1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
10 import Pleroma.Factory
12 describe "/api/pleroma/admin/user" do
14 admin = insert(:user, info: %{is_admin: true})
19 |> assign(:user, admin)
20 |> put_req_header("accept", "application/json")
21 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
23 assert json_response(conn, 200) == user.nickname
27 admin = insert(:user, info: %{is_admin: true})
31 |> assign(:user, admin)
32 |> put_req_header("accept", "application/json")
33 |> post("/api/pleroma/admin/user", %{
35 "email" => "lain@example.org",
39 assert json_response(conn, 200) == "lain"
43 describe "/api/pleroma/admin/users/:nickname" do
44 test "Show", %{conn: conn} do
45 admin = insert(:user, info: %{is_admin: true})
50 |> assign(:user, admin)
51 |> get("/api/pleroma/admin/users/#{user.nickname}")
54 "deactivated" => false,
55 "id" => to_string(user.id),
57 "nickname" => user.nickname,
58 "roles" => %{"admin" => false, "moderator" => false},
62 assert expected == json_response(conn, 200)
65 test "when the user doesn't exist", %{conn: conn} do
66 admin = insert(:user, info: %{is_admin: true})
71 |> assign(:user, admin)
72 |> get("/api/pleroma/admin/users/#{user.nickname}")
74 assert "Not found" == json_response(conn, 404)
78 describe "PUT /api/pleroma/admin/users/tag" do
80 admin = insert(:user, info: %{is_admin: true})
81 user1 = insert(:user, %{tags: ["x"]})
82 user2 = insert(:user, %{tags: ["y"]})
83 user3 = insert(:user, %{tags: ["unchanged"]})
87 |> assign(:user, admin)
88 |> put_req_header("accept", "application/json")
90 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
92 }&tags[]=foo&tags[]=bar"
95 %{conn: conn, user1: user1, user2: user2, user3: user3}
98 test "it appends specified tags to users with specified nicknames", %{
103 assert json_response(conn, :no_content)
104 assert Repo.get(User, user1.id).tags == ["x", "foo", "bar"]
105 assert Repo.get(User, user2.id).tags == ["y", "foo", "bar"]
108 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
109 assert json_response(conn, :no_content)
110 assert Repo.get(User, user3.id).tags == ["unchanged"]
114 describe "DELETE /api/pleroma/admin/users/tag" do
116 admin = insert(:user, info: %{is_admin: true})
117 user1 = insert(:user, %{tags: ["x"]})
118 user2 = insert(:user, %{tags: ["y", "z"]})
119 user3 = insert(:user, %{tags: ["unchanged"]})
123 |> assign(:user, admin)
124 |> put_req_header("accept", "application/json")
126 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
131 %{conn: conn, user1: user1, user2: user2, user3: user3}
134 test "it removes specified tags from users with specified nicknames", %{
139 assert json_response(conn, :no_content)
140 assert Repo.get(User, user1.id).tags == []
141 assert Repo.get(User, user2.id).tags == ["y"]
144 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
145 assert json_response(conn, :no_content)
146 assert Repo.get(User, user3.id).tags == ["unchanged"]
150 describe "/api/pleroma/admin/permission_group" do
151 test "GET is giving user_info" do
152 admin = insert(:user, info: %{is_admin: true})
156 |> assign(:user, admin)
157 |> put_req_header("accept", "application/json")
158 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
160 assert json_response(conn, 200) == %{
162 "is_moderator" => false
166 test "/:right POST, can add to a permission group" do
167 admin = insert(:user, info: %{is_admin: true})
172 |> assign(:user, admin)
173 |> put_req_header("accept", "application/json")
174 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
176 assert json_response(conn, 200) == %{
181 test "/:right DELETE, can remove from a permission group" do
182 admin = insert(:user, info: %{is_admin: true})
183 user = insert(:user, info: %{is_admin: true})
187 |> assign(:user, admin)
188 |> put_req_header("accept", "application/json")
189 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
191 assert json_response(conn, 200) == %{
197 describe "PUT /api/pleroma/admin/activation_status" do
198 setup %{conn: conn} do
199 admin = insert(:user, info: %{is_admin: true})
203 |> assign(:user, admin)
204 |> put_req_header("accept", "application/json")
209 test "deactivates the user", %{conn: conn} do
214 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
216 user = Repo.get(User, user.id)
217 assert user.info.deactivated == true
218 assert json_response(conn, :no_content)
221 test "activates the user", %{conn: conn} do
222 user = insert(:user, info: %{deactivated: true})
226 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
228 user = Repo.get(User, user.id)
229 assert user.info.deactivated == false
230 assert json_response(conn, :no_content)
233 test "returns 403 when requested by a non-admin", %{conn: conn} do
238 |> assign(:user, user)
239 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
241 assert json_response(conn, :forbidden)
245 describe "POST /api/pleroma/admin/email_invite, with valid config" do
247 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
248 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
249 Pleroma.Config.put([:instance, :registrations_open], false)
250 Pleroma.Config.put([:instance, :invites_enabled], true)
253 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
254 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
258 [user: insert(:user, info: %{is_admin: true})]
261 test "sends invitation and returns 204", %{conn: conn, user: user} do
262 recipient_email = "foo@bar.com"
263 recipient_name = "J. D."
