diff --git a/lib/mix/tasks/pleroma/user.ex b/lib/mix/tasks/pleroma/user.ex index 00a933292..887f45029 100644 --- a/lib/mix/tasks/pleroma/user.ex +++ b/lib/mix/tasks/pleroma/user.ex @@ -315,19 +315,19 @@ def run(["invite" | rest]) do end options = Keyword.put(options, :expire_at, expire_at) - + options = Enum.into(options, %{}) Common.start_pleroma() - with {:ok, token} <- UserInviteToken.create_token(options) do + with {:ok, invite} <- UserInviteToken.create_invite(options) do Mix.shell().info( - "Generated user invite token " <> String.replace(token.token_type, "_", " ") + "Generated user invite token " <> String.replace(invite.invite_type, "_", " ") ) url = Pleroma.Web.Router.Helpers.redirect_url( Pleroma.Web.Endpoint, :registration_page, - token.token + invite.token ) IO.puts(url) @@ -367,7 +367,9 @@ def run(["invites_list"]) do def run(["invite_revoke", token]) do Common.start_pleroma() - with {:ok, _} <- UserInviteToken.mark_as_used(token) do + invite = UserInviteToken.find_by_token!(token) + + with {:ok, _} <- UserInviteToken.update_invite(invite, %{used: true}) do Mix.shell().info("Invite for token #{token} was revoked.") else _ -> Mix.shell().error("No invite found with token #{token}") diff --git a/lib/pleroma/user_invite_token.ex b/lib/pleroma/user_invite_token.ex index 3ed39ddd3..4efdbdc32 100644 --- a/lib/pleroma/user_invite_token.ex +++ b/lib/pleroma/user_invite_token.ex @@ -17,106 +17,101 @@ defmodule Pleroma.UserInviteToken do field(:used, :boolean, default: false) field(:max_use, :integer) field(:expire_at, :date) - field(:uses, :integer) - field(:token_type) + field(:uses, :integer, default: 0) + field(:invite_type, :string) timestamps() end - def create_token(options \\ []) do - token = :crypto.strong_rand_bytes(32) |> Base.url_encode64() - - max_use = options[:max_use] - expire_at = options[:expire_at] - - token = - %UserInviteToken{ - used: false, - token: token, - max_use: max_use, - expire_at: expire_at, - uses: 0 - } - |> token_type() - - Repo.insert(token) + @spec create_invite(map()) :: UserInviteToken.t() + def create_invite(params \\ %{}) do + %UserInviteToken{} + |> cast(params, ~w(max_use expire_at)a) + |> add_token() + |> assign_type() + |> Repo.insert() end + defp add_token(changeset) do + token = :crypto.strong_rand_bytes(32) |> Base.url_encode64() + put_change(changeset, :token, token) + end + + defp assign_type(%{changes: %{max_use: _max_use, expire_at: _expire_at}} = changeset) do + put_change(changeset, :invite_type, "reusable_date_limited") + end + + defp assign_type(%{changes: %{expire_at: _expire_at}} = changeset) do + put_change(changeset, :invite_type, "date_limited") + end + + defp assign_type(%{changes: %{max_use: _max_use}} = changeset) do + put_change(changeset, :invite_type, "reusable") + end + + defp assign_type(changeset), do: put_change(changeset, :invite_type, "one_time") + + @spec list_invites() :: [UserInviteToken.t()] def list_invites do query = from(u in UserInviteToken, order_by: u.id) Repo.all(query) end - def used_changeset(struct) do - struct - |> cast(%{}, []) - |> put_change(:used, true) + @spec update_invite!(UserInviteToken.t(), map()) :: UserInviteToken.t() | no_return() + def update_invite!(invite, changes) do + change(invite, changes) |> Repo.update!() end - @spec mark_as_used(token()) :: {:ok, UserInviteToken.t()} | {:error, token()} - def mark_as_used(token) do - with %{used: false} = token <- Repo.get_by(UserInviteToken, %{token: token}), - {:ok, token} <- Repo.update(used_changeset(token)) do - {:ok, token} - else - _e -> {:error, token} - end + @spec update_invite(UserInviteToken.t(), map()) :: + {:ok, UserInviteToken.t()} | {:error, Changeset.t()} + def update_invite(invite, changes) do + change(invite, changes) |> Repo.update() end - defp token_type(%{expire_at: nil, max_use: nil} = token), do: %{token | token_type: "one_time"} + @spec find_by_token!(token()) :: UserInviteToken.t() | no_return() + def find_by_token!(token), do: Repo.get_by!(UserInviteToken, token: token) - defp token_type(%{expire_at: _expire_at, max_use: nil} = token), - do: %{token | token_type: "date_limited"} - - defp token_type(%{expire_at: nil, max_use: _max_use} = token), - do: %{token | token_type: "reusable"} - - defp token_type(%{expire_at: _expire_at, max_use: _max_use} = token), - do: %{token | token_type: "reusable_date_limited"} - - @spec valid_token?(UserInviteToken.t()) :: boolean() - def valid_token?(%{token_type: "one_time"} = token) do - not token.used + @spec valid_invite?