github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 00:51:03 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
520d4f504b
discourse/app/models/group.rb
Martin Brennan 520d4f504b
FEATURE: Auto-remove users without permission from channel (#20344) 
There are many situations that may cause users to lose permission to
send messages in a chat channel. Until now we have relied on security
checks in `Chat::ChatChannelFetcher` to remove channels which the
user may have a `UserChatChannelMembership` record for but which
they do not have access to.

This commit takes a more proactive approach. Now any of these following
`DiscourseEvent` triggers may cause `UserChatChannelMembership`
records to be deleted:

* `category_updated` - Permissions of the category changed
   (i.e. CategoryGroup records changed)
* `user_removed_from_group` - Means the user may not be able to access the
   channel based on `GroupUser` or also `chat_allowed_groups`
* `site_setting_changed` - The `chat_allowed_groups` was updated, some
   users may no longer be in groups that can access chat.
* `group_destroyed` - Means the user may not be able to access the
   channel based on `GroupUser` or also `chat_allowed_groups`

All of these are handled in a distinct service run in a background
job. Users removed are logged via `StaffActionLog` and then we
publish messages on a per-channel basis to users who had their
memberships deleted.

When the user has a channel they are kicked from open, we show
a dialog saying "You no longer have access to this channel".

When they click OK we redirect them either:

* To their first other public channel, if they have any followed
* The chat browse page if they don't

This is to save on tons of requests from kicked out users getting messages
from other channels.

When the user does not have the kicked channel open, we can just
silently yoink it out of their sidebar and turn off subscriptions.
2023-03-22 10:19:59 +10:00

1280 lines
37 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require "net/imap"
class Group < ActiveRecord::Base
# TODO(2021-05-26): remove
self.ignored_columns = %w[flair_url]
include HasCustomFields
include AnonCacheInvalidator
include HasDestroyedWebHook
include GlobalPath
cattr_accessor :preloaded_custom_field_names
self.preloaded_custom_field_names = Set.new
has_many :category_groups, dependent: :destroy
has_many :group_users, dependent: :destroy
has_many :group_requests, dependent: :destroy
has_many :group_mentions, dependent: :destroy
has_many :group_associated_groups, dependent: :destroy
has_many :group_archived_messages, dependent: :destroy
has_many :categories, through: :category_groups
has_many :users, through: :group_users
has_many :requesters, through: :group_requests, source: :user
has_many :group_histories, dependent: :destroy
has_many :category_reviews,
class_name: "Category",
foreign_key: :reviewable_by_group_id,
dependent: :nullify
has_many :reviewables, foreign_key: :reviewable_by_group_id, dependent: :nullify
has_many :group_category_notification_defaults, dependent: :destroy
has_many :group_tag_notification_defaults, dependent: :destroy
has_many :associated_groups, through: :group_associated_groups, dependent: :destroy
belongs_to :flair_upload, class_name: "Upload"
has_many :upload_references, as: :target, dependent: :destroy
belongs_to :smtp_updated_by, class_name: "User"
belongs_to :imap_updated_by, class_name: "User"
has_and_belongs_to_many :web_hooks
before_save :downcase_incoming_email
before_save :cook_bio
after_save :destroy_deletions
after_save :update_primary_group
after_save :update_title
after_save :enqueue_update_mentions_job,
if: Proc.new { |g| g.name_before_last_save && g.saved_change_to_name? }
after_save do
if saved_change_to_flair_upload_id?
UploadReference.ensure_exist!(upload_ids: [self.flair_upload_id], target: self)
end
end
after_save :expire_cache
after_destroy :expire_cache
after_commit :automatic_group_membership, on: %i[create update]
after_commit :trigger_group_created_event, on: :create
after_commit :trigger_group_updated_event, on: :update
before_destroy :cache_group_users_for_destroyed_event, prepend: true
after_commit :trigger_group_destroyed_event, on: :destroy
after_commit :set_default_notifications, on: %i[create update]
def expire_cache
ApplicationSerializer.expire_cache_fragment!("group_names")
SvgSprite.expire_cache
expire_imap_mailbox_cache
end
def expire_imap_mailbox_cache
Discourse.cache.delete("group_imap_mailboxes_#{self.id}")
end
def remove_review_groups
Category.where(review_group_id: self.id).update_all(review_group_id: nil)
end
validate :name_format_validator
validates :name, presence: true
validate :automatic_membership_email_domains_format_validator
validate :incoming_email_validator
validate :can_allow_membership_requests, if: :allow_membership_requests
validate :validate_grant_trust_level, if: :will_save_change_to_grant_trust_level?
