Commit Graph

49 Commits

Author SHA1 Message Date
Noah Petherbridge
b7bee75e1f Function to re-sign photo URLs on profile pages
* With the new JWT signatures on photo URLs, it was no longer possible for
  creative users to embed their gallery photos on their profile page.
* Add a function to ReSignPhotoLinks that finds/replaces (on the server side)
  all references to paths under "/static/photos/" and gives them a fresh
  ?jwt= query string signature.
* Note: only applies to the profile page essays, ReSignPhotoLinks is a
  template func that must be opted-in on a per page basis.

Other miscellaneous fixes

* Add "Edit" buttons in the corners of profile cards, when the current user
  looks at their profile page. They link to URIs like
  "/settings#profile/about_me" which will now:
  1. Select the "Profile settings" tab like #profile
  2. Scroll and focus the profile essay field that the user clicked to edit.
2024-10-13 19:50:11 -07:00
Noah Petherbridge
cbdabe791e Improve Signed Photo URLs
* The photo signing JWT tokens carry more fields to validate against:
  * The username the token is assigned to (or '@' for anyone)
  * An 'anyone' boolean for widely public images, such as for the chat room
    and public profile pages.
  * A short filename hash of the image in question (whether a Photo or a
    CommentPhoto) - so that the user can't borrow a JWT token from the chat
    room and reveal a different picture.
* Refactored where the VisibleAvatarURL function lives, to avoid a cyclic
  dependency error.
  * Originally: (*models.User).VisibleAvatarURL(other *models.User)
  * Now: (pkg/photo).VisibleAvatarURL(user, currentUser *models.User)
2024-10-03 20:14:34 -07:00
Noah Petherbridge
f2e847922f Tweak admin permissions and photo view counts
* Profile pictures on profile pages now link to the gallery when clicked.
* Admins can no longer automatically see the default profile pic on profile
  pages unless they have photo moderator ability.
* Photo view counts are not added when an admin with photo moderator ability
  should not have otherwise been able to see the photo.
2024-09-28 12:45:20 -07:00
Noah Petherbridge
066765d2dc Chat Moderation Rules + Shy Accounts on Chat
* Add chat moderation rules to the website, so admins can apply selective rules
  to problematic users. Available rules are:
  * redcam: user's camera is always NSFW.
  * nobroadcast: user can not broadcast their camera.
  * novideo: user can not broadcast OR watch any video.
  * noimage: user can not share OR see any shared image on chat.
* The page to manage a user's active rules is available on their admin card of
  their profile page. When the user has rules active, a yellow counter is shown
  by the link to manage their rules.
  * Only chat moderator admins have access to the page or can see the yellow
    counter to know whether rules are active.
* "Shy Accounts" are now permitted on the chat room! With some moderation rules
  automatically applied to them: novideo,noimage.
* Update the Shy Account FAQ and messaging on the chat landing page.
* Update the auto-kick from chat behavior regarding shy accounts:
  * They are kicked from chat only when an update to their profile settings will
    transition then FROM a non-shy into a shy account.
  * For example: when saving their profile settings (going private) or when
    editing or deleting a photo (if they will have no more public photos left)
2024-09-19 19:30:02 -07:00
Noah Petherbridge
b12390563e Forum Creation Quotas
Add minimum quotas for users to earn the ability to create custom forums.

The entry requirements that could earn the first forum include:
1. Having a Certified account status for at least 45 days.
2. Having written 10 posts or replies in the forums.

Additional quota is granted in increasing difficulty based on the count of
forum posts created.

Other changes:

