alias Pleroma.HTML
alias Pleroma.ModerationLog
alias Pleroma.Repo
+ alias Pleroma.ReportNote
alias Pleroma.Tests.ObanHelpers
alias Pleroma.User
alias Pleroma.UserInviteToken
+ alias Pleroma.Web.ActivityPub.Relay
alias Pleroma.Web.CommonAPI
+ alias Pleroma.Web.MastodonAPI.StatusView
alias Pleroma.Web.MediaProxy
import Pleroma.Factory
:ok
end
+ clear_config([:auth, :enforce_oauth_admin_scope_usage]) do
+ Pleroma.Config.put([:auth, :enforce_oauth_admin_scope_usage], false)
+ end
+
+ describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
+ clear_config([:auth, :enforce_oauth_admin_scope_usage]) do
+ Pleroma.Config.put([:auth, :enforce_oauth_admin_scope_usage], true)
+ end
+
+ test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope" do
+ user = insert(:user)
+ admin = insert(:user, is_admin: true)
+ url = "/api/pleroma/admin/users/#{user.nickname}"
+
+ good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
+ good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
+ good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
+
+ bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
+ bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
+ bad_token3 = nil
+
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, good_token)
+ |> get(url)
+
+ assert json_response(conn, 200)
+ end
+
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, nil)
+ |> assign(:token, good_token)
+ |> get(url)
+
+ assert json_response(conn, :forbidden)
+ end
+
+ for bad_token <- [bad_token1, bad_token2, bad_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, bad_token)
+ |> get(url)
+
+ assert json_response(conn, :forbidden)
+ end
+ end
+ end
+
describe "DELETE /api/pleroma/admin/users" do
test "single user" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
conn =
end
test "multiple users" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user_one = insert(:user)
user_two = insert(:user)
describe "/api/pleroma/admin/users" do
test "Create" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
conn =
build_conn()
assert ["lain", "lain2"] -- Enum.map(log_entry.data["subjects"], & &1["nickname"]) == []
end
- test "Cannot create user with exisiting email" do
- admin = insert(:user, info: %{is_admin: true})
+ test "Cannot create user with existing email" do
+ admin = insert(:user, is_admin: true)
user = insert(:user)
conn =
]
end
- test "Cannot create user with exisiting nickname" do
- admin = insert(:user, info: %{is_admin: true})
+ test "Cannot create user with existing nickname" do
+ admin = insert(:user, is_admin: true)
user = insert(:user)
conn =
end
test "Multiple user creation works in transaction" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
conn =
describe "/api/pleroma/admin/users/:nickname" do
test "Show", %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
conn =
"roles" => %{"admin" => false, "moderator" => false},
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
assert expected == json_response(conn, 200)
end
test "when the user doesn't exist", %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = build(:user)
conn =
describe "/api/pleroma/admin/users/follow" do
test "allows to force-follow another user" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
follower = insert(:user)
describe "/api/pleroma/admin/users/unfollow" do
test "allows to force-unfollow another user" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
follower = insert(:user)
describe "PUT /api/pleroma/admin/users/tag" do
setup do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user1 = insert(:user, %{tags: ["x"]})
user2 = insert(:user, %{tags: ["y"]})
user3 = insert(:user, %{tags: ["unchanged"]})
describe "DELETE /api/pleroma/admin/users/tag" do
setup do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user1 = insert(:user, %{tags: ["x"]})
user2 = insert(:user, %{tags: ["y", "z"]})
user3 = insert(:user, %{tags: ["unchanged"]})
describe "/api/pleroma/admin/users/:nickname/permission_group" do
test "GET is giving user_info" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
conn =
build_conn()
end
