn,
317 user1: user1,
318 user2: user2
319 } do
320 assert json_response(conn, :no_content)
321 assert User.get_cached_by_id(user1.id).tags == []
322 assert User.get_cached_by_id(user2.id).tags == ["y"]
323 end
324
325 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
326 assert json_response(conn, :no_content)
327 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
328 end
329 end
330
331 describe "/api/pleroma/admin/users/:nickname/permission_group" do
332 test "GET is giving user_info" do
333 admin = insert(:user, info: %{is_admin: true})
334
335 conn =
336 build_conn()
337 |> assign(:user, admin)
338 |> put_req_header("accept", "application/json")
339 |> get("/api/pleroma/admin/users/#{admin.nickname}/permission_group/")
340
341 assert json_response(conn, 200) == %{
342 "is_admin" => true,
343 "is_moderator" => false
344 }
345 end
346
347 test "/:right POST, can add to a permission group" do
348 admin = insert(:user, info: %{is_admin: true})
349 user = insert(:user)
350
351 conn =
352 build_conn()
353 |> assign(:user, admin)
354 |> put_req_header("accept", "application/json")
355 |> post("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
356
357 assert json_response(conn, 200) == %{
358 "is_admin" => true
359 }
360 end
361
362 test "/:right DELETE, can remove from a permission group" do
363 admin = insert(:user, info: %{is_admin: true})
364 user = insert(:user, info: %{is_admin: true})
365
366 conn =
367 build_conn()
368 |> assign(:user, admin)
369 |> put_req_header("accept", "application/json")
370 |> delete("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
371
372 assert json_response(conn, 200) == %{
373 "is_admin" => false
374 }
375 end
376 end
377
378 describe "PUT /api/pleroma/admin/users/:nickname/activation_status" do
379 setup %{conn: conn} do
380 admin = insert(:user, info: %{is_admin: true})
381
382 conn =
383 conn
384 |> assign(:user, admin)
385 |> put_req_header("accept", "application/json")
386
387 %{conn: conn}
388 end
389
390 test "deactivates the user", %{conn: conn} do
391 user = insert(:user)
392
393 conn =
394 conn
395 |> put("/api/pleroma/admin/users/#{user.nickname}/activation_status", %{status: false})
396
397 user = User.get_cached_by_id(user.id)
398 assert user.info.deactivated == true
399 assert json_response(conn, :no_content)
400 end
401
402 test "activates the user", %{conn: conn} do
403 user = insert(:user, info: %{deactivated: true})
404
405 conn =
406 conn
407 |> put("/api/pleroma/admin/users/#{user.nickname}/activation_status", %{status: true})
408
409 user = User.get_cached_by_id(user.id)
410 assert user.info.deactivated == false
411 assert json_response(conn, :no_content)
412 end
413
414 test "returns 403 when requested by a non-admin", %{conn: conn} do
415 user = insert(:user)
416
417 conn =
418 conn
419 |> assign(:user, user)
420 |> put("/api/pleroma/admin/users/#{user.nickname}/activation_status", %{status: false})
421
422 assert json_response(conn, :forbidden)
423 end
424 end
425
426 describe "POST /api/pleroma/admin/email_invite, with valid config" do
427 setup do
428 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
429 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
430 Pleroma.Config.put([:instance, :registrations_open], false)
431 Pleroma.Config.put([:instance, :invites_enabled], true)
432
433 on_exit(fn ->
434 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
435 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
436 :ok
437 end)
438
439 [user: insert(:user, info: %{is_admin: true})]
440 end
441
442 test "sends invitation and returns 204", %{conn: conn, user: user} do
443 recipient_email = "foo@bar.com"
444 recipient_name = "J. D."
