* On success: JSON of the ``user.info``
* Note: An admin cannot revoke their own admin status.
+## `/api/pleroma/admin/activation_status/:nickname`
+
+### Active or deactivate a user
+* Method: `PUT`
+* Params:
+ * `nickname`
+ * `status` BOOLEAN field, false value means deactivation.
+
## `/api/pleroma/admin/relay`
### Follow a Relay
* Methods: `POST`
)
end
+ def mute(muter, %User{ap_id: ap_id}) do
+ info_cng =
+ muter.info
+ |> User.Info.add_to_mutes(ap_id)
+
+ cng =
+ change(muter)
+ |> put_embed(:info, info_cng)
+
+ update_and_set_cache(cng)
+ end
+
+ def unmute(muter, %{ap_id: ap_id}) do
+ info_cng =
+ muter.info
+ |> User.Info.remove_from_mutes(ap_id)
+
+ cng =
+ change(muter)
+ |> put_embed(:info, info_cng)
+
+ update_and_set_cache(cng)
+ end
+
def block(blocker, %User{ap_id: ap_id} = blocked) do
# sever any follow relationships to prevent leaks per activitypub (Pleroma issue #213)
blocker =
update_and_set_cache(cng)
end
+ def mutes?(user, %{ap_id: ap_id}), do: Enum.member?(user.info.mutes, ap_id)
+
def blocks?(user, %{ap_id: ap_id}) do
blocks = user.info.blocks
domain_blocks = user.info.domain_blocks
end)
end
+ def muted_users(user),
+ do: Repo.all(from(u in User, where: u.ap_id in ^user.info.mutes))
+
def blocked_users(user),
do: Repo.all(from(u in User, where: u.ap_id in ^user.info.blocks))
field(:default_scope, :string, default: "public")
field(:blocks, {:array, :string}, default: [])
field(:domain_blocks, {:array, :string}, default: [])
+ field(:mutes, {:array, :string}, default: [])
field(:deactivated, :boolean, default: false)
field(:no_rich_text, :boolean, default: false)
field(:ap_enabled, :boolean, default: false)
|> validate_required([:follower_count])
end
+ def set_mutes(info, mutes) do
+ params = %{mutes: mutes}
+
+ info
+ |> cast(params, [:mutes])
+ |> validate_required([:mutes])
+ end
+
def set_blocks(info, blocks) do
params = %{blocks: blocks}
|> validate_required([:blocks])
end
+ def add_to_mutes(info, muted) do
+ set_mutes(info, Enum.uniq([muted | info.mutes]))
+ end
+
+ def remove_from_mutes(info, muted) do
+ set_mutes(info, List.delete(info.mutes, muted))
+ end
+
def add_to_block(info, blocked) do
set_blocks(info, Enum.uniq([blocked | info.blocks]))
end
defp restrict_reblogs(query, _), do: query
+ defp restrict_muted(query, %{"muting_user" => %User{info: info}}) do
+ mutes = info.mutes
+
+ from(
+ activity in query,
+ where: fragment("not (? = ANY(?))", activity.actor, ^mutes),
+ where: fragment("not (?->'to' \\?| ?)", activity.data, ^mutes)
+ )
+ end
+
+ defp restrict_muted(query, _), do: query
+
defp restrict_blocked(query, %{"blocking_user" => %User{info: info}}) do
blocks = info.blocks || []
domain_blocks = info.domain_blocks || []
|> restrict_type(opts)
|> restrict_favorited_by(opts)
|> restrict_blocked(opts)
+ |> restrict_muted(opts)
|> restrict_media(opts)
|> restrict_visibility(opts)
|> restrict_replies(opts)
|> json(%{error: "No such permission_group"})
end
+ def set_activation_status(conn, %{"nickname" => nickname, "status" => status}) do
+ with {:ok, status} <- Ecto.Type.cast(:boolean, status),
+ %User{} = user <- User.get_by_nickname(nickname),
+ {:ok, _} <- User.deactivate(user, !status),
+ do: json_response(conn, :no_content, "")
+ end
+
def relay_follow(conn, %{"relay_url" => target}) do
with {:ok, _message} <- Relay.follow(target) do
json(conn, target)
params
|> Map.put("type", ["Create", "Announce"])
|> Map.put("blocking_user", user)
+ |> Map.put("muting_user", user)
|> Map.put("user", user)
activities =
|> Map.put("type", ["Create", "Announce"])
|> Map.put("local_only", local_only)
|> Map.put("blocking_user", user)
+ |> Map.put("muting_user", user)
|> ActivityPub.fetch_public_activities()
|> Enum.reverse()
|> Map.put("type", "Create")
|> Map.put("local_only", local_only)
|> Map.put("blocking_user", user)
+ |> Map.put("muting_user", user)
|> Map.put("tag", tags)
|> Map.put("tag_all", tag_all)
|> Map.put("tag_reject", tag_reject)
end
end
+ def mute(%{assigns: %{user: muter}} = conn, %{"id" => id}) do
+ with %User{} = muted <- Repo.get(User, id),
+ {:ok, muter} <- User.mute(muter, muted) do
