1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
7 use Oban.Testing, repo: Pleroma.Repo
9 import ExUnit.CaptureLog
11 import Pleroma.Factory
12 import Swoosh.TestAssertions
14 alias Pleroma.Activity
18 alias Pleroma.ModerationLog
20 alias Pleroma.Tests.ObanHelpers
23 alias Pleroma.Web.ActivityPub.Relay
24 alias Pleroma.Web.CommonAPI
25 alias Pleroma.Web.MediaProxy
28 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
34 admin = insert(:user, is_admin: true)
35 token = insert(:oauth_admin_token, user: admin)
39 |> assign(:user, admin)
40 |> assign(:token, token)
42 {:ok, %{admin: admin, token: token, conn: conn}}
45 test "with valid `admin_token` query parameter, skips OAuth scopes check" do
46 clear_config([:admin_token], "password123")
50 conn = get(build_conn(), "/api/pleroma/admin/users/#{user.nickname}?admin_token=password123")
52 assert json_response(conn, 200)
55 describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
56 setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
58 test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
61 url = "/api/pleroma/admin/users/#{user.nickname}"
63 good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
64 good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
65 good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
67 bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
68 bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
71 for good_token <- [good_token1, good_token2, good_token3] do
74 |> assign(:user, admin)
75 |> assign(:token, good_token)
78 assert json_response(conn, 200)
81 for good_token <- [good_token1, good_token2, good_token3] do
85 |> assign(:token, good_token)
88 assert json_response(conn, :forbidden)
91 for bad_token <- [bad_token1, bad_token2, bad_token3] do
94 |> assign(:user, admin)
95 |> assign(:token, bad_token)
98 assert json_response(conn, :forbidden)
103 describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do
104 setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
106 test "GET /api/pleroma/admin/users/:nickname requires " <>
107 "read:accounts or admin:read:accounts or broader scope",
110 url = "/api/pleroma/admin/users/#{user.nickname}"
112 good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
113 good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
114 good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
115 good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
116 good_token5 = insert(:oauth_token, user: admin, scopes: ["read"])
118 good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5]
120 bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"])
121 bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
124 for good_token <- good_tokens do
127 |> assign(:user, admin)
128 |> assign(:token, good_token)
131 assert json_response(conn, 200)
134 for good_token <- good_tokens do
137 |> assign(:user, nil)
138 |> assign(:token, good_token)
141 assert json_response(conn, :forbidden)
144 for bad_token <- [bad_token1, bad_token2, bad_token3] do
147 |> assign(:user, admin)
148 |> assign(:token, bad_token)
151 assert json_response(conn, :forbidden)
156 describe "DELETE /api/pleroma/admin/users" do
157 test "single user", %{admin: admin, conn: conn} do
158 clear_config([:instance, :federating], true)
162 avatar: %{"url" => [%{"href" => "https://someurl"}]},
163 banner: %{"url" => [%{"href" => "https://somebanner"}]},
168 # Create some activities to check they got deleted later
169 follower = insert(:user)
170 {:ok, _} = CommonAPI.post(user, %{status: "test"})
171 {:ok, _, _, _} = CommonAPI.follow(user, follower)
172 {:ok, _, _, _} = CommonAPI.follow(follower, user)
173 user = Repo.get(User, user.id)
174 assert user.note_count == 1
175 assert user.follower_count == 1
176 assert user.following_count == 1
177 refute user.deactivated
179 with_mock Pleroma.Web.Federator,
180 publish: fn _ -> nil end,
181 perform: fn _, _ -> nil end do
184 |> put_req_header("accept", "application/json")
185 |> delete("/api/pleroma/admin/users?nickname=#{user.nickname}")
187 ObanHelpers.perform_all()
189 assert User.get_by_nickname(user.nickname).deactivated
191 log_entry = Repo.one(ModerationLog)
193 assert ModerationLog.get_log_entry_message(log_entry) ==
194 "@#{admin.nickname} deleted users: @#{user.nickname}"
196 assert json_response(conn, 200) == [user.nickname]
198 user = Repo.get(User, user.id)
199 assert user.deactivated
201 assert user.avatar == %{}
202 assert user.banner == %{}
203 assert user.note_count == 0
204 assert user.follower_count == 0
205 assert user.following_count == 0
206 assert user.bio == ""
207 assert user.name == nil
209 assert called(Pleroma.Web.Federator.publish(:_))
213 test "multiple users", %{admin: admin, conn: conn} do
214 user_one = insert(:user)
215 user_two = insert(:user)
219 |> put_req_header("accept", "application/json")
220 |> delete("/api/pleroma/admin/users", %{
221 nicknames: [user_one.nickname, user_two.nickname]
224 log_entry = Repo.one(ModerationLog)
226 assert ModerationLog.get_log_entry_message(log_entry) ==
227 "@#{admin.nickname} deleted users: @#{user_one.nickname}, @#{user_two.nickname}"
229 response = json_response(conn, 200)
230 assert response -- [user_one.nickname, user_two.nickname] == []
234 describe "/api/pleroma/admin/users" do
235 test "Create", %{conn: conn} do
238 |> put_req_header("accept", "application/json")
239 |> post("/api/pleroma/admin/users", %{
242 "nickname" => "lain",
243 "email" => "lain@example.org",
247 "nickname" => "lain2",
248 "email" => "lain2@example.org",
254 response = json_response(conn, 200) |> Enum.map(&Map.get(&1, "type"))
255 assert response == ["success", "success"]
257 log_entry = Repo.one(ModerationLog)
259 assert ["lain", "lain2"] -- Enum.map(log_entry.data["subjects"], & &1["nickname"]) == []
262 test "Cannot create user with existing email", %{conn: conn} do
267 |> put_req_header("accept", "application/json")
268 |> post("/api/pleroma/admin/users", %{
271 "nickname" => "lain",
272 "email" => user.email,
278 assert json_response(conn, 409) == [
282 "email" => user.email,
285 "error" => "email has already been taken",
291 test "Cannot create user with existing nickname", %{conn: conn} do
296 |> put_req_header("accept", "application/json")
297 |> post("/api/pleroma/admin/users", %{
300 "nickname" => user.nickname,
301 "email" => "someuser@plerama.social",
307 assert json_response(conn, 409) == [
311 "email" => "someuser@plerama.social",
312 "nickname" => user.nickname
314 "error" => "nickname has already been taken",
320 test "Multiple user creation works in transaction", %{conn: conn} do
325 |> put_req_header("accept", "application/json")
326 |> post("/api/pleroma/admin/users", %{
329 "nickname" => "newuser",
330 "email" => "newuser@pleroma.social",
334 "nickname" => "lain",
335 "email" => user.email,
341 assert json_response(conn, 409) == [
345 "email" => user.email,
348 "error" => "email has already been taken",
354 "email" => "newuser@pleroma.social",
355 "nickname" => "newuser"
362 assert User.get_by_nickname("newuser") === nil
366 describe "/api/pleroma/admin/users/:nickname" do
367 test "Show", %{conn: conn} do
370 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
373 "deactivated" => false,
374 "id" => to_string(user.id),
376 "nickname" => user.nickname,
377 "roles" => %{"admin" => false, "moderator" => false},
379 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
380 "display_name" => HTML.strip_tags(user.name || user.nickname),
381 "confirmation_pending" => false,
382 "approval_pending" => false,
384 "registration_reason" => nil,
385 "actor_type" => "Person"
388 assert expected == json_response(conn, 200)
391 test "when the user doesn't exist", %{conn: conn} do
394 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
396 assert %{"error" => "Not found"} == json_response(conn, 404)
400 describe "/api/pleroma/admin/users/follow" do
401 test "allows to force-follow another user", %{admin: admin, conn: conn} do
403 follower = insert(:user)
406 |> put_req_header("accept", "application/json")
407 |> post("/api/pleroma/admin/users/follow", %{
408 "follower" => follower.nickname,
409 "followed" => user.nickname
412 user = User.get_cached_by_id(user.id)
413 follower = User.get_cached_by_id(follower.id)
415 assert User.following?(follower, user)
417 log_entry = Repo.one(ModerationLog)
419 assert ModerationLog.get_log_entry_message(log_entry) ==
420 "@#{admin.nickname} made @#{follower.nickname} follow @#{user.nickname}"
424 describe "/api/pleroma/admin/users/unfollow" do
425 test "allows to force-unfollow another user", %{admin: admin, conn: conn} do
427 follower = insert(:user)
429 User.follow(follower, user)
432 |> put_req_header("accept", "application/json")
433 |> post("/api/pleroma/admin/users/unfollow", %{
434 "follower" => follower.nickname,
435 "followed" => user.nickname
438 user = User.get_cached_by_id(user.id)
439 follower = User.get_cached_by_id(follower.id)
441 refute User.following?(follower, user)
443 log_entry = Repo.one(ModerationLog)
445 assert ModerationLog.get_log_entry_message(log_entry) ==
446 "@#{admin.nickname} made @#{follower.nickname} unfollow @#{user.nickname}"
450 describe "PUT /api/pleroma/admin/users/tag" do
451 setup %{conn: conn} do
452 user1 = insert(:user, %{tags: ["x"]})
453 user2 = insert(:user, %{tags: ["y"]})
454 user3 = insert(:user, %{tags: ["unchanged"]})
458 |> put_req_header("accept", "application/json")
460 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
461 "#{user2.nickname}&tags[]=foo&tags[]=bar"
464 %{conn: conn, user1: user1, user2: user2, user3: user3}
467 test "it appends specified tags to users with specified nicknames", %{
473 assert empty_json_response(conn)
474 assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"]
475 assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"]
477 log_entry = Repo.one(ModerationLog)
480 [user1.nickname, user2.nickname]
481 |> Enum.map(&"@#{&1}")
484 tags = ["foo", "bar"] |> Enum.join(", ")
486 assert ModerationLog.get_log_entry_message(log_entry) ==
487 "@#{admin.nickname} added tags: #{tags} to users: #{users}"
490 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
491 assert empty_json_response(conn)
492 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
496 describe "DELETE /api/pleroma/admin/users/tag" do
497 setup %{conn: conn} do
498 user1 = insert(:user, %{tags: ["x"]})
499 user2 = insert(:user, %{tags: ["y", "z"]})
500 user3 = insert(:user, %{tags: ["unchanged"]})
504 |> put_req_header("accept", "application/json")
506 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
507 "#{user2.nickname}&tags[]=x&tags[]=z"
510 %{conn: conn, user1: user1, user2: user2, user3: user3}
513 test "it removes specified tags from users with specified nicknames", %{
519 assert empty_json_response(conn)
520 assert User.get_cached_by_id(user1.id).tags == []
521 assert User.get_cached_by_id(user2.id).tags == ["y"]
523 log_entry = Repo.one(ModerationLog)
526 [user1.nickname, user2.nickname]
527 |> Enum.map(&"@#{&1}")
530 tags = ["x", "z"] |> Enum.join(", ")
532 assert ModerationLog.get_log_entry_message(log_entry) ==
533 "@#{admin.nickname} removed tags: #{tags} from users: #{users}"
536 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
537 assert empty_json_response(conn)
538 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
542 describe "/api/pleroma/admin/users/:nickname/permission_group" do
543 test "GET is giving user_info", %{admin: admin, conn: conn} do
546 |> put_req_header("accept", "application/json")
547 |> get("/api/pleroma/admin/users/#{admin.nickname}/permission_group/")
549 assert json_response(conn, 200) == %{
551 "is_moderator" => false
555 test "/:right POST, can add to a permission group", %{admin: admin, conn: conn} do