test "/:right POST, can add to a permission group" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
conn =
end
test "/:right POST, can add to a permission group (multiple)" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user_one = insert(:user)
user_two = insert(:user)
end
test "/:right DELETE, can remove from a permission group" do
- admin = insert(:user, info: %{is_admin: true})
- user = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
+ user = insert(:user, is_admin: true)
conn =
build_conn()
end
test "/:right DELETE, can remove from a permission group (multiple)" do
- admin = insert(:user, info: %{is_admin: true})
- user_one = insert(:user, info: %{is_admin: true})
- user_two = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
+ user_one = insert(:user, is_admin: true)
+ user_two = insert(:user, is_admin: true)
conn =
build_conn()
describe "POST /api/pleroma/admin/email_invite, with valid config" do
setup do
- [user: insert(:user, info: %{is_admin: true})]
+ [user: insert(:user, is_admin: true)]
end
clear_config([:instance, :registrations_open]) do
describe "POST /api/pleroma/admin/users/email_invite, with invalid config" do
setup do
- [user: insert(:user, info: %{is_admin: true})]
+ [user: insert(:user, is_admin: true)]
end
clear_config([:instance, :registrations_open])
end
test "/api/pleroma/admin/users/:nickname/password_reset" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
conn =
describe "GET /api/pleroma/admin/users" do
setup do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
conn =
build_conn()
users =
[
%{
- "deactivated" => admin.info.deactivated,
+ "deactivated" => admin.deactivated,
"id" => admin.id,
"nickname" => admin.nickname,
"roles" => %{"admin" => true, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(admin.name || admin.nickname)
+ "display_name" => HTML.strip_tags(admin.name || admin.nickname),
+ "confirmation_pending" => false
},
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => false,
"tags" => ["foo", "bar"],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
|> Enum.sort_by(& &1["nickname"])
"page_size" => 50,
"users" => [
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"page_size" => 50,
"users" => [
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"page_size" => 50,
"users" => [
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"page_size" => 50,
"users" => [
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"page_size" => 50,
"users" => [
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"page_size" => 1,
"users" => [
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"page_size" => 1,
"users" => [
%{
- "deactivated" => user2.info.deactivated,
+ "deactivated" => user2.deactivated,
"id" => user2.id,
"nickname" => user2.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user2) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user2.name || user2.nickname)
+ "display_name" => HTML.strip_tags(user2.name || user2.nickname),
+ "confirmation_pending" => false
}
]
}
end
test "only local users" do
- admin = insert(:user, info: %{is_admin: true}, nickname: "john")
+ admin = insert(:user, is_admin: true, nickname: "john")
user = insert(:user, nickname: "bob")
insert(:user, nickname: "bobb", local: false)
"page_size" => 50,
"users" => [
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
end
test "only local users with no query", %{admin: old_admin} do
- admin = insert(:user, info: %{is_admin: true}, nickname: "john")
+ admin = insert(:user, is_admin: true, nickname: "john")
user = insert(:user, nickname: "bob")
insert(:user, nickname: "bobb", local: false)
users =
[
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
},
%{
- "deactivated" => admin.info.deactivated,
+ "deactivated" => admin.deactivated,
"id" => admin.id,
"nickname" => admin.nickname,
"roles" => %{"admin" => true, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(admin.name || admin.nickname)
+ "display_name" => HTML.strip_tags(admin.name || admin.nickname),
+ "confirmation_pending" => false
},
%{
"deactivated" => false,
"roles" => %{"admin" => true, "moderator" => false},
