alias Pleroma.HTML
alias Pleroma.ModerationLog
alias Pleroma.Repo
+ alias Pleroma.ReportNote
alias Pleroma.Tests.ObanHelpers
alias Pleroma.User
alias Pleroma.UserInviteToken
alias Pleroma.Web.ActivityPub.Relay
alias Pleroma.Web.CommonAPI
+ alias Pleroma.Web.MastodonAPI.StatusView
alias Pleroma.Web.MediaProxy
import Pleroma.Factory
:ok
end
+ setup do
+ admin = insert(:user, is_admin: true)
+ token = insert(:oauth_admin_token, user: admin)
+
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, token)
+
+ {:ok, %{admin: admin, token: token, conn: conn}}
+ end
+
+ describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
+ clear_config([:auth, :enforce_oauth_admin_scope_usage]) do
+ Pleroma.Config.put([:auth, :enforce_oauth_admin_scope_usage], true)
+ end
+
+ test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
+ %{admin: admin} do
+ user = insert(:user)
+ url = "/api/pleroma/admin/users/#{user.nickname}"
+
+ good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
+ good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
+ good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
+
+ bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
+ bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
+ bad_token3 = nil
+
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, good_token)
+ |> get(url)
+
+ assert json_response(conn, 200)
+ end
+
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, nil)
+ |> assign(:token, good_token)
+ |> get(url)
+
+ assert json_response(conn, :forbidden)
+ end
+
+ for bad_token <- [bad_token1, bad_token2, bad_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, bad_token)
+ |> get(url)
+
+ assert json_response(conn, :forbidden)
+ end
+ end
+ end
+
+ describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do
+ clear_config([:auth, :enforce_oauth_admin_scope_usage]) do
+ Pleroma.Config.put([:auth, :enforce_oauth_admin_scope_usage], false)
+ end
+
+ test "GET /api/pleroma/admin/users/:nickname requires " <>
+ "read:accounts or admin:read:accounts or broader scope",
+ %{admin: admin} do
+ user = insert(:user)
+ url = "/api/pleroma/admin/users/#{user.nickname}"
+
+ good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
+ good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
+ good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
+ good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
+ good_token5 = insert(:oauth_token, user: admin, scopes: ["read"])
+
+ good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5]
+
+ bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"])
+ bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
+ bad_token3 = nil
+
+ for good_token <- good_tokens do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, good_token)
+ |> get(url)
+
+ assert json_response(conn, 200)
+ end
+
+ for good_token <- good_tokens do
+ conn =
+ build_conn()
+ |> assign(:user, nil)
+ |> assign(:token, good_token)
+ |> get(url)
+
+ assert json_response(conn, :forbidden)
+ end
+
+ for bad_token <- [bad_token1, bad_token2, bad_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, bad_token)
+ |> get(url)
+
+ assert json_response(conn, :forbidden)
+ end
+ end
+ end
+
describe "DELETE /api/pleroma/admin/users" do
- test "single user" do
- admin = insert(:user, is_admin: true)
+ test "single user", %{admin: admin, conn: conn} do
user = insert(:user)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> delete("/api/pleroma/admin/users?nickname=#{user.nickname}")
assert json_response(conn, 200) == user.nickname
end
- test "multiple users" do
- admin = insert(:user, is_admin: true)
+ test "multiple users", %{admin: admin, conn: conn} do
user_one = insert(:user)
user_two = insert(:user)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> delete("/api/pleroma/admin/users", %{
nicknames: [user_one.nickname, user_two.nickname]
end
describe "/api/pleroma/admin/users" do
- test "Create" do
- admin = insert(:user, is_admin: true)
-
+ test "Create", %{conn: conn} do
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> post("/api/pleroma/admin/users", %{
"users" => [
assert ["lain", "lain2"] -- Enum.map(log_entry.data["subjects"], & &1["nickname"]) == []
end
- test "Cannot create user with exisiting email" do
- admin = insert(:user, is_admin: true)
+ test "Cannot create user with existing email", %{conn: conn} do
user = insert(:user)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> post("/api/pleroma/admin/users", %{
"users" => [
]
end
- test "Cannot create user with exisiting nickname" do
- admin = insert(:user, is_admin: true)
+ test "Cannot create user with existing nickname", %{conn: conn} do
user = insert(:user)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> post("/api/pleroma/admin/users", %{
"users" => [
]
end
- test "Multiple user creation works in transaction" do
- admin = insert(:user, is_admin: true)
+ test "Multiple user creation works in transaction", %{conn: conn} do
user = insert(:user)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> post("/api/pleroma/admin/users", %{
"users" => [
describe "/api/pleroma/admin/users/:nickname" do
test "Show", %{conn: conn} do
- admin = insert(:user, is_admin: true)
user = insert(:user)
- conn =
- conn
- |> assign(:user, admin)
- |> get("/api/pleroma/admin/users/#{user.nickname}")
+ conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
expected = %{
"deactivated" => false,
"roles" => %{"admin" => false, "moderator" => false},
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
assert expected == json_response(conn, 200)
end
test "when the user doesn't exist", %{conn: conn} do
- admin = insert(:user, is_admin: true)
user = build(:user)
- conn =
- conn
- |> assign(:user, admin)
- |> get("/api/pleroma/admin/users/#{user.nickname}")
+ conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}")
assert "Not found" == json_response(conn, 404)
end
end
describe "/api/pleroma/admin/users/follow" do
- test "allows to force-follow another user" do
- admin = insert(:user, is_admin: true)
+ test "allows to force-follow another user", %{admin: admin, conn: conn} do
user = insert(:user)
follower = insert(:user)
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> post("/api/pleroma/admin/users/follow", %{
"follower" => follower.nickname,
end
describe "/api/pleroma/admin/users/unfollow" do
- test "allows to force-unfollow another user" do
- admin = insert(:user, is_admin: true)
+ test "allows to force-unfollow another user", %{admin: admin, conn: conn} do
user = insert(:user)
follower = insert(:user)
User.follow(follower, user)
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> post("/api/pleroma/admin/users/unfollow", %{
"follower" => follower.nickname,
end
describe "PUT /api/pleroma/admin/users/tag" do
- setup do
- admin = insert(:user, is_admin: true)
+ setup %{conn: conn} do
user1 = insert(:user, %{tags: ["x"]})
user2 = insert(:user, %{tags: ["y"]})
user3 = insert(:user, %{tags: ["unchanged"]})
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> put(
- "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
- user2.nickname
- }&tags[]=foo&tags[]=bar"
+ "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
+ "#{user2.nickname}&tags[]=foo&tags[]=bar"
)
- %{conn: conn, admin: admin, user1: user1, user2: user2, user3: user3}
+ %{conn: conn, user1: user1, user2: user2, user3: user3}
end
test "it appends specified tags to users with specified nicknames", %{
end
describe "DELETE /api/pleroma/admin/users/tag" do
- setup do
- admin = insert(:user, is_admin: true)
+ setup %{conn: conn} do
user1 = insert(:user, %{tags: ["x"]})
user2 = insert(:user, %{tags: ["y", "z"]})
user3 = insert(:user, %{tags: ["unchanged"]})
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> delete(
- "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
- user2.nickname
- }&tags[]=x&tags[]=z"
+ "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
+ "#{user2.nickname}&tags[]=x&tags[]=z"
