git.squeep.com Git - akkoma/blob - test/web/admin_api/admin_api_controller_test.exs

   1 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
   2   use Pleroma.Web.ConnCase
   3
   4   alias Pleroma.{Repo, User}
   5   import Pleroma.Factory
   6
   7   describe "/api/pleroma/admin/user" do
   8     test "Delete" do
   9       admin = insert(:user, info: %{is_admin: true})
  10       user = insert(:user)
  11
  12       conn =
  13         build_conn()
  14         |> assign(:user, admin)
  15         |> put_req_header("accept", "application/json")
  16         |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
  17
  18       assert json_response(conn, 200) == user.nickname
  19     end
  20
  21     test "Create" do
  22       admin = insert(:user, info: %{is_admin: true})
  23
  24       conn =
  25         build_conn()
  26         |> assign(:user, admin)
  27         |> put_req_header("accept", "application/json")
  28         |> post("/api/pleroma/admin/user", %{
  29           "nickname" => "lain",
  30           "email" => "lain@example.org",
  31           "password" => "test"
  32         })
  33
  34       assert json_response(conn, 200) == "lain"
  35     end
  36   end
  37
  38   describe "PUT /api/pleroma/admin/users/tag" do
  39     setup do
  40       admin = insert(:user, info: %{is_admin: true})
  41       user1 = insert(:user, %{tags: ["x"]})
  42       user2 = insert(:user, %{tags: ["y"]})
  43       user3 = insert(:user, %{tags: ["unchanged"]})
  44
  45       conn =
  46         build_conn()
  47         |> assign(:user, admin)
  48         |> put_req_header("accept", "application/json")
  49         |> put(
  50           "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
  51             user2.nickname
  52           }&tags[]=foo&tags[]=bar"
  53         )
  54
  55       %{conn: conn, user1: user1, user2: user2, user3: user3}
  56     end
  57
  58     test "it appends specified tags to users with specified nicknames", %{
  59       conn: conn,
  60       user1: user1,
  61       user2: user2
  62     } do
  63       assert json_response(conn, :no_content)
  64       assert Repo.get(User, user1.id).tags == ["x", "foo", "bar"]
  65       assert Repo.get(User, user2.id).tags == ["y", "foo", "bar"]
  66     end
  67
  68     test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
  69       assert json_response(conn, :no_content)
  70       assert Repo.get(User, user3.id).tags == ["unchanged"]
  71     end
  72   end
  73
  74   describe "DELETE /api/pleroma/admin/users/tag" do
  75     setup do
  76       admin = insert(:user, info: %{is_admin: true})
  77       user1 = insert(:user, %{tags: ["x"]})
  78       user2 = insert(:user, %{tags: ["y", "z"]})
  79       user3 = insert(:user, %{tags: ["unchanged"]})
  80
  81       conn =
  82         build_conn()
  83         |> assign(:user, admin)
  84         |> put_req_header("accept", "application/json")
  85         |> delete(
  86           "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
  87             user2.nickname
  88           }&tags[]=x&tags[]=z"
  89         )
  90
  91       %{conn: conn, user1: user1, user2: user2, user3: user3}
  92     end
  93
  94     test "it removes specified tags from users with specified nicknames", %{
  95       conn: conn,
  96       user1: user1,
  97       user2: user2
  98     } do
  99       assert json_response(conn, :no_content)
 100       assert Repo.get(User, user1.id).tags == []
 101       assert Repo.get(User, user2.id).tags == ["y"]
 102     end
 103
 104     test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
 105       assert json_response(conn, :no_content)
 106       assert Repo.get(User, user3.id).tags == ["unchanged"]
 107     end
 108   end
 109
 110   describe "/api/pleroma/admin/permission_group" do
 111     test "GET is giving user_info" do
 112       admin = insert(:user, info: %{is_admin: true})
 113
 114       conn =
 115         build_conn()
 116         |> assign(:user, admin)
 117         |> put_req_header("accept", "application/json")
 118         |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
 119
 120       assert json_response(conn, 200) == %{
 121                "is_admin" => true,
 122                "is_moderator" => false
 123              }
 124     end
 125
 126     test "/:right POST, can add to a permission group" do
 127       admin = insert(:user, info: %{is_admin: true})
 128       user = insert(:user)
 129
 130       conn =
 131         build_conn()
 132         |> assign(:user, admin)
 133         |> put_req_header("accept", "application/json")
 134         |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
 135
 136       assert json_response(conn, 200) == %{
 137                "is_admin" => true
 138              }
 139     end
 140
 141     test "/:right DELETE, can remove from a permission group" do
