+
+ describe "POST /api/pleroma/admin/users/revoke_invite" do
+ test "with token" do
+ admin = insert(:user, info: %{is_admin: true})
+ {:ok, invite} = UserInviteToken.create_invite()
+
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> post("/api/pleroma/admin/users/revoke_invite", %{"token" => invite.token})
+
+ assert json_response(conn, 200) == %{
+ "expires_at" => nil,
+ "id" => invite.id,
+ "invite_type" => "one_time",
+ "max_use" => nil,
+ "token" => invite.token,
+ "used" => true,
+ "uses" => 0
+ }
+ end
+ end
+
+ describe "GET /api/pleroma/admin/reports/:id" do
+ setup %{conn: conn} do
+ admin = insert(:user, info: %{is_admin: true})
+
+ %{conn: assign(conn, :user, admin)}
+ end
+
+ test "returns report by its id", %{conn: conn} do
+ [reporter, target_user] = insert_pair(:user)
+ activity = insert(:note_activity, user: target_user)
+
+ {:ok, %{id: report_id}} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "comment" => "I feel offended",
+ "status_ids" => [activity.id]
+ })
+
+ response =
+ conn
+ |> get("/api/pleroma/admin/reports/#{report_id}")
+ |> json_response(:ok)
+
+ assert response["id"] == report_id
+ end
+
+ test "returns 404 when report id is invalid", %{conn: conn} do
+ conn = get(conn, "/api/pleroma/admin/reports/test")
+
+ assert json_response(conn, :not_found) == "Not found"
+ end
+ end
+
+ describe "PUT /api/pleroma/admin/reports/:id" do
+ setup %{conn: conn} do
+ admin = insert(:user, info: %{is_admin: true})
+ [reporter, target_user] = insert_pair(:user)
+ activity = insert(:note_activity, user: target_user)
+
+ {:ok, %{id: report_id}} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "comment" => "I feel offended",
+ "status_ids" => [activity.id]
+ })
+
+ %{conn: assign(conn, :user, admin), id: report_id}
+ end
+
+ test "mark report as resolved", %{conn: conn, id: id} do
+ response =
+ conn
+ |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "resolved"})
+ |> json_response(:ok)
+
+ assert response["state"] == "resolved"
+ end
+
+ test "closes report", %{conn: conn, id: id} do
+ response =
+ conn
+ |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "closed"})
+ |> json_response(:ok)
+
+ assert response["state"] == "closed"
+ end
+
+ test "returns 400 when state is unknown", %{conn: conn, id: id} do
+ conn =
+ conn
+ |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "test"})
+
+ assert json_response(conn, :bad_request) == "Unsupported state"
+ end
+
+ test "returns 404 when report is not exist", %{conn: conn} do
+ conn =
+ conn
+ |> put("/api/pleroma/admin/reports/test", %{"state" => "closed"})
+
+ assert json_response(conn, :not_found) == "Not found"
+ end
+ end
+
+ describe "GET /api/pleroma/admin/reports" do
+ setup %{conn: conn} do
+ admin = insert(:user, info: %{is_admin: true})
+
+ %{conn: assign(conn, :user, admin)}
+ end
+
+ test "returns empty response when no reports created", %{conn: conn} do
+ response =
+ conn
+ |> get("/api/pleroma/admin/reports")
+ |> json_response(:ok)
+
+ assert Enum.empty?(response["reports"])
+ end
+
+ test "returns reports", %{conn: conn} do
+ [reporter, target_user] = insert_pair(:user)
+ activity = insert(:note_activity, user: target_user)
+
+ {:ok, %{id: report_id}} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "comment" => "I feel offended",
+ "status_ids" => [activity.id]
+ })
+
+ response =
+ conn
+ |> get("/api/pleroma/admin/reports")
+ |> json_response(:ok)
+
+ [report] = response["reports"]
+
+ assert length(response["reports"]) == 1
+ assert report["id"] == report_id
+ end
+
+ test "returns reports with specified state", %{conn: conn} do
+ [reporter, target_user] = insert_pair(:user)
+ activity = insert(:note_activity, user: target_user)
+
+ {:ok, %{id: first_report_id}} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "comment" => "I feel offended",
+ "status_ids" => [activity.id]
+ })
+
+ {:ok, %{id: second_report_id}} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "comment" => "I don't like this user"
+ })
+
+ CommonAPI.update_report_state(second_report_id, "closed")
+
+ response =
+ conn
+ |> get("/api/pleroma/admin/reports", %{
+ "state" => "open"
+ })
+ |> json_response(:ok)
+
+ [open_report] = response["reports"]
+
+ assert length(response["reports"]) == 1
+ assert open_report["id"] == first_report_id
+
+ response =
+ conn
+ |> get("/api/pleroma/admin/reports", %{
+ "state" => "closed"
+ })
+ |> json_response(:ok)
+
+ [closed_report] = response["reports"]
+
+ assert length(response["reports"]) == 1
+ assert closed_report["id"] == second_report_id
+
+ response =
+ conn
+ |> get("/api/pleroma/admin/reports", %{
+ "state" => "resolved"
+ })
+ |> json_response(:ok)
+
+ assert Enum.empty?(response["reports"])
+ end
+
+ test "returns 403 when requested by a non-admin" do
+ user = insert(:user)
+
+ conn =
+ build_conn()
+ |> assign(:user, user)
+ |> get("/api/pleroma/admin/reports")
+
+ assert json_response(conn, :forbidden) == %{"error" => "User is not admin."}
+ end
+
+ test "returns 403 when requested by anonymous" do
+ conn =
+ build_conn()
+ |> get("/api/pleroma/admin/reports")
+
+ assert json_response(conn, :forbidden) == %{"error" => "Invalid credentials."}
+ end
+ end
+
+ describe "POST /api/pleroma/admin/reports/:id/respond" do
+ setup %{conn: conn} do
+ admin = insert(:user, info: %{is_admin: true})
+
+ %{conn: assign(conn, :user, admin)}
+ end
+
+ test "returns created dm", %{conn: conn} do
+ [reporter, target_user] = insert_pair(:user)
+ activity = insert(:note_activity, user: target_user)
+
+ {:ok, %{id: report_id}} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "comment" => "I feel offended",
+ "status_ids" => [activity.id]
+ })
+
+ response =
+ conn
+ |> post("/api/pleroma/admin/reports/#{report_id}/respond", %{
+ "status" => "I will check it out"
+ })
+ |> json_response(:ok)
+
+ recipients = Enum.map(response["mentions"], & &1["username"])
+
+ assert conn.assigns[:user].nickname in recipients
+ assert reporter.nickname in recipients
+ assert response["content"] == "I will check it out"
+ assert response["visibility"] == "direct"
+ end
+
+ test "returns 400 when status is missing", %{conn: conn} do
+ conn = post(conn, "/api/pleroma/admin/reports/test/respond")
+
+ assert json_response(conn, :bad_request) == "Invalid parameters"
+ end
+
+ test "returns 404 when report id is invalid", %{conn: conn} do
+ conn =
+ post(conn, "/api/pleroma/admin/reports/test/respond", %{
+ "status" => "foo"
+ })
+
+ assert json_response(conn, :not_found) == "Not found"
+ end
+ end
+
+ describe "PUT /api/pleroma/admin/statuses/:id" do
+ setup %{conn: conn} do
+ admin = insert(:user, info: %{is_admin: true})
+ activity = insert(:note_activity)
+
+ %{conn: assign(conn, :user, admin), id: activity.id}
+ end
+
+ test "toggle sensitive flag", %{conn: conn, id: id} do
+ response =
+ conn
+ |> put("/api/pleroma/admin/statuses/#{id}", %{"sensitive" => "true"})
+ |> json_response(:ok)
+
+ assert response["sensitive"]
+
+ response =
+ conn
+ |> put("/api/pleroma/admin/statuses/#{id}", %{"sensitive" => "false"})
+ |> json_response(:ok)
+
+ refute response["sensitive"]
+ end
+
+ test "change visibility flag", %{conn: conn, id: id} do
+ response =
+ conn
+ |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "public"})
+ |> json_response(:ok)
+
+ assert response["visibility"] == "public"
+
+ response =
+ conn
+ |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "private"})
+ |> json_response(:ok)
+
+ assert response["visibility"] == "private"
+
+ response =
+ conn
+ |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "unlisted"})
+ |> json_response(:ok)
+
+ assert response["visibility"] == "unlisted"
+ end
+
+ test "returns 400 when visibility is unknown", %{conn: conn, id: id} do
+ conn =
+ conn
+ |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "test"})
+
+ assert json_response(conn, :bad_request) == "Unsupported visibility"
+ end
+ end
+
+ describe "DELETE /api/pleroma/admin/statuses/:id" do
+ setup %{conn: conn} do
+ admin = insert(:user, info: %{is_admin: true})
+ activity = insert(:note_activity)
+
+ %{conn: assign(conn, :user, admin), id: activity.id}
+ end
+
+ test "deletes status", %{conn: conn, id: id} do
+ conn
+ |> delete("/api/pleroma/admin/statuses/#{id}")
+ |> json_response(:ok)
+
+ refute Activity.get_by_id(id)
+ end
+
+ test "returns error when status is not exist", %{conn: conn} do
+ conn =
+ conn
+ |> delete("/api/pleroma/admin/statuses/test")
+
+ assert json_response(conn, :bad_request) == "Could not delete"
+ end
+ end
+
+ describe "GET /api/pleroma/admin/config" do
+ setup %{conn: conn} do
+ admin = insert(:user, info: %{is_admin: true})
+
+ %{conn: assign(conn, :user, admin)}
+ end
+
+ test "without any settings in db", %{conn: conn} do
+ conn = get(conn, "/api/pleroma/admin/config")
+
+ assert json_response(conn, 200) == %{"configs" => []}
+ end
+
+ test "with settings in db", %{conn: conn} do
+ config1 = insert(:config)
+ config2 = insert(:config)
+
+ conn = get(conn, "/api/pleroma/admin/config")
+
+ %{
+ "configs" => [
+ %{
+ "key" => key1,
+ "value" => _
+ },
+ %{
+ "key" => key2,
+ "value" => _
+ }
+ ]
+ } = json_response(conn, 200)
+
+ assert key1 == config1.key
+ assert key2 == config2.key
+ end
+ end
+
+ describe "POST /api/pleroma/admin/config" do
+ setup %{conn: conn} do
+ admin = insert(:user, info: %{is_admin: true})
+
+ temp_file = "config/test.exported_from_db.secret.exs"
+
+ on_exit(fn ->
+ Application.delete_env(:pleroma, :key1)
+ Application.delete_env(:pleroma, :key2)
+ Application.delete_env(:pleroma, :key3)
+ Application.delete_env(:pleroma, :key4)
+ Application.delete_env(:pleroma, :keyaa1)
+ Application.delete_env(:pleroma, :keyaa2)
+ Application.delete_env(:pleroma, Pleroma.Web.Endpoint.NotReal)
+ Application.delete_env(:pleroma, Pleroma.Captcha.NotReal)
+ :ok = File.rm(temp_file)
+ end)
+
+ dynamic = Pleroma.Config.get([:instance, :dynamic_configuration])
+
+ Pleroma.Config.put([:instance, :dynamic_configuration], true)
+
+ on_exit(fn ->
+ Pleroma.Config.put([:instance, :dynamic_configuration], dynamic)
+ end)
+
+ %{conn: assign(conn, :user, admin)}
+ end
+
+ test "create new config setting in db", %{conn: conn} do
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{group: "pleroma", key: "key1", value: "value1"},
+ %{
+ group: "pleroma",
+ key: "key2",
+ value: %{
+ "nested_1" => "nested_value1",
+ "nested_2" => [
+ %{"nested_22" => "nested_value222"},
+ %{"nested_33" => %{"nested_44" => "nested_444"}}
+ ]
+ }
+ },
+ %{
+ group: "pleroma",
+ key: "key3",
+ value: [
+ %{"nested_3" => ":nested_3", "nested_33" => "nested_33"},
+ %{"nested_4" => ":true"}
+ ]
+ },
+ %{
+ group: "pleroma",
+ key: "key4",
+ value: %{"nested_5" => ":upload", "endpoint" => "https://example.com"}
+ },
+ %{
+ group: "idna",
+ key: "key5",
+ value: %{"tuple" => ["string", "Pleroma.Captcha.NotReal", []]}
+ }
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => "pleroma",
+ "key" => "key1",
+ "value" => "value1"
+ },
+ %{
+ "group" => "pleroma",
+ "key" => "key2",
+ "value" => [
+ %{"nested_1" => "nested_value1"},
+ %{
+ "nested_2" => [
+ %{"nested_22" => "nested_value222"},
