1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
7 use Oban.Testing, repo: Pleroma.Repo
9 import ExUnit.CaptureLog
11 import Pleroma.Factory
13 alias Pleroma.Activity
17 alias Pleroma.ModerationLog
19 alias Pleroma.Tests.ObanHelpers
22 alias Pleroma.Web.ActivityPub.Relay
23 alias Pleroma.Web.CommonAPI
24 alias Pleroma.Web.MediaProxy
27 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
33 admin = insert(:user, is_admin: true)
34 token = insert(:oauth_admin_token, user: admin)
38 |> assign(:user, admin)
39 |> assign(:token, token)
41 {:ok, %{admin: admin, token: token, conn: conn}}
44 test "with valid `admin_token` query parameter, skips OAuth scopes check" do
45 clear_config([:admin_token], "password123")
49 conn = get(build_conn(), "/api/pleroma/admin/users/#{user.nickname}?admin_token=password123")
51 assert json_response(conn, 200)
54 describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
55 setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
57 test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
60 url = "/api/pleroma/admin/users/#{user.nickname}"
62 good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
63 good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
64 good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
66 bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
67 bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
70 for good_token <- [good_token1, good_token2, good_token3] do
73 |> assign(:user, admin)
74 |> assign(:token, good_token)
77 assert json_response(conn, 200)
80 for good_token <- [good_token1, good_token2, good_token3] do
84 |> assign(:token, good_token)
87 assert json_response(conn, :forbidden)
90 for bad_token <- [bad_token1, bad_token2, bad_token3] do
93 |> assign(:user, admin)
94 |> assign(:token, bad_token)
97 assert json_response(conn, :forbidden)
102 describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do
103 setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
105 test "GET /api/pleroma/admin/users/:nickname requires " <>
106 "read:accounts or admin:read:accounts or broader scope",
109 url = "/api/pleroma/admin/users/#{user.nickname}"
111 good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
112 good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
113 good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
114 good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
115 good_token5 = insert(:oauth_token, user: admin, scopes: ["read"])
117 good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5]
119 bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"])
120 bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
123 for good_token <- good_tokens do
126 |> assign(:user, admin)
127 |> assign(:token, good_token)
130 assert json_response(conn, 200)
133 for good_token <- good_tokens do
136 |> assign(:user, nil)
137 |> assign(:token, good_token)
140 assert json_response(conn, :forbidden)
143 for bad_token <- [bad_token1, bad_token2, bad_token3] do
146 |> assign(:user, admin)
147 |> assign(:token, bad_token)
150 assert json_response(conn, :forbidden)
155 describe "DELETE /api/pleroma/admin/users" do
156 test "single user", %{admin: admin, conn: conn} do
158 clear_config([:instance, :federating], true)
160 with_mock Pleroma.Web.Federator,
161 publish: fn _ -> nil end do
164 |> put_req_header("accept", "application/json")
165 |> delete("/api/pleroma/admin/users?nickname=#{user.nickname}")
167 ObanHelpers.perform_all()
169 assert User.get_by_nickname(user.nickname).deactivated
171 log_entry = Repo.one(ModerationLog)
173 assert ModerationLog.get_log_entry_message(log_entry) ==
174 "@#{admin.nickname} deleted users: @#{user.nickname}"
176 assert json_response(conn, 200) == [user.nickname]
178 assert called(Pleroma.Web.Federator.publish(:_))
182 test "multiple users", %{admin: admin, conn: conn} do
183 user_one = insert(:user)
184 user_two = insert(:user)
188 |> put_req_header("accept", "application/json")
189 |> delete("/api/pleroma/admin/users", %{
190 nicknames: [user_one.nickname, user_two.nickname]
193 log_entry = Repo.one(ModerationLog)
195 assert ModerationLog.get_log_entry_message(log_entry) ==
196 "@#{admin.nickname} deleted users: @#{user_one.nickname}, @#{user_two.nickname}"
198 response = json_response(conn, 200)
199 assert response -- [user_one.nickname, user_two.nickname] == []
203 describe "/api/pleroma/admin/users" do
204 test "Create", %{conn: conn} do
207 |> put_req_header("accept", "application/json")
208 |> post("/api/pleroma/admin/users", %{
211 "nickname" => "lain",
212 "email" => "lain@example.org",
216 "nickname" => "lain2",
217 "email" => "lain2@example.org",
223 response = json_response(conn, 200) |> Enum.map(&Map.get(&1, "type"))
224 assert response == ["success", "success"]
226 log_entry = Repo.one(ModerationLog)
228 assert ["lain", "lain2"] -- Enum.map(log_entry.data["subjects"], & &1["nickname"]) == []
231 test "Cannot create user with existing email", %{conn: conn} do
236 |> put_req_header("accept", "application/json")
237 |> post("/api/pleroma/admin/users", %{
240 "nickname" => "lain",
241 "email" => user.email,
247 assert json_response(conn, 409) == [
251 "email" => user.email,
254 "error" => "email has already been taken",
