1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
7 use Oban.Testing, repo: Pleroma.Repo
9 import ExUnit.CaptureLog
10 import Pleroma.Factory
11 import Swoosh.TestAssertions
13 alias Pleroma.Activity
15 alias Pleroma.ModerationLog
17 alias Pleroma.Tests.ObanHelpers
19 alias Pleroma.Web.CommonAPI
22 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
28 admin = insert(:user, is_admin: true)
29 token = insert(:oauth_admin_token, user: admin)
33 |> assign(:user, admin)
34 |> assign(:token, token)
36 {:ok, %{admin: admin, token: token, conn: conn}}
39 test "with valid `admin_token` query parameter, skips OAuth scopes check" do
40 clear_config([:admin_token], "password123")
44 conn = get(build_conn(), "/api/pleroma/admin/users/#{user.nickname}?admin_token=password123")
46 assert json_response(conn, 200)
49 describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
50 setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
52 test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
55 url = "/api/pleroma/admin/users/#{user.nickname}"
57 good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
58 good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
59 good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
61 bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
62 bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
65 for good_token <- [good_token1, good_token2, good_token3] do
68 |> assign(:user, admin)
69 |> assign(:token, good_token)
72 assert json_response(conn, 200)
75 for good_token <- [good_token1, good_token2, good_token3] do
79 |> assign(:token, good_token)
82 assert json_response(conn, :forbidden)
85 for bad_token <- [bad_token1, bad_token2, bad_token3] do
88 |> assign(:user, admin)
89 |> assign(:token, bad_token)
92 assert json_response(conn, :forbidden)
97 describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do
98 setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
100 test "GET /api/pleroma/admin/users/:nickname requires " <>
101 "read:accounts or admin:read:accounts or broader scope",
104 url = "/api/pleroma/admin/users/#{user.nickname}"
106 good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
107 good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
108 good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
109 good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
110 good_token5 = insert(:oauth_token, user: admin, scopes: ["read"])
112 good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5]
114 bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"])
115 bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
118 for good_token <- good_tokens do
121 |> assign(:user, admin)
122 |> assign(:token, good_token)
125 assert json_response(conn, 200)
128 for good_token <- good_tokens do
131 |> assign(:user, nil)
132 |> assign(:token, good_token)
135 assert json_response(conn, :forbidden)
138 for bad_token <- [bad_token1, bad_token2, bad_token3] do
141 |> assign(:user, admin)
142 |> assign(:token, bad_token)
145 assert json_response(conn, :forbidden)
150 describe "PUT /api/pleroma/admin/users/tag" do
151 setup %{conn: conn} do
152 user1 = insert(:user, %{tags: ["x"]})
153 user2 = insert(:user, %{tags: ["y"]})
154 user3 = insert(:user, %{tags: ["unchanged"]})
158 |> put_req_header("accept", "application/json")
160 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
161 "#{user2.nickname}&tags[]=foo&tags[]=bar"
164 %{conn: conn, user1: user1, user2: user2, user3: user3}
167 test "it appends specified tags to users with specified nicknames", %{
173 assert empty_json_response(conn)
174 assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"]
175 assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"]
