Commit 743b622b authored by Maxim Filippov's avatar Maxim Filippov 🌚

Force password reset for multiple users

parent 9b40e5f5
...@@ -67,6 +67,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ...@@ -67,6 +67,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Mastodon API: Mark the direct conversation as read for the author when they send a new direct message - Mastodon API: Mark the direct conversation as read for the author when they send a new direct message
</details> </details>
- Deprecated `User.Info` embedded schema (fields moved to `User`) - Deprecated `User.Info` embedded schema (fields moved to `User`)
- Admin API: `PATCH /api/pleroma/admin/users/:nickname/force_password_reset` is now `PATCH /api/pleroma/admin/users/force_password_reset` (accepts `nicknames` array in the request body)
### Fixed ### Fixed
- Report emails now include functional links to profiles of remote user accounts - Report emails now include functional links to profiles of remote user accounts
......
...@@ -540,6 +540,17 @@ def get_log_entry_message(%ModerationLog{ ...@@ -540,6 +540,17 @@ def get_log_entry_message(%ModerationLog{
"@#{actor_nickname} deleted status ##{subject_id}" "@#{actor_nickname} deleted status ##{subject_id}"
end end
@spec get_log_entry_message(ModerationLog) :: String.t()
def get_log_entry_message(%ModerationLog{
data: %{
"actor" => %{"nickname" => actor_nickname},
"action" => "force_password_reset",
"subject" => subjects
}
}) do
"@#{actor_nickname} force password reset for users: #{users_to_nicknames_string(subjects)}"
end
defp nicknames_to_string(nicknames) do defp nicknames_to_string(nicknames) do
nicknames nicknames
|> Enum.map(&"@#{&1}") |> Enum.map(&"@#{&1}")
......
...@@ -595,10 +595,16 @@ def get_password_reset(conn, %{"nickname" => nickname}) do ...@@ -595,10 +595,16 @@ def get_password_reset(conn, %{"nickname" => nickname}) do
end end
@doc "Force password reset for a given user" @doc "Force password reset for a given user"
def force_password_reset(conn, %{"nickname" => nickname}) do def force_password_reset(%{assigns: %{user: admin}} = conn, %{"nicknames" => nicknames}) do
(%User{local: true} = user) = User.get_cached_by_nickname(nickname) users = nicknames |> Enum.map(&User.get_cached_by_nickname/1)
User.force_password_reset_async(user) Enum.map(users, &User.force_password_reset_async/1)
ModerationLog.insert_log(%{
actor: admin,
subject: users,
action: "force_password_reset"
})
json_response(conn, :no_content, "") json_response(conn, :no_content, "")
end end
......
...@@ -171,7 +171,7 @@ defmodule Pleroma.Web.Router do ...@@ -171,7 +171,7 @@ defmodule Pleroma.Web.Router do
post("/users/email_invite", AdminAPIController, :email_invite) post("/users/email_invite", AdminAPIController, :email_invite)
get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset) get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset)
patch("/users/:nickname/force_password_reset", AdminAPIController, :force_password_reset) patch("/users/force_password_reset", AdminAPIController, :force_password_reset)
get("/users", AdminAPIController, :list_users) get("/users", AdminAPIController, :list_users)
get("/users/:nickname", AdminAPIController, :user_show) get("/users/:nickname", AdminAPIController, :user_show)
......
...@@ -2538,7 +2538,7 @@ test "sets password_reset_pending to true", %{admin: admin, user: user} do ...@@ -2538,7 +2538,7 @@ test "sets password_reset_pending to true", %{admin: admin, user: user} do
conn = conn =
build_conn() build_conn()
|> assign(:user, admin) |> assign(:user, admin)
|> patch("/api/pleroma/admin/users/#{user.nickname}/force_password_reset") |> patch("/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
assert json_response(conn, 204) == "" assert json_response(conn, 204) == ""
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment