From 89e0cfd8741b6763ca04e90558bccf4c3c380cfa Mon Sep 17 00:00:00 2001 From: tobi <31960611+tsmethurst@users.noreply.github.com> Date: Sat, 13 Apr 2024 13:25:10 +0200 Subject: [feature] Admin accounts endpoints; approve/reject sign-ups (#2826) * update settings panels, add pending overview + approve/deny functions * add admin accounts get, approve, reject * send approved/rejected emails * use signup URL * docs! * email * swagger * web linting * fix email tests * wee lil fixerinos * use new paging logic for GetAccounts() series of admin endpoints, small changes to query building * shuffle useAccountIDIn check *before* adding to query * fix parse from toot react error * use `netip.Addr` * put valid slices in globals * optimistic updates for account state --------- Co-authored-by: kim --- internal/api/client/admin/accountsgetv2.go | 212 +++++++++++++++++++++++++++++ 1 file changed, 212 insertions(+) create mode 100644 internal/api/client/admin/accountsgetv2.go (limited to 'internal/api/client/admin/accountsgetv2.go') diff --git a/internal/api/client/admin/accountsgetv2.go b/internal/api/client/admin/accountsgetv2.go new file mode 100644 index 000000000..ca32b9e7f --- /dev/null +++ b/internal/api/client/admin/accountsgetv2.go @@ -0,0 +1,212 @@ +// GoToSocial +// Copyright (C) GoToSocial Authors admin@gotosocial.org +// SPDX-License-Identifier: AGPL-3.0-or-later +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +// AccountsGETHandlerV2 swagger:operation GET /api/v2/admin/accounts adminAccountsGetV2 +// +// View + page through known accounts according to given filters. +// +// The next and previous queries can be parsed from the returned Link header. +// Example: +// +// ``` +// ; rel="next", ; rel="prev" +// ```` +// +// --- +// tags: +// - admin +// +// produces: +// - application/json +// +// parameters: +// - +// name: origin +// in: query +// type: string +// description: Filter for `local` or `remote` accounts. +// - +// name: status +// in: query +// type: string +// description: Filter for `active`, `pending`, `disabled`, `silenced`, or `suspended` accounts. +// - +// name: permissions +// in: query +// type: string +// description: Filter for accounts with staff permissions (users that can manage reports). +// - +// name: role_ids[] +// in: query +// type: array +// items: +// type: string +// description: Filter for users with these roles. +// - +// name: invited_by +// in: query +// type: string +// description: Lookup users invited by the account with this ID. +// - +// name: username +// in: query +// type: string +// description: Search for the given username. +// - +// name: display_name +// in: query +// type: string +// description: Search for the given display name. +// - +// name: by_domain +// in: query +// type: string +// description: Filter by the given domain. +// - +// name: email +// in: query +// type: string +// description: Lookup a user with this email. +// - +// name: ip +// in: query +// type: string +// description: Lookup users with this IP address. +// - +// name: max_id +// in: query +// type: string +// description: All results returned will be older than the item with this ID. +// - +// name: since_id +// in: query +// type: string +// description: All results returned will be newer than the item with this ID. +// - +// name: min_id +// in: query +// type: string +// description: Returns results immediately newer than the item with this ID. +// - +// name: limit +// in: query +// type: integer +// description: Maximum number of results to return. +// default: 100 +// maximum: 200 +// minimum: 1 +// +// security: +// - OAuth2 Bearer: +// - admin +// +// responses: +// '200': +// headers: +// Link: +// type: string +// description: Links to the next and previous queries. +// schema: +// type: array +// items: +// "$ref": "#/definitions/adminAccountInfo" +// '400': +// description: bad request +// '401': +// description: unauthorized +// '403': +// description: forbidden +// '404': +// description: not found +// '406': +// description: not acceptable +// '500': +// description: internal server error +package admin + +import ( + "fmt" + "net/http" + + "github.com/gin-gonic/gin" + apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" + apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util" + "github.com/superseriousbusiness/gotosocial/internal/gtserror" + "github.com/superseriousbusiness/gotosocial/internal/oauth" + "github.com/superseriousbusiness/gotosocial/internal/paging" +) + +func (m *Module) AccountsGETV2Handler(c *gin.Context) { + authed, err := oauth.Authed(c, true, true, true, true) + if err != nil { + apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1) + return + } + + if !*authed.User.Admin { + err := fmt.Errorf("user %s not an admin", authed.User.ID) + apiutil.ErrorHandler(c, gtserror.NewErrorForbidden(err, err.Error()), m.processor.InstanceGetV1) + return + } + + if authed.Account.IsMoving() { + apiutil.ForbiddenAfterMove(c) + return + } + + if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil { + apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1) + return + } + + page, errWithCode := paging.ParseIDPage(c, 1, 200, 100) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + // Parse out all optional params from the query. + params := &apimodel.AdminGetAccountsRequest{ + Origin: c.Query(apiutil.AdminOriginKey), + Status: c.Query(apiutil.AdminStatusKey), + Permissions: c.Query(apiutil.AdminPermissionsKey), + RoleIDs: c.QueryArray(apiutil.AdminRoleIDsKey), + InvitedBy: c.Query(apiutil.AdminInvitedByKey), + Username: c.Query(apiutil.UsernameKey), + DisplayName: c.Query(apiutil.AdminDisplayNameKey), + ByDomain: c.Query(apiutil.AdminByDomainKey), + Email: c.Query(apiutil.AdminEmailKey), + IP: c.Query(apiutil.AdminIPKey), + APIVersion: 2, + } + + resp, errWithCode := m.processor.Admin().AccountsGet( + c.Request.Context(), + params, + page, + ) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + if resp.LinkHeader != "" { + c.Header("Link", resp.LinkHeader) + } + + apiutil.JSON(c, http.StatusOK, resp.Items) +} -- cgit v1.2.3