"tags" => [],
"avatar" => User.avatar_url(old_admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(old_admin.name || old_admin.nickname)
+ "display_name" => HTML.strip_tags(old_admin.name || old_admin.nickname),
+ "confirmation_pending" => false
}
]
|> Enum.sort_by(& &1["nickname"])
end
test "load only admins", %{conn: conn, admin: admin} do
- second_admin = insert(:user, info: %{is_admin: true})
+ second_admin = insert(:user, is_admin: true)
insert(:user)
insert(:user)
"local" => admin.local,
"tags" => [],
"avatar" => User.avatar_url(admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(admin.name || admin.nickname)
+ "display_name" => HTML.strip_tags(admin.name || admin.nickname),
+ "confirmation_pending" => false
},
%{
"deactivated" => false,
"local" => second_admin.local,
"tags" => [],
"avatar" => User.avatar_url(second_admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(second_admin.name || second_admin.nickname)
+ "display_name" => HTML.strip_tags(second_admin.name || second_admin.nickname),
+ "confirmation_pending" => false
}
]
|> Enum.sort_by(& &1["nickname"])
end
test "load only moderators", %{conn: conn} do
- moderator = insert(:user, info: %{is_moderator: true})
+ moderator = insert(:user, is_moderator: true)
insert(:user)
insert(:user)
"local" => moderator.local,
"tags" => [],
"avatar" => User.avatar_url(moderator) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(moderator.name || moderator.nickname)
+ "display_name" => HTML.strip_tags(moderator.name || moderator.nickname),
+ "confirmation_pending" => false
}
]
}
"local" => user1.local,
"tags" => ["first"],
"avatar" => User.avatar_url(user1) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user1.name || user1.nickname)
+ "display_name" => HTML.strip_tags(user1.name || user1.nickname),
+ "confirmation_pending" => false
},
%{
"deactivated" => false,
"local" => user2.local,
"tags" => ["second"],
"avatar" => User.avatar_url(user2) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user2.name || user2.nickname)
+ "display_name" => HTML.strip_tags(user2.name || user2.nickname),
+ "confirmation_pending" => false
}
]
|> Enum.sort_by(& &1["nickname"])
end
test "it works with multiple filters" do
- admin = insert(:user, nickname: "john", info: %{is_admin: true})
- user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true})
+ admin = insert(:user, nickname: "john", is_admin: true)
+ user = insert(:user, nickname: "bob", local: false, deactivated: true)
- insert(:user, nickname: "ken", local: true, info: %{deactivated: true})
- insert(:user, nickname: "bobb", local: false, info: %{deactivated: false})
+ insert(:user, nickname: "ken", local: true, deactivated: true)
+ insert(:user, nickname: "bobb", local: false, deactivated: false)
conn =
build_conn()
"page_size" => 50,
"users" => [
%{
- "deactivated" => user.info.deactivated,
+ "deactivated" => user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => user.local,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
+ }
+ ]
+ }
+ end
+
+ test "it omits relay user", %{admin: admin} do
+ assert %User{} = Relay.get_actor()
+
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> get("/api/pleroma/admin/users")
+
+ assert json_response(conn, 200) == %{
+ "count" => 1,
+ "page_size" => 50,
+ "users" => [
+ %{
+ "deactivated" => admin.deactivated,
+ "id" => admin.id,
+ "nickname" => admin.nickname,
+ "roles" => %{"admin" => true, "moderator" => false},
+ "local" => true,
+ "tags" => [],
+ "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
+ "display_name" => HTML.strip_tags(admin.name || admin.nickname),
+ "confirmation_pending" => false
}
]
}
end
test "PATCH /api/pleroma/admin/users/activate" do
- admin = insert(:user, info: %{is_admin: true})
- user_one = insert(:user, info: %{deactivated: true})
- user_two = insert(:user, info: %{deactivated: true})
+ admin = insert(:user, is_admin: true)
+ user_one = insert(:user, deactivated: true)
+ user_two = insert(:user, deactivated: true)
conn =
build_conn()
end
test "PATCH /api/pleroma/admin/users/deactivate" do
