Merge remote-tracking branch 'remotes/origin/develop' into relations-preloading-for-statuses-rendering

author: Ivan Tashkinov <ivantashkinov@gmail.com> 2020-03-24 22:15:37 +0300
committer: Ivan Tashkinov <ivantashkinov@gmail.com> 2020-03-24 22:15:37 +0300
commit: 8f1d622b8dfaf6bf00d5f1bf6b988c12766b72ea (patch)
tree: d913b98c4a089fdf872716a861626d698cdb1e63 /test/web/admin_api/admin_api_controller_test.exs
parent: 13cbb9f6ada8dcb15bb7ed12be4d88a18c5db7f7 (diff)
parent: 8eebc75c152ee339bac347350266e3bc6536016b (diff)
download: pleroma-8f1d622b8dfaf6bf00d5f1bf6b988c12766b72ea.tar.gz
pleroma-8f1d622b8dfaf6bf00d5f1bf6b988c12766b72ea.zip
1 files changed, 69 insertions, 0 deletions
diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs
index 0a902585d..c9e228cc8 100644
--- a/test/web/admin_api/admin_api_controller_test.exs
+++ b/test/web/admin_api/admin_api_controller_test.exs
@@ -3374,6 +3374,75 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
     end
   end
 
+  describe "GET /users/:nickname/credentials" do
+    test "gets the user credentials", %{conn: conn} do
+      user = insert(:user)
+      conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
+
+      response = assert json_response(conn, 200)
+      assert response["email"] == user.email
+    end
+
+    test "returns 403 if requested by a non-admin" do
+      user = insert(:user)
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+        |> get("/api/pleroma/admin/users/#{user.nickname}/credentials")
+
+      assert json_response(conn, :forbidden)
+    end
+  end
+
+  describe "PATCH /users/:nickname/credentials" do
+    test "changes password and email", %{conn: conn, admin: admin} do
+      user = insert(:user)
+      assert user.password_reset_pending == false
+
+      conn =
+        patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
+          "password" => "new_password",
+          "email" => "new_email@example.com",
+          "name" => "new_name"
+        })
+
+      assert json_response(conn, 200) == %{"status" => "success"}
+
+      ObanHelpers.perform_all()
+
+      updated_user = User.get_by_id(user.id)
+
+      assert updated_user.email == "new_email@example.com"
+      assert updated_user.name == "new_name"
+      assert updated_user.password_hash != user.password_hash
+      assert updated_user.password_reset_pending == true
+
+      [log_entry2, log_entry1] = ModerationLog |> Repo.all() |> Enum.sort()
+
+      assert ModerationLog.get_log_entry_message(log_entry1) ==
+               "@#{admin.nickname} updated users: @#{user.nickname}"
+
+      assert ModerationLog.get_log_entry_message(log_entry2) ==
+               "@#{admin.nickname} forced password reset for users: @#{user.nickname}"
+    end
+
+    test "returns 403 if requested by a non-admin" do
+      user = insert(:user)
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+        |> patch("/api/pleroma/admin/users/#{user.nickname}/credentials", %{
+          "password" => "new_password",
+          "email" => "new_email@example.com",
+          "name" => "new_name"
+        })
+
+      assert json_response(conn, :forbidden)
+    end
+  end
+
   describe "PATCH /users/:nickname/force_password_reset" do
     test "sets password_reset_pending to true", %{conn: conn} do
       user = insert(:user)
author	Ivan Tashkinov <ivantashkinov@gmail.com>	2020-03-24 22:15:37 +0300
committer	Ivan Tashkinov <ivantashkinov@gmail.com>	2020-03-24 22:15:37 +0300
commit	8f1d622b8dfaf6bf00d5f1bf6b988c12766b72ea (patch)
tree	d913b98c4a089fdf872716a861626d698cdb1e63 /test/web/admin_api/admin_api_controller_test.exs
parent	13cbb9f6ada8dcb15bb7ed12be4d88a18c5db7f7 (diff)
parent	8eebc75c152ee339bac347350266e3bc6536016b (diff)
download	pleroma-8f1d622b8dfaf6bf00d5f1bf6b988c12766b72ea.tar.gz pleroma-8f1d622b8dfaf6bf00d5f1bf6b988c12766b72ea.zip