+ conn
+ |> put_view(AccountView)
+ |> render("relationship.json", %{user: muter, target: muted})
+ else
+ {:error, message} ->
+ conn
+ |> put_resp_content_type("application/json")
+ |> send_resp(403, Jason.encode!(%{"error" => message}))
+ end
+ end
+
+ def unmute(%{assigns: %{user: muter}} = conn, %{"id" => id}) do
+ with %User{} = muted <- Repo.get(User, id),
+ {:ok, muter} <- User.unmute(muter, muted) do
+ conn
+ |> put_view(AccountView)
+ |> render("relationship.json", %{user: muter, target: muted})
+ else
+ {:error, message} ->
+ conn
+ |> put_resp_content_type("application/json")
+ |> send_resp(403, Jason.encode!(%{"error" => message}))
+ end
+ end
+
+ def mutes(%{assigns: %{user: user}} = conn, _) do
+ with muted_accounts <- User.muted_users(user) do
+ res = AccountView.render("accounts.json", users: muted_accounts, for: user, as: :user)
+ json(conn, res)
+ end
+ end
+
def block(%{assigns: %{user: blocker}} = conn, %{"id" => id}) do
with %User{} = blocked <- Repo.get(User, id),
{:ok, blocker} <- User.block(blocker, blocked),
params
|> Map.put("type", "Create")
|> Map.put("blocking_user", user)
+ |> Map.put("muting_user", user)
# we must filter the following list for the user to avoid leaking statuses the user
# does not actually have permission to see (for more info, peruse security issue #270).
following: User.following?(user, target),
followed_by: User.following?(target, user),
blocking: User.blocks?(user, target),
- muting: false,
+ muting: User.mutes?(user, target),
muting_notifications: false,
requested: requested,
domain_blocking: false,
post("/permission_group/:nickname/:permission_group", AdminAPIController, :right_add)
delete("/permission_group/:nickname/:permission_group", AdminAPIController, :right_delete)
+ put("/activation_status/:nickname", AdminAPIController, :set_activation_status)
+
post("/relay", AdminAPIController, :relay_follow)
delete("/relay", AdminAPIController, :relay_unfollow)
get("/follow_requests", MastodonAPIController, :follow_requests)
get("/blocks", MastodonAPIController, :blocks)
- get("/mutes", MastodonAPIController, :empty_array)
+ get("/mutes", MastodonAPIController, :mutes)
get("/timelines/home", MastodonAPIController, :home_timeline)
get("/timelines/direct", MastodonAPIController, :dm_timeline)
post("/accounts/:id/unfollow", MastodonAPIController, :unfollow)
post("/accounts/:id/block", MastodonAPIController, :block)
post("/accounts/:id/unblock", MastodonAPIController, :unblock)
- post("/accounts/:id/mute", MastodonAPIController, :relationship_noop)
- post("/accounts/:id/unmute", MastodonAPIController, :relationship_noop)
+ post("/accounts/:id/mute", MastodonAPIController, :mute)
+ post("/accounts/:id/unmute", MastodonAPIController, :unmute)
post("/follow_requests/:id/authorize", MastodonAPIController, :authorize_follow_request)
post("/follow_requests/:id/reject", MastodonAPIController, :reject_follow_request)
end
end
+ describe "mutes" do
+ test "it mutes people" do
+ user = insert(:user)
+ muted_user = insert(:user)
+
+ refute User.mutes?(user, muted_user)
+
+ {:ok, user} = User.mute(user, muted_user)
+
+ assert User.mutes?(user, muted_user)
+ end
+
+ test "it unmutes users" do
+ user = insert(:user)
+ muted_user = insert(:user)
+
+ {:ok, user} = User.mute(user, muted_user)
+ {:ok, user} = User.unmute(user, muted_user)
+
+ refute User.mutes?(user, muted_user)
+ end
+ end
+
describe "blocks" do
test "it blocks people" do
user = insert(:user)
assert Enum.member?(activities, activity_one)
end
+ test "doesn't return muted activities" do
+ activity_one = insert(:note_activity)
+ activity_two = insert(:note_activity)
+ activity_three = insert(:note_activity)
+ user = insert(:user)
+ booster = insert(:user)
+ {:ok, user} = User.mute(user, %User{ap_id: activity_one.data["actor"]})
+
+ activities = ActivityPub.fetch_activities([], %{"muting_user" => user})
+
+ assert Enum.member?(activities, activity_two)
+ assert Enum.member?(activities, activity_three)
+ refute Enum.member?(activities, activity_one)
+
+ {:ok, user} = User.unmute(user, %User{ap_id: activity_one.data["actor"]})