445
446 conn =
447 conn
448 |> assign(:user, user)
449 |> post(
450 "/api/pleroma/admin/users/email_invite?email=#{recipient_email}&name=#{recipient_name}"
451 )
452
453 assert json_response(conn, :no_content)
454
455 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
456 assert token_record
457 refute token_record.used
458
459 notify_email = Pleroma.Config.get([:instance, :notify_email])
460 instance_name = Pleroma.Config.get([:instance, :name])
461
462 email =
463 Pleroma.Emails.UserEmail.user_invitation_email(
464 user,
465 token_record,
466 recipient_email,
467 recipient_name
468 )
469
470 Swoosh.TestAssertions.assert_email_sent(
471 from: {instance_name, notify_email},
472 to: {recipient_name, recipient_email},
473 html_body: email.html_body
474 )
475 end
476
477 test "it returns 403 if requested by a non-admin", %{conn: conn} do
478 non_admin_user = insert(:user)
479
480 conn =
481 conn
482 |> assign(:user, non_admin_user)
483 |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD")
484
485 assert json_response(conn, :forbidden)
486 end
487 end
488
489 describe "POST /api/pleroma/admin/users/email_invite, with invalid config" do
490 setup do
491 [user: insert(:user, info: %{is_admin: true})]
492 end
493
494 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
495 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
496 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
497 Pleroma.Config.put([:instance, :registrations_open], false)
498 Pleroma.Config.put([:instance, :invites_enabled], false)
499
500 on_exit(fn ->
501 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
502 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
503 :ok
504 end)
505
506 conn =
507 conn
508 |> assign(:user, user)
509 |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD")
510
511 assert json_response(conn, :internal_server_error)
512 end
513
514 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
515 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
516 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
517 Pleroma.Config.put([:instance, :registrations_open], true)
518 Pleroma.Config.put([:instance, :invites_enabled], true)
519
520 on_exit(fn ->
521 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
522 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
523 :ok
524 end)
525
526 conn =
527 conn
528 |> assign(:user, user)
529 |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD")
530
531 assert json_response(conn, :internal_server_error)
532 end
533 end
534
535 test "/api/pleroma/admin/users/invite_token" do
536 admin = insert(:user, info: %{is_admin: true})
537
538 conn =
539 build_conn()
540 |> assign(:user, admin)
541 |> put_req_header("accept", "application/json")
542 |> get("/api/pleroma/admin/users/invite_token")
543
544 assert conn.status == 200
545 end
546
547 test "/api/pleroma/admin/users/:nickname/password_reset" do
548 admin = insert(:user, info: %{is_admin: true})
549 user = insert(:user)
550
551 conn =
552 build_conn()
553 |> assign(:user, admin)
554 |> put_req_header("accept", "application/json")
555 |> get("/api/pleroma/admin/users/#{user.nickname}/password_reset")
556
557 assert conn.status == 200
558 end
559
560 describe "GET /api/pleroma/admin/users" do
561 setup do
562 admin = insert(:user, info: %{is_admin: true})
563
564 conn =
565 build_conn()
566 |> assign(:user, admin)
567
568 {:ok, conn: conn, admin: admin}
569 end
570
571 test "renders users array for the first page", %{conn: conn, admin: admin} do
572 user = insert(:user, local: false, tags: ["foo", "bar"])
573 conn = get(conn, "/api/pleroma/admin/users?page=1")
574
575 users =
576 [
577 %{
578 "deactivated" => admin.info.deactivated,
