1 files changed, 194 insertions, 22 deletions

diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs
index fa0cb71bf..42450a7b6 100644
--- a/test/web/admin_api/admin_api_controller_test.exs
+++ b/test/web/admin_api/admin_api_controller_test.exs
@@ -1,14 +1,16 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
   use Pleroma.Web.ConnCase
 
   alias Pleroma.{Repo, User}
-
   import Pleroma.Factory
-  import ExUnit.CaptureLog
 
   describe "/api/pleroma/admin/user" do
     test "Delete" do
-      admin = insert(:user, info: %{"is_admin" => true})
+      admin = insert(:user, info: %{is_admin: true})
       user = insert(:user)
 
       conn =
@@ -21,7 +23,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
     end
 
     test "Create" do
-      admin = insert(:user, info: %{"is_admin" => true})
+      admin = insert(:user, info: %{is_admin: true})
 
       conn =
         build_conn()
@@ -37,9 +39,81 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
     end
   end
 
+  describe "PUT /api/pleroma/admin/users/tag" do
+    setup do
+      admin = insert(:user, info: %{is_admin: true})
+      user1 = insert(:user, %{tags: ["x"]})
+      user2 = insert(:user, %{tags: ["y"]})
+      user3 = insert(:user, %{tags: ["unchanged"]})
+
+      conn =
+        build_conn()
+        |> assign(:user, admin)
+        |> put_req_header("accept", "application/json")
+        |> put(
+          "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
+            user2.nickname
+          }&tags[]=foo&tags[]=bar"
+        )
+
+      %{conn: conn, user1: user1, user2: user2, user3: user3}
+    end
+
+    test "it appends specified tags to users with specified nicknames", %{
+      conn: conn,
+      user1: user1,
+      user2: user2
+    } do
+      assert json_response(conn, :no_content)
+      assert Repo.get(User, user1.id).tags == ["x", "foo", "bar"]
+      assert Repo.get(User, user2.id).tags == ["y", "foo", "bar"]
+    end
+
+    test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
+      assert json_response(conn, :no_content)
+      assert Repo.get(User, user3.id).tags == ["unchanged"]
+    end
+  end
+
+  describe "DELETE /api/pleroma/admin/users/tag" do
+    setup do
+      admin = insert(:user, info: %{is_admin: true})
+      user1 = insert(:user, %{tags: ["x"]})
+      user2 = insert(:user, %{tags: ["y", "z"]})
+      user3 = insert(:user, %{tags: ["unchanged"]})
+
+      conn =
+        build_conn()
+        |> assign(:user, admin)
+        |> put_req_header("accept", "application/json")
+        |> delete(
+          "/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=#{
+            user2.nickname
+          }&tags[]=x&tags[]=z"
+        )
+
+      %{conn: conn, user1: user1, user2: user2, user3: user3}
+    end
+
+    test "it removes specified tags from users with specified nicknames", %{
+      conn: conn,
+      user1: user1,
+      user2: user2
+    } do
+      assert json_response(conn, :no_content)
+      assert Repo.get(User, user1.id).tags == []
+      assert Repo.get(User, user2.id).tags == ["y"]
+    end
+
+    test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
+      assert json_response(conn, :no_content)
+      assert Repo.get(User, user3.id).tags == ["unchanged"]
+    end
+  end
+
   describe "/api/pleroma/admin/permission_group" do
     test "GET is giving user_info" do
-      admin = insert(:user, info: %{"is_admin" => true})
+      admin = insert(:user, info: %{is_admin: true})
 
       conn =
         build_conn()
@@ -47,33 +121,30 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
         |> put_req_header("accept", "application/json")
         |> get("/api/pleroma/admin/permission_group/#{admin.nickname}")
 
-      assert json_response(conn, 200) == admin.info
+      assert json_response(conn, 200) == %{
+               "is_admin" => true,
+               "is_moderator" => false
+             }
     end
 
     test "/:right POST, can add to a permission group" do
-      admin = insert(:user, info: %{"is_admin" => true})
+      admin = insert(:user, info: %{is_admin: true})
       user = insert(:user)
 
-      user_info =
-        user.info
-        |> Map.put("is_admin", true)
-
       conn =
         build_conn()
         |> assign(:user, admin)
         |> put_req_header("accept", "application/json")
         |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
 
-      assert json_response(conn, 200) == user_info
+      assert json_response(conn, 200) == %{
+               "is_admin" => true
+             }
     end
 
     test "/:right DELETE, can remove from a permission group" do
-      admin = insert(:user, info: %{"is_admin" => true})
-      user = insert(:user, info: %{"is_admin" => true})
-
-      user_info =
-        user.info
-        |> Map.put("is_admin", false)
+      admin = insert(:user, info: %{is_admin: true})
+      user = insert(:user, info: %{is_admin: true})
 
       conn =
         build_conn()
@@ -81,12 +152,113 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
         |> put_req_header("accept", "application/json")
         |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin")
 
-      assert json_response(conn, 200) == user_info
+      assert json_response(conn, 200) == %{
+               "is_admin" => false
+             }
+    end
+  end
+
+  describe "POST /api/pleroma/admin/email_invite, with valid config" do
+    setup do
+      registrations_open = Pleroma.Config.get([:instance, :registrations_open])
+      invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
+      Pleroma.Config.put([:instance, :registrations_open], false)
+      Pleroma.Config.put([:instance, :invites_enabled], true)
+
+      on_exit(fn ->
+        Pleroma.Config.put([:instance, :registrations_open], registrations_open)
+        Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
+        :ok
+      end)
+
+      [user: insert(:user, info: %{is_admin: true})]
+    end
+
+    test "sends invitation and returns 204", %{conn: conn, user: user} do
+      recipient_email = "foo@bar.com"
+      recipient_name = "J. D."
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
+
+      assert json_response(conn, :no_content)
+
+      token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
+      assert token_record
+      refute token_record.used
+
+      Swoosh.TestAssertions.assert_email_sent(
+        Pleroma.UserEmail.user_invitation_email(
+          user,
+          token_record,
+          recipient_email,
+          recipient_name
+        )
+      )
+    end
+
+    test "it returns 403 if requested by a non-admin", %{conn: conn} do
+      non_admin_user = insert(:user)
+
+      conn =
+        conn
+        |> assign(:user, non_admin_user)
+        |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
+
+      assert json_response(conn, :forbidden)
+    end
+  end
+
+  describe "POST /api/pleroma/admin/email_invite, with invalid config" do
+    setup do
+      [user: insert(:user, info: %{is_admin: true})]
+    end
+
+    test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
+      registrations_open = Pleroma.Config.get([:instance, :registrations_open])
+      invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
+      Pleroma.Config.put([:instance, :registrations_open], false)
+      Pleroma.Config.put([:instance, :invites_enabled], false)
+
+      on_exit(fn ->
+        Pleroma.Config.put([:instance, :registrations_open], registrations_open)
+        Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
+        :ok
+      end)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
+
+      assert json_response(conn, :internal_server_error)
+    end
+
+    test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
+      registrations_open = Pleroma.Config.get([:instance, :registrations_open])
+      invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
+      Pleroma.Config.put([:instance, :registrations_open], true)
+      Pleroma.Config.put([:instance, :invites_enabled], true)
+
+      on_exit(fn ->
+        Pleroma.Config.put([:instance, :registrations_open], registrations_open)
+        Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
+        :ok
+      end)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
+
+      assert json_response(conn, :internal_server_error)
     end
   end
 
   test "/api/pleroma/admin/invite_token" do
-    admin = insert(:user, info: %{"is_admin" => true})
+    admin = insert(:user, info: %{is_admin: true})
 
     conn =
       build_conn()
@@ -98,8 +270,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
   end
 
   test "/api/pleroma/admin/password_reset" do
-    admin = insert(:user, info: %{"is_admin" => true})
-    user = insert(:user, info: %{"is_admin" => true})
+    admin = insert(:user, info: %{is_admin: true})
+    user = insert(:user)
 
     conn =
       build_conn()