260 test "Cannot create user with existing nickname", %{conn: conn} do
265 |> put_req_header("accept", "application/json")
266 |> post("/api/pleroma/admin/users", %{
269 "nickname" => user.nickname,
270 "email" => "someuser@plerama.social",
276 assert json_response(conn, 409) == [
280 "email" => "someuser@plerama.social",
281 "nickname" => user.nickname
283 "error" => "nickname has already been taken",
289 test "Multiple user creation works in transaction", %{conn: conn} do
294 |> put_req_header("accept", "application/json")
295 |> post("/api/pleroma/admin/users", %{
298 "nickname" => "newuser",
299 "email" => "newuser@pleroma.social",
303 "nickname" => "lain",
304 "email" => user.email,
310 assert json_response(conn, 409) == [
314 "email" => user.email,
317 "error" => "email has already been taken",
323 "email" => "newuser@pleroma.social",
324 "nickname" => "newuser"
331 assert User.get_by_nickname("newuser") === nil
335 describe "/api/pleroma/admin/users/:nickname" do
336 test "Show", %{conn: conn} do
339 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
342 "deactivated" => false,
343 "id" => to_string(user.id),
345 "nickname" => user.nickname,
346 "roles" => %{"admin" => false, "moderator" => false},
348 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
349 "display_name" => HTML.strip_tags(user.name || user.nickname),
350 "confirmation_pending" => false,
354 assert expected == json_response(conn, 200)
357 test "when the user doesn't exist", %{conn: conn} do
360 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
362 assert %{"error" => "Not found"} == json_response(conn, 404)
366 describe "/api/pleroma/admin/users/follow" do
367 test "allows to force-follow another user", %{admin: admin, conn: conn} do
369 follower = insert(:user)
372 |> put_req_header("accept", "application/json")
373 |> post("/api/pleroma/admin/users/follow", %{
374 "follower" => follower.nickname,
375 "followed" => user.nickname
378 user = User.get_cached_by_id(user.id)
379 follower = User.get_cached_by_id(follower.id)
381 assert User.following?(follower, user)
383 log_entry = Repo.one(ModerationLog)
385 assert ModerationLog.get_log_entry_message(log_entry) ==
386 "@#{admin.nickname} made @#{follower.nickname} follow @#{user.nickname}"
390 describe "/api/pleroma/admin/users/unfollow" do
391 test "allows to force-unfollow another user", %{admin: admin, conn: conn} do
393 follower = insert(:user)
395 User.follow(follower, user)
398 |> put_req_header("accept", "application/json")
399 |> post("/api/pleroma/admin/users/unfollow", %{
400 "follower" => follower.nickname,
401 "followed" => user.nickname
404 user = User.get_cached_by_id(user.id)
405 follower = User.get_cached_by_id(follower.id)
407 refute User.following?(follower, user)
409 log_entry = Repo.one(ModerationLog)
411 assert ModerationLog.get_log_entry_message(log_entry) ==
412 "@#{admin.nickname} made @#{follower.nickname} unfollow @#{user.nickname}"
416 describe "PUT /api/pleroma/admin/users/tag" do
417 setup %{conn: conn} do
418 user1 = insert(:user, %{tags: ["x"]})
419 user2 = insert(:user, %{tags: ["y"]})
420 user3 = insert(:user, %{tags: ["unchanged"]})
424 |> put_req_header("accept", "application/json")
426 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
427 "#{user2.nickname}&tags[]=foo&tags[]=bar"
430 %{conn: conn, user1: user1, user2: user2, user3: user3}
433 test "it appends specified tags to users with specified nicknames", %{
439 assert json_response(conn, :no_content)
440 assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"]
441 assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"]
443 log_entry = Repo.one(ModerationLog)
446 [user1.nickname, user2.nickname]
447 |> Enum.map(&"@#{&1}")
450 tags = ["foo", "bar"] |> Enum.join(", ")
452 assert ModerationLog.get_log_entry_message(log_entry) ==
453 "@#{admin.nickname} added tags: #{tags} to users: #{users}"
456 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
457 assert json_response(conn, :no_content)
458 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
462 describe "DELETE /api/pleroma/admin/users/tag" do
463 setup %{conn: conn} do
464 user1 = insert(:user, %{tags: ["x"]})
465 user2 = insert(:user, %{tags: ["y", "z"]})
466 user3 = insert(:user, %{tags: ["unchanged"]})
470 |> put_req_header("accept", "application/json")
472 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
473 "#{user2.nickname}&tags[]=x&tags[]=z"
476 %{conn: conn, user1: user1, user2: user2, user3: user3}
479 test "it removes specified tags from users with specified nicknames", %{
485 assert json_response(conn, :no_content)
486 assert User.get_cached_by_id(user1.id).tags == []
487 assert User.get_cached_by_id(user2.id).tags == ["y"]
489 log_entry = Repo.one(ModerationLog)
492 [user1.nickname, user2.nickname]
493 |> Enum.map(&"@#{&1}")
496 tags = ["x", "z"] |> Enum.join(", ")
498 assert ModerationLog.get_log_entry_message(log_entry) ==
499 "@#{admin.nickname} removed tags: #{tags} from users: #{users}"
502 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
503 assert json_response(conn, :no_content)
504 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
508 describe "/api/pleroma/admin/users/:nickname/permission_group" do
