admin api endpoints for invites

This commit is contained in:
Alex S 2019-04-06 20:25:19 +07:00
parent 47b07cec49
commit dcc54f8cfa
4 changed files with 191 additions and 20 deletions

View file

@ -9,6 +9,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
alias Pleroma.Web.AdminAPI.AccountView
alias Pleroma.Web.AdminAPI.Search
alias Pleroma.UserInviteToken
import Pleroma.Web.ControllerHelper, only: [json_response: 3]
require Logger
@ -235,7 +237,7 @@ def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params)
with true <-
Pleroma.Config.get([:instance, :invites_enabled]) &&
!Pleroma.Config.get([:instance, :registrations_open]),
{:ok, invite_token} <- Pleroma.UserInviteToken.create_token(),
{:ok, invite_token} <- UserInviteToken.create_invite(),
email <-
Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]),
{:ok, _} <- Pleroma.Mailer.deliver(email) do
@ -244,11 +246,29 @@ def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params)
end
@doc "Get a account registeration invite token (base64 string)"
def get_invite_token(conn, _params) do
{:ok, token} = Pleroma.UserInviteToken.create_token()
def get_invite_token(conn, params) do
options = params["invite"] || %{}
{:ok, invite} = UserInviteToken.create_invite(options)
conn
|> json(token.token)
|> json(invite.token)
end
@doc "Get list of created invites"
def invites_list(conn, _params) do
invites = UserInviteToken.list_invites()
conn
|> json(AccountView.render("invites.json", %{invites: invites}))
end
@doc "Revokes invite by token"
def invite_revoke(conn, %{"token" => token}) do
invite = UserInviteToken.find_by_token!(token)
{:ok, updated_invite} = UserInviteToken.update_invite(invite, %{used: true})
conn
|> json(AccountView.render("invite.json", %{invite: updated_invite}))
end
@doc "Get a password reset token (base64 string) for given nickname"

View file

@ -26,4 +26,22 @@ def render("show.json", %{user: user}) do
"tags" => user.tags || []
}
end
def render("invite.json", %{invite: invite}) do
%{
"id" => invite.id,
"token" => invite.token,
"used" => invite.used,
"expire_at" => invite.expire_at,
"uses" => invite.uses,
"max_use" => invite.max_use,
"invite_type" => invite.invite_type
}
end
def render("invites.json", %{invites: invites}) do
%{
invites: render_many(invites, AccountView, "invite.json", as: :invite)
}
end
end

View file

@ -163,6 +163,8 @@ defmodule Pleroma.Web.Router do
delete("/relay", AdminAPIController, :relay_unfollow)
get("/invite_token", AdminAPIController, :get_invite_token)
get("/invites_list", AdminAPIController, :invites_list)
post("/invite_revoke", AdminAPIController, :invite_revoke)
post("/email_invite", AdminAPIController, :email_invite)
get("/password_reset", AdminAPIController, :get_password_reset)

View file

@ -6,6 +6,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
use Pleroma.Web.ConnCase
alias Pleroma.User
alias Pleroma.UserInviteToken
import Pleroma.Factory
describe "/api/pleroma/admin/user" do
@ -80,7 +81,6 @@ test "allows to force-follow another user" do
user = insert(:user)
follower = insert(:user)
conn =
build_conn()
|> assign(:user, admin)
|> put_req_header("accept", "application/json")
@ -104,7 +104,6 @@ test "allows to force-unfollow another user" do
User.follow(follower, user)
conn =
build_conn()
|> assign(:user, admin)
|> put_req_header("accept", "application/json")
@ -642,4 +641,136 @@ test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do
"tags" => []
}
end
describe "GET /api/pleroma/admin/invite_token" do
test "without options" do
admin = insert(:user, info: %{is_admin: true})
conn =
build_conn()
|> assign(:user, admin)
|> get("/api/pleroma/admin/invite_token")
token = json_response(conn, 200)
invite = UserInviteToken.find_by_token!(token)
refute invite.used
refute invite.expire_at
refute invite.max_use
assert invite.invite_type == "one_time"
end
test "with expire_at" do
admin = insert(:user, info: %{is_admin: true})
conn =
build_conn()
|> assign(:user, admin)
|> get("/api/pleroma/admin/invite_token", %{
"invite" => %{"expire_at" => Date.to_string(Date.utc_today())}
})
token = json_response(conn, 200)
invite = UserInviteToken.find_by_token!(token)
refute invite.used
assert invite.expire_at == Date.utc_today()
refute invite.max_use
assert invite.invite_type == "date_limited"
end
test "with max_use" do
admin = insert(:user, info: %{is_admin: true})
conn =
build_conn()
|> assign(:user, admin)
|> get("/api/pleroma/admin/invite_token", %{
"invite" => %{"max_use" => 150}
})
token = json_response(conn, 200)
invite = UserInviteToken.find_by_token!(token)
refute invite.used
refute invite.expire_at
assert invite.max_use == 150
assert invite.invite_type == "reusable"
end
test "with max use and expire_at" do
admin = insert(:user, info: %{is_admin: true})
conn =
build_conn()
|> assign(:user, admin)
|> get("/api/pleroma/admin/invite_token", %{
"invite" => %{"max_use" => 150, "expire_at" => Date.to_string(Date.utc_today())}
})
token = json_response(conn, 200)
invite = UserInviteToken.find_by_token!(token)
refute invite.used
assert invite.expire_at == Date.utc_today()
assert invite.max_use == 150
assert invite.invite_type == "reusable_date_limited"
end
end
describe "GET /api/pleroma/admin/invites_list" do
test "no invites" do
admin = insert(:user, info: %{is_admin: true})
conn =
build_conn()
|> assign(:user, admin)
|> get("/api/pleroma/admin/invites_list")
assert json_response(conn, 200) == %{"invites" => []}
end
test "with invite" do
admin = insert(:user, info: %{is_admin: true})
{:ok, invite} = UserInviteToken.create_invite()
conn =
build_conn()
|> assign(:user, admin)
|> get("/api/pleroma/admin/invites_list")
assert json_response(conn, 200) == %{
"invites" => [
%{
"expire_at" => nil,
"id" => invite.id,
"invite_type" => "one_time",
"max_use" => nil,
"token" => invite.token,
"used" => false,
"uses" => 0
}
]
}
end
end
describe "POST /api/pleroma/admin/invite_revoke" do
test "with token" do
admin = insert(:user, info: %{is_admin: true})
{:ok, invite} = UserInviteToken.create_invite()
conn =
build_conn()
|> assign(:user, admin)
|> post("/api/pleroma/admin/invite_revoke", %{"token" => invite.token})
assert json_response(conn, 200) == %{
"expire_at" => nil,
"id" => invite.id,
"invite_type" => "one_time",
"max_use" => nil,
"token" => invite.token,
"used" => true,
"uses" => 0
}
end
end
end