Commit Graph

73 Commits

Author SHA1 Message Date
Noah Petherbridge
081a22a6ef Logging for inner circle 2023-05-23 20:32:51 -07:00
Noah Petherbridge
9788ea6a33 The inner circle 2023-05-23 20:04:17 -07:00
Noah Petherbridge
1dc9afca5a Make ?view=external on profile page require a login if the profile is not actually public 2023-02-26 16:09:47 -08:00
Noah Petherbridge
7d17dce4d4 Shy Accounts
* Users with private profiles or no public photo at all are considered
  to be Shy Accounts and are isolated from the non-shy profiles.
* Restrictions include:
  * Site Gallery shows only them + their friends' photos.
  * User Galleries: must be a friend or had private photos granted to
    see a user's gallery page.
  * DMs: can not initiate a DM to a non-shy member (other shy members
    OK).
2023-02-13 22:19:18 -08:00
8085e092bc Forum Reply Enhancements + Better Pagers
* Enhance user experience replying to a forum thread. An inline reply textarea
  is added to page footers, "Quote" buttons on posts will quote the markdown
  source and focus the reply textarea, and "Reply" buttons will put an
  "@ mention" and focus the reply textarea. Users with scripts disabled will
  still be sent to the regular reply page as before.
* Improve all pagers by adding a "QueryPlus" template function that merges the
  page number with other current query parameters.
* Fix private profile picture avatars not displaying in your Notifications for
  profile pics you're allowed to see.
2022-09-10 12:09:46 -07:00
6c91c67c97 More Private User Avatars
* Users who set their Profile Picture to "friends only" or "private" can have
  their avatar be private all over the website to users who are not their
  friends or not granted access.
* Users who are not your friends see a yellow placeholder avatar, and users
  not granted access to a private Profile Pic sees a purple avatar.
* Admin users see these same placeholder avatars most places too (on search,
  forums, comments, etc.) if the user did not friend or grant the admin. But
  admins ALWAYS see it on their Profile Page directly, for ability to moderate.
* Fix marking Notifications as read: clicking the link in an unread notification
  now will wait on the ajax request to finish before allowing the redirect.
* Update the FAQ
2022-09-08 21:42:20 -07:00
8419958b25 Likes on Comments, and other minor improvements
* Add "Like" buttons to comments and forum posts.
* Make "private" profiles more private (logged-in users see only their profile
  pic, display name, and can friend request or message, if they are not approved
  friends of the private user)
* Add "logged-out view" visibility setting to profiles: to share a link to your
  page on other sites. Opt-in setting - default is login required to view your
  public profile page.
* CSRF cookie fix.
* Updated FAQ & Privacy pages.
2022-08-29 20:00:15 -07:00
6081aefb2f Allow basic access to profile pages for not logged-in users 2022-08-26 21:32:26 -07:00
bbc6e354e2 Rename the module 2022-08-25 21:21:46 -07:00
5638cb2ff7 Forums - Spit & polish
* On Forums landing page, show who was the most recent commenter on each
  board's most recently updated post.
* Show photo count on Profile Pages on the "Photos" tab.
* Revise the mobile and tablet top nav bar:
    * Always show small badge icons linking to the Site Gallery & Forum
    * Always show Friends & Messages badges. If no new notifications, they
      display as grey instead of yellow w/ a number.
* Put icons next to most nav bar items, especially the User Menu
* Tighten the sprawling page layouts in the Forums to be more compact
  for mobile screens.
* Fix bug where some pages scrolled horizontally on mobile: the root cause
  was divs with class="content p-2", needs minimum p-3 (but p-4 is used) to
  provide enough padding to overcome column margins which were pushing the
  page too wide on mobile.
2022-08-25 19:58:43 -07:00
93c13882aa Finish Forums + Likes & Notifications
Finish implementing the basic forum features:
* Pinned threads (admin or board owner only)
* Edit Thread settings when you edit the top-most comment.
* NoReply threads remove all the reply buttons.
* Explicit forums and threads are filtered out unless opted-in (admins
  always see them).
* Count the unique members who participated in each forum.
* Get the most recently updated thread to show on forum list page.
* Contact/Report page: handle receiving a comment ID to report on.