)
- %{conn: conn, admin: admin, user1: user1, user2: user2, user3: user3}
+ %{conn: conn, user1: user1, user2: user2, user3: user3}
end
test "it removes specified tags from users with specified nicknames", %{
end
describe "/api/pleroma/admin/users/:nickname/permission_group" do
- test "GET is giving user_info" do
- admin = insert(:user, is_admin: true)
-
+ test "GET is giving user_info", %{admin: admin, conn: conn} do
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> get("/api/pleroma/admin/users/#{admin.nickname}/permission_group/")
}
end
- test "/:right POST, can add to a permission group" do
- admin = insert(:user, is_admin: true)
+ test "/:right POST, can add to a permission group", %{admin: admin, conn: conn} do
user = insert(:user)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> post("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
"@#{admin.nickname} made @#{user.nickname} admin"
end
- test "/:right POST, can add to a permission group (multiple)" do
- admin = insert(:user, is_admin: true)
+ test "/:right POST, can add to a permission group (multiple)", %{admin: admin, conn: conn} do
user_one = insert(:user)
user_two = insert(:user)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> post("/api/pleroma/admin/users/permission_group/admin", %{
nicknames: [user_one.nickname, user_two.nickname]
})
- assert json_response(conn, 200) == %{
- "is_admin" => true
- }
+ assert json_response(conn, 200) == %{"is_admin" => true}
log_entry = Repo.one(ModerationLog)
"@#{admin.nickname} made @#{user_one.nickname}, @#{user_two.nickname} admin"
end
- test "/:right DELETE, can remove from a permission group" do
- admin = insert(:user, is_admin: true)
+ test "/:right DELETE, can remove from a permission group", %{admin: admin, conn: conn} do
user = insert(:user, is_admin: true)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> delete("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin")
- assert json_response(conn, 200) == %{
- "is_admin" => false
- }
+ assert json_response(conn, 200) == %{"is_admin" => false}
log_entry = Repo.one(ModerationLog)
"@#{admin.nickname} revoked admin role from @#{user.nickname}"
end
- test "/:right DELETE, can remove from a permission group (multiple)" do
- admin = insert(:user, is_admin: true)
+ test "/:right DELETE, can remove from a permission group (multiple)", %{
+ admin: admin,
+ conn: conn
+ } do
user_one = insert(:user, is_admin: true)
user_two = insert(:user, is_admin: true)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> delete("/api/pleroma/admin/users/permission_group/admin", %{
nicknames: [user_one.nickname, user_two.nickname]
})
- assert json_response(conn, 200) == %{
- "is_admin" => false
- }
+ assert json_response(conn, 200) == %{"is_admin" => false}
log_entry = Repo.one(ModerationLog)
end
describe "POST /api/pleroma/admin/email_invite, with valid config" do
- setup do
- [user: insert(:user, is_admin: true)]
- end
-
clear_config([:instance, :registrations_open]) do
Pleroma.Config.put([:instance, :registrations_open], false)
end
Pleroma.Config.put([:instance, :invites_enabled], true)
end
- test "sends invitation and returns 204", %{conn: conn, user: user} do
+ test "sends invitation and returns 204", %{admin: admin, conn: conn} do
recipient_email = "foo@bar.com"
recipient_name = "J. D."
conn =
- conn
- |> assign(:user, user)
- |> post(
+ post(
+ conn,
"/api/pleroma/admin/users/email_invite?email=#{recipient_email}&name=#{recipient_name}"
)
assert json_response(conn, :no_content)
- token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
+ token_record = List.last(Repo.all(Pleroma.UserInviteToken))
assert token_record
refute token_record.used
email =
Pleroma.Emails.UserEmail.user_invitation_email(
- user,
+ admin,
token_record,
recipient_email,
recipient_name
)
end
- test "it returns 403 if requested by a non-admin", %{conn: conn} do
+ test "it returns 403 if requested by a non-admin" do
non_admin_user = insert(:user)
+ token = insert(:oauth_token, user: non_admin_user)
conn =
- conn
+ build_conn()
|> assign(:user, non_admin_user)
+ |> assign(:token, token)
|> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD")
assert json_response(conn, :forbidden)
end
describe "POST /api/pleroma/admin/users/email_invite, with invalid config" do
- setup do
- [user: insert(:user, is_admin: true)]
- end
-
clear_config([:instance, :registrations_open])
clear_config([:instance, :invites_enabled])
- test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
+ test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn} do
Pleroma.Config.put([:instance, :registrations_open], false)
Pleroma.Config.put([:instance, :invites_enabled], false)
- conn =
- conn
- |> assign(:user, user)
- |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD")
+ conn = post(conn, "/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD")
assert json_response(conn, :internal_server_error)
end
- test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
+ test "it returns 500 if `registrations_open` is enabled", %{conn: conn} do
Pleroma.Config.put([:instance, :registrations_open], true)
Pleroma.Config.put([:instance, :invites_enabled], true)
- conn =
- conn
- |> assign(:user, user)
- |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD")
+ conn = post(conn, "/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD")
assert json_response(conn, :internal_server_error)
end
end
- test "/api/pleroma/admin/users/:nickname/password_reset" do
- admin = insert(:user, is_admin: true)
+ test "/api/pleroma/admin/users/:nickname/password_reset", %{conn: conn} do
user = insert(:user)
conn =
- build_conn()
- |> assign(:user, admin)
+ conn
|> put_req_header("accept", "application/json")
|> get("/api/pleroma/admin/users/#{user.nickname}/password_reset")
end
describe "GET /api/pleroma/admin/users" do
- setup do
- admin = insert(:user, is_admin: true)
-
- conn =
- build_conn()
- |> assign(:user, admin)
-
- {:ok, conn: conn, admin: admin}
- end
-
test "renders users array for the first page", %{conn: conn, admin: admin} do
user = insert(:user, local: false, tags: ["foo", "bar"])
conn = get(conn, "/api/pleroma/admin/users?page=1")
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(admin.name || admin.nickname)
+ "display_name" => HTML.strip_tags(admin.name || admin.nickname),
+ "confirmation_pending" => false
},
%{
"deactivated" => user.deactivated,
"local" => false,
"tags" => ["foo", "bar"],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
|> Enum.sort_by(& &1["nickname"])
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user2) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user2.name || user2.nickname)
+ "display_name" => HTML.strip_tags(user2.name || user2.nickname),
+ "confirmation_pending" => false
}
]
}
test "only local users" do
admin = insert(:user, is_admin: true, nickname: "john")
+ token = insert(:oauth_admin_token, user: admin)
user = insert(:user, nickname: "bob")
insert(:user, nickname: "bobb", local: false)
conn =
build_conn()
|> assign(:user, admin)
+ |> assign(:token, token)
|> get("/api/pleroma/admin/users?query=bo&filters=local")
assert json_response(conn, 200) == %{
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
end
- test "only local users with no query", %{admin: old_admin} do
+ test "only local users with no query", %{conn: conn, admin: old_admin} do
admin = insert(:user, is_admin: true, nickname: "john")
user = insert(:user, nickname: "bob")
insert(:user, nickname: "bobb", local: false)
- conn =
- build_conn()
- |> assign(:user, admin)
- |> get("/api/pleroma/admin/users?filters=local")
+ conn = get(conn, "/api/pleroma/admin/users?filters=local")
users =
[
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
},
%{
"deactivated" => admin.deactivated,
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(admin.name || admin.nickname)
+ "display_name" => HTML.strip_tags(admin.name || admin.nickname),
