Loading Changelog.md +1 −0 Original line number Diff line number Diff line Loading @@ -138,6 +138,7 @@ The command will report queues that still have jobs and launch sidekiq process f * Remove some unused routes [#6781](https://github.com/diaspora/diaspora/pull/6781) * Consolidate sidekiq queues [#6950](https://github.com/diaspora/diaspora/pull/6950) * Don't re-render the whole comment stream when adding comments [#6406](https://github.com/diaspora/diaspora/pull/6406) * Drop legacy invitation system [#6976](https://github.com/diaspora/diaspora/pull/6976) ## Bug fixes * Destroy Participation when removing interactions with a post [#5852](https://github.com/diaspora/diaspora/pull/5852) Loading app/controllers/invitations_controller.rb +23 −52 Original line number Diff line number Diff line Loading @@ -3,8 +3,8 @@ # the COPYRIGHT file. class InvitationsController < ApplicationController before_action :authenticate_user!, :only => [:new, :create] before_action :authenticate_user! before_action :check_invitations_available!, only: :create def new @invite_code = current_user.invitation_code Loading @@ -14,43 +14,13 @@ class InvitationsController < ApplicationController respond_to do |format| format.html do render 'invitations/new', layout: false end render "invitations/new", layout: false end end # this is for legacy invites. We try to look the person who sent them the # invite, and use their new invite code # owe will be removing this eventually # @depreciated def edit user = User.find_by_invitation_token(params[:invitation_token]) invitation_code = user.ugly_accept_invitation_code redirect_to invite_code_path(invitation_code) end def email @invitation_code = if params[:invitation_token] # this is for legacy invites. user = User.find_by_invitation_token(params[:invitation_token]) user.ugly_accept_invitation_code if user else params[:invitation_code] end @inviter = user || InvitationCode.where(id: params[:invitation_code]).first.try(:user) if @invitation_code.present? render 'notifier/invite', :layout => false else flash[:error] = t('invitations.check_token.not_found') redirect_to root_url end end def create emails = inviter_params[:emails].split(',').map(&:strip).uniq emails = inviter_params[:emails].split(",").map(&:strip).uniq valid_emails, invalid_emails = emails.partition {|email| valid_email?(email) } Loading @@ -58,35 +28,36 @@ class InvitationsController < ApplicationController session[:invalid_email_invites] = invalid_emails unless valid_emails.empty? Workers::Mail::InviteEmail.perform_async(valid_emails.join(','), current_user.id, inviter_params) Workers::Mail::InviteEmail.perform_async(valid_emails.join(","), current_user.id, inviter_params) end if emails.empty? flash[:error] = t('invitations.create.empty') flash[:error] = t("invitations.create.empty") elsif invalid_emails.empty? flash[:notice] = t('invitations.create.sent', :emails => valid_emails.join(', ')) flash[:notice] = t("invitations.create.sent", emails: valid_emails.join(", ")) elsif valid_emails.empty? flash[:error] = t('invitations.create.rejected') + invalid_emails.join(', ') flash[:error] = t("invitations.create.rejected", emails: invalid_emails.join(", ")) else flash[:error] = t('invitations.create.sent', :emails => valid_emails.join(', ')) flash[:error] << '. ' flash[:error] << t('invitations.create.rejected') + invalid_emails.join(', ') flash[:error] = t("invitations.create.sent", emails: valid_emails.join(", ")) + ". " + t("invitations.create.rejected", emails: invalid_emails.join(", ")) end redirect_to :back end def check_if_invites_open unless AppConfig.settings.invitations.open? flash[:error] = I18n.t 'invitations.create.no_more' private redirect_to :back def check_invitations_available! return true if AppConfig.settings.enable_registrations? || current_user.invitation_code.can_be_used? flash[:error] = if AppConfig.settings.invitations.open? t("invitations.create.no_more") else t("invitations.create.closed") end redirect_to :back end private def valid_email?(email) User.email_regexp.match(email).present? end Loading @@ -94,9 +65,9 @@ class InvitationsController < ApplicationController def html_safe_string_from_session_array(key) return "" unless session[key].present? return "" unless session[key].respond_to?