509 test "GET is giving user_info", %{admin: admin, conn: conn} do
512 |> put_req_header("accept", "application/json")
513 |> get("/api/pleroma/admin/users/#{admin.nickname}/permission_group/")
515 assert json_response(conn, 200) == %{
517 "is_moderator" => false
521 test "/:right POST, can add to a permission group", %{admin: admin, conn: conn} do
526 |> put_req_header("accept", "application/json")
527 |> post("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
529 assert json_response(conn, 200) == %{
533 log_entry = Repo.one(ModerationLog)
535 assert ModerationLog.get_log_entry_message(log_entry) ==
536 "@#{admin.nickname} made @#{user.nickname} admin"
539 test "/:right POST, can add to a permission group (multiple)", %{admin: admin, conn: conn} do
540 user_one = insert(:user)
541 user_two = insert(:user)
545 |> put_req_header("accept", "application/json")
546 |> post("/api/pleroma/admin/users/permission_group/admin", %{
547 nicknames: [user_one.nickname, user_two.nickname]
550 assert json_response(conn, 200) == %{"is_admin" => true}
552 log_entry = Repo.one(ModerationLog)
554 assert ModerationLog.get_log_entry_message(log_entry) ==
555 "@#{admin.nickname} made @#{user_one.nickname}, @#{user_two.nickname} admin"
558 test "/:right DELETE, can remove from a permission group", %{admin: admin, conn: conn} do
559 user = insert(:user, is_admin: true)
563 |> put_req_header("accept", "application/json")
564 |> delete("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
566 assert json_response(conn, 200) == %{"is_admin" => false}
568 log_entry = Repo.one(ModerationLog)
570 assert ModerationLog.get_log_entry_message(log_entry) ==
571 "@#{admin.nickname} revoked admin role from @#{user.nickname}"
574 test "/:right DELETE, can remove from a permission group (multiple)", %{
578 user_one = insert(:user, is_admin: true)
579 user_two = insert(:user, is_admin: true)
583 |> put_req_header("accept", "application/json")
584 |> delete("/api/pleroma/admin/users/permission_group/admin", %{
585 nicknames: [user_one.nickname, user_two.nickname]
588 assert json_response(conn, 200) == %{"is_admin" => false}
590 log_entry = Repo.one(ModerationLog)
592 assert ModerationLog.get_log_entry_message(log_entry) ==
593 "@#{admin.nickname} revoked admin role from @#{user_one.nickname}, @#{
599 test "/api/pleroma/admin/users/:nickname/password_reset", %{conn: conn} do
604 |> put_req_header("accept", "application/json")
605 |> get("/api/pleroma/admin/users/#{user.nickname}/password_reset")
607 resp = json_response(conn, 200)
609 assert Regex.match?(~r/(http:\/\/|https:\/\/)/, resp["link"])
612 describe "GET /api/pleroma/admin/users" do
613 test "renders users array for the first page", %{conn: conn, admin: admin} do
614 user = insert(:user, local: false, tags: ["foo", "bar"])
615 conn = get(conn, "/api/pleroma/admin/users?page=1")
620 "deactivated" => admin.deactivated,
622 "nickname" => admin.nickname,
623 "roles" => %{"admin" => true, "moderator" => false},
626 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
627 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
628 "confirmation_pending" => false,
632 "deactivated" => user.deactivated,
634 "nickname" => user.nickname,
635 "roles" => %{"admin" => false, "moderator" => false},
637 "tags" => ["foo", "bar"],
638 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
639 "display_name" => HTML.strip_tags(user.name || user.nickname),
640 "confirmation_pending" => false,
644 |> Enum.sort_by(& &1["nickname"])
646 assert json_response(conn, 200) == %{
653 test "pagination works correctly with service users", %{conn: conn} do
654 service1 = User.get_or_create_service_actor_by_ap_id(Web.base_url() <> "/meido", "meido")
656 insert_list(25, :user)
658 assert %{"count" => 26, "page_size" => 10, "users" => users1} =
660 |> get("/api/pleroma/admin/users?page=1&filters=", %{page_size: "10"})
661 |> json_response(200)
663 assert Enum.count(users1) == 10
664 assert service1 not in users1
666 assert %{"count" => 26, "page_size" => 10, "users" => users2} =
668 |> get("/api/pleroma/admin/users?page=2&filters=", %{page_size: "10"})
669 |> json_response(200)
671 assert Enum.count(users2) == 10
672 assert service1 not in users2
674 assert %{"count" => 26, "page_size" => 10, "users" => users3} =
676 |> get("/api/pleroma/admin/users?page=3&filters=", %{page_size: "10"})
677 |> json_response(200)
679 assert Enum.count(users3) == 6
680 assert service1 not in users3
683 test "renders empty array for the second page", %{conn: conn} do
686 conn = get(conn, "/api/pleroma/admin/users?page=2")
688 assert json_response(conn, 200) == %{
695 test "regular search", %{conn: conn} do
696 user = insert(:user, nickname: "bob")
698 conn = get(conn, "/api/pleroma/admin/users?query=bo")
700 assert json_response(conn, 200) == %{
705 "deactivated" => user.deactivated,
707 "nickname" => user.nickname,
708 "roles" => %{"admin" => false, "moderator" => false},
711 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
712 "display_name" => HTML.strip_tags(user.name || user.nickname),
713 "confirmation_pending" => false,
720 test "search by domain", %{conn: conn} do
721 user = insert(:user, nickname: "nickname@domain.com")
724 conn = get(conn, "/api/pleroma/admin/users?query=domain.com")
