mirror of
https://github.com/NodeBB/NodeBB.git
synced 2026-01-17 13:02:53 +01:00
7ba70d1561
* chore: up deps * chore: up composer * fix(deps): bump 2factor to v7 * chore: up harmony * chore: up harmony * fix: missing await * feat: allow middlewares to pass in template values via res.locals * feat: buildAccountData middleware automatically added ot all account routes * fix: properly allow values in res.locals.templateValues to be added to the template data * refactor: user/blocks * refactor(accounts): categories and consent * feat: automatically 404 if exposeUid or exposeGroupName come up empty * refactor: remove calls to getUserDataByUserSlug for most account routes, since it is populated via middleware now * fix: allow exposeUid and exposeGroupName to work with slugs with mixed capitalization * fix: move reputation removal check to accountHelpers method * test: skip i18n tests if ref branch when present is not develop * fix(deps): bump theme versions * fix(deps): bump ntfy and 2factor * chore: up harmony * fix: add missing return * fix: #11191, only focus on search input on md environments and up * feat: allow file uploads on mobile chat closes https://github.com/NodeBB/NodeBB/issues/11217 * chore: up themes * chore: add lang string * fix(deps): bump ntfy to 1.0.15 * refactor: use new if/each syntax * chore: up composer * fix: regression from user helper refactor * chore: up harmony * chore: up composer * chore: up harmony * chore: up harmony * chore: up harmony * chore: fix composer version * feat: add increment helper * chore: up harmony * fix: #11228 no timestamps in future ⌛ * chore: up harmony * check config.theme as well fire action:posts.loaded after processing dom * chore: up harmony * chore: up harmony * chore: up harmony * chore: up themes * chore: up harmony * remove extra class * refactor: move these to core from harmony * chore: up widgets * chore: up widgets * height auto * fix: closes #11238 * dont focus inputs, annoying on mobile * fix: dont focus twice, only focus on chat input on desktop dont wrap widget footer in row * chore: up harmony * chore: up harmony * update chat window * chore: up themes * fix cache buster for skins * chat fixes * chore: up harmony * chore: up composer * refactor: change hook logs to debug * fix: scroll to post right after adding to dom * fix: hash scrolling and highlighting correct post * test: re-enable read API schema tests * fix: add back schema changes for179faa2270andc3920ccb10* fix: schema changes from488f0978a4* fix: schema changes forf4cf482a87* fix: schema update forbe6bbabd0e* fix: schema changes for69c96078ea* fix: schema changes ford1364c3130* fix: schema changes for84ff1152f7* fix: schema changes forb860c2605c* fix: schema changes for23cb67a112* fix: schema changes forb916e42f40* fix: schema change fora9bbb586fc* fix: schema changes for4b738c8cd3* fix: schema changes for58b5781cea* fix: schema changes for794bf01b21* fix: schema changes for80ea12c1c1,e368feef51, and52ead114be* fix: composer-default object in config? * fix: schema changes for9acdc6808cand0930934200* fix: schema changes forc0a52924f1* fix: schema change foraba420a3f3, move loggedInUser to optional props * fix: schema changes for8c67031609* fix: schema changes for27e53b42f3* fix: schema changes for2835966518* fix: breaking test for email confirmation API call * fix: schema changes for refactored search page * fix: schema changes for user object * fix: schema changes for9f531f957e* fix: schema changes forc4042c70deand23175110a2* fix: schema changes for9b3616b103* fix: schema changes for5afd5de07d* fix: schema change for1d7baf1217* fix: schema changes for57bfb37c55andbe6bbabd0e* fix: schema changes for6e86b4afa2and3efad2e13band68f66223e7* fix: allowing optional qs prop in pagination keys (not sure why this didn't break before) * fix: re-login on email change * fix: schema changes forc926358d73* fix: schema changes for388a8270c9* fix: schema change for2658bcc821* fix: no need to call account middlewares for chats routes * fix: schema changes for71743affc3* fix: final schema changes * test: support for anyOf and oneOf * fix: check thumb * dont scroll to top on back press * remove group log * fix: add top margin to merged and deleted alerts * chore: up widgets * fix: improve fix-lists mixin * chore: up harmony/composer * feat: allow hiding quicksearch results during search * dont record searches made by composer * chore: up 54 * chore: up spam be gone * feat: add prev/next page and page count into mobile paginator * chore: up harmony * chore: up harmony * use old style for IS * fix: hide entire toolbar row if no posts or not singlePost * fix: updated messaging for post-queue template, #11206 * fix: btn-sm on post queue back button * fix: bump harmony, closes #11206 * fix: remove unused alert module import * fix: bump harmony * fix: bump harmony * chore: up harmony * refactor: IS scrolltop * fix: update users:search-user-for-chat source string * feat: support for mark-read toggle on chats dropdown and recent chats list * feat: api v3 calls to mark chat read/unread * feat: send event:chats.mark socket event on mark read or unread * refactor: allow frontend to mark chats as unread, use new API v3 routes instead of socket calls, better frontend