177 log_entry = Repo.one(ModerationLog)
180 [user1.nickname, user2.nickname]
181 |> Enum.map(&"@#{&1}")
184 tags = ["foo", "bar"] |> Enum.join(", ")
186 assert ModerationLog.get_log_entry_message(log_entry) ==
187 "@#{admin.nickname} added tags: #{tags} to users: #{users}"
190 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
191 assert empty_json_response(conn)
192 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
196 describe "DELETE /api/pleroma/admin/users/tag" do
197 setup %{conn: conn} do
198 user1 = insert(:user, %{tags: ["x"]})
199 user2 = insert(:user, %{tags: ["y", "z"]})
200 user3 = insert(:user, %{tags: ["unchanged"]})
204 |> put_req_header("accept", "application/json")
206 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
207 "#{user2.nickname}&tags[]=x&tags[]=z"
210 %{conn: conn, user1: user1, user2: user2, user3: user3}
213 test "it removes specified tags from users with specified nicknames", %{
219 assert empty_json_response(conn)
220 assert User.get_cached_by_id(user1.id).tags == []
221 assert User.get_cached_by_id(user2.id).tags == ["y"]
223 log_entry = Repo.one(ModerationLog)
226 [user1.nickname, user2.nickname]
227 |> Enum.map(&"@#{&1}")
230 tags = ["x", "z"] |> Enum.join(", ")
232 assert ModerationLog.get_log_entry_message(log_entry) ==
233 "@#{admin.nickname} removed tags: #{tags} from users: #{users}"
236 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
237 assert empty_json_response(conn)
238 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
242 describe "/api/pleroma/admin/users/:nickname/permission_group" do
243 test "GET is giving user_info", %{admin: admin, conn: conn} do
246 |> put_req_header("accept", "application/json")
247 |> get("/api/pleroma/admin/users/#{admin.nickname}/permission_group/")
249 assert json_response(conn, 200) == %{
251 "is_moderator" => false
255 test "/:right POST, can add to a permission group", %{admin: admin, conn: conn} do
260 |> put_req_header("accept", "application/json")
261 |> post("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
263 assert json_response(conn, 200) == %{
267 log_entry = Repo.one(ModerationLog)
269 assert ModerationLog.get_log_entry_message(log_entry) ==
270 "@#{admin.nickname} made @#{user.nickname} admin"
273 test "/:right POST, can add to a permission group (multiple)", %{admin: admin, conn: conn} do
274 user_one = insert(:user)
275 user_two = insert(:user)
279 |> put_req_header("accept", "application/json")
280 |> post("/api/pleroma/admin/users/permission_group/admin", %{
281 nicknames: [user_one.nickname, user_two.nickname]
284 assert json_response(conn, 200) == %{"is_admin" => true}
286 log_entry = Repo.one(ModerationLog)
288 assert ModerationLog.get_log_entry_message(log_entry) ==
289 "@#{admin.nickname} made @#{user_one.nickname}, @#{user_two.nickname} admin"
292 test "/:right DELETE, can remove from a permission group", %{admin: admin, conn: conn} do
293 user = insert(:user, is_admin: true)
297 |> put_req_header("accept", "application/json")
298 |> delete("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
300 assert json_response(conn, 200) == %{"is_admin" => false}
302 log_entry = Repo.one(ModerationLog)
304 assert ModerationLog.get_log_entry_message(log_entry) ==
305 "@#{admin.nickname} revoked admin role from @#{user.nickname}"
308 test "/:right DELETE, can remove from a permission group (multiple)", %{
312 user_one = insert(:user, is_admin: true)
313 user_two = insert(:user, is_admin: true)
317 |> put_req_header("accept", "application/json")
318 |> delete("/api/pleroma/admin/users/permission_group/admin", %{
319 nicknames: [user_one.nickname, user_two.nickname]
322 assert json_response(conn, 200) == %{"is_admin" => false}
