import ExUnit.CaptureLog
import Mock
import Pleroma.Factory
+ import Swoosh.TestAssertions
alias Pleroma.Activity
alias Pleroma.Config
{:ok, %{admin: admin, token: token, conn: conn}}
end
+ test "with valid `admin_token` query parameter, skips OAuth scopes check" do
+ clear_config([:admin_token], "password123")
+
+ user = insert(:user)
+
+ conn = get(build_conn(), "/api/pleroma/admin/users/#{user.nickname}?admin_token=password123")
+
+ assert json_response(conn, 200)
+ end
+
describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
describe "DELETE /api/pleroma/admin/users" do
test "single user", %{admin: admin, conn: conn} do
- user = insert(:user)
clear_config([:instance, :federating], true)
+ user =
+ insert(:user,
+ avatar: %{"url" => [%{"href" => "https://someurl"}]},
+ banner: %{"url" => [%{"href" => "https://somebanner"}]},
+ bio: "Hello world!",
+ name: "A guy"
+ )
+
+ # Create some activities to check they got deleted later
+ follower = insert(:user)
+ {:ok, _} = CommonAPI.post(user, %{status: "test"})
+ {:ok, _, _, _} = CommonAPI.follow(user, follower)
+ {:ok, _, _, _} = CommonAPI.follow(follower, user)
+ user = Repo.get(User, user.id)
+ assert user.note_count == 1
+ assert user.follower_count == 1
+ assert user.following_count == 1
+ refute user.deactivated
+
with_mock Pleroma.Web.Federator,
- publish: fn _ -> nil end do
+ publish: fn _ -> nil end,
+ perform: fn _, _ -> nil end do
conn =
conn
|> put_req_header("accept", "application/json")
assert json_response(conn, 200) == [user.nickname]
+ user = Repo.get(User, user.id)
+ assert user.deactivated
+
+ assert user.avatar == %{}
+ assert user.banner == %{}
+ assert user.note_count == 0
+ assert user.follower_count == 0
+ assert user.following_count == 0
+ assert user.bio == ""
+ assert user.name == nil
+
assert called(Pleroma.Web.Federator.publish(:_))
end
end
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
assert expected == json_response(conn, 200)
user1: user1,
user2: user2
} do
- assert json_response(conn, :no_content)
+ assert empty_json_response(conn)
assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"]
assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"]
end
test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
- assert json_response(conn, :no_content)
+ assert empty_json_response(conn)
assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
end
end
user1: user1,
user2: user2
} do
- assert json_response(conn, :no_content)
+ assert empty_json_response(conn)
assert User.get_cached_by_id(user1.id).tags == []
assert User.get_cached_by_id(user2.id).tags == ["y"]
end
test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
- assert json_response(conn, :no_content)
+ assert empty_json_response(conn)
assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
end
end
"confirmation_pending" => false,
"approval_pending" => false,
"url" => admin.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
},
%{
"deactivated" => user.deactivated,
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
},
%{
"deactivated" => user2.deactivated,
"confirmation_pending" => false,
"approval_pending" => true,
"url" => user2.ap_id,
- "registration_reason" => "I'm a chill dude"
+ "registration_reason" => "I'm a chill dude",
+ "actor_type" => "Person"
}
]
|> Enum.sort_by(& &1["nickname"])
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user2.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
},
%{
"deactivated" => admin.deactivated,
"confirmation_pending" => false,
"approval_pending" => false,
"url" => admin.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
},
%{
"deactivated" => false,
"confirmation_pending" => false,
"approval_pending" => false,
"url" => old_admin.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
|> Enum.sort_by(& &1["nickname"])
}
end
+ test "only unapproved users", %{conn: conn} do
+ user =
+ insert(:user,
+ nickname: "sadboy",
+ approval_pending: true,
+ registration_reason: "Plz let me in!"
