1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
10 import Pleroma.Factory
12 describe "/api/pleroma/admin/user" do
14 admin = insert(:user, info: %{is_admin: true})
19 |> assign(:user, admin)
20 |> put_req_header("accept", "application/json")
21 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
23 assert json_response(conn, 200) == user.nickname
27 admin = insert(:user, info: %{is_admin: true})
31 |> assign(:user, admin)
32 |> put_req_header("accept", "application/json")
33 |> post("/api/pleroma/admin/user", %{
35 "email" => "lain@example.org",
39 assert json_response(conn, 200) == "lain"
43 describe "PUT /api/pleroma/admin/users/tag" do
45 admin = insert(:user, info: %{is_admin: true})
46 user1 = insert(:user, %{tags: ["x"]})
47 user2 = insert(:user, %{tags: ["y"]})
48 user3 = insert(:user, %{tags: ["unchanged"]})
52 |> assign(:user, admin)
53 |> put_req_header("accept", "application/json")
55 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
57 }&tags[]=foo&tags[]=bar"
60 %{conn: conn, user1: user1, user2: user2, user3: user3}
63 test "it appends specified tags to users with specified nicknames", %{
68 assert json_response(conn, :no_content)
69 assert Repo.get(User, user1.id).tags == ["x", "foo", "bar"]
70 assert Repo.get(User, user2.id).tags == ["y", "foo", "bar"]
73 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
74 assert json_response(conn, :no_content)
75 assert Repo.get(User, user3.id).tags == ["unchanged"]
79 describe "DELETE /api/pleroma/admin/users/tag" do
81 admin = insert(:user, info: %{is_admin: true})
82 user1 = insert(:user, %{tags: ["x"]})
83 user2 = insert(:user, %{tags: ["y", "z"]})
84 user3 = insert(:user, %{tags: ["unchanged"]})
88 |> assign(:user, admin)
89 |> put_req_header("accept", "application/json")
91 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
96 %{conn: conn, user1: user1, user2: user2, user3: user3}
99 test "it removes specified tags from users with specified nicknames", %{
104 assert json_response(conn, :no_content)
105 assert Repo.get(User, user1.id).tags == []
106 assert Repo.get(User, user2.id).tags == ["y"]
109 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
110 assert json_response(conn, :no_content)
111 assert Repo.get(User, user3.id).tags == ["unchanged"]
115 describe "/api/pleroma/admin/permission_group" do
116 test "GET is giving user_info" do
117 admin = insert(:user, info: %{is_admin: true})
121 |> assign(:user, admin)
122 |> put_req_header("accept", "application/json")
123 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
125 assert json_response(conn, 200) == %{
127 "is_moderator" => false
131 test "/:right POST, can add to a permission group" do
132 admin = insert(:user, info: %{is_admin: true})
137 |> assign(:user, admin)
138 |> put_req_header("accept", "application/json")
139 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
141 assert json_response(conn, 200) == %{
146 test "/:right DELETE, can remove from a permission group" do
147 admin = insert(:user, info: %{is_admin: true})
148 user = insert(:user, info: %{is_admin: true})
152 |> assign(:user, admin)
153 |> put_req_header("accept", "application/json")
154 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
156 assert json_response(conn, 200) == %{
162 describe "PUT /api/pleroma/admin/activation_status" do
163 setup %{conn: conn} do
164 admin = insert(:user, info: %{is_admin: true})
168 |> assign(:user, admin)
169 |> put_req_header("accept", "application/json")
174 test "deactivates the user", %{conn: conn} do
179 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
181 user = Repo.get(User, user.id)
182 assert user.info.deactivated == true
183 assert json_response(conn, :no_content)
186 test "activates the user", %{conn: conn} do
187 user = insert(:user, info: %{deactivated: true})
191 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
193 user = Repo.get(User, user.id)
194 assert user.info.deactivated == false
195 assert json_response(conn, :no_content)
198 test "returns 403 when requested by a non-admin", %{conn: conn} do
203 |> assign(:user, user)
204 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
206 assert json_response(conn, :forbidden)
210 describe "POST /api/pleroma/admin/email_invite, with valid config" do
212 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
213 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
214 Pleroma.Config.put([:instance, :registrations_open], false)
215 Pleroma.Config.put([:instance, :invites_enabled], true)
218 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
219 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
223 [user: insert(:user, info: %{is_admin: true})]
226 test "sends invitation and returns 204", %{conn: conn, user: user} do
227 recipient_email = "foo@bar.com"
228 recipient_name = "J. D."
