1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.UserControllerTest do
6 use Pleroma.Web.ConnCase
7 use Oban.Testing, repo: Pleroma.Repo
10 import Pleroma.Factory
13 alias Pleroma.ModerationLog
15 alias Pleroma.Tests.ObanHelpers
17 alias Pleroma.Web.ActivityPub.Relay
18 alias Pleroma.Web.CommonAPI
19 alias Pleroma.Web.Endpoint
20 alias Pleroma.Web.MediaProxy
23 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
29 admin = insert(:user, is_admin: true)
30 token = insert(:oauth_admin_token, user: admin)
34 |> assign(:user, admin)
35 |> assign(:token, token)
37 {:ok, %{admin: admin, token: token, conn: conn}}
40 test "with valid `admin_token` query parameter, skips OAuth scopes check" do
41 clear_config([:admin_token], "password123")
45 conn = get(build_conn(), "/api/pleroma/admin/users/#{user.nickname}?admin_token=password123")
47 assert json_response_and_validate_schema(conn, 200)
50 test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
53 url = "/api/pleroma/admin/users/#{user.nickname}"
55 good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
56 good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
57 good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
59 bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
60 bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
63 for good_token <- [good_token1, good_token2, good_token3] do
66 |> assign(:user, admin)
67 |> assign(:token, good_token)
70 assert json_response_and_validate_schema(conn, 200)
73 for good_token <- [good_token1, good_token2, good_token3] do
77 |> assign(:token, good_token)
80 assert json_response(conn, :forbidden)
83 for bad_token <- [bad_token1, bad_token2, bad_token3] do
86 |> assign(:user, admin)
87 |> assign(:token, bad_token)
90 assert json_response_and_validate_schema(conn, :forbidden)
94 describe "DELETE /api/pleroma/admin/users" do
95 test "single user", %{admin: admin, conn: conn} do
96 clear_config([:instance, :federating], true)
100 avatar: %{"url" => [%{"href" => "https://someurl"}]},
101 banner: %{"url" => [%{"href" => "https://somebanner"}]},
106 # Create some activities to check they got deleted later
107 follower = insert(:user)
108 {:ok, _} = CommonAPI.post(user, %{status: "test"})
109 {:ok, _, _, _} = CommonAPI.follow(user, follower)
110 {:ok, _, _, _} = CommonAPI.follow(follower, user)
111 user = Repo.get(User, user.id)
112 assert user.note_count == 1
113 assert user.follower_count == 1
114 assert user.following_count == 1
115 assert user.is_active
117 with_mock Pleroma.Web.Federator,
118 publish: fn _ -> nil end,
119 perform: fn _, _ -> nil end do
122 |> put_req_header("accept", "application/json")
123 |> delete("/api/pleroma/admin/users?nickname=#{user.nickname}")
125 ObanHelpers.perform_all()
127 refute User.get_by_nickname(user.nickname).is_active
129 log_entry = Repo.one(ModerationLog)
131 assert ModerationLog.get_log_entry_message(log_entry) ==
132 "@#{admin.nickname} deleted users: @#{user.nickname}"
134 assert json_response_and_validate_schema(conn, 200) == [user.nickname]
136 user = Repo.get(User, user.id)
137 refute user.is_active
139 assert user.avatar == %{}
140 assert user.banner == %{}
141 assert user.note_count == 0
142 assert user.follower_count == 0
143 assert user.following_count == 0
144 assert user.bio == ""
145 assert user.name == nil
147 assert called(Pleroma.Web.Federator.publish(:_))
151 test "multiple users", %{admin: admin, conn: conn} do
152 user_one = insert(:user)
153 user_two = insert(:user)
157 |> put_req_header("accept", "application/json")
158 |> put_req_header("content-type", "application/json")
159 |> delete("/api/pleroma/admin/users", %{
160 nicknames: [user_one.nickname, user_two.nickname]
162 |> json_response_and_validate_schema(200)
164 log_entry = Repo.one(ModerationLog)
166 assert ModerationLog.get_log_entry_message(log_entry) ==
167 "@#{admin.nickname} deleted users: @#{user_one.nickname}, @#{user_two.nickname}"
169 assert response -- [user_one.nickname, user_two.nickname] == []
173 describe "/api/pleroma/admin/users" do
174 test "Create", %{conn: conn} do
177 |> put_req_header("accept", "application/json")
178 |> put_req_header("content-type", "application/json")
179 |> post("/api/pleroma/admin/users", %{
182 "nickname" => "lain",
183 "email" => "lain@example.org",
187 "nickname" => "lain2",
188 "email" => "lain2@example.org",
193 |> json_response_and_validate_schema(200)
194 |> Enum.map(&Map.get(&1, "type"))