+ "confirmation_pending" => false
},
%{
"deactivated" => false,
"roles" => %{"admin" => true, "moderator" => false},
"tags" => [],
"avatar" => User.avatar_url(old_admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(old_admin.name || old_admin.nickname)
+ "display_name" => HTML.strip_tags(old_admin.name || old_admin.nickname),
+ "confirmation_pending" => false
}
]
|> Enum.sort_by(& &1["nickname"])
"local" => admin.local,
"tags" => [],
"avatar" => User.avatar_url(admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(admin.name || admin.nickname)
+ "display_name" => HTML.strip_tags(admin.name || admin.nickname),
+ "confirmation_pending" => false
},
%{
"deactivated" => false,
"local" => second_admin.local,
"tags" => [],
"avatar" => User.avatar_url(second_admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(second_admin.name || second_admin.nickname)
+ "display_name" => HTML.strip_tags(second_admin.name || second_admin.nickname),
+ "confirmation_pending" => false
}
]
|> Enum.sort_by(& &1["nickname"])
"local" => moderator.local,
"tags" => [],
"avatar" => User.avatar_url(moderator) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(moderator.name || moderator.nickname)
+ "display_name" => HTML.strip_tags(moderator.name || moderator.nickname),
+ "confirmation_pending" => false
}
]
}
"local" => user1.local,
"tags" => ["first"],
"avatar" => User.avatar_url(user1) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user1.name || user1.nickname)
+ "display_name" => HTML.strip_tags(user1.name || user1.nickname),
+ "confirmation_pending" => false
},
%{
"deactivated" => false,
"local" => user2.local,
"tags" => ["second"],
"avatar" => User.avatar_url(user2) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user2.name || user2.nickname)
+ "display_name" => HTML.strip_tags(user2.name || user2.nickname),
+ "confirmation_pending" => false
}
]
|> Enum.sort_by(& &1["nickname"])
test "it works with multiple filters" do
admin = insert(:user, nickname: "john", is_admin: true)
+ token = insert(:oauth_admin_token, user: admin)
user = insert(:user, nickname: "bob", local: false, deactivated: true)
insert(:user, nickname: "ken", local: true, deactivated: true)
conn =
build_conn()
|> assign(:user, admin)
+ |> assign(:token, token)
|> get("/api/pleroma/admin/users?filters=deactivated,external")
assert json_response(conn, 200) == %{
"local" => user.local,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
]
}
end
- test "it omits relay user", %{admin: admin} do
+ test "it omits relay user", %{admin: admin, conn: conn} do
assert %User{} = Relay.get_actor()
- conn =
- build_conn()
- |> assign(:user, admin)
- |> get("/api/pleroma/admin/users")
+ conn = get(conn, "/api/pleroma/admin/users")
assert json_response(conn, 200) == %{
"count" => 1,
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(admin) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(admin.name || admin.nickname)
+ "display_name" => HTML.strip_tags(admin.name || admin.nickname),
+ "confirmation_pending" => false
}
]
}
end
end
- test "PATCH /api/pleroma/admin/users/activate" do
- admin = insert(:user, is_admin: true)
+ test "PATCH /api/pleroma/admin/users/activate", %{admin: admin, conn: conn} do
user_one = insert(:user, deactivated: true)
user_two = insert(:user, deactivated: true)
conn =
- build_conn()
- |> assign(:user, admin)
- |> patch(
+ patch(
+ conn,
"/api/pleroma/admin/users/activate",
%{nicknames: [user_one.nickname, user_two.nickname]}
)
"@#{admin.nickname} activated users: @#{user_one.nickname}, @#{user_two.nickname}"
end
- test "PATCH /api/pleroma/admin/users/deactivate" do
- admin = insert(:user, is_admin: true)
+ test "PATCH /api/pleroma/admin/users/deactivate", %{admin: admin, conn: conn} do
user_one = insert(:user, deactivated: false)
user_two = insert(:user, deactivated: false)
conn =
- build_conn()
- |> assign(:user, admin)
- |> patch(
+ patch(
+ conn,
"/api/pleroma/admin/users/deactivate",
%{nicknames: [user_one.nickname, user_two.nickname]}
)
"@#{admin.nickname} deactivated users: @#{user_one.nickname}, @#{user_two.nickname}"
end
- test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
- admin = insert(:user, is_admin: true)
+ test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation", %{admin: admin, conn: conn} do
user = insert(:user)
- conn =
- build_conn()
- |> assign(:user, admin)
- |> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
+ conn = patch(conn, "/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
assert json_response(conn, 200) ==
%{
"local" => true,
"tags" => [],
"avatar" => User.avatar_url(user) |> MediaProxy.url(),
- "display_name" => HTML.strip_tags(user.name || user.nickname)
+ "display_name" => HTML.strip_tags(user.name || user.nickname),
+ "confirmation_pending" => false
}
log_entry = Repo.one(ModerationLog)
end
describe "POST /api/pleroma/admin/users/invite_token" do
- setup do
- admin = insert(:user, is_admin: true)
-
- conn =
- build_conn()
- |> assign(:user, admin)
-
- {:ok, conn: conn}
- end
-
test "without options", %{conn: conn} do
conn = post(conn, "/api/pleroma/admin/users/invite_token")
end
describe "GET /api/pleroma/admin/users/invites" do
- setup do
- admin = insert(:user, is_admin: true)
-
- conn =
- build_conn()
- |> assign(:user, admin)
-
- {:ok, conn: conn}
- end
-
test "no invites", %{conn: conn} do
conn = get(conn, "/api/pleroma/admin/users/invites")
end
describe "POST /api/pleroma/admin/users/revoke_invite" do
- test "with token" do
- admin = insert(:user, is_admin: true)
+ test "with token", %{conn: conn} do
{:ok, invite} = UserInviteToken.create_invite()
- conn =
- build_conn()
- |> assign(:user, admin)
- |> post("/api/pleroma/admin/users/revoke_invite", %{"token" => invite.token})
+ conn = post(conn, "/api/pleroma/admin/users/revoke_invite", %{"token" => invite.token})
assert json_response(conn, 200) == %{
"expires_at" => nil,
}
end
- test "with invalid token" do
- admin = insert(:user, is_admin: true)
-
- conn =
- build_conn()
- |> assign(:user, admin)
- |> post("/api/pleroma/admin/users/revoke_invite", %{"token" => "foo"})
+ test "with invalid token", %{conn: conn} do
+ conn = post(conn, "/api/pleroma/admin/users/revoke_invite", %{"token" => "foo"})
assert json_response(conn, :not_found) == "Not found"
end
end
describe "GET /api/pleroma/admin/reports/:id" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
-
- %{conn: assign(conn, :user, admin)}
- end
-
test "returns report by its id", %{conn: conn} do
[reporter, target_user] = insert_pair(:user)
activity = insert(:note_activity, user: target_user)
end
describe "PATCH /api/pleroma/admin/reports" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ setup do
[reporter, target_user] = insert_pair(:user)
activity = insert(:note_activity, user: target_user)
})
%{
- conn: assign(conn, :user, admin),
id: report_id,
- admin: admin,
second_report_id: second_report_id
}
end
end
describe "GET /api/pleroma/admin/reports" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
-
- %{conn: assign(conn, :user, admin)}
- end
-
test "returns empty response when no reports created", %{conn: conn} do
response =
conn
test "returns 403 when requested by a non-admin" do
user = insert(:user)
+ token = insert(:oauth_token, user: user)
conn =
build_conn()
|> assign(:user, user)
+ |> assign(:token, token)
|> get("/api/pleroma/admin/reports")
- assert json_response(conn, :forbidden) == %{"error" => "User is not admin."}
+ assert json_response(conn, :forbidden) ==
+ %{"error" => "User is not an admin or OAuth admin scope is not granted."}
end
test "returns 403 when requested by anonymous" do
- conn =
- build_conn()
- |> get("/api/pleroma/admin/reports")
+ conn = get(build_conn(), "/api/pleroma/admin/reports")
assert json_response(conn, :forbidden) == %{"error" => "Invalid credentials."}
end
end
describe "GET /api/pleroma/admin/grouped_reports" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ setup do
[reporter, target_user] = insert_pair(:user)
date1 = (DateTime.to_unix(DateTime.utc_now()) + 1000) |> DateTime.from_unix!()
})
%{
- conn: assign(conn, :user, admin),
first_status: Activity.get_by_ap_id_with_object(first_status.data["id"]),
second_status: Activity.get_by_ap_id_with_object(second_status.data["id"]),
third_status: Activity.get_by_ap_id_with_object(third_status.data["id"]),
+ first_report: first_report,
first_status_reports: [first_report, second_report, third_report],
second_status_reports: [first_report, second_report],
third_status_reports: [first_report],
assert length(response["reports"]) == 3
- first_group =
- Enum.find(response["reports"], &(&1["status"]["id"] == first_status.data["id"]))
+ first_group = Enum.find(response["reports"], &(&1["status"]["id"] == first_status.id))
- second_group =
- Enum.find(response["reports"], &(&1["status"]["id"] == second_status.data["id"]))
+ second_group = Enum.find(response["reports"], &(&1["status"]["id"] == second_status.id))
- third_group =
- Enum.find(response["reports"], &(&1["status"]["id"] == third_status.data["id"]))
+ third_group = Enum.find(response["reports"], &(&1["status"]["id"] == third_status.id))
assert length(first_group["reports"]) == 3
assert length(second_group["reports"]) == 2
NaiveDateTime.from_iso8601!(act.data["published"])
end).data["published"]
- assert first_group["status"] == %{
- "id" => first_status.data["id"],
- "content" => first_status.object.data["content"],
- "published" => first_status.object.data["published"]
- }
+ assert first_group["status"] ==
+ Map.put(
+ stringify_keys(StatusView.render("show.json", %{activity: first_status})),
+ "deleted",
+ false
+ )
- assert first_group["account"]["id"] == target_user.id
+ assert(first_group["account"]["id"] == target_user.id)
assert length(first_group["actors"]) == 1
assert hd(first_group["actors"])["id"] == reporter.id
NaiveDateTime.from_iso8601!(act.data["published"])
end).data["published"]
- assert second_group["status"] == %{
- "id" => second_status.data["id"],
- "content" => second_status.object.data["content"],
- "published" => second_status.object.data["published"]
- }
+ assert second_group["status"] ==
+ Map.put(
+ stringify_keys(StatusView.render("show.json", %{activity: second_status})),
+ "deleted",
+ false
+ )
assert second_group["account"]["id"] == target_user.id
NaiveDateTime.from_iso8601!(act.data["published"])
end).data["published"]
- assert third_group["status"] == %{
- "id" => third_status.data["id"],
- "content" => third_status.object.data["content"],
- "published" => third_status.object.data["published"]
- }
+ assert third_group["status"] ==
+ Map.put(
+ stringify_keys(StatusView.render("show.json", %{activity: third_status})),
+ "deleted",
+ false
+ )
assert third_group["account"]["id"] == target_user.id
assert Enum.map(third_group["reports"], & &1["id"]) --
Enum.map(third_status_reports, & &1.id) == []
end
- end
- describe "POST /api/pleroma/admin/reports/:id/respond" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ test "reopened report renders status data", %{
+ conn: conn,
+ first_report: first_report,
+ first_status: first_status
+ } do
+ {:ok, _} = CommonAPI.update_report_state(first_report.id, "resolved")
+
+ response =
+ conn
+ |> get("/api/pleroma/admin/grouped_reports")
+ |> json_response(:ok)
+
+ first_group = Enum.find(response["reports"], &(&1["status"]["id"] == first_status.id))
- %{conn: assign(conn, :user, admin), admin: admin}
+ assert first_group["status"] ==
+ Map.put(
+ stringify_keys(StatusView.render("show.json", %{activity: first_status})),
+ "deleted",
+ false
+ )
end
- test "returns created dm", %{conn: conn, admin: admin} do
- [reporter, target_user] = insert_pair(:user)
- activity = insert(:note_activity, user: target_user)
+ test "reopened report does not render status data if status has been deleted", %{
+ conn: conn,
+ first_report: first_report,
+ first_status: first_status,
+ target_user: target_user
+ } do
+ {:ok, _} = CommonAPI.update_report_state(first_report.id, "resolved")
+ {:ok, _} = CommonAPI.delete(first_status.id, target_user)
- {:ok, %{id: report_id}} =
- CommonAPI.report(reporter, %{
- "account_id" => target_user.id,
- "comment" => "I feel offended",
- "status_ids" => [activity.id]
- })
+ refute Activity.get_by_ap_id(first_status.id)
response =
conn
- |> post("/api/pleroma/admin/reports/#{report_id}/respond", %{
- "status" => "I will check it out"
- })
+ |> get("/api/pleroma/admin/grouped_reports")
|> json_response(:ok)
- recipients = Enum.map(response["mentions"], & &1["username"])
-
- assert reporter.nickname in recipients
- assert response["content"] == "I will check it out"
- assert response["visibility"] == "direct"
-
- log_entry = Repo.one(ModerationLog)
+ assert Enum.find(response["reports"], &(&1["status"]["deleted"] == true))["status"][
+ "deleted"
+ ] == true
- assert ModerationLog.get_log_entry_message(log_entry) ==
- "@#{admin.nickname} responded with 'I will check it out' to report ##{
- response["id"]
- }"
+ assert length(Enum.filter(response["reports"], &(&1["status"]["deleted"] == false))) == 2
end
- test "returns 400 when status is missing", %{conn: conn} do
- conn = post(conn, "/api/pleroma/admin/reports/test/respond")
+ test "account not empty if status was deleted", %{
+ conn: conn,
+ first_report: first_report,
+ first_status: first_status,
+ target_user: target_user
+ } do
+ {:ok, _} = CommonAPI.update_report_state(first_report.id, "resolved")
+ {:ok, _} = CommonAPI.delete(first_status.id, target_user)
- assert json_response(conn, :bad_request) == "Invalid parameters"
- end
+ refute Activity.get_by_ap_id(first_status.id)
- test "returns 404 when report id is invalid", %{conn: conn} do
- conn =
- post(conn, "/api/pleroma/admin/reports/test/respond", %{
- "status" => "foo"
- })
+ response =
+ conn
+ |> get("/api/pleroma/admin/grouped_reports")
+ |> json_response(:ok)
- assert json_response(conn, :not_found) == "Not found"
+ assert Enum.find(response["reports"], &(&1["status"]["deleted"] == true))["account"]
end
end
describe "PUT /api/pleroma/admin/statuses/:id" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ setup do
activity = insert(:note_activity)
- %{conn: assign(conn, :user, admin), id: activity.id, admin: admin}
+ %{id: activity.id}
end
test "toggle sensitive flag", %{conn: conn, id: id, admin: admin} do
end
test "returns 400 when visibility is unknown", %{conn: conn, id: id} do
- conn =
- conn
- |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "test"})
+ conn = put(conn, "/api/pleroma/admin/statuses/#{id}", %{"visibility" => "test"})
assert json_response(conn, :bad_request) == "Unsupported visibility"
end
end
describe "DELETE /api/pleroma/admin/statuses/:id" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ setup do
activity = insert(:note_activity)
- %{conn: assign(conn, :user, admin), id: activity.id, admin: admin}
+ %{id: activity.id}
end
test "deletes status", %{conn: conn, id: id, admin: admin} do
end
test "returns error when status is not exist", %{conn: conn} do
- conn =
- conn
- |> delete("/api/pleroma/admin/statuses/test")
+ conn = delete(conn, "/api/pleroma/admin/statuses/test")
assert json_response(conn, :bad_request) == "Could not delete"
end
end
describe "GET /api/pleroma/admin/config" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ clear_config([:configurable_from_database]) do
+ Pleroma.Config.put([:configurable_from_database], true)
+ end
- %{conn: assign(conn, :user, admin)}
+ test "when configuration from database is off", %{conn: conn} do
+ initial = Pleroma.Config.get([:configurable_from_database])
+ Pleroma.Config.put([:configurable_from_database], false)
+ on_exit(fn -> Pleroma.Config.put([:configurable_from_database], initial) end)
+ conn = get(conn, "/api/pleroma/admin/config")
+
+ assert json_response(conn, 400) ==
+ "To use this endpoint you need to enable configuration from database."
