[feature] Admin accounts endpoints; approve/reject sign-ups (#2826)

* update settings panels, add pending overview + approve/deny functions * add admin accounts get, approve, reject * send approved/rejected emails * use signup URL * docs! * email * swagger * web linting * fix email tests * wee lil fixerinos * use new paging logic for GetAccounts() series of admin endpoints, small changes to query building * shuffle useAccountIDIn check *before* adding to query * fix parse from toot react error * use `netip.Addr` * put valid slices in globals * optimistic updates for account state --------- Co-authored-by: kim <grufwub@gmail.com>
2025-06-05 21:59:39 +02:00 · 2024-04-13 13:25:10 +02:00
parent 1439042104
commit 89e0cfd874
74 changed files with 4102 additions and 545 deletions
--- a/internal/processing/admin/accounts.go
+++ b/internal/processing/admin/accounts.go
@ -0,0 +1,272 @@
+// GoToSocial
+// Copyright (C) GoToSocial Authors admin@gotosocial.org
+// SPDX-License-Identifier: AGPL-3.0-or-later
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package admin
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net/netip"
+	"net/url"
+	"slices"
+
+	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
+	apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
+	"github.com/superseriousbusiness/gotosocial/internal/db"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
+	"github.com/superseriousbusiness/gotosocial/internal/log"
+	"github.com/superseriousbusiness/gotosocial/internal/paging"
+)
+
+var (
+	accountsValidOrigins     = []string{"local", "remote"}
+	accountsValidStatuses    = []string{"active", "pending", "disabled", "silenced", "suspended"}
+	accountsValidPermissions = []string{"staff"}
+)
+
+func (p *Processor) AccountsGet(
+	ctx context.Context,
+	request *apimodel.AdminGetAccountsRequest,
+	page *paging.Page,
+) (
+	*apimodel.PageableResponse,
+	gtserror.WithCode,
+) {
+	// Validate "origin".
+	if v := request.Origin; v != "" {
+		if !slices.Contains(accountsValidOrigins, v) {
+			err := fmt.Errorf(
+				"origin %s not recognized; valid choices are %+v",
+				v, accountsValidOrigins,
+			)
+			return nil, gtserror.NewErrorBadRequest(err, err.Error())
+		}
+	}
+
+	// Validate "status".
+	if v := request.Status; v != "" {
+		if !slices.Contains(accountsValidStatuses, v) {
+			err := fmt.Errorf(
+				"status %s not recognized; valid choices are %+v",
+				v, accountsValidStatuses,
+			)
+			return nil, gtserror.NewErrorBadRequest(err, err.Error())
+		}
+	}
+
+	// Validate "permissions".
+	if v := request.Permissions; v != "" {
+		if !slices.Contains(accountsValidPermissions, v) {
+			err := fmt.Errorf(
+				"permissions %s not recognized; valid choices are %+v",
+				v, accountsValidPermissions,
+			)
+			return nil, gtserror.NewErrorBadRequest(err, err.Error())
+		}
+	}
+
+	// Validate/parse IP.
+	var ip netip.Addr
+	if v := request.IP; v != "" {
+		var err error
+		ip, err = netip.ParseAddr(request.IP)
+		if err != nil {
+			err := fmt.Errorf("invalid ip provided: %w", err)
+			return nil, gtserror.NewErrorBadRequest(err, err.Error())
+		}
+	}
+
+	// Get accounts with the given params.
+	accounts, err := p.state.DB.GetAccounts(
+		ctx,
+		request.Origin,
+		request.Status,
+		func() bool { return request.Permissions == "staff" }(),
+		request.InvitedBy,
+		request.Username,
+		request.DisplayName,
+		request.ByDomain,
+		request.Email,
+		ip,
+		page,
+	)
+	if err != nil && !errors.Is(err, db.ErrNoEntries) {
+		err = gtserror.Newf("db error getting accounts: %w", err)
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	count := len(accounts)
+	if count == 0 {
+		return paging.EmptyResponse(), nil
+	}
+
+	hi := accounts[count-1].ID
+	lo := accounts[0].ID
+
+	items := make([]interface{}, 0, count)
+	for _, account := range accounts {
+		apiAccount, err := p.converter.AccountToAdminAPIAccount(ctx, account)
+		if err != nil {
+			log.Errorf(ctx, "error converting to api account: %v", err)
+			continue
+		}
+		items = append(items, apiAccount)
+	}
+
+	// Return packaging + paging appropriate for
+	// the API version used to call this function.
+	switch request.APIVersion {
+	case 1:
+		return packageAccountsV1(items, lo, hi, request, page)
+
+	case 2:
+		return packageAccountsV2(items, lo, hi, request, page)
+
+	default:
+		log.Panic(ctx, "api version was neither 1 nor 2")
+		return nil, nil
+	}
+}
+
+func packageAccountsV1(
+	items []interface{},
+	loID, hiID string,
+	request *apimodel.AdminGetAccountsRequest,
+	page *paging.Page,
+) (*apimodel.PageableResponse, gtserror.WithCode) {
+	queryParams := make(url.Values, 8)
+
+	// Translate origin to v1.
+	if v := request.Origin; v != "" {
+		var k string
+
+		if v == "local" {
+			k = apiutil.LocalKey
+		} else {
+			k = apiutil.AdminRemoteKey
+		}
+
+		queryParams.Add(k, "true")
+	}
+
+	// Translate status to v1.
+	if v := request.Status; v != "" {
+		var k string
+
+		switch v {
+		case "active":
+			k = apiutil.AdminActiveKey
+		case "pending":
+			k = apiutil.AdminPendingKey
+		case "disabled":
+			k = apiutil.AdminDisabledKey
+		case "silenced":
+			k = apiutil.AdminSilencedKey
+		case "suspended":
+			k = apiutil.AdminSuspendedKey
+		}
+
+		queryParams.Add(k, "true")
+	}
+
+	if v := request.Username; v != "" {
+		queryParams.Add(apiutil.UsernameKey, v)
+	}
+
+	if v := request.DisplayName; v != "" {
+		queryParams.Add(apiutil.AdminDisplayNameKey, v)
+	}
+
+	if v := request.ByDomain; v != "" {
+		queryParams.Add(apiutil.AdminByDomainKey, v)
+	}
+
+	if v := request.Email; v != "" {
+		queryParams.Add(apiutil.AdminEmailKey, v)
+	}
+
+	if v := request.IP; v != "" {
+		queryParams.Add(apiutil.AdminIPKey, v)
+	}
+
+	// Translate permissions to v1.
+	if v := request.Permissions; v != "" {
+		queryParams.Add(apiutil.AdminStaffKey, v)
+	}
+
+	return paging.PackageResponse(paging.ResponseParams{
+		Items: items,
+		Path:  "/api/v1/admin/accounts",
+		Next:  page.Next(loID, hiID),
+		Prev:  page.Prev(loID, hiID),
+		Query: queryParams,
+	}), nil
+}
+
+func packageAccountsV2(
+	items []interface{},
+	loID, hiID string,
+	request *apimodel.AdminGetAccountsRequest,
+	page *paging.Page,
+) (*apimodel.PageableResponse, gtserror.WithCode) {
+	queryParams := make(url.Values, 9)
+
+	if v := request.Origin; v != "" {
+		queryParams.Add(apiutil.AdminOriginKey, v)
+	}
+
+	if v := request.Status; v != "" {
+		queryParams.Add(apiutil.AdminStatusKey, v)
+	}
+
+	if v := request.Permissions; v != "" {
+		queryParams.Add(apiutil.AdminPermissionsKey, v)
+	}
+
+	if v := request.InvitedBy; v != "" {
+		queryParams.Add(apiutil.AdminInvitedByKey, v)
+	}
+
+	if v := request.Username; v != "" {
+		queryParams.Add(apiutil.UsernameKey, v)
+	}
+
+	if v := request.DisplayName; v != "" {
+		queryParams.Add(apiutil.AdminDisplayNameKey, v)
+	}
+
+	if v := request.ByDomain; v != "" {
+		queryParams.Add(apiutil.AdminByDomainKey, v)
+	}
+
+	if v := request.Email; v != "" {
+		queryParams.Add(apiutil.AdminEmailKey, v)
+	}
+
+	if v := request.IP; v != "" {
+		queryParams.Add(apiutil.AdminIPKey, v)
+	}
+
+	return paging.PackageResponse(paging.ResponseParams{
+		Items: items,
+		Path:  "/api/v2/admin/accounts",
+		Next:  page.Next(loID, hiID),
+		Prev:  page.Prev(loID, hiID),
+		Query: queryParams,
+	}), nil
+}