Merge remote-tracking branch 'pleroma/develop' into feature/disable-account

author Egor Kislitsyn <egor@kislitsyn.com>

Mon, 22 Apr 2019 06:08:30 +0000 (13:08 +0700)

committer Egor Kislitsyn <egor@kislitsyn.com>

Mon, 22 Apr 2019 06:08:30 +0000 (13:08 +0700)
author Egor Kislitsyn <egor@kislitsyn.com>
Mon, 22 Apr 2019 06:08:30 +0000 (13:08 +0700)
committer Egor Kislitsyn <egor@kislitsyn.com>
Mon, 22 Apr 2019 06:08:30 +0000 (13:08 +0700)
diff --git a/config/config.exs b/config/config.exs

index 9f2244222da3f36b1a7c25cba0bbb561ae91e883..9dc9387c82593174f25403b19aefd259984b1c53 100644 (file)
--- a/config/config.exs
+++ b/config/config.exs
@@ -413,7 +413,8 @@ config :pleroma_job_queue, :queues,
    web_push: 50,
    mailer: 10,
    transmogrifier: 20,
-  scheduled_activities: 10
+  scheduled_activities: 10,
+  user: 10
  
  config :pleroma, :fetch_initial_posts,
    enabled: false,
diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md

index dbe2503006ee9a9a22281347b556560a3df9efa7..b9622f586c0ae7182eda4fbc4b4c55843750f75d 100644 (file)
--- a/docs/api/pleroma_api.md
+++ b/docs/api/pleroma_api.md
@@ -61,6 +61,15 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi
  * Response: JSON. Returns `{"status": "success"}` if the deletion was successful, `{"error": "[error message]"}` otherwise
  * Example response: `{"error": "Invalid password."}`
  
+## `/api/pleroma/disable_account`
+### Disable an account
+* Method `POST`
+* Authentication: required
+* Params:
+    * `password`: user's password
+* Response: JSON. Returns `{"status": "success"}` if the account was successfully disabled, `{"error": "[error message]"}` otherwise
+* Example response: `{"error": "Invalid password."}`
+
  ## `/api/account/register`
  ### Register a new user
  * Method `POST`
diff --git a/lib/pleroma/activity.ex b/lib/pleroma/activity.ex

index 4a2ded51819f7dde23a89905609622735262fbb5..9c1c804e060640bb8555923abe80bb131af6ca00 100644 (file)
--- a/lib/pleroma/activity.ex
+++ b/lib/pleroma/activity.ex
@@ -106,7 +106,10 @@ defmodule Pleroma.Activity do
    end
  
    def get_by_id(id) do
-    Repo.get(Activity, id)
+    Activity
+    |> where([a], a.id == ^id)
+    |> restrict_deactivated_users()
+    |> Repo.one()
    end
  
    def get_by_id_with_object(id) do
@@ -174,6 +177,7 @@ defmodule Pleroma.Activity do
  
    def get_create_by_object_ap_id(ap_id) when is_binary(ap_id) do
      create_by_object_ap_id(ap_id)
+    |> restrict_deactivated_users()
      |> Repo.one()
    end
  
@@ -260,4 +264,14 @@ defmodule Pleroma.Activity do
      |> where([s], s.actor == ^actor)
      |> Repo.all()
    end
+
+  def restrict_deactivated_users(query) do
+    from(activity in query,
+      where:
+        fragment(
+          "? not in (SELECT ap_id FROM users WHERE info->'deactivated' @> 'true')",
+          activity.actor
+        )
+    )
+  end
  end
diff --git a/lib/pleroma/notification.ex b/lib/pleroma/notification.ex

index b357d5399d024cc0968acc5b8719206a2306184c..585157efece020946674f764f1adf9d49264b907 100644 (file)
--- a/lib/pleroma/notification.ex
+++ b/lib/pleroma/notification.ex
@@ -33,6 +33,13 @@ defmodule Pleroma.Notification do
    def for_user_query(user) do
      Notification
      |> where(user_id: ^user.id)
+    |> where(
+      [n, a],
+      fragment(
+        "? not in (SELECT ap_id FROM users WHERE info->'deactivated' @> 'true')",
+        a.actor
+      )
+    )
      |> join(:inner, [n], activity in assoc(n, :activity))
      |> join(:left, [n, a], object in Object,
        on:
diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex

index 78eb29ddd8839dc73bee3dac5905cb63ebf59030..6aaa3244f41188da2181dec5ce5db4ca50d63284 100644 (file)
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -107,10 +107,8 @@ defmodule Pleroma.User do
    def ap_followers(%User{} = user), do: "#{ap_id(user)}/followers"
  
    def user_info(%User{} = user) do
-    oneself = if user.local, do: 1, else: 0
-
      %{
-      following_count: length(user.following) - oneself,
+      following_count: following_count(user),
        note_count: user.info.note_count,
        follower_count: user.info.follower_count,
        locked: user.info.locked,
@@ -119,6 +117,23 @@ defmodule Pleroma.User do
      }
    end
  
