1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
11 describe "/api/pleroma/admin/user" do
13 admin = insert(:user, info: %{is_admin: true})
18 |> assign(:user, admin)
19 |> put_req_header("accept", "application/json")
20 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
22 assert json_response(conn, 200) == user.nickname
26 admin = insert(:user, info: %{is_admin: true})
30 |> assign(:user, admin)
31 |> put_req_header("accept", "application/json")
32 |> post("/api/pleroma/admin/user", %{
34 "email" => "lain@example.org",
38 assert json_response(conn, 200) == "lain"
42 describe "/api/pleroma/admin/users/:nickname" do
43 test "Show", %{conn: conn} do
44 admin = insert(:user, info: %{is_admin: true})
49 |> assign(:user, admin)
50 |> get("/api/pleroma/admin/users/#{user.nickname}")
53 "deactivated" => false,
54 "id" => to_string(user.id),
56 "nickname" => user.nickname,
57 "roles" => %{"admin" => false, "moderator" => false},
61 assert expected == json_response(conn, 200)
64 test "when the user doesn't exist", %{conn: conn} do
65 admin = insert(:user, info: %{is_admin: true})
70 |> assign(:user, admin)
71 |> get("/api/pleroma/admin/users/#{user.nickname}")
73 assert "Not found" == json_response(conn, 404)
77 describe "/api/pleroma/admin/user/follow" do
78 test "allows to force-follow another user" do
79 admin = insert(:user, info: %{is_admin: true})
81 follower = insert(:user)
84 |> assign(:user, admin)
85 |> put_req_header("accept", "application/json")
86 |> post("/api/pleroma/admin/user/follow", %{
87 "follower" => follower.nickname,
88 "followed" => user.nickname
91 user = User.get_by_id(user.id)
92 follower = User.get_by_id(follower.id)
94 assert User.following?(follower, user)
98 describe "/api/pleroma/admin/user/unfollow" do
99 test "allows to force-unfollow another user" do
100 admin = insert(:user, info: %{is_admin: true})
102 follower = insert(:user)
104 User.follow(follower, user)
107 |> assign(:user, admin)
108 |> put_req_header("accept", "application/json")
109 |> post("/api/pleroma/admin/user/unfollow", %{
110 "follower" => follower.nickname,
111 "followed" => user.nickname
114 user = User.get_by_id(user.id)
115 follower = User.get_by_id(follower.id)
117 refute User.following?(follower, user)
121 describe "PUT /api/pleroma/admin/users/tag" do
123 admin = insert(:user, info: %{is_admin: true})
124 user1 = insert(:user, %{tags: ["x"]})
125 user2 = insert(:user, %{tags: ["y"]})
126 user3 = insert(:user, %{tags: ["unchanged"]})
130 |> assign(:user, admin)
131 |> put_req_header("accept", "application/json")
133 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
135 }&tags[]=foo&tags[]=bar"
138 %{conn: conn, user1: user1, user2: user2, user3: user3}
141 test "it appends specified tags to users with specified nicknames", %{
146 assert json_response(conn, :no_content)
147 assert User.get_by_id(user1.id).tags == ["x", "foo", "bar"]
148 assert User.get_by_id(user2.id).tags == ["y", "foo", "bar"]
151 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
152 assert json_response(conn, :no_content)
153 assert User.get_by_id(user3.id).tags == ["unchanged"]
157 describe "DELETE /api/pleroma/admin/users/tag" do
159 admin = insert(:user, info: %{is_admin: true})
160 user1 = insert(:user, %{tags: ["x"]})
161 user2 = insert(:user, %{tags: ["y", "z"]})
162 user3 = insert(:user, %{tags: ["unchanged"]})
166 |> assign(:user, admin)
167 |> put_req_header("accept", "application/json")
169 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
174 %{conn: conn, user1: user1, user2: user2, user3: user3}
177 test "it removes specified tags from users with specified nicknames", %{
182 assert json_response(conn, :no_content)
183 assert User.get_by_id(user1.id).tags == []
184 assert User.get_by_id(user2.id).tags == ["y"]
187 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
188 assert json_response(conn, :no_content)
189 assert User.get_by_id(user3.id).tags == ["unchanged"]
193 describe "/api/pleroma/admin/permission_group" do
194 test "GET is giving user_info" do
195 admin = insert(:user, info: %{is_admin: true})
199 |> assign(:user, admin)
200 |> put_req_header("accept", "application/json")
201 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
203 assert json_response(conn, 200) == %{
205 "is_moderator" => false
209 test "/:right POST, can add to a permission group" do
210 admin = insert(:user, info: %{is_admin: true})
215 |> assign(:user, admin)
216 |> put_req_header("accept", "application/json")
217 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
219 assert json_response(conn, 200) == %{
224 test "/:right DELETE, can remove from a permission group" do
225 admin = insert(:user, info: %{is_admin: true})
226 user = insert(:user, info: %{is_admin: true})
230 |> assign(:user, admin)
231 |> put_req_header("accept", "application/json")
232 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
234 assert json_response(conn, 200) == %{
240 describe "PUT /api/pleroma/admin/activation_status" do
241 setup %{conn: conn} do
242 admin = insert(:user, info: %{is_admin: true})
246 |> assign(:user, admin)
247 |> put_req_header("accept", "application/json")
252 test "deactivates the user", %{conn: conn} do
257 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
259 user = User.get_by_id(user.id)
260 assert user.info.deactivated == true
261 assert json_response(conn, :no_content)
264 test "activates the user", %{conn: conn} do
265 user = insert(:user, info: %{deactivated: true})
269 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
271 user = User.get_by_id(user.id)
272 assert user.info.deactivated == false
273 assert json_response(conn, :no_content)
276 test "returns 403 when requested by a non-admin", %{conn: conn} do
281 |> assign(:user, user)
282 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
284 assert json_response(conn, :forbidden)
288 describe "POST /api/pleroma/admin/email_invite, with valid config" do
290 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
291 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
292 Pleroma.Config.put([:instance, :registrations_open], false)
293 Pleroma.Config.put([:instance, :invites_enabled], true)
296 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
297 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
301 [user: insert(:user, info: %{is_admin: true})]
304 test "sends invitation and returns 204", %{conn: conn, user: user} do
305 recipient_email = "foo@bar.com"
306 recipient_name = "J. D."
310 |> assign(:user, user)
311 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
313 assert json_response(conn, :no_content)
315 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
317 refute token_record.used
319 Swoosh.TestAssertions.assert_email_sent(
320 Pleroma.UserEmail.user_invitation_email(
329 test "it returns 403 if requested by a non-admin", %{conn: conn} do
330 non_admin_user = insert(:user)
334 |> assign(:user, non_admin_user)
335 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
337 assert json_response(conn, :forbidden)
341 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
343 [user: insert(:user, info: %{is_admin: true})]
346 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
347 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
348 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
349 Pleroma.Config.put([:instance, :registrations_open], false)
350 Pleroma.Config.put([:instance, :invites_enabled], false)
353 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
354 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
360 |> assign(:user, user)
361 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
363 assert json_response(conn, :internal_server_error)
366 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
367 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
368 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
369 Pleroma.Config.put([:instance, :registrations_open], true)
370 Pleroma.Config.put([:instance, :invites_enabled], true)
373 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
374 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
380 |> assign(:user, user)
381 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
383 assert json_response(conn, :internal_server_error)
387 test "/api/pleroma/admin/invite_token" do
388 admin = insert(:user, info: %{is_admin: true})
392 |> assign(:user, admin)
393 |> put_req_header("accept", "application/json")
394 |> get("/api/pleroma/admin/invite_token")
396 assert conn.status == 200
399 test "/api/pleroma/admin/password_reset" do
400 admin = insert(:user, info: %{is_admin: true})
405 |> assign(:user, admin)
406 |> put_req_header("accept", "application/json")
407 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
409 assert conn.status == 200
412 describe "GET /api/pleroma/admin/users" do
413 test "renders users array for the first page" do
414 admin = insert(:user, info: %{is_admin: true})
415 user = insert(:user, local: false, tags: ["foo", "bar"])
419 |> assign(:user, admin)
420 |> get("/api/pleroma/admin/users?page=1")
422 assert json_response(conn, 200) == %{
427 "deactivated" => admin.info.deactivated,
429 "nickname" => admin.nickname,
430 "roles" => %{"admin" => true, "moderator" => false},
435 "deactivated" => user.info.deactivated,
437 "nickname" => user.nickname,
438 "roles" => %{"admin" => false, "moderator" => false},
440 "tags" => ["foo", "bar"]
446 test "renders empty array for the second page" do
447 admin = insert(:user, info: %{is_admin: true})
452 |> assign(:user, admin)
453 |> get("/api/pleroma/admin/users?page=2")
455 assert json_response(conn, 200) == %{
462 test "regular search" do
463 admin = insert(:user, info: %{is_admin: true})
464 user = insert(:user, nickname: "bob")
468 |> assign(:user, admin)
469 |> get("/api/pleroma/admin/users?query=bo")
471 assert json_response(conn, 200) == %{
476 "deactivated" => user.info.deactivated,
478 "nickname" => user.nickname,
479 "roles" => %{"admin" => false, "moderator" => false},
487 test "regular search with page size" do
488 admin = insert(:user, info: %{is_admin: true})
489 user = insert(:user, nickname: "aalice")
490 user2 = insert(:user, nickname: "alice")
494 |> assign(:user, admin)
495 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=1")
497 assert json_response(conn, 200) == %{
502 "deactivated" => user.info.deactivated,
504 "nickname" => user.nickname,
505 "roles" => %{"admin" => false, "moderator" => false},
514 |> assign(:user, admin)
515 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=2")
517 assert json_response(conn, 200) == %{
522 "deactivated" => user2.info.deactivated,
524 "nickname" => user2.nickname,
525 "roles" => %{"admin" => false, "moderator" => false},
533 test "only local users" do
534 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
535 user = insert(:user, nickname: "bob")
537 insert(:user, nickname: "bobb", local: false)
541 |> assign(:user, admin)
542 |> get("/api/pleroma/admin/users?query=bo&filters=local")
544 assert json_response(conn, 200) == %{
549 "deactivated" => user.info.deactivated,
551 "nickname" => user.nickname,
552 "roles" => %{"admin" => false, "moderator" => false},
560 test "only local users with no query" do
561 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
562 user = insert(:user, nickname: "bob")
564 insert(:user, nickname: "bobb", local: false)
568 |> assign(:user, admin)
569 |> get("/api/pleroma/admin/users?filters=local")
571 assert json_response(conn, 200) == %{
576 "deactivated" => user.info.deactivated,
578 "nickname" => user.nickname,
579 "roles" => %{"admin" => false, "moderator" => false},
584 "deactivated" => admin.info.deactivated,
586 "nickname" => admin.nickname,
587 "roles" => %{"admin" => true, "moderator" => false},
595 test "it works with multiple filters" do
596 admin = insert(:user, nickname: "john", info: %{is_admin: true})
597 user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
599 insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
600 insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
604 |> assign(:user, admin)
605 |> get("/api/pleroma/admin/users?filters=deactivated,external")
607 assert json_response(conn, 200) == %{
612 "deactivated" => user.info.deactivated,
614 "nickname" => user.nickname,
615 "roles" => %{"admin" => false, "moderator" => false},
616 "local" => user.local,
624 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
625 admin = insert(:user, info: %{is_admin: true})
630 |> assign(:user, admin)
631 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
633 assert json_response(conn, 200) ==
635 "deactivated" => !user.info.deactivated,
637 "nickname" => user.nickname,
638 "roles" => %{"admin" => false, "moderator" => false},