Skip to content
This repository has been archived by the owner on Oct 11, 2022. It is now read-only.

Commit

Permalink
Merge pull request #4261 from withspectrum/2.4.69
Browse files Browse the repository at this point in the history
2.4.69
  • Loading branch information
brianlovin authored Nov 17, 2018
2 parents 5dd6b12 + 4defd64 commit aa7a732
Show file tree
Hide file tree
Showing 37 changed files with 10,409 additions and 5,393 deletions.
4,270 changes: 3,097 additions & 1,173 deletions admin/yarn.lock

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion analytics/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
"amplitude": "^3.5.0",
"aws-sdk": "^2.354.0",
"bull": "3.3.10",
"debug": "^4.1.0",
"faker": "^4.1.0",
"lodash.intersection": "^4.4.0",
"node-env-file": "^0.1.8",
Expand All @@ -17,7 +18,6 @@
"rethinkdbdash": "^2.3.29",
"sanitize-filename": "^1.6.1",
"sha1": "^1.1.1",
"shortid": "^2.2.14",
"source-map-support": "^0.5.9",
"toobusy-js": "^0.5.1"
}
Expand Down
242 changes: 166 additions & 76 deletions analytics/yarn.lock

Large diffs are not rendered by default.

8 changes: 0 additions & 8 deletions api/authentication.js
Original file line number Diff line number Diff line change
Expand Up @@ -131,8 +131,6 @@ const init = () => {
profile._json.entities.url.urls.length > 0
? profile._json.entities.url.urls[0].expanded_url
: '',
createdAt: new Date(),
lastSeen: new Date(),
};

return createOrFindUser(user, 'providerId')
Expand Down Expand Up @@ -198,8 +196,6 @@ const init = () => {
? profile.photos[0].value
: null,
coverPhoto: profile._json.cover ? profile._json.cover.source : '',
createdAt: new Date(),
lastSeen: new Date(),
};

return createOrFindUser(user, 'fbProviderId')
Expand Down Expand Up @@ -264,8 +260,6 @@ const init = () => {
profile._json.urls && profile._json.urls.length > 0
? profile._json.urls[0].value
: '',
createdAt: new Date(),
lastSeen: new Date(),
};

return createOrFindUser(user, 'googleProviderId')
Expand Down Expand Up @@ -377,8 +371,6 @@ const init = () => {
null,
profilePhoto:
(profile._json.avatar_url && profile._json.avatar_url) || null,
createdAt: new Date(),
lastSeen: new Date(),
};

return createOrFindUser(user, 'githubProviderId')
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
exports.up = async (r, conn) => {
return r
.table('users')
.update({
termsLastAcceptedAt: r.row('createdAt'),
})
.run(conn);
};

exports.down = function(r, conn) {
return r
.table('users')
.update({
termsLastAcceptedAt: r.literal(),
})
.run(conn);
};
6 changes: 3 additions & 3 deletions api/models/channelSettings.js
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
const { db } = require('shared/db');
import type { DBChannelSettings, DBChannel } from 'shared/types';
import { getChannelById } from './channel';
import shortid from 'shortid';
import { events } from 'shared/analytics';
import { trackQueue } from 'shared/bull/queues';
import uuidv4 from 'uuid/v4';

const defaultSettings = {
joinSettings: {
Expand Down Expand Up @@ -74,7 +74,7 @@ export const enableChannelTokenJoin = (channelId: string, userId: string) => {
.update({
joinSettings: {
tokenJoinEnabled: true,
token: shortid.generate(),
token: uuidv4(),
},
})
.run()
Expand Down Expand Up @@ -117,7 +117,7 @@ export const resetChannelJoinToken = (channelId: string, userId: string) => {
.getAll(channelId, { index: 'channelId' })
.update({
joinSettings: {
token: shortid.generate(),
token: uuidv4(),
},
})
.run()
Expand Down
6 changes: 3 additions & 3 deletions api/models/communitySettings.js
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
const { db } = require('shared/db');
import type { DBCommunitySettings, DBCommunity } from 'shared/types';
import { getCommunityById } from './community';
import shortid from 'shortid';
import uuidv4 from 'uuid/v4';
import axios from 'axios';
import { decryptString } from 'shared/encryption';
import { trackQueue } from 'shared/bull/queues';
Expand Down Expand Up @@ -390,7 +390,7 @@ export const enableCommunityTokenJoin = (
.update({
joinSettings: {
tokenJoinEnabled: true,
token: shortid.generate(),
token: uuidv4(),
},
})
.run()
Expand Down Expand Up @@ -439,7 +439,7 @@ export const resetCommunityJoinToken = (
.getAll(communityId, { index: 'communityId' })
.update({
joinSettings: {
token: shortid.generate(),
token: uuidv4(),
},
})
.run()
Expand Down
17 changes: 15 additions & 2 deletions api/mutations/communityMember/blockCommunityMember.js
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ export default requireAuth(async (_: any, args: Input, ctx: GraphQLContext) => {
const { user, loaders } = ctx;
const { communityId, userId: userToEvaluateId } = args.input;

