From 673e8e3ac154c4ce5801077234cf2bdee99e78c9 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Fri, 7 Aug 2020 13:02:39 -0500 Subject: [PATCH 1/4] Force 204 responses to be empty, fixes #2029 --- lib/pleroma/web/controller_helper.ex | 6 ++++++ test/support/conn_case.ex | 9 ++++++++- .../controllers/admin_api_controller_test.exs | 10 +++++----- 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/lib/pleroma/web/controller_helper.ex b/lib/pleroma/web/controller_helper.ex index 69946fb81..6445966e0 100644 --- a/lib/pleroma/web/controller_helper.ex +++ b/lib/pleroma/web/controller_helper.ex @@ -18,6 +18,12 @@ defmodule Pleroma.Web.ControllerHelper do def truthy_param?(value), do: not falsy_param?(value) + def json_response(conn, status, _) when status in [204, :no_content] do + conn + |> put_resp_header("content-type", "application/json") + |> send_resp(status, "") + end + def json_response(conn, status, json) do conn |> put_status(status) diff --git a/test/support/conn_case.ex b/test/support/conn_case.ex index b23918dd1..b50ff1bcc 100644 --- a/test/support/conn_case.ex +++ b/test/support/conn_case.ex @@ -56,6 +56,13 @@ defmodule Pleroma.Web.ConnCase do [conn: conn] end + defp empty_json_response(conn) do + body = response(conn, 204) + _ = response_content_type(conn, :json) + + body + end + defp json_response_and_validate_schema( %{ private: %{ @@ -79,7 +86,7 @@ defmodule Pleroma.Web.ConnCase do end schema = lookup[op_id].responses[status].content[content_type].schema - json = json_response(conn, status) + json = if status == 204, do: empty_json_response(conn), else: json_response(conn, status) case OpenApiSpex.cast_value(json, schema, spec) do {:ok, _data} -> diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs index b5d5bd8c7..e63268831 100644 --- a/test/web/admin_api/controllers/admin_api_controller_test.exs +++ b/test/web/admin_api/controllers/admin_api_controller_test.exs @@ -439,7 +439,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do user1: user1, user2: user2 } do - assert json_response(conn, :no_content) + assert empty_json_response(conn) assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"] assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"] @@ -457,7 +457,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do end test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do - assert json_response(conn, :no_content) + assert empty_json_response(conn) assert User.get_cached_by_id(user3.id).tags == ["unchanged"] end end @@ -485,7 +485,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do user1: user1, user2: user2 } do - assert json_response(conn, :no_content) + assert empty_json_response(conn) assert User.get_cached_by_id(user1.id).tags == [] assert User.get_cached_by_id(user2.id).tags == ["y"] @@ -503,7 +503,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do end test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do - assert json_response(conn, :no_content) + assert empty_json_response(conn) assert User.get_cached_by_id(user3.id).tags == ["unchanged"] end end @@ -1756,7 +1756,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do conn = patch(conn, "/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]}) - assert json_response(conn, 204) == "" + assert empty_json_response(conn) == "" ObanHelpers.perform_all() From 249f21dcbbbc20f401a9ea9bfc6179c858abce6f Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 10 Aug 2020 17:57:36 +0400 Subject: [PATCH 2/4] Admin API: Filter out unapproved users when the `active` filter is on --- lib/pleroma/user/query.ex | 1 + .../controllers/admin_api_controller_test.exs | 21 +++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/lib/pleroma/user/query.ex b/lib/pleroma/user/query.ex index 45553cb6c..d618432ff 100644 --- a/lib/pleroma/user/query.ex +++ b/lib/pleroma/user/query.ex @@ -130,6 +130,7 @@ defmodule Pleroma.User.Query do defp compose_query({:active, _}, query) do User.restrict_deactivated(query) |> where([u], not is_nil(u.nickname)) + |> where([u], u.approval_pending == false) end defp compose_query({:legacy_active, _}, query) do diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs index b5d5bd8c7..7f0f02605 100644 --- a/test/web/admin_api/controllers/admin_api_controller_test.exs +++ b/test/web/admin_api/controllers/admin_api_controller_test.exs @@ -1164,6 +1164,27 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do } end + test "`active` filters out users pending approval", %{token: token} do + insert(:user, approval_pending: true) + %{id: user_id} = insert(:user, approval_pending: false) + %{id: admin_id} = token.user + + conn = + build_conn() + |> assign(:user, token.user) + |> assign(:token, token) + |> get("/api/pleroma/admin/users?filters=active") + + assert %{ + "count" => 2, + "page_size" => 50, + "users" => [ + %{"id" => ^admin_id}, + %{"id" => ^user_id} + ] + } = json_response(conn, 200) + end + test "it works with multiple filters" do admin = insert(:user, nickname: "john", is_admin: true) token = insert(:oauth_admin_token, user: admin) From 9a9121805ceccfa62c77e9abc81af5f7c7fd4049 Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 11 Aug 2020 09:08:27 +0000 Subject: [PATCH 3/4] Apply 1 suggestion(s) to 1 file(s) --- test/support/conn_case.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/support/conn_case.ex b/test/support/conn_case.ex index b50ff1bcc..7ef681258 100644 --- a/test/support/conn_case.ex +++ b/test/support/conn_case.ex @@ -58,7 +58,7 @@ defmodule Pleroma.Web.ConnCase do defp empty_json_response(conn) do body = response(conn, 204) - _ = response_content_type(conn, :json) + response_content_type(conn, :json) body end From 304ed357436522f73036c912eaaa8d8e38e1d469 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 11 Aug 2020 17:21:17 +0400 Subject: [PATCH 4/4] Set `users.approval_pending` default to `false` --- ...5613_set_defaults_to_user_approval_pending.exs | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 priv/repo/migrations/20200811125613_set_defaults_to_user_approval_pending.exs diff --git a/priv/repo/migrations/20200811125613_set_defaults_to_user_approval_pending.exs b/priv/repo/migrations/20200811125613_set_defaults_to_user_approval_pending.exs new file mode 100644 index 000000000..eec7da03f --- /dev/null +++ b/priv/repo/migrations/20200811125613_set_defaults_to_user_approval_pending.exs @@ -0,0 +1,15 @@ +defmodule Pleroma.Repo.Migrations.SetDefaultsToUserApprovalPending do + use Ecto.Migration + + def up do + execute("UPDATE users SET approval_pending = false WHERE approval_pending IS NULL") + + alter table(:users) do + modify(:approval_pending, :boolean, default: false, null: false) + end + end + + def down do + :ok + end +end