324 log_entry = Repo.one(ModerationLog)
326 assert ModerationLog.get_log_entry_message(log_entry) ==
327 "@#{admin.nickname} revoked admin role from @#{user_one.nickname}, @#{
333 test "/api/pleroma/admin/users/:nickname/password_reset", %{conn: conn} do
338 |> put_req_header("accept", "application/json")
339 |> get("/api/pleroma/admin/users/#{user.nickname}/password_reset")
341 resp = json_response(conn, 200)
343 assert Regex.match?(~r/(http:\/\/|https:\/\/)/, resp["link"])
346 describe "PUT disable_mfa" do
347 test "returns 200 and disable 2fa", %{conn: conn} do
350 multi_factor_authentication_settings: %MFA.Settings{
352 totp: %MFA.Settings.TOTP{secret: "otp_secret", confirmed: true}
358 |> put("/api/pleroma/admin/users/disable_mfa", %{nickname: user.nickname})
359 |> json_response(200)
361 assert response == user.nickname
362 mfa_settings = refresh_record(user).multi_factor_authentication_settings
364 refute mfa_settings.enabled
365 refute mfa_settings.totp.confirmed
368 test "returns 404 if user not found", %{conn: conn} do
371 |> put("/api/pleroma/admin/users/disable_mfa", %{nickname: "nickname"})
372 |> json_response(404)
374 assert response == %{"error" => "Not found"}
378 describe "GET /api/pleroma/admin/restart" do
379 setup do: clear_config(:configurable_from_database, true)
381 test "pleroma restarts", %{conn: conn} do
383 assert conn |> get("/api/pleroma/admin/restart") |> json_response(200) == %{}
384 end) =~ "pleroma restarted"
386 refute Restarter.Pleroma.need_reboot?()
390 test "need_reboot flag", %{conn: conn} do
392 |> get("/api/pleroma/admin/need_reboot")
393 |> json_response(200) == %{"need_reboot" => false}
395 Restarter.Pleroma.need_reboot()
398 |> get("/api/pleroma/admin/need_reboot")
399 |> json_response(200) == %{"need_reboot" => true}
401 on_exit(fn -> Restarter.Pleroma.refresh() end)
404 describe "GET /api/pleroma/admin/users/:nickname/statuses" do
408 insert(:note_activity, user: user)
409 insert(:note_activity, user: user)
410 insert(:note_activity, user: user)
415 test "renders user's statuses", %{conn: conn, user: user} do
416 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
418 assert %{"total" => 3, "activities" => activities} = json_response(conn, 200)
419 assert length(activities) == 3
422 test "renders user's statuses with pagination", %{conn: conn, user: user} do
423 %{"total" => 3, "activities" => [activity1]} =
425 |> get("/api/pleroma/admin/users/#{user.nickname}/statuses?page_size=1&page=1")
426 |> json_response(200)
428 %{"total" => 3, "activities" => [activity2]} =
430 |> get("/api/pleroma/admin/users/#{user.nickname}/statuses?page_size=1&page=2")
431 |> json_response(200)
433 refute activity1 == activity2
436 test "doesn't return private statuses by default", %{conn: conn, user: user} do
437 {:ok, _private_status} = CommonAPI.post(user, %{status: "private", visibility: "private"})
439 {:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
441 %{"total" => 4, "activities" => activities} =
443 |> get("/api/pleroma/admin/users/#{user.nickname}/statuses")
444 |> json_response(200)
446 assert length(activities) == 4
449 test "returns private statuses with godmode on", %{conn: conn, user: user} do
450 {:ok, _private_status} = CommonAPI.post(user, %{status: "private", visibility: "private"})
452 {:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
454 %{"total" => 5, "activities" => activities} =
456 |> get("/api/pleroma/admin/users/#{user.nickname}/statuses?godmode=true")
457 |> json_response(200)
459 assert length(activities) == 5
462 test "excludes reblogs by default", %{conn: conn, user: user} do
463 other_user = insert(:user)
464 {:ok, activity} = CommonAPI.post(user, %{status: "."})