(:join) value = session[key].join(', ').html_safe value = session[key].join(", ").html_safe session[key] = nil return value value end def inviter_params Loading app/controllers/registrations_controller.rb +15 −25 Original line number Diff line number Diff line Loading @@ -3,16 +3,16 @@ # the COPYRIGHT file. class RegistrationsController < Devise::RegistrationsController before_action :check_registrations_open_or_valid_invite!, :check_valid_invite! before_action :check_registrations_open_or_valid_invite! layout ->(c) { request.format == :mobile ? "application" : "with_header" }, :only => [:new] layout -> { request.format == :mobile ? "application" : "with_header" } def create @user = User.build(user_params) @user.process_invite_acceptence(invite) if invite.present? if @user.sign_up flash[:notice] = I18n.t 'registrations.create.success' flash[:notice] = t("registrations.create.success") @user.process_invite_acceptence(invite) if invite.present? @user.seed_aspects @user.send_welcome_message sign_in_and_redirect(:user, @user) Loading @@ -22,40 +22,30 @@ class RegistrationsController < Devise::RegistrationsController flash.now[:error] = @user.errors.full_messages.join(" - ") logger.info "event=registration status=failure errors='#{@user.errors.full_messages.join(', ')}'" render action: "new", layout: request.format == :mobile ? "application" : "with_header" render action: "new" end end def new super end private def check_valid_invite! return true if AppConfig.settings.enable_registrations? #this sucks return true if invite && invite.can_be_used? flash[:error] = t('registrations.invalid_invite') redirect_to new_user_session_path end def check_registrations_open_or_valid_invite! return true if invite.present? unless AppConfig.settings.enable_registrations? flash[:error] = t('registrations.closed') return true if AppConfig.settings.enable_registrations? || invite.try(:can_be_used?) flash[:error] = params[:invite] ? t("registrations.invalid_invite") : t("registrations.closed") redirect_to new_user_session_path end end def invite if params[:invite].present? @invite ||= InvitationCode.find_by_token(params[:invite][:token]) end @invite ||= InvitationCode.find_by_token(params[:invite][:token]) if params[:invite].present? end helper_method :invite def user_params params.require(:user).permit(:username, :email, :getting_started, :password, :password_confirmation, :language, :disable_mail, :invitation_service, :invitation_identifier, :show_community_spotlight_in_stream, :auto_follow_back, :auto_follow_back_aspect_id, :remember_me, :captcha, :captcha_key) params.require(:user).permit( :username, :email, :getting_started, :password, :password_confirmation, :language, :disable_mail, :show_community_spotlight_in_stream, :auto_follow_back, :auto_follow_back_aspect_id, :remember_me, :captcha, :captcha_key ) end end app/models/invitation.rbdeleted 100644 → 0 +0 −151 Original line number Diff line number Diff line # Copyright (c) 2010-2011, Diaspora Inc. This file is # licensed under the Affero General Public License version 3 or later. See # the COPYRIGHT file. #TODO: kill me class Invitation < ActiveRecord::Base belongs_to :sender, :class_name => 'User' belongs_to :recipient, :class_name => 'User' belongs_to :aspect before_validation :set_email_as_default_service # before_create :share_with_exsisting_user, :if => :recipient_id? validates :identifier, :presence => true validates :service, :presence => true validate :valid_identifier? validate :recipient_not_on_pod? validates_presence_of :sender, :aspect, :unless => :admin? validate :ensure_not_inviting_self, :on => :create, :unless => :admin? validate :sender_owns_aspect?, :unless => :admin? validates_uniqueness_of :sender_id, :scope => [:identifier, :service], :unless => :admin? # @note options hash is passed through to [Invitation.new] # @see [Invitation.new] # # @param [Array<String>] emails # @option opts [User] :sender # @option opts [Aspect] :aspect # @option opts [String] :service # @return [Array<Invitation>] An array of [Invitation] models # the valid optsnes are saved, and the invalid ones are not. def self.batch_invite(emails, opts) users_on_pod = User.where(:email => emails, :invitation_token => nil) #share with anyone whose email you entered who is on the pod users_on_pod.each{|u| opts[:sender].share_with(u.person, opts[:aspect])} emails.map! do |e| user = users_on_pod.find{|u| u.email == e} Invitation.create(opts.merge(:identifier => e, :recipient => user)) end emails end # Downcases the incoming service identifier and assigns it # # @param ident [String] Service identifier # @see super def identifier=(ident) ident.downcase! if ident super end # Determine if we want to skip emailing the recipient. # # @return [Boolean] # @return [void] def skip_email? !email_like_identifer end # Find or create user, and send that resultant User an # invitation. # # @return [Invitation] self def send! if email_like_identifer EmailInviter.new(self.identifier, sender).send! else puts "broken facebook invitation_token" end self end # converts a personal invitation to an admin invite # used in account deletion # @return [Invitation] self def convert_to_admin! self.admin = true self.sender = nil self.aspect = nil self.save self end # @return [Invitation] self def resend self.send! end # @return [String] def recipient_identifier case self.service when 'email' self.identifier when'facebook' I18n.t('invitations.a_facebook_user') end end # @return [String] def email_like_identifer case self.service when 'email' self.identifier when 'facebook' false end end # @note before_save def set_email_as_default_service self.service ||= 'email' end # @note Validation def ensure_not_inviting_self if self.identifier == self.sender.email errors[:base] << 'You can not invite yourself.' end end # @note Validation def sender_owns_aspect? if self.sender_id != self.aspect.user_id errors[:base] << 'You do not own that aspect.' end end def recipient_not_on_pod? return true if self.recipient.nil? if self.recipient.username? errors[:recipient] << "The user '#{self.identifier}' (#{self.recipient.diaspora_handle}) is already on this pod, so we sent them a share request" end end # @note Validation def valid_identifier? return false unless self.identifier if self.service == 'email' unless self.identifier.match(Devise.email_regexp) errors[:base] << 'invalid email' end end end end app/models/invitation_code.rb +3 −3 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ class InvitationCode < ActiveRecord::Base end def can_be_used? self.count > 0 count > 0 && AppConfig.settings.invitations.open? end def add_invites! Loading Loading
Changelog.md +1 −0 Original line number Diff line number Diff line Loading @@ -138,6 +138,7 @@ The command will report queues that still have jobs and launch sidekiq process f * Remove some unused routes [#6781](https://github.com/diaspora/diaspora/pull/6781) * Consolidate sidekiq queues [#6950](https://github.com/diaspora/diaspora/pull/6950) * Don't re-render the whole comment stream when adding comments [#6406](https://github.com/diaspora/diaspora/pull/6406) * Drop legacy invitation system [#6976](https://github.com/diaspora/diaspora/pull/6976) ## Bug fixes * Destroy Participation when removing interactions with a post [#5852](https://github.com/diaspora/diaspora/pull/5852) Loading
app/controllers/invitations_controller.rb +23 −52 Original line number Diff line number Diff line Loading @@ -3,8 +3,8 @@ # the COPYRIGHT file. class InvitationsController < ApplicationController before_action :authenticate_user!, :only => [:new, :create] before_action :authenticate_user! before_action :check_invitations_available!, only: :create def new @invite_code = current_user.invitation_code Loading @@ -14,43 +14,13 @@ class InvitationsController < ApplicationController respond_to do |format| format.html do render 'invitations/new', layout: false end render "invitations/new", layout: false end end # this is for legacy invites. We try to look the person who sent them the # invite, and use their new invite code # owe will be removing this eventually # @depreciated def edit user = User.find_by_invitation_token(params[:invitation_token]) invitation_code = user.ugly_accept_invitation_code redirect_to invite_code_path(invitation_code) end def email @invitation_code = if params[:invitation_token] # this is for legacy invites. user = User.find_by_invitation_token(params[:invitation_token]) user.ugly_accept_invitation_code if user else params[:invitation_code] end @inviter = user || InvitationCode.where(id: params[:invitation_code]).first.try(:user) if @invitation_code.present? render 'notifier/invite', :layout => false else flash[:error] = t('invitations.check_token.not_found') redirect_to root_url end end def create emails = inviter_params[:emails].split(',').map(&:strip).uniq emails = inviter_params[:emails].split(",").map(&:strip).uniq valid_emails, invalid_emails = emails.partition {|email| valid_email?