assert json_response(conn, 200)
end
- describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
- setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
+ test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
+ %{admin: admin} do
+ user = insert(:user)
+ url = "/api/pleroma/admin/users/#{user.nickname}"
- test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
- %{admin: admin} do
- user = insert(:user)
- url = "/api/pleroma/admin/users/#{user.nickname}"
-
- good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
- good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
- good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
-
- bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
- bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
- bad_token3 = nil
-
- for good_token <- [good_token1, good_token2, good_token3] do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, good_token)
- |> get(url)
-
- assert json_response(conn, 200)
- end
-
- for good_token <- [good_token1, good_token2, good_token3] do
- conn =
- build_conn()
- |> assign(:user, nil)
- |> assign(:token, good_token)
- |> get(url)
-
- assert json_response(conn, :forbidden)
- end
-
- for bad_token <- [bad_token1, bad_token2, bad_token3] do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, bad_token)
- |> get(url)
-
- assert json_response(conn, :forbidden)
- end
+ good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
+ good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
+ good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
+
+ bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
+ bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
+ bad_token3 = nil
+
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, good_token)
+ |> get(url)
+
+ assert json_response(conn, 200)
end
- end
- describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do
- setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, nil)
+ |> assign(:token, good_token)
+ |> get(url)
- test "GET /api/pleroma/admin/users/:nickname requires " <>
- "read:accounts or admin:read:accounts or broader scope",
- %{admin: admin} do
- user = insert(:user)
- url = "/api/pleroma/admin/users/#{user.nickname}"
-
- good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
- good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
- good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
- good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
- good_token5 = insert(:oauth_token, user: admin, scopes: ["read"])
-
- good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5]
-
- bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"])
- bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
- bad_token3 = nil
-
- for good_token <- good_tokens do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, good_token)
- |> get(url)
-
- assert json_response(conn, 200)
- end
-
- for good_token <- good_tokens do
- conn =
- build_conn()
- |> assign(:user, nil)
- |> assign(:token, good_token)
- |> get(url)
-
- assert json_response(conn, :forbidden)
- end
-
- for bad_token <- [bad_token1, bad_token2, bad_token3] do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, bad_token)
- |> get(url)
-
- assert json_response(conn, :forbidden)
- end
+ assert json_response(conn, :forbidden)
+ end
+
+ for bad_token <- [bad_token1, bad_token2, bad_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, bad_token)
+ |> get(url)
+
+ assert json_response(conn, :forbidden)
end
end
setup do
user = insert(:user)
- date1 = (DateTime.to_unix(DateTime.utc_now()) + 2000) |> DateTime.from_unix!()
- date2 = (DateTime.to_unix(DateTime.utc_now()) + 1000) |> DateTime.from_unix!()
- date3 = (DateTime.to_unix(DateTime.utc_now()) + 3000) |> DateTime.from_unix!()
-
- insert(:note_activity, user: user, published: date1)
- insert(:note_activity, user: user, published: date2)
- insert(:note_activity, user: user, published: date3)
+ insert(:note_activity, user: user)
+ insert(:note_activity, user: user)
+ insert(:note_activity, user: user)
%{user: user}
end
test "renders user's statuses", %{conn: conn, user: user} do
conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
- assert json_response(conn, 200) |> length() == 3
+ assert %{"total" => 3, "activities" => activities} = json_response(conn, 200)