* Admin view of Manage Forums can filter for official/community.
* "Certified Since" now shown on profile pages.
* Update FAQ page for Forums feature.
2024-08-23 22:56:40 -07:00
Noah Petherbridge
e70ede301f Delete the inner circle 2024-08-10 11:54:37 -07:00
Noah Petherbridge
a0320714c4 Search terms and admin features 2024-07-13 12:05:36 -07:00
Noah Petherbridge
42aeb60853 Various tweaks and improvements
* Inner circle: users have the ability to remove themselves and can avoid being
  invited again in the future.
* Admin actions: add a "Reset Password" ability to user accounts.
* Admin "Create New User" page.
* Rate limit error handling improvements for the login page.
2024-06-15 15:05:50 -07:00
Noah Petherbridge
5db1c03fd9 Clean up admin permission checks around the site 2024-05-27 13:02:05 -07:00
Noah Petherbridge
20d04fc370 Admin Transparency Page
* Add a transparency page where regular user accounts can list the roles and
  permissions that an admin user has access to. It is available by clicking on
  the "Admin" badge on that user's profile page.
* Add additional admin scopes to lock down more functionality:
  * User feedback and reports
  * Change logs
  * User notes and admin notes
* Add friendly descriptions to what all the scopes mean in practice.
* Don't show admin notification badges to admins who aren't allowed to act on
  those notifications.
* Update the admin dashboard page and documentation for admins.
2024-05-09 15:50:46 -07:00
Noah Petherbridge
19d06c183f Remove debug testing 2024-04-24 20:38:07 -07:00
Noah Petherbridge
f4721d65da HTMX lazy load for user statistics card 2024-04-24 20:36:37 -07:00
Noah Petherbridge
ddd33aad91 Change Log Buttons
* Dark theme fixes to brighten notification colors on mobile
* Add change log buttons around various pages to easily look into the history
  of an object in the database:
  * User profile page ('about user' and user table history links)
  * User friends page
  * User/Site gallery page (history of all (user) photos)
  * Admin insights page (comments, threads, and blocklist history)
  * Admin certification page (history of a user's cert photos)
  * Comment history buttons on forums and photos
2024-04-04 22:24:35 -07:00
Noah Petherbridge
7da650ffc4 Go 1.22 upgrade 2024-02-10 16:17:15 -08:00
Noah Petherbridge
19006877a2 Fix limited logged-out view profile picture 2024-01-07 15:32:51 -08:00
Noah Petherbridge
8fca36836c Add notice of private profile pic, inner circle placeholder
* On a user gallery page: if the current user can not see their default
  profile pic (friends-only or private), include a notice and link to
  the FAQ about this.
* Add a new placeholder avatar for profile pics that are set to
  "Inner circle only" when viewed by members outside the circle.
2024-01-07 14:20:01 -08:00
Noah Petherbridge
cca449090a Forum Search, User Profile Statistics
* Add a Search page to the forums to filter by user ID and find threads and
  replies matching your search terms, with "quoted phrases" and -negation
  support.
* On user profile pages, add an "Activity" box showing statistics on their
  forum threads/comments, likes given/received, photo counts, etc.
* On the "Newest" and Search page for Forums: show an indicator whenever a
  post includes an attached photo.
2024-01-06 16:44:05 -08:00
Noah Petherbridge
90270572f1 Look & Feel settings for profile pages 2023-12-26 15:44:34 -08:00
Noah Petherbridge
fc8014913d Admin insights block lists page 2023-12-04 19:57:14 -08:00
Noah Petherbridge
0143fd752f Bugfixes on user profile pages 2023-10-23 21:55:55 -07:00
Noah Petherbridge
481bd0ae61 Deactivate Account; Friends Lists on Profiles
* Add a way for users to temporarily deactivate their accounts, in a
  recoverable way should they decide to return later.
* A deactivated account may log in but have limited options: to
  reactivate their account, permanently delete it, or log out.
* Fix several bugs around the display of comments, messages and
  forum threads for disabled, banned, or blocked users:
  * Messages (inbox and sentbox) will be hidden and the unread indicator
    will not count unread messages the user can't access.
  * Comments on photos and forum posts are hidden, and top-level threads
    on the "Newest" tab will show "[unavailable]" for their text and
    username.
  * Your historical notifications will hide users who are blocked, banned
    or disabled.
* Add a "Friends" tab to user profile pages, to see other users' friends.
  * The page is Certification Required so non-cert users can't easily
    discover any members on the site.
2023-10-22 15:02:24 -07:00
Noah Petherbridge
49b5387750 User Notes + Bring Back Online Chatters List
New feature: User Notes
* Add a "Notes" tab to user profile pages and galleries.
* Users can create one private note about another user.
* Admins can see all notes left about a user.
* Admins also see Feedback & Reports regarding the user on that page.

