Noah
6c91c67c97
* Users who set their Profile Picture to "friends only" or "private" can have their avatar be private all over the website to users who are not their friends or not granted access. * Users who are not your friends see a yellow placeholder avatar, and users not granted access to a private Profile Pic sees a purple avatar. * Admin users see these same placeholder avatars most places too (on search, forums, comments, etc.) if the user did not friend or grant the admin. But admins ALWAYS see it on their Profile Page directly, for ability to moderate. * Fix marking Notifications as read: clicking the link in an unread notification now will wait on the ajax request to finish before allowing the redirect. * Update the FAQ
115 lines
2.9 KiB
Go
115 lines
2.9 KiB
Go
package block
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
|
|
"code.nonshy.com/nonshy/website/pkg/config"
|
|
"code.nonshy.com/nonshy/website/pkg/models"
|
|
"code.nonshy.com/nonshy/website/pkg/session"
|
|
"code.nonshy.com/nonshy/website/pkg/templates"
|
|
)
|
|
|
|
// Blocked list.
|
|
func Blocked() http.HandlerFunc {
|
|
tmpl := templates.Must("account/block_list.html")
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
currentUser, err := session.CurrentUser(r)
|
|
if err != nil {
|
|
session.FlashError(w, r, "Unexpected error: could not get currentUser.")
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
// Get our blocklist.
|
|
pager := &models.Pagination{
|
|
PerPage: config.PageSizeBlockList,
|
|
Sort: "updated_at desc",
|
|
}
|
|
pager.ParsePage(r)
|
|
blocked, err := models.PaginateBlockList(currentUser, pager)
|
|
if err != nil {
|
|
session.FlashError(w, r, "Couldn't paginate block list: %s", err)
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
var vars = map[string]interface{}{
|
|
"BlockedUsers": blocked,
|
|
"Pager": pager,
|
|
}
|
|
if err := tmpl.Execute(w, r, vars); err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
})
|
|
}
|
|
|
|
// BlockUser controller.
|
|
func BlockUser() http.HandlerFunc {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
// POST only.
|
|
if r.Method != http.MethodPost {
|
|
session.FlashError(w, r, "Unacceptable Request Method")
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
// Form fields
|
|
var (
|
|
username = strings.ToLower(r.PostFormValue("username"))
|
|
unblock = r.PostFormValue("unblock") == "true"
|
|
)
|
|
|
|
// Get the current user.
|
|
currentUser, err := session.CurrentUser(r)
|
|
if err != nil {
|
|
session.FlashError(w, r, "Couldn't get CurrentUser: %s", err)
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
// Get the target user.
|
|
user, err := models.FindUser(username)
|
|
if err != nil {
|
|
session.FlashError(w, r, "User Not Found")
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
// Unblocking?
|
|
if unblock {
|
|
if err := models.UnblockUser(currentUser.ID, user.ID); err != nil {
|
|
session.FlashError(w, r, "Couldn't unblock this user: %s.", err)
|
|
} else {
|
|
session.Flash(w, r, "You have removed %s from your block list.", user.Username)
|
|
}
|
|
templates.Redirect(w, "/users/blocked")
|
|
return
|
|
}
|
|
|
|
// Can't block yourself.
|
|
if currentUser.ID == user.ID {
|
|
session.FlashError(w, r, "You can't block yourself!")
|
|
templates.Redirect(w, "/u/"+username)
|
|
return
|
|
}
|
|
|
|
// Can't block admins.
|
|
if user.IsAdmin {
|
|
session.FlashError(w, r, "You can not block site administrators.")
|
|
templates.Redirect(w, "/u/"+username)
|
|
return
|
|
}
|
|
|
|
// Block the target user.
|
|
if err := models.AddBlock(currentUser.ID, user.ID); err != nil {
|
|
session.FlashError(w, r, "Couldn't block this user: %s.", err)
|
|
} else {
|
|
session.Flash(w, r, "You have added %s to your block list.", user.Username)
|
|
}
|
|
|
|
templates.Redirect(w, "/users/blocked")
|
|
})
|
|
}
|