- admin = insert(:user, info: %{is_admin: true})
- user_one = insert(:user, info: %{deactivated: false})
- user_two = insert(:user, info: %{deactivated: false})
+ admin = insert(:user, is_admin: true)
+ user_one = insert(:user, deactivated: false)
+ user_two = insert(:user, deactivated: false)
conn =
build_conn()
end
test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
conn =
assert json_response(conn, 200) ==
%{
- "deactivated" => !user.info.deactivated,
+ "deactivated" => !user.deactivated,
"id" => user.id,
"nickname" => user.nickname,
"roles" => %{"admin" => false, "moderator" => false},
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
log_entry = Repo.one(ModerationLog)
describe "POST /api/pleroma/admin/users/invite_token" do
setup do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
conn =
build_conn()
describe "GET /api/pleroma/admin/users/invites" do
setup do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
conn =
build_conn()
describe "POST /api/pleroma/admin/users/revoke_invite" do
test "with token" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
{:ok, invite} = UserInviteToken.create_invite()
conn =
end
test "with invalid token" do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
conn =
build_conn()
describe "GET /api/pleroma/admin/reports/:id" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
%{conn: assign(conn, :user, admin)}
end
end
end
- describe "PUT /api/pleroma/admin/reports/:id" do
+ describe "PATCH /api/pleroma/admin/reports" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
[reporter, target_user] = insert_pair(:user)
activity = insert(:note_activity, user: target_user)
"status_ids" => [activity.id]
})
- %{conn: assign(conn, :user, admin), id: report_id, admin: admin}
+ {:ok, %{id: second_report_id}} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "comment" => "I feel very offended",
+ "status_ids" => [activity.id]
+ })
+
+ %{
+ conn: assign(conn, :user, admin),
+ id: report_id,
+ admin: admin,
+ second_report_id: second_report_id
+ }
end
test "mark report as resolved", %{conn: conn, id: id, admin: admin} do
- response =
- conn
- |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "resolved"})
- |> json_response(:ok)
+ conn
+ |> patch("/api/pleroma/admin/reports", %{
+ "reports" => [
+ %{"state" => "resolved", "id" => id}
+ ]
+ })
+ |> json_response(:no_content)
- assert response["state"] == "resolved"
+ activity = Activity.get_by_id(id)
+ assert activity.data["state"] == "resolved"
log_entry = Repo.one(ModerationLog)
end
test "closes report", %{conn: conn, id: id, admin: admin} do
- response =
- conn
- |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "closed"})
- |> json_response(:ok)
+ conn
+ |> patch("/api/pleroma/admin/reports", %{
+ "reports" => [
+ %{"state" => "closed", "id" => id}
+ ]
+ })
+ |> json_response(:no_content)
- assert response["state"] == "closed"
+ activity = Activity.get_by_id(id)
+ assert activity.data["state"] == "closed"
log_entry = Repo.one(ModerationLog)
test "returns 400 when state is unknown", %{conn: conn, id: id} do
conn =
conn
- |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "test"})
+ |> patch("/api/pleroma/admin/reports", %{
+ "reports" => [
+ %{"state" => "test", "id" => id}
+ ]
+ })
- assert json_response(conn, :bad_request) == "Unsupported state"
+ assert hd(json_response(conn, :bad_request))["error"] == "Unsupported state"
end
test "returns 404 when report is not exist", %{conn: conn} do
conn =
conn
- |> put("/api/pleroma/admin/reports/test", %{"state" => "closed"})
+ |> patch("/api/pleroma/admin/reports", %{
+ "reports" => [
+ %{"state" => "closed", "id" => "test"}
+ ]
+ })
- assert json_response(conn, :not_found) == "Not found"
+ assert hd(json_response(conn, :bad_request))["error"] == "not_found"
+ end
+
+ test "updates state of multiple reports", %{
+ conn: conn,
+ id: id,
+ admin: admin,
+ second_report_id: second_report_id
+ } do
+ conn
+ |> patch("/api/pleroma/admin/reports", %{
+ "reports" => [
+ %{"state" => "resolved", "id" => id},
+ %{"state" => "closed", "id" => second_report_id}
+ ]
+ })
