diff options
| author | Ivan Tashkinov <ivantashkinov@gmail.com> | 2020-07-19 20:05:37 +0300 |
|---|---|---|
| committer | Ivan Tashkinov <ivantashkinov@gmail.com> | 2020-07-19 20:05:37 +0300 |
| commit | bdf57b8ef438f32999ef917777b13161320644a8 (patch) | |
| tree | b72dc8ce2621eeb25e14504d6ce73c6657fac571 /test/web/admin_api/controllers | |
| parent | 9faa63203717e71d666afb6755ff0b781b491823 (diff) | |
| parent | f0d13fc3f7d0e9b58cfe1cd8918072d45d656a31 (diff) | |
| download | pleroma-bdf57b8ef438f32999ef917777b13161320644a8.tar.gz pleroma-bdf57b8ef438f32999ef917777b13161320644a8.zip | |
Merge remote-tracking branch 'remotes/origin/develop' into 2168-media-preview-proxy
# Conflicts:
# config/config.exs
# lib/pleroma/web/media_proxy/media_proxy.ex
# mix.lock
# test/web/media_proxy/media_proxy_test.exs
Diffstat (limited to 'test/web/admin_api/controllers')
3 files changed, 28 insertions, 1 deletions
diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs index 48fb108ec..da91cd552 100644 --- a/test/web/admin_api/controllers/admin_api_controller_test.exs +++ b/test/web/admin_api/controllers/admin_api_controller_test.exs @@ -41,6 +41,16 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do {:ok, %{admin: admin, token: token, conn: conn}} end + test "with valid `admin_token` query parameter, skips OAuth scopes check" do + clear_config([:admin_token], "password123") + + user = insert(:user) + + conn = get(build_conn(), "/api/pleroma/admin/users/#{user.nickname}?admin_token=password123") + + assert json_response(conn, 200) + end + describe "with [:auth, :enforce_oauth_admin_scope_usage]," do setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true) @@ -1514,6 +1524,15 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do end end + test "gets a remote users when [:instance, :limit_to_local_content] is set to :unauthenticated", + %{conn: conn} do + clear_config(Pleroma.Config.get([:instance, :limit_to_local_content]), :unauthenticated) + user = insert(:user, %{local: false, nickname: "u@peer1.com"}) + conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials") + + assert json_response(conn, 200) + end + describe "GET /users/:nickname/credentials" do test "gets the user credentials", %{conn: conn} do user = insert(:user) diff --git a/test/web/admin_api/controllers/config_controller_test.exs b/test/web/admin_api/controllers/config_controller_test.exs index 064ef9bc7..61bc9fd39 100644 --- a/test/web/admin_api/controllers/config_controller_test.exs +++ b/test/web/admin_api/controllers/config_controller_test.exs @@ -152,6 +152,14 @@ defmodule Pleroma.Web.AdminAPI.ConfigControllerTest do assert emoji_val[:groups] == [a: 1, b: 2] assert assets_val[:mascots] == [a: 1, b: 2] end + + test "with valid `admin_token` query parameter, skips OAuth scopes check" do + clear_config([:admin_token], "password123") + + build_conn() + |> get("/api/pleroma/admin/config?admin_token=password123") + |> json_response_and_validate_schema(200) + end end test "POST /api/pleroma/admin/config error", %{conn: conn} do diff --git a/test/web/admin_api/controllers/report_controller_test.exs b/test/web/admin_api/controllers/report_controller_test.exs index 940bce340..f30dc8956 100644 --- a/test/web/admin_api/controllers/report_controller_test.exs +++ b/test/web/admin_api/controllers/report_controller_test.exs @@ -297,7 +297,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do |> get("/api/pleroma/admin/reports") assert json_response(conn, :forbidden) == - %{"error" => "User is not an admin or OAuth admin scope is not granted."} + %{"error" => "User is not an admin."} end test "returns 403 when requested by anonymous" do |