event handling * docs: openapi schema updates for chat marking * fix: allow unread state toggling in chats dropdown too * fix: issue where repeated openings of the chats dropdown would continually add events for mark-read/unread * fix: debug log * refactor: move userSearch filter to a module * feat(routes): allow remounting /categories (#11230) * feat: send flags count to frontend on flags list page * refactor: filter form client-side js to extract out some logic * fix: applyFilters to not take any arguments, update selectedCids in updateButton instead of onHidden * fix: use userFilter module for assignee, reporterId, targetUid * fix(openapi): schema changes for updated flags page * fix: dont allow adding duplicates to userFilter * use same var * remove log * fix: closes #11282 * feat: lang key for x-topics * chore: up harmony * chore: up emoji * chore: up harmony * fix: update userFilter to allow new option `selectedBlock` * fix: wrong block name passed to userFilter * fix: https://github.com/NodeBB/NodeBB/issues/11283 * fix: chats, allow multiple dropdowns like in harmony * chore: up harmony * refactor: flag note adding/editing, closes #11285 * fix: remove old prepareEdit logic * chore: add caveat about hacky code block in userFilter module * fix: placeholders for userFilter module * refactor: navigator so it works with multiple thumbs/navigators * chore: up harmony * fix: closes #11287, destroy quick reply autocomplete on navigation * fix: filter disabled categories on user categories page count * chore: up harmony * docs: update openapi spec to include info about passing in timestamps for topic creation, removing timestamp as valid request param for topic replying * fix: send back null values on ACP search dashboard for startDate and endDate if not expicitly passed in, fix tests * fix: tweak table order in ACP dash searches * fix: only invoke navigator click drag on left mouse button * feat: add back unread indicator to navigator * clear bookmark on mark unread * fix: navigator crash on ajaxify * better thumb top calculation * fix: reset user bookmark when topic is marked unread * Revert "fix: reset user bookmark when topic is marked unread" This reverts commit9bcd85c2c6. * fix: update unread indicator on scroll, add unread count * chore: bump harmony * fix: crash on navigator unread update when backing out of a topic * fix: closes #11183 * fix: update topics:recent zset when rescheduling a topic * fix: dupe quote button, increase delay, hide immediately on empty selection * fix: navigator not showing up on first load * refactor: remove glance assorted fixes to navigator dont reduce remaning count if user scrolls down and up quickly only call topic.navigatorCallback when index changes * more sanity checks for bookmark dont allow setting bookmark higher than topic postcount * closes #11218, 🚋 * Revert "fix: update topics:recent zset when rescheduling a topic" This reverts commit737973cca9. * fix: #11306, show proper error if queued post doesn't exist was showing no-privileges if someone else accepted the post * https://github.com/NodeBB/NodeBB/issues/11307 dont use li * chore: up harmony * chore: bump version string * fix: copy paste fail * feat: closes #7382, tag filtering add client side support for filtering by tags on /category, /recent and /unread * chore: up harmony * chore: up harmony * Revert "fix: add back req.query fallback for backwards compatibility" [breaking] This reverts commitcf6cc2c454. This commit is no longer required as passing in a CSRF token via query parameter is no longer supported as of NodeBB v3.x This is a breaking change. * fix: pass csrf token in form data, re: NodeBB/NodeBB#11309 * chore: up deps * fix: tests, use x-csrf-token query param removed * test: fix csrf_token * lint: remove unused * feat: add itemprop="image" to avatar helper * fix: get chat upload button in chat modal * breaking: remove deprecated socket.io methods * test: update messaging tests to not use sockets * fix: parent post links * fix: prevent post tooltip if mouse leaves before data/tpl is loaded * chore: up harmony * chore: up harmony * chore: up harmony * chore: up harmony * fix: nested replies indices * fix(deps): bump 2factor * feat: add loggedIn user to all api routes * chore: up themes * refactor: audit admin v3 write api routes as per #11321 * refactor: audit category v3 write api routes as per #11321 [breaking] docs: fix open api spec for #11321 * refactor: audit chat v3 write api routes as per #11321 * refactor: audit files v3 write api routes as per #11321 * refactor: audit flags v3 write api routes as per #11321 * refactor: audit posts v3 write api routes as per #11321 * refactor: audit topics v3 write api routes as per #11321 * refactor: audit users v3 write api routes as per #11321 * fix: lang string * remove min height * fix: empty topic/labels taking up space * fix: tag filtering when changing filter to watched topics or changing popular time limit to month * chore: up harmony * fix: closes #11354, show no post error if queued post already accepted/rejected * test: #11354 * test: #11354 * fix(deps): bump 2factor * fix: #11357 clear cache on thumb remove * fix: thumb remove on windows, closes #11357 * test: openapi for thumbs * test: fix openapi --------- Co-authored-by: Julian Lam <julian@nodebb.org> Co-authored-by: Opliko <opliko.reg@protonmail.com>
959 lines
28 KiB
JavaScript
959 lines
28 KiB
JavaScript
'use strict';
|
|
|
|
const _ = require('lodash');
|
|
const winston = require('winston');
|
|
const validator = require('validator');
|
|
|
|
const db = require('./database');
|
|
const user = require('./user');
|
|
const groups = require('./groups');
|
|
const meta = require('./meta');
|
|
const notifications = require('./notifications');
|
|
const analytics = require('./analytics');
|
|
const categories = require('./categories');
|
|
const topics = require('./topics');
|
|
const posts = require('./posts');
|
|
const privileges = require('./privileges');
|
|
const plugins = require('./plugins');
|
|
const utils = require('./utils');
|
|
const batch = require('./batch');
|
|
|
|
const Flags = module.exports;
|
|
|
|
Flags._states = new Map([
|
|
['open', {
|
|
label: '[[flags:state-open]]',
|
|
class: 'danger',
|
|
}],
|
|
['wip', {
|
|
label: '[[flags:state-wip]]',
|
|
class: 'warning',
|
|
}],
|
|
['resolved', {
|
|
label: '[[flags:state-resolved]]',
|
|
class: 'success',
|
|
}],
|
|
['rejected', {
|
|
label: '[[flags:state-rejected]]',
|
|
class: 'secondary',
|
|
}],
|
|
]);
|
|
|
|
Flags.init = async function () {
|
|
// Query plugins for custom filter strategies and merge into core filter strategies
|
|
function prepareSets(sets, orSets, prefix, value) {
|
|
if (!Array.isArray(value)) {
|
|
sets.push(prefix + value);
|
|
} else if (value.length) {
|
|
if (value.length === 1) {
|
|
sets.push(prefix + value[0]);
|
|
} else {
|
|
orSets.push(value.map(x => prefix + x));
|
|
}
|
|
}
|
|
}
|
|
|
|
const hookData = {
|
|
filters: {
|
|
type: function (sets, orSets, key) {
|
|
prepareSets(sets, orSets, 'flags:byType:', key);
|
|
},
|
|
state: function (sets, orSets, key) {
|
|
prepareSets(sets, orSets, 'flags:byState:', key);
|
|
},
|
|
reporterId: function (sets, orSets, key) {
|
|
prepareSets(sets, orSets, 'flags:byReporter:', key);
|
|
},
|
|
assignee: function (sets, orSets, key) {
|
|
prepareSets(sets, orSets, 'flags:byAssignee:', key);
|
|
},
|
|
targetUid: function (sets, orSets, key) {
|
|
prepareSets(sets, orSets, 'flags:byTargetUid:', key);
|
|
},
|
|
cid: function (sets, orSets, key) {
|
|
prepareSets(sets, orSets, 'flags:byCid:', key);
|
|
},
|
|
page: function () { /* noop */ },
|
|
perPage: function () { /* noop */ },
|
|
quick: function (sets, orSets, key, uid) {
|
|
switch (key) {
|
|
case 'mine':
|
|
sets.push(`flags:byAssignee:${uid}`);
|
|
break;
|
|
|
|
case 'unresolved':
|
|
prepareSets(sets, orSets, 'flags:byState:', ['open', 'wip']);
|
|
break;
|
|
}
|
|
},
|
|
},
|
|
states: Flags._states,
|
|
helpers: {
|
|
prepareSets: prepareSets,
|
|
},
|
|
};
|
|
|
|
try {
|
|
({ filters: Flags._filters } = await plugins.hooks.fire('filter:flags.getFilters', hookData));
|
|
({ filters: Flags._filters, states: Flags._states } = await plugins.hooks.fire('filter:flags.init', hookData));
|
|
} catch (err) {
|
|
winston.error(`[flags/init] Could not retrieve filters\n${err.stack}`);
|
|
Flags._filters = {};
|
|
}
|
|
};
|
|
|
|
Flags.get = async function (flagId) {
|
|
const [base, notes, reports] = await Promise.all([
|
|
db.getObject(`flag:${flagId}`),
|
|
Flags.getNotes(flagId),
|
|
Flags.getReports(flagId),
|
|
]);
|
|
if (!base) {
|
|
return;
|
|
}
|
|
const flagObj = {
|
|
state: 'open',
|
|
assignee: null,
|
|
...base,
|
|
datetimeISO: utils.toISOString(base.datetime),
|
|
target_readable: `${base.type.charAt(0).toUpperCase() + base.type.slice(1)} ${base.targetId}`,
|
|
target: await Flags.getTarget(base.type, base.targetId, 0),
|
|
notes,
|
|
reports,
|
|
};
|
|
|
|
const data = await plugins.hooks.fire('filter:flags.get', {
|
|
flag: flagObj,
|
|
});
|
|
return data.flag;
|
|
};
|
|
|
|
Flags.getCount = async function ({ uid, filters, query }) {
|
|
filters = filters || {};
|
|
const flagIds = await Flags.getFlagIdsWithFilters({ filters, uid, query });
|
|
return flagIds.length;
|
|
};
|
|
|
|
Flags.getFlagIdsWithFilters = async function ({ filters, uid, query }) {
|
|
let sets = [];
|
|
const orSets = [];
|
|
|
|
// Default filter
|
|
filters.page = filters.hasOwnProperty('page') ? Math.abs(parseInt(filters.page, 10) || 1) : 1;
|
|
filters.perPage = filters.hasOwnProperty('perPage') ? Math.abs(parseInt(filters.perPage, 10) || 20) : 20;
|
|
|
|
for (const type of Object.keys(filters)) {
|
|
if (Flags._filters.hasOwnProperty(type)) {
|
|
Flags._filters[type](sets, orSets, filters[type], uid);
|
|
} else {
|
|
winston.warn(`[flags/list] No flag filter type found: ${type}`);
|
|
}
|
|
}
|
|
sets = (sets.length || orSets.length) ? sets : ['flags:datetime']; // No filter default
|
|
|
|
let flagIds = [];
|
|
if (sets.length === 1) {
|
|
flagIds = await db.getSortedSetRevRange(sets[0], 0, -1);
|
|
} else if (sets.length > 1) {
|
|
flagIds = await db.getSortedSetRevIntersect({ sets: sets, start: 0, stop: -1, aggregate: 'MAX' });
|
|
}
|
|
|
|
if (orSets.length) {
|
|
let _flagIds = await Promise.all(orSets.map(async orSet => await db.getSortedSetRevUnion({ sets: orSet, start: 0, stop: -1, aggregate: 'MAX' })));
|
|
|
|
// Each individual orSet is ANDed together to construct the final list of flagIds
