Add Pleroma.User.all_users_with_privilege/1
This should eventually replace the Pleroma.User.all_superusers/0 function * I added a new param `is_privileged` in User.query * Now we can fetch all users with a specified privilege
This commit is contained in:
Ilja
parent
a1c8aa4721
commit
34adea8d28
4 changed files with 225 additions and 1 deletions
|
|
@ -2205,6 +2205,11 @@ defmodule Pleroma.User do
|
||||||
|> Repo.all()
|
|> Repo.all()
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@spec all_users_with_privilege(atom()) :: [User.t()]
|
||||||
|
def all_users_with_privilege(privilege) do
|
||||||
|
User.Query.build(%{is_privileged: privilege}) |> Repo.all()
|
||||||
|
end
|
||||||
|
|
||||||
def muting_reblogs?(%User{} = user, %User{} = target) do
|
def muting_reblogs?(%User{} = user, %User{} = target) do
|
||||||
UserRelationship.reblog_mute_exists?(user, target)
|
UserRelationship.reblog_mute_exists?(user, target)
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -29,6 +29,7 @@ defmodule Pleroma.User.Query do
|
||||||
import Ecto.Query
|
import Ecto.Query
|
||||||
import Pleroma.Web.Utils.Guards, only: [not_empty_string: 1]
|
import Pleroma.Web.Utils.Guards, only: [not_empty_string: 1]
|
||||||
|
|
||||||
|
alias Pleroma.Config
|
||||||
alias Pleroma.FollowingRelationship
|
alias Pleroma.FollowingRelationship
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
|
||||||
|
|
@ -49,6 +50,7 @@ defmodule Pleroma.User.Query do
|
||||||
is_suggested: boolean(),
|
is_suggested: boolean(),
|
||||||
is_discoverable: boolean(),
|
is_discoverable: boolean(),
|
||||||
super_users: boolean(),
|
super_users: boolean(),
|
||||||
|
is_privileged: atom(),
|
||||||
invisible: boolean(),
|
invisible: boolean(),
|
||||||
internal: boolean(),
|
internal: boolean(),
|
||||||
followers: User.t(),
|
followers: User.t(),
|
||||||
|
|
@ -136,6 +138,43 @@ defmodule Pleroma.User.Query do
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
defp compose_query({:is_privileged, privilege}, query) do
|
||||||
|
moderator_privileged = privilege in Config.get([:instance, :moderator_privileges])
|
||||||
|
admin_privileged = privilege in Config.get([:instance, :admin_privileges])
|
||||||
|
|
||||||
|
query = compose_query({:active, true}, query)
|
||||||
|
query = compose_query({:local, true}, query)
|
||||||
|
|
||||||
|
case {admin_privileged, moderator_privileged} do
|
||||||
|
{false, false} ->
|
||||||
|
where(
|
||||||
|
query,
|
||||||
|
false
|
||||||
|
)
|
||||||
|
|
||||||
|
{true, true} ->
|
||||||
|
where(
|
||||||
|
query,
|
||||||
|
[u],
|
||||||
|
u.is_admin or u.is_moderator
|
||||||
|
)
|
||||||
|
|
||||||
|
{true, false} ->
|
||||||
|
where(
|
||||||
|
query,
|
||||||
|
[u],
|
||||||
|
u.is_admin
|
||||||
|
)
|
||||||
|
|
||||||
|
{false, true} ->
|
||||||
|
where(
|
||||||
|
query,
|
||||||
|
[u],
|
||||||
|
u.is_moderator
|
||||||
|
)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
defp compose_query({:local, _}, query), do: location_query(query, true)
|
defp compose_query({:local, _}, query), do: location_query(query, true)
|
||||||
|
|
||||||
defp compose_query({:external, _}, query), do: location_query(query, false)
|
defp compose_query({:external, _}, query), do: location_query(query, false)
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@
|
||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Pleroma.User.QueryTest do
|
defmodule Pleroma.User.QueryTest do
|
||||||
use Pleroma.DataCase, async: true
|
use Pleroma.DataCase, async: false
|
||||||
|
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
|
@ -44,4 +44,94 @@ defmodule Pleroma.User.QueryTest do
|
||||||
|> User.Query.build()
|
|> User.Query.build()
|
||||||
|> Repo.all()
|
|> Repo.all()
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "is_privileged param" do
|
||||||
|
setup do
|
||||||
|
%{
|
||||||
|
user: insert(:user, local: true, is_admin: false, is_moderator: false),
|
||||||
|
