-
Notifications
You must be signed in to change notification settings - Fork 1.8k
/
admin_controller.rb
399 lines (369 loc) · 13.4 KB
/
admin_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
class AdminController < ApplicationController
before_action :require_user, only: %i(spam spam_revisions mark_comment_spam publish_comment spam_comments)
# intended to provide integration tests for assets
def assets; end
def promote_admin
@user = User.find params[:id]
unless @user.nil?
if logged_in_as(['admin'])
@user.role = 'admin'
@user.save
flash[:notice] = "User '<a href='/profile/" + @user.username + "'>" + @user.username + "</a>' is now an admin."
else
flash[:error] = 'Only admins can promote other users to admins.'
end
end
redirect_to '/profile/' + @user.username + '?_=' + Time.now.to_i.to_s
end
def promote_moderator
@user = User.find params[:id]
unless @user.nil?
if logged_in_as(['admin', 'moderator'])
@user.role = 'moderator'
@user.save
flash[:notice] = "User '<a href='/profile/" + @user.username + "'>" + @user.username + "</a>' is now a moderator."
else
flash[:error] = 'Only moderators can promote other users.'
end
end
redirect_to '/profile/' + @user.username + '?_=' + Time.now.to_i.to_s
end
def demote_basic
@user = User.find params[:id]
unless @user.nil?
if logged_in_as(['admin', 'moderator'])
@user.role = 'basic'
@user.save
flash[:notice] = "User '<a href='/profile/" + @user.username + "'>" + @user.username + "</a>' is no longer a moderator."
else
flash[:error] = 'Only admins and moderators can demote other users.'
end
end
redirect_to '/profile/' + @user.username + '?_=' + Time.now.to_i.to_s
end
def reset_user_password
if logged_in_as(['admin'])
user = User.find(params[:id])
if user
key = user.generate_reset_key
user.save
# send key to user email
PasswordResetMailer.reset_notify(user, key).deliver_later unless user.nil? # respond the same to both successes and failures; security
end
flash[:notice] = "#{user.name} should receive an email with instructions on how to reset their password. If they do not, please double check that they are using the email they registered with."
redirect_to URI.parse("/profile/" + user.name).path
end
end
def useremail
if logged_in_as(['admin', 'moderator'])
if params[:address]
# address was submitted. find the username(s) and return.
@address = params[:address]
if params[:include_banned]
@users = User.where(email: params[:address])
.where('created_at > (?)', DateTime.new(2015)) # since 2015, whether banned or not
else
@users = User.where(email: params[:address])
.where(status: [1, 4])
end
end
else
# unauthorized. instead of return ugly 403, just send somewhere else
redirect_to '/dashboard'
end
end
def spam
if logged_in_as(['admin', 'moderator'])
@nodes = Node.paginate(page: params[:page])
.order('nid DESC')
@nodes = if params[:type] == 'wiki'
@nodes.where(type: 'page', status: 1)
else
@nodes.where(status: [0, 4]) # spam OR as-yet-unmoderated posts
end
else
flash[:error] = 'Only moderators can moderate posts.'
redirect_to '/dashboard'
end
end
def spam_revisions
if logged_in_as(['admin', 'moderator'])
@revisions = Revision.paginate(page: params[:page])
.order('timestamp DESC')
.where(status: 0)
render template: 'admin/spam'
else
flash[:error] = 'Only moderators can moderate revisions.'
redirect_to '/dashboard'
end
end
def spam_comments
if current_user &. can_moderate?
@comments = Comment.paginate(page: params[:page])
.order('timestamp DESC')
.where(status: 0)
render template: 'admin/spam'
else
flash[:error] = 'Only moderators can moderate comments.'
redirect_to '/dashboard'
end
end
def mark_spam
@node = Node.find params[:id]
if logged_in_as(['admin', 'moderator'])
if @node.status == 1 || @node.status == 4
@node.spam
@node.author.ban
# No longer notifying other moderators as of https://github.com/publiclab/plots2/issues/6246
# AdminMailer.notify_moderators_of_spam(@node, current_user).deliver_later
flash[:notice] = "Item marked as spam and author banned. You can undo this on the <a href='/spam'>spam moderation page</a>."