196 assert response == ["success", "success"]
198 log_entry = Repo.one(ModerationLog)
200 assert ["lain", "lain2"] -- Enum.map(log_entry.data["subjects"], & &1["nickname"]) == []
203 test "Cannot create user with existing email", %{conn: conn} do
208 |> put_req_header("accept", "application/json")
209 |> put_req_header("content-type", "application/json")
210 |> post("/api/pleroma/admin/users", %{
213 "nickname" => "lain",
214 "email" => user.email,
220 assert json_response_and_validate_schema(conn, 409) == [
224 "email" => user.email,
227 "error" => "email has already been taken",
233 test "Cannot create user with existing nickname", %{conn: conn} do
238 |> put_req_header("accept", "application/json")
239 |> put_req_header("content-type", "application/json")
240 |> post("/api/pleroma/admin/users", %{
243 "nickname" => user.nickname,
244 "email" => "someuser@plerama.social",
250 assert json_response_and_validate_schema(conn, 409) == [
254 "email" => "someuser@plerama.social",
255 "nickname" => user.nickname
257 "error" => "nickname has already been taken",
263 test "Multiple user creation works in transaction", %{conn: conn} do
268 |> put_req_header("accept", "application/json")
269 |> put_req_header("content-type", "application/json")
270 |> post("/api/pleroma/admin/users", %{
273 "nickname" => "newuser",
274 "email" => "newuser@pleroma.social",
278 "nickname" => "lain",
279 "email" => user.email,
285 assert json_response_and_validate_schema(conn, 409) == [
289 "email" => user.email,
292 "error" => "email has already been taken",
298 "email" => "newuser@pleroma.social",
299 "nickname" => "newuser"
306 assert User.get_by_nickname("newuser") === nil
310 describe "/api/pleroma/admin/users/:nickname" do
311 test "Show", %{conn: conn} do
314 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
316 assert user_response(user) == json_response_and_validate_schema(conn, 200)
319 test "when the user doesn't exist", %{conn: conn} do
322 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
324 assert %{"error" => "Not found"} == json_response_and_validate_schema(conn, 404)
328 describe "/api/pleroma/admin/users/follow" do
329 test "allows to force-follow another user", %{admin: admin, conn: conn} do
331 follower = insert(:user)
334 |> put_req_header("accept", "application/json")
335 |> put_req_header("content-type", "application/json")
336 |> post("/api/pleroma/admin/users/follow", %{
337 "follower" => follower.nickname,
338 "followed" => user.nickname
341 user = User.get_cached_by_id(user.id)
342 follower = User.get_cached_by_id(follower.id)
344 assert User.following?(follower, user)
346 log_entry = Repo.one(ModerationLog)
348 assert ModerationLog.get_log_entry_message(log_entry) ==
349 "@#{admin.nickname} made @#{follower.nickname} follow @#{user.nickname}"
353 describe "/api/pleroma/admin/users/unfollow" do
354 test "allows to force-unfollow another user", %{admin: admin, conn: conn} do
356 follower = insert(:user)
358 User.follow(follower, user)
361 |> put_req_header("accept", "application/json")
362 |> put_req_header("content-type", "application/json")
363 |> post("/api/pleroma/admin/users/unfollow", %{
364 "follower" => follower.nickname,
365 "followed" => user.nickname
368 user = User.get_cached_by_id(user.id)
369 follower = User.get_cached_by_id(follower.id)
371 refute User.following?(follower, user)
373 log_entry = Repo.one(ModerationLog)
375 assert ModerationLog.get_log_entry_message(log_entry) ==
376 "@#{admin.nickname} made @#{follower.nickname} unfollow @#{user.nickname}"
380 describe "GET /api/pleroma/admin/users" do
381 test "renders users array for the first page", %{conn: conn, admin: admin} do
382 user = insert(:user, local: false, tags: ["foo", "bar"])
383 user2 = insert(:user, is_approved: false, registration_reason: "I'm a chill dude")
385 conn = get(conn, "/api/pleroma/admin/users?page=1")
392 "is_approved" => false,
393 "registration_reason" => "I'm a chill dude",
394 "actor_type" => "Person"
397 user_response(user, %{"local" => false, "tags" => ["foo", "bar"]}),
400 %{"roles" => %{"admin" => true, "moderator" => false}}
404 assert json_response_and_validate_schema(conn, 200) == %{
411 test "pagination works correctly with service users", %{conn: conn} do
412 service1 = User.get_or_create_service_actor_by_ap_id(Endpoint.url() <> "/meido", "meido")
414 insert_list(25, :user)
416 assert %{"count" => 26, "page_size" => 10, "users" => users1} =
