Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Pleroma
pleroma
Commits
5f5dc240
Commit
5f5dc240
authored
Aug 05, 2021
by
Haelwenn
Browse files
Merge branch 'staff-plug' into 'develop'
Moderators: add UserIsStaffPlug See merge request
!3495
parents
d8a986c9
44ede065
Pipeline
#36938
passed with stages
in 82 minutes and 35 seconds
Changes
4
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
lib/pleroma/web/plugs/user_is_staff_plug.ex
0 → 100644
View file @
5f5dc240
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule
Pleroma
.
Web
.
Plugs
.
UserIsStaffPlug
do
import
Pleroma
.
Web
.
TranslationHelpers
import
Plug
.
Conn
alias
Pleroma
.
User
def
init
(
options
)
do
options
end
def
call
(%{
assigns:
%{
user:
%
User
{
is_admin:
true
}}}
=
conn
,
_
),
do
:
conn
def
call
(%{
assigns:
%{
user:
%
User
{
is_moderator:
true
}}}
=
conn
,
_
),
do
:
conn
def
call
(
conn
,
_
)
do
conn
|>
render_error
(
:forbidden
,
"User is not a staff member."
)
|>
halt
()
end
end
lib/pleroma/web/router.ex
View file @
5f5dc240
...
...
@@ -96,10 +96,14 @@ defmodule Pleroma.Web.Router do
plug
(
Pleroma
.
Web
.
Plugs
.
AdminSecretAuthenticationPlug
)
plug
(
:after_auth
)
plug
(
Pleroma
.
Web
.
Plugs
.
EnsureAuthenticatedPlug
)
plug
(
Pleroma
.
Web
.
Plugs
.
UserIs
Admin
Plug
)
plug
(
Pleroma
.
Web
.
Plugs
.
UserIs
Staff
Plug
)
plug
(
Pleroma
.
Web
.
Plugs
.
IdempotencyPlug
)
end
pipeline
:require_admin
do
plug
(
Pleroma
.
Web
.
Plugs
.
UserIsAdminPlug
)
end
pipeline
:mastodon_html
do
plug
(
:browser
)
plug
(
:authenticate
)
...
...
@@ -160,7 +164,7 @@ defmodule Pleroma.Web.Router do
end
scope
"/api/v1/pleroma/admin"
,
Pleroma
.
Web
.
AdminAPI
do
pipe_through
(
:admin_api
)
pipe_through
(
[
:admin_api
,
:require_admin
]
)
put
(
"/users/disable_mfa"
,
AdminAPIController
,
:disable_mfa
)
put
(
"/users/tag"
,
AdminAPIController
,
:tag_users
)
...
...
@@ -265,7 +269,7 @@ defmodule Pleroma.Web.Router do
scope
"/api/v1/pleroma/emoji"
,
Pleroma
.
Web
.
PleromaAPI
do
scope
"/pack"
do
pipe_through
(
:admin_api
)
pipe_through
(
[
:admin_api
,
:require_admin
]
)
post
(
"/"
,
EmojiPackController
,
:create
)
patch
(
"/"
,
EmojiPackController
,
:update
)
...
...
@@ -280,7 +284,7 @@ defmodule Pleroma.Web.Router do
# Modifying packs
scope
"/packs"
do
pipe_through
(
:admin_api
)
pipe_through
(
[
:admin_api
,
:require_admin
]
)
get
(
"/import"
,
EmojiPackController
,
:import_from_filesystem
)
get
(
"/remote"
,
EmojiPackController
,
:remote
)
...
...
test/pleroma/web/admin_api/controllers/report_controller_test.exs
View file @
5f5dc240
...
...
@@ -305,7 +305,7 @@ test "returns 403 when requested by a non-admin" do
|>
get
(
"/api/pleroma/admin/reports"
)
assert
json_response
(
conn
,
:forbidden
)
==
%{
"error"
=>
"User is not a
n admin
."
}
%{
"error"
=>
"User is not a
staff member
."
}
end
test
"returns 403 when requested by anonymous"
do
...
...
test/pleroma/web/plugs/user_is_staff_plug_test.exs
0 → 100644
View file @
5f5dc240
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule
Pleroma
.
Web
.
Plugs
.
UserIsStaffPlugTest
do
use
Pleroma
.
Web
.
ConnCase
,
async:
true
alias
Pleroma
.
Web
.
Plugs
.
UserIsStaffPlug
import
Pleroma
.
Factory
test
"accepts a user that is an admin"
do
user
=
insert
(
:user
,
is_admin:
true
)
conn
=
assign
(
build_conn
(),
:user
,
user
)
ret_conn
=
UserIsStaffPlug
.
call
(
conn
,
%{})
assert
conn
==
ret_conn
end
test
"accepts a user that is a moderator"
do
user
=
insert
(
:user
,
is_moderator:
true
)
conn
=
assign
(
build_conn
(),
:user
,
user
)
ret_conn
=
UserIsStaffPlug
.
call
(
conn
,
%{})
assert
conn
==
ret_conn
end
test
"denies a user that isn't a staff member"
do
user
=
insert
(
:user
)
conn
=
build_conn
()
|>
assign
(
:user
,
user
)
|>
UserIsStaffPlug
.
call
(%{})
assert
conn
.
status
==
403
end
test
"denies when a user isn't set"
do
conn
=
UserIsStaffPlug
.
call
(
build_conn
(),
%{})
assert
conn
.
status
==
403
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment