admin api endpoints for invites

2019-04-06 20:25:19 +07:00 · 2019-04-06 20:25:19 +07:00 · dcc54f8cfa
parent 47b07cec49
commit dcc54f8cfa
4 changed files with 191 additions and 20 deletions
--- a/lib/pleroma/web/admin_api/admin_api_controller.ex
+++ b/lib/pleroma/web/admin_api/admin_api_controller.ex
@ -9,6 +9,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
  alias Pleroma.Web.AdminAPI.AccountView
  alias Pleroma.Web.AdminAPI.Search

+  alias Pleroma.UserInviteToken
+
  import Pleroma.Web.ControllerHelper, only: [json_response: 3]

  require Logger
@ -235,7 +237,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
    with true <-
           Pleroma.Config.get([:instance, :invites_enabled]) &&
             !Pleroma.Config.get([:instance, :registrations_open]),
-         {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(),
+         {:ok, invite_token} <- UserInviteToken.create_invite(),
         email <-
           Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]),
         {:ok, _} <- Pleroma.Mailer.deliver(email) do
@ -244,11 +246,29 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
  end

  @doc "Get a account registeration invite token (base64 string)"
-  def get_invite_token(conn, _params) do
-    {:ok, token} = Pleroma.UserInviteToken.create_token()
+  def get_invite_token(conn, params) do
+    options = params["invite"] || %{}
+    {:ok, invite} = UserInviteToken.create_invite(options)

    conn
-    |> json(token.token)
+    |> json(invite.token)
+  end
+
+  @doc "Get list of created invites"
+  def invites_list(conn, _params) do
+    invites = UserInviteToken.list_invites()
+
+    conn
+    |> json(AccountView.render("invites.json", %{invites: invites}))
+  end
+
+  @doc "Revokes invite by token"
+  def invite_revoke(conn, %{"token" => token}) do
+    invite = UserInviteToken.find_by_token!(token)
+    {:ok, updated_invite} = UserInviteToken.update_invite(invite, %{used: true})
+
+    conn
+    |> json(AccountView.render("invite.json", %{invite: updated_invite}))
  end

  @doc "Get a password reset token (base64 string) for given nickname"
--- a/lib/pleroma/web/admin_api/views/account_view.ex
+++ b/lib/pleroma/web/admin_api/views/account_view.ex
@ -26,4 +26,22 @@ defmodule Pleroma.Web.AdminAPI.AccountView do
      "tags" => user.tags || []
    }
  end
+
+  def render("invite.json", %{invite: invite}) do
+    %{
+      "id" => invite.id,
+      "token" => invite.token,
+      "used" => invite.used,
+      "expire_at" => invite.expire_at,
+      "uses" => invite.uses,
+      "max_use" => invite.max_use,
+      "invite_type" => invite.invite_type
+    }
+  end
+
+  def render("invites.json", %{invites: invites}) do
+    %{
+      invites: render_many(invites, AccountView, "invite.json", as: :invite)
+    }
+  end
 end
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@ -163,6 +163,8 @@ defmodule Pleroma.Web.Router do
    delete("/relay", AdminAPIController, :relay_unfollow)

    get("/invite_token", AdminAPIController, :get_invite_token)
+    get("/invites_list", AdminAPIController, :invites_list)
+    post("/invite_revoke", AdminAPIController, :invite_revoke)
    post("/email_invite", AdminAPIController, :email_invite)

    get("/password_reset", AdminAPIController, :get_password_reset)
--- a/test/web/admin_api/admin_api_controller_test.exs
+++ b/test/web/admin_api/admin_api_controller_test.exs
@ -6,6 +6,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
  use Pleroma.Web.ConnCase

  alias Pleroma.User
+  alias Pleroma.UserInviteToken
  import Pleroma.Factory

  describe "/api/pleroma/admin/user" do
@ -80,14 +81,13 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
      user = insert(:user)
      follower = insert(:user)

-      conn =
-        build_conn()
-        |> assign(:user, admin)
-        |> put_req_header("accept", "application/json")
-        |> post("/api/pleroma/admin/user/follow", %{
-          "follower" => follower.nickname,
-          "followed" => user.nickname
-        })
+      build_conn()
+      |> assign(:user, admin)
+      |> put_req_header("accept", "application/json")
+      |> post("/api/pleroma/admin/user/follow", %{
+        "follower" => follower.nickname,
+        "followed" => user.nickname
+      })

      user = User.get_by_id(user.id)
      follower = User.get_by_id(follower.id)
@ -104,14 +104,13 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do

      User.follow(follower, user)