465 {:ok, %Activity{}} = CommonAPI.repeat(activity.id, other_user)
467 assert %{"total" => 0, "activities" => []} ==
469 |> get("/api/pleroma/admin/users/#{other_user.nickname}/statuses")
470 |> json_response(200)
472 assert %{"total" => 1, "activities" => [_]} =
475 "/api/pleroma/admin/users/#{other_user.nickname}/statuses?with_reblogs=true"
477 |> json_response(200)
481 describe "GET /api/pleroma/admin/users/:nickname/chats" do
484 recipients = insert_list(3, :user)
486 Enum.each(recipients, fn recipient ->
487 CommonAPI.post_chat_message(user, recipient, "yo")
493 test "renders user's chats", %{conn: conn, user: user} do
494 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/chats")
496 assert json_response(conn, 200) |> length() == 3
500 describe "GET /api/pleroma/admin/users/:nickname/chats unauthorized" do
503 recipient = insert(:user)
504 CommonAPI.post_chat_message(user, recipient, "yo")
505 %{conn: conn} = oauth_access(["read:chats"])
506 %{conn: conn, user: user}
509 test "returns 403", %{conn: conn, user: user} do
511 |> get("/api/pleroma/admin/users/#{user.nickname}/chats")
512 |> json_response(403)
516 describe "GET /api/pleroma/admin/users/:nickname/chats unauthenticated" do
519 recipient = insert(:user)
520 CommonAPI.post_chat_message(user, recipient, "yo")
521 %{conn: build_conn(), user: user}
524 test "returns 403", %{conn: conn, user: user} do
526 |> get("/api/pleroma/admin/users/#{user.nickname}/chats")
527 |> json_response(403)
531 describe "GET /api/pleroma/admin/moderation_log" do
533 moderator = insert(:user, is_moderator: true)
535 %{moderator: moderator}
538 test "returns the log", %{conn: conn, admin: admin} do
539 Repo.insert(%ModerationLog{
543 "nickname" => admin.nickname,
546 action: "relay_follow",
547 target: "https://example.org/relay"
549 inserted_at: NaiveDateTime.truncate(~N[2017-08-15 15:47:06.597036], :second)
552 Repo.insert(%ModerationLog{
556 "nickname" => admin.nickname,
559 action: "relay_unfollow",
560 target: "https://example.org/relay"
562 inserted_at: NaiveDateTime.truncate(~N[2017-08-16 15:47:06.597036], :second)
565 conn = get(conn, "/api/pleroma/admin/moderation_log")
567 response = json_response(conn, 200)
568 [first_entry, second_entry] = response["items"]
570 assert response["total"] == 2
571 assert first_entry["data"]["action"] == "relay_unfollow"
573 assert first_entry["message"] ==
574 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
576 assert second_entry["data"]["action"] == "relay_follow"
578 assert second_entry["message"] ==
579 "@#{admin.nickname} followed relay: https://example.org/relay"
582 test "returns the log with pagination", %{conn: conn, admin: admin} do
583 Repo.insert(%ModerationLog{
587 "nickname" => admin.nickname,
590 action: "relay_follow",
591 target: "https://example.org/relay"
593 inserted_at: NaiveDateTime.truncate(~N[2017-08-15 15:47:06.597036], :second)
596 Repo.insert(%ModerationLog{
600 "nickname" => admin.nickname,
603 action: "relay_unfollow",
604 target: "https://example.org/relay"
606 inserted_at: NaiveDateTime.truncate(~N[2017-08-16 15:47:06.597036], :second)
609 conn1 = get(conn, "/api/pleroma/admin/moderation_log?page_size=1&page=1")
611 response1 = json_response(conn1, 200)
612 [first_entry] = response1["items"]
614 assert response1["total"] == 2
615 assert response1["items"] |> length() == 1
616 assert first_entry["data"]["action"] == "relay_unfollow"
618 assert first_entry["message"] ==
619 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
621 conn2 = get(conn, "/api/pleroma/admin/moderation_log?page_size=1&page=2")
623 response2 = json_response(conn2, 200)
624 [second_entry] = response2["items"]
