2014-01-30 16:10:36 -06:00
|
|
|
class GroupsController < ApplicationController
|
|
|
|
|
2018-01-31 22:17:59 -06:00
|
|
|
requires_login only: [
|
2016-11-29 02:25:02 -06:00
|
|
|
:set_notifications,
|
|
|
|
:mentionable,
|
2017-08-28 11:32:08 -05:00
|
|
|
:messageable,
|
2016-12-11 09:36:15 -06:00
|
|
|
:update,
|
|
|
|
:messages,
|
2017-06-13 03:10:14 -05:00
|
|
|
:histories,
|
2017-07-21 01:12:24 -05:00
|
|
|
:request_membership,
|
|
|
|
:search
|
2016-11-29 02:25:02 -06:00
|
|
|
]
|
|
|
|
|
2017-08-30 23:06:56 -05:00
|
|
|
skip_before_action :preload_json, :check_xhr, only: [:posts_feed, :mentions_feed]
|
2018-01-31 14:04:09 -06:00
|
|
|
skip_before_action :check_xhr, only: [:show]
|
2015-12-14 16:17:09 -06:00
|
|
|
|
2016-12-14 03:26:16 -06:00
|
|
|
def index
|
2016-12-22 00:14:03 -06:00
|
|
|
unless SiteSetting.enable_group_directory?
|
|
|
|
raise Discourse::InvalidAccess.new(:enable_group_directory)
|
|
|
|
end
|
|
|
|
|
2016-12-14 03:26:16 -06:00
|
|
|
page_size = 30
|
|
|
|
page = params[:page]&.to_i || 0
|
|
|
|
|
2017-02-03 02:51:32 -06:00
|
|
|
groups = Group.visible_groups(current_user)
|
2017-07-03 14:26:46 -05:00
|
|
|
|
|
|
|
unless guardian.is_staff?
|
|
|
|
# hide automatic groups from all non stuff to de-clutter page
|
|
|
|
groups = groups.where(automatic: false)
|
|
|
|
end
|
|
|
|
|
2016-12-20 00:38:27 -06:00
|
|
|
count = groups.count
|
2016-12-20 00:26:15 -06:00
|
|
|
groups = groups.offset(page * page_size).limit(page_size)
|
2016-12-14 03:26:16 -06:00
|
|
|
|
2017-08-08 08:45:27 -05:00
|
|
|
if Group.preloaded_custom_field_names.present?
|
|
|
|
Group.preload_custom_fields(groups, Group.preloaded_custom_field_names)
|
|
|
|
end
|
|
|
|
|
2016-12-21 06:58:51 -06:00
|
|
|
group_user_ids = GroupUser.where(group: groups, user: current_user).pluck(:group_id)
|
|
|
|
|
|
|
|
render_json_dump(
|
|
|
|
groups: serialize_data(groups, BasicGroupSerializer),
|
|
|
|
extras: {
|
|
|
|
group_user_ids: group_user_ids
|
|
|
|
},
|
2016-12-20 00:38:27 -06:00
|
|
|
total_rows_groups: count,
|
2016-12-14 03:26:16 -06:00
|
|
|
load_more_groups: groups_path(page: page + 1)
|
2016-12-21 06:58:51 -06:00
|
|
|
)
|
2016-12-14 03:26:16 -06:00
|
|
|
end
|
|
|
|
|
2014-01-30 16:10:36 -06:00
|
|
|
def show
|
2018-01-31 14:04:09 -06:00
|
|
|
respond_to do |format|
|
|
|
|
group = find_group(:id)
|
|
|
|
|
|
|
|
format.html do
|
|
|
|
@title = group.full_name.present? ? group.full_name.capitalize : group.name
|
|
|
|
@description_meta = group.bio_cooked.present? ? PrettyText.excerpt(group.bio_cooked, 300) : @title
|
|
|
|
render :show
|
|
|
|
end
|
|
|
|
|
|
|
|
format.json do
|
|
|
|
render_serialized(group, GroupShowSerializer, root: 'basic_group')
|
|
|
|
end
|
|
|
|
end
|
2014-01-30 16:10:36 -06:00
|
|
|
end
|
|
|
|
|
2016-12-13 01:15:20 -06:00
|
|
|
def edit
|
|
|
|
end
|
|
|
|
|
2016-11-29 02:25:02 -06:00
|
|
|
def update
|
|
|
|
group = Group.find(params[:id])
|
|
|
|
guardian.ensure_can_edit!(group)
|
|
|
|
|
|
|
|
if group.update_attributes(group_params)
|
2016-12-11 09:36:15 -06:00
