forked from AkkomaGang/akkoma
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remove/mastofe
This commit is contained in:
commit
1841bd8383
24 changed files with 323 additions and 219 deletions
|
@ -18,11 +18,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- HTTPSecurityPlug now sends a response header to opt out of Google's FLoC (Federated Learning of Cohorts) targeted advertising.
|
- HTTPSecurityPlug now sends a response header to opt out of Google's FLoC (Federated Learning of Cohorts) targeted advertising.
|
||||||
- Email address is now returned if requesting user is the owner of the user account so it can be exposed in client and FE user settings UIs.
|
- Email address is now returned if requesting user is the owner of the user account so it can be exposed in client and FE user settings UIs.
|
||||||
- Improved Twittercard and OpenGraph meta tag generation including thumbnails and image dimension metadata when available.
|
- Improved Twittercard and OpenGraph meta tag generation including thumbnails and image dimension metadata when available.
|
||||||
|
- AdminAPI: sort users so the newest are at the top.
|
||||||
|
- ActivityPub Client-to-Server(C2S): Limitation on the type of Activity/Object are lifted as they are now passed through ObjectValidators
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
- MRF (`FollowBotPolicy`): New MRF Policy which makes a designated local Bot account attempt to follow all users in public Notes received by your instance. Users who require approving follower requests or have #nobot in their profile are excluded.
|
- MRF (`FollowBotPolicy`): New MRF Policy which makes a designated local Bot account attempt to follow all users in public Notes received by your instance. Users who require approving follower requests or have #nobot in their profile are excluded.
|
||||||
- Return OAuth token `id` (primary key) in POST `/oauth/token`.
|
- Return OAuth token `id` (primary key) in POST `/oauth/token`.
|
||||||
|
- AdminAPI: return `created_at` date with users.
|
||||||
- `AnalyzeMetadata` upload filter for extracting image/video attachment dimensions and generating blurhashes for images. Blurhashes for videos are not generated at this time.
|
- `AnalyzeMetadata` upload filter for extracting image/video attachment dimensions and generating blurhashes for images. Blurhashes for videos are not generated at this time.
|
||||||
- Attachment dimensions and blurhashes are federated when available.
|
- Attachment dimensions and blurhashes are federated when available.
|
||||||
- Pinned posts federation
|
- Pinned posts federation
|
||||||
|
@ -33,6 +36,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Remote users can no longer reappear after being deleted.
|
- Remote users can no longer reappear after being deleted.
|
||||||
- Deactivated users may now be deleted.
|
- Deactivated users may now be deleted.
|
||||||
- Mix task `pleroma.database prune_objects`
|
- Mix task `pleroma.database prune_objects`
|
||||||
|
- Fixed rendering of JSON errors on ActivityPub endpoints.
|
||||||
- Linkify: Parsing crash with URLs ending in unbalanced closed paren, no path separator, and no query parameters
|
- Linkify: Parsing crash with URLs ending in unbalanced closed paren, no path separator, and no query parameters
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
|
@ -457,7 +457,7 @@
|
||||||
enabled: true,
|
enabled: true,
|
||||||
limit: 5_000
|
limit: 5_000
|
||||||
|
|
||||||
config :phoenix, :format_encoders, json: Jason
|
config :phoenix, :format_encoders, json: Jason, "activity+json": Jason
|
||||||
|
|
||||||
config :phoenix, :json_library, Jason
|
config :phoenix, :json_library, Jason
|
||||||
|
|
||||||
|
|
|
@ -292,7 +292,8 @@ def get_in_reply_to_activity(%Activity{} = activity) do
|
||||||
get_in_reply_to_activity_from_object(Object.normalize(activity, fetch: false))
|
get_in_reply_to_activity_from_object(Object.normalize(activity, fetch: false))
|
||||||
end
|
end
|
||||||
|
|
||||||
def normalize(obj) when is_map(obj), do: get_by_ap_id_with_object(obj["id"])
|
def normalize(%Activity{data: %{"id" => ap_id}}), do: get_by_ap_id_with_object(ap_id)
|
||||||
|
def normalize(%{"id" => ap_id}), do: get_by_ap_id_with_object(ap_id)
|
||||||
def normalize(ap_id) when is_binary(ap_id), do: get_by_ap_id_with_object(ap_id)
|
def normalize(ap_id) when is_binary(ap_id), do: get_by_ap_id_with_object(ap_id)
|
||||||
def normalize(_), do: nil
|
def normalize(_), do: nil
|
||||||
|
|
||||||
|
|
|
@ -91,7 +91,7 @@ defp increase_replies_count_if_reply(%{
|
||||||
|
|
||||||
defp increase_replies_count_if_reply(_create_data), do: :noop
|
defp increase_replies_count_if_reply(_create_data), do: :noop
|
||||||
|
|
||||||
@object_types ~w[ChatMessage Question Answer Audio Video Event Article Note]
|
@object_types ~w[ChatMessage Question Answer Audio Video Event Article Note Page]
|
||||||
@impl true
|
@impl true
|
||||||
def persist(%{"type" => type} = object, meta) when type in @object_types do
|
def persist(%{"type" => type} = object, meta) when type in @object_types do
|
||||||
with {:ok, object} <- Object.create(object) do
|
with {:ok, object} <- Object.create(object) do
|
||||||
|
|
|
@ -11,7 +11,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
||||||
alias Pleroma.Object.Fetcher
|
alias Pleroma.Object.Fetcher
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
alias Pleroma.Web.ActivityPub.Builder
|
|
||||||
alias Pleroma.Web.ActivityPub.InternalFetchActor
|
alias Pleroma.Web.ActivityPub.InternalFetchActor
|
||||||
alias Pleroma.Web.ActivityPub.ObjectView
|
alias Pleroma.Web.ActivityPub.ObjectView
|
||||||
alias Pleroma.Web.ActivityPub.Pipeline
|
alias Pleroma.Web.ActivityPub.Pipeline
|
||||||
|
@ -403,83 +402,90 @@ def read_inbox(%{assigns: %{user: %User{nickname: as_nickname}}} = conn, %{
|
||||||
|> json(err)
|
|> json(err)
|
||||||
end
|
end
|
||||||
|
|
||||||
defp handle_user_activity(
|
defp fix_user_message(%User{ap_id: actor}, %{"type" => "Create", "object" => object} = activity)
