1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
6 use Pleroma.Web.ConnCase
7 use Oban.Testing, repo: Pleroma.Repo
9 import ExUnit.CaptureLog
11 import Pleroma.Factory
12 import Swoosh.TestAssertions
14 alias Pleroma.Activity
18 alias Pleroma.ModerationLog
20 alias Pleroma.Tests.ObanHelpers
23 alias Pleroma.Web.ActivityPub.Relay
24 alias Pleroma.Web.CommonAPI
25 alias Pleroma.Web.MediaProxy
28 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
34 admin = insert(:user, is_admin: true)
35 token = insert(:oauth_admin_token, user: admin)
39 |> assign(:user, admin)
40 |> assign(:token, token)
42 {:ok, %{admin: admin, token: token, conn: conn}}
45 test "with valid `admin_token` query parameter, skips OAuth scopes check" do
46 clear_config([:admin_token], "password123")
50 conn = get(build_conn(), "/api/pleroma/admin/users/#{user.nickname}?admin_token=password123")
52 assert json_response(conn, 200)
55 describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
56 setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
58 test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
61 url = "/api/pleroma/admin/users/#{user.nickname}"
63 good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
64 good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
65 good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
67 bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
68 bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
71 for good_token <- [good_token1, good_token2, good_token3] do
74 |> assign(:user, admin)
75 |> assign(:token, good_token)
78 assert json_response(conn, 200)
81 for good_token <- [good_token1, good_token2, good_token3] do
85 |> assign(:token, good_token)
88 assert json_response(conn, :forbidden)
91 for bad_token <- [bad_token1, bad_token2, bad_token3] do
94 |> assign(:user, admin)
95 |> assign(:token, bad_token)
98 assert json_response(conn, :forbidden)
103 describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do
104 setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
106 test "GET /api/pleroma/admin/users/:nickname requires " <>
107 "read:accounts or admin:read:accounts or broader scope",
110 url = "/api/pleroma/admin/users/#{user.nickname}"
112 good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
113 good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
114 good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
115 good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
116 good_token5 = insert(:oauth_token, user: admin, scopes: ["read"])
118 good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5]
120 bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"])
121 bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
124 for good_token <- good_tokens do
127 |> assign(:user, admin)
128 |> assign(:token, good_token)
131 assert json_response(conn, 200)
134 for good_token <- good_tokens do
137 |> assign(:user, nil)
138 |> assign(:token, good_token)
141 assert json_response(conn, :forbidden)
144 for bad_token <- [bad_token1, bad_token2, bad_token3] do
147 |> assign(:user, admin)
148 |> assign(:token, bad_token)
151 assert json_response(conn, :forbidden)
156 describe "DELETE /api/pleroma/admin/users" do
157 test "single user", %{admin: admin, conn: conn} do
159 clear_config([:instance, :federating], true)
161 with_mock Pleroma.Web.Federator,
162 publish: fn _ -> nil end do
165 |> put_req_header("accept", "application/json")
166 |> delete("/api/pleroma/admin/users?nickname=#{user.nickname}")
168 ObanHelpers.perform_all()
170 assert User.get_by_nickname(user.nickname).deactivated
172 log_entry = Repo.one(ModerationLog)
174 assert ModerationLog.get_log_entry_message(log_entry) ==
175 "@#{admin.nickname} deleted users: @#{user.nickname}"
177 assert json_response(conn, 200) == [user.nickname]
179 assert called(Pleroma.Web.Federator.publish(:_))
183 test "multiple users", %{admin: admin, conn: conn} do
184 user_one = insert(:user)
185 user_two = insert(:user)
189 |> put_req_header("accept", "application/json")
190 |> delete("/api/pleroma/admin/users", %{
191 nicknames: [user_one.nickname, user_two.nickname]
194 log_entry = Repo.one(ModerationLog)
196 assert ModerationLog.get_log_entry_message(log_entry) ==
197 "@#{admin.nickname} deleted users: @#{user_one.nickname}, @#{user_two.nickname}"
199 response = json_response(conn, 200)
200 assert response -- [user_one.nickname, user_two.nickname] == []
204 describe "/api/pleroma/admin/users" do
205 test "Create", %{conn: conn} do
208 |> put_req_header("accept", "application/json")
209 |> post("/api/pleroma/admin/users", %{
212 "nickname" => "lain",
213 "email" => "lain@example.org",
217 "nickname" => "lain2",
218 "email" => "lain2@example.org",
224 response = json_response(conn, 200) |> Enum.map(&Map.get(&1, "type"))
225 assert response == ["success", "success"]
227 log_entry = Repo.one(ModerationLog)
229 assert ["lain", "lain2"] -- Enum.map(log_entry.data["subjects"], & &1["nickname"]) == []
232 test "Cannot create user with existing email", %{conn: conn} do
237 |> put_req_header("accept", "application/json")
238 |> post("/api/pleroma/admin/users", %{
241 "nickname" => "lain",
242 "email" => user.email,
248 assert json_response(conn, 409) == [
252 "email" => user.email,
255 "error" => "email has already been taken",
261 test "Cannot create user with existing nickname", %{conn: conn} do
266 |> put_req_header("accept", "application/json")
267 |> post("/api/pleroma/admin/users", %{
270 "nickname" => user.nickname,
271 "email" => "someuser@plerama.social",
277 assert json_response(conn, 409) == [
281 "email" => "someuser@plerama.social",
282 "nickname" => user.nickname
284 "error" => "nickname has already been taken",
290 test "Multiple user creation works in transaction", %{conn: conn} do
295 |> put_req_header("accept", "application/json")
296 |> post("/api/pleroma/admin/users", %{
299 "nickname" => "newuser",
300 "email" => "newuser@pleroma.social",
304 "nickname" => "lain",
305 "email" => user.email,
311 assert json_response(conn, 409) == [
315 "email" => user.email,
318 "error" => "email has already been taken",
324 "email" => "newuser@pleroma.social",
325 "nickname" => "newuser"
332 assert User.get_by_nickname("newuser") === nil
336 describe "/api/pleroma/admin/users/:nickname" do
337 test "Show", %{conn: conn} do
340 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
343 "deactivated" => false,
344 "id" => to_string(user.id),
346 "nickname" => user.nickname,
347 "roles" => %{"admin" => false, "moderator" => false},
349 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
350 "display_name" => HTML.strip_tags(user.name || user.nickname),
351 "confirmation_pending" => false,
355 assert expected == json_response(conn, 200)
358 test "when the user doesn't exist", %{conn: conn} do
361 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
363 assert %{"error" => "Not found"} == json_response(conn, 404)
367 describe "/api/pleroma/admin/users/follow" do
368 test "allows to force-follow another user", %{admin: admin, conn: conn} do
370 follower = insert(:user)
373 |> put_req_header("accept", "application/json")
374 |> post("/api/pleroma/admin/users/follow", %{
375 "follower" => follower.nickname,
376 "followed" => user.nickname
379 user = User.get_cached_by_id(user.id)
380 follower = User.get_cached_by_id(follower.id)
382 assert User.following?(follower, user)
384 log_entry = Repo.one(ModerationLog)
386 assert ModerationLog.get_log_entry_message(log_entry) ==
387 "@#{admin.nickname} made @#{follower.nickname} follow @#{user.nickname}"
391 describe "/api/pleroma/admin/users/unfollow" do
392 test "allows to force-unfollow another user", %{admin: admin, conn: conn} do
394 follower = insert(:user)
396 User.follow(follower, user)
399 |> put_req_header("accept", "application/json")
400 |> post("/api/pleroma/admin/users/unfollow", %{
401 "follower" => follower.nickname,
402 "followed" => user.nickname
405 user = User.get_cached_by_id(user.id)
406 follower = User.get_cached_by_id(follower.id)
408 refute User.following?(follower, user)
410 log_entry = Repo.one(ModerationLog)
412 assert ModerationLog.get_log_entry_message(log_entry) ==
413 "@#{admin.nickname} made @#{follower.nickname} unfollow @#{user.nickname}"
417 describe "PUT /api/pleroma/admin/users/tag" do
418 setup %{conn: conn} do
419 user1 = insert(:user, %{tags: ["x"]})
420 user2 = insert(:user, %{tags: ["y"]})
421 user3 = insert(:user, %{tags: ["unchanged"]})
425 |> put_req_header("accept", "application/json")
427 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
428 "#{user2.nickname}&tags[]=foo&tags[]=bar"
431 %{conn: conn, user1: user1, user2: user2, user3: user3}
434 test "it appends specified tags to users with specified nicknames", %{
440 assert json_response(conn, :no_content)
441 assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"]
442 assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"]
444 log_entry = Repo.one(ModerationLog)
447 [user1.nickname, user2.nickname]
448 |> Enum.map(&"@#{&1}")
451 tags = ["foo", "bar"] |> Enum.join(", ")
453 assert ModerationLog.get_log_entry_message(log_entry) ==
454 "@#{admin.nickname} added tags: #{tags} to users: #{users}"
457 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
458 assert json_response(conn, :no_content)
459 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
463 describe "DELETE /api/pleroma/admin/users/tag" do
464 setup %{conn: conn} do
465 user1 = insert(:user, %{tags: ["x"]})
466 user2 = insert(:user, %{tags: ["y", "z"]})
467 user3 = insert(:user, %{tags: ["unchanged"]})
471 |> put_req_header("accept", "application/json")
473 "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
474 "#{user2.nickname}&tags[]=x&tags[]=z"
477 %{conn: conn, user1: user1, user2: user2, user3: user3}
480 test "it removes specified tags from users with specified nicknames", %{
486 assert json_response(conn, :no_content)
487 assert User.get_cached_by_id(user1.id).tags == []
488 assert User.get_cached_by_id(user2.id).tags == ["y"]
490 log_entry = Repo.one(ModerationLog)
493 [user1.nickname, user2.nickname]
494 |> Enum.map(&"@#{&1}")
497 tags = ["x", "z"] |> Enum.join(", ")
499 assert ModerationLog.get_log_entry_message(log_entry) ==
500 "@#{admin.nickname} removed tags: #{tags} from users: #{users}"
503 test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
504 assert json_response(conn, :no_content)
505 assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
509 describe "/api/pleroma/admin/users/:nickname/permission_group" do