|
|
|
GroupActionLogger.new(current_user, group).log_change_group_settings
|
|
|
|
|
2016-11-29 02:25:02 -06:00
|
|
|
render json: success_json
|
|
|
|
else
|
|
|
|
render_json_error(group)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-02-07 09:44:03 -06:00
|
|
|
def posts
|
2014-02-18 15:43:02 -06:00
|
|
|
group = find_group(:group_id)
|
2017-10-31 15:47:47 -05:00
|
|
|
posts = group.posts_for(
|
|
|
|
guardian,
|
|
|
|
params.permit(:before_post_id, :category_id)
|
|
|
|
).limit(20)
|
2014-02-07 09:44:03 -06:00
|
|
|
render_serialized posts.to_a, GroupPostSerializer
|
|
|
|
end
|
|
|
|
|
2016-03-18 11:19:45 -05:00
|
|
|
def posts_feed
|
|
|
|
group = find_group(:group_id)
|
2017-10-31 15:47:47 -05:00
|
|
|
@posts = group.posts_for(
|
|
|
|
guardian,
|
|
|
|
params.permit(:before_post_id, :category_id)
|
|
|
|
).limit(50)
|
2016-03-18 11:19:45 -05:00
|
|
|
@title = "#{SiteSetting.title} - #{I18n.t("rss_description.group_posts", group_name: group.name)}"
|
|
|
|
@link = Discourse.base_url
|
|
|
|
@description = I18n.t("rss_description.group_posts", group_name: group.name)
|
|
|
|
render 'posts/latest', formats: [:rss]
|
|
|
|
end
|
|
|
|
|
2015-11-30 23:52:43 -06:00
|
|
|
def topics
|
|
|
|
group = find_group(:group_id)
|
2017-10-31 15:47:47 -05:00
|
|
|
posts = group.posts_for(
|
|
|
|
guardian,
|
|
|
|
params.permit(:before_post_id, :category_id)
|
|
|
|
).where(post_number: 1).limit(20)
|
2015-11-30 23:52:43 -06:00
|
|
|
render_serialized posts.to_a, GroupPostSerializer
|
|
|
|
end
|
|
|
|
|
|
|
|
def mentions
|
2017-12-07 15:16:53 -06:00
|
|
|
raise Discourse::NotFound unless SiteSetting.enable_mentions?
|
2015-11-30 23:52:43 -06:00
|
|
|
group = find_group(:group_id)
|
2017-10-31 15:47:47 -05:00
|
|
|
posts = group.mentioned_posts_for(
|
|
|
|
guardian,
|
|
|
|
params.permit(:before_post_id, :category_id)
|
|
|
|
).limit(20)
|
2015-11-30 23:52:43 -06:00
|
|
|
render_serialized posts.to_a, GroupPostSerializer
|
|
|
|
end
|
|
|
|
|
2016-03-18 11:19:45 -05:00
|
|
|
def mentions_feed
|
2017-12-07 15:16:53 -06:00
|
|
|
raise Discourse::NotFound unless SiteSetting.enable_mentions?
|
2016-03-18 11:19:45 -05:00
|
|
|
group = find_group(:group_id)
|
2017-10-31 15:47:47 -05:00
|
|
|
@posts = group.mentioned_posts_for(
|
|
|
|
guardian,
|
|
|
|
params.permit(:before_post_id, :category_id)
|
|
|
|
).limit(50)
|
2016-03-18 11:19:45 -05:00
|
|
|
@title = "#{SiteSetting.title} - #{I18n.t("rss_description.group_mentions", group_name: group.name)}"
|
|
|
|
@link = Discourse.base_url
|
|
|
|
@description = I18n.t("rss_description.group_mentions", group_name: group.name)
|
|
|
|
render 'posts/latest', formats: [:rss]
|
|
|
|
end
|
|
|
|
|
2015-12-07 16:19:33 -06:00
|
|
|
def messages
|
|
|
|
group = find_group(:group_id)
|
|
|
|
posts = if guardian.can_see_group_messages?(group)
|
2017-10-31 15:47:47 -05:00
|
|
|
group.messages_for(
|
|
|
|
guardian,
|
|
|
|
params.permit(:before_post_id, :category_id)
|
|
|
|
).where(post_number: 1).limit(20).to_a
|
2015-12-07 16:19:33 -06:00
|
|
|
else