+  defp restrict_deactivated(query) do
+    from(u in query,
+      where: not fragment("? \\? 'deactivated' AND ?->'deactivated' @> 'true'", u.info, u.info)
+    )
+  end
+
+  def following_count(%User{following: []}), do: 0
+
+  def following_count(%User{following: following, id: id}) do
+    from(u in User,
+      where: u.follower_address in ^following,
+      where: u.id != ^id
+    )
+    |> restrict_deactivated()
+    |> Repo.aggregate(:count, :id)
+  end
+
    def remote_user_creation(params) do
      params =
        params
@@ -571,6 +586,7 @@ defmodule Pleroma.User do
        where: fragment("? <@ ?", ^[follower_address], u.following),
        where: u.id != ^id
      )
+    |> restrict_deactivated()
    end
  
    def get_followers_query(user, page) do
@@ -598,6 +614,7 @@ defmodule Pleroma.User do
        where: u.follower_address in ^following,
        where: u.id != ^id
      )
+    |> restrict_deactivated()
    end
  
    def get_friends_query(user, page) do
@@ -709,11 +726,10 @@ defmodule Pleroma.User do
  
      info_cng = User.Info.set_note_count(user.info, note_count)
  
-    cng =
-      change(user)
-      |> put_embed(:info, info_cng)
-
-    update_and_set_cache(cng)
+    user
+    |> change()
+    |> put_embed(:info, info_cng)
+    |> update_and_set_cache()
    end
  
    def update_follower_count(%User{} = user) do
@@ -722,6 +738,7 @@ defmodule Pleroma.User do
        |> where([u], ^user.follower_address in u.following)
        |> where([u], u.id != ^user.id)
        |> select([u], %{count: count(u.id)})
+      |> restrict_deactivated()
  
      User
      |> where(id: ^user.id)
@@ -872,6 +889,7 @@ defmodule Pleroma.User do
            ^processed_query
          )
      )
+    |> restrict_deactivated()
    end
  
    defp trigram_search_subquery(term) do
@@ -890,6 +908,7 @@ defmodule Pleroma.User do
        },
        where: fragment("trim(? || ' ' || coalesce(?, '')) % ?", u.nickname, u.name, ^term)
      )
+    |> restrict_deactivated()
    end
  
    def blocks_import(%User{} = blocker, blocked_identifiers) when is_list(blocked_identifiers) do
@@ -1133,14 +1152,27 @@ defmodule Pleroma.User do
      )
    end
  
+  def deactivate_async(user, status \\ true) do
+    PleromaJobQueue.enqueue(:user, __MODULE__, [:deactivate_async, user, status])
+  end
+
+  def perform(:deactivate_async, user, status), do: deactivate(user, status)
+
    def deactivate(%User{} = user, status \\ true) do
      info_cng = User.Info.set_activation_status(user.info, status)
  
-    cng =
-      change(user)
-      |> put_embed(:info, info_cng)
+    with {:ok, friends} <- User.get_friends(user),
+         {:ok, followers} <- User.get_followers(user),
+         {:ok, user} <-
+           user
+           |> change()
+           |> put_embed(:info, info_cng)
+           |> update_and_set_cache() do
+      Enum.each(followers, &invalidate_cache(&1))
+      Enum.each(friends, &update_follower_count(&1))
  
