Allow assigning users to reports

Signed-off-by: nicole mikołajczyk <git@mkljczk.pl>

lib/pleroma/constants.ex

@@ -22,7 +22,8 @@ defmodule Pleroma.Constants do
       "generator",
       "rules",
       "language",
-      "voters"
+      "voters",
+      "assigned_account"
     ]
   )
 

lib/pleroma/moderation_log.ex

@@ -132,11 +132,18 @@ defmodule Pleroma.ModerationLog do
   end
 
   def insert_log(%{actor: %User{}, action: action, subject: %Activity{} = subject} = attrs)
-      when action in ["report_note_delete", "report_update", "report_note"] do
+      when action in [
+             "report_note_delete",
+             "report_update",
+             "report_note",
+             "report_unassigned",
+             "report_assigned"
+           ] do
     data =
       attrs
       |> prepare_log_data
       |> Pleroma.Maps.put_if_present("text", attrs[:text])
+      |> Pleroma.Maps.put_if_present("assigned_account", attrs[:assigned_account])
       |> Map.merge(%{"subject" => report_to_map(subject)})
 
     insert_log_entry_with_message(%ModerationLog{data: data})
@@ -441,6 +448,35 @@ defmodule Pleroma.ModerationLog do
       " with '#{state}' state"
   end
 
+  def get_log_entry_message(
+        %ModerationLog{
+          data: %{
+            "actor" => %{"nickname" => actor_nickname},
+            "action" => "report_assigned",
+            "subject" => %{"id" => subject_id, "type" => "report"},
+            "assigned_account" => assigned_account
+          }
+        } = log
+      ) do
+    "@#{actor_nickname} assigned report ##{subject_id}" <>
+      subject_actor_nickname(log, " (on user ", ")") <>
+      " to user #{assigned_account}"
+  end
+
+  def get_log_entry_message(
+        %ModerationLog{
+          data: %{
+            "actor" => %{"nickname" => actor_nickname},
+            "action" => "report_unassigned",
+            "subject" => %{"id" => subject_id, "type" => "report"}
+          }
+        } = log
+      ) do
+    "@#{actor_nickname} unassigned report ##{subject_id}" <>
+      subject_actor_nickname(log, " (on user ", ")") <>
+      " from a user"
+  end
+
   def get_log_entry_message(
         %ModerationLog{
           data: %{

lib/pleroma/web/activity_pub/activity_pub.ex

@@ -1003,6 +1003,14 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
 
   defp restrict_state(query, _), do: query
 
+  defp restrict_assigned_account(query, %{assigned_account: assigned_account}) do
+    from(activity in query,
+      where: fragment("?->>'assigned_account' = ?", activity.data, ^assigned_account)
+    )
+  end
+
+  defp restrict_assigned_account(query, _), do: query
+
   defp restrict_favorited_by(query, %{favorited_by: ap_id}) do
     from(
       [_activity, object] in query,
@@ -1471,6 +1479,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
       |> restrict_actor(opts)
       |> restrict_type(opts)
       |> restrict_state(opts)
+      |> restrict_assigned_account(opts)
       |> restrict_favorited_by(opts)
       |> restrict_blocked(restrict_blocked_opts)
       |> restrict_blockers_visibility(opts)

lib/pleroma/web/activity_pub/utils.ex

@@ -863,6 +863,34 @@ defmodule Pleroma.Web.ActivityPub.Utils do
 
   def update_report_state(_, _), do: {:error, "Unsupported state"}
 
+  def assign_report_to_account(%Activity{} = activity, nil = _account) do
+    new_data = Map.delete(activity.data, "assigned_account")
+
+    activity
+    |> Changeset.change(data: new_data)
+    |> Repo.update()
+  end
+
+  def assign_report_to_account(%Activity{} = activity, account) do
+    new_data = Map.put(activity.data, "assigned_account", account)
+
+    activity
+    |> Changeset.change(data: new_data)
+    |> Repo.update()
+  end
+
+  def assign_report_to_account(activity_ids, account) do
+    activities_num = length(activity_ids)
+
+    from(a in Activity, where: a.id in ^activity_ids)
+    |> update(set: [data: fragment("jsonb_set(data, '{assigned_account}', ?)", ^account)])
+    |> Repo.update_all([])
+    |> case do
+      {^activities_num, _} -> :ok
+      _ -> {:error, activity_ids}
+    end
+  end
+
   def strip_report_status_data(%Activity{} = activity) do
     with {:ok, new_data} <- strip_report_status_data(activity.data) do
       {:ok, %{activity | data: new_data}}

lib/pleroma/web/admin_api/controllers/report_controller.ex

@@ -10,6 +10,7 @@ defmodule Pleroma.Web.AdminAPI.ReportController do
   alias Pleroma.Activity
   alias Pleroma.ModerationLog
   alias Pleroma.ReportNote
+  alias Pleroma.User
   alias Pleroma.Web.ActivityPub.Utils
   alias Pleroma.Web.AdminAPI
   alias Pleroma.Web.AdminAPI.Report
@@ -24,7 +25,7 @@ defmodule Pleroma.Web.AdminAPI.ReportController do
   plug(
     OAuthScopesPlug,
     %{scopes: ["admin:write:reports"]}
-    when action in [:update, :notes_create, :notes_delete]
+    when action in [:update, :assign_account, :notes_create, :notes_delete]
   )
 
   action_fallback(AdminAPI.FallbackController)
@@ -79,6 +80,22 @@ defmodule Pleroma.Web.AdminAPI.ReportController do
     end
   end
 
+  def assign_account(
+        %{
+          assigns: %{user: admin},
+          private: %{open_api_spex: %{body_params: %{reports: reports}}}
+        } = conn,
+        _
+      ) do
+    result = Enum.map(reports, &do_assign_account(&1, admin))
+
+    if Enum.any?(result, &Map.has_key?(&1, :error)) do
+      json_response(conn, :bad_request, result)
+    else
+      json_response(conn, :no_content, "")
+    end
+  end
+
   def notes_create(
         %{
           assigns: %{user: user},
@@ -131,4 +148,40 @@ defmodule Pleroma.Web.AdminAPI.ReportController do
       _ -> json_response(conn, :bad_request, "")
     end
   end
+
+  defp do_assign_account(%{assigned_account: nil, id: id}, admin) do
+    with {:ok, activity} <- CommonAPI.assign_report_to_account(id, nil),
+         report <- Activity.get_by_id_with_user_actor(activity.id) do
+      ModerationLog.insert_log(%{
+        action: "report_unassigned",
+        actor: admin,
+        subject: activity,
+        subject_actor: report.user_actor
+      })
+
+      activity
+    else
+      {:error, message} ->
+        %{id: id, error: message}
+    end
+  end
+
+  defp do_assign_account(%{assigned_account: assigned_account, id: id}, admin) do
+    with %User{id: account} = user <- User.get_cached_by_nickname(assigned_account),
+         {:ok, activity} <- CommonAPI.assign_report_to_account(id, account),
+         report <- Activity.get_by_id_with_user_actor(activity.id) do
+      ModerationLog.insert_log(%{
+        action: "report_assigned",
+        actor: admin,
+        subject: activity,
+        subject_actor: report.user_actor,
+        assigned_account: user.nickname
+      })
+
+      activity
+    else
+      {:error, message} ->
+        %{id: id, error: message}
+    end
+  end
 end

lib/pleroma/web/admin_api/report.ex

@@ -13,6 +13,11 @@ defmodule Pleroma.Web.AdminAPI.Report do
     user = User.get_cached_by_ap_id(actor)
     account = User.get_cached_by_ap_id(account_ap_id)
 
+    assigned_account =
+      if Map.has_key?(report.data, "assigned_account") do
+        User.get_cached_by_id(report.data["assigned_account"])
+      end
+
     statuses =
       status_ap_ids
       |> Enum.reject(&is_nil(&1))
@@ -26,7 +31,13 @@ defmodule Pleroma.Web.AdminAPI.Report do
             Activity.get_by_ap_id_with_object(act)
       end)
 
-    %{report: report, user: user, account: account, statuses: statuses}
+    %{
+      report: report,
+      user: user,
+      account: account,
+      statuses: statuses,
+      assigned_account: assigned_account
+    }
   end
 
   defp make_fake_activity(act, user) do

lib/pleroma/web/admin_api/views/report_view.ex

@@ -26,7 +26,13 @@ defmodule Pleroma.Web.AdminAPI.ReportView do
     }
   end
 
-  def render("show.json", %{report: report, user: user, account: account, statuses: statuses}) do
+  def render("show.json", %{
+        report: report,
+        user: user,
+        account: account,
+        statuses: statuses,
+        assigned_account: assigned_account
+      }) do
     created_at = Utils.to_masto_date(report.data["published"])
 
     content =
@@ -36,6 +42,11 @@ defmodule Pleroma.Web.AdminAPI.ReportView do
         nil
       end
 
