X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=test%2Fweb%2Fadmin_api%2Fadmin_api_controller_test.exs;h=17a872b217f77d2d3c58ad5dcc2f61daea0f03a4;hb=f0fccb75783bcac406133d8cb3d4d3a485189092;hp=acae643614dcf1ea265ca5ed3ca5e3fe32867c4b;hpb=256b492a5855c09f45af0325a9e9cd2508c88366;p=akkoma diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index acae64361..17a872b21 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -5,10 +5,13 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do use Pleroma.Web.ConnCase + alias Pleroma.Activity alias Pleroma.User + alias Pleroma.UserInviteToken + alias Pleroma.Web.CommonAPI import Pleroma.Factory - describe "/api/pleroma/admin/user" do + describe "/api/pleroma/admin/users" do test "Delete" do admin = insert(:user, info: %{is_admin: true}) user = insert(:user) @@ -17,7 +20,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}") + |> delete("/api/pleroma/admin/users?nickname=#{user.nickname}") assert json_response(conn, 200) == user.nickname end @@ -29,7 +32,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> post("/api/pleroma/admin/user", %{ + |> post("/api/pleroma/admin/users", %{ "nickname" => "lain", "email" => "lain@example.org", "password" => "test" @@ -74,6 +77,50 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do end end + describe "/api/pleroma/admin/users/follow" do + test "allows to force-follow another user" do + admin = insert(:user, info: %{is_admin: true}) + user = insert(:user) + follower = insert(:user) + + build_conn() + |> assign(:user, admin) + |> put_req_header("accept", "application/json") + |> post("/api/pleroma/admin/users/follow", %{ + "follower" => follower.nickname, + "followed" => user.nickname + }) + + user = User.get_cached_by_id(user.id) + follower = User.get_cached_by_id(follower.id) + + assert User.following?(follower, user) + end + end + + describe "/api/pleroma/admin/users/unfollow" do + test "allows to force-unfollow another user" do + admin = insert(:user, info: %{is_admin: true}) + user = insert(:user) + follower = insert(:user) + + User.follow(follower, user) + + build_conn() + |> assign(:user, admin) + |> put_req_header("accept", "application/json") + |> post("/api/pleroma/admin/users/unfollow", %{ + "follower" => follower.nickname, + "followed" => user.nickname + }) + + user = User.get_cached_by_id(user.id) + follower = User.get_cached_by_id(follower.id) + + refute User.following?(follower, user) + end + end + describe "PUT /api/pleroma/admin/users/tag" do setup do admin = insert(:user, info: %{is_admin: true}) @@ -100,13 +147,13 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do user2: user2 } do assert json_response(conn, :no_content) - assert User.get_by_id(user1.id).tags == ["x", "foo", "bar"] - assert User.get_by_id(user2.id).tags == ["y", "foo", "bar"] + assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"] + assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"] end test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do assert json_response(conn, :no_content) - assert User.get_by_id(user3.id).tags == ["unchanged"] + assert User.get_cached_by_id(user3.id).tags == ["unchanged"] end end @@ -136,17 +183,17 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do user2: user2 } do assert json_response(conn, :no_content) - assert User.get_by_id(user1.id).tags == [] - assert User.get_by_id(user2.id).tags == ["y"] + assert User.get_cached_by_id(user1.id).tags == [] + assert User.get_cached_by_id(user2.id).tags == ["y"] end test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do assert json_response(conn, :no_content) - assert User.get_by_id(user3.id).tags == ["unchanged"] + assert User.get_cached_by_id(user3.id).tags == ["unchanged"] end end - describe "/api/pleroma/admin/permission_group" do + describe "/api/pleroma/admin/users/:nickname/permission_group" do test "GET is giving user_info" do admin = insert(:user, info: %{is_admin: true}) @@ -154,7 +201,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> get("/api/pleroma/admin/permission_group/#{admin.nickname}") + |> get("/api/pleroma/admin/users/#{admin.nickname}/permission_group/") assert json_response(conn, 200) == %{ "is_admin" => true, @@ -170,7 +217,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin") + |> post("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin") assert json_response(conn, 200) == %{ "is_admin" => true @@ -185,7 +232,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin") + |> delete("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin") assert json_response(conn, 200) == %{ "is_admin" => false @@ -193,7 +240,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do end end - describe "PUT /api/pleroma/admin/activation_status" do + describe "PUT /api/pleroma/admin/users/:nickname/activation_status" do setup %{conn: conn} do admin = insert(:user, info: %{is_admin: true}) @@ -210,9 +257,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do conn = conn - |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false}) + |> put("/api/pleroma/admin/users/#{user.nickname}/activation_status", %{status: false}) - user = User.get_by_id(user.id) + user = User.get_cached_by_id(user.id) assert user.info.deactivated == true assert json_response(conn, :no_content) end @@ -222,9 +269,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do conn = conn - |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true}) + |> put("/api/pleroma/admin/users/#{user.nickname}/activation_status", %{status: true}) - user = User.get_by_id(user.id) + user = User.get_cached_by_id(user.id) assert user.info.deactivated == false assert json_response(conn, :no_content) end @@ -235,7 +282,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do conn = conn |> assign(:user, user) - |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false}) + |> put("/api/pleroma/admin/users/#{user.nickname}/activation_status", %{status: false}) assert json_response(conn, :forbidden) end @@ -264,7 +311,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do conn = conn |> assign(:user, user) - |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}") + |> post( + "/api/pleroma/admin/users/email_invite?email=#{recipient_email}&name=#{recipient_name}" + ) assert json_response(conn, :no_content) @@ -272,13 +321,21 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do assert token_record refute token_record.used - Swoosh.TestAssertions.assert_email_sent( - Pleroma.UserEmail.user_invitation_email( + notify_email = Pleroma.Config.get([:instance, :notify_email]) + instance_name = Pleroma.Config.get([:instance, :name]) + + email = + Pleroma.Emails.UserEmail.user_invitation_email( user, token_record, recipient_email, recipient_name ) + + Swoosh.TestAssertions.assert_email_sent( + from: {instance_name, notify_email}, + to: {recipient_name, recipient_email}, + html_body: email.html_body ) end @@ -288,13 +345,13 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do conn = conn |> assign(:user, non_admin_user) - |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD") + |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD") assert json_response(conn, :forbidden) end end - describe "POST /api/pleroma/admin/email_invite, with invalid config" do + describe "POST /api/pleroma/admin/users/email_invite, with invalid config" do setup do [user: insert(:user, info: %{is_admin: true})] end @@ -314,7 +371,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do conn = conn |> assign(:user, user) - |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD") + |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD") assert json_response(conn, :internal_server_error) end @@ -334,25 +391,25 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do conn = conn |> assign(:user, user) - |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD") + |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD") assert