267 |> assign(:user, user)
268 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
270 assert json_response(conn, :no_content)
272 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
274 refute token_record.used
276 Swoosh.TestAssertions.assert_email_sent(
277 Pleroma.UserEmail.user_invitation_email(
286 test "it returns 403 if requested by a non-admin", %{conn: conn} do
287 non_admin_user = insert(:user)
291 |> assign(:user, non_admin_user)
292 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
294 assert json_response(conn, :forbidden)
298 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
300 [user: insert(:user, info: %{is_admin: true})]
303 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
304 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
305 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
306 Pleroma.Config.put([:instance, :registrations_open], false)
307 Pleroma.Config.put([:instance, :invites_enabled], false)
310 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
311 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
317 |> assign(:user, user)
318 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
320 assert json_response(conn, :internal_server_error)
323 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
324 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
325 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
326 Pleroma.Config.put([:instance, :registrations_open], true)
327 Pleroma.Config.put([:instance, :invites_enabled], true)
330 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
331 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
337 |> assign(:user, user)
338 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
340 assert json_response(conn, :internal_server_error)
344 test "/api/pleroma/admin/invite_token" do
345 admin = insert(:user, info: %{is_admin: true})
349 |> assign(:user, admin)
350 |> put_req_header("accept", "application/json")
351 |> get("/api/pleroma/admin/invite_token")
353 assert conn.status == 200
356 test "/api/pleroma/admin/password_reset" do
357 admin = insert(:user, info: %{is_admin: true})
362 |> assign(:user, admin)
363 |> put_req_header("accept", "application/json")
364 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
366 assert conn.status == 200
369 describe "GET /api/pleroma/admin/users" do
370 test "renders users array for the first page" do
371 admin = insert(:user, info: %{is_admin: true})
372 user = insert(:user, local: false, tags: ["foo", "bar"])
376 |> assign(:user, admin)
377 |> get("/api/pleroma/admin/users?page=1")
379 assert json_response(conn, 200) == %{
384 "deactivated" => admin.info.deactivated,
386 "nickname" => admin.nickname,
387 "roles" => %{"admin" => true, "moderator" => false},
392 "deactivated" => user.info.deactivated,
394 "nickname" => user.nickname,
395 "roles" => %{"admin" => false, "moderator" => false},
397 "tags" => ["foo", "bar"]
403 test "renders empty array for the second page" do
404 admin = insert(:user, info: %{is_admin: true})
409 |> assign(:user, admin)
410 |> get("/api/pleroma/admin/users?page=2")
412 assert json_response(conn, 200) == %{
419 test "regular search" do
420 admin = insert(:user, info: %{is_admin: true})
421 user = insert(:user, nickname: "bob")
425 |> assign(:user, admin)
426 |> get("/api/pleroma/admin/users?query=bo")
428 assert json_response(conn, 200) == %{
433 "deactivated" => user.info.deactivated,
435 "nickname" => user.nickname,
436 "roles" => %{"admin" => false, "moderator" => false},
444 test "regular search with page size" do
445 admin = insert(:user, info: %{is_admin: true})
446 user = insert(:user, nickname: "aalice")
447 user2 = insert(:user, nickname: "alice")
451 |> assign(:user, admin)
452 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=1")
454 assert json_response(conn, 200) == %{
459 "deactivated" => user.info.deactivated,
461 "nickname" => user.nickname,
462 "roles" => %{"admin" => false, "moderator" => false},
471 |> assign(:user, admin)
472 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=2")
474 assert json_response(conn, 200) == %{
479 "deactivated" => user2.info.deactivated,
481 "nickname" => user2.nickname,
482 "roles" => %{"admin" => false, "moderator" => false},
490 test "only local users" do
491 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
492 user = insert(:user, nickname: "bob")
494 insert(:user, nickname: "bobb", local: false)
498 |> assign(:user, admin)
499 |> get("/api/pleroma/admin/users?query=bo&filters=local")
501 assert json_response(conn, 200) == %{
506 "deactivated" => user.info.deactivated,
508 "nickname" => user.nickname,
509 "roles" => %{"admin" => false, "moderator" => false},
517 test "only local users with no query" do
518 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
519 user = insert(:user, nickname: "bob")
521 insert(:user, nickname: "bobb", local: false)
525 |> assign(:user, admin)
526 |> get("/api/pleroma/admin/users?filters=local")
528 assert json_response(conn, 200) == %{
533 "deactivated" => user.info.deactivated,
535 "nickname" => user.nickname,
536 "roles" => %{"admin" => false, "moderator" => false},
541 "deactivated" => admin.info.deactivated,
543 "nickname" => admin.nickname,
544 "roles" => %{"admin" => true, "moderator" => false},
552 test "it works with multiple filters" do
553 admin = insert(:user, nickname: "john", info: %{is_admin: true})
554 user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
556 insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
557 insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
561 |> assign(:user, admin)
562 |> get("/api/pleroma/admin/users?filters=deactivated,external")
564 assert json_response(conn, 200) == %{
569 "deactivated" => user.info.deactivated,
571 "nickname" => user.nickname,
572 "roles" => %{"admin" => false, "moderator" => false},
573 "local" => user.local,
581 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
582 admin = insert(:user, info: %{is_admin: true})
587 |> assign(:user, admin)
588 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
590 assert json_response(conn, 200) ==
592 "deactivated" => !user.info.deactivated,
594 "nickname" => user.nickname,
595 "roles" => %{"admin" => false, "moderator" => false},