(email) } Loading @@ -58,35 +28,36 @@ class InvitationsController < ApplicationController session[:invalid_email_invites] = invalid_emails unless valid_emails.empty? Workers::Mail::InviteEmail.perform_async(valid_emails.join(','), current_user.id, inviter_params) Workers::Mail::InviteEmail.perform_async(valid_emails.join(","), current_user.id, inviter_params) end if emails.empty? flash[:error] = t('invitations.create.empty') flash[:error] = t("invitations.create.empty") elsif invalid_emails.empty? flash[:notice] = t('invitations.create.sent', :emails => valid_emails.join(', ')) flash[:notice] = t("invitations.create.sent", emails: valid_emails.join(", ")) elsif valid_emails.empty? flash[:error] = t('invitations.create.rejected') + invalid_emails.join(', ') flash[:error] = t("invitations.create.rejected", emails: invalid_emails.join(", ")) else flash[:error] = t('invitations.create.sent', :emails => valid_emails.join(', ')) flash[:error] << '. ' flash[:error] << t('invitations.create.rejected') + invalid_emails.join(', ') flash[:error] = t("invitations.create.sent", emails: valid_emails.join(", ")) + ". " + t("invitations.create.rejected", emails: invalid_emails.join(", ")) end redirect_to :back end def check_if_invites_open unless AppConfig.settings.invitations.open? flash[:error] = I18n.t 'invitations.create.no_more' private redirect_to :back def check_invitations_available! return true if AppConfig.settings.enable_registrations? || current_user.invitation_code.can_be_used? flash[:error] = if AppConfig.settings.invitations.open? t("invitations.create.no_more") else t("invitations.create.closed") end redirect_to :back end private def valid_email?(email) User.email_regexp.match(email).present? end Loading @@ -94,9 +65,9 @@ class InvitationsController < ApplicationController def html_safe_string_from_session_array(key) return "" unless session[key].present? return "" unless session[key].respond_to?(:join) value = session[key].join(', ').html_safe value = session[key].join(", ").html_safe session[key] = nil return value value end def inviter_params Loading
app/controllers/registrations_controller.rb +15 −25 Original line number Diff line number Diff line Loading @@ -3,16 +3,16 @@ # the COPYRIGHT file. class RegistrationsController < Devise::RegistrationsController before_action :check_registrations_open_or_valid_invite!, :check_valid_invite! before_action :check_registrations_open_or_valid_invite! layout ->(c) { request.format == :mobile ? "application" : "with_header" }, :only => [:new] layout -> { request.format == :mobile ? "application" : "with_header" } def create @user = User.build(user_params) @user.process_invite_acceptence(invite) if invite.present? if @user.sign_up flash[:notice] = I18n.t 'registrations.create.success' flash[:notice] = t("registrations.create.success") @user.process_invite_acceptence(invite) if invite.present? @user.seed_aspects @user.send_welcome_message sign_in_and_redirect(:user, @user) Loading @@ -22,40 +22,30 @@ class RegistrationsController < Devise::RegistrationsController flash.now[:error] = @user.errors.full_messages.join(" - ") logger.info "event=registration status=failure errors='#{@user.errors.full_messages.join(', ')}'" render action: "new", layout: request.format == :mobile ? "application" : "with_header" render action: "new" end end def new super end private def check_valid_invite! return true if AppConfig.settings.enable_registrations? #this sucks return true if invite && invite.can_be_used? flash[:error] = t('registrations.invalid_invite') redirect_to new_user_session_path end def check_registrations_open_or_valid_invite! return true if invite.present? unless AppConfig.settings.enable_registrations? flash[:error] = t('registrations.closed') return true if AppConfig.settings.enable_registrations? || invite.try(:can_be_used?) flash[:error] = params[:invite] ? t("registrations.invalid_invite") : t("registrations.closed") redirect_to new_user_session_path end end def invite if params[:invite].present? @invite ||= InvitationCode.find_by_token(params[:invite][:token]) end @invite ||= InvitationCode.find_by_token(params[:invite][:token]) if params[:invite].present? end helper_method :invite def user_params params.require(:user).permit(:username, :email, :getting_started, :password, :password_confirmation, :language, :disable_mail, :invitation_service, :invitation_identifier, :show_community_spotlight_in_stream, :auto_follow_back, :auto_follow_back_aspect_id, :remember_me, :captcha, :captcha_key) params.require(:user).permit( :username, :email, :getting_started, :password, :password_confirmation, :language, :disable_mail, :show_community_spotlight_in_stream, :auto_follow_back, :auto_follow_back_aspect_id, :remember_me, :captcha, :captcha_key ) end end