626 assert response2["total"] == 2
627 assert response2["items"] |> length() == 1
628 assert second_entry["data"]["action"] == "relay_follow"
630 assert second_entry["message"] ==
631 "@#{admin.nickname} followed relay: https://example.org/relay"
634 test "filters log by date", %{conn: conn, admin: admin} do
635 first_date = "2017-08-15T15:47:06Z"
636 second_date = "2017-08-20T15:47:06Z"
638 Repo.insert(%ModerationLog{
642 "nickname" => admin.nickname,
645 action: "relay_follow",
646 target: "https://example.org/relay"
648 inserted_at: NaiveDateTime.from_iso8601!(first_date)
651 Repo.insert(%ModerationLog{
655 "nickname" => admin.nickname,
658 action: "relay_unfollow",
659 target: "https://example.org/relay"
661 inserted_at: NaiveDateTime.from_iso8601!(second_date)
667 "/api/pleroma/admin/moderation_log?start_date=#{second_date}"
670 response1 = json_response(conn1, 200)
671 [first_entry] = response1["items"]
673 assert response1["total"] == 1
674 assert first_entry["data"]["action"] == "relay_unfollow"
676 assert first_entry["message"] ==
677 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
680 test "returns log filtered by user", %{conn: conn, admin: admin, moderator: moderator} do
681 Repo.insert(%ModerationLog{
685 "nickname" => admin.nickname,
688 action: "relay_follow",
689 target: "https://example.org/relay"
693 Repo.insert(%ModerationLog{
696 "id" => moderator.id,
697 "nickname" => moderator.nickname,
700 action: "relay_unfollow",
701 target: "https://example.org/relay"
705 conn1 = get(conn, "/api/pleroma/admin/moderation_log?user_id=#{moderator.id}")
707 response1 = json_response(conn1, 200)
708 [first_entry] = response1["items"]
710 assert response1["total"] == 1
711 assert get_in(first_entry, ["data", "actor", "id"]) == moderator.id
714 test "returns log filtered by search", %{conn: conn, moderator: moderator} do
715 ModerationLog.insert_log(%{
717 action: "relay_follow",
718 target: "https://example.org/relay"
721 ModerationLog.insert_log(%{
723 action: "relay_unfollow",
724 target: "https://example.org/relay"
727 conn1 = get(conn, "/api/pleroma/admin/moderation_log?search=unfo")
729 response1 = json_response(conn1, 200)
730 [first_entry] = response1["items"]
732 assert response1["total"] == 1
734 assert get_in(first_entry, ["data", "message"]) ==
735 "@#{moderator.nickname} unfollowed relay: https://example.org/relay"
739 test "gets a remote users when [:instance, :limit_to_local_content] is set to :unauthenticated",
741 clear_config(Pleroma.Config.get([:instance, :limit_to_local_content]), :unauthenticated)
742 user = insert(:user, %{local: false, nickname: "u@peer1.com"})
743 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
745 assert json_response(conn, 200)
748 describe "GET /users/:nickname/credentials" do
749 test "gets the user credentials", %{conn: conn} do
751 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
753 response = assert json_response(conn, 200)
754 assert response["email"] == user.email
757 test "returns 403 if requested by a non-admin" do
762 |> assign(:user, user)
763 |> get("/api/pleroma/admin/users/#{user.nickname}/credentials")
765 assert json_response(conn, :forbidden)
769 describe "PATCH /users/:nickname/credentials" do
775 test "changes password and email", %{conn: conn, admin: admin, user: user} do
776 assert user.password_reset_pending == false
779 patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
780 "password" => "new_password",
781 "email" => "new_email@example.com",
785 assert json_response(conn, 200) == %{"status" => "success"}
787 ObanHelpers.perform_all()
789 updated_user = User.get_by_id(user.id)
791 assert updated_user.email == "new_email@example.com"
792 assert updated_user.name == "new_name"