end
test "without any settings in db", %{conn: conn} do
conn = get(conn, "/api/pleroma/admin/config")
- assert json_response(conn, 200) == %{"configs" => []}
+ assert json_response(conn, 400) ==
+ "To use configuration from database migrate your settings to database."
end
test "with settings in db", %{conn: conn} do
%{
"configs" => [
%{
+ "group" => ":pleroma",
"key" => key1,
"value" => _
},
end
end
- describe "POST /api/pleroma/admin/config" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ test "POST /api/pleroma/admin/config error", %{conn: conn} do
+ conn = post(conn, "/api/pleroma/admin/config", %{"configs" => []})
- temp_file = "config/test.exported_from_db.secret.exs"
+ assert json_response(conn, 400) ==
+ "To use this endpoint you need to enable configuration from database."
+ end
+
+ describe "POST /api/pleroma/admin/config" do
+ setup do
+ http = Application.get_env(:pleroma, :http)
on_exit(fn ->
Application.delete_env(:pleroma, :key1)
Application.delete_env(:pleroma, :keyaa2)
Application.delete_env(:pleroma, Pleroma.Web.Endpoint.NotReal)
Application.delete_env(:pleroma, Pleroma.Captcha.NotReal)
- :ok = File.rm(temp_file)
+ Application.put_env(:pleroma, :http, http)
+ Application.put_env(:tesla, :adapter, Tesla.Mock)
+ :ok = File.rm("config/test.exported_from_db.secret.exs")
end)
-
- %{conn: assign(conn, :user, admin)}
end
- clear_config([:instance, :dynamic_configuration]) do
- Pleroma.Config.put([:instance, :dynamic_configuration], true)
+ clear_config([:configurable_from_database]) do
+ Pleroma.Config.put([:configurable_from_database], true)
end
+ @tag capture_log: true
test "create new config setting in db", %{conn: conn} do
conn =
post(conn, "/api/pleroma/admin/config", %{
configs: [
- %{group: "pleroma", key: "key1", value: "value1"},
+ %{group: ":pleroma", key: ":key1", value: "value1"},
%{
- group: "ueberauth",
+ group: ":ueberauth",
key: "Ueberauth.Strategy.Twitter.OAuth",
value: [%{"tuple" => [":consumer_secret", "aaaa"]}]
},
%{
- group: "pleroma",
- key: "key2",
+ group: ":pleroma",
+ key: ":key2",
value: %{
":nested_1" => "nested_value1",
":nested_2" => [
}
},
%{
- group: "pleroma",
- key: "key3",
+ group: ":pleroma",
+ key: ":key3",
value: [
%{"nested_3" => ":nested_3", "nested_33" => "nested_33"},
%{"nested_4" => true}
]
},
%{
- group: "pleroma",
- key: "key4",
+ group: ":pleroma",
+ key: ":key4",
value: %{":nested_5" => ":upload", "endpoint" => "https://example.com"}
},
%{
- group: "idna",
- key: "key5",
+ group: ":idna",
+ key: ":key5",
value: %{"tuple" => ["string", "Pleroma.Captcha.NotReal", []]}
}
]
assert json_response(conn, 200) == %{
"configs" => [
%{
- "group" => "pleroma",
- "key" => "key1",
+ "group" => ":pleroma",
+ "key" => ":key1",
"value" => "value1"
},
%{
- "group" => "ueberauth",
+ "group" => ":ueberauth",
"key" => "Ueberauth.Strategy.Twitter.OAuth",
"value" => [%{"tuple" => [":consumer_secret", "aaaa"]}]
},
%{
- "group" => "pleroma",
- "key" => "key2",
+ "group" => ":pleroma",
+ "key" => ":key2",
"value" => %{
":nested_1" => "nested_value1",
":nested_2" => [
}
},
%{
- "group" => "pleroma",
- "key" => "key3",
+ "group" => ":pleroma",
+ "key" => ":key3",
"value" => [
%{"nested_3" => ":nested_3", "nested_33" => "nested_33"},
%{"nested_4" => true}
]
},
%{
- "group" => "pleroma",
- "key" => "key4",
+ "group" => ":pleroma",
+ "key" => ":key4",
"value" => %{"endpoint" => "https://example.com", ":nested_5" => ":upload"}
},
%{
- "group" => "idna",
- "key" => "key5",
+ "group" => ":idna",
+ "key" => ":key5",
"value" => %{"tuple" => ["string", "Pleroma.Captcha.NotReal", []]}
}
]
assert Application.get_env(:idna, :key5) == {"string", Pleroma.Captcha.NotReal, []}
end
- test "update config setting & delete", %{conn: conn} do
- config1 = insert(:config, key: "keyaa1")
- config2 = insert(:config, key: "keyaa2")
+ test "save config setting without key", %{conn: conn} do
+ level = Application.get_env(:quack, :level)
+ meta = Application.get_env(:quack, :meta)
+ webhook_url = Application.get_env(:quack, :webhook_url)
- insert(:config,
- group: "ueberauth",
- key: "Ueberauth.Strategy.Microsoft.OAuth",
- value: :erlang.term_to_binary([])
- )
+ on_exit(fn ->
+ Application.put_env(:quack, :level, level)
+ Application.put_env(:quack, :meta, meta)
+ Application.put_env(:quack, :webhook_url, webhook_url)
+ end)
conn =
post(conn, "/api/pleroma/admin/config", %{
configs: [
- %{group: config1.group, key: config1.key, value: "another_value"},
- %{group: config2.group, key: config2.key, delete: "true"},
%{
- group: "ueberauth",
- key: "Ueberauth.Strategy.Microsoft.OAuth",
- delete: "true"
+ group: ":quack",
+ key: ":level",
+ value: ":info"
+ },
+ %{
+ group: ":quack",
+ key: ":meta",
+ value: [":none"]
+ },
+ %{
+ group: ":quack",
+ key: ":webhook_url",
+ value: "https://hooks.slack.com/services/KEY"
}
]
})
assert json_response(conn, 200) == %{
"configs" => [
+ %{"group" => ":quack", "key" => ":level", "value" => ":info"},
+ %{"group" => ":quack", "key" => ":meta", "value" => [":none"]},
%{
- "group" => "pleroma",
- "key" => config1.key,
- "value" => "another_value"
+ "group" => ":quack",
+ "key" => ":webhook_url",
+ "value" => "https://hooks.slack.com/services/KEY"
}
]
}
- assert Application.get_env(:pleroma, :keyaa1) == "another_value"
- refute Application.get_env(:pleroma, :keyaa2)
+ assert Application.get_env(:quack, :level) == :info
+ assert Application.get_env(:quack, :meta) == [:none]
+ assert Application.get_env(:quack, :webhook_url) == "https://hooks.slack.com/services/KEY"
end
- test "common config example", %{conn: conn} do
+ test "saving config with partial update", %{conn: conn} do
+ config = insert(:config, key: ":key1", value: :erlang.term_to_binary(key1: 1, key2: 2))
+
conn =
post(conn, "/api/pleroma/admin/config", %{
configs: [
