projects / akkoma / blob
? search:


9c1cae6b76a4a0e396e34662fc2f7768d1430e4a
[akkoma] / test / web / admin_api / admin_api_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
7
8 alias Pleroma.User
9 import Pleroma.Factory
10
11 describe "/api/pleroma/admin/user" do
12 test "Delete" do
13 admin = insert(:user, info: %{is_admin: true})
14 user = insert(:user)
15
16 conn =
17 build_conn()
18 |> assign(:user, admin)
19 |> put_req_header("accept", "application/json")
20 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
21
22 assert json_response(conn, 200) == user.nickname
23 end
24
25 test "Create" do
26 admin = insert(:user, info: %{is_admin: true})
27
28 conn =
29 build_conn()
30 |> assign(:user, admin)
31 |> put_req_header("accept", "application/json")
32 |> post("/api/pleroma/admin/user", %{
33 "nickname" => "lain",
34 "email" => "lain@example.org",
35 "password" => "test"
36 })
37
38 assert json_response(conn, 200) == "lain"
39 end
40 end
41
42 describe "/api/pleroma/admin/users/:nickname" do
43 test "Show", %{conn: conn} do
44 admin = insert(:user, info: %{is_admin: true})
45 user = insert(:user)
46
47 conn =
48 conn
49 |> assign(:user, admin)
50 |> get("/api/pleroma/admin/users/#{user.nickname}")
51
52 expected = %{
53 "deactivated" => false,
54 "id" => to_string(user.id),
55 "local" => true,
56 "nickname" => user.nickname,
57 "roles" => %{"admin" => false, "moderator" => false},
58 "tags" => []
59 }
60
61 assert expected == json_response(conn, 200)
62 end
63
64 test "when the user doesn't exist", %{conn: conn} do
65 admin = insert(:user, info: %{is_admin: true})
66 user = build(:user)
67
68 conn =
69 conn
70 |> assign(:user, admin)
71 |> get("/api/pleroma/admin/users/#{user.nickname}")
72
73 assert "Not found" == json_response(conn, 404)
74 end
75 end
76
77 describe "/api/pleroma/admin/user/follow" do
78 test "allows to force-follow another user" do
79 admin = insert(:user, info: %{is_admin: true})
80 user = insert(:user)
81 follower = insert(:user)
82
83 conn =
84 build_conn()
85 |> assign(:user, admin)
86 |> put_req_header("accept", "application/json")
87 |> post("/api/pleroma/admin/user/follow", %{
88 "follower" => follower.nickname,
89 "followed" => user.nickname
90 })
91
92 user = User.get_by_nickname(user.id)
93 follower = User.get_by_nickname(follower.id)
94
95 assert User.following?(follower, user)
96 end
97 end
98
99 describe "/api/pleroma/admin/user/unfollow" do
100 test "allows to force-unfollow another user" do
101 admin = insert(:user, info: %{is_admin: true})
102 user = insert(:user)
103 follower = insert(:user)
104
105 User.follow(follower, user)
106
107 conn =
108 build_conn()
109 |> assign(:user, admin)
110 |> put_req_header("accept", "application/json")
111 |> post("/api/pleroma/admin/user/unfollow", %{
112 "follower" => follower.nickname,
113 "followed" => user.nickname
114 })
115
116 user = User.get_by_nickname(user.id)
117 follower = User.get_by_nickname(follower.id)
118
119 refute User.following?(follower, user)
120 end
121 end
122
123 describe "PUT /api/pleroma/admin/users/tag" do
124 setup do
125 admin = insert(:user, info: %{is_admin: true})
126 user1 = insert(:user, %{tags: ["x"]})
127 user2 = insert(:user, %{tags: ["y"]})
128 user3 = insert(:user, %{tags: ["unchanged"]})
129
130 conn =
131 build_conn()
132 |> assign(:user, admin)
133 |> put_req_header("accept", "application/json")
134 |> put(
135 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
136 user2.nickname
137 }&tags[]=foo&tags[]=bar"
138 )
139
140 %{conn: conn, user1: user1, user2: user2, user3: user3}
141 end
142
143 test "it appends specified tags to users with specified nicknames", %{
144 conn: conn,
145 user1: user1,
146 user2: user2
147 } do
148 assert json_response(conn, :no_content)
149 assert User.get_by_id(user1.id).tags == ["x", "foo", "bar"]
150 assert User.get_by_id(user2.id).tags == ["y", "foo", "bar"]
151 end
152
153 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
154 assert json_response(conn, :no_content)
155 assert User.get_by_id(user3.id).tags == ["unchanged"]
156 end
157 end
158
159 describe "DELETE /api/pleroma/admin/users/tag" do