418 |> get("/api/pleroma/admin/users?page=1&filters=", %{page_size: "10"})
419 |> json_response_and_validate_schema(200)
421 assert Enum.count(users1) == 10
422 assert service1 not in users1
424 assert %{"count" => 26, "page_size" => 10, "users" => users2} =
426 |> get("/api/pleroma/admin/users?page=2&filters=", %{page_size: "10"})
427 |> json_response_and_validate_schema(200)
429 assert Enum.count(users2) == 10
430 assert service1 not in users2
432 assert %{"count" => 26, "page_size" => 10, "users" => users3} =
434 |> get("/api/pleroma/admin/users?page=3&filters=", %{page_size: "10"})
435 |> json_response_and_validate_schema(200)
437 assert Enum.count(users3) == 6
438 assert service1 not in users3
441 test "renders empty array for the second page", %{conn: conn} do
444 conn = get(conn, "/api/pleroma/admin/users?page=2")
446 assert json_response_and_validate_schema(conn, 200) == %{
453 test "regular search", %{conn: conn} do
454 user = insert(:user, nickname: "bob")
456 conn = get(conn, "/api/pleroma/admin/users?query=bo")
458 assert json_response_and_validate_schema(conn, 200) == %{
461 "users" => [user_response(user, %{"local" => true})]
465 test "search by domain", %{conn: conn} do
466 user = insert(:user, nickname: "nickname@domain.com")
469 conn = get(conn, "/api/pleroma/admin/users?query=domain.com")
471 assert json_response_and_validate_schema(conn, 200) == %{
474 "users" => [user_response(user)]
478 test "search by full nickname", %{conn: conn} do
479 user = insert(:user, nickname: "nickname@domain.com")
482 conn = get(conn, "/api/pleroma/admin/users?query=nickname@domain.com")
484 assert json_response_and_validate_schema(conn, 200) == %{
487 "users" => [user_response(user)]
491 test "search by display name", %{conn: conn} do
492 user = insert(:user, name: "Display name")
495 conn = get(conn, "/api/pleroma/admin/users?name=display")
497 assert json_response_and_validate_schema(conn, 200) == %{
500 "users" => [user_response(user)]
504 test "search by email", %{conn: conn} do
505 user = insert(:user, email: "email@example.com")
508 conn = get(conn, "/api/pleroma/admin/users?email=email@example.com")
510 assert json_response_and_validate_schema(conn, 200) == %{
513 "users" => [user_response(user)]
517 test "regular search with page size", %{conn: conn} do
518 user = insert(:user, nickname: "aalice")
519 user2 = insert(:user, nickname: "alice")
521 conn1 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=1")
523 assert json_response_and_validate_schema(conn1, 200) == %{
526 "users" => [user_response(user2)]
529 conn2 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=2")
531 assert json_response_and_validate_schema(conn2, 200) == %{
534 "users" => [user_response(user)]
538 test "only local users" do
539 admin = insert(:user, is_admin: true, nickname: "john")
540 token = insert(:oauth_admin_token, user: admin)
541 user = insert(:user, nickname: "bob")
543 insert(:user, nickname: "bobb", local: false)
547 |> assign(:user, admin)
548 |> assign(:token, token)
549 |> get("/api/pleroma/admin/users?query=bo&filters=local")
551 assert json_response_and_validate_schema(conn, 200) == %{
554 "users" => [user_response(user)]
558 test "only local users with no query", %{conn: conn, admin: old_admin} do
559 admin = insert(:user, is_admin: true, nickname: "john")
560 user = insert(:user, nickname: "bob")
562 insert(:user, nickname: "bobb", local: false)
564 conn = get(conn, "/api/pleroma/admin/users?filters=local")
568 user_response(admin, %{
569 "roles" => %{"admin" => true, "moderator" => false}
571 user_response(old_admin, %{
573 "roles" => %{"admin" => true, "moderator" => false}
577 assert json_response_and_validate_schema(conn, 200) == %{
584 test "only unconfirmed users", %{conn: conn} do
585 sad_user = insert(:user, nickname: "sadboy", is_confirmed: false)
586 old_user = insert(:user, nickname: "oldboy", is_confirmed: false)
588 insert(:user, nickname: "happyboy", is_approved: true)
589 insert(:user, is_confirmed: true)
593 |> get("/api/pleroma/admin/users?filters=unconfirmed")
594 |> json_response_and_validate_schema(200)
597 Enum.map([old_user, sad_user], fn user ->
598 user_response(user, %{
599 "is_confirmed" => false,
600 "is_approved" => true
604 assert result == %{"count" => 2, "page_size" => 50, "users" => users}
607 test "only unapproved users", %{conn: conn} do
612 registration_reason: "Plz let me in!"