moderator_user: insert(:user, local: true, is_admin: false, is_moderator: true),
|
||||||
|
admin_user: insert(:user, local: true, is_admin: true, is_moderator: false),
|
||||||
|
admin_moderator_user: insert(:user, local: true, is_admin: true, is_moderator: true),
|
||||||
|
remote_user: insert(:user, local: false, is_admin: true, is_moderator: true),
|
||||||
|
non_active_user:
|
||||||
|
insert(:user, local: true, is_admin: true, is_moderator: true, is_active: false)
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
test "doesn't return any users when there are no privileged roles", %{
|
||||||
|
user: user,
|
||||||
|
moderator_user: moderator_user,
|
||||||
|
admin_user: admin_user,
|
||||||
|
admin_moderator_user: admin_moderator_user,
|
||||||
|
remote_user: remote_user,
|
||||||
|
non_active_user: non_active_user
|
||||||
|
} do
|
||||||
|
clear_config([:instance, :admin_privileges], [])
|
||||||
|
clear_config([:instance, :moderator_privileges], [])
|
||||||
|
|
||||||
|
refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
end
|
||||||
|
|
||||||
|
test "returns moderator users if they are privileged", %{
|
||||||
|
user: user,
|
||||||
|
moderator_user: moderator_user,
|
||||||
|
admin_user: admin_user,
|
||||||
|
admin_moderator_user: admin_moderator_user,
|
||||||
|
remote_user: remote_user,
|
||||||
|
non_active_user: non_active_user
|
||||||
|
} do
|
||||||
|
clear_config([:instance, :admin_privileges], [])
|
||||||
|
clear_config([:instance, :moderator_privileges], [:cofe])
|
||||||
|
|
||||||
|
refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
assert moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
assert admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
end
|
||||||
|
|
||||||
|
test "returns admin users if they are privileged", %{
|
||||||
|
user: user,
|
||||||
|
moderator_user: moderator_user,
|
||||||
|
admin_user: admin_user,
|
||||||
|
admin_moderator_user: admin_moderator_user,
|
||||||
|
remote_user: remote_user,
|
||||||
|
non_active_user: non_active_user
|
||||||
|
} do
|
||||||
|
clear_config([:instance, :admin_privileges], [:cofe])
|
||||||
|
clear_config([:instance, :moderator_privileges], [])
|
||||||
|
|
||||||
|
refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
assert admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
assert admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
end
|
||||||
|
|
||||||
|
test "returns admin and moderator users if they are both privileged", %{
|
||||||
|
user: user,
|
||||||
|
moderator_user: moderator_user,
|
||||||
|
admin_user: admin_user,
|
||||||
|
admin_moderator_user: admin_moderator_user,
|
||||||
|
remote_user: remote_user,
|
||||||
|
non_active_user: non_active_user
|
||||||
|
} do
|
||||||
|
clear_config([:instance, :admin_privileges], [:cofe])
|
||||||
|
clear_config([:instance, :moderator_privileges], [:cofe])
|
||||||
|
|
||||||
|
refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
assert admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
assert moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
assert admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -1972,6 +1972,96 @@ defmodule Pleroma.UserTest do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "all_users_with_privilege/1" do
|
||||||
|
setup do
|
||||||
|
%{
|
||||||
|
user: insert(:user, local: true, is_admin: false, is_moderator: false),
|
||||||
|
moderator_user: insert(:user, local: true, is_admin: false, is_moderator: true),
|
||||||
|
admin_user: insert(:user, local: true, is_admin: true, is_moderator: false),
|
||||||
|
admin_moderator_user: insert(:user, local: true, is_admin: true, is_moderator: true),
|
||||||
|
remote_user: insert(:user, local: false, is_admin: true, is_moderator: true),
|
||||||
|
non_active_user:
|
||||||
|
insert(:user, local: true, is_admin: true, is_moderator: true, is_active: false)
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
test "doesn't return any users when there are no privileged roles", %{