579 "id" => admin.id,
580 "nickname" => admin.nickname,
581 "roles" => %{"admin" => true, "moderator" => false},
582 "local" => true,
583 "tags" => []
584 },
585 %{
586 "deactivated" => user.info.deactivated,
587 "id" => user.id,
588 "nickname" => user.nickname,
589 "roles" => %{"admin" => false, "moderator" => false},
590 "local" => false,
591 "tags" => ["foo", "bar"]
592 }
593 ]
594 |> Enum.sort_by(& &1["nickname"])
595
596 assert json_response(conn, 200) == %{
597 "count" => 2,
598 "page_size" => 50,
599 "users" => users
600 }
601 end
602
603 test "renders empty array for the second page", %{conn: conn} do
604 insert(:user)
605
606 conn = get(conn, "/api/pleroma/admin/users?page=2")
607
608 assert json_response(conn, 200) == %{
609 "count" => 2,
610 "page_size" => 50,
611 "users" => []
612 }
613 end
614
615 test "regular search", %{conn: conn} do
616 user = insert(:user, nickname: "bob")
617
618 conn = get(conn, "/api/pleroma/admin/users?query=bo")
619
620 assert json_response(conn, 200) == %{
621 "count" => 1,
622 "page_size" => 50,
623 "users" => [
624 %{
625 "deactivated" => user.info.deactivated,
626 "id" => user.id,
627 "nickname" => user.nickname,
628 "roles" => %{"admin" => false, "moderator" => false},
629 "local" => true,
630 "tags" => []
631 }
632 ]
633 }
634 end
635
636 test "search by domain", %{conn: conn} do
637 user = insert(:user, nickname: "nickname@domain.com")
638 insert(:user)
639
640 conn = get(conn, "/api/pleroma/admin/users?query=domain.com")
641
642 assert json_response(conn, 200) == %{
643 "count" => 1,
644 "page_size" => 50,
645 "users" => [
646 %{
647 "deactivated" => user.info.deactivated,
648 "id" => user.id,
649 "nickname" => user.nickname,
650 "roles" => %{"admin" => false, "moderator" => false},
651 "local" => true,
652 "tags" => []
653 }
654 ]
655 }
656 end
657
658 test "search by full nickname", %{conn: conn} do
659 user = insert(:user, nickname: "nickname@domain.com")
660 insert(:user)
661
662 conn = get(conn, "/api/pleroma/admin/users?query=nickname@domain.com")
663
664 assert json_response(conn, 200) == %{
665 "count" => 1,
666 "page_size" => 50,
667 "users" => [
668 %{
669 "deactivated" => user.info.deactivated,
670 "id" => user.id,
671 "nickname" => user.nickname,
672 "roles" => %{"admin" => false, "moderator" => false},
673 "local" => true,
674 "tags" => []
675 }
676 ]
677 }
678 end
679
680 test "search by display name", %{conn: conn} do
681 user = insert(:user, name: "Display name")
682 insert(:user)
683
684 conn = get(conn, "/api/pleroma/admin/users?name=display")
685
686 assert json_response(conn, 200) == %{
687 "count" => 1,
688 "page_size" => 50,
689 "users" => [
690 %{
691 "deactivated" => user.info.deactivated,
692 "id" => user.id,
693 "nickname" => user.nickname,
694 "roles" => %{"admin" => false, "moderator" => false},
695 "local" => true,
696 "tags" => []
697 }
698 ]
699 }
700 end
701
702 test "search by email", %{conn: conn} do
703 user = insert(:user, email: "email@example.com")
704 insert(:user)
705
706 conn = get(conn, "/api/pleroma/admin/users?email=email@example.com")
707
708 assert json_response(conn, 200) == %{
709 "count" => 1,
710 "page_size" => 50,
711 "users" => [
712 %{
713 "deactivated" => user.info.deactivated,
714 "id" => user.id,
715 "nickname" => user.nickname,
716 "roles" => %{"admin" => false, "moderator" => false},
717 "local" => true,
718 "tags" => []
719 }
720 ]
721 }
722 end
723
724 test "regular search with page size", %{conn: conn} do
725 user = insert(:user, nickname: "aalice")
726 user2 = insert(:user, nickname: "alice")
727
728 conn1 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=1")
729
730 assert json_response(conn1, 200) == %{
731 "count" => 2,
732 "page_size" => 1,
733 "users" => [
734 %{
735 "deactivated" => user.info.deactivated,
736 "id" => user.id,
737 "nickname" => user.nickname,
738 "roles" => %{"admin" => false, "moderator" => false},
739 "local" => true,
740 "tags" => []
741 }
742 ]
743 }
744
745 conn2 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=2")
746
747 assert json_response(conn2, 200) == %{
748 "count" => 2,
749 "page_size" => 1,
750 "users" => [
751 %{
752 "deactivated" => user2.info.deactivated,
753 "id" => user2.id,
754 "nickname" => user2.nickname,
755 "roles" => %{"admin" => false, "moderator" => false},
756 "local" => true,
757 "tags" => []
758 }
759 ]
760 }
761 end
762
763 test "only local users" do
764 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
765 user = insert(:user, nickname: "bob")
766
767 insert(:user, nickname: "bobb", local: false)
768
769 conn =
770 build_conn()
771 |> assign(:user, admin)
772 |> get("/api/pleroma/admin/users?query=bo&filters=local")
773
774 assert json_response(conn, 200) == %{
775 "count" => 1,
776 "page_size" => 50,
777 "users" => [
778 %{
779 "deactivated" => user.info.deactivated,
780 "id" => user.id,
781 "nickname" => user.nickname,
782 "roles" => %{"admin" => false, "moderator" => false},
783 "local" => true,
784 "tags" => []
785 }
786 ]
787 }
788 end
789
790 test "only local users with no query", %{admin: old_admin} do
791 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
792 user = insert(:user, nickname: "bob")
793
794 insert(:user, nickname: "bobb", local: false)
795
796 conn =
797 build_conn()
798 |> assign(:user, admin)
799 |> get("/api/pleroma/admin/users?filters=local")
800
801 users =
802 [
803 %{
804 "deactivated" => user.info.deactivated,
805 "id" => user.id,
806 "nickname" => user.nickname,
807 "roles" => %{"admin" => false, "moderator" => false},
808 "local" => true,
809 "tags" => []
810 },
811 %{
812 "deactivated" => admin.info.deactivated,
813 "id" => admin.id,
814 "nickname" => admin.nickname,
815 "roles" => %{"admin" => true, "moderator" => false},
816 "local" => true,
817 "tags" => []
818 },
819 %{
820 "deactivated" => false,
821 "id" => old_admin.id,
822 "local" => true,
823 "nickname" => old_admin.nickname,
824 "roles" => %{"admin" => true, "moderator" => false},
825 "tags" => []
826 }
827 ]
828 |> Enum.sort_by(& &1["nickname"])
829
830 assert json_response(conn, 200) == %{
831 "count" => 3,
832 "page_size" => 50,
833 "users" => users
834 }
835 end
836
837 test "load only admins", %{conn: conn, admin: admin} do
838 second_admin = insert(:user, info: %{is_admin: true})
839 insert(:user)
840 insert(:user)
841
842 conn = get(conn, "/api/pleroma/admin/users?filters=is_admin")
843
844 users =
845 [
846 %{
847 "deactivated" => false,
848 "id" => admin.id,
849 "nickname" => admin.nickname,
850 "roles" => %{"admin" => true, "moderator" => false},
851 "local" => admin.local,
852 "tags" => []
853 },
854 %{
855 "deactivated" => false,
856 "id" => second_admin.id,
857 "nickname" => second_admin.nickname,
858 "roles" => %{"admin" => true, "moderator" => false},
859 "local" => second_admin.local,
860 "tags" => []
861 }
862 ]
863 |> Enum.sort_by(& &1["nickname"])
864
865 assert json_response(conn, 200) == %{
866 "count" => 2,
867 "page_size" => 50,
868 "users" => users
869 }
870 end
871
872 test "load only moderators", %{conn: conn} do
873 moderator = insert(:user, info: %{is_moderator: true})
874 insert(:user)
875 insert(:user)
876
877 conn = get(conn, "/api/pleroma/admin/users?filters=is_moderator")
878
879 assert json_response(conn, 200) == %{
880 "count" => 1,
881 "page_size" => 50,
882 "users" => [
883 %{
884 "deactivated" => false,
885 "id" => moderator.id,
886 "nickname" => moderator.nickname,