- %{
- "group" => "pleroma",
- "key" => "Pleroma.Captcha.NotReal",
- "value" => [
+ %{group: config.group, key: config.key, value: [%{"tuple" => [":key3", 3]}]}
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":pleroma",
+ "key" => ":key1",
+ "value" => [
+ %{"tuple" => [":key1", 1]},
+ %{"tuple" => [":key2", 2]},
+ %{"tuple" => [":key3", 3]}
+ ]
+ }
+ ]
+ }
+ end
+
+ test "saving config with nested merge", %{conn: conn} do
+ config =
+ insert(:config, key: ":key1", value: :erlang.term_to_binary(key1: 1, key2: [k1: 1, k2: 2]))
+
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{
+ group: config.group,
+ key: config.key,
+ value: [
+ %{"tuple" => [":key3", 3]},
+ %{
+ "tuple" => [
+ ":key2",
+ [
+ %{"tuple" => [":k2", 1]},
+ %{"tuple" => [":k3", 3]}
+ ]
+ ]
+ }
+ ]
+ }
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":pleroma",
+ "key" => ":key1",
+ "value" => [
+ %{"tuple" => [":key1", 1]},
+ %{"tuple" => [":key3", 3]},
+ %{
+ "tuple" => [
+ ":key2",
+ [
+ %{"tuple" => [":k1", 1]},
+ %{"tuple" => [":k2", 1]},
+ %{"tuple" => [":k3", 3]}
+ ]
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ end
+
+ test "saving special atoms", %{conn: conn} do
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ "configs" => [
+ %{
+ "group" => ":pleroma",
+ "key" => ":key1",
+ "value" => [
+ %{
+ "tuple" => [
+ ":ssl_options",
+ [%{"tuple" => [":versions", [":tlsv1", ":tlsv1.1", ":tlsv1.2"]]}]
+ ]
+ }
+ ]
+ }
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":pleroma",
+ "key" => ":key1",
+ "value" => [
+ %{
+ "tuple" => [
+ ":ssl_options",
+ [%{"tuple" => [":versions", [":tlsv1", ":tlsv1.1", ":tlsv1.2"]]}]
+ ]
+ }
+ ]
+ }
+ ]
+ }
+
+ assert Application.get_env(:pleroma, :key1) == [
+ ssl_options: [versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"]]
+ ]
+ end
+
+ test "saving full setting if value is in full_key_update list", %{conn: conn} do
+ backends = Application.get_env(:logger, :backends)
+ on_exit(fn -> Application.put_env(:logger, :backends, backends) end)
+
+ config =
+ insert(:config,
+ group: ":logger",
+ key: ":backends",
+ value: :erlang.term_to_binary([])
+ )
+
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{
+ group: config.group,
+ key: config.key,
+ value: [":console", %{"tuple" => ["ExSyslogger", ":ex_syslogger"]}]
+ }
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":logger",
+ "key" => ":backends",
+ "value" => [
+ ":console",
+ %{"tuple" => ["ExSyslogger", ":ex_syslogger"]}
+ ]
+ }
+ ]
+ }
+
+ assert Application.get_env(:logger, :backends) == [
+ :console,
+ {ExSyslogger, :ex_syslogger}
+ ]
+
+ ExUnit.CaptureLog.capture_log(fn ->
+ require Logger
+ Logger.warn("Ooops...")
+ end) =~ "Ooops..."
+ end
+
+ test "saving full setting if value is not keyword", %{conn: conn} do
+ config =
+ insert(:config,
+ group: ":tesla",
+ key: ":adapter",
+ value: :erlang.term_to_binary(Tesla.Adapter.Hackey)
+ )
+
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{group: config.group, key: config.key, value: "Tesla.Adapter.Httpc"}
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":tesla",
+ "key" => ":adapter",
+ "value" => "Tesla.Adapter.Httpc"
+ }
+ ]
+ }
+ end
+
+ test "update config setting & delete", %{conn: conn} do
+ config1 = insert(:config, key: ":keyaa1")
+ config2 = insert(:config, key: ":keyaa2")
+
+ insert(:config,
+ group: "ueberauth",
+ key: "Ueberauth.Strategy.Microsoft.OAuth"
+ )
+
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{group: config1.group, key: config1.key, value: "another_value"},
+ %{group: config2.group, key: config2.key, delete: true},
+ %{
+ group: "ueberauth",
+ key: "Ueberauth.Strategy.Microsoft.OAuth",
+ delete: true
+ }
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":pleroma",
+ "key" => config1.key,
+ "value" => "another_value"
+ }
+ ]
+ }
+
+ assert Application.get_env(:pleroma, :keyaa1) == "another_value"
+ refute Application.get_env(:pleroma, :keyaa2)
+ end
+
+ test "common config example", %{conn: conn} do
+ adapter = Application.get_env(:tesla, :adapter)
+ on_exit(fn -> Application.put_env(:tesla, :adapter, adapter) end)
+
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{
+ "group" => ":pleroma",
+ "key" => "Pleroma.Captcha.NotReal",
+ "value" => [
%{"tuple" => [":enabled", false]},
%{"tuple" => [":method", "Pleroma.Captcha.Kocaptcha"]},
%{"tuple" => [":seconds_valid", 60]},
%{"tuple" => [":regex1", "~r/https:\/\/example.com/"]},
%{"tuple" => [":regex2", "~r/https:\/\/example.com/u"]},
%{"tuple" => [":regex3", "~r/https:\/\/example.com/i"]},
- %{"tuple" => [":regex4", "~r/https:\/\/example.com/s"]}
+ %{"tuple" => [":regex4", "~r/https:\/\/example.com/s"]},
+ %{"tuple" => [":name", "Pleroma"]}
]
- }
+ },
+ %{"group" => ":tesla", "key" => ":adapter", "value" => "Tesla.Adapter.Httpc"}
]
})
+ assert Application.get_env(:tesla, :adapter) == Tesla.Adapter.Httpc
+ assert Pleroma.Config.get([Pleroma.Captcha.NotReal, :name]) == "Pleroma"
+
assert json_response(conn, 200) == %{
"configs" => [
%{
- "group" => "pleroma",
+ "group" => ":pleroma",
"key" => "Pleroma.Captcha.NotReal",
"value" => [
%{"tuple" => [":enabled", false]},
%{"tuple" => [":regex1", "~r/https:\\/\\/example.com/"]},
%{"tuple" => [":regex2", "~r/https:\\/\\/example.com/u"]},
%{"tuple" => [":regex3", "~r/https:\\/\\/example.com/i"]},
- %{"tuple" => [":regex4", "~r/https:\\/\\/example.com/s"]}
+ %{"tuple" => [":regex4", "~r/https:\\/\\/example.com/s"]},
+ %{"tuple" => [":name", "Pleroma"]}
]
- }
+ },
+ %{"group" => ":tesla", "key" => ":adapter", "value" => "Tesla.Adapter.Httpc"}
]
}
end
post(conn, "/api/pleroma/admin/config", %{
configs: [
%{
- "group" => "pleroma",
+ "group" => ":pleroma",
"key" => "Pleroma.Web.Endpoint.NotReal",
"value" => [
%{
assert json_response(conn, 200) == %{
"configs" => [
%{
