projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge remote-tracking branch 'pleroma/develop' into feature/disable-account
[akkoma] / test / web / admin_api / admin_api_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
7
8 alias Pleroma.User
9 alias Pleroma.UserInviteToken
10 import Pleroma.Factory
11
12 describe "/api/pleroma/admin/user" do
13 test "Delete" do
14 admin = insert(:user, info: %{is_admin: true})
15 user = insert(:user)
16
17 conn =
18 build_conn()
19 |> assign(:user, admin)
20 |> put_req_header("accept", "application/json")
21 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
22
23 assert json_response(conn, 200) == user.nickname
24 end
25
26 test "Create" do
27 admin = insert(:user, info: %{is_admin: true})
28
29 conn =
30 build_conn()
31 |> assign(:user, admin)
32 |> put_req_header("accept", "application/json")
33 |> post("/api/pleroma/admin/user", %{
34 "nickname" => "lain",
35 "email" => "lain@example.org",
36 "password" => "test"
37 })
38
39 assert json_response(conn, 200) == "lain"
40 end
41 end
42
43 describe "/api/pleroma/admin/users/:nickname" do
44 test "Show", %{conn: conn} do
45 admin = insert(:user, info: %{is_admin: true})
46 user = insert(:user)
47
48 conn =
49 conn
50 |> assign(:user, admin)
51 |> get("/api/pleroma/admin/users/#{user.nickname}")
52
53 expected = %{
54 "deactivated" => false,
55 "id" => to_string(user.id),
56 "local" => true,
57 "nickname" => user.nickname,
58 "roles" => %{"admin" => false, "moderator" => false},
59 "tags" => []
60 }
61
62 assert expected == json_response(conn, 200)
63 end
64
65 test "when the user doesn't exist", %{conn: conn} do
66 admin = insert(:user, info: %{is_admin: true})
67 user = build(:user)
68
69 conn =
70 conn
71 |> assign(:user, admin)
72 |> get("/api/pleroma/admin/users/#{user.nickname}")
73
74 assert "Not found" == json_response(conn, 404)
75 end
76 end
77
78 describe "/api/pleroma/admin/user/follow" do
79 test "allows to force-follow another user" do
80 admin = insert(:user, info: %{is_admin: true})
81 user = insert(:user)
82 follower = insert(:user)
83
84 build_conn()
85 |> assign(:user, admin)
86 |> put_req_header("accept", "application/json")
87 |> post("/api/pleroma/admin/user/follow", %{
88 "follower" => follower.nickname,
89 "followed" => user.nickname
90 })
91
92 user = User.get_cached_by_id(user.id)
93 follower = User.get_cached_by_id(follower.id)
94
95 assert User.following?(follower, user)
96 end
97 end
98
99 describe "/api/pleroma/admin/user/unfollow" do
100 test "allows to force-unfollow another user" do
101 admin = insert(:user, info: %{is_admin: true})
102 user = insert(:user)
103 follower = insert(:user)
104
105 User.follow(follower, user)
106
107 build_conn()
108 |> assign(:user, admin)
109 |> put_req_header("accept", "application/json")
110 |> post("/api/pleroma/admin/user/unfollow", %{
111 "follower" => follower.nickname,
112 "followed" => user.nickname
113 })
114
115 user = User.get_cached_by_id(user.id)
116 follower = User.get_cached_by_id(follower.id)
117
118 refute User.following?(follower, user)
119 end
120 end
121
122 describe "PUT /api/pleroma/admin/users/tag" do
123 setup do
124 admin = insert(:user, info: %{is_admin: true})
125 user1 = insert(:user, %{tags: ["x"]})
126 user2 = insert(:user, %{tags: ["y"]})
127 user3 = insert(:user, %{tags: ["unchanged"]})
128
129 conn =
130 build_conn()
131 |> assign(:user, admin)
132 |> put_req_header("accept", "application/json")
133 |> put(
134 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
135 user2.nickname
136 }&tags[]=foo&tags[]=bar"
137 )
138
139 %{conn: conn, user1: user1, user2: user2, user3: user3}
140 end
141
142 test "it appends specified tags to users with specified nicknames", %{
143 conn: conn,
144 user1: user1,
145 user2: user2
146 } do
147 assert json_response(conn, :no_content)
148 assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"]
149 assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"]
150 end
151
152 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
153 assert json_response(conn, :no_content)
154 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
155 end
156 end
157