726 assert json_response(conn, 200) == %{
731 "deactivated" => user.deactivated,
733 "nickname" => user.nickname,
734 "roles" => %{"admin" => false, "moderator" => false},
737 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
738 "display_name" => HTML.strip_tags(user.name || user.nickname),
739 "confirmation_pending" => false,
746 test "search by full nickname", %{conn: conn} do
747 user = insert(:user, nickname: "nickname@domain.com")
750 conn = get(conn, "/api/pleroma/admin/users?query=nickname@domain.com")
752 assert json_response(conn, 200) == %{
757 "deactivated" => user.deactivated,
759 "nickname" => user.nickname,
760 "roles" => %{"admin" => false, "moderator" => false},
763 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
764 "display_name" => HTML.strip_tags(user.name || user.nickname),
765 "confirmation_pending" => false,
772 test "search by display name", %{conn: conn} do
773 user = insert(:user, name: "Display name")
776 conn = get(conn, "/api/pleroma/admin/users?name=display")
778 assert json_response(conn, 200) == %{
783 "deactivated" => user.deactivated,
785 "nickname" => user.nickname,
786 "roles" => %{"admin" => false, "moderator" => false},
789 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
790 "display_name" => HTML.strip_tags(user.name || user.nickname),
791 "confirmation_pending" => false,
798 test "search by email", %{conn: conn} do
799 user = insert(:user, email: "email@example.com")
802 conn = get(conn, "/api/pleroma/admin/users?email=email@example.com")
804 assert json_response(conn, 200) == %{
809 "deactivated" => user.deactivated,
811 "nickname" => user.nickname,
812 "roles" => %{"admin" => false, "moderator" => false},
815 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
816 "display_name" => HTML.strip_tags(user.name || user.nickname),
817 "confirmation_pending" => false,
824 test "regular search with page size", %{conn: conn} do
825 user = insert(:user, nickname: "aalice")
826 user2 = insert(:user, nickname: "alice")
828 conn1 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=1")
830 assert json_response(conn1, 200) == %{
835 "deactivated" => user.deactivated,
837 "nickname" => user.nickname,
838 "roles" => %{"admin" => false, "moderator" => false},
841 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
842 "display_name" => HTML.strip_tags(user.name || user.nickname),
843 "confirmation_pending" => false,
849 conn2 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=2")
851 assert json_response(conn2, 200) == %{
856 "deactivated" => user2.deactivated,
858 "nickname" => user2.nickname,
859 "roles" => %{"admin" => false, "moderator" => false},
862 "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
863 "display_name" => HTML.strip_tags(user2.name || user2.nickname),
864 "confirmation_pending" => false,
871 test "only local users" do
872 admin = insert(:user, is_admin: true, nickname: "john")
873 token = insert(:oauth_admin_token, user: admin)
874 user = insert(:user, nickname: "bob")
876 insert(:user, nickname: "bobb", local: false)
880 |> assign(:user, admin)
881 |> assign(:token, token)
882 |> get("/api/pleroma/admin/users?query=bo&filters=local")
884 assert json_response(conn, 200) == %{
889 "deactivated" => user.deactivated,
891 "nickname" => user.nickname,
892 "roles" => %{"admin" => false, "moderator" => false},
895 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
896 "display_name" => HTML.strip_tags(user.name || user.nickname),
897 "confirmation_pending" => false,
904 test "only local users with no query", %{conn: conn, admin: old_admin} do
905 admin = insert(:user, is_admin: true, nickname: "john")
906 user = insert(:user, nickname: "bob")
908 insert(:user, nickname: "bobb", local: false)
910 conn = get(conn, "/api/pleroma/admin/users?filters=local")
915 "deactivated" => user.deactivated,
917 "nickname" => user.nickname,
918 "roles" => %{"admin" => false, "moderator" => false},
921 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
922 "display_name" => HTML.strip_tags(user.name || user.nickname),
923 "confirmation_pending" => false,
927 "deactivated" => admin.deactivated,
929 "nickname" => admin.nickname,
930 "roles" => %{"admin" => true, "moderator" => false},
933 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
934 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
935 "confirmation_pending" => false,
939 "deactivated" => false,
940 "id" => old_admin.id,
942 "nickname" => old_admin.nickname,
943 "roles" => %{"admin" => true, "moderator" => false},
945 "avatar" => User.avatar_url(old_admin) |> MediaProxy.url(),
946 "display_name" => HTML.strip_tags(old_admin.name || old_admin.nickname),
947 "confirmation_pending" => false,
948 "url" => old_admin.ap_id
951 |> Enum.sort_by(& &1["nickname"])
953 assert json_response(conn, 200) == %{
960 test "load only admins", %{conn: conn, admin: admin} do
961 second_admin = insert(:user, is_admin: true)
965 conn = get(conn, "/api/pleroma/admin/users?filters=is_admin")
970 "deactivated" => false,
972 "nickname" => admin.nickname,
973 "roles" => %{"admin" => true, "moderator" => false},
974 "local" => admin.local,
976 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