|
|
|
|
[]
|
|
|
|
end
|
|
|
|
render_serialized posts, GroupPostSerializer
|
|
|
|
end
|
2015-11-30 23:52:43 -06:00
|
|
|
|
2014-02-06 12:06:19 -06:00
|
|
|
def members
|
2014-02-18 15:43:02 -06:00
|
|
|
group = find_group(:group_id)
|
2014-11-24 14:12:48 -06:00
|
|
|
|
2016-12-07 03:28:43 -06:00
|
|
|
limit = (params[:limit] || 20).to_i
|
2015-01-05 11:51:45 -06:00
|
|
|
offset = params[:offset].to_i
|
2016-12-08 00:26:50 -06:00
|
|
|
dir = (params[:desc] && !params[:desc].blank?) ? 'DESC' : 'ASC'
|
2016-12-22 00:55:24 -06:00
|
|
|
order = ""
|
2016-12-07 03:28:43 -06:00
|
|
|
|
|
|
|
if params[:order] && %w{last_posted_at last_seen_at}.include?(params[:order])
|
2016-12-22 00:55:24 -06:00
|
|
|
order = "#{params[:order]} #{dir} NULLS LAST"
|
2016-12-07 03:28:43 -06:00
|
|
|
end
|
|
|
|
|
2017-10-05 21:35:40 -05:00
|
|
|
users = group.users.human_users
|
|
|
|
|
|
|
|
total = users.count
|
|
|
|
members = users
|
2016-12-07 03:28:43 -06:00
|
|
|
.order('NOT group_users.owner')
|
|
|
|
.order(order)
|
2017-07-27 20:20:09 -05:00
|
|
|
.order(username_lower: dir)
|
2016-12-07 03:28:43 -06:00
|
|
|
.limit(limit)
|
|
|
|
.offset(offset)
|
|
|
|
|
2017-10-05 21:35:40 -05:00
|
|
|
owners = users
|
2016-12-07 03:28:43 -06:00
|
|
|
.order(order)
|
2017-07-27 20:20:09 -05:00
|
|
|
.order(username_lower: dir)
|
2016-12-07 03:28:43 -06:00
|
|
|
.where('group_users.owner')
|
2015-01-05 11:51:45 -06:00
|
|
|
|
|
|
|
render json: {
|
|
|
|
members: serialize_data(members, GroupUserSerializer),
|
2015-11-09 07:52:04 -06:00
|
|
|
owners: serialize_data(owners, GroupUserSerializer),
|
2015-01-05 11:51:45 -06:00
|
|
|
meta: {
|
|
|
|
total: total,
|
|
|
|
limit: limit,
|
|
|
|
offset: offset
|
|
|
|
}
|
|
|
|
}
|
2014-02-06 12:06:19 -06:00
|
|
|
end
|
|
|
|
|
2015-01-08 17:35:52 -06:00
|
|
|
def add_members
|
2015-11-09 07:52:04 -06:00
|
|
|
group = Group.find(params[:id])
|
2017-07-27 21:37:10 -05:00
|
|
|
group.public_admission ? ensure_logged_in : guardian.ensure_can_edit!(group)
|
2016-12-06 22:06:56 -06:00
|
|
|
|
|
|
|
users =
|
|
|
|
if params[:usernames].present?
|
|
|
|
User.where(username: params[:usernames].split(","))
|
|
|
|
elsif params[:user_ids].present?
|
|
|
|
User.find(params[:user_ids].split(","))
|
|
|
|
elsif params[:user_emails].present?
|
2017-04-26 13:47:36 -05:00
|
|
|
User.with_email(params[:user_emails].split(","))
|
2016-12-06 22:06:56 -06:00
|
|
|
else
|
|
|
|
raise Discourse::InvalidParameters.new(
|
|
|
|
'user_ids or usernames or user_emails must be present'
|
|
|
|
)
|
|
|
|
end
|
2015-11-09 07:52:04 -06:00
|
|
|
|
2016-12-06 22:06:56 -06:00
|
|
|
raise Discourse::NotFound if users.blank?
|
|
|
|
|
2017-07-27 21:37:10 -05:00
|
|
|
if group.public_admission
|
2016-12-13 02:39:44 -06:00
|
|
|
if !guardian.can_log_group_changes?(group) && current_user != users.first
|
|
|
|
raise Discourse::InvalidAccess
|
|
|
|
end
|
2016-12-06 22:06:56 -06:00
|
|
|
|
|
|
|
unless current_user.staff?
|
|
|
|
RateLimiter.new(current_user, "public_group_membership", 3, 1.minute).performed!