232 |> assign(:user, user)
233 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
235 assert json_response(conn, :no_content)
237 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
239 refute token_record.used
241 Swoosh.TestAssertions.assert_email_sent(
242 Pleroma.UserEmail.user_invitation_email(
251 test "it returns 403 if requested by a non-admin", %{conn: conn} do
252 non_admin_user = insert(:user)
256 |> assign(:user, non_admin_user)
257 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
259 assert json_response(conn, :forbidden)
263 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
265 [user: insert(:user, info: %{is_admin: true})]
268 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
269 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
270 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
271 Pleroma.Config.put([:instance, :registrations_open], false)
272 Pleroma.Config.put([:instance, :invites_enabled], false)
275 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
276 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
282 |> assign(:user, user)
283 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
285 assert json_response(conn, :internal_server_error)
288 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
289 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
290 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
291 Pleroma.Config.put([:instance, :registrations_open], true)
292 Pleroma.Config.put([:instance, :invites_enabled], true)
295 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
296 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
302 |> assign(:user, user)
303 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
305 assert json_response(conn, :internal_server_error)
309 test "/api/pleroma/admin/invite_token" do
310 admin = insert(:user, info: %{is_admin: true})
314 |> assign(:user, admin)
315 |> put_req_header("accept", "application/json")
316 |> get("/api/pleroma/admin/invite_token")
318 assert conn.status == 200
321 test "/api/pleroma/admin/password_reset" do
322 admin = insert(:user, info: %{is_admin: true})
327 |> assign(:user, admin)
328 |> put_req_header("accept", "application/json")
329 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
331 assert conn.status == 200
334 describe "GET /api/pleroma/admin/users" do
335 test "renders users array for the first page" do
336 admin = insert(:user, info: %{is_admin: true})
341 |> assign(:user, admin)
342 |> get("/api/pleroma/admin/users?page=1")
344 assert json_response(conn, 200) == %{
349 "deactivated" => admin.info.deactivated,
351 "nickname" => admin.nickname,
352 "roles" => %{"admin" => true, "moderator" => false},
356 "deactivated" => user.info.deactivated,
358 "nickname" => user.nickname,
359 "roles" => %{"admin" => false, "moderator" => false},
366 test "renders empty array for the second page" do
367 admin = insert(:user, info: %{is_admin: true})
372 |> assign(:user, admin)
373 |> get("/api/pleroma/admin/users?page=2")
375 assert json_response(conn, 200) == %{
382 test "regular search" do
383 admin = insert(:user, info: %{is_admin: true})
384 user = insert(:user, nickname: "bob")
388 |> assign(:user, admin)
389 |> get("/api/pleroma/admin/users?query=bo")
391 assert json_response(conn, 200) == %{
396 "deactivated" => user.info.deactivated,
398 "nickname" => user.nickname,
399 "roles" => %{"admin" => false, "moderator" => false},
406 test "regular search with page size" do
407 admin = insert(:user, info: %{is_admin: true})
408 user = insert(:user, nickname: "bob")
409 user2 = insert(:user, nickname: "bo")
413 |> assign(:user, admin)
414 |> get("/api/pleroma/admin/users?query=bo&page_size=1&page=1")
416 assert json_response(conn, 200) == %{
421 "deactivated" => user.info.deactivated,
423 "nickname" => user.nickname,
424 "roles" => %{"admin" => false, "moderator" => false},
432 |> assign(:user, admin)
433 |> get("/api/pleroma/admin/users?query=bo&page_size=1&page=2")
435 assert json_response(conn, 200) == %{
440 "deactivated" => user2.info.deactivated,
442 "nickname" => user2.nickname,
443 "roles" => %{"admin" => false, "moderator" => false},
450 test "only local users" do
451 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
452 user = insert(:user, nickname: "bob")
454 insert(:user, nickname: "bobb", local: false)
458 |> assign(:user, admin)
459 |> get("/api/pleroma/admin/users?query=bo&local_only=true")
461 assert json_response(conn, 200) == %{
466 "deactivated" => user.info.deactivated,
468 "nickname" => user.nickname,
469 "roles" => %{"admin" => false, "moderator" => false},
476 test "only local users with no query" do
477 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
478 user = insert(:user, nickname: "bob")
480 insert(:user, nickname: "bobb", local: false)
484 |> assign(:user, admin)
485 |> get("/api/pleroma/admin/users?local_only=true")
487 assert json_response(conn, 200) == %{
492 "deactivated" => admin.info.deactivated,
494 "nickname" => admin.nickname,
495 "roles" => %{"admin" => true, "moderator" => false},
499 "deactivated" => user.info.deactivated,
501 "nickname" => user.nickname,
502 "roles" => %{"admin" => false, "moderator" => false},
510 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
511 admin = insert(:user, info: %{is_admin: true})
516 |> assign(:user, admin)
517 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
519 assert json_response(conn, 200) ==
521 "deactivated" => !user.info.deactivated,
523 "nickname" => user.nickname,
524 "roles" => %{"admin" => false, "moderator" => false},