(UserInviteToken.t()) :: boolean() + def valid_invite?(%{invite_type: "one_time"} = invite) do + not invite.used end - def valid_token?(%{token_type: "date_limited"} = token) do - not_overdue_date?(token) and not token.used + def valid_invite?(%{invite_type: "date_limited"} = invite) do + not_overdue_date?(invite) and not invite.used end - def valid_token?(%{token_type: "reusable"} = token) do - token.uses < token.max_use and not token.used + def valid_invite?(%{invite_type: "reusable"} = invite) do + invite.uses < invite.max_use and not invite.used end - def valid_token?(%{token_type: "reusable_date_limited"} = token) do - not_overdue_date?(token) and token.uses < token.max_use and not token.used + def valid_invite?(%{invite_type: "reusable_date_limited"} = invite) do + not_overdue_date?(invite) and invite.uses < invite.max_use and not invite.used end - defp not_overdue_date?(%{expire_at: expire_at} = token) do + defp not_overdue_date?(%{expire_at: expire_at} = invite) do Date.compare(Date.utc_today(), expire_at) in [:lt, :eq] || - (Repo.update!(change(token, used: true)) && false) + (update_invite!(invite, %{used: true}) && false) end - def update_usage(%{token_type: "date_limited"}), do: nil + @spec update_usage!(UserInviteToken.t()) :: nil | UserInviteToken.t() | no_return() + def update_usage!(%{invite_type: "date_limited"}), do: nil - def update_usage(%{token_type: "one_time"} = token) do - UserInviteToken.mark_as_used(token.token) - end - - def update_usage(%{token_type: token_type} = token) - when token_type == "reusable" or token_type == "reusable_date_limited" do - new_uses = token.uses + 1 + def update_usage!(%{invite_type: "one_time"} = invite), + do: update_invite!(invite, %{used: true}) + def update_usage!(%{invite_type: invite_type} = invite) + when invite_type == "reusable" or invite_type == "reusable_date_limited" do changes = %{ - uses: new_uses + uses: invite.uses + 1 } changes = - if new_uses >= token.max_use do + if changes.uses >= invite.max_use do Map.put(changes, :used, true) else changes end - change(token, changes) |> Repo.update!() + update_invite!(invite, changes) end end diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index a578fbbf4..402fd195f 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -129,7 +129,7 @@ def upload(%Plug.Upload{} = file, %User{} = user, format \\ "xml") do end def register_user(params) do - token_string = params["token"] + token = params["token"] params = %{ nickname: params["nickname"], @@ -163,29 +163,29 @@ def register_user(params) do {:error, %{error: Jason.encode!(%{captcha: [error]})}} else registrations_open = Pleroma.Config.get([:instance, :registrations_open]) - registration_process(registrations_open, params, token_string) + registration_process(registrations_open, params, token) end end - defp registration_process(_registration_open = true, params, _token_string) do + defp registration_process(_registration_open = true, params, _token) do create_user(params) end - defp registration_process(registration_open, params, token_string) + defp registration_process(registration_open, params, token) when registration_open == false or is_nil(registration_open) do - token = - unless is_nil(token_string) do - Repo.get_by(UserInviteToken, %{token: token_string}) + invite = + unless is_nil(token) do + Repo.get_by(UserInviteToken, %{token: token}) end - valid_token? = token && UserInviteToken.valid_token?(token) + valid_invite? = invite && UserInviteToken.valid_invite?(invite) - case token do + case invite do nil -> {:error, "Invalid token"} - token when valid_token? -> - UserInviteToken.update_usage(token) + invite when valid_invite? -> + UserInviteToken.update_usage!(invite) create_user(params) _ -> diff --git a/priv/repo/migrations/20190404050946_add_fields_to_user_invite_tokens.exs b/priv/repo/migrations/20190404050946_add_fields_to_user_invite_tokens.exs index abdd5e277..46fa1cb32 100644 --- a/priv/repo/migrations/20190404050946_add_fields_to_user_invite_tokens.exs +++ b/priv/repo/migrations/20190404050946_add_fields_to_user_invite_tokens.exs @@ -6,7 +6,7 @@ def change do add(:expire_at, :date) add(:uses, :integer, default: 0) add(:max_use, :integer) - add(:token_type, :string, default: "one_time") + add(:invite_type, :string, default: "one_time") end end end diff --git a/test/tasks/user_test.exs b/test/tasks/user_test.exs index c55711b04..c9e5dd625 100644 --- a/test/tasks/user_test.exs +++ b/test/tasks/user_test.exs @@ -292,10 +292,10 @@ test "token is generated with max use and expire date" do describe "running invites_list" do test "invites are listed" do - {:ok, invite} = Pleroma.UserInviteToken.create_token() + {:ok, invite} = Pleroma.UserInviteToken.create_invite() {:ok, invite2} = - Pleroma.UserInviteToken.create_token(expire_at: Date.utc_today(), max_use: 15) + Pleroma.UserInviteToken.create_invite(%{expire_at: Date.utc_today(), max_use: 15}) assert capture_io(fn -> Mix.Tasks.Pleroma.User.run([ @@ -314,7 +314,7 @@ test "invites are listed" do describe "running invite revoke" do test "invite is revoked" do - {:ok, invite} = Pleroma.UserInviteToken.create_token(expire_at: Date.utc_today()) + {:ok, invite} = Pleroma.UserInviteToken.create_invite(%{expire_at: Date.utc_today()}) assert capture_io(fn -> Mix.Tasks.Pleroma.User.run([ diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs index 716fccfb2..519141c96 100644 --- a/test/web/twitter_api/twitter_api_test.exs +++ b/test/web/twitter_api/twitter_api_test.exs @@ -370,7 +370,7 @@ test "it registers a new user and parses mentions in the bio" do end test "returns user on success" do - {:ok, token} = UserInviteToken.create_token() + {:ok, invite} = UserInviteToken.create_invite() data = %{ "nickname" => "vinny", @@ -379,15 +379,15 @@ test "returns user on success" do "bio" => "streamer", "password" => "hiptofbees", "confirm" => "hiptofbees", - "token" => token.token + "token" => invite.token } {:ok, user} = TwitterAPI.register_user(data) fetched_user = User.get_by_nickname("vinny") - token = Repo.get_by(UserInviteToken, token: token.token) + invite = Repo.get_by(UserInviteToken, token: invite.token) - assert token.used == true + assert invite.used == true assert UserView.render("show.json", %{user: user}) == UserView.render("show.json", %{user: fetched_user}) @@ -411,8 +411,8 @@ test "returns error on invalid token" do end test "returns error on expired token" do - {:ok, token} = UserInviteToken.create_token() - UserInviteToken.mark_as_used(token.token) + {:ok, invite} = UserInviteToken.create_invite() + UserInviteToken.update_invite!(invite, used: true) data = %{ "nickname" => "GrimReaper", @@ -421,7 +421,7 @@ test "returns error on expired token" do "bio" => "Your time has come", "password" => "scythe", "confirm" => "scythe", - "token" => token.token + "token" => invite.token } {:error, msg} = TwitterAPI.register_user(data) @@ -449,8 +449,8 @@ test "returns error on expired token" do "confirm" => "hiptofbees" } - check_fn = fn token -> - data = Map.put(data, "token", token.token) + check_fn = fn invite -> + data = Map.put(data, "token", invite.token) {:ok, user} = TwitterAPI.register_user(data) fetched_user = User.get_by_nickname("vinny") @@ -462,37 +462,37 @@ test "returns error on expired token" do end test "returns user on success", %{check_fn: check_fn} do - {:ok, token} = UserInviteToken.create_token(expire_at: Date.utc_today()) + {:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.utc_today()}) - check_fn.(token) + check_fn.(invite) - token = Repo.get_by(UserInviteToken, token: token.token) + invite = Repo.get_by(UserInviteToken, token: invite.token) - refute token.used + refute invite.used end test "returns user on token which expired tomorrow", %{check_fn: check_fn} do - {:ok, token} = UserInviteToken.create_token(expire_at: Date.add(Date.utc_today(), 1)) + {:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.add(Date.utc_today(), 1)}) - check_fn.(token) + check_fn.(invite) - token = Repo.get_by(UserInviteToken, token: token.token) + invite = Repo.get_by(UserInviteToken, token: invite.token) - refute token.used + refute invite.used end test "returns an error on overdue date", %{data: data} do - {:ok, token} = UserInviteToken.create_token(expire_at: Date.add(Date.utc_today(), -1)) + {:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.add(Date.utc_today(), -1)}) - data = Map.put(data, "token", token.token) + data = Map.put(data, "token", invite.token) {:error, msg} = TwitterAPI.register_user(data) assert msg == "Expired token" refute User.get_by_nickname("vinny") - token = Repo.get_by(UserInviteToken, token: token.token) + invite = Repo.get_by(UserInviteToken, token: invite.token) - assert token.used == true + assert invite.used == true end end @@ -509,9 +509,9 @@ test "returns an error on overdue date", %{data: data} do end test "returns user on success, after him registration fails" do - {:ok, token} = UserInviteToken.create_token(max_use: 100) + {:ok, invite} = UserInviteToken.create_invite(%{max_use: 100}) - Ecto.Changeset.change(token, uses: 99) |> Repo.update!