Commit Graph

476 Commits

Author SHA1 Message Date
Noah Petherbridge
1b3e8cb250 Private Photo Sharing Improvements
* Add a user privacy setting so they can gate who is allowed to share private
  photos with them (for people who dislike unsolicited shares):
  * Anybody (default)
  * Friends only
  * Friends + people whom they have sent a DM to (on the main website)
  * Nobody
* Add gating around whether to display the prompt to unlock your private photos
  while you are viewing somebody's gallery:
  * The current user needs at least one private photo to share.
  * The target user's new privacy preference is taken into consideration.
* The "should show private photo share prompt" logic is also used on the actual
  share page, e.g. for people who manually paste in a username to share with.
  You can not grant access to private photos which don't exist.
* Improve the UI on the private photo shares page.
  * Profile cards to add elements from the Member Directory page, such as a
    Friends and Liked indicator.
  * A count of the user's Private photos is shown, which links directly to
    their private gallery.
* Add "Decline" buttons to the Shared With Me page: so the target of a private
  photo share is able to remove/cancel shares with them.
2024-10-19 12:44:47 -07:00
Noah Petherbridge
e146c09850 Improvements to Feedback & Reports
* Add an AboutUserID field to feedbacks, so when the report is about a
  picture that is later deleted, the feedback can still link to the
  original owner's account instead of showing an error.
* Add filters to the User Notes page so the admin can see:
  * All feedback From or About the user or their content (default)
  * Feedback created by the user
  * Feedback about the user or their content
  * Fuzzy search for any feedback containing the user's name.
* On chat room reports: make the @channel ID a clickable user profile
  link for convenience.
2024-10-17 19:21:18 -07:00
Noah Petherbridge
704124157d User Themes refactor
Instead of fighting to override Bulma CSS classes, add user-theme-*
classes for simpler styling.
2024-10-13 20:31:09 -07:00
Noah Petherbridge
b7bee75e1f Function to re-sign photo URLs on profile pages
* With the new JWT signatures on photo URLs, it was no longer possible for
  creative users to embed their gallery photos on their profile page.
* Add a function to ReSignPhotoLinks that finds/replaces (on the server side)
  all references to paths under "/static/photos/" and gives them a fresh
  ?jwt= query string signature.
* Note: only applies to the profile page essays, ReSignPhotoLinks is a
  template func that must be opted-in on a per page basis.

Other miscellaneous fixes

* Add "Edit" buttons in the corners of profile cards, when the current user
  looks at their profile page. They link to URIs like
  "/settings#profile/about_me" which will now:
  1. Select the "Profile settings" tab like #profile
  2. Scroll and focus the profile essay field that the user clicked to edit.
2024-10-13 19:50:11 -07:00
Noah Petherbridge
cb37934935 Birthday chat room style fix
The h2 was showing in light text on dark mode making it unreadable.
2024-10-12 13:14:40 -07:00
Noah Petherbridge
26f9c4d71d Minor bugfix 2024-10-07 16:50:21 +00:00
Noah Petherbridge
2262edfe09 Improve browser caching with signed JWT photo URLs
* JWT tokens will now expire on the 10th of the next month, to produce
  consistent values for a period of time and aid with browser caching.
2024-10-05 20:24:45 -07:00
Noah Petherbridge
77a9d9a7fd Code cleanup 2024-10-04 21:22:52 -07:00
Noah Petherbridge
8078ff8755 Batch Edit/Delete Photos + Misc Fixes
Certification Required page:

* Show helpful advice if the reason for the page is only that the user had
  deleted their default profile pic, but their account was certified.

Batch Photo Delete & Visibility:

* On user galleries, owners and admins can batch Delete or Set Visibility on
  many photos at once. Checkboxes appear in the edit/delete row of each photo,
  and bulk actions appear at the bottom of the page along with select/unselect
  all boxes.
* Deprecated the old /photo/delete endpoint: it now redirects to the batch
  delete page with the one photo ID.