793 assert updated_user.password_hash != user.password_hash
794 assert updated_user.password_reset_pending == true
796 [log_entry2, log_entry1] = ModerationLog |> Repo.all() |> Enum.sort()
798 assert ModerationLog.get_log_entry_message(log_entry1) ==
799 "@#{admin.nickname} updated users: @#{user.nickname}"
801 assert ModerationLog.get_log_entry_message(log_entry2) ==
802 "@#{admin.nickname} forced password reset for users: @#{user.nickname}"
805 test "returns 403 if requested by a non-admin", %{user: user} do
808 |> assign(:user, user)
809 |> patch("/api/pleroma/admin/users/#{user.nickname}/credentials", %{
810 "password" => "new_password",
811 "email" => "new_email@example.com",
815 assert json_response(conn, :forbidden)
818 test "changes actor type from permitted list", %{conn: conn, user: user} do
819 assert user.actor_type == "Person"
821 assert patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
822 "actor_type" => "Service"
824 |> json_response(200) == %{"status" => "success"}
826 updated_user = User.get_by_id(user.id)
828 assert updated_user.actor_type == "Service"
830 assert patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
831 "actor_type" => "Application"
833 |> json_response(400) == %{"errors" => %{"actor_type" => "is invalid"}}
836 test "update non existing user", %{conn: conn} do
837 assert patch(conn, "/api/pleroma/admin/users/non-existing/credentials", %{
838 "password" => "new_password"
840 |> json_response(404) == %{"error" => "Not found"}
844 describe "PATCH /users/:nickname/force_password_reset" do
845 test "sets password_reset_pending to true", %{conn: conn} do
847 assert user.password_reset_pending == false
850 patch(conn, "/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
852 assert empty_json_response(conn) == ""
854 ObanHelpers.perform_all()
856 assert User.get_by_id(user.id).password_reset_pending == true
860 describe "instances" do
861 test "GET /instances/:instance/statuses", %{conn: conn} do
862 user = insert(:user, local: false, ap_id: "https://archae.me/users/archaeme")
863 user2 = insert(:user, local: false, ap_id: "https://test.com/users/test")
864 insert_pair(:note_activity, user: user)
865 activity = insert(:note_activity, user: user2)
867 %{"total" => 2, "activities" => activities} =
868 conn |> get("/api/pleroma/admin/instances/archae.me/statuses") |> json_response(200)
870 assert length(activities) == 2
872 %{"total" => 1, "activities" => [_]} =
873 conn |> get("/api/pleroma/admin/instances/test.com/statuses") |> json_response(200)
875 %{"total" => 0, "activities" => []} =
876 conn |> get("/api/pleroma/admin/instances/nonexistent.com/statuses") |> json_response(200)
878 CommonAPI.repeat(activity.id, user)
880 %{"total" => 2, "activities" => activities} =
881 conn |> get("/api/pleroma/admin/instances/archae.me/statuses") |> json_response(200)
883 assert length(activities) == 2
885 %{"total" => 3, "activities" => activities} =
887 |> get("/api/pleroma/admin/instances/archae.me/statuses?with_reblogs=true")
888 |> json_response(200)
890 assert length(activities) == 3
894 describe "PATCH /confirm_email" do
895 test "it confirms emails of two users", %{conn: conn, admin: admin} do
896 [first_user, second_user] = insert_pair(:user, is_confirmed: false)
898 refute first_user.is_confirmed
899 refute second_user.is_confirmed
902 patch(conn, "/api/pleroma/admin/users/confirm_email", %{
909 assert ret_conn.status == 200
911 first_user = User.get_by_id(first_user.id)
912 second_user = User.get_by_id(second_user.id)
914 assert first_user.is_confirmed
915 assert second_user.is_confirmed
917 log_entry = Repo.one(ModerationLog)
919 assert ModerationLog.get_log_entry_message(log_entry) ==