|
|
_flagIds = _.intersection(..._flagIds);
|
|
|
|
// Merge with flagIds returned by sets
|
|
if (sets.length) {
|
|
// If flag ids are already present, return a subset of flags that are in both sets
|
|
flagIds = _.intersection(flagIds, _flagIds);
|
|
} else {
|
|
// Otherwise, return all flags returned via orSets
|
|
flagIds = _.union(flagIds, _flagIds);
|
|
}
|
|
}
|
|
|
|
const result = await plugins.hooks.fire('filter:flags.getFlagIdsWithFilters', {
|
|
filters,
|
|
uid,
|
|
query,
|
|
flagIds,
|
|
});
|
|
return result.flagIds;
|
|
};
|
|
|
|
Flags.list = async function (data) {
|
|
const filters = data.filters || {};
|
|
let flagIds = await Flags.getFlagIdsWithFilters({
|
|
filters,
|
|
uid: data.uid,
|
|
query: data.query,
|
|
});
|
|
flagIds = await Flags.sort(flagIds, data.sort);
|
|
const count = flagIds.length;
|
|
|
|
// Create subset for parsing based on page number (n=20)
|
|
const flagsPerPage = Math.abs(parseInt(filters.perPage, 10) || 1);
|
|
const pageCount = Math.ceil(flagIds.length / flagsPerPage);
|
|
flagIds = flagIds.slice((filters.page - 1) * flagsPerPage, filters.page * flagsPerPage);
|
|
|
|
const reportCounts = await db.sortedSetsCard(flagIds.map(flagId => `flag:${flagId}:reports`));
|
|
|
|
const flags = await Promise.all(flagIds.map(async (flagId, idx) => {
|
|
let flagObj = await db.getObject(`flag:${flagId}`);
|
|
flagObj = {
|
|
state: 'open',
|
|
assignee: null,
|
|
heat: reportCounts[idx],
|
|
...flagObj,
|
|
};
|
|
flagObj.labelClass = Flags._states.get(flagObj.state).class;
|
|
|
|
return Object.assign(flagObj, {
|
|
target_readable: `${flagObj.type.charAt(0).toUpperCase() + flagObj.type.slice(1)} ${flagObj.targetId}`,
|
|
datetimeISO: utils.toISOString(flagObj.datetime),
|
|
});
|
|
}));
|
|
|
|
const payload = await plugins.hooks.fire('filter:flags.list', {
|
|
flags: flags,
|
|
page: filters.page,
|
|
uid: data.uid,
|
|
});
|
|
|
|
return {
|
|
flags: payload.flags,
|
|
count,
|
|
page: payload.page,
|
|
pageCount: pageCount,
|
|
};
|
|
};
|
|
|
|
Flags.sort = async function (flagIds, sort) {
|
|
const filterPosts = async (flagIds) => {
|
|
const keys = flagIds.map(id => `flag:${id}`);
|
|
const types = await db.getObjectsFields(keys, ['type']);
|
|
return flagIds.filter((id, idx) => types[idx].type === 'post');
|
|
};
|
|
|
|
switch (sort) {
|
|
// 'newest' is not handled because that is default
|
|
case 'oldest':
|
|
flagIds = flagIds.reverse();
|
|
break;
|
|
|
|
case 'reports': {
|
|
const keys = flagIds.map(id => `flag:${id}:reports`);
|
|
const heat = await db.sortedSetsCard(keys);
|
|
const mapped = heat.map((el, i) => ({
|
|
index: i, heat: el,
|
|
}));
|
|
mapped.sort((a, b) => b.heat - a.heat);
|
|
flagIds = mapped.map(obj => flagIds[obj.index]);
|
|
break;
|
|
}
|
|
|
|
case 'upvotes': // fall-through
|
|
case 'downvotes':
|
|
case 'replies': {
|
|
flagIds = await filterPosts(flagIds);
|
|
const keys = flagIds.map(id => `flag:${id}`);
|
|
const pids = (await db.getObjectsFields(keys, ['targetId'])).map(obj => obj.targetId);
|
|
const votes = (await posts.getPostsFields(pids, [sort])).map(obj => parseInt(obj[sort], 10) || 0);
|
|
const sortRef = flagIds.reduce((memo, cur, idx) => {
|
|
memo[cur] = votes[idx];
|
|
return memo;
|
|
}, {});
|
|
|
|
flagIds = flagIds.sort((a, b) => sortRef[b] - sortRef[a]);
|
|
}
|
|
}
|
|
|
|
return flagIds;
|
|
};
|
|
|
|
Flags.validate = async function (payload) {
|
|
const [target, reporter] = await Promise.all([
|
|
Flags.getTarget(payload.type, payload.id, payload.uid),
|
|
user.getUserData(payload.uid),
|
|
]);
|
|
|
|
if (!target) {
|
|
throw new Error('[[error:invalid-data]]');
|
|
} else if (target.deleted) {
|
|
throw new Error('[[error:post-deleted]]');
|
|
} else if (!reporter || !reporter.userslug) {
|
|
throw new Error('[[error:no-user]]');
|
|
} else if (reporter.banned) {
|
|
throw new Error('[[error:user-banned]]');
|
|
}
|
|
|
|
// Disallow flagging of profiles/content of privileged users
|
|
const [targetPrivileged, reporterPrivileged] = await Promise.all([
|
|
user.isPrivileged(target.uid),
|
|
user.isPrivileged(reporter.uid),
|
|
]);
|
|
if (targetPrivileged && !reporterPrivileged) {
|
|
throw new Error('[[error:cant-flag-privileged]]');
|
|
}
|
|
|
|
if (payload.type === 'post') {
|
|
const editable = await privileges.posts.canEdit(payload.id, payload.uid);
|
|
if (!editable.flag && !meta.config['reputation:disabled'] && reporter.reputation < meta.config['min:rep:flag']) {
|
|
throw new Error(`[[error:not-enough-reputation-to-flag, ${meta.config['min:rep:flag']}]]`);
|
|
}
|
|
} else if (payload.type === 'user') {
|
|
if (parseInt(payload.id, 10) === parseInt(payload.uid, 10)) {
|
|
throw new Error('[[error:cant-flag-self]]');
|
|
}
|
|
const editable = await privileges.users.canEdit(payload.uid, payload.id);
|
|
if (!editable && !meta.config['reputation:disabled'] && reporter.reputation < meta.config['min:rep:flag']) {
|
|
throw new Error(`[[error:not-enough-reputation-to-flag, ${meta.config['min:rep:flag']}]]`);
|
|
}
|
|
} else {
|
|
throw new Error('[[error:invalid-data]]');
|
|
}
|
|
};
|
|
|
|
Flags.getNotes = async function (flagId) {
|
|
let notes = await db.getSortedSetRevRangeWithScores(`flag:${flagId}:notes`, 0, -1);
|
|
notes = await modifyNotes(notes);
|
|
return notes;
|
|
};
|
|
|
|
Flags.getNote = async function (flagId, datetime) {
|
|
datetime = parseInt(datetime, 10);
|
|
if (isNaN(datetime)) {
|
|
throw new Error('[[error:invalid-data]]');
|
|
}
|
|
|
|
let notes = await db.getSortedSetRangeByScoreWithScores(`flag:${flagId}:notes`, 0, 1, datetime, datetime);
|
|
if (!notes.length) {
|
|
throw new Error('[[error:invalid-data]]');
|
|
}
|
|
|
|
notes = await modifyNotes(notes);
|
|
return notes[0];
|
|
};
|
|
|
|
Flags.getFlagIdByTarget = async function (type, id) {
|
|
let method;
|
|
switch (type) {
|
|
case 'post':
|
|
method = posts.getPostField;
|
|
break;
|
|
|
|
case 'user':
|
|
method = user.getUserField;
|
|
break;
|
|
|
|
default:
|
|
throw new Error('[[error:invalid-data]]');
|
|
}
|
|
|
|
return await method(id, 'flagId');
|
|
};
|
|
|
|
async function modifyNotes(notes) {
|
|
const uids = [];
|
|
notes = notes.map((note) => {
|
|
const noteObj = JSON.parse(note.value);
|
|
uids.push(noteObj[0]);
|
|
return {
|
|
uid: noteObj[0],
|
|
content: noteObj[1],
|
|
datetime: note.score,
|
|
datetimeISO: utils.toISOString(note.score),
|
|
};
|
|
});
|
|
const userData = await user.getUsersFields(uids, ['username', 'userslug', 'picture']);
|
|
return notes.map((note, idx) => {
|
|
note.user = userData[idx];
|
|
note.content = validator.escape(note.content);
|
|
return note;
|
|
});
|
|
}
|
|
|
|
Flags.deleteNote = async function (flagId, datetime) {
|
|
datetime = parseInt(datetime, 10);
|
|
if (isNaN(datetime)) {
|
|
throw new Error('[[error:invalid-data]]');
|
|
}
|
|
|
|
const note = await db.getSortedSetRangeByScore(`flag:${flagId}:notes`, 0, 1, datetime, datetime);
|
|
if (!note.length) {
|
|
throw new Error('[[error:invalid-data]]');
|
|
}
|
|
|
|
await db.sortedSetRemove(`flag:${flagId}:notes`, note[0]);
|
|
};
|
|
|
|
Flags.create = async function (type, id, uid, reason, timestamp, forceFlag = false) {
|
|
let doHistoryAppend = false;
|
|
if (!timestamp) {
|
|
timestamp = Date.now();
|
|
doHistoryAppend = true;
|
|
}
|
|
const [flagExists, targetExists,, targetFlagged, targetUid, targetCid] = await Promise.all([
|
|
// Sanity checks
|
|
Flags.exists(type, id, uid),
|
|
Flags.targetExists(type, id),
|
|
Flags.canFlag(type, id, uid, forceFlag),
|
|
Flags.targetFlagged(type, id),
|
|
|
|
// Extra data for zset insertion
|
|
Flags.getTargetUid(type, id),
|
|
Flags.getTargetCid(type, id),
|
|
]);
|
|
if (!forceFlag && flagExists) {
|
|
throw new Error(`[[error:${type}-already-flagged]]`);
|
|
} else if (!targetExists) {
|
|
throw new Error('[[error:invalid-data]]');
|
|
}
|
|
|
|
// If the flag already exists, just add the report
|
|
if (targetFlagged) {
|
|
const flagId = await Flags.getFlagIdByTarget(type, id);
|
|
await Promise.all([
|
|
Flags.addReport(flagId, type, id, uid, reason, timestamp),
|
|
Flags.update(flagId, uid, { state: 'open' }),
|
|
]);
|
|
|
|
return await Flags.get(flagId);
|
|
}
|
|
|
|
const flagId = await db.incrObjectField('global', 'nextFlagId');
|
|
const batched = [];
|
|
|
|
batched.push(
|
|
db.setObject(`flag:${flagId}`, {
|
|
flagId: flagId,
|
|
type: type,
|
|
targetId: id,
|
|
targetUid: targetUid,
|
|
datetime: timestamp,
|
|
}),
|
|
Flags.addReport(flagId, type, id, uid, reason, timestamp),
|
|
db.sortedSetAdd('flags:datetime', timestamp, flagId), // by time, the default
|
|
db.sortedSetAdd(`flags:byType:${type}`, timestamp, flagId), // by flag type
|
|
db.sortedSetIncrBy('flags:byTarget', 1, [type, id].join(':')), // by flag target (score is count)
|
|
analytics.increment('flags') // some fancy analytics
|
|
);
|
|
|
|
if (targetUid) {
|
|
batched.push(db.sortedSetAdd(`flags:byTargetUid:${targetUid}`, timestamp, flagId)); // by target uid
|
|
}
|
|
|
|
if (targetCid) {
|
|
batched.push(db.sortedSetAdd(`flags:byCid:${targetCid}`, timestamp, flagId)); // by target cid
|
|
}
|
|
|
|
if (type === 'post') {
|
|
batched.push(
|
|
db.sortedSetAdd(`flags:byPid:${id}`, timestamp, flagId), // by target pid
|
|
posts.setPostField(id, 'flagId', flagId)
|
|
);
|
|
|
|
if (targetUid && parseInt(targetUid, 10) !== parseInt(uid, 10)) {
|
|
batched.push(user.incrementUserFlagsBy(targetUid, 1));
|
|
}
|
|
} else if (type === 'user') {
|
|
batched.push(user.setUserField(id, 'flagId', flagId));
|
|
}
|
|
|
|
// Run all the database calls in one single batched call...
|
|
await Promise.all(batched);
|
|
|
|
if (doHistoryAppend) {
|
|
await Flags.update(flagId, uid, { state: 'open' });
|
|
}
|
|
|
|
const flagObj = await Flags.get(flagId);
|
|
|
|
plugins.hooks.fire('action:flags.create', { flag: flagObj });
|
|
return flagObj;
|
|
};
|
|
|
|
Flags.purge = async function (flagIds) {
|
|
const flagData = (await db.getObjects(flagIds.map(flagId => `flag:${flagId}`))).filter(Boolean);
|
|
const postFlags = flagData.filter(flagObj => flagObj.type === 'post');
|
|
const userFlags = flagData.filter(flagObj => flagObj.type === 'user');
|
|
const assignedFlags = flagData.filter(flagObj => !!flagObj.assignee);
|
|
|
|
const [allReports, cids] = await Promise.all([
|
|
db.getSortedSetsMembers(flagData.map(flagObj => `flag:${flagObj.flagId}:reports`)),
|
|
categories.getAllCidsFromSet('categories:cid'),
|
|
]);
|
|
const allReporterUids = allReports.map(flagReports => flagReports.map(report => report && report.split(';')[0]));
|
|
const removeReporters = [];
|
|
flagData.forEach((flagObj, i) => {
|
|
if (Array.isArray(allReporterUids[i])) {
|
|
allReporterUids[i].forEach((uid) => {
|
|
removeReporters.push([`flags:hash`, [flagObj.type, flagObj.targetId, uid].join(':')]);
|
|
removeReporters.push([`flags:byReporter:${uid}`, flagObj.flagId]);
|
|
});
|
|
}
|
|
});
|
|
await Promise.all([
|
|
db.sortedSetRemoveBulk([
|
|
...flagData.map(flagObj => ([`flags:byType:${flagObj.type}`, flagObj.flagId])),
|
|
...flagData.map(flagObj => ([`flags:byState:${flagObj.state}`, flagObj.flagId])),
|
|
...removeReporters,
|
|
...postFlags.map(flagObj => ([`flags:byPid:${flagObj.targetId}`, flagObj.flagId])),
|
|
...assignedFlags.map(flagObj => ([`flags:byAssignee:${flagObj.assignee}`, flagObj.flagId])),
|
|
...userFlags.map(flagObj => ([`flags:byTargetUid:${flagObj.targetUid}`, flagObj.flagId])),
|
|
]),
|
|
db.deleteObjectFields(postFlags.map(flagObj => `post:${flagObj.targetId}`, ['flagId'])),
|
|
db.deleteObjectFields(userFlags.map(flagObj => `user:${flagObj.targetId}`, ['flagId'])),
|
|
db.deleteAll([
|
|
...flagIds.map(flagId => `flag:${flagId}`),
|
|
...flagIds.map(flagId => `flag:${flagId}:notes`),
|
|
...flagIds.map(flagId => `flag:${flagId}:reports`),
|
|
...flagIds.map(flagId => `flag:${flagId}:history`),
|
|
]),
|
|
db.sortedSetRemove(cids.map(cid => `flags:byCid:${cid}`), flagIds),
|
|
db.sortedSetRemove('flags:datetime', flagIds),
|
|
db.sortedSetRemove(
|
|
'flags:byTarget',
|
|
flagData.map(flagObj => [flagObj.type, flagObj.targetId].join(':'))
|
|
),
|
|
]);
|
|
};
|
|
|
|
Flags.getReports = async function (flagId) {
|
|
const payload = await db.getSortedSetRevRangeWithScores(`flag:${flagId}:reports`, 0, -1);
|
|
const [reports, uids] = payload.reduce((memo, cur) => {
|
|
const value = cur.value.split(';');
|
|
memo[1].push(value.shift());
|
|
cur.value = validator.escape(String(value.join(';')));
|
|
memo[0].push(cur);
|
|
|
|
return memo;
|
|
}, [[], []]);
|
|
|
|
await Promise.all(reports.map(async (report, idx) => {
|
|
report.timestamp = report.score;
|
|
report.timestampISO = new Date(report.score).toISOString();
|
|
delete report.score;
|
|
report.reporter = await user.getUserFields(uids[idx], ['username', 'userslug', 'picture', 'reputation']);
|
|
}));
|
|
|
|
return reports;
|
|
};
|
|
|
|
Flags.addReport = async function (flagId, type, id, uid, reason, timestamp) {
|
|
await db.sortedSetAddBulk([
|
|
[`flags:byReporter:${uid}`, timestamp, flagId],
|
|
[`flag:${flagId}:reports`, timestamp, [uid, reason].join(';')],
|
|
|
|
['flags:hash', flagId, [type, id, uid].join(':')],
|
|
]);
|
|
|
|
plugins.hooks.fire('action:flags.addReport', { flagId, type, id, uid, reason, timestamp });
|
|
};
|
|
|
|
Flags.exists = async function (type, id, uid) {
|
|
return await db.isSortedSetMember('flags:hash', [type, id, uid].join(':'));
|
|
};
|
|
|
|
Flags.canView = async (flagId, uid) => {
|
|
const exists = await db.isSortedSetMember('flags:datetime', flagId);
|
|
if (!exists) {
|
|
return false;
|
|
}
|
|
|
|
const [{ type, targetId }, isAdminOrGlobalMod] = await Promise.all([
|
|
db.getObject(`flag:${flagId}`),
|
|
user.isAdminOrGlobalMod(uid),
|
|
]);
|
|
|
|
if (type === 'post') {
|
|
const cid = await Flags.getTargetCid(type, targetId);
|
|
const isModerator = await user.isModerator(uid, cid);
|
|
|
|
return isAdminOrGlobalMod || isModerator;
|
|
}
|
|
|
|
return isAdminOrGlobalMod;
|
|
};
|
|
|
|
Flags.canFlag = async function (type, id, uid, skipLimitCheck = false) {
|
|
const limit = meta.config['flags:limitPerTarget'];
|
|
if (!skipLimitCheck && limit > 0) {
|
|
const score = await db.sortedSetScore('flags:byTarget', `${type}:${id}`);
|
|
if (score >= limit) {
|
|
throw new Error(`[[error:${type}-flagged-too-many-times]]`);
|
|
}
|
|
}
|
|
|
|
const canRead = await privileges.posts.can('topics:read', id, uid);
|
|
switch (type) {
|
|
case 'user':
|
|
return true;
|
|
|
|
case 'post':
|
|
if (!canRead) {
|
|
throw new Error('[[error:no-privileges]]');
|
|
}
|
|
break;
|
|
|
|
default:
|
|
throw new Error('[[error:invalid-data]]');
|
|
}
|
|
};
|
|
|
|
Flags.getTarget = async function (type, id, uid) {
|
|
if (type === 'user') {
|
|
const userData = await user.getUserData(id);
|
|
return userData && userData.uid ? userData : {};
|
|
}
|
|
if (type === 'post') {
|
|
let postData = await posts.getPostData(id);
|
|
if (!postData) {
|
|
return {};
|
|
}
|
|
postData = await posts.parsePost(postData);
|
|
postData = await topics.addPostData([postData], uid);
|
|
return postData[0];
|
|
}
|
|
throw new Error('[[error:invalid-data]]');
|
|
};
|
|
|
|
Flags.targetExists = async function (type, id) {
|
|
if (type === 'post') {
|
|
return await posts.exists(id);
|
|
} else if (type === 'user') {
|
|
return await user.exists(id);
|
|
}
|
|
throw new Error('[[error:invalid-data]]');
|
|
};
|
|
|
|
Flags.targetFlagged = async function (type, id) {
|
|
return await db.sortedSetScore('flags:byTarget', [type, id].join(':')) >= 1;
|
|
};
|
|
|
|
Flags.getTargetUid = async function (type, id) {
|
|
if (type === 'post') {
|
|
return await posts.getPostField(id, 'uid');
|
|
}
|
|
return id;
|
|
};
|
|
|
|
Flags.getTargetCid = async function (type, id) {
|
|
if (type === 'post') {
|
|
return await posts.getCidByPid(id);
|
|
}
|
|
return null;
|
|
};
|
|
|
|
Flags.update = async function (flagId, uid, changeset) {
|
|
const current = await db.getObjectFields(`flag:${flagId}`, ['uid', 'state', 'assignee', 'type', 'targetId']);
|
|
if (!current.type) {
|
|
return;
|
|
}
|
|
const now = changeset.datetime || Date.now();
|
|
const notifyAssignee = async function (assigneeId) {
|
|
if (assigneeId === '' || parseInt(uid, 10) === parseInt(assigneeId, 10)) {
|
|
return;
|
|
}
|
|
const notifObj = await notifications.create({
|
|
type: 'my-flags',
|
|
bodyShort: `[[notifications:flag_assigned_to_you, ${flagId}]]`,
|
|
bodyLong: '',
|
|
path: `/flags/${flagId}`,
|
|
nid: `flags:assign:${flagId}:uid:${assigneeId}`,
|
|
from: uid,
|
|
});
|
|
await notifications.push(notifObj, [assigneeId]);
|
|
};
|
|
const isAssignable = async function (assigneeId) {
|
|
let allowed = false;
|
|
allowed = await user.isAdminOrGlobalMod(assigneeId);
|
|
|
|
// Mods are also allowed to be assigned, if flag target is post in uid's moderated cid
|
|
if (!allowed && current.type === 'post') {
|
|
const cid = await posts.getCidByPid(current.targetId);
|
|
allowed = await user.isModerator(assigneeId, cid);
|
|
}
|
|
|
|
return allowed;
|
|
};
|
|
|
|
// Retrieve existing flag data to compare for history-saving/reference purposes
|
|
const tasks = [];
|
|
for (const prop of Object.keys(changeset)) {
|
|
if (current[prop] === changeset[prop]) {
|
|
delete changeset[prop];
|
|
} else if (prop === 'state') {
|
|
if (!Flags._states.has(changeset[prop])) {
|
|
delete changeset[prop];
|
|
} else {
|
|
tasks.push(db.sortedSetAdd(`flags:byState:${changeset[prop]}`, now, flagId));
|
|
tasks.push(db.sortedSetRemove(`flags:byState:${current[prop]}`, flagId));
|
|
if (changeset[prop] === 'resolved' && meta.config['flags:actionOnResolve'] === 'rescind') {
|
|
tasks.push(notifications.rescind(`flag:${current.type}:${current.targetId}`));
|
|
}
|
|
if (changeset[prop] === 'rejected' && meta.config['flags:actionOnReject'] === 'rescind') {
|
|
tasks.push(notifications.rescind(`flag:${current.type}:${current.targetId}`));
|
|
}
|
|
}
|
|
} else if (prop === 'assignee') {
|
|
if (changeset[prop] === '') {
|
|
tasks.push(db.sortedSetRemove(`flags:byAssignee:${changeset[prop]}`, flagId));
|
|
/* eslint-disable-next-line */
|
|
} else if (!await isAssignable(parseInt(changeset[prop], 10))) {
|
|
delete changeset[prop];
|
|
} else {
|
|
tasks.push(db.sortedSetAdd(`flags:byAssignee:${changeset[prop]}`, now, flagId));
|
|
tasks.push(notifyAssignee(changeset[prop]));
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!Object.keys(changeset).length) {
|
|
return;
|
|
}
|
|
|
|
tasks.push(db.setObject(`flag:${flagId}`, changeset));
|
|
tasks.push(Flags.appendHistory(flagId, uid, changeset));
|
|
await Promise.all(tasks);
|
|
|
|
plugins.hooks.fire('action:flags.update', { flagId: flagId, changeset: changeset, uid: uid });
|
|
};
|
|
|
|
Flags.resolveFlag = async function (type, id, uid) {
|
|
const flagId = await Flags.getFlagIdByTarget(type, id);
|
|
if (parseInt(flagId, 10)) {
|
|
await Flags.update(flagId, uid, { state: 'resolved' });
|
|
}
|
|
};
|
|
|
|
Flags.resolveUserPostFlags = async function (uid, callerUid) {
|
|
if (meta.config['flags:autoResolveOnBan']) {
|
|
await batch.processSortedSet(`uid:${uid}:posts`, async (pids) => {
|
|
let postData = await posts.getPostsFields(pids, ['pid', 'flagId']);
|
|
postData = postData.filter(p => p && p.flagId);
|
|
for (const postObj of postData) {
|
|
if (parseInt(postObj.flagId, 10)) {
|
|
// eslint-disable-next-line no-await-in-loop
|
|
await Flags.update(postObj.flagId, callerUid, { state: 'resolved' });
|
|
}
|
|
}
|
|
}, {
|
|
batch: 500,
|
|
});
|
|
}
|
|
};
|
|
|
|
Flags.getHistory = async function (flagId) {
|
|
const uids = [];
|
|
let history = await db.getSortedSetRevRangeWithScores(`flag:${flagId}:history`, 0, -1);
|
|
const targetUid = await db.getObjectField(`flag:${flagId}`, 'targetUid');
|
|
|
|
history = history.map((entry) => {
|
|
entry.value = JSON.parse(entry.value);
|
|
|
|
uids.push(entry.value[0]);
|
|
|
|
// Deserialise changeset
|
|
const changeset = entry.value[1];
|
|
if (changeset.hasOwnProperty('state')) {
|
|
changeset.state = changeset.state === undefined ? '' : `[[flags:state-${changeset.state}]]`;
|
|
}
|
|
|
|
return {
|
|
uid: entry.value[0],
|
|
fields: changeset,
|
|
datetime: entry.score,
|
|
datetimeISO: utils.toISOString(entry.score),
|
|
};
|
|
});
|
|
|
|
// Append ban history and username change data
|
|
history = await mergeBanHistory(history, targetUid, uids);
|
|
history = await mergeMuteHistory(history, targetUid, uids);
|
|
history = await mergeUsernameEmailChanges(history, targetUid, uids);
|
|
|
|
const userData = await user.getUsersFields(uids, ['username', 'userslug', 'picture']);
|
|
history.forEach((event, idx) => { event.user = userData[idx]; });
|
|
|
|
// Resort by date
|
|
history = history.sort((a, b) => b.datetime - a.datetime);
|
|
|
|
return history;
|
|
};
|
|
|
|
Flags.appendHistory = async function (flagId, uid, changeset) {
|
|
const datetime = changeset.datetime || Date.now();
|
|
delete changeset.datetime;
|
|
const payload = JSON.stringify([uid, changeset, datetime]);
|
|
await db.sortedSetAdd(`flag:${flagId}:history`, datetime, payload);
|
|
};
|
|
|
|
Flags.appendNote = async function (flagId, uid, note, datetime) {
|
|
if (datetime) {
|
|
try {
|
|
await Flags.deleteNote(flagId, datetime);
|
|
} catch (e) {
|
|
// Do not throw if note doesn't exist
|
|
if (!e.message === '[[error:invalid-data]]') {
|
|
throw e;
|
|
}
|
|
}
|
|
}
|
|
datetime = datetime || Date.now();
|
|
|
|
const payload = JSON.stringify([uid, note]);
|
|
await db.sortedSetAdd(`flag:${flagId}:notes`, datetime, payload);
|
|
await Flags.appendHistory(flagId, uid, {
|
|
notes: null,
|
|
datetime: datetime,
|
|
});
|
|
};
|
|
|
|
Flags.notify = async function (flagObj, uid, notifySelf = false) {
|
|
const [admins, globalMods] = await Promise.all([
|
|
groups.getMembers('administrators', 0, -1),
|
|
groups.getMembers('Global Moderators', 0, -1),
|
|
]);
|
|
let uids = admins.concat(globalMods);
|
|
let notifObj = null;
|
|
|
|
const { displayname } = flagObj.reports[flagObj.reports.length - 1].reporter;
|
|
|
|
if (flagObj.type === 'post') {
|
|
const [title, cid] = await Promise.all([
|
|
topics.getTitleByPid(flagObj.targetId),
|
|
posts.getCidByPid(flagObj.targetId),
|
|
]);
|
|
|
|
const modUids = await categories.getModeratorUids([cid]);
|
|
const titleEscaped = utils.decodeHTMLEntities(title).replace(/%/g, '%').replace(/,/g, ',');
|
|
|
|
notifObj = await notifications.create({
|
|
type: 'new-post-flag',
|
|
bodyShort: `[[notifications:user_flagged_post_in, ${displayname}, ${titleEscaped}]]`,
|
|
bodyLong: await plugins.hooks.fire('filter:parse.raw', String(flagObj.description || '')),
|
|
pid: flagObj.targetId,
|
|
path: `/flags/${flagObj.flagId}`,
|
|
nid: `flag:post:${flagObj.targetId}`,
|
|
from: uid,
|
|
mergeId: `notifications:user_flagged_post_in|${flagObj.targetId}`,
|
|
topicTitle: title,
|
|
});
|
|
uids = uids.concat(modUids[0]);
|
|
} else if (flagObj.type === 'user') {
|
|
const targetDisplayname = flagObj.target && flagObj.target.user ? flagObj.target.user.displayname : '[[global:guest]]';
|
|
notifObj = await notifications.create({
|
|
type: 'new-user-flag',
|
|
bodyShort: `[[notifications:user_flagged_user, ${displayname}, ${targetDisplayname}]]`,
|
|
bodyLong: await plugins.hooks.fire('filter:parse.raw', String(flagObj.description || '')),
|
|
path: `/flags/${flagObj.flagId}`,
|
|
nid: `flag:user:${flagObj.targetId}`,
|
|
from: uid,
|
|
mergeId: `notifications:user_flagged_user|${flagObj.targetId}`,
|
|
});
|
|
} else {
|
|
throw new Error('[[error:invalid-data]]');
|
|
}
|
|
|
|
plugins.hooks.fire('action:flags.notify', {
|
|
flag: flagObj,
|
|
notification: notifObj,
|
|
from: uid,
|
|
to: uids,
|
|
});
|
|
if (!notifySelf) {
|
|
uids = uids.filter(_uid => parseInt(_uid, 10) !== parseInt(uid, 10));
|
|
}
|
|
await notifications.push(notifObj, uids);
|
|
};
|
|
|
|
async function mergeBanHistory(history, targetUid, uids) {
|
|
return await mergeBanMuteHistory(history, uids, {
|
|
set: `uid:${targetUid}:bans:timestamp`,
|
|
label: '[[user:banned]]',
|
|
reasonDefault: '[[user:info.banned-no-reason]]',
|
|
expiryKey: '[[user:info.banned-expiry]]',
|
|
});
|
|
}
|
|
|
|
async function mergeMuteHistory(history, targetUid, uids) {
|
|
return await mergeBanMuteHistory(history, uids, {
|
|
set: `uid:${targetUid}:mutes:timestamp`,
|
|
label: '[[user:muted]]',
|
|
reasonDefault: '[[user:info.muted-no-reason]]',
|
|
expiryKey: '[[user:info.muted-expiry]]',
|
|
});
|
|
}
|
|
|
|
async function mergeBanMuteHistory(history, uids, params) {
|
|
let recentObjs = await db.getSortedSetRevRange(params.set, 0, 19);
|
|
recentObjs = await db.getObjects(recentObjs);
|
|
|
|
return history.concat(recentObjs.reduce((memo, cur) => {
|
|
uids.push(cur.fromUid);
|
|
memo.push({
|
|
uid: cur.fromUid,
|
|
meta: [
|
|
{
|
|
key: params.label,
|
|
value: validator.escape(String(cur.reason || params.reasonDefault)),
|
|
labelClass: 'danger',
|
|
},
|
|
{
|
|
key: params.expiryKey,
|
|
value: new Date(parseInt(cur.expire, 10)).toISOString(),
|
|
labelClass: 'default',
|
|
},
|
|
],
|
|
datetime: parseInt(cur.timestamp, 10),
|
|
datetimeISO: utils.toISOString(parseInt(cur.timestamp, 10)),
|
|
});
|
|
|
|
return memo;
|
|
}, []));
|
|
}
|
|
|
|
async function mergeUsernameEmailChanges(history, targetUid, uids) {
|
|
const usernameChanges = await user.getHistory(`user:${targetUid}:usernames`);
|
|
const emailChanges = await user.getHistory(`user:${targetUid}:emails`);
|
|
|
|
return history.concat(usernameChanges.reduce((memo, changeObj) => {
|
|
uids.push(targetUid);
|
|
memo.push({
|
|
uid: targetUid,
|
|
meta: [
|
|
{
|
|
key: '[[user:change_username]]',
|
|
value: changeObj.value,
|
|
labelClass: 'primary',
|
|
},
|
|
],
|
|
datetime: changeObj.timestamp,
|
|
datetimeISO: changeObj.timestampISO,
|
|
});
|
|
|
|
return memo;
|
|
}, [])).concat(emailChanges.reduce((memo, changeObj) => {
|
|
uids.push(targetUid);
|
|
memo.push({
|
|
uid: targetUid,
|
|
meta: [
|
|
{
|
|
key: '[[user:change_email]]',
|
|
value: changeObj.value,
|
|
labelClass: 'primary',
|
|
},
|
|
],
|
|
datetime: changeObj.timestamp,
|
|
datetimeISO: changeObj.timestampISO,
|
|
});
|
|
|
|
return memo;
|
|
}, []));
|
|
}
|
|
|
|
require('./promisify')(Flags);
|