- "group" => "pleroma",
+ "group" => ":pleroma",
"key" => "Pleroma.Web.Endpoint.NotReal",
"value" => [
%{
post(conn, "/api/pleroma/admin/config", %{
configs: [
%{
- "group" => "pleroma",
+ "group" => ":pleroma",
"key" => ":key1",
"value" => [
%{"tuple" => [":key2", "some_val"]},
%{
"configs" => [
%{
- "group" => "pleroma",
+ "group" => ":pleroma",
"key" => ":key1",
"value" => [
%{"tuple" => [":key2", "some_val"]},
post(conn, "/api/pleroma/admin/config", %{
configs: [
%{
- "group" => "pleroma",
+ "group" => ":pleroma",
"key" => ":key1",
"value" => %{"key" => "some_val"}
}
%{
"configs" => [
%{
- "group" => "pleroma",
+ "group" => ":pleroma",
"key" => ":key1",
"value" => %{"key" => "some_val"}
}
post(conn, "/api/pleroma/admin/config", %{
configs: [
%{
- "group" => "pleroma",
+ "group" => ":pleroma",
"key" => "Pleroma.Web.Endpoint.NotReal",
"value" => [
%{
assert json_response(conn, 200) == %{
"configs" => [
%{
- "group" => "pleroma",
+ "group" => ":pleroma",
"key" => "Pleroma.Web.Endpoint.NotReal",
"value" => [
%{
post(conn, "/api/pleroma/admin/config", %{
configs: [
%{
- "group" => "oban",
+ "group" => ":oban",
"key" => ":queues",
"value" => [
%{"tuple" => [":federator_incoming", 50]},
assert json_response(conn, 200) == %{
"configs" => [
%{
- "group" => "oban",
+ "group" => ":oban",
"key" => ":queues",
"value" => [
%{"tuple" => [":federator_incoming", 50]},
test "delete part of settings by atom subkeys", %{conn: conn} do
config =
insert(:config,
- key: "keyaa1",
+ key: ":keyaa1",
value: :erlang.term_to_binary(subkey1: "val1", subkey2: "val2", subkey3: "val3")
)
group: config.group,
key: config.key,
subkeys: [":subkey1", ":subkey3"],
- delete: "true"
+ delete: true
}
]
})
- assert(
- json_response(conn, 200) == %{
- "configs" => [
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":pleroma",
+ "key" => ":keyaa1",
+ "value" => [%{"tuple" => [":subkey2", "val2"]}]
+ }
+ ]
+ }
+ end
+
+ test "proxy tuple localhost", %{conn: conn} do
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
%{
- "group" => "pleroma",
- "key" => "keyaa1",
- "value" => [%{"tuple" => [":subkey2", "val2"]}]
+ group: ":pleroma",
+ key: ":http",
+ value: [
+ %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "localhost", 1234]}]},
+ %{"tuple" => [":send_user_agent", false]}
+ ]
}
]
- }
- )
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":pleroma",
+ "key" => ":http",
+ "value" => [
+ %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "localhost", 1234]}]},
+ %{"tuple" => [":send_user_agent", false]}
+ ]
+ }
+ ]
+ }
end
- end
- describe "config mix tasks run" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ test "proxy tuple domain", %{conn: conn} do
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{
+ group: ":pleroma",
+ key: ":http",
+ value: [
+ %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "domain.com", 1234]}]},
+ %{"tuple" => [":send_user_agent", false]}
+ ]
+ }
+ ]
+ })
+
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":pleroma",
+ "key" => ":http",
+ "value" => [
+ %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "domain.com", 1234]}]},
+ %{"tuple" => [":send_user_agent", false]}
+ ]
+ }
+ ]
+ }
+ end
+
+ test "proxy tuple ip", %{conn: conn} do
+ conn =
+ post(conn, "/api/pleroma/admin/config", %{
+ configs: [
+ %{
+ group: ":pleroma",
+ key: ":http",
+ value: [
+ %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "127.0.0.1", 1234]}]},
+ %{"tuple" => [":send_user_agent", false]}
+ ]
+ }
+ ]
+ })
- temp_file = "config/test.exported_from_db.secret.exs"
+ assert json_response(conn, 200) == %{
+ "configs" => [
+ %{
+ "group" => ":pleroma",
+ "key" => ":http",
+ "value" => [
+ %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "127.0.0.1", 1234]}]},
+ %{"tuple" => [":send_user_agent", false]}
+ ]
+ }
+ ]
+ }
+ end
+ end
+ describe "config mix tasks run" do
+ setup do
Mix.shell(Mix.Shell.Quiet)
on_exit(fn ->
Mix.shell(Mix.Shell.IO)
- :ok = File.rm(temp_file)
end)
- %{conn: assign(conn, :user, admin), admin: admin}
+ :ok
end
- clear_config([:instance, :dynamic_configuration]) do
- Pleroma.Config.put([:instance, :dynamic_configuration], true)
+ clear_config([:configurable_from_database]) do
+ Pleroma.Config.put([:configurable_from_database], true)
end
clear_config([:feed, :post_title]) do
Pleroma.Config.put([:feed, :post_title], %{max_length: 100, omission: "…"})
end
- test "transfer settings to DB and to file", %{conn: conn, admin: admin} do
- assert Pleroma.Repo.all(Pleroma.Web.AdminAPI.Config) == []
- conn = get(conn, "/api/pleroma/admin/config/migrate_to_db")
- assert json_response(conn, 200) == %{}
- assert Pleroma.Repo.all(Pleroma.Web.AdminAPI.Config) > 0
+ test "transfer settings to DB and to file", %{conn: conn} do
+ on_exit(fn -> :ok = File.rm("config/test.exported_from_db.secret.exs") end)
+ assert Repo.all(Pleroma.Web.AdminAPI.Config) == []
+ Mix.Tasks.Pleroma.Config.run(["migrate_to_db"])
+ assert Repo.aggregate(Pleroma.Web.AdminAPI.Config, :count, :id) > 0
- conn =
- build_conn()
- |> assign(:user, admin)
- |> get("/api/pleroma/admin/config/migrate_from_db")
+ conn = get(conn, "/api/pleroma/admin/config/migrate_from_db")
assert json_response(conn, 200) == %{}
- assert Pleroma.Repo.all(Pleroma.Web.AdminAPI.Config) == []
+ assert Repo.all(Pleroma.Web.AdminAPI.Config) == []
+ end
+
+ test "returns error if configuration from database is off", %{conn: conn} do
+ initial = Pleroma.Config.get([:configurable_from_database])
+ on_exit(fn -> Pleroma.Config.put([:configurable_from_database], initial) end)
+ Pleroma.Config.put([:configurable_from_database], false)
+
+ conn = get(conn, "/api/pleroma/admin/config/migrate_from_db")
+
+ assert json_response(conn, 400) ==
+ "To use this endpoint you need to enable configuration from database."
