闭社主体 forked from https://github.com/tootsuite/mastodon
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

391 lines
12 KiB

Fix “Email changed” notification sometimes having wrong e-mail (#13475) * Fix “Email changed” notification sometimes having wrong e-mail Fixes #6778 The root of the issue is that `send_devise_notification` was called before the changes were properly commited to the database, causing the mailer to pick previous values if running too early. Devise's documentation provides guidance on how to handle that[1][2], however, I have found it to not be working, as the following happens, in that order: - `send_devise_notification` is called for the `email_changed` notification. In that case, `changed?` is false and `saved_changes?` is true, so if we use the former, we have the same issue. - the `after_commit` hook is called - `send_devise_notification` is called for the `confirmation_instructions` notification. In that case, `changed?` is still false, and `saved_changes?` still true, so if we use the latter, that second notification email is simply not going to be sent (as we would be queuing the notification *after* executing the after_commit hook). This is because it may be called from either an `after_update` or `after_commit` hook, the difference not being a call to `save` but the transaction actually being committed to the database. This may arguably be a bug in Devise, or Devise's notification. The proposed workaround is inspired by Devise's documentation but checks whether a transaction is open to make the call whether to immediately send the notification or defer it to the `after_commit` hook. [1]: https://www.rubydoc.info/github/plataformatec/devise/Devise%2FModels%2FAuthenticatable:send_devise_notification [2]: https://github.com/heartcombo/devise/blob/406915cb781e38255a30ad2a0609e33952b9ec50/lib/devise/models/authenticatable.rb#L133-L194 * Fix cases when sending notifications without changing the model * Defer sending if and only if in transaction including current record
4 years ago
Web Push Notifications (#3243) * feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
7 years ago
Web Push Notifications (#3243) * feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
7 years ago
Fix “Email changed” notification sometimes having wrong e-mail (#13475) * Fix “Email changed” notification sometimes having wrong e-mail Fixes #6778 The root of the issue is that `send_devise_notification` was called before the changes were properly commited to the database, causing the mailer to pick previous values if running too early. Devise's documentation provides guidance on how to handle that[1][2], however, I have found it to not be working, as the following happens, in that order: - `send_devise_notification` is called for the `email_changed` notification. In that case, `changed?` is false and `saved_changes?` is true, so if we use the former, we have the same issue. - the `after_commit` hook is called - `send_devise_notification` is called for the `confirmation_instructions` notification. In that case, `changed?` is still false, and `saved_changes?` still true, so if we use the latter, that second notification email is simply not going to be sent (as we would be queuing the notification *after* executing the after_commit hook). This is because it may be called from either an `after_update` or `after_commit` hook, the difference not being a call to `save` but the transaction actually being committed to the database. This may arguably be a bug in Devise, or Devise's notification. The proposed workaround is inspired by Devise's documentation but checks whether a transaction is open to make the call whether to immediately send the notification or defer it to the `after_commit` hook. [1]: https://www.rubydoc.info/github/plataformatec/devise/Devise%2FModels%2FAuthenticatable:send_devise_notification [2]: https://github.com/heartcombo/devise/blob/406915cb781e38255a30ad2a0609e33952b9ec50/lib/devise/models/authenticatable.rb#L133-L194 * Fix cases when sending notifications without changing the model * Defer sending if and only if in transaction including current record
4 years ago
