From c2be0da79fcc95399647b292e0b9a4119d3dcdf1 Mon Sep 17 00:00:00 2001
From: eugenijm <eugenijm@protonmail.com>
Date: Mon, 18 May 2020 22:56:09 +0300
Subject: Admin API: fix `GET /api/pleroma/admin/users/:nickname/credentials`
 returning 404 when getting the credentials of a remote user while `:instance,
 :limit_to_local_content` is set to `:unauthenticated`

---
 test/web/admin_api/controllers/admin_api_controller_test.exs | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'test/web/admin_api')

diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs
index 48fb108ec..c2433f23c 100644
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@@ -1514,6 +1514,15 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
     end
   end
 
+  test "gets a remote users when [:instance, :limit_to_local_content] is set to :unauthenticated",
+       %{conn: conn} do
+    clear_config(Pleroma.Config.get([:instance, :limit_to_local_content]), :unauthenticated)
+    user = insert(:user, %{local: false, nickname: "u@peer1.com"})
+    conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
+
+    assert json_response(conn, 200)
+  end
+
   describe "GET /users/:nickname/credentials" do
     test "gets the user credentials", %{conn: conn} do
       user = insert(:user)
-- 
cgit v1.2.3


From cf3f8cb72a46f0c8c798d4022cff442fae4ab401 Mon Sep 17 00:00:00 2001
From: Ivan Tashkinov <ivantashkinov@gmail.com>
Date: Sun, 19 Jul 2020 21:35:57 +0300
Subject: [#1940] Reinstated OAuth-less `admin_token` authentication.
 Refactored UserIsAdminPlug (freed from checking admin scopes presence).

---
 test/web/admin_api/controllers/admin_api_controller_test.exs | 10 ++++++++++
 test/web/admin_api/controllers/report_controller_test.exs    |  2 +-
 2 files changed, 11 insertions(+), 1 deletion(-)

(limited to 'test/web/admin_api')

diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs
index c2433f23c..da91cd552 100644
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@@ -41,6 +41,16 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
     {:ok, %{admin: admin, token: token, conn: conn}}
   end
 
+  test "with valid `admin_token` query parameter, skips OAuth scopes check" do
+    clear_config([:admin_token], "password123")
+
+    user = insert(:user)
+
+    conn = get(build_conn(), "/api/pleroma/admin/users/#{user.nickname}?admin_token=password123")
+
+    assert json_response(conn, 200)
+  end
+
   describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
     setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
 
diff --git a/test/web/admin_api/controllers/report_controller_test.exs b/test/web/admin_api/controllers/report_controller_test.exs
index 940bce340..f30dc8956 100644
--- a/test/web/admin_api/controllers/report_controller_test.exs
+++ b/test/web/admin_api/controllers/report_controller_test.exs
@@ -297,7 +297,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
         |> get("/api/pleroma/admin/reports")
 
       assert json_response(conn, :forbidden) ==
-               %{"error" => "User is not an admin or OAuth admin scope is not granted."}
+               %{"error" => "User is not an admin."}
     end
 
     test "returns 403 when requested by anonymous" do
-- 
cgit v1.2.3


From 124b4709dcf12a417f5164e53ef3ba67e538d4c7 Mon Sep 17 00:00:00 2001
From: Ivan Tashkinov <ivantashkinov@gmail.com>
Date: Tue, 14 Jul 2020 19:31:05 +0300
Subject: [#1940] Added `admin_token` param (as `admin_api_params/0`) to
 existing Admin API OpenAPI operations.

---
 test/web/admin_api/controllers/config_controller_test.exs | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'test/web/admin_api')

diff --git a/test/web/admin_api/controllers/config_controller_test.exs b/test/web/admin_api/controllers/config_controller_test.exs
index 064ef9bc7..61bc9fd39 100644
--- a/test/web/admin_api/controllers/config_controller_test.exs
+++ b/test/web/admin_api/controllers/config_controller_test.exs
@@ -152,6 +152,14 @@ defmodule Pleroma.Web.AdminAPI.ConfigControllerTest do
       assert emoji_val[:groups] == [a: 1, b: 2]
       assert assets_val[:mascots] == [a: 1, b: 2]
     end
+
+    test "with valid `admin_token` query parameter, skips OAuth scopes check" do
+      clear_config([:admin_token], "password123")
+
+      build_conn()
+      |> get("/api/pleroma/admin/config?admin_token=password123")
+      |> json_response_and_validate_schema(200)
+    end
   end
 
   test "POST /api/pleroma/admin/config error", %{conn: conn} do
-- 
cgit v1.2.3