1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
11 describe "/api/pleroma/admin/user" do
13 admin = insert(:user, info: %{is_admin: true})
18 |> assign(:user, admin)
19 |> put_req_header("accept", "application/json")
20 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
22 assert json_response(conn, 200) == user.nickname
26 admin = insert(:user, info: %{is_admin: true})
30 |> assign(:user, admin)
31 |> put_req_header("accept", "application/json")
32 |> post("/api/pleroma/admin/user", %{
34 "email" => "lain@example.org",
38 assert json_response(conn, 200) == "lain"
42 describe "/api/pleroma/admin/users/:nickname" do
43 test "Show", %{conn: conn} do
44 admin = insert(:user, info: %{is_admin: true})
49 |> assign(:user, admin)
50 |> get("/api/pleroma/admin/users/#{user.nickname}")
53 "deactivated" => false,
54 "id" => to_string(user.id),
56 "nickname" => user.nickname,
57 "roles" => %{"admin" => false, "moderator" => false},
61 assert expected == json_response(conn, 200)
64 test "when the user doesn't exist", %{conn: conn} do
65 admin = insert(:user, info: %{is_admin: true})
70 |> assign(:user, admin)
71 |> get("/api/pleroma/admin/users/#{user.nickname}")
73 assert "Not found" == json_response(conn, 404)
77 describe "PUT /api/pleroma/admin/users/tag" do
79 admin = insert(:user, info: %{is_admin: true})
80 user1 = insert(:user, %{tags: ["x"]})
81 user2 = insert(:user, %{tags: ["y"]})
82 user3 = insert(:user, %{tags: ["unchanged"]})
86 |> assign(:user, admin)
87 |> put_req_header("accept", "application/json")
89 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
91 }&tags[]=foo&tags[]=bar"
94 %{conn: conn, user1: user1, user2: user2, user3: user3}
97 test "it appends specified tags to users with specified nicknames", %{
102 assert json_response(conn, :no_content)
103 assert User.get_by_id(user1.id).tags == ["x", "foo", "bar"]
104 assert User.get_by_id(user2.id).tags == ["y", "foo", "bar"]
107 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
108 assert json_response(conn, :no_content)
109 assert User.get_by_id(user3.id).tags == ["unchanged"]
113 describe "DELETE /api/pleroma/admin/users/tag" do
115 admin = insert(:user, info: %{is_admin: true})
116 user1 = insert(:user, %{tags: ["x"]})
117 user2 = insert(:user, %{tags: ["y", "z"]})
118 user3 = insert(:user, %{tags: ["unchanged"]})
122 |> assign(:user, admin)
123 |> put_req_header("accept", "application/json")
125 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
130 %{conn: conn, user1: user1, user2: user2, user3: user3}
133 test "it removes specified tags from users with specified nicknames", %{
138 assert json_response(conn, :no_content)
139 assert User.get_by_id(user1.id).tags == []
140 assert User.get_by_id(user2.id).tags == ["y"]
143 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
144 assert json_response(conn, :no_content)
145 assert User.get_by_id(user3.id).tags == ["unchanged"]
149 describe "/api/pleroma/admin/permission_group" do
150 test "GET is giving user_info" do
151 admin = insert(:user, info: %{is_admin: true})
155 |> assign(:user, admin)
156 |> put_req_header("accept", "application/json")
157 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
159 assert json_response(conn, 200) == %{
161 "is_moderator" => false
165 test "/:right POST, can add to a permission group" do
166 admin = insert(:user, info: %{is_admin: true})
171 |> assign(:user, admin)
172 |> put_req_header("accept", "application/json")
173 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
175 assert json_response(conn, 200) == %{
180 test "/:right DELETE, can remove from a permission group" do
181 admin = insert(:user, info: %{is_admin: true})
182 user = insert(:user, info: %{is_admin: true})
186 |> assign(:user, admin)
187 |> put_req_header("accept", "application/json")
188 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
190 assert json_response(conn, 200) == %{
196 describe "PUT /api/pleroma/admin/activation_status" do
197 setup %{conn: conn} do
198 admin = insert(:user, info: %{is_admin: true})
202 |> assign(:user, admin)
203 |> put_req_header("accept", "application/json")
208 test "deactivates the user", %{conn: conn} do
213 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
215 user = User.get_by_id(user.id)
216 assert user.info.deactivated == true
217 assert json_response(conn, :no_content)
220 test "activates the user", %{conn: conn} do
221 user = insert(:user, info: %{deactivated: true})
225 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
227 user = User.get_by_id(user.id)
228 assert user.info.deactivated == false
229 assert json_response(conn, :no_content)
232 test "returns 403 when requested by a non-admin", %{conn: conn} do
237 |> assign(:user, user)
238 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
240 assert json_response(conn, :forbidden)
244 describe "POST /api/pleroma/admin/email_invite, with valid config" do
246 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
247 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
248 Pleroma.Config.put([:instance, :registrations_open], false)
249 Pleroma.Config.put([:instance, :invites_enabled], true)
252 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
253 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
257 [user: insert(:user, info: %{is_admin: true})]
260 test "sends invitation and returns 204", %{conn: conn, user: user} do
261 recipient_email = "foo@bar.com"
262 recipient_name = "J. D."