158 describe "DELETE /api/pleroma/admin/users/tag" do
159 setup do
160 admin = insert(:user, info: %{is_admin: true})
161 user1 = insert(:user, %{tags: ["x"]})
162 user2 = insert(:user, %{tags: ["y", "z"]})
163 user3 = insert(:user, %{tags: ["unchanged"]})
164
165 conn =
166 build_conn()
167 |> assign(:user, admin)
168 |> put_req_header("accept", "application/json")
169 |> delete(
170 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
171 user2.nickname
172 }&tags[]=x&tags[]=z"
173 )
174
175 %{conn: conn, user1: user1, user2: user2, user3: user3}
176 end
177
178 test "it removes specified tags from users with specified nicknames", %{
179 conn: conn,
180 user1: user1,
181 user2: user2
182 } do
183 assert json_response(conn, :no_content)
184 assert User.get_cached_by_id(user1.id).tags == []
185 assert User.get_cached_by_id(user2.id).tags == ["y"]
186 end
187
188 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
189 assert json_response(conn, :no_content)
190 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
191 end
192 end
193
194 describe "/api/pleroma/admin/permission_group" do
195 test "GET is giving user_info" do
196 admin = insert(:user, info: %{is_admin: true})
197
198 conn =
199 build_conn()
200 |> assign(:user, admin)
201 |> put_req_header("accept", "application/json")
202 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
203
204 assert json_response(conn, 200) == %{
205 "is_admin" => true,
206 "is_moderator" => false
207 }
208 end
209
210 test "/:right POST, can add to a permission group" do
211 admin = insert(:user, info: %{is_admin: true})
212 user = insert(:user)
213
214 conn =
215 build_conn()
216 |> assign(:user, admin)
217 |> put_req_header("accept", "application/json")
218 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
219
220 assert json_response(conn, 200) == %{
221 "is_admin" => true
222 }
223 end
224
225 test "/:right DELETE, can remove from a permission group" do
226 admin = insert(:user, info: %{is_admin: true})
227 user = insert(:user, info: %{is_admin: true})
228
229 conn =
230 build_conn()
231 |> assign(:user, admin)
232 |> put_req_header("accept", "application/json")
233 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
234
235 assert json_response(conn, 200) == %{
236 "is_admin" => false
237 }
238 end
239 end
240
241 describe "PUT /api/pleroma/admin/activation_status" do
242 setup %{conn: conn} do
243 admin = insert(:user, info: %{is_admin: true})
244
245 conn =
246 conn
247 |> assign(:user, admin)
248 |> put_req_header("accept", "application/json")
249
250 %{conn: conn}
251 end
252
253 test "deactivates the user", %{conn: conn} do
254 user = insert(:user)
255
256 conn =
257 conn
258 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
259
260 user = User.get_cached_by_id(user.id)
261 assert user.info.deactivated == true
262 assert json_response(conn, :no_content)
263 end
264
265 test "activates the user", %{conn: conn} do
266 user = insert(:user, info: %{deactivated: true})
267
268 conn =
269 conn
270 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
271
272 user = User.get_cached_by_id(user.id)
273 assert user.info.deactivated == false
274 assert json_response(conn, :no_content)
275 end
276
277 test "returns 403 when requested by a non-admin", %{conn: conn} do
278 user = insert(:user)
279
280 conn =
281 conn
282 |> assign(:user, user)
283 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
284
285 assert json_response(conn, :forbidden)
286 end
287 end
288
289 describe "POST /api/pleroma/admin/email_invite, with valid config" do
290 setup do
291 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
292 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
293 Pleroma.Config.put([:instance, :registrations_open], false)
294 Pleroma.Config.put([:instance, :invites_enabled], true)
295
296 on_exit(fn ->
297 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
298 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
299 :ok
300 end)
301
302 [user: insert(:user, info: %{is_admin: true})]
303 end
304
305 test "sends invitation and returns 204", %{conn: conn, user: user} do
306 recipient_email = "foo@bar.com"
307 recipient_name = "J. D."