AUTO_GROUPS = {
everyone: 0,
admins: 1,
moderators: 2,
staff: 3,
trust_level_0: 10,
trust_level_1: 11,
trust_level_2: 12,
trust_level_3: 13,
trust_level_4: 14,
}
AUTO_GROUP_IDS = Hash[*AUTO_GROUPS.to_a.flatten.reverse]
STAFF_GROUPS = %i[admins moderators staff]
AUTO_GROUPS_ADD = "add"
AUTO_GROUPS_REMOVE = "remove"
IMAP_SETTING_ATTRIBUTES = %w[
imap_server
imap_port
imap_ssl
imap_mailbox_name
email_username
email_password
]
SMTP_SETTING_ATTRIBUTES = %w[
imap_server
imap_port
imap_ssl
email_username
email_password
email_from_alias
]
ALIAS_LEVELS = {
nobody: 0,
only_admins: 1,
mods_and_admins: 2,
members_mods_and_admins: 3,
owners_mods_and_admins: 4,
everyone: 99,
}
VALID_DOMAIN_REGEX = /\A[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,24}(:[0-9]{1,5})?(\/.*)?\Z/i
def self.visibility_levels
@visibility_levels = Enum.new(public: 0, logged_on_users: 1, members: 2, staff: 3, owners: 4)
end
validates :mentionable_level, inclusion: { in: ALIAS_LEVELS.values }
validates :messageable_level, inclusion: { in: ALIAS_LEVELS.values }
scope :with_imap_configured, -> { where(imap_enabled: true).where.not(imap_mailbox_name: "") }
scope :with_smtp_configured, -> { where(smtp_enabled: true) }
scope :visible_groups,
Proc.new { |user, order, opts|
groups = self
groups = groups.order(order) if order
groups = groups.order("groups.name ASC") unless order&.include?("name")
groups = groups.where("groups.id > 0") if !opts || !opts[:include_everyone]
if !user&.admin
is_staff = !!user&.staff?
if user.blank?
sql = "groups.visibility_level = :public"
elsif is_staff
sql = "groups.visibility_level IN (:public, :logged_on_users, :members, :staff)"
else
sql = <<~SQL
groups.id IN (
SELECT id
FROM groups
WHERE visibility_level IN (:public, :logged_on_users)
UNION ALL
SELECT g.id
FROM groups g
JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id
WHERE g.visibility_level = :members
UNION ALL
SELECT g.id
FROM groups g
JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.visibility_level IN (:staff, :owners)
)
SQL
end
params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: is_staff)
groups = groups.where(sql, params)
end
groups
}
scope :members_visible_groups,
Proc.new { |user, order, opts|
groups = self.order(order || "name ASC")
groups = groups.where("groups.id > 0") if !opts || !opts[:include_everyone]
if !user&.admin
is_staff = !!user&.staff?
if user.blank?
sql = "groups.members_visibility_level = :public"
elsif is_staff
sql =
"groups.members_visibility_level IN (:public, :logged_on_users, :members, :staff)"
else
sql = <<~SQL
groups.id IN (
SELECT id
FROM groups
WHERE members_visibility_level IN (:public, :logged_on_users)
UNION ALL
SELECT g.id
FROM groups g
JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id
WHERE g.members_visibility_level = :members
UNION ALL
SELECT g.id
FROM groups g
JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.members_visibility_level IN (:staff, :owners)
)
SQL
end
params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: is_staff)
groups = groups.where(sql, params)
end
groups
}
scope :mentionable,
lambda { |user, include_public: true|
where(
self.mentionable_sql_clause(include_public: include_public),
levels: alias_levels(user),
user_id: user&.id,
)
}
scope :messageable,
lambda { |user|
where(
"messageable_level in (:levels) OR
(
messageable_level = #{ALIAS_LEVELS[:members_mods_and_admins]} AND id in (
SELECT group_id FROM group_users WHERE user_id = :user_id)
) OR (
messageable_level = #{ALIAS_LEVELS[:owners_mods_and_admins]} AND id in (
SELECT group_id FROM group_users WHERE user_id = :user_id AND owner IS TRUE)
)",
levels: alias_levels(user),
user_id: user && user.id,
)
}
def self.mentionable_sql_clause(include_public: true)
clause = +<<~SQL
mentionable_level in (:levels)
OR (
mentionable_level = #{ALIAS_LEVELS[:members_mods_and_admins]}
AND id in (
SELECT group_id FROM group_users WHERE user_id = :user_id)
) OR (
mentionable_level = #{ALIAS_LEVELS[:owners_mods_and_admins]}
AND id in (
SELECT group_id FROM group_users WHERE user_id = :user_id AND owner IS TRUE)
)
SQL
clause << "OR visibility_level = #{Group.visibility_levels[:public]}" if include_public
clause
end
def self.alias_levels(user)
if user&.admin?
