diff options
| -rw-r--r-- | lib/pleroma/user.ex | 28 | ||||
| -rw-r--r-- | lib/pleroma/user/info.ex | 2 | ||||
| -rw-r--r-- | test/user_test.exs | 79 |
3 files changed, 97 insertions, 12 deletions
diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 8edf1c730..7c2849ce2 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -44,20 +44,28 @@ defmodule Pleroma.User do timestamps() end - def auth_active?(%User{} = user) do - (user.info && !user.info.confirmation_pending) || - !Pleroma.Config.get([:instance, :account_activation_required]) - end + def auth_active?(%User{local: false}), do: true + + def auth_active?(%User{info: %User.Info{confirmation_pending: false}}), do: true + + def auth_active?(%User{info: %User.Info{confirmation_pending: true}}), + do: !Pleroma.Config.get([:instance, :account_activation_required]) - def remote_or_auth_active?(%User{} = user), do: !user.local || auth_active?(user) + def auth_active?(_), do: false - def visible_for?(%User{} = user, for_user \\ nil) do - User.remote_or_auth_active?(user) || (for_user && for_user.id == user.id) || - User.superuser?(for_user) + def visible_for?(user, for_user \\ nil) + + def visible_for?(%User{id: user_id}, %User{id: for_id}) when user_id == for_id, do: true + + def visible_for?(%User{} = user, for_user) do + auth_active?(user) || superuser?(for_user) end - def superuser?(nil), do: false - def superuser?(%User{} = user), do: user.info && User.Info.superuser?(user.info) + def visible_for?(_, _), do: false + + def superuser?(%User{local: true, info: %User.Info{is_admin: true}}), do: true + def superuser?(%User{local: true, info: %User.Info{is_moderator: true}}), do: true + def superuser?(_), do: false def avatar_url(user) do case user.avatar do diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index 2f419a5a2..7c79dfcff 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -41,8 +41,6 @@ defmodule Pleroma.User.Info do # subject _> Where is this used? end - def superuser?(info), do: info.is_admin || info.is_moderator - def set_activation_status(info, deactivated) do params = %{deactivated: deactivated} diff --git a/test/user_test.exs b/test/user_test.exs index f8ef2b1dc..541252539 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -784,4 +784,83 @@ defmodule Pleroma.UserTest do |> Map.put(:search_distance, nil) end end + + test "auth_active?/1 works correctly" do + Pleroma.Config.put([:instance, :account_activation_required], true) + + local_user = insert(:user, local: true, info: %{confirmation_pending: true}) + confirmed_user = insert(:user, local: true, info: %{confirmation_pending: false}) + remote_user = insert(:user, local: false) + + refute User.auth_active?(local_user) + assert User.auth_active?(confirmed_user) + assert User.auth_active?(remote_user) + + Pleroma.Config.put([:instance, :account_activation_required], false) + end + + describe "superuser?/1" do + test "returns false for unprivileged users" do + user = insert(:user, local: true) + + refute User.superuser?(user) + end + + test "returns false for remote users" do + user = insert(:user, local: false) + remote_admin_user = insert(:user, local: false, info: %{is_admin: true}) + + refute User.superuser?(user) + refute User.superuser?(remote_admin_user) + end + + test "returns true for local moderators" do + user = insert(:user, local: true, info: %{is_moderator: true}) + + assert User.superuser?(user) + end + + test "returns true for local admins" do + user = insert(:user, local: true, info: %{is_admin: true}) + + assert User.superuser?(user) + end + end + + describe "visible_for?/2" do + test "returns true when the account is itself" do + user = insert(:user, local: true) + + assert User.visible_for?(user, user) + end + + test "returns false when the account is unauthenticated and auth is required" do + Pleroma.Config.put([:instance, :account_activation_required], true) + + user = insert(:user, local: true, info: %{confirmation_pending: true}) + other_user = insert(:user, local: true) + + refute User.visible_for?(user, other_user) + + Pleroma.Config.put([:instance, :account_activation_required], false) + end + + test "returns true when the account is unauthenticated and auth is not required" do + user = insert(:user, local: true, info: %{confirmation_pending: true}) + other_user = insert(:user, local: true) + + assert User.visible_for?(user, other_user) + end + + test "returns true when the account is unauthenticated and being viewed by a privileged account (auth required)" do + Pleroma.Config.put([:instance, :account_activation_required], true) + + user = insert(:user, local: true, info: %{confirmation_pending: true}) + other_user = insert(:user, local: true, info: %{is_admin: true}) + + assert User.visible_for?(user, other_user) + + Pleroma.Config.put([:instance, :account_activation_required], false) + end + end end |