510 test "GET is giving user_info", %{admin: admin, conn: conn} do
513 |> put_req_header("accept", "application/json")
514 |> get("/api/pleroma/admin/users/#{admin.nickname}/permission_group/")
516 assert json_response(conn, 200) == %{
518 "is_moderator" => false
522 test "/:right POST, can add to a permission group", %{admin: admin, conn: conn} do
527 |> put_req_header("accept", "application/json")
528 |> post("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
530 assert json_response(conn, 200) == %{
534 log_entry = Repo.one(ModerationLog)
536 assert ModerationLog.get_log_entry_message(log_entry) ==
537 "@#{admin.nickname} made @#{user.nickname} admin"
540 test "/:right POST, can add to a permission group (multiple)", %{admin: admin, conn: conn} do
541 user_one = insert(:user)
542 user_two = insert(:user)
546 |> put_req_header("accept", "application/json")
547 |> post("/api/pleroma/admin/users/permission_group/admin", %{
548 nicknames: [user_one.nickname, user_two.nickname]
551 assert json_response(conn, 200) == %{"is_admin" => true}
553 log_entry = Repo.one(ModerationLog)
555 assert ModerationLog.get_log_entry_message(log_entry) ==
556 "@#{admin.nickname} made @#{user_one.nickname}, @#{user_two.nickname} admin"
559 test "/:right DELETE, can remove from a permission group", %{admin: admin, conn: conn} do
560 user = insert(:user, is_admin: true)
564 |> put_req_header("accept", "application/json")
565 |> delete("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
567 assert json_response(conn, 200) == %{"is_admin" => false}
569 log_entry = Repo.one(ModerationLog)
571 assert ModerationLog.get_log_entry_message(log_entry) ==
572 "@#{admin.nickname} revoked admin role from @#{user.nickname}"
575 test "/:right DELETE, can remove from a permission group (multiple)", %{
579 user_one = insert(:user, is_admin: true)
580 user_two = insert(:user, is_admin: true)
584 |> put_req_header("accept", "application/json")
585 |> delete("/api/pleroma/admin/users/permission_group/admin", %{
586 nicknames: [user_one.nickname, user_two.nickname]
589 assert json_response(conn, 200) == %{"is_admin" => false}
591 log_entry = Repo.one(ModerationLog)
593 assert ModerationLog.get_log_entry_message(log_entry) ==
594 "@#{admin.nickname} revoked admin role from @#{user_one.nickname}, @#{
600 test "/api/pleroma/admin/users/:nickname/password_reset", %{conn: conn} do
605 |> put_req_header("accept", "application/json")
606 |> get("/api/pleroma/admin/users/#{user.nickname}/password_reset")
608 resp = json_response(conn, 200)
610 assert Regex.match?(~r/(http:\/\/|https:\/\/)/, resp["link"])
613 describe "GET /api/pleroma/admin/users" do
614 test "renders users array for the first page", %{conn: conn, admin: admin} do
615 user = insert(:user, local: false, tags: ["foo", "bar"])
616 conn = get(conn, "/api/pleroma/admin/users?page=1")
621 "deactivated" => admin.deactivated,
623 "nickname" => admin.nickname,
624 "roles" => %{"admin" => true, "moderator" => false},
627 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
628 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
629 "confirmation_pending" => false,
633 "deactivated" => user.deactivated,
635 "nickname" => user.nickname,
636 "roles" => %{"admin" => false, "moderator" => false},
638 "tags" => ["foo", "bar"],
639 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
640 "display_name" => HTML.strip_tags(user.name || user.nickname),
641 "confirmation_pending" => false,
645 |> Enum.sort_by(& &1["nickname"])
647 assert json_response(conn, 200) == %{
654 test "pagination works correctly with service users", %{conn: conn} do
655 service1 = User.get_or_create_service_actor_by_ap_id(Web.base_url() <> "/meido", "meido")
657 insert_list(25, :user)
659 assert %{"count" => 26, "page_size" => 10, "users" => users1} =
661 |> get("/api/pleroma/admin/users?page=1&filters=", %{page_size: "10"})
662 |> json_response(200)
664 assert Enum.count(users1) == 10
665 assert service1 not in users1
667 assert %{"count" => 26, "page_size" => 10, "users" => users2} =
669 |> get("/api/pleroma/admin/users?page=2&filters=", %{page_size: "10"})
670 |> json_response(200)
672 assert Enum.count(users2) == 10
673 assert service1 not in users2
675 assert %{"count" => 26, "page_size" => 10, "users" => users3} =
677 |> get("/api/pleroma/admin/users?page=3&filters=", %{page_size: "10"})
678 |> json_response(200)
680 assert Enum.count(users3) == 6
681 assert service1 not in users3
684 test "renders empty array for the second page", %{conn: conn} do
687 conn = get(conn, "/api/pleroma/admin/users?page=2")
689 assert json_response(conn, 200) == %{
696 test "regular search", %{conn: conn} do
697 user = insert(:user, nickname: "bob")
699 conn = get(conn, "/api/pleroma/admin/users?query=bo")
701 assert json_response(conn, 200) == %{
706 "deactivated" => user.deactivated,
708 "nickname" => user.nickname,
709 "roles" => %{"admin" => false, "moderator" => false},
712 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
713 "display_name" => HTML.strip_tags(user.name || user.nickname),
714 "confirmation_pending" => false,
721 test "search by domain", %{conn: conn} do
722 user = insert(:user, nickname: "nickname@domain.com")
725 conn = get(conn, "/api/pleroma/admin/users?query=domain.com")