160 setup do
161 admin = insert(:user, info: %{is_admin: true})
162 user1 = insert(:user, %{tags: ["x"]})
163 user2 = insert(:user, %{tags: ["y", "z"]})
164 user3 = insert(:user, %{tags: ["unchanged"]})
165
166 conn =
167 build_conn()
168 |> assign(:user, admin)
169 |> put_req_header("accept", "application/json")
170 |> delete(
171 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
172 user2.nickname
173 }&tags[]=x&tags[]=z"
174 )
175
176 %{conn: conn, user1: user1, user2: user2, user3: user3}
177 end
178
179 test "it removes specified tags from users with specified nicknames", %{
180 conn: conn,
181 user1: user1,
182 user2: user2
183 } do
184 assert json_response(conn, :no_content)
185 assert User.get_by_id(user1.id).tags == []
186 assert User.get_by_id(user2.id).tags == ["y"]
187 end
188
189 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
190 assert json_response(conn, :no_content)
191 assert User.get_by_id(user3.id).tags == ["unchanged"]
192 end
193 end
194
195 describe "/api/pleroma/admin/permission_group" do
196 test "GET is giving user_info" do
197 admin = insert(:user, info: %{is_admin: true})
198
199 conn =
200 build_conn()
201 |> assign(:user, admin)
202 |> put_req_header("accept", "application/json")
203 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
204
205 assert json_response(conn, 200) == %{
206 "is_admin" => true,
207 "is_moderator" => false
208 }
209 end
210
211 test "/:right POST, can add to a permission group" do
212 admin = insert(:user, info: %{is_admin: true})
213 user = insert(:user)
214
215 conn =
216 build_conn()
217 |> assign(:user, admin)
218 |> put_req_header("accept", "application/json")
219 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
220
221 assert json_response(conn, 200) == %{
222 "is_admin" => true
223 }
224 end
225
226 test "/:right DELETE, can remove from a permission group" do
227 admin = insert(:user, info: %{is_admin: true})
228 user = insert(:user, info: %{is_admin: true})
229
230 conn =
231 build_conn()
232 |> assign(:user, admin)
233 |> put_req_header("accept", "application/json")
234 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
235
236 assert json_response(conn, 200) == %{
237 "is_admin" => false
238 }
239 end
240 end
241
242 describe "PUT /api/pleroma/admin/activation_status" do
243 setup %{conn: conn} do
244 admin = insert(:user, info: %{is_admin: true})
245
246 conn =
247 conn
248 |> assign(:user, admin)
249 |> put_req_header("accept", "application/json")
250
251 %{conn: conn}
252 end
253
254 test "deactivates the user", %{conn: conn} do
255 user = insert(:user)
256
257 conn =
258 conn
259 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
260
261 user = User.get_by_id(user.id)
262 assert user.info.deactivated == true
263 assert json_response(conn, :no_content)
264 end
265
266 test "activates the user", %{conn: conn} do
267 user = insert(:user, info: %{deactivated: true})
268
269 conn =
270 conn
271 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
272
273 user = User.get_by_id(user.id)
274 assert user.info.deactivated == false
275 assert json_response(conn, :no_content)
276 end
277
278 test "returns 403 when requested by a non-admin", %{conn: conn} do
279 user = insert(:user)
280
281 conn =
282 conn
283 |> assign(:user, user)
284 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
285
286 assert json_response(conn, :forbidden)
287 end
288 end
289
290 describe "POST /api/pleroma/admin/email_invite, with valid config" do
291 setup do
292 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
293 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
294 Pleroma.Config.put([:instance, :registrations_open], false)
295 Pleroma.Config.put([:instance, :invites_enabled], true)
296
297 on_exit(fn ->
298 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
299 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
300 :ok
301 end)
302
303 [user: insert(:user, info: %{is_admin: true})]
304 end
305
306 test "sends invitation and returns 204", %{conn: conn, user: user} do
307 recipient_email = "foo@bar.com"
308 recipient_name = "J. D."