Fix “Email changed” notification sometimes having wrong e-mail (#13475) * Fix “Email changed” notification sometimes having wrong e-mail Fixes #6778 The root of the issue is that `send_devise_notification` was called before the changes were properly commited to the database, causing the mailer to pick previous values if running too early. Devise's documentation provides guidance on how to handle that[1][2], however, I have found it to not be working, as the following happens, in that order: - `send_devise_notification` is called for the `email_changed` notification. In that case, `changed?` is false and `saved_changes?` is true, so if we use the former, we have the same issue. - the `after_commit` hook is called - `send_devise_notification` is called for the `confirmation_instructions` notification. In that case, `changed?` is still false, and `saved_changes?` still true, so if we use the latter, that second notification email is simply not going to be sent (as we would be queuing the notification *after* executing the after_commit hook). This is because it may be called from either an `after_update` or `after_commit` hook, the difference not being a call to `save` but the transaction actually being committed to the database. This may arguably be a bug in Devise, or Devise's notification. The proposed workaround is inspired by Devise's documentation but checks whether a transaction is open to make the call whether to immediately send the notification or defer it to the `after_commit` hook. [1]: https://www.rubydoc.info/github/plataformatec/devise/Devise%2FModels%2FAuthenticatable:send_devise_notification [2]: https://github.com/heartcombo/devise/blob/406915cb781e38255a30ad2a0609e33952b9ec50/lib/devise/models/authenticatable.rb#L133-L194 * Fix cases when sending notifications without changing the model * Defer sending if and only if in transaction including current record
4 years ago
  1. # frozen_string_literal: true
  2. # == Schema Information
  3. #
  4. # Table name: users
  5. #
  6. # id :bigint(8) not null, primary key
  7. # email :string default(""), not null
  8. # created_at :datetime not null
  9. # updated_at :datetime not null
  10. # encrypted_password :string default(""), not null
  11. # reset_password_token :string
  12. # reset_password_sent_at :datetime
  13. # remember_created_at :datetime
  14. # sign_in_count :integer default(0), not null
  15. # current_sign_in_at :datetime
  16. # last_sign_in_at :datetime
  17. # current_sign_in_ip :inet
  18. # last_sign_in_ip :inet
  19. # admin :boolean default(FALSE), not null
  20. # confirmation_token :string
  21. # confirmed_at :datetime
  22. # confirmation_sent_at :datetime
  23. # unconfirmed_email :string
  24. # locale :string
  25. # encrypted_otp_secret :string
  26. # encrypted_otp_secret_iv :string
  27. # encrypted_otp_secret_salt :string
  28. # consumed_timestep :integer
  29. # otp_required_for_login :boolean default(FALSE), not null
  30. # last_emailed_at :datetime
  31. # otp_backup_codes :string is an Array
  32. # filtered_languages :string default([]), not null, is an Array
  33. # account_id :bigint(8) not null
  34. # disabled :boolean default(FALSE), not null
  35. # moderator :boolean default(FALSE), not null
  36. # invite_id :bigint(8)
  37. # remember_token :string
  38. # chosen_languages :string is an Array
  39. # created_by_application_id :bigint(8)
  40. # approved :boolean default(TRUE), not null
  41. #
  42. class User < ApplicationRecord
  43. include Settings::Extend
  44. include UserRoles
  45. # The home and list feeds will be stored in Redis for this amount
  46. # of time, and status fan-out to followers will include only people
  47. # within this time frame. Lowering the duration may improve performance
  48. # if lots of people sign up, but not a lot of them check their feed
  49. # every day. Raising the duration reduces the amount of expensive
  50. # RegenerationWorker jobs that need to be run when those people come
  51. # to check their feed
  52. ACTIVE_DURATION = ENV.fetch('USER_ACTIVE_DAYS', 7).to_i.days.freeze
  53. devise :two_factor_authenticatable,
  54. otp_secret_encryption_key: Rails.configuration.x.otp_secret
  55. devise :two_factor_backupable,
  56. otp_number_of_backup_codes: 10
  57. devise :registerable, :recoverable, :rememberable, :trackable, :validatable,
  58. :confirmable
  59. include Omniauthable
  60. include PamAuthenticable
  61. include LdapAuthenticable
  62. belongs_to :account, inverse_of: :user
  63. belongs_to :invite, counter_cache: :uses, optional: true
  64. belongs_to :created_by_application, class_name: 'Doorkeeper::Application', optional: true
  65. accepts_nested_attributes_for :account
  66. has_many :applications, class_name: 'Doorkeeper::Application', as: :owner
  67. has_many :backups, inverse_of: :user
  68. has_many :invites, inverse_of: :user
  69. has_many :markers, inverse_of: :user, dependent: :destroy
  70. has_one :invite_request, class_name: 'UserInviteRequest', inverse_of: :user, dependent: :destroy
  71. accepts_nested_attributes_for :invite_request, reject_if: ->(attributes) { attributes['text'].blank? }
  72. validates :locale, inclusion: I18n.available_locales.map(&:to_s), if: :locale?
  73. validates_with BlacklistedEmailValidator, on: :create
  74. validates_with EmailMxValidator, if: :validate_email_dns?
  75. validates :agreement, acceptance: { allow_nil: false, accept: [true, 'true', '1'] }, on: :create
  76. scope :recent, -> { order(id: :desc) }
  77. scope :pending, -> { where(approved: false) }
  78. scope :approved, -> { where(approved: true) }
  79. scope :confirmed, -> { where.not(confirmed_at: nil) }
  80. scope :enabled, -> { where(disabled: false) }
  81. scope :disabled, -> { where(disabled: true) }
  82. scope :inactive, -> { where(arel_table[:current_sign_in_at].lt(ACTIVE_DURATION.ago)) }
  83. scope :active, -> { confirmed.where(arel_table[:current_sign_in_at].gteq(ACTIVE_DURATION.ago)).joins(:account).where(accounts: { suspended_at: nil }) }
  84. scope :matches_email, ->(value) { where(arel_table[:email].matches("#{value}%")) }
  85. scope :matches_ip, ->(value) { left_joins(:session_activations).where('users.current_sign_in_ip <<= ?', value).or(left_joins(:session_activations).where('users.last_sign_in_ip <<= ?', value)).or(left_joins(:session_activations).where('session_activations.ip <<= ?', value)) }
  86. scope :emailable, -> { confirmed.enabled.joins(:account).merge(Account.searchable) }
  87. before_validation :sanitize_languages
  88. before_create :set_approved
  89. after_commit :send_pending_devise_notifications
  90. # This avoids a deprecation warning from Rails 5.1
  91. # It seems possible that a future release of devise-two-factor will
  92. # handle this itself, and this can be removed from our User class.
  93. attribute :otp_secret
  94. has_many :session_activations, dependent: :destroy
  95. delegate :auto_play_gif, :default_sensitive, :unfollow_modal, :boost_modal, :delete_modal,
  96. :reduce_motion, :system_font_ui, :noindex, :theme, :display_media, :hide_network,
  97. :expand_spoilers, :default_language, :aggregate_reblogs, :show_application,
  98. :advanced_layout, :use_blurhash, :use_pending_items, :trends, :crop_images,
  99. to: :settings, prefix: :setting, allow_nil: false
  100. attr_reader :invite_code
  101. attr_writer :external
  102. def confirmed?
  103. confirmed_at.present?
  104. end
  105. def invited?
  106. invite_id.present?
  107. end
  108. def valid_invitation?
  109. invite_id.present? && invite.valid_for_use?
  110. end
  111. def disable!
  112. update!(disabled: true)
  113. end
  114. def enable!
  115. update!(disabled: false)
  116. end
  117. def confirm
  118. new_user = !confirmed?
  119. self.approved = true if open_registrations?
  120. super
  121. if new_user && approved?
  122. prepare_new_user!
  123. elsif new_user
  124. notify_staff_about_pending_account!
  125. end
  126. end
  127. def confirm!
  128. new_user = !confirmed?
  129. self.approved = true if open_registrations?
  130. skip_confirmation!
  131. save!
  132. prepare_new_user! if new_user && approved?
  133. end
  134. def pending?
  135. !approved?
  136. end
  137. def active_for_authentication?
  138. true
  139. end
  140. def functional?
  141. confirmed? && approved? && !disabled? && !account.suspended? && account.moved_to_account_id.nil?
  142. end
  143. def unconfirmed_or_pending?
  144. !(confirmed? && approved?)
  145. end
  146. def inactive_message
  147. !approved? ? :pending : super
  148. end
  149. def approve!
  150. return if approved?
  151. update!(approved: true)
  152. prepare_new_user!
  153. end
  154. def update_tracked_fields!(request)
  155. super
  156. prepare_returning_user!
  157. end
  158. def disable_two_factor!
  159. self.otp_required_for_login = false
  160. otp_backup_codes&.clear
  161. save!
  162. end
  163. def setting_default_privacy
  164. settings.default_privacy || (account.locked? ? 'private' : 'public')
  165. end
  166. def allows_digest_emails?
  167. settings.notification_emails['digest']
  168. end
  169. def allows_report_emails?
  170. settings.notification_emails['report']
  171. end
  172. def allows_pending_account_emails?
  173. settings.notification_emails['pending_account']
  174. end
  175. def allows_trending_tag_emails?
  176. settings.notification_emails['trending_tag']
  177. end
  178. def hides_network?
  179. @hides_network ||= settings.hide_network
  180. end
  181. def aggregates_reblogs?
  182. @aggregates_reblogs ||= settings.aggregate_reblogs
  183. end
  184. def shows_application?
  185. @shows_application ||= settings.show_application
  186. end
  187. def token_for_app(a)
  188. return nil if a.nil? || a.owner != self
  189. Doorkeeper::AccessToken
  190. .find_or_create_by(application_id: a.id, resource_owner_id: id) do |t|
  191. t.scopes = a.scopes
  192. t.expires_in = Doorkeeper.configuration.access_token_expires_in
  193. t.use_refresh_token = Doorkeeper.configuration.refresh_token_enabled?
  194. end
  195. end
  196. def activate_session(request)
  197. session_activations.activate(session_id: SecureRandom.hex,
  198. user_agent: request.user_agent,
  199. ip: request.remote_ip).session_id
  200. end
  201. def clear_other_sessions(id)
  202. session_activations.exclusive(id)
  203. end
  204. def session_active?(id)
  205. session_activations.active? id
  206. end
  207. def web_push_subscription(session)
  208. session.web_push_subscription.nil? ? nil : session.web_push_subscription
  209. end
  210. def invite_code=(code)
  211. self.invite = Invite.find_by(code: code) if code.present?
  212. @invite_code = code
  213. end
  214. def password_required?
  215. return false if external?
  216. super
  217. end
  218. def send_reset_password_instructions
  219. return false if encrypted_password.blank?
  220. super
  221. end
  222. def reset_password!(new_password, new_password_confirmation)
  223. return false if encrypted_password.blank?
  224. super
  225. end
  226. def show_all_media?
  227. setting_display_media == 'show_all'
  228. end
  229. def hide_all_media?
  230. setting_display_media == 'hide_all'
  231. end
  232. def recent_ips
  233. @recent_ips ||= begin
  234. arr = []
  235. session_activations.each do |session_activation|
  236. arr << [session_activation.updated_at, session_activation.ip]
  237. end
  238. arr << [current_sign_in_at, current_sign_in_ip] if current_sign_in_ip.present?
  239. arr << [last_sign_in_at, last_sign_in_ip] if last_sign_in_ip.present?
  240. arr.sort_by { |pair| pair.first || Time.now.utc }.uniq(&:last).reverse!
  241. end
  242. end
  243. protected
  244. def send_devise_notification(notification, *args)
  245. # This method can be called in `after_update` and `after_commit` hooks,
  246. # but we must make sure the mailer is actually called *after* commit,
  247. # otherwise it may work on stale data. To do this, figure out if we are
  248. # within a transaction.
  249. if ActiveRecord::Base.connection.current_transaction.try(:records)&.include?(self)
  250. pending_devise_notifications << [notification, args]
  251. else
  252. render_and_send_devise_message(notification, *args)
  253. end
  254. end
  255. private
  256. def send_pending_devise_notifications
  257. pending_devise_notifications.each do |notification, args|
  258. render_and_send_devise_message(notification, *args)
  259. end
  260. # Empty the pending notifications array because the
  261. # after_commit hook can be called multiple times which
  262. # could cause multiple emails to be sent.
  263. pending_devise_notifications.clear
  264. end
  265. def pending_devise_notifications
  266. @pending_devise_notifications ||= []
  267. end
  268. def render_and_send_devise_message(notification, *args)
  269. devise_mailer.send(notification, self, *args).deliver_later
  270. end
  271. def set_approved
  272. self.approved = open_registrations? || valid_invitation? || external?
  273. end
  274. def open_registrations?
  275. Setting.registrations_mode == 'open'
  276. end
  277. def external?
  278. !!@external
  279. end
  280. def sanitize_languages
  281. return if chosen_languages.nil?
  282. chosen_languages.reject!(&:blank?)
  283. self.chosen_languages = nil if chosen_languages.empty?
  284. end
  285. def prepare_new_user!
  286. BootstrapTimelineWorker.perform_async(account_id)
  287. ActivityTracker.increment('activity:accounts:local')
  288. UserMailer.welcome(self).deliver_later
  289. end
  290. def prepare_returning_user!
  291. ActivityTracker.record('activity:logins', id)
  292. regenerate_feed! if needs_feed_update?
  293. end
  294. def notify_staff_about_pending_account!
  295. User.staff.includes(:account).each do |u|
  296. next unless u.allows_pending_account_emails?
  297. AdminMailer.new_pending_account(u.account, self).deliver_later
  298. end
  299. end
  300. def regenerate_feed!
  301. return unless Redis.current.setnx("account:#{account_id}:regeneration", true)
  302. Redis.current.expire("account:#{account_id}:regeneration", 1.day.seconds)
  303. RegenerationWorker.perform_async(account_id)
  304. end
  305. def needs_feed_update?
  306. last_sign_in_at < ACTIVE_DURATION.ago
  307. end
  308. def validate_email_dns?
  309. email_changed? && !(Rails.env.test? || Rails.env.development?)
  310. end
  311. end