887 "roles" => %{"admin" => false, "moderator" => true},
888 "local" => moderator.local,
889 "tags" => []
890 }
891 ]
892 }
893 end
894
895 test "load users with tags list", %{conn: conn} do
896 user1 = insert(:user, tags: ["first"])
897 user2 = insert(:user, tags: ["second"])
898 insert(:user)
899 insert(:user)
900
901 conn = get(conn, "/api/pleroma/admin/users?tags[]=first&tags[]=second")
902
903 users =
904 [
905 %{
906 "deactivated" => false,
907 "id" => user1.id,
908 "nickname" => user1.nickname,
909 "roles" => %{"admin" => false, "moderator" => false},
910 "local" => user1.local,
911 "tags" => ["first"]
912 },
913 %{
914 "deactivated" => false,
915 "id" => user2.id,
916 "nickname" => user2.nickname,
917 "roles" => %{"admin" => false, "moderator" => false},
918 "local" => user2.local,
919 "tags" => ["second"]
920 }
921 ]
922 |> Enum.sort_by(& &1["nickname"])
923
924 assert json_response(conn, 200) == %{
925 "count" => 2,
926 "page_size" => 50,
927 "users" => users
928 }
929 end
930
931 test "it works with multiple filters" do
932 admin = insert(:user, nickname: "john", info: %{is_admin: true})
933 user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
934
935 insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
936 insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
937
938 conn =
939 build_conn()
940 |> assign(:user, admin)
941 |> get("/api/pleroma/admin/users?filters=deactivated,external")
942
943 assert json_response(conn, 200) == %{
944 "count" => 1,
945 "page_size" => 50,
946 "users" => [
947 %{
948 "deactivated" => user.info.deactivated,
949 "id" => user.id,
950 "nickname" => user.nickname,
951 "roles" => %{"admin" => false, "moderator" => false},
952 "local" => user.local,
953 "tags" => []
954 }
955 ]
956 }
957 end
958 end
959
960 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
961 admin = insert(:user, info: %{is_admin: true})
962 user = insert(:user)
963
964 conn =
965 build_conn()
966 |> assign(:user, admin)
967 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
968
969 assert json_response(conn, 200) ==
970 %{
971 "deactivated" => !user.info.deactivated,
972 "id" => user.id,
973 "nickname" => user.nickname,
974 "roles" => %{"admin" => false, "moderator" => false},
975 "local" => true,
976 "tags" => []
977 }
978 end
979
980 describe "GET /api/pleroma/admin/users/invite_token" do
981 setup do
982 admin = insert(:user, info: %{is_admin: true})
983
984 conn =
985 build_conn()
986 |> assign(:user, admin)
987
988 {:ok, conn: conn}
989 end
990
991 test "without options", %{conn: conn} do
992 conn = get(conn, "/api/pleroma/admin/users/invite_token")
993
994 token = json_response(conn, 200)
995 invite = UserInviteToken.find_by_token!(token)
996 refute invite.used
997 refute invite.expires_at
998 refute invite.max_use
999 assert invite.invite_type == "one_time"
1000 end
1001
1002 test "with expires_at", %{conn: conn} do
1003 conn =
1004 get(conn, "/api/pleroma/admin/users/invite_token", %{
1005 "invite" => %{"expires_at" => Date.to_string(Date.utc_today())}
1006 })
1007
1008 token = json_response(conn, 200)
1009 invite = UserInviteToken.find_by_token!(token)
1010
1011 refute invite.used
1012 assert invite.expires_at == Date.utc_today()
1013 refute invite.max_use
1014 assert invite.invite_type == "date_limited"
1015 end
1016
1017 test "with max_use", %{conn: conn} do
1018 conn =
1019 get(conn, "/api/pleroma/admin/users/invite_token", %{
1020 "invite" => %{"max_use" => 150}
1021 })
1022
1023 token = json_response(conn, 200)
1024 invite = UserInviteToken.find_by_token!(token)
1025 refute invite.used
1026 refute invite.expires_at
1027 assert invite.max_use == 150
1028 assert invite.invite_type == "reusable"