308
309 conn =
310 conn
311 |> assign(:user, user)
312 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
313
314 assert json_response(conn, :no_content)
315
316 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
317 assert token_record
318 refute token_record.used
319
320 notify_email = Pleroma.Config.get([:instance, :notify_email])
321 instance_name = Pleroma.Config.get([:instance, :name])
322
323 email =
324 Pleroma.Emails.UserEmail.user_invitation_email(
325 user,
326 token_record,
327 recipient_email,
328 recipient_name
329 )
330
331 Swoosh.TestAssertions.assert_email_sent(
332 from: {instance_name, notify_email},
333 to: {recipient_name, recipient_email},
334 html_body: email.html_body
335 )
336 end
337
338 test "it returns 403 if requested by a non-admin", %{conn: conn} do
339 non_admin_user = insert(:user)
340
341 conn =
342 conn
343 |> assign(:user, non_admin_user)
344 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
345
346 assert json_response(conn, :forbidden)
347 end
348 end
349
350 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
351 setup do
352 [user: insert(:user, info: %{is_admin: true})]
353 end
354
355 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
356 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
357 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
358 Pleroma.Config.put([:instance, :registrations_open], false)
359 Pleroma.Config.put([:instance, :invites_enabled], false)
360
361 on_exit(fn ->
362 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
363 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
364 :ok
365 end)
366
367 conn =
368 conn
369 |> assign(:user, user)
370 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
371
372 assert json_response(conn, :internal_server_error)
373 end
374
375 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
376 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
377 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
378 Pleroma.Config.put([:instance, :registrations_open], true)
379 Pleroma.Config.put([:instance, :invites_enabled], true)
380
381 on_exit(fn ->
382 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
383 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
384 :ok
385 end)
386
387 conn =
388 conn
389 |> assign(:user, user)
390 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
391
392 assert json_response(conn, :internal_server_error)
393 end
394 end
395
396 test "/api/pleroma/admin/invite_token" do
397 admin = insert(:user, info: %{is_admin: true})
398
399 conn =
400 build_conn()
401 |> assign(:user, admin)
402 |> put_req_header("accept", "application/json")
403 |> get("/api/pleroma/admin/invite_token")
404
405 assert conn.status == 200
406 end
407
408 test "/api/pleroma/admin/password_reset" do
409 admin = insert(:user, info: %{is_admin: true})
410 user = insert(:user)
411
412 conn =
413 build_conn()
414 |> assign(:user, admin)
415 |> put_req_header("accept", "application/json")
416 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
417
418 assert conn.status == 200
419 end
420
421 describe "GET /api/pleroma/admin/users" do
422 test "renders users array for the first page" do
423 admin = insert(:user, info: %{is_admin: true})
424 user = insert(:user, local: false, tags: ["foo", "bar"])
425
426 conn =
427 build_conn()
428 |> assign(:user, admin)
429 |> get("/api/pleroma/admin/users?page=1")
430
431 assert json_response(conn, 200) == %{
432 "count" => 2,
433 "page_size" => 50,
434 "users" => [
435 %{
436 "deactivated" => admin.info.deactivated,
437 "id" => admin.id,
438 "nickname" => admin.nickname,
439 "roles" => %{"admin" => true, "moderator" => false},
440 "local" => true,
441 "tags" => []
442 },
443 %{
444 "deactivated" => user.info.deactivated,
445 "id" => user.id,
446 "nickname" => user.nickname,
447 "roles" => %{"admin" => false, "moderator" => false},
448 "local" => false,
449 "tags" => ["foo", "bar"]
450 }
451 ]
452 }
453 end
454
455 test "renders empty array for the second page" do
456 admin = insert(:user, info: %{is_admin: true})
457 insert(:user)
