1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
10 import Pleroma.Factory
12 describe "/api/pleroma/admin/user" do
14 admin = insert(:user, info: %{is_admin: true})
19 |> assign(:user, admin)
20 |> put_req_header("accept", "application/json")
21 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
23 assert json_response(conn, 200) == user.nickname
27 admin = insert(:user, info: %{is_admin: true})
31 |> assign(:user, admin)
32 |> put_req_header("accept", "application/json")
33 |> post("/api/pleroma/admin/user", %{
35 "email" => "lain@example.org",
39 assert json_response(conn, 200) == "lain"
43 describe "PUT /api/pleroma/admin/users/tag" do
45 admin = insert(:user, info: %{is_admin: true})
46 user1 = insert(:user, %{tags: ["x"]})
47 user2 = insert(:user, %{tags: ["y"]})
48 user3 = insert(:user, %{tags: ["unchanged"]})
52 |> assign(:user, admin)
53 |> put_req_header("accept", "application/json")
55 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
57 }&tags[]=foo&tags[]=bar"
60 %{conn: conn, user1: user1, user2: user2, user3: user3}
63 test "it appends specified tags to users with specified nicknames", %{
68 assert json_response(conn, :no_content)
69 assert Repo.get(User, user1.id).tags == ["x", "foo", "bar"]
70 assert Repo.get(User, user2.id).tags == ["y", "foo", "bar"]
73 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
74 assert json_response(conn, :no_content)
75 assert Repo.get(User, user3.id).tags == ["unchanged"]
79 describe "DELETE /api/pleroma/admin/users/tag" do
81 admin = insert(:user, info: %{is_admin: true})
82 user1 = insert(:user, %{tags: ["x"]})
83 user2 = insert(:user, %{tags: ["y", "z"]})
84 user3 = insert(:user, %{tags: ["unchanged"]})
88 |> assign(:user, admin)
89 |> put_req_header("accept", "application/json")
91 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
96 %{conn: conn, user1: user1, user2: user2, user3: user3}
99 test "it removes specified tags from users with specified nicknames", %{
104 assert json_response(conn, :no_content)
105 assert Repo.get(User, user1.id).tags == []
106 assert Repo.get(User, user2.id).tags == ["y"]
109 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
110 assert json_response(conn, :no_content)
111 assert Repo.get(User, user3.id).tags == ["unchanged"]
115 describe "/api/pleroma/admin/permission_group" do
116 test "GET is giving user_info" do
117 admin = insert(:user, info: %{is_admin: true})
121 |> assign(:user, admin)
122 |> put_req_header("accept", "application/json")
123 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
125 assert json_response(conn, 200) == %{
127 "is_moderator" => false
131 test "/:right POST, can add to a permission group" do
132 admin = insert(:user, info: %{is_admin: true})
137 |> assign(:user, admin)
138 |> put_req_header("accept", "application/json")
139 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
141 assert json_response(conn, 200) == %{
146 test "/:right DELETE, can remove from a permission group" do
147 admin = insert(:user, info: %{is_admin: true})
148 user = insert(:user, info: %{is_admin: true})
152 |> assign(:user, admin)
153 |> put_req_header("accept", "application/json")
154 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
156 assert json_response(conn, 200) == %{
162 describe "PUT /api/pleroma/admin/activation_status" do
163 setup %{conn: conn} do
164 admin = insert(:user, info: %{is_admin: true})
168 |> assign(:user, admin)
169 |> put_req_header("accept", "application/json")
174 test "deactivates the user", %{conn: conn} do
179 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
181 user = Repo.get(User, user.id)
182 assert user.info.deactivated == true
183 assert json_response(conn, :no_content)
186 test "activates the user", %{conn: conn} do
187 user = insert(:user, info: %{deactivated: true})
191 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
193 user = Repo.get(User, user.id)
194 assert user.info.deactivated == false
195 assert json_response(conn, :no_content)
198 test "returns 403 when requested by a non-admin", %{conn: conn} do
203 |> assign(:user, user)
204 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
206 assert json_response(conn, :forbidden)
210 describe "POST /api/pleroma/admin/email_invite, with valid config" do
212 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
213 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
214 Pleroma.Config.put([:instance, :registrations_open], false)
215 Pleroma.Config.put([:instance, :invites_enabled], true)
218 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
219 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
223 [user: insert(:user, info: %{is_admin: true})]
226 test "sends invitation and returns 204", %{conn: conn, user: user} do
227 recipient_email = "foo@bar.com"
228 recipient_name = "J. D."
