1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
11 describe "/api/pleroma/admin/user" do
13 admin = insert(:user, info: %{is_admin: true})
18 |> assign(:user, admin)
19 |> put_req_header("accept", "application/json")
20 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
22 assert json_response(conn, 200) == user.nickname
26 admin = insert(:user, info: %{is_admin: true})
30 |> assign(:user, admin)
31 |> put_req_header("accept", "application/json")
32 |> post("/api/pleroma/admin/user", %{
34 "email" => "lain@example.org",
38 assert json_response(conn, 200) == "lain"
42 describe "/api/pleroma/admin/users/:nickname" do
43 test "Show", %{conn: conn} do
44 admin = insert(:user, info: %{is_admin: true})
49 |> assign(:user, admin)
50 |> get("/api/pleroma/admin/users/#{user.nickname}")
53 "deactivated" => false,
54 "id" => to_string(user.id),
56 "nickname" => user.nickname,
57 "roles" => %{"admin" => false, "moderator" => false},
61 assert expected == json_response(conn, 200)
64 test "when the user doesn't exist", %{conn: conn} do
65 admin = insert(:user, info: %{is_admin: true})
70 |> assign(:user, admin)
71 |> get("/api/pleroma/admin/users/#{user.nickname}")
73 assert "Not found" == json_response(conn, 404)
77 describe "/api/pleroma/admin/user/follow" do
78 test "allows to force-follow another user" do
79 admin = insert(:user, info: %{is_admin: true})
81 follower = insert(:user)
85 |> assign(:user, admin)
86 |> put_req_header("accept", "application/json")
87 |> post("/api/pleroma/admin/user/follow", %{
88 "follower" => follower.nickname,
89 "followed" => user.nickname
92 user = User.get_by_nickname(user.id)
93 follower = User.get_by_nickname(follower.id)
95 assert User.following?(follower, user)
99 describe "/api/pleroma/admin/user/unfollow" do
100 test "allows to force-unfollow another user" do
101 admin = insert(:user, info: %{is_admin: true})
103 follower = insert(:user)
105 User.follow(follower, user)
109 |> assign(:user, admin)
110 |> put_req_header("accept", "application/json")
111 |> post("/api/pleroma/admin/user/unfollow", %{
112 "follower" => follower.nickname,
113 "followed" => user.nickname
116 user = User.get_by_nickname(user.id)
117 follower = User.get_by_nickname(follower.id)
119 refute User.following?(follower, user)
123 describe "PUT /api/pleroma/admin/users/tag" do
125 admin = insert(:user, info: %{is_admin: true})
126 user1 = insert(:user, %{tags: ["x"]})
127 user2 = insert(:user, %{tags: ["y"]})
128 user3 = insert(:user, %{tags: ["unchanged"]})
132 |> assign(:user, admin)
133 |> put_req_header("accept", "application/json")
135 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
137 }&tags[]=foo&tags[]=bar"
140 %{conn: conn, user1: user1, user2: user2, user3: user3}
143 test "it appends specified tags to users with specified nicknames", %{
148 assert json_response(conn, :no_content)
149 assert User.get_by_id(user1.id).tags == ["x", "foo", "bar"]
150 assert User.get_by_id(user2.id).tags == ["y", "foo", "bar"]
153 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
154 assert json_response(conn, :no_content)
155 assert User.get_by_id(user3.id).tags == ["unchanged"]
159 describe "DELETE /api/pleroma/admin/users/tag" do
161 admin = insert(:user, info: %{is_admin: true})
162 user1 = insert(:user, %{tags: ["x"]})
163 user2 = insert(:user, %{tags: ["y", "z"]})
164 user3 = insert(:user, %{tags: ["unchanged"]})
168 |> assign(:user, admin)
169 |> put_req_header("accept", "application/json")
171 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
176 %{conn: conn, user1: user1, user2: user2, user3: user3}
179 test "it removes specified tags from users with specified nicknames", %{
184 assert json_response(conn, :no_content)
185 assert User.get_by_id(user1.id).tags == []
186 assert User.get_by_id(user2.id).tags == ["y"]
189 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
190 assert json_response(conn, :no_content)
191 assert User.get_by_id(user3.id).tags == ["unchanged"]
195 describe "/api/pleroma/admin/permission_group" do
196 test "GET is giving user_info" do
197 admin = insert(:user, info: %{is_admin: true})
201 |> assign(:user, admin)
202 |> put_req_header("accept", "application/json")
203 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