Misc Changes:

* Notifications now sort unread to the top always.
2024-10-04 21:17:20 -07:00
Noah Petherbridge
cbdabe791e Improve Signed Photo URLs
* The photo signing JWT tokens carry more fields to validate against:
  * The username the token is assigned to (or '@' for anyone)
  * An 'anyone' boolean for widely public images, such as for the chat room
    and public profile pages.
  * A short filename hash of the image in question (whether a Photo or a
    CommentPhoto) - so that the user can't borrow a JWT token from the chat
    room and reveal a different picture.
* Refactored where the VisibleAvatarURL function lives, to avoid a cyclic
  dependency error.
  * Originally: (*models.User).VisibleAvatarURL(other *models.User)
  * Now: (pkg/photo).VisibleAvatarURL(user, currentUser *models.User)
2024-10-03 20:14:34 -07:00
Noah Petherbridge
7869ff83ba Signed and Authenticated Static Photo URLs
* Add support for authenticated static photo URLs, leveraging the NGINX module
  ngx_http_auth_request. The README is updated with an example NGINX config
  how to set this up on the proxy side.
* In settings.json a new SignedPhoto section is added: not enabled by default.
* PhotoURL will append a ?jwt= token to the /static/photos/ path for the
  current user, which expires after 30 seconds.
* When SignedPhoto is enabled, it will enforce that the JWT token is valid and
  matches the username of the current logged-in user, or else will return with
  a 403 Forbidden error.
2024-10-03 18:04:14 -07:00
Noah Petherbridge
295183559d Admin labels on photos surrounding explicit flags
* Add 'admin labels' to photos so an admin can classify a photo as:
  * Not Explicit: e.g. it was flagged by the community but does not
    actually need to be explicit. This option will hide the prompt to
    report the explicit photo again.
  * Force Explicit: if a user is fighting an explicit flag and keeps
    removing it from their photo, the photo can be force marked
    explicit.
* Admin labels appear on the Permalink page and in the edit photo
  settings when viewed as a photo moderator admin.
2024-10-02 16:22:19 -07:00
Noah Petherbridge
542d0bb300 Improvements on community flagged explicit photos
When a user marks that another photo should have been marked as explicit:

* The owner of that photo gets a notification about it, which reminds them of
  the explicit photo policy.
* The photo's "Flagged" boolean is set (along with the Explicit boolean)
* The 'Edit' page on a Flagged photo shows a red banner above the Explicit
  option, explaining that it was flagged. The checkbox text is crossed-out,
  with a "no" cursor and title text over - but can still be unchecked.

If the user removes the Explicit flag on a flagged photo and saves it:

* An admin report is generated to notify to take a look too.
* The Explicit flag is cleared as normal
* The Flagged boolean is also cleared on this photo: if they set it back to
  Explicit again themselves, the red banner won't appear and it won't notify
  again - unless a community member flagged it again!

Also makes some improvements to the admin page:

