X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fadmin_api%2Fadmin_api_controller.ex;h=2c67d9cdaf3011d25255fb6b9dd83594a80ea452;hb=9938fa3293478e0dfe5f8d82c1526e0cd3747cf1;hp=cb9839324f6d8126eb9bb66ffe5a3c5933492092;hpb=a87ed2fad6cdf91d19601471d593d21ce618f0c2;p=akkoma diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index cb9839324..2c67d9cda 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -10,7 +10,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do def user_delete(conn, %{"nickname" => nickname}) do user = User.get_by_nickname(nickname) - if user[:local] == true do + if user.local == true do User.delete(user) else User.delete(user) @@ -20,87 +20,124 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do |> json(nickname) end - def user_create(conn, %{ - user: %{"nickname" => nickname, "email" => email, "password" => password} = user - }) do - new_user = %User{ + def user_create( + conn, + %{"nickname" => nickname, "email" => email, "password" => password} + ) do + new_user = %{ nickname: nickname, - name: user.name || nickname, + name: nickname, email: email, password: password, password_confirmation: password, - bio: user.bio || "." + bio: "." } User.register_changeset(%User{}, new_user) - - Repo.insert!(new_user) + |> Repo.insert!() conn |> json(new_user.nickname) end - def right_add(conn, %{"right" => right, "nickname" => nickname}) - when right in ["moderator", "admin"] do + def right_add(conn, %{"permission_group" => permission_group, "nickname" => nickname}) + when permission_group in ["moderator", "admin"] do user = User.get_by_nickname(nickname) info = - user.info - |> Map.put("is_" <> right, true) + %{} + |> Map.put("is_" <> permission_group, true) + + info_cng = User.Info.admin_api_update(user.info, info) + + cng = + Ecto.Changeset.change(user) + |> Ecto.Changeset.put_embed(:info, info_cng) - cng = User.info_changeset(user, %{info: info}) {:ok, user} = User.update_and_set_cache(cng) conn - |> json(user.info) + |> json(info) end def right_get(conn, %{"nickname" => nickname}) do user = User.get_by_nickname(nickname) conn - |> json(user.info) + |> json(%{ + is_moderator: user.info.is_moderator, + is_admin: user.info.is_admin + }) end def right_add(conn, _) do conn |> put_status(404) - |> json(%{error: "No such right"}) + |> json(%{error: "No such permission_group"}) end - def right_delete(conn, %{"right" => right, "nickname" => nickname}) - when right in ["moderator", "admin"] do - user = User.get_by_nickname(nickname) + def right_delete( + %{assigns: %{user: %User{:nickname => admin_nickname}}} = conn, + %{ + "permission_group" => permission_group, + "nickname" => nickname + } + ) + when permission_group in ["moderator", "admin"] do + if admin_nickname == nickname do + conn + |> put_status(403) + |> json(%{error: "You can't revoke your own admin status."}) + else + user = User.get_by_nickname(nickname) - info = - user.info - |> Map.put("is_" <> right, false) + info = + %{} + |> Map.put("is_" <> permission_group, false) - cng = User.info_changeset(user, %{info: info}) - {:ok, user} = User.update_and_set_cache(cng) + info_cng = User.Info.admin_api_update(user.info, info) - conn - |> json(user.info) + cng = + Ecto.Changeset.change(user) + |> Ecto.Changeset.put_embed(:info, info_cng) + + {:ok, user} = User.update_and_set_cache(cng) + + conn + |> json(info) + end end def right_delete(conn, _) do conn |> put_status(404) - |> json(%{error: "No such right"}) + |> json(%{error: "No such permission_group"}) end def relay_follow(conn, %{"relay_url" => target}) do - :ok = Relay.follow(target) + {status, message} = Relay.follow(target) - conn - |> json(target) + if status == :ok do + conn + |> json(target) + else + conn + |> put_status(500) + |> json(target) + end end def relay_unfollow(conn, %{"relay_url" => target}) do - :ok = Relay.unfollow(target) + {status, message} = Relay.unfollow(target) - conn - |> json(target) + if status == :ok do + conn + |> json(target) + else + conn + |> put_status(500) + |> json(target) + end end @shortdoc "Get a account registeration invite token (base64 string)"