Add config option to allow anonymous reporting

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

lib/graphql/resolvers/config.ex

@@ -89,6 +89,9 @@ defmodule Mobilizon.GraphQL.Resolvers.Config do
             }
           }
         },
+        reports: %{
+          allowed: Config.anonymous_reporting?()
+        },
         actor_id: Config.anonymous_actor_id()
       },
       geocoding: %{

lib/graphql/resolvers/event.ex

@@ -60,9 +60,10 @@ defmodule Mobilizon.GraphQL.Resolvers.Event do
     end
   end
 
-  def check_event_access(%Event{local: true}), do: true
+  @spec check_event_access(Event.t()) :: boolean()
+  defp check_event_access(%Event{local: true}), do: true
 
-  def check_event_access(%Event{url: url}) do
+  defp check_event_access(%Event{url: url}) do
     relay_actor_id = Config.relay_actor_id()
     Events.check_if_event_has_instance_follow(url, relay_actor_id)
   end

lib/graphql/resolvers/report.ex

@@ -7,6 +7,7 @@ defmodule Mobilizon.GraphQL.Resolvers.Report do
 
   alias Mobilizon.Actors
   alias Mobilizon.Actors.Actor
+  alias Mobilizon.Config
   alias Mobilizon.Reports
   alias Mobilizon.Reports.{Note, Report}
   alias Mobilizon.Users.User
@@ -47,7 +48,7 @@ defmodule Mobilizon.GraphQL.Resolvers.Report do
   def create_report(
         _parent,
         %{reporter_id: reporter_id} = args,
-        %{context: %{current_user: user}} = _resolution
+        %{context: %{current_user: %User{} = user}} = _resolution
       ) do
     with {:is_owned, %Actor{}} <- User.owns_actor(user, reporter_id),
          {:ok, _, %Report{} = report} <- API.Reports.report(args) do
@@ -61,6 +62,31 @@ defmodule Mobilizon.GraphQL.Resolvers.Report do
     end
   end
 
+  @doc """
+  Create a report anonymously if allowed
+  """
+  def create_report(
+        _parent,
+        %{reporter_id: reporter_id} = args,
+        _resolution
+      ) do
+    with {:anonymous_reporting_allowed, true} <-
+           {:anonymous_reporting_allowed, Config.anonymous_reporting?()},
+         {:wrong_id, true} <- {:wrong_id, reporter_id == to_string(Config.anonymous_actor_id())},
+         {:ok, _, %Report{} = report} <- API.Reports.report(args) do
+      {:ok, report}
+    else
+      {:anonymous_reporting_allowed, _} ->
+        {:error, "You need to be logged-in to create reports"}
+
+      {:wrong_id, _} ->
+        {:error, "Reporter ID is not the anonymous actor id"}
+
+      _error ->
+        {:error, "Error while saving report"}
+    end
+  end
+
   def create_report(_parent, _args, _resolution) do
     {:error, "You need to be logged-in to create reports"}
   end

lib/graphql/schema/config.ex

@@ -59,6 +59,7 @@ defmodule Mobilizon.GraphQL.Schema.ConfigType do
   object :anonymous do
     field(:participation, :anonymous_participation)
     field(:event_creation, :anonymous_event_creation)
+    field(:reports, :anonymous_reports)
     field(:actor_id, :id)
   end
 
@@ -100,6 +101,10 @@ defmodule Mobilizon.GraphQL.Schema.ConfigType do
     field(:enabled, :boolean)
   end
 
+  object :anonymous_reports do
+    field(:allowed, :boolean)
+  end
+
   object :resource_provider do
     field(:type, :string)
     field(:endpoint, :string)

lib/mobilizon/config.ex

@@ -139,6 +139,10 @@ defmodule Mobilizon.Config do
         :enabled
       ]
 
+  @spec anonymous_reporting? :: boolean
+  def anonymous_reporting?,
+    do: Application.get_env(:mobilizon, :anonymous)[:reports][:allowed]
+
   def instance_resource_providers do
     types = get_in(Application.get_env(:mobilizon, Mobilizon.Service.ResourceProviders), [:types])