2019-05-03 06:17:27 +08:00
# frozen_string_literal: true
2014-03-05 20:52:20 +08:00
class BadgeGranter
2017-07-28 09:20:09 +08:00
def initialize ( badge , user , opts = { } )
2014-03-05 20:52:20 +08:00
@badge , @user , @opts = badge , user , opts
@granted_by = opts [ :granted_by ] || Discourse . system_user
2014-06-17 14:29:49 +08:00
@post_id = opts [ :post_id ]
2014-03-05 20:52:20 +08:00
end
2017-07-28 09:20:09 +08:00
def self . grant ( badge , user , opts = { } )
2014-03-05 20:52:20 +08:00
BadgeGranter . new ( badge , user , opts ) . grant
end
def grant
2017-07-28 09:20:09 +08:00
return if @granted_by && ! Guardian . new ( @granted_by ) . can_grant_badges? ( @user )
2016-08-20 03:16:37 +08:00
return unless @badge . enabled?
2014-03-05 20:52:20 +08:00
2014-07-04 15:40:44 +08:00
find_by = { badge_id : @badge . id , user_id : @user . id }
if @badge . multiple_grant?
find_by [ :post_id ] = @post_id
end
user_badge = UserBadge . find_by ( find_by )
2014-03-05 20:52:20 +08:00
2014-06-28 03:02:09 +08:00
if user_badge . nil? || ( @badge . multiple_grant? && @post_id . nil? )
2014-04-14 13:58:27 +08:00
UserBadge . transaction do
2014-08-11 07:21:06 +08:00
seq = 0
if @badge . multiple_grant?
seq = UserBadge . where ( badge : @badge , user : @user ) . maximum ( :seq )
seq = ( seq || - 1 ) + 1
end
user_badge = UserBadge . create! ( badge : @badge ,
user : @user ,
2014-06-17 14:29:49 +08:00
granted_by : @granted_by ,
2016-04-08 01:49:44 +08:00
granted_at : @opts [ :created_at ] || Time . now ,
2014-08-11 07:21:06 +08:00
post_id : @post_id ,
seq : seq )
2014-03-05 20:52:20 +08:00
2017-04-29 00:20:05 +08:00
return unless SiteSetting . enable_badges
2014-04-14 13:58:27 +08:00
if @granted_by != Discourse . system_user
StaffActionLogger . new ( @granted_by ) . log_badge_grant ( user_badge )
end
2014-04-17 03:59:45 +08:00
2014-05-05 02:15:38 +08:00
if SiteSetting . enable_badges?
2016-04-12 20:08:38 +08:00
unless @badge . badge_type_id == BadgeType :: Bronze && user_badge . granted_at < 2 . days . ago
I18n . with_locale ( @user . effective_locale ) do
notification = @user . notifications . create (
notification_type : Notification . types [ :granted_badge ] ,
data : { badge_id : @badge . id ,
badge_name : @badge . display_name ,
badge_slug : @badge . slug ,
2017-08-18 04:32:37 +08:00
badge_title : @badge . allow_title ,
2017-07-28 09:20:09 +08:00
username : @user . username } . to_json
2016-04-12 20:08:38 +08:00
)
2019-04-29 15:32:25 +08:00
user_badge . update notification_id : notification . id
2016-04-12 20:08:38 +08:00
end
2015-09-24 04:52:43 +08:00
end
2014-05-05 02:15:38 +08:00
end
2014-03-20 03:30:12 +08:00
end
2014-03-05 20:52:20 +08:00
end
user_badge
end
2017-07-28 09:20:09 +08:00
def self . revoke ( user_badge , options = { } )
2014-03-05 20:52:20 +08:00
UserBadge . transaction do
user_badge . destroy!