615 insert(:user, nickname: "happyboy", is_approved: true)
617 conn = get(conn, "/api/pleroma/admin/users?filters=need_approval")
622 %{"is_approved" => false, "registration_reason" => "Plz let me in!"}
626 assert json_response_and_validate_schema(conn, 200) == %{
633 test "load only admins", %{conn: conn, admin: admin} do
634 second_admin = insert(:user, is_admin: true)
638 conn = get(conn, "/api/pleroma/admin/users?filters=is_admin")
641 user_response(second_admin, %{
643 "roles" => %{"admin" => true, "moderator" => false}
645 user_response(admin, %{
647 "roles" => %{"admin" => true, "moderator" => false}
651 assert json_response_and_validate_schema(conn, 200) == %{
658 test "load only moderators", %{conn: conn} do
659 moderator = insert(:user, is_moderator: true)
663 conn = get(conn, "/api/pleroma/admin/users?filters=is_moderator")
665 assert json_response_and_validate_schema(conn, 200) == %{
669 user_response(moderator, %{
671 "roles" => %{"admin" => false, "moderator" => true}
677 test "load users with actor_type is Person", %{admin: admin, conn: conn} do
678 insert(:user, actor_type: "Service")
679 insert(:user, actor_type: "Application")
681 user1 = insert(:user)
682 user2 = insert(:user)
686 |> get(user_path(conn, :index), %{actor_types: ["Person"]})
687 |> json_response_and_validate_schema(200)
690 user_response(user2),
691 user_response(user1),
692 user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}})
695 assert response == %{"count" => 3, "page_size" => 50, "users" => users}
698 test "load users with actor_type is Person and Service", %{admin: admin, conn: conn} do
699 user_service = insert(:user, actor_type: "Service")
700 insert(:user, actor_type: "Application")
702 user1 = insert(:user)
703 user2 = insert(:user)
707 |> get(user_path(conn, :index), %{actor_types: ["Person", "Service"]})
708 |> json_response_and_validate_schema(200)
711 user_response(user2),
712 user_response(user1),
713 user_response(user_service, %{"actor_type" => "Service"}),
714 user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}})
717 assert response == %{"count" => 4, "page_size" => 50, "users" => users}
720 test "load users with actor_type is Service", %{conn: conn} do
721 user_service = insert(:user, actor_type: "Service")
722 insert(:user, actor_type: "Application")
728 |> get(user_path(conn, :index), %{actor_types: ["Service"]})
729 |> json_response_and_validate_schema(200)
731 users = [user_response(user_service, %{"actor_type" => "Service"})]
733 assert response == %{"count" => 1, "page_size" => 50, "users" => users}
736 test "load users with tags list", %{conn: conn} do
737 user1 = insert(:user, tags: ["first"])
738 user2 = insert(:user, tags: ["second"])
742 conn = get(conn, "/api/pleroma/admin/users?tags[]=first&tags[]=second")
745 user_response(user2, %{"tags" => ["second"]}),
746 user_response(user1, %{"tags" => ["first"]})
749 assert json_response_and_validate_schema(conn, 200) == %{
756 test "`active` filters out users pending approval", %{token: token} do
757 insert(:user, is_approved: false)
758 %{id: user_id} = insert(:user, is_approved: true)
759 %{id: admin_id} = token.user
763 |> assign(:user, token.user)
764 |> assign(:token, token)
765 |> get("/api/pleroma/admin/users?filters=active")
774 } = json_response_and_validate_schema(conn, 200)
777 test "it works with multiple filters" do
778 admin = insert(:user, nickname: "john", is_admin: true)
779 token = insert(:oauth_admin_token, user: admin)
780 user = insert(:user, nickname: "bob", local: false, is_active: false)
782 insert(:user, nickname: "ken", local: true, is_active: false)
