def delete(activity_id, user) do
with %Activity{data: %{"object" => %{"id" => object_id}}} <- Repo.get(Activity, activity_id),
%Object{} = object <- Object.normalize(object_id),
- true <- user.info.is_moderator || user.ap_id == object.data["actor"],
+ true <- User.superuser?(user) || user.ap_id == object.data["actor"],
{:ok, _} <- unpin(activity_id, user),
{:ok, delete} <- ActivityPub.delete(object) do
{:ok, delete}
assert Repo.get(Activity, activity.id) == activity
end
+
+ test "when you're an admin or moderator", %{conn: conn} do
+ activity1 = insert(:note_activity)
+ activity2 = insert(:note_activity)
+ admin = insert(:user, info: %{is_admin: true})
+ moderator = insert(:user, info: %{is_moderator: true})
+
+ res_conn =
+ conn
+ |> assign(:user, admin)
+ |> delete("/api/v1/statuses/#{activity1.id}")
+
+ assert %{} = json_response(res_conn, 200)
+
+ res_conn =
+ conn
+ |> assign(:user, moderator)
+ |> delete("/api/v1/statuses/#{activity2.id}")
+
+ assert %{} = json_response(res_conn, 200)
+
+ refute Repo.get(Activity, activity1.id)
+ refute Repo.get(Activity, activity2.id)
+ end
end
describe "filters" do
projects / akkoma / commitdiff