920 "@#{admin.nickname} confirmed email for users: @#{first_user.nickname}, @#{
926 describe "PATCH /resend_confirmation_email" do
927 test "it resend emails for two users", %{conn: conn, admin: admin} do
928 [first_user, second_user] = insert_pair(:user, is_confirmed: false)
931 patch(conn, "/api/pleroma/admin/users/resend_confirmation_email", %{
938 assert ret_conn.status == 200
940 log_entry = Repo.one(ModerationLog)
942 assert ModerationLog.get_log_entry_message(log_entry) ==
943 "@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{
947 ObanHelpers.perform_all()
949 Pleroma.Emails.UserEmail.account_confirmation_email(first_user)
950 # temporary hackney fix until hackney max_connections bug is fixed
951 # https://git.pleroma.social/pleroma/pleroma/-/issues/2101
952 |> Swoosh.Email.put_private(:hackney_options, ssl_options: [versions: [:"tlsv1.2"]])
953 |> assert_email_sent()
957 describe "/api/pleroma/admin/stats" do
958 test "status visibility count", %{conn: conn} do
960 CommonAPI.post(user, %{visibility: "public", status: "hey"})
961 CommonAPI.post(user, %{visibility: "unlisted", status: "hey"})
962 CommonAPI.post(user, %{visibility: "unlisted", status: "hey"})
966 |> get("/api/pleroma/admin/stats")
967 |> json_response(200)
969 assert %{"direct" => 0, "private" => 0, "public" => 1, "unlisted" => 2} =
970 response["status_visibility"]
973 test "by instance", %{conn: conn} do
974 user1 = insert(:user)
975 instance2 = "instance2.tld"
976 user2 = insert(:user, %{ap_id: "https://#{instance2}/@actor"})
978 CommonAPI.post(user1, %{visibility: "public", status: "hey"})
979 CommonAPI.post(user2, %{visibility: "unlisted", status: "hey"})
980 CommonAPI.post(user2, %{visibility: "private", status: "hey"})
984 |> get("/api/pleroma/admin/stats", instance: instance2)
985 |> json_response(200)
987 assert %{"direct" => 0, "private" => 1, "public" => 0, "unlisted" => 1} =
988 response["status_visibility"]
992 describe "/api/pleroma/backups" do
993 test "it creates a backup", %{conn: conn} do
994 admin = %{id: admin_id, nickname: admin_nickname} = insert(:user, is_admin: true)
995 token = insert(:oauth_admin_token, user: admin)
996 user = %{id: user_id, nickname: user_nickname} = insert(:user)
1000 |> assign(:user, admin)
1001 |> assign(:token, token)
1002 |> post("/api/pleroma/admin/backups", %{nickname: user.nickname})
1003 |> json_response(200)
1005 assert [backup] = Repo.all(Pleroma.User.Backup)
1007 ObanHelpers.perform_all()
1009 email = Pleroma.Emails.UserEmail.backup_is_ready_email(backup, admin.id)
1011 assert String.contains?(email.html_body, "Admin @#{admin.nickname} requested a full backup")
1012 assert_email_sent(to: {user.name, user.email}, html_body: email.html_body)
1014 log_message = "@#{admin_nickname} requested account backup for @#{user_nickname}"
1019 "action" => "create_backup",
1022 "nickname" => ^admin_nickname
1024 "message" => ^log_message,
1027 "nickname" => ^user_nickname
1031 ] = Pleroma.ModerationLog |> Repo.all()
1034 test "it doesn't limit admins", %{conn: conn} do
1035 admin = insert(:user, is_admin: true)
1036 token = insert(:oauth_admin_token, user: admin)
1037 user = insert(:user)
1041 |> assign(:user, admin)
1042 |> assign(:token, token)
1043 |> post("/api/pleroma/admin/backups", %{nickname: user.nickname})
1044 |> json_response(200)
1046 assert [_backup] = Repo.all(Pleroma.User.Backup)
1050 |> assign(:user, admin)
1051 |> assign(:token, token)
1052 |> post("/api/pleroma/admin/backups", %{nickname: user.nickname})
1053 |> json_response(200)
1055 assert Repo.aggregate(Pleroma.User.Backup, :count) == 2
1060 # Needed for testing
1061 defmodule Pleroma.Web.Endpoint.NotReal do
1064 defmodule Pleroma.Captcha.NotReal do