2016-06-07 03:36:59 +08:00
|
|
|
require_dependency 'rate_limiter'
|
|
|
|
|
2013-02-06 03:16:51 +08:00
|
|
|
class InvitesController < ApplicationController
|
|
|
|
|
2015-05-20 15:12:16 +08:00
|
|
|
# TODO tighten this, why skip check on everything?
|
|
|
|
skip_before_filter :check_xhr, :preload_json
|
2013-06-06 02:12:37 +08:00
|
|
|
skip_before_filter :redirect_to_login_if_required
|
|
|
|
|
2016-12-05 00:06:35 +08:00
|
|
|
before_filter :ensure_logged_in, only: [:destroy, :create, :create_invite_link, :resend_invite, :resend_all_invites, :upload_csv]
|
2014-07-15 03:42:14 +08:00
|
|
|
before_filter :ensure_new_registrations_allowed, only: [:show, :redeem_disposable_invite]
|
2016-02-23 21:33:12 +08:00
|
|
|
before_filter :ensure_not_logged_in, only: [:show, :redeem_disposable_invite]
|
2013-02-06 03:16:51 +08:00
|
|
|
|
|
|
|
def show
|
2014-05-06 21:41:59 +08:00
|
|
|
invite = Invite.find_by(invite_key: params[:id])
|
2013-02-06 03:16:51 +08:00
|
|
|
|
|
|
|
if invite.present?
|
|
|
|
user = invite.redeem
|
2013-02-07 23:45:24 +08:00
|
|
|
if user.present?
|
2013-02-06 03:16:51 +08:00
|
|
|
log_on_user(user)
|
|
|
|
|
|
|
|
# Send a welcome message if required
|
|
|
|
user.enqueue_welcome_message('welcome_invite') if user.send_welcome_message
|
|
|
|
|
|
|
|
topic = invite.topics.first
|
|
|
|
if topic.present?
|
2015-03-09 08:45:36 +08:00
|
|
|
redirect_to path("#{topic.relative_url}")
|
2013-02-06 03:16:51 +08:00
|
|
|
return
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-03-09 08:45:36 +08:00
|
|
|
redirect_to path("/")
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
2013-11-07 01:56:26 +08:00
|
|
|
def create
|
|
|
|
params.require(:email)
|
|
|
|
|
2014-05-09 16:22:15 +08:00
|
|
|
group_ids = Group.lookup_group_ids(params)
|
2013-11-07 01:56:26 +08:00
|
|
|
|
2014-05-09 16:22:15 +08:00
|
|
|
guardian.ensure_can_invite_to_forum!(group_ids)
|
|
|
|
|
2014-07-30 01:57:08 +08:00
|
|
|
invite_exists = Invite.where(email: params[:email], invited_by_id: current_user.id).first
|
|
|
|
if invite_exists
|
|
|
|
guardian.ensure_can_send_multiple_invites!(current_user)
|
|
|
|
end
|
|
|
|
|
2015-12-15 00:02:23 +08:00
|
|
|
begin
|
2016-06-06 01:22:46 +08:00
|
|
|
if Invite.invite_by_email(params[:email], current_user, _topic=nil, group_ids, params[:custom_message])
|
2015-12-15 00:02:23 +08:00
|
|
|
render json: success_json
|
|
|
|
else
|
|
|
|
render json: failed_json, status: 422
|
|
|
|
end
|
|
|
|
rescue => e
|
|
|
|
render json: {errors: [e.message]}, status: 422
|
2013-11-07 01:56:26 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-08-26 09:41:52 +08:00
|
|
|
def create_invite_link
|
|
|
|
params.require(:email)
|
|
|
|
group_ids = Group.lookup_group_ids(params)
|
2015-08-31 22:06:13 +08:00
|
|
|
topic = Topic.find_by(id: params[:topic_id])
|
2015-08-26 09:41:52 +08:00
|
|
|
guardian.ensure_can_invite_to_forum!(group_ids)
|
|
|
|
|
|
|
|
invite_exists = Invite.where(email: params[:email], invited_by_id: current_user.id).first
|
|
|
|
if invite_exists
|
|
|
|
guardian.ensure_can_send_multiple_invites!(current_user)
|
|
|
|
end
|
|
|
|
|
2015-12-15 00:02:23 +08:00
|
|
|
begin
|
|
|
|
# generate invite link
|
|
|
|
if invite_link = Invite.generate_invite_link(params[:email], current_user, topic, group_ids)
|
|
|
|
render_json_dump(invite_link)
|
|
|
|
else
|
|
|
|
render json: failed_json, status: 422
|
|
|
|
end
|
|
|
|
rescue => e
|
|
|
|
render json: {errors: [e.message]}, status: 422
|
2015-09-16 19:57:32 +08:00
|
|
|
end
|
2015-08-26 09:41:52 +08:00
|
|
|
end
|
|
|
|
|
2014-07-14 23:56:26 +08:00
|
|
|
def create_disposable_invite
|
|
|
|
guardian.ensure_can_create_disposable_invite!(current_user)
|
|
|
|
params.permit(:username, :email, :quantity, :group_names)
|
|
|
|
|
|
|
|
username_or_email = params[:username] ? fetch_username : fetch_email
|
|
|
|
user = User.find_by_username_or_email(username_or_email)
|
|
|
|
|
|
|
|
# generate invite tokens
|
|
|
|
invite_tokens = Invite.generate_disposable_tokens(user, params[:quantity], params[:group_names])
|
|
|
|
|
|
|
|
render_json_dump(invite_tokens)
|
|
|
|
end
|
|
|
|
|
|
|
|
def redeem_disposable_invite
|
|
|
|
params.require(:email)
|
2014-07-15 19:10:35 +08:00
|
|
|
params.permit(:username, :name, :topic)
|
2014-08-06 16:32:00 +08:00
|
|
|
params[:email] = params[:email].split(' ').join('+')
|
2014-07-14 23:56:26 +08:00
|
|
|
|
|
|
|
invite = Invite.find_by(invite_key: params[:token])
|
|
|
|
|
|
|
|
if invite.present?
|
2014-07-15 19:10:35 +08:00
|
|
|
user = Invite.redeem_from_token(params[:token], params[:email], params[:username], params[:name], params[:topic].to_i)
|
2014-07-14 23:56:26 +08:00
|
|
|
if user.present?
|
|
|
|
log_on_user(user)
|
|
|
|
|
|
|
|
# Send a welcome message if required
|
|
|
|
user.enqueue_welcome_message('welcome_invite') if user.send_welcome_message
|
2014-07-15 19:10:35 +08:00
|
|
|
|
|
|
|
topic = invite.topics.first
|
|
|
|
if topic.present?
|
2015-03-09 08:45:36 +08:00
|
|
|
redirect_to path("#{topic.relative_url}")
|
2014-07-15 19:10:35 +08:00
|
|
|
return
|
|
|
|
end
|
2014-07-14 23:56:26 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-03-09 08:45:36 +08:00
|
|
|
redirect_to path("/")
|
2014-07-14 23:56:26 +08:00
|
|
|
end
|
|
|
|
|
2013-02-06 03:16:51 +08:00
|
|
|
def destroy
|
2013-06-05 15:04:03 +08:00
|
|
|
params.require(:email)
|
2013-02-06 03:16:51 +08:00
|
|
|
|
2014-05-06 21:41:59 +08:00
|
|
|
invite = Invite.find_by(invited_by_id: current_user.id, email: params[:email])
|
2013-02-06 03:16:51 +08:00
|
|
|
raise Discourse::InvalidParameters.new(:email) if invite.blank?
|
2013-07-10 03:20:18 +08:00
|
|
|
invite.trash!(current_user)
|
2013-02-06 03:16:51 +08:00
|
|
|
|
|
|
|
render nothing: true
|
|
|
|
end
|
|
|
|
|
2014-10-07 02:48:56 +08:00
|
|
|
def resend_invite
|
|
|
|
params.require(:email)
|
2016-06-07 03:36:59 +08:00
|
|
|
RateLimiter.new(current_user, "resend-invite-per-hour", 10, 1.hour).performed!
|
2014-10-07 02:48:56 +08:00
|
|
|
|
|
|
|
invite = Invite.find_by(invited_by_id: current_user.id, email: params[:email])
|
|
|
|
raise Discourse::InvalidParameters.new(:email) if invite.blank?
|
|
|
|
invite.resend_invite
|
|
|
|
render nothing: true
|
2016-06-07 03:36:59 +08:00
|
|
|
|
|
|
|
rescue RateLimiter::LimitExceeded
|
|
|
|
render_json_error(I18n.t("rate_limiter.slow_down"))
|
2014-10-07 02:48:56 +08:00
|
|
|
end
|
|
|
|
|
2016-06-03 03:09:02 +08:00
|
|
|
def resend_all_invites
|
2016-06-07 13:27:08 +08:00
|
|
|
guardian.ensure_can_resend_all_invites!(current_user)
|
2016-06-03 03:09:02 +08:00
|
|
|
|
|
|
|
Invite.resend_all_invites_from(current_user.id)
|
|
|
|
render nothing: true
|
|
|
|
end
|
|
|
|
|
2016-12-05 00:06:35 +08:00
|
|
|
def upload_csv
|
2014-05-28 04:14:37 +08:00
|
|
|
guardian.ensure_can_bulk_invite_to_forum!(current_user)
|
|
|
|
|
2016-12-05 00:06:35 +08:00
|
|
|
file = params[:file] || params[:files].first
|
|
|
|
name = params[:name] || File.basename(file.original_filename, ".*")
|
|
|
|
extension = File.extname(file.original_filename)
|
|
|
|
|
|
|
|
Scheduler::Defer.later("Upload CSV") do
|
|
|
|
begin
|
|
|
|
data = if extension == ".csv"
|
|
|
|
path = Invite.create_csv(file, name)
|
|
|
|
Jobs.enqueue(:bulk_invite, filename: "#{name}.csv", current_user_id: current_user.id)
|
|
|
|
{url: path}
|
|
|
|
else
|
|
|
|
failed_json.merge(errors: [I18n.t("bulk_invite.file_should_be_csv")])
|
|
|
|
end
|
|
|
|
rescue
|
|
|
|
failed_json.merge(errors: [I18n.t("bulk_invite.error")])
|
|
|
|
end
|
|
|
|
MessageBus.publish("/uploads/csv", data.as_json, user_ids: [current_user.id])
|
2014-05-28 04:14:37 +08:00
|
|
|
end
|
|
|
|
|
2016-12-05 00:06:35 +08:00
|
|
|
render json: success_json
|
2014-05-28 04:14:37 +08:00
|
|
|
end
|
|
|
|
|
2014-07-14 23:56:26 +08:00
|
|
|
def fetch_username
|
|
|
|
params.require(:username)
|
|
|
|
params[:username]
|
|
|
|
end
|
|
|
|
|
|
|
|
def fetch_email
|
|
|
|
params.require(:email)
|
|
|
|
params[:email]
|
|
|
|
end
|
|
|
|
|
2014-07-15 03:42:14 +08:00
|
|
|
def ensure_new_registrations_allowed
|
|
|
|
unless SiteSetting.allow_new_registrations
|
|
|
|
flash[:error] = I18n.t('login.new_registrations_disabled')
|
2015-01-16 04:56:53 +08:00
|
|
|
render layout: 'no_ember'
|
2014-07-15 03:42:14 +08:00
|
|
|
false
|
|
|
|
end
|
|
|
|
end
|
2016-02-23 21:33:12 +08:00
|
|
|
|
|
|
|
def ensure_not_logged_in
|
|
|
|
if current_user
|
|
|
|
flash[:error] = I18n.t("login.already_logged_in", current_user: current_user.username)
|
|
|
|
render layout: 'no_ember'
|
|
|
|
false
|
|
|
|
end
|
|
|
|
end
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|