-      conn =
-        build_conn()
-        |> assign(:user, admin)
-        |> put_req_header("accept", "application/json")
-        |> post("/api/pleroma/admin/user/unfollow", %{
-          "follower" => follower.nickname,
-          "followed" => user.nickname
-        })
+      build_conn()
+      |> assign(:user, admin)
+      |> put_req_header("accept", "application/json")
+      |> post("/api/pleroma/admin/user/unfollow", %{
+        "follower" => follower.nickname,
+        "followed" => user.nickname
+      })

      user = User.get_by_id(user.id)
      follower = User.get_by_id(follower.id)
@ -642,4 +641,136 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
               "tags" => []
             }
  end
+
+  describe "GET /api/pleroma/admin/invite_token" do
+    test "without options" do
+      admin = insert(:user, info: %{is_admin: true})
+
+      conn =
+        build_conn()
+        |> assign(:user, admin)
+        |> get("/api/pleroma/admin/invite_token")
+
+      token = json_response(conn, 200)
+      invite = UserInviteToken.find_by_token!(token)
+      refute invite.used
+      refute invite.expire_at
+      refute invite.max_use
+      assert invite.invite_type == "one_time"
+    end
+
+    test "with expire_at" do
+      admin = insert(:user, info: %{is_admin: true})
+
+      conn =
+        build_conn()
+        |> assign(:user, admin)
+        |> get("/api/pleroma/admin/invite_token", %{
+          "invite" => %{"expire_at" => Date.to_string(Date.utc_today())}
+        })
+
+      token = json_response(conn, 200)
+      invite = UserInviteToken.find_by_token!(token)
+
+      refute invite.used
+      assert invite.expire_at == Date.utc_today()
+      refute invite.max_use
+      assert invite.invite_type == "date_limited"
+    end
+
+    test "with max_use" do
+      admin = insert(:user, info: %{is_admin: true})
+
+      conn =
+        build_conn()
+        |> assign(:user, admin)
+        |> get("/api/pleroma/admin/invite_token", %{
+          "invite" => %{"max_use" => 150}
+        })
+
+      token = json_response(conn, 200)
+      invite = UserInviteToken.find_by_token!(token)
+      refute invite.used
+      refute invite.expire_at
+      assert invite.max_use == 150
+      assert invite.invite_type == "reusable"
+    end
+
+    test "with max use and expire_at" do
+      admin = insert(:user, info: %{is_admin: true})
+
+      conn =
+        build_conn()
+        |> assign(:user, admin)
+        |> get("/api/pleroma/admin/invite_token", %{
+          "invite" => %{"max_use" => 150, "expire_at" => Date.to_string(Date.utc_today())}
+        })
+
+      token = json_response(conn, 200)
+      invite = UserInviteToken.find_by_token!(token)
+      refute invite.used
+      assert invite.expire_at == Date.utc_today()
+      assert invite.max_use == 150
+      assert invite.invite_type == "reusable_date_limited"
+    end
+  end
+
+  describe "GET /api/pleroma/admin/invites_list" do
+    test "no invites" do
+      admin = insert(:user, info: %{is_admin: true})
+
+      conn =
+        build_conn()
+        |> assign(:user, admin)
+        |> get("/api/pleroma/admin/invites_list")
+
+      assert json_response(conn, 200) == %{"invites" => []}
+    end
+
+    test "with invite" do
+      admin = insert(:user, info: %{is_admin: true})
+      {:ok, invite} = UserInviteToken.create_invite()
+
+      conn =
+        build_conn()
+        |> assign(:user, admin)
+        |> get("/api/pleroma/admin/invites_list")
+
+      assert json_response(conn, 200) == %{
+               "invites" => [
+                 %{
+                   "expire_at" => nil,
+                   "id" => invite.id,
+                   "invite_type" => "one_time",
+                   "max_use" => nil,
+                   "token" => invite.token,
+                   "used" => false,
+                   "uses" => 0
+                 }
+               ]
+             }
+    end
+  end
+
+  describe "POST /api/pleroma/admin/invite_revoke" do
+    test "with token" do
+      admin = insert(:user, info: %{is_admin: true})
+      {:ok, invite} = UserInviteToken.create_invite()
+
+      conn =
+        build_conn()
+        |> assign(:user, admin)
+        |> post("/api/pleroma/admin/invite_revoke", %{"token" => invite.token})
+
+      assert json_response(conn, 200) == %{
+               "expire_at" => nil,
+               "id" => invite.id,
+               "invite_type" => "one_time",
+               "max_use" => nil,
+               "token" => invite.token,
+               "used" => true,
+               "uses" => 0
+             }
+    end
+  end
 end