[
ALIAS_LEVELS[:everyone],
ALIAS_LEVELS[:only_admins],
ALIAS_LEVELS[:mods_and_admins],
ALIAS_LEVELS[:members_mods_and_admins],
ALIAS_LEVELS[:owners_mods_and_admins],
]
elsif user&.moderator?
[
ALIAS_LEVELS[:everyone],
ALIAS_LEVELS[:mods_and_admins],
ALIAS_LEVELS[:members_mods_and_admins],
ALIAS_LEVELS[:owners_mods_and_admins],
]
else
[ALIAS_LEVELS[:everyone]]
end
end
def smtp_from_address
self.email_from_alias.present? ? self.email_from_alias : self.email_username
end
def downcase_incoming_email
self.incoming_email = (incoming_email || "").strip.downcase.presence
end
def cook_bio
if self.bio_raw.present?
self.bio_cooked = PrettyText.cook(self.bio_raw)
else
self.bio_cooked = nil
end
end
def record_email_setting_changes!(user)
if (self.previous_changes.keys & IMAP_SETTING_ATTRIBUTES).any?
self.imap_updated_at = Time.zone.now
self.imap_updated_by_id = user.id
end
if (self.previous_changes.keys & SMTP_SETTING_ATTRIBUTES).any?
self.smtp_updated_at = Time.zone.now
self.smtp_updated_by_id = user.id
end
self.smtp_enabled = [
self.smtp_port,
self.smtp_server,
self.email_password,
self.email_username,
].all?(&:present?)
self.imap_enabled = [
self.imap_port,
self.imap_server,
self.email_password,
self.email_username,
].all?(&:present?)
self.save
end
def incoming_email_validator
return if self.automatic || self.incoming_email.blank?
incoming_email
.split("|")
.each do |email|
escaped = Rack::Utils.escape_html(email)
if !Email.is_valid?(email)
self.errors.add(:base, I18n.t("groups.errors.invalid_incoming_email", email: escaped))
elsif group = Group.where.not(id: self.id).find_by_email(email)
self.errors.add(
:base,
I18n.t(
"groups.errors.email_already_used_in_group",
email: escaped,
group_name: Rack::Utils.escape_html(group.name),
),
)
elsif category = Category.find_by_email(email)
self.errors.add(
:base,
I18n.t(
"groups.errors.email_already_used_in_category",
email: escaped,
category_name: Rack::Utils.escape_html(category.name),
),
)
end
end
end
def posts_for(guardian, opts = nil)
opts ||= {}
result =
Post
.joins(:topic, user: :groups, topic: :category)
.preload(:topic, user: :groups, topic: :category)
.references(:posts, :topics, :category)
.where(groups: { id: id })
.where("topics.archetype <> ?", Archetype.private_message)
.where("topics.visible")
.where(post_type: [Post.types[:regular], Post.types[:moderator_action]])
if opts[:category_id].present?
result = result.where("topics.category_id = ?", opts[:category_id].to_i)
end
result = guardian.filter_allowed_categories(result)
result = result.where("posts.id < ?", opts[:before_post_id].to_i) if opts[:before_post_id]
result.order("posts.created_at desc")
end
def messages_for(guardian, opts = nil)
opts ||= {}
result =
Post
.includes(:user, :topic, topic: :category)
.references(:posts, :topics, :category)
.where("topics.archetype = ?", Archetype.private_message)
.where(post_type: Post.types[:regular])
.where(
"topics.id IN (SELECT topic_id FROM topic_allowed_groups WHERE group_id = ?)",
self.id,
)
if opts[:category_id].present?
