Add user listings for admins & moderators

app/controllers/settings/users_controller.rb

@@ -0,0 +1,23 @@
+class Settings::UsersController < ApplicationController
+  before_action :get_user, except: [:index]
+
+  def index
+    @users = policy_scope(Federails::Actor).where(entity_type: "User")
+    render layout: "settings"
+  end
+
+  def show
+    render layout: "settings"
+  end
+
+  private
+
+  def get_user
+    @user = policy_scope(User).find_param(params[:id])
+    authorize @user
+  end
+
+  def user_params
+    params.require(:user).permit
+  end
+end

app/helpers/settings_helper.rb

@@ -1,2 +1,5 @@
 module SettingsHelper
+  def masked_email(email)
+    email.gsub(/(?<=^.)[^@]*|(?<=@.).*(?=\.[^.]+$)/, "****")
+  end
 end

app/policies/federails/actor_policy.rb

@@ -0,0 +1,27 @@
+class Federails::ActorPolicy < ApplicationPolicy
+  def index?
+    all_of(
+      SiteSettings.multiuser_enabled?,
+      @user.is_moderator?
+    )
+  end
+
+  def show?
+    index?
+  end
+
+  def edit?
+    index?
+  end
+
+  def update?
+    index?
+  end
+
+  def destroy?
+    index?
+  end
+
+  class Scope < ApplicationPolicy::Scope
+  end
+end

app/policies/user_policy.rb

@@ -1,7 +1,7 @@
 class UserPolicy < ApplicationPolicy
   def index?
     all_of(
-      user&.is_administrator?,
+      user&.is_moderator?,
       none_of(
         SiteSettings.demo_mode_enabled?
       )
@@ -12,7 +12,7 @@ def show?
     all_of(
       one_of(
         user == record,
-        user&.is_administrator?
+        user&.is_moderator?
       )
     )
   end
@@ -22,7 +22,7 @@ def create?
       SiteSettings.multiuser_enabled?,
       one_of(
         SiteSettings.registration_enabled?,
-        user&.is_administrator?
+        user&.is_moderator?
       ),
       none_of(
         SiteSettings.demo_mode_enabled?
@@ -41,7 +41,7 @@ def destroy?
     all_of(
       one_of(
         user == record,
-        user&.is_administrator?
+        user&.is_moderator?
       ),
       SiteSettings.multiuser_enabled?,
       none_of(

app/views/layouts/settings.html.erb

@@ -9,13 +9,16 @@
         <%= link_to t(".libraries"), settings_libraries_path, class: "nav-link" %>
       </li>
       <li class="nav-item">
-        <%= link_to t("settings.analysis.heading"), analysis_settings_path(anchor: "analysis"), class: "nav-link" %>
+        <%= link_to t("settings.analysis.heading"), analysis_settings_path, class: "nav-link" %>
       </li>
       <li class="nav-item">
-        <%= link_to t("settings.multiuser.heading"), multiuser_settings_path(anchor: "multiuser"), class: "nav-link" %>
+        <%= link_to t("settings.multiuser.heading"), multiuser_settings_path, class: "nav-link" %>
       </li>
       <li class="nav-item">
-        <%= link_to t("settings.reporting.heading"), reporting_settings_path(anchor: "reporting"), class: "nav-link" %>
+        <%= link_to t("settings.users.index.title"), settings_users_path, class: "nav-link" %>
+      </li>
+      <li class="nav-item">
+        <%= link_to t("settings.reporting.heading"), reporting_settings_path, class: "nav-link" %>
       </li>
     </ul>
     <% unless SiteSettings.demo_mode_enabled? %>

app/views/settings/users/index.html.erb

@@ -0,0 +1,26 @@
+<h3><%= t(".title") %></h3>
+
+<p class="lead"><%= t(".description") %></p>
+
+<table class="table table-striped">
+  <tr>
+    <th><%= User.human_attribute_name(:username) %></th>
+    <th><%= User.human_attribute_name(:email) %></th>
+    <%= content_tag :th, User.human_attribute_name(:auth_uid) if SiteSettings.oidc_enabled? %>
+    <%= content_tag :th, t(".local") if SiteSettings.federation_enabled? %>
+    <%= content_tag :th, t(".fediverse_address") if SiteSettings.federation_enabled? %>
+    <th><%= User.human_attribute_name(:roles) %></th>
+    <th></th>
+  </tr>
+  <% @users.each do |user| %>
+    <tr>
+      <td><%= user.entity.is_a?(User) ? user.entity.username : user.username %></td>
+      <td><%= user.entity.is_a?(User) ? masked_email(user.entity.email) : nil %></td>
+      <%= content_tag :td, (user.entity.auth_uid ? "✅" : "❌") if SiteSettings.oidc_enabled? %>
+      <%= content_tag :td, (user.local? ? "✅" : "❌") if SiteSettings.federation_enabled? %>
+      <%= content_tag :td, user.at_address if SiteSettings.federation_enabled? %>
+      <td><%= user.entity.roles.map(&:name).join(", ") if user.entity.is_a?(User) %></td>
+      <td><%= link_to safe_join([icon("search", t(".view")), t(".view")], " "), settings_user_path(user.entity), class: "btn btn-primary" %></td>
+    </tr>
+  <% end %>
+</table>

app/views/settings/users/show.html.erb

@@ -0,0 +1,44 @@
+<h3><%= t(".title", username: @user.username) %></h3>
+<table class="table table-striped">
+  <tr>
+    <th><%= User.human_attribute_name(:username) %></th>
+    <td><%= @user.username %></td>
+  </tr>
+  <tr>
+    <th><%= User.human_attribute_name(:email) %></th>
+    <td><%= @user.email %></td>
+  </tr>
+  <tr>
+    <th><%= User.human_attribute_name(:created_at) %></th>
+    <td><%= @user.created_at.to_fs(:long) %></td>
+  </tr>
+  <tr>
+    <th><%= User.human_attribute_name(:updated_at) %></th>
+    <td><%= @user.updated_at.to_fs(:long) %></td>
+  </tr>
+  <tr>
+    <th><%= User.human_attribute_name(:interface_language) %></th>
+    <td><%= @user.interface_language.present? ? I18nData.languages(@user.interface_language)[@user.interface_language.to_s]&.capitalize : t("devise.registrations.general_settings.interface_language.autodetect") %></td>
+  </tr>
+  <% if SiteSettings.oidc_enabled? %>
+    <tr>
+      <th><%= User.human_attribute_name(:auth_uid) %></th>
+      <td><%= (user.auth_uid ? "✅" : "❌") %></td>
+    </tr>
+  <% end %>
+  <% if SiteSettings.federation_enabled? %>
+    <tr>
+      <th><%= t("settings.users.index.fediverse_address") %></th>
+      <td><%= @user.actor.at_address %></td>
+    </tr>
+  <% else %>
+    <tr>
+      <th><%= User.human_attribute_name(:public_id) %></th>
+      <td><%= @user.public_id %></td>
+    </tr>
+  <% end %>
+  <tr>
+    <th><%= User.human_attribute_name(:roles) %></th>
+    <td><%= @user.roles.map(&:name).join(", ") %></td>
+  </tr>
+</table>

config/locales/settings/en.yml

@@ -68,3 +68,12 @@ en:
         label: Create tags from model directory name
     update:
       success: Settings saved.
+    users:
+      index:
+        description: View and edit registered user accounts.
+        fediverse_address: Fediverse address
+        local: Local
+        title: Manage Users
+        view: View
+      show:
+        title: 'User details: %{username}'

config/routes.rb

@@ -31,7 +31,20 @@
     get "/activity" => "activity#index", :as => :activity
   end
 
-  mount Federails::Engine => "/" if SiteSettings.multiuser_enabled? || SiteSettings.federation_enabled? || Rails.env.test?
+  if SiteSettings.multiuser_enabled? || Rails.env.test?
+    authenticate :user, lambda { |u| u.is_moderator? } do
+      namespace :settings do
+        resources :users
+      end
+    end
+    mount Federails::Engine => "/" if SiteSettings.federation_enabled? || Rails.env.test?
+
+    get "/follow" => "follows#index", :as => :follow
+    get "/authorize_interaction" => "follows#new", :as => :new_follow
+    post "/remote_follow" => "follows#remote_follow", :as => :remote_follow
+    post "/perform_remote_follow" => "follows#perform_remote_follow", :as => :perform_remote_follow
+    post "/follow_remote_actor/:id" => "follows#follow_remote_actor", :as => :follow_remote_actor
+  end
 
   root to: "home#index"
 
@@ -44,12 +57,6 @@
     end
   end
 
-  get "/follow" => "follows#index", :as => :follow
-  get "/authorize_interaction" => "follows#new", :as => :new_follow
-  post "/remote_follow" => "follows#remote_follow", :as => :remote_follow
-  post "/perform_remote_follow" => "follows#perform_remote_follow", :as => :perform_remote_follow
-  post "/follow_remote_actor/:id" => "follows#follow_remote_actor", :as => :follow_remote_actor
-
   concern :followable do |options|
     if SiteSettings.multiuser_enabled?
       resources :follows, {only: [:create]}.merge(options) do

spec/requests/settings/users_spec.rb

@@ -0,0 +1,19 @@
+require "rails_helper"
+
+RSpec.describe "/settings/users", :multiuser do
+  describe "GET /index", :as_moderator do
+    it "renders a successful response" do
+      create(:user)
+      get "/settings/users"
+      expect(response).to be_successful
+    end
+  end
+
+  describe "GET /show", :as_moderator do
+    it "renders a successful response" do
+      user = create(:user)
+      get "/settings/users/#{user.to_param}"
+      expect(response).to be_successful
+    end
+  end
+end