diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index af29f85b5..16438e524 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -2205,6 +2205,11 @@ defmodule Pleroma.User do |> Repo.all() end + @spec all_users_with_privilege(atom()) :: [User.t()] + def all_users_with_privilege(privilege) do + User.Query.build(%{is_privileged: privilege}) |> Repo.all() + end + def muting_reblogs?(%User{} = user, %User{} = target) do UserRelationship.reblog_mute_exists?(user, target) end diff --git a/lib/pleroma/user/query.ex b/lib/pleroma/user/query.ex index 20bc1ea61..3e090cac0 100644 --- a/lib/pleroma/user/query.ex +++ b/lib/pleroma/user/query.ex @@ -29,6 +29,7 @@ defmodule Pleroma.User.Query do import Ecto.Query import Pleroma.Web.Utils.Guards, only: [not_empty_string: 1] + alias Pleroma.Config alias Pleroma.FollowingRelationship alias Pleroma.User @@ -49,6 +50,7 @@ defmodule Pleroma.User.Query do is_suggested: boolean(), is_discoverable: boolean(), super_users: boolean(), + is_privileged: atom(), invisible: boolean(), internal: boolean(), followers: User.t(), @@ -136,6 +138,43 @@ defmodule Pleroma.User.Query do ) end + defp compose_query({:is_privileged, privilege}, query) do + moderator_privileged = privilege in Config.get([:instance, :moderator_privileges]) + admin_privileged = privilege in Config.get([:instance, :admin_privileges]) + + query = compose_query({:active, true}, query) + query = compose_query({:local, true}, query) + + case {admin_privileged, moderator_privileged} do + {false, false} -> + where( + query, + false + ) + + {true, true} -> + where( + query, + [u], + u.is_admin or u.is_moderator + ) + + {true, false} -> + where( + query, + [u], + u.is_admin + ) + + {false, true} -> + where( + query, + [u], + u.is_moderator + ) + end + end + defp compose_query({:local, _}, query), do: location_query(query, true) defp compose_query({:external, _}, query), do: location_query(query, false) diff --git a/test/pleroma/user/query_test.exs b/test/pleroma/user/query_test.exs index bd45d1bca..7e443536b 100644 --- a/test/pleroma/user/query_test.exs +++ b/test/pleroma/user/query_test.exs @@ -3,7 +3,7 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.User.QueryTest do - use Pleroma.DataCase, async: true + use Pleroma.DataCase, async: false alias Pleroma.Repo alias Pleroma.User @@ -44,4 +44,94 @@ defmodule Pleroma.User.QueryTest do |> User.Query.build() |> Repo.all() end + + describe "is_privileged param" do + setup do + %{ + user: insert(:user, local: true, is_admin: false, is_moderator: false), + moderator_user: insert(:user, local: true, is_admin: false, is_moderator: true), + admin_user: insert(:user, local: true, is_admin: true, is_moderator: false), + admin_moderator_user: insert(:user, local: true, is_admin: true, is_moderator: true), + remote_user: insert(:user, local: false, is_admin: true, is_moderator: true), + non_active_user: + insert(:user, local: true, is_admin: true, is_moderator: true, is_active: false) + } + end + + test "doesn't return any users when there are no privileged roles", %{ + user: user, + moderator_user: moderator_user, + admin_user: admin_user, + admin_moderator_user: admin_moderator_user, + remote_user: remote_user, + non_active_user: non_active_user + } do + clear_config([:instance, :admin_privileges], []) + clear_config([:instance, :moderator_privileges], []) + + refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + end + + test "returns moderator users if they are privileged", %{ + user: user, + moderator_user: moderator_user, + admin_user: admin_user, + admin_moderator_user: admin_moderator_user, + remote_user: remote_user, + non_active_user: non_active_user + } do + clear_config([:instance, :admin_privileges], []) + clear_config([:instance, :moderator_privileges], [:cofe]) + + refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + assert moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + assert admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + end + + test "returns admin users if they are privileged", %{ + user: user, + moderator_user: moderator_user, + admin_user: admin_user, + admin_moderator_user: admin_moderator_user, + remote_user: remote_user, + non_active_user: non_active_user + } do + clear_config([:instance, :admin_privileges], [:cofe]) + clear_config([:instance, :moderator_privileges], []) + + refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + assert admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + assert admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + end + + test "returns admin and moderator users if