diff options
Diffstat (limited to 'internal/api/client/admin/accountsgetv1.go')
| -rw-r--r-- | internal/api/client/admin/accountsgetv1.go | 348 |
1 files changed, 348 insertions, 0 deletions
diff --git a/internal/api/client/admin/accountsgetv1.go b/internal/api/client/admin/accountsgetv1.go new file mode 100644 index 000000000..604d74992 --- /dev/null +++ b/internal/api/client/admin/accountsgetv1.go @@ -0,0 +1,348 @@ +// GoToSocial +// Copyright (C) GoToSocial Authors admin@gotosocial.org +// SPDX-License-Identifier: AGPL-3.0-or-later +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +// AccountsGETHandlerV1 swagger:operation GET /api/v1/admin/accounts adminAccountsGetV1 +// +// View + page through known accounts according to given filters. +// +// The next and previous queries can be parsed from the returned Link header. +// Example: +// +// ``` +// <https://example.org/api/v1/admin/accounts?limit=80&max_id=01FC0SKA48HNSVR6YKZCQGS2V8>; rel="next", <https://example.org/api/v1/admin/accounts?limit=80&min_id=01FC0SKW5JK2Q4EVAV2B462YY0>; rel="prev" +// ```` +// +// --- +// tags: +// - admin +// +// produces: +// - application/json +// +// parameters: +// - +// name: local +// in: query +// type: boolean +// description: Filter for local accounts. +// default: false +// - +// name: remote +// in: query +// type: boolean +// description: Filter for remote accounts. +// default: false +// - +// name: active +// in: query +// type: boolean +// description: Filter for currently active accounts. +// default: false +// - +// name: pending +// in: query +// type: boolean +// description: Filter for currently pending accounts. +// default: false +// - +// name: disabled +// in: query +// type: boolean +// description: Filter for currently disabled accounts. +// default: false +// - +// name: silenced +// in: query +// type: boolean +// description: Filter for currently silenced accounts. +// default: false +// - +// name: suspended +// in: query +// type: boolean +// description: Filter for currently suspended accounts. +// default: false +// - +// name: sensitized +// in: query +// type: boolean +// description: Filter for accounts force-marked as sensitive. +// default: false +// - +// name: username +// in: query +// type: string +// description: Search for the given username. +// - +// name: display_name +// in: query +// type: string +// description: Search for the given display name. +// - +// name: by_domain +// in: query +// type: string +// description: Filter by the given domain. +// - +// name: email +// in: query +// type: string +// description: Lookup a user with this email. +// - +// name: ip +// in: query +// type: string +// description: Lookup users with this IP address. +// - +// name: staff +// in: query +// type: boolean +// description: Filter for staff accounts. +// default: false +// - +// name: max_id +// in: query +// type: string +// description: All results returned will be older than the item with this ID. +// - +// name: since_id +// in: query +// type: string +// description: All results returned will be newer than the item with this ID. +// - +// name: min_id +// in: query +// type: string +// description: Returns results immediately newer than the item with this ID. +// - +// name: limit +// in: query +// type: integer +// description: Maximum number of results to return. +// default: 100 +// maximum: 200 +// minimum: 1 +// +// security: +// - OAuth2 Bearer: +// - admin +// +// responses: +// '200': +// headers: +// Link: +// type: string +// description: Links to the next and previous queries. +// schema: +// type: array +// items: +// "$ref": "#/definitions/adminAccountInfo" +// '400': +// description: bad request +// '401': +// description: unauthorized +// '403': +// description: forbidden +// '404': +// description: not found +// '406': +// description: not acceptable +// '500': +// description: internal server error +package admin + +import ( + "fmt" + "net/http" + + "github.com/gin-gonic/gin" + apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" + apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util" + "github.com/superseriousbusiness/gotosocial/internal/gtserror" + "github.com/superseriousbusiness/gotosocial/internal/oauth" + "github.com/superseriousbusiness/gotosocial/internal/paging" +) + +func (m *Module) AccountsGETV1Handler(c *gin.Context) { + authed, err := oauth.Authed(c, true, true, true, true) + if err != nil { + apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1) + return + } + + if !*authed.User.Admin { + err := fmt.Errorf("user %s not an admin", authed.User.ID) + apiutil.ErrorHandler(c, gtserror.NewErrorForbidden(err, err.Error()), m.processor.InstanceGetV1) + return + } + + if authed.Account.IsMoving() { + apiutil.ForbiddenAfterMove(c) + return + } + + if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil { + apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1) + return + } + + page, errWithCode := paging.ParseIDPage(c, 1, 200, 100) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + /* Translate to v2 `origin` query param */ + + local, errWithCode := apiutil.ParseLocal(c.Query(apiutil.LocalKey), false) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + remote, errWithCode := apiutil.ParseAdminRemote(c.Query(apiutil.AdminRemoteKey), false) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + if local && remote { + keys := []string{apiutil.LocalKey, apiutil.AdminRemoteKey} + err := fmt.Errorf("only one of %+v can be true", keys) + apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1) + return + } + + var origin string + if local { + origin = "local" + } else if remote { + origin = "remote" + } + + /* Translate to v2 `status` query param */ + + active, errWithCode := apiutil.ParseAdminActive(c.Query(apiutil.AdminActiveKey), false) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + pending, errWithCode := apiutil.ParseAdminPending(c.Query(apiutil.AdminPendingKey), false) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + disabled, errWithCode := apiutil.ParseAdminDisabled(c.Query(apiutil.AdminDisabledKey), false) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + silenced, errWithCode := apiutil.ParseAdminSilenced(c.Query(apiutil.AdminSilencedKey), false) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + suspended, errWithCode := apiutil.ParseAdminSuspended(c.Query(apiutil.AdminSuspendedKey), false) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + // Ensure only one `status` query param set. + var status string + states := map[string]bool{ + apiutil.AdminActiveKey: active, + apiutil.AdminPendingKey: pending, + apiutil.AdminDisabledKey: disabled, + apiutil.AdminSilencedKey: silenced, + apiutil.AdminSuspendedKey: suspended, + } + for k, v := range states { + if !v { + // False status, + // so irrelevant. + continue + } + + if status != "" { + // Status was already set by another + // query param, this is an error. + keys := []string{ + apiutil.AdminActiveKey, + apiutil.AdminPendingKey, + apiutil.AdminDisabledKey, + apiutil.AdminSilencedKey, + apiutil.AdminSuspendedKey, + } + err := fmt.Errorf("only one of %+v can be true", keys) + apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1) + return + } + + // Use this + // account status. + status = k + } + + /* Translate to v2 `permissions` query param */ + + staff, errWithCode := apiutil.ParseAdminStaff(c.Query(apiutil.AdminStaffKey), false) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + var permissions string + if staff { + permissions = "staff" + } + + // Parse out all optional params from the query. + params := &apimodel.AdminGetAccountsRequest{ + Origin: origin, + Status: status, + Permissions: permissions, + RoleIDs: nil, // Can't do in V1. + InvitedBy: "", // Can't do in V1. + Username: c.Query(apiutil.UsernameKey), + DisplayName: c.Query(apiutil.AdminDisplayNameKey), + ByDomain: c.Query(apiutil.AdminByDomainKey), + Email: c.Query(apiutil.AdminEmailKey), + IP: c.Query(apiutil.AdminIPKey), + APIVersion: 1, + } + + resp, errWithCode := m.processor.Admin().AccountsGet( + c.Request.Context(), + params, + page, + ) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + if resp.LinkHeader != "" { + c.Header("Link", resp.LinkHeader) + } + + apiutil.JSON(c, http.StatusOK, resp.Items) +} |