560 |> put_req_header("accept", "application/json")
561 |> post("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
563 assert json_response(conn, 200) == %{
567 log_entry = Repo.one(ModerationLog)
569 assert ModerationLog.get_log_entry_message(log_entry) ==
570 "@#{admin.nickname} made @#{user.nickname} admin"
573 test "/:right POST, can add to a permission group (multiple)", %{admin: admin, conn: conn} do
574 user_one = insert(:user)
575 user_two = insert(:user)
579 |> put_req_header("accept", "application/json")
580 |> post("/api/pleroma/admin/users/permission_group/admin", %{
581 nicknames: [user_one.nickname, user_two.nickname]
584 assert json_response(conn, 200) == %{"is_admin" => true}
586 log_entry = Repo.one(ModerationLog)
588 assert ModerationLog.get_log_entry_message(log_entry) ==
589 "@#{admin.nickname} made @#{user_one.nickname}, @#{user_two.nickname} admin"
592 test "/:right DELETE, can remove from a permission group", %{admin: admin, conn: conn} do
593 user = insert(:user, is_admin: true)
597 |> put_req_header("accept", "application/json")
598 |> delete("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
600 assert json_response(conn, 200) == %{"is_admin" => false}
602 log_entry = Repo.one(ModerationLog)
604 assert ModerationLog.get_log_entry_message(log_entry) ==
605 "@#{admin.nickname} revoked admin role from @#{user.nickname}"
608 test "/:right DELETE, can remove from a permission group (multiple)", %{
612 user_one = insert(:user, is_admin: true)
613 user_two = insert(:user, is_admin: true)
617 |> put_req_header("accept", "application/json")
618 |> delete("/api/pleroma/admin/users/permission_group/admin", %{
619 nicknames: [user_one.nickname, user_two.nickname]
622 assert json_response(conn, 200) == %{"is_admin" => false}
624 log_entry = Repo.one(ModerationLog)
626 assert ModerationLog.get_log_entry_message(log_entry) ==
627 "@#{admin.nickname} revoked admin role from @#{user_one.nickname}, @#{
633 test "/api/pleroma/admin/users/:nickname/password_reset", %{conn: conn} do
638 |> put_req_header("accept", "application/json")
639 |> get("/api/pleroma/admin/users/#{user.nickname}/password_reset")
641 resp = json_response(conn, 200)
643 assert Regex.match?(~r/(http:\/\/|https:\/\/)/, resp["link"])
646 describe "GET /api/pleroma/admin/users" do
647 test "renders users array for the first page", %{conn: conn, admin: admin} do
648 user = insert(:user, local: false, tags: ["foo", "bar"])
649 user2 = insert(:user, approval_pending: true, registration_reason: "I'm a chill dude")
651 conn = get(conn, "/api/pleroma/admin/users?page=1")
656 "deactivated" => admin.deactivated,
658 "nickname" => admin.nickname,
659 "roles" => %{"admin" => true, "moderator" => false},
662 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
663 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
664 "confirmation_pending" => false,
665 "approval_pending" => false,
666 "url" => admin.ap_id,
667 "registration_reason" => nil,
668 "actor_type" => "Person"
671 "deactivated" => user.deactivated,
673 "nickname" => user.nickname,
674 "roles" => %{"admin" => false, "moderator" => false},
676 "tags" => ["foo", "bar"],
677 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
678 "display_name" => HTML.strip_tags(user.name || user.nickname),
679 "confirmation_pending" => false,
680 "approval_pending" => false,
682 "registration_reason" => nil,
683 "actor_type" => "Person"
686 "deactivated" => user2.deactivated,
688 "nickname" => user2.nickname,
689 "roles" => %{"admin" => false, "moderator" => false},
692 "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
693 "display_name" => HTML.strip_tags(user2.name || user2.nickname),
694 "confirmation_pending" => false,
695 "approval_pending" => true,
696 "url" => user2.ap_id,
697 "registration_reason" => "I'm a chill dude",
698 "actor_type" => "Person"
701 |> Enum.sort_by(& &1["nickname"])
703 assert json_response(conn, 200) == %{
710 test "pagination works correctly with service users", %{conn: conn} do
711 service1 = User.get_or_create_service_actor_by_ap_id(Web.base_url() <> "/meido", "meido")
713 insert_list(25, :user)
715 assert %{"count" => 26, "page_size" => 10, "users" => users1} =
717 |> get("/api/pleroma/admin/users?page=1&filters=", %{page_size: "10"})
718 |> json_response(200)
720 assert Enum.count(users1) == 10
721 assert service1 not in users1
723 assert %{"count" => 26, "page_size" => 10, "users" => users2} =
725 |> get("/api/pleroma/admin/users?page=2&filters=", %{page_size: "10"})
726 |> json_response(200)
728 assert Enum.count(users2) == 10
729 assert service1 not in users2
731 assert %{"count" => 26, "page_size" => 10, "users" => users3} =
733 |> get("/api/pleroma/admin/users?page=3&filters=", %{page_size: "10"})
734 |> json_response(200)
736 assert Enum.count(users3) == 6
737 assert service1 not in users3
740 test "renders empty array for the second page", %{conn: conn} do
743 conn = get(conn, "/api/pleroma/admin/users?page=2")
745 assert json_response(conn, 200) == %{
752 test "regular search", %{conn: conn} do
753 user = insert(:user, nickname: "bob")
755 conn = get(conn, "/api/pleroma/admin/users?query=bo")
757 assert json_response(conn, 200) == %{
762 "deactivated" => user.deactivated,
764 "nickname" => user.nickname,
765 "roles" => %{"admin" => false, "moderator" => false},
768 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
769 "display_name" => HTML.strip_tags(user.name || user.nickname),
770 "confirmation_pending" => false,
771 "approval_pending" => false,
773 "registration_reason" => nil,
774 "actor_type" => "Person"
780 test "search by domain", %{conn: conn} do
781 user = insert(:user, nickname: "nickname@domain.com")
784 conn = get(conn, "/api/pleroma/admin/users?query=domain.com")
786 assert json_response(conn, 200) == %{
791 "deactivated" => user.deactivated,
793 "nickname" => user.nickname,
