X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fadmin_api%2Fadmin_api_controller.ex;h=dc01f46f38a1d062498a773d9ed964cb643e84cc;hb=c01ef574c192488c2643a20b4064439757613449;hp=cb9839324f6d8126eb9bb66ffe5a3c5933492092;hpb=a87ed2fad6cdf91d19601471d593d21ce618f0c2;p=akkoma

diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex
index cb9839324..dc01f46f3 100644
--- a/lib/pleroma/web/admin_api/admin_api_controller.ex
+++ b/lib/pleroma/web/admin_api/admin_api_controller.ex
@@ -1,109 +1,165 @@
+# Pleroma: A lightweight social networking server
+# Copyright Â© 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   use Pleroma.Web, :controller
-  alias Pleroma.{User, Repo}
+  alias Pleroma.User
   alias Pleroma.Web.ActivityPub.Relay
 
+  import Pleroma.Web.ControllerHelper, only: [json_response: 3]
+
   require Logger
 
   action_fallback(:errors)
 
   def user_delete(conn, %{"nickname" => nickname}) do
-    user = User.get_by_nickname(nickname)
-
-    if user[:local] == true do
-      User.delete(user)
-    else
-      User.delete(user)
-    end
+    User.get_by_nickname(nickname)
+    |> User.delete()
 
     conn
     |> json(nickname)
   end
 
-  def user_create(conn, %{
-        user: %{"nickname" => nickname, "email" => email, "password" => password} = user
-      }) do
-    new_user = %User{
+  def user_create(
+        conn,
+        %{"nickname" => nickname, "email" => email, "password" => password}
+      ) do
+    user_data = %{
       nickname: nickname,
-      name: user.name || nickname,
+      name: nickname,
       email: email,
       password: password,
       password_confirmation: password,
-      bio: user.bio || "."
+      bio: "."
     }
 
-    User.register_changeset(%User{}, new_user)
-
-    Repo.insert!(new_user)
+    changeset = User.register_changeset(%User{}, user_data, confirmed: true)
+    {:ok, user} = User.register(changeset)
 
     conn
-    |> json(new_user.nickname)
+    |> json(user.nickname)
+  end
+
+  def tag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
+    with {:ok, _} <- User.tag(nicknames, tags),
+         do: json_response(conn, :no_content, "")
   end
 
-  def right_add(conn, %{"right" => right, "nickname" => nickname})
-      when right in ["moderator", "admin"] do
+  def untag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
+    with {:ok, _} <- User.untag(nicknames, tags),
+         do: json_response(conn, :no_content, "")
+  end
+
+  def right_add(conn, %{"permission_group" => permission_group, "nickname" => nickname})
+      when permission_group in ["moderator", "admin"] do
     user = User.get_by_nickname(nickname)
 
     info =
-      user.info
-      |> Map.put("is_" <> right, true)
+      %{}
+      |> Map.put("is_" <> permission_group, true)
 
-    cng = User.info_changeset(user, %{info: info})
-    {:ok, user} = User.update_and_set_cache(cng)
+    info_cng = User.Info.admin_api_update(user.info, info)
 
-    conn
-    |> json(user.info)
-  end
+    cng =
+      user
+      |> Ecto.Changeset.change()
+      |> Ecto.Changeset.put_embed(:info, info_cng)
 
-  def right_get(conn, %{"nickname" => nickname}) do
-    user = User.get_by_nickname(nickname)
+    {:ok, _user} = User.update_and_set_cache(cng)
 
-    conn
-    |> json(user.info)
+    json(conn, info)
   end
 
   def right_add(conn, _) do
     conn
     |> put_status(404)
-    |> json(%{error: "No such right"})
+    |> json(%{error: "No such permission_group"})
   end
 
-  def right_delete(conn, %{"right" => right, "nickname" => nickname})
-      when right in ["moderator", "admin"] do
+  def right_get(conn, %{"nickname" => nickname}) do
     user = User.get_by_nickname(nickname)
 
-    info =
-      user.info
-      |> Map.put("is_" <> right, false)
+    conn
+    |> json(%{
+      is_moderator: user.info.is_moderator,
+      is_admin: user.info.is_admin
+    })
+  end
 
-    cng = User.info_changeset(user, %{info: info})
-    {:ok, user} = User.update_and_set_cache(cng)
+  def right_delete(
+        %{assigns: %{user: %User{:nickname => admin_nickname}}} = conn,
+        %{
+          "permission_group" => permission_group,
+          "nickname" => nickname
+        }
+      )
+      when permission_group in ["moderator", "admin"] do
+    if admin_nickname == nickname do
+      conn
+      |> put_status(403)
+      |> json(%{error: "You can't revoke your own admin status."})
+    else
+      user = User.get_by_nickname(nickname)
 
-    conn
-    |> json(user.info)
+      info =
+        %{}
+        |> Map.put("is_" <> permission_group, false)
+
+      info_cng = User.Info.admin_api_update(user.info, info)
+
+      cng =
+        Ecto.Changeset.change(user)
+        |> Ecto.Changeset.put_embed(:info, info_cng)
+
+      {:ok, _user} = User.update_and_set_cache(cng)
+
+      json(conn, info)
+    end
   end
 
   def right_delete(conn, _) do
     conn
     |> put_status(404)
-    |> json(%{error: "No such right"})
+    |> json(%{error: "No such permission_group"})
   end
 
   def relay_follow(conn, %{"relay_url" => target}) do
-    :ok = Relay.follow(target)
-
-    conn
-    |> json(target)
+    with {:ok, _message} <- Relay.follow(target) do
+      json(conn, target)
+    else
+      _ ->
+        conn
+        |> put_status(500)
+        |> json(target)
+    end
   end
 
   def relay_unfollow(conn, %{"relay_url" => target}) do
-    :ok = Relay.unfollow(target)
+    with {:ok, _message} <- Relay.unfollow(target) do
+      json(conn, target)
+    else
+      _ ->
+        conn
+        |> put_status(500)
+        |> json(target)
+    end
+  end
 
-    conn
-    |> json(target)
+  @doc "Sends registration invite via email"
+  def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params) do
+    with true <-
+           Pleroma.Config.get([:instance, :invites_enabled]) &&
+             !Pleroma.Config.get([:instance, :registrations_open]),
+         {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(),
+         email <-
+           Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]),
+         {:ok, _} <- Pleroma.Mailer.deliver(email) do
+      json_response(conn, :no_content, "")
+    end
   end
 
-  @shortdoc "Get a account registeration invite token (base64 string)"
+  @doc "Get a account registeration invite token (base64 string)"
   def get_invite_token(conn, _params) do
     {:ok, token} = Pleroma.UserInviteToken.create_token()
 
@@ -111,7 +167,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
     |> json(token.token)
   end
 
-  @shortdoc "Get a password reset token (base64 string) for given nickname"
+  @doc "Get a password reset token (base64 string) for given nickname"
   def get_password_reset(conn, %{"nickname" => nickname}) do
     (%User{local: true} = user) = User.get_by_nickname(nickname)
     {:ok, token} = Pleroma.PasswordResetToken.create_token(user)