Bring back the online chatters list
* The Usernames are filtered down based on blocklist status.
2023-09-16 13:46:26 -07:00
Noah Petherbridge
fdc6c5c0a7 Show currently on chat indicators 2023-09-13 23:13:02 -07:00
Noah Petherbridge
de30f5e952 See who has "Liked" something 2023-09-13 21:28:38 -07:00
Noah Petherbridge
67a54c866e New search filters and friendship sent icon 2023-09-01 17:13:10 -07:00
Noah Petherbridge
c8d09e6a17 Update admin icon from gavel to peace 2023-08-30 13:30:24 -07:00
Noah Petherbridge
666d3105b7 Privacy Improvements and Notification Fixes
* On user profile pages and gallery: the total photo count for the user
  will only include photos that the viewer can actually see (taking into
  account friendship and private grants), so that users won't harass
  each other to see the additional photos that aren't visible to them.
* On the member directory search: the photo counts will only show public
  photos on their page for now, and may be fewer than the number of
  photos the current user could actually see.
* Blocklist: you can now manually add a user by username to your block
  list. So if somebody blocked you on the site and you want to block
  them back, there is a way to do this.
* Friends: you can now directly unfriend someone from their profile
  page by clicking on the "Friends" button. You get a confirmation
  popup before the remove friend action goes through.
* Bugfix: when viewing a user's gallery, you were able to see their
  Friends-only photos if they granted you their Private photo access,
  even if you were not their friend.
* Bugfix: when uploading a new private photo, instead of notifying
  everybody you granted access to your privates it will only notify
  if they are also on your friend list.
2023-08-14 18:50:34 -07:00
Noah Petherbridge
01317a7ff8 Admin certification page improvements 2023-07-31 20:03:21 -07:00
Noah Petherbridge
356f94698f Some bugfixes around profile picture cropping 2023-07-22 11:52:05 -07:00
Noah Petherbridge
45cb4d260e DM Privacy + Settings Page Tabs
* Refactor the Settings page into a tabbed UI to reduce confusion with
  all the different forms and save buttons
* Add a DM Privacy setting to your page
* Update the About page
2023-06-23 22:18:09 -07:00
Noah Petherbridge
ae8ef83115 Option to hide age from profile display 2023-06-16 17:11:52 -07:00
Noah Petherbridge
9788ea6a33 The inner circle 2023-05-23 20:04:17 -07:00
Noah Petherbridge
296b5a30b8 Spit and polish for Shy Accounts
* Add a Shy/Non-shy badge to user profile pages.
* Shy Accounts can always DM admin users.
2023-02-13 22:31:50 -08:00
6c91c67c97 More Private User Avatars
* Users who set their Profile Picture to "friends only" or "private" can have
  their avatar be private all over the website to users who are not their
  friends or not granted access.
* Users who are not your friends see a yellow placeholder avatar, and users
  not granted access to a private Profile Pic sees a purple avatar.
* Admin users see these same placeholder avatars most places too (on search,
  forums, comments, etc.) if the user did not friend or grant the admin. But
  admins ALWAYS see it on their Profile Page directly, for ability to moderate.
* Fix marking Notifications as read: clicking the link in an unread notification
  now will wait on the ajax request to finish before allowing the redirect.
* Update the FAQ
2022-09-08 21:42:20 -07:00
8419958b25 Likes on Comments, and other minor improvements
* Add "Like" buttons to comments and forum posts.
* Make "private" profiles more private (logged-in users see only their profile
  pic, display name, and can friend request or message, if they are not approved
  friends of the private user)
* Add "logged-out view" visibility setting to profiles: to share a link to your
  page on other sites. Opt-in setting - default is login required to view your
  public profile page.
* CSRF cookie fix.
* Updated FAQ & Privacy pages.
2022-08-29 20:00:15 -07:00
6081aefb2f Allow basic access to profile pages for not logged-in users 2022-08-26 21:32:26 -07:00
5638cb2ff7 Forums - Spit & polish
* On Forums landing page, show who was the most recent commenter on each
  board's most recently updated post.
* Show photo count on Profile Pages on the "Photos" tab.
* Revise the mobile and tablet top nav bar:
    * Always show small badge icons linking to the Site Gallery & Forum
    * Always show Friends & Messages badges. If no new notifications, they
      display as grey instead of yellow w/ a number.
* Put icons next to most nav bar items, especially the User Menu
* Tighten the sprawling page layouts in the Forums to be more compact
  for mobile screens.
* Fix bug where some pages scrolled horizontally on mobile: the root cause
  was divs with class="content p-2", needs minimum p-3 (but p-4 is used) to
  provide enough padding to overcome column margins which were pushing the
  page too wide on mobile.
2022-08-25 19:58:43 -07:00
93c13882aa Finish Forums + Likes & Notifications
Finish implementing the basic forum features:
* Pinned threads (admin or board owner only)
* Edit Thread settings when you edit the top-most comment.
* NoReply threads remove all the reply buttons.
* Explicit forums and threads are filtered out unless opted-in (admins
  always see them).
* Count the unique members who participated in each forum.
* Get the most recently updated thread to show on forum list page.
* Contact/Report page: handle receiving a comment ID to report on.