205 assert json_response(conn, 200) == %{
207 "is_moderator" => false
211 test "/:right POST, can add to a permission group" do
212 admin = insert(:user, info: %{is_admin: true})
217 |> assign(:user, admin)
218 |> put_req_header("accept", "application/json")
219 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
221 assert json_response(conn, 200) == %{
226 test "/:right DELETE, can remove from a permission group" do
227 admin = insert(:user, info: %{is_admin: true})
228 user = insert(:user, info: %{is_admin: true})
232 |> assign(:user, admin)
233 |> put_req_header("accept", "application/json")
234 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
236 assert json_response(conn, 200) == %{
242 describe "PUT /api/pleroma/admin/activation_status" do
243 setup %{conn: conn} do
244 admin = insert(:user, info: %{is_admin: true})
248 |> assign(:user, admin)
249 |> put_req_header("accept", "application/json")
254 test "deactivates the user", %{conn: conn} do
259 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
261 user = User.get_by_id(user.id)
262 assert user.info.deactivated == true
263 assert json_response(conn, :no_content)
266 test "activates the user", %{conn: conn} do
267 user = insert(:user, info: %{deactivated: true})
271 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
273 user = User.get_by_id(user.id)
274 assert user.info.deactivated == false
275 assert json_response(conn, :no_content)
278 test "returns 403 when requested by a non-admin", %{conn: conn} do
283 |> assign(:user, user)
284 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
286 assert json_response(conn, :forbidden)
290 describe "POST /api/pleroma/admin/email_invite, with valid config" do
292 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
293 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
294 Pleroma.Config.put([:instance, :registrations_open], false)
295 Pleroma.Config.put([:instance, :invites_enabled], true)
298 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
299 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
303 [user: insert(:user, info: %{is_admin: true})]
306 test "sends invitation and returns 204", %{conn: conn, user: user} do
307 recipient_email = "foo@bar.com"
308 recipient_name = "J. D."
312 |> assign(:user, user)
313 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
315 assert json_response(conn, :no_content)
317 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
319 refute token_record.used
321 Swoosh.TestAssertions.assert_email_sent(
322 Pleroma.UserEmail.user_invitation_email(
331 test "it returns 403 if requested by a non-admin", %{conn: conn} do
332 non_admin_user = insert(:user)
336 |> assign(:user, non_admin_user)
337 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
339 assert json_response(conn, :forbidden)
343 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
345 [user: insert(:user, info: %{is_admin: true})]
348 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
349 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
350 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
351 Pleroma.Config.put([:instance, :registrations_open], false)
352 Pleroma.Config.put([:instance, :invites_enabled], false)
355 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
356 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
362 |> assign(:user, user)
363 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
365 assert json_response(conn, :internal_server_error)
368 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
369 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
370 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
371 Pleroma.Config.put([:instance, :registrations_open], true)
372 Pleroma.Config.put([:instance, :invites_enabled], true)
375 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
376 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
382 |> assign(:user, user)
383 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
385 assert json_response(conn, :internal_server_error)
389 test "/api/pleroma/admin/invite_token" do
390 admin = insert(:user, info: %{is_admin: true})
394 |> assign(:user, admin)
395 |> put_req_header("accept", "application/json")
396 |> get("/api/pleroma/admin/invite_token")