727 assert json_response(conn, 200) == %{
732 "deactivated" => user.deactivated,
734 "nickname" => user.nickname,
735 "roles" => %{"admin" => false, "moderator" => false},
738 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
739 "display_name" => HTML.strip_tags(user.name || user.nickname),
740 "confirmation_pending" => false,
747 test "search by full nickname", %{conn: conn} do
748 user = insert(:user, nickname: "nickname@domain.com")
751 conn = get(conn, "/api/pleroma/admin/users?query=nickname@domain.com")
753 assert json_response(conn, 200) == %{
758 "deactivated" => user.deactivated,
760 "nickname" => user.nickname,
761 "roles" => %{"admin" => false, "moderator" => false},
764 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
765 "display_name" => HTML.strip_tags(user.name || user.nickname),
766 "confirmation_pending" => false,
773 test "search by display name", %{conn: conn} do
774 user = insert(:user, name: "Display name")
777 conn = get(conn, "/api/pleroma/admin/users?name=display")
779 assert json_response(conn, 200) == %{
784 "deactivated" => user.deactivated,
786 "nickname" => user.nickname,
787 "roles" => %{"admin" => false, "moderator" => false},
790 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
791 "display_name" => HTML.strip_tags(user.name || user.nickname),
792 "confirmation_pending" => false,
799 test "search by email", %{conn: conn} do
800 user = insert(:user, email: "email@example.com")
803 conn = get(conn, "/api/pleroma/admin/users?email=email@example.com")
805 assert json_response(conn, 200) == %{
810 "deactivated" => user.deactivated,
812 "nickname" => user.nickname,
813 "roles" => %{"admin" => false, "moderator" => false},
816 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
817 "display_name" => HTML.strip_tags(user.name || user.nickname),
818 "confirmation_pending" => false,
825 test "regular search with page size", %{conn: conn} do
826 user = insert(:user, nickname: "aalice")
827 user2 = insert(:user, nickname: "alice")
829 conn1 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=1")
831 assert json_response(conn1, 200) == %{
836 "deactivated" => user.deactivated,
838 "nickname" => user.nickname,
839 "roles" => %{"admin" => false, "moderator" => false},
842 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
843 "display_name" => HTML.strip_tags(user.name || user.nickname),
844 "confirmation_pending" => false,
850 conn2 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=2")
852 assert json_response(conn2, 200) == %{
857 "deactivated" => user2.deactivated,
859 "nickname" => user2.nickname,
860 "roles" => %{"admin" => false, "moderator" => false},
863 "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
864 "display_name" => HTML.strip_tags(user2.name || user2.nickname),
865 "confirmation_pending" => false,
872 test "only local users" do
873 admin = insert(:user, is_admin: true, nickname: "john")
874 token = insert(:oauth_admin_token, user: admin)
875 user = insert(:user, nickname: "bob")
877 insert(:user, nickname: "bobb", local: false)
881 |> assign(:user, admin)
882 |> assign(:token, token)
883 |> get("/api/pleroma/admin/users?query=bo&filters=local")
885 assert json_response(conn, 200) == %{
890 "deactivated" => user.deactivated,
892 "nickname" => user.nickname,
893 "roles" => %{"admin" => false, "moderator" => false},
896 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
897 "display_name" => HTML.strip_tags(user.name || user.nickname),
898 "confirmation_pending" => false,
905 test "only local users with no query", %{conn: conn, admin: old_admin} do
906 admin = insert(:user, is_admin: true, nickname: "john")
907 user = insert(:user, nickname: "bob")
909 insert(:user, nickname: "bobb", local: false)
911 conn = get(conn, "/api/pleroma/admin/users?filters=local")
916 "deactivated" => user.deactivated,
918 "nickname" => user.nickname,
919 "roles" => %{"admin" => false, "moderator" => false},
922 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
923 "display_name" => HTML.strip_tags(user.name || user.nickname),
924 "confirmation_pending" => false,
928 "deactivated" => admin.deactivated,
930 "nickname" => admin.nickname,
931 "roles" => %{"admin" => true, "moderator" => false},
934 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
935 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
936 "confirmation_pending" => false,
940 "deactivated" => false,
941 "id" => old_admin.id,
943 "nickname" => old_admin.nickname,
944 "roles" => %{"admin" => true, "moderator" => false},
946 "avatar" => User.avatar_url(old_admin) |> MediaProxy.url(),
947 "display_name" => HTML.strip_tags(old_admin.name || old_admin.nickname),
948 "confirmation_pending" => false,
949 "url" => old_admin.ap_id
952 |> Enum.sort_by(& &1["nickname"])
954 assert json_response(conn, 200) == %{
961 test "load only admins", %{conn: conn, admin: admin} do
962 second_admin = insert(:user, is_admin: true)
966 conn = get(conn, "/api/pleroma/admin/users?filters=is_admin")
971 "deactivated" => false,
973 "nickname" => admin.nickname,
974 "roles" => %{"admin" => true, "moderator" => false},
975 "local" => admin.local,
977 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
978 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