977 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
978 "confirmation_pending" => false,
982 "deactivated" => false,
983 "id" => second_admin.id,
984 "nickname" => second_admin.nickname,
985 "roles" => %{"admin" => true, "moderator" => false},
986 "local" => second_admin.local,
988 "avatar" => User.avatar_url(second_admin) |> MediaProxy.url(),
989 "display_name" => HTML.strip_tags(second_admin.name || second_admin.nickname),
990 "confirmation_pending" => false,
991 "url" => second_admin.ap_id
994 |> Enum.sort_by(& &1["nickname"])
996 assert json_response(conn, 200) == %{
1003 test "load only moderators", %{conn: conn} do
1004 moderator = insert(:user, is_moderator: true)
1008 conn = get(conn, "/api/pleroma/admin/users?filters=is_moderator")
1010 assert json_response(conn, 200) == %{
1015 "deactivated" => false,
1016 "id" => moderator.id,
1017 "nickname" => moderator.nickname,
1018 "roles" => %{"admin" => false, "moderator" => true},
1019 "local" => moderator.local,
1021 "avatar" => User.avatar_url(moderator) |> MediaProxy.url(),
1022 "display_name" => HTML.strip_tags(moderator.name || moderator.nickname),
1023 "confirmation_pending" => false,
1024 "url" => moderator.ap_id
1030 test "load users with tags list", %{conn: conn} do
1031 user1 = insert(:user, tags: ["first"])
1032 user2 = insert(:user, tags: ["second"])
1036 conn = get(conn, "/api/pleroma/admin/users?tags[]=first&tags[]=second")
1041 "deactivated" => false,
1043 "nickname" => user1.nickname,
1044 "roles" => %{"admin" => false, "moderator" => false},
1045 "local" => user1.local,
1046 "tags" => ["first"],
1047 "avatar" => User.avatar_url(user1) |> MediaProxy.url(),
1048 "display_name" => HTML.strip_tags(user1.name || user1.nickname),
1049 "confirmation_pending" => false,
1050 "url" => user1.ap_id
1053 "deactivated" => false,
1055 "nickname" => user2.nickname,
1056 "roles" => %{"admin" => false, "moderator" => false},
1057 "local" => user2.local,
1058 "tags" => ["second"],
1059 "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
1060 "display_name" => HTML.strip_tags(user2.name || user2.nickname),
1061 "confirmation_pending" => false,
1062 "url" => user2.ap_id
1065 |> Enum.sort_by(& &1["nickname"])
1067 assert json_response(conn, 200) == %{
1074 test "it works with multiple filters" do
1075 admin = insert(:user, nickname: "john", is_admin: true)
1076 token = insert(:oauth_admin_token, user: admin)
1077 user = insert(:user, nickname: "bob", local: false, deactivated: true)
1079 insert(:user, nickname: "ken", local: true, deactivated: true)
1080 insert(:user, nickname: "bobb", local: false, deactivated: false)
1084 |> assign(:user, admin)
1085 |> assign(:token, token)
1086 |> get("/api/pleroma/admin/users?filters=deactivated,external")
1088 assert json_response(conn, 200) == %{
1093 "deactivated" => user.deactivated,
1095 "nickname" => user.nickname,
1096 "roles" => %{"admin" => false, "moderator" => false},
1097 "local" => user.local,
1099 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
1100 "display_name" => HTML.strip_tags(user.name || user.nickname),
1101 "confirmation_pending" => false,
1108 test "it omits relay user", %{admin: admin, conn: conn} do
1109 assert %User{} = Relay.get_actor()
1111 conn = get(conn, "/api/pleroma/admin/users")
1113 assert json_response(conn, 200) == %{
1118 "deactivated" => admin.deactivated,
1120 "nickname" => admin.nickname,
1121 "roles" => %{"admin" => true, "moderator" => false},
1124 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
1125 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
1126 "confirmation_pending" => false,
1127 "url" => admin.ap_id
1134 test "PATCH /api/pleroma/admin/users/activate", %{admin: admin, conn: conn} do
1135 user_one = insert(:user, deactivated: true)
1136 user_two = insert(:user, deactivated: true)
1141 "/api/pleroma/admin/users/activate",
1142 %{nicknames: [user_one.nickname, user_two.nickname]}
1145 response = json_response(conn, 200)
1146 assert Enum.map(response["users"], & &1["deactivated"]) == [false, false]
1148 log_entry = Repo.one(ModerationLog)
1150 assert ModerationLog.get_log_entry_message(log_entry) ==
1151 "@#{admin.nickname} activated users: @#{user_one.nickname}, @#{user_two.nickname}"
1154 test "PATCH /api/pleroma/admin/users/deactivate", %{admin: admin, conn: conn} do
1155 user_one = insert(:user, deactivated: false)
1156 user_two = insert(:user, deactivated: false)
1161 "/api/pleroma/admin/users/deactivate",
1162 %{nicknames: [user_one.nickname, user_two.nickname]}
1165 response = json_response(conn, 200)
1166 assert Enum.map(response["users"], & &1["deactivated"]) == [true, true]
1168 log_entry = Repo.one(ModerationLog)
1170 assert ModerationLog.get_log_entry_message(log_entry) ==
1171 "@#{admin.nickname} deactivated users: @#{user_one.nickname}, @#{user_two.nickname}"
1174 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation", %{admin: admin, conn: conn} do
1175 user = insert(:user)
1177 conn = patch(conn, "/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
1179 assert json_response(conn, 200) ==
1181 "deactivated" => !user.deactivated,
1183 "nickname" => user.nickname,
1184 "roles" => %{"admin" => false, "moderator" => false},
1187 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