+ %{"nested_33" => %{"nested_44" => "nested_444"}}
+ ]
+ }
+ ]
+ },
+ %{
+ "group" => "pleroma",
+ "key" => "key3",
+ "value" => [
+ [%{"nested_3" => "nested_3"}, %{"nested_33" => "nested_33"}],
+ %{"nested_4" => true}
+ ]
+ },
+ %{
+ "group" => "pleroma",
+ "key" => "key4",
+ "value" => [%{"endpoint" => "https://example.com"}, %{"nested_5" => "upload"}]
+ },
+ %{
+ "group" => "idna",
+ "key" => "key5",
+ "value" => %{"tuple" => ["string", "Pleroma.Captcha.NotReal", []]}
+ }
+ ]
+ }
+
+ assert Application.get_env(:pleroma, :key1) == "value1"
+
+ assert Application.get_env(:pleroma, :key2) == [
+ nested_1: "nested_value1",
+ nested_2: [
+ [nested_22: "nested_value222"],
+ [nested_33: [nested_44: "nested_444"]]
+ ]
+ ]
+
+ assert Application.get_env(:pleroma, :key3) == [
+ [nested_3: :nested_3, nested_33: "nested_33"],
+ [nested_4: true]
+ ]
+
+ assert Application.get_env(:pleroma, :key4) == [
+ endpoint: "https://example.com",
+ nested_5: :upload
+ ]
+
+ assert Application.get_env(:idna, :key5) == {"string", Pleroma.Captcha.NotReal, []}
+ end
+
+ test "update config setting & delete", %{conn: conn} do
+ config1 = insert(:config, key: "keyaa1")
+ config2 = insert(:config, key: "keyaa2")
+
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{group: config1.group, key: config1.key, value: "another_value"},
+ %{group: config2.group, key: config2.key, delete: "true"}
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => "pleroma",
+ "key" => config1.key,
+ "value" => "another_value"
+ }
+ ]
+ }
+
+ assert Application.get_env(:pleroma, :keyaa1) == "another_value"
+ refute Application.get_env(:pleroma, :keyaa2)
+ end
+
+ test "common config example", %{conn: conn} do
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{
+ "group" => "pleroma",
+ "key" => "Pleroma.Captcha.NotReal",
+ "value" => %{
+ "enabled" => ":false",
+ "method" => "Pleroma.Captcha.Kocaptcha",
+ "seconds_valid" => "i:60"
+ }
+ }
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => "pleroma",
+ "key" => "Pleroma.Captcha.NotReal",
+ "value" => [
+ %{"enabled" => false},
+ %{"method" => "Pleroma.Captcha.Kocaptcha"},
+ %{"seconds_valid" => 60}
+ ]
+ }
+ ]
+ }
+ end
+
+ test "tuples with more than two values", %{conn: conn} do
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{
+ "group" => "pleroma",
+ "key" => "Pleroma.Web.Endpoint.NotReal",
+ "value" => [
+ %{
+ "http" => %{
+ "dispatch" => [
+ %{
+ "tuple" => [
+ ":_",
+ [
+ %{
+ "tuple" => [
+ "/api/v1/streaming",
+ "Pleroma.Web.MastodonAPI.WebsocketHandler",
+ []
+ ]
+ },
+ %{
+ "tuple" => [
+ "/websocket",
+ "Phoenix.Endpoint.CowboyWebSocket",
+ %{
+ "tuple" => [
+ "Phoenix.Transports.WebSocket",
+ %{
+ "tuple" => [
+ "Pleroma.Web.Endpoint",
+ "Pleroma.Web.UserSocket",
+ []
+ ]
+ }
+ ]
+ }
+ ]
+ },
+ %{
+ "tuple" => [
+ ":_",
+ "Phoenix.Endpoint.Cowboy2Handler",
+ %{
+ "tuple" => ["Pleroma.Web.Endpoint", []]
+ }
+ ]
+ }
+ ]
+ ]
+ }
+ ]
+ }
+ }
+ ]
+ }
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => "pleroma",
+ "key" => "Pleroma.Web.Endpoint.NotReal",
+ "value" => [
+ %{
+ "http" => %{
+ "dispatch" => %{
+ "_" => [
+ %{
+ "tuple" => [
+ "/api/v1/streaming",
+ "Pleroma.Web.MastodonAPI.WebsocketHandler",
+ []
+ ]
+ },
+ %{
+ "tuple" => [
+ "/websocket",
+ "Phoenix.Endpoint.CowboyWebSocket",
+ %{
+ "Elixir.Phoenix.Transports.WebSocket" => %{
+ "tuple" => [
+ "Pleroma.Web.Endpoint",
+ "Pleroma.Web.UserSocket",
+ []
+ ]
+ }
+ }
+ ]
+ },
+ %{
+ "tuple" => [
+ "_",
+ "Phoenix.Endpoint.Cowboy2Handler",
+ %{"Elixir.Pleroma.Web.Endpoint" => []}
+ ]
+ }
+ ]
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ end
+ end
+end
+
+# Needed for testing
+defmodule Pleroma.Web.Endpoint.NotReal do
+end
+
+defmodule Pleroma.Captcha.NotReal do