Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597)

* Allow import/export of instance-level domain blocks/allows (#1754)

* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround

(cherry picked from commit 94e98864e39c010635e839fea984f2b4893bef1a)

* Add confirmation page when importing blocked domains (#1773)

* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains

(cherry picked from commit b91196f4b73fff91997b8077619ae25b6d04a59e)

* Fix authorization check in domain blocks controller

(cherry picked from commit 75279377583c6e2aa04cc8d7380c593979630b38)

* Fix error strings for domain blocks and email-domain blocks

Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"

* Ran i18n-tasks normalize to address test failure

* Removed unused admin.export_domain_blocks.not_permitted string

Removing unused string as indicated by Check i18n

* Fix tests

(cherry picked from commit 9094c2f52c24e1c00b594e7c11cd00e4a07eb431)

* Fix domain block export not exporting blocks with only media rejection

(cherry picked from commit 26ff48ee48a5c03a2a4b0bd03fd322529e6bd960)

* Fix various issues with domain block import

- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded

(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)

Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>

4 files changed, 72 insertions, 0 deletions

diff --git a/app/models/admin/import.rb b/app/models/admin/import.rb
new file mode 100644
index 000000000..79c0722d5
--- /dev/null
+++ b/app/models/admin/import.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+# A non-activerecord helper class for csv upload
+class Admin::Import
+  include ActiveModel::Model
+
+  ROWS_PROCESSING_LIMIT = 20_000
+
+  attr_accessor :data
+
+  validates :data, presence: true
+  validate :validate_data
+
+  def data_file_name
+    data.original_filename
+  end
+
+  private
+
+  def validate_data
+    return if data.blank?
+
+    csv_data = CSV.read(data.path, encoding: 'UTF-8')
+
+    row_count  = csv_data.size
+    row_count -= 1 if csv_data.first&.first == '#domain'
+
+    errors.add(:data, I18n.t('imports.errors.over_rows_processing_limit', count: ROWS_PROCESSING_LIMIT)) if row_count > ROWS_PROCESSING_LIMIT
+  rescue CSV::MalformedCSVError => e
+    errors.add(:data, I18n.t('imports.errors.invalid_csv_file', error: e.message))
+  end
+end
diff --git a/app/models/domain_allow.rb b/app/models/domain_allow.rb
index 65f494fed..9e746b915 100644
--- a/app/models/domain_allow.rb
+++ b/app/models/domain_allow.rb
@@ -28,6 +28,10 @@ class DomainAllow < ApplicationRecord
       !rule_for(domain).nil?
     end
 
+    def allowed_domains
+      select(:domain)
+    end
+
     def rule_for(domain)
       return if domain.blank?
 
diff --git a/app/models/domain_block.rb b/app/models/domain_block.rb
index ad1dc2a38..8e298ac9d 100644
--- a/app/models/domain_block.rb
+++ b/app/models/domain_block.rb
@@ -29,6 +29,7 @@ class DomainBlock < ApplicationRecord
 
   scope :matches_domain, ->(value) { where(arel_table[:domain].matches("%#{value}%")) }
   scope :with_user_facing_limitations, -> { where(severity: [:silence, :suspend]) }
+  scope :with_limitations, -> { where(severity: [:silence, :suspend]).or(where(reject_media: true)) }
   scope :by_severity, -> { order(Arel.sql('(CASE severity WHEN 0 THEN 1 WHEN 1 THEN 2 WHEN 2 THEN 0 END), domain')) }
 
   def to_log_human_identifier
diff --git a/app/models/form/domain_block_batch.rb b/app/models/form/domain_block_batch.rb
new file mode 100644
index 000000000..39012df51
--- /dev/null
+++ b/app/models/form/domain_block_batch.rb
@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+class Form::DomainBlockBatch
+  include ActiveModel::Model
+  include Authorization
+  include AccountableConcern
+
+  attr_accessor :domain_blocks_attributes, :action, :current_account
+
+  def save
+    case action
+    when 'save'
+      save!
+    end
+  end
+
+  private
+
+  def domain_blocks
+    @domain_blocks ||= domain_blocks_attributes.values.filter_map do |attributes|
+      DomainBlock.new(attributes.without('enabled')) if ActiveModel::Type::Boolean.new.cast(attributes['enabled'])
+    end
+  end
+
+  def save!
+    domain_blocks.each do |domain_block|
+      authorize(domain_block, :create?)
+      next if DomainBlock.rule_for(domain_block.domain).present?
+
+      domain_block.save!
+      DomainBlockWorker.perform_async(domain_block.id)
+      log_action :create, domain_block
+    end
+  end
+end