4 files changed, 88 insertions, 9 deletions

diff --git a/lib/pleroma/web/api_spec/operations/report_operation.ex b/lib/pleroma/web/api_spec/operations/report_operation.ex
new file mode 100644
index 000000000..da4d50703
--- /dev/null
+++ b/lib/pleroma/web/api_spec/operations/report_operation.ex
@@ -0,0 +1,78 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ApiSpec.ReportOperation do
+  alias OpenApiSpex.Operation
+  alias OpenApiSpex.Schema
+  alias Pleroma.Web.ApiSpec.Helpers
+  alias Pleroma.Web.ApiSpec.Schemas.ApiError
+
+  def open_api_operation(action) do
+    operation = String.to_existing_atom("#{action}_operation")
+    apply(__MODULE__, operation, [])
+  end
+
+  def create_operation do
+    %Operation{
+      tags: ["reports"],
+      summary: "File a report",
+      description: "Report problematic users to your moderators",
+      operationId: "ReportController.create",
+      security: [%{"oAuth" => ["follow", "write:reports"]}],
+      requestBody: Helpers.request_body("Parameters", create_request(), required: true),
+      responses: %{
+        200 => Operation.response("Report", "application/json", create_response()),
+        400 => Operation.response("Report", "application/json", ApiError)
+      }
+    }
+  end
+
+  defp create_request do
+    %Schema{
+      title: "ReportCreateRequest",
+      description: "POST body for creating a report",
+      type: :object,
+      properties: %{
+        account_id: %Schema{type: :string, description: "ID of the account to report"},
+        status_ids: %Schema{
+          type: :array,
+          items: %Schema{type: :string},
+          description: "Array of Statuses to attach to the report, for context"
+        },
+        comment: %Schema{
+          type: :string,
+          description: "Reason for the report"
+        },
+        forward: %Schema{
+          type: :boolean,
+          default: false,
+          description:
+            "If the account is remote, should the report be forwarded to the remote admin?"
+        }
+      },
+      required: [:account_id],
+      example: %{
+        "account_id" => "123",
+        "status_ids" => ["1337"],
+        "comment" => "bad status!",
+        "forward" => "false"
+      }
+    }
+  end
+
+  defp create_response do
+    %Schema{
+      title: "ReportResponse",
+      type: :object,
+      properties: %{
+        id: %Schema{type: :string, description: "Report ID"},
+        action_taken: %Schema{type: :boolean, description: "Is action taken?"}
+      },
+      example: %{
+        "id" => "123",
+        "action_taken" => false
+      }
+    }
+  end
+end
diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex
index d1efe0c36..53ce7d425 100644
--- a/lib/pleroma/web/common_api/common_api.ex
+++ b/lib/pleroma/web/common_api/common_api.ex
@@ -380,9 +380,9 @@ defmodule Pleroma.Web.CommonAPI do
     ThreadMute.exists?(user.id, activity.data["context"])
   end
 
-  def report(user, %{"account_id" => account_id} = data) do
-    with {:ok, account} <- get_reported_account(account_id),
-         {:ok, {content_html, _, _}} <- make_report_content_html(data["comment"]),
+  def report(user, data) do
+    with {:ok, account} <- get_reported_account(data.account_id),
+         {:ok, {content_html, _, _}} <- make_report_content_html(data[:comment]),
          {:ok, statuses} <- get_report_statuses(account, data) do
       ActivityPub.flag(%{
         context: Utils.generate_context_id(),
@@ -390,13 +390,11 @@ defmodule Pleroma.Web.CommonAPI do
         account: account,
         statuses: statuses,
         content: content_html,
-        forward: data["forward"] || false
+        forward: Map.get(data, :forward, false)
       })
     end
   end
 
-  def report(_user, _params), do: {:error, dgettext("errors", "Valid `account_id` required")}
-
   defp get_reported_account(account_id) do
     case User.get_cached_by_id(account_id) do
       %User{} = account -> {:ok, account}
diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex
index 945e63e22..6540fa5d1 100644
--- a/lib/pleroma/web/common_api/utils.ex
+++ b/lib/pleroma/web/common_api/utils.ex
@@ -504,7 +504,8 @@ defmodule Pleroma.Web.CommonAPI.Utils do
     end
   end
 
-  def get_report_statuses(%User{ap_id: actor}, %{"status_ids" => status_ids}) do
+  def get_report_statuses(%User{ap_id: actor}, %{status_ids: status_ids})
+      when is_list(status_ids) do
     {:ok, Activity.all_by_actor_and_id(actor, status_ids)}
   end
 
diff --git a/lib/pleroma/web/mastodon_api/controllers/report_controller.ex b/lib/pleroma/web/mastodon_api/controllers/report_controller.ex
index f5782be13..85bd52106 100644
--- a/lib/pleroma/web/mastodon_api/controllers/report_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/report_controller.ex
@@ -9,12 +9,14 @@ defmodule Pleroma.Web.MastodonAPI.ReportController do
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
 
+  plug(OpenApiSpex.Plug.CastAndValidate, render_error: Pleroma.Web.ApiSpec.RenderError)
   plug(OAuthScopesPlug, %{scopes: ["write:reports"]} when action == :create)
-
   plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
 
+  defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.ReportOperation
+
   @doc "POST /api/v1/reports"
-  def create(%{assigns: %{user: user}} = conn, params) do
+  def create(%{assigns: %{user: user}, body_params: params} = conn, _) do
     with {:ok, activity} <- Pleroma.Web.CommonAPI.report(user, params) do
       render(conn, "show.json", activity: activity)
     end