commit: 34adea8d28cec91f03047989cbbaaf0b402c3a55
parent a1c8aa4721de8f5edd7d69dcd745586df23f5a31
Author: Ilja <ilja@ilja.space>
Date: Sun, 19 Jun 2022 11:05:09 +0200
Add Pleroma.User.all_users_with_privilege/1
This should eventually replace the Pleroma.User.all_superusers/0 function
* I added a new param `is_privileged` in User.query
* Now we can fetch all users with a specified privilege
Diffstat:
4 files changed, 225 insertions(+), 1 deletion(-)
diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
@@ -2205,6 +2205,11 @@ defmodule Pleroma.User do
|> Repo.all()
end
+ @spec all_users_with_privilege(atom()) :: [User.t()]
+ def all_users_with_privilege(privilege) do
+ User.Query.build(%{is_privileged: privilege}) |> Repo.all()
+ end
+
def muting_reblogs?(%User{} = user, %User{} = target) do
UserRelationship.reblog_mute_exists?(user, target)
end
diff --git a/lib/pleroma/user/query.ex b/lib/pleroma/user/query.ex
@@ -29,6 +29,7 @@ defmodule Pleroma.User.Query do
import Ecto.Query
import Pleroma.Web.Utils.Guards, only: [not_empty_string: 1]
+ alias Pleroma.Config
alias Pleroma.FollowingRelationship
alias Pleroma.User
@@ -49,6 +50,7 @@ defmodule Pleroma.User.Query do
is_suggested: boolean(),
is_discoverable: boolean(),
super_users: boolean(),
+ is_privileged: atom(),
invisible: boolean(),
internal: boolean(),
followers: User.t(),
@@ -136,6 +138,43 @@ defmodule Pleroma.User.Query do
)
end
+ defp compose_query({:is_privileged, privilege}, query) do
+ moderator_privileged = privilege in Config.get([:instance, :moderator_privileges])
+ admin_privileged = privilege in Config.get([:instance, :admin_privileges])
+
+ query = compose_query({:active, true}, query)
+ query = compose_query({:local, true}, query)
+
+ case {admin_privileged, moderator_privileged} do
+ {false, false} ->
+ where(
+ query,
+ false
+ )
+
+ {true, true} ->
+ where(
+ query,
+ [u],
+ u.is_admin or u.is_moderator
+ )
+
+ {true, false} ->
+ where(
+ query,
+ [u],
+ u.is_admin
+ )
+
+ {false, true} ->
+ where(
+ query,
+ [u],
+ u.is_moderator
+ )
+ end
+ end
+
defp compose_query({:local, _}, query), do: location_query(query, true)
defp compose_query({:external, _}, query), do: location_query(query, false)
diff --git a/test/pleroma/user/query_test.exs b/test/pleroma/user/query_test.exs
@@ -3,7 +3,7 @@
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.User.QueryTest do
- use Pleroma.DataCase, async: true
+ use Pleroma.DataCase, async: false
alias Pleroma.Repo
alias Pleroma.User
@@ -44,4 +44,94 @@ defmodule Pleroma.User.QueryTest do
|> User.Query.build()
|> Repo.all()
end
+
+ describe "is_privileged param" do
+ setup do
+ %{
+ user: insert(:user, local: true, is_admin: false, is_moderator: false),
+ moderator_user: insert(:user, local: true, is_admin: false, is_moderator: true),
+ admin_user: insert(:user, local: true, is_admin: true, is_moderator: false),
+ admin_moderator_user: insert(:user, local: true, is_admin: true, is_moderator: true),
+ remote_user: insert(:user, local: false, is_admin: true, is_moderator: true),
+ non_active_user:
+ insert(:user, local: true, is_admin: true, is_moderator: true, is_active: false)
+ }
+ end
+
+ test "doesn't return any users when there are no privileged roles", %{
+ user: user,
+ moderator_user: moderator_user,
+ admin_user: admin_user,
+ admin_moderator_user: admin_moderator_user,
+ remote_user: remote_user,
+ non_active_user: non_active_user
+ } do
+ clear_config([:instance, :admin_privileges], [])
+ clear_config([:instance, :moderator_privileges], [])
+
+ refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ end
+
+ test "returns moderator users if they are privileged", %{
+ user: user,
+ moderator_user: moderator_user,
+ admin_user: admin_user,
+ admin_moderator_user: admin_moderator_user,
+ remote_user: remote_user,
+ non_active_user: non_active_user
+ } do
+ clear_config([:instance, :admin_privileges], [])
+ clear_config([:instance, :moderator_privileges], [:cofe])
+
+ refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ assert moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ assert admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ end
+
+ test "returns admin users if they are privileged", %{
+ user: user,
+ moderator_user: moderator_user,
+ admin_user: admin_user,
+ admin_moderator_user: admin_moderator_user,
+ remote_user: remote_user,
+ non_active_user: non_active_user
+ } do
+ clear_config([:instance, :admin_privileges], [:cofe])
+ clear_config([:instance, :moderator_privileges], [])
+
+ refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ assert admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ assert admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ end
+
+ test "returns admin and moderator users if they are both privileged", %{
+ user: user,
+ moderator_user: moderator_user,
+ admin_user: admin_user,
+ admin_moderator_user: admin_moderator_user,
+ remote_user: remote_user,
+ non_active_user: non_active_user
+ } do
+ clear_config([:instance, :admin_privileges], [:cofe])
+ clear_config([:instance, :moderator_privileges], [:cofe])
+
+ refute user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ assert admin_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ assert moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ assert admin_moderator_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute remote_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ refute non_active_user in (User.Query.build(%{is_privileged: :cofe}) |> Repo.all())
+ end
+ end
end
diff --git a/test/pleroma/user_test.exs b/test/pleroma/user_test.exs
@@ -1972,6 +1972,96 @@ defmodule Pleroma.UserTest do
end
end
+ describe "all_users_with_privilege/1" do
+ setup do
+ %{
+ user: insert(:user, local: true, is_admin: false, is_moderator: false),
+ moderator_user: insert(:user, local: true, is_admin: false, is_moderator: true),
+ admin_user: insert(:user, local: true, is_admin: true, is_moderator: false),
+ admin_moderator_user: insert(:user, local: true, is_admin: true, is_moderator: true),
+ remote_user: insert(:user, local: false, is_admin: true, is_moderator: true),
+ non_active_user:
+ insert(:user, local: true, is_admin: true, is_moderator: true, is_active: false)
+ }
+ end
+
+ test "doesn't return any users when there are no privileged roles", %{
+ user: user,
+ moderator_user: moderator_user,
+ admin_user: admin_user,
+ admin_moderator_user: admin_moderator_user,
+ remote_user: remote_user,
+ non_active_user: non_active_user
+ } do
+ clear_config([:instance, :admin_privileges], [])
+ clear_config([:instance, :moderator_privileges], [])
+
+ refute user in User.all_users_with_privilege(:cofe)
+ refute admin_user in User.all_users_with_privilege(:cofe)
+ refute moderator_user in User.all_users_with_privilege(:cofe)
+ refute admin_moderator_user in User.all_users_with_privilege(:cofe)
+ refute remote_user in User.all_users_with_privilege(:cofe)
+ refute non_active_user in User.all_users_with_privilege(:cofe)
+ end
+
+ test "returns moderator users if they are privileged", %{
+ user: user,
+ moderator_user: moderator_user,
+ admin_user: admin_user,
+ admin_moderator_user: admin_moderator_user,
+ remote_user: remote_user,
+ non_active_user: non_active_user
+ } do
+ clear_config([:instance, :admin_privileges], [])
+ clear_config([:instance, :moderator_privileges], [:cofe])
+
+ refute user in User.all_users_with_privilege(:cofe)
+ refute admin_user in User.all_users_with_privilege(:cofe)
+ assert moderator_user in User.all_users_with_privilege(:cofe)
+ assert admin_moderator_user in User.all_users_with_privilege(:cofe)
+ refute remote_user in User.all_users_with_privilege(:cofe)
+ refute non_active_user in User.all_users_with_privilege(:cofe)
+ end
+
+ test "returns admin users if they are privileged", %{
+ user: user,
+ moderator_user: moderator_user,
+ admin_user: admin_user,
+ admin_moderator_user: admin_moderator_user,
+ remote_user: remote_user,
+ non_active_user: non_active_user
+ } do
+ clear_config([:instance, :admin_privileges], [:cofe])
+ clear_config([:instance, :moderator_privileges], [])
+
+ refute user in User.all_users_with_privilege(:cofe)
+ assert admin_user in User.all_users_with_privilege(:cofe)
+ refute moderator_user in User.all_users_with_privilege(:cofe)
+ assert admin_moderator_user in User.all_users_with_privilege(:cofe)
+ refute remote_user in User.all_users_with_privilege(:cofe)
+ refute non_active_user in User.all_users_with_privilege(:cofe)
+ end
+
+ test "returns admin and moderator users if they are both privileged", %{
+ user: user,
+ moderator_user: moderator_user,
+ admin_user: admin_user,
+ admin_moderator_user: admin_moderator_user,
+ remote_user: remote_user,
+ non_active_user: non_active_user
+ } do
+ clear_config([:instance, :admin_privileges], [:cofe])
+ clear_config([:instance, :moderator_privileges], [:cofe])
+
+ refute user in User.all_users_with_privilege(:cofe)
+ assert admin_user in User.all_users_with_privilege(:cofe)
+ assert moderator_user in User.all_users_with_privilege(:cofe)
+ assert admin_moderator_user in User.all_users_with_privilege(:cofe)
+ refute remote_user in User.all_users_with_privilege(:cofe)
+ refute non_active_user in User.all_users_with_privilege(:cofe)
+ end
+ end
+
describe "parse_bio/2" do
test "preserves hosts in user links text" do
remote_user = insert(:user, local: false, nickname: "nick@domain.com")