979 "confirmation_pending" => false,
983 "deactivated" => false,
984 "id" => second_admin.id,
985 "nickname" => second_admin.nickname,
986 "roles" => %{"admin" => true, "moderator" => false},
987 "local" => second_admin.local,
989 "avatar" => User.avatar_url(second_admin) |> MediaProxy.url(),
990 "display_name" => HTML.strip_tags(second_admin.name || second_admin.nickname),
991 "confirmation_pending" => false,
992 "url" => second_admin.ap_id
995 |> Enum.sort_by(& &1["nickname"])
997 assert json_response(conn, 200) == %{
1004 test "load only moderators", %{conn: conn} do
1005 moderator = insert(:user, is_moderator: true)
1009 conn = get(conn, "/api/pleroma/admin/users?filters=is_moderator")
1011 assert json_response(conn, 200) == %{
1016 "deactivated" => false,
1017 "id" => moderator.id,
1018 "nickname" => moderator.nickname,
1019 "roles" => %{"admin" => false, "moderator" => true},
1020 "local" => moderator.local,
1022 "avatar" => User.avatar_url(moderator) |> MediaProxy.url(),
1023 "display_name" => HTML.strip_tags(moderator.name || moderator.nickname),
1024 "confirmation_pending" => false,
1025 "url" => moderator.ap_id
1031 test "load users with tags list", %{conn: conn} do
1032 user1 = insert(:user, tags: ["first"])
1033 user2 = insert(:user, tags: ["second"])
1037 conn = get(conn, "/api/pleroma/admin/users?tags[]=first&tags[]=second")
1042 "deactivated" => false,
1044 "nickname" => user1.nickname,
1045 "roles" => %{"admin" => false, "moderator" => false},
1046 "local" => user1.local,
1047 "tags" => ["first"],
1048 "avatar" => User.avatar_url(user1) |> MediaProxy.url(),
1049 "display_name" => HTML.strip_tags(user1.name || user1.nickname),
1050 "confirmation_pending" => false,
1051 "url" => user1.ap_id
1054 "deactivated" => false,
1056 "nickname" => user2.nickname,
1057 "roles" => %{"admin" => false, "moderator" => false},
1058 "local" => user2.local,
1059 "tags" => ["second"],
1060 "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
1061 "display_name" => HTML.strip_tags(user2.name || user2.nickname),
1062 "confirmation_pending" => false,
1063 "url" => user2.ap_id
1066 |> Enum.sort_by(& &1["nickname"])
1068 assert json_response(conn, 200) == %{
1075 test "it works with multiple filters" do
1076 admin = insert(:user, nickname: "john", is_admin: true)
1077 token = insert(:oauth_admin_token, user: admin)
1078 user = insert(:user, nickname: "bob", local: false, deactivated: true)
1080 insert(:user, nickname: "ken", local: true, deactivated: true)
1081 insert(:user, nickname: "bobb", local: false, deactivated: false)
1085 |> assign(:user, admin)
1086 |> assign(:token, token)
1087 |> get("/api/pleroma/admin/users?filters=deactivated,external")
1089 assert json_response(conn, 200) == %{
1094 "deactivated" => user.deactivated,
1096 "nickname" => user.nickname,
1097 "roles" => %{"admin" => false, "moderator" => false},
1098 "local" => user.local,
1100 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
1101 "display_name" => HTML.strip_tags(user.name || user.nickname),
1102 "confirmation_pending" => false,
1109 test "it omits relay user", %{admin: admin, conn: conn} do
1110 assert %User{} = Relay.get_actor()
1112 conn = get(conn, "/api/pleroma/admin/users")
1114 assert json_response(conn, 200) == %{
1119 "deactivated" => admin.deactivated,
1121 "nickname" => admin.nickname,
1122 "roles" => %{"admin" => true, "moderator" => false},
1125 "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
1126 "display_name" => HTML.strip_tags(admin.name || admin.nickname),
1127 "confirmation_pending" => false,
1128 "url" => admin.ap_id
1135 test "PATCH /api/pleroma/admin/users/activate", %{admin: admin, conn: conn} do
1136 user_one = insert(:user, deactivated: true)
1137 user_two = insert(:user, deactivated: true)
1142 "/api/pleroma/admin/users/activate",
1143 %{nicknames: [user_one.nickname, user_two.nickname]}
1146 response = json_response(conn, 200)
1147 assert Enum.map(response["users"], & &1["deactivated"]) == [false, false]
1149 log_entry = Repo.one(ModerationLog)
1151 assert ModerationLog.get_log_entry_message(log_entry) ==
1152 "@#{admin.nickname} activated users: @#{user_one.nickname}, @#{user_two.nickname}"
1155 test "PATCH /api/pleroma/admin/users/deactivate", %{admin: admin, conn: conn} do
1156 user_one = insert(:user, deactivated: false)
1157 user_two = insert(:user, deactivated: false)
1162 "/api/pleroma/admin/users/deactivate",
1163 %{nicknames: [user_one.nickname, user_two.nickname]}
1166 response = json_response(conn, 200)
1167 assert Enum.map(response["users"], & &1["deactivated"]) == [true, true]
1169 log_entry = Repo.one(ModerationLog)
1171 assert ModerationLog.get_log_entry_message(log_entry) ==
1172 "@#{admin.nickname} deactivated users: @#{user_one.nickname}, @#{user_two.nickname}"
1175 test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation", %{admin: admin, conn: conn} do
1176 user = insert(:user)
1178 conn = patch(conn, "/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
1180 assert json_response(conn, 200) ==
1182 "deactivated" => !user.deactivated,
1184 "nickname" => user.nickname,
1185 "roles" => %{"admin" => false, "moderator" => false},
1188 "avatar" => User.avatar_url(user) |> MediaProxy.url(),
1189 "display_name" => HTML.strip_tags(user.name || user.nickname),
