about summary refs log tree commit diff
path: root/app/controllers
diff options
context:
space:
mode:
authorClaire <claire.github-309c@sitedethib.com>2022-08-28 11:26:27 +0200
committerClaire <claire.github-309c@sitedethib.com>2022-08-28 11:31:00 +0200
commit077183a12128cf9dbc2cbbdbffbf49250e9b38df (patch)
tree7aed6cae7382ac413b0f93e7523552307fe6938d /app/controllers
parent54d9a9c18a74a1ec766d8f611ad3ee11ab4c5422 (diff)
parent2a7766dcc958ad18df761de50f9da5164f1a2e8f (diff)
Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/settings/preferences_controller.rb`:
  Upstream dropping `digest` from notifications emails while we have more
  notification emails settings.
  Removed `digest` from our list while keeping our extra settings.
- `app/javascript/packs/admin.js`:
  Conflicts caused by glitch-soc's theming system.
  Applied the changes to `app/javascript/core/admin.js`.
- `app/views/settings/preferences/other/show.html.haml`:
  Upstream removed a setting close to a glitch-soc-only setting.
  Applied upstream's change.
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/admin/accounts_controller.rb6
-rw-r--r--app/controllers/admin/roles_controller.rb3
-rw-r--r--app/controllers/admin/users/roles_controller.rb1
-rw-r--r--app/controllers/api/v1/admin/canonical_email_blocks_controller.rb99
-rw-r--r--app/controllers/api/v1/admin/email_domain_blocks_controller.rb90
-rw-r--r--app/controllers/api/v1/admin/ip_blocks_controller.rb99
-rw-r--r--app/controllers/concerns/accountable_concern.rb8
-rw-r--r--app/controllers/settings/preferences_controller.rb2
8 files changed, 304 insertions, 4 deletions
diff --git a/app/controllers/admin/accounts_controller.rb b/app/controllers/admin/accounts_controller.rb
index 46c9aba91..40bf685c5 100644
--- a/app/controllers/admin/accounts_controller.rb
+++ b/app/controllers/admin/accounts_controller.rb
@@ -16,7 +16,11 @@ module Admin
     def batch
       authorize :account, :index?
 
-      @form = Form::AccountBatch.new(form_account_batch_params.merge(current_account: current_account, action: action_from_button))
+      @form = Form::AccountBatch.new(form_account_batch_params)
+      @form.current_account = current_account
+      @form.action = action_from_button
+      @form.select_all_matching = params[:select_all_matching]
+      @form.query = filtered_accounts
       @form.save
     rescue ActionController::ParameterMissing
       flash[:alert] = I18n.t('admin.accounts.no_account_selected')
diff --git a/app/controllers/admin/roles_controller.rb b/app/controllers/admin/roles_controller.rb
index 3e502ccc4..d76aa745b 100644
--- a/app/controllers/admin/roles_controller.rb
+++ b/app/controllers/admin/roles_controller.rb
@@ -23,6 +23,7 @@ module Admin
       @role.current_account = current_account
 
       if @role.save
+        log_action :create, @role
         redirect_to admin_roles_path
       else
         render :new
@@ -39,6 +40,7 @@ module Admin
       @role.current_account = current_account
 
       if @role.update(resource_params)
+        log_action :update, @role
         redirect_to admin_roles_path
       else
         render :edit
@@ -48,6 +50,7 @@ module Admin
     def destroy
       authorize @role, :destroy?
       @role.destroy!
+      log_action :destroy, @role
       redirect_to admin_roles_path
     end
 
diff --git a/app/controllers/admin/users/roles_controller.rb b/app/controllers/admin/users/roles_controller.rb
index 0db50cee9..f5dfc643d 100644
--- a/app/controllers/admin/users/roles_controller.rb
+++ b/app/controllers/admin/users/roles_controller.rb
@@ -14,6 +14,7 @@ module Admin
       @user.current_account = current_account
 
       if @user.update(resource_params)
+        log_action :change_role, @user
         redirect_to admin_account_path(@user.account_id), notice: I18n.t('admin.accounts.change_role.changed_msg')
       else
         render :show
diff --git a/app/controllers/api/v1/admin/canonical_email_blocks_controller.rb b/app/controllers/api/v1/admin/canonical_email_blocks_controller.rb
new file mode 100644
index 000000000..bf8a6a131
--- /dev/null
+++ b/app/controllers/api/v1/admin/canonical_email_blocks_controller.rb
@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+
+class Api::V1::Admin::CanonicalEmailBlocksController < Api::BaseController
+  include Authorization
+  include AccountableConcern
+
+  LIMIT = 100
+
+  before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:canonical_email_blocks' }, only: [:index, :show, :test]
+  before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:canonical_email_blocks' }, except: [:index, :show, :test]
+
+  before_action :set_canonical_email_blocks, only: :index
+  before_action :set_canonical_email_blocks_from_test, only: [:test]
+  before_action :set_canonical_email_block, only: [:show, :destroy]
+
+  after_action :verify_authorized
+  after_action :insert_pagination_headers, only: :index
+
+  PAGINATION_PARAMS = %i(limit).freeze
+
+  def index
+    authorize :canonical_email_block, :index?
+    render json: @canonical_email_blocks, each_serializer: REST::Admin::CanonicalEmailBlockSerializer
+  end
+
+  def show
+    authorize @canonical_email_block, :show?
+    render json: @canonical_email_block, serializer: REST::Admin::CanonicalEmailBlockSerializer
+  end
+
+  def test
+    authorize :canonical_email_block, :test?
+    render json: @canonical_email_blocks, each_serializer: REST::Admin::CanonicalEmailBlockSerializer
+  end
+
+  def create
+    authorize :canonical_email_block, :create?
+
+    @canonical_email_block = CanonicalEmailBlock.create!(resource_params)
+    log_action :create, @canonical_email_block
+
+    render json: @canonical_email_block, serializer: REST::Admin::CanonicalEmailBlockSerializer
+  end
+
+  def destroy
+    authorize @canonical_email_block, :destroy?
+
+    @canonical_email_block.destroy!
+    log_action :destroy, @canonical_email_block
+
+    render json: @canonical_email_block, serializer: REST::Admin::CanonicalEmailBlockSerializer
+  end
+
+  private
+
+  def resource_params
+    params.permit(:canonical_email_hash, :email)
+  end
+
+  def set_canonical_email_blocks
+    @canonical_email_blocks = CanonicalEmailBlock.order(id: :desc).to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
+  end
+
+  def set_canonical_email_blocks_from_test
+    @canonical_email_blocks = CanonicalEmailBlock.matching_email(params[:email])
+  end
+
+  def set_canonical_email_block
+    @canonical_email_block = CanonicalEmailBlock.find(params[:id])
+  end
+
+  def insert_pagination_headers
+    set_pagination_headers(next_path, prev_path)
+  end
+
+  def next_path
+    api_v1_admin_canonical_email_blocks_url(pagination_params(max_id: pagination_max_id)) if records_continue?
+  end
+
+  def prev_path
+    api_v1_admin_canonical_email_blocks_url(pagination_params(min_id: pagination_since_id)) unless @canonical_email_blocks.empty?
+  end
+
+  def pagination_max_id
+    @canonical_email_blocks.last.id
+  end
+
+  def pagination_since_id
+    @canonical_email_blocks.first.id
+  end
+
+  def records_continue?
+    @canonical_email_blocks.size == limit_param(LIMIT)
+  end
+
+  def pagination_params(core_params)
+    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
+  end
+end
diff --git a/app/controllers/api/v1/admin/email_domain_blocks_controller.rb b/app/controllers/api/v1/admin/email_domain_blocks_controller.rb
new file mode 100644
index 000000000..ac16f70b0
--- /dev/null
+++ b/app/controllers/api/v1/admin/email_domain_blocks_controller.rb
@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+class Api::V1::Admin::EmailDomainBlocksController < Api::BaseController
+  include Authorization
+  include AccountableConcern
+
+  LIMIT = 100
+
+  before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:email_domain_blocks' }, only: [:index, :show]
+  before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:email_domain_blocks' }, except: [:index, :show]
+  before_action :set_email_domain_blocks, only: :index
+  before_action :set_email_domain_block, only: [:show, :destroy]
+
+  after_action :verify_authorized
+  after_action :insert_pagination_headers, only: :index
+
+  PAGINATION_PARAMS = %i(
+    limit
+  ).freeze
+
+  def create
+    authorize :email_domain_block, :create?
+
+    @email_domain_block = EmailDomainBlock.create!(resource_params)
+    log_action :create, @email_domain_block
+
+    render json: @email_domain_block, serializer: REST::Admin::EmailDomainBlockSerializer
+  end
+
+  def index
+    authorize :email_domain_block, :index?
+    render json: @email_domain_blocks, each_serializer: REST::Admin::EmailDomainBlockSerializer
+  end
+
+  def show
+    authorize @email_domain_block, :show?
+    render json: @email_domain_block, serializer: REST::Admin::EmailDomainBlockSerializer
+  end
+
+  def destroy
+    authorize @email_domain_block, :destroy?
+
+    @email_domain_block.destroy!
+    log_action :destroy, @email_domain_block
+
+    render json: @email_domain_block, serializer: REST::Admin::EmailDomainBlockSerializer
+  end
+
+  private
+
+  def set_email_domain_blocks
+    @email_domain_blocks = EmailDomainBlock.order(id: :desc).to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
+  end
+
+  def set_email_domain_block
+    @email_domain_block = EmailDomainBlock.find(params[:id])
+  end
+
+  def resource_params
+    params.permit(:domain)
+  end
+
+  def insert_pagination_headers
+    set_pagination_headers(next_path, prev_path)
+  end
+
+  def next_path
+    api_v1_admin_email_domain_blocks_url(pagination_params(max_id: pagination_max_id)) if records_continue?
+  end
+
+  def prev_path
+    api_v1_admin_email_domain_blocks_url(pagination_params(min_id: pagination_since_id)) unless @email_domain_blocks.empty?
+  end
+
+  def pagination_max_id
+    @email_domain_blocks.last.id
+  end
+
+  def pagination_since_id
+    @email_domain_blocks.first.id
+  end
+
+  def records_continue?
+    @email_domain_blocks.size == limit_param(LIMIT)
+  end
+
+  def pagination_params(core_params)
+    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
+  end
+end
diff --git a/app/controllers/api/v1/admin/ip_blocks_controller.rb b/app/controllers/api/v1/admin/ip_blocks_controller.rb
new file mode 100644
index 000000000..f13d63267
--- /dev/null
+++ b/app/controllers/api/v1/admin/ip_blocks_controller.rb
@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+
+class Api::V1::Admin::IpBlocksController < Api::BaseController
+  include Authorization
+  include AccountableConcern
+
+  LIMIT = 100
+
+  before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:ip_blocks' }, only: [:index, :show]
+  before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:ip_blocks' }, except: [:index, :show]
+  before_action :set_ip_blocks, only: :index
+  before_action :set_ip_block, only: [:show, :update, :destroy]
+
+  after_action :verify_authorized
+  after_action :insert_pagination_headers, only: :index
+
+  PAGINATION_PARAMS = %i(
+    limit
+  ).freeze
+
+  def create
+    authorize :ip_block, :create?
+
+    @ip_block = IpBlock.create!(resource_params)
+    log_action :create, @ip_block
+
+    render json: @ip_block, serializer: REST::Admin::IpBlockSerializer
+  end
+
+  def index
+    authorize :ip_block, :index?
+    render json: @ip_blocks, each_serializer: REST::Admin::IpBlockSerializer
+  end
+
+  def show
+    authorize @ip_block, :show?
+    render json: @ip_block, serializer: REST::Admin::IpBlockSerializer
+  end
+
+  def update
+    authorize @ip_block, :update?
+
+    @ip_block.update(resource_params)
+    log_action :update, @ip_block
+
+    render json: @ip_block, serializer: REST::Admin::IpBlockSerializer
+  end
+
+  def destroy
+    authorize @ip_block, :destroy?
+
+    @ip_block.destroy!
+    log_action :destroy, @ip_block
+
+    render json: @ip_block, serializer: REST::Admin::IpBlockSerializer
+  end
+
+  private
+
+  def set_ip_blocks
+    @ip_blocks = IpBlock.order(id: :desc).to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
+  end
+
+  def set_ip_block
+    @ip_block = IpBlock.find(params[:id])
+  end
+
+  def resource_params
+    params.permit(:ip, :severity, :comment, :expires_in)
+  end
+
+  def insert_pagination_headers
+    set_pagination_headers(next_path, prev_path)
+  end
+
+  def next_path
+    api_v1_admin_ip_blocks_url(pagination_params(max_id: pagination_max_id)) if records_continue?
+  end
+
+  def prev_path
+    api_v1_admin_ip_blocks_url(pagination_params(min_id: pagination_since_id)) unless @ip_blocks.empty?
+  end
+
+  def pagination_max_id
+    @ip_blocks.last.id
+  end
+
+  def pagination_since_id
+    @ip_blocks.first.id
+  end
+
+  def records_continue?
+    @ip_blocks.size == limit_param(LIMIT)
+  end
+
+  def pagination_params(core_params)
+    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
+  end
+end
diff --git a/app/controllers/concerns/accountable_concern.rb b/app/controllers/concerns/accountable_concern.rb
index 87d62478d..c1349915f 100644
--- a/app/controllers/concerns/accountable_concern.rb
+++ b/app/controllers/concerns/accountable_concern.rb
@@ -3,7 +3,11 @@
 module AccountableConcern
   extend ActiveSupport::Concern
 
-  def log_action(action, target, options = {})
-    Admin::ActionLog.create(account: current_account, action: action, target: target, recorded_changes: options.stringify_keys)
+  def log_action(action, target)
+    Admin::ActionLog.create(
+      account: current_account,
+      action: action,
+      target: target
+    )
   end
 end
diff --git a/app/controllers/settings/preferences_controller.rb b/app/controllers/settings/preferences_controller.rb
index 669ed00c6..4c1336436 100644
--- a/app/controllers/settings/preferences_controller.rb
+++ b/app/controllers/settings/preferences_controller.rb
@@ -58,7 +58,7 @@ class Settings::PreferencesController < Settings::BaseController
       :setting_trends,
       :setting_crop_images,
       :setting_always_send_emails,
-      notification_emails: %i(follow follow_request reblog favourite mention digest report pending_account trending_tag trending_link trending_status appeal),
+      notification_emails: %i(follow follow_request reblog favourite mention report pending_account trending_tag trending_link trending_status appeal),
       interactions: %i(must_be_follower must_be_following must_be_following_dm)
     )
   end