1029 end
1030
1031 test "with max use and expires_at", %{conn: conn} do
1032 conn =
1033 get(conn, "/api/pleroma/admin/users/invite_token", %{
1034 "invite" => %{"max_use" => 150, "expires_at" => Date.to_string(Date.utc_today())}
1035 })
1036
1037 token = json_response(conn, 200)
1038 invite = UserInviteToken.find_by_token!(token)
1039 refute invite.used
1040 assert invite.expires_at == Date.utc_today()
1041 assert invite.max_use == 150
1042 assert invite.invite_type == "reusable_date_limited"
1043 end
1044 end
1045
1046 describe "GET /api/pleroma/admin/users/invites" do
1047 setup do
1048 admin = insert(:user, info: %{is_admin: true})
1049
1050 conn =
1051 build_conn()
1052 |> assign(:user, admin)
1053
1054 {:ok, conn: conn}
1055 end
1056
1057 test "no invites", %{conn: conn} do
1058 conn = get(conn, "/api/pleroma/admin/users/invites")
1059
1060 assert json_response(conn, 200) == %{"invites" => []}
1061 end
1062
1063 test "with invite", %{conn: conn} do
1064 {:ok, invite} = UserInviteToken.create_invite()
1065
1066 conn = get(conn, "/api/pleroma/admin/users/invites")
1067
1068 assert json_response(conn, 200) == %{
1069 "invites" => [
1070 %{
1071 "expires_at" => nil,
1072 "id" => invite.id,
1073 "invite_type" => "one_time",
1074 "max_use" => nil,
1075 "token" => invite.token,
1076 "used" => false,
1077 "uses" => 0
1078 }
1079 ]
1080 }
1081 end
1082 end
1083
1084 describe "POST /api/pleroma/admin/users/revoke_invite" do
1085 test "with token" do
1086 admin = insert(:user, info: %{is_admin: true})
1087 {:ok, invite} = UserInviteToken.create_invite()
1088
1089 conn =
1090 build_conn()
1091 |> assign(:user, admin)
1092 |> post("/api/pleroma/admin/users/revoke_invite", %{"token" => invite.token})
1093
1094 assert json_response(conn, 200) == %{
1095 "expires_at" => nil,
1096 "id" => invite.id,
1097 "invite_type" => "one_time",
1098 "max_use" => nil,
1099 "token" => invite.token,
1100 "used" => true,
1101 "uses" => 0
1102 }
1103 end
1104 end
1105
1106 describe "GET /api/pleroma/admin/reports/:id" do
1107 setup %{conn: conn} do
1108 admin = insert(:user, info: %{is_admin: true})
1109
1110 %{conn: assign(conn, :user, admin)}
1111 end
1112
1113 test "returns report by its id", %{conn: conn} do
1114 [reporter, target_user] = insert_pair(:user)
1115 activity = insert(:note_activity, user: target_user)
1116
1117 {:ok, %{id: report_id}} =
1118 CommonAPI.report(reporter, %{
1119 "account_id" => target_user.id,
1120 "comment" => "I feel offended",
1121 "status_ids" => [activity.id]
1122 })
1123
1124 response =
1125 conn
1126 |> get("/api/pleroma/admin/reports/#{report_id}")
1127 |> json_response(:ok)
1128
1129 assert response["id"] == report_id
1130 end
1131
1132 test "returns 404 when report id is invalid", %{conn: conn} do
1133 conn = get(conn, "/api/pleroma/admin/reports/test")
1134
1135 assert json_response(conn, :not_found) == "Not found"
1136 end
1137 end
1138
1139 describe "PUT /api/pleroma/admin/reports/:id" do
1140 setup %{conn: conn} do
1141 admin = insert(:user, info: %{is_admin: true})
1142 [reporter, target_user] = insert_pair(:user)
1143 activity = insert(:note_activity, user: target_user)
1144
1145 {:ok, %{id: report_id}} =
1146 CommonAPI.report(reporter, %{
1147 "account_id" => target_user.id,
1148 "comment" => "I feel offended",
1149 "status_ids" => [activity.id]
1150 })
1151
1152 %{conn: assign(conn, :user, admin), id: report_id}
1153 end
1154
1155 test "mark report as resolved", %{conn: conn, id: id} do
1156 response =
1157 conn
1158 |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "resolved"})
1159 |> json_response(:ok)
1160
1161 assert response["state"] == "resolved"
1162 end
1163
1164 test "closes report", %{conn: conn, id: id} do
