nonshy/website
nonshy/website
1
0
Fork 0
Code Issues 20 Pull Requests 1 Packages Projects Releases Wiki Activity
f4d176a538
website/pkg/controller/photo/certification.go

430 lines
13 KiB
Go
Raw Normal View History

Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
package photo
import (
"bytes"
"io"
"net/http"
"path/filepath"
"strconv"
Rename the module
2022-08-26 04:21:46 +00:00
"code.nonshy.com/nonshy/website/pkg/config"
Certification photo admin updates
2023-11-25 22:28:16 +00:00
"code.nonshy.com/nonshy/website/pkg/geoip"
Rename the module
2022-08-26 04:21:46 +00:00
"code.nonshy.com/nonshy/website/pkg/log"
"code.nonshy.com/nonshy/website/pkg/mail"
"code.nonshy.com/nonshy/website/pkg/models"
"code.nonshy.com/nonshy/website/pkg/photo"
"code.nonshy.com/nonshy/website/pkg/session"
"code.nonshy.com/nonshy/website/pkg/templates"
Certification photo admin updates
2023-11-25 22:28:16 +00:00
"code.nonshy.com/nonshy/website/pkg/utility"
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
)
// CertificationRequiredError handles the error page when a user is denied due to lack of certification.
func CertificationRequiredError() http.HandlerFunc {
tmpl := templates.Must("errors/certification_required.html")
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
currentUser, err := session.CurrentUser(r)
if err != nil {
session.FlashError(w, r, "Unexpected error: could not get currentUser.")
templates.Redirect(w, "/")
return
}
// Get the current user's cert photo (or create the DB record).
cert, err := models.GetCertificationPhoto(currentUser.ID)
if err != nil {
session.FlashError(w, r, "Unexpected error: could not get or create CertificationPhoto record.")
templates.Redirect(w, "/")
return
}
var vars = map[string]interface{}{
"CertificationPhoto": cert,
}
if err := tmpl.Execute(w, r, vars); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
})
}
// Certification photo controller.
func Certification() http.HandlerFunc {
tmpl := templates.Must("photo/certification.html")
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
currentUser, err := session.CurrentUser(r)
if err != nil {
session.FlashError(w, r, "Unexpected error: could not get currentUser.")
templates.Redirect(w, "/")
return
}
// Get the current user's cert photo (or create the DB record).
cert, err := models.GetCertificationPhoto(currentUser.ID)
if err != nil {
session.FlashError(w, r, "Unexpected error: could not get or create CertificationPhoto record.")
templates.Redirect(w, "/")
return
}
// Uploading?
if r.Method == http.MethodPost {
// Are they deleting their photo?
if r.PostFormValue("delete") == "true" {
if cert.Filename != "" {
if err := photo.Delete(cert.Filename); err != nil {
log.Error("Failed to delete old cert photo for %s (%s): %s", currentUser.Username, cert.Filename, err)
}
cert.Filename = ""
}
cert.Status = models.CertificationPhotoNeeded
Notifications on approved friendship and Cert Photo verdicts
2022-08-26 03:36:59 +00:00
cert.AdminComment = ""
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
cert.Save()
// Removing your photo = not certified again.
currentUser.Certified = false
if err := currentUser.Save(); err != nil {
session.FlashError(w, r, "Error saving your User data: %s", err)
}
Change Logs * Add a ChangeLog table to collect historic updates to various database tables. * Created, Updated (with field diffs) and Deleted actions are logged, as well as certification photo approves/denies. * Specific items added to the change log: * When a user photo is marked Explicit by an admin * When users block/unblock each other * When photo comments are posted, edited, and deleted * When forums are created, edited, and deleted * When forum comments are created, edited and deleted * When a new forum thread is created * When a user uploads or removes their own certification photo * When an admin approves or rejects a certification photo * When a user uploads, modifies or deletes their gallery photos * When a friend request is sent * When a friend request is accepted, ignored, or rejected * When a friendship is removed
2024-02-26 01:03:36 +00:00
// Log the change.
models.LogDeleted(currentUser, nil, "certification_photos", currentUser.ID, "Removed their certification photo.", cert)
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
session.Flash(w, r, "Your certification photo has been deleted.")
templates.Redirect(w, r.URL.Path)
return
}
// Get the uploaded file.
file, header, err := r.FormFile("file")
if err != nil {
session.FlashError(w, r, "Error receiving your file: %s", err)
templates.Redirect(w, r.URL.Path)
return
}
var buf bytes.Buffer
io.Copy(&buf, file)
filename, _, err := photo.UploadPhoto(photo.UploadConfig{
User: currentUser,
Extension: filepath.Ext(header.Filename),
Data: buf.Bytes(),
})
if err != nil {
session.FlashError(w, r, "Error processing your upload: %s", err)
templates.Redirect(w, r.URL.Path)
return
}
// Are they replacing their old photo?
if cert.Filename != "" {
if err := photo.Delete(cert.Filename); err != nil {
log.Error("Failed to delete old cert photo for %s (%s): %s", currentUser.Username, cert.Filename, err)
}
}
// Update their certification photo.
cert.Status = models.CertificationPhotoPending
cert.Filename = filename
cert.AdminComment = ""
Certification photo admin updates
2023-11-25 22:28:16 +00:00
cert.IPAddress = utility.IPAddress(r)
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
if err := cert.Save(); err != nil {
session.FlashError(w, r, "Error saving your CertificationPhoto: %s", err)
templates.Redirect(w, r.URL.Path)
return
}
// Set their approval status back to false.
currentUser.Certified = false
if err := currentUser.Save(); err != nil {
session.FlashError(w, r, "Error saving your User data: %s", err)
}
// Notify the admin email to check out this photo.
if err := mail.Send(mail.Message{
To: config.Current.AdminEmail,
Subject: "New Certification Photo Needs Approval",
Template: "email/certification_admin.html",
Data: map[string]interface{}{
"User": currentUser,
"URL": config.Current.BaseURL + "/admin/photo/certification",
},
}); err != nil {
log.Error("Certification: failed to notify admins of pending photo: %s", err)
}
Change Logs * Add a ChangeLog table to collect historic updates to various database tables. * Created, Updated (with field diffs) and Deleted actions are logged, as well as certification photo approves/denies. * Specific items added to the change log: * When a user photo is marked Explicit by an admin * When users block/unblock each other * When photo comments are posted, edited, and deleted * When forums are created, edited, and deleted * When forum comments are created, edited and deleted * When a new forum thread is created * When a user uploads or removes their own certification photo * When an admin approves or rejects a certification photo * When a user uploads, modifies or deletes their gallery photos * When a friend request is sent * When a friend request is accepted, ignored, or rejected * When a friendship is removed
2024-02-26 01:03:36 +00:00
// Log the change.
models.LogCreated(currentUser, "certification_photos", currentUser.ID, "Uploaded a new certification photo.")
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
session.Flash(w, r, "Your certification photo has been uploaded and is now awaiting approval.")
templates.Redirect(w, r.URL.Path)
return
}
var vars = map[string]interface{}{
"CertificationPhoto": cert,
}
if err := tmpl.Execute(w, r, vars); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
})
}
// AdminCertification controller (/admin/photo/certification)
func AdminCertification() http.HandlerFunc {
tmpl := templates.Must("admin/certification.html")
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
Admin Actions * Add impersonate feature * Add ban/unban user feature * Add promote/demote admin status feature * Add admin user deletion feature * Admin ability to see other status certification pics * Nav bar indicator of pending admin actions such as cert pics needing approval * Admin ability to search cert pics for specific user
2022-08-14 23:27:57 +00:00
// View status
var view = r.FormValue("view")
if view == "" {
view = "pending"
}
More Private User Avatars * Users who set their Profile Picture to "friends only" or "private" can have their avatar be private all over the website to users who are not their friends or not granted access. * Users who are not your friends see a yellow placeholder avatar, and users not granted access to a private Profile Pic sees a purple avatar. * Admin users see these same placeholder avatars most places too (on search, forums, comments, etc.) if the user did not friend or grant the admin. But admins ALWAYS see it on their Profile Page directly, for ability to moderate. * Fix marking Notifications as read: clicking the link in an unread notification now will wait on the ajax request to finish before allowing the redirect. * Update the FAQ
2022-09-09 04:42:20 +00:00
// Get the current user.
currentUser, err := session.CurrentUser(r)
if err != nil {
session.FlashError(w, r, "Couldn't get CurrentUser: %s", err)
}
Admin Groups & Permissions Add a permission system for admin users so you can lock down specific admins to a narrower set of features instead of them all having omnipotent powers. * New page: Admin Dashboard -> Admin Permissions Management * Permissions are handled in the form of 'scopes' relevant to each feature or action on the site. Scopes are assigned to Groups, and in turn, admin user accounts are placed in those Groups. * The Superusers group (scope '*') has wildcard permission to all scopes. The permissions dashboard has a create-once action to initialize the Superusers for the first admin who clicks on it, and places that admin in the group. The following are the exhaustive list of permission changes on the site: * Moderator scopes: * Chat room (enter the room with Operator permission) * Forums (can edit or delete user posts on the forum) * Photo Gallery (can see all private/friends-only photos on the site gallery or user profile pages) * Certification photos (with nuanced sub-action permissions) * Approve: has access to the Pending tab to act on incoming pictures * List: can paginate thru past approved/rejected photos * View: can bring up specific user cert photo from their profile * The minimum requirement is Approve or else no cert photo page will load for your admin user. * User Actions (each action individually scoped) * Impersonate * Ban * Delete * Promote to admin * Inner circle whitelist: no longer are admins automatically part of the inner circle unless they have a specialized scope attached. The AdminRequired decorator may also apply scopes on an entire admin route. The following routes have scopes to limit them: * Forum Admin (manage forums and their settings) * Remove from inner circle
2023-08-02 03:39:48 +00:00
// Scope check based on view.
switch view {
case "pending":
// Scope check.
if !currentUser.HasAdminScope(config.ScopeCertificationApprove) {
session.FlashError(w, r, "Missing admin scope: %s", config.ScopeCertificationApprove)
templates.Redirect(w, "/admin")
return
}
case "approved", "rejected":
// Scope check.
if !currentUser.HasAdminScope(config.ScopeCertificationList) {
session.FlashError(w, r, "Missing admin scope: %s", config.ScopeCertificationList)
templates.Redirect(w, "/admin")
return
}
}
Admin Actions * Add impersonate feature * Add ban/unban user feature * Add promote/demote admin status feature * Add admin user deletion feature * Admin ability to see other status certification pics * Nav bar indicator of pending admin actions such as cert pics needing approval * Admin ability to search cert pics for specific user
2022-08-14 23:27:57 +00:00
// Short circuit the GET view for username/email search (exact match)
if username := r.FormValue("username"); username != "" {
Admin Groups & Permissions Add a permission system for admin users so you can lock down specific admins to a narrower set of features instead of them all having omnipotent powers. * New page: Admin Dashboard -> Admin Permissions Management * Permissions are handled in the form of 'scopes' relevant to each feature or action on the site. Scopes are assigned to Groups, and in turn, admin user accounts are placed in those Groups. * The Superusers group (scope '*') has wildcard permission to all scopes. The permissions dashboard has a create-once action to initialize the Superusers for the first admin who clicks on it, and places that admin in the group. The following are the exhaustive list of permission changes on the site: * Moderator scopes: * Chat room (enter the room with Operator permission) * Forums (can edit or delete user posts on the forum) * Photo Gallery (can see all private/friends-only photos on the site gallery or user profile pages) * Certification photos (with nuanced sub-action permissions) * Approve: has access to the Pending tab to act on incoming pictures * List: can paginate thru past approved/rejected photos * View: can bring up specific user cert photo from their profile * The minimum requirement is Approve or else no cert photo page will load for your admin user. * User Actions (each action individually scoped) * Impersonate * Ban * Delete * Promote to admin * Inner circle whitelist: no longer are admins automatically part of the inner circle unless they have a specialized scope attached. The AdminRequired decorator may also apply scopes on an entire admin route. The following routes have scopes to limit them: * Forum Admin (manage forums and their settings) * Remove from inner circle
2023-08-02 03:39:48 +00:00
// Scope check.
if !currentUser.HasAdminScope(config.ScopeCertificationView) {
session.FlashError(w, r, "Missing admin scope: %s", config.ScopeCertificationView)
templates.Redirect(w, "/admin")
return
}
Admin Actions * Add impersonate feature * Add ban/unban user feature * Add promote/demote admin status feature * Add admin user deletion feature * Admin ability to see other status certification pics * Nav bar indicator of pending admin actions such as cert pics needing approval * Admin ability to search cert pics for specific user
2022-08-14 23:27:57 +00:00
user, err := models.FindUser(username)
if err != nil {
session.FlashError(w, r, "Username or email '%s' not found.", username)
templates.Redirect(w, r.URL.Path)
return
}
cert, err := models.GetCertificationPhoto(user.ID)
if err != nil {
session.FlashError(w, r, "Couldn't get their certification photo: %s", err)
templates.Redirect(w, r.URL.Path)
return
}
var vars = map[string]interface{}{
"View": view,
"Photos": []*models.CertificationPhoto{cert},
"UserMap": &models.UserMap{user.ID: user},
"FoundUser": user,
}
if err := tmpl.Execute(w, r, vars); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
}
return
}
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
// Making a verdict?
if r.Method == http.MethodPost {
Admin Groups & Permissions Add a permission system for admin users so you can lock down specific admins to a narrower set of features instead of them all having omnipotent powers. * New page: Admin Dashboard -> Admin Permissions Management * Permissions are handled in the form of 'scopes' relevant to each feature or action on the site. Scopes are assigned to Groups, and in turn, admin user accounts are placed in those Groups. * The Superusers group (scope '*') has wildcard permission to all scopes. The permissions dashboard has a create-once action to initialize the Superusers for the first admin who clicks on it, and places that admin in the group. The following are the exhaustive list of permission changes on the site: * Moderator scopes: * Chat room (enter the room with Operator permission) * Forums (can edit or delete user posts on the forum) * Photo Gallery (can see all private/friends-only photos on the site gallery or user profile pages) * Certification photos (with nuanced sub-action permissions) * Approve: has access to the Pending tab to act on incoming pictures * List: can paginate thru past approved/rejected photos * View: can bring up specific user cert photo from their profile * The minimum requirement is Approve or else no cert photo page will load for your admin user. * User Actions (each action individually scoped) * Impersonate * Ban * Delete * Promote to admin * Inner circle whitelist: no longer are admins automatically part of the inner circle unless they have a specialized scope attached. The AdminRequired decorator may also apply scopes on an entire admin route. The following routes have scopes to limit them: * Forum Admin (manage forums and their settings) * Remove from inner circle
2023-08-02 03:39:48 +00:00
// Scope check.
if !currentUser.HasAdminScope(config.ScopeCertificationApprove) {
session.FlashError(w, r, "Missing admin scope: %s", config.ScopeCertificationApprove)
templates.Redirect(w, r.URL.Path)
return
}
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
var (
comment = r.PostFormValue("comment")
verdict = r.PostFormValue("verdict")
)
userID, err := strconv.Atoi(r.PostFormValue("user_id"))
if err != nil {
session.FlashError(w, r, "Invalid user_id data type.")
templates.Redirect(w, r.URL.Path)
return
}
// Look up the user in case we'll toggle their Certified state.
user, err := models.GetUser(uint64(userID))
if err != nil {
session.FlashError(w, r, "Couldn't get user ID %d: %s", userID, err)
templates.Redirect(w, r.URL.Path)
return
}
// Look up this photo.
cert, err := models.GetCertificationPhoto(uint64(userID))
if err != nil {
session.FlashError(w, r, "Couldn't get certification photo.")
templates.Redirect(w, r.URL.Path)
return
} else if cert.Filename == "" {
session.FlashError(w, r, "That photo has no filename anymore??")
templates.Redirect(w, r.URL.Path)
return
}
switch verdict {
case "reject":
if comment == "" {
session.FlashError(w, r, "An admin comment is required when rejecting a photo.")
} else {
cert.Status = models.CertificationPhotoRejected
cert.AdminComment = comment
Certification photo admin updates
2023-11-25 22:28:16 +00:00
if comment == "(ignore)" {
cert.AdminComment = ""
}
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
if err := cert.Save(); err != nil {
session.FlashError(w, r, "Failed to save CertificationPhoto: %s", err)
templates.Redirect(w, r.URL.Path)
return
}
// Uncertify the user just in case.
user.Certified = false
user.Save()
Change Logs * Add a ChangeLog table to collect historic updates to various database tables. * Created, Updated (with field diffs) and Deleted actions are logged, as well as certification photo approves/denies. * Specific items added to the change log: * When a user photo is marked Explicit by an admin * When users block/unblock each other * When photo comments are posted, edited, and deleted * When forums are created, edited, and deleted * When forum comments are created, edited and deleted * When a new forum thread is created * When a user uploads or removes their own certification photo * When an admin approves or rejects a certification photo * When a user uploads, modifies or deletes their gallery photos * When a friend request is sent * When a friend request is accepted, ignored, or rejected * When a friendship is removed
2024-02-26 01:03:36 +00:00
// Log the change.
models.LogEvent(user, currentUser, models.ChangeLogRejected, "certification_photos", user.ID, "Rejected the certification photo with comment: "+comment)
Certification photo admin updates
2023-11-25 22:28:16 +00:00
// Did we silently ignore it?
if comment == "(ignore)" {
session.FlashError(w, r, "The certification photo was ignored with no comment, and will not notify the sender.")
templates.Redirect(w, r.URL.Path)
return
}
Notifications on approved friendship and Cert Photo verdicts
2022-08-26 03:36:59 +00:00
// Notify the user about this rejection.
notif := &models.Notification{
UserID: user.ID,
AboutUser: *user,
Type: models.NotificationCertRejected,
Message: comment,
}
if err := models.CreateNotification(notif); err != nil {
log.Error("Couldn't create rejection notification: %s", err)
}
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
// Notify the user via email.
if err := mail.Send(mail.Message{
To: user.Email,
Subject: "Your certification photo has been rejected",
Template: "email/certification_rejected.html",
Data: map[string]interface{}{
"Username": user.Username,
"AdminComment": comment,
"URL": config.Current.BaseURL + "/photo/certification",
},
}); err != nil {
session.FlashError(w, r, "Note: failed to email user about the rejection: %s", err)
}
}
session.Flash(w, r, "Certification photo rejected!")
case "approve":
cert.Status = models.CertificationPhotoApproved
cert.AdminComment = ""
if err := cert.Save(); err != nil {
session.FlashError(w, r, "Failed to save CertificationPhoto: %s", err)
templates.Redirect(w, r.URL.Path)
return
}
// Certify the user!
user.Certified = true
user.Save()
Notifications on approved friendship and Cert Photo verdicts
2022-08-26 03:36:59 +00:00
// Notify the user about this approval.
notif := &models.Notification{
UserID: user.ID,
AboutUser: *user,
Type: models.NotificationCertApproved,
}
if err := models.CreateNotification(notif); err != nil {
log.Error("Couldn't create approval notification: %s", err)
}
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
// Notify the user via email.
if err := mail.Send(mail.Message{
To: user.Email,
Subject: "Your certification photo has been approved!",
Template: "email/certification_approved.html",
Data: map[string]interface{}{
"Username": user.Username,
"URL": config.Current.BaseURL,
},
}); err != nil {
session.FlashError(w, r, "Note: failed to email user about the approval: %s", err)
}
Change Logs * Add a ChangeLog table to collect historic updates to various database tables. * Created, Updated (with field diffs) and Deleted actions are logged, as well as certification photo approves/denies. * Specific items added to the change log: * When a user photo is marked Explicit by an admin * When users block/unblock each other * When photo comments are posted, edited, and deleted * When forums are created, edited, and deleted * When forum comments are created, edited and deleted * When a new forum thread is created * When a user uploads or removes their own certification photo * When an admin approves or rejects a certification photo * When a user uploads, modifies or deletes their gallery photos * When a friend request is sent * When a friend request is accepted, ignored, or rejected * When a friendship is removed
2024-02-26 01:03:36 +00:00
// Log the change.
models.LogEvent(user, currentUser, models.ChangeLogApproved, "certification_photos", user.ID, "Approved the certification photo.")
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
session.Flash(w, r, "Certification photo approved!")
default:
session.FlashError(w, r, "Unsupported verdict option: %s", verdict)
}
templates.Redirect(w, r.URL.Path)
return
}
// Get the pending photos.
pager := &models.Pagination{
Page: 1,
Friend Requests and User Search
2022-08-14 05:44:57 +00:00
PerPage: config.PageSizeAdminCertification,
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
Sort: "updated_at desc",
}
pager.ParsePage(r)
Admin Actions * Add impersonate feature * Add ban/unban user feature * Add promote/demote admin status feature * Add admin user deletion feature * Admin ability to see other status certification pics * Nav bar indicator of pending admin actions such as cert pics needing approval * Admin ability to search cert pics for specific user
2022-08-14 23:27:57 +00:00
photos, err := models.CertificationPhotosNeedingApproval(models.CertificationPhotoStatus(view), pager)
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
if err != nil {
session.FlashError(w, r, "Couldn't load certification photos from DB: %s", err)
}
Certification photo admin updates
2023-11-25 22:28:16 +00:00
// Map user IDs and GeoIP insights.
var (
userIDs = []uint64{}
ipAddresses = []string{}
)
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
for _, p := range photos {
userIDs = append(userIDs, p.UserID)
Certification photo admin updates
2023-11-25 22:28:16 +00:00
ipAddresses = append(ipAddresses, p.IPAddress)
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
}
Certification photo admin updates
2023-11-25 22:28:16 +00:00
insightsMap := geoip.MapInsights(ipAddresses)
More Private User Avatars * Users who set their Profile Picture to "friends only" or "private" can have their avatar be private all over the website to users who are not their friends or not granted access. * Users who are not your friends see a yellow placeholder avatar, and users not granted access to a private Profile Pic sees a purple avatar. * Admin users see these same placeholder avatars most places too (on search, forums, comments, etc.) if the user did not friend or grant the admin. But admins ALWAYS see it on their Profile Page directly, for ability to moderate. * Fix marking Notifications as read: clicking the link in an unread notification now will wait on the ajax request to finish before allowing the redirect. * Update the FAQ
2022-09-09 04:42:20 +00:00
userMap, err := models.MapUsers(currentUser, userIDs)
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
if err != nil {
session.FlashError(w, r, "Couldn't map user IDs: %s", err)
}
var vars = map[string]interface{}{
Certification photo admin updates
2023-11-25 22:28:16 +00:00
"View": view,
"Photos": photos,
"UserMap": userMap,
"InsightsMap": insightsMap,
"Pager": pager,
Certification Photo Workflow * Add "Site Gallery" page showing all public+gallery member photos. * Add "Certification Required" decorator for gallery and other main pages. * Add the Certification Photo workflow: * Users have a checklist on their dashboard to upload a profile pic and post a certification selfie (two requirements) * Admins notified by email when a new certification pic comes in. * Admin can reject (w/ comment) or approve the pic. * Users can re-upload or delete their pic at the cost of losing certification status if they make any such changes. * Users are emailed when their photo is either approved or rejected. * User Preferences: can now save the explicit pref to your account. * Explicit photos on user pages and site gallery are hidden if the current user hasn't opted-in (user can always see their own explicit photos regardless of the setting) * If a user is viewing a member gallery and explicit pics are hidden, a count of the number of explicit pics is shown to inform the user that more DO exist, they just don't see them. The site gallery does not do this and simply hides explicit photos.
2022-08-13 22:39:31 +00:00
}
if err := tmpl.Execute(w, r, vars); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
})
}
Reference in New Issue Copy Permalink