validate actor type

2020-05-27 09:42:28 +03:00 · 2020-05-27 09:42:28 +03:00 · 3249141588
commit 3249141588
parent cf139b06a3
4 changed files with 60 additions and 11 deletions
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@ -538,9 +538,10 @@ defmodule Pleroma.User do
    |> delete_change(:also_known_as)
    |> unique_constraint(:email)
    |> validate_format(:email, @email_regex)
+    |> validate_inclusion(:actor_type, ["Person", "Service"])
  end

-  @spec update_as_admin(%User{}, map) :: {:ok, User.t()} | {:error, Ecto.Changeset.t()}
+  @spec update_as_admin(User.t(), map()) :: {:ok, User.t()} | {:error, Changeset.t()}
  def update_as_admin(user, params) do
    params = Map.put(params, "password_confirmation", params["password"])
    changeset = update_as_admin_changeset(user, params)
@ -561,7 +562,7 @@ defmodule Pleroma.User do
    |> put_change(:password_reset_pending, false)
  end

-  @spec reset_password(User.t(), map) :: {:ok, User.t()} | {:error, Ecto.Changeset.t()}
+  @spec reset_password(User.t(), map()) :: {:ok, User.t()} | {:error, Changeset.t()}
  def reset_password(%User{} = user, params) do
    reset_password(user, user, params)
  end
--- a/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex
+++ b/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex
@ -693,7 +693,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
        %{assigns: %{user: admin}} = conn,
        %{"nickname" => nickname} = params
      ) do
-    with {_, user} <- {:user, User.get_cached_by_nickname(nickname)},
+    with {_, %User{} = user} <- {:user, User.get_cached_by_nickname(nickname)},
         {:ok, _user} <-
           User.update_as_admin(user, params) do
      ModerationLog.insert_log(%{
@ -715,11 +715,16 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
      json(conn, %{status: "success"})
    else
      {:error, changeset} ->
-        {_, {error, _}} = Enum.at(changeset.errors, 0)
-        json(conn, %{error: "New password #{error}."})
+        errors =
+          Enum.reduce(changeset.errors, %{}, fn
+            {key, {error, _}}, acc ->
+              Map.put(acc, key, error)
+          end)
+
+        json(conn, %{errors: errors})

      _ ->
-        json(conn, %{error: "Unable to change password."})
+        json(conn, %{error: "Unable to update user."})
    end
  end