mailer: 10,
transmogrifier: 20,
scheduled_activities: 10,
- background: 5
+ background: 5,
+ user: 10
config :pleroma, :fetch_initial_posts,
enabled: false,
* Response: JSON. Returns `{"status": "success"}` if the deletion was successful, `{"error": "[error message]"}` otherwise
* Example response: `{"error": "Invalid password."}`
+## `/api/pleroma/disable_account`
+### Disable an account
+* Method `POST`
+* Authentication: required
+* Params:
+ * `password`: user's password
+* Response: JSON. Returns `{"status": "success"}` if the account was successfully disabled, `{"error": "[error message]"}` otherwise
+* Example response: `{"error": "Invalid password."}`
+
## `/api/account/register`
### Register a new user
* Method `POST`
end
def get_by_id(id) do
- Repo.get(Activity, id)
+ Activity
+ |> where([a], a.id == ^id)
+ |> restrict_deactivated_users()
+ |> Repo.one()
end
def get_by_id_with_object(id) do
def get_create_by_object_ap_id(ap_id) when is_binary(ap_id) do
create_by_object_ap_id(ap_id)
+ |> restrict_deactivated_users()
|> Repo.one()
end
def query_by_actor(actor) do
from(a in Activity, where: a.actor == ^actor)
end
+
+ def restrict_deactivated_users(query) do
+ from(activity in query,
+ where:
+ fragment(
+ "? not in (SELECT ap_id FROM users WHERE info->'deactivated' @> 'true')",
+ activity.actor
+ )
+ )
+ end
end
def for_user_query(user) do
Notification
|> where(user_id: ^user.id)
+ |> where(
+ [n, a],
+ fragment(
+ "? not in (SELECT ap_id FROM users WHERE info->'deactivated' @> 'true')",
+ a.actor
+ )
+ )
|> join(:inner, [n], activity in assoc(n, :activity))
|> join(:left, [n, a], object in Object,
on:
def ap_followers(%User{} = user), do: "#{ap_id(user)}/followers"
def user_info(%User{} = user) do
- oneself = if user.local, do: 1, else: 0
-
%{
- following_count: length(user.following) - oneself,
+ following_count: following_count(user),
note_count: user.info.note_count,
follower_count: user.info.follower_count,
locked: user.info.locked,
}
end
+ defp restrict_deactivated(query) do
+ from(u in query,
+ where: not fragment("? \\? 'deactivated' AND ?->'deactivated' @> 'true'", u.info, u.info)
+ )
+ end
+
+ def following_count(%User{following: []}), do: 0
+
+ def following_count(%User{} = user) do
+ user
+ |> get_friends_query()
+ |> Repo.aggregate(:count, :id)
+ end
+
def remote_user_creation(params) do
params =
params
candidates = Pleroma.Config.get([:instance, :autofollowed_nicknames])
autofollowed_users =
- User.Query.build(%{nickname: candidates, local: true})
+ User.Query.build(%{nickname: candidates, local: true, deactivated: false})
|> Repo.all()
follow_all(user, autofollowed_users)
@spec get_followers_query(User.t(), pos_integer() | nil) :: Ecto.Query.t()
def get_followers_query(%User{} = user, nil) do
- User.Query.build(%{followers: user})
+ User.Query.build(%{followers: user, deactivated: false})
end
def get_followers_query(user, page) do
@spec get_friends_query(User.t(), pos_integer() | nil) :: Ecto.Query.t()
def get_friends_query(%User{} = user, nil) do
- User.Query.build(%{friends: user})
+ User.Query.build(%{friends: user, deactivated: false})
end
def get_friends_query(user, page) do
info_cng = User.Info.set_note_count(user.info, note_count)
- cng =
- change(user)
- |> put_embed(:info, info_cng)
-
- update_and_set_cache(cng)
+ user
+ |> change()
+ |> put_embed(:info, info_cng)
+ |> update_and_set_cache()
end
def update_follower_count(%User{} = user) do
follower_count_query =
- User.Query.build(%{followers: user}) |> select([u], %{count: count(u.id)})
+ User.Query.build(%{followers: user, deactivated: false})
+ |> select([u], %{count: count(u.id)})
User
|> where(id: ^user.id)
@spec get_users_from_set([String.t()], boolean()) :: [User.t()]
def get_users_from_set(ap_ids, local_only \\ true) do
- criteria = %{ap_id: ap_ids}
+ criteria = %{ap_id: ap_ids, deactivated: false}
criteria = if local_only, do: Map.put(criteria, :local, true), else: criteria
User.Query.build(criteria)
@spec get_recipients_from_activity(Activity.t()) :: [User.t()]
def get_recipients_from_activity(%Activity{recipients: to}) do
- User.Query.build(%{recipients_from_activity: to, local: true})
+ User.Query.build(%{recipients_from_activity: to, local: true, deactivated: false})
|> Repo.all()
end
^processed_query
)
)
+ |> restrict_deactivated()
end
defp trigram_search_subquery(term) do
},
where: fragment("trim(? || ' ' || coalesce(?, '')) % ?", u.nickname, u.name, ^term)
)
+ |> restrict_deactivated()
end
def blocks_import(%User{} = blocker, blocked_identifiers) when is_list(blocked_identifiers) do
@spec muted_users(User.t()) :: [User.t()]
def muted_users(user) do
- User.Query.build(%{ap_id: user.info.mutes})
+ User.Query.build(%{ap_id: user.info.mutes, deactivated: false})
|> Repo.all()
end
@spec blocked_users(User.t()) :: [User.t()]
def blocked_users(user) do
- User.Query.build(%{ap_id: user.info.blocks})
+ User.Query.build(%{ap_id: user.info.blocks, deactivated: false})
|> Repo.all()
end
@spec subscribers(User.t()) :: [User.t()]
def subscribers(user) do
- User.Query.build(%{ap_id: user.info.subscribers})
+ User.Query.build(%{ap_id: user.info.subscribers, deactivated: false})
|> Repo.all()
end
update_and_set_cache(cng)
end
+ def deactivate_async(user, status \\ true) do
+ PleromaJobQueue.enqueue(:background, __MODULE__, [:deactivate_async, user, status])
+ end
+
+ def perform(:deactivate_async, user, status), do: deactivate(user, status)
+
def deactivate(%User{} = user, status \\ true) do
info_cng = User.Info.set_activation_status(user.info, status)
- cng =
- change(user)
- |> put_embed(:info, info_cng)
+ with {:ok, friends} <- User.get_friends(user),
+ {:ok, followers} <- User.get_followers(user),
+ {:ok, user} <-
+ user
+ |> change()
+ |> put_embed(:info, info_cng)
+ |> update_and_set_cache() do
+ Enum.each(followers, &invalidate_cache(&1))
+ Enum.each(friends, &update_follower_count(&1))
- update_and_set_cache(cng)
+ {:ok, user}
+ end
end
def update_notification_settings(%User{} = user, settings \\ %{}) do
@spec all_superusers() :: [User.t()]
def all_superusers do
- User.Query.build(%{super_users: true, local: true})
+ User.Query.build(%{super_users: true, local: true, deactivated: false})
|> Repo.all()
end
|> where([u], not is_nil(u.nickname))
end
- defp compose_query({:deactivated, _}, query) do
+ defp compose_query({:deactivated, false}, query) do
+ from(u in query,
+ where: not fragment("? \\? 'deactivated' AND ?->'deactivated' @> 'true'", u.info, u.info)
+ )
+ end
+
+ defp compose_query({:deactivated, true}, query) do
where(query, [u], fragment("?->'deactivated' @> 'true'", u.info))
|> where([u], not is_nil(u.nickname))
end
|> restrict_reblogs(opts)
|> restrict_pinned(opts)
|> restrict_muted_reblogs(opts)
+ |> Activity.restrict_deactivated_users()
end
def fetch_activities(recipients, opts \\ %{}) do
post("/change_password", UtilController, :change_password)
post("/delete_account", UtilController, :delete_account)
put("/notification_settings", UtilController, :update_notificaton_settings)
+ post("/disable_account", UtilController, :disable_account)
end
scope [] do
end
end
+ def disable_account(%{assigns: %{user: user}} = conn, params) do
+ case CommonAPI.Utils.confirm_current_password(user, params["password"]) do
+ {:ok, user} ->
+ User.deactivate_async(user)
+ json(conn, %{status: "success"})
+
+ {:error, msg} ->
+ json(conn, %{error: msg})
+ end
+ end
+
def captcha(conn, _params) do
json(conn, Pleroma.Captcha.new())
end
def get_user(user \\ nil, params) do
case params do
%{"user_id" => user_id} ->
- case target = User.get_cached_by_nickname_or_id(user_id) do
+ case User.get_cached_by_nickname_or_id(user_id) do
nil ->
{:error, "No user with such user_id"}
- _ ->