266 |> assign(:user, user)
267 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
269 assert json_response(conn, :no_content)
271 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
273 refute token_record.used
275 Swoosh.TestAssertions.assert_email_sent(
276 Pleroma.UserEmail.user_invitation_email(
285 test "it returns 403 if requested by a non-admin", %{conn: conn} do
286 non_admin_user = insert(:user)
290 |> assign(:user, non_admin_user)
291 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
293 assert json_response(conn, :forbidden)
297 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
299 [user: insert(:user, info: %{is_admin: true})]
302 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
303 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
304 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
305 Pleroma.Config.put([:instance, :registrations_open], false)
306 Pleroma.Config.put([:instance, :invites_enabled], false)
309 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
310 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
316 |> assign(:user, user)
317 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
319 assert json_response(conn, :internal_server_error)
322 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
323 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
324 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
325 Pleroma.Config.put([:instance, :registrations_open], true)
326 Pleroma.Config.put([:instance, :invites_enabled], true)
329 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
330 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
336 |> assign(:user, user)
337 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
339 assert json_response(conn, :internal_server_error)
343 test "/api/pleroma/admin/invite_token" do
344 admin = insert(:user, info: %{is_admin: true})
348 |> assign(:user, admin)
349 |> put_req_header("accept", "application/json")
350 |> get("/api/pleroma/admin/invite_token")
352 assert conn.status == 200
355 test "/api/pleroma/admin/password_reset" do
356 admin = insert(:user, info: %{is_admin: true})
361 |> assign(:user, admin)
362 |> put_req_header("accept", "application/json")
363 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
365 assert conn.status == 200
368 describe "GET /api/pleroma/admin/users" do
369 test "renders users array for the first page" do
370 admin = insert(:user, info: %{is_admin: true})
371 user = insert(:user, local: false, tags: ["foo", "bar"])
375 |> assign(:user, admin)
376 |> get("/api/pleroma/admin/users?page=1")
378 assert json_response(conn, 200) == %{
383 "deactivated" => admin.info.deactivated,
385 "nickname" => admin.nickname,
386 "roles" => %{"admin" => true, "moderator" => false},
391 "deactivated" => user.info.deactivated,
393 "nickname" => user.nickname,
394 "roles" => %{"admin" => false, "moderator" => false},
396 "tags" => ["foo", "bar"]
402 test "renders empty array for the second page" do
403 admin = insert(:user, info: %{is_admin: true})
408 |> assign(:user, admin)
409 |> get("/api/pleroma/admin/users?page=2")
411 assert json_response(conn, 200) == %{
418 test "regular search" do
419 admin = insert(:user, info: %{is_admin: true})
420 user = insert(:user, nickname: "bob")
424 |> assign(:user, admin)
425 |> get("/api/pleroma/admin/users?query=bo")
427 assert json_response(conn, 200) == %{
432 "deactivated" => user.info.deactivated,
434 "nickname" => user.nickname,
435 "roles" => %{"admin" => false, "moderator" => false},
443 test "regular search with page size" do
444 admin = insert(:user, info: %{is_admin: true})
445 user = insert(:user, nickname: "aalice")
446 user2 = insert(:user, nickname: "alice")
450 |> assign(:user, admin)
451 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=1")
453 assert json_response(conn, 200) == %{
458 "deactivated" => user.info.deactivated,
460 "nickname" => user.nickname,
461 "roles" => %{"admin" => false, "moderator" => false},
470 |> assign(:user, admin)
471 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=2")
473 assert json_response(conn, 200) == %{
478 "deactivated" => user2.info.deactivated,
480 "nickname" => user2.nickname,
481 "roles" => %{"admin" => false, "moderator" => false},
489 test "only local users" do
490 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
491 user = insert(:user, nickname: "bob")
493 insert(:user, nickname: "bobb", local: false)
497 |> assign(:user, admin)
498 |> get("/api/pleroma/admin/users?query=bo&filters=local")
500 assert json_response(conn, 200) == %{
505 "deactivated" => user.info.deactivated,
507 "nickname" => user.nickname,
508 "roles" => %{"admin" => false, "moderator" => false},
516 test "only local users with no query" do
517 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
518 user = insert(:user, nickname: "bob")
520 insert(:user, nickname: "bobb", local: false)
524 |> assign(:user, admin)
525 |> get("/api/pleroma/admin/users?filters=local")
527 assert json_response(conn, 200) == %{
532 "deactivated" => user.info.deactivated,
534 "nickname" => user.nickname,
535 "roles" => %{"admin" => false, "moderator" => false},
540 "deactivated" => admin.info.deactivated,
542 "nickname" => admin.nickname,
543 "roles" => %{"admin" => true, "moderator" => false},
551 test "it works with multiple filters" do
552 admin = insert(:user, nickname: "john", info: %{is_admin: true})
553 user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
555 insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
556 insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
560 |> assign(:user, admin)
561 |> get("/api/pleroma/admin/users?filters=deactivated,external")
563 assert json_response(conn, 200) == %{
568 "deactivated" => user.info.deactivated,
570 "nickname" => user.nickname,
571 "roles" => %{"admin" => false, "moderator" => false},
572 "local" => user.local,
580 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
581 admin = insert(:user, info: %{is_admin: true})
586 |> assign(:user, admin)
587 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
589 assert json_response(conn, 200) ==
591 "deactivated" => !user.info.deactivated,
593 "nickname" => user.nickname,
594 "roles" => %{"admin" => false, "moderator" => false},