+    assigned_account =
+      if assigned_account do
+        merge_account_views(assigned_account)
+      end
+
     %{
       id: report.id,
       account: merge_account_views(account),
@@ -49,7 +60,8 @@ defmodule Pleroma.Web.AdminAPI.ReportView do
         }),
       state: report.data["state"],
       notes: render(__MODULE__, "index_notes.json", %{notes: report.report_notes}),
-      rules: rules(Map.get(report.data, "rules", nil))
+      rules: rules(Map.get(report.data, "rules", nil)),
+      assigned_account: assigned_account
     }
   end
 

lib/pleroma/web/api_spec/operations/admin/report_operation.ex

@@ -53,6 +53,12 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do
           :query,
           %Schema{type: :integer, default: 50},
           "Number number of log entries per page"
+        ),
+        Operation.parameter(
+          :assigned_account,
+          :query,
+          %Schema{type: :string},
+          "Filter by assigned account ID"
         )
         | admin_api_params()
       ],
@@ -103,6 +109,22 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do
     }
   end
 
+  def assign_account_operation do
+    %Operation{
+      tags: ["Report management"],
+      summary: "Assign account to specified reports",
+      operationId: "AdminAPI.ReportController.assign_account",
+      security: [%{"oAuth" => ["admin:write:reports"]}],
+      parameters: admin_api_params(),
+      requestBody: request_body("Parameters", assign_account_request(), required: true),
+      responses: %{
+        204 => no_content_response(),
+        400 => Operation.response("Bad Request", "application/json", update_400_response()),
+        403 => Operation.response("Forbidden", "application/json", ApiError)
+      }
+    }
+  end
+
   def notes_create_operation do
     %Operation{
       tags: ["Report management"],
@@ -186,7 +208,10 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do
               hint: %Schema{type: :string, nullable: true}
             }
           }
-        }
+        },
+        assigned_account:
+          account_admin()
+          |> Map.put(:nullable, true)
       }
     }
   end
@@ -242,6 +267,34 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do
     }
   end
 
+  defp assign_account_request do
+    %Schema{
+      type: :object,
+      required: [:reports],
+      properties: %{
+        reports: %Schema{
+          type: :array,
+          items: %Schema{
+            type: :object,
+            properties: %{
+              id: %Schema{allOf: [FlakeID], description: "Required, report ID"},
+              assigned_account: %Schema{
+                type: :string,
+                description: "User nickname",
+                nullable: true
+              }
+            }
+          },
+          example: %{
+            "reports" => [
+              %{"id" => "123", "assigned_account" => "pleroma"}
+            ]
+          }
+        }
+      }
+    }
+  end
+
   defp update_400_response do
     %Schema{
       type: :array,

lib/pleroma/web/common_api.ex

@@ -709,6 +709,22 @@ defmodule Pleroma.Web.CommonAPI do
     end
   end
 
+  def assign_report_to_account(activity_ids, user) when is_list(activity_ids) do
+    case Utils.assign_report_to_account(activity_ids, user) do
+      :ok -> {:ok, activity_ids}
+      _ -> {:error, dgettext("errors", "Could not assign account")}
+    end
+  end
+
+  def assign_report_to_account(activity_id, user) do
+    with %Activity{} = activity <- Activity.get_by_id(activity_id) do
+      Utils.assign_report_to_account(activity, user)
+    else
+      nil -> {:error, :not_found}
+      _ -> {:error, dgettext("errors", "Could not assign account")}
+    end
+  end
+
   @spec update_activity_scope(String.t(), map()) :: {:ok, any()} | {:error, any()}
   def update_activity_scope(activity_id, opts \\ %{}) do
     with %Activity{} = activity <- Activity.get_by_id_with_object(activity_id),

lib/pleroma/web/router.ex

@@ -395,6 +395,7 @@ defmodule Pleroma.Web.Router do
     get("/reports", ReportController, :index)
     get("/reports/:id", ReportController, :show)
     patch("/reports", ReportController, :update)
+    post("/reports/assign_account", ReportController, :assign_account)
     post("/reports/:id/notes", ReportController, :notes_create)
     delete("/reports/:report_id/notes/:id", ReportController, :notes_delete)
   end