* On photo reports: show a blurred-out (clickable to reveal) photo on feedback
  items about photos.
2024-10-01 20:44:11 -07:00
Noah Petherbridge
c8d9cdbb3a Demographics page: count only 'gallery' photos
The photo stats were counting ALL public photos of certified members,
whether featured on the Site Gallery or not. Update the query to filter
for Site Gallery photos instead.
2024-09-28 13:10:56 -07:00
Noah Petherbridge
106bcd377e User Forums: Enable PermitPhotos for all forum owners 2024-09-28 12:58:52 -07:00
Noah Petherbridge
f2e847922f Tweak admin permissions and photo view counts
* Profile pictures on profile pages now link to the gallery when clicked.
* Admins can no longer automatically see the default profile pic on profile
  pages unless they have photo moderator ability.
* Photo view counts are not added when an admin with photo moderator ability
  should not have otherwise been able to see the photo.
2024-09-28 12:45:20 -07:00
Noah Petherbridge
3fdae1d8d7 Various minor tweaks
* Demographics page:
    * Show percents with up to 1 decimal place of precision.
    * On tablets+ align the percent text to the right.
    * On photo counts, only include certified active user photos.
    * On gender/orientation demographics, pad the remaining "No answer" counts
      with the set of users who have no profile_fields set in the database yet.
* Admin certification page:
    * Add additional "common rejection reasons"
    * Add a confirm prompt when viewing the Rejected list to avoid accidental
      approval of previously rejected cert photos.
2024-09-27 17:37:45 -07:00
Noah Petherbridge
0c7fc7e866 Improve message reporting format 2024-09-26 21:05:27 -07:00
Noah Petherbridge
ab880148ad 'Likes' view an image + Tweak inbox page
* Hitting the Like button on a photo will mark it as viewed.
* Move the 'Report' button on the message inbox page, to instead be in
  the footer of each DM.
* Improve message reporting behavior to include the content of the
  message in the admin report.
2024-09-26 20:56:16 -07:00
Noah Petherbridge
7aa1d512fc Photo view count tweaks
* The owner of a photo no longer counts any views on it.
* Add event handlers to mark animated GIFs viewed on the gallery page:
  if the user mouse overs or pauses the video.
2024-09-26 20:32:04 -07:00
Noah Petherbridge
9d6c299fdd Photo View Counters 2024-09-25 22:46:33 -07:00
Noah Petherbridge
955ace1e91 Optimize sorting gallery by Likes/Comments via caching 2024-09-21 17:25:36 -07:00
Noah Petherbridge
0cd72a96ed Optimize gallery sort by likes or comments 2024-09-21 16:59:37 -07:00
Noah Petherbridge
944b2e28e9 Sort Gallery photos by Likes and Comments 2024-09-21 16:39:18 -07:00
Noah Petherbridge
9575041d1e Bugfix when removing all chat moderation rules 2024-09-20 20:32:56 -07:00
Noah Petherbridge
066765d2dc Chat Moderation Rules + Shy Accounts on Chat
* Add chat moderation rules to the website, so admins can apply selective rules
  to problematic users. Available rules are:
  * redcam: user's camera is always NSFW.
  * nobroadcast: user can not broadcast their camera.
  * novideo: user can not broadcast OR watch any video.
  * noimage: user can not share OR see any shared image on chat.
* The page to manage a user's active rules is available on their admin card of
  their profile page. When the user has rules active, a yellow counter is shown
  by the link to manage their rules.
  * Only chat moderator admins have access to the page or can see the yellow
    counter to know whether rules are active.
* "Shy Accounts" are now permitted on the chat room! With some moderation rules
  automatically applied to them: novideo,noimage.
* Update the Shy Account FAQ and messaging on the chat landing page.
* Update the auto-kick from chat behavior regarding shy accounts:
  * They are kicked from chat only when an update to their profile settings will
    transition then FROM a non-shy into a shy account.
  * For example: when saving their profile settings (going private) or when
    editing or deleting a photo (if they will have no more public photos left)
2024-09-19 19:30:02 -07:00
Noah Petherbridge
ae84ddf449 Web Push Notifications: Disable script when impersonated
If an admin needs to impersonate a regular user (to diagnose a support
issue or investigate a reported conversation thread), the web push
script is disabled so that the admin doesn't get subscribed to push
notifications for that user.
2024-09-14 12:07:18 -07:00
Noah Petherbridge
7991320256 Fix SQL queries on demographics page 2024-09-12 10:42:07 -07:00
Noah Petherbridge
02487ba2f4 Adjust progressbar styles 2024-09-11 19:37:10 -07:00
Noah Petherbridge
4b43071f28 Bugfix 2024-09-11 19:35:45 -07:00
Noah Petherbridge
2f31d678d0 Usage Statistics and Website Demographics
Adds two new features to collect and show useful analytics.

Usage Statistics:
* Begin tracking daily active users who log in and interact with major features
  of the website each day, such as the chat room, forum and gallery.