309
310 conn =
311 conn
312 |> assign(:user, user)
313 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
314
315 assert json_response(conn, :no_content)
316
317 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
318 assert token_record
319 refute token_record.used
320
321 Swoosh.TestAssertions.assert_email_sent(
322 Pleroma.UserEmail.user_invitation_email(
323 user,
324 token_record,
325 recipient_email,
326 recipient_name
327 )
328 )
329 end
330
331 test "it returns 403 if requested by a non-admin", %{conn: conn} do
332 non_admin_user = insert(:user)
333
334 conn =
335 conn
336 |> assign(:user, non_admin_user)
337 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
338
339 assert json_response(conn, :forbidden)
340 end
341 end
342
343 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
344 setup do
345 [user: insert(:user, info: %{is_admin: true})]
346 end
347
348 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
349 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
350 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
351 Pleroma.Config.put([:instance, :registrations_open], false)
352 Pleroma.Config.put([:instance, :invites_enabled], false)
353
354 on_exit(fn ->
355 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
356 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
357 :ok
358 end)
359
360 conn =
361 conn
362 |> assign(:user, user)
363 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
364
365 assert json_response(conn, :internal_server_error)
366 end
367
368 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
369 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
370 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
371 Pleroma.Config.put([:instance, :registrations_open], true)
372 Pleroma.Config.put([:instance, :invites_enabled], true)
373
374 on_exit(fn ->
375 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
376 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
377 :ok
378 end)
379
380 conn =
381 conn
382 |> assign(:user, user)
383 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
384
385 assert json_response(conn, :internal_server_error)
386 end
387 end
388
389 test "/api/pleroma/admin/invite_token" do
390 admin = insert(:user, info: %{is_admin: true})
391
392 conn =
393 build_conn()
394 |> assign(:user, admin)
395 |> put_req_header("accept", "application/json")
396 |> get("/api/pleroma/admin/invite_token")
397
398 assert conn.status == 200
399 end
400
401 test "/api/pleroma/admin/password_reset" do
402 admin = insert(:user, info: %{is_admin: true})
403 user = insert(:user)
404
405 conn =
406 build_conn()
407 |> assign(:user, admin)
408 |> put_req_header("accept", "application/json")
409 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
410
411 assert conn.status == 200
412 end
413
414 describe "GET /api/pleroma/admin/users" do
415 test "renders users array for the first page" do
416 admin = insert(:user, info: %{is_admin: true})
417 user = insert(:user, local: false, tags: ["foo", "bar"])
418
419 conn =
420 build_conn()
421 |> assign(:user, admin)
422 |> get("/api/pleroma/admin/users?page=1")
423
424 assert json_response(conn, 200) == %{
425 "count" => 2,
426 "page_size" => 50,
427 "users" => [
428 %{
429 "deactivated" => admin.info.deactivated,
430 "id" => admin.id,
431 "nickname" => admin.nickname,
432 "roles" => %{"admin" => true, "moderator" => false},
433 "local" => true,
434 "tags" => []
435 },
436 %{
437 "deactivated" => user.info.deactivated,
438 "id" => user.id,
439 "nickname" => user.nickname,
440 "roles" => %{"admin" => false, "moderator" => false},
441 "local" => false,
442 "tags" => ["foo", "bar"]
443 }
444 ]
445 }
446 end
447
448 test "renders empty array for the second page" do
449 admin = insert(:user, info: %{is_admin: true})
450 insert(:user)
451
452 conn =
453 build_conn()
454 |> assign(:user, admin)
455 |> get("/api/pleroma/admin/users?page=2")
456
457 assert json_response(conn, 200) == %{
458 "count" => 2,
459 "page_size" => 50,
460 "users" => []
461 }
462 end
463
464 test "regular search" do
465 admin = insert(:user, info: %{is_admin: true})
466 user = insert(:user, nickname: "bob")
467
468 conn =
469 build_conn()
470 |> assign(:user, admin)
471 |> get("/api/pleroma/admin/users?query=bo")
472