232 |> assign(:user, user)
233 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
235 assert json_response(conn, :no_content)
237 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
239 refute token_record.used
241 Swoosh.TestAssertions.assert_email_sent(
242 Pleroma.UserEmail.user_invitation_email(
251 test "it returns 403 if requested by a non-admin", %{conn: conn} do
252 non_admin_user = insert(:user)
256 |> assign(:user, non_admin_user)
257 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
259 assert json_response(conn, :forbidden)
263 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
265 [user: insert(:user, info: %{is_admin: true})]
268 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
269 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
270 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
271 Pleroma.Config.put([:instance, :registrations_open], false)
272 Pleroma.Config.put([:instance, :invites_enabled], false)
275 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
276 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
282 |> assign(:user, user)
283 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
285 assert json_response(conn, :internal_server_error)
288 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
289 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
290 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
291 Pleroma.Config.put([:instance, :registrations_open], true)
292 Pleroma.Config.put([:instance, :invites_enabled], true)
295 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
296 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
302 |> assign(:user, user)
303 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
305 assert json_response(conn, :internal_server_error)
309 test "/api/pleroma/admin/invite_token" do
310 admin = insert(:user, info: %{is_admin: true})
314 |> assign(:user, admin)
315 |> put_req_header("accept", "application/json")
316 |> get("/api/pleroma/admin/invite_token")
318 assert conn.status == 200
321 test "/api/pleroma/admin/password_reset" do
322 admin = insert(:user, info: %{is_admin: true})
327 |> assign(:user, admin)
328 |> put_req_header("accept", "application/json")
329 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
331 assert conn.status == 200
334 describe "GET /api/pleroma/admin/users" do
335 test "renders users array for the first page" do
336 admin = insert(:user, info: %{is_admin: true})
341 |> assign(:user, admin)
342 |> get("/api/pleroma/admin/users?page=1")
344 assert json_response(conn, 200) == %{
349 "deactivated" => admin.info.deactivated,
351 "nickname" => admin.nickname,
352 "roles" => %{"admin" => true, "moderator" => false}
355 "deactivated" => user.info.deactivated,
357 "nickname" => user.nickname,
358 "roles" => %{"admin" => false, "moderator" => false}
364 test "renders empty array for the second page" do
365 admin = insert(:user, info: %{is_admin: true})
370 |> assign(:user, admin)
371 |> get("/api/pleroma/admin/users?page=2")
373 assert json_response(conn, 200) == %{
380 test "regular search" do
381 admin = insert(:user, info: %{is_admin: true})
382 user = insert(:user, nickname: "bob")
386 |> assign(:user, admin)
387 |> get("/api/pleroma/admin/users?query=bo")
389 assert json_response(conn, 200) == %{
394 "deactivated" => user.info.deactivated,
396 "nickname" => user.nickname,
397 "roles" => %{"admin" => false, "moderator" => false},
404 test "regular search with page size" do
405 admin = insert(:user, info: %{is_admin: true})
406 user = insert(:user, nickname: "bob")
407 user2 = insert(:user, nickname: "bo")
411 |> assign(:user, admin)
412 |> get("/api/pleroma/admin/users?query=bo&page_size=1&page=1")
414 assert json_response(conn, 200) == %{
419 "deactivated" => user.info.deactivated,
421 "nickname" => user.nickname,
422 "roles" => %{"admin" => false, "moderator" => false},
430 |> assign(:user, admin)
431 |> get("/api/pleroma/admin/users?query=bo&page_size=1&page=2")
433 assert json_response(conn, 200) == %{
438 "deactivated" => user2.info.deactivated,
440 "nickname" => user2.nickname,
441 "roles" => %{"admin" => false, "moderator" => false},
448 test "only local users" do
449 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
450 user = insert(:user, nickname: "bob")
452 insert(:user, nickname: "bobb", local: false)
456 |> assign(:user, admin)
457 |> get("/api/pleroma/admin/users?query=bo&local_only=true")
459 assert json_response(conn, 200) == %{
464 "deactivated" => user.info.deactivated,
466 "nickname" => user.nickname,
467 "roles" => %{"admin" => false, "moderator" => false},
474 test "only local users with no query" do
475 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
476 user = insert(:user, nickname: "bob")
478 insert(:user, nickname: "bobb", local: false)
482 |> assign(:user, admin)
483 |> get("/api/pleroma/admin/users?local_only=true")
485 assert json_response(conn, 200) == %{
490 "deactivated" => admin.info.deactivated,
492 "nickname" => admin.nickname,
493 "roles" => %{"admin" => true, "moderator" => false},
497 "deactivated" => user.info.deactivated,
499 "nickname" => user.nickname,
500 "roles" => %{"admin" => false, "moderator" => false},
508 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
509 admin = insert(:user, info: %{is_admin: true})
514 |> assign(:user, admin)
515 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
517 assert json_response(conn, 200) ==
519 "deactivated" => !user.info.deactivated,
521 "nickname" => user.nickname,
522 "roles" => %{"admin" => false, "moderator" => false},