2014-03-20 03:30:12 +08:00
if options [ :revoked_by ]
StaffActionLogger . new ( options [ :revoked_by ] ) . log_badge_revoke ( user_badge )
end
2014-04-18 11:10:53 +08:00
2019-11-08 13:34:24 +08:00
# If the user's title is the same as the badge name OR the custom badge name, remove their title.
custom_badge_name = TranslationOverride . find_by ( translation_key : user_badge . badge . translation_key ) & . value
user_title_is_badge_name = user_badge . user . title == user_badge . badge . name
user_title_is_custom_badge_name = custom_badge_name . present? && user_badge . user . title == custom_badge_name
if user_title_is_badge_name || user_title_is_custom_badge_name
if options [ :revoked_by ]
StaffActionLogger . new ( options [ :revoked_by ] ) . log_title_revoke (
user_badge . user ,
revoke_reason : 'user title was same as revoked badge name or custom badge name' ,
previous_value : user_badge . user . title
)
end
2014-04-18 11:10:53 +08:00
user_badge . user . title = nil
user_badge . user . save!
end
2014-03-05 20:52:20 +08:00
end
end
2016-08-11 01:24:01 +08:00
def self . queue_badge_grant ( type , opt )
2014-09-03 04:12:27 +08:00
return unless SiteSetting . enable_badges
2014-07-23 09:42:24 +08:00
payload = nil
case type
when Badge :: Trigger :: PostRevision
post = opt [ :post ]
payload = {
type : " PostRevision " ,
post_ids : [ post . id ]
}
when Badge :: Trigger :: UserChange
user = opt [ :user ]
payload = {
type : " UserChange " ,
user_ids : [ user . id ]
}
when Badge :: Trigger :: TrustLevelChange
user = opt [ :user ]
payload = {
type : " TrustLevelChange " ,
user_ids : [ user . id ]
}
when Badge :: Trigger :: PostAction
action = opt [ :post_action ]
payload = {
type : " PostAction " ,
post_ids : [ action . post_id , action . related_post_id ] . compact!
}
end
2019-12-03 17:05:53 +08:00
Discourse . redis . lpush queue_key , payload . to_json if payload
2014-05-05 02:15:38 +08:00
end
2014-07-23 09:42:24 +08:00
def self . clear_queue!
2019-12-03 17:05:53 +08:00
Discourse . redis . del queue_key
2014-07-23 09:42:24 +08:00
end
def self . process_queue!
limit = 1000
items = [ ]
2019-12-03 17:05:53 +08:00
while limit > 0 && item = Discourse . redis . lpop ( queue_key )
2014-07-23 09:42:24 +08:00
items << JSON . parse ( item )
limit -= 1
end
2016-08-11 01:24:01 +08:00
items = items . group_by { | i | i [ " type " ] }
2014-07-23 09:42:24 +08:00
items . each do | type , list |
2016-08-11 01:24:01 +08:00
post_ids = list . flat_map { | i | i [ " post_ids " ] } . compact . uniq
user_ids = list . flat_map { | i | i [ " user_ids " ] } . compact . uniq
2014-07-23 09:42:24 +08:00
next unless post_ids . present? || user_ids . present?
2016-08-11 01:24:01 +08:00
find_by_type ( type ) . each do | badge |
2015-03-29 09:36:05 +08:00
backfill ( badge , post_ids : post_ids , user_ids : user_ids )
2016-08-11 01:24:01 +08:00
end
2014-07-23 09:42:24 +08:00
end
end
def self . find_by_type ( type )
2019-01-04 22:17:54 +08:00
Badge . where ( trigger : " Badge::Trigger:: #{ type } " . constantize )
2014-07-23 09:42:24 +08:00
end
def self . queue_key
" badge_queue " . freeze
end
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
# Options:
# :target_posts - whether the badge targets posts
# :trigger - the Badge::Trigger id
def self . contract_checks! ( sql , opts = { } )
2019-01-04 22:17:54 +08:00
return if sql . blank?
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
if Badge :: Trigger . uses_post_ids? ( opts [ :trigger ] )
2014-10-08 07:26:18 +08:00
raise ( " Contract violation: \n Query triggers on posts, but does not reference the ':post_ids' array " ) unless sql . match ( / :post_ids / )
raise " Contract violation: \n Query triggers on posts, but references the ':user_ids' array " if sql . match ( / :user_ids / )
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
end
2019-01-04 22:17:54 +08:00
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
if Badge :: Trigger . uses_user_ids? ( opts [ :trigger ] )
2014-10-08 07:26:18 +08:00
raise " Contract violation: \n Query triggers on users, but does not reference the ':user_ids' array " unless sql . match ( / :user_ids / )
raise " Contract violation: \n Query triggers on users, but references the ':post_ids' array " if sql . match ( / :post_ids / )
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
end
2019-01-04 22:17:54 +08:00
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
if opts [ :trigger ] && ! Badge :: Trigger . is_none? ( opts [ :trigger ] )
2014-10-08 07:26:18 +08:00
raise " Contract violation: \n Query is triggered, but does not reference the ':backfill' parameter. \n (Hint: if :backfill is TRUE, you should ignore the :post_ids/:user_ids) " unless sql . match ( / :backfill / )
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
end
# TODO these three conditions have a lot of false negatives
if opts [ :target_posts ]
2014-10-08 07:26:18 +08:00
raise " Contract violation: \n Query targets posts, but does not return a 'post_id' column " unless sql . match ( / post_id / )
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
end
2019-01-04 22:17:54 +08:00
2014-10-08 07:26:18 +08:00
raise " Contract violation: \n Query does not return a 'user_id' column " unless sql . match ( / user_id / )
raise " Contract violation: \n Query does not return a 'granted_at' column " unless sql . match ( / granted_at / )
raise " Contract violation: \n Query ends with a semicolon. Remove the semicolon; your sql will be used in a subquery. " if sql . match ( / ; \ s* \ z / )
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
end
# Options:
# :target_posts - whether the badge targets posts
# :trigger - the Badge::Trigger id
# :explain - return the EXPLAIN query
2014-07-24 16:28:09 +08:00
def self . preview ( sql , opts = { } )
2017-07-28 09:20:09 +08:00
params = { user_ids : [ ] , post_ids : [ ] , backfill : true }
2014-08-13 10:25:56 +08:00
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
BadgeGranter . contract_checks! ( sql , opts )
2014-08-13 10:25:56 +08:00
# hack to allow for params, otherwise sanitizer will trigger sprintf
count_sql = " SELECT COUNT(*) count FROM ( #{ sql } ) q WHERE :backfill = :backfill "
2018-06-20 15:48:02 +08:00
grant_count = DB . query_single ( count_sql , params ) . first . to_i
2014-07-24 16:28:09 +08:00
2019-01-04 22:17:54 +08:00
grants_sql = if opts [ :target_posts ]
<< ~ SQL
SELECT u . id , u . username , q . post_id , t . title , q . granted_at
FROM ( #{sql}) q
JOIN users u on u . id = q . user_id
2017-07-28 09:20:09 +08:00
LEFT JOIN badge_posts p on p . id = q . post_id
LEFT JOIN topics t on t . id = p . topic_id
2019-01-04 22:17:54 +08:00
WHERE :backfill = :backfill
LIMIT 10
SQL
else
<< ~ SQL
SELECT u . id , u . username , q . granted_at
FROM ( #{sql}) q
JOIN users u on u . id = q . user_id
WHERE :backfill = :backfill
LIMIT 10
SQL
end
2014-07-24 16:28:09 +08:00
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
query_plan = nil
2018-06-19 14:13:14 +08:00
# HACK: active record sanitization too flexible, force it to go down the sanitization path that cares not for % stuff
# note mini_sql uses AR sanitizer at the moment (review if changed)
query_plan = DB . query_hash ( " EXPLAIN #{ sql } /*:backfill*/ " , params ) if opts [ :explain ]
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
2018-06-19 14:13:14 +08:00
sample = DB . query ( grants_sql , params )
2014-07-24 16:28:09 +08:00
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
sample . each do | result |
2018-06-19 14:13:14 +08:00
raise " Query returned a non-existent user ID: \n #{ result . id } " unless User . exists? ( id : result . id )
raise " Query did not return a badge grant time \n (Try using 'current_timestamp granted_at') " unless result . granted_at
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
if opts [ :target_posts ]
2018-06-19 14:13:14 +08:00
raise " Query did not return a post ID " unless result . post_id
raise " Query returned a non-existent post ID: \n #{ result . post_id } " unless Post . exists? ( result . post_id ) . present?