-    update_and_set_cache(cng)
+      {:ok, user}
+    end
    end
  
    def update_notification_settings(%User{} = user, settings \\ %{}) do
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex

index e77b2b72dc267404862af94db782af383d4d950a..a345372e29f113606995f829f739e5b7594ed48e 100644 (file)
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -805,6 +805,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
      |> restrict_reblogs(opts)
      |> restrict_pinned(opts)
      |> restrict_muted_reblogs(opts)
+    |> Activity.restrict_deactivated_users()
    end
  
    def fetch_activities(recipients, opts \\ %{}) do
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex

index 8b665d61b4211c58426fe8eda718805d3f47ef9d..f475de639e2b6ad61cd9cb67f442a98d86431c25 100644 (file)
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -196,6 +196,7 @@ defmodule Pleroma.Web.Router do
        post("/change_password", UtilController, :change_password)
        post("/delete_account", UtilController, :delete_account)
        put("/notification_settings", UtilController, :update_notificaton_settings)
+      post("/disable_account", UtilController, :disable_account)
      end
  
      scope [] do
diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex

index 8665e058a39ff596fa2bd1f8b576a965eceae67a..9b0cf2b07670b8b35a973aa11772b1d99831946b 100644 (file)
--- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex
+++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex
@@ -360,6 +360,17 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
      end
    end
  
+  def disable_account(%{assigns: %{user: user}} = conn, params) do
+    case CommonAPI.Utils.confirm_current_password(user, params["password"]) do
+      {:ok, user} ->
+        User.deactivate_async(user)
+        json(conn, %{status: "success"})
+
+      {:error, msg} ->
+        json(conn, %{error: msg})
+    end
+  end
+
    def captcha(conn, _params) do
      json(conn, Pleroma.Captcha.new())
    end
diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex

index 8e44dbeb88ca5a47a217f4452f5d9611a9f3f2f6..c3f769c00377ee7c1535fa5d5ae7edec0048a10f 100644 (file)
--- a/lib/pleroma/web/twitter_api/twitter_api.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api.ex
@@ -231,12 +231,15 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
    def get_user(user \\ nil, params) do
      case params do
        %{"user_id" => user_id} ->
-        case target = User.get_cached_by_nickname_or_id(user_id) do
+        case User.get_cached_by_nickname_or_id(user_id) do
            nil ->
              {:error, "No user with such user_id"}
  
-          _ ->
-            {:ok, target}
+          %User{info: %{deactivated: true}} ->
+            {:error, "User has been disabled"}
+
+          user ->
+            {:ok, user}
          end
  
        %{"screen_name" => nickname} ->
diff --git a/priv/repo/migrations/20190411094120_add_index_on_user_info_deactivated.exs b/priv/repo/migrations/20190411094120_add_index_on_user_info_deactivated.exs

new file mode 100644 (file)

index 0000000..d701dce
--- /dev/null
+++ b/priv/repo/migrations/20190411094120_add_index_on_user_info_deactivated.exs
@@ -0,0 +1,7 @@
+defmodule Pleroma.Repo.Migrations.AddIndexOnUserInfoDeactivated do
+  use Ecto.Migration
+
+  def change do
+    create(index(:users, ["(info->'deactivated')"], name: :users_deactivated_index, using: :gin))
+  end
+end
diff --git a/test/user_test.exs b/test/user_test.exs

index eee6881eb7f49cf145df5f90a78b4d8307e22777..a5f9318533d49ba4dd9ada1c17498543f281d7ee 100644 (file)
--- a/test/user_test.exs
+++ b/test/user_test.exs
@@ -8,6 +8,7 @@ defmodule Pleroma.UserTest do
    alias Pleroma.Object
    alias Pleroma.Repo
    alias Pleroma.User
+  alias Pleroma.Web.ActivityPub.ActivityPub
    alias Pleroma.Web.CommonAPI
  
    use Pleroma.DataCase
@@ -213,8 +214,8 @@ defmodule Pleroma.UserTest do
    test "fetches correct profile for nickname beginning with number" do
      # Use old-style integer ID to try to reproduce the problem
      user = insert(:user, %{id: 1080})
-    userwithnumbers = insert(:user, %{nickname: "#{user.id}garbage"})
-    assert userwithnumbers == User.get_cached_by_nickname_or_id(userwithnumbers.nickname)
+    user_with_numbers = insert(:user, %{nickname: "#{user.id}garbage"})
+    assert user_with_numbers == User.get_cached_by_nickname_or_id(user_with_numbers.nickname)
    end
  
    describe "user registration" do
@@ -816,13 +817,71 @@ defmodule Pleroma.UserTest do
      assert addressed in recipients
    end
  