+
+ assert Repo.all(Pleroma.Web.AdminAPI.Config) == []
end
end
describe "GET /api/pleroma/admin/users/:nickname/statuses" do
setup do
- admin = insert(:user, is_admin: true)
user = insert(:user)
date1 = (DateTime.to_unix(DateTime.utc_now()) + 2000) |> DateTime.from_unix!()
insert(:note_activity, user: user, published: date2)
insert(:note_activity, user: user, published: date3)
- conn =
- build_conn()
- |> assign(:user, admin)
-
- {:ok, conn: conn, user: user}
+ %{user: user}
end
test "renders user's statuses", %{conn: conn, user: user} do
end
describe "GET /api/pleroma/admin/moderation_log" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ setup do
moderator = insert(:user, is_moderator: true)
- %{conn: assign(conn, :user, admin), admin: admin, moderator: moderator}
+ %{moderator: moderator}
end
test "returns the log", %{conn: conn, admin: admin} do
end
describe "PATCH /users/:nickname/force_password_reset" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
+ test "sets password_reset_pending to true", %{conn: conn} do
user = insert(:user)
-
- %{conn: assign(conn, :user, admin), admin: admin, user: user}
- end
-
- test "sets password_reset_pending to true", %{admin: admin, user: user} do
assert user.password_reset_pending == false
conn =
- build_conn()
- |> assign(:user, admin)
- |> patch("/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
+ patch(conn, "/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
assert json_response(conn, 204) == ""
end
describe "relays" do
- setup %{conn: conn} do
- admin = insert(:user, is_admin: true)
-
- %{conn: assign(conn, :user, admin), admin: admin}
- end
-
- test "POST /relay", %{admin: admin} do
+ test "POST /relay", %{conn: conn, admin: admin} do
conn =
- build_conn()
- |> assign(:user, admin)
- |> post("/api/pleroma/admin/relay", %{
+ post(conn, "/api/pleroma/admin/relay", %{
relay_url: "http://mastodon.example.org/users/admin"
})
"@#{admin.nickname} followed relay: http://mastodon.example.org/users/admin"
end
- test "GET /relay", %{admin: admin} do
+ test "GET /relay", %{conn: conn} do
relay_user = Pleroma.Web.ActivityPub.Relay.get_actor()
["http://mastodon.example.org/users/admin", "https://mstdn.io/users/mayuutann"]
User.follow(relay_user, user)
end)
- conn =
- build_conn()
- |> assign(:user, admin)
- |> get("/api/pleroma/admin/relay")
+ conn = get(conn, "/api/pleroma/admin/relay")
assert json_response(conn, 200)["relays"] -- ["mastodon.example.org", "mstdn.io"] == []
end
- test "DELETE /relay", %{admin: admin} do
- build_conn()
- |> assign(:user, admin)
- |> post("/api/pleroma/admin/relay", %{
+ test "DELETE /relay", %{conn: conn, admin: admin} do
+ post(conn, "/api/pleroma/admin/relay", %{
relay_url: "http://mastodon.example.org/users/admin"
})
conn =
- build_conn()
- |> assign(:user, admin)
- |> delete("/api/pleroma/admin/relay", %{
+ delete(conn, "/api/pleroma/admin/relay", %{
relay_url: "http://mastodon.example.org/users/admin"
})
"@#{admin.nickname} unfollowed relay: http://mastodon.example.org/users/admin"
end
end
+
+ describe "instances" do
+ test "GET /instances/:instance/statuses", %{conn: conn} do
+ user = insert(:user, local: false, nickname: "archaeme@archae.me")
+ user2 = insert(:user, local: false, nickname: "test@test.com")
+ insert_pair(:note_activity, user: user)
+ insert(:note_activity, user: user2)
+
+ ret_conn = get(conn, "/api/pleroma/admin/instances/archae.me/statuses")
+
+ response = json_response(ret_conn, 200)
+
+ assert length(response) == 2
+
+ ret_conn = get(conn, "/api/pleroma/admin/instances/test.com/statuses")
+
+ response = json_response(ret_conn, 200)
+
+ assert length(response) == 1
+
+ ret_conn = get(conn, "/api/pleroma/admin/instances/nonexistent.com/statuses")
+
+ response = json_response(ret_conn, 200)
+
+ assert length(response) == 0
+ end
+ end
+
+ describe "PATCH /confirm_email" do
+ test "it confirms emails of two users", %{conn: conn, admin: admin} do
+ [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
+
+ assert first_user.confirmation_pending == true
+ assert second_user.confirmation_pending == true
+
+ ret_conn =
+ patch(conn, "/api/pleroma/admin/users/confirm_email", %{
+ nicknames: [
+ first_user.nickname,
+ second_user.nickname
+ ]
+ })
+
+ assert ret_conn.status == 200
+
+ assert first_user.confirmation_pending == true
+ assert second_user.confirmation_pending == true
+
+ log_entry = Repo.one(ModerationLog)
+
+ assert ModerationLog.get_log_entry_message(log_entry) ==
+ "@#{admin.nickname} confirmed email for users: @#{first_user.nickname}, @#{
+ second_user.nickname
+ }"
+ end
+ end
+
+ describe "PATCH /resend_confirmation_email" do
+ test "it resend emails for two users", %{conn: conn, admin: admin} do
+ [first_user, second_user] = insert_pair(:user, confirmation_pending: true)
+
+ ret_conn =
+ patch(conn, "/api/pleroma/admin/users/resend_confirmation_email", %{
+ nicknames: [
+ first_user.nickname,
+ second_user.nickname
+ ]
+ })
+
+ assert ret_conn.status == 200
+
+ log_entry = Repo.one(ModerationLog)
+
+ assert ModerationLog.get_log_entry_message(log_entry) ==
+ "@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{
+ second_user.nickname
+ }"
+ end
+ end
+
+ describe "POST /reports/:id/notes" do
+ setup %{conn: conn, admin: admin} do
+ [reporter, target_user] = insert_pair(:user)
+ activity = insert(:note_activity, user: target_user)
+
+ {:ok, %{id: report_id}} =
+ CommonAPI.report(reporter, %{
+ "account_id" => target_user.id,
+ "comment" => "I feel offended",
+ "status_ids" => [activity.id]
+ })
+
+ post(conn, "/api/pleroma/admin/reports/#{report_id}/notes", %{
+ content: "this is disgusting!"
+ })
+
+ post(conn, "/api/pleroma/admin/reports/#{report_id}/notes", %{
+ content: "this is disgusting2!"
+ })
+
+ %{
+ admin_id: admin.id,
+ report_id: report_id
+ }
+ end
+
+ test "it creates report note", %{admin_id: admin_id, report_id: report_id} do
+ [note, _] = Repo.all(ReportNote)
+
+ assert %{
+ activity_id: ^report_id,
+ content: "this is disgusting!",
+ user_id: ^admin_id
+ } = note
+ end
+
+ test "it returns reports with notes", %{conn: conn, admin: admin} do
+ conn = get(conn, "/api/pleroma/admin/reports")
+
+ response = json_response(conn, 200)
+ notes = hd(response["reports"])["notes"]
+ [note, _] = notes
+
+ assert note["user"]["nickname"] == admin.nickname
+ assert note["content"] == "this is disgusting!"
+ assert note["created_at"]
+ assert response["total"] == 1
+ end
+
+ test "it deletes the note", %{conn: conn, report_id: report_id} do
+ assert ReportNote |> Repo.all() |> length() == 2
+
+ [note, _] = Repo.all(ReportNote)
+
+ delete(conn, "/api/pleroma/admin/reports/#{report_id}/notes/#{note.id}")
+
+ assert ReportNote |> Repo.all() |> length() == 1
+ end
+ end
+
+ test "GET /api/pleroma/admin/config/descriptions", %{conn: conn} do
+ admin = insert(:user, is_admin: true)
+
+ conn =
+ assign(conn, :user, admin)
+ |> get("/api/pleroma/admin/config/descriptions")
+
+ assert [child | _others] = json_response(conn, 200)
+
+ assert child["children"]
+ assert child["key"]
+ assert String.starts_with?(child["group"], ":")
+ assert child["description"]
+ end
end
# Needed for testing
projects / akkoma / blobdiff