2023-09-16 20:46:26 +00:00
|
|
|
package account
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
"net/url"
|
2023-10-29 19:29:11 +00:00
|
|
|
"strconv"
|
2023-09-16 20:46:26 +00:00
|
|
|
|
|
|
|
"code.nonshy.com/nonshy/website/pkg/config"
|
2023-10-29 19:29:11 +00:00
|
|
|
"code.nonshy.com/nonshy/website/pkg/log"
|
2023-09-16 20:46:26 +00:00
|
|
|
"code.nonshy.com/nonshy/website/pkg/middleware"
|
|
|
|
"code.nonshy.com/nonshy/website/pkg/models"
|
|
|
|
"code.nonshy.com/nonshy/website/pkg/session"
|
|
|
|
"code.nonshy.com/nonshy/website/pkg/templates"
|
|
|
|
)
|
|
|
|
|
|
|
|
// User notes page (/notes/u/username)
|
|
|
|
func UserNotes() http.HandlerFunc {
|
|
|
|
tmpl := templates.Must("account/user_notes.html")
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
// Parse the username out of the URL parameters.
|
2024-10-18 02:21:18 +00:00
|
|
|
var (
|
|
|
|
username = r.PathValue("username")
|
|
|
|
show = r.FormValue("show") // admin feedback filter
|
|
|
|
)
|
2023-09-16 20:46:26 +00:00
|
|
|
|
|
|
|
// Find this user.
|
|
|
|
user, err := models.FindUser(username)
|
|
|
|
if err != nil {
|
|
|
|
templates.NotFoundPage(w, r)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the current user.
|
|
|
|
currentUser, err := session.CurrentUser(r)
|
|
|
|
if err != nil {
|
|
|
|
session.FlashError(w, r, "You must be signed in to view this page.")
|
|
|
|
templates.Redirect(w, "/login?next="+url.QueryEscape(r.URL.String()))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Is the site under a Maintenance Mode restriction?
|
|
|
|
if middleware.MaintenanceMode(currentUser, w, r) {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Banned or disabled? Only admin can view then.
|
|
|
|
if user.Status != models.UserStatusActive && !currentUser.IsAdmin {
|
|
|
|
templates.NotFoundPage(w, r)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Is either one blocking?
|
|
|
|
if models.IsBlocking(currentUser.ID, user.ID) && !currentUser.IsAdmin {
|
|
|
|
templates.NotFoundPage(w, r)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Look up our current note about this person.
|
|
|
|
var myNote = models.GetNoteBetweenUsers(currentUser, user)
|
|
|
|
|
|
|
|
// Are we submitting a note?
|
|
|
|
if r.Method == http.MethodPost {
|
|
|
|
var message = r.FormValue("message")
|
|
|
|
|
|
|
|
// Update & save our note.
|
|
|
|
if message == "" {
|
|
|
|
// Delete it.
|
|
|
|
if err := myNote.Delete(); err != nil && err != models.ErrNoUserNoteToDelete {
|
|
|
|
session.FlashError(w, r, "Error deleting your note: %s", err)
|
|
|
|
} else if err == nil {
|
|
|
|
session.Flash(w, r, "Your note was deleted!")
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
// Update it.
|
|
|
|
myNote.Message = message
|
|
|
|
if err := myNote.Save(); err != nil {
|
|
|
|
session.FlashError(w, r, "Error saving your note: %s", err)
|
|
|
|
} else {
|
|
|
|
session.Flash(w, r, "Your notes have been saved!")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
templates.Redirect(w, r.URL.Path)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Admin view: paginate their feedback & reports.
|
|
|
|
var (
|
|
|
|
feedback = []*models.Feedback{}
|
|
|
|
otherNotes = []*models.UserNote{}
|
|
|
|
userMap = models.UserMap{}
|
|
|
|
notePager = &models.Pagination{
|
|
|
|
Page: 1,
|
|
|
|
PerPage: config.PageSizeAdminUserNotes,
|
|
|
|
Sort: "updated_at desc",
|
|
|
|
}
|
|
|
|
fbPager = &models.Pagination{
|
|
|
|
Page: 1,
|
|
|
|
PerPage: config.PageSizeAdminFeedbackNotesPage,
|
|
|
|
Sort: "created_at desc",
|
|
|
|
}
|
|
|
|
)
|
|
|
|
notePager.ParsePage(r)
|
|
|
|
fbPager.ParsePage(r)
|
|
|
|
if currentUser.IsAdmin {
|
|
|
|
// Paginate all notes written about this user.
