Implement and document first half of admin API
This commit is contained in:
pare
a88492bdcf
commit
de9155b9f5
S'han modificat 2 arxius amb 226 adicions i 5 eliminacions
|
@ -263,6 +263,8 @@ User dicts
|
||||||
# set up as their moved-to address.
|
# set up as their moved-to address.
|
||||||
'bot': # Boolean indicating whether this account is automated.
|
'bot': # Boolean indicating whether this account is automated.
|
||||||
'fields': # List of up to four dicts with free-form 'name' and 'value' profile info.
|
'fields': # List of up to four dicts with free-form 'name' and 'value' profile info.
|
||||||
|
# For fields with "this is me" type verification, verified_at is set to the
|
||||||
|
# last verification date (It is None otherwise)
|
||||||
}
|
}
|
||||||
|
|
||||||
mastodon.account_verify_credentials()["source"]
|
mastodon.account_verify_credentials()["source"]
|
||||||
|
@ -739,6 +741,30 @@ Preference dicts
|
||||||
# content warnings by default
|
# content warnings by default
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Admin account dicts
|
||||||
|
~~~~~~~~~~~~~~~~~~~
|
||||||
|
.. _admin account dicts:
|
||||||
|
.. code-block:: python
|
||||||
|
{
|
||||||
|
'id': # The users id,
|
||||||
|
'username': # The users username, no leading @
|
||||||
|
'domain': # The users domain
|
||||||
|
'created_at': # The time of account creation
|
||||||
|
'email': # For local users, the users e-mail
|
||||||
|
'ip': # For local users, the users last known IP address
|
||||||
|
'role': # 'admin', 'moderator' or None
|
||||||
|
'confirmed': # For local users, False if the user has not confirmed their e-mail, True otherwise
|
||||||
|
'suspended': # Boolean indicating whether the user has been suspended
|
||||||
|
'silenced': # Boolean indicating whether the user has been suspended
|
||||||
|
'disabled': # For local users, boolean indicating whether the user has had their login disabled
|
||||||
|
'approved': # For local users, False if the user is pending, True otherwise
|
||||||
|
'locale': # For local users, the locale the user has set,
|
||||||
|
'invite_request': # If the user requested an invite, the invite request comment of that user. (TODO permanent?)
|
||||||
|
'invited_by_account_id': # Present if the user was invited by another user and set to the inviting users id.
|
||||||
|
'account': # The users account, as a standard account dict
|
||||||
|
}
|
||||||
|
|
||||||
App registration and user authentication
|
App registration and user authentication
|
||||||
----------------------------------------
|
----------------------------------------
|
||||||
Before you can use the mastodon API, you have to register your
|
Before you can use the mastodon API, you have to register your
|
||||||
|
@ -1149,6 +1175,33 @@ All crypto utilities require Mastodon.pys optional "webpush" feature dependencie
|
||||||
.. automethod:: Mastodon.push_subscription_generate_keys
|
.. automethod:: Mastodon.push_subscription_generate_keys
|
||||||
.. automethod:: Mastodon.push_subscription_decrypt_push
|
.. automethod:: Mastodon.push_subscription_decrypt_push
|
||||||
|
|
||||||
|
|
||||||
|
Moderation API
|
||||||
|
--------------
|
||||||
|
These functions allow you to perform moderation actions on users and generally
|
||||||
|
process reports using the API. To do this, you need access to the "admin:read" and/or
|
||||||
|
"admin:write" scopes or their more granular variants (both for the application and the
|
||||||
|
access token), as well as at least moderator access. Mastodon.py will not request these
|
||||||
|
by default, as that would be very dangerous.
|
||||||
|
|
||||||
|
BIG WARNING: TREAT ANY ACCESS TOKENS THAT HAVE ADMIN CREDENTIALS AS EXTREMELY, MASSIVELY
|
||||||
|
SENSITIVE DATA AND MAKE EXTRA SURE TO REVOKE THEM AFTER TESTING, NOT LET THEM SIT IN FILES
|
||||||
|
SOMEWHERE, TRACK WHICH ARE ACTIVE, ET CETERA. ANY EXPOSURE OF SUCH ACCESS TOKENS MEANS YOU
|
||||||
|
EXPOSE THE PERSONAL DATA OF ALL YOUR USERS TO WHOEVER HAS THESE TOKENS. TREAT THEM WITH
|
||||||
|
EXTREME CARE.
|
||||||
|
|
||||||
|
This is not to say that you should not treat access tokens from admin accounts that do not
|
||||||
|
have admin: scopes attached with a lot of care, but be extra careful with those that do.
|
||||||
|
|
||||||
|
.. automethod:: Mastodon.admin_accounts
|
||||||
|
.. automethod:: Mastodon.admin_account
|
||||||
|
.. automethod:: Mastodon.admin_account_enable
|
||||||
|
.. automethod:: Mastodon.admin_account_approve
|
||||||
|
.. automethod:: Mastodon.admin_account_reject
|
||||||
|
.. automethod:: Mastodon.admin_account_unsilence
|
||||||
|
.. automethod:: Mastodon.admin_account_unsuspend
|
||||||
|
.. automethod:: Mastodon.admin_account_moderate
|
||||||
|
|
||||||
Acknowledgements
|
Acknowledgements
|
||||||
----------------
|
----------------
|
||||||
Mastodon.py contains work by a large amount of contributors, many of which have
|
Mastodon.py contains work by a large amount of contributors, many of which have
|
||||||
|
|
|
@ -167,11 +167,20 @@ class Mastodon:
|
||||||
'write:blocks',
|
'write:blocks',
|
||||||
'write:follows',
|
'write:follows',
|
||||||
'write:mutes',
|
'write:mutes',
|
||||||
]
|
],
|
||||||
|
'admin:read': [
|
||||||
|
'admin:read:accounts',
|
||||||
|
'admin:read:reports',
|
||||||
|
],
|
||||||
|
'admin:write': [
|
||||||
|
'admin:write:accounts',
|
||||||
|
'admin:write:reports',
|
||||||
|
],
|
||||||
}
|
}
|
||||||
__VALID_SCOPES = ['read', 'write', 'follow', 'push'] + __SCOPE_SETS['read'] + __SCOPE_SETS['write']
|
__VALID_SCOPES = ['read', 'write', 'follow', 'push', 'admin:read', 'admin:write'] + \
|
||||||
|
__SCOPE_SETS['read'] + __SCOPE_SETS['write'] + __SCOPE_SETS['admin:read'] + __SCOPE_SETS['admin:write']
|
||||||
|
|
||||||
__SUPPORTED_MASTODON_VERSION = "2.8.4"
|
__SUPPORTED_MASTODON_VERSION = "2.9.2"
|
||||||
|
|
||||||
# Dict versions
|
# Dict versions
|
||||||
__DICT_VERSION_APPLICATION = "2.7.2"
|
__DICT_VERSION_APPLICATION = "2.7.2"
|
||||||
|
@ -593,7 +602,7 @@ class Mastodon:
|
||||||
|
|
||||||
Activity is returned for 12 weeks going back from the current week.
|
Activity is returned for 12 weeks going back from the current week.
|
||||||
|
|
||||||
Returns a list `activity dicts`_.
|
Returns a list of `activity dicts`_.
|
||||||
"""
|
"""
|
||||||
return self.__api_request('GET', '/api/v1/instance/activity')
|
return self.__api_request('GET', '/api/v1/instance/activity')
|
||||||
|
|
||||||
|
@ -2318,6 +2327,165 @@ class Mastodon:
|
||||||
"""
|
"""
|
||||||
self.__api_request('DELETE', '/api/v1/push/subscription')
|
self.__api_request('DELETE', '/api/v1/push/subscription')
|
||||||
|
|
||||||
|
###
|
||||||
|
# Moderation API
|
||||||
|
###
|
||||||
|
@api_version("2.9.1", "2.9.1", "2.9.1")
|
||||||
|
def admin_accounts(self, remote=False, by_domain=None, status='active', username=None, display_name=None, email=None, ip=None, staff_only=False, max_id=None, min_id=None, since_id=None, limit=None):
|
||||||
|
"""
|
||||||
|
Fetches a list of accounts that match given criteria. By default, local accounts are returned.