Demographics page:
* For marketing, the home page now shows live statistics about the breakdown of
  content (explicit vs. non-explicit) on the site, and the /insights page gives
  a lot more data in detail.
* Show the percent split in photo gallery content and how many users opt-in or
  share explicit content on the site.
* Show high-level demographics of the members (by age range, gender, orientation)

Misc cleanup:
* Rearrange model list in data export to match the auto-create statements.
* In data exports, include the forum_memberships, push_notifications and
  usage_statistics tables.
2024-09-11 19:28:52 -07:00
Noah Petherbridge
8d9588b039 Notification when admin users are blocked 2024-09-10 15:43:34 -07:00
Noah Petherbridge
79ea384d40 More adjusting email sending behavior 2024-09-09 20:59:46 -07:00
Noah Petherbridge
463253dbb5 Email delivery tweaks 2024-09-09 20:52:53 -07:00
Noah Petherbridge
276eddfd8e Search and filter admin feedback & reports 2024-09-07 14:50:11 -07:00
Noah Petherbridge
2c7532434a My List: show owned forums only when not official forums 2024-08-30 18:49:12 -07:00
Noah Petherbridge
b034b1ae6c Feature launch and misc typo fixes 2024-08-31 01:47:03 +00:00
Noah Petherbridge
c37d0298b0 User Forums Blocking Behavior + Misc Fixes
Make some adjustments to blocking behavior regarding the forums:

* Pre-existing bug: on a forum's home page (threads list), if a thread was
  created by a blocked user, the thread still appeared with the user's name and
  picture visible. Now: their picture and name will be "[unavailable]" but the
  thread title/message and link to the thread will remain. Note: in the thread
  view itself, posts by the blocked user will be missing as normal.
* Make some tweaks to allow forum moderators (and owners of user-owned forums)
  able to see messages from blocked users on their forum:
  * In threads: a blocked user's picture and name are "[unavailable]" but the
    content of their message is still shown, and can be deleted by moderators.

Misc fixes:

* Private photos: when viewing your granted/grantee lists, hide users whose
  accounts are inactive or who are blocked.
* CertifiedSince: in case a user was manually certified but their cert photo
  status is not correct, return their user CreatedAt time instead.
2024-08-28 18:42:49 -07:00
Noah Petherbridge
617cd48308 Feature flag 2024-08-26 21:39:07 -07:00
Noah Petherbridge
242333d8b7 Spit and polish
* Show follower counts on forums
* Sort by popularity (follow count)
2024-08-26 21:36:48 -07:00
Noah Petherbridge
56a6190ce9 User Forums: Sort options and pagination
* The Explore tab can now sort forums by their:
  * Most recently updated thread
  * Topics, Posts or Users (counts)
* Show owner information in forum cards
* Passive pagination support for the "My List" on forum home page.
  * Only visible when there are >20 favorited Forums.
2024-08-26 20:47:14 -07:00
Noah Petherbridge
3921691319 Optimize SQL: CountLikesReceived 2024-08-25 20:43:22 -07:00
Noah Petherbridge
e0e98d8df6 Gentle rule reminder below photo comment form 2024-08-25 20:05:20 -07:00
Noah Petherbridge
2cf4405ce0 Tweak PWA mobile loading indicator
* Don't show the loading indicator when intercepted href="#" links have
  been clicked (e.g. like buttons, settings tabs)
2024-08-24 19:08:40 -07:00
Noah Petherbridge
def9f6ddcf Bugfix on member search page 2024-08-23 23:34:12 -07:00
Noah Petherbridge
36e48f6ce0 Member Search: Order by certified at 2024-08-23 23:09:27 -07:00
Noah Petherbridge
81719218e2 Testing feature flags 2024-08-23 22:56:41 -07:00
Noah Petherbridge
de52037fb0 Code cleanup 2024-08-23 22:56:41 -07:00
Noah Petherbridge
85fd6ac5a2 Thread Moderator Buttons: Pin and Lock
* The bottoms of threads have moderator buttons now, to easily Pin or
  Unpin the thread (for Owners + Admins) or to Lock/Unlock the thread
  (all moderators).
2024-08-23 22:56:40 -07:00
Noah Petherbridge
90d0d10ee5 Adopt a Forum
* Forums are disowned on user account deletion (their owner_id=0)
* A forum without an owner shows a notice at the bottom with a link to petition
  to adopt the forum. It goes to the Contact form with a special subject.
  * Note: there is no easy way to re-assign ownership yet other than a direct
    database query.
* Code cleanup
  * Alphabetize the DB.AutoMigrate tables.
  * Delete more things on user deletion: forum_memberships, admin_group_users
  * Vacuum worker to clean up orphaned polls after the threads are removed
2024-08-23 22:56:40 -07:00