nonshy
/
website
1
0
Fork 1
Code Issues 21 Pull Requests Packages Projects Releases Wiki Activity
website/pkg/models/photo.go

408 lines
10 KiB
Go
Raw Normal View History

Photo Upload & Profile Pictures Basic photo upload support. Square cropped images still buggy.
2022-08-12 06:03:06 +00:00
package models
import (
"errors"
Block Lists Implement block lists. They work like friend lists but are unidirectional, but take effect in both directions (blocker and blockee can not see one another on the site -- except admin users can always see all users). * Profile page says 404 * User gallery says 404 * User search page filters out blocked users * Compose endpoint blocks sending messages to blocked users (except admin) * Site Gallery filters photos by blocked (and uncertified) users * Inbox page hides chat list for blocked users (can still read the chat history if you have a link to the old thread)
2022-08-15 00:45:55 +00:00
"strings"
Photo Upload & Profile Pictures Basic photo upload support. Square cropped images still buggy.
2022-08-12 06:03:06 +00:00
"time"
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
Admin Groups & Permissions Add a permission system for admin users so you can lock down specific admins to a narrower set of features instead of them all having omnipotent powers. * New page: Admin Dashboard -> Admin Permissions Management * Permissions are handled in the form of 'scopes' relevant to each feature or action on the site. Scopes are assigned to Groups, and in turn, admin user accounts are placed in those Groups. * The Superusers group (scope '*') has wildcard permission to all scopes. The permissions dashboard has a create-once action to initialize the Superusers for the first admin who clicks on it, and places that admin in the group. The following are the exhaustive list of permission changes on the site: * Moderator scopes: * Chat room (enter the room with Operator permission) * Forums (can edit or delete user posts on the forum) * Photo Gallery (can see all private/friends-only photos on the site gallery or user profile pages) * Certification photos (with nuanced sub-action permissions) * Approve: has access to the Pending tab to act on incoming pictures * List: can paginate thru past approved/rejected photos * View: can bring up specific user cert photo from their profile * The minimum requirement is Approve or else no cert photo page will load for your admin user. * User Actions (each action individually scoped) * Impersonate * Ban * Delete * Promote to admin * Inner circle whitelist: no longer are admins automatically part of the inner circle unless they have a specialized scope attached. The AdminRequired decorator may also apply scopes on an entire admin route. The following routes have scopes to limit them: * Forum Admin (manage forums and their settings) * Remove from inner circle
2023-08-02 03:39:48 +00:00
"code.nonshy.com/nonshy/website/pkg/config"
Rename the module
2022-08-26 04:21:46 +00:00
"code.nonshy.com/nonshy/website/pkg/log"
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
"gorm.io/gorm"
Photo Upload & Profile Pictures Basic photo upload support. Square cropped images still buggy.
2022-08-12 06:03:06 +00:00
)
// Photo table.
type Photo struct {
ID uint64 `gorm:"primaryKey"`
UserID uint64 `gorm:"index"`
Filename string
CroppedFilename string // if cropped, e.g. for profile photo
Filesize int64
Caption string
Flagged bool // photo has been reported by the community
Visibility PhotoVisibility
Gallery bool // photo appears in the public gallery (if public)
Explicit bool // is an explicit photo
CreatedAt time.Time
UpdatedAt time.Time
}
// PhotoVisibility settings.
type PhotoVisibility string
const (
The inner circle
2023-05-24 03:04:17 +00:00
PhotoPublic PhotoVisibility = "public" // on profile page and/or public gallery
Fix Gallery checkbox always checking itself + small fixes
2023-05-25 01:40:27 +00:00
PhotoFriends PhotoVisibility = "friends" // only friends can see it
PhotoPrivate PhotoVisibility = "private" // private
PhotoInnerCircle PhotoVisibility = "circle" // inner circle
Photo Upload & Profile Pictures Basic photo upload support. Square cropped images still buggy.
2022-08-12 06:03:06 +00:00
)
Spit and Polish * Friends: can now see your sent requests awaiting approval too. * Site Gallery: you may see Friends-only photos on the Gallery if you are friends with the owner and the pic is opted-in for the Gallery. * Site Gallery: show color coded visibility icons in card headers. * Improve appearance of Upload Photo page. * Update FAQ
2022-08-23 03:58:35 +00:00
// PhotoVisibility preset settings.
var (
PhotoVisibilityAll = []PhotoVisibility{
PhotoPublic,
PhotoFriends,
PhotoPrivate,
}
The inner circle
2023-05-24 03:04:17 +00:00
// "All" but also for Inner Circle members.