+ assert length(activities) == 3
end
test "renders user's statuses with pagination", %{conn: conn, user: user} do
- conn1 = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses?page_size=1&page=1")
-
- response1 = json_response(conn1, 200)
-
- assert response1 |> length() == 1
-
- conn2 = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses?page_size=1&page=2")
-
- response2 = json_response(conn2, 200)
+ %{"total" => 3, "activities" => [activity1]} =
+ conn
+ |> get("/api/pleroma/admin/users/#{user.nickname}/statuses?page_size=1&page=1")
+ |> json_response(200)
- assert response2 |> length() == 1
+ %{"total" => 3, "activities" => [activity2]} =
+ conn
+ |> get("/api/pleroma/admin/users/#{user.nickname}/statuses?page_size=1&page=2")
+ |> json_response(200)
- refute response1 == response2
+ refute activity1 == activity2
end
test "doesn't return private statuses by default", %{conn: conn, user: user} do
{:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
- conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
+ %{"total" => 4, "activities" => activities} =
+ conn
+ |> get("/api/pleroma/admin/users/#{user.nickname}/statuses")
+ |> json_response(200)
- assert json_response(conn, 200) |> length() == 4
+ assert length(activities) == 4
end
test "returns private statuses with godmode on", %{conn: conn, user: user} do
{:ok, _public_status} = CommonAPI.post(user, %{status: "public", visibility: "public"})
- conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses?godmode=true")
+ %{"total" => 5, "activities" => activities} =
+ conn
+ |> get("/api/pleroma/admin/users/#{user.nickname}/statuses?godmode=true")
+ |> json_response(200)
- assert json_response(conn, 200) |> length() == 5
+ assert length(activities) == 5
end
test "excludes reblogs by default", %{conn: conn, user: user} do
{:ok, activity} = CommonAPI.post(user, %{status: "."})
{:ok, %Activity{}} = CommonAPI.repeat(activity.id, other_user)
- conn_res = get(conn, "/api/pleroma/admin/users/#{other_user.nickname}/statuses")
- assert json_response(conn_res, 200) |> length() == 0
-
- conn_res =
- get(conn, "/api/pleroma/admin/users/#{other_user.nickname}/statuses?with_reblogs=true")
+ assert %{"total" => 0, "activities" => []} ==
+ conn
+ |> get("/api/pleroma/admin/users/#{other_user.nickname}/statuses")
+ |> json_response(200)
- assert json_response(conn_res, 200) |> length() == 1
+ assert %{"total" => 1, "activities" => [_]} =
+ conn
+ |> get(
+ "/api/pleroma/admin/users/#{other_user.nickname}/statuses?with_reblogs=true"
+ )
+ |> json_response(200)
end
end
insert_pair(:note_activity, user: user)
activity = insert(:note_activity, user: user2)
- ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses")
-
- response = json_response(ret_conn, 200)
-
- assert length(response) == 2
+ %{"total" => 2, "activities" => activities} =
+ conn |> get("/api/pleroma/admin/instances/archae.me/statuses") |> json_response(200)
- ret_conn = get(conn, "/api/pleroma/admin/instances/test.com/statuses")
+ assert length(activities) == 2
- response = json_response(ret_conn, 200)
+ %{"total" => 1, "activities" => [_]} =
+ conn |> get("/api/pleroma/admin/instances/test.com/statuses") |> json_response(200)
- assert length(response) == 1
+ %{"total" => 0, "activities" => []} =
+ conn |> get("/api/pleroma/admin/instances/nonexistent.com/statuses") |> json_response(200)
- ret_conn = get(conn, "/api/pleroma/admin/instances/nonexistent.com/statuses")
-
- response = json_response(ret_conn, 200)
+ CommonAPI.repeat(activity.id, user)
- assert Enum.empty?(response)
+ %{"total" => 2, "activities" => activities} =
+ conn |> get("/api/pleroma/admin/instances/archae.me/statuses") |> json_response(200)
- CommonAPI.repeat(activity.id, user)
+ assert length(activities) == 2
- ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses")
- response = json_response(ret_conn, 200)
- assert length(response) == 2
+ %{"total" => 3, "activities" => activities} =
+ conn
+ |> get("/api/pleroma/admin/instances/archae.me/statuses?with_reblogs=true")
+ |> json_response(200)
- ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses?with_reblogs=true")
- response = json_response(ret_conn, 200)
- assert length(response) == 3
+ assert length(activities) == 3
end
end