794 "roles" => %{"admin" => false, "moderator" => false},
797 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
798 "display_name" => HTML.strip_tags(user.name || user.nickname),
799 "confirmation_pending" => false,
800 "approval_pending" => false,
802 "registration_reason" => nil,
803 "actor_type" => "Person"
809 test "search by full nickname", %{conn: conn} do
810 user = insert(:user, nickname: "nickname@domain.com")
813 conn = get(conn, "/api/pleroma/admin/users?query=nickname@domain.com")
815 assert json_response(conn, 200) == %{
820 "deactivated" => user.deactivated,
822 "nickname" => user.nickname,
823 "roles" => %{"admin" => false, "moderator" => false},
826 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
827 "display_name" => HTML.strip_tags(user.name || user.nickname),
828 "confirmation_pending" => false,
829 "approval_pending" => false,
831 "registration_reason" => nil,
832 "actor_type" => "Person"
838 test "search by display name", %{conn: conn} do
839 user = insert(:user, name: "Display name")
842 conn = get(conn, "/api/pleroma/admin/users?name=display")
844 assert json_response(conn, 200) == %{
849 "deactivated" => user.deactivated,
851 "nickname" => user.nickname,
852 "roles" => %{"admin" => false, "moderator" => false},
855 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
856 "display_name" => HTML.strip_tags(user.name || user.nickname),
857 "confirmation_pending" => false,
858 "approval_pending" => false,
860 "registration_reason" => nil,
861 "actor_type" => "Person"
867 test "search by email", %{conn: conn} do
868 user = insert(:user, email: "email@example.com")
871 conn = get(conn, "/api/pleroma/admin/users?email=email@example.com")
873 assert json_response(conn, 200) == %{
878 "deactivated" => user.deactivated,
880 "nickname" => user.nickname,
881 "roles" => %{"admin" => false, "moderator" => false},
884 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
885 "display_name" => HTML.strip_tags(user.name || user.nickname),
886 "confirmation_pending" => false,
887 "approval_pending" => false,
889 "registration_reason" => nil,
890 "actor_type" => "Person"
896 test "regular search with page size", %{conn: conn} do
897 user = insert(:user, nickname: "aalice")
898 user2 = insert(:user, nickname: "alice")
900 conn1 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=1")
902 assert json_response(conn1, 200) == %{
907 "deactivated" => user.deactivated,
909 "nickname" => user.nickname,
910 "roles" => %{"admin" => false, "moderator" => false},
913 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
914 "display_name" => HTML.strip_tags(user.name || user.nickname),
915 "confirmation_pending" => false,
916 "approval_pending" => false,
918 "registration_reason" => nil,
919 "actor_type" => "Person"
924 conn2 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=2")
926 assert json_response(conn2, 200) == %{
931 "deactivated" => user2.deactivated,
933 "nickname" => user2.nickname,
934 "roles" => %{"admin" => false, "moderator" => false},
937 "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
938 "display_name" => HTML.strip_tags(user2.name || user2.nickname),
939 "confirmation_pending" => false,
940 "approval_pending" => false,
941 "url" => user2.ap_id,
942 "registration_reason" => nil,
943 "actor_type" => "Person"
949 test "only local users" do
950 admin = insert(:user, is_admin: true, nickname: "john")
951 token = insert(:oauth_admin_token, user: admin)
952 user = insert(:user, nickname: "bob")
954 insert(:user, nickname: "bobb", local: false)
958 |> assign(:user, admin)
959 |> assign(:token, token)
960 |> get("/api/pleroma/admin/users?query=bo&filters=local")
962 assert json_response(conn, 200) == %{
967 "deactivated" => user.deactivated,
969 "nickname" => user.nickname,
970 "roles" => %{"admin" => false, "moderator" => false},
973 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
974 "display_name" => HTML.strip_tags(user.name || user.nickname),
975 "confirmation_pending" => false,
976 "approval_pending" => false,
978 "registration_reason" => nil,
979 "actor_type" => "Person"
985 test "only local users with no query", %{conn: conn, admin: old_admin} do
986 admin = insert(:user, is_admin: true, nickname: "john")
987 user = insert(:user, nickname: "bob")
989 insert(:user, nickname: "bobb", local: false)
991 conn = get(conn, "/api/pleroma/admin/users?filters=local")
996 "deactivated" => user.deactivated,
998 "nickname" => user.nickname,
999 "roles" => %{"admin" => false, "moderator" => false},
1002 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
1003 "display_name" => HTML.strip_tags(user.name || user.nickname),
1004 "confirmation_pending" => false,
1005 "approval_pending" => false,
1006 "url" => user.ap_id,
1007 "registration_reason" => nil,
1008 "actor_type" => "Person"
1011 "deactivated" => admin.deactivated,
1013 "nickname" => admin.nickname,
1014 "roles" => %{"admin" => true, "moderator" => false},
1017 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
1018 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
1019 "confirmation_pending" => false,
1020 "approval_pending" => false,
1021 "url" => admin.ap_id,
1022 "registration_reason" => nil,
1023 "actor_type" => "Person"
1026 "deactivated" => false,
1027 "id" => old_admin.id,
1029 "nickname" => old_admin.nickname,
1030 "roles" => %{"admin" => true, "moderator" => false},
1032 "avatar" => User.avatar_url(old_admin) |> MediaProxy.url(),
1033 "display_name" => HTML.strip_tags(old_admin.name || old_admin.nickname),
1034 "confirmation_pending" => false,
1035 "approval_pending" => false,
1036 "url" => old_admin.ap_id,
1037 "registration_reason" => nil,
1038 "actor_type" => "Person"
1041 |> Enum.sort_by(& &1["nickname"])
1043 assert json_response(conn, 200) == %{
1050 test "only unapproved users", %{conn: conn} do
1054 approval_pending: true,
1055 registration_reason: "Plz let me in!"