json_response(conn, :internal_server_error) end end - test "/api/pleroma/admin/invite_token" do + test "/api/pleroma/admin/users/invite_token" do admin = insert(:user, info: %{is_admin: true}) conn = build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> get("/api/pleroma/admin/invite_token") + |> get("/api/pleroma/admin/users/invite_token") assert conn.status == 200 end - test "/api/pleroma/admin/password_reset" do + test "/api/pleroma/admin/users/:nickname/password_reset" do admin = insert(:user, info: %{is_admin: true}) user = insert(:user) @@ -360,69 +417,136 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}") + |> get("/api/pleroma/admin/users/#{user.nickname}/password_reset") assert conn.status == 200 end describe "GET /api/pleroma/admin/users" do - test "renders users array for the first page" do + setup do admin = insert(:user, info: %{is_admin: true}) - user = insert(:user, local: false, tags: ["foo", "bar"]) conn = build_conn() |> assign(:user, admin) - |> get("/api/pleroma/admin/users?page=1") + + {:ok, conn: conn, admin: admin} + end + + test "renders users array for the first page", %{conn: conn, admin: admin} do + user = insert(:user, local: false, tags: ["foo", "bar"]) + conn = get(conn, "/api/pleroma/admin/users?page=1") + + users = + [ + %{ + "deactivated" => admin.info.deactivated, + "id" => admin.id, + "nickname" => admin.nickname, + "roles" => %{"admin" => true, "moderator" => false}, + "local" => true, + "tags" => [] + }, + %{ + "deactivated" => user.info.deactivated, + "id" => user.id, + "nickname" => user.nickname, + "roles" => %{"admin" => false, "moderator" => false}, + "local" => false, + "tags" => ["foo", "bar"] + } + ] + |> Enum.sort_by(& &1["nickname"]) + + assert json_response(conn, 200) == %{ + "count" => 2, + "page_size" => 50, + "users" => users + } + end + + test "renders empty array for the second page", %{conn: conn} do + insert(:user) + + conn = get(conn, "/api/pleroma/admin/users?page=2") assert json_response(conn, 200) == %{ "count" => 2, "page_size" => 50, + "users" => [] + } + end + + test "regular search", %{conn: conn} do + user = insert(:user, nickname: "bob") + + conn = get(conn, "/api/pleroma/admin/users?query=bo") + + assert json_response(conn, 200) == %{ + "count" => 1, + "page_size" => 50, "users" => [ %{ - "deactivated" => admin.info.deactivated, - "id" => admin.id, - "nickname" => admin.nickname, - "roles" => %{"admin" => true, "moderator" => false}, + "deactivated" => user.info.deactivated, + "id" => user.id, + "nickname" => user.nickname, + "roles" => %{"admin" => false, "moderator" => false}, "local" => true, "tags" => [] - }, + } + ] + } + end + + test "search by domain", %{conn: conn} do + user = insert(:user, nickname: "nickname@domain.com") + insert(:user) + + conn = get(conn, "/api/pleroma/admin/users?query=domain.com") + + assert json_response(conn, 200) == %{ + "count" => 1, + "page_size" => 50, + "users" => [ %{ "deactivated" => user.info.deactivated, "id" => user.id, "nickname" => user.nickname, "roles" => %{"admin" => false, "moderator" => false}, - "local" => false, - "tags" => ["foo", "bar"] + "local" => true, + "tags" => [] } ] } end - test "renders empty array for the second page" do - admin = insert(:user, info: %{is_admin: true}) + test "search by full nickname", %{conn: conn} do + user = insert(:user, nickname: "nickname@domain.com") insert(:user) - conn = - build_conn() - |> assign(:user, admin) - |> get("/api/pleroma/admin/users?page=2") + conn = get(conn, "/api/pleroma/admin/users?query=nickname@domain.com") assert json_response(conn, 200) == %{ - "count" => 2, + "count" => 1, "page_size" => 50, - "users" => [] + "users" => [ + %{ + "deactivated" => user.info.deactivated, + "id" => user.id, + "nickname" => user.nickname, + "roles" => %{"admin" => false, "moderator" => false}, + "local" => true, + "tags" => [] + } + ] } end - test "regular search" do - admin = insert(:user, info: %{is_admin: true}) - user = insert(:user, nickname: "bob") + test "search by display name", %{conn: conn} do + user = insert(:user, name: "Display name") + insert(:user) - conn = - build_conn() - |> assign(:user, admin) - |> get("/api/pleroma/admin/users?query=bo") + conn = get(conn, "/api/pleroma/admin/users?name=display") assert json_response(conn, 200) == %{ "count" => 1, @@ -440,17 +564,35 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do } end - test "regular search with page size" do - admin = insert(:user, info: %{is_admin: true}) + test "search by email", %{conn: conn} do + user = insert(:user, email: "email@example.com") + insert(:user) + + conn = get(conn, "/api/pleroma/admin/users?email=email@example.com") + + assert json_response(conn, 200) == %{ + "count" => 1, + "page_size" => 50, + "users" => [ + %{ + "deactivated" => user.info.deactivated, + "id" => user.id, + "nickname" => user.nickname, + "roles" => %{"admin" => false, "moderator" => false}, + "local" => true, + "tags" => [] + } + ] + } + end + + test "regular search with page size", %{conn: conn} do user = insert(:user, nickname: "aalice") user2 = insert(:user, nickname: "alice") - conn = - build_conn() - |> assign(:user, admin) - |> get("/api/pleroma/admin/users?query=a&page_size=1&page=1") + conn1 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=1") - assert json_response(conn, 200) == %{ + assert json_response(conn1, 200) == %{ "count" => 2, "page_size" => 1, "users" => [ @@ -465,12 +607,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do ] } - conn = - build_conn() - |> assign(:user, admin) - |> get("/api/pleroma/admin/users?query=a&page_size=1&page=2") + conn2 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=2") - assert json_response(conn, 200) == %{ + assert json_response(conn2, 200) == %{ "count" => 2, "page_size" => 1, "users" => [ @@ -513,7 +652,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do } end - test "only local users with no query" do + test "only local users with no query", %{admin: old_admin} do admin = insert(:user, info: %{is_admin: true}, nickname: "john") user = insert(:user, nickname: "bob") @@ -524,30 +663,136 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do |> assign(:user, admin) |> get("/api/pleroma/admin/users?filters=local") + users = + [ + %{ + "deactivated" => user.info.deactivated, + "id" => user.id, + "nickname" => user.nickname, + "roles" => %{"admin" => false, "moderator" => false}, + "local" => true, + "tags" => [] + }, + %{ + "deactivated" => admin.info.deactivated, + "id" => admin.id, + "nickname" => admin.nickname, + "roles" => %{"admin" => true, "moderator" => false}, + "local" => true, + "tags" => [] + }, + %{ + "deactivated" => false, + "id" => old_admin.id, + "local" => true, + "nickname" => old_admin.nickname, + "roles" => %{"admin" => true, "moderator" => false}, + "tags" => [] + } + ] + |> Enum.sort_by(& &1["nickname"]) + + assert json_response(conn, 200) == %{ + "count" => 3, + "page_size" => 50, + "users" => users + } + end + + test "load only admins", %{conn: conn, admin: admin} do + second_admin = insert(:user, info: %{is_admin: true}) + insert(:user) + insert(:user) + + conn = get(conn, "/api/pleroma/admin/users?filters=is_admin") + + users = + [ + %{ + "deactivated" => false, + "id" => admin.id, + "nickname" => admin.nickname, + "roles" => %{"admin" => true, "moderator" => false}, + "local" => admin.local, + "tags" => [] + }, + %{ + "deactivated" => false, + "id" => second_admin.id, + "nickname" => second_admin.nickname, + "roles" => %{"admin" => true, "moderator" => false}, + "local" => second_admin.local, + "tags" => [] + } + ] + |> Enum.sort_by(& &1["nickname"]) + assert json_response(conn, 200) == %{ "count" => 2, "page_size" => 50, + "users" => users + } + end + + test "load only moderators", %{conn: conn} do + moderator = insert(:user, info: %{is_moderator: true}) + insert(:user) + insert(:user) + + conn = get(conn, "/api/pleroma/admin/users?filters=is_moderator") + + assert json_response(conn, 200) == %{ + "count" => 1, + "page_size" => 50, "users" => [ %{ - "deactivated" => user.info.deactivated, - "id" => user.id, - "nickname" => user.nickname, - "roles" => %{"admin" => false, "moderator" => false}, - "local" => true, - "tags" => [] - }, - %{ - "deactivated" => admin.info.deactivated, - "id" => admin.id, - "nickname" => admin.nickname, - "roles" => %{"admin" => true, "moderator" => false}, - "local" => true, + "deactivated" => false, + "id" => moderator.id, + "nickname" => moderator.nickname, + "roles" => %{"admin" => false, "moderator" => true}, + "local" => moderator.local, "tags" => [] } ] } end + test "load users with tags list", %{conn: conn} do + user1 = insert(:user, tags: ["first"]) + user2 = insert(:user, tags: ["second"]) + insert(:user) + insert(:user) + + conn = get(conn, "/api/pleroma/admin/users?tags[]=first&tags[]=second") + + users = + [ + %{ + "deactivated" => false, + "id" => user1.id, + "nickname" => user1.nickname, + "roles" => %{"admin" => false, "moderator" => false}, + "local" => user1.local, + "tags" => ["first"] + }, + %{ + "deactivated" => false, + "id" => user2.id, + "nickname" => user2.nickname, + "roles" => %{"admin" => false, "moderator" => false}, + "local" => user2.local, + "tags" => ["second"] + } + ] + |> Enum.sort_by(& &1["nickname"]) + + assert json_response(conn, 200) == %{ + "count" => 2, + "page_size" => 50, + "users" => users + } + end + test "it works with multiple filters" do admin = insert(:user, nickname: "john", info: %{is_admin: true}) user = insert(:user, nickname: "bob", local: false, info: %{deactivated: true}) @@ -596,4 +841,656 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "tags" => [] } end + + describe "GET /api/pleroma/admin/users/invite_token" do + setup do + admin = insert(:user, info: %{is_admin: true}) + + conn = + build_conn() + |> assign(:user, admin) + + {:ok, conn: conn} + end + + test "without options", %{conn: conn} do + conn = get(conn, "/api/pleroma/admin/users/invite_token") + + token = json_response(conn, 200) + invite = UserInviteToken.find_by_token!(token) + refute invite.used + refute invite.expires_at + refute invite.max_use + assert invite.invite_type == "one_time" + end + + test "with expires_at", %{conn: conn} do + conn = + get(conn, "/api/pleroma/admin/users/invite_token", %{ + "invite" => %{"expires_at" => Date.to_string(Date.utc_today())} + }) + + token = json_response(conn, 200) + invite = UserInviteToken.find_by_token!(token) + + refute invite.used + assert invite.expires_at == Date.utc_today() + refute invite.max_use + assert invite.invite_type == "date_limited" + end + + test "with max_use", %{conn: conn} do + conn = + get(conn, "/api/pleroma/admin/users/invite_token", %{ + "invite" => %{"max_use" => 150} + }) + + token = json_response(conn, 200) + invite = UserInviteToken.find_by_token!(token) + refute invite.used + refute invite.expires_at + assert invite.max_use == 150 + assert invite.invite_type == "reusable" + end + + test "with max use and expires_at", %{conn: conn} do + conn = + get(conn, "/api/pleroma/admin/users/invite_token", %{ + "invite" => %{"max_use" => 150, "expires_at" => Date.to_string(Date.utc_today())} + }) + + token = json_response(conn, 200) + invite = UserInviteToken.find_by_token!