1188 "display_name" => HTML.strip_tags(user.name || user.nickname),
1189 "confirmation_pending" => false,
1193 log_entry = Repo.one(ModerationLog)
1195 assert ModerationLog.get_log_entry_message(log_entry) ==
1196 "@#{admin.nickname} deactivated users: @#{user.nickname}"
1199 describe "PUT disable_mfa" do
1200 test "returns 200 and disable 2fa", %{conn: conn} do
1203 multi_factor_authentication_settings: %MFA.Settings{
1205 totp: %MFA.Settings.TOTP{secret: "otp_secret", confirmed: true}
1211 |> put("/api/pleroma/admin/users/disable_mfa", %{nickname: user.nickname})
1212 |> json_response(200)
1214 assert response == user.nickname
1215 mfa_settings = refresh_record(user).multi_factor_authentication_settings
1217 refute mfa_settings.enabled
1218 refute mfa_settings.totp.confirmed
1221 test "returns 404 if user not found", %{conn: conn} do
1224 |> put("/api/pleroma/admin/users/disable_mfa", %{nickname: "nickname"})
1225 |> json_response(404)
1227 assert response == %{"error" => "Not found"}
1231 describe "GET /api/pleroma/admin/restart" do
1232 setup do: clear_config(:configurable_from_database, true)
1234 test "pleroma restarts", %{conn: conn} do
1236 assert conn |> get("/api/pleroma/admin/restart") |> json_response(200) == %{}
1237 end) =~ "pleroma restarted"
1239 refute Restarter.Pleroma.need_reboot?()
1243 test "need_reboot flag", %{conn: conn} do
1245 |> get("/api/pleroma/admin/need_reboot")
1246 |> json_response(200) == %{"need_reboot" => false}
1248 Restarter.Pleroma.need_reboot()
1251 |> get("/api/pleroma/admin/need_reboot")
1252 |> json_response(200) == %{"need_reboot" => true}
1254 on_exit(fn -> Restarter.Pleroma.refresh() end)
1257 describe "GET /api/pleroma/admin/users/:nickname/statuses" do
1259 user = insert(:user)
1261 date1 = (DateTime.to_unix(DateTime.utc_now()) + 2000) |> DateTime.from_unix!()
1262 date2 = (DateTime.to_unix(DateTime.utc_now()) + 1000) |> DateTime.from_unix!()
1263 date3 = (DateTime.to_unix(DateTime.utc_now()) + 3000) |> DateTime.from_unix!()
1265 insert(:note_activity, user: user, published: date1)
1266 insert(:note_activity, user: user, published: date2)
1267 insert(:note_activity, user: user, published: date3)
1272 test "renders user's statuses", %{conn: conn, user: user} do
1273 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
1275 assert json_response(conn, 200) |> length() == 3
1278 test "renders user's statuses with a limit", %{conn: conn, user: user} do
1279 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses?page_size=2")
1281 assert json_response(conn, 200) |> length() == 2
1284 test "doesn't return private statuses by default", %{conn: conn, user: user} do
1285 {:ok, _private_status} = CommonAPI.post(user, %{status: "private", visibility: "private"})
1287 {:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
1289 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
1291 assert json_response(conn, 200) |> length() == 4
1294 test "returns private statuses with godmode on", %{conn: conn, user: user} do
1295 {:ok, _private_status} = CommonAPI.post(user, %{status: "private", visibility: "private"})
1297 {:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
1299 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses?godmode=true")
1301 assert json_response(conn, 200) |> length() == 5
1304 test "excludes reblogs by default", %{conn: conn, user: user} do
1305 other_user = insert(:user)
1306 {:ok, activity} = CommonAPI.post(user, %{status: "."})
1307 {:ok, %Activity{}} = CommonAPI.repeat(activity.id, other_user)
1309 conn_res = get(conn, "/api/pleroma/admin/users/#{other_user.nickname}/statuses")
1310 assert json_response(conn_res, 200) |> length() == 0
1313 get(conn, "/api/pleroma/admin/users/#{other_user.nickname}/statuses?with_reblogs=true")
1315 assert json_response(conn_res, 200) |> length() == 1
1319 describe "GET /api/pleroma/admin/moderation_log" do
1321 moderator = insert(:user, is_moderator: true)
1323 %{moderator: moderator}
1326 test "returns the log", %{conn: conn, admin: admin} do
1327 Repo.insert(%ModerationLog{
1331 "nickname" => admin.nickname,
1334 action: "relay_follow",
1335 target: "https://example.org/relay"
1337 inserted_at: NaiveDateTime.truncate(~N[2017-08-15 15:47:06.597036], :second)
1340 Repo.insert(%ModerationLog{
1344 "nickname" => admin.nickname,
1347 action: "relay_unfollow",
1348 target: "https://example.org/relay"
1350 inserted_at: NaiveDateTime.truncate(~N[2017-08-16 15:47:06.597036], :second)
1353 conn = get(conn, "/api/pleroma/admin/moderation_log")
1355 response = json_response(conn, 200)
1356 [first_entry, second_entry] = response["items"]
1358 assert response["total"] == 2
1359 assert first_entry["data"]["action"] == "relay_unfollow"
1361 assert first_entry["message"] ==
1362 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
1364 assert second_entry["data"]["action"] == "relay_follow"
1366 assert second_entry["message"] ==
1367 "@#{admin.nickname} followed relay: https://example.org/relay"
1370 test "returns the log with pagination", %{conn: conn, admin: admin} do
1371 Repo.insert(%ModerationLog{
1375 "nickname" => admin.nickname,
1378 action: "relay_follow",
1379 target: "https://example.org/relay"