+ )
+
+ insert(:user, nickname: "happyboy", approval_pending: false)
+
+ conn = get(conn, "/api/pleroma/admin/users?filters=need_approval")
+
+ users =
+ [
+ %{
+ "deactivated" => user.deactivated,
+ "id" => user.id,
+ "nickname" => user.nickname,
+ "roles" => %{"admin" => false, "moderator" => false},
+ "local" => true,
+ "tags" => [],
+ "avatar" => User.avatar_url(user) |> MediaProxy.url(),
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false,
+ "approval_pending" => true,
+ "url" => user.ap_id,
+ "registration_reason" => "Plz let me in!",
+ "actor_type" => "Person"
+ }
+ ]
+ |> Enum.sort_by(& &1["nickname"])
+
+ assert json_response(conn, 200) == %{
+ "count" => 1,
+ "page_size" => 50,
+ "users" => users
+ }
+ end
+
test "load only admins", %{conn: conn, admin: admin} do
second_admin = insert(:user, is_admin: true)
insert(:user)
"confirmation_pending" => false,
"approval_pending" => false,
"url" => admin.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
},
%{
"deactivated" => false,
"confirmation_pending" => false,
"approval_pending" => false,
"url" => second_admin.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
|> Enum.sort_by(& &1["nickname"])
"confirmation_pending" => false,
"approval_pending" => false,
"url" => moderator.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user1.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
},
%{
"deactivated" => false,
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user2.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
|> Enum.sort_by(& &1["nickname"])
}
end
+ test "`active` filters out users pending approval", %{token: token} do
+ insert(:user, approval_pending: true)
+ %{id: user_id} = insert(:user, approval_pending: false)
+ %{id: admin_id} = token.user
+
+ conn =
+ build_conn()
+ |> assign(:user, token.user)
+ |> assign(:token, token)
+ |> get("/api/pleroma/admin/users?filters=active")
+
+ assert %{
+ "count" => 2,
+ "page_size" => 50,
+ "users" => [
+ %{"id" => ^admin_id},
+ %{"id" => ^user_id}
+ ]
+ } = json_response(conn, 200)
+ end
+
test "it works with multiple filters" do
admin = insert(:user, nickname: "john", is_admin: true)
token = insert(:oauth_admin_token, user: admin)
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"confirmation_pending" => false,
"approval_pending" => false,
"url" => admin.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
]
}
"@#{admin.nickname} deactivated users: @#{user_one.nickname}, @#{user_two.nickname}"
end
+ test "PATCH /api/pleroma/admin/users/approve", %{admin: admin, conn: conn} do
+ user_one = insert(:user, approval_pending: true)
+ user_two = insert(:user, approval_pending: true)
+
+ conn =
+ patch(
+ conn,
+ "/api/pleroma/admin/users/approve",
+ %{nicknames: [user_one.nickname, user_two.nickname]}
+ )
+
+ response = json_response(conn, 200)
+ assert Enum.map(response["users"], & &1["approval_pending"]) == [false, false]
+
+ log_entry = Repo.one(ModerationLog)
+
+ assert ModerationLog.get_log_entry_message(log_entry) ==
+ "@#{admin.nickname} approved users: @#{user_one.nickname}, @#{user_two.nickname}"
+ end
+
test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation", %{admin: admin, conn: conn} do
user = insert(:user)
"confirmation_pending" => false,
"approval_pending" => false,
"url" => user.ap_id,
- "registration_reason" => nil
+ "registration_reason" => nil,
+ "actor_type" => "Person"
}
log_entry = Repo.one(ModerationLog)
end
end
+ describe "GET /api/pleroma/admin/users/:nickname/chats" do
+ setup do
+ user = insert(:user)
+ recipients = insert_list(3, :user)
+
+ Enum.each(recipients, fn recipient ->
+ CommonAPI.post_chat_message(user, recipient, "yo")
+ end)
+
+ %{user: user}
+ end
+
+ test "renders user's chats", %{conn: conn, user: user} do
+ conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/chats")
+
+ assert json_response(conn, 200) |> length() == 3
+ end
+ end
+
+ describe "GET /api/pleroma/admin/users/:nickname/chats unauthorized" do
+ setup do
+ user = insert(:user)
+ recipient = insert(:user)
+ CommonAPI.post_chat_message(user, recipient, "yo")
+ %{conn: conn} = oauth_access(["read:chats"])
+ %{conn: conn, user: user}
+ end
+
+ test "returns 403", %{conn: conn, user: user} do
+ conn
+ |> get("/api/pleroma/admin/users/#{user.nickname}/chats")
+ |> json_response(403)
+ end
+ end
+
+ describe "GET /api/pleroma/admin/users/:nickname/chats unauthenticated" do
+ setup do
+ user = insert(:user)
+ recipient = insert(:user)
+ CommonAPI.post_chat_message(user, recipient, "yo")
+ %{conn: build_conn(), user: user}
+ end
+
+ test "returns 403", %{conn: conn, user: user} do
+ conn
+ |> get("/api/pleroma/admin/users/#{user.nickname}/chats")
+ |> json_response(403)
+ end
+ end
+
describe "GET /api/pleroma/admin/moderation_log" do
setup do
moderator = insert(:user, is_moderator: true)
conn =
patch(conn, "/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
- assert json_response(conn, 204) == ""
+ assert empty_json_response(conn) == ""
ObanHelpers.perform_all()
"@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{
second_user.nickname
}"
+
+ ObanHelpers.perform_all()
+
+ Pleroma.Emails.UserEmail.account_confirmation_email(first_user)
+ # temporary hackney fix until hackney max_connections bug is fixed
+ # https://git.pleroma.social/pleroma/pleroma/-/issues/2101
+ |> Swoosh.Email.put_private(:hackney_options, ssl_options: [versions: [:"tlsv1.2"]])
+ |> assert_email_sent()
end
end
projects / akkoma / blobdiff