Implement moving account
Ref: emit-move
This commit is contained in:
parent
52a3f0f08b
commit
0af77b20c1
4 changed files with 203 additions and 1 deletions
|
@ -214,6 +214,41 @@ defmodule Pleroma.Web.ApiSpec.TwitterUtilOperation do
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def move_account_operation do
|
||||||
|
%Operation{
|
||||||
|
tags: ["Account credentials"],
|
||||||
|
summary: "Move account",
|
||||||
|
security: [%{"oAuth" => ["write:accounts"]}],
|
||||||
|
operationId: "UtilController.move_account",
|
||||||
|
requestBody: request_body("Parameters", move_account_request(), required: true),
|
||||||
|
responses: %{
|
||||||
|
200 =>
|
||||||
|
Operation.response("Success", "application/json", %Schema{
|
||||||
|
type: :object,
|
||||||
|
properties: %{status: %Schema{type: :string, example: "success"}}
|
||||||
|
}),
|
||||||
|
400 => Operation.response("Error", "application/json", ApiError),
|
||||||
|
403 => Operation.response("Error", "application/json", ApiError)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
defp move_account_request do
|
||||||
|
%Schema{
|
||||||
|
title: "MoveAccountRequest",
|
||||||
|
description: "POST body for moving the account",
|
||||||
|
type: :object,
|
||||||
|
required: [:password, :target_account],
|
||||||
|
properties: %{
|
||||||
|
password: %Schema{type: :string, description: "Current password"},
|
||||||
|
target_account: %Schema{
|
||||||
|
type: :string,
|
||||||
|
description: "The nickname of the target account to move to"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
def healthcheck_operation do
|
def healthcheck_operation do
|
||||||
%Operation{
|
%Operation{
|
||||||
tags: ["Accounts"],
|
tags: ["Accounts"],
|
||||||
|
|
|
@ -343,6 +343,7 @@ defmodule Pleroma.Web.Router do
|
||||||
post("/delete_account", UtilController, :delete_account)
|
post("/delete_account", UtilController, :delete_account)
|
||||||
put("/notification_settings", UtilController, :update_notificaton_settings)
|
put("/notification_settings", UtilController, :update_notificaton_settings)
|
||||||
post("/disable_account", UtilController, :disable_account)
|
post("/disable_account", UtilController, :disable_account)
|
||||||
|
post("/move_account", UtilController, :move_account)
|
||||||
end
|
end
|
||||||
|
|
||||||
scope "/api/pleroma", Pleroma.Web.PleromaAPI do
|
scope "/api/pleroma", Pleroma.Web.PleromaAPI do
|
||||||
|
|
|
@ -11,6 +11,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
|
||||||
alias Pleroma.Emoji
|
alias Pleroma.Emoji
|
||||||
alias Pleroma.Healthcheck
|
alias Pleroma.Healthcheck
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
alias Pleroma.Web.WebFinger
|
alias Pleroma.Web.WebFinger
|
||||||
|
@ -26,7 +27,8 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
|
||||||
:change_password,
|
:change_password,
|
||||||
:delete_account,
|
:delete_account,
|
||||||
:update_notificaton_settings,
|
:update_notificaton_settings,
|
||||||
:disable_account
|
:disable_account,
|
||||||
|
:move_account
|
||||||
]
|
]
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -158,6 +160,35 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def move_account(%{assigns: %{user: user}, body_params: body_params} = conn, %{}) do
|
||||||
|
case CommonAPI.Utils.confirm_current_password(user, body_params.password) do
|
||||||
|
{:ok, user} ->
|
||||||
|
with {:ok, target_user} <- find_user_by_nickname(body_params.target_account),
|
||||||
|
{:ok, _user} <- ActivityPub.move(user, target_user) do
|
||||||
|
json(conn, %{status: "success"})
|
||||||
|
else
|
||||||
|
{:not_found} ->
|
||||||
|
json(conn, %{error: "Target account not found."})
|
||||||
|
|
||||||
|
{:error, error} ->
|
||||||
|
json(conn, %{error: error})
|
||||||
|
end
|
||||||
|
|
||||||
|
{:error, msg} ->
|
||||||
|
json(conn, %{error: msg})
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
defp find_user_by_nickname(nickname) do
|
||||||
|
user = User.get_cached_by_nickname(nickname)
|
||||||
|
|
||||||
|
if user == nil do
|
||||||
|
{:not_found, nil}
|
||||||
|
else
|
||||||
|
{:ok, user}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def captcha(conn, _params) do
|
def captcha(conn, _params) do
|
||||||
json(conn, Pleroma.Captcha.new())
|
json(conn, Pleroma.Captcha.new())
|
||||||
end
|
end
|
||||||
|
|
|
@ -516,4 +516,139 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
|
||||||
assert user.password_hash == nil
|
assert user.password_hash == nil
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "POST /api/pleroma/move_account" do
|
||||||
|
setup do: oauth_access(["write:accounts"])
|
||||||
|
|
||||||
|
test "without permissions", %{conn: conn} do
|
||||||
|
target_user = insert(:user)
|
||||||
|
target_nick = target_user |> User.full_nickname()
|
||||||
|
|
||||||
|
conn =
|
||||||
|
conn
|
||||||
|
|> assign(:token, nil)
|
||||||
|
|> put_req_header("content-type", "multipart/form-data")
|
||||||
|
|> post("/api/pleroma/move_account", %{
|
||||||
|
"password" => "hi",
|
||||||
|
"target_account" => target_nick
|
||||||
|
})
|
||||||
|
|
||||||
|
assert json_response_and_validate_schema(conn, 403) == %{
|
||||||
|
"error" => "Insufficient permissions: write:accounts."
