alias Comeonin.Pbkdf2
alias Ecto.Multi
alias Pleroma.Activity
+ alias Pleroma.Config
alias Pleroma.Conversation.Participation
alias Pleroma.Delivery
alias Pleroma.FollowingRelationship
require Logger
@type t :: %__MODULE__{}
-
+ @type account_status :: :active | :deactivated | :password_reset_pending | :confirmation_pending
@primary_key {:id, FlakeId.Ecto.CompatType, autogenerate: true}
# credo:disable-for-next-line Credo.Check.Readability.MaxLineLength
end
end
- @doc "Returns if the user should be allowed to authenticate"
- def auth_active?(%User{deactivated: true}), do: false
+ @doc "Returns status account"
+ @spec account_status(User.t()) :: account_status()
+ def account_status(%User{deactivated: true}), do: :deactivated
+ def account_status(%User{password_reset_pending: true}), do: :password_reset_pending
- def auth_active?(%User{confirmation_pending: true}),
- do: !Pleroma.Config.get([:instance, :account_activation_required])
+ def account_status(%User{confirmation_pending: true}) do
+ case Config.get([:instance, :account_activation_required]) do
+ true -> :confirmation_pending
+ _ -> :active
+ end
+ end
- def auth_active?(%User{}), do: true
+ def account_status(%User{}), do: :active
+ @spec visible_for?(User.t(), User.t() | nil) :: boolean()
def visible_for?(user, for_user \\ nil)
def visible_for?(%User{invisible: true}, _), do: false
def visible_for?(%User{id: user_id}, %User{id: for_id}) when user_id == for_id, do: true
def visible_for?(%User{} = user, for_user) do
- auth_active?(user) || superuser?(for_user)
+ account_status(user) == :active || superuser?(for_user)
end
def visible_for?(_, _), do: false
+ @spec superuser?(User.t()) :: boolean()
def superuser?(%User{local: true, is_admin: true}), do: true
def superuser?(%User{local: true, is_moderator: true}), do: true
def superuser?(_), do: false
+ @spec invisible?(User.t()) :: boolean()
def invisible?(%User{invisible: true}), do: true
def invisible?(_), do: false
Creates an internal service actor by URI if missing.
Optionally takes nickname for addressing.
"""
- def get_or_create_service_actor_by_ap_id(uri, nickname \\ nil) do
- with user when is_nil(user) <- get_cached_by_ap_id(uri) do
- {:ok, user} =
- %User{
- invisible: true,
- local: true,
- ap_id: uri,
- nickname: nickname,
- follower_address: uri <> "/followers"
- }
- |> Repo.insert()
+ @spec get_or_create_service_actor_by_ap_id(String.t(), String.t()) :: User.t() | nil
+ def get_or_create_service_actor_by_ap_id(uri, nickname) do
+ {_, user} =
+ case get_cached_by_ap_id(uri) do
+ nil ->
+ with {:error, %{errors: errors}} <- create_service_actor(uri, nickname) do
+ Logger.error("Cannot create service actor: #{uri}/.\n#{inspect(errors)}")
+ {:error, nil}
+ end
- user
- end
+ %User{invisible: false} = user ->
+ set_invisible(user)
+
+ user ->
+ {:ok, user}
+ end
+
+ user
+ end
+
+ @spec set_invisible(User.t()) :: {:ok, User.t()}
+ defp set_invisible(user) do
+ user
+ |> change(%{invisible: true})
+ |> update_and_set_cache()
+ end
+
+ @spec create_service_actor(String.t(), String.t()) ::
+ {:ok, User.t()} | {:error, Ecto.Changeset.t()}
+ defp create_service_actor(uri, nickname) do
+ %User{
+ invisible: true,
+ local: true,
+ ap_id: uri,
+ nickname: nickname,
+ follower_address: uri <> "/followers"
+ }
+ |> change
+ |> unique_constraint(:nickname)
+ |> Repo.insert()
+ |> set_cache()
end
# AP style
end
def admin_api_update(user, params) do
- changeset =
- cast(user, params, [
- :is_moderator,
- :is_admin,
- :show_role
- ])
-
- with {:ok, updated_user} <- update_and_set_cache(changeset) do
- if user.is_admin != updated_user.is_admin do
- # Admin status change results in change of accessible OAuth scopes, and instead of changing
- # already issued tokens we revoke them, requiring user to sign in again
- global_sign_out(user)
- end
-
- {:ok, updated_user}
- end
+ user
+ |> cast(params, [
+ :is_moderator,
+ :is_admin,
+ :show_role
+ ])
+ |> update_and_set_cache()
end
@doc "Signs user out of all applications"
projects / akkoma / blobdiff