+ |> json_response(:no_content)
+
+ activity = Activity.get_by_id(id)
+ second_activity = Activity.get_by_id(second_report_id)
+ assert activity.data["state"] == "resolved"
+ assert second_activity.data["state"] == "closed"
+
+ [first_log_entry, second_log_entry] = Repo.all(ModerationLog)
+
+ assert ModerationLog.get_log_entry_message(first_log_entry) ==
+ "@#{admin.nickname} updated report ##{id} with 'resolved' state"
+
+ assert ModerationLog.get_log_entry_message(second_log_entry) ==
+ "@#{admin.nickname} updated report ##{second_report_id} with 'closed' state"
end
end
describe "GET /api/pleroma/admin/reports" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
%{conn: assign(conn, :user, admin)}
end
|> assign(:user, user)
|> get("/api/pleroma/admin/reports")
- assert json_response(conn, :forbidden) == %{"error" => "User is not admin."}
+ assert json_response(conn, :forbidden) ==
+ %{"error" => "User is not an admin or OAuth admin scope is not granted."}
end
test "returns 403 when requested by anonymous" do
end
end
- #
- describe "POST /api/pleroma/admin/reports/:id/respond" do
+ describe "GET /api/pleroma/admin/grouped_reports" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
+ [reporter, target_user] = insert_pair(:user)
- %{conn: assign(conn, :user, admin), admin: admin}
- end
+ date1 = (DateTime.to_unix(DateTime.utc_now()) + 1000) |> DateTime.from_unix!()
+ date2 = (DateTime.to_unix(DateTime.utc_now()) + 2000) |> DateTime.from_unix!()
+ date3 = (DateTime.to_unix(DateTime.utc_now()) + 3000) |> DateTime.from_unix!()
- test "returns created dm", %{conn: conn, admin: admin} do
- [reporter, target_user] = insert_pair(:user)
- activity = insert(:note_activity, user: target_user)
+ first_status =
+ insert(:note_activity, user: target_user, data_attrs: %{"published" => date1})
- {:ok, %{id: report_id}} =
+ second_status =
+ insert(:note_activity, user: target_user, data_attrs: %{"published" => date2})
+
+ third_status =
+ insert(:note_activity, user: target_user, data_attrs: %{"published" => date3})
+
+ {:ok, first_report} =
CommonAPI.report(reporter, %{
"account_id" => target_user.id,
- "comment" => "I feel offended",
- "status_ids" => [activity.id]
+ "status_ids" => [first_status.id, second_status.id, third_status.id]
+ })
+
+ {:ok, second_report} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "status_ids" => [first_status.id, second_status.id]
})
+ {:ok, third_report} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "status_ids" => [first_status.id]
+ })
+
+ %{
+ conn: assign(conn, :user, admin),
+ first_status: Activity.get_by_ap_id_with_object(first_status.data["id"]),
+ second_status: Activity.get_by_ap_id_with_object(second_status.data["id"]),
+ third_status: Activity.get_by_ap_id_with_object(third_status.data["id"]),
+ first_report: first_report,
+ first_status_reports: [first_report, second_report, third_report],
+ second_status_reports: [first_report, second_report],
+ third_status_reports: [first_report],
+ target_user: target_user,
+ reporter: reporter
+ }
+ end
+
+ test "returns reports grouped by status", %{
+ conn: conn,
+ first_status: first_status,
+ second_status: second_status,
+ third_status: third_status,
+ first_status_reports: first_status_reports,
+ second_status_reports: second_status_reports,
+ third_status_reports: third_status_reports,
+ target_user: target_user,
+ reporter: reporter
+ } do
response =
conn
- |> post("/api/pleroma/admin/reports/#{report_id}/respond", %{
- "status" => "I will check it out"
- })
+ |> get("/api/pleroma/admin/grouped_reports")
|> json_response(:ok)
- recipients = Enum.map(response["mentions"], & &1["username"])
+ assert length(response["reports"]) == 3
- assert reporter.nickname in recipients
- assert response["content"] == "I will check it out"
- assert response["visibility"] == "direct"
+ first_group = Enum.find(response["reports"], &(&1["status"]["id"] == first_status.id))
- log_entry = Repo.one(ModerationLog)
+ second_group = Enum.find(response["reports"], &(&1["status"]["id"] == second_status.id))
- assert ModerationLog.get_log_entry_message(log_entry) ==
