field(:raw_fields, {:array, :map}, default: [])
field(:discoverable, :boolean, default: false)
field(:invisible, :boolean, default: false)
+ field(:allow_following_move, :boolean, default: true)
field(:skip_thread_containment, :boolean, default: false)
+ field(:also_known_as, {:array, :string}, default: [])
field(:notification_settings, :map,
default: %{
:fields,
:following_count,
:discoverable,
- :invisible
+ :invisible,
+ :also_known_as
]
)
|> validate_required([:name, :ap_id])
:hide_followers_count,
:hide_follows_count,
:hide_favorites,
+ :allow_following_move,
:background,
:show_role,
:skip_thread_containment,
:fields,
:raw_fields,
:pleroma_settings_store,
- :discoverable
+ :discoverable,
+ :also_known_as
]
)
|> unique_constraint(:nickname)
:hide_follows,
:fields,
:hide_followers,
+ :allow_following_move,
:discoverable,
:hide_followers_count,
- :hide_follows_count
+ :hide_follows_count,
+ :also_known_as
]
)
|> unique_constraint(:nickname)
end
def admin_api_update(user, params) do
- user
- |> cast(params, [
- :is_moderator,
- :is_admin,
- :show_role
- ])
- |> update_and_set_cache()
+ changeset =
+ cast(user, params, [
+ :is_moderator,
+ :is_admin,
+ :show_role
+ ])
+
+ with {:ok, updated_user} <- update_and_set_cache(changeset) do
+ if user.is_admin && !updated_user.is_admin do
+ # Tokens & authorizations containing any admin scopes must be revoked (revoking all)
+ global_sign_out(user)
+ end
+
+ {:ok, updated_user}
+ end
+ end
+
+ @doc "Signs user out of all applications"
+ def global_sign_out(user) do
+ OAuth.Authorization.delete_user_authorizations(user)
+ OAuth.Token.delete_user_tokens(user)
end
def mascot_update(user, url) do