Allow an admin to delete a user status
This commit is contained in:
parent
3c04460c9c
commit
2827dfea50
2 changed files with 25 additions and 1 deletions
|
@ -30,7 +30,7 @@ def follow(follower, followed) do
|
|||
def delete(activity_id, user) do
|
||||
with %Activity{data: %{"object" => %{"id" => object_id}}} <- Repo.get(Activity, activity_id),
|
||||
%Object{} = object <- Object.normalize(object_id),
|
||||
true <- user.info.is_moderator || user.ap_id == object.data["actor"],
|
||||
true <- User.superuser?(user) || user.ap_id == object.data["actor"],
|
||||
{:ok, _} <- unpin(activity_id, user),
|
||||
{:ok, delete} <- ActivityPub.delete(object) do
|
||||
{:ok, delete}
|
||||
|
|
|
@ -371,6 +371,30 @@ test "when you didn't create it", %{conn: conn} do
|
|||
|
||||
assert Repo.get(Activity, activity.id) == activity
|
||||
end
|
||||
|
||||
test "when you're an admin or moderator", %{conn: conn} do
|
||||
activity1 = insert(:note_activity)
|
||||
activity2 = insert(:note_activity)
|
||||
admin = insert(:user, info: %{is_admin: true})
|
||||
moderator = insert(:user, info: %{is_moderator: true})
|
||||
|
||||
res_conn =
|
||||
conn
|
||||
|> assign(:user, admin)
|
||||
|> delete("/api/v1/statuses/#{activity1.id}")
|
||||
|
||||
assert %{} = json_response(res_conn, 200)
|
||||
|
||||
res_conn =
|
||||
conn
|
||||
|> assign(:user, moderator)
|
||||
|> delete("/api/v1/statuses/#{activity2.id}")
|
||||
|
||||
assert %{} = json_response(res_conn, 200)
|
||||
|
||||
refute Repo.get(Activity, activity1.id)
|
||||
refute Repo.get(Activity, activity2.id)
|
||||
end
|
||||
end
|
||||
|
||||
describe "filters" do
|
||||
|
|
Loading…
Reference in a new issue