if (!await canModerateCommunity(user.id, communityId, loaders)) {
if (!(await canModerateCommunity(user.id, communityId, loaders))) {
trackQueue.add({
userId: user.id,
event: events.USER_BLOCKED_MEMBER_IN_COMMUNITY_FAILED,
Expand Down Expand Up @@ -59,7 +59,7 @@ export default requireAuth(async (_: any, args: Input, ctx: GraphQLContext) => {
return new UserError("We couldn't find that community.");
}

if (!userToEvaluatePermissions || userToEvaluatePermissions === 0) {
if (!userToEvaluatePermissions || userToEvaluatePermissions.length === 0) {
trackQueue.add({
userId: user.id,
event: events.USER_BLOCKED_MEMBER_IN_COMMUNITY_FAILED,
Expand Down Expand Up @@ -100,6 +100,19 @@ export default requireAuth(async (_: any, args: Input, ctx: GraphQLContext) => {
return new UserError('This person is already blocked in your community.');
}

if (userToEvaluatePermission.isOwner) {
trackQueue.add({
userId: user.id,
event: events.USER_BLOCKED_MEMBER_IN_COMMUNITY_FAILED,
context: { communityId },
properties: {
reason: 'user is owner',
},
});

return new UserError('The owner of the community cannot be blocked.');
}

const channels = await getChannelsByCommunity(community.id);
const channelIds = channels.map(c => c.id);
const blockInChannelPromises = channelIds.map(async channelId => {
Expand Down
8 changes: 5 additions & 3 deletions api/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
"cryptr": "^3.0.0",
"dataloader": "^1.4.0",
"debounce": "^1.2.0",
"debug": "^2.6.8",
"debug": "^4.1.0",
"decode-uri-component": "^0.2.0",
"draft-js": "^0.10.5",
"draft-js-code-editor-plugin": "0.2.1",
Expand All @@ -41,6 +41,7 @@
"draftjs-to-markdown": "^0.4.2",
"emoji-regex": "^6.1.1",
"express": "^4.16.4",
"express-enforces-ssl": "^1.1.0",
"express-session": "^1.15.2",
"faker": "^4.1.0",
"find-with-regex": "^1.1.3",
Expand All @@ -57,13 +58,14 @@
"hoist-non-react-statics": "^2.5.5",
"host-validation": "^1.2.0",
"hpp": "^0.2.2",
"hsts": "^2.1.0",
"imgix-core-js": "^1.2.0",
"immutability-helper": "^2.8.1",
"isomorphic-fetch": "^2.2.1",
"iterall": "^1.2.2",
"jest": "^21.2.1",
"json-stringify-pretty-compact": "^1.2.0",
"jsonwebtoken": "^8.3.0",
"jsonwebtoken": "^8.4.0",
"keygrip": "^1.0.3",
"linkify-it": "^2.0.3",
"localstorage-memory": "^1.0.2",
Expand Down Expand Up @@ -114,7 +116,6 @@
"sanitize-filename": "^1.6.1",
"serialize-javascript": "^1.5.0",
"session-rethinkdb": "^2.0.0",
"shortid": "^2.2.14",
"slate": "^0.44.6",
"slate-markdown": "0.1.0",
"slugg": "^1.1.0",
Expand All @@ -126,6 +127,7 @@
"sw-precache-webpack-plugin": "^0.11.5",
"then-queue": "^1.3.0",
"toobusy-js": "^0.5.1",
"uuid": "^3.3.2",
"validator": "^9.4.1",
"web-push": "^3.3.3"
},
Expand Down
2 changes: 1 addition & 1 deletion api/routes/auth/logout.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ const HOME = IS_PROD ? '/' : 'http://localhost:3000/';
const logoutRouter = Router();

logoutRouter.get('/', (req, res) => {
req.session = null;
req.logout();
return res.redirect(HOME);
});

Expand Down
6 changes: 3 additions & 3 deletions api/utils/file-system.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
// @flow
import shortid from 'shortid';
import uuidv4 from 'uuid/v4';
import fs from 'fs';

import type { FileUpload, EntityTypes } from 'shared/types';
Expand All @@ -25,12 +25,12 @@ export const uploadImage = async (
): Promise<string> => {
const result = await file;

if (!await dirExists(STORAGE_DIR)) {
if (!(await dirExists(STORAGE_DIR))) {
await createUploadsDir(STORAGE_DIR);
}

return new Promise(res => {
const filePath = `${shortid.generate()}-${entity}-${id}`;
const filePath = `${uuidv4()}-${entity}-${id}`;
const { stream } = result;
stream.pipe(fs.createWriteStream(`${STORAGE_DIR}/${filePath}`));
stream.on('end', () => {
Expand Down
2 changes: 1 addition & 1 deletion api/utils/is-spectrum-url.js
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ export default (url: string): boolean => {
const { hostname, protocol } = new URL(url);
// hostname might be spectrum.chat or subdomain.spectrum.chat, so we use .endsWith
// We don't just check .contains because otherwise folks could make spectrum.chat.mydomain.com
const IS_SPECTRUM_URL = hostname.endsWith('spectrum.chat');
const IS_SPECTRUM_URL = hostname.endsWith('.spectrum.chat');
const IS_LOCALHOST = hostname === 'localhost';
const IS_HTTP = protocol === 'https:' || protocol === 'http:';
// Make sure the passed redirect URL is a spectrum.chat one or (in development) localhost
Expand Down
29 changes: 17 additions & 12 deletions api/utils/permissions.js
Original file line number Diff line number Diff line change
Expand Up @@ -88,12 +88,12 @@ export const canModerateChannel = async (userId: string, channelId: string, load
]);

if (!communityPermissions) return false;
if (communityPermissions.isOwner || communityPermissions.isModerator)
return true;
if (!channelPermissions) return false;
if (channelPermissions.isOwner || channelPermissions.isModerator) return true;
if (communityPermissions.isBlocked) return false
if (communityPermissions.isOwner || communityPermissions.isModerator) return true

return false;
if (!channelPermissions) return false;
if (channelPermissions.isBlocked) return false
return channelPermissions.isOwner || channelPermissions.isModerator
};

// prettier-ignore
Expand All @@ -108,8 +108,9 @@ export const canAdministerCommunity = async (userId: string, communityId: string
communityId,
]);

if (communityPermissions && communityPermissions.isOwner) return true;
return false;
if (!communityPermissions) return false
if (communityPermissions.isBlocked) return false
return communityPermissions.isOwner
};

// prettier-igore
Expand All @@ -129,9 +130,8 @@ export const canModerateCommunity = async (
]);

if (!communityPermissions) return false;
if (communityPermissions.isOwner || communityPermissions.isModerator)
return true;
return false;
if (communityPermissions.isBlocked) return false;
return communityPermissions.isOwner || communityPermissions.isModerator;
};

// prettier-ignore
Expand All @@ -151,6 +151,7 @@ export const canViewCommunity = async (user: DBUser, communityId: string, loader
]);

if (!communityPermissions) return false;
if (communityPermissions.isBlocked) return false
if (!communityPermissions.isMember) return false

return true;
Expand Down Expand Up @@ -178,8 +179,10 @@ export const canViewThread = async (
]);

if (!channel.isPrivate && !community.isPrivate) return true;
if (channel.isPrivate) return channelPermissions.isMember;
if (community.isPrivate) return communityPermissions.isMember;
if (channel.isPrivate)
return channelPermissions.isMember && !channelPermissions.isBlocked;
if (community.isPrivate)
return communityPermissions.isMember && !communityPermissions.isBlocked;
return false;
};

Expand Down Expand Up @@ -236,6 +239,8 @@ export const canViewChannel = async (user: DBUser, channelId: string, loaders: a
if (community.isPrivate && !communityPermissions) return false
if (channel.isPrivate && !channelPermissions.isMember) return false
if (community.isPrivate && !communityPermissions.isMember) return false
if (channelPermissions && channelPermissions.isBlocked) return false
if (communityPermissions && communityPermissions.isBlocked) return false

return true
}
4 changes: 2 additions & 2 deletions api/utils/s3.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
// @flow
require('now-env');
import AWS from 'aws-sdk';
import shortid from 'shortid';
import uuidv4 from 'uuid/v4';
import _ from 'lodash';
import Raven from 'shared/raven';
import sanitize from 'sanitize-filename';
Expand Down Expand Up @@ -54,7 +54,7 @@ export const uploadImage = async (
}

const path = `spectrum-chat/${entity}/${id}`;
const fileKey = `${shortid.generate()}-${encoded}`;
const fileKey = `${uuidv4()}-${encoded}`;
return s3.upload(
{
Bucket: path,
Expand Down
Loading

0 comments on commit aa7a732

Please sign in to comment.