- {:ok, target}
+ %User{info: %{deactivated: true}} ->
+ {:error, "User has been disabled"}
+
+ user ->
+ {:ok, user}
end
%{"screen_name" => nickname} ->
--- /dev/null
+defmodule Pleroma.Repo.Migrations.AddIndexOnUserInfoDeactivated do
+ use Ecto.Migration
+
+ def change do
+ create(index(:users, ["(info->'deactivated')"], name: :users_deactivated_index, using: :gin))
+ end
+end
alias Pleroma.Object
alias Pleroma.Repo
alias Pleroma.User
+ alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.CommonAPI
use Pleroma.DataCase
test "fetches correct profile for nickname beginning with number" do
# Use old-style integer ID to try to reproduce the problem
user = insert(:user, %{id: 1080})
- userwithnumbers = insert(:user, %{nickname: "#{user.id}garbage"})
- assert userwithnumbers == User.get_cached_by_nickname_or_id(userwithnumbers.nickname)
+ user_with_numbers = insert(:user, %{nickname: "#{user.id}garbage"})
+ assert user_with_numbers == User.get_cached_by_nickname_or_id(user_with_numbers.nickname)
end
describe "user registration" do
assert addressed in recipients
end
- test ".deactivate can de-activate then re-activate a user" do
- user = insert(:user)
- assert false == user.info.deactivated
- {:ok, user} = User.deactivate(user)
- assert true == user.info.deactivated
- {:ok, user} = User.deactivate(user, false)
- assert false == user.info.deactivated
+ describe ".deactivate" do
+ test "can de-activate then re-activate a user" do
+ user = insert(:user)
+ assert false == user.info.deactivated
+ {:ok, user} = User.deactivate(user)
+ assert true == user.info.deactivated
+ {:ok, user} = User.deactivate(user, false)
+ assert false == user.info.deactivated
+ end
+
+ test "hide a user from followers " do
+ user = insert(:user)
+ user2 = insert(:user)
+
+ {:ok, user} = User.follow(user, user2)
+ {:ok, _user} = User.deactivate(user)
+
+ info = User.get_cached_user_info(user2)
+
+ assert info.follower_count == 0
+ assert {:ok, []} = User.get_followers(user2)
+ end
+
+ test "hide a user from friends" do
+ user = insert(:user)
+ user2 = insert(:user)
+
+ {:ok, user2} = User.follow(user2, user)
+ assert User.following_count(user2) == 1
+
+ {:ok, _user} = User.deactivate(user)
+
+ info = User.get_cached_user_info(user2)
+
+ assert info.following_count == 0
+ assert User.following_count(user2) == 0
+ assert {:ok, []} = User.get_friends(user2)
+ end
+
+ test "hide a user's statuses from timelines and notifications" do
+ user = insert(:user)
+ user2 = insert(:user)
+
+ {:ok, user2} = User.follow(user2, user)
+
+ {:ok, activity} = CommonAPI.post(user, %{"status" => "hey @#{user2.nickname}"})
+
+ activity = Repo.preload(activity, :bookmark)
+
+ [notification] = Pleroma.Notification.for_user(user2)
+ assert notification.activity.id == activity.id
+
+ assert [activity] == ActivityPub.fetch_public_activities(%{}) |> Repo.preload(:bookmark)
+
+ assert [activity] ==
+ ActivityPub.fetch_activities([user2.ap_id | user2.following], %{"user" => user2})
+ |> ActivityPub.contain_timeline(user2)
+
+ {:ok, _user} = User.deactivate(user)
+
+ assert [] == ActivityPub.fetch_public_activities(%{})
+ assert [] == Pleroma.Notification.for_user(user2)
+
+ assert [] ==
+ ActivityPub.fetch_activities([user2.ap_id | user2.following], %{"user" => user2})
+ |> ActivityPub.contain_timeline(user2)
+ end
end
test ".delete_user_activities deletes all create activities" do
assert conn.status in [200, 503]
end
+
+ describe "POST /api/pleroma/disable_account" do
+ test "it returns HTTP 200", %{conn: conn} do
+ user = insert(:user)
+
+ response =
+ conn
+ |> assign(:user, user)
+ |> post("/api/pleroma/disable_account", %{"password" => "test"})
+ |> json_response(:ok)
+
+ assert response == %{"status" => "success"}
+
+ user = User.get_cached_by_id(user.id)
+
+ assert user.info.deactivated == true
+ end
+ end
end
projects / akkoma / commitdiff