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
end
end
2017-07-28 09:20:09 +08:00
{ grant_count : grant_count , sample : sample , query_plan : query_plan }
2014-07-24 16:28:09 +08:00
rescue = > e
2017-07-28 09:20:09 +08:00
{ errors : e . message }
2014-07-24 16:28:09 +08:00
end
2017-06-22 18:55:58 +08:00
MAX_ITEMS_FOR_DELTA || = 200
2017-07-28 09:20:09 +08:00
def self . backfill ( badge , opts = nil )
2014-09-03 04:12:27 +08:00
return unless SiteSetting . enable_badges
2016-08-11 01:24:01 +08:00
return unless badge . enabled
return unless badge . query . present?
2014-07-03 15:29:44 +08:00
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
post_ids = user_ids = nil
2014-07-23 09:42:24 +08:00
post_ids = opts [ :post_ids ] if opts
user_ids = opts [ :user_ids ] if opts
2014-08-09 07:33:00 +08:00
# safeguard fall back to full backfill if more than 200
2019-01-04 22:17:54 +08:00
if ( post_ids && post_ids . size > MAX_ITEMS_FOR_DELTA ) ||
( user_ids && user_ids . size > MAX_ITEMS_FOR_DELTA )
2014-08-09 07:33:00 +08:00
post_ids = nil
user_ids = nil
end
2019-01-04 22:17:54 +08:00
post_ids = nil if post_ids . blank?
user_ids = nil if user_ids . blank?
FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-26 06:17:29 +08:00
2014-08-08 08:00:10 +08:00
full_backfill = ! user_ids && ! post_ids
post_clause = badge . target_posts ? " AND (q.post_id = ub.post_id OR NOT :multiple_grant) " : " "
2014-07-03 15:29:44 +08:00
post_id_field = badge . target_posts ? " q.post_id " : " NULL "
2019-01-04 22:17:54 +08:00
sql = << ~ SQL
DELETE FROM user_badges
WHERE id IN (
SELECT ub . id
FROM user_badges ub
LEFT JOIN ( #{badge.query}) q ON q.user_id = ub.user_id
#{post_clause}
WHERE ub . badge_id = :id AND q . user_id IS NULL
)
SQL
2014-07-03 15:29:44 +08:00
2018-06-19 14:13:14 +08:00
DB . exec (
sql ,
id : badge . id ,
post_ids : [ - 1 ] ,
user_ids : [ - 2 ] ,
backfill : true ,
multiple_grant : true # cheat here, cause we only run on backfill and are deleting
) if badge . auto_revoke && full_backfill
sql = << ~ SQL
WITH w as (
2019-01-04 22:17:54 +08:00
INSERT INTO user_badges ( badge_id , user_id , granted_at , granted_by_id , post_id )
SELECT :id , q . user_id , q . granted_at , - 1 , #{post_id_field}
FROM ( #{badge.query}) q
LEFT JOIN user_badges ub ON ub . badge_id = :id AND ub . user_id = q . user_id
2018-06-19 14:13:14 +08:00
#{post_clause}
2019-01-04 22:17:54 +08:00
/ *where* /
ON CONFLICT DO NOTHING
RETURNING id , user_id , granted_at
2018-06-19 14:13:14 +08:00
)
2019-01-04 22:17:54 +08:00
SELECT w . * , username , locale , ( u . admin OR u . moderator ) AS staff
FROM w
JOIN users u on u . id = w . user_id
2018-06-19 14:13:14 +08:00
SQL
builder = DB . build ( sql )
2019-01-04 22:17:54 +08:00
builder . where ( " ub.badge_id IS NULL AND q.user_id > 0 " )
2014-08-27 16:02:13 +08:00
if ( post_ids || user_ids ) && ! badge . query . include? ( " :backfill " )