result = result.where("topics.category_id = ?", opts[:category_id].to_i)
end
result = guardian.filter_allowed_categories(result)
result = result.where("posts.id < ?", opts[:before_post_id].to_i) if opts[:before_post_id]
result.order("posts.created_at desc")
end
def mentioned_posts_for(guardian, opts = nil)
opts ||= {}
result =
Post
.joins(:group_mentions)
.includes(:user, :topic, topic: :category)
.references(:posts, :topics, :category)
.where("topics.archetype <> ?", Archetype.private_message)
.where(post_type: Post.types[:regular])
.where("group_mentions.group_id = ?", self.id)
if opts[:category_id].present?
result = result.where("topics.category_id = ?", opts[:category_id].to_i)
end
result = guardian.filter_allowed_categories(result)
result = result.where("posts.id < ?", opts[:before_post_id].to_i) if opts[:before_post_id]
result.order("posts.created_at desc")
end
def self.trust_group_ids
(10..19).to_a
end
def set_message_default_notification_levels!(topic, ignore_existing: false)
group_users
.pluck(:user_id, :notification_level)
.each do |user_id, notification_level|
next if user_id == -1
next if user_id == topic.user_id
next if ignore_existing && TopicUser.where(user_id: user_id, topic_id: topic.id).exists?
action =
case notification_level
when TopicUser.notification_levels[:tracking]
"track!"
when TopicUser.notification_levels[:regular]
"regular!"
when TopicUser.notification_levels[:muted]
"mute!"
when TopicUser.notification_levels[:watching]
"watch!"
else
"track!"
end
topic.notifier.public_send(action, user_id)
end
end
def self.set_category_and_tag_default_notification_levels!(user, group_name)
if group = lookup_group(group_name)
GroupUser.set_category_notifications(group, user)
GroupUser.set_tag_notifications(group, user)
end
end
def self.refresh_automatic_group!(name)
return unless id = AUTO_GROUPS[name]
unless group = self.lookup_group(name)
group = Group.new(name: name.to_s, automatic: true)
if AUTO_GROUPS[:moderators] == id
group.default_notification_level = 2
group.messageable_level = ALIAS_LEVELS[:everyone]
end
group.id = id
group.save!
end
# don't allow shoddy localization to break this
localized_name = I18n.t("groups.default_names.#{name}", locale: SiteSetting.default_locale)
validator = UsernameValidator.new(localized_name)
group.name = localized_name if validator.valid_format? && !User.username_exists?(localized_name)
# the everyone group is special, it can include non-users so there is no
# way to have the membership in a table
case name
when :everyone
group.visibility_level = Group.visibility_levels[:staff]
group.save!
return group
when :moderators
group.update!(messageable_level: ALIAS_LEVELS[:everyone])
end
if group.visibility_level == Group.visibility_levels[:public]
group.update!(visibility_level: Group.visibility_levels[:logged_on_users])
end
# Remove people from groups they don't belong in.
remove_subquery =
case name
when :admins
"SELECT id FROM users WHERE id <= 0 OR NOT admin OR staged"
when :moderators
"SELECT id FROM users WHERE id <= 0 OR NOT moderator OR staged"
when :staff
"SELECT id FROM users WHERE id <= 0 OR (NOT admin AND NOT moderator) OR staged"
when :trust_level_0, :trust_level_1, :trust_level_2, :trust_level_3, :trust_level_4
"SELECT id FROM users WHERE id <= 0 OR trust_level < #{id - 10} OR staged"
end
removed_user_ids = DB.query_single <<-SQL
DELETE FROM group_users
USING (#{remove_subquery}) X
WHERE group_id = #{group.id}
AND user_id = X.id
RETURNING group_users.user_id
SQL
if removed_user_ids.present?
Jobs.enqueue(
:publish_group_membership_updates,
user_ids: removed_user_ids,
group_id: group.id,
type: AUTO_GROUPS_REMOVE,
)
end
# Add people to groups
insert_subquery =
case name
when :admins
"SELECT id FROM users WHERE id > 0 AND admin AND NOT staged"
when :moderators
"SELECT id FROM users WHERE id > 0 AND moderator AND NOT staged"
when :staff
"SELECT id FROM users WHERE id > 0 AND (moderator OR admin) AND NOT staged"
when :trust_level_1, :trust_level_2, :trust_level_3, :trust_level_4
"SELECT id FROM users WHERE id > 0 AND trust_level >= #{id - 10} AND NOT staged"
when :trust_level_0
"SELECT id FROM users WHERE id > 0 AND NOT staged"
end
added_user_ids = DB.query_single <<-SQL
INSERT INTO group_users (group_id, user_id, created_at, updated_at)
SELECT #{group.id}, X.id, now(), now()
FROM group_users
RIGHT JOIN (#{insert_subquery}) X ON X.id = user_id AND group_id = #{group.id}
WHERE user_id IS NULL
RETURNING group_users.user_id
SQL
group.save!
if added_user_ids.present?
Jobs.enqueue(
:publish_group_membership_updates,
user_ids: added_user_ids,
group_id: group.id,
type: AUTO_GROUPS_ADD,
)
end
# we want to ensure consistency
Group.reset_user_count(group)
group
end
def self.ensure_consistency!
reset_all_counters!
refresh_automatic_groups!
refresh_has_messages!
end
def self.reset_user_count(group)
reset_groups_user_count!(only_group_ids: [group.id])
end
def self.reset_all_counters!
reset_groups_user_count!
end
def self.reset_groups_user_count!(only_group_ids: [])
where_sql = ""
if only_group_ids.present?
where_sql = "WHERE group_id IN (#{only_group_ids.map(&:to_i).join(",")})"
end
DB.exec <<-SQL
WITH X AS (
SELECT
group_id,
COUNT(user_id) users
FROM group_users
#{where_sql}
GROUP BY group_id
)
UPDATE groups
SET user_count = X.users
FROM X
WHERE id = X.group_id
AND user_count <> X.users
SQL
end
private_class_method :reset_groups_user_count!
def self.refresh_automatic_groups!(*args)
args = AUTO_GROUPS.keys if args.empty?
args.each { |group| refresh_automatic_group!(group) }
end
def self.refresh_has_messages!
DB.exec <<-SQL
UPDATE groups g SET has_messages = false
WHERE NOT EXISTS (SELECT tg.id
FROM topic_allowed_groups tg
INNER JOIN topics t ON t.id = tg.topic_id
WHERE tg.group_id = g.id
AND t.deleted_at IS NULL)
AND g.has_messages = true
SQL
end
def self.ensure_automatic_groups!
AUTO_GROUPS.each_key { |name| refresh_automatic_group!(name) unless lookup_group(name) }
end
def self.[](name)
lookup_group(name) || refresh_automatic_group!(name)
end
def self.search_groups(name, groups: nil, custom_scope: {}, sort: :none)
groups ||= Group
relation =
groups.where("name ILIKE :term_like OR full_name ILIKE :term_like", term_like: "%#{name}%")
if sort == :auto
prefix = "#{name.gsub("_", "\\_")}%"
relation =
relation.reorder(
DB.sql_fragment(
"CASE WHEN name ILIKE :like OR full_name ILIKE :like THEN 0 ELSE 1 END ASC, name ASC",
like: prefix,
),
)
end
relation
end
def self.lookup_group(name)
if id = AUTO_GROUPS[name]
Group.find_by(id: id)
else
unless group = Group.find_by(name: name)
raise ArgumentError, "unknown group"
end
group
end
end
def self.lookup_groups(group_ids: [], group_names: [])
if group_ids.present?
group_ids = group_ids.split(",") if group_ids.is_a?(String)
group_ids.map!(&:to_i)
groups = Group.where(id: group_ids) if group_ids.present?
end
if group_names.present?
group_names = group_names.split(",")
groups = (groups || Group).where(name: group_names) if group_names.present?
end
groups || []
end
def self.desired_trust_level_groups(trust_level)
trust_group_ids.keep_if { |id| id == AUTO_GROUPS[:trust_level_0] || (trust_level + 10) >= id }
end
def self.user_trust_level_change!(user_id, trust_level)
desired = desired_trust_level_groups(trust_level)
undesired = trust_group_ids - desired
GroupUser.where(group_id: undesired, user_id: user_id).delete_all
desired.each do |id|
if group = find_by(id: id)
unless GroupUser.where(group_id: id, user_id: user_id).exists?
group_user = group.group_users.create!(user_id: user_id)
group.trigger_user_added_event(group_user.user, true)
end
else
name = AUTO_GROUP_IDS[trust_level]
refresh_automatic_group!(name)
end
end
end
# given something that might be a group name, id, or record, return the group id
def self.group_id_from_param(group_param)
return group_param.id if group_param.is_a?(Group)
return group_param if group_param.is_a?(Integer)
# subtle, using Group[] ensures the group exists in the DB
Group[group_param.to_sym].id
end
def self.builtin
Enum.new(:moderators, :admins, :trust_level_1, :trust_level_2)
end
def usernames=(val)
current = usernames.split(",")
expected = val.split(",")
additions = expected - current
deletions = current - expected
map =
Hash[
*User
.where(username: additions + deletions)
.select("id,username")
.map { |u| [u.username, u.id] }
.flatten
]
deletions = Set.new(deletions.map { |d| map[d] })
@deletions = []
group_users.each { |gu| @deletions << gu if deletions.include?(gu.user_id) }
additions.each { |a| group_users.build(user_id: map[a]) }
end
def usernames
users.pluck(:username).join(",")
end
PUBLISH_CATEGORIES_LIMIT = 10
def add(user, notify: false, automatic: false)
return self if self.users.include?(user)
self.users.push(user)
if notify
Notification.create!(
notification_type: Notification.types[:membership_request_accepted],
user_id: user.id,
data: { group_id: id, group_name: name }.to_json,
)
end
if self.categories.count < PUBLISH_CATEGORIES_LIMIT
MessageBus.publish(
"/categories",
{ categories: ActiveModel::ArraySerializer.new(self.categories).as_json },
user_ids: [user.id],
)
else
Discourse.request_refresh!(user_ids: [user.id])
end
trigger_user_added_event(user, automatic)
self
end
def remove(user)
group_user = self.group_users.find_by(user: user)
return false if group_user.blank?
has_webhooks = WebHook.active_web_hooks(:group_user)
payload =
WebHook.generate_payload(:group_user, group_user, WebHookGroupUserSerializer) if has_webhooks
group_user.destroy
trigger_user_removed_event(user)
if has_webhooks
WebHook.enqueue_hooks(
:group_user,
:user_removed_from_group,
id: group_user.id,
payload: payload,
)
end
true
end
def trigger_user_added_event(user, automatic)
DiscourseEvent.trigger(:user_added_to_group, user, self, automatic: automatic)
end
def trigger_user_removed_event(user)
DiscourseEvent.trigger(:user_removed_from_group, user, self)
end
def add_owner(user)
if group_user = self.group_users.find_by(user: user)
group_user.update!(owner: true) if !group_user.owner
else
self.group_users.create!(user: user, owner: true)
end
end
def self.find_by_email(email)
self.where(
"email_username = :email OR
string_to_array(incoming_email, '|') @> ARRAY[:email] OR
email_from_alias = :email",
email: Email.downcase(email),
).first
end
def bulk_add(user_ids)
return unless user_ids.present?
Group.transaction do
sql = <<~SQL
INSERT INTO group_users
(group_id, user_id, created_at, updated_at)
SELECT
#{self.id},
u.id,
CURRENT_TIMESTAMP,
CURRENT_TIMESTAMP
FROM users AS u
WHERE u.id IN (:user_ids)
AND NOT EXISTS (
SELECT 1 FROM group_users AS gu
WHERE gu.user_id = u.id AND
gu.group_id = :group_id
)
SQL
DB.exec(sql, group_id: self.id, user_ids: user_ids)
user_attributes = {}
user_attributes[:primary_group_id] = self.id if self.primary_group?
user_attributes[:title] = self.title if self.title.present?
User.where(id: user_ids).update_all(user_attributes) if user_attributes.present?
# update group user count
DB.exec <<~SQL
UPDATE groups g
SET user_count =
(SELECT COUNT(gu.user_id)
FROM group_users gu
WHERE gu.group_id = g.id)
WHERE g.id = #{self.id};
SQL
end
if self.grant_trust_level.present?
Jobs.enqueue(:bulk_grant_trust_level, user_ids: user_ids, trust_level: self.grant_trust_level)
end
self
end
def add_automatically(user, subject: nil)
if users.exclude?(user) && add(user)
logger = GroupActionLogger.new(Discourse.system_user, self)
logger.log_add_user_to_group(user, subject)
end
end
def remove_automatically(user, subject: nil)
if users.include?(user) && remove(user)
logger = GroupActionLogger.new(Discourse.system_user, self)
logger.log_remove_user_from_group(user, subject)
end
end
def staff?