(token) + refute invite.used + assert invite.expires_at == Date.utc_today() + assert invite.max_use == 150 + assert invite.invite_type == "reusable_date_limited" + end + end + + describe "GET /api/pleroma/admin/users/invites" do + setup do + admin = insert(:user, info: %{is_admin: true}) + + conn = + build_conn() + |> assign(:user, admin) + + {:ok, conn: conn} + end + + test "no invites", %{conn: conn} do + conn = get(conn, "/api/pleroma/admin/users/invites") + + assert json_response(conn, 200) == %{"invites" => []} + end + + test "with invite", %{conn: conn} do + {:ok, invite} = UserInviteToken.create_invite() + + conn = get(conn, "/api/pleroma/admin/users/invites") + + assert json_response(conn, 200) == %{ + "invites" => [ + %{ + "expires_at" => nil, + "id" => invite.id, + "invite_type" => "one_time", + "max_use" => nil, + "token" => invite.token, + "used" => false, + "uses" => 0 + } + ] + } + end + end + + describe "POST /api/pleroma/admin/users/revoke_invite" do + test "with token" do + admin = insert(:user, info: %{is_admin: true}) + {:ok, invite} = UserInviteToken.create_invite() + + conn = + build_conn() + |> assign(:user, admin) + |> post("/api/pleroma/admin/users/revoke_invite", %{"token" => invite.token}) + + assert json_response(conn, 200) == %{ + "expires_at" => nil, + "id" => invite.id, + "invite_type" => "one_time", + "max_use" => nil, + "token" => invite.token, + "used" => true, + "uses" => 0 + } + end + end + + describe "GET /api/pleroma/admin/reports/:id" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + + %{conn: assign(conn, :user, admin)} + end + + test "returns report by its id", %{conn: conn} do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + response = + conn + |> get("/api/pleroma/admin/reports/#{report_id}") + |> json_response(:ok) + + assert response["id"] == report_id + end + + test "returns 404 when report id is invalid", %{conn: conn} do + conn = get(conn, "/api/pleroma/admin/reports/test") + + assert json_response(conn, :not_found) == "Not found" + end + end + + describe "PUT /api/pleroma/admin/reports/:id" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + %{conn: assign(conn, :user, admin), id: report_id} + end + + test "mark report as resolved", %{conn: conn, id: id} do + response = + conn + |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "resolved"}) + |> json_response(:ok) + + assert response["state"] == "resolved" + end + + test "closes report", %{conn: conn, id: id} do + response = + conn + |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "closed"}) + |> json_response(:ok) + + assert response["state"] == "closed" + end + + test "returns 400 when state is unknown", %{conn: conn, id: id} do + conn = + conn + |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "test"}) + + assert json_response(conn, :bad_request) == "Unsupported state" + end + + test "returns 404 when report is not exist", %{conn: conn} do + conn = + conn + |> put("/api/pleroma/admin/reports/test", %{"state" => "closed"}) + + assert json_response(conn, :not_found) == "Not found" + end + end + + describe "GET /api/pleroma/admin/reports" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + + %{conn: assign(conn, :user, admin)} + end + + test "returns empty response when no reports created", %{conn: conn} do + response = + conn + |> get("/api/pleroma/admin/reports") + |> json_response(:ok) + + assert Enum.empty?(response["reports"]) + end + + test "returns reports", %{conn: conn} do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + response = + conn + |> get("/api/pleroma/admin/reports") + |> json_response(:ok) + + [report] = response["reports"] + + assert length(response["reports"]) == 1 + assert report["id"] == report_id + end + + test "returns reports with specified state", %{conn: conn} do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: first_report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + {:ok, %{id: second_report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I don't like this user" + }) + + CommonAPI.update_report_state(second_report_id, "closed") + + response = + conn + |> get("/api/pleroma/admin/reports", %{ + "state" => "open" + }) + |> json_response(:ok) + + [open_report] = response["reports"] + + assert length(response["reports"]) == 1 + assert open_report["id"] == first_report_id + + response = + conn + |> get("/api/pleroma/admin/reports", %{ + "state" => "closed" + }) + |> json_response(:ok) + + [closed_report] = response["reports"] + + assert length(response["reports"]) == 1 + assert closed_report["id"] == second_report_id + + response = + conn + |> get("/api/pleroma/admin/reports", %{ + "state" => "resolved" + }) + |> json_response(:ok) + + assert Enum.empty?