783 insert(:user, nickname: "bobb", local: false, is_active: true)
787 |> assign(:user, admin)
788 |> assign(:token, token)
789 |> get("/api/pleroma/admin/users?filters=deactivated,external")
791 assert json_response_and_validate_schema(conn, 200) == %{
794 "users" => [user_response(user)]
798 test "it omits relay user", %{admin: admin, conn: conn} do
799 assert %User{} = Relay.get_actor()
801 conn = get(conn, "/api/pleroma/admin/users")
803 assert json_response_and_validate_schema(conn, 200) == %{
807 user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}})
813 test "PATCH /api/pleroma/admin/users/activate", %{admin: admin, conn: conn} do
814 user_one = insert(:user, is_active: false)
815 user_two = insert(:user, is_active: false)
819 |> put_req_header("content-type", "application/json")
821 "/api/pleroma/admin/users/activate",
822 %{nicknames: [user_one.nickname, user_two.nickname]}
825 response = json_response_and_validate_schema(conn, 200)
826 assert Enum.map(response["users"], & &1["is_active"]) == [true, true]
828 log_entry = Repo.one(ModerationLog)
830 assert ModerationLog.get_log_entry_message(log_entry) ==
831 "@#{admin.nickname} activated users: @#{user_one.nickname}, @#{user_two.nickname}"
834 test "PATCH /api/pleroma/admin/users/deactivate", %{admin: admin, conn: conn} do
835 user_one = insert(:user, is_active: true)
836 user_two = insert(:user, is_active: true)
840 |> put_req_header("content-type", "application/json")
842 "/api/pleroma/admin/users/deactivate",
843 %{nicknames: [user_one.nickname, user_two.nickname]}
846 response = json_response_and_validate_schema(conn, 200)
847 assert Enum.map(response["users"], & &1["is_active"]) == [false, false]
849 log_entry = Repo.one(ModerationLog)
851 assert ModerationLog.get_log_entry_message(log_entry) ==
852 "@#{admin.nickname} deactivated users: @#{user_one.nickname}, @#{user_two.nickname}"
855 test "PATCH /api/pleroma/admin/users/approve", %{admin: admin, conn: conn} do
856 user_one = insert(:user, is_approved: false)
857 user_two = insert(:user, is_approved: false)
861 |> put_req_header("content-type", "application/json")
863 "/api/pleroma/admin/users/approve",
864 %{nicknames: [user_one.nickname, user_two.nickname]}
867 response = json_response_and_validate_schema(conn, 200)
868 assert Enum.map(response["users"], & &1["is_approved"]) == [true, true]
870 log_entry = Repo.one(ModerationLog)
872 assert ModerationLog.get_log_entry_message(log_entry) ==
873 "@#{admin.nickname} approved users: @#{user_one.nickname}, @#{user_two.nickname}"
876 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation", %{admin: admin, conn: conn} do
881 |> put_req_header("content-type", "application/json")
882 |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
884 assert json_response_and_validate_schema(conn, 200) ==
887 %{"is_active" => !user.is_active}
890 log_entry = Repo.one(ModerationLog)
892 assert ModerationLog.get_log_entry_message(log_entry) ==
893 "@#{admin.nickname} deactivated users: @#{user.nickname}"
896 defp user_response(user, attrs \\ %{}) do
898 "is_active" => user.is_active,
900 "email" => user.email,
901 "nickname" => user.nickname,
902 "roles" => %{"admin" => false, "moderator" => false},
903 "local" => user.local,
905 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
906 "display_name" => HTML.strip_tags(user.name || user.nickname),
907 "is_confirmed" => true,
908 "is_approved" => true,
910 "registration_reason" => nil,
911 "actor_type" => "Person",
912 "created_at" => CommonAPI.Utils.to_masto_date(user.inserted_at)