1190 "confirmation_pending" => false,
1194 log_entry = Repo.one(ModerationLog)
1196 assert ModerationLog.get_log_entry_message(log_entry) ==
1197 "@#{admin.nickname} deactivated users: @#{user.nickname}"
1200 describe "PUT disable_mfa" do
1201 test "returns 200 and disable 2fa", %{conn: conn} do
1204 multi_factor_authentication_settings: %MFA.Settings{
1206 totp: %MFA.Settings.TOTP{secret: "otp_secret", confirmed: true}
1212 |> put("/api/pleroma/admin/users/disable_mfa", %{nickname: user.nickname})
1213 |> json_response(200)
1215 assert response == user.nickname
1216 mfa_settings = refresh_record(user).multi_factor_authentication_settings
1218 refute mfa_settings.enabled
1219 refute mfa_settings.totp.confirmed
1222 test "returns 404 if user not found", %{conn: conn} do
1225 |> put("/api/pleroma/admin/users/disable_mfa", %{nickname: "nickname"})
1226 |> json_response(404)
1228 assert response == %{"error" => "Not found"}
1232 describe "GET /api/pleroma/admin/restart" do
1233 setup do: clear_config(:configurable_from_database, true)
1235 test "pleroma restarts", %{conn: conn} do
1237 assert conn |> get("/api/pleroma/admin/restart") |> json_response(200) == %{}
1238 end) =~ "pleroma restarted"
1240 refute Restarter.Pleroma.need_reboot?()
1244 test "need_reboot flag", %{conn: conn} do
1246 |> get("/api/pleroma/admin/need_reboot")
1247 |> json_response(200) == %{"need_reboot" => false}
1249 Restarter.Pleroma.need_reboot()
1252 |> get("/api/pleroma/admin/need_reboot")
1253 |> json_response(200) == %{"need_reboot" => true}
1255 on_exit(fn -> Restarter.Pleroma.refresh() end)
1258 describe "GET /api/pleroma/admin/users/:nickname/statuses" do
1260 user = insert(:user)
1262 date1 = (DateTime.to_unix(DateTime.utc_now()) + 2000) |> DateTime.from_unix!()
1263 date2 = (DateTime.to_unix(DateTime.utc_now()) + 1000) |> DateTime.from_unix!()
1264 date3 = (DateTime.to_unix(DateTime.utc_now()) + 3000) |> DateTime.from_unix!()
1266 insert(:note_activity, user: user, published: date1)
1267 insert(:note_activity, user: user, published: date2)
1268 insert(:note_activity, user: user, published: date3)
1273 test "renders user's statuses", %{conn: conn, user: user} do
1274 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
1276 assert json_response(conn, 200) |> length() == 3
1279 test "renders user's statuses with a limit", %{conn: conn, user: user} do
1280 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses?page_size=2")
1282 assert json_response(conn, 200) |> length() == 2
1285 test "doesn't return private statuses by default", %{conn: conn, user: user} do
1286 {:ok, _private_status} = CommonAPI.post(user, %{status: "private", visibility: "private"})
1288 {:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
1290 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
1292 assert json_response(conn, 200) |> length() == 4
1295 test "returns private statuses with godmode on", %{conn: conn, user: user} do
1296 {:ok, _private_status} = CommonAPI.post(user, %{status: "private", visibility: "private"})
1298 {:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
1300 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses?godmode=true")
1302 assert json_response(conn, 200) |> length() == 5
1305 test "excludes reblogs by default", %{conn: conn, user: user} do
1306 other_user = insert(:user)
1307 {:ok, activity} = CommonAPI.post(user, %{status: "."})
1308 {:ok, %Activity{}} = CommonAPI.repeat(activity.id, other_user)
1310 conn_res = get(conn, "/api/pleroma/admin/users/#{other_user.nickname}/statuses")
1311 assert json_response(conn_res, 200) |> length() == 0
1314 get(conn, "/api/pleroma/admin/users/#{other_user.nickname}/statuses?with_reblogs=true")
1316 assert json_response(conn_res, 200) |> length() == 1
1320 describe "GET /api/pleroma/admin/moderation_log" do
1322 moderator = insert(:user, is_moderator: true)
1324 %{moderator: moderator}
1327 test "returns the log", %{conn: conn, admin: admin} do
1328 Repo.insert(%ModerationLog{
1332 "nickname" => admin.nickname,
1335 action: "relay_follow",
1336 target: "https://example.org/relay"
1338 inserted_at: NaiveDateTime.truncate(~N[2017-08-15 15:47:06.597036], :second)
1341 Repo.insert(%ModerationLog{
1345 "nickname" => admin.nickname,
1348 action: "relay_unfollow",
1349 target: "https://example.org/relay"
1351 inserted_at: NaiveDateTime.truncate(~N[2017-08-16 15:47:06.597036], :second)
1354 conn = get(conn, "/api/pleroma/admin/moderation_log")
1356 response = json_response(conn, 200)
1357 [first_entry, second_entry] = response["items"]
1359 assert response["total"] == 2
1360 assert first_entry["data"]["action"] == "relay_unfollow"
1362 assert first_entry["message"] ==
1363 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
1365 assert second_entry["data"]["action"] == "relay_follow"
1367 assert second_entry["message"] ==
1368 "@#{admin.nickname} followed relay: https://example.org/relay"
1371 test "returns the log with pagination", %{conn: conn, admin: admin} do
1372 Repo.insert(%ModerationLog{
1376 "nickname" => admin.nickname,
1379 action: "relay_follow",
1380 target: "https://example.org/relay"
1382 inserted_at: NaiveDateTime.truncate(~N[2017-08-15 15:47:06.597036], :second)
1385 Repo.insert(%ModerationLog{
1389 "nickname" => admin.nickname,
1392 action: "relay_unfollow",
1393 target: "https://example.org/relay"
1395 inserted_at: NaiveDateTime.truncate(~N[2017-08-16 15:47:06.597036], :second)
1398 conn1 = get(conn, "/api/pleroma/admin/moderation_log?page_size=1&page=1")
1400 response1 = json_response(conn1, 200)
1401 [first_entry] = response1["items"]
1403 assert response1["total"] == 2
1404 assert response1["items"] |> length() == 1
1405 assert first_entry["data"]["action"] == "relay_unfollow"
1407 assert first_entry["message"] ==
1408 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
1410 conn2 = get(conn, "/api/pleroma/admin/moderation_log?page_size=1&page=2")
1412 response2 = json_response(conn2, 200)
1413 [second_entry] = response2["items"]
1415 assert response2["total"] == 2
1416 assert response2["items"] |> length() == 1
1417 assert second_entry["data"]["action"] == "relay_follow"
1419 assert second_entry["message"] ==
1420 "@#{admin.nickname} followed relay: https://example.org/relay"
1423 test "filters log by date", %{conn: conn, admin: admin} do
1424 first_date = "2017-08-15T15:47:06Z"
1425 second_date = "2017-08-20T15:47:06Z"
1427 Repo.insert(%ModerationLog{
1431 "nickname" => admin.nickname,
1434 action: "relay_follow",
1435 target: "https://example.org/relay"
1437 inserted_at: NaiveDateTime.from_iso8601!(first_date)
1440 Repo.insert(%ModerationLog{
1444 "nickname" => admin.nickname,
1447 action: "relay_unfollow",
1448 target: "https://example.org/relay"
1450 inserted_at: NaiveDateTime.from_iso8601!(second_date)
1456 "/api/pleroma/admin/moderation_log?start_date=#{second_date}"
1459 response1 = json_response(conn1, 200)
1460 [first_entry] = response1["items"]
1462 assert response1["total"] == 1
1463 assert first_entry["data"]["action"] == "relay_unfollow"
1465 assert first_entry["message"] ==
1466 "@#{admin.nickname} unfollowed relay: https://example.org/relay"
1469 test "returns log filtered by user", %{conn: conn, admin: admin, moderator: moderator} do
1470 Repo.insert(%ModerationLog{
1474 "nickname" => admin.nickname,
1477 action: "relay_follow",
1478 target: "https://example.org/relay"
1482 Repo.insert(%ModerationLog{
1485 "id" => moderator.id,
1486 "nickname" => moderator.nickname,
1489 action: "relay_unfollow",
1490 target: "https://example.org/relay"
1494 conn1 = get(conn, "/api/pleroma/admin/moderation_log?user_id=#{moderator.id}")
1496 response1 = json_response(conn1, 200)
1497 [first_entry] = response1["items"]
1499 assert response1["total"] == 1
1500 assert get_in(first_entry, ["data", "actor", "id"]) == moderator.id
1503 test "returns log filtered by search", %{conn: conn, moderator: moderator} do
1504 ModerationLog.insert_log(%{
1506 action: "relay_follow",
1507 target: "https://example.org/relay"
1510 ModerationLog.insert_log(%{
1512 action: "relay_unfollow",
1513 target: "https://example.org/relay"
1516 conn1 = get(conn, "/api/pleroma/admin/moderation_log?search=unfo")
1518 response1 = json_response(conn1, 200)
1519 [first_entry] = response1["items"]
1521 assert response1["total"] == 1
1523 assert get_in(first_entry, ["data", "message"]) ==
1524 "@#{moderator.nickname} unfollowed relay: https://example.org/relay"
1528 test "gets a remote users when [:instance, :limit_to_local_content] is set to :unauthenticated",
1530 clear_config(Pleroma.Config.get([:instance, :limit_to_local_content]), :unauthenticated)
1531 user = insert(:user, %{local: false, nickname: "u@peer1.com"})
1532 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
1534 assert json_response(conn, 200)
1537 describe "GET /users/:nickname/credentials" do
1538 test "gets the user credentials", %{conn: conn} do
1539 user = insert(:user)
1540 conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
1542 response = assert json_response(conn, 200)
1543 assert response["email"] == user.email
1546 test "returns 403 if requested by a non-admin" do
1547 user = insert(:user)
1551 |> assign(:user, user)
1552 |> get("/api/pleroma/admin/users/#{user.nickname}/credentials")
1554 assert json_response(conn, :forbidden)
1558 describe "PATCH /users/:nickname/credentials" do
1560 user = insert(:user)
1564 test "changes password and email", %{conn: conn, admin: admin, user: user} do
1565 assert user.password_reset_pending == false
1568 patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1569 "password" => "new_password",
1570 "email" => "new_email@example.com",
1571 "name" => "new_name"
1574 assert json_response(conn, 200) == %{"status" => "success"}
1576 ObanHelpers.perform_all()
1578 updated_user = User.get_by_id(user.id)
1580 assert updated_user.email == "new_email@example.com"
1581 assert updated_user.name == "new_name"
1582 assert updated_user.password_hash != user.password_hash
1583 assert updated_user.password_reset_pending == true
1585 [log_entry2, log_entry1] = ModerationLog |> Repo.all() |> Enum.sort()
1587 assert ModerationLog.get_log_entry_message(log_entry1) ==
1588 "@#{admin.nickname} updated users: @#{user.nickname}"
1590 assert ModerationLog.get_log_entry_message(log_entry2) ==
1591 "@#{admin.nickname} forced password reset for users: @#{user.nickname}"
1594 test "returns 403 if requested by a non-admin", %{user: user} do
1597 |> assign(:user, user)
