commit: bfe27c1b557b19c171c8168c5f1244987246c47f
parent: acec11626d2bb61c3728d634b04ac5afeaf4b17b
Author: href <href+git-pleroma@random.sh>
Date: Fri, 14 Dec 2018 20:22:24 +0000
Merge branch '114_email_invites' into 'develop'
[#114] Email invites
See merge request pleroma/pleroma!541
Diffstat:
7 files changed, 145 insertions(+), 2 deletions(-)
diff --git a/config/config.md b/config/config.md
@@ -67,7 +67,8 @@ config :pleroma, Pleroma.Mailer,
* `avatar_upload_limit`: File size limit of user’s profile avatars
* `background_upload_limit`: File size limit of user’s profile backgrounds
* `banner_upload_limit`: File size limit of user’s profile banners
-* `registrations_open`: Enable registrations for anyone, invitations can be used when false.
+* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false.
+* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`).
* `federating`: Enable federation with other instances
* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance
* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default:
diff --git a/lib/pleroma/emails/user_email.ex b/lib/pleroma/emails/user_email.ex
@@ -37,4 +37,30 @@ defmodule Pleroma.UserEmail do
|> subject("Password reset")
|> html_body(html_body)
end
+
+ def user_invitation_email(
+ user,
+ %Pleroma.UserInviteToken{} = user_invite_token,
+ to_email,
+ to_name \\ nil
+ ) do
+ registration_url =
+ Router.Helpers.redirect_url(
+ Endpoint,
+ :registration_page,
+ user_invite_token.token
+ )
+
+ html_body = """
+ <h3>You are invited to #{instance_name()}</h3>
+ <p>#{user.name} invites you to join #{instance_name()}, an instance of Pleroma federated social networking platform.</p>
+ <p>Click the following link to register: <a href="#{registration_url}">accept invitation</a>.</p>
+ """
+
+ new()
+ |> to(recipient(to_email, to_name))
+ |> from(sender())
+ |> subject("Invitation to #{instance_name()}")
+ |> html_body(html_body)
+ end
end
diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex
@@ -147,6 +147,19 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
end
end
+ @doc "Sends registration invite via email"
+ def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params) do
+ with true <-
+ Pleroma.Config.get([:instance, :invites_enabled]) &&
+ !Pleroma.Config.get([:instance, :registrations_open]),
+ {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(),
+ email <-
+ Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]),
+ {:ok, _} <- Pleroma.Mailer.deliver(email) do
+ json_response(conn, :no_content, "")
+ end
+ end
+
@doc "Get a account registeration invite token (base64 string)"
def get_invite_token(conn, _params) do
{:ok, token} = Pleroma.UserInviteToken.create_token()
diff --git a/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex b/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex
@@ -132,6 +132,7 @@ defmodule Pleroma.Web.Nodeinfo.NodeinfoController do
banner: Keyword.get(instance, :banner_upload_limit),
background: Keyword.get(instance, :background_upload_limit)
},
+ invitesEnabled: Keyword.get(instance, :invites_enabled, false),
features: features
}
}
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
@@ -117,6 +117,8 @@ defmodule Pleroma.Web.Router do
delete("/relay", AdminAPIController, :relay_unfollow)
get("/invite_token", AdminAPIController, :get_invite_token)
+ post("/email_invite", AdminAPIController, :email_invite)
+
get("/password_reset", AdminAPIController, :get_password_reset)
end
diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex
@@ -173,7 +173,8 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
uploadlimit: uploadlimit,
closed: if(Keyword.get(instance, :registrations_open), do: "0", else: "1"),
private: if(Keyword.get(instance, :public, true), do: "0", else: "1"),
- vapidPublicKey: vapid_public_key
+ vapidPublicKey: vapid_public_key,
+ invitesEnabled: if(Keyword.get(instance, :invites_enabled, false), do: "1", else: "0")
}
pleroma_fe = %{
diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs
@@ -154,6 +154,105 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
end
end
+ describe "POST /api/pleroma/admin/email_invite, with valid config" do
+ setup do
+ registrations_open = Pleroma.Config.get([:instance, :registrations_open])
+ invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
+ Pleroma.Config.put([:instance, :registrations_open], false)
+ Pleroma.Config.put([:instance, :invites_enabled], true)
+
+ on_exit(fn ->
+ Pleroma.Config.put([:instance, :registrations_open], registrations_open)
+ Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
+ :ok
+ end)
+
+ [user: insert(:user, info: %{is_admin: true})]
+ end
+
+ test "sends invitation and returns 204", %{conn: conn, user: user} do
+ recipient_email = "foo@bar.com"
+ recipient_name = "J. D."
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}")
+
+ assert json_response(conn, :no_content)
+
+ token_record = List.last(Pleroma.Repo.all(Pleroma.UserInviteToken))
+ assert token_record
+ refute token_record.used
+
+ Swoosh.TestAssertions.assert_email_sent(
+ Pleroma.UserEmail.user_invitation_email(
+ user,
+ token_record,
+ recipient_email,
+ recipient_name
+ )
+ )
+ end
+
+ test "it returns 403 if requested by a non-admin", %{conn: conn} do
+ non_admin_user = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, non_admin_user)
+ |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
+
+ assert json_response(conn, :forbidden)
+ end
+ end
+
+ describe "POST /api/pleroma/admin/email_invite, with invalid config" do
+ setup do
+ [user: insert(:user, info: %{is_admin: true})]
+ end
+
+ test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: user} do
+ registrations_open = Pleroma.Config.get([:instance, :registrations_open])
+ invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
+ Pleroma.Config.put([:instance, :registrations_open], false)
+ Pleroma.Config.put([:instance, :invites_enabled], false)
+
+ on_exit(fn ->
+ Pleroma.Config.put([:instance, :registrations_open], registrations_open)
+ Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
+ :ok
+ end)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
+
+ assert json_response(conn, :internal_server_error)
+ end
+
+ test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: user} do
+ registrations_open = Pleroma.Config.get([:instance, :registrations_open])
+ invites_enabled = Pleroma.Config.get([:instance, :invites_enabled])
+ Pleroma.Config.put([:instance, :registrations_open], true)
+ Pleroma.Config.put([:instance, :invites_enabled], true)
+
+ on_exit(fn ->
+ Pleroma.Config.put([:instance, :registrations_open], registrations_open)
+ Pleroma.Config.put([:instance, :invites_enabled], invites_enabled)
+ :ok
+ end)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD")
+
+ assert json_response(conn, :internal_server_error)
+ end
+ end
+
test "/api/pleroma/admin/invite_token" do
admin = insert(:user, info: %{is_admin: true})