1381 inserted_at: NaiveDateTime.truncate(~N[2017-08-15 15:47:06.597036], :second)
1384 Repo.insert(%ModerationLog{
1388 "nickname" => admin.nickname,
1391 action: "relay_unfollow",
1392 target: "https://example.org/relay"
1394 inserted_at: NaiveDateTime.truncate(~N[2017-08-16 15:47:06.597036], :second)
1397 conn1 = get(conn, "/api/pleroma/admin/moderation_log?page_size=1&page=1")
1399 response1 = json_response(conn1, 200)
1400 [first_entry] = response1["items"]
1402 assert response1["total"] == 2
1403 assert response1["items"] |> length() == 1
1404 assert first_entry["data"]["action"] == "relay_unfollow"
1406 assert first_entry["message"] ==
1407 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
1409 conn2 = get(conn, "/api/pleroma/admin/moderation_log?page_size=1&page=2")
1411 response2 = json_response(conn2, 200)
1412 [second_entry] = response2["items"]
1414 assert response2["total"] == 2
1415 assert response2["items"] |> length() == 1
1416 assert second_entry["data"]["action"] == "relay_follow"
1418 assert second_entry["message"] ==
1419 "@#{admin.nickname} followed relay: https://example.org/relay"
1422 test "filters log by date", %{conn: conn, admin: admin} do
1423 first_date = "2017-08-15T15:47:06Z"
1424 second_date = "2017-08-20T15:47:06Z"
1426 Repo.insert(%ModerationLog{
1430 "nickname" => admin.nickname,
1433 action: "relay_follow",
1434 target: "https://example.org/relay"
1436 inserted_at: NaiveDateTime.from_iso8601!(first_date)
1439 Repo.insert(%ModerationLog{
1443 "nickname" => admin.nickname,
1446 action: "relay_unfollow",
1447 target: "https://example.org/relay"
1449 inserted_at: NaiveDateTime.from_iso8601!(second_date)
1455 "/api/pleroma/admin/moderation_log?start_date=#{second_date}"
1458 response1 = json_response(conn1, 200)
1459 [first_entry] = response1["items"]
1461 assert response1["total"] == 1
1462 assert first_entry["data"]["action"] == "relay_unfollow"
1464 assert first_entry["message"] ==
1465 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
1468 test "returns log filtered by user", %{conn: conn, admin: admin, moderator: moderator} do
1469 Repo.insert(%ModerationLog{
1473 "nickname" => admin.nickname,
1476 action: "relay_follow",
1477 target: "https://example.org/relay"
1481 Repo.insert(%ModerationLog{
1484 "id" => moderator.id,
1485 "nickname" => moderator.nickname,
1488 action: "relay_unfollow",
1489 target: "https://example.org/relay"
1493 conn1 = get(conn, "/api/pleroma/admin/moderation_log?user_id=#{moderator.id}")
1495 response1 = json_response(conn1, 200)
1496 [first_entry] = response1["items"]
1498 assert response1["total"] == 1
1499 assert get_in(first_entry, ["data", "actor", "id"]) == moderator.id
1502 test "returns log filtered by search", %{conn: conn, moderator: moderator} do
1503 ModerationLog.insert_log(%{
1505 action: "relay_follow",
1506 target: "https://example.org/relay"
1509 ModerationLog.insert_log(%{
1511 action: "relay_unfollow",
1512 target: "https://example.org/relay"
1515 conn1 = get(conn, "/api/pleroma/admin/moderation_log?search=unfo")
1517 response1 = json_response(conn1, 200)
1518 [first_entry] = response1["items"]
1520 assert response1["total"] == 1
1522 assert get_in(first_entry, ["data", "message"]) ==
1523 "@#{moderator.nickname} unfollowed relay: https://example.org/relay"
1527 test "gets a remote users when [:instance, :limit_to_local_content] is set to :unauthenticated",
1529 clear_config(Pleroma.Config.get([:instance, :limit_to_local_content]), :unauthenticated)
1530 user = insert(:user, %{local: false, nickname: "u@peer1.com"})
1531 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
1533 assert json_response(conn, 200)
1536 describe "GET /users/:nickname/credentials" do
1537 test "gets the user credentials", %{conn: conn} do
1538 user = insert(:user)
1539 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
1541 response = assert json_response(conn, 200)
1542 assert response["email"] == user.email
1545 test "returns 403 if requested by a non-admin" do
1546 user = insert(:user)
1550 |> assign(:user, user)
1551 |> get("/api/pleroma/admin/users/#{user.nickname}/credentials")
1553 assert json_response(conn, :forbidden)
1557 describe "PATCH /users/:nickname/credentials" do
1559 user = insert(:user)
1563 test "changes password and email", %{conn: conn, admin: admin, user: user} do
1564 assert user.password_reset_pending == false
1567 patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1568 "password" => "new_password",
1569 "email" => "new_email@example.com",
1570 "name" => "new_name"
1573 assert json_response(conn, 200) == %{"status" => "success"}
1575 ObanHelpers.perform_all()
1577 updated_user = User.get_by_id(user.id)
1579 assert updated_user.email == "new_email@example.com"
1580 assert updated_user.name == "new_name"
1581 assert updated_user.password_hash != user.password_hash
1582 assert updated_user.password_reset_pending == true
1584 [log_entry2, log_entry1] = ModerationLog |> Repo.all() |> Enum.sort()
1586 assert ModerationLog.get_log_entry_message(log_entry1) ==
1587 "@#{admin.nickname} updated users: @#{user.nickname}"
1589 assert ModerationLog.get_log_entry_message(log_entry2) ==
1590 "@#{admin.nickname} forced password reset for users: @#{user.nickname}"