Rails . logger . warn " Your triggered badge query for #{ badge . name } does not include the :backfill param, skipping! "
return
end
2019-01-04 22:17:54 +08:00
if post_ids && ! badge . query . include? ( " :post_ids " )
2014-08-27 16:02:13 +08:00
Rails . logger . warn " Your triggered badge query for #{ badge . name } does not include the :post_ids param, skipping! "
return
end
2019-01-04 22:17:54 +08:00
if user_ids && ! badge . query . include? ( " :user_ids " )
2014-08-27 16:02:13 +08:00
Rails . logger . warn " Your triggered badge query for #{ badge . name } does not include the :user_ids param, skipping! "
return
end
2014-08-08 08:00:10 +08:00
2018-06-19 14:13:14 +08:00
builder . query (
id : badge . id ,
multiple_grant : badge . multiple_grant ,
backfill : full_backfill ,
post_ids : post_ids || [ - 2 ] ,
user_ids : user_ids || [ - 2 ] ) . each do | row |
2014-07-07 15:55:25 +08:00
# old bronze badges do not matter
2019-01-04 22:17:54 +08:00
next if badge . badge_type_id == BadgeType :: Bronze && row . granted_at < 2 . days . ago
2014-07-07 15:55:25 +08:00
2016-09-30 05:55:41 +08:00
# Try to use user locale in the badge notification if possible without too much resources
2019-01-04 22:17:54 +08:00
notification_locale = if SiteSetting . allow_user_locale && row . locale . present?
row . locale
else
SiteSetting . default_locale
end
2016-09-30 05:55:41 +08:00
2019-01-04 22:17:54 +08:00
next if row . staff && badge . awarded_for_trust_level?
notification = I18n . with_locale ( notification_locale ) do
Notification . create! (
user_id : row . user_id ,
notification_type : Notification . types [ :granted_badge ] ,
data : {
badge_id : badge . id ,
badge_name : badge . display_name ,
badge_slug : badge . slug ,
badge_title : badge . allow_title ,
username : row . username
} . to_json
)
2016-09-30 05:55:41 +08:00
end
2014-07-07 15:55:25 +08:00
2018-06-19 14:13:14 +08:00
DB . exec (
" UPDATE user_badges SET notification_id = :notification_id WHERE id = :id " ,
notification_id : notification . id ,
id : row . id
)
2014-07-07 15:55:25 +08:00
end
2014-07-03 15:29:44 +08:00
badge . reset_grant_count!
2019-01-04 22:17:54 +08:00
rescue = > e
2016-06-06 14:32:14 +08:00
Rails . logger . error ( " Failed to backfill ' #{ badge . name } ' badge: #{ opts } " )
2019-01-04 22:17:54 +08:00
raise e
2014-07-01 20:00:31 +08:00
end
2014-10-08 07:26:18 +08:00
def self . revoke_ungranted_titles!
2018-06-19 14:13:14 +08:00
DB . exec << ~ SQL
UPDATE users SET title = ''
WHERE NOT title IS NULL AND
title < > '' AND
EXISTS (
SELECT 1
FROM user_profiles
WHERE user_id = users . id AND badge_granted_title
) AND
title NOT IN (
SELECT name
FROM badges
WHERE allow_title AND enabled AND
badges . id IN ( SELECT badge_id FROM user_badges ub where ub . user_id = users . id )
)
SQL
2014-10-08 07:26:18 +08:00
end
2014-03-05 20:52:20 +08:00
end