Admin API: fix `GET /api/pleroma/admin/users/:nickname/credentials` returning 404...

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 92d8c3d8ee377ed5825e903df6fca792ce15db3c..c713f19704737fc3fdc78a44e99d1ede3a28386f 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -79,6 +79,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - `blob:` urls not being allowed by connect-src CSP
 - Mastodon API: fix `GET /api/v1/notifications` not returning the full result set
 - Rich Media Previews for Twitter links
+- Admin API: fix `GET /api/pleroma/admin/users/:nickname/credentials` returning 404 when getting the credentials of a remote user while `:instance, :limit_to_local_content` is set to `:unauthenticated`
 
 ## [Unreleased (patch)]
 

diff --git a/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex b/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex
index f9545d8950caf135aca2ec223ada5113a4ded57b..e5f14269a1992fc9218b3a9f1ca87aa8638b18f5 100644 (file)
--- a/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex
+++ b/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex
@@ -206,8 +206,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
     end
   end
 
-  def user_show(conn, %{"nickname" => nickname}) do
-    with %User{} = user <- User.get_cached_by_nickname_or_id(nickname) do
+  def user_show(%{assigns: %{user: admin}} = conn, %{"nickname" => nickname}) do
+    with %User{} = user <- User.get_cached_by_nickname_or_id(nickname, for: admin) do
       conn
       |> put_view(AccountView)
       |> render("show.json", %{user: user})
@@ -233,11 +233,11 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
     |> render("index.json", %{activities: activities, as: :activity})
   end
 
-  def list_user_statuses(conn, %{"nickname" => nickname} = params) do
+  def list_user_statuses(%{assigns: %{user: admin}} = conn, %{"nickname" => nickname} = params) do
     with_reblogs = params["with_reblogs"] == "true" || params["with_reblogs"] == true
     godmode = params["godmode"] == "true" || params["godmode"] == true
 
-    with %User{} = user <- User.get_cached_by_nickname_or_id(nickname) do
+    with %User{} = user <- User.get_cached_by_nickname_or_id(nickname, for: admin) do
       {_, page_size} = page_params(params)
 
       activities =
@@ -526,7 +526,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
 
   @doc "Show a given user's credentials"
   def show_user_credentials(%{assigns: %{user: admin}} = conn, %{"nickname" => nickname}) do
-    with %User{} = user <- User.get_cached_by_nickname_or_id(nickname) do
+    with %User{} = user <- User.get_cached_by_nickname_or_id(nickname, for: admin) do
       conn
       |> put_view(AccountView)
       |> render("credentials.json", %{user: user, for: admin})

diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs
index 48fb108ec83ee5c14d6b9a4c3490f589b1884679..c2433f23c1480a69d216b901cdec9b3cc3bd46f9 100644 (file)
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@@ -1514,6 +1514,15 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
     end
   end
 
+  test "gets a remote users when [:instance, :limit_to_local_content] is set to :unauthenticated",
+       %{conn: conn} do
+    clear_config(Pleroma.Config.get([:instance, :limit_to_local_content]), :unauthenticated)
+    user = insert(:user, %{local: false, nickname: "u@peer1.com"})
+    conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
+
+    assert json_response(conn, 200)
+  end
+
   describe "GET /users/:nickname/credentials" do
     test "gets the user credentials", %{conn: conn} do
       user = insert(:user)