STAFF_GROUPS.include?(self.name.to_sym)
end
def self.member_of(groups, user)
groups.joins("LEFT JOIN group_users gu ON gu.group_id = groups.id ").where(
"gu.user_id = ?",
user.id,
)
end
def self.owner_of(groups, user)
self.member_of(groups, user).where("gu.owner")
end
def cache_group_users_for_destroyed_event
@cached_group_user_ids = group_users.pluck(:user_id)
end
%i[group_created group_updated].each do |event|
define_method("trigger_#{event}_event") do
DiscourseEvent.trigger(event, self)
true
end
end
def trigger_group_destroyed_event
DiscourseEvent.trigger(:group_destroyed, self, @cached_group_user_ids)
true
end
def flair_type
return :icon if flair_icon.present?
return :image if flair_upload.present?
end
def flair_url
return flair_icon if flair_type == :icon
return upload_cdn_path(flair_upload.url) if flair_type == :image
nil
end
%i[muted regular tracking watching watching_first_post].each do |level|
define_method("#{level}_category_ids=") do |category_ids|
@category_notifications ||= {}
@category_notifications[level] = category_ids
end
define_method("#{level}_tags=") do |tag_names|
@tag_notifications ||= {}
@tag_notifications[level] = tag_names
end
end
def set_default_notifications
if @category_notifications
@category_notifications.each do |level, category_ids|
GroupCategoryNotificationDefault.batch_set(self, level, category_ids)
end
end
if @tag_notifications
@tag_notifications.each do |level, tag_names|
GroupTagNotificationDefault.batch_set(self, level, tag_names)
end
end
end
def imap_mailboxes
return [] if !self.imap_enabled || !SiteSetting.enable_imap
Discourse
.cache
.fetch("group_imap_mailboxes_#{self.id}", expires_in: 30.minutes) do
Rails.logger.info("[IMAP] Refreshing mailboxes list for group #{self.name}")
mailboxes = []
begin
imap_provider = Imap::Providers::Detector.init_with_detected_provider(self.imap_config)
imap_provider.connect!
mailboxes = imap_provider.filter_mailboxes(imap_provider.list_mailboxes_with_attributes)
imap_provider.disconnect!
update_columns(imap_last_error: nil)
rescue => ex
Rails.logger.warn(
"[IMAP] Mailbox refresh failed for group #{self.name} with error: #{ex}",
)
update_columns(imap_last_error: ex.message)
end
mailboxes
end
end
def imap_config
{
server: self.imap_server,
port: self.imap_port,
ssl: self.imap_ssl,
username: self.email_username,
password: self.email_password,
}
end
def email_username_domain
email_username.split("@").last
end
def email_username_user
email_username.split("@").first
end
def email_username_regex
user = email_username_user
domain = email_username_domain
if user.present? && domain.present?
/\A#{Regexp.escape(user)}(\+[^@]*)?@#{Regexp.escape(domain)}\z/i
end
end
def notify_added_to_group(user, owner: false)
SystemMessage.create_from_system_user(
user,
owner ? :user_added_to_group_as_owner : :user_added_to_group_as_member,
group_name: name_full_preferred,
group_path: "/g/#{self.name}",
)
end
def name_full_preferred
self.full_name.presence || self.name
end
def message_count
return 0 unless self.has_messages
TopicAllowedGroup.where(group_id: self.id).joins(:topic).count
end
def full_url
"#{Discourse.base_url}/g/#{UrlHelper.encode_component(self.name)}"
end
protected
def name_format_validator
return if !name_changed?
# avoid strip! here, it works now
# but may not continue to work long term, especially
# once we start returning frozen strings
if self.name != (stripped = self.name.unicode_normalize.strip)
self.name = stripped
end
UsernameValidator.perform_validation(self, "name") ||
begin
normalized_name = User.normalize_username(self.name)
if self.will_save_change_to_name? &&
User.normalize_username(self.name_was) != normalized_name &&
User.username_exists?(self.name)
errors.add(:name, I18n.t("activerecord.errors.messages.taken"))
end
end
end
def automatic_membership_email_domains_format_validator
return if self.automatic_membership_email_domains.blank?
domains =
Group.get_valid_email_domains(self.automatic_membership_email_domains) do |domain|
self.errors.add :base, (I18n.t("groups.errors.invalid_domain", domain: domain))
end
self.automatic_membership_email_domains = domains.join("|")
end
# hack around AR
def destroy_deletions
if @deletions
@deletions.each do |gu|
gu.destroy
User.where(
"id = ? AND primary_group_id = ?",
gu.user_id,
gu.group_id,
).update_all "primary_group_id = NULL"
end
end
@deletions = nil
end
def automatic_group_membership
if self.automatic_membership_email_domains.present?
Jobs.enqueue(:automatic_group_membership, group_id: self.id)
end
end
def update_title
return if new_record? && !self.title.present?
if self.saved_change_to_title?
sql = <<~SQL
UPDATE users
SET title = :title
WHERE (title = :title_was OR title = '' OR title IS NULL)
AND COALESCE(title,'') <> COALESCE(:title,'')
AND id IN (SELECT user_id FROM group_users WHERE group_id = :id)
SQL
DB.exec(sql, title: title, title_was: title_before_last_save, id: id)
end
end
def update_primary_group
return if new_record? && !self.primary_group?
if self.saved_change_to_primary_group?
sql = <<~SQL
UPDATE users
/*set*/
/*where*/
SQL
%i[primary_group_id flair_group_id].each do |column|
builder = DB.build(sql)
builder.where(<<~SQL, id: id)
id IN (
SELECT user_id
FROM group_users
WHERE group_id = :id
)
SQL
if primary_group
builder.set("#{column} = :id")
builder.where("#{column} IS NULL") if column == :flair_group_id
else
builder.set("#{column} = NULL")
builder.where("#{column} = :id")
end
builder.exec
end
end
end
def self.automatic_membership_users(domains, group_id = nil)
pattern = "@(#{domains.gsub(".", '\.')})$"
users =
User
.joins(:user_emails)
.where("user_emails.email ~* ?", pattern)
.activated
.where(staged: false)
users =
users.where(
"users.id NOT IN (SELECT user_id FROM group_users WHERE group_users.group_id = ?)",
group_id,
) if group_id.present?
users
end
def self.get_valid_email_domains(value)
valid_domains = []
value
.split("|")
.each do |domain|
domain.sub!(%r{\Ahttps?://}, "")
domain.sub!(%r{/.*\z}, "")
if domain =~ Group::VALID_DOMAIN_REGEX
valid_domains << domain
else
yield domain if block_given?
end
end
valid_domains
end
private
def validate_grant_trust_level
unless TrustLevel.valid?(self.grant_trust_level)
self.errors.add(
:base,
I18n.t("groups.errors.grant_trust_level_not_valid", trust_level: self.grant_trust_level),
)
end
end
def can_allow_membership_requests
valid = true
valid =
if self.persisted?
self.group_users.where(owner: true).exists?
else
self.group_users.any?(&:owner)
end
self.errors.add(:base, I18n.t("groups.errors.cant_allow_membership_requests")) if !valid
end
def enqueue_update_mentions_job
Jobs.enqueue(
:update_group_mentions,
previous_name: self.name_before_last_save,
group_id: self.id,
)
end
end
# == Schema Information
#
# Table name: groups
#
# id :integer not null, primary key
# name :string not null
# created_at :datetime not null
# updated_at :datetime not null
# automatic :boolean default(FALSE), not null
# user_count :integer default(0), not null
# automatic_membership_email_domains :text
# primary_group :boolean default(FALSE), not null
# title :string
# grant_trust_level :integer
# incoming_email :string
# has_messages :boolean default(FALSE), not null
# flair_bg_color :string
# flair_color :string
# bio_raw :text
# bio_cooked :text
# allow_membership_requests :boolean default(FALSE), not null
# full_name :string
# default_notification_level :integer default(3), not null
# visibility_level :integer default(0), not null
# public_exit :boolean default(FALSE), not null
# public_admission :boolean default(FALSE), not null
# membership_request_template :text
# messageable_level :integer default(0)
# mentionable_level :integer default(0)
# smtp_server :string
# smtp_port :integer
# smtp_ssl :boolean
# imap_server :string
# imap_port :integer
# imap_ssl :boolean
# imap_mailbox_name :string default(""), not null
# imap_uid_validity :integer default(0), not null
# imap_last_uid :integer default(0), not null
# email_username :string
# email_password :string
# publish_read_state :boolean default(FALSE), not null
# members_visibility_level :integer default(0), not null
# imap_last_error :text
# imap_old_emails :integer
# imap_new_emails :integer
# flair_icon :string
# flair_upload_id :integer
# allow_unknown_sender_topic_replies :boolean default(FALSE), not null
# smtp_enabled :boolean default(FALSE)
# smtp_updated_at :datetime
# smtp_updated_by_id :integer
# imap_enabled :boolean default(FALSE)
# imap_updated_at :datetime
# imap_updated_by_id :integer
# email_from_alias :string
#
# Indexes
#
# index_groups_on_incoming_email (incoming_email) UNIQUE
# index_groups_on_name (name) UNIQUE
#
Reference in New Issue View Git Blame Copy Permalink