150 lines
4.1 KiB
Go
150 lines
4.1 KiB
Go
package block
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"code.nonshy.com/nonshy/website/pkg/config"
|
|
"code.nonshy.com/nonshy/website/pkg/controller/chat"
|
|
"code.nonshy.com/nonshy/website/pkg/log"
|
|
"code.nonshy.com/nonshy/website/pkg/models"
|
|
"code.nonshy.com/nonshy/website/pkg/session"
|
|
"code.nonshy.com/nonshy/website/pkg/templates"
|
|
)
|
|
|
|
// Blocked list.
|
|
func Blocked() http.HandlerFunc {
|
|
tmpl := templates.Must("account/block_list.html")
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
currentUser, err := session.CurrentUser(r)
|
|
if err != nil {
|
|
session.FlashError(w, r, "Unexpected error: could not get currentUser.")
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
// Get our blocklist.
|
|
pager := &models.Pagination{
|
|
PerPage: config.PageSizeBlockList,
|
|
Sort: "updated_at desc",
|
|
}
|
|
pager.ParsePage(r)
|
|
blocked, err := models.PaginateBlockList(currentUser, pager)
|
|
if err != nil {
|
|
session.FlashError(w, r, "Couldn't paginate block list: %s", err)
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
var vars = map[string]interface{}{
|
|
"BlockedUsers": blocked,
|
|
"Pager": pager,
|
|
}
|
|
if err := tmpl.Execute(w, r, vars); err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
})
|
|
}
|
|
|
|
// AddUser to manually add someone to your block list.
|
|
func AddUser() http.HandlerFunc {
|
|
tmpl := templates.Must("account/block_list_add.html")
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if err := tmpl.Execute(w, r, nil); err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
})
|
|
}
|
|
|
|
// BlockUser controller.
|
|
func BlockUser() http.HandlerFunc {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
// POST only.
|
|
if r.Method != http.MethodPost {
|
|
session.FlashError(w, r, "Unacceptable Request Method")
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
// Form fields
|
|
var (
|
|
username = strings.ToLower(r.PostFormValue("username"))
|
|
unblock = r.PostFormValue("unblock") == "true"
|
|
)
|
|
|
|
// Get the current user.
|
|
currentUser, err := session.CurrentUser(r)
|
|
if err != nil {
|
|
session.FlashError(w, r, "Couldn't get CurrentUser: %s", err)
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
// Get the target user.
|
|
user, err := models.FindUser(username)
|
|
if err != nil {
|
|
session.FlashError(w, r, "User Not Found")
|
|
templates.Redirect(w, "/users/blocklist/add")
|
|
return
|
|
}
|
|
|
|
// Unblocking?
|
|
if unblock {
|
|
if err := models.UnblockUser(currentUser.ID, user.ID); err != nil {
|
|
session.FlashError(w, r, "Couldn't unblock this user: %s.", err)
|
|
} else {
|
|
session.Flash(w, r, "You have removed %s from your block list.", user.Username)
|
|
}
|
|
templates.Redirect(w, "/users/blocked")
|
|
return
|
|
}
|
|
|
|
// Can't block yourself.
|
|
if currentUser.ID == user.ID {
|
|
session.FlashError(w, r, "You can't block yourself!")
|
|
templates.Redirect(w, "/u/"+username)
|
|
return
|
|
}
|
|
|
|
// Can't block admins who have the unblockable scope.
|
|
if user.IsAdmin && user.HasAdminScope(config.ScopeUnblockable) {
|
|
// For curiosity's sake, log a report.
|
|
fb := &models.Feedback{
|
|
Intent: "report",
|
|
Subject: "A user tried to block an admin",
|
|
Message: fmt.Sprintf(
|
|
"A user has tried to block an admin user account!\n\n"+
|
|
"* Username: %s\n* Tried to block: %s",
|
|
currentUser.Username,
|
|
user.Username,
|
|
),
|
|
UserID: currentUser.ID,
|
|
TableName: "users",
|
|
TableID: currentUser.ID,
|
|
}
|
|
if err := models.CreateFeedback(fb); err != nil {
|
|
log.Error("Could not log feedback for user %s trying to block admin %s: %s", currentUser.Username, user.Username, err)
|
|
}
|
|
|
|
session.FlashError(w, r, "You can not block site administrators.")
|
|
templates.Redirect(w, "/u/"+username)
|
|
return
|
|
}
|
|
|
|
// Block the target user.
|
|
if err := models.AddBlock(currentUser.ID, user.ID); err != nil {
|
|
session.FlashError(w, r, "Couldn't block this user: %s.", err)
|
|
} else {
|
|
session.Flash(w, r, "You have added %s to your block list.", user.Username)
|
|
}
|
|
|
|
// Sync the block to the BareRTC chat server now, in case either user is currently online.
|
|
go chat.BlockUserNow(currentUser, user)
|
|
|
|
templates.Redirect(w, "/users/blocked")
|
|
})
|
|
}
|