() + UserInviteToken.update_invite!(invite, uses: 99) data = %{ "nickname" => "vinny", @@ -520,14 +520,14 @@ test "returns user on success, after him registration fails" do "bio" => "streamer", "password" => "hiptofbees", "confirm" => "hiptofbees", - "token" => token.token + "token" => invite.token } {:ok, user} = TwitterAPI.register_user(data) fetched_user = User.get_by_nickname("vinny") - token = Repo.get_by(UserInviteToken, token: token.token) + invite = Repo.get_by(UserInviteToken, token: invite.token) - assert token.used == true + assert invite.used == true assert UserView.render("show.json", %{user: user}) == UserView.render("show.json", %{user: fetched_user}) @@ -539,7 +539,7 @@ test "returns user on success, after him registration fails" do "bio" => "Your time has come", "password" => "scythe", "confirm" => "scythe", - "token" => token.token + "token" => invite.token } {:error, msg} = TwitterAPI.register_user(data) @@ -562,11 +562,7 @@ test "returns user on success, after him registration fails" do end test "returns user on success" do - {:ok, token} = - UserInviteToken.create_token( - expire_at: Date.utc_today(), - max_use: 100 - ) + {:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.utc_today(), max_use: 100}) data = %{ "nickname" => "vinny", @@ -575,27 +571,23 @@ test "returns user on success" do "bio" => "streamer", "password" => "hiptofbees", "confirm" => "hiptofbees", - "token" => token.token + "token" => invite.token } {:ok, user} = TwitterAPI.register_user(data) fetched_user = User.get_by_nickname("vinny") - token = Repo.get_by(UserInviteToken, token: token.token) + invite = Repo.get_by(UserInviteToken, token: invite.token) - refute token.used + refute invite.used assert UserView.render("show.json", %{user: user}) == UserView.render("show.json", %{user: fetched_user}) end test "error after max uses" do - {:ok, token} = - UserInviteToken.create_token( - expire_at: Date.utc_today(), - max_use: 100 - ) + {:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.utc_today(), max_use: 100}) - Ecto.Changeset.change(token, uses: 99) |> Repo.update!() + UserInviteToken.update_invite!(invite, uses: 99) data = %{ "nickname" => "vinny", @@ -604,13 +596,13 @@ test "error after max uses" do "bio" => "streamer", "password" => "hiptofbees", "confirm" => "hiptofbees", - "token" => token.token + "token" => invite.token } {:ok, user} = TwitterAPI.register_user(data) fetched_user = User.get_by_nickname("vinny") - token = Repo.get_by(UserInviteToken, token: token.token) - assert token.used == true + invite = Repo.get_by(UserInviteToken, token: invite.token) + assert invite.used == true assert UserView.render("show.json", %{user: user}) == UserView.render("show.json", %{user: fetched_user}) @@ -622,7 +614,7 @@ test "error after max uses" do "bio" => "Your time has come", "password" => "scythe", "confirm" => "scythe", - "token" => token.token + "token" => invite.token } {:error, msg} = TwitterAPI.register_user(data) @@ -632,11 +624,8 @@ test "error after max uses" do end test "returns error on overdue date" do - {:ok, token} = - UserInviteToken.create_token( - expire_at: Date.add(Date.utc_today(), -1), - max_use: 100 - ) + {:ok, invite} = + UserInviteToken.create_invite(%{expire_at: Date.add(Date.utc_today(), -1), max_use: 100}) data = %{ "nickname" => "GrimReaper", @@ -645,7 +634,7 @@ test "returns error on overdue date" do "bio" => "Your time has come", "password" => "scythe", "confirm" => "scythe", - "token" => token.token + "token" => invite.token } {:error, msg} = TwitterAPI.register_user(data) @@ -655,13 +644,10 @@ test "returns error on overdue date" do end test "returns error on with overdue date and after max" do - {:ok, token} = - UserInviteToken.create_token( - expire_at: Date.add(Date.utc_today(), -1), - max_use: 100 - ) + {:ok, invite} = + UserInviteToken.create_invite(%{expire_at: Date.add(Date.utc_today(), -1), max_use: 100}) - Ecto.Changeset.change(token, uses: 100) |> Repo.update!() + UserInviteToken.update_invite!(invite, uses: 100) data = %{ "nickname" => "GrimReaper", @@ -670,7 +656,7 @@ test "returns error on with overdue date and after max" do "bio" => "Your time has come", "password" => "scythe", "confirm" => "scythe", - "token" => token.token + "token" => invite.token } {:error, msg} = TwitterAPI.register_user(data)