1593 test "returns 403 if requested by a non-admin", %{user: user} do
1596 |> assign(:user, user)
1597 |> patch("/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1598 "password" => "new_password",
1599 "email" => "new_email@example.com",
1600 "name" => "new_name"
1603 assert json_response(conn, :forbidden)
1606 test "changes actor type from permitted list", %{conn: conn, user: user} do
1607 assert user.actor_type == "Person"
1609 assert patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1610 "actor_type" => "Service"
1612 |> json_response(200) == %{"status" => "success"}
1614 updated_user = User.get_by_id(user.id)
1616 assert updated_user.actor_type == "Service"
1618 assert patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1619 "actor_type" => "Application"
1621 |> json_response(400) == %{"errors" => %{"actor_type" => "is invalid"}}
1624 test "update non existing user", %{conn: conn} do
1625 assert patch(conn, "/api/pleroma/admin/users/non-existing/credentials", %{
1626 "password" => "new_password"
1628 |> json_response(404) == %{"error" => "Not found"}
1632 describe "PATCH /users/:nickname/force_password_reset" do
1633 test "sets password_reset_pending to true", %{conn: conn} do
1634 user = insert(:user)
1635 assert user.password_reset_pending == false
1638 patch(conn, "/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
1640 assert json_response(conn, 204) == ""
1642 ObanHelpers.perform_all()
1644 assert User.get_by_id(user.id).password_reset_pending == true
1648 describe "instances" do
1649 test "GET /instances/:instance/statuses", %{conn: conn} do
1650 user = insert(:user, local: false, nickname: "archaeme@archae.me")
1651 user2 = insert(:user, local: false, nickname: "test@test.com")
1652 insert_pair(:note_activity, user: user)
1653 activity = insert(:note_activity, user: user2)
1655 ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses")
1657 response = json_response(ret_conn, 200)
1659 assert length(response) == 2
1661 ret_conn = get(conn, "/api/pleroma/admin/instances/test.com/statuses")
1663 response = json_response(ret_conn, 200)
1665 assert length(response) == 1
1667 ret_conn = get(conn, "/api/pleroma/admin/instances/nonexistent.com/statuses")
1669 response = json_response(ret_conn, 200)
1671 assert Enum.empty?(response)
1673 CommonAPI.repeat(activity.id, user)
1675 ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses")
1676 response = json_response(ret_conn, 200)
1677 assert length(response) == 2
1679 ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses?with_reblogs=true")
1680 response = json_response(ret_conn, 200)
1681 assert length(response) == 3
1685 describe "PATCH /confirm_email" do
1686 test "it confirms emails of two users", %{conn: conn, admin: admin} do
1687 [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
1689 assert first_user.confirmation_pending == true
1690 assert second_user.confirmation_pending == true
1693 patch(conn, "/api/pleroma/admin/users/confirm_email", %{
1695 first_user.nickname,
1696 second_user.nickname
1700 assert ret_conn.status == 200
1702 assert first_user.confirmation_pending == true
1703 assert second_user.confirmation_pending == true
1705 log_entry = Repo.one(ModerationLog)
1707 assert ModerationLog.get_log_entry_message(log_entry) ==
1708 "@#{admin.nickname} confirmed email for users: @#{first_user.nickname}, @#{
1709 second_user.nickname
1714 describe "PATCH /resend_confirmation_email" do
1715 test "it resend emails for two users", %{conn: conn, admin: admin} do
1716 [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
1719 patch(conn, "/api/pleroma/admin/users/resend_confirmation_email", %{
1721 first_user.nickname,
1722 second_user.nickname
1726 assert ret_conn.status == 200
1728 log_entry = Repo.one(ModerationLog)
1730 assert ModerationLog.get_log_entry_message(log_entry) ==
1731 "@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{
1732 second_user.nickname
1737 describe "/api/pleroma/admin/stats" do
1738 test "status visibility count", %{conn: conn} do
1739 admin = insert(:user, is_admin: true)
1740 user = insert(:user)
1741 CommonAPI.post(user, %{visibility: "public", status: "hey"})
1742 CommonAPI.post(user, %{visibility: "unlisted", status: "hey"})
1743 CommonAPI.post(user, %{visibility: "unlisted", status: "hey"})
1747 |> assign(:user, admin)
1748 |> get("/api/pleroma/admin/stats")
1749 |> json_response(200)
1751 assert %{"direct" => 0, "private" => 0, "public" => 1, "unlisted" => 2} =
1752 response["status_visibility"]
1755 test "by instance", %{conn: conn} do
1756 admin = insert(:user, is_admin: true)
1757 user1 = insert(:user)
1758 instance2 = "instance2.tld"
1759 user2 = insert(:user, %{ap_id: "https://#{instance2}/@actor"})
1761 CommonAPI.post(user1, %{visibility: "public", status: "hey"})
1762 CommonAPI.post(user2, %{visibility: "unlisted", status: "hey"})
1763 CommonAPI.post(user2, %{visibility: "private", status: "hey"})
1767 |> assign(:user, admin)
1768 |> get("/api/pleroma/admin/stats", instance: instance2)
1769 |> json_response(200)
1771 assert %{"direct" => 0, "private" => 1, "public" => 0, "unlisted" => 1} =
1772 response["status_visibility"]
1777 # Needed for testing
1778 defmodule Pleroma.Web.Endpoint.NotReal do
1781 defmodule Pleroma.Captcha.NotReal do