1058 insert(:user, nickname: "happyboy", approval_pending: false)
1060 conn = get(conn, "/api/pleroma/admin/users?filters=need_approval")
1065 "deactivated" => user.deactivated,
1067 "nickname" => user.nickname,
1068 "roles" => %{"admin" => false, "moderator" => false},
1071 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
1072 "display_name" => HTML.strip_tags(user.name || user.nickname),
1073 "confirmation_pending" => false,
1074 "approval_pending" => true,
1075 "url" => user.ap_id,
1076 "registration_reason" => "Plz let me in!",
1077 "actor_type" => "Person"
1080 |> Enum.sort_by(& &1["nickname"])
1082 assert json_response(conn, 200) == %{
1089 test "load only admins", %{conn: conn, admin: admin} do
1090 second_admin = insert(:user, is_admin: true)
1094 conn = get(conn, "/api/pleroma/admin/users?filters=is_admin")
1099 "deactivated" => false,
1101 "nickname" => admin.nickname,
1102 "roles" => %{"admin" => true, "moderator" => false},
1103 "local" => admin.local,
1105 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
1106 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
1107 "confirmation_pending" => false,
1108 "approval_pending" => false,
1109 "url" => admin.ap_id,
1110 "registration_reason" => nil,
1111 "actor_type" => "Person"
1114 "deactivated" => false,
1115 "id" => second_admin.id,
1116 "nickname" => second_admin.nickname,
1117 "roles" => %{"admin" => true, "moderator" => false},
1118 "local" => second_admin.local,
1120 "avatar" => User.avatar_url(second_admin) |> MediaProxy.url(),
1121 "display_name" => HTML.strip_tags(second_admin.name || second_admin.nickname),
1122 "confirmation_pending" => false,
1123 "approval_pending" => false,
1124 "url" => second_admin.ap_id,
1125 "registration_reason" => nil,
1126 "actor_type" => "Person"
1129 |> Enum.sort_by(& &1["nickname"])
1131 assert json_response(conn, 200) == %{
1138 test "load only moderators", %{conn: conn} do
1139 moderator = insert(:user, is_moderator: true)
1143 conn = get(conn, "/api/pleroma/admin/users?filters=is_moderator")
1145 assert json_response(conn, 200) == %{
1150 "deactivated" => false,
1151 "id" => moderator.id,
1152 "nickname" => moderator.nickname,
1153 "roles" => %{"admin" => false, "moderator" => true},
1154 "local" => moderator.local,
1156 "avatar" => User.avatar_url(moderator) |> MediaProxy.url(),
1157 "display_name" => HTML.strip_tags(moderator.name || moderator.nickname),
1158 "confirmation_pending" => false,
1159 "approval_pending" => false,
1160 "url" => moderator.ap_id,
1161 "registration_reason" => nil,
1162 "actor_type" => "Person"
1168 test "load users with tags list", %{conn: conn} do
1169 user1 = insert(:user, tags: ["first"])
1170 user2 = insert(:user, tags: ["second"])
1174 conn = get(conn, "/api/pleroma/admin/users?tags[]=first&tags[]=second")
1179 "deactivated" => false,
1181 "nickname" => user1.nickname,
1182 "roles" => %{"admin" => false, "moderator" => false},
1183 "local" => user1.local,
1184 "tags" => ["first"],
1185 "avatar" => User.avatar_url(user1) |> MediaProxy.url(),
1186 "display_name" => HTML.strip_tags(user1.name || user1.nickname),
1187 "confirmation_pending" => false,
1188 "approval_pending" => false,
1189 "url" => user1.ap_id,
1190 "registration_reason" => nil,
1191 "actor_type" => "Person"
1194 "deactivated" => false,
1196 "nickname" => user2.nickname,
1197 "roles" => %{"admin" => false, "moderator" => false},
1198 "local" => user2.local,
1199 "tags" => ["second"],
1200 "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
1201 "display_name" => HTML.strip_tags(user2.name || user2.nickname),
1202 "confirmation_pending" => false,
1203 "approval_pending" => false,
1204 "url" => user2.ap_id,
1205 "registration_reason" => nil,
1206 "actor_type" => "Person"
1209 |> Enum.sort_by(& &1["nickname"])
1211 assert json_response(conn, 200) == %{
1218 test "`active` filters out users pending approval", %{token: token} do
1219 insert(:user, approval_pending: true)
1220 %{id: user_id} = insert(:user, approval_pending: false)
1221 %{id: admin_id} = token.user
1225 |> assign(:user, token.user)
1226 |> assign(:token, token)
1227 |> get("/api/pleroma/admin/users?filters=active")
1233 %{"id" => ^admin_id},
1236 } = json_response(conn, 200)
1239 test "it works with multiple filters" do
1240 admin = insert(:user, nickname: "john", is_admin: true)
1241 token = insert(:oauth_admin_token, user: admin)
1242 user = insert(:user, nickname: "bob", local: false, deactivated: true)
1244 insert(:user, nickname: "ken", local: true, deactivated: true)
1245 insert(:user, nickname: "bobb", local: false, deactivated: false)
1249 |> assign(:user, admin)
1250 |> assign(:token, token)
1251 |> get("/api/pleroma/admin/users?filters=deactivated,external")
1253 assert json_response(conn, 200) == %{
1258 "deactivated" => user.deactivated,
1260 "nickname" => user.nickname,
1261 "roles" => %{"admin" => false, "moderator" => false},
1262 "local" => user.local,
1264 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
1265 "display_name" => HTML.strip_tags(user.name || user.nickname),
1266 "confirmation_pending" => false,
1267 "approval_pending" => false,
1268 "url" => user.ap_id,
1269 "registration_reason" => nil,
1270 "actor_type" => "Person"
1276 test "it omits relay user", %{admin: admin, conn: conn} do
1277 assert %User{} = Relay.get_actor()
1279 conn = get(conn, "/api/pleroma/admin/users")
1281 assert json_response(conn, 200) == %{
1286 "deactivated" => admin.deactivated,
1288 "nickname" => admin.nickname,
1289 "roles" => %{"admin" => true, "moderator" => false},
1292 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
1293 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
1294 "confirmation_pending" => false,
1295 "approval_pending" => false,
1296 "url" => admin.ap_id,
1297 "registration_reason" => nil,
1298 "actor_type" => "Person"
1305 test "PATCH /api/pleroma/admin/users/activate", %{admin: admin, conn: conn} do
1306 user_one = insert(:user, deactivated: true)
1307 user_two = insert(:user, deactivated: true)
1312 "/api/pleroma/admin/users/activate",
1313 %{nicknames: [user_one.nickname, user_two.nickname]}
1316 response = json_response(conn, 200)
1317 assert Enum.map(response["users"], & &1["deactivated"]) == [false, false]
1319 log_entry = Repo.one(ModerationLog)
1321 assert ModerationLog.get_log_entry_message(log_entry) ==
1322 "@#{admin.nickname} activated users: @#{user_one.nickname}, @#{user_two.nickname}"
1325 test "PATCH /api/pleroma/admin/users/deactivate", %{admin: admin, conn: conn} do
1326 user_one = insert(:user, deactivated: false)
1327 user_two = insert(:user, deactivated: false)
1332 "/api/pleroma/admin/users/deactivate",
1333 %{nicknames: [user_one.nickname, user_two.nickname]}
1336 response = json_response(conn, 200)
1337 assert Enum.map(response["users"], & &1["deactivated"]) == [true, true]
1339 log_entry = Repo.one(ModerationLog)
1341 assert ModerationLog.get_log_entry_message(log_entry) ==
1342 "@#{admin.nickname} deactivated users: @#{user_one.nickname}, @#{user_two.nickname}"
1345 test "PATCH /api/pleroma/admin/users/approve", %{admin: admin, conn: conn} do
1346 user_one = insert(:user, approval_pending: true)
1347 user_two = insert(:user, approval_pending: true)
1352 "/api/pleroma/admin/users/approve",
1353 %{nicknames: [user_one.nickname, user_two.nickname]}
1356 response = json_response(conn, 200)
1357 assert Enum.map(response["users"], & &1["approval_pending"]) == [false, false]
1359 log_entry = Repo.one(ModerationLog)
1361 assert ModerationLog.get_log_entry_message(log_entry) ==
1362 "@#{admin.nickname} approved users: @#{user_one.nickname}, @#{user_two.nickname}"
1365 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation", %{admin: admin, conn: conn} do
1366 user = insert(:user)
1368 conn = patch(conn, "/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
1370 assert json_response(conn, 200) ==
1372 "deactivated" => !user.deactivated,
1374 "nickname" => user.nickname,
1375 "roles" => %{"admin" => false, "moderator" => false},
1378 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
1379 "display_name" => HTML.strip_tags(user.name || user.nickname),
1380 "confirmation_pending" => false,
1381 "approval_pending" => false,
1382 "url" => user.ap_id,
1383 "registration_reason" => nil,
1384 "actor_type" => "Person"
1387 log_entry = Repo.one(ModerationLog)
1389 assert ModerationLog.get_log_entry_message(log_entry) ==
1390 "@#{admin.nickname} deactivated users: @#{user.nickname}"
1393 describe "PUT disable_mfa" do
1394 test "returns 200 and disable 2fa", %{conn: conn} do
1397 multi_factor_authentication_settings: %MFA.Settings{
1399 totp: %MFA.Settings.TOTP{secret: "otp_secret", confirmed: true}
1405 |> put("/api/pleroma/admin/users/disable_mfa", %{nickname: user.nickname})
1406 |> json_response(200)
1408 assert response == user.nickname
1409 mfa_settings = refresh_record(user).multi_factor_authentication_settings
1411 refute mfa_settings.enabled
1412 refute mfa_settings.totp.confirmed
1415 test "returns 404 if user not found", %{conn: conn} do
1418 |> put("/api/pleroma/admin/users/disable_mfa", %{nickname: "nickname"})
1419 |> json_response(404)
1421 assert response == %{"error" => "Not found"}
1425 describe "GET /api/pleroma/admin/restart" do
1426 setup do: clear_config(:configurable_from_database, true)
1428 test "pleroma restarts", %{conn: conn} do
1430 assert conn |> get("/api/pleroma/admin/restart") |> json_response(200) == %{}
1431 end) =~ "pleroma restarted"
1433 refute Restarter.Pleroma.need_reboot?()
1437 test "need_reboot flag", %{conn: conn} do
1439 |> get("/api/pleroma/admin/need_reboot")
1440 |> json_response(200) == %{"need_reboot" => false}
1442 Restarter.Pleroma.need_reboot()
1445 |> get("/api/pleroma/admin/need_reboot")
1446 |> json_response(200) == %{"need_reboot" => true}
1448 on_exit(fn -> Restarter.Pleroma.refresh() end)
1451 describe "GET /api/pleroma/admin/users/:nickname/statuses" do
1453 user = insert(:user)
1455 date1 = (DateTime.to_unix(DateTime.utc_now()) + 2000) |> DateTime.from_unix!()
1456 date2 = (DateTime.to_unix(DateTime.utc_now()) + 1000) |> DateTime.from_unix!()
1457 date3 = (DateTime.to_unix(DateTime.utc_now()) + 3000) |> DateTime.from_unix!()
1459 insert(:note_activity, user: user, published: date1)
1460 insert(:note_activity, user: user, published: date2)
1461 insert(:note_activity, user: user, published: date3)
1466 test "renders user's statuses", %{conn: conn, user: user} do
1467 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
1469 assert json_response(conn, 200) |> length() == 3
1472 test "renders user's statuses with a limit", %{conn: conn, user: user} do
1473 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses?page_size=2")
1475 assert json_response(conn, 200) |> length() == 2
1478 test "doesn't return private statuses by default", %{conn: conn, user: user} do
1479 {:ok, _private_status} = CommonAPI.post(user, %{status: "private", visibility: "private"})
1481 {:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
1483 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
1485 assert json_response(conn, 200) |> length() == 4
1488 test "returns private statuses with godmode on", %{conn: conn, user: user} do
1489 {:ok, _private_status} = CommonAPI.post(user, %{status: "private", visibility: "private"})
1491 {:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
1493 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses?godmode=true")
1495 assert json_response(conn, 200) |> length() == 5
1498 test "excludes reblogs by default", %{conn: conn, user: user} do
1499 other_user = insert(:user)
1500 {:ok, activity} = CommonAPI.post(user, %{status: "."})
1501 {:ok, %Activity{}} = CommonAPI.repeat(activity.id, other_user)
1503 conn_res = get(conn, "/api/pleroma/admin/users/#{other_user.nickname}/statuses")
1504 assert json_response(conn_res, 200) |> length() == 0
1507 get(conn, "/api/pleroma/admin/users/#{other_user.nickname}/statuses?with_reblogs=true")
1509 assert json_response(conn_res, 200) |> length() == 1
1513 describe "GET /api/pleroma/admin/users/:nickname/chats" do
1515 user = insert(:user)
1516 recipients = insert_list(3, :user)
1518 Enum.each(recipients, fn recipient ->
1519 CommonAPI.post_chat_message(user, recipient, "yo")
1525 test "renders user's chats", %{conn: conn, user: user} do
1526 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/chats")
1528 assert json_response(conn, 200) |> length() == 3
1532 describe "GET /api/pleroma/admin/users/:nickname/chats unauthorized" do
1534 user = insert(:user)
1535 recipient = insert(:user)
1536 CommonAPI.post_chat_message(user, recipient, "yo")
1537 %{conn: conn} = oauth_access(["read:chats"])
1538 %{conn: conn, user: user}
