diff --git a/config/config.exs b/config/config.exs index 53c0cc3294..a0c18c75a9 100644 --- a/config/config.exs +++ b/config/config.exs @@ -261,7 +261,8 @@ :user_credentials, :statuses_read, :user_tag, - :user_activation + :user_activation, + :user_invite ], moderator_privileges: [], max_endorsed_users: 20, diff --git a/config/description.exs b/config/description.exs index 51d3ad8aab..7e74778c54 100644 --- a/config/description.exs +++ b/config/description.exs @@ -968,7 +968,8 @@ :user_credentials, :statuses_read, :user_tag, - :user_activation + :user_activation, + :user_invite ], description: "What extra priviledges to allow admins (e.g. updating user credentials, get password reset token, delete users, index and read private statuses and chats)" @@ -981,7 +982,8 @@ :user_credentials, :statuses_read, :user_tag, - :user_activation + :user_activation, + :user_invite ], description: "What extra priviledges to allow moderators (e.g. updating user credentials, get password reset token, delete users, index and read private statuses and chats)" diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index bfe5c7b903..87e564488e 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -130,6 +130,11 @@ defmodule Pleroma.Web.Router do plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_activation) end + pipeline :require_privileged_role_user_invite do + plug(:admin_api) + plug(Pleroma.Web.Plugs.EnsurePrivilegedPlug, :user_invite) + end + pipeline :pleroma_html do plug(:browser) plug(:authenticate) @@ -296,15 +301,20 @@ defmodule Pleroma.Web.Router do patch("/users/deactivate", UserController, :deactivate) end - # AdminAPI: admins and mods (staff) can perform these actions + # AdminAPI: admins and mods (staff) can perform these actions (if privileged by role) scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do - pipe_through(:admin_api) + pipe_through(:require_privileged_role_user_invite) patch("/users/approve", UserController, :approve) post("/users/invite_token", InviteController, :create) get("/users/invites", InviteController, :index) post("/users/revoke_invite", InviteController, :revoke) post("/users/email_invite", InviteController, :email) + end + + # AdminAPI: admins and mods (staff) can perform these actions + scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do + pipe_through(:admin_api) get("/users", UserController, :index) get("/users/:nickname", UserController, :show) diff --git a/test/pleroma/web/admin_api/controllers/invite_controller_test.exs b/test/pleroma/web/admin_api/controllers/invite_controller_test.exs index b9d48a4b61..17c2aa104f 100644 --- a/test/pleroma/web/admin_api/controllers/invite_controller_test.exs +++ b/test/pleroma/web/admin_api/controllers/invite_controller_test.exs @@ -23,8 +23,25 @@ defmodule Pleroma.Web.AdminAPI.InviteControllerTest do end describe "POST /api/pleroma/admin/users/email_invite, with valid config" do - setup do: clear_config([:instance, :registrations_open], false) - setup do: clear_config([:instance, :invites_enabled], true) + setup do + clear_config([:instance, :registrations_open], false) + clear_config([:instance, :invites_enabled], true) + clear_config([:instance, :admin_privileges], [:user_invite]) + end + + test "returns 403 if not privileged with :user_invite", %{conn: conn} do + clear_config([:instance, :admin_privileges], []) + + conn = + conn + |> put_req_header("content-type", "application/json;charset=utf-8") + |> post("/api/pleroma/admin/users/email_invite", %{ + email: "foo@bar.com", + name: "J. D." + }) + + assert json_response(conn, :forbidden) + end test "sends invitation and returns 204", %{admin: admin, conn: conn} do recipient_email = "foo@bar.com" @@ -114,8 +131,11 @@ test "email with +", %{conn: conn, admin: admin} do end describe "POST /api/pleroma/admin/users/email_invite, with invalid config" do - setup do: clear_config([:instance, :registrations_open]) - setup do: clear_config([:instance, :invites_enabled]) + setup do + clear_config([:instance, :registrations_open]) + clear_config([:instance, :invites_enabled]) + clear_config([:instance, :admin_privileges], [:user_invite]) + end test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn} do clear_config([:instance, :registrations_open], false) @@ -157,6 +177,21 @@ test "it returns 500 if `registrations_open` is enabled", %{conn: conn} do end describe "POST /api/pleroma/admin/users/invite_token" do + setup do + clear_config([:instance, :admin_privileges], [:user_invite]) + end + + test "returns 403 if not privileged with :user_invite", %{conn: conn} do + clear_config([:instance, :admin_privileges], []) + + conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/pleroma/admin/users/invite_token") + + assert json_response(conn, :forbidden) + end + test "without options", %{conn: conn} do conn = conn @@ -221,6 +256,18 @@ test "with max use and expires_at", %{conn: conn} do end describe "GET /api/pleroma/admin/users/invites" do + setup do + clear_config([:instance, :admin_privileges], [:user_invite]) + end + + test "returns 403 if not privileged with :user_invite", %{conn: conn} do + clear_config([:instance, :admin_privileges], []) + + conn = get(conn, "/api/pleroma/admin/users/invites") + + assert json_response(conn, :forbidden) + end + test "no invites", %{conn: conn} do conn = get(conn, "/api/pleroma/admin/users/invites") @@ -249,6 +296,21 @@ test "with invite", %{conn: conn} do end describe "POST /api/pleroma/admin/users/revoke_invite" do + setup do + clear_config([:instance, :admin_privileges], [:user_invite]) + end + + test "returns 403 if not privileged with :user_invite", %{conn: conn} do + clear_config([:instance, :admin_privileges], []) + + conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/pleroma/admin/users/revoke_invite", %{"token" => "foo"}) + + assert json_response(conn, :forbidden) + end + test "with token", %{conn: conn} do {:ok, invite} = UserInviteToken.create_invite() diff --git a/test/pleroma/web/admin_api/controllers/user_controller_test.exs b/test/pleroma/web/admin_api/controllers/user_controller_test.exs index ea28863f31..f221b9c51d 100644 --- a/test/pleroma/web/admin_api/controllers/user_controller_test.exs +++ b/test/pleroma/web/admin_api/controllers/user_controller_test.exs @@ -825,6 +825,8 @@ test "it omits relay user", %{admin: admin, conn: conn} do end test "PATCH /api/pleroma/admin/users/approve", %{admin: admin, conn: conn} do + clear_config([:instance, :admin_privileges], [:user_invite]) + user_one = insert(:user, is_approved: false) user_two = insert(:user, is_approved: false) @@ -845,6 +847,21 @@ test "PATCH /api/pleroma/admin/users/approve", %{admin: admin, conn: conn} do "@#{admin.nickname} approved users: @#{user_one.nickname}, @#{user_two.nickname}" end + test "PATCH /api/pleroma/admin/users/approve returns 403 if not privileged with :user_invite", + %{conn: conn} do + clear_config([:instance, :admin_privileges], []) + + conn = + conn + |> put_req_header("content-type", "application/json") + |> patch( + "/api/pleroma/admin/users/approve", + %{nicknames: ["user_one.nickname", "user_two.nickname"]} + ) + + assert json_response(conn, :forbidden) + end + test "PATCH /api/pleroma/admin/users/suggest", %{admin: admin, conn: conn} do user1 = insert(:user, is_suggested: false) user2 = insert(:user, is_suggested: false)