1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
11 describe "/api/pleroma/admin/user" do
13 admin = insert(:user, info: %{is_admin: true})
18 |> assign(:user, admin)
19 |> put_req_header("accept", "application/json")
20 |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}")
22 assert json_response(conn, 200) == user.nickname
26 admin = insert(:user, info: %{is_admin: true})
30 |> assign(:user, admin)
31 |> put_req_header("accept", "application/json")
32 |> post("/api/pleroma/admin/user", %{
34 "email" => "lain@example.org",
38 assert json_response(conn, 200) == "lain"
42 describe "/api/pleroma/admin/users/:nickname" do
43 test "Show", %{conn: conn} do
44 admin = insert(:user, info: %{is_admin: true})
49 |> assign(:user, admin)
50 |> get("/api/pleroma/admin/users/#{user.nickname}")
53 "deactivated" => false,
54 "id" => to_string(user.id),
56 "nickname" => user.nickname,
57 "roles" => %{"admin" => false, "moderator" => false},
61 assert expected == json_response(conn, 200)
64 test "when the user doesn't exist", %{conn: conn} do
65 admin = insert(:user, info: %{is_admin: true})
70 |> assign(:user, admin)
71 |> get("/api/pleroma/admin/users/#{user.nickname}")
73 assert "Not found" == json_response(conn, 404)
77 describe "/api/pleroma/admin/user/follow" do
78 test "allows to force-follow another user" do
79 admin = insert(:user, info: %{is_admin: true})
81 follower = insert(:user)
84 |> assign(:user, admin)
85 |> put_req_header("accept", "application/json")
86 |> post("/api/pleroma/admin/user/follow", %{
87 "follower" => follower.nickname,
88 "followed" => user.nickname
91 user = User.get_by_id(user.id)
92 follower = User.get_by_id(follower.id)
94 assert User.following?(follower, user)
98 describe "/api/pleroma/admin/user/unfollow" do
99 test "allows to force-unfollow another user" do
100 admin = insert(:user, info: %{is_admin: true})
102 follower = insert(:user)
104 User.follow(follower, user)
107 |> assign(:user, admin)
108 |> put_req_header("accept", "application/json")
109 |> post("/api/pleroma/admin/user/unfollow", %{
110 "follower" => follower.nickname,
111 "followed" => user.nickname
114 user = User.get_by_id(user.id)
115 follower = User.get_by_id(follower.id)
117 refute User.following?(follower, user)
121 describe "PUT /api/pleroma/admin/users/tag" do
123 admin = insert(:user, info: %{is_admin: true})
124 user1 = insert(:user, %{tags: ["x"]})
125 user2 = insert(:user, %{tags: ["y"]})
126 user3 = insert(:user, %{tags: ["unchanged"]})
130 |> assign(:user, admin)
131 |> put_req_header("accept", "application/json")
133 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
135 }&tags[]=foo&tags[]=bar"
138 %{conn: conn, user1: user1, user2: user2, user3: user3}
141 test "it appends specified tags to users with specified nicknames", %{
146 assert json_response(conn, :no_content)
147 assert User.get_by_id(user1.id).tags == ["x", "foo", "bar"]
148 assert User.get_by_id(user2.id).tags == ["y", "foo", "bar"]
151 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
152 assert json_response(conn, :no_content)
153 assert User.get_by_id(user3.id).tags == ["unchanged"]
157 describe "DELETE /api/pleroma/admin/users/tag" do
159 admin = insert(:user, info: %{is_admin: true})
160 user1 = insert(:user, %{tags: ["x"]})
161 user2 = insert(:user, %{tags: ["y", "z"]})
162 user3 = insert(:user, %{tags: ["unchanged"]})
166 |> assign(:user, admin)
167 |> put_req_header("accept", "application/json")
169 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
174 %{conn: conn, user1: user1, user2: user2, user3: user3}
177 test "it removes specified tags from users with specified nicknames", %{
182 assert json_response(conn, :no_content)
183 assert User.get_by_id(user1.id).tags == []
184 assert User.get_by_id(user2.id).tags == ["y"]
187 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
188 assert json_response(conn, :no_content)
189 assert User.get_by_id(user3.id).tags == ["unchanged"]
193 describe "/api/pleroma/admin/permission_group" do
194 test "GET is giving user_info" do
195 admin = insert(:user, info: %{is_admin: true})
199 |> assign(:user, admin)
200 |> put_req_header("accept", "application/json")
201 |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
203 assert json_response(conn, 200) == %{
205 "is_moderator" => false
209 test "/:right POST, can add to a permission group" do
210 admin = insert(:user, info: %{is_admin: true})
215 |> assign(:user, admin)
216 |> put_req_header("accept", "application/json")
217 |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
219 assert json_response(conn, 200) == %{
224 test "/:right DELETE, can remove from a permission group" do
225 admin = insert(:user, info: %{is_admin: true})
226 user = insert(:user, info: %{is_admin: true})
230 |> assign(:user, admin)
231 |> put_req_header("accept", "application/json")
232 |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
234 assert json_response(conn, 200) == %{
240 describe "PUT /api/pleroma/admin/activation_status" do
241 setup %{conn: conn} do
242 admin = insert(:user, info: %{is_admin: true})
246 |> assign(:user, admin)
247 |> put_req_header("accept", "application/json")
252 test "deactivates the user", %{conn: conn} do
257 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
259 user = User.get_by_id(user.id)
260 assert user.info.deactivated == true
261 assert json_response(conn, :no_content)
264 test "activates the user", %{conn: conn} do
265 user = insert(:user, info: %{deactivated: true})
269 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
271 user = User.get_by_id(user.id)
272 assert user.info.deactivated == false
273 assert json_response(conn, :no_content)
276 test "returns 403 when requested by a non-admin", %{conn: conn} do
281 |> assign(:user, user)
282 |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
284 assert json_response(conn, :forbidden)
288 describe "POST /api/pleroma/admin/email_invite, with valid config" do
290 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
291 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
292 Pleroma.Config.put([:instance, :registrations_open], false)
293 Pleroma.Config.put([:instance, :invites_enabled], true)
296 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
297 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
301 [user: insert(:user, info: %{is_admin: true})]
304 test "sends invitation and returns 204", %{conn: conn, user: user} do
305 recipient_email = "foo@bar.com"
306 recipient_name = "J. D."
310 |> assign(:user, user)
311 |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
313 assert json_response(conn, :no_content)
315 token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
317 refute token_record.used
319 notify_email = Pleroma.Config.get([:instance, :notify_email])
320 instance_name = Pleroma.Config.get([:instance, :name])
323 Pleroma.UserEmail.user_invitation_email(
330 Swoosh.TestAssertions.assert_email_sent(
331 from: {instance_name, notify_email},
332 to: {recipient_name, recipient_email},
333 html_body: email.html_body
337 test "it returns 403 if requested by a non-admin", %{conn: conn} do
338 non_admin_user = insert(:user)
342 |> assign(:user, non_admin_user)
343 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
345 assert json_response(conn, :forbidden)
349 describe "POST /api/pleroma/admin/email_invite, with invalid config" do
351 [user: insert(:user, info: %{is_admin: true})]
354 test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
355 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
356 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
357 Pleroma.Config.put([:instance, :registrations_open], false)
358 Pleroma.Config.put([:instance, :invites_enabled], false)
361 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
362 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
368 |> assign(:user, user)
369 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
371 assert json_response(conn, :internal_server_error)
374 test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
375 registrations_open = Pleroma.Config.get([:instance, :registrations_open])
376 invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
377 Pleroma.Config.put([:instance, :registrations_open], true)
378 Pleroma.Config.put([:instance, :invites_enabled], true)
381 Pleroma.Config.put([:instance, :registrations_open], registrations_open)
382 Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
388 |> assign(:user, user)
389 |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
391 assert json_response(conn, :internal_server_error)
395 test "/api/pleroma/admin/invite_token" do
396 admin = insert(:user, info: %{is_admin: true})
400 |> assign(:user, admin)
401 |> put_req_header("accept", "application/json")
402 |> get("/api/pleroma/admin/invite_token")
404 assert conn.status == 200
407 test "/api/pleroma/admin/password_reset" do
408 admin = insert(:user, info: %{is_admin: true})
413 |> assign(:user, admin)
414 |> put_req_header("accept", "application/json")
415 |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}")
417 assert conn.status == 200
420 describe "GET /api/pleroma/admin/users" do
421 test "renders users array for the first page" do
422 admin = insert(:user, info: %{is_admin: true})
423 user = insert(:user, local: false, tags: ["foo", "bar"])
427 |> assign(:user, admin)
428 |> get("/api/pleroma/admin/users?page=1")
430 assert json_response(conn, 200) == %{
435 "deactivated" => admin.info.deactivated,
437 "nickname" => admin.nickname,
438 "roles" => %{"admin" => true, "moderator" => false},
443 "deactivated" => user.info.deactivated,
445 "nickname" => user.nickname,
446 "roles" => %{"admin" => false, "moderator" => false},
448 "tags" => ["foo", "bar"]
454 test "renders empty array for the second page" do
455 admin = insert(:user, info: %{is_admin: true})
460 |> assign(:user, admin)
461 |> get("/api/pleroma/admin/users?page=2")
463 assert json_response(conn, 200) == %{
470 test "regular search" do
471 admin = insert(:user, info: %{is_admin: true})
472 user = insert(:user, nickname: "bob")
476 |> assign(:user, admin)
477 |> get("/api/pleroma/admin/users?query=bo")
479 assert json_response(conn, 200) == %{
484 "deactivated" => user.info.deactivated,
486 "nickname" => user.nickname,
487 "roles" => %{"admin" => false, "moderator" => false},
495 test "regular search with page size" do
496 admin = insert(:user, info: %{is_admin: true})
497 user = insert(:user, nickname: "aalice")
498 user2 = insert(:user, nickname: "alice")
502 |> assign(:user, admin)
503 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=1")
505 assert json_response(conn, 200) == %{
510 "deactivated" => user.info.deactivated,
512 "nickname" => user.nickname,
513 "roles" => %{"admin" => false, "moderator" => false},
522 |> assign(:user, admin)
523 |> get("/api/pleroma/admin/users?query=a&page_size=1&page=2")
525 assert json_response(conn, 200) == %{
530 "deactivated" => user2.info.deactivated,
532 "nickname" => user2.nickname,
533 "roles" => %{"admin" => false, "moderator" => false},
541 test "only local users" do
542 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
543 user = insert(:user, nickname: "bob")
545 insert(:user, nickname: "bobb", local: false)
549 |> assign(:user, admin)
550 |> get("/api/pleroma/admin/users?query=bo&filters=local")
552 assert json_response(conn, 200) == %{
557 "deactivated" => user.info.deactivated,
559 "nickname" => user.nickname,
560 "roles" => %{"admin" => false, "moderator" => false},
568 test "only local users with no query" do
569 admin = insert(:user, info: %{is_admin: true}, nickname: "john")
570 user = insert(:user, nickname: "bob")
572 insert(:user, nickname: "bobb", local: false)
576 |> assign(:user, admin)
577 |> get("/api/pleroma/admin/users?filters=local")
579 assert json_response(conn, 200) == %{
584 "deactivated" => user.info.deactivated,
586 "nickname" => user.nickname,
587 "roles" => %{"admin" => false, "moderator" => false},
592 "deactivated" => admin.info.deactivated,
594 "nickname" => admin.nickname,
595 "roles" => %{"admin" => true, "moderator" => false},
603 test "it works with multiple filters" do
604 admin = insert(:user, nickname: "john", info: %{is_admin: true})
605 user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
607 insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
608 insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
612 |> assign(:user, admin)
613 |> get("/api/pleroma/admin/users?filters=deactivated,external")
615 assert json_response(conn, 200) == %{
620 "deactivated" => user.info.deactivated,
622 "nickname" => user.nickname,
623 "roles" => %{"admin" => false, "moderator" => false},
624 "local" => user.local,
632 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
633 admin = insert(:user, info: %{is_admin: true})
638 |> assign(:user, admin)
639 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
641 assert json_response(conn, 200) ==
643 "deactivated" => !user.info.deactivated,
645 "nickname" => user.nickname,
646 "roles" => %{"admin" => false, "moderator" => false},