-  test ".deactivate can de-activate then re-activate a user" do
-    user = insert(:user)
-    assert false == user.info.deactivated
-    {:ok, user} = User.deactivate(user)
-    assert true == user.info.deactivated
-    {:ok, user} = User.deactivate(user, false)
-    assert false == user.info.deactivated
+  describe ".deactivate" do
+    test "can de-activate then re-activate a user" do
+      user = insert(:user)
+      assert false == user.info.deactivated
+      {:ok, user} = User.deactivate(user)
+      assert true == user.info.deactivated
+      {:ok, user} = User.deactivate(user, false)
+      assert false == user.info.deactivated
+    end
+
+    test "hide a user from followers " do
+      user = insert(:user)
+      user2 = insert(:user)
+
+      {:ok, user} = User.follow(user, user2)
+      {:ok, _user} = User.deactivate(user)
+
+      info = User.get_cached_user_info(user2)
+
+      assert info.follower_count == 0
+      assert {:ok, []} = User.get_followers(user2)
+    end
+
+    test "hide a user from friends" do
+      user = insert(:user)
+      user2 = insert(:user)
+
+      {:ok, user2} = User.follow(user2, user)
+      assert User.following_count(user2) == 1
+
+      {:ok, _user} = User.deactivate(user)
+
+      info = User.get_cached_user_info(user2)
+
+      assert info.following_count == 0
+      assert User.following_count(user2) == 0
+      assert {:ok, []} = User.get_friends(user2)
+    end
+
+    test "hide a user's statuses from timelines and notifications" do
+      user = insert(:user)
+      user2 = insert(:user)
+
+      {:ok, user2} = User.follow(user2, user)
+
+      {:ok, activity} = CommonAPI.post(user, %{"status" => "hey @#{user2.nickname}"})
+
+      [notification] = Pleroma.Notification.for_user(user2)
+      assert notification.activity.id == activity.id
+
+      assert [activity] == ActivityPub.fetch_public_activities(%{})
+
+      assert [activity] ==
+               ActivityPub.fetch_activities([user2.ap_id | user2.following], %{"user" => user2})
+               |> ActivityPub.contain_timeline(user2)
+
+      {:ok, _user} = User.deactivate(user)
+
+      assert [] == ActivityPub.fetch_public_activities(%{})
+      assert [] == Pleroma.Notification.for_user(user2)
+
+      assert [] ==
+               ActivityPub.fetch_activities([user2.ap_id | user2.following], %{"user" => user2})
+               |> ActivityPub.contain_timeline(user2)
+    end
    end
  
    test ".delete_user_activities deletes all create activities" do
diff --git a/test/web/twitter_api/util_controller_test.exs b/test/web/twitter_api/util_controller_test.exs

index c58b49ea4cad746c484a1befe66e459bfe6bd7f6..0288e24d151b9fd3269dabae62f7f553fb193883 100644 (file)
--- a/test/web/twitter_api/util_controller_test.exs
+++ b/test/web/twitter_api/util_controller_test.exs
@@ -245,4 +245,22 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
        assert html_response(response, 200) =~ "Log in to follow"
      end
    end
+
+  describe "POST /api/pleroma/disable_account" do
+    test "it returns HTTP 200", %{conn: conn} do
+      user = insert(:user)
+
+      response =
+        conn
+        |> assign(:user, user)
+        |> post("/api/pleroma/disable_account", %{"password" => "test"})
+        |> json_response(:ok)
+
+      assert response == %{"status" => "success"}
+
+      user = User.get_cached_by_id(user.id)
+
+      assert user.info.deactivated == true
+    end
+  end
  end
author	Egor Kislitsyn <egor@kislitsyn.com>
	Mon, 22 Apr 2019 06:08:30 +0000 (13:08 +0700)
committer	Egor Kislitsyn <egor@kislitsyn.com>
	Mon, 22 Apr 2019 06:08:30 +0000 (13:08 +0700)
config/config.exs		patch \| blob \| history
docs/api/pleroma_api.md		patch \| blob \| history
lib/pleroma/activity.ex		patch \| blob \| history
lib/pleroma/notification.ex		patch \| blob \| history
lib/pleroma/user.ex		patch \| blob \| history
lib/pleroma/web/activity_pub/activity_pub.ex		patch \| blob \| history
lib/pleroma/web/router.ex		patch \| blob \| history
lib/pleroma/web/twitter_api/controllers/util_controller.ex		patch \| blob \| history
lib/pleroma/web/twitter_api/twitter_api.ex		patch \| blob \| history
priv/repo/migrations/20190411094120_add_index_on_user_info_deactivated.exs	[new file with mode: 0644]	patch \| blob
test/user_test.exs		patch \| blob \| history
test/web/twitter_api/util_controller_test.exs		patch \| blob \| history