Implement Likes & Notifications
* Like buttons added to Photos and Profile Pages. Implemented via simple
  vanilla JS (likes.js) to make ajax requests to back-end to like/unlike.
* Notifications: for your photo or profile being liked. If you unlike,
  the existing notifications about the like are revoked.
* The notifications appear as an alert number in the nav bar and are read
  on the User Dashboard. Click to mark a notification as "read" or click
  the "mark all as read" button.

Update DeleteUser to scrub likes, notifications, threads, and comments.
2022-08-24 21:17:34 -07:00
944cac731d Bugfix on forgot password screen 2022-08-22 22:00:51 -07:00
4e4d18470f Bugfixes on change password 2022-08-21 18:19:30 -07:00
27a7abaae7 Private Profiles & Misc Improvements
* Add setting to mark profile as "private"
* If a profile is private you can't see their profile page or user photo
  gallery unless you are friends (or admin)
* The Site Gallery never shows pictures from private profiles.
* Add HTML5 drag/drop upload support for photo gallery.
* Suppress SQL logging except in debug mode.
* Clean up extra logs.
2022-08-21 17:29:39 -07:00
75c9e22b19 Reserved Usernames on Signup 2022-08-21 15:56:41 -07:00
36ba8c5c4d Photo Quotas & Postgres Fixes
* Add photo upload quotas.
* Non-certified users can upload few photos; certified users more
* Fix foreign key issues around deleting user profile photos for psql
2022-08-21 15:40:24 -07:00
030fadcf8d Block Lists
Implement block lists. They work like friend lists but are unidirectional,
but take effect in both directions (blocker and blockee can not see one
another on the site -- except admin users can always see all users).

* Profile page says 404
* User gallery says 404
* User search page filters out blocked users
* Compose endpoint blocks sending messages to blocked users (except admin)
* Site Gallery filters photos by blocked (and uncertified) users
* Inbox page hides chat list for blocked users (can still read the chat
  history if you have a link to the old thread)
2022-08-14 17:45:55 -07:00
e4406feb1e Admin Actions
* Add impersonate feature
* Add ban/unban user feature
* Add promote/demote admin status feature
* Add admin user deletion feature
* Admin ability to see other status certification pics
* Nav bar indicator of pending admin actions such as cert pics
  needing approval
* Admin ability to search cert pics for specific user
2022-08-14 16:27:57 -07:00
49ffa277e8 User Account Busywork
* Add "forgot password" workflow.
* Add ability to change user email address (confirmation link sent)
* Add ability to change user's password.
* Add rate limiter to deter brute force login attempts.
* Add user deep delete functionality (delete account).
* Ping user LastLoginAt every 8 hours for long-lived session cookies.
* Add age filters to user search page.
* Add sort options to user search (last login, created, username/name)
2022-08-14 14:40:57 -07:00
4adffe9fa9 Friend Requests and User Search 2022-08-13 22:44:57 -07:00
400a256ec8 Certification Photo Workflow
* Add "Site Gallery" page showing all public+gallery member photos.
* Add "Certification Required" decorator for gallery and other main pages.
* Add the Certification Photo workflow:
  * Users have a checklist on their dashboard to upload a profile pic
    and post a certification selfie (two requirements)
  * Admins notified by email when a new certification pic comes in.
  * Admin can reject (w/ comment) or approve the pic.
  * Users can re-upload or delete their pic at the cost of losing
    certification status if they make any such changes.
  * Users are emailed when their photo is either approved or rejected.
* User Preferences: can now save the explicit pref to your account.
* Explicit photos on user pages and site gallery are hidden if the
  current user hasn't opted-in (user can always see their own explicit
  photos regardless of the setting)
* If a user is viewing a member gallery and explicit pics are hidden, a
  count of the number of explicit pics is shown to inform the user that
  more DO exist, they just don't see them. The site gallery does not do
  this and simply hides explicit photos.
2022-08-13 15:39:31 -07:00
de3d6e9315 User Profile and Settings Pages
* Vendor fontawesome icons
* User settings page: to edit profile details (other features not hooked
  up yet)
* Initial user profile page
2022-08-10 20:59:59 -07:00
dd1e6c2918 Initial commit
* Initial codebase (lot of work!)
* Uses vanilla Go net/http and implements by hand: session cookies
  backed by Redis; log in/out; CSRF protection; email verification flow;
  initial database models (User table)
2022-08-09 22:32:19 -07:00