git.squeep.com Git - akkoma/blob - lib/pleroma/web/admin_api/admin_api_controller.ex

   1 defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   2   use Pleroma.Web, :controller
   3   alias Pleroma.{User, Repo}
   4   alias Pleroma.Web.ActivityPub.Relay
   5
   6   import Pleroma.Web.ControllerHelper, only: [json_response: 3]
   7
   8   require Logger
   9
  10   action_fallback(:errors)
  11
  12   def user_delete(conn, %{"nickname" => nickname}) do
  13     user = User.get_by_nickname(nickname)
  14
  15     if user.local == true do
  16       User.delete(user)
  17     else
  18       User.delete(user)
  19     end
  20
  21     conn
  22     |> json(nickname)
  23   end
  24
  25   def user_create(
  26         conn,
  27         %{"nickname" => nickname, "email" => email, "password" => password}
  28       ) do
  29     new_user = %{
  30       nickname: nickname,
  31       name: nickname,
  32       email: email,
  33       password: password,
  34       password_confirmation: password,
  35       bio: "."
  36     }
  37
  38     User.register_changeset(%User{}, new_user)
  39     |> Repo.insert!()
  40
  41     conn
  42     |> json(new_user.nickname)
  43   end
  44
  45   def tag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
  46     with {:ok, _} <- User.tag(nicknames, tags),
  47          do: json_response(conn, :no_content, "")
  48   end
  49
  50   def untag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
  51     with {:ok, _} <- User.untag(nicknames, tags),
  52          do: json_response(conn, :no_content, "")
  53   end
  54
  55   def right_add(conn, %{"permission_group" => permission_group, "nickname" => nickname})
  56       when permission_group in ["moderator", "admin"] do
  57     user = User.get_by_nickname(nickname)
  58
  59     info =
  60       %{}
  61       |> Map.put("is_" <> permission_group, true)
  62
  63     info_cng = User.Info.admin_api_update(user.info, info)
  64
  65     cng =
  66       user
  67       |> Ecto.Changeset.change()
  68       |> Ecto.Changeset.put_embed(:info, info_cng)
  69
  70     {:ok, _user} = User.update_and_set_cache(cng)
  71
  72     json(conn, info)
  73   end
  74
  75   def right_add(conn, _) do
  76     conn
  77     |> put_status(404)
  78     |> json(%{error: "No such permission_group"})
  79   end
  80
  81   def right_get(conn, %{"nickname" => nickname}) do
  82     user = User.get_by_nickname(nickname)
  83
  84     conn
  85     |> json(%{
  86       is_moderator: user.info.is_moderator,
  87       is_admin: user.info.is_admin
  88     })
  89   end
  90
  91   def right_delete(
  92         %{assigns: %{user: %User{:nickname => admin_nickname}}} = conn,
  93         %{
  94           "permission_group" => permission_group,
  95           "nickname" => nickname
  96         }
  97       )
  98       when permission_group in ["moderator", "admin"] do
  99     if admin_nickname == nickname do
 100       conn
 101       |> put_status(403)
 102       |> json(%{error: "You can't revoke your own admin status."})
 103     else
 104       user = User.get_by_nickname(nickname)
 105
 106       info =
 107         %{}
 108         |> Map.put("is_" <> permission_group, false)
 109
 110       info_cng = User.Info.admin_api_update(user.info, info)
 111
 112       cng =
 113         Ecto.Changeset.change(user)
 114         |> Ecto.Changeset.put_embed(:info, info_cng)
 115
 116       {:ok, _user} = User.update_and_set_cache(cng)
 117
 118       json(conn, info)
 119     end
 120   end
 121
 122   def right_delete(conn, _) do
 123     conn
 124     |> put_status(404)
 125     |> json(%{error: "No such permission_group"})
 126   end
 127
 128   def relay_follow(conn, %{"relay_url" => target}) do
 129     with {:ok, _message} <- Relay.follow(target) do
 130       json(conn, target)
 131     else
 132       _ ->
 133         conn
 134         |> put_status(500)
 135         |> json(target)
 136     end
 137   end
 138
 139   def relay_unfollow(conn, %{"relay_url" => target}) do
 140     with {:ok, _message} <- Relay.unfollow(target) do
 141       json(conn, target)
 142     else
 143       _ ->
 144         conn
 145         |> put_status(500)
 146         |> json(target)
 147     end
 148   end
 149
 150   @doc "Sends registration invite via email"
 151   def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params) do
 152     with true <-
 153            Pleroma.Config.get([:instance, :invites_enabled]) &&
 154              !Pleroma.Config.get([:instance, :registrations_open]),
 155          {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(),
 156          email <-
 157            Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]),
 158          {:ok, _} <- Pleroma.Mailer.deliver(email) do
 159       json_response(conn, :no_content, "")
 160     end
 161   end
 162
 163   @doc "Get a account registeration invite token (base64 string)"
 164   def get_invite_token(conn, _params) do
 165     {:ok, token} = Pleroma.UserInviteToken.create_token()
 166
 167     conn
 168     |> json(token.token)
 169   end
 170
 171   @doc "Get a password reset token (base64 string) for given nickname"
 172   def get_password_reset(conn, %{"nickname" => nickname}) do
 173     (%User{local: true} = user) = User.get_by_nickname(nickname)
 174     {:ok, token} = Pleroma.PasswordResetToken.create_token(user)
 175
 176     conn
 177     |> json(token.token)
 178   end
 179
 180   def errors(conn, {:param_cast, _}) do
 181     conn
 182     |> put_status(400)
 183     |> json("Invalid parameters")
 184   end
 185
 186   def errors(conn, _) do
 187     conn
 188     |> put_status(500)
 189     |> json("Something went wrong")
 190   end
 191 end