(response["reports"]) + end + + test "returns 403 when requested by a non-admin" do + user = insert(:user) + + conn = + build_conn() + |> assign(:user, user) + |> get("/api/pleroma/admin/reports") + + assert json_response(conn, :forbidden) == %{"error" => "User is not admin."} + end + + test "returns 403 when requested by anonymous" do + conn = + build_conn() + |> get("/api/pleroma/admin/reports") + + assert json_response(conn, :forbidden) == %{"error" => "Invalid credentials."} + end + end + + describe "POST /api/pleroma/admin/reports/:id/respond" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + + %{conn: assign(conn, :user, admin)} + end + + test "returns created dm", %{conn: conn} do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + response = + conn + |> post("/api/pleroma/admin/reports/#{report_id}/respond", %{ + "status" => "I will check it out" + }) + |> json_response(:ok) + + recipients = Enum.map(response["mentions"], & &1["username"]) + + assert conn.assigns[:user].nickname in recipients + assert reporter.nickname in recipients + assert response["content"] == "I will check it out" + assert response["visibility"] == "direct" + end + + test "returns 400 when status is missing", %{conn: conn} do + conn = post(conn, "/api/pleroma/admin/reports/test/respond") + + assert json_response(conn, :bad_request) == "Invalid parameters" + end + + test "returns 404 when report id is invalid", %{conn: conn} do + conn = + post(conn, "/api/pleroma/admin/reports/test/respond", %{ + "status" => "foo" + }) + + assert json_response(conn, :not_found) == "Not found" + end + end + + describe "PUT /api/pleroma/admin/statuses/:id" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + activity = insert(:note_activity) + + %{conn: assign(conn, :user, admin), id: activity.id} + end + + test "toggle sensitive flag", %{conn: conn, id: id} do + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"sensitive" => "true"}) + |> json_response(:ok) + + assert response["sensitive"] + + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"sensitive" => "false"}) + |> json_response(:ok) + + refute response["sensitive"] + end + + test "change visibility flag", %{conn: conn, id: id} do + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "public"}) + |> json_response(:ok) + + assert response["visibility"] == "public" + + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "private"}) + |> json_response(:ok) + + assert response["visibility"] == "private" + + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "unlisted"}) + |> json_response(:ok) + + assert response["visibility"] == "unlisted" + end + + test "returns 400 when visibility is unknown", %{conn: conn, id: id} do + conn = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "test"}) + + assert json_response(conn, :bad_request) == "Unsupported visibility" + end + end + + describe "DELETE /api/pleroma/admin/statuses/:id" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + activity = insert(:note_activity) + + %{conn: assign(conn, :user, admin), id: activity.id} + end + + test "deletes status", %{conn: conn, id: id} do + conn + |> delete("/api/pleroma/admin/statuses/#{id}") + |> json_response(:ok) + + refute Activity.get_by_id(id) + end + + test "returns error when status is not exist", %{conn: conn} do + conn = + conn + |> delete("/api/pleroma/admin/statuses/test") + + assert json_response(conn, :bad_request) == "Could not delete" + end + end + + describe "GET /api/pleroma/admin/config" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + + %{conn: assign(conn, :user, admin)} + end + + test "without any settings in db", %{conn: conn} do + conn = get(conn, "/api/pleroma/admin/config") + + assert json_response(conn, 200) == %{"configs" => []} + end + + test "with settings in db", %{conn: conn} do + config1 = insert(:config) + config2 = insert(:config) + + conn = get(conn, "/api/pleroma/admin/config") + + %{ + "configs" => [ + %{ + "key" => key1, + "value" => _ + }, + %{ + "key" => key2, + "value" => _ + } + ] + } = json_response(conn, 200) + + assert key1 == config1.key + assert key2 == config2.key + end + end + + describe "POST /api/pleroma/admin/config" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + + temp_file = "config/test.exported_from_db.secret.exs" + + on_exit(fn -> + Application.delete_env(:pleroma, :key1) + Application.delete_env(:pleroma, :key2) + Application.delete_env(:pleroma, :key3) + Application.delete_env(:pleroma, :key4) + Application.delete_env(:pleroma, :keyaa1) + Application.delete_env(:pleroma, :keyaa2) + :ok = File.rm(temp_file) + end) + + dynamic = Pleroma.Config.get([:instance, :dynamic_configuration]) + + Pleroma.Config.put([:instance, :dynamic_configuration], true) + + on_exit(fn -> + Pleroma.Config.put([:instance, :dynamic_configuration], dynamic) + end) + + %{conn: assign(conn, :user, admin)} + end + + test "create new config setting in db", %{conn: conn} do + conn = + post(conn, "/api/pleroma/admin/config", %{ + configs: [ + %{key: "key1", value: "value1"}, + %{ + key: "key2", + value: %{ + "nested_1" => "nested_value1", + "nested_2" => [ + %{"nested_22" => "nested_value222"}, + %{"nested_33" => %{"nested_44" => "nested_444"}} + ] + } + }, + %{ + key: "key3", + value: [ + %{"nested_3" => ":nested_3", "nested_33" => "nested_33"}, + %{"nested_4" => ":true"} + ] + }, + %{ + key: "key4", + value: %{"nested_5" => ":upload", "endpoint" => "https://example.com"} + } + ] + }) + + assert json_response(conn, 200) == %{ + "configs" => [ + %{ + "key" => "key1", + "value" => "value1" + }, + %{ + "key" => "key2", + "value" => [ + %{"nested_1" => "nested_value1"}, + %{ + "nested_2" => [ + %{"nested_22" => "nested_value222"}, + %{"nested_33" => %{"nested_44" => "nested_444"}} + ] + } + ] + }, + %{ + "key" => "key3", + "value" => [ + [%{"nested_3" => "nested_3"}, %{"nested_33" => "nested_33"}], + %{"nested_4" => true} + ] + }, + %{ + "key" => "key4", + "value" => [%{"endpoint" => "https://example.com"}, %{"nested_5" => "upload"}] + } + ] + } + + assert Application.get_env(:pleroma, :key1) == "value1" + + assert Application.get_env(:pleroma, :key2) == [ + nested_1: "nested_value1", + nested_2: [ + [nested_22: "nested_value222"], + [nested_33: [nested_44: "nested_444"]] + ] + ] + + assert Application.get_env(:pleroma, :key3) == [ + [nested_3: :nested_3, nested_33: "nested_33"], + [nested_4: true] + ] + + assert Application.get_env(:pleroma, :key4) == [ + endpoint: "https://example.com", + nested_5: :upload + ] + end + + test "update config setting & delete", %{conn: conn} do + config1 = insert(:config, key: "keyaa1") + config2 = insert(:config, key: "keyaa2") + + conn = + post(conn, "/api/pleroma/admin/config", %{ + configs: [ + %{key: config1.key, value: "another_value"}, + %{key: config2.key, delete: "true"} + ] + }) + + assert json_response(conn, 200) == %{ + "configs" => [ + %{ + "key" => config1.key, + "value" => "another_value" + } + ] + } + + assert Application.get_env(:pleroma, :keyaa1) == "another_value" + refute Application.get_env(:pleroma, :keyaa2) + end + + test "common config example", %{conn: conn} do + conn = + post(conn, "/api/pleroma/admin/config", %{ + configs: [ + %{ + "key" => "Pleroma.Captcha", + "value" => %{ + "enabled" => ":false", + "method" => "Pleroma.Captcha.Kocaptcha", + "seconds_valid" => "i:60" + } + } + ] + }) + + assert json_response(conn, 200) == %{ + "configs" => [ + %{ + "key" => "Pleroma.Captcha", + "value" => [ + %{"enabled" => false}, + %{"method" => "Pleroma.Captcha.Kocaptcha"}, + %{"seconds_valid" => 60} + ] + } + ] + } + end + end end