- "@#{admin.nickname} responded with 'I will check it out' to report ##{
- response["id"]
- }"
+ third_group = Enum.find(response["reports"], &(&1["status"]["id"] == third_status.id))
+
+ assert length(first_group["reports"]) == 3
+ assert length(second_group["reports"]) == 2
+ assert length(third_group["reports"]) == 1
+
+ assert first_group["date"] ==
+ Enum.max_by(first_status_reports, fn act ->
+ NaiveDateTime.from_iso8601!(act.data["published"])
+ end).data["published"]
+
+ assert first_group["status"] ==
+ Map.put(
+ stringify_keys(StatusView.render("show.json", %{activity: first_status})),
+ "deleted",
+ false
+ )
+
+ assert(first_group["account"]["id"] == target_user.id)
+
+ assert length(first_group["actors"]) == 1
+ assert hd(first_group["actors"])["id"] == reporter.id
+
+ assert Enum.map(first_group["reports"], & &1["id"]) --
+ Enum.map(first_status_reports, & &1.id) == []
+
+ assert second_group["date"] ==
+ Enum.max_by(second_status_reports, fn act ->
+ NaiveDateTime.from_iso8601!(act.data["published"])
+ end).data["published"]
+
+ assert second_group["status"] ==
+ Map.put(
+ stringify_keys(StatusView.render("show.json", %{activity: second_status})),
+ "deleted",
+ false
+ )
+
+ assert second_group["account"]["id"] == target_user.id
+
+ assert length(second_group["actors"]) == 1
+ assert hd(second_group["actors"])["id"] == reporter.id
+
+ assert Enum.map(second_group["reports"], & &1["id"]) --
+ Enum.map(second_status_reports, & &1.id) == []
+
+ assert third_group["date"] ==
+ Enum.max_by(third_status_reports, fn act ->
+ NaiveDateTime.from_iso8601!(act.data["published"])
+ end).data["published"]
+
+ assert third_group["status"] ==
+ Map.put(
+ stringify_keys(StatusView.render("show.json", %{activity: third_status})),
+ "deleted",
+ false
+ )
+
+ assert third_group["account"]["id"] == target_user.id
+
+ assert length(third_group["actors"]) == 1
+ assert hd(third_group["actors"])["id"] == reporter.id
+
+ assert Enum.map(third_group["reports"], & &1["id"]) --
+ Enum.map(third_status_reports, & &1.id) == []
end
- test "returns 400 when status is missing", %{conn: conn} do
- conn = post(conn, "/api/pleroma/admin/reports/test/respond")
+ test "reopened report renders status data", %{
+ conn: conn,
+ first_report: first_report,
+ first_status: first_status
+ } do
+ {:ok, _} = CommonAPI.update_report_state(first_report.id, "resolved")
- assert json_response(conn, :bad_request) == "Invalid parameters"
+ response =
+ conn
+ |> get("/api/pleroma/admin/grouped_reports")
+ |> json_response(:ok)
+
+ first_group = Enum.find(response["reports"], &(&1["status"]["id"] == first_status.id))
+
+ assert first_group["status"] ==
+ Map.put(
+ stringify_keys(StatusView.render("show.json", %{activity: first_status})),
+ "deleted",
+ false
+ )
end
- test "returns 404 when report id is invalid", %{conn: conn} do
- conn =
- post(conn, "/api/pleroma/admin/reports/test/respond", %{
- "status" => "foo"
- })
+ test "reopened report does not render status data if status has been deleted", %{
+ conn: conn,
+ first_report: first_report,
+ first_status: first_status,
+ target_user: target_user
+ } do
+ {:ok, _} = CommonAPI.update_report_state(first_report.id, "resolved")
+ {:ok, _} = CommonAPI.delete(first_status.id, target_user)
- assert json_response(conn, :not_found) == "Not found"
+ refute Activity.get_by_ap_id(first_status.id)
+
+ response =
+ conn
+ |> get("/api/pleroma/admin/grouped_reports")
+ |> json_response(:ok)
+
+ assert Enum.find(response["reports"], &(&1["status"]["deleted"] == true))["status"][
+ "deleted"
+ ] == true
+
+ assert length(Enum.filter(response["reports"], &(&1["status"]["deleted"] == false))) == 2
+ end
+
+ test "account not empty if status was deleted", %{
+ conn: conn,
+ first_report: first_report,
+ first_status: first_status,
+ target_user: target_user
+ } do
+ {:ok, _} = CommonAPI.update_report_state(first_report.id, "resolved")
+ {:ok, _} = CommonAPI.delete(first_status.id, target_user)
+
+ refute Activity.get_by_ap_id(first_status.id)
+
+ response =
+ conn
+ |> get("/api/pleroma/admin/grouped_reports")