PhotoVisibilityCircle = []PhotoVisibility{
PhotoPublic,
PhotoFriends,
PhotoPrivate,
PhotoInnerCircle,
}
Spit and Polish * Friends: can now see your sent requests awaiting approval too. * Site Gallery: you may see Friends-only photos on the Gallery if you are friends with the owner and the pic is opted-in for the Gallery. * Site Gallery: show color coded visibility icons in card headers. * Improve appearance of Upload Photo page. * Update FAQ
2022-08-23 03:58:35 +00:00
// Site Gallery visibility for when your friends show up in the gallery.
// Or: "Friends + Gallery" photos can appear to your friends in the Site Gallery.
PhotoVisibilityFriends = []string{
string(PhotoPublic),
string(PhotoFriends),
}
)
User Account Busywork * Add "forgot password" workflow. * Add ability to change user email address (confirmation link sent) * Add ability to change user's password. * Add rate limiter to deter brute force login attempts. * Add user deep delete functionality (delete account). * Ping user LastLoginAt every 8 hours for long-lived session cookies. * Add age filters to user search page. * Add sort options to user search (last login, created, username/name)
2022-08-14 21:40:57 +00:00
Photo Upload & Profile Pictures Basic photo upload support. Square cropped images still buggy.
2022-08-12 06:03:06 +00:00
// CreatePhoto with most of the settings you want (not ID or timestamps) in the database.
func CreatePhoto(tmpl Photo) (*Photo, error) {
if tmpl.UserID == 0 {
return nil, errors.New("UserID required")
}
p := &Photo{
UserID: tmpl.UserID,
Filename: tmpl.Filename,
CroppedFilename: tmpl.CroppedFilename,
Raise photo cap to 100, fix filesize storage The photo upload limit for user profiles is raised from 24 to 100. The bug about Filesize not saving to the database for Photos and CommentPhotos (storing zeroes in the DB) has been fixed. Run the `nonshy backfill filesizes` to populate your existing database.
2022-12-07 05:50:42 +00:00
Filesize: tmpl.Filesize,
Photo Upload & Profile Pictures Basic photo upload support. Square cropped images still buggy.
2022-08-12 06:03:06 +00:00
Caption: tmpl.Caption,
Visibility: tmpl.Visibility,
Gallery: tmpl.Gallery,
Explicit: tmpl.Explicit,
}
result := DB.Create(p)
return p, result.Error
}
User Photo Gallery & Management * Add the user photo gallery for profile pages. Paginated, grid or full (blog style) view options. In grid view clicking a photo opens a large modal to see it; full view already shows large photos. * Edit page: can also re-crop and set an existing pic to be your profile pic. * Delete page: remove photos from the DB and hard drive. * Photos are cleaned up from disk when not needed, e.g. during a re-crop the old cropped photo is removed before the new one replaces it. * Fixed bug with cropping pictures.
2022-08-13 06:11:36 +00:00
// GetPhoto by ID.
func GetPhoto(id uint64) (*Photo, error) {
p := &Photo{}
result := DB.First(&p, id)
return p, result.Error
}
Finish Forums + Likes & Notifications Finish implementing the basic forum features: * Pinned threads (admin or board owner only) * Edit Thread settings when you edit the top-most comment. * NoReply threads remove all the reply buttons. * Explicit forums and threads are filtered out unless opted-in (admins always see them). * Count the unique members who participated in each forum. * Get the most recently updated thread to show on forum list page. * Contact/Report page: handle receiving a comment ID to report on. Implement Likes & Notifications * Like buttons added to Photos and Profile Pages. Implemented via simple vanilla JS (likes.js) to make ajax requests to back-end to like/unlike. * Notifications: for your photo or profile being liked. If you unlike, the existing notifications about the like are revoked. * The notifications appear as an alert number in the nav bar and are read on the User Dashboard. Click to mark a notification as "read" or click the "mark all as read" button. Update DeleteUser to scrub likes, notifications, threads, and comments.