|
||||||
%User{} = user,
|
when is_map(object) do
|
||||||
%{"type" => "Create", "object" => %{"type" => "Note"} = object} = params
|
length =
|
||||||
) do
|
[object["content"], object["summary"], object["name"]]
|
||||||
content = if is_binary(object["content"]), do: object["content"], else: ""
|
|> Enum.filter(&is_binary(&1))
|
||||||
name = if is_binary(object["name"]), do: object["name"], else: ""
|
|> Enum.join("")
|
||||||
summary = if is_binary(object["summary"]), do: object["summary"], else: ""
|
|> String.length()
|
||||||
length = String.length(content <> name <> summary)
|
|
||||||
|
|
||||||
if length > Pleroma.Config.get([:instance, :limit]) do
|
limit = Pleroma.Config.get([:instance, :limit])
|
||||||
{:error, dgettext("errors", "Note is over the character limit")}
|
|
||||||
else
|
if length < limit do
|
||||||
object =
|
object =
|
||||||
object
|
object
|
||||||
|> Map.merge(Map.take(params, ["to", "cc"]))
|
|> Transmogrifier.strip_internal_fields()
|
||||||
|> Map.put("attributedTo", user.ap_id)
|
|> Map.put("attributedTo", actor)
|
||||||
|> Transmogrifier.fix_object()
|
|> Map.put("actor", actor)
|
||||||
|
|> Map.put("id", Utils.generate_object_id())
|
||||||
|
|
||||||
ActivityPub.create(%{
|
{:ok, Map.put(activity, "object", object)}
|
||||||
to: params["to"],
|
|
||||||
actor: user,
|
|
||||||
context: object["context"],
|
|
||||||
object: object,
|
|
||||||
additional: Map.take(params, ["cc"])
|
|
||||||
})
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
defp handle_user_activity(%User{} = user, %{"type" => "Delete"} = params) do
|
|
||||||
with %Object{} = object <- Object.normalize(params["object"], fetch: false),
|
|
||||||
true <- user.is_moderator || user.ap_id == object.data["actor"],
|
|
||||||
{:ok, delete_data, _} <- Builder.delete(user, object.data["id"]),
|
|
||||||
{:ok, delete, _} <- Pipeline.common_pipeline(delete_data, local: true) do
|
|
||||||
{:ok, delete}
|
|
||||||
else
|
else
|
||||||
_ -> {:error, dgettext("errors", "Can't delete object")}
|
{:error,
|
||||||
|
dgettext(
|
||||||
|
"errors",
|
||||||
|
"Character limit (%{limit} characters) exceeded, contains %{length} characters",
|
||||||
|
limit: limit,
|
||||||
|
length: length
|
||||||
|
)}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp handle_user_activity(%User{} = user, %{"type" => "Like"} = params) do
|
defp fix_user_message(
|
||||||
with %Object{} = object <- Object.normalize(params["object"], fetch: false),
|
%User{ap_id: actor} = user,
|
||||||
{_, {:ok, like_object, meta}} <- {:build_object, Builder.like(user, object)},
|
%{"type" => "Delete", "object" => object} = activity
|
||||||
{_, {:ok, %Activity{} = activity, _meta}} <-
|
) do
|
||||||
{:common_pipeline,
|
with {_, %Object{data: object_data}} <- {:normalize, Object.normalize(object, fetch: false)},
|
||||||
Pipeline.common_pipeline(like_object, Keyword.put(meta, :local, true))} do
|
{_, true} <- {:permission, user.is_moderator || actor == object_data["actor"]} do
|
||||||
{:ok, activity}
|
{:ok, activity}
|
||||||
else
|
else
|
||||||
_ -> {:error, dgettext("errors", "Can't like object")}
|
{:normalize, _} ->
|
||||||
|
{:error, "No such object found"}
|
||||||
|
|
||||||
|
{:permission, _} ->
|
||||||
|
{:forbidden, "You can't delete this object"}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp handle_user_activity(_, _) do
|
defp fix_user_message(%User{}, activity) do
|
||||||
{:error, dgettext("errors", "Unhandled activity type")}
|
{:ok, activity}
|
||||||
end
|
end
|
||||||
|
|
||||||
def update_outbox(
|
def update_outbox(
|
||||||
%{assigns: %{user: %User{nickname: nickname} = user}} = conn,
|
%{assigns: %{user: %User{nickname: nickname, ap_id: actor} = user}} = conn,
|
||||||
%{"nickname" => nickname} = params
|
%{"nickname" => nickname} = params
|
||||||
) do
|
) do
|
||||||
actor = user.ap_id
|
|
||||||
|
|
||||||
params =
|
params =
|
||||||
params
|
params
|
||||||
|> Map.drop(["id"])
|
|> Map.drop(["nickname"])
|
||||||
|
|> Map.put("id", Utils.generate_activity_id())
|
||||||
|> Map.put("actor", actor)
|
|> Map.put("actor", actor)
|
||||||
|> Transmogrifier.fix_addressing()
|
|
||||||
|
|
||||||
with {:ok, %Activity{} = activity} <- handle_user_activity(user, params) do
|
with {:ok, params} <- fix_user_message(user, params),
|
||||||
|
{:ok, activity, _} <- Pipeline.common_pipeline(params, local: true),
|
||||||
|
%Activity{data: activity_data} <- Activity.normalize(activity) do
|
||||||
conn
|
conn
|
||||||
|> put_status(:created)
|
|> put_status(:created)
|
||||||
|> put_resp_header("location", activity.data["id"])
|
|> put_resp_header("location", activity_data["id"])
|
||||||
|> json(activity.data)
|
|> json(activity_data)
|
||||||
else
|
else
|
||||||
|
{:forbidden, message} ->
|
||||||
|
conn
|
||||||
|
|> put_status(:forbidden)
|
||||||
|
|> json(message)
|
||||||
|
|
||||||
{:error, message} ->
|
{:error, message} ->
|
||||||
conn
|
conn
|
||||||
|> put_status(:bad_request)
|
|> put_status(:bad_request)
|
||||||
|> json(message)
|
|> json(message)
|
||||||
|
|
||||||
|
e ->
|
||||||
|
Logger.warn(fn -> "AP C2S: #{inspect(e)}" end)
|
||||||
|
|
||||||
|
conn
|
||||||
|
|> put_status(:bad_request)
|
||||||
|
|> json("Bad Request")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
|
||||||
alias Pleroma.Web.ActivityPub.ObjectValidators.AddRemoveValidator
|
alias Pleroma.Web.ActivityPub.ObjectValidators.AddRemoveValidator
|
||||||
alias Pleroma.Web.ActivityPub.ObjectValidators.AnnounceValidator
|
alias Pleroma.Web.ActivityPub.ObjectValidators.AnnounceValidator
|
||||||
alias Pleroma.Web.ActivityPub.ObjectValidators.AnswerValidator
|
alias Pleroma.Web.ActivityPub.ObjectValidators.AnswerValidator
|
||||||
alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidator
|
alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidator
|
||||||
alias Pleroma.Web.ActivityPub.ObjectValidators.AudioVideoValidator
|
alias Pleroma.Web.ActivityPub.ObjectValidators.AudioVideoValidator
|
||||||