458
459 conn =
460 build_conn()
461 |> assign(:user, admin)
462 |> get("/api/pleroma/admin/users?page=2")
463
464 assert json_response(conn, 200) == %{
465 "count" => 2,
466 "page_size" => 50,
467 "users" => []
468 }
469 end
470
471 test "regular search" do
472 admin = insert(:user, info: %{is_admin: true})
473 user = insert(:user, nickname: "bob")
474
475 conn =
476 build_conn()
477 |> assign(:user, admin)
478 |> get("/api/pleroma/admin/users?query=bo")
479
480 assert json_response(conn, 200) == %{
481 "count" => 1,
482 "page_size" => 50,
483 "users" => [
484 %{
485 "deactivated" => user.info.deactivated,
486 "id" => user.id,
487 "nickname" => user.nickname,
488 "roles" => %{"admin" => false, "moderator" => false},
489 "local" => true,
490 "tags" => []
491 }
492 ]
493 }
494 end
495
496 test "regular search with page size" do
497 admin = insert(:user, info: %{is_admin: true})
498 user = insert(:user, nickname: "aalice")
499 user2 = insert(:user, nickname: "alice")
500
501 conn =
502 build_conn()
503 |> assign(:user, admin)
504 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=1")
505
506 assert json_response(conn, 200) == %{
507 "count" => 2,
508 "page_size" => 1,
509 "users" => [
510 %{
511 "deactivated" => user.info.deactivated,
512 "id" => user.id,
513 "nickname" => user.nickname,
514 "roles" => %{"admin" => false, "moderator" => false},
515 "local" => true,
516 "tags" => []
517 }
518 ]
519 }
520
521 conn =
522 build_conn()
523 |> assign(:user, admin)
524 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=2")
525
526 assert json_response(conn, 200) == %{
527 "count" => 2,
528 "page_size" => 1,
529 "users" => [
530 %{
531 "deactivated" => user2.info.deactivated,
532 "id" => user2.id,
533 "nickname" => user2.nickname,
534 "roles" => %{"admin" => false, "moderator" => false},
535 "local" => true,
536 "tags" => []
537 }
538 ]
539 }
540 end
541
542 test "only local users" do
543 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
544 user = insert(:user, nickname: "bob")
545
546 insert(:user, nickname: "bobb", local: false)
547
548 conn =
549 build_conn()
550 |> assign(:user, admin)
551 |> get("/api/pleroma/admin/users?query=bo&filters=local")
552
553 assert json_response(conn, 200) == %{
554 "count" => 1,
555 "page_size" => 50,
556 "users" => [
557 %{
558 "deactivated" => user.info.deactivated,
559 "id" => user.id,
560 "nickname" => user.nickname,
561 "roles" => %{"admin" => false, "moderator" => false},
562 "local" => true,
563 "tags" => []
564 }
565 ]
566 }
567 end
568
569 test "only local users with no query" do
570 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
571 user = insert(:user, nickname: "bob")
572
573 insert(:user, nickname: "bobb", local: false)
574
575 conn =
576 build_conn()
577 |> assign(:user, admin)
578 |> get("/api/pleroma/admin/users?filters=local")
579
580 assert json_response(conn, 200) == %{
581 "count" => 2,
582 "page_size" => 50,
583 "users" => [
584 %{
585 "deactivated" => user.info.deactivated,
586 "id" => user.id,
587 "nickname" => user.nickname,
588 "roles" => %{"admin" => false, "moderator" => false},
589 "local" => true,
590 "tags" => []
591 },
592 %{
593 "deactivated" => admin.info.deactivated,
594 "id" => admin.id,
595 "nickname" => admin.nickname,
596 "roles" => %{"admin" => true, "moderator" => false},
597 "local" => true,
598 "tags" => []
599 }
600 ]
601 }
602 end
603
604 test "it works with multiple filters" do
605 admin = insert(:user, nickname: "john", info: %{is_admin: true})
606 user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
607
608 insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
609 insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
610
611 conn =
612 build_conn()
613 |> assign(:user, admin)
614 |> get("/api/pleroma/admin/users?filters=deactivated,external")
615
616 assert json_response(conn, 200) == %{
617 "count" => 1,
618 "page_size" => 50,
619 "users" => [
620 %{
621 "deactivated" => user.info.deactivated,
622 "id" => user.id,
623 "nickname" => user.nickname,
624 "roles" => %{"admin" => false, "moderator" => false},
625 "local" => user.local,
626 "tags" => []
627 }
628 ]
629 }
630 end
631 end
632
633 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
634 admin = insert(:user, info: %{is_admin: true})
635 user = insert(:user)
636
637 conn =
638 build_conn()
639 |> assign(:user, admin)
640 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
641
642 assert json_response(conn, 200) ==
643 %{
644 "deactivated" => !user.info.deactivated,
645 "id" => user.id,
646 "nickname" => user.nickname,
647 "roles" => %{"admin" => false, "moderator" => false},
648 "local" => true,
649 "tags" => []
650 }
651 end
652
653 describe "GET /api/pleroma/admin/invite_token" do
654 test "without options" do
655 admin = insert(:user, info: %{is_admin: true})
656
657 conn =
658 build_conn()
659 |> assign(:user, admin)
660 |> get("/api/pleroma/admin/invite_token")
661
662 token = json_response(conn, 200)
663 invite = UserInviteToken.find_by_token!(token)
664 refute invite.used
665 refute invite.expires_at
666 refute invite.max_use
667 assert invite.invite_type == "one_time"
668 end
669
670 test "with expires_at" do
671 admin = insert(:user, info: %{is_admin: true})
672
673 conn =
674 build_conn()
675 |> assign(:user, admin)
676 |> get("/api/pleroma/admin/invite_token", %{
677 "invite" => %{"expires_at" => Date.to_string(Date.utc_today())}
678 })
679
680 token = json_response(conn, 200)
681 invite = UserInviteToken.find_by_token!(token)
682
683 refute invite.used
684 assert invite.expires_at == Date.utc_today()
685 refute invite.max_use
686 assert invite.invite_type == "date_limited"
687 end
688
689 test "with max_use" do
690 admin = insert(:user, info: %{is_admin: true})
691
692 conn =
693 build_conn()
694 |> assign(:user, admin)
695 |> get("/api/pleroma/admin/invite_token", %{
696 "invite" => %{"max_use" => 150}
697 })
698
699 token = json_response(conn, 200)
700 invite = UserInviteToken.find_by_token!(token)
701 refute invite.used
702 refute invite.expires_at
703 assert invite.max_use == 150
704 assert invite.invite_type == "reusable"
705 end
706
707 test "with max use and expires_at" do
708 admin = insert(:user, info: %{is_admin: true})
709
710 conn =
711 build_conn()
712 |> assign(:user, admin)
713 |> get("/api/pleroma/admin/invite_token", %{
714 "invite" => %{"max_use" => 150, "expires_at" => Date.to_string(Date.utc_today())}
715 })
716
717 token = json_response(conn, 200)
718 invite = UserInviteToken.find_by_token!(token)
719 refute invite.used
720 assert invite.expires_at == Date.utc_today()
721 assert invite.max_use == 150
722 assert invite.invite_type == "reusable_date_limited"
723 end
724 end
725
726 describe "GET /api/pleroma/admin/invites" do
727 test "no invites" do
728 admin = insert(:user, info: %{is_admin: true})
729
730 conn =
731 build_conn()
732 |> assign(:user, admin)
733 |> get("/api/pleroma/admin/invites")
734
735 assert json_response(conn, 200) == %{"invites" => []}
736 end
737
738 test "with invite" do
739 admin = insert(:user, info: %{is_admin: true})
740 {:ok, invite} = UserInviteToken.create_invite()
741
742 conn =
743 build_conn()
744 |> assign(:user, admin)
745 |> get("/api/pleroma/admin/invites")
746
747 assert json_response(conn, 200) == %{
748 "invites" => [
749 %{
750 "expires_at" => nil,
751 "id" => invite.id,
752 "invite_type" => "one_time",
753 "max_use" => nil,
754 "token" => invite.token,
755 "used" => false,
756 "uses" => 0
757 }
758 ]
759 }
760 end
761 end
762
763 describe "POST /api/pleroma/admin/revoke_invite" do
764 test "with token" do
765 admin = insert(:user, info: %{is_admin: true})
766 {:ok, invite} = UserInviteToken.create_invite()
767
768 conn =
769 build_conn()
770 |> assign(:user, admin)
771 |> post("/api/pleroma/admin/revoke_invite", %{"token" => invite.token})
772
773 assert json_response(conn, 200) == %{
774 "expires_at" => nil,
775 "id" => invite.id,
776 "invite_type" => "one_time",
777 "max_use" => nil,
778 "token" => invite.token,
779 "used" => true,
780 "uses" => 0
781 }
782 end
783 end
784 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git