1541 test "returns 403", %{conn: conn, user: user} do
1543 |> get("/api/pleroma/admin/users/#{user.nickname}/chats")
1544 |> json_response(403)
1548 describe "GET /api/pleroma/admin/users/:nickname/chats unauthenticated" do
1550 user = insert(:user)
1551 recipient = insert(:user)
1552 CommonAPI.post_chat_message(user, recipient, "yo")
1553 %{conn: build_conn(), user: user}
1556 test "returns 403", %{conn: conn, user: user} do
1558 |> get("/api/pleroma/admin/users/#{user.nickname}/chats")
1559 |> json_response(403)
1563 describe "GET /api/pleroma/admin/moderation_log" do
1565 moderator = insert(:user, is_moderator: true)
1567 %{moderator: moderator}
1570 test "returns the log", %{conn: conn, admin: admin} do
1571 Repo.insert(%ModerationLog{
1575 "nickname" => admin.nickname,
1578 action: "relay_follow",
1579 target: "https://example.org/relay"
1581 inserted_at: NaiveDateTime.truncate(~N[2017-08-15 15:47:06.597036], :second)
1584 Repo.insert(%ModerationLog{
1588 "nickname" => admin.nickname,
1591 action: "relay_unfollow",
1592 target: "https://example.org/relay"
1594 inserted_at: NaiveDateTime.truncate(~N[2017-08-16 15:47:06.597036], :second)
1597 conn = get(conn, "/api/pleroma/admin/moderation_log")
1599 response = json_response(conn, 200)
1600 [first_entry, second_entry] = response["items"]
1602 assert response["total"] == 2
1603 assert first_entry["data"]["action"] == "relay_unfollow"
1605 assert first_entry["message"] ==
1606 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
1608 assert second_entry["data"]["action"] == "relay_follow"
1610 assert second_entry["message"] ==
1611 "@#{admin.nickname} followed relay: https://example.org/relay"
1614 test "returns the log with pagination", %{conn: conn, admin: admin} do
1615 Repo.insert(%ModerationLog{
1619 "nickname" => admin.nickname,
1622 action: "relay_follow",
1623 target: "https://example.org/relay"
1625 inserted_at: NaiveDateTime.truncate(~N[2017-08-15 15:47:06.597036], :second)
1628 Repo.insert(%ModerationLog{
1632 "nickname" => admin.nickname,
1635 action: "relay_unfollow",
1636 target: "https://example.org/relay"
1638 inserted_at: NaiveDateTime.truncate(~N[2017-08-16 15:47:06.597036], :second)
1641 conn1 = get(conn, "/api/pleroma/admin/moderation_log?page_size=1&page=1")
1643 response1 = json_response(conn1, 200)
1644 [first_entry] = response1["items"]
1646 assert response1["total"] == 2
1647 assert response1["items"] |> length() == 1
1648 assert first_entry["data"]["action"] == "relay_unfollow"
1650 assert first_entry["message"] ==
1651 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
1653 conn2 = get(conn, "/api/pleroma/admin/moderation_log?page_size=1&page=2")
1655 response2 = json_response(conn2, 200)
1656 [second_entry] = response2["items"]
1658 assert response2["total"] == 2
1659 assert response2["items"] |> length() == 1
1660 assert second_entry["data"]["action"] == "relay_follow"
1662 assert second_entry["message"] ==
1663 "@#{admin.nickname} followed relay: https://example.org/relay"
1666 test "filters log by date", %{conn: conn, admin: admin} do
1667 first_date = "2017-08-15T15:47:06Z"
1668 second_date = "2017-08-20T15:47:06Z"
1670 Repo.insert(%ModerationLog{
1674 "nickname" => admin.nickname,
1677 action: "relay_follow",
1678 target: "https://example.org/relay"
1680 inserted_at: NaiveDateTime.from_iso8601!(first_date)
1683 Repo.insert(%ModerationLog{
1687 "nickname" => admin.nickname,
1690 action: "relay_unfollow",
1691 target: "https://example.org/relay"
1693 inserted_at: NaiveDateTime.from_iso8601!(second_date)
1699 "/api/pleroma/admin/moderation_log?start_date=#{second_date}"
1702 response1 = json_response(conn1, 200)
1703 [first_entry] = response1["items"]
1705 assert response1["total"] == 1
1706 assert first_entry["data"]["action"] == "relay_unfollow"
1708 assert first_entry["message"] ==
1709 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
1712 test "returns log filtered by user", %{conn: conn, admin: admin, moderator: moderator} do
1713 Repo.insert(%ModerationLog{
1717 "nickname" => admin.nickname,
1720 action: "relay_follow",
1721 target: "https://example.org/relay"
1725 Repo.insert(%ModerationLog{
1728 "id" => moderator.id,
1729 "nickname" => moderator.nickname,
1732 action: "relay_unfollow",
1733 target: "https://example.org/relay"
1737 conn1 = get(conn, "/api/pleroma/admin/moderation_log?user_id=#{moderator.id}")
1739 response1 = json_response(conn1, 200)
1740 [first_entry] = response1["items"]
1742 assert response1["total"] == 1
1743 assert get_in(first_entry, ["data", "actor", "id"]) == moderator.id
1746 test "returns log filtered by search", %{conn: conn, moderator: moderator} do
1747 ModerationLog.insert_log(%{
1749 action: "relay_follow",
1750 target: "https://example.org/relay"
1753 ModerationLog.insert_log(%{
1755 action: "relay_unfollow",
1756 target: "https://example.org/relay"
1759 conn1 = get(conn, "/api/pleroma/admin/moderation_log?search=unfo")
1761 response1 = json_response(conn1, 200)
1762 [first_entry] = response1["items"]
1764 assert response1["total"] == 1
1766 assert get_in(first_entry, ["data", "message"]) ==
1767 "@#{moderator.nickname} unfollowed relay: https://example.org/relay"
1771 test "gets a remote users when [:instance, :limit_to_local_content] is set to :unauthenticated",
1773 clear_config(Pleroma.Config.get([:instance, :limit_to_local_content]), :unauthenticated)
1774 user = insert(:user, %{local: false, nickname: "u@peer1.com"})
1775 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
1777 assert json_response(conn, 200)
1780 describe "GET /users/:nickname/credentials" do
1781 test "gets the user credentials", %{conn: conn} do
1782 user = insert(:user)
1783 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
1785 response = assert json_response(conn, 200)
1786 assert response["email"] == user.email
1789 test "returns 403 if requested by a non-admin" do
1790 user = insert(:user)
1794 |> assign(:user, user)
1795 |> get("/api/pleroma/admin/users/#{user.nickname}/credentials")
1797 assert json_response(conn, :forbidden)
1801 describe "PATCH /users/:nickname/credentials" do
1803 user = insert(:user)
1807 test "changes password and email", %{conn: conn, admin: admin, user: user} do
1808 assert user.password_reset_pending == false
1811 patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1812 "password" => "new_password",
1813 "email" => "new_email@example.com",