alias Pleroma.Web.ActivityPub.ObjectValidators.BlockValidator
|
alias Pleroma.Web.ActivityPub.ObjectValidators.BlockValidator
|
||||||
alias Pleroma.Web.ActivityPub.ObjectValidators.ChatMessageValidator
|
alias Pleroma.Web.ActivityPub.ObjectValidators.ChatMessageValidator
|
||||||
|
@ -102,7 +102,7 @@ def validate(
|
||||||
%{"type" => "Create", "object" => %{"type" => objtype} = object} = create_activity,
|
%{"type" => "Create", "object" => %{"type" => objtype} = object} = create_activity,
|
||||||
meta
|
meta
|
||||||
)
|
)
|
||||||
when objtype in ~w[Question Answer Audio Video Event Article Note] do
|
when objtype in ~w[Question Answer Audio Video Event Article Note Page] do
|
||||||
with {:ok, object_data} <- cast_and_apply(object),
|
with {:ok, object_data} <- cast_and_apply(object),
|
||||||
meta = Keyword.put(meta, :object_data, object_data |> stringify_keys),
|
meta = Keyword.put(meta, :object_data, object_data |> stringify_keys),
|
||||||
{:ok, create_activity} <-
|
{:ok, create_activity} <-
|
||||||
|
@ -115,15 +115,16 @@ def validate(
|
||||||
end
|
end
|
||||||
|
|
||||||
def validate(%{"type" => type} = object, meta)
|
def validate(%{"type" => type} = object, meta)
|
||||||
when type in ~w[Event Question Audio Video Article Note] do
|
when type in ~w[Event Question Audio Video Article Note Page] do
|
||||||
validator =
|
validator =
|
||||||
case type do
|
case type do
|
||||||
"Event" -> EventValidator
|
"Event" -> EventValidator
|
||||||
"Question" -> QuestionValidator
|
"Question" -> QuestionValidator
|
||||||
"Audio" -> AudioVideoValidator
|
"Audio" -> AudioVideoValidator
|
||||||
"Video" -> AudioVideoValidator
|
"Video" -> AudioVideoValidator
|
||||||
"Article" -> ArticleNoteValidator
|
"Article" -> ArticleNotePageValidator
|
||||||
"Note" -> ArticleNoteValidator
|
"Note" -> ArticleNotePageValidator
|
||||||
|
"Page" -> ArticleNotePageValidator
|
||||||
end
|
end
|
||||||
|
|
||||||
with {:ok, object} <-
|
with {:ok, object} <-
|
||||||
|
@ -175,6 +176,8 @@ def validate(%{"type" => type} = object, meta) when type in ~w(Add Remove) do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def validate(o, m), do: {:error, {:validator_not_set, {o, m}}}
|
||||||
|
|
||||||
def cast_and_apply(%{"type" => "ChatMessage"} = object) do
|
def cast_and_apply(%{"type" => "ChatMessage"} = object) do
|
||||||
ChatMessageValidator.cast_and_apply(object)
|
ChatMessageValidator.cast_and_apply(object)
|
||||||
end
|
end
|
||||||
|
@ -195,8 +198,8 @@ def cast_and_apply(%{"type" => "Event"} = object) do
|
||||||
EventValidator.cast_and_apply(object)
|
EventValidator.cast_and_apply(object)
|
||||||
end
|
end
|
||||||
|
|
||||||
def cast_and_apply(%{"type" => type} = object) when type in ~w[Article Note] do
|
def cast_and_apply(%{"type" => type} = object) when type in ~w[Article Note Page] do
|
||||||
ArticleNoteValidator.cast_and_apply(object)
|
ArticleNotePageValidator.cast_and_apply(object)
|
||||||
end
|
end
|
||||||
|
|
||||||
def cast_and_apply(o), do: {:error, {:validator_not_set, o}}
|
def cast_and_apply(o), do: {:error, {:validator_not_set, o}}
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidator do
|
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidator do
|
||||||
use Ecto.Schema
|
use Ecto.Schema
|
||||||
|
|
||||||
alias Pleroma.EctoType.ActivityPub.ObjectValidators
|
alias Pleroma.EctoType.ActivityPub.ObjectValidators
|
||||||
|
@ -113,7 +113,7 @@ def changeset(struct, data) do
|
||||||
|
|
||||||
defp validate_data(data_cng) do
|
defp validate_data(data_cng) do
|
||||||
data_cng
|
data_cng
|
||||||
|> validate_inclusion(:type, ["Article", "Note"])
|
|> validate_inclusion(:type, ["Article", "Note", "Page"])
|
||||||
|> validate_required([:id, :actor, :attributedTo, :type, :context, :context_id])
|
|> validate_required([:id, :actor, :attributedTo, :type, :context, :context_id])
|
||||||
|> CommonValidations.validate_any_presence([:cc, :to])
|
|> CommonValidations.validate_any_presence([:cc, :to])
|
||||||
|> CommonValidations.validate_fields_match([:actor, :attributedTo])
|
|> CommonValidations.validate_fields_match([:actor, :attributedTo])
|
|
@ -437,7 +437,7 @@ def handle_object_creation(%{"type" => "Answer"} = object_map, meta) do
|
||||||
end
|
end
|
||||||
|
|
||||||
def handle_object_creation(%{"type" => objtype} = object, meta)
|
def handle_object_creation(%{"type" => objtype} = object, meta)
|
||||||
when objtype in ~w[Audio Video Question Event Article Note] do
|
when objtype in ~w[Audio Video Question Event Article Note Page] do
|
||||||
with {:ok, object, meta} <- Pipeline.common_pipeline(object, meta) do
|
with {:ok, object, meta} <- Pipeline.common_pipeline(object, meta) do
|
||||||
{:ok, object, meta}
|
{:ok, object, meta}
|
||||||
end
|
end
|
||||||
|
|
|
@ -353,29 +353,6 @@ defp get_reported(objects) do
|
||||||
end)
|
end)
|
||||||
end
|
end
|
||||||
|
|
||||||
# Compatibility wrapper for Mastodon votes
|
|
||||||
defp handle_create(%{"object" => %{"type" => "Answer"}} = data, _user) do
|
|
||||||
handle_incoming(data)
|
|
||||||
end
|
|
||||||
|
|
||||||
defp handle_create(%{"object" => object} = data, user) do
|
|
||||||
%{
|
|
||||||
to: data["to"],
|
|
||||||
object: object,
|
|
||||||
actor: user,
|
|
||||||
context: object["context"],
|
|
||||||
local: false,
|
|
||||||
published: data["published"],
|
|
||||||
additional:
|
|
||||||
Map.take(data, [
|
|
||||||
"cc",
|
|
||||||
"directMessage",
|
|
||||||
"id"
|
|
||||||
])
|
|
||||||
}
|
|
||||||
|> ActivityPub.create()
|
|
||||||
end
|
|
||||||
|
|
||||||
def handle_incoming(data, options \\ [])
|
def handle_incoming(data, options \\ [])
|
||||||
|
|
||||||
# Flag objects are placed ahead of the ID check because Mastodon 2.8 and earlier send them
|
# Flag objects are placed ahead of the ID check because Mastodon 2.8 and earlier send them
|
||||||
|
@ -407,43 +384,6 @@ def handle_incoming(%{"id" => ""}, _options), do: :error
|
||||||
def handle_incoming(%{"id" => id}, _options) when is_binary(id) and byte_size(id) < 8,
|
