aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG.md1
-rw-r--r--docs/API/admin_api.md6
-rw-r--r--lib/pleroma/moderation_log.ex11
-rw-r--r--lib/pleroma/web/admin_api/admin_api_controller.ex12
-rw-r--r--lib/pleroma/web/router.ex2
-rw-r--r--test/web/admin_api/admin_api_controller_test.exs2
6 files changed, 26 insertions, 8 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 77edf7bf0..85079512a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -67,6 +67,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Mastodon API: Add `pleroma.direct_conversation_id` to the status endpoint (`GET /api/v1/statuses/:id`)
- Mastodon API: Mark the direct conversation as read for the author when they send a new direct message
- Deprecated `User.Info` embedded schema (fields moved to `User`)
+- **Breaking** Admin API: `PATCH /api/pleroma/admin/users/:nickname/force_password_reset` is now `PATCH /api/pleroma/admin/users/force_password_reset` (accepts `nicknames` array in the request body)
- Store status data inside Flag activity
</details>
diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md
index e64ae6429..c042b08ac 100644
--- a/docs/API/admin_api.md
+++ b/docs/API/admin_api.md
@@ -392,13 +392,13 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret
}
```
-
-## `/api/pleroma/admin/users/:nickname/force_password_reset`
+## `/api/pleroma/admin/users/force_password_reset`
### Force passord reset for a user with a given nickname
- Methods: `PATCH`
-- Params: none
+- Params:
+ - `nicknames`
- Response: none (code `204`)
## `/api/pleroma/admin/reports`
diff --git a/lib/pleroma/moderation_log.ex b/lib/pleroma/moderation_log.ex
index 9dc4a94c9..ffa5dc25d 100644
--- a/lib/pleroma/moderation_log.ex
+++ b/lib/pleroma/moderation_log.ex
@@ -616,6 +616,17 @@ defmodule Pleroma.ModerationLog do
"@#{actor_nickname} deleted status ##{subject_id}"
end
+ @spec get_log_entry_message(ModerationLog) :: String.t()
+ def get_log_entry_message(%ModerationLog{
+ data: %{
+ "actor" => %{"nickname" => actor_nickname},
+ "action" => "force_password_reset",
+ "subject" => subjects
+ }
+ }) do
+ "@#{actor_nickname} force password reset for users: #{users_to_nicknames_string(subjects)}"
+ end
+
defp nicknames_to_string(nicknames) do
nicknames
|> Enum.map(&"@#{&1}")
diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex
index b47618bde..30fc01755 100644
--- a/lib/pleroma/web/admin_api/admin_api_controller.ex
+++ b/lib/pleroma/web/admin_api/admin_api_controller.ex
@@ -607,10 +607,16 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
end
@doc "Force password reset for a given user"
- def force_password_reset(conn, %{"nickname" => nickname}) do
- (%User{local: true} = user) = User.get_cached_by_nickname(nickname)
+ def force_password_reset(%{assigns: %{user: admin}} = conn, %{"nicknames" => nicknames}) do
+ users = nicknames |> Enum.map(&User.get_cached_by_nickname/1)
- User.force_password_reset_async(user)
+ Enum.map(users, &User.force_password_reset_async/1)
+
+ ModerationLog.insert_log(%{
+ actor: admin,
+ subject: users,
+ action: "force_password_reset"
+ })
json_response(conn, :no_content, "")
end
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index f69c5c2bc..8fb4aec13 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -171,7 +171,7 @@ defmodule Pleroma.Web.Router do
post("/users/email_invite", AdminAPIController, :email_invite)
get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset)
- patch("/users/:nickname/force_password_reset", AdminAPIController, :force_password_reset)
+ patch("/users/force_password_reset", AdminAPIController, :force_password_reset)
get("/users", AdminAPIController, :list_users)
get("/users/:nickname", AdminAPIController, :user_show)
diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs
index 045c87e95..2a9e4f5a0 100644
--- a/test/web/admin_api/admin_api_controller_test.exs
+++ b/test/web/admin_api/admin_api_controller_test.exs
@@ -2565,7 +2565,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
conn =
build_conn()
|> assign(:user, admin)
- |> patch("/api/pleroma/admin/users/#{user.nickname}/force_password_reset")
+ |> patch("/api/pleroma/admin/users/force_password_reset", %{nicknames: [user.nickname]})
assert json_response(conn, 204) == ""
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-24 16:08:45 +0000