redirect_to '/dashboard' + '?_=' + Time.now.to_i.to_s
else
flash[:notice] = "Item already marked as spam and author banned. You can undo this on the <a href='/spam'>spam moderation page</a>."
redirect_to '/dashboard'
end
else
flash[:error] = 'Only moderators can moderate posts.'
if @node.has_power_tag('question')
redirect_to @node.path(:question)
else
redirect_to @node.path
end
end
end
def mark_comment_spam
@comment = Comment.find params[:id]
if logged_in_as(['admin', 'moderator'])
if @comment.status == 1 || @comment.status == 4
@comment.spam
user = @comment.author
user.ban
# No longer notifying other moderators as of https://github.com/publiclab/plots2/issues/6246
# AdminMailer.notify_moderators_of_comment_spam(@comment, current_user).deliver_later
flash[:notice] = "Comment has been marked as spam and comment author has been banned. You can undo this on the <a href='/spam/comments'>spam moderation page</a>."
else
flash[:notice] = "Comment already marked as spam."
end
else
flash[:error] = 'Only moderators can moderate comments.'
end
redirect_to @comment.node.path + '?_=' + Time.now.to_i.to_s
end
def publish_comment
if logged_in_as(['admin', 'moderator'])
@comment = Comment.find params[:id]
if @comment.status == 1
flash[:notice] = 'Comment already published.'
else
first_timer_comment = (@comment.status == 4)
@comment.publish
if @comment.author.banned?
@comment.author.unban
end
if first_timer_comment
AdminMailer.notify_author_of_comment_approval(@comment, current_user).deliver_later
# No longer notifying other moderators as of https://github.com/publiclab/plots2/issues/6246
# AdminMailer.notify_moderators_of_comment_approval(@comment, current_user).deliver_later
else
flash[:notice] = 'Comment published.'
end
end
@node = @comment.node
redirect_to @node.path + '?_=' + Time.now.to_i.to_s
else
flash[:error] = 'Only moderators can publish comments.'
redirect_to '/dashboard'
end
end
def publish
if logged_in_as(['admin', 'moderator'])
@node = Node.find params[:id]
if @node.status == 1
flash[:notice] = 'Item already published.'
else
first_timer_post = (@node.status == 4)
@node.publish
@node.author.unban
if first_timer_post
AdminMailer.notify_author_of_approval(@node, current_user).deliver_later
# No longer notifying other moderators as of https://github.com/publiclab/plots2/issues/6246
# AdminMailer.notify_moderators_of_approval(@node, current_user).deliver_later
SubscriptionMailer.notify_node_creation(@node).deliver_now
flash[:notice] = if @node.has_power_tag('question')
"Question approved and published after #{time_ago_in_words(@node.created_at)} in moderation. Now reach out to the new community member; thank them, just say hello, or help them revise/format their post in the comments."
else
"Post approved and published after #{time_ago_in_words(@node.created_at)} in moderation. Now reach out to the new community member; thank them, just say hello, or help them revise/format their post in the comments."
end
else
flash[:notice] = 'Item published.'
end
end
if @node.has_power_tag('question')
redirect_to @node.path(:question)
else
redirect_to @node.path
end
else
flash[:error] = 'Only moderators can publish posts.'
redirect_to '/dashboard'
end
end
def mark_spam_revision
@revision = Revision.find_by(vid: params[:vid])
@node = Node.find_by(nid: @revision.nid)
if @node.revisions.length <= 1
flash[:warning] = "You can't delete the last remaining revision of a page; try deleting the wiki page itself (if you're an admin) or contacting moderators@publiclab.org for assistance."
redirect_to @node.path
return
end
if logged_in_as(['admin', 'moderator'])
if @revision.status == 1
@revision.spam
@revision.author.ban
flash[:notice] = "Item marked as spam and author banned. You can undo this on the <a href='/spam/revisions'>spam moderation page</a>."
redirect_to '/wiki/revisions/' + @revision.node.slug_from_path + '?_=' + Time.now.to_i.to_s
else
flash[:notice] = "Item already marked as spam and author banned. You can undo this on the <a href='/spam/revisions'>spam moderation page</a>."
redirect_to '/dashboard'
end
else
flash[:error] = 'Only moderators can moderate posts.'
if @node.has_power_tag('question')
redirect_to @node.path(:question)
else
redirect_to @node.path
end
end
end
def publish_revision
if logged_in_as(['admin', 'moderator'])
@revision = Revision.find params[:vid]
@revision.publish
@revision.author.unban
flash[:notice] = 'Item published.'
if @revision.parent.has_power_tag('question')
redirect_to @revision.parent.path(:question)
else
redirect_to @revision.parent.path
end
else
flash[:error] = 'Only moderators can publish posts.'
redirect_to '/dashboard'
end
end
def moderate
user = User.find params[:id]
if logged_in_as(['admin', 'moderator'])
user.moderate
flash[:notice] = 'The user has been moderated.'
else
flash[:error] = 'Only moderators can moderate other users.'
end
redirect_to '/profile/' + user.name + '?_=' + Time.now.to_i.to_s
end
def unmoderate
user = User.find params[:id]
if logged_in_as(['admin', 'moderator'])
user.unmoderate
flash[:notice] = 'The user has been unmoderated.'
else
flash[:error] = 'Only moderators can unmoderate other users.'
end
redirect_to '/profile/' + user.name + '?_=' + Time.now.to_i.to_s
end
def ban
user = User.find params[:id]
if logged_in_as(['admin', 'moderator'])
user.ban
else
flash[:error] = 'Only moderators can ban other users.'
end
redirect_to '/profile/' + user.name + '?_=' + Time.now.to_i.to_s
end
def unban
user = User.find params[:id]
if logged_in_as(['admin', 'moderator'])
user.unban
flash[:notice] = 'The user has been unbanned.'
else
flash[:error] = 'Only moderators can unban other users.'
end
redirect_to '/profile/' + user.name + '?_=' + Time.now.to_i.to_s
end
def users
if logged_in_as(['admin', 'moderator'])
@users = User.order('uid DESC').limit(200)
else
flash[:error] = 'Only moderators can moderate other users.'
redirect_to '/dashboard'
end
end
def batch
if logged_in_as(['admin', 'moderator'])
nodes = 0
users = []
params[:ids].split(',').uniq.each do |nid|
node = Node.find nid
node.spam
nodes += 1
user = node.author
user.ban
users << user.id
end
flash[:notice] = nodes.to_s + ' nodes spammed and ' + users.length.to_s + ' users banned.'
redirect_to '/spam/wiki'
else
flash[:error] = 'Only admins can batch moderate.'
redirect_to '/dashboard'
end
end
def migrate
if logged_in_as(['admin'])
du = User.find params[:id]
if du.user
flash[:error] = 'The user has already been migrated.'
else
if du.migrate
flash[:notice] = 'The user was migrated! Enthusiasm!'
else
flash[:error] = 'The user could not be migrated.'
end
end
else
flash[:error] = 'Only admins can migrate users.'
end
redirect_to '/profile/' + du.name
end
def queue
if logged_in_as(['admin', 'moderator'])
@notes = Node.where(status: 4)
.paginate(page: params[:page])
flash[:warning] = "These are notes requiring moderation. <a href='/wiki/moderation'>Community moderators</a> may approve or reject them."
render template: 'notes/index'
else
flash[:error] = 'Only moderators and admins can see the moderation queue.'
redirect_to '/dashboard'
end
end
def smtp_test
require 'socket'
s = TCPSocket.new ActionMailer::Base.smtp_settings[:address], ActionMailer::Base.smtp_settings[:port]
while line = s.gets # Read lines from socket
if line.include? '220'
s.print "MAIL FROM: <example@publiclab.org>\n"
end
if line.include? '250 OK'
s.print "RCPT TO: <example@publiclab.org>\n"
end
if line.include? '250 Accepted'
render plain: "Email gateway OK"
s.close_write
elsif line.include? '550'
render plain: "Email gateway NOT OK"
render status: 500
s.close_write
end
end
s.close
end
end