Implement Likes & Notifications
* Like buttons added to Photos and Profile Pages. Implemented via simple
  vanilla JS (likes.js) to make ajax requests to back-end to like/unlike.
* Notifications: for your photo or profile being liked. If you unlike,
  the existing notifications about the like are revoked.
* The notifications appear as an alert number in the nav bar and are read
  on the User Dashboard. Click to mark a notification as "read" or click
  the "mark all as read" button.

Update DeleteUser to scrub likes, notifications, threads, and comments.
2022-08-24 21:17:34 -07:00
27a7abaae7 Private Profiles & Misc Improvements
* Add setting to mark profile as "private"
* If a profile is private you can't see their profile page or user photo
  gallery unless you are friends (or admin)
* The Site Gallery never shows pictures from private profiles.
* Add HTML5 drag/drop upload support for photo gallery.
* Suppress SQL logging except in debug mode.
* Clean up extra logs.
2022-08-21 17:29:39 -07:00
e42cebe4b8 Contact Us, Feedback, and Reporting
* Add the Contact page where users can contact the site admins for feedback or
  to report a problematic user, photo or message.
* Reports go into the admin Feedback table.
* Admin nav bar indicates number of unread feedbacks.
* Add "Report" button to profile pages, photo cards, and the top of Direct
  Message threads.

Misc changes:

* Send emails out asynchronously for more responsive page loads.
2022-08-21 14:05:08 -07:00
50fc93abfb Static pages: About, FAQ, TOS, Privacy 2022-08-15 22:33:17 -07:00
030fadcf8d Block Lists
Implement block lists. They work like friend lists but are unidirectional,
but take effect in both directions (blocker and blockee can not see one
another on the site -- except admin users can always see all users).

* Profile page says 404
* User gallery says 404
* User search page filters out blocked users
* Compose endpoint blocks sending messages to blocked users (except admin)
* Site Gallery filters photos by blocked (and uncertified) users
* Inbox page hides chat list for blocked users (can still read the chat
  history if you have a link to the old thread)
2022-08-14 17:45:55 -07:00
e4406feb1e Admin Actions
* Add impersonate feature
* Add ban/unban user feature
* Add promote/demote admin status feature
* Add admin user deletion feature
* Admin ability to see other status certification pics
* Nav bar indicator of pending admin actions such as cert pics
  needing approval
* Admin ability to search cert pics for specific user
2022-08-14 16:27:57 -07:00
4adffe9fa9 Friend Requests and User Search 2022-08-13 22:44:57 -07:00
788442d7e9 Implement Direct Messaging 2022-08-13 17:42:42 -07:00
400a256ec8 Certification Photo Workflow
* Add "Site Gallery" page showing all public+gallery member photos.
* Add "Certification Required" decorator for gallery and other main pages.
* Add the Certification Photo workflow:
  * Users have a checklist on their dashboard to upload a profile pic
    and post a certification selfie (two requirements)
  * Admins notified by email when a new certification pic comes in.
  * Admin can reject (w/ comment) or approve the pic.
  * Users can re-upload or delete their pic at the cost of losing
    certification status if they make any such changes.
  * Users are emailed when their photo is either approved or rejected.
* User Preferences: can now save the explicit pref to your account.
* Explicit photos on user pages and site gallery are hidden if the
  current user hasn't opted-in (user can always see their own explicit
  photos regardless of the setting)
* If a user is viewing a member gallery and explicit pics are hidden, a
  count of the number of explicit pics is shown to inform the user that
  more DO exist, they just don't see them. The site gallery does not do
  this and simply hides explicit photos.
2022-08-13 15:39:31 -07:00
cd1b349fcc User Photo Gallery & Management
* Add the user photo gallery for profile pages. Paginated, grid or full (blog
  style) view options. In grid view clicking a photo opens a large modal to
  see it; full view already shows large photos.
* Edit page: can also re-crop and set an existing pic to be your profile pic.
* Delete page: remove photos from the DB and hard drive.
* Photos are cleaned up from disk when not needed, e.g. during a re-crop the
  old cropped photo is removed before the new one replaces it.
* Fixed bug with cropping pictures.
2022-08-12 23:11:36 -07:00
60dd396b30 Photo Upload & Profile Pictures
Basic photo upload support. Square cropped images still buggy.
2022-08-11 23:04:08 -07:00
de3d6e9315 User Profile and Settings Pages
* Vendor fontawesome icons
* User settings page: to edit profile details (other features not hooked
  up yet)
* Initial user profile page
2022-08-10 20:59:59 -07:00