From d198e7fa2a0c92be4e99c5a765de85096d318bfe Mon Sep 17 00:00:00 2001
From: eugenijm <eugenijm@protonmail.com>
Date: Tue, 28 Jan 2020 09:47:59 +0300
Subject: Admin API: `PATCH /api/pleroma/admin/users/:nickname/change_password`

---
 test/web/admin_api/admin_api_controller_test.exs | 26 ++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

(limited to 'test')

diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs
index e4c152fb7..0c1214f05 100644
--- a/test/web/admin_api/admin_api_controller_test.exs
+++ b/test/web/admin_api/admin_api_controller_test.exs
@@ -3389,6 +3389,32 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
     end
   end
 
+  describe "PATCH /users/:nickname/change_password" do
+    test "changes password", %{conn: conn, admin: admin} do
+      user = insert(:user)
+      assert user.password_reset_pending == false
+
+      conn =
+        patch(conn, "/api/pleroma/admin/users/#{user.nickname}/change_password", %{
+          "new_password" => "password"
+        })
+
+      assert json_response(conn, 200) == %{"status" => "success"}
+
+      ObanHelpers.perform_all()
+
+      assert User.get_by_id(user.id).password_reset_pending == true
+
+      [log_entry1, log_entry2] = ModerationLog |> Repo.all() |> Enum.sort()
+
+      assert ModerationLog.get_log_entry_message(log_entry1) ==
+               "@#{admin.nickname} changed password for users: @#{user.nickname}"
+
+      assert ModerationLog.get_log_entry_message(log_entry2) ==
+               "@#{admin.nickname} forced password reset for users: @#{user.nickname}"
+    end
+  end
+
   describe "PATCH /users/:nickname/force_password_reset" do
     test "sets password_reset_pending to true", %{conn: conn} do
       user = insert(:user)
-- 
cgit v1.2.3


From 13cce9c0debbf9a80ed5da26cb34ca563e5e1417 Mon Sep 17 00:00:00 2001
From: eugenijm <eugenijm@protonmail.com>
Date: Fri, 31 Jan 2020 21:07:46 +0300
Subject: Admin API: `PATCH /api/pleroma/admin/users/:nickname/credentials`,
 `GET /api/pleroma/admin/users/:nickname/credentials`.

---
 test/web/admin_api/admin_api_controller_test.exs | 57 +++++++++++++++++++++---
 1 file changed, 50 insertions(+), 7 deletions(-)

(limited to 'test')

diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs
index 0c1214f05..0a317cf88 100644
--- a/test/web/admin_api/admin_api_controller_test.exs
+++ b/test/web/admin_api/admin_api_controller_test.exs
@@ -3389,30 +3389,73 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
     end
   end
 
-  describe "PATCH /users/:nickname/change_password" do
-    test "changes password", %{conn: conn, admin: admin} do
+  describe "GET /users/:nickname/credentials" do
+    test "gets the user credentials", %{conn: conn} do
+      user = insert(:user)
+      conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
+
+      response = assert json_response(conn, 200)
+      assert response["email"] == user.email
+    end
+
+    test "returns 403 if requested by a non-admin" do
+      user = insert(:user)
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+        |> get("/api/pleroma/admin/users/#{user.nickname}/credentials")
+
+      assert json_response(conn, :forbidden)
+    end
+  end
+
+  describe "PATCH /users/:nickname/credentials" do
+    test "changes password and email", %{conn: conn, admin: admin} do
       user = insert(:user)
       assert user.password_reset_pending == false
 
       conn =
-        patch(conn, "/api/pleroma/admin/users/#{user.nickname}/change_password", %{
-          "new_password" => "password"
+        patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
+          "password" => "new_password",
+          "email" => "new_email@example.com",
+          "name" => "new_name"
         })
 
       assert json_response(conn, 200) == %{"status" => "success"}
 
       ObanHelpers.perform_all()
 
-      assert User.get_by_id(user.id).password_reset_pending == true
+      updated_user = User.get_by_id(user.id)
 
-      [log_entry1, log_entry2] = ModerationLog |> Repo.all() |> Enum.sort()
+      assert updated_user.email == "new_email@example.com"
+      assert updated_user.name == "new_name"
+      assert updated_user.password_hash != user.password_hash
+      assert updated_user.password_reset_pending == true
+
+      [log_entry2, log_entry1] = ModerationLog |> Repo.all() |> Enum.sort()
 
       assert ModerationLog.get_log_entry_message(log_entry1) ==
-               "@#{admin.nickname} changed password for users: @#{user.nickname}"
+               "@#{admin.nickname} updated users: @#{user.nickname}"
 
       assert ModerationLog.get_log_entry_message(log_entry2) ==
                "@#{admin.nickname} forced password reset for users: @#{user.nickname}"
     end
+
+    test "returns 403 if requested by a non-admin" do
+      user = insert(:user)
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+        |> patch("/api/pleroma/admin/users/#{user.nickname}/credentials", %{
+          "password" => "new_password",
+          "email" => "new_email@example.com",
+          "name" => "new_name"
+        })
+
+      assert json_response(conn, :forbidden)
+    end
   end
 
   describe "PATCH /users/:nickname/force_password_reset" do
-- 
cgit v1.2.3


From 15be6ba9c200b2a4ae153d26876be1b5cbb6357e Mon Sep 17 00:00:00 2001
From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
Date: Sun, 22 Mar 2020 16:38:12 +0100
Subject: AccountView: fix for other forms of <br> in bio

Closes: https://git.pleroma.social/pleroma/pleroma/issues/1643
---
 .../controllers/account_controller/update_credentials_test.exs     | 4 ++--
 test/web/mastodon_api/views/account_view_test.exs                  | 7 ++++---
 2 files changed, 6 insertions(+), 5 deletions(-)

(limited to 'test')

diff --git a/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs b/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs
index 43538cb17..51cebe567 100644
--- a/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs
@@ -76,7 +76,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
 
       conn =
         patch(conn, "/api/v1/accounts/update_credentials", %{
-          "note" => "I drink #cofe with @#{user2.nickname}"
+          "note" => "I drink #cofe with @#{user2.nickname}\n\nsuya.."
         })
 
       assert user_data = json_response(conn, 200)
@@ -84,7 +84,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
       assert user_data["note"] ==
                ~s(I drink <a class="hashtag" data-tag="cofe" href="http://localhost:4001/tag/cofe">#cofe</a> with <span class="h-card"><a data-user="#{
                  user2.id
-               }" class="u-url mention" href="#{user2.ap_id}" rel="ugc">@<span>#{user2.nickname}</span></a></span>)
+               }" class="u-url mention" href="#{user2.ap_id}" rel="ugc">@<span>#{user2.nickname}</span></a></span><br/><br/>suya..)
     end
 
     test "updates the user's locking status", %{conn: conn} do
diff --git a/test/web/mastodon_api/views/account_view_test.exs b/test/web/mastodon_api/views/account_view_test.exs
index d60ed7b64..983886c6b 100644
--- a/test/web/mastodon_api/views/account_view_test.exs
+++ b/test/web/mastodon_api/views/account_view_test.exs
@@ -32,7 +32,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
         background: background_image,
         nickname: "shp@shitposter.club",
         name: ":karjalanpiirakka: shp",
-        bio: "<script src=\"invalid-html\"></script><span>valid html</span>",
+        bio:
+          "<script src=\"invalid-html\"></script><span>valid html</span>. a<br>b<br/>c<br >d<br />f",
         inserted_at: ~N[2017-08-15 15:47:06.597036]
       })
 
@@ -46,7 +47,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
       followers_count: 3,
       following_count: 0,
       statuses_count: 5,
-      note: "<span>valid html</span>",
+      note: "<span>valid html</span>. a<br/>b<br/>c<br/>d<br/>f",
       url: user.ap_id,
       avatar: "http://localhost:4001/images/avi.png",
       avatar_static: "http://localhost:4001/images/avi.png",
@@ -63,7 +64,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
       fields: [],
       bot: false,
       source: %{
-        note: "valid html",
+        note: "valid html. a\nb\nc\nd\nf",
         sensitive: false,
         pleroma: %{
           actor_type: "Person",
-- 
cgit v1.2.3


From d1a9716a988fe9f670033ad46cc9637038fbd1e8 Mon Sep 17 00:00:00 2001
From: Egor Kislitsyn <egor@kislitsyn.com>
Date: Tue, 24 Mar 2020 17:38:18 +0400
Subject: Fix activity deletion

---
 test/web/activity_pub/activity_pub_test.exs | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'test')

diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs
index a43dd34f0..049b14498 100644
--- a/test/web/activity_pub/activity_pub_test.exs
+++ b/test/web/activity_pub/activity_pub_test.exs
@@ -1425,6 +1425,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
       assert Repo.get(Object, object.id).data["type"] == "Tombstone"
     end
 
+    test "it doesn't fail when an activity was already deleted" do
+      {:ok, delete} = insert(:note_activity) |> Object.normalize() |> ActivityPub.delete()
+
+      assert {:ok, ^delete} = delete |> Object.normalize() |> ActivityPub.delete()
+    end
+
     test "decrements user note count only for public activities" do
       user = insert(:user, note_count: 10)
 
-- 
cgit v1.2.3