they are both privileged", %{ + user: user, + moderator_user: moderator_user, + admin_user: admin_user, + admin_moderator_user: admin_moderator_user, + remote_user: remote_user, + non_active_user: non_active_user + } do + clear_config([:instance, :admin_privileges], [:cofe]) + clear_config([:instance, :moderator_privileges], [:cofe]) + + refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + assert admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + assert moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + assert admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all()) + end + end end diff --git a/test/pleroma/user_test.exs b/test/pleroma/user_test.exs index 9f8be7fa2..0262470b2 100644 --- a/test/pleroma/user_test.exs +++ b/test/pleroma/user_test.exs @@ -1972,6 +1972,96 @@ defmodule Pleroma.UserTest do end end + describe "all_users_with_privilege/1" do + setup do + %{ + user: insert(:user, local: true, is_admin: false, is_moderator: false), + moderator_user: insert(:user, local: true, is_admin: false, is_moderator: true), + admin_user: insert(:user, local: true, is_admin: true, is_moderator: false), + admin_moderator_user: insert(:user, local: true, is_admin: true, is_moderator: true), + remote_user: insert(:user, local: false, is_admin: true, is_moderator: true), + non_active_user: + insert(:user, local: true, is_admin: true, is_moderator: true, is_active: false) + } + end + + test "doesn't return any users when there are no privileged roles", %{ + user: user, + moderator_user: moderator_user, + admin_user: admin_user, + admin_moderator_user: admin_moderator_user, + remote_user: remote_user, + non_active_user: non_active_user + } do + clear_config([:instance, :admin_privileges], []) + clear_config([:instance, :moderator_privileges], []) + + refute user in User.all_users_with_privilege(:cofe) + refute admin_user in User.all_users_with_privilege(:cofe) + refute moderator_user in User.all_users_with_privilege(:cofe) + refute admin_moderator_user in User.all_users_with_privilege(:cofe) + refute remote_user in User.all_users_with_privilege(:cofe) + refute non_active_user in User.all_users_with_privilege(:cofe) + end + + test "returns moderator users if they are privileged", %{ + user: user, + moderator_user: moderator_user, + admin_user: admin_user, + admin_moderator_user: admin_moderator_user, + remote_user: remote_user, + non_active_user: non_active_user + } do + clear_config([:instance, :admin_privileges], []) + clear_config([:instance, :moderator_privileges], [:cofe]) + + refute user in User.all_users_with_privilege(:cofe) + refute admin_user in User.all_users_with_privilege(:cofe) + assert moderator_user in User.all_users_with_privilege(:cofe) + assert admin_moderator_user in User.all_users_with_privilege(:cofe) + refute remote_user in User.all_users_with_privilege(:cofe) + refute non_active_user in User.all_users_with_privilege(:cofe) + end + + test "returns admin users if they are privileged", %{ + user: user, + moderator_user: moderator_user, + admin_user: admin_user, + admin_moderator_user: admin_moderator_user, + remote_user: remote_user, + non_active_user: non_active_user + } do + clear_config([:instance, :admin_privileges], [:cofe]) + clear_config([:instance, :moderator_privileges], []) + + refute user in User.all_users_with_privilege(:cofe) + assert admin_user in User.all_users_with_privilege(:cofe) + refute moderator_user in User.all_users_with_privilege(:cofe) + assert admin_moderator_user in User.all_users_with_privilege(:cofe) + refute remote_user in User.all_users_with_privilege(:cofe) + refute non_active_user in User.all_users_with_privilege(:cofe) + end + + test "returns admin and moderator users if they are both privileged", %{ + user: user, + moderator_user: moderator_user, + admin_user: admin_user, + admin_moderator_user: admin_moderator_user, + remote_user: remote_user, + non_active_user: non_active_user + } do + clear_config([:instance, :admin_privileges], [:cofe]) + clear_config([:instance, :moderator_privileges], [:cofe]) + + refute user in User.all_users_with_privilege(:cofe) + assert admin_user in User.all_users_with_privilege(:cofe) + assert moderator_user in User.all_users_with_privilege(:cofe) + assert admin_moderator_user in User.all_users_with_privilege(:cofe) + refute remote_user in User.all_users_with_privilege(:cofe) + refute non_active_user in User.all_users_with_privilege(:cofe) + end + end + describe "parse_bio/2" do test "preserves hosts in user links text" do remote_user = insert(:user, local: false, nickname: "nick@domain.com")