From 740f8a95a905e949b6a74bc69dcaf638d2d46248 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Mon, 27 Nov 2017 16:07:59 +0100
Subject: Add consumable invites (#5814)

* Add consumable invites

* Add UI for generating invite codes

* Add tests

* Display max uses and expiration in invites table, delete invite

* Remove unused column and redundant validator

- Default follows not used, probably bad idea
- InviteCodeValidator is redundant because RegistrationsController
  checks invite code validity

* Add admin setting to disable invites

* Add admin UI for invites, configurable role for invite creation

- Admin UI that lists everyone's invites, always available
- Admin setting min_invite_role to control who can invite people
- Non-admin invite UI only visible if users are allowed to

* Do not remove invites from database, expire them instantly
---
 config/locales/en.yml             | 24 ++++++++++++++++++++++++
 config/locales/simple_form.en.yml |  2 ++
 config/navigation.rb              |  3 +++
 config/routes.rb                  |  6 ++++++
 config/settings.yml               |  1 +
 5 files changed, 36 insertions(+)

(limited to 'config')

diff --git a/config/locales/en.yml b/config/locales/en.yml
index 13b90cf0f..36b6981cb 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -231,6 +231,8 @@ en:
       reset: Reset
       search: Search
       title: Known instances
+    invites:
+      title: Invites
     reports:
       action_taken_by: Action taken by
       are_you_sure: Are you sure?
@@ -269,6 +271,9 @@ en:
         deletion:
           desc_html: Allow anyone to delete their account
           title: Open account deletion
+        min_invite_role:
+          disabled: No one
+          title: Allow invitations by
         open:
           desc_html: Allow anyone to create an account
           title: Open registration
@@ -424,6 +429,25 @@ en:
       muting: Muting list
     upload: Upload
   in_memoriam_html: In Memoriam.
+  invites:
+    delete: Delete
+    expires_in:
+      '1800': 30 minutes
+      '21600': 6 hours
+      '3600': 1 hour
+      '43200': 12 hours
+      '86400': 1 day
+    expires_in_prompt: Never
+    generate: Generate
+    max_uses:
+      one: 1 use
+      other: "%{count} uses"
+    max_uses_prompt: No limit
+    prompt: Generate and share links with others to grant access to this instance
+    table:
+      expires_at: Expires
+      uses: Uses
+    title: Invite people
   landing_strip_html: "<strong>%{name}</strong> is a user on %{link_to_root_path}. You can follow them or interact with them if you have an account anywhere in the fediverse."
   landing_strip_signup_html: If you don't, you can <a href="%{sign_up_path}">sign up here</a>.
   media_attachments:
diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml
index faf41f316..ff1a40ccd 100644
--- a/config/locales/simple_form.en.yml
+++ b/config/locales/simple_form.en.yml
@@ -30,10 +30,12 @@ en:
         data: Data
         display_name: Display name
         email: E-mail address
+        expires_in: Expire after
         filtered_languages: Filtered languages
         header: Header
         locale: Language
         locked: Lock account
+        max_uses: Max number of uses
         new_password: New password
         note: Bio
         otp_attempt: Two-factor code
diff --git a/config/navigation.rb b/config/navigation.rb
index 26e6d386a..fdfd72b4c 100644
--- a/config/navigation.rb
+++ b/config/navigation.rb
@@ -16,6 +16,8 @@ SimpleNavigation::Configuration.run do |navigation|
       settings.item :follower_domains, safe_join([fa_icon('users fw'), t('settings.followers')]), settings_follower_domains_url
     end
 
+    primary.item :invites, safe_join([fa_icon('user-plus fw'), t('invites.title')]), invites_path, if: proc { Setting.min_invite_role == 'user' }
+
     primary.item :development, safe_join([fa_icon('code fw'), t('settings.development')]), settings_applications_url do |development|
       development.item :your_apps, safe_join([fa_icon('list fw'), t('settings.your_apps')]), settings_applications_url, highlights_on: %r{/settings/applications}
     end
@@ -24,6 +26,7 @@ SimpleNavigation::Configuration.run do |navigation|
       admin.item :action_logs, safe_join([fa_icon('bars fw'), t('admin.action_logs.title')]), admin_action_logs_url
       admin.item :reports, safe_join([fa_icon('flag fw'), t('admin.reports.title')]), admin_reports_url, highlights_on: %r{/admin/reports}
       admin.item :accounts, safe_join([fa_icon('users fw'), t('admin.accounts.title')]), admin_accounts_url, highlights_on: %r{/admin/accounts}
+      admin.item :invites, safe_join([fa_icon('user-plus fw'), t('admin.invites.title')]), admin_invites_path
       admin.item :instances, safe_join([fa_icon('cloud fw'), t('admin.instances.title')]), admin_instances_url, highlights_on: %r{/admin/instances}, if: -> { current_user.admin? }
       admin.item :domain_blocks, safe_join([fa_icon('lock fw'), t('admin.domain_blocks.title')]), admin_domain_blocks_url, highlights_on: %r{/admin/domain_blocks}, if: -> { current_user.admin? }
       admin.item :email_domain_blocks, safe_join([fa_icon('envelope fw'), t('admin.email_domain_blocks.title')]), admin_email_domain_blocks_url, highlights_on: %r{/admin/email_domain_blocks}, if: -> { current_user.admin? }
diff --git a/config/routes.rb b/config/routes.rb
index d675fa846..59c3d4fdb 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -22,6 +22,10 @@ Rails.application.routes.draw do
   get 'manifest', to: 'manifests#show', defaults: { format: 'json' }
   get 'intent', to: 'intents#show'
 
+  devise_scope :user do
+    get '/invite/:invite_code', to: 'auth/registrations#new', as: :public_invite
+  end
+
   devise_for :users, path: 'auth', controllers: {
     sessions:           'auth/sessions',
     registrations:      'auth/registrations',
@@ -99,6 +103,7 @@ Rails.application.routes.draw do
   resources :media,  only: [:show]
   resources :tags,   only: [:show]
   resources :emojis, only: [:show]
+  resources :invites, only: [:index, :create, :destroy]
 
   get '/media_proxy/:id/(*any)', to: 'media_proxy#show', as: :media_proxy
 
@@ -112,6 +117,7 @@ Rails.application.routes.draw do
     resources :email_domain_blocks, only: [:index, :new, :create, :destroy]
     resources :action_logs, only: [:index]
     resource :settings, only: [:edit, :update]
+    resources :invites, only: [:index, :create, :destroy]
 
     resources :instances, only: [:index] do
       collection do
diff --git a/config/settings.yml b/config/settings.yml
index 5a0170fb4..f03a32e50 100644
--- a/config/settings.yml
+++ b/config/settings.yml
@@ -16,6 +16,7 @@ defaults: &defaults
   open_registrations: true
   closed_registrations_message: ''
   open_deletion: true
+  min_invite_role: 'admin'
   timeline_preview: true
   show_staff_badge: true
   default_sensitive: false
-- 
cgit