|
||||||
|
user: user,
|
||||||
|
moderator_user: moderator_user,
|
||||||
|
admin_user: admin_user,
|
||||||
|
admin_moderator_user: admin_moderator_user,
|
||||||
|
remote_user: remote_user,
|
||||||
|
non_active_user: non_active_user
|
||||||
|
} do
|
||||||
|
clear_config([:instance, :admin_privileges], [])
|
||||||
|
clear_config([:instance, :moderator_privileges], [])
|
||||||
|
|
||||||
|
refute user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute admin_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute moderator_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute admin_moderator_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute remote_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute non_active_user in User.all_users_with_privilege(:cofe)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "returns moderator users if they are privileged", %{
|
||||||
|
user: user,
|
||||||
|
moderator_user: moderator_user,
|
||||||
|
admin_user: admin_user,
|
||||||
|
admin_moderator_user: admin_moderator_user,
|
||||||
|
remote_user: remote_user,
|
||||||
|
non_active_user: non_active_user
|
||||||
|
} do
|
||||||
|
clear_config([:instance, :admin_privileges], [])
|
||||||
|
clear_config([:instance, :moderator_privileges], [:cofe])
|
||||||
|
|
||||||
|
refute user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute admin_user in User.all_users_with_privilege(:cofe)
|
||||||
|
assert moderator_user in User.all_users_with_privilege(:cofe)
|
||||||
|
assert admin_moderator_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute remote_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute non_active_user in User.all_users_with_privilege(:cofe)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "returns admin users if they are privileged", %{
|
||||||
|
user: user,
|
||||||
|
moderator_user: moderator_user,
|
||||||
|
admin_user: admin_user,
|
||||||
|
admin_moderator_user: admin_moderator_user,
|
||||||
|
remote_user: remote_user,
|
||||||
|
non_active_user: non_active_user
|
||||||
|
} do
|
||||||
|
clear_config([:instance, :admin_privileges], [:cofe])
|
||||||
|
clear_config([:instance, :moderator_privileges], [])
|
||||||
|
|
||||||
|
refute user in User.all_users_with_privilege(:cofe)
|
||||||
|
assert admin_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute moderator_user in User.all_users_with_privilege(:cofe)
|
||||||
|
assert admin_moderator_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute remote_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute non_active_user in User.all_users_with_privilege(:cofe)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "returns admin and moderator users if they are both privileged", %{
|
||||||
|
user: user,
|
||||||
|
moderator_user: moderator_user,
|
||||||
|
admin_user: admin_user,
|
||||||
|
admin_moderator_user: admin_moderator_user,
|
||||||
|
remote_user: remote_user,
|
||||||
|
non_active_user: non_active_user
|
||||||
|
} do
|
||||||
|
clear_config([:instance, :admin_privileges], [:cofe])
|
||||||
|
clear_config([:instance, :moderator_privileges], [:cofe])
|
||||||
|
|
||||||
|
refute user in User.all_users_with_privilege(:cofe)
|
||||||
|
assert admin_user in User.all_users_with_privilege(:cofe)
|
||||||
|
assert moderator_user in User.all_users_with_privilege(:cofe)
|
||||||
|
assert admin_moderator_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute remote_user in User.all_users_with_privilege(:cofe)
|
||||||
|
refute non_active_user in User.all_users_with_privilege(:cofe)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe "parse_bio/2" do
|
describe "parse_bio/2" do
|
||||||
test "preserves hosts in user links text" do
|
test "preserves hosts in user links text" do
|
||||||
remote_user = insert(:user, local: false, nickname: "nick@domain.com")
|
remote_user = insert(:user, local: false, nickname: "nick@domain.com")
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue