2022-08-15 00:45:55 +00:00
|
|
|
package block
|
|
|
|
|
|
|
|
import (
|
2023-08-13 06:23:49 +00:00
|
|
|
"fmt"
|
2022-08-15 00:45:55 +00:00
|
|
|
"net/http"
|
|
|
|
"strings"
|
|
|
|
|
2022-08-26 04:21:46 +00:00
|
|
|
"code.nonshy.com/nonshy/website/pkg/config"
|
2023-09-30 22:24:14 +00:00
|
|
|
"code.nonshy.com/nonshy/website/pkg/controller/chat"
|
2023-08-13 06:23:49 +00:00
|
|
|
"code.nonshy.com/nonshy/website/pkg/log"
|
2022-08-26 04:21:46 +00:00
|
|
|
"code.nonshy.com/nonshy/website/pkg/models"
|
|
|
|
"code.nonshy.com/nonshy/website/pkg/session"
|
|
|
|
"code.nonshy.com/nonshy/website/pkg/templates"
|
2022-08-15 00:45:55 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// Blocked list.
|
|
|
|
func Blocked() http.HandlerFunc {
|
|
|
|
tmpl := templates.Must("account/block_list.html")
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
currentUser, err := session.CurrentUser(r)
|
|
|
|
if err != nil {
|
|
|
|
session.FlashError(w, r, "Unexpected error: could not get currentUser.")
|
|
|
|
templates.Redirect(w, "/")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get our blocklist.
|
|
|
|
pager := &models.Pagination{
|
|
|
|
PerPage: config.PageSizeBlockList,
|
|
|
|
Sort: "updated_at desc",
|
|
|
|
}
|
|
|
|
pager.ParsePage(r)
|
2022-09-09 04:42:20 +00:00
|
|
|
blocked, err := models.PaginateBlockList(currentUser, pager)
|
2022-08-15 00:45:55 +00:00
|
|
|
if err != nil {
|
|
|
|
session.FlashError(w, r, "Couldn't paginate block list: %s", err)
|
|
|
|
templates.Redirect(w, "/")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
var vars = map[string]interface{}{
|
|
|
|
"BlockedUsers": blocked,
|
|
|
|
"Pager": pager,
|
|
|
|
}
|
|
|
|
if err := tmpl.Execute(w, r, vars); err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2023-08-15 01:50:34 +00:00
|
|
|
// AddUser to manually add someone to your block list.
|
|
|
|
func AddUser() http.HandlerFunc {
|
|
|
|
tmpl := templates.Must("account/block_list_add.html")
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if err := tmpl.Execute(w, r, nil); err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2022-08-15 00:45:55 +00:00
|
|
|
// BlockUser controller.
|
|
|
|
func BlockUser() http.HandlerFunc {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
// POST only.
|
|
|
|
if r.Method != http.MethodPost {
|
|
|
|
session.FlashError(w, r, "Unacceptable Request Method")
|
|
|
|
templates.Redirect(w, "/")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Form fields
|
|
|
|
var (
|
|
|
|
username = strings.ToLower(r.PostFormValue("username"))
|
|
|
|
unblock = r.PostFormValue("unblock") == "true"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Get the current user.
|
|
|
|
currentUser, err := session.CurrentUser(r)
|
|
|
|
if err != nil {
|
|
|
|
session.FlashError(w, r, "Couldn't get CurrentUser: %s", err)
|
|
|
|
templates.Redirect(w, "/")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the target user.
|
|
|
|
user, err := models.FindUser(username)
|
|
|
|
if err != nil {
|
|
|
|
session.FlashError(w, r, "User Not Found")
|
2023-08-15 01:50:34 +00:00
|
|
|
templates.Redirect(w, "/users/blocklist/add")
|
2022-08-15 00:45:55 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Unblocking?
|
|
|
|
if unblock {
|
|
|
|
if err := models.UnblockUser(currentUser.ID, user.ID); err != nil {
|
|
|
|
session.FlashError(w, r, "Couldn't unblock this user: %s.", err)
|
|
|
|
} else {
|
|
|
|
session.Flash(w, r, "You have removed %s from your block list.", user.Username)
|
Change Logs
* Add a ChangeLog table to collect historic updates to various database tables.
* Created, Updated (with field diffs) and Deleted actions are logged, as well
as certification photo approves/denies.
* Specific items added to the change log:
* When a user photo is marked Explicit by an admin
* When users block/unblock each other
* When photo comments are posted, edited, and deleted
* When forums are created, edited, and deleted
* When forum comments are created, edited and deleted
* When a new forum thread is created
* When a user uploads or removes their own certification photo
* When an admin approves or rejects a certification photo
* When a user uploads, modifies or deletes their gallery photos
* When a friend request is sent
* When a friend request is accepted, ignored, or rejected
* When a friendship is removed
2024-02-26 01:03:36 +00:00
|
|
|
|
|
|
|
// Log the change.
|
|
|
|
models.LogDeleted(currentUser, nil, "blocks", user.ID, "Unblocked user "+user.Username+".", nil)
|
2022-08-15 00:45:55 +00:00
|
|
|
}
|
|
|
|
templates.Redirect(w, "/users/blocked")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Can't block yourself.
|
|
|
|
if currentUser.ID == user.ID {
|
|
|
|
session.FlashError(w, r, "You can't block yourself!")
|
|
|
|
templates.Redirect(w, "/u/"+username)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-09-10 04:17:22 +00:00
|
|
|
// If the target user is an admin, log this to the admin reports page.
|
|
|
|
if user.IsAdmin {
|
|
|
|
// Is the target admin user unblockable?
|
|
|
|
var (
|
|
|
|
unblockable = user.HasAdminScope(config.ScopeUnblockable)
|
|
|
|
footer string // qualifier for the admin report body
|
|
|
|
)
|
|
|
|
|
|
|
|
// Add a footer to the report to indicate whether the block goes through.
|
|
|
|
if unblockable {
|
|
|
|
footer = "**Unblockable:** this admin can not be blocked, so the block was not added and the user was shown an error message."
|
|
|
|
} else {
|
|
|
|
footer = "**Notice:** This admin is not unblockable, so the block has been added successfully."
|
|
|
|
}
|
|
|
|
|
|
|
|
// Also, include this user's current count of blocked admin users.
|
|
|
|
count, total := models.CountBlockedAdminUsers(currentUser)
|
|
|
|
footer += fmt.Sprintf("\n\nThis user now blocks %d of %d admin user(s) on this site.", count+1, total)
|
|
|
|
|
2023-08-13 06:23:49 +00:00
|
|
|
// For curiosity's sake, log a report.
|
|
|
|
fb := &models.Feedback{
|
|
|
|
Intent: "report",
|
|
|
|
Subject: "A user tried to block an admin",
|
|
|
|
Message: fmt.Sprintf(
|
|
|
|
"A user has tried to block an admin user account!\n\n"+
|
2024-09-10 04:17:22 +00:00
|
|
|
"* Username: %s\n* Tried to block: %s\n\n%s",
|
2023-08-13 06:23:49 +00:00
|
|
|
currentUser.Username,
|
|
|
|
user.Username,
|
2024-09-10 04:17:22 +00:00
|
|
|
footer,
|
2023-08-13 06:23:49 +00:00
|
|
|
),
|
|
|
|
UserID: currentUser.ID,
|
|
|
|
TableName: "users",
|
|
|
|
TableID: currentUser.ID,
|
|
|
|
}
|
|
|
|
if err := models.CreateFeedback(fb); err != nil {
|
|
|
|
log.Error("Could not log feedback for user %s trying to block admin %s: %s", currentUser.Username, user.Username, err)
|
|
|
|
}
|
|
|
|
|
2024-09-10 04:17:22 +00:00
|
|
|
// If the admin is unblockable, give the user an error message and return.
|
|
|
|
if unblockable {
|
|
|
|
session.FlashError(w, r, "You can not block site administrators.")
|
|
|
|
templates.Redirect(w, "/u/"+username)
|
|
|
|
return
|
|
|
|
}
|
2022-08-15 00:45:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Block the target user.
|
|
|
|
if err := models.AddBlock(currentUser.ID, user.ID); err != nil {
|
|
|
|
session.FlashError(w, r, "Couldn't block this user: %s.", err)
|
|
|
|
} else {
|
|
|
|
session.Flash(w, r, "You have added %s to your block list.", user.Username)
|
Change Logs
* Add a ChangeLog table to collect historic updates to various database tables.
* Created, Updated (with field diffs) and Deleted actions are logged, as well
as certification photo approves/denies.
* Specific items added to the change log:
* When a user photo is marked Explicit by an admin
* When users block/unblock each other
* When photo comments are posted, edited, and deleted
* When forums are created, edited, and deleted
* When forum comments are created, edited and deleted
* When a new forum thread is created
* When a user uploads or removes their own certification photo
* When an admin approves or rejects a certification photo
* When a user uploads, modifies or deletes their gallery photos
* When a friend request is sent
* When a friend request is accepted, ignored, or rejected
* When a friendship is removed
2024-02-26 01:03:36 +00:00
|
|
|
|
|
|
|
// Log the change.
|
|
|
|
models.LogCreated(currentUser, "blocks", user.ID, "Blocks user "+user.Username+".")
|
2022-08-15 00:45:55 +00:00
|
|
|
}
|
|
|
|
|
2023-09-30 22:24:14 +00:00
|
|
|
// Sync the block to the BareRTC chat server now, in case either user is currently online.
|
|
|
|
go chat.BlockUserNow(currentUser, user)
|
|
|
|
|
2022-08-15 00:45:55 +00:00
|
|
|
templates.Redirect(w, "/users/blocked")
|
|
|
|
})
|
|
|
|
}
|