discourse/app/controllers/user_actions_controller.rb

# frozen_string_literal: true

class UserActionsController < ApplicationController

  def index
    params.require(:username)
    params.permit(:filter, :offset, :acting_username)

    per_chunk = 30

    user = fetch_user_from_params(include_inactive: current_user.try(:staff?) || (current_user && SiteSetting.show_inactive_accounts))
    raise Discourse::NotFound unless guardian.can_see_profile?(user)

    action_types = (params[:filter] || "").split(",").map(&:to_i)

    opts = {
      user_id: user.id,
      user: user,
      offset: params[:offset].to_i,
      limit: per_chunk,
      action_types: action_types,
      guardian: guardian,
      ignore_private_messages: params[:filter] ? false : true,
      acting_username: params[:acting_username]
    }

    stream = UserAction.stream(opts).to_a
    if stream.length == 0 && (help_key = params['no_results_help_key'])
      if user.id == guardian.user.try(:id)
        help_key += ".self"
      else
        help_key += ".others"
      end
      render json: {
        user_action: [],
        no_results_help: I18n.t(help_key)
      }
    else
      render_serialized(stream, UserActionSerializer, root: 'user_actions')
    end

  end

  def show
    params.require(:id)
    render_serialized(UserAction.stream_item(params[:id], guardian), UserActionSerializer)
  end

  def private_messages
    # DO NOT REMOVE
    # TODO should preload messages to avoid extra http req
  end

end
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging 2019-05-03 06:17:27 +08:00			`# frozen_string_literal: true`

Initial release of Discourse 2013-02-06 03:16:51 +08:00			`class UserActionsController < ApplicationController`
FEATURE: remove bookmark button in activity feed 2014-05-09 23:49:39 +08:00
Initial release of Discourse 2013-02-06 03:16:51 +08:00			`def index`
introduce strong_parameters 2013-05-27 09:02:58 +08:00			`params.require(:username)`
FEATURE: Consolidate likes notifications. (#6879) 2019-01-16 10:40:16 +08:00			`params.permit(:filter, :offset, :acting_username)`
introduce strong_parameters 2013-05-27 09:02:58 +08:00
PERF: limit number of user actions retrieved to a saner page size 2015-12-09 13:23:15 +08:00			`per_chunk = 30`
the private message stream is different to normal streams, improving the ui a bit and collapsing conversations 2013-05-20 14:44:06 +08:00
FEATURE: new site setting show_inactive_accounts 2017-12-07 14:23:27 +08:00			`user = fetch_user_from_params(include_inactive: current_user.try(:staff?) \|\| (current_user && SiteSetting.show_inactive_accounts))`
FEATURE: Option to disable user presence and profile This allows users who are privacy conscious to disable the presence features of the forum as well as their public profile. 2018-10-11 01:00:08 +08:00			`raise Discourse::NotFound unless guardian.can_see_profile?(user)`

FIX: Remove mentions filters from user and groups Additionally return no data if disabled 2017-12-08 05:16:53 +08:00			`action_types = (params[:filter] \|\| "").split(",").map(&:to_i)`
Refactor + Fix: Wasn't correctly loading activity streams. Code is a lot more Ember-y now. 2013-05-22 23:20:16 +08:00
FEATURE: Consolidate likes notifications. (#6879) 2019-01-16 10:40:16 +08:00			`opts = {`
			`user_id: user.id,`
			`user: user,`
			`offset: params[:offset].to_i,`
			`limit: per_chunk,`
			`action_types: action_types,`
			`guardian: guardian,`
			`ignore_private_messages: params[:filter] ? false : true,`
			`acting_username: params[:acting_username]`
			`}`
Users can see their pending posts 2015-04-22 02:36:46 +08:00
FEATURE: New 'Reviewable' model to make reviewable items generic Includes support for flags, reviewable users and queued posts, with REST API backwards compatibility. Co-Authored-By: romanrizzi <romanalejandro@gmail.com> Co-Authored-By: jjaffeux <j.jaffeux@gmail.com> 2019-01-04 01:03:01 +08:00			`stream = UserAction.stream(opts).to_a`
FEATURE: add help text for no bookmarks in user page 2016-11-29 14:55:39 +08:00			`if stream.length == 0 && (help_key = params['no_results_help_key'])`
			`if user.id == guardian.user.try(:id)`
			`help_key += ".self"`
			`else`
got to be careful with integrity specs 2016-11-29 15:01:09 +08:00			`help_key += ".others"`
FEATURE: add help text for no bookmarks in user page 2016-11-29 14:55:39 +08:00			`end`
			`render json: {`
			`user_action: [],`
			`no_results_help: I18n.t(help_key)`
			`}`
			`else`
			`render_serialized(stream, UserActionSerializer, root: 'user_actions')`
			`end`

Initial release of Discourse 2013-02-06 03:16:51 +08:00			`end`

			`def show`
introduce strong_parameters 2013-05-27 09:02:58 +08:00			`params.require(:id)`
SECURITY: User action route was returning too much data 2014-08-30 01:46:50 +08:00			`render_serialized(UserAction.stream_item(params[:id], guardian), UserActionSerializer)`
Initial release of Discourse 2013-02-06 03:16:51 +08:00			`end`

BUGFIX: 404 on /users/:user/private-messages 2014-05-12 18:02:32 +08:00			`def private_messages`
			`# DO NOT REMOVE`
FEATURE: split up group PMS on user page 2015-12-10 08:39:33 +08:00			`# TODO should preload messages to avoid extra http req`
BUGFIX: 404 on /users/:user/private-messages 2014-05-12 18:02:32 +08:00			`end`

Initial release of Discourse 2013-02-06 03:16:51 +08:00			`end`