closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4894 Commits
4 Branches
567 MiB
Tree: 04fef7b888
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '04fef7b888'
${ noResults }
mastodon/app/models/user.rb

316 lines
8.5 KiB
Raw Normal View History

Fix rubocop issues, introduce usage of frozen literal to improve performance
7 years ago
annotate models (#2697) * add annotate to Gemfile * rails g annotate:install * configure annotate_models * add schema info to models * fix rubocop to add frozen_string_literal
7 years ago
Lists (#5703) * Add structure for lists * Add list timeline streaming API * Add list APIs, bind list-account relation to follow relation * Add API for adding/removing accounts from lists * Add pagination to lists API * Add pagination to list accounts API * Adjust scopes for new APIs - Creating and modifying lists merely requires "write" scope - Fetching information about lists merely requires "read" scope * Add test for wrong user context on list timeline * Clean up tests
6 years ago
annotate models (#2697) * add annotate to Gemfile * rails g annotate:install * configure annotate_models * add schema info to models * fix rubocop to add frozen_string_literal
7 years ago
Fix boolean columns sometimes having a null value (#4162) * Fix boolean columns sometimes having a null value * Fix wrong value being set instead of null
6 years ago
annotate models (#2697) * add annotate to Gemfile * rails g annotate:install * configure annotate_models * add schema info to models * fix rubocop to add frozen_string_literal
7 years ago
Fix boolean columns sometimes having a null value (#4162) * Fix boolean columns sometimes having a null value * Fix wrong value being set instead of null
6 years ago
annotate models (#2697) * add annotate to Gemfile * rails g annotate:install * configure annotate_models * add schema info to models * fix rubocop to add frozen_string_literal
7 years ago
Filter languages with opt out (#3175) * Remove allowed_languages and add filtered_languages * Use filtered_languages instead of allowed_languages
7 years ago
Lists (#5703) * Add structure for lists * Add list timeline streaming API * Add list APIs, bind list-account relation to follow relation * Add API for adding/removing accounts from lists * Add pagination to lists API * Add pagination to list accounts API * Adjust scopes for new APIs - Creating and modifying lists merely requires "write" scope - Fetching information about lists merely requires "read" scope * Add test for wrong user context on list timeline * Clean up tests
6 years ago
Add ability to disable login and mark accounts as memorial (#5615) Fix #5597
6 years ago
Add moderator role and add pundit policies for admin actions (#5635) * Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
6 years ago
Add consumable invites (#5814) * Add consumable invites * Add UI for generating invite codes * Add tests * Display max uses and expiration in invites table, delete invite * Remove unused column and redundant validator - Default follows not used, probably bad idea - InviteCodeValidator is redundant because RegistrationsController checks invite code validity * Add admin setting to disable invites * Add admin UI for invites, configurable role for invite creation - Admin UI that lists everyone's invites, always available - Admin setting min_invite_role to control who can invite people - Non-admin invite UI only visible if users are allowed to * Do not remove invites from database, expire them instantly
6 years ago
pam authentication (#5303) * add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style
6 years ago
annotate models (#2697) * add annotate to Gemfile * rails g annotate:install * configure annotate_models * add schema info to models * fix rubocop to add frozen_string_literal
7 years ago
Fix rubocop issues, introduce usage of frozen literal to improve performance
7 years ago
Upgrade to Rails 5.0.0.1
7 years ago
Extend rails-settings-cached to merge db-saved hash values with defaults
7 years ago
Add ability to disable login and mark accounts as memorial (#5615) Fix #5597
6 years ago
Specs for cleanup workers (#3235) * Add spec files for feed and media cleanup workers * Add coverage for feed and media cleanup schedulers * Clean up feed and media cleanup workers
7 years ago
Migrate from ledermann/rails-settings to rails-settings-cached which allows global settings with YAML-defined defaults. Add admin page for editing global settings. Add "site_description" setting that would show as a paragraph on the frontpage
7 years ago
Add confirmation step for email changes (#6071) * Add confirmation step for email changes This adds a confirmation step for email changes of existing users. Like the initial account confirmation, a confirmation link is sent to the new address. Additionally, a notification is sent to the existing address when the change is initiated. This message includes instruction to reset the password immediately or to contact the instance admin if the change was not initiated by the account owner. Fixes #3871 * Add review fixes
6 years ago
Add recovery code support for two-factor auth (#1773) * Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names
7 years ago
Removing grape and adding devise
8 years ago
Add confirmation step for email changes (#6071) * Add confirmation step for email changes This adds a confirmation step for email changes of existing users. Like the initial account confirmation, a confirmation link is sent to the new address. Additionally, a notification is sent to the existing address when the change is initiated. This message includes instruction to reset the password immediately or to contact the instance admin if the change was not initiated by the account owner. Fixes #3871 * Add review fixes
6 years ago
pam authentication (#5303) * add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style
6 years ago
Change belongs_to_required_by_default to true (#5888)
6 years ago
Customizing devise views and controllers
8 years ago
Removing grape and adding devise
8 years ago
Application prefs section (#2758) * Add code for creating/managing apps to settings section * Add specs for app changes * Fix controller spec * Fix view file I pasted over by mistake * Add locale strings. Add 'my apps' to nav * Add Client ID/Secret to App page. Add some visual separation * Fix rubocop warnings * Fix embarrassing typo I lost an `end` statement while fixing a merge conflict. * Add code for creating/managing apps to settings section - Add specs for app changes - Add locale strings. Add 'my apps' to nav - Add Client ID/Secret to App page. Add some visual separation - Fix some bugs/warnings * Update to match code standards * Trigger notification * Add warning about not sharing API secrets * Tweak spec a bit * Cleanup fixture creation by using let! * Remove unused key * Add foreign key for application<->user
6 years ago
Conditional validations no longer accept strings for if/unless (#3124)
7 years ago
Correct validators so that existing error messages would look correct (#3668)
7 years ago
Bind oauth applications to users
8 years ago
Add moderator role and add pundit policies for admin actions (#5635) * Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
6 years ago
Add digest e-mails
7 years ago
Specs for cleanup workers (#3235) * Add spec files for feed and media cleanup workers * Add coverage for feed and media cleanup schedulers * Clean up feed and media cleanup workers
7 years ago
Add rake task mastodon:feeds:build to regenerate all active users' feeds (#4303)
6 years ago
Add coverage for ReportFilter and AccountFilter (#3236)
7 years ago
Adding user settings (model and mailer), no form yet
7 years ago
Improve allowed language handling (#2897) * Dont allow empty value in user allowed languages * Sanitize language input to reject blank values in array
7 years ago
Update Rails to version 5.1.1 (#3121) * Update rails to version 5.1.1 * Run `rails app:update` * Remove the override of polymorphic activity relationship * Silence warning about otp_secret attribute being unknown to rails * We will only introduce form_with where we want to use remote data
7 years ago
Revocable sessions (#3616) * feat: Revocable sessions * fix: Tests using sign_in * feat: Configuration entry for the maximum number of session activations
7 years ago
Delegate some methods of User to @settings (#5706) * Move some tests of User into Settings::ScopedSettings * Add a test for User@settings
6 years ago
Add consumable invites (#5814) * Add consumable invites * Add UI for generating invite codes * Add tests * Display max uses and expiration in invites table, delete invite * Remove unused column and redundant validator - Default follows not used, probably bad idea - InviteCodeValidator is redundant because RegistrationsController checks invite code validity * Add admin setting to disable invites * Add admin UI for invites, configurable role for invite creation - Admin UI that lists everyone's invites, always available - Admin setting min_invite_role to control who can invite people - Non-admin invite UI only visible if users are allowed to * Do not remove invites from database, expire them instantly
6 years ago
pam authentication (#5303) * add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style
6 years ago
Admin UI for confirming users (#2245) * Shows confirmed status in list. * Adds ability to confirm users in admin UI. * Added new english translations. * Addresses feedback from #2245. * More feedback.
7 years ago
Add moderator role and add pundit policies for admin actions (#5635) * Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
6 years ago
Add consumable invites (#5814) * Add consumable invites * Add UI for generating invite codes * Add tests * Display max uses and expiration in invites table, delete invite * Remove unused column and redundant validator - Default follows not used, probably bad idea - InviteCodeValidator is redundant because RegistrationsController checks invite code validity * Add admin setting to disable invites * Add admin UI for invites, configurable role for invite creation - Admin UI that lists everyone's invites, always available - Admin setting min_invite_role to control who can invite people - Non-admin invite UI only visible if users are allowed to * Do not remove invites from database, expire them instantly
6 years ago
Add ability to disable login and mark accounts as memorial (#5615) Fix #5597
6 years ago
Add more instance stats APIs (#6125) * Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps
6 years ago
Fix email confirmation link not updating email (#6187) A change introduced in #6125 prevents `Devise::Models::Confirmable#confirm` from being called for existing users, which in turn leads to `email` not being set to `unconfirmed_email`, breaking email updates. This also adds a test that would've caught this issue.
6 years ago
Add more instance stats APIs (#6125) * Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps
6 years ago
Fix #6331 (#6341) UserTrackingConcern is circumvented by SessionsController#create because it calls warden, which calls the User#update_tracked_fields! method directly. Move returning user logic to that method.
6 years ago
Add more instance stats APIs (#6125) * Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps
6 years ago
Add moderator role and add pundit policies for admin actions (#5635) * Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
6 years ago
Fix email confirmation link not updating email (#6187) A change introduced in #6125 prevents `Devise::Models::Confirmable#confirm` from being called for existing users, which in turn leads to `email` not being set to `unconfirmed_email`, breaking email updates. This also adds a test that would've caught this issue.
6 years ago
Add more instance stats APIs (#6125) * Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps
6 years ago
Add moderator role and add pundit policies for admin actions (#5635) * Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
6 years ago
Fix #6331 (#6341) UserTrackingConcern is circumvented by SessionsController#create because it calls warden, which calls the User#update_tracked_fields! method directly. Move returning user logic to that method.
6 years ago
Add moderator role and add pundit policies for admin actions (#5635) * Add moderator role and add pundit policies for admin actions * Add rake task for turning user into mod and revoking it again * Fix handling of unauthorized exception * Deliver new report e-mails to staff, not just admins * Add promote/demote to admin UI, hide some actions conditionally * Fix unused i18n
6 years ago
Add option to disable two factor auth in admin accounts panel. (#2584) * Add option to disable two factor auth in admin accounts panel. Closes #2578 * Add @mjankowski's suggestions. * Moves destroy actions behind User#disable_two_factor! * Adds spec coverage for Admin:TwoFactorAuthenticationsController and User#disable_two_factor!
7 years ago
Add ability to disable login and mark accounts as memorial (#5615) Fix #5597
6 years ago
Add API modifiers to limit returned toots from public/hashtag timelines to only those from local users; Add link to "extended information" to getting started in the UI; Add defaults for posting privacy; Change how publish button looks depending on posting privacy chosen
7 years ago
Allow user to disable the boost confirm dialog in preferences
7 years ago
Move e-mail digest task to sidekiq, reduce workload, improve hint (#6252)
6 years ago
Application prefs section (#2758) * Add code for creating/managing apps to settings section * Add specs for app changes * Fix controller spec * Fix view file I pasted over by mistake * Add locale strings. Add 'my apps' to nav * Add Client ID/Secret to App page. Add some visual separation * Fix rubocop warnings * Fix embarrassing typo I lost an `end` statement while fixing a merge conflict. * Add code for creating/managing apps to settings section - Add specs for app changes - Add locale strings. Add 'my apps' to nav - Add Client ID/Secret to App page. Add some visual separation - Fix some bugs/warnings * Update to match code standards * Trigger notification * Add warning about not sharing API secrets * Tweak spec a bit * Cleanup fixture creation by using let! * Remove unused key * Add foreign key for application<->user
6 years ago
Add overview of active sessions (#3929) * Add overview of active sessions * Better display of browser/platform name * Improve how browser information is stored and displayed for sessions overview * Fix test
6 years ago
Use request.remote_ip instead of request.ip (#4744)
6 years ago
Revocable sessions (#3616) * feat: Revocable sessions * fix: Tests using sign_in * feat: Configuration entry for the maximum number of session activations
7 years ago
Web Push Notifications (#3243) * feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
6 years ago
Add consumable invites (#5814) * Add consumable invites * Add UI for generating invite codes * Add tests * Display max uses and expiration in invites table, delete invite * Remove unused column and redundant validator - Default follows not used, probably bad idea - InviteCodeValidator is redundant because RegistrationsController checks invite code validity * Add admin setting to disable invites * Add admin UI for invites, configurable role for invite creation - Admin UI that lists everyone's invites, always available - Admin setting min_invite_role to control who can invite people - Non-admin invite UI only visible if users are allowed to * Do not remove invites from database, expire them instantly
6 years ago
pam authentication (#5303) * add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style
6 years ago
Refactor User and spec (#3431) * Protect send_devise_notification of User * Improve spec for User
7 years ago
Improve allowed language handling (#2897) * Dont allow empty value in user allowed languages * Sanitize language input to reject blank values in array
7 years ago
Filter languages with opt out (#3175) * Remove allowed_languages and add filtered_languages * Use filtered_languages instead of allowed_languages
7 years ago
Improve allowed language handling (#2897) * Dont allow empty value in user allowed languages * Sanitize language input to reject blank values in array
7 years ago
Add more instance stats APIs (#6125) * Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps
6 years ago
Fix #6331 (#6341) UserTrackingConcern is circumvented by SessionsController#create because it calls warden, which calls the User#update_tracked_fields! method directly. Move returning user logic to that method.
6 years ago
Add more instance stats APIs (#6125) * Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps
6 years ago
Replace tutorial modal with welcome e-mail (#6273) * Remove onboarding modal * Welcome e-mail * Send welcome e-mail after confirmation * Remove obsolete translations
6 years ago
Add more instance stats APIs (#6125) * Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps
6 years ago
Fix #6331 (#6341) UserTrackingConcern is circumvented by SessionsController#create because it calls warden, which calls the User#update_tracked_fields! method directly. Move returning user logic to that method.
6 years ago
Made some progress
8 years ago
 
  1. # frozen_string_literal: true
  2. # == Schema Information
  3. #
  4. # Table name: users
  5. #
  6. #  id                        :integer          not null, primary key
  7. #  email                     :string           default(""), not null
  8. #  created_at                :datetime         not null
  9. #  updated_at                :datetime         not null
  10. #  encrypted_password        :string           default(""), not null
  11. #  reset_password_token      :string
  12. #  reset_password_sent_at    :datetime
  13. #  remember_created_at       :datetime
  14. #  sign_in_count             :integer          default(0), not null
  15. #  current_sign_in_at        :datetime
  16. #  last_sign_in_at           :datetime
  17. #  current_sign_in_ip        :inet
  18. #  last_sign_in_ip           :inet
  19. #  admin                     :boolean          default(FALSE), not null
  20. #  confirmation_token        :string
  21. #  confirmed_at              :datetime
  22. #  confirmation_sent_at      :datetime
  23. #  unconfirmed_email         :string
  24. #  locale                    :string
  25. #  encrypted_otp_secret      :string
  26. #  encrypted_otp_secret_iv   :string
  27. #  encrypted_otp_secret_salt :string
  28. #  consumed_timestep         :integer
  29. #  otp_required_for_login    :boolean          default(FALSE), not null
  30. #  last_emailed_at           :datetime
  31. #  otp_backup_codes          :string           is an Array
  32. #  filtered_languages        :string           default([]), not null, is an Array
  33. #  account_id                :integer          not null
  34. #  disabled                  :boolean          default(FALSE), not null
  35. #  moderator                 :boolean          default(FALSE), not null
  36. #  invite_id                 :integer
  37. #  remember_token            :string
  38. #
  39. 

  40. class User < ApplicationRecord
  41.   include Settings::Extend
  42. 

  43.   ACTIVE_DURATION = 14.days
  44. 

  45.   devise :two_factor_authenticatable,
  46.          otp_secret_encryption_key: ENV['OTP_SECRET']
  47. 

  48.   devise :two_factor_backupable,
  49.          otp_number_of_backup_codes: 10

  50. 

  51.   devise :registerable, :recoverable, :rememberable, :trackable, :validatable,
  52.          :confirmable
  53. 

  54.   devise :pam_authenticatable
  55. 

  56.   belongs_to :account, inverse_of: :user
  57.   belongs_to :invite, counter_cache: :uses, optional: true
  58.   accepts_nested_attributes_for :account
  59. 

  60.   has_many :applications, class_name: 'Doorkeeper::Application', as: :owner
  61. 

  62.   validates :locale, inclusion: I18n.available_locales.map(&:to_s), if: :locale?
  63.   validates_with BlacklistedEmailValidator, if: :email_changed?
  64. 

  65.   scope :recent, -> { order(id: :desc) }
  66.   scope :admins, -> { where(admin: true) }
  67.   scope :moderators, -> { where(moderator: true) }
  68.   scope :staff, -> { admins.or(moderators) }
  69.   scope :confirmed, -> { where.not(confirmed_at: nil) }
  70.   scope :inactive, -> { where(arel_table[:current_sign_in_at].lt(ACTIVE_DURATION.ago)) }
  71.   scope :active, -> { confirmed.where(arel_table[:current_sign_in_at].gteq(ACTIVE_DURATION.ago)).joins(:account).where(accounts: { suspended: false }) }
  72.   scope :matches_email, ->(value) { where(arel_table[:email].matches("#{value}%")) }
  73.   scope :with_recent_ip_address, ->(value) { where(arel_table[:current_sign_in_ip].eq(value).or(arel_table[:last_sign_in_ip].eq(value))) }
  74. 

  75.   before_validation :sanitize_languages
  76. 

  77.   # This avoids a deprecation warning from Rails 5.1
  78.   # It seems possible that a future release of devise-two-factor will
  79.   # handle this itself, and this can be removed from our User class.
  80.   attribute :otp_secret
  81. 

  82.   has_many :session_activations, dependent: :destroy
  83. 

  84.   delegate :auto_play_gif, :default_sensitive, :unfollow_modal, :boost_modal, :delete_modal,
  85.            :reduce_motion, :system_font_ui, :noindex, :theme,
  86.            to: :settings, prefix: :setting, allow_nil: false
  87. 

  88.   attr_accessor :invite_code
  89. 

  90.   def pam_conflict(_)
  91.     # block pam login tries on traditional account
  92.     nil
  93.   end
  94. 

  95.   def pam_conflict?
  96.     return false unless Devise.pam_authentication
  97.     encrypted_password.present? && is_pam_account?
  98.   end
  99. 

  100.   def pam_get_name
  101.     return account.username if account.present?
  102.     super
  103.   end
  104. 

  105.   def pam_setup(_attributes)
  106.     acc = Account.new(username: pam_get_name)
  107.     acc.save!(validate: false)
  108. 

  109.     self.email = "#{acc.username}@#{find_pam_suffix}" if email.nil? && find_pam_suffix
  110.     self.confirmed_at = Time.now.utc
  111.     self.admin = false
  112.     self.account = acc
  113. 

  114.     acc.destroy! unless save
  115.   end
  116. 

  117.   def confirmed?
  118.     confirmed_at.present?
  119.   end
  120. 

  121.   def staff?
  122.     admin? || moderator?
  123.   end
  124. 

  125.   def role
  126.     if admin?
  127.       'admin'
  128.     elsif moderator?
  129.       'moderator'
  130.     else
  131.       'user'
  132.     end
  133.   end
  134. 

  135.   def role?(role)
  136.     case role
  137.     when 'user'
  138.       true
  139.     when 'moderator'
  140.       staff?
  141.     when 'admin'
  142.       admin?
  143.     else
  144.       false
  145.     end
  146.   end
  147. 

  148.   def disable!
  149.     update!(disabled: true,
  150.             last_sign_in_at: current_sign_in_at,
  151.             current_sign_in_at: nil)
  152.   end
  153. 

  154.   def enable!
  155.     update!(disabled: false)
  156.   end
  157. 

  158.   def confirm
  159.     new_user = !confirmed?
  160. 

  161.     super
  162.     prepare_new_user! if new_user
  163.   end
  164. 

  165.   def confirm!
  166.     new_user = !confirmed?
  167. 

  168.     skip_confirmation!
  169.     save!
  170.     prepare_new_user! if new_user
  171.   end
  172. 

  173.   def update_tracked_fields!(request)
  174.     super
  175.     prepare_returning_user!
  176.   end
  177. 

  178.   def promote!
  179.     if moderator?
  180.       update!(moderator: false, admin: true)
  181.     elsif !admin?
  182.       update!(moderator: true)
  183.     end
  184.   end
  185. 

  186.   def demote!
  187.     if admin?
  188.       update!(admin: false, moderator: true)
  189.     elsif moderator?
  190.       update!(moderator: false)
  191.     end
  192.   end
  193. 

  194.   def disable_two_factor!
  195.     self.otp_required_for_login = false
  196.     otp_backup_codes&.clear
  197.     save!
  198.   end
  199. 

  200.   def active_for_authentication?
  201.     super && !disabled?
  202.   end
  203. 

  204.   def setting_default_privacy
  205.     settings.default_privacy || (account.locked? ? 'private' : 'public')
  206.   end
  207. 

  208.   def allows_digest_emails?
  209.     settings.notification_emails['digest']
  210.   end
  211. 

  212.   def token_for_app(a)
  213.     return nil if a.nil? || a.owner != self
  214.     Doorkeeper::AccessToken
  215.       .find_or_create_by(application_id: a.id, resource_owner_id: id) do |t|
  216. 

  217.       t.scopes = a.scopes
  218.       t.expires_in = Doorkeeper.configuration.access_token_expires_in
  219.       t.use_refresh_token = Doorkeeper.configuration.refresh_token_enabled?
  220.     end
  221.   end
  222. 

  223.   def activate_session(request)
  224.     session_activations.activate(session_id: SecureRandom.hex,
  225.                                  user_agent: request.user_agent,
  226.                                  ip: request.remote_ip).session_id
  227.   end
  228. 

  229.   def exclusive_session(id)
  230.     session_activations.exclusive(id)
  231.   end
  232. 

  233.   def session_active?(id)
  234.     session_activations.active? id
  235.   end
  236. 

  237.   def web_push_subscription(session)
  238.     session.web_push_subscription.nil? ? nil : session.web_push_subscription.as_payload
  239.   end
  240. 

  241.   def invite_code=(code)
  242.     self.invite  = Invite.find_by(code: code) unless code.blank?
  243.     @invite_code = code
  244.   end
  245. 

  246.   def password_required?
  247.     return false if Devise.pam_authentication
  248.     super
  249.   end
  250. 

  251.   def send_reset_password_instructions
  252.     return false if encrypted_password.blank? && Devise.pam_authentication
  253.     super
  254.   end
  255. 

  256.   def reset_password!(new_password, new_password_confirmation)
  257.     return false if encrypted_password.blank? && Devise.pam_authentication
  258.     super
  259.   end
  260. 

  261.   def self.pam_get_user(attributes = {})
  262.     if attributes[:email]
  263.       resource =
  264.         if Devise.check_at_sign && !attributes[:email].index('@')
  265.           joins(:account).find_by(accounts: { username: attributes[:email] })
  266.         else
  267.           find_by(email: attributes[:email])
  268.         end
  269. 

  270.       if resource.blank?
  271.         resource = new(email: attributes[:email])
  272.         if Devise.check_at_sign && !resource[:email].index('@')
  273.           resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}"
  274.         end
  275.       end
  276.       resource
  277.     end
  278.   end
  279. 

  280.   def self.authenticate_with_pam(attributes = {})
  281.     return nil unless Devise.pam_authentication
  282.     super
  283.   end
  284. 

  285.   protected
  286. 

  287.   def send_devise_notification(notification, *args)
  288.     devise_mailer.send(notification, self, *args).deliver_later
  289.   end
  290. 

  291.   private
  292. 

  293.   def sanitize_languages
  294.     filtered_languages.reject!(&:blank?)
  295.   end
  296. 

  297.   def prepare_new_user!
  298.     BootstrapTimelineWorker.perform_async(account_id)
  299.     ActivityTracker.increment('activity:accounts:local')
  300.     UserMailer.welcome(self).deliver_later
  301.   end
  302. 

  303.   def prepare_returning_user!
  304.     ActivityTracker.record('activity:logins', id)
  305.     regenerate_feed! if needs_feed_update?
  306.   end
  307. 

  308.   def regenerate_feed!
  309.     Redis.current.setnx("account:#{account_id}:regeneration", true) && Redis.current.expire("account:#{account_id}:regeneration", 1.day.seconds)
  310.     RegenerationWorker.perform_async(account_id)
  311.   end
  312. 

  313.   def needs_feed_update?
  314.     last_sign_in_at < ACTIVE_DURATION.ago
  315.   end
  316. end