1814 "name" => "new_name"
1817 assert json_response(conn, 200) == %{"status" => "success"}
1819 ObanHelpers.perform_all()
1821 updated_user = User.get_by_id(user.id)
1823 assert updated_user.email == "new_email@example.com"
1824 assert updated_user.name == "new_name"
1825 assert updated_user.password_hash != user.password_hash
1826 assert updated_user.password_reset_pending == true
1828 [log_entry2, log_entry1] = ModerationLog |> Repo.all() |> Enum.sort()
1830 assert ModerationLog.get_log_entry_message(log_entry1) ==
1831 "@#{admin.nickname} updated users: @#{user.nickname}"
1833 assert ModerationLog.get_log_entry_message(log_entry2) ==
1834 "@#{admin.nickname} forced password reset for users: @#{user.nickname}"
1837 test "returns 403 if requested by a non-admin", %{user: user} do
1840 |> assign(:user, user)
1841 |> patch("/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1842 "password" => "new_password",
1843 "email" => "new_email@example.com",
1844 "name" => "new_name"
1847 assert json_response(conn, :forbidden)
1850 test "changes actor type from permitted list", %{conn: conn, user: user} do
1851 assert user.actor_type == "Person"
1853 assert patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1854 "actor_type" => "Service"
1856 |> json_response(200) == %{"status" => "success"}
1858 updated_user = User.get_by_id(user.id)
1860 assert updated_user.actor_type == "Service"
1862 assert patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1863 "actor_type" => "Application"
1865 |> json_response(400) == %{"errors" => %{"actor_type" => "is invalid"}}
1868 test "update non existing user", %{conn: conn} do
1869 assert patch(conn, "/api/pleroma/admin/users/non-existing/credentials", %{
1870 "password" => "new_password"
1872 |> json_response(404) == %{"error" => "Not found"}
1876 describe "PATCH /users/:nickname/force_password_reset" do
1877 test "sets password_reset_pending to true", %{conn: conn} do
1878 user = insert(:user)
1879 assert user.password_reset_pending == false
1882 patch(conn, "/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
1884 assert empty_json_response(conn) == ""
1886 ObanHelpers.perform_all()
1888 assert User.get_by_id(user.id).password_reset_pending == true
1892 describe "instances" do
1893 test "GET /instances/:instance/statuses", %{conn: conn} do
1894 user = insert(:user, local: false, nickname: "archaeme@archae.me")
1895 user2 = insert(:user, local: false, nickname: "test@test.com")
1896 insert_pair(:note_activity, user: user)
1897 activity = insert(:note_activity, user: user2)
1899 ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses")
1901 response = json_response(ret_conn, 200)
1903 assert length(response) == 2
1905 ret_conn = get(conn, "/api/pleroma/admin/instances/test.com/statuses")
1907 response = json_response(ret_conn, 200)
1909 assert length(response) == 1
1911 ret_conn = get(conn, "/api/pleroma/admin/instances/nonexistent.com/statuses")
1913 response = json_response(ret_conn, 200)
1915 assert Enum.empty?(response)
1917 CommonAPI.repeat(activity.id, user)
1919 ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses")
1920 response = json_response(ret_conn, 200)
1921 assert length(response) == 2
1923 ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses?with_reblogs=true")
1924 response = json_response(ret_conn, 200)
1925 assert length(response) == 3
1929 describe "PATCH /confirm_email" do
1930 test "it confirms emails of two users", %{conn: conn, admin: admin} do
1931 [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
1933 assert first_user.confirmation_pending == true
1934 assert second_user.confirmation_pending == true
1937 patch(conn, "/api/pleroma/admin/users/confirm_email", %{
1939 first_user.nickname,
1940 second_user.nickname
1944 assert ret_conn.status == 200
1946 assert first_user.confirmation_pending == true
1947 assert second_user.confirmation_pending == true
1949 log_entry = Repo.one(ModerationLog)
1951 assert ModerationLog.get_log_entry_message(log_entry) ==
1952 "@#{admin.nickname} confirmed email for users: @#{first_user.nickname}, @#{
1953 second_user.nickname
1958 describe "PATCH /resend_confirmation_email" do
1959 test "it resend emails for two users", %{conn: conn, admin: admin} do
1960 [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
1963 patch(conn, "/api/pleroma/admin/users/resend_confirmation_email", %{
1965 first_user.nickname,
1966 second_user.nickname
1970 assert ret_conn.status == 200
1972 log_entry = Repo.one(ModerationLog)
1974 assert ModerationLog.get_log_entry_message(log_entry) ==
1975 "@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{
1976 second_user.nickname
1979 ObanHelpers.perform_all()
1981 Pleroma.Emails.UserEmail.account_confirmation_email(first_user)
1982 # temporary hackney fix until hackney max_connections bug is fixed
1983 # https://git.pleroma.social/pleroma/pleroma/-/issues/2101
1984 |> Swoosh.Email.put_private(:hackney_options, ssl_options: [versions: [:"tlsv1.2"]])
1985 |> assert_email_sent()
1989 describe "/api/pleroma/admin/stats" do
1990 test "status visibility count", %{conn: conn} do
1991 admin = insert(:user, is_admin: true)
1992 user = insert(:user)
1993 CommonAPI.post(user, %{visibility: "public", status: "hey"})
1994 CommonAPI.post(user, %{visibility: "unlisted", status: "hey"})
1995 CommonAPI.post(user, %{visibility: "unlisted", status: "hey"})
1999 |> assign(:user, admin)
2000 |> get("/api/pleroma/admin/stats")
2001 |> json_response(200)
2003 assert %{"direct" => 0, "private" => 0, "public" => 1, "unlisted" => 2} =
2004 response["status_visibility"]
2007 test "by instance", %{conn: conn} do
2008 admin = insert(:user, is_admin: true)
2009 user1 = insert(:user)
2010 instance2 = "instance2.tld"
2011 user2 = insert(:user, %{ap_id: "https://#{instance2}/@actor"})
2013 CommonAPI.post(user1, %{visibility: "public", status: "hey"})
2014 CommonAPI.post(user2, %{visibility: "unlisted", status: "hey"})
2015 CommonAPI.post(user2, %{visibility: "private", status: "hey"})
2019 |> assign(:user, admin)
2020 |> get("/api/pleroma/admin/stats", instance: instance2)
2021 |> json_response(200)
2023 assert %{"direct" => 0, "private" => 1, "public" => 0, "unlisted" => 1} =
2024 response["status_visibility"]
2029 # Needed for testing
2030 defmodule Pleroma.Web.Endpoint.NotReal do
2033 defmodule Pleroma.Captcha.NotReal do