|
|
|
|
end
|
2015-11-09 07:52:04 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
users.each do |user|
|
|
|
|
if !group.users.include?(user)
|
|
|
|
group.add(user)
|
2016-12-11 09:36:15 -06:00
|
|
|
GroupActionLogger.new(current_user, group).log_add_user_to_group(user)
|
2015-11-09 07:52:04 -06:00
|
|
|
else
|
|
|
|
return render_json_error I18n.t('groups.errors.member_already_exist', username: user.username)
|
2015-01-08 17:35:52 -06:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-11-09 07:52:04 -06:00
|
|
|
if group.save
|
|
|
|
render json: success_json
|
|
|
|
else
|
|
|
|
render_json_error(group)
|
|
|
|
end
|
2015-01-08 17:35:52 -06:00
|
|
|
end
|
|
|
|
|
2016-11-25 02:45:15 -06:00
|
|
|
def mentionable
|
|
|
|
group = find_group(:name)
|
|
|
|
|
|
|
|
if group
|
|
|
|
render json: { mentionable: Group.mentionable(current_user).where(id: group.id).present? }
|
|
|
|
else
|
|
|
|
raise Discourse::InvalidAccess.new
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-28 11:32:08 -05:00
|
|
|
def messageable
|
|
|
|
group = find_group(:name)
|
|
|
|
|
|
|
|
if group
|
|
|
|
render json: { messageable: Group.messageable(current_user).where(id: group.id).present? }
|
|
|
|
else
|
|
|
|
raise Discourse::InvalidAccess.new
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-01-08 17:35:52 -06:00
|
|
|
def remove_member
|
2015-11-09 07:52:04 -06:00
|
|
|
group = Group.find(params[:id])
|
2017-07-27 21:37:10 -05:00
|
|
|
group.public_exit ? ensure_logged_in : guardian.ensure_can_edit!(group)
|
2016-12-06 22:06:56 -06:00
|
|
|
|
|
|
|
user =
|
|
|
|
if params[:user_id].present?
|
|
|
|
User.find_by(id: params[:user_id])
|
|
|
|
elsif params[:username].present?
|
|
|
|
User.find_by_username(params[:username])
|
|
|
|
elsif params[:user_email].present?
|
|
|
|
User.find_by_email(params[:user_email])
|
|
|
|
else
|
|
|
|
raise Discourse::InvalidParameters.new('user_id or username must be present')
|
|
|
|
end
|
2015-11-09 07:52:04 -06:00
|
|
|
|
2016-12-06 22:06:56 -06:00
|
|
|
raise Discourse::NotFound unless user
|
|
|
|
|
2017-07-27 21:37:10 -05:00
|
|
|
if group.public_exit
|
2016-12-13 02:39:44 -06:00
|
|
|
if !guardian.can_log_group_changes?(group) && current_user != user
|
|
|
|
raise Discourse::InvalidAccess
|
|
|
|
end
|
2016-12-06 22:06:56 -06:00
|
|
|
|
|
|
|
unless current_user.staff?
|
|
|
|
RateLimiter.new(current_user, "public_group_membership", 3, 1.minute).performed!
|
|
|
|
end
|
2015-11-09 07:52:04 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
user.primary_group_id = nil if user.primary_group_id == group.id
|
|
|
|
|
2016-12-11 09:36:15 -06:00
|
|
|
group.remove(user)
|
|
|
|
GroupActionLogger.new(current_user, group).log_remove_user_from_group(user)
|
2015-01-08 17:35:52 -06:00
|
|
|
|
2015-11-09 07:52:04 -06:00
|
|
|
if group.save && user.save
|
|
|
|
render json: success_json
|
|
|
|
else
|
|
|
|
render_json_error(group)
|
2015-01-08 17:35:52 -06:00
|
|
|
end
|
2017-06-13 03:10:14 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
def request_membership
|
2017-08-08 04:53:02 -05:00
|
|
|
params.require(:reason)
|
|
|
|
|
2017-06-13 03:10:14 -05:00
|
|
|
unless current_user.staff?
|
|
|
|
RateLimiter.new(current_user, "request_group_membership", 1, 1.day).performed!
|
|
|
|
end
|
2015-01-08 17:35:52 -06:00
|
|
|
|
2017-06-13 03:10:14 -05:00
|
|
|
group = find_group(:id)
|
|
|
|
group_name = group.name
|
2017-06-14 22:36:09 -05:00
|
|
|
|
|
|
|
usernames = [current_user.username].concat(
|
|
|
|
group.users.where('group_users.owner')
|
|
|
|
.order("users.last_seen_at DESC")
|
|
|
|
.limit(5)
|
|
|
|
.pluck("users.username")
|
|
|
|
)
|
2017-06-13 03:10:14 -05:00
|
|
|
|
|
|
|
post = PostCreator.new(current_user,
|
|
|
|
title: I18n.t('groups.request_membership_pm.title', group_name: group_name),
|
2017-08-08 04:53:02 -05:00
|
|
|
raw: params[:reason],
|
2017-06-13 03:10:14 -05:00
|
|
|
archetype: Archetype.private_message,
|
2017-06-14 22:36:09 -05:00
|
|
|
target_usernames: usernames.join(','),
|
2017-06-13 03:10:14 -05:00
|
|
|
skip_validations: true
|
|
|
|
).create!