+ |> json_response(:ok)
+
+ assert Enum.find(response["reports"], &(&1["status"]["deleted"] == true))["account"]
end
end
describe "PUT /api/pleroma/admin/statuses/:id" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
activity = insert(:note_activity)
%{conn: assign(conn, :user, admin), id: activity.id, admin: admin}
describe "DELETE /api/pleroma/admin/statuses/:id" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
activity = insert(:note_activity)
%{conn: assign(conn, :user, admin), id: activity.id, admin: admin}
describe "GET /api/pleroma/admin/config" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
%{conn: assign(conn, :user, admin)}
end
describe "POST /api/pleroma/admin/config" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
temp_file = "config/test.exported_from_db.secret.exs"
Pleroma.Config.put([:instance, :dynamic_configuration], true)
end
+ @tag capture_log: true
test "create new config setting in db", %{conn: conn} do
conn =
post(conn, "/api/pleroma/admin/config", %{
describe "config mix tasks run" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
temp_file = "config/test.exported_from_db.secret.exs"
Pleroma.Config.put([:instance, :dynamic_configuration], true)
end
+ clear_config([:feed, :post_title]) do
+ Pleroma.Config.put([:feed, :post_title], %{max_length: 100, omission: "…"})
+ end
+
test "transfer settings to DB and to file", %{conn: conn, admin: admin} do
assert Pleroma.Repo.all(Pleroma.Web.AdminAPI.Config) == []
conn = get(conn, "/api/pleroma/admin/config/migrate_to_db")
describe "GET /api/pleroma/admin/users/:nickname/statuses" do
setup do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
date1 = (DateTime.to_unix(DateTime.utc_now()) + 2000) |> DateTime.from_unix!()
describe "GET /api/pleroma/admin/moderation_log" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
- moderator = insert(:user, info: %{is_moderator: true})
+ admin = insert(:user, is_admin: true)
+ moderator = insert(:user, is_moderator: true)
%{conn: assign(conn, :user, admin), admin: admin, moderator: moderator}
end
describe "PATCH /users/:nickname/force_password_reset" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
user = insert(:user)
%{conn: assign(conn, :user, admin), admin: admin, user: user}
end
test "sets password_reset_pending to true", %{admin: admin, user: user} do
- assert user.info.password_reset_pending == false
+ assert user.password_reset_pending == false
conn =
build_conn()
|> assign(:user, admin)
- |> patch("/api/pleroma/admin/users/#{user.nickname}/force_password_reset")
+ |> patch("/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
assert json_response(conn, 204) == ""
ObanHelpers.perform_all()
- assert User.get_by_id(user.id).info.password_reset_pending == true
+ assert User.get_by_id(user.id).password_reset_pending == true
end
end
describe "relays" do
setup %{conn: conn} do
- admin = insert(:user, info: %{is_admin: true})
+ admin = insert(:user, is_admin: true)
%{conn: assign(conn, :user, admin), admin: admin}
end
end
test "GET /relay", %{admin: admin} do
- Pleroma.Web.ActivityPub.Relay.get_actor()
- |> Ecto.Changeset.change(
- following: [
- "http://test-app.com/user/test1",
- "http://test-app.com/user/test1",
- "http://test-app-42.com/user/test1"
- ]
- )
- |> Pleroma.User.update_and_set_cache()
+ relay_user = Pleroma.Web.ActivityPub.Relay.get_actor()
+
+ ["http://mastodon.example.org/users/admin", "https://mstdn.io/users/mayuutann"]
+ |> Enum.each(fn ap_id ->
+ {:ok, user} = User.get_or_fetch_by_ap_id(ap_id)
+ User.follow(relay_user, user)
+ end)
conn =
build_conn()
|> assign(:user, admin)
|> get("/api/pleroma/admin/relay")
- assert json_response(conn, 200)["relays"] -- ["test-app.com", "test-app-42.com"] == []
+ assert json_response(conn, 200)["relays"] -- ["mastodon.example.org", "mstdn.io"] == []
end
test "DELETE /relay", %{admin: admin} do
"@#{admin.nickname} unfollowed relay: http://mastodon.example.org/users/admin"
end
end
+
+ describe "instances" do
+ test "GET /instances/:instance/statuses" do
+ admin = insert(:user, is_admin: true)