app/models/invitation.rbdeleted 100644 → 0 +0 −151 Original line number Diff line number Diff line # Copyright (c) 2010-2011, Diaspora Inc. This file is # licensed under the Affero General Public License version 3 or later. See # the COPYRIGHT file. #TODO: kill me class Invitation < ActiveRecord::Base belongs_to :sender, :class_name => 'User' belongs_to :recipient, :class_name => 'User' belongs_to :aspect before_validation :set_email_as_default_service # before_create :share_with_exsisting_user, :if => :recipient_id? validates :identifier, :presence => true validates :service, :presence => true validate :valid_identifier? validate :recipient_not_on_pod? validates_presence_of :sender, :aspect, :unless => :admin? validate :ensure_not_inviting_self, :on => :create, :unless => :admin? validate :sender_owns_aspect?, :unless => :admin? validates_uniqueness_of :sender_id, :scope => [:identifier, :service], :unless => :admin? # @note options hash is passed through to [Invitation.new] # @see [Invitation.new] # # @param [Array<String>] emails # @option opts [User] :sender # @option opts [Aspect] :aspect # @option opts [String] :service # @return [Array<Invitation>] An array of [Invitation] models # the valid optsnes are saved, and the invalid ones are not. def self.batch_invite(emails, opts) users_on_pod = User.where(:email => emails, :invitation_token => nil) #share with anyone whose email you entered who is on the pod users_on_pod.each{|u| opts[:sender].share_with(u.person, opts[:aspect])} emails.map! do |e| user = users_on_pod.find{|u| u.email == e} Invitation.create(opts.merge(:identifier => e, :recipient => user)) end emails end # Downcases the incoming service identifier and assigns it # # @param ident [String] Service identifier # @see super def identifier=(ident) ident.downcase! if ident super end # Determine if we want to skip emailing the recipient. # # @return [Boolean] # @return [void] def skip_email? !email_like_identifer end # Find or create user, and send that resultant User an # invitation. # # @return [Invitation] self def send! if email_like_identifer EmailInviter.new(self.identifier, sender).send! else puts "broken facebook invitation_token" end self end # converts a personal invitation to an admin invite # used in account deletion # @return [Invitation] self def convert_to_admin! self.admin = true self.sender = nil self.aspect = nil self.save self end # @return [Invitation] self def resend self.send! end # @return [String] def recipient_identifier case self.service when 'email' self.identifier when'facebook' I18n.t('invitations.a_facebook_user') end end # @return [String] def email_like_identifer case self.service when 'email' self.identifier when 'facebook' false end end # @note before_save def set_email_as_default_service self.service ||= 'email' end # @note Validation def ensure_not_inviting_self if self.identifier == self.sender.email errors[:base] << 'You can not invite yourself.' end end # @note Validation def sender_owns_aspect? if self.sender_id != self.aspect.user_id errors[:base] << 'You do not own that aspect.' end end def recipient_not_on_pod? return true if self.recipient.nil? if self.recipient.username? errors[:recipient] << "The user '#{self.identifier}' (#{self.recipient.diaspora_handle}) is already on this pod, so we sent them a share request" end end # @note Validation def valid_identifier? return false unless self.identifier if self.service == 'email' unless self.identifier.match(Devise.email_regexp) errors[:base] << 'invalid email' end end end end
app/models/invitation_code.rb +3 −3 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ class InvitationCode < ActiveRecord::Base end def can_be_used? self.count > 0 count > 0 && AppConfig.settings.invitations.open? end def add_invites! Loading
