diff --git a/lib/pleroma/emails/user_email.ex b/lib/pleroma/emails/user_email.ex index ee41ce50a..7e3e9b020 100644 --- a/lib/pleroma/emails/user_email.ex +++ b/lib/pleroma/emails/user_email.ex @@ -38,7 +38,12 @@ def password_reset_email(user, password_reset_token) when is_binary(password_res |> html_body(html_body) end - def user_invitation_email(user, user_invite_token, to_email, to_name \\ nil) do + def user_invitation_email( + user, + %Pleroma.UserInviteToken{} = user_invite_token, + to_email, + to_name \\ nil + ) do registration_url = Router.Helpers.redirect_url( Endpoint, diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index e7ad60aa3..e183da3a1 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -154,7 +154,7 @@ test "/:right DELETE, can remove from a permission group" do end end - describe "POST /api/pleroma/admin/email_invite, with valid parameters" do + describe "POST /api/pleroma/admin/email_invite, with valid config" do setup do registrations_open = Pleroma.Config.get([:instance, :registrations_open]) invites_enabled = Pleroma.Config.get([:instance, :invites_enabled]) @@ -181,7 +181,75 @@ test "sends invitation and returns 204", %{conn: conn, user: user} do assert json_response(conn, :no_content) - Swoosh.TestAssertions.assert_email_sent() + token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken)) + assert token_record + refute token_record.used + + Swoosh.TestAssertions.assert_email_sent( + Pleroma.UserEmail.user_invitation_email( + user, + token_record, + recipient_email, + recipient_name + ) + ) + end + + test "it returns 403 if requested by a non-admin", %{conn: conn} do + non_admin_user = insert(:user) + + conn = + conn + |> assign(:user, non_admin_user) + |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD") + + assert json_response(conn, :forbidden) + end + end + + describe "POST /api/pleroma/admin/email_invite, with invalid config" do + setup do + [user: insert(:user, info: %{is_admin: true})] + end + + test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do + registrations_open = Pleroma.Config.get([:instance, :registrations_open]) + invites_enabled = Pleroma.Config.get([:instance, :invites_enabled]) + Pleroma.Config.put([:instance, :registrations_open], false) + Pleroma.Config.put([:instance, :invites_enabled], false) + + on_exit(fn -> + Pleroma.Config.put([:instance, :registrations_open], registrations_open) + Pleroma.Config.put([:instance, :invites_enabled], invites_enabled) + :ok + end) + + conn = + conn + |> assign(:user, user) + |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD") + + assert json_response(conn, :internal_server_error) + end + + test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do + registrations_open = Pleroma.Config.get([:instance, :registrations_open]) + invites_enabled = Pleroma.Config.get([:instance, :invites_enabled]) + Pleroma.Config.put([:instance, :registrations_open], true) + Pleroma.Config.put([:instance, :invites_enabled], true) + + on_exit(fn -> + Pleroma.Config.put([:instance, :registrations_open], registrations_open) + Pleroma.Config.put([:instance, :invites_enabled], invites_enabled) + :ok + end) + + conn = + conn + |> assign(:user, user) + |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD") + + assert json_response(conn, :internal_server_error) end end