 142       admin = insert(:user, info: %{is_admin: true})
 143       user = insert(:user, info: %{is_admin: true})
 144
 145       conn =
 146         build_conn()
 147         |> assign(:user, admin)
 148         |> put_req_header("accept", "application/json")
 149         |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
 150
 151       assert json_response(conn, 200) == %{
 152                "is_admin" => false
 153              }
 154     end
 155   end
 156
 157   describe "POST /api/pleroma/admin/email_invite, with valid config" do
 158     setup do
 159       registrations_open = Pleroma.Config.get([:instance, :registrations_open])
 160       invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
 161       Pleroma.Config.put([:instance, :registrations_open], false)
 162       Pleroma.Config.put([:instance, :invites_enabled], true)
 163
 164       on_exit(fn ->
 165         Pleroma.Config.put([:instance, :registrations_open], registrations_open)
 166         Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
 167         :ok
 168       end)
 169
 170       [user: insert(:user, info: %{is_admin: true})]
 171     end
 172
 173     test "sends invitation and returns 204", %{conn: conn, user: user} do
 174       recipient_email = "foo@bar.com"
 175       recipient_name = "J. D."
 176
 177       conn =
 178         conn
 179         |> assign(:user, user)
 180         |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
 181
 182       assert json_response(conn, :no_content)
 183
 184       token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
 185       assert token_record
 186       refute token_record.used
 187
 188       Swoosh.TestAssertions.assert_email_sent(
 189         Pleroma.UserEmail.user_invitation_email(
 190           user,
 191           token_record,
 192           recipient_email,
 193           recipient_name
 194         )
 195       )
 196     end
 197
 198     test "it returns 403 if requested by a non-admin", %{conn: conn} do
 199       non_admin_user = insert(:user)
 200
 201       conn =
 202         conn
 203         |> assign(:user, non_admin_user)
 204         |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
 205
 206       assert json_response(conn, :forbidden)
 207     end
 208   end
 209
 210   describe "POST /api/pleroma/admin/email_invite, with invalid config" do
 211     setup do
 212       [user: insert(:user, info: %{is_admin: true})]
 213     end
 214
 215     test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
 216       registrations_open = Pleroma.Config.get([:instance, :registrations_open])
 217       invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
 218       Pleroma.Config.put([:instance, :registrations_open], false)
 219       Pleroma.Config.put([:instance, :invites_enabled], false)
 220
 221       on_exit(fn ->
 222         Pleroma.Config.put([:instance, :registrations_open], registrations_open)
 223         Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
 224         :ok
 225       end)
 226
 227       conn =
 228         conn
 229         |> assign(:user, user)
 230         |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
 231
 232       assert json_response(conn, :internal_server_error)
 233     end
 234
 235     test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
 236       registrations_open = Pleroma.Config.get([:instance, :registrations_open])
 237       invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
 238       Pleroma.Config.put([:instance, :registrations_open], true)
 239       Pleroma.Config.put([:instance, :invites_enabled], true)
 240
 241       on_exit(fn ->
 242         Pleroma.Config.put([:instance, :registrations_open], registrations_open)
 243         Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
 244         :ok
 245       end)
 246
 247       conn =
 248         conn
 249         |> assign(:user, user)
 250         |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
 251
 252       assert json_response(conn, :internal_server_error)
 253     end
 254   end
 255
 256   test "/api/pleroma/admin/invite_token" do
 257     admin = insert(:user, info: %{is_admin: true})
 258
 259     conn =
 260       build_conn()
 261       |> assign(:user, admin)
 262       |> put_req_header("accept", "application/json")
 263       |> get("/api/pleroma/admin/invite_token")
 264
 265     assert conn.status == 200
 266   end
 267
 268   test "/api/pleroma/admin/password_reset" do
 269     admin = insert(:user, info: %{is_admin: true})
 270     user = insert(:user)
 271
 272     conn =
 273       build_conn()
 274       |> assign(:user, admin)
 275       |> put_req_header("accept", "application/json")
 276       |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
 277
 278     assert conn.status == 200
 279   end
 280 end