|
||||||
|
|
||||||
|
Set `remote` to True to get remote accounts, otherwise local accounts are returned (default: local accounts)
|
||||||
|
Set `by_domain` to a domain to get only accounts from that domain.
|
||||||
|
Set `status` to one of "active", "pending", "disabled", "silenced" or "suspended" to get only accounts with that moderation status (default: active)
|
||||||
|
Set `username` to a string to get only accounts whose username contains this string.
|
||||||
|
Set `display_name` to a string to get only accounts whose display name contains this string.
|
||||||
|
Set `email` to an email to get only accounts with that email (this only works on local accounts).
|
||||||
|
Set `ip` to an ip (as a string, standard v4/v6 notation) to get only accounts whose last active ip is that ip (this only works on local accounts).
|
||||||
|
Set `staff_only` to True to only get staff accounts (this only works on local accounts).
|
||||||
|
|
||||||
|
Note that setting the boolean parameters to False does not mean "give me users to which this does not apply" but
|
||||||
|
instead means "I do not care if users have this attribute".
|
||||||
|
|
||||||
|
Returns a list of `admin account dicts`_.
|
||||||
|
"""
|
||||||
|
if max_id != None:
|
||||||
|
max_id = self.__unpack_id(max_id)
|
||||||
|
|
||||||
|
if min_id != None:
|
||||||
|
min_id = self.__unpack_id(min_id)
|
||||||
|
|
||||||
|
if since_id != None:
|
||||||
|
since_id = self.__unpack_id(since_id)
|
||||||
|
|
||||||
|
params = self.__generate_params(locals(), ['remote', 'status', 'staff_only'])
|
||||||
|
|
||||||
|
if remote == True:
|
||||||
|
params["remote"] = True
|
||||||
|
|
||||||
|
mod_statuses = ["active", "pending", "disabled", "silenced", "suspended"]
|
||||||
|
if not status in mod_statuses:
|
||||||
|
raise ValueError("Invalid moderation status requested.")
|
||||||
|
|
||||||
|
if staff_only == True:
|
||||||
|
params["staff"] = True
|
||||||
|
|
||||||
|
for mod_status in mod_statuses:
|
||||||
|
if status == mod_status:
|
||||||
|
params[status] = True
|
||||||
|
|
||||||
|
return self.__api_request('GET', '/api/v1/admin/accounts', params)
|
||||||
|
|
||||||
|
def admin_account(self, id):
|
||||||
|
"""
|
||||||
|
Fetches a single `admin account dict`_ for the user with the given id.
|
||||||
|
|
||||||
|
Returns that dict.
|
||||||
|
"""
|
||||||
|
id = self.__unpack_id(id)
|
||||||
|
return self.__api_request('GET', '/api/v1/admin/accounts/{0}'.format(id))
|
||||||
|
|
||||||
|
def admin_account_enable(self, id):
|
||||||
|
"""
|
||||||
|
Reenables login for a local account for which login has been disabled.
|
||||||
|
|
||||||
|
Returns the updated `admin account dict`_.
|
||||||
|
"""
|
||||||
|
id = self.__unpack_id(id)
|
||||||
|
return self.__api_request('POST', '/api/v1/admin/accounts/{0}/enable'.format(id))
|
||||||
|
|
||||||
|
def admin_account_approve(self, id):
|
||||||
|
"""
|
||||||
|
Approves a pending account.
|
||||||
|
|
||||||
|
Returns the updated `admin account dict`_.
|
||||||
|
"""
|
||||||
|
id = self.__unpack_id(id)
|
||||||
|
return self.__api_request('POST', '/api/v1/admin/accounts/{0}/approve'.format(id))
|
||||||
|
|
||||||
|
def admin_account_reject(self, id):
|
||||||
|
"""
|
||||||
|
Rejects and deletes a pending account.
|
||||||
|
|
||||||
|
Returns the updated `admin account dict`_ for the account that is now gone.
|
||||||
|
"""
|
||||||
|
id = self.__unpack_id(id)
|
||||||
|
return self.__api_request('POST', '/api/v1/admin/accounts/{0}/reject'.format(id))
|
||||||
|
|
||||||
|
def admin_account_unsilence(self, id):
|
||||||
|
"""
|
||||||
|
Unsilences an account.
|
||||||
|
|
||||||
|
Returns the updated `admin account dict`_.
|
||||||
|
"""
|
||||||
|
id = self.__unpack_id(id)
|
||||||
|
return self.__api_request('POST', '/api/v1/admin/accounts/{0}/unsilence'.format(id))
|
||||||
|
|
||||||
|
def admin_account_unsuspend(self, id):
|
||||||
|
"""
|
||||||
|
Unsuspends an account.
|
||||||
|
|
||||||
|
Returns the updated `admin account dict`_.
|
||||||
|
"""
|
||||||
|
id = self.__unpack_id(id)
|
||||||
|
return self.__api_request('POST', '/api/v1/admin/accounts/{0}/unsuspend'.format(id))
|
||||||
|
|
||||||
|
def admin_account_moderate(self, id, action=None, report_id=None, warning_preset_id=None, text=None, send_email_notification=True):
|
||||||
|
"""
|
||||||
|
Perform a moderation action on an account.
|
||||||
|
|
||||||
|
Valid actions are:
|
||||||
|
* "disable" - for a local user, disable login.
|
||||||
|
* "silence" - hide the users posts from all public timelines.
|
||||||
|
* "suspend" - irreversibly delete all the users posts, past and future.
|
||||||
|
If no action is specified, the user is only issued a warning.
|
||||||
|
|
||||||
|
Specify the id of a report as `report_id` to close the report with this moderation action as the resolution.
|
||||||
|
Specify `warning_preset_id` to use a warning preset as the notification text to the user, or `text` to specify text directly.
|
||||||
|
If both are specified, they are concatenated (preset first). Note that there is currently no API to retrieve or create
|
||||||
|
warning presets.
|
||||||
|
|
||||||
|
Set `send_email_notification` to False to not send the user an e-mail notification informing them of the moderation action.
|
||||||
|
"""
|
||||||
|
if action is None:
|
||||||
|
action = "none"
|
||||||
|
|
||||||
|
if send_email_notification == False:
|
||||||
|
send_email_notification = None
|
||||||
|
|
||||||
|
id = self.__unpack_id(id)
|
||||||
|
if not report_id is None:
|
||||||
|
report_id = self.__unpack_id(report_id)
|
||||||
|
|
||||||
|
params = self.__generate_params(locals(), ['id', 'action'])
|
||||||
|
|
||||||
|
params["type"] = action
|
||||||
|
|
||||||
|
self.__api_request('POST', '/api/v1/admin/accounts/{0}/action'.format(id), params)
|
||||||
|
|
||||||
|
def admin_reports(self, resolved, account_id, target_account_id):
|
||||||
|
pass
|
||||||
|
#GET /api/v1/admin/reports Get reports, with params resolved, account_id, target_account_id
|
||||||
|
|
||||||
|
def admin_report(self, id):
|
||||||
|
pass
|
||||||
|
#GET /api/v1/admin/reports/:id Get a specific report
|
||||||
|
|
||||||
|
def admin_report_assign(self, id):
|
||||||
|
pass
|
||||||
|
#POST /api/v1/admin/reports/:id/assign_to_self Assign report to self
|
||||||
|
|
||||||
|
def admin_report_unassign(self, id):
|
||||||
|
pass
|
||||||
|
#POST /api/v1/admin/reports/:id/unassign Unassign report from self
|
||||||
|
|
||||||
|
def admin_report_reopen(self, id):
|
||||||
|
pass
|
||||||
|
#POST /api/v1/admin/reports/:id/reopen Re-open report
|
||||||
|
|
||||||
|
def admin_report_resolve(self, id):
|
||||||
|
pass
|
||||||
|
#POST /api/v1/admin/reports/:id/resolve Close report
|
||||||
|
|
||||||
###
|
###
|
||||||
# Push subscription crypto utilities
|
# Push subscription crypto utilities
|
||||||
|
|
Loading…
Referencia en una nova incidència