|
|
|
|
if on, err := models.PaginateUserNotes(user, notePager); err != nil {
|
|
|
|
session.FlashError(w, r, "Paginating user notes: %s", err)
|
|
|
|
} else {
|
|
|
|
otherNotes = on
|
|
|
|
}
|
|
|
|
|
|
|
|
// Paginate feedback & reports.
|
2024-10-18 02:21:18 +00:00
|
|
|
if fb, err := models.PaginateFeedbackAboutUser(user, show, fbPager); err != nil {
|
2023-09-16 20:46:26 +00:00
|
|
|
session.FlashError(w, r, "Paginating feedback on this user: %s", err)
|
|
|
|
} else {
|
|
|
|
feedback = fb
|
|
|
|
}
|
|
|
|
|
|
|
|
// Map user IDs for the Feedback Reply-To line and the Note Givers for the paginated notes.
|
|
|
|
var userIDs = []uint64{}
|
|
|
|
for _, p := range feedback {
|
|
|
|
if p.UserID > 0 {
|
|
|
|
userIDs = append(userIDs, p.UserID)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for _, p := range otherNotes {
|
|
|
|
if p.UserID > 0 {
|
|
|
|
userIDs = append(userIDs, p.UserID)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if um, err := models.MapUsers(currentUser, userIDs); err != nil {
|
|
|
|
session.FlashError(w, r, "Couldn't map user IDs: %s", err)
|
|
|
|
} else {
|
|
|
|
userMap = um
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
vars := map[string]interface{}{
|
2023-10-22 22:02:24 +00:00
|
|
|
"User": user,
|
|
|
|
"PhotoCount": models.CountPhotosICanSee(user, currentUser),
|
|
|
|
"NoteCount": models.CountNotesAboutUser(currentUser, user),
|
|
|
|
"FriendCount": models.CountFriends(user.ID),
|
|
|
|
"MyNote": myNote,
|
2023-09-16 20:46:26 +00:00
|
|
|
|
|
|
|
// Admin concerns.
|
2024-10-18 02:21:18 +00:00
|
|
|
"Show": show,
|
2023-09-16 20:46:26 +00:00
|
|
|
"Feedback": feedback,
|
|
|
|
"FeedbackPager": fbPager,
|
|
|
|
"OtherNotes": otherNotes,
|
|
|
|
"NotePager": notePager,
|
|
|
|
"UserMap": userMap,
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := tmpl.Execute(w, r, vars); err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
2023-10-29 19:29:11 +00:00
|
|
|
|
|
|
|
// My user notes page (/notes/me)
|
|
|
|
func MyNotes() http.HandlerFunc {
|
|
|
|
tmpl := templates.Must("account/my_user_notes.html")
|
|
|
|
|
|
|
|
// Whitelist for ordering options.
|
|
|
|
var sortWhitelist = []string{
|
|
|
|
"updated_at desc",
|
|
|
|
"updated_at asc",
|
|
|
|
"username desc",
|
|
|
|
"username asc",
|
|
|
|
}
|
|
|
|
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
// Filter parameters.
|
|
|
|
var (
|
2023-12-21 22:59:41 +00:00
|
|
|
search = r.FormValue("search")
|
|
|
|
sort = r.FormValue("sort")
|
|
|
|
adminNotes = r.FormValue("admin_notes") == "true"
|
|
|
|
sortOK bool
|
2023-10-29 19:29:11 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// Sort options.
|
|
|
|
for _, v := range sortWhitelist {
|
|
|
|
if sort == v {
|
|
|
|
sortOK = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if !sortOK {
|
|
|
|
sort = sortWhitelist[0]
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the current user.
|
|
|
|
currentUser, err := session.CurrentUser(r)
|
|
|
|
if err != nil {
|
|
|
|
session.FlashError(w, r, "You must be signed in to view this page.")
|
|
|
|
templates.Redirect(w, "/login?next="+url.QueryEscape(r.URL.String()))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Is the site under a Maintenance Mode restriction?
|
|
|
|
if middleware.MaintenanceMode(currentUser, w, r) {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2023-12-21 22:59:41 +00:00
|
|
|
// Admin notes?
|
2024-05-09 04:03:31 +00:00
|
|
|
if adminNotes && !currentUser.HasAdminScope(config.ScopeUserNotes) {
|
2023-12-21 22:59:41 +00:00
|
|
|
adminNotes = false
|
|
|
|
}
|
|
|
|
|
2023-10-29 19:29:11 +00:00
|
|
|
// Are we deleting a note?
|
|
|
|
if r.Method == http.MethodPost {
|
|
|
|
var (
|
|
|
|
intent = r.PostFormValue("intent")
|
|
|
|
idStr = r.PostFormValue("id")
|
|
|
|
)
|
|
|
|
|
|
|
|
noteID, err := strconv.Atoi(idStr)
|
|
|
|
if err != nil {
|
|
|
|
session.FlashError(w, r, "Invalid note ID.")
|
|
|
|
templates.Redirect(w, r.URL.Path)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
note, err := models.GetNote(uint64(noteID))
|
|
|
|
if err != nil {
|
|
|
|
session.FlashError(w, r, "Couldn't find that note.")
|
|
|
|
templates.Redirect(w, r.URL.Path)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Assert it is our note to edit.
|
|
|
|
if note.UserID != currentUser.ID {
|
|
|
|
session.FlashError(w, r, "That is not your note to edit.")
|
|
|
|
templates.Redirect(w, r.URL.Path)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if intent == "delete" {
|
|
|
|
// Delete it!
|
|
|
|
if err := note.Delete(); err != nil {
|
|
|
|
session.FlashError(w, r, "Error deleting the note: %s.", err)
|
|
|
|
templates.Redirect(w, r.URL.Path)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
session.Flash(w, r, "That note has been deleted!")
|
|
|
|
}
|
|
|
|
templates.Redirect(w, r.URL.Path)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
var (
|
|
|
|
pager = &models.Pagination{
|
|
|
|
Page: 1,
|
|
|
|
PerPage: config.PageSizeAdminUserNotes,
|
|
|
|
Sort: sort,
|
|
|
|
}
|
2023-12-21 22:59:41 +00:00
|
|
|
userIDs = []uint64{}
|
|
|
|
notes []*models.UserNote
|
|
|
|
adminUserMap models.UserMap
|
2023-10-29 19:29:11 +00:00
|
|
|
)
|
|
|
|
pager.ParsePage(r)
|
|
|
|
|
2023-12-21 22:59:41 +00:00
|
|
|
if adminNotes {
|
|
|
|
notes, err = models.PaginateAdminUserNotes(search, pager)
|
|
|
|
if userMap, err := models.MapAdminUsers(currentUser); err == nil {
|
|
|
|
adminUserMap = userMap
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
notes, err = models.PaginateMyUserNotes(currentUser, search, pager)
|
|
|
|
}
|
|
|
|
|
2023-10-29 19:29:11 +00:00
|
|
|
if err != nil {
|
|
|
|
session.FlashError(w, r, "Error getting your user notes: %s", err)
|
|
|
|
templates.Redirect(w, "/")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Map user IDs to users.
|
|
|
|
for _, note := range notes {
|
|
|
|
userIDs = append(userIDs, note.AboutUserID)
|
|
|
|
}
|
|
|
|
userMap, err := models.MapUsers(currentUser, userIDs)
|
|
|
|
if err != nil {
|
|
|
|
log.Error("MyUserNotes: couldn't MapUsers: %s", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
vars := map[string]interface{}{
|
2023-12-21 22:59:41 +00:00
|
|
|
"Notes": notes,
|
|
|
|
"Pager": pager,
|
|
|
|
"UserMap": userMap, // users talked about on this page
|
|
|
|
"AdminUserMap": adminUserMap, // other admin note authors for AdminNotes view
|
2023-10-29 19:29:11 +00:00
|
|
|
|
|
|
|
// Search filters
|
2023-12-21 22:59:41 +00:00
|
|
|
"Search": search,
|
|
|
|
"Sort": sort,
|
|
|
|
"AdminNotes": adminNotes,
|
2023-10-29 19:29:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if err := tmpl.Execute(w, r, vars); err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|