398 assert conn.status == 200
401 test "/api/pleroma/admin/password_reset" do
402 admin = insert(:user, info: %{is_admin: true})
407 |> assign(:user, admin)
408 |> put_req_header("accept", "application/json")
409 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
411 assert conn.status == 200
414 describe "GET /api/pleroma/admin/users" do
415 test "renders users array for the first page" do
416 admin = insert(:user, info: %{is_admin: true})
417 user = insert(:user, local: false, tags: ["foo", "bar"])
421 |> assign(:user, admin)
422 |> get("/api/pleroma/admin/users?page=1")
424 assert json_response(conn, 200) == %{
429 "deactivated" => admin.info.deactivated,
431 "nickname" => admin.nickname,
432 "roles" => %{"admin" => true, "moderator" => false},
437 "deactivated" => user.info.deactivated,
439 "nickname" => user.nickname,
440 "roles" => %{"admin" => false, "moderator" => false},
442 "tags" => ["foo", "bar"]
448 test "renders empty array for the second page" do
449 admin = insert(:user, info: %{is_admin: true})
454 |> assign(:user, admin)
455 |> get("/api/pleroma/admin/users?page=2")
457 assert json_response(conn, 200) == %{
464 test "regular search" do
465 admin = insert(:user, info: %{is_admin: true})
466 user = insert(:user, nickname: "bob")
470 |> assign(:user, admin)
471 |> get("/api/pleroma/admin/users?query=bo")
473 assert json_response(conn, 200) == %{
478 "deactivated" => user.info.deactivated,
480 "nickname" => user.nickname,
481 "roles" => %{"admin" => false, "moderator" => false},
489 test "regular search with page size" do
490 admin = insert(:user, info: %{is_admin: true})
491 user = insert(:user, nickname: "aalice")
492 user2 = insert(:user, nickname: "alice")
496 |> assign(:user, admin)
497 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=1")
499 assert json_response(conn, 200) == %{
504 "deactivated" => user.info.deactivated,
506 "nickname" => user.nickname,
507 "roles" => %{"admin" => false, "moderator" => false},
516 |> assign(:user, admin)
517 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=2")
519 assert json_response(conn, 200) == %{
524 "deactivated" => user2.info.deactivated,
526 "nickname" => user2.nickname,
527 "roles" => %{"admin" => false, "moderator" => false},
535 test "only local users" do
536 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
537 user = insert(:user, nickname: "bob")
539 insert(:user, nickname: "bobb", local: false)
543 |> assign(:user, admin)
544 |> get("/api/pleroma/admin/users?query=bo&filters=local")
546 assert json_response(conn, 200) == %{
551 "deactivated" => user.info.deactivated,
553 "nickname" => user.nickname,
554 "roles" => %{"admin" => false, "moderator" => false},
562 test "only local users with no query" do
563 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
564 user = insert(:user, nickname: "bob")
566 insert(:user, nickname: "bobb", local: false)
570 |> assign(:user, admin)
571 |> get("/api/pleroma/admin/users?filters=local")
573 assert json_response(conn, 200) == %{
578 "deactivated" => user.info.deactivated,
580 "nickname" => user.nickname,
581 "roles" => %{"admin" => false, "moderator" => false},
586 "deactivated" => admin.info.deactivated,
588 "nickname" => admin.nickname,
589 "roles" => %{"admin" => true, "moderator" => false},
597 test "it works with multiple filters" do
598 admin = insert(:user, nickname: "john", info: %{is_admin: true})
599 user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
601 insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
602 insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
606 |> assign(:user, admin)
607 |> get("/api/pleroma/admin/users?filters=deactivated,external")
609 assert json_response(conn, 200) == %{
614 "deactivated" => user.info.deactivated,
616 "nickname" => user.nickname,
617 "roles" => %{"admin" => false, "moderator" => false},
618 "local" => user.local,
626 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
627 admin = insert(:user, info: %{is_admin: true})
632 |> assign(:user, admin)
633 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
635 assert json_response(conn, 200) ==
637 "deactivated" => !user.info.deactivated,
639 "nickname" => user.nickname,
640 "roles" => %{"admin" => false, "moderator" => false},