From 7d818b8f196cd5996d39234f34542d598468c86f Mon Sep 17 00:00:00 2001
From: Foysal Ahamed <foysal@blueskyweb.xyz>
Date: Thu, 14 Dec 2023 23:29:13 +0100
Subject: [PATCH] :sparkles: Allow moderators along with admins to toggle
 invite codes (#1928)

* :sparkles: Allow moderators along with admins to toggle invite codes

* :white_check_mark: Adjust test to use triage token
---
 .../api/com/atproto/admin/disableAccountInvites.ts   |  2 +-
 .../src/api/com/atproto/admin/disableInviteCodes.ts  |  2 +-
 .../api/com/atproto/admin/enableAccountInvites.ts    |  2 +-
 packages/pds/tests/invites-admin.test.ts             | 12 ++++++------
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/packages/pds/src/api/com/atproto/admin/disableAccountInvites.ts b/packages/pds/src/api/com/atproto/admin/disableAccountInvites.ts
index a29508776e9..d4a73db71b8 100644
--- a/packages/pds/src/api/com/atproto/admin/disableAccountInvites.ts
+++ b/packages/pds/src/api/com/atproto/admin/disableAccountInvites.ts
@@ -11,7 +11,7 @@ export default function (server: Server, ctx: AppContext) {
           'Account invites are managed by the entryway service',
         )
       }
-      if (!auth.credentials.admin) {
+      if (!auth.credentials.moderator) {
         throw new AuthRequiredError('Insufficient privileges')
       }
       const { account } = input.body
diff --git a/packages/pds/src/api/com/atproto/admin/disableInviteCodes.ts b/packages/pds/src/api/com/atproto/admin/disableInviteCodes.ts
index abb8b34a8c7..f48a7765a2c 100644
--- a/packages/pds/src/api/com/atproto/admin/disableInviteCodes.ts
+++ b/packages/pds/src/api/com/atproto/admin/disableInviteCodes.ts
@@ -11,7 +11,7 @@ export default function (server: Server, ctx: AppContext) {
           'Account invites are managed by the entryway service',
         )
       }
-      if (!auth.credentials.admin) {
+      if (!auth.credentials.moderator) {
         throw new AuthRequiredError('Insufficient privileges')
       }
       const { codes = [], accounts = [] } = input.body
diff --git a/packages/pds/src/api/com/atproto/admin/enableAccountInvites.ts b/packages/pds/src/api/com/atproto/admin/enableAccountInvites.ts
index a067923b861..7d809e114d8 100644
--- a/packages/pds/src/api/com/atproto/admin/enableAccountInvites.ts
+++ b/packages/pds/src/api/com/atproto/admin/enableAccountInvites.ts
@@ -11,7 +11,7 @@ export default function (server: Server, ctx: AppContext) {
           'Account invites are managed by the entryway service',
         )
       }
-      if (!auth.credentials.admin) {
+      if (!auth.credentials.moderator) {
         throw new AuthRequiredError('Insufficient privileges')
       }
       const { account } = input.body
diff --git a/packages/pds/tests/invites-admin.test.ts b/packages/pds/tests/invites-admin.test.ts
index 16b1f6df5e4..ae3b0b0df5b 100644
--- a/packages/pds/tests/invites-admin.test.ts
+++ b/packages/pds/tests/invites-admin.test.ts
@@ -177,13 +177,13 @@ describe('pds admin invite views', () => {
     expect(aliceView.data.invites?.length).toBe(6)
   })
 
-  it('does not allow non-admin moderators to disable invites.', async () => {
+  it('does not allow triage moderators to disable invites.', async () => {
     const attemptDisableInvites =
       agent.api.com.atproto.admin.disableInviteCodes(
         { codes: ['x'], accounts: [alice] },
         {
           encoding: 'application/json',
-          headers: network.pds.adminAuthHeaders('moderator'),
+          headers: network.pds.adminAuthHeaders('triage'),
         },
       )
     await expect(attemptDisableInvites).rejects.toThrow(
@@ -255,12 +255,12 @@ describe('pds admin invite views', () => {
     expect(res.every((row) => row.disabled === 1))
   })
 
-  it('does not allow non-admin moderations to disable account invites', async () => {
+  it('does not allow triage moderators to disable account invites', async () => {
     const attempt = agent.api.com.atproto.admin.disableAccountInvites(
       { account: alice },
       {
         encoding: 'application/json',
-        headers: network.pds.adminAuthHeaders('moderator'),
+        headers: network.pds.adminAuthHeaders('triage'),
       },
     )
     await expect(attempt).rejects.toThrow('Insufficient privileges')
@@ -285,12 +285,12 @@ describe('pds admin invite views', () => {
     expect(invRes.data.codes.length).toBeGreaterThan(0)
   })
 
-  it('does not allow non-admin moderations to enable account invites', async () => {
+  it('does not allow triage moderators to enable account invites', async () => {
     const attempt = agent.api.com.atproto.admin.enableAccountInvites(
       { account: alice },
       {
         encoding: 'application/json',
-        headers: network.pds.adminAuthHeaders('moderator'),
+        headers: network.pds.adminAuthHeaders('triage'),
       },
     )
     await expect(attempt).rejects.toThrow('Insufficient privileges')