473 assert json_response(conn, 200) == %{
474 "count" => 1,
475 "page_size" => 50,
476 "users" => [
477 %{
478 "deactivated" => user.info.deactivated,
479 "id" => user.id,
480 "nickname" => user.nickname,
481 "roles" => %{"admin" => false, "moderator" => false},
482 "local" => true,
483 "tags" => []
484 }
485 ]
486 }
487 end
488
489 test "regular search with page size" do
490 admin = insert(:user, info: %{is_admin: true})
491 user = insert(:user, nickname: "aalice")
492 user2 = insert(:user, nickname: "alice")
493
494 conn =
495 build_conn()
496 |> assign(:user, admin)
497 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=1")
498
499 assert json_response(conn, 200) == %{
500 "count" => 2,
501 "page_size" => 1,
502 "users" => [
503 %{
504 "deactivated" => user.info.deactivated,
505 "id" => user.id,
506 "nickname" => user.nickname,
507 "roles" => %{"admin" => false, "moderator" => false},
508 "local" => true,
509 "tags" => []
510 }
511 ]
512 }
513
514 conn =
515 build_conn()
516 |> assign(:user, admin)
517 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=2")
518
519 assert json_response(conn, 200) == %{
520 "count" => 2,
521 "page_size" => 1,
522 "users" => [
523 %{
524 "deactivated" => user2.info.deactivated,
525 "id" => user2.id,
526 "nickname" => user2.nickname,
527 "roles" => %{"admin" => false, "moderator" => false},
528 "local" => true,
529 "tags" => []
530 }
531 ]
532 }
533 end
534
535 test "only local users" do
536 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
537 user = insert(:user, nickname: "bob")
538
539 insert(:user, nickname: "bobb", local: false)
540
541 conn =
542 build_conn()
543 |> assign(:user, admin)
544 |> get("/api/pleroma/admin/users?query=bo&filters=local")
545
546 assert json_response(conn, 200) == %{
547 "count" => 1,
548 "page_size" => 50,
549 "users" => [
550 %{
551 "deactivated" => user.info.deactivated,
552 "id" => user.id,
553 "nickname" => user.nickname,
554 "roles" => %{"admin" => false, "moderator" => false},
555 "local" => true,
556 "tags" => []
557 }
558 ]
559 }
560 end
561
562 test "only local users with no query" do
563 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
564 user = insert(:user, nickname: "bob")
565
566 insert(:user, nickname: "bobb", local: false)
567
568 conn =
569 build_conn()
570 |> assign(:user, admin)
571 |> get("/api/pleroma/admin/users?filters=local")
572
573 assert json_response(conn, 200) == %{
574 "count" => 2,
575 "page_size" => 50,
576 "users" => [
577 %{
578 "deactivated" => user.info.deactivated,
579 "id" => user.id,
580 "nickname" => user.nickname,
581 "roles" => %{"admin" => false, "moderator" => false},
582 "local" => true,
583 "tags" => []
584 },
585 %{
586 "deactivated" => admin.info.deactivated,
587 "id" => admin.id,
588 "nickname" => admin.nickname,
589 "roles" => %{"admin" => true, "moderator" => false},
590 "local" => true,
591 "tags" => []
592 }
593 ]
594 }
595 end
596
597 test "it works with multiple filters" do
598 admin = insert(:user, nickname: "john", info: %{is_admin: true})
599 user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
600
601 insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
602 insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
603
604 conn =
605 build_conn()
606 |> assign(:user, admin)
607 |> get("/api/pleroma/admin/users?filters=deactivated,external")
608
609 assert json_response(conn, 200) == %{
610 "count" => 1,
611 "page_size" => 50,
612 "users" => [
613 %{
614 "deactivated" => user.info.deactivated,
615 "id" => user.id,
616 "nickname" => user.nickname,
617 "roles" => %{"admin" => false, "moderator" => false},
618 "local" => user.local,
619 "tags" => []
620 }
621 ]
622 }
623 end
624 end
625
626 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
627 admin = insert(:user, info: %{is_admin: true})
628 user = insert(:user)
629
630 conn =
631 build_conn()
632 |> assign(:user, admin)
633 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
634
635 assert json_response(conn, 200) ==
636 %{
637 "deactivated" => !user.info.deactivated,
638 "id" => user.id,
639 "nickname" => user.nickname,
640 "roles" => %{"admin" => false, "moderator" => false},
641 "local" => true,
642 "tags" => []
643 }
644 end
645 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git