+
+ activities = ActivityPub.fetch_activities([], %{"muting_user" => user})
+
+ assert Enum.member?(activities, activity_two)
+ assert Enum.member?(activities, activity_three)
+ assert Enum.member?(activities, activity_one)
+
+ {:ok, user} = User.mute(user, %User{ap_id: activity_three.data["actor"]})
+ {:ok, _announce, %{data: %{"id" => id}}} = CommonAPI.repeat(activity_three.id, booster)
+ %Activity{} = boost_activity = Activity.get_create_by_object_ap_id(id)
+ activity_three = Repo.get(Activity, activity_three.id)
+
+ activities = ActivityPub.fetch_activities([], %{"muting_user" => user})
+
+ assert Enum.member?(activities, activity_two)
+ refute Enum.member?(activities, activity_three)
+ refute Enum.member?(activities, boost_activity)
+ assert Enum.member?(activities, activity_one)
+
+ activities = ActivityPub.fetch_activities([], %{"muting_user" => nil})
+
+ assert Enum.member?(activities, activity_two)
+ assert Enum.member?(activities, activity_three)
+ assert Enum.member?(activities, boost_activity)
+ assert Enum.member?(activities, activity_one)
+ end
+
test "excludes reblogs on request" do
user = insert(:user)
{:ok, expected_activity} = ActivityBuilder.insert(%{"type" => "Create"}, %{:user => user})
end
end
+ describe "PUT /api/pleroma/admin/activation_status" do
+ setup %{conn: conn} do
+ admin = insert(:user, info: %{is_admin: true})
+
+ conn =
+ conn
+ |> assign(:user, admin)
+ |> put_req_header("accept", "application/json")
+
+ %{conn: conn}
+ end
+
+ test "deactivates the user", %{conn: conn} do
+ user = insert(:user)
+
+ conn =
+ conn
+ |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
+
+ user = Repo.get(User, user.id)
+ assert user.info.deactivated == true
+ assert json_response(conn, :no_content)
+ end
+
+ test "activates the user", %{conn: conn} do
+ user = insert(:user, info: %{deactivated: true})
+
+ conn =
+ conn
+ |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true})
+
+ user = Repo.get(User, user.id)
+ assert user.info.deactivated == false
+ assert json_response(conn, :no_content)
+ end
+
+ test "returns 403 when requested by a non-admin", %{conn: conn} do
+ user = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false})
+
+ assert json_response(conn, :forbidden)
+ end
+ end
+
describe "POST /api/pleroma/admin/email_invite, with valid config" do
setup do
registrations_open = Pleroma.Config.get([:instance, :registrations_open])
assert id == to_string(other_user.id)
end
+ test "muting / unmuting a user", %{conn: conn} do
+ user = insert(:user)
+ other_user = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> post("/api/v1/accounts/#{other_user.id}/mute")
+
+ assert %{"id" => _id, "muting" => true} = json_response(conn, 200)
+
+ user = Repo.get(User, user.id)
+
+ conn =
+ build_conn()
+ |> assign(:user, user)
+ |> post("/api/v1/accounts/#{other_user.id}/unmute")
+
+ assert %{"id" => _id, "muting" => false} = json_response(conn, 200)
+ end
+
+ test "getting a list of mutes", %{conn: conn} do
+ user = insert(:user)
+ other_user = insert(:user)
+
+ {:ok, user} = User.mute(user, other_user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> get("/api/v1/mutes")
+
+ other_user_id = to_string(other_user.id)
+ assert [%{"id" => ^other_user_id}] = json_response(conn, 200)
+ end
+
test "blocking / unblocking a user", %{conn: conn} do
user = insert(:user)
other_user = insert(:user)
assert "even.worse.site" in domain_blocks
end
- test "unimplemented mute endpoints" do
- user = insert(:user)
- other_user = insert(:user)
-
- ["mute", "unmute"]
- |> Enum.each(fn endpoint ->
- conn =
- build_conn()
- |> assign(:user, user)
- |> post("/api/v1/accounts/#{other_user.id}/#{endpoint}")
-
- assert %{"id" => id} = json_response(conn, 200)
- assert id == to_string(other_user.id)
- end)
- end
-
- test "unimplemented mutes, follow_requests, blocks, domain blocks" do
+ test "unimplemented follow_requests, blocks, domain blocks" do
user = insert(:user)
- ["blocks", "domain_blocks", "mutes", "follow_requests"]
+ ["blocks", "domain_blocks", "follow_requests"]
|> Enum.each(fn endpoint ->
conn =
build_conn()