1165 response =
1166 conn
1167 |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "closed"})
1168 |> json_response(:ok)
1169
1170 assert response["state"] == "closed"
1171 end
1172
1173 test "returns 400 when state is unknown", %{conn: conn, id: id} do
1174 conn =
1175 conn
1176 |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "test"})
1177
1178 assert json_response(conn, :bad_request) == "Unsupported state"
1179 end
1180
1181 test "returns 404 when report is not exist", %{conn: conn} do
1182 conn =
1183 conn
1184 |> put("/api/pleroma/admin/reports/test", %{"state" => "closed"})
1185
1186 assert json_response(conn, :not_found) == "Not found"
1187 end
1188 end
1189
1190 describe "GET /api/pleroma/admin/reports" do
1191 setup %{conn: conn} do
1192 admin = insert(:user, info: %{is_admin: true})
1193
1194 %{conn: assign(conn, :user, admin)}
1195 end
1196
1197 test "returns empty response when no reports created", %{conn: conn} do
1198 response =
1199 conn
1200 |> get("/api/pleroma/admin/reports")
1201 |> json_response(:ok)
1202
1203 assert Enum.empty?(response["reports"])
1204 end
1205
1206 test "returns reports", %{conn: conn} do
1207 [reporter, target_user] = insert_pair(:user)
1208 activity = insert(:note_activity, user: target_user)
1209
1210 {:ok, %{id: report_id}} =
1211 CommonAPI.report(reporter, %{
1212 "account_id" => target_user.id,
1213 "comment" => "I feel offended",
1214 "status_ids" => [activity.id]
1215 })
1216
1217 response =
1218 conn
1219 |> get("/api/pleroma/admin/reports")
1220 |> json_response(:ok)
1221
1222 [report] = response["reports"]
1223
1224 assert length(response["reports"]) == 1
1225 assert report["id"] == report_id
1226 end
1227
1228 test "returns reports with specified state", %{conn: conn} do
1229 [reporter, target_user] = insert_pair(:user)
1230 activity = insert(:note_activity, user: target_user)
1231
1232 {:ok, %{id: first_report_id}} =
1233 CommonAPI.report(reporter, %{
1234 "account_id" => target_user.id,
1235 "comment" => "I feel offended",
1236 "status_ids" => [activity.id]
1237 })
1238
1239 {:ok, %{id: second_report_id}} =
1240 CommonAPI.report(reporter, %{
1241 "account_id" => target_user.id,
1242 "comment" => "I don't like this user"
1243 })
1244
1245 CommonAPI.update_report_state(second_report_id, "closed")
1246
1247 response =
1248 conn
1249 |> get("/api/pleroma/admin/reports", %{
1250 "state" => "open"
1251 })
1252 |> json_response(:ok)
1253
1254 [open_report] = response["reports"]
1255
1256 assert length(response["reports"]) == 1
1257 assert open_report["id"] == first_report_id
1258
1259 response =
1260 conn
1261 |> get("/api/pleroma/admin/reports", %{
1262 "state" => "closed"
1263 })
1264 |> json_response(:ok)
1265
1266 [closed_report] = response["reports"]
1267
1268 assert length(response["reports"]) == 1
1269 assert closed_report["id"] == second_report_id
1270
1271 response =
1272 conn
1273 |> get("/api/pleroma/admin/reports", %{
1274 "state" => "resolved"
1275 })
1276 |> json_response(:ok)
1277
1278 assert Enum.empty?(response["reports"])
1279 end
1280
1281 test "returns 403 when requested by a non-admin" do
1282 user = insert(:user)
1283
1284 conn =
1285 build_conn()
1286 |> assign(:user, user)
1287 |> get("/api/pleroma/admin/reports")
1288
1289 assert json_response(conn, :forbidden) == %{"error" => "User is not admin."}
1290 end
1291
1292 test "returns 403 when requested by anonymous" do
1293 conn =
1294 build_conn()
1295 |> get("/api/pleroma/admin/reports")
1296
1297 assert json_response(conn, :forbidden) == %{"error" => "Invalid credentials."}
1298 end
1299 end
1300
1301 describe "POST /api/pleroma/admin/reports/:id/respond" do
1302 setup %{conn: conn} do
1303 admin = insert(:user, info: %{is_admin: true})
1304
1305 %{conn: assign(conn, :user, admin)}
1306 end
1307
1308 test "returns created dm", %{conn: conn} do
1309 [reporter, target_user] = insert_pair(:user)
1310 activity = insert(:note_activity, user: target_user)
1311
1312 {:ok, %{id: report_id}} =
1313 CommonAPI.report(reporter, %{
1314 "account_id" => target_user.id,
1315 "comment" => "I feel offended",
1316 "status_ids" => [activity.id]
1317 })
1318
1319 response =
1320 conn
1321 |> post("/api/pleroma/admin/reports/#{report_id}/respond", %{
1322 "status" => "I will check it out"
1323 })
1324 |> json_response(:ok)
1325
1326 recipients = Enum.map(response["mentions"], & &1["username"])
1327
1328 assert conn.assigns[:user].nickname in recipients
1329 assert reporter.nickname in recipients
1330 assert response["content"] == "I will check it out"
1331 assert response["visibility"] == "direct"
1332 end
1333
1334 test "returns 400 when status is missing", %{conn: conn} do
1335 conn = post(conn, "/api/pleroma/admin/reports/test/respond")
1336
1337 assert json_response(conn, :bad_request) == "Invalid parameters"
1338 end
1339
1340 test "returns 404 when report id is invalid", %{conn: conn} do
1341 conn =
1342 post(conn, "/api/pleroma/admin/reports/test/respond", %{
1343 "status" => "foo"
1344 })
1345
1346 assert json_response(conn, :not_found) == "Not found"
1347 end
1348 end
1349
1350 describe "PUT /api/pleroma/admin/statuses/:id" do
1351 setup %{conn: conn} do
1352 admin = insert(:user, info: %{is_admin: true})
1353 activity = insert(:note_activity)
1354
1355 %{conn: assign(conn, :user, admin), id: activity.id}
1356 end
1357
1358 test "toggle sensitive flag", %{conn: conn, id: id} do
1359 response =
1360 conn
1361 |> put("/api/pleroma/admin/statuses/#{id}", %{"sensitive" => "true"})
1362 |> json_response(:ok)
1363
1364 assert response["sensitive"]
1365
1366 response =
1367 conn
1368 |> put("/api/pleroma/admin/statuses/#{id}", %{"sensitive" => "false"})
1369 |> json_response(:ok)
1370
1371 refute response["sensitive"]
1372 end
1373
1374 test "change visibility flag", %{conn: conn, id: id} do
1375 response =
1376 conn
1377 |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "public"})
1378 |> json_response(:ok)
1379
1380 assert response["visibility"] == "public"
1381
1382 response =
1383 conn
1384 |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "private"})
1385 |> json_response(:ok)
1386
1387 assert response["visibility"] == "private"
1388
1389 response =
1390 conn
1391 |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "unlisted"})
1392 |> json_response(:ok)
1393
1394 assert response["visibility"] == "unlisted"
1395 end
1396
1397 test "returns 400 when visibility is unknown", %{conn: conn, id: id} do
1398 conn =
1399 conn
1400 |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "test"})
1401
1402 assert json_response(conn, :bad_request) == "Unsupported visibility"
1403 end
1404 end
1405
1406 describe "DELETE /api/pleroma/admin/statuses/:id" do
1407 setup %{conn: conn} do
1408 admin = insert(:user, info: %{is_admin: true})
1409 activity = insert(:note_activity)
1410
1411 %{conn: assign(conn, :user, admin), id: activity.id}
1412 end
1413
1414 test "deletes status", %{conn: conn, id: id} do
1415 conn
1416 |> delete("/api/pleroma/admin/statuses/#{id}")
1417 |> json_response(:ok)
1418
1419 refute Activity.get_by_id(id)
1420 end
1421
1422 test "returns error when status is not exist", %{conn: conn} do
1423 conn =
1424 conn
1425 |> delete("/api/pleroma/admin/statuses/test")
1426
1427 assert json_response(conn, :bad_request) == "Could not delete"
1428 end
1429 end
1430 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git