2022-08-25 04:17:34 +00:00
// GetPhotos by an array of IDs, mapped to their IDs.
func GetPhotos(IDs []uint64) (map[uint64]*Photo, error) {
var (
mp = map[uint64]*Photo{}
ps = []*Photo{}
)
result := DB.Model(&Photo{}).Where("id IN ?", IDs).Find(&ps)
for _, row := range ps {
mp[row.ID] = row
}
return mp, result.Error
}
User Photo Gallery & Management * Add the user photo gallery for profile pages. Paginated, grid or full (blog style) view options. In grid view clicking a photo opens a large modal to see it; full view already shows large photos. * Edit page: can also re-crop and set an existing pic to be your profile pic. * Delete page: remove photos from the DB and hard drive. * Photos are cleaned up from disk when not needed, e.g. during a re-crop the old cropped photo is removed before the new one replaces it. * Fixed bug with cropping pictures.
2022-08-13 06:11:36 +00:00
/*
PaginateUserPhotos gets a page of photos belonging to a user ID.
*/
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
func PaginateUserPhotos(userID uint64, visibility []PhotoVisibility, explicitOK bool, pager *Pagination) ([]*Photo, error) {
User Photo Gallery & Management * Add the user photo gallery for profile pages. Paginated, grid or full (blog style) view options. In grid view clicking a photo opens a large modal to see it; full view already shows large photos. * Edit page: can also re-crop and set an existing pic to be your profile pic. * Delete page: remove photos from the DB and hard drive. * Photos are cleaned up from disk when not needed, e.g. during a re-crop the old cropped photo is removed before the new one replaces it. * Fixed bug with cropping pictures.
2022-08-13 06:11:36 +00:00
var p = []*Photo{}
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
var explicit = []bool{false}
if explicitOK {
explicit = []bool{true, false}
}
User Photo Gallery & Management * Add the user photo gallery for profile pages. Paginated, grid or full (blog style) view options. In grid view clicking a photo opens a large modal to see it; full view already shows large photos. * Edit page: can also re-crop and set an existing pic to be your profile pic. * Delete page: remove photos from the DB and hard drive. * Photos are cleaned up from disk when not needed, e.g. during a re-crop the old cropped photo is removed before the new one replaces it. * Fixed bug with cropping pictures.
2022-08-13 06:11:36 +00:00
query := DB.Where(
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
"user_id = ? AND visibility IN ? AND explicit IN ?",
User Photo Gallery & Management * Add the user photo gallery for profile pages. Paginated, grid or full (blog style) view options. In grid view clicking a photo opens a large modal to see it; full view already shows large photos. * Edit page: can also re-crop and set an existing pic to be your profile pic. * Delete page: remove photos from the DB and hard drive. * Photos are cleaned up from disk when not needed, e.g. during a re-crop the old cropped photo is removed before the new one replaces it. * Fixed bug with cropping pictures.
2022-08-13 06:11:36 +00:00
userID,
visibility,
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
explicit,
User Photo Gallery & Management * Add the user photo gallery for profile pages. Paginated, grid or full (blog style) view options. In grid view clicking a photo opens a large modal to see it; full view already shows large photos. * Edit page: can also re-crop and set an existing pic to be your profile pic. * Delete page: remove photos from the DB and hard drive. * Photos are cleaned up from disk when not needed, e.g. during a re-crop the old cropped photo is removed before the new one replaces it. * Fixed bug with cropping pictures.
2022-08-13 06:11:36 +00:00
).Order(
pager.Sort,
)
// Get the total count.
query.Model(&Photo{}).Count(&pager.Total)
result := query.Offset(
pager.GetOffset(),
).Limit(pager.PerPage).Find(&p)
return p, result.Error
}
Photo Quotas & Postgres Fixes * Add photo upload quotas. * Non-certified users can upload few photos; certified users more * Fix foreign key issues around deleting user profile photos for psql
2022-08-21 22:40:24 +00:00
// CountPhotos returns the total number of photos on a user's account.
Forums - Spit & polish * On Forums landing page, show who was the most recent commenter on each board's most recently updated post. * Show photo count on Profile Pages on the "Photos" tab. * Revise the mobile and tablet top nav bar: * Always show small badge icons linking to the Site Gallery & Forum * Always show Friends & Messages badges. If no new notifications, they display as grey instead of yellow w/ a number. * Put icons next to most nav bar items, especially the User Menu * Tighten the sprawling page layouts in the Forums to be more compact for mobile screens. * Fix bug where some pages scrolled horizontally on mobile: the root cause was divs with class="content p-2", needs minimum p-3 (but p-4 is used) to provide enough padding to overcome column margins which were pushing the page too wide on mobile.
2022-08-26 02:58:43 +00:00
func CountPhotos(userID uint64) int64 {
Photo Quotas & Postgres Fixes * Add photo upload quotas. * Non-certified users can upload few photos; certified users more * Fix foreign key issues around deleting user profile photos for psql
2022-08-21 22:40:24 +00:00
var count int64
result := DB.Where(
"user_id = ?",
userID,
).Model(&Photo{}).Count(&count)
Forums - Spit & polish * On Forums landing page, show who was the most recent commenter on each board's most recently updated post. * Show photo count on Profile Pages on the "Photos" tab. * Revise the mobile and tablet top nav bar: * Always show small badge icons linking to the Site Gallery & Forum * Always show Friends & Messages badges. If no new notifications, they display as grey instead of yellow w/ a number. * Put icons next to most nav bar items, especially the User Menu * Tighten the sprawling page layouts in the Forums to be more compact for mobile screens. * Fix bug where some pages scrolled horizontally on mobile: the root cause was divs with class="content p-2", needs minimum p-3 (but p-4 is used) to provide enough padding to overcome column margins which were pushing the page too wide on mobile.
2022-08-26 02:58:43 +00:00
if result.Error != nil {
log.Error("CountPhotos(%d): %s", userID, result.Error)
}
return count
Photo Quotas & Postgres Fixes * Add photo upload quotas. * Non-certified users can upload few photos; certified users more * Fix foreign key issues around deleting user profile photos for psql
2022-08-21 22:40:24 +00:00
}
Photo counts on member directory + inner circle removal privacy fix
2023-07-23 22:02:41 +00:00
// MapPhotoCounts returns a mapping of user ID to the CountPhotos()-equivalent result for each.
// It's used on the member directory to show photo counts on each user card.
func MapPhotoCounts(users []*User) PhotoCountMap {
var (
userIDs = []uint64{}
result = PhotoCountMap{}
)
for _, user := range users {
userIDs = append(userIDs, user.ID)
}
type group struct {
UserID uint64
PhotoCount int64
}
var groups = []group{}
if res := DB.Table(
"photos",
).Select(
"user_id, count(id) AS photo_count",
).Where(
"user_id IN ?", userIDs,
).Group("user_id").Scan(&groups); res.Error != nil {
log.Error("CountPhotosForUsers: %s", res.Error)
}
// Map the results in.
for _, row := range groups {
result[row.UserID] = row.PhotoCount
}
return result
}
type PhotoCountMap map[uint64]int64
// Get a photo count for the given user ID from the map.
func (pc PhotoCountMap) Get(id uint64) int64 {
if value, ok := pc[id]; ok {
return value
}
return 0
}
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
// CountExplicitPhotos returns the number of explicit photos a user has (so non-explicit viewers can see some do exist)
func CountExplicitPhotos(userID uint64, visibility []PhotoVisibility) (int64, error) {
query := DB.Where(
"user_id = ? AND visibility IN ? AND explicit = ?",
userID,
visibility,
true,
)
var count int64
result := query.Model(&Photo{}).Count(&count)
return count, result.Error
}
Inner circle followups: notifications, min public pictures
2023-05-24 18:27:42 +00:00
// CountPublicPhotos returns the number of public photos on a user's page (to control whether the "invite to circle" prompt can appear).
func CountPublicPhotos(userID uint64) int64 {
query := DB.Where(
"user_id = ? AND visibility = ?",
userID,
PhotoPublic,
)
var count int64
result := query.Model(&Photo{}).Count(&count)
if result.Error != nil {
log.Error("CountPublicPhotos(%d): %s", userID, result.Error)
}
return count
}
Shy Accounts * Users with private profiles or no public photo at all are considered to be Shy Accounts and are isolated from the non-shy profiles. * Restrictions include: * Site Gallery shows only them + their friends' photos. * User Galleries: must be a friend or had private photos granted to see a user's gallery page. * DMs: can not initiate a DM to a non-shy member (other shy members OK).
2023-02-14 06:19:18 +00:00
// DistinctPhotoTypes returns types of photos the user has: a set of public, friends, or private.
//
// The result is cached on the User the first time it's queried.
func (u *User) DistinctPhotoTypes() (result map[PhotoVisibility]struct{}) {
if u.cachePhotoTypes != nil {
return u.cachePhotoTypes
}
result = map[PhotoVisibility]struct{}{}
var results = []*Photo{}
query := DB.Model(&Photo{}).
Select("DISTINCT photos.visibility").
Where("user_id = ?", u.ID).
Group("photos.visibility").
Find(&results)
if query.Error != nil {
log.Error("User.DistinctPhotoTypes(%s): %s", u.Username, query.Error)
return
}
for _, row := range results {
log.Warn("DistinctPhotoTypes(%s): got %+v", u.Username, row)
result[row.Visibility] = struct{}{}
}
u.cachePhotoTypes = result
return
}
// Gallery config for the main Gallery paginator.
type Gallery struct {
Explicit string // Explicit filter
Visibility string // Visibility filter
AdminView bool // Show all images
ShyView bool // Current user is shy (self/friends only)
}
Private Photo Sharing * Add ability to unlock your private photos for others. * Link to unlock is on another user's Photos page. * You can also access your "Manage Private Photos" page in the User Menu or Dashboard and add a user by username. * See who you have granted access, and see users who have granted you access to their private photos. * Private photos of users who unlocked them for you may appear on the Site Gallery if the photo allows. * Add new filters to the Site Gallery: you can choose to filter by Explicit, limit to a specific Visibility, and order by Newest or Oldest. Non-explicit users do not get a filter to see explicit content - they must opt-in in their settings. * Bugfix: Site Gallery was not correctly filtering Explicit photos away from users who did not opt-in for explicit!
2022-09-08 04:18:54 +00:00
/*
PaginateGalleryPhotos gets a page of all public user photos for the site gallery.
Admin view returns ALL photos regardless of Gallery status.
*/
Shy Accounts * Users with private profiles or no public photo at all are considered to be Shy Accounts and are isolated from the non-shy profiles. * Restrictions include: * Site Gallery shows only them + their friends' photos. * User Galleries: must be a friend or had private photos granted to see a user's gallery page. * DMs: can not initiate a DM to a non-shy member (other shy members OK).
2023-02-14 06:19:18 +00:00
func PaginateGalleryPhotos(user *User, conf Gallery, pager *Pagination) ([]*Photo, error) {
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
var (
Shy Accounts * Users with private profiles or no public photo at all are considered to be Shy Accounts and are isolated from the non-shy profiles. * Restrictions include: * Site Gallery shows only them + their friends' photos. * User Galleries: must be a friend or had private photos granted to see a user's gallery page. * DMs: can not initiate a DM to a non-shy member (other shy members OK).
2023-02-14 06:19:18 +00:00
filterExplicit = conf.Explicit
filterVisibility = conf.Visibility
adminView = conf.AdminView
isShy = conf.ShyView
p = []*Photo{}
query *gorm.DB
Private Photo Sharing * Add ability to unlock your private photos for others. * Link to unlock is on another user's Photos page. * You can also access your "Manage Private Photos" page in the User Menu or Dashboard and add a user by username. * See who you have granted access, and see users who have granted you access to their private photos. * Private photos of users who unlocked them for you may appear on the Site Gallery if the photo allows. * Add new filters to the Site Gallery: you can choose to filter by Explicit, limit to a specific Visibility, and order by Newest or Oldest. Non-explicit users do not get a filter to see explicit content - they must opt-in in their settings. * Bugfix: Site Gallery was not correctly filtering Explicit photos away from users who did not opt-in for explicit!
2022-09-08 04:18:54 +00:00
// Get the user ID and their preferences.
userID = user.ID
explicitOK = user.Explicit // User opted-in for explicit content
blocklist = BlockedUserIDs(userID)
friendIDs = FriendIDs(userID)
privateUserIDs = PrivateGrantedUserIDs(userID)
wheres = []string{}
placeholders = []interface{}{}
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
)
The inner circle
2023-05-24 03:04:17 +00:00
// Define "all photos visibilities"
Fix gallery filters re: inner circle photos
2023-05-24 20:38:37 +00:00
var (
photosAll = PhotoVisibilityAll
photosPublic = []PhotoVisibility{
PhotoPublic,
}
photosFriends = []PhotoVisibility{
PhotoPublic,
PhotoFriends,
}
)
The inner circle
2023-05-24 03:04:17 +00:00
if user.IsInnerCircle() {
photosAll = PhotoVisibilityCircle
Fix gallery filters re: inner circle photos
2023-05-24 20:38:37 +00:00
photosPublic = append(photosPublic, PhotoInnerCircle)
photosFriends = append(photosFriends, PhotoInnerCircle)
The inner circle
2023-05-24 03:04:17 +00:00
}
Explicit admin filter for the site gallery * For admins, make it a specific opt-in filter for the Site Gallery to show all pictures regardless of friendship or grant (for moderation purposes). On this view, Like and Comment buttons are taken away. Non-admins are not shown the option and the back-end ignores the parameter for them. * Fix user avatars on compose and admin actions page.
2022-09-10 03:11:50 +00:00
// Admins see everything on the site (only an admin user can get an admin view).
Admin Groups & Permissions Add a permission system for admin users so you can lock down specific admins to a narrower set of features instead of them all having omnipotent powers. * New page: Admin Dashboard -> Admin Permissions Management * Permissions are handled in the form of 'scopes' relevant to each feature or action on the site. Scopes are assigned to Groups, and in turn, admin user accounts are placed in those Groups. * The Superusers group (scope '*') has wildcard permission to all scopes. The permissions dashboard has a create-once action to initialize the Superusers for the first admin who clicks on it, and places that admin in the group. The following are the exhaustive list of permission changes on the site: * Moderator scopes: * Chat room (enter the room with Operator permission) * Forums (can edit or delete user posts on the forum) * Photo Gallery (can see all private/friends-only photos on the site gallery or user profile pages) * Certification photos (with nuanced sub-action permissions) * Approve: has access to the Pending tab to act on incoming pictures * List: can paginate thru past approved/rejected photos * View: can bring up specific user cert photo from their profile * The minimum requirement is Approve or else no cert photo page will load for your admin user. * User Actions (each action individually scoped) * Impersonate * Ban * Delete * Promote to admin * Inner circle whitelist: no longer are admins automatically part of the inner circle unless they have a specialized scope attached. The AdminRequired decorator may also apply scopes on an entire admin route. The following routes have scopes to limit them: * Forum Admin (manage forums and their settings) * Remove from inner circle
2023-08-02 03:39:48 +00:00
adminView = user.HasAdminScope(config.ScopePhotoModerator) && adminView
Explicit admin filter for the site gallery * For admins, make it a specific opt-in filter for the Site Gallery to show all pictures regardless of friendship or grant (for moderation purposes). On this view, Like and Comment buttons are taken away. Non-admins are not shown the option and the back-end ignores the parameter for them. * Fix user avatars on compose and admin actions page.
2022-09-10 03:11:50 +00:00
Spit and Polish * Friends: can now see your sent requests awaiting approval too. * Site Gallery: you may see Friends-only photos on the Gallery if you are friends with the owner and the pic is opted-in for the Gallery. * Site Gallery: show color coded visibility icons in card headers. * Improve appearance of Upload Photo page. * Update FAQ
2022-08-23 03:58:35 +00:00
// Include ourself in our friend IDs.
friendIDs = append(friendIDs, userID)
Shy Accounts * Users with private profiles or no public photo at all are considered to be Shy Accounts and are isolated from the non-shy profiles. * Restrictions include: * Site Gallery shows only them + their friends' photos. * User Galleries: must be a friend or had private photos granted to see a user's gallery page. * DMs: can not initiate a DM to a non-shy member (other shy members OK).
2023-02-14 06:19:18 +00:00
// Whose photos can you see on the Site Gallery?
if isShy {
// Shy users can only see their Friends photos (public or friends visibility)
// and any Private photos to whom they were granted access.
wheres = append(wheres,
"((user_id IN ? AND visibility IN ?) OR "+
"(user_id IN ? AND visibility IN ?))",
)
placeholders = append(placeholders,
friendIDs, PhotoVisibilityFriends,
The inner circle
2023-05-24 03:04:17 +00:00
privateUserIDs, photosAll,
Shy Accounts * Users with private profiles or no public photo at all are considered to be Shy Accounts and are isolated from the non-shy profiles. * Restrictions include: * Site Gallery shows only them + their friends' photos. * User Galleries: must be a friend or had private photos granted to see a user's gallery page. * DMs: can not initiate a DM to a non-shy member (other shy members OK).
2023-02-14 06:19:18 +00:00
)
} else {
// You can see friends' Friend photos but only public for non-friends.
wheres = append(wheres,
"((user_id IN ? AND visibility IN ?) OR "+
"(user_id IN ? AND visibility IN ?) OR "+
Fix gallery filters re: inner circle photos
2023-05-24 20:38:37 +00:00
"(user_id NOT IN ? AND visibility IN ?))",
Shy Accounts * Users with private profiles or no public photo at all are considered to be Shy Accounts and are isolated from the non-shy profiles. * Restrictions include: * Site Gallery shows only them + their friends' photos. * User Galleries: must be a friend or had private photos granted to see a user's gallery page. * DMs: can not initiate a DM to a non-shy member (other shy members OK).
2023-02-14 06:19:18 +00:00
)
placeholders = append(placeholders,
Fix gallery filters re: inner circle photos
2023-05-24 20:38:37 +00:00
friendIDs, photosFriends,
The inner circle
2023-05-24 03:04:17 +00:00
privateUserIDs, photosAll,
Fix gallery filters re: inner circle photos
2023-05-24 20:38:37 +00:00
friendIDs, photosPublic,
Shy Accounts * Users with private profiles or no public photo at all are considered to be Shy Accounts and are isolated from the non-shy profiles. * Restrictions include: * Site Gallery shows only them + their friends' photos. * User Galleries: must be a friend or had private photos granted to see a user's gallery page. * DMs: can not initiate a DM to a non-shy member (other shy members OK).
2023-02-14 06:19:18 +00:00
)
}
Spit and Polish * Friends: can now see your sent requests awaiting approval too. * Site Gallery: you may see Friends-only photos on the Gallery if you are friends with the owner and the pic is opted-in for the Gallery. * Site Gallery: show color coded visibility icons in card headers. * Improve appearance of Upload Photo page. * Update FAQ
2022-08-23 03:58:35 +00:00
// Gallery photos only.
wheres = append(wheres, "gallery = ?")
placeholders = append(placeholders, true)
Block Lists Implement block lists. They work like friend lists but are unidirectional, but take effect in both directions (blocker and blockee can not see one another on the site -- except admin users can always see all users). * Profile page says 404 * User gallery says 404 * User search page filters out blocked users * Compose endpoint blocks sending messages to blocked users (except admin) * Site Gallery filters photos by blocked (and uncertified) users * Inbox page hides chat list for blocked users (can still read the chat history if you have a link to the old thread)
2022-08-15 00:45:55 +00:00
// Filter blocked users.
if len(blocklist) > 0 {
wheres = append(wheres, "user_id NOT IN ?")
placeholders = append(placeholders, blocklist)
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
}
Private Photo Sharing * Add ability to unlock your private photos for others. * Link to unlock is on another user's Photos page. * You can also access your "Manage Private Photos" page in the User Menu or Dashboard and add a user by username. * See who you have granted access, and see users who have granted you access to their private photos. * Private photos of users who unlocked them for you may appear on the Site Gallery if the photo allows. * Add new filters to the Site Gallery: you can choose to filter by Explicit, limit to a specific Visibility, and order by Newest or Oldest. Non-explicit users do not get a filter to see explicit content - they must opt-in in their settings. * Bugfix: Site Gallery was not correctly filtering Explicit photos away from users who did not opt-in for explicit!
2022-09-08 04:18:54 +00:00
// Non-explicit pics unless the user opted in. Allow explicit filter setting to override.
if filterExplicit != "" {
wheres = append(wheres, "explicit = ?")
placeholders = append(placeholders, filterExplicit == "true")
} else if !explicitOK {
Block Lists Implement block lists. They work like friend lists but are unidirectional, but take effect in both directions (blocker and blockee can not see one another on the site -- except admin users can always see all users). * Profile page says 404 * User gallery says 404 * User search page filters out blocked users * Compose endpoint blocks sending messages to blocked users (except admin) * Site Gallery filters photos by blocked (and uncertified) users * Inbox page hides chat list for blocked users (can still read the chat history if you have a link to the old thread)
2022-08-15 00:45:55 +00:00
wheres = append(wheres, "explicit = ?")
placeholders = append(placeholders, false)
}
Private Photo Sharing * Add ability to unlock your private photos for others. * Link to unlock is on another user's Photos page. * You can also access your "Manage Private Photos" page in the User Menu or Dashboard and add a user by username. * See who you have granted access, and see users who have granted you access to their private photos. * Private photos of users who unlocked them for you may appear on the Site Gallery if the photo allows. * Add new filters to the Site Gallery: you can choose to filter by Explicit, limit to a specific Visibility, and order by Newest or Oldest. Non-explicit users do not get a filter to see explicit content - they must opt-in in their settings. * Bugfix: Site Gallery was not correctly filtering Explicit photos away from users who did not opt-in for explicit!
2022-09-08 04:18:54 +00:00
// Is the user furthermore clamping the visibility filter?
if filterVisibility != "" {
wheres = append(wheres, "visibility = ?")
placeholders = append(placeholders, filterVisibility)
}
Fix banned user photos appearing on Gallery
2023-03-10 01:14:20 +00:00
// Only certified (and not banned) user photos.
Block Lists Implement block lists. They work like friend lists but are unidirectional, but take effect in both directions (blocker and blockee can not see one another on the site -- except admin users can always see all users). * Profile page says 404 * User gallery says 404 * User search page filters out blocked users * Compose endpoint blocks sending messages to blocked users (except admin) * Site Gallery filters photos by blocked (and uncertified) users * Inbox page hides chat list for blocked users (can still read the chat history if you have a link to the old thread)
2022-08-15 00:45:55 +00:00
wheres = append(wheres,
Fix banned user photos appearing on Gallery
2023-03-10 01:14:20 +00:00
"EXISTS (SELECT 1 FROM users WHERE id = photos.user_id AND certified = true AND status='active')",
Block Lists Implement block lists. They work like friend lists but are unidirectional, but take effect in both directions (blocker and blockee can not see one another on the site -- except admin users can always see all users). * Profile page says 404 * User gallery says 404 * User search page filters out blocked users * Compose endpoint blocks sending messages to blocked users (except admin) * Site Gallery filters photos by blocked (and uncertified) users * Inbox page hides chat list for blocked users (can still read the chat history if you have a link to the old thread)
2022-08-15 00:45:55 +00:00
)
Private Profiles & Misc Improvements * Add setting to mark profile as "private" * If a profile is private you can't see their profile page or user photo gallery unless you are friends (or admin) * The Site Gallery never shows pictures from private profiles. * Add HTML5 drag/drop upload support for photo gallery. * Suppress SQL logging except in debug mode. * Clean up extra logs.
2022-08-22 00:29:39 +00:00
// Exclude private users' photos.
wheres = append(wheres,
"NOT EXISTS (SELECT 1 FROM users WHERE id = photos.user_id AND visibility = 'private')",
)
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
// Admin view: get ALL PHOTOS on the site, period.
if adminView {
query = DB
Private Photo Sharing * Add ability to unlock your private photos for others. * Link to unlock is on another user's Photos page. * You can also access your "Manage Private Photos" page in the User Menu or Dashboard and add a user by username. * See who you have granted access, and see users who have granted you access to their private photos. * Private photos of users who unlocked them for you may appear on the Site Gallery if the photo allows. * Add new filters to the Site Gallery: you can choose to filter by Explicit, limit to a specific Visibility, and order by Newest or Oldest. Non-explicit users do not get a filter to see explicit content - they must opt-in in their settings. * Bugfix: Site Gallery was not correctly filtering Explicit photos away from users who did not opt-in for explicit!
2022-09-08 04:18:54 +00:00
// Admin may filter too.
if filterVisibility != "" {
query = query.Where("visibility = ?", filterVisibility)
}
if filterExplicit != "" {
query = query.Where("explicit = ?", filterExplicit == "true")
}
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
} else {
query = DB.Where(
Block Lists Implement block lists. They work like friend lists but are unidirectional, but take effect in both directions (blocker and blockee can not see one another on the site -- except admin users can always see all users). * Profile page says 404 * User gallery says 404 * User search page filters out blocked users * Compose endpoint blocks sending messages to blocked users (except admin) * Site Gallery filters photos by blocked (and uncertified) users * Inbox page hides chat list for blocked users (can still read the chat history if you have a link to the old thread)
2022-08-15 00:45:55 +00:00
strings.Join(wheres, " AND "),
placeholders...,
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
)
}
query = query.Order(pager.Sort)
query.Model(&Photo{}).Count(&pager.Total)
result := query.Offset(pager.GetOffset()).Limit(pager.PerPage).Find(&p)
return p, result.Error
}
User Photo Gallery & Management * Add the user photo gallery for profile pages. Paginated, grid or full (blog style) view options. In grid view clicking a photo opens a large modal to see it; full view already shows large photos. * Edit page: can also re-crop and set an existing pic to be your profile pic. * Delete page: remove photos from the DB and hard drive. * Photos are cleaned up from disk when not needed, e.g. during a re-crop the old cropped photo is removed before the new one replaces it. * Fixed bug with cropping pictures.
2022-08-13 06:11:36 +00:00
// Save photo.
func (p *Photo) Save() error {
result := DB.Save(p)
return result.Error
}
// Delete photo.
func (p *Photo) Delete() error {
result := DB.Delete(p)
return result.Error
}