admin_api_controller.ex 4.85 KB
Newer Older
1
# Pleroma: A lightweight social networking server
kaniini's avatar
kaniini committed
2
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3
4
# SPDX-License-Identifier: AGPL-3.0-only

5
defmodule Pleroma.Web.AdminAPI.AdminAPIController do
Haelwenn's avatar
Haelwenn committed
6
  use Pleroma.Web, :controller
7
  alias Pleroma.User
8
  alias Pleroma.Web.ActivityPub.Relay
Haelwenn's avatar
Haelwenn committed
9

10
11
  import Pleroma.Web.ControllerHelper, only: [json_response: 3]

Haelwenn's avatar
Haelwenn committed
12
13
14
15
  require Logger

  action_fallback(:errors)

16
  def user_delete(conn, %{"nickname" => nickname}) do
17
18
    user = User.get_by_nickname(nickname)

19
    if user.local == true do
20
21
22
23
24
25
      User.delete(user)
    else
      User.delete(user)
    end

    conn
26
    |> json(nickname)
Haelwenn's avatar
Haelwenn committed
27
28
  end

29
30
31
32
  def user_create(
        conn,
        %{"nickname" => nickname, "email" => email, "password" => password}
      ) do
33
    user_data = %{
34
      nickname: nickname,
35
      name: nickname,
36
37
38
      email: email,
      password: password,
      password_confirmation: password,
39
      bio: "."
40
41
    }

42
43
    changeset = User.register_changeset(%User{}, user_data, confirmed: true)
    {:ok, user} = User.register(changeset)
44
45

    conn
46
    |> json(user.nickname)
47
48
  end

49
50
51
52
53
54
55
56
57
58
  def tag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
    with {:ok, _} <- User.tag(nicknames, tags),
         do: json_response(conn, :no_content, "")
  end

  def untag_users(conn, %{"nicknames" => nicknames, "tags" => tags}) do
    with {:ok, _} <- User.untag(nicknames, tags),
         do: json_response(conn, :no_content, "")
  end

59
60
  def right_add(conn, %{"permission_group" => permission_group, "nickname" => nickname})
      when permission_group in ["moderator", "admin"] do
61
62
63
    user = User.get_by_nickname(nickname)

    info =
lain's avatar
lain committed
64
      %{}
65
      |> Map.put("is_" <> permission_group, true)
66

lain's avatar
lain committed
67
68
69
    info_cng = User.Info.admin_api_update(user.info, info)

    cng =
Maksim's avatar
updates    
Maksim committed
70
71
      user
      |> Ecto.Changeset.change()
lain's avatar
lain committed
72
73
      |> Ecto.Changeset.put_embed(:info, info_cng)

Maksim's avatar
Maksim committed
74
    {:ok, _user} = User.update_and_set_cache(cng)
75

Maksim's avatar
Maksim committed
76
77
78
79
    json(conn, info)
  end

  def right_add(conn, _) do
80
    conn
Maksim's avatar
Maksim committed
81
82
    |> put_status(404)
    |> json(%{error: "No such permission_group"})
83
84
  end

85
86
87
88
  def right_get(conn, %{"nickname" => nickname}) do
    user = User.get_by_nickname(nickname)

    conn
lain's avatar
lain committed
89
90
91
92
    |> json(%{
      is_moderator: user.info.is_moderator,
      is_admin: user.info.is_admin
    })
93
94
  end

95
96
97
  def right_delete(
        %{assigns: %{user: %User{:nickname => admin_nickname}}} = conn,
        %{
98
          "permission_group" => permission_group,
99
100
101
          "nickname" => nickname
        }
      )
102
      when permission_group in ["moderator", "admin"] do
103
104
    if admin_nickname == nickname do
      conn
105
      |> put_status(403)
106
107
108
      |> json(%{error: "You can't revoke your own admin status."})
    else
      user = User.get_by_nickname(nickname)
109

110
      info =
lain's avatar
lain committed
111
        %{}
112
        |> Map.put("is_" <> permission_group, false)
113

lain's avatar
lain committed
114
115
116
117
118
119
      info_cng = User.Info.admin_api_update(user.info, info)

      cng =
        Ecto.Changeset.change(user)
        |> Ecto.Changeset.put_embed(:info, info_cng)

Maksim's avatar
Maksim committed
120
      {:ok, _user} = User.update_and_set_cache(cng)
121

Maksim's avatar
Maksim committed
122
      json(conn, info)
123
    end
124
125
126
127
128
  end

  def right_delete(conn, _) do
    conn
    |> put_status(404)
129
    |> json(%{error: "No such permission_group"})
Haelwenn's avatar
Haelwenn committed
130
131
  end

132
  def relay_follow(conn, %{"relay_url" => target}) do
Maksim's avatar
Maksim committed
133
134
    with {:ok, _message} <- Relay.follow(target) do
      json(conn, target)
135
    else
Maksim's avatar
Maksim committed
136
137
138
139
      _ ->
        conn
        |> put_status(500)
        |> json(target)
140
    end
Haelwenn's avatar
Haelwenn committed
141
142
  end

143
  def relay_unfollow(conn, %{"relay_url" => target}) do
Maksim's avatar
Maksim committed
144
145
    with {:ok, _message} <- Relay.unfollow(target) do
      json(conn, target)
146
    else
Maksim's avatar
Maksim committed
147
148
149
150
      _ ->
        conn
        |> put_status(500)
        |> json(target)
151
    end
Haelwenn's avatar
Haelwenn committed
152
153
  end

154
155
156
157
158
159
160
161
162
163
164
165
166
  @doc "Sends registration invite via email"
  def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params) do
    with true <-
           Pleroma.Config.get([:instance, :invites_enabled]) &&
             !Pleroma.Config.get([:instance, :registrations_open]),
         {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(),
         email <-
           Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]),
         {:ok, _} <- Pleroma.Mailer.deliver(email) do
      json_response(conn, :no_content, "")
    end
  end

Maksim's avatar
Maksim committed
167
  @doc "Get a account registeration invite token (base64 string)"
168
  def get_invite_token(conn, _params) do
169
    {:ok, token} = Pleroma.UserInviteToken.create_token()
170
171

    conn
172
    |> json(token.token)
Haelwenn's avatar
Haelwenn committed
173
174
  end

Maksim's avatar
Maksim committed
175
  @doc "Get a password reset token (base64 string) for given nickname"
176
  def get_password_reset(conn, %{"nickname" => nickname}) do
177
178
179
180
    (%User{local: true} = user) = User.get_by_nickname(nickname)
    {:ok, token} = Pleroma.PasswordResetToken.create_token(user)

    conn
181
182
183
184
185
186
187
188
189
190
191
192
193
    |> json(token.token)
  end

  def errors(conn, {:param_cast, _}) do
    conn
    |> put_status(400)
    |> json("Invalid parameters")
  end

  def errors(conn, _) do
    conn
    |> put_status(500)
    |> json("Something went wrong")
Haelwenn's avatar
Haelwenn committed
194
195
  end
end