|
|
|
|
|
|
|
|
render json: success_json.merge(relative_url: post.topic.relative_url)
|
2015-01-08 17:35:52 -06:00
|
|
|
end
|
|
|
|
|
2015-12-14 16:17:09 -06:00
|
|
|
def set_notifications
|
|
|
|
group = find_group(:id)
|
|
|
|
notification_level = params.require(:notification_level)
|
|
|
|
|
2017-04-20 14:47:25 -05:00
|
|
|
user_id = current_user.id
|
|
|
|
if guardian.is_staff?
|
|
|
|
user_id = params[:user_id] || user_id
|
|
|
|
end
|
|
|
|
|
2015-12-14 16:17:09 -06:00
|
|
|
GroupUser.where(group_id: group.id)
|
2017-07-27 20:20:09 -05:00
|
|
|
.where(user_id: user_id)
|
|
|
|
.update_all(notification_level: notification_level)
|
2015-12-14 16:17:09 -06:00
|
|
|
|
|
|
|
render json: success_json
|
|
|
|
end
|
|
|
|
|
2016-12-11 09:36:15 -06:00
|
|
|
def histories
|
|
|
|
group = find_group(:group_id)
|
|
|
|
guardian.ensure_can_edit!(group)
|
|
|
|
|
|
|
|
page_size = 25
|
|
|
|
offset = (params[:offset] && params[:offset].to_i) || 0
|
|
|
|
|
|
|
|
group_histories = GroupHistory.with_filters(group, params[:filters])
|
|
|
|
.limit(page_size)
|
|
|
|
.offset(offset * page_size)
|
|
|
|
|
|
|
|
render_json_dump(
|
|
|
|
logs: serialize_data(group_histories, BasicGroupHistorySerializer),
|
|
|
|
all_loaded: group_histories.count < page_size
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
2017-07-21 01:12:24 -05:00
|
|
|
def search
|
|
|
|
groups = Group.visible_groups(current_user)
|
|
|
|
.where("groups.id <> ?", Group::AUTO_GROUPS[:everyone])
|
|
|
|
.order(:name)
|
|
|
|
|
|
|
|
if term = params[:term].to_s
|
|
|
|
groups = groups.where("name ILIKE :term OR full_name ILIKE :term", term: "%#{term}%")
|
|
|
|
end
|
|
|
|
|
|
|
|
if params[:ignore_automatic].to_s == "true"
|
|
|
|
groups = groups.where(automatic: false)
|
|
|
|
end
|
|
|
|
|
2017-08-08 08:45:27 -05:00
|
|
|
if Group.preloaded_custom_field_names.present?
|
|
|
|
Group.preload_custom_fields(groups, Group.preloaded_custom_field_names)
|
|
|
|
end
|
|
|
|
|
2017-07-21 01:12:24 -05:00
|
|
|
render_serialized(groups, BasicGroupSerializer)
|
|
|
|
end
|
|
|
|
|
2014-02-18 15:43:02 -06:00
|
|
|
private
|
|
|
|
|
2016-11-29 02:25:02 -06:00
|
|
|
def group_params
|
2016-12-05 02:18:24 -06:00
|
|
|
params.require(:group).permit(
|
|
|
|
:flair_url,
|
|
|
|
:flair_bg_color,
|
|
|
|
:flair_color,
|
2016-12-06 20:26:28 -06:00
|
|
|
:bio_raw,
|
2016-12-13 02:16:26 -06:00
|
|
|
:full_name,
|
2017-07-27 21:37:10 -05:00
|
|
|
:public_admission,
|
|
|
|
:public_exit,
|
2017-11-01 19:51:43 -05:00
|
|
|
:allow_membership_requests,
|
|
|
|
:membership_request_template,
|
2016-12-05 02:18:24 -06:00
|
|
|
)
|
2016-11-29 02:25:02 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
def find_group(param_name)
|
|
|
|
name = params.require(param_name)
|
|
|
|
group = Group.find_by("lower(name) = ?", name.downcase)
|
|
|
|
guardian.ensure_can_see!(group)
|
|
|
|
group
|
|
|
|
end
|
2014-02-18 15:43:02 -06:00
|
|
|
|
2014-01-30 16:10:36 -06:00
|
|
|
end
|