From 64f0e96ff692521a8db70fd92196a3e0870f1ddc Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Thu, 31 Dec 2020 12:13:08 -0600 Subject: [PATCH 1/4] Automatically confirm logged-in users --- lib/pleroma/web/endpoint.ex | 2 ++ lib/pleroma/web/plugs/confirm_user_plug.ex | 30 +++++++++++++++++++ .../web/plugs/confirm_user_plug_test.exs | 30 +++++++++++++++++++ 3 files changed, 62 insertions(+) create mode 100644 lib/pleroma/web/plugs/confirm_user_plug.ex create mode 100644 test/pleroma/web/plugs/confirm_user_plug_test.exs diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex index f26542e88..705035845 100644 --- a/lib/pleroma/web/endpoint.ex +++ b/lib/pleroma/web/endpoint.ex @@ -169,6 +169,8 @@ def call(conn, opts) do plug(MetricsExporterCaller) + plug(Pleroma.Web.Plugs.ConfirmUserPlug) + plug(Pleroma.Web.Router) @doc """ diff --git a/lib/pleroma/web/plugs/confirm_user_plug.ex b/lib/pleroma/web/plugs/confirm_user_plug.ex new file mode 100644 index 000000000..218068de0 --- /dev/null +++ b/lib/pleroma/web/plugs/confirm_user_plug.ex @@ -0,0 +1,30 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Plugs.ConfirmUserPlug do + @moduledoc """ + If a user has ever been granted an OAuth token, they are eligible to become + confirmed, regardless of the account_activation_required setting. This plug + will confirm a user if found. + """ + + alias Pleroma.User + import Plug.Conn + + def init(opts), do: opts + + def call(%{assigns: %{user: %User{confirmation_pending: true} = user}} = conn, _opts) do + with {:ok, user} <- confirm_user(user) do + assign(conn, :user, user) + end + end + + def call(conn, _opts), do: conn + + defp confirm_user(%User{} = user) do + user + |> User.confirmation_changeset(need_confirmation: false) + |> User.update_and_set_cache() + end +end diff --git a/test/pleroma/web/plugs/confirm_user_plug_test.exs b/test/pleroma/web/plugs/confirm_user_plug_test.exs new file mode 100644 index 000000000..43c1c28a9 --- /dev/null +++ b/test/pleroma/web/plugs/confirm_user_plug_test.exs @@ -0,0 +1,30 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Plugs.ConfirmUserPlugTest do + use Pleroma.Web.ConnCase, async: true + alias Pleroma.User + alias Pleroma.Web.Plugs.ConfirmUserPlug + import Pleroma.Factory + + test "it confirms an unconfirmed user", %{conn: conn} do + %User{id: user_id} = user = insert(:user, confirmation_pending: true) + + conn = + conn + |> assign(:user, user) + |> ConfirmUserPlug.call(%{}) + + assert %Plug.Conn{assigns: %{user: %User{id: ^user_id, confirmation_pending: false}}} = conn + assert %User{confirmation_pending: false} = User.get_by_id(user_id) + end + + test "it does nothing without an unconfirmed user", %{conn: conn} do + assert conn == ConfirmUserPlug.call(conn, %{}) + + user = insert(:user, confirmation_pending: false) + conn = assign(conn, :user, user) + assert conn == ConfirmUserPlug.call(conn, %{}) + end +end From 7b44605cb89943a905f6a0a7aab9ebeea58aa7ab Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Thu, 31 Dec 2020 14:04:51 -0600 Subject: [PATCH 2/4] Migration to confirm previously-logged-in users --- ...20201231185546_confirm_logged_in_users.exs | 22 ++++++++++ .../confirm_logged_in_users_test.exs | 40 +++++++++++++++++++ 2 files changed, 62 insertions(+) create mode 100644 priv/repo/migrations/20201231185546_confirm_logged_in_users.exs create mode 100644 test/pleroma/repo/migrations/confirm_logged_in_users_test.exs diff --git a/priv/repo/migrations/20201231185546_confirm_logged_in_users.exs b/priv/repo/migrations/20201231185546_confirm_logged_in_users.exs new file mode 100644 index 000000000..de2f35169 --- /dev/null +++ b/priv/repo/migrations/20201231185546_confirm_logged_in_users.exs @@ -0,0 +1,22 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Repo.Migrations.ConfirmLoggedInUsers do + use Ecto.Migration + import Ecto.Query + alias Pleroma.Repo + alias Pleroma.User + alias Pleroma.Web.OAuth.Token + + def up do + User + |> where([u], u.confirmation_pending == true) + |> join(:inner, [u], t in Token, on: t.user_id == u.id) + |> Repo.update_all(set: [confirmation_pending: false]) + end + + def down do + :noop + end +end diff --git a/test/pleroma/repo/migrations/confirm_logged_in_users_test.exs b/test/pleroma/repo/migrations/confirm_logged_in_users_test.exs new file mode 100644 index 000000000..f1fd89113 --- /dev/null +++ b/test/pleroma/repo/migrations/confirm_logged_in_users_test.exs @@ -0,0 +1,40 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Repo.Migrations.ConfirmLoggedInUsersTest do + alias Pleroma.Repo + alias Pleroma.User + use Pleroma.DataCase, async: true + import Ecto.Query + import Pleroma.Factory + import Pleroma.Tests.Helpers + + setup_all do: require_migration("20201231185546_confirm_logged_in_users") + + test "up/0 confirms unconfirmed but previously-logged-in users", %{migration: migration} do + insert_list(25, :oauth_token) + Repo.update_all(User, set: [confirmation_pending: true]) + insert_list(5, :user, confirmation_pending: true) + + count = + User + |> where(confirmation_pending: true) + |> Repo.aggregate(:count) + + assert count == 30 + + assert {25, nil} == migration.up() + + count = + User + |> where(confirmation_pending: true) + |> Repo.aggregate(:count) + + assert count == 5 + end + + test "down/0 does nothing", %{migration: migration} do + assert :noop == migration.down() + end +end From 7b8dbaff310976e2ad081213a4b3dd28e21e7842 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Wed, 6 Jan 2021 15:15:47 -0600 Subject: [PATCH 3/4] Call ConfirmUserPlug from Router, not Endpoint --- lib/pleroma/web/endpoint.ex | 2 -- lib/pleroma/web/router.ex | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex index 705035845..f26542e88 100644 --- a/lib/pleroma/web/endpoint.ex +++ b/lib/pleroma/web/endpoint.ex @@ -169,8 +169,6 @@ def call(conn, opts) do plug(MetricsExporterCaller) - plug(Pleroma.Web.Plugs.ConfirmUserPlug) - plug(Pleroma.Web.Router) @doc """ diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index aefc9f0be..0deb64735 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -56,6 +56,7 @@ defmodule Pleroma.Web.Router do plug(Pleroma.Web.Plugs.UserEnabledPlug) plug(Pleroma.Web.Plugs.SetUserSessionIdPlug) plug(Pleroma.Web.Plugs.EnsureUserTokenAssignsPlug) + plug(Pleroma.Web.Plugs.ConfirmUserPlug) end pipeline :base_api do From 1b98cd86104bc8ffbbb550a6770deb94b5dbbfc7 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Fri, 8 Jan 2021 07:47:55 -0600 Subject: [PATCH 4/4] Remove ConfirmUserPlug --- lib/pleroma/web/plugs/confirm_user_plug.ex | 30 ------------------- lib/pleroma/web/router.ex | 1 - .../web/plugs/confirm_user_plug_test.exs | 30 ------------------- 3 files changed, 61 deletions(-) delete mode 100644 lib/pleroma/web/plugs/confirm_user_plug.ex delete mode 100644 test/pleroma/web/plugs/confirm_user_plug_test.exs diff --git a/lib/pleroma/web/plugs/confirm_user_plug.ex b/lib/pleroma/web/plugs/confirm_user_plug.ex deleted file mode 100644 index 218068de0..000000000 --- a/lib/pleroma/web/plugs/confirm_user_plug.ex +++ /dev/null @@ -1,30 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2020 Pleroma Authors -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.Plugs.ConfirmUserPlug do - @moduledoc """ - If a user has ever been granted an OAuth token, they are eligible to become - confirmed, regardless of the account_activation_required setting. This plug - will confirm a user if found. - """ - - alias Pleroma.User - import Plug.Conn - - def init(opts), do: opts - - def call(%{assigns: %{user: %User{confirmation_pending: true} = user}} = conn, _opts) do - with {:ok, user} <- confirm_user(user) do - assign(conn, :user, user) - end - end - - def call(conn, _opts), do: conn - - defp confirm_user(%User{} = user) do - user - |> User.confirmation_changeset(need_confirmation: false) - |> User.update_and_set_cache() - end -end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 0deb64735..aefc9f0be 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -56,7 +56,6 @@ defmodule Pleroma.Web.Router do plug(Pleroma.Web.Plugs.UserEnabledPlug) plug(Pleroma.Web.Plugs.SetUserSessionIdPlug) plug(Pleroma.Web.Plugs.EnsureUserTokenAssignsPlug) - plug(Pleroma.Web.Plugs.ConfirmUserPlug) end pipeline :base_api do diff --git a/test/pleroma/web/plugs/confirm_user_plug_test.exs b/test/pleroma/web/plugs/confirm_user_plug_test.exs deleted file mode 100644 index 43c1c28a9..000000000 --- a/test/pleroma/web/plugs/confirm_user_plug_test.exs +++ /dev/null @@ -1,30 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2020 Pleroma Authors -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.Plugs.ConfirmUserPlugTest do - use Pleroma.Web.ConnCase, async: true - alias Pleroma.User - alias Pleroma.Web.Plugs.ConfirmUserPlug - import Pleroma.Factory - - test "it confirms an unconfirmed user", %{conn: conn} do - %User{id: user_id} = user = insert(:user, confirmation_pending: true) - - conn = - conn - |> assign(:user, user) - |> ConfirmUserPlug.call(%{}) - - assert %Plug.Conn{assigns: %{user: %User{id: ^user_id, confirmation_pending: false}}} = conn - assert %User{confirmation_pending: false} = User.get_by_id(user_id) - end - - test "it does nothing without an unconfirmed user", %{conn: conn} do - assert conn == ConfirmUserPlug.call(conn, %{}) - - user = insert(:user, confirmation_pending: false) - conn = assign(conn, :user, user) - assert conn == ConfirmUserPlug.call(conn, %{}) - end -end