1598 |> patch("/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1599 "password" => "new_password",
1600 "email" => "new_email@example.com",
1601 "name" => "new_name"
1604 assert json_response(conn, :forbidden)
1607 test "changes actor type from permitted list", %{conn: conn, user: user} do
1608 assert user.actor_type == "Person"
1610 assert patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1611 "actor_type" => "Service"
1613 |> json_response(200) == %{"status" => "success"}
1615 updated_user = User.get_by_id(user.id)
1617 assert updated_user.actor_type == "Service"
1619 assert patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
1620 "actor_type" => "Application"
1622 |> json_response(400) == %{"errors" => %{"actor_type" => "is invalid"}}
1625 test "update non existing user", %{conn: conn} do
1626 assert patch(conn, "/api/pleroma/admin/users/non-existing/credentials", %{
1627 "password" => "new_password"
1629 |> json_response(404) == %{"error" => "Not found"}
1633 describe "PATCH /users/:nickname/force_password_reset" do
1634 test "sets password_reset_pending to true", %{conn: conn} do
1635 user = insert(:user)
1636 assert user.password_reset_pending == false
1639 patch(conn, "/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
1641 assert json_response(conn, 204) == ""
1643 ObanHelpers.perform_all()
1645 assert User.get_by_id(user.id).password_reset_pending == true
1649 describe "instances" do
1650 test "GET /instances/:instance/statuses", %{conn: conn} do
1651 user = insert(:user, local: false, nickname: "archaeme@archae.me")
1652 user2 = insert(:user, local: false, nickname: "test@test.com")
1653 insert_pair(:note_activity, user: user)
1654 activity = insert(:note_activity, user: user2)
1656 ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses")
1658 response = json_response(ret_conn, 200)
1660 assert length(response) == 2
1662 ret_conn = get(conn, "/api/pleroma/admin/instances/test.com/statuses")
1664 response = json_response(ret_conn, 200)
1666 assert length(response) == 1
1668 ret_conn = get(conn, "/api/pleroma/admin/instances/nonexistent.com/statuses")
1670 response = json_response(ret_conn, 200)
1672 assert Enum.empty?(response)
1674 CommonAPI.repeat(activity.id, user)
1676 ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses")
1677 response = json_response(ret_conn, 200)
1678 assert length(response) == 2
1680 ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses?with_reblogs=true")
1681 response = json_response(ret_conn, 200)
1682 assert length(response) == 3
1686 describe "PATCH /confirm_email" do
1687 test "it confirms emails of two users", %{conn: conn, admin: admin} do
1688 [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
1690 assert first_user.confirmation_pending == true
1691 assert second_user.confirmation_pending == true
1694 patch(conn, "/api/pleroma/admin/users/confirm_email", %{
1696 first_user.nickname,
1697 second_user.nickname
1701 assert ret_conn.status == 200
1703 assert first_user.confirmation_pending == true
1704 assert second_user.confirmation_pending == true
1706 log_entry = Repo.one(ModerationLog)
1708 assert ModerationLog.get_log_entry_message(log_entry) ==
1709 "@#{admin.nickname} confirmed email for users: @#{first_user.nickname}, @#{
1710 second_user.nickname
1715 describe "PATCH /resend_confirmation_email" do
1716 test "it resend emails for two users", %{conn: conn, admin: admin} do
1717 [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
1720 patch(conn, "/api/pleroma/admin/users/resend_confirmation_email", %{
1722 first_user.nickname,
1723 second_user.nickname
1727 assert ret_conn.status == 200
1729 log_entry = Repo.one(ModerationLog)
1731 assert ModerationLog.get_log_entry_message(log_entry) ==
1732 "@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{
1733 second_user.nickname
1736 ObanHelpers.perform_all()
1737 assert_email_sent(Pleroma.Emails.UserEmail.account_confirmation_email(first_user))
1741 describe "/api/pleroma/admin/stats" do
1742 test "status visibility count", %{conn: conn} do
1743 admin = insert(:user, is_admin: true)
1744 user = insert(:user)
1745 CommonAPI.post(user, %{visibility: "public", status: "hey"})
1746 CommonAPI.post(user, %{visibility: "unlisted", status: "hey"})
1747 CommonAPI.post(user, %{visibility: "unlisted", status: "hey"})
1751 |> assign(:user, admin)
1752 |> get("/api/pleroma/admin/stats")
1753 |> json_response(200)
1755 assert %{"direct" => 0, "private" => 0, "public" => 1, "unlisted" => 2} =
1756 response["status_visibility"]
1759 test "by instance", %{conn: conn} do
1760 admin = insert(:user, is_admin: true)
1761 user1 = insert(:user)
1762 instance2 = "instance2.tld"
1763 user2 = insert(:user, %{ap_id: "https://#{instance2}/@actor"})
1765 CommonAPI.post(user1, %{visibility: "public", status: "hey"})
1766 CommonAPI.post(user2, %{visibility: "unlisted", status: "hey"})
1767 CommonAPI.post(user2, %{visibility: "private", status: "hey"})
1771 |> assign(:user, admin)
1772 |> get("/api/pleroma/admin/stats", instance: instance2)
1773 |> json_response(200)
1775 assert %{"direct" => 0, "private" => 1, "public" => 0, "unlisted" => 1} =
1776 response["status_visibility"]
1781 # Needed for testing
1782 defmodule Pleroma.Web.Endpoint.NotReal do
1785 defmodule Pleroma.Captcha.NotReal do