def handle_incoming(%{"id" => id}, _options) when is_binary(id) and byte_size(id) < 8,
|
||||||
do: :error
|
do: :error
|
||||||
|
|
||||||
# TODO: validate those with a Ecto scheme
|
|
||||||
# - tags
|
|
||||||
# - emoji
|
|
||||||
def handle_incoming(
|
|
||||||
%{"type" => "Create", "object" => %{"type" => "Page"} = object} = data,
|
|
||||||
options
|
|
||||||
) do
|
|
||||||
actor = Containment.get_actor(data)
|
|
||||||
|
|
||||||
with nil <- Activity.get_create_by_object_ap_id(object["id"]),
|
|
||||||
{:ok, %User{} = user} <- User.get_or_fetch_by_ap_id(actor) do
|
|
||||||
data =
|
|
||||||
data
|
|
||||||
|> Map.put("object", fix_object(object, options))
|
|
||||||
|> Map.put("actor", actor)
|
|
||||||
|> fix_addressing()
|
|
||||||
|
|
||||||
with {:ok, created_activity} <- handle_create(data, user) do
|
|
||||||
reply_depth = (options[:depth] || 0) + 1
|
|
||||||
|
|
||||||
if Federator.allowed_thread_distance?(reply_depth) do
|
|
||||||
for reply_id <- replies(object) do
|
|
||||||
Pleroma.Workers.RemoteFetcherWorker.enqueue("fetch_remote", %{
|
|
||||||
"id" => reply_id,
|
|
||||||
"depth" => reply_depth
|
|
||||||
})
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
{:ok, created_activity}
|
|
||||||
end
|
|
||||||
else
|
|
||||||
%Activity{} = activity -> {:ok, activity}
|
|
||||||
_e -> :error
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def handle_incoming(
|
def handle_incoming(
|
||||||
%{"type" => "Listen", "object" => %{"type" => "Audio"} = object} = data,
|
%{"type" => "Listen", "object" => %{"type" => "Audio"} = object} = data,
|
||||||
options
|
options
|
||||||
|
@ -507,7 +447,7 @@ def handle_incoming(
|
||||||
%{"type" => "Create", "object" => %{"type" => objtype, "id" => obj_id}} = data,
|
%{"type" => "Create", "object" => %{"type" => objtype, "id" => obj_id}} = data,
|
||||||
options
|
options
|
||||||
)
|
)
|
||||||
when objtype in ~w{Question Answer ChatMessage Audio Video Event Article Note} do
|
when objtype in ~w{Question Answer ChatMessage Audio Video Event Article Note Page} do
|
||||||
fetch_options = Keyword.put(options, :depth, (options[:depth] || 0) + 1)
|
fetch_options = Keyword.put(options, :depth, (options[:depth] || 0) + 1)
|
||||||
|
|
||||||
object =
|
object =
|
||||||
|
|
|
@ -57,6 +57,7 @@ def is_list?(%{data: %{"listMessage" => _}}), do: true
|
||||||
def is_list?(_), do: false
|
def is_list?(_), do: false
|
||||||
|
|
||||||
@spec visible_for_user?(Object.t() | Activity.t() | nil, User.t() | nil) :: boolean()
|
@spec visible_for_user?(Object.t() | Activity.t() | nil, User.t() | nil) :: boolean()
|
||||||
|
def visible_for_user?(%Object{data: %{"type" => "Tombstone"}}, _), do: false
|
||||||
def visible_for_user?(%Activity{actor: ap_id}, %User{ap_id: ap_id}), do: true
|
def visible_for_user?(%Activity{actor: ap_id}, %User{ap_id: ap_id}), do: true
|
||||||
def visible_for_user?(%Object{data: %{"actor" => ap_id}}, %User{ap_id: ap_id}), do: true
|
def visible_for_user?(%Object{data: %{"actor" => ap_id}}, %User{ap_id: ap_id}), do: true
|
||||||
def visible_for_user?(nil, _), do: false
|
def visible_for_user?(nil, _), do: false
|
||||||
|
|
|
@ -17,7 +17,7 @@ def user(params \\ %{}) do
|
||||||
|> Map.drop([:page, :page_size])
|
|> Map.drop([:page, :page_size])
|
||||||
|> Map.put(:invisible, false)
|
|> Map.put(:invisible, false)
|
||||||
|> User.Query.build()
|
|> User.Query.build()
|
||||||
|> order_by([u], u.nickname)
|
|> order_by(desc: :id)
|
||||||
|
|
||||||
paginated_query =
|
paginated_query =
|
||||||
User.Query.paginate(query, params[:page] || 1, params[:page_size] || @page_size)
|
User.Query.paginate(query, params[:page] || 1, params[:page_size] || @page_size)
|
||||||
|
|
|
@ -8,6 +8,7 @@ defmodule Pleroma.Web.AdminAPI.AccountView do
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.AdminAPI
|
alias Pleroma.Web.AdminAPI
|
||||||
alias Pleroma.Web.AdminAPI.AccountView
|
alias Pleroma.Web.AdminAPI.AccountView
|
||||||
|
alias Pleroma.Web.CommonAPI
|
||||||
alias Pleroma.Web.MastodonAPI
|
alias Pleroma.Web.MastodonAPI
|
||||||
alias Pleroma.Web.MediaProxy
|
alias Pleroma.Web.MediaProxy
|
||||||
|
|
||||||
|
@ -81,7 +82,8 @@ def render("show.json", %{user: user}) do
|
||||||
"is_approved" => user.is_approved,
|
"is_approved" => user.is_approved,
|
||||||
"url" => user.uri || user.ap_id,
|
"url" => user.uri || user.ap_id,
|
||||||
"registration_reason" => user.registration_reason,
|
"registration_reason" => user.registration_reason,
|
||||||
"actor_type" => user.actor_type
|
"actor_type" => user.actor_type,
|
||||||
|
"created_at" => CommonAPI.Utils.to_masto_date(user.inserted_at)
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -193,7 +193,9 @@ def list(%{assigns: %{user: user}} = conn, %{list_id: id} = params) do
|
||||||
|> ActivityPub.fetch_activities_bounded(following, params)
|
|> ActivityPub.fetch_activities_bounded(following, params)
|
||||||
|> Enum.reverse()
|
|> Enum.reverse()
|
||||||
|
|
||||||
render(conn, "index.json",
|
conn
|
||||||
|
|> add_link_headers(activities)
|
||||||
|
|> render("index.json",
|
||||||
activities: activities,
|
activities: activities,
|
||||||
for: user,
|
for: user,
|
||||||
as: :activity,
|
as: :activity,
|
||||||
|
|
23
lib/pleroma/web/plugs/user_is_staff_plug.ex
Normal file
23
lib/pleroma/web/plugs/user_is_staff_plug.ex
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
# Pleroma: A lightweight social networking server
|
||||||
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
|
defmodule Pleroma.Web.Plugs.UserIsStaffPlug do
|
||||||
|
import Pleroma.Web.TranslationHelpers
|
||||||
|
import Plug.Conn
|
||||||
|
|
||||||
|
alias Pleroma.User
|
||||||
|
|
||||||
|
def init(options) do
|
||||||
|
options
|
||||||
|
end
|
||||||
|
|
||||||
|
def call(%{assigns: %{user: %User{is_admin: true}}} = conn, _), do: conn
|
||||||
|
def call(%{assigns: %{user: %User{is_moderator: true}}} = conn, _), do: conn
|
||||||
|
|
||||||
|
def call(conn, _) do
|
||||||
|
conn
|
||||||
|
|> render_error(:forbidden, "User is not a staff member.")
|
||||||
|
|> halt()
|
||||||
|
end
|
||||||
|
end
|
|
@ -96,10 +96,14 @@ defmodule Pleroma.Web.Router do
|
||||||
plug(Pleroma.Web.Plugs.AdminSecretAuthenticationPlug)
|
plug(Pleroma.Web.Plugs.AdminSecretAuthenticationPlug)
|
||||||
plug(:after_auth)
|
plug(:after_auth)
|
||||||
plug(Pleroma.Web.Plugs.EnsureAuthenticatedPlug)
|
plug(Pleroma.Web.Plugs.EnsureAuthenticatedPlug)
|
||||||
plug(Pleroma.Web.Plugs.UserIsAdminPlug)
|
plug(Pleroma.Web.Plugs.UserIsStaffPlug)
|
||||||
plug(Pleroma.Web.Plugs.IdempotencyPlug)
|
plug(Pleroma.Web.Plugs.IdempotencyPlug)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
pipeline :require_admin do
|
||||||
|
plug(Pleroma.Web.Plugs.UserIsAdminPlug)
|
||||||
|
end
|
||||||
|
|
||||||
pipeline :pleroma_html do
|
pipeline :pleroma_html do
|
||||||
plug(:browser)
|
plug(:browser)
|
||||||
plug(:authenticate)
|
plug(:authenticate)
|
||||||
|
@ -154,7 +158,7 @@ defmodule Pleroma.Web.Router do
|
||||||
end
|
end
|
||||||
|
|
||||||
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
|
scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do
|
||||||
pipe_through(:admin_api)
|
pipe_through([:admin_api, :require_admin])
|
||||||
|
|
||||||
put("/users/disable_mfa", AdminAPIController, :disable_mfa)
|
put("/users/disable_mfa", AdminAPIController, :disable_mfa)
|
||||||
put("/users/tag", AdminAPIController, :tag_users)
|
put("/users/tag", AdminAPIController, :tag_users)
|
||||||
|
@ -259,7 +263,7 @@ defmodule Pleroma.Web.Router do
|
||||||
|
|
||||||
scope "/api/v1/pleroma/emoji", Pleroma.Web.PleromaAPI do
|
scope "/api/v1/pleroma/emoji", Pleroma.Web.PleromaAPI do
|
||||||
scope "/pack" do
|
scope "/pack" do
|
||||||
pipe_through(:admin_api)
|
pipe_through([:admin_api, :require_admin])
|
||||||
|
|
||||||
post("/", EmojiPackController, :create)
|
post("/", EmojiPackController, :create)
|
||||||
patch("/", EmojiPackController, :update)
|
patch("/", EmojiPackController, :update)
|
||||||
|
@ -274,7 +278,7 @@ defmodule Pleroma.Web.Router do
|
||||||
|
|
||||||
# Modifying packs
|
# Modifying packs
|
||||||
scope "/packs" do
|
scope "/packs" do
|
||||||
pipe_through(:admin_api)
|
pipe_through([:admin_api, :require_admin])
|
||||||
|
|
||||||
get("/import", EmojiPackController, :import_from_filesystem)
|
get("/import", EmojiPackController, :import_from_filesystem)
|
||||||
get("/remote", EmojiPackController, :remote)
|
get("/remote", EmojiPackController, :remote)
|
||||||
|
|
17
test/fixtures/tesla_mock/lemmy-page.json
vendored
Normal file
17
test/fixtures/tesla_mock/lemmy-page.json
vendored
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
{
|
||||||
|
"commentsEnabled": true,
|
||||||
|
"sensitive": false,
|
||||||
|
"stickied": false,
|
||||||
|
"attributedTo": "https://enterprise.lemmy.ml/u/nutomic",
|
||||||
|
"summary": "Hello Federation!",
|
||||||
|
"url": "https://enterprise.lemmy.ml/pictrs/image/US52d9DPvf.jpg",
|
||||||
|
"image": {
|
||||||
|
"type": "Image",
|
||||||
|
"url": "https://enterprise.lemmy.ml/pictrs/image/lwFAcXHUjS.jpg"
|
||||||
|
},
|
||||||
|
"published": "2020-09-14T15:03:11.909105+00:00",
|
||||||
|
"to": "https://enterprise.lemmy.ml/c/main",
|
||||||
|
"@context": "https://www.w3.org/ns/activitystreams",
|
||||||
|
"id": "https://enterprise.lemmy.ml/post/3",
|
||||||
|
"type": "Page"
|
||||||
|
}
|
27
test/fixtures/tesla_mock/lemmy-user.json
vendored
Normal file
27
test/fixtures/tesla_mock/lemmy-user.json
vendored
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
{
|
||||||
|
"publicKey": {
|
||||||
|
"id": "https://enterprise.lemmy.ml/u/nutomic#main-key",
|
||||||
|
"owner": "https://enterprise.lemmy.ml/u/nutomic",
|
||||||
|
"publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfwAYPxp1gOk2HcCRoUd\nupoecvmnpzRc5Gu6/N3YQyOyRsrYuiYLNQq2cgM3kcU80ZeEetkwkYgXkRJOKu/b\nBWb7i1zt2tdr5k6lUdW8dfCyjht8ooFPQdov8J3QYHfgBHyUYxuCNfSujryxx2wu\nLQcdjRQa5NIWcomSO8OXmCF5/Yhg2XWCbtnlxEq6Y+AFddr1mAlTOy5pBr5d+xZz\njLw/U3CioNJ79yGi/sJhgp6IyJqtUSoN3b4BgRIEts2QVvn44W1rQy9wCbRYQrO1\nBcB9Wel4k3rJJK8uHg+LpHVMaZppkNaWGkMBhMbzr8qmIlcNWNi7cbMK/p5vyviy\nSwIDAQAB\n-----END PUBLIC KEY-----\n"
|
||||||
|
},
|
||||||
|
"inbox": "https://enterprise.lemmy.ml/u/nutomic/inbox",
|
||||||
|
"preferredUsername": "Nutomic",
|
||||||
|
"endpoints": {
|
||||||
|
"sharedInbox": "https://enterprise.lemmy.ml/inbox"
|
||||||
|
},
|
||||||
|
"summary": "some bio",
|
||||||
|
"icon": {
|
||||||
|
"type": "Image",
|
||||||
|
"url": "https://enterprise.lemmy.ml/pictrs/image/F6Z7QcWZRJ.jpg"
|
||||||
|
},
|
||||||
|
"image": {
|
||||||
|
"type": "Image",
|
||||||
|
"url": "https://enterprise.lemmy.ml:/pictrs/image/Q79N9oCDEG.png"
|
||||||
|
},
|
||||||
|
"published": "2020-09-14T14:54:53.080949+00:00",
|
||||||
|
"updated": "2020-10-14T10:58:28.139178+00:00",
|
||||||
|
"@context": "https://www.w3.org/ns/activitystreams",
|
||||||
|
"id": "https://enterprise.lemmy.ml/u/nutomic",
|
||||||
|
"type": "Person",
|
||||||
|
"name": "nutomic"
|
||||||
|
}
|
|
@ -1334,10 +1334,13 @@ test "It returns poll Answers when authenticated", %{conn: conn} do
|
||||||
activity: %{
|
activity: %{
|
||||||
"@context" => "https://www.w3.org/ns/activitystreams",
|
"@context" => "https://www.w3.org/ns/activitystreams",
|
||||||
"type" => "Create",
|
"type" => "Create",
|
||||||
"object" => %{"type" => "Note", "content" => "AP C2S test"},
|
"object" => %{
|
||||||
|
"type" => "Note",
|
||||||
|
"content" => "AP C2S test",
|
||||||
"to" => "https://www.w3.org/ns/activitystreams#Public",
|
"to" => "https://www.w3.org/ns/activitystreams#Public",
|
||||||
"cc" => []
|
"cc" => []
|
||||||
}
|
}
|
||||||
|
}
|
||||||
]
|
]
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -1442,19 +1445,19 @@ test "it erects a tombstone when receiving a delete activity", %{conn: conn} do
|
||||||
user = User.get_cached_by_ap_id(note_activity.data["actor"])
|
user = User.get_cached_by_ap_id(note_activity.data["actor"])
|
||||||
|
|
||||||
data = %{
|
data = %{
|
||||||
type: "Delete",
|
"type" => "Delete",
|
||||||
object: %{
|
"object" => %{
|
||||||
id: note_object.data["id"]
|
"id" => note_object.data["id"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
conn =
|
result =
|
||||||
conn
|
conn
|
||||||
|> assign(:user, user)
|
|> assign(:user, user)
|
||||||
|> put_req_header("content-type", "application/activity+json")
|
|> put_req_header("content-type", "application/activity+json")
|
||||||
|> post("/users/#{user.nickname}/outbox", data)
|
|> post("/users/#{user.nickname}/outbox", data)
|
||||||
|
|> json_response(201)
|
||||||
|
|
||||||
result = json_response(conn, 201)
|
|
||||||
assert Activity.get_by_ap_id(result["id"])
|
assert Activity.get_by_ap_id(result["id"])
|
||||||
|
|
||||||
assert object = Object.get_by_ap_id(note_object.data["id"])
|
assert object = Object.get_by_ap_id(note_object.data["id"])
|
||||||
|
@ -1479,7 +1482,7 @@ test "it rejects delete activity of object from other actor", %{conn: conn} do
|
||||||
|> put_req_header("content-type", "application/activity+json")
|
|> put_req_header("content-type", "application/activity+json")
|
||||||
|> post("/users/#{user.nickname}/outbox", data)
|
|> post("/users/#{user.nickname}/outbox", data)
|
||||||
|
|
||||||
assert json_response(conn, 400)
|
assert json_response(conn, 403)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "it increases like count when receiving a like action", %{conn: conn} do
|
test "it increases like count when receiving a like action", %{conn: conn} do
|
||||||
|
@ -1557,7 +1560,7 @@ test "Character limitation", %{conn: conn, activity: activity} do
|
||||||
|> post("/users/#{user.nickname}/outbox", activity)
|
|> post("/users/#{user.nickname}/outbox", activity)
|
||||||
|> json_response(400)
|
|> json_response(400)
|
||||||
|
|
||||||
assert result == "Note is over the character limit"
|
assert result == "Character limit (5 characters) exceeded, contains 11 characters"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -1934,11 +1937,11 @@ test "POST /api/ap/upload_media", %{conn: conn} do
|
||||||
"object" => %{
|
"object" => %{
|
||||||
"type" => "Note",
|
"type" => "Note",
|
||||||
"content" => "AP C2S test, attachment",
|
"content" => "AP C2S test, attachment",
|
||||||
"attachment" => [object]
|
"attachment" => [object],
|
||||||
},
|
|
||||||
"to" => "https://www.w3.org/ns/activitystreams#Public",
|
"to" => "https://www.w3.org/ns/activitystreams#Public",
|
||||||
"cc" => []
|
"cc" => []
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
activity_response =
|
activity_response =
|
||||||
conn
|
conn
|
||||||
|
|
|
@ -2,10 +2,10 @@
|
||||||
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidatorTest do
|
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidatorTest do
|
||||||
use Pleroma.DataCase, async: true
|
use Pleroma.DataCase, async: true
|
||||||
|
|
||||||
alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidator
|
alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidator
|
||||||
alias Pleroma.Web.ActivityPub.Utils
|
alias Pleroma.Web.ActivityPub.Utils
|
||||||
|
|
||||||
import Pleroma.Factory
|
import Pleroma.Factory
|
||||||
|
@ -29,7 +29,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidatorTest do
|
||||||
end
|
end
|
||||||
|
|
||||||
test "a basic note validates", %{note: note} do
|
test "a basic note validates", %{note: note} do
|
||||||
%{valid?: true} = ArticleNoteValidator.cast_and_validate(note)
|
%{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
|
@ -0,0 +1,36 @@
|
||||||
|
# Pleroma: A lightweight social networking server
|
||||||
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
|
defmodule Pleroma.Web.ActivityPub.Transmogrifier.PageHandlingTest do
|
||||||
|
use Oban.Testing, repo: Pleroma.Repo
|
||||||
|
use Pleroma.DataCase
|
||||||
|
|
||||||
|
alias Pleroma.Object.Fetcher
|
||||||
|
|
||||||
|
test "Lemmy Page" do
|
||||||
|
Tesla.Mock.mock(fn
|
||||||
|
%{url: "https://enterprise.lemmy.ml/post/3"} ->
|
||||||
|
%Tesla.Env{
|
||||||
|
status: 200,
|
||||||
|
headers: [{"content-type", "application/activity+json"}],
|
||||||
|
body: File.read!("test/fixtures/tesla_mock/lemmy-page.json")
|
||||||
|
}
|
||||||
|
|
||||||
|
%{url: "https://enterprise.lemmy.ml/u/nutomic"} ->
|
||||||
|
%Tesla.Env{
|
||||||
|
status: 200,
|
||||||
|
headers: [{"content-type", "application/activity+json"}],
|
||||||
|
body: File.read!("test/fixtures/tesla_mock/lemmy-user.json")
|
||||||
|
}
|
||||||
|
end)
|
||||||
|
|
||||||
|
{:ok, object} = Fetcher.fetch_object_from_id("https://enterprise.lemmy.ml/post/3")
|
||||||
|
|
||||||
|
assert object.data["summary"] == "Hello Federation!"
|
||||||
|
assert object.data["published"] == "2020-09-14T15:03:11.909105Z"
|
||||||
|
|
||||||
|
# WAT
|
||||||
|
assert object.data["url"] == "https://enterprise.lemmy.ml/pictrs/image/US52d9DPvf.jpg"
|
||||||
|
end
|
||||||
|
end
|
|
@ -305,7 +305,7 @@ test "returns 403 when requested by a non-admin" do
|
||||||
|> get("/api/pleroma/admin/reports")
|
|> get("/api/pleroma/admin/reports")
|
||||||
|
|
||||||
assert json_response(conn, :forbidden) ==
|
assert json_response(conn, :forbidden) ==
|
||||||
%{"error" => "User is not an admin."}
|
%{"error" => "User is not a staff member."}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "returns 403 when requested by anonymous" do
|
test "returns 403 when requested by anonymous" do
|
||||||
|
|
|
@ -384,13 +384,7 @@ test "renders users array for the first page", %{conn: conn, admin: admin} do
|
||||||
|
|
||||||
conn = get(conn, "/api/pleroma/admin/users?page=1")
|
conn = get(conn, "/api/pleroma/admin/users?page=1")
|
||||||
|
|
||||||
users =
|
users = [
|
||||||
[
|
|
||||||
user_response(
|
|
||||||
admin,
|
|
||||||
%{"roles" => %{"admin" => true, "moderator" => false}}
|
|
||||||
),
|
|
||||||
user_response(user, %{"local" => false, "tags" => ["foo", "bar"]}),
|
|
||||||
user_response(
|
user_response(
|
||||||
user2,
|
user2,
|
||||||
%{
|
%{
|
||||||
|
@ -399,9 +393,13 @@ test "renders users array for the first page", %{conn: conn, admin: admin} do
|
||||||
"registration_reason" => "I'm a chill dude",
|
"registration_reason" => "I'm a chill dude",
|
||||||
"actor_type" => "Person"
|
"actor_type" => "Person"
|
||||||
}
|
}
|
||||||
|
),
|
||||||
|
user_response(user, %{"local" => false, "tags" => ["foo", "bar"]}),
|
||||||
|
user_response(
|
||||||
|
admin,
|
||||||
|
%{"roles" => %{"admin" => true, "moderator" => false}}
|
||||||
)
|
)
|
||||||
]
|
]
|
||||||
|> Enum.sort_by(& &1["nickname"])
|
|
||||||
|
|
||||||
assert json_response_and_validate_schema(conn, 200) == %{
|
assert json_response_and_validate_schema(conn, 200) == %{
|
||||||
"count" => 3,
|
"count" => 3,
|
||||||
|
@ -525,7 +523,7 @@ test "regular search with page size", %{conn: conn} do
|
||||||
assert json_response_and_validate_schema(conn1, 200) == %{
|
assert json_response_and_validate_schema(conn1, 200) == %{
|
||||||
"count" => 2,
|
"count" => 2,
|
||||||
"page_size" => 1,
|
"page_size" => 1,
|
||||||
"users" => [user_response(user)]
|
"users" => [user_response(user2)]
|
||||||
}
|
}
|
||||||
|
|
||||||
conn2 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=2")
|
conn2 = get(conn, "/api/pleroma/admin/users?query=a&page_size=1&page=2")
|
||||||
|
@ -533,7 +531,7 @@ test "regular search with page size", %{conn: conn} do
|
||||||
assert json_response_and_validate_schema(conn2, 200) == %{
|
assert json_response_and_validate_schema(conn2, 200) == %{
|
||||||
"count" => 2,
|
"count" => 2,
|
||||||
"page_size" => 1,
|
"page_size" => 1,
|
||||||
"users" => [user_response(user2)]
|
"users" => [user_response(user)]
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -565,8 +563,7 @@ test "only local users with no query", %{conn: conn, admin: old_admin} do
|
||||||
|
|
||||||
conn = get(conn, "/api/pleroma/admin/users?filters=local")
|
conn = get(conn, "/api/pleroma/admin/users?filters=local")
|
||||||
|
|
||||||
users =
|
users = [
|
||||||
[
|
|
||||||
user_response(user),
|
user_response(user),
|
||||||
user_response(admin, %{
|
user_response(admin, %{
|
||||||
"roles" => %{"admin" => true, "moderator" => false}
|
"roles" => %{"admin" => true, "moderator" => false}
|
||||||
|
@ -576,7 +573,6 @@ test "only local users with no query", %{conn: conn, admin: old_admin} do
|
||||||
"roles" => %{"admin" => true, "moderator" => false}
|
"roles" => %{"admin" => true, "moderator" => false}
|
||||||
})
|
})
|
||||||
]
|
]
|
||||||
|> Enum.sort_by(& &1["nickname"])
|
|
||||||
|
|
||||||
assert json_response_and_validate_schema(conn, 200) == %{
|
assert json_response_and_validate_schema(conn, 200) == %{
|
||||||
"count" => 3,
|
"count" => 3,
|
||||||
|
@ -604,7 +600,6 @@ test "only unconfirmed users", %{conn: conn} do
|
||||||
"is_approved" => true
|
"is_approved" => true
|
||||||
})
|
})
|
||||||
end)
|
end)
|
||||||
|> Enum.sort_by(& &1["nickname"])
|
|
||||||
|
|
||||||
assert result == %{"count" => 2, "page_size" => 50, "users" => users}
|
assert result == %{"count" => 2, "page_size" => 50, "users" => users}
|
||||||
end
|
end
|
||||||
|
@ -642,18 +637,16 @@ test "load only admins", %{conn: conn, admin: admin} do
|
||||||
|
|
||||||
conn = get(conn, "/api/pleroma/admin/users?filters=is_admin")
|
conn = get(conn, "/api/pleroma/admin/users?filters=is_admin")
|
||||||
|
|
||||||
users =
|
users = [
|
||||||
[
|
user_response(second_admin, %{
|
||||||
user_response(admin, %{
|
|
||||||
"is_active" => true,
|
"is_active" => true,
|
||||||
"roles" => %{"admin" => true, "moderator" => false}
|
"roles" => %{"admin" => true, "moderator" => false}
|
||||||
}),
|
}),
|
||||||
user_response(second_admin, %{
|
user_response(admin, %{
|
||||||
"is_active" => true,
|
"is_active" => true,
|
||||||
"roles" => %{"admin" => true, "moderator" => false}
|
"roles" => %{"admin" => true, "moderator" => false}
|
||||||
})
|
})
|
||||||
]
|
]
|
||||||
|> Enum.sort_by(& &1["nickname"])
|
|
||||||
|
|
||||||
assert json_response_and_validate_schema(conn, 200) == %{
|
assert json_response_and_validate_schema(conn, 200) == %{
|
||||||
"count" => 2,
|
"count" => 2,
|
||||||
|
@ -693,13 +686,11 @@ test "load users with actor_type is Person", %{admin: admin, conn: conn} do
|
||||||
|> get(user_path(conn, :index), %{actor_types: ["Person"]})
|
|> get(user_path(conn, :index), %{actor_types: ["Person"]})
|
||||||
|> json_response_and_validate_schema(200)
|