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
test "with proper permissions and invalid password", %{conn: conn} do
|
||||||
|
target_user = insert(:user)
|
||||||
|
target_nick = target_user |> User.full_nickname()
|
||||||
|
|
||||||
|
conn =
|
||||||
|
conn
|
||||||
|
|> put_req_header("content-type", "multipart/form-data")
|
||||||
|
|> post("/api/pleroma/move_account", %{
|
||||||
|
"password" => "hi",
|
||||||
|
"target_account" => target_nick
|
||||||
|
})
|
||||||
|
|
||||||
|
assert json_response_and_validate_schema(conn, 200) == %{"error" => "Invalid password."}
|
||||||
|
end
|
||||||
|
|
||||||
|
test "with proper permissions, valid password and target account does not alias this",
|
||||||
|
%{
|
||||||
|
conn: conn
|
||||||
|
} do
|
||||||
|
target_user = insert(:user)
|
||||||
|
target_nick = target_user |> User.full_nickname()
|
||||||
|
|
||||||
|
conn =
|
||||||
|
conn
|
||||||
|
|> put_req_header("content-type", "multipart/form-data")
|
||||||
|
|> post("/api/pleroma/move_account", %{
|
||||||
|
"password" => "test",
|
||||||
|
"target_account" => target_nick
|
||||||
|
})
|
||||||
|
|
||||||
|
assert json_response_and_validate_schema(conn, 200) == %{
|
||||||
|
"error" => "Target account must have the origin in `alsoKnownAs`"
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
test "with proper permissions, valid password and target account aliases this", %{
|
||||||
|
conn: conn,
|
||||||
|
user: user
|
||||||
|
} do
|
||||||
|
target_user = insert(:user, also_known_as: [user.ap_id])
|
||||||
|
target_nick = target_user |> User.full_nickname()
|
||||||
|
follower = insert(:user)
|
||||||
|
|
||||||
|
User.follow(follower, user)
|
||||||
|
|
||||||
|
assert User.following?(follower, user)
|
||||||
|
|
||||||
|
conn =
|
||||||
|
conn
|
||||||
|
|> put_req_header("content-type", "multipart/form-data")
|
||||||
|
|> post(
|
||||||
|
"/api/pleroma/move_account",
|
||||||
|
%{
|
||||||
|
password: "test",
|
||||||
|
target_account: target_nick
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
|
||||||
|
|
||||||
|
params = %{
|
||||||
|
"op" => "move_following",
|
||||||
|
"origin_id" => user.id,
|
||||||
|
"target_id" => target_user.id
|
||||||
|
}
|
||||||
|
|
||||||
|
assert_enqueued(worker: Pleroma.Workers.BackgroundWorker, args: params)
|
||||||
|
|
||||||
|
Pleroma.Workers.BackgroundWorker.perform(%Oban.Job{args: params})
|
||||||
|
|
||||||
|
refute User.following?(follower, user)
|
||||||
|
assert User.following?(follower, target_user)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "prefix nickname by @ should work", %{
|
||||||
|
conn: conn,
|
||||||
|
user: user
|
||||||
|
} do
|
||||||
|
target_user = insert(:user, also_known_as: [user.ap_id])
|
||||||
|
target_nick = target_user |> User.full_nickname()
|
||||||
|
follower = insert(:user)
|
||||||
|
|
||||||
|
User.follow(follower, user)
|
||||||
|
|
||||||
|
assert User.following?(follower, user)
|
||||||
|
|
||||||
|
conn =
|
||||||
|
conn
|
||||||
|
|> put_req_header("content-type", "multipart/form-data")
|
||||||
|
|> post(
|
||||||
|
"/api/pleroma/move_account",
|
||||||
|
%{
|
||||||
|
password: "test",
|
||||||
|
target_account: "@" <> target_nick
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
|
||||||
|
|
||||||
|
params = %{
|
||||||
|
"op" => "move_following",
|
||||||
|
"origin_id" => user.id,
|
||||||
|
"target_id" => target_user.id
|
||||||
|
}
|
||||||
|
|
||||||
|
assert_enqueued(worker: Pleroma.Workers.BackgroundWorker, args: params)
|
||||||
|
|
||||||
|
Pleroma.Workers.BackgroundWorker.perform(%Oban.Job{args: params})
|
||||||
|
|
||||||
|
refute User.following?(follower, user)
|
||||||
|
assert User.following?(follower, target_user)
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue