diff options
Diffstat (limited to 'internal/api')
| -rw-r--r-- | internal/api/client/accounts/accountget_test.go | 118 | ||||
| -rw-r--r-- | internal/api/client/accounts/accountverify_test.go | 72 | ||||
| -rw-r--r-- | internal/api/client/admin/accountsgetv2_test.go | 85 | ||||
| -rw-r--r-- | internal/api/client/admin/reportsget_test.go | 100 | ||||
| -rw-r--r-- | internal/api/client/instance/instancepatch_test.go | 60 | ||||
| -rw-r--r-- | internal/api/client/statuses/statushistory_test.go | 5 | ||||
| -rw-r--r-- | internal/api/client/statuses/statusmute_test.go | 10 | ||||
| -rw-r--r-- | internal/api/model/account.go | 131 |
8 files changed, 485 insertions, 96 deletions
diff --git a/internal/api/client/accounts/accountget_test.go b/internal/api/client/accounts/accountget_test.go new file mode 100644 index 000000000..421de0d64 --- /dev/null +++ b/internal/api/client/accounts/accountget_test.go @@ -0,0 +1,118 @@ +// GoToSocial +// Copyright (C) GoToSocial Authors admin@gotosocial.org +// SPDX-License-Identifier: AGPL-3.0-or-later +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +package accounts_test + +import ( + "encoding/json" + "io" + "net/http" + "net/http/httptest" + "testing" + + "github.com/gin-gonic/gin" + "github.com/stretchr/testify/suite" + "github.com/superseriousbusiness/gotosocial/internal/api/client/accounts" + apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" +) + +type AccountGetTestSuite struct { + AccountStandardTestSuite +} + +// accountVerifyGet calls the get account API method for a given account fixture name. +func (suite *AccountGetTestSuite) getAccount(id string) *apimodel.Account { + recorder := httptest.NewRecorder() + ctx := suite.newContext(recorder, http.MethodGet, nil, accounts.BasePath+"/"+id, "") + ctx.Params = gin.Params{ + gin.Param{ + Key: accounts.IDKey, + Value: id, + }, + } + + // call the handler + suite.accountsModule.AccountGETHandler(ctx) + + // 1. we should have OK because our request was valid + suite.Equal(http.StatusOK, recorder.Code) + + // 2. we should have no error message in the result body + result := recorder.Result() + defer result.Body.Close() + + // check the response + b, err := io.ReadAll(result.Body) + if err != nil { + suite.FailNow(err.Error()) + } + + // unmarshal the returned account + apimodelAccount := &apimodel.Account{} + err = json.Unmarshal(b, apimodelAccount) + if err != nil { + suite.FailNow(err.Error()) + } + + return apimodelAccount +} + +// Fetching the currently logged-in account shows extra info, +// so we should see permissions, but this account is a regular user and should have no display role. +func (suite *AccountGetTestSuite) TestGetDisplayRoleForSelf() { + apimodelAccount := suite.getAccount(suite.testAccounts["local_account_1"].ID) + + // Role should be set, but permissions should be empty. + if suite.NotNil(apimodelAccount.Role) { + role := apimodelAccount.Role + suite.Equal("user", string(role.Name)) + suite.Zero(role.Permissions) + } + + // Roles should not have anything in it. + suite.Empty(apimodelAccount.Roles) +} + +// We should not see a display role for an ordinary local account. +func (suite *AccountGetTestSuite) TestGetDisplayRoleForUserAccount() { + apimodelAccount := suite.getAccount(suite.testAccounts["local_account_2"].ID) + + // Role should not be set. + suite.Nil(apimodelAccount.Role) + + // Roles should not have anything in it. + suite.Empty(apimodelAccount.Roles) +} + +// We should be able to get a display role for an admin account. +func (suite *AccountGetTestSuite) TestGetDisplayRoleForAdminAccount() { + apimodelAccount := suite.getAccount(suite.testAccounts["admin_account"].ID) + + // Role should not be set. + suite.Nil(apimodelAccount.Role) + + // Roles should have exactly one display role. + if suite.Len(apimodelAccount.Roles, 1) { + role := apimodelAccount.Roles[0] + suite.Equal("admin", string(role.Name)) + suite.NotEmpty(role.ID) + } +} + +func TestAccountGetTestSuite(t *testing.T) { + suite.Run(t, new(AccountGetTestSuite)) +} diff --git a/internal/api/client/accounts/accountverify_test.go b/internal/api/client/accounts/accountverify_test.go index 9308cc92a..af8c2346c 100644 --- a/internal/api/client/accounts/accountverify_test.go +++ b/internal/api/client/accounts/accountverify_test.go @@ -19,30 +19,35 @@ package accounts_test import ( "encoding/json" - "io/ioutil" + "io" "net/http" "net/http/httptest" "testing" "time" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/suite" "github.com/superseriousbusiness/gotosocial/internal/api/client/accounts" apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" "github.com/superseriousbusiness/gotosocial/internal/gtsmodel" + "github.com/superseriousbusiness/gotosocial/internal/oauth" ) type AccountVerifyTestSuite struct { AccountStandardTestSuite } -func (suite *AccountVerifyTestSuite) TestAccountVerifyGet() { - testAccount := suite.testAccounts["local_account_1"] - +// accountVerifyGet calls the verify_credentials API method for a given account fixture name. +// Assumes token and user fixture names are the same as the account fixture name. +func (suite *AccountVerifyTestSuite) accountVerifyGet(fixtureName string) *apimodel.Account { // set up the request recorder := httptest.NewRecorder() ctx := suite.newContext(recorder, http.MethodGet, nil, accounts.VerifyPath, "") + // override the account that we're authenticated as + ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts[fixtureName]) + ctx.Set(oauth.SessionAuthorizedToken, oauth.DBTokenToToken(suite.testTokens[fixtureName])) + ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers[fixtureName]) + // call the handler suite.accountsModule.AccountVerifyGETHandler(ctx) @@ -54,13 +59,27 @@ func (suite *AccountVerifyTestSuite) TestAccountVerifyGet() { defer result.Body.Close() // check the response - b, err := ioutil.ReadAll(result.Body) - assert.NoError(suite.T(), err) + b, err := io.ReadAll(result.Body) + if err != nil { + suite.FailNow(err.Error()) + } // unmarshal the returned account apimodelAccount := &apimodel.Account{} err = json.Unmarshal(b, apimodelAccount) - suite.NoError(err) + if err != nil { + suite.FailNow(err.Error()) + } + + return apimodelAccount +} + +// We should see public account information and profile source for a normal user. +func (suite *AccountVerifyTestSuite) TestAccountVerifyGet() { + fixtureName := "local_account_1" + testAccount := suite.testAccounts[fixtureName] + + apimodelAccount := suite.accountVerifyGet(fixtureName) createdAt, err := time.Parse(time.RFC3339, apimodelAccount.CreatedAt) suite.NoError(err) @@ -85,6 +104,43 @@ func (suite *AccountVerifyTestSuite) TestAccountVerifyGet() { suite.Equal(testAccount.NoteRaw, apimodelAccount.Source.Note) } +// testAccountVerifyGetRole calls the verify_credentials API method for a given account fixture name, +// and checks the response for permissions appropriate to the role. +func (suite *AccountVerifyTestSuite) testAccountVerifyGetRole(fixtureName string) { + testUser := suite.testUsers[fixtureName] + + apimodelAccount := suite.accountVerifyGet(fixtureName) + + if suite.NotNil(apimodelAccount.Role) { + switch { + case *testUser.Admin: + suite.Equal("admin", string(apimodelAccount.Role.Name)) + suite.NotZero(apimodelAccount.Role.Permissions) + suite.True(apimodelAccount.Role.Highlighted) + + case *testUser.Moderator: + suite.Equal("moderator", string(apimodelAccount.Role.Name)) + suite.Zero(apimodelAccount.Role.Permissions) + suite.True(apimodelAccount.Role.Highlighted) + + default: + suite.Equal("user", string(apimodelAccount.Role.Name)) + suite.Zero(apimodelAccount.Role.Permissions) + suite.False(apimodelAccount.Role.Highlighted) + } + } +} + +// We should see a role for a normal user, and that role should not have any permissions. +func (suite *AccountVerifyTestSuite) TestAccountVerifyGetRoleUser() { + suite.testAccountVerifyGetRole("local_account_1") +} + +// We should see a role for an admin user, and that role should have some permissions. +func (suite *AccountVerifyTestSuite) TestAccountVerifyGetRoleAdmin() { + suite.testAccountVerifyGetRole("admin_account") +} + func TestAccountVerifyTestSuite(t *testing.T) { suite.Run(t, new(AccountVerifyTestSuite)) } diff --git a/internal/api/client/admin/accountsgetv2_test.go b/internal/api/client/admin/accountsgetv2_test.go index 15eb8534b..83f394803 100644 --- a/internal/api/client/admin/accountsgetv2_test.go +++ b/internal/api/client/admin/accountsgetv2_test.go @@ -70,7 +70,11 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "locale": "en", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": true, "approved": true, @@ -109,10 +113,7 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "verified_at": null } ], - "hide_collections": true, - "role": { - "name": "user" - } + "hide_collections": true }, "created_by_application_id": "01F8MGY43H3N2C8EWPR2FPYEXG" }, @@ -127,7 +128,11 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "locale": "en", "invite_request": null, "role": { - "name": "admin" + "id": "admin", + "name": "admin", + "color": "", + "permissions": "546033", + "highlighted": true }, "confirmed": true, "approved": true, @@ -156,9 +161,13 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "emojis": [], "fields": [], "enable_rss": true, - "role": { - "name": "admin" - } + "roles": [ + { + "id": "admin", + "name": "admin", + "color": "" + } + ] }, "created_by_application_id": "01F8MGXQRHYF5QPMTMXP78QC2F" }, @@ -173,7 +182,11 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, @@ -214,7 +227,11 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "locale": "en", "invite_request": "I wanna be on this damned webbed site so bad! Please! Wow", "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": true, "approved": true, @@ -244,10 +261,7 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "last_status_at": "2024-01-10T09:24:00.000Z", "emojis": [], "fields": [], - "enable_rss": true, - "role": { - "name": "user" - } + "enable_rss": true }, "created_by_application_id": "01F8MGY43H3N2C8EWPR2FPYEXG" }, @@ -262,7 +276,11 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "locale": "en", "invite_request": "hi, please let me in! I'm looking for somewhere neato bombeato to hang out.", "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, @@ -289,10 +307,7 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "statuses_count": 0, "last_status_at": null, "emojis": [], - "fields": [], - "role": { - "name": "user" - } + "fields": [] }, "created_by_application_id": "01F8MGY43H3N2C8EWPR2FPYEXG" }, @@ -307,7 +322,11 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, @@ -348,7 +367,11 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, @@ -389,7 +412,11 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, @@ -431,7 +458,11 @@ func (suite *AccountsGetTestSuite) TestAccountsGetFromTop() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, @@ -511,7 +542,11 @@ func (suite *AccountsGetTestSuite) TestAccountsMinID() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, diff --git a/internal/api/client/admin/reportsget_test.go b/internal/api/client/admin/reportsget_test.go index 5dead789a..5213dd574 100644 --- a/internal/api/client/admin/reportsget_test.go +++ b/internal/api/client/admin/reportsget_test.go @@ -157,7 +157,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, @@ -198,7 +202,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "locale": "en", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": true, "approved": true, @@ -237,10 +245,7 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "verified_at": null } ], - "hide_collections": true, - "role": { - "name": "user" - } + "hide_collections": true }, "created_by_application_id": "01F8MGY43H3N2C8EWPR2FPYEXG" }, @@ -255,7 +260,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "locale": "en", "invite_request": null, "role": { - "name": "admin" + "id": "admin", + "name": "admin", + "color": "", + "permissions": "546033", + "highlighted": true }, "confirmed": true, "approved": true, @@ -284,9 +293,13 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "emojis": [], "fields": [], "enable_rss": true, - "role": { - "name": "admin" - } + "roles": [ + { + "id": "admin", + "name": "admin", + "color": "" + } + ] }, "created_by_application_id": "01F8MGXQRHYF5QPMTMXP78QC2F" }, @@ -301,7 +314,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "locale": "en", "invite_request": null, "role": { - "name": "admin" + "id": "admin", + "name": "admin", + "color": "", + "permissions": "546033", + "highlighted": true }, "confirmed": true, "approved": true, @@ -330,9 +347,13 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "emojis": [], "fields": [], "enable_rss": true, - "role": { - "name": "admin" - } + "roles": [ + { + "id": "admin", + "name": "admin", + "color": "" + } + ] }, "created_by_application_id": "01F8MGXQRHYF5QPMTMXP78QC2F" }, @@ -360,7 +381,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "locale": "en", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": true, "approved": true, @@ -399,10 +424,7 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "verified_at": null } ], - "hide_collections": true, - "role": { - "name": "user" - } + "hide_collections": true }, "created_by_application_id": "01F8MGY43H3N2C8EWPR2FPYEXG" }, @@ -417,7 +439,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetAll() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, @@ -605,7 +631,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetCreatedByAccount() { "locale": "en", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": true, "approved": true, @@ -644,10 +674,7 @@ func (suite *ReportsGetTestSuite) TestReportsGetCreatedByAccount() { "verified_at": null } ], - "hide_collections": true, - "role": { - "name": "user" - } + "hide_collections": true }, "created_by_application_id": "01F8MGY43H3N2C8EWPR2FPYEXG" }, @@ -662,7 +689,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetCreatedByAccount() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, @@ -850,7 +881,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetTargetAccount() { "locale": "en", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": true, "approved": true, @@ -889,10 +924,7 @@ func (suite *ReportsGetTestSuite) TestReportsGetTargetAccount() { "verified_at": null } ], - "hide_collections": true, - "role": { - "name": "user" - } + "hide_collections": true }, "created_by_application_id": "01F8MGY43H3N2C8EWPR2FPYEXG" }, @@ -907,7 +939,11 @@ func (suite *ReportsGetTestSuite) TestReportsGetTargetAccount() { "locale": "", "invite_request": null, "role": { - "name": "user" + "id": "user", + "name": "user", + "color": "", + "permissions": "0", + "highlighted": false }, "confirmed": false, "approved": false, diff --git a/internal/api/client/instance/instancepatch_test.go b/internal/api/client/instance/instancepatch_test.go index 095e2e543..f12638f82 100644 --- a/internal/api/client/instance/instancepatch_test.go +++ b/internal/api/client/instance/instancepatch_test.go @@ -176,9 +176,13 @@ func (suite *InstancePatchTestSuite) TestInstancePatch1() { "emojis": [], "fields": [], "enable_rss": true, - "role": { - "name": "admin" - } + "roles": [ + { + "id": "admin", + "name": "admin", + "color": "" + } + ] }, "max_toot_chars": 5000, "rules": [ @@ -312,9 +316,13 @@ func (suite *InstancePatchTestSuite) TestInstancePatch2() { "emojis": [], "fields": [], "enable_rss": true, - "role": { - "name": "admin" - } + "roles": [ + { + "id": "admin", + "name": "admin", + "color": "" + } + ] }, "max_toot_chars": 5000, "rules": [ @@ -448,9 +456,13 @@ func (suite *InstancePatchTestSuite) TestInstancePatch3() { "emojis": [], "fields": [], "enable_rss": true, - "role": { - "name": "admin" - } + "roles": [ + { + "id": "admin", + "name": "admin", + "color": "" + } + ] }, "max_toot_chars": 5000, "rules": [ @@ -635,9 +647,13 @@ func (suite *InstancePatchTestSuite) TestInstancePatch6() { "emojis": [], "fields": [], "enable_rss": true, - "role": { - "name": "admin" - } + "roles": [ + { + "id": "admin", + "name": "admin", + "color": "" + } + ] }, "max_toot_chars": 5000, "rules": [ @@ -797,9 +813,13 @@ func (suite *InstancePatchTestSuite) TestInstancePatch8() { "emojis": [], "fields": [], "enable_rss": true, - "role": { - "name": "admin" - } + "roles": [ + { + "id": "admin", + "name": "admin", + "color": "" + } + ] }, "max_toot_chars": 5000, "rules": [ @@ -970,9 +990,13 @@ func (suite *InstancePatchTestSuite) TestInstancePatch9() { "emojis": [], "fields": [], "enable_rss": true, - "role": { - "name": "admin" - } + "roles": [ + { + "id": "admin", + "name": "admin", + "color": "" + } + ] }, "max_toot_chars": 5000, "rules": [ diff --git a/internal/api/client/statuses/statushistory_test.go b/internal/api/client/statuses/statushistory_test.go index cadf3cb72..bcbeeba7d 100644 --- a/internal/api/client/statuses/statushistory_test.go +++ b/internal/api/client/statuses/statushistory_test.go @@ -118,10 +118,7 @@ func (suite *StatusHistoryTestSuite) TestGetHistory() { "last_status_at": "2024-01-10T09:24:00.000Z", "emojis": [], "fields": [], - "enable_rss": true, - "role": { - "name": "user" - } + "enable_rss": true }, "poll": null, "media_attachments": [], diff --git a/internal/api/client/statuses/statusmute_test.go b/internal/api/client/statuses/statusmute_test.go index 62be671fa..e506f8717 100644 --- a/internal/api/client/statuses/statusmute_test.go +++ b/internal/api/client/statuses/statusmute_test.go @@ -136,10 +136,7 @@ func (suite *StatusMuteTestSuite) TestMuteUnmuteStatus() { "last_status_at": "2024-01-10T09:24:00.000Z", "emojis": [], "fields": [], - "enable_rss": true, - "role": { - "name": "user" - } + "enable_rss": true }, "media_attachments": [], "mentions": [], @@ -224,10 +221,7 @@ func (suite *StatusMuteTestSuite) TestMuteUnmuteStatus() { "last_status_at": "2024-01-10T09:24:00.000Z", "emojis": [], "fields": [], - "enable_rss": true, - "role": { - "name": "user" - } + "enable_rss": true }, "media_attachments": [], "mentions": [], diff --git a/internal/api/model/account.go b/internal/api/model/account.go index c5b629db0..0eaf52734 100644 --- a/internal/api/model/account.go +++ b/internal/api/model/account.go @@ -18,8 +18,11 @@ package model import ( + "encoding/json" + "errors" "mime/multipart" "net" + "strconv" ) // Account models a fediverse account. @@ -105,8 +108,13 @@ type Account struct { // Key/value omitted if false. HideCollections bool `json:"hide_collections,omitempty"` // Role of the account on this instance. + // Only available through the `verify_credentials` API method. // Key/value omitted for remote accounts. Role *AccountRole `json:"role,omitempty"` + // Roles lists the public roles of the account on this instance. + // Unlike Role, this is always available, but never includes permissions details. + // Key/value omitted for remote accounts. + Roles []AccountDisplayRole `json:"roles,omitempty"` // If set, indicates that this account is currently inactive, and has migrated to the given account. // Key/value omitted for accounts that haven't moved, and for suspended accounts. Moved *Account `json:"moved,omitempty"` @@ -286,11 +294,35 @@ type AccountAliasRequest struct { AlsoKnownAsURIs []string `form:"also_known_as_uris" json:"also_known_as_uris" xml:"also_known_as_uris"` } +// AccountDisplayRole models a public, displayable role of an account. +// This is a subset of AccountRole. +// +// swagger:model accountDisplayRole +type AccountDisplayRole struct { + // ID of the role. + // Not used by GotoSocial, but we set it to the role name, just in case a client expects a unique ID. + ID string `json:"id"` + + // Name of the role. + Name AccountRoleName `json:"name"` + + // Color is a 6-digit CSS-style hex color code with leading `#`, or an empty string if this role has no color. + // Since GotoSocial doesn't use role colors, we leave this empty. + Color string `json:"color"` +} + // AccountRole models the role of an account. // // swagger:model accountRole type AccountRole struct { - Name AccountRoleName `json:"name"` + AccountDisplayRole + + // Permissions is a bitmap serialized as a numeric string, indicating which admin/moderation actions a user can perform. + Permissions AccountRolePermissions `json:"permissions"` + + // Highlighted indicates whether the role is publicly visible on the user profile. + // This is always true for GotoSocial's built-in admin and moderator roles, and false otherwise. + Highlighted bool `json:"highlighted"` } // AccountRoleName represent the name of the role of an account. @@ -305,6 +337,103 @@ const ( AccountRoleUnknown AccountRoleName = "" // We don't know / remote account ) +// AccountRolePermissions is a bitmap representing a set of user permissions. +// It's used for Mastodon API compatibility: internally, GotoSocial only tracks admins and moderators. +// +// swagger:type string +type AccountRolePermissions int + +// MarshalJSON serializes an AccountRolePermissions as a numeric string. +func (a *AccountRolePermissions) MarshalJSON() ([]byte, error) { + return json.Marshal(strconv.Itoa(int(*a))) +} + +// UnmarshalJSON deserializes an AccountRolePermissions from a number or numeric string. +func (a *AccountRolePermissions) UnmarshalJSON(b []byte) error { + if string(b) == "null" { + return nil + } + + i := 0 + if err := json.Unmarshal(b, &i); err != nil { + s := "" + if err := json.Unmarshal(b, &s); err != nil { + return errors.New("not a number or string") + } + + i, err = strconv.Atoi(s) + if err != nil { + return errors.New("not a numeric string") + } + } + + *a = AccountRolePermissions(i) + return nil +} + +const ( + // AccountRolePermissionsNone represents an empty set of permissions. + AccountRolePermissionsNone AccountRolePermissions = 0 + // AccountRolePermissionsAdministrator ignores all permission checks. + AccountRolePermissionsAdministrator AccountRolePermissions = 1 << (iota - 1) + // AccountRolePermissionsDevops is not used by GotoSocial. + AccountRolePermissionsDevops + // AccountRolePermissionsViewAuditLog is not used by GotoSocial. + AccountRolePermissionsViewAuditLog + // AccountRolePermissionsViewDashboard is not used by GotoSocial. + AccountRolePermissionsViewDashboard + // AccountRolePermissionsManageReports indicates that the user can view and resolve reports. + AccountRolePermissionsManageReports + // AccountRolePermissionsManageFederation indicates that the user can edit federation allows and blocks. + AccountRolePermissionsManageFederation + // AccountRolePermissionsManageSettings indicates that the user can edit instance metadata. + AccountRolePermissionsManageSettings + // AccountRolePermissionsManageBlocks indicates that the user can manage non-federation blocks, currently including HTTP header blocks. + AccountRolePermissionsManageBlocks + // AccountRolePermissionsManageTaxonomies is not used by GotoSocial. + AccountRolePermissionsManageTaxonomies + // AccountRolePermissionsManageAppeals is not used by GotoSocial. + AccountRolePermissionsManageAppeals + // AccountRolePermissionsManageUsers indicates that the user can view user details and perform user moderation actions. + AccountRolePermissionsManageUsers + // AccountRolePermissionsManageInvites is not used by GotoSocial. + AccountRolePermissionsManageInvites + // AccountRolePermissionsManageRules indicates that the user can edit instance rules. + AccountRolePermissionsManageRules + // AccountRolePermissionsManageAnnouncements is not used by GotoSocial. + AccountRolePermissionsManageAnnouncements + // AccountRolePermissionsManageCustomEmojis indicates that the user can edit custom emoji. + AccountRolePermissionsManageCustomEmojis + // AccountRolePermissionsManageWebhooks is not used by GotoSocial. + AccountRolePermissionsManageWebhooks + // AccountRolePermissionsInviteUsers is not used by GotoSocial. + AccountRolePermissionsInviteUsers + // AccountRolePermissionsManageRoles is not used by GotoSocial. + AccountRolePermissionsManageRoles + // AccountRolePermissionsManageUserAccess is not used by GotoSocial. + AccountRolePermissionsManageUserAccess + // AccountRolePermissionsDeleteUserData indicates that the user can permanently delete user data. + AccountRolePermissionsDeleteUserData + + // FUTURE: If we decide to assign our own permissions bits, + // they should start at the other end of the int to avoid conflicts with future Mastodon permissions. + + // AccountRolePermissionsForAdminRole includes all of the permissions assigned to GotoSocial's built-in administrator role. + AccountRolePermissionsForAdminRole = AccountRolePermissionsAdministrator | + AccountRolePermissionsManageReports | + AccountRolePermissionsManageFederation | + AccountRolePermissionsManageSettings | + AccountRolePermissionsManageBlocks | + AccountRolePermissionsManageUsers | + AccountRolePermissionsManageRules | + AccountRolePermissionsManageCustomEmojis | + AccountRolePermissionsDeleteUserData + + // AccountRolePermissionsForModeratorRole includes all of the permissions assigned to GotoSocial's built-in moderator role. + // (Currently, there aren't any.) + AccountRolePermissionsForModeratorRole = AccountRolePermissionsNone +) + // AccountNoteRequest models a request to update the private note for an account. // // swagger:ignore |