+ user = insert(:user, local: false, nickname: "archaeme@archae.me")
+ user2 = insert(:user, local: false, nickname: "test@test.com")
+ insert_pair(:note_activity, user: user)
+ insert(:note_activity, user: user2)
+
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> get("/api/pleroma/admin/instances/archae.me/statuses")
+
+ response = json_response(conn, 200)
+
+ assert length(response) == 2
+
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> get("/api/pleroma/admin/instances/test.com/statuses")
+
+ response = json_response(conn, 200)
+
+ assert length(response) == 1
+
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> get("/api/pleroma/admin/instances/nonexistent.com/statuses")
+
+ response = json_response(conn, 200)
+
+ assert length(response) == 0
+ end
+ end
+
+ describe "PATCH /confirm_email" do
+ setup %{conn: conn} do
+ admin = insert(:user, is_admin: true)
+
+ %{conn: assign(conn, :user, admin), admin: admin}
+ end
+
+ test "it confirms emails of two users", %{admin: admin} do
+ [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
+
+ assert first_user.confirmation_pending == true
+ assert second_user.confirmation_pending == true
+
+ build_conn()
+ |> assign(:user, admin)
+ |> patch("/api/pleroma/admin/users/confirm_email", %{
+ nicknames: [
+ first_user.nickname,
+ second_user.nickname
+ ]
+ })
+
+ assert first_user.confirmation_pending == true
+ assert second_user.confirmation_pending == true
+
+ log_entry = Repo.one(ModerationLog)
+
+ assert ModerationLog.get_log_entry_message(log_entry) ==
+ "@#{admin.nickname} confirmed email for users: @#{first_user.nickname}, @#{
+ second_user.nickname
+ }"
+ end
+ end
+
+ describe "PATCH /resend_confirmation_email" do
+ setup %{conn: conn} do
+ admin = insert(:user, is_admin: true)
+
+ %{conn: assign(conn, :user, admin), admin: admin}
+ end
+
+ test "it resend emails for two users", %{admin: admin} do
+ [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
+
+ build_conn()
+ |> assign(:user, admin)
+ |> patch("/api/pleroma/admin/users/resend_confirmation_email", %{
+ nicknames: [
+ first_user.nickname,
+ second_user.nickname
+ ]
+ })
+
+ log_entry = Repo.one(ModerationLog)
+
+ assert ModerationLog.get_log_entry_message(log_entry) ==
+ "@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{
+ second_user.nickname
+ }"
+ end
+ end
+
+ describe "POST /reports/:id/notes" do
+ setup do
+ admin = insert(:user, is_admin: true)
+ [reporter, target_user] = insert_pair(:user)
+ activity = insert(:note_activity, user: target_user)
+
+ {:ok, %{id: report_id}} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "comment" => "I feel offended",
+ "status_ids" => [activity.id]
+ })
+
+ build_conn()
+ |> assign(:user, admin)
+ |> post("/api/pleroma/admin/reports/#{report_id}/notes", %{
+ content: "this is disgusting!"
+ })
+
+ build_conn()
+ |> assign(:user, admin)
+ |> post("/api/pleroma/admin/reports/#{report_id}/notes", %{
+ content: "this is disgusting2!"
+ })
+
+ %{
+ admin_id: admin.id,
+ report_id: report_id,
+ admin: admin
+ }
+ end
+
+ test "it creates report note", %{admin_id: admin_id, report_id: report_id} do
+ [note, _] = Repo.all(ReportNote)
+
+ assert %{
+ activity_id: ^report_id,
+ content: "this is disgusting!",
+ user_id: ^admin_id
+ } = note
+ end
+
+ test "it returns reports with notes", %{admin: admin} do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> get("/api/pleroma/admin/reports")
+
+ response = json_response(conn, 200)
+ notes = hd(response["reports"])["notes"]
+ [note, _] = notes
+
+ assert note["user"]["nickname"] == admin.nickname
+ assert note["content"] == "this is disgusting!"
+ assert note["created_at"]
+ assert response["total"] == 1
+ end
+
+ test "it deletes the note", %{admin: admin, report_id: report_id} do
+ assert ReportNote |> Repo.all() |> length() == 2
+
+ [note, _] = Repo.all(ReportNote)
+
+ build_conn()
+ |> assign(:user, admin)
+ |> delete("/api/pleroma/admin/reports/#{report_id}/notes/#{note.id}")
+
+ assert ReportNote |> Repo.all() |> length() == 1
+ end
+ end
end
# Needed for testing
projects / akkoma / blobdiff