|> json_response_and_validate_schema(200)
|
||||||
|
|
||||||
users =
|
users = [
|
||||||
[
|
user_response(user2),
|
||||||
user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}}),
|
|
||||||
user_response(user1),
|
user_response(user1),
|
||||||
user_response(user2)
|
user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}})
|
||||||
]
|
]
|
||||||
|> Enum.sort_by(& &1["nickname"])
|
|
||||||
|
|
||||||
assert response == %{"count" => 3, "page_size" => 50, "users" => users}
|
assert response == %{"count" => 3, "page_size" => 50, "users" => users}
|
||||||
end
|
end
|
||||||
|
@ -716,14 +707,12 @@ test "load users with actor_type is Person and Service", %{admin: admin, conn: c
|
||||||
|> get(user_path(conn, :index), %{actor_types: ["Person", "Service"]})
|
|> get(user_path(conn, :index), %{actor_types: ["Person", "Service"]})
|
||||||
|> json_response_and_validate_schema(200)
|
|> json_response_and_validate_schema(200)
|
||||||
|
|
||||||
users =
|
users = [
|
||||||
[
|
|
||||||
user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}}),
|
|
||||||
user_response(user1),
|
|
||||||
user_response(user2),
|
user_response(user2),
|
||||||
user_response(user_service, %{"actor_type" => "Service"})
|
user_response(user1),
|
||||||
|
user_response(user_service, %{"actor_type" => "Service"}),
|
||||||
|
user_response(admin, %{"roles" => %{"admin" => true, "moderator" => false}})
|
||||||
]
|
]
|
||||||
|> Enum.sort_by(& &1["nickname"])
|
|
||||||
|
|
||||||
assert response == %{"count" => 4, "page_size" => 50, "users" => users}
|
assert response == %{"count" => 4, "page_size" => 50, "users" => users}
|
||||||
end
|
end
|
||||||
|
@ -752,12 +741,10 @@ test "load users with tags list", %{conn: conn} do
|
||||||
|
|
||||||
conn = get(conn, "/api/pleroma/admin/users?tags[]=first&tags[]=second")
|
conn = get(conn, "/api/pleroma/admin/users?tags[]=first&tags[]=second")
|
||||||
|
|
||||||
users =
|
users = [
|
||||||
[
|
user_response(user2, %{"tags" => ["second"]}),
|
||||||
user_response(user1, %{"tags" => ["first"]}),
|
user_response(user1, %{"tags" => ["first"]})
|
||||||
user_response(user2, %{"tags" => ["second"]})
|
|
||||||
]
|
]
|
||||||
|> Enum.sort_by(& &1["nickname"])
|
|
||||||
|
|
||||||
assert json_response_and_validate_schema(conn, 200) == %{
|
assert json_response_and_validate_schema(conn, 200) == %{
|
||||||
"count" => 2,
|
"count" => 2,
|
||||||
|
@ -781,8 +768,8 @@ test "`active` filters out users pending approval", %{token: token} do
|
||||||
"count" => 2,
|
"count" => 2,
|
||||||
"page_size" => 50,
|
"page_size" => 50,
|
||||||
"users" => [
|
"users" => [
|
||||||
%{"id" => ^admin_id},
|
%{"id" => ^user_id},
|
||||||
%{"id" => ^user_id}
|
%{"id" => ^admin_id}
|
||||||
]
|
]
|
||||||
} = json_response_and_validate_schema(conn, 200)
|
} = json_response_and_validate_schema(conn, 200)
|
||||||
end
|
end
|
||||||
|
@ -921,7 +908,8 @@ defp user_response(user, attrs \\ %{}) do
|
||||||
"is_approved" => true,
|
"is_approved" => true,
|
||||||
"url" => user.ap_id,
|
"url" => user.ap_id,
|
||||||
"registration_reason" => nil,
|
"registration_reason" => nil,
|
||||||
"actor_type" => "Person"
|
"actor_type" => "Person",
|
||||||
|
"created_at" => CommonAPI.Utils.to_masto_date(user.inserted_at)
|
||||||
}
|
}
|
||||||
|> Map.merge(attrs)
|
|> Map.merge(attrs)
|
||||||
end
|
end
|
||||||
|
|
|
@ -151,9 +151,9 @@ test "it returns users by actor_types" do
|
||||||
|
|
||||||
{:ok, [^user_service], 1} = Search.user(%{actor_types: ["Service"]})
|
{:ok, [^user_service], 1} = Search.user(%{actor_types: ["Service"]})
|
||||||
{:ok, [^user_application], 1} = Search.user(%{actor_types: ["Application"]})
|
{:ok, [^user_application], 1} = Search.user(%{actor_types: ["Application"]})
|
||||||
{:ok, [^user1, ^user2], 2} = Search.user(%{actor_types: ["Person"]})
|
{:ok, [^user2, ^user1], 2} = Search.user(%{actor_types: ["Person"]})
|
||||||
|
|
||||||
{:ok, [^user_service, ^user1, ^user2], 3} =
|
{:ok, [^user2, ^user1, ^user_service], 3} =
|
||||||
Search.user(%{actor_types: ["Person", "Service"]})
|
Search.user(%{actor_types: ["Person", "Service"]})
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
47
test/pleroma/web/plugs/user_is_staff_plug_test.exs
Normal file
47
test/pleroma/web/plugs/user_is_staff_plug_test.exs
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
# Pleroma: A lightweight social networking server
|
||||||
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
|
defmodule Pleroma.Web.Plugs.UserIsStaffPlugTest do
|
||||||
|
use Pleroma.Web.ConnCase, async: true
|
||||||
|
|
||||||
|
alias Pleroma.Web.Plugs.UserIsStaffPlug
|
||||||
|
import Pleroma.Factory
|
||||||
|
|
||||||
|
test "accepts a user that is an admin" do
|
||||||
|
user = insert(:user, is_admin: true)
|
||||||
|
|
||||||
|
conn = assign(build_conn(), :user, user)
|
||||||
|
|
||||||
|
ret_conn = UserIsStaffPlug.call(conn, %{})
|
||||||
|
|
||||||
|
assert conn == ret_conn
|
||||||
|
end
|
||||||
|
|
||||||
|
test "accepts a user that is a moderator" do
|
||||||
|
user = insert(:user, is_moderator: true)
|
||||||
|
|
||||||
|
conn = assign(build_conn(), :user, user)
|
||||||
|
|
||||||
|
ret_conn = UserIsStaffPlug.call(conn, %{})
|
||||||
|
|
||||||
|
assert conn == ret_conn
|
||||||
|
end
|
||||||
|
|
||||||
|
test "denies a user that isn't a staff member" do
|
||||||
|
user = insert(:user)
|
||||||
|
|
||||||
|
conn =
|
||||||
|
build_conn()
|
||||||
|
|> assign(:user, user)
|
||||||
|
|> UserIsStaffPlug.call(%{})
|
||||||
|
|
||||||
|
assert conn.status == 403
|
||||||
|
end
|
||||||
|
|
||||||
|
test "denies when a user isn't set" do
|
||||||
|
conn = UserIsStaffPlug.call(build_conn(), %{})
|
||||||
|
|
||||||
|
assert conn.status == 403
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue