Add admin API for managing canonical e-mail blocks (#19067)
This commit is contained in:
parent
b399d79545
commit
c556c3a0d1
|
@ -0,0 +1,99 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Api::V1::Admin::CanonicalEmailBlocksController < Api::BaseController
|
||||
include Authorization
|
||||
include AccountableConcern
|
||||
|
||||
LIMIT = 100
|
||||
|
||||
before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:canonical_email_blocks' }, only: [:index, :show, :test]
|
||||
before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:canonical_email_blocks' }, except: [:index, :show, :test]
|
||||
|
||||
before_action :set_canonical_email_blocks, only: :index
|
||||
before_action :set_canonical_email_blocks_from_test, only: [:test]
|
||||
before_action :set_canonical_email_block, only: [:show, :destroy]
|
||||
|
||||
after_action :verify_authorized
|
||||
after_action :insert_pagination_headers, only: :index
|
||||
|
||||
PAGINATION_PARAMS = %i(limit).freeze
|
||||
|
||||
def index
|
||||
authorize :canonical_email_block, :index?
|
||||
render json: @canonical_email_blocks, each_serializer: REST::Admin::CanonicalEmailBlockSerializer
|
||||
end
|
||||
|
||||
def show
|
||||
authorize @canonical_email_block, :show?
|
||||
render json: @canonical_email_block, serializer: REST::Admin::CanonicalEmailBlockSerializer
|
||||
end
|
||||
|
||||
def test
|
||||
authorize :canonical_email_block, :test?
|
||||
render json: @canonical_email_blocks, each_serializer: REST::Admin::CanonicalEmailBlockSerializer
|
||||
end
|
||||
|
||||
def create
|
||||
authorize :canonical_email_block, :create?
|
||||
|
||||
@canonical_email_block = CanonicalEmailBlock.create!(resource_params)
|
||||
log_action :create, @canonical_email_block
|
||||
|
||||
render json: @canonical_email_block, serializer: REST::Admin::CanonicalEmailBlockSerializer
|
||||
end
|
||||
|
||||
def destroy
|
||||
authorize @canonical_email_block, :destroy?
|
||||
|
||||
@canonical_email_block.destroy!
|
||||
log_action :destroy, @canonical_email_block
|
||||
|
||||
render json: @canonical_email_block, serializer: REST::Admin::CanonicalEmailBlockSerializer
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def resource_params
|
||||
params.permit(:canonical_email_hash, :email)
|
||||
end
|
||||
|
||||
def set_canonical_email_blocks
|
||||
@canonical_email_blocks = CanonicalEmailBlock.order(id: :desc).to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
|
||||
end
|
||||
|
||||
def set_canonical_email_blocks_from_test
|
||||
@canonical_email_blocks = CanonicalEmailBlock.matching_email(params[:email])
|
||||
end
|
||||
|
||||
def set_canonical_email_block
|
||||
@canonical_email_block = CanonicalEmailBlock.find(params[:id])
|
||||
end
|
||||
|
||||
def insert_pagination_headers
|
||||
set_pagination_headers(next_path, prev_path)
|
||||
end
|
||||
|
||||
def next_path
|
||||
api_v1_admin_canonical_email_blocks_url(pagination_params(max_id: pagination_max_id)) if records_continue?
|
||||
end
|
||||
|
||||
def prev_path
|
||||
api_v1_admin_canonical_email_blocks_url(pagination_params(min_id: pagination_since_id)) unless @canonical_email_blocks.empty?
|
||||
end
|
||||
|
||||
def pagination_max_id
|
||||
@canonical_email_blocks.last.id
|
||||
end
|
||||
|
||||
def pagination_since_id
|
||||
@canonical_email_blocks.first.id
|
||||
end
|
||||
|
||||
def records_continue?
|
||||
@canonical_email_blocks.size == limit_param(LIMIT)
|
||||
end
|
||||
|
||||
def pagination_params(core_params)
|
||||
params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
|
||||
end
|
||||
end
|
|
@ -9,8 +9,6 @@ module Admin::ActionLogsHelper
|
|||
link_to log.human_identifier, admin_account_path(log.route_param)
|
||||
when 'UserRole'
|
||||
link_to log.human_identifier, admin_roles_path(log.target_id)
|
||||
when 'CustomEmoji'
|
||||
log.human_identifier
|
||||
when 'Report'
|
||||
link_to "##{log.human_identifier}", admin_report_path(log.target_id)
|
||||
when 'DomainBlock', 'DomainAllow', 'EmailDomainBlock', 'UnavailableDomain'
|
||||
|
@ -21,10 +19,10 @@ module Admin::ActionLogsHelper
|
|||
link_to log.human_identifier, admin_account_path(log.target_id)
|
||||
when 'Announcement'
|
||||
link_to truncate(log.human_identifier), edit_admin_announcement_path(log.target_id)
|
||||
when 'IpBlock'
|
||||
log.human_identifier
|
||||
when 'Instance'
|
||||
when 'IpBlock', 'Instance', 'CustomEmoji'
|
||||
log.human_identifier
|
||||
when 'CanonicalEmailBlock'
|
||||
content_tag(:samp, log.human_identifier[0...7], title: log.human_identifier)
|
||||
when 'Appeal'
|
||||
link_to log.human_identifier, disputes_strike_path(log.route_param)
|
||||
end
|
||||
|
|
|
@ -22,18 +22,22 @@ class Admin::ActionLogFilter
|
|||
create_domain_allow: { target_type: 'DomainAllow', action: 'create' }.freeze,
|
||||
create_domain_block: { target_type: 'DomainBlock', action: 'create' }.freeze,
|
||||
create_email_domain_block: { target_type: 'EmailDomainBlock', action: 'create' }.freeze,
|
||||
create_ip_block: { target_type: 'IpBlock', action: 'create' }.freeze,
|
||||
create_unavailable_domain: { target_type: 'UnavailableDomain', action: 'create' }.freeze,
|
||||
create_user_role: { target_type: 'UserRole', action: 'create' }.freeze,
|
||||
create_canonical_email_block: { target_type: 'CanonicalEmailBlock', action: 'create' }.freeze,
|
||||
demote_user: { target_type: 'User', action: 'demote' }.freeze,
|
||||
destroy_announcement: { target_type: 'Announcement', action: 'destroy' }.freeze,
|
||||
destroy_custom_emoji: { target_type: 'CustomEmoji', action: 'destroy' }.freeze,
|
||||
destroy_domain_allow: { target_type: 'DomainAllow', action: 'destroy' }.freeze,
|
||||
destroy_domain_block: { target_type: 'DomainBlock', action: 'destroy' }.freeze,
|
||||
destroy_ip_block: { target_type: 'IpBlock', action: 'destroy' }.freeze,
|
||||
destroy_email_domain_block: { target_type: 'EmailDomainBlock', action: 'destroy' }.freeze,
|
||||
destroy_instance: { target_type: 'Instance', action: 'destroy' }.freeze,
|
||||
destroy_unavailable_domain: { target_type: 'UnavailableDomain', action: 'destroy' }.freeze,
|
||||
destroy_status: { target_type: 'Status', action: 'destroy' }.freeze,
|
||||
destroy_user_role: { target_type: 'UserRole', action: 'destroy' }.freeze,
|
||||
destroy_canonical_email_block: { target_type: 'CanonicalEmailBlock', action: 'destroy' }.freeze,
|
||||
disable_2fa_user: { target_type: 'User', action: 'disable' }.freeze,
|
||||
disable_custom_emoji: { target_type: 'CustomEmoji', action: 'disable' }.freeze,
|
||||
disable_user: { target_type: 'User', action: 'disable' }.freeze,
|
||||
|
@ -56,6 +60,7 @@ class Admin::ActionLogFilter
|
|||
update_custom_emoji: { target_type: 'CustomEmoji', action: 'update' }.freeze,
|
||||
update_status: { target_type: 'Status', action: 'update' }.freeze,
|
||||
update_user_role: { target_type: 'UserRole', action: 'update' }.freeze,
|
||||
update_ip_block: { target_type: 'IpBlock', action: 'update' }.freeze,
|
||||
unblock_email_account: { target_type: 'Account', action: 'unblock_email' }.freeze,
|
||||
}.freeze
|
||||
|
||||
|
|
|
@ -5,27 +5,30 @@
|
|||
#
|
||||
# id :bigint(8) not null, primary key
|
||||
# canonical_email_hash :string default(""), not null
|
||||
# reference_account_id :bigint(8) not null
|
||||
# reference_account_id :bigint(8)
|
||||
# created_at :datetime not null
|
||||
# updated_at :datetime not null
|
||||
#
|
||||
|
||||
class CanonicalEmailBlock < ApplicationRecord
|
||||
include EmailHelper
|
||||
include Paginable
|
||||
|
||||
belongs_to :reference_account, class_name: 'Account'
|
||||
belongs_to :reference_account, class_name: 'Account', optional: true
|
||||
|
||||
validates :canonical_email_hash, presence: true, uniqueness: true
|
||||
|
||||
scope :matching_email, ->(email) { where(canonical_email_hash: email_to_canonical_email_hash(email)) }
|
||||
|
||||
def to_log_human_identifier
|
||||
canonical_email_hash
|
||||
end
|
||||
|
||||
def email=(email)
|
||||
self.canonical_email_hash = email_to_canonical_email_hash(email)
|
||||
end
|
||||
|
||||
def self.block?(email)
|
||||
where(canonical_email_hash: email_to_canonical_email_hash(email)).exists?
|
||||
end
|
||||
|
||||
def self.find_blocks(email)
|
||||
where(canonical_email_hash: email_to_canonical_email_hash(email))
|
||||
matching_email(email).exists?
|
||||
end
|
||||
end
|
||||
|
|
23
app/policies/canonical_email_block_policy.rb
Normal file
23
app/policies/canonical_email_block_policy.rb
Normal file
|
@ -0,0 +1,23 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class CanonicalEmailBlockPolicy < ApplicationPolicy
|
||||
def index?
|
||||
role.can?(:manage_blocks)
|
||||
end
|
||||
|
||||
def show?
|
||||
role.can?(:manage_blocks)
|
||||
end
|
||||
|
||||
def test?
|
||||
role.can?(:manage_blocks)
|
||||
end
|
||||
|
||||
def create?
|
||||
role.can?(:manage_blocks)
|
||||
end
|
||||
|
||||
def destroy?
|
||||
role.can?(:manage_blocks)
|
||||
end
|
||||
end
|
|
@ -0,0 +1,9 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class REST::Admin::CanonicalEmailBlockSerializer < ActiveModel::Serializer
|
||||
attributes :id, :canonical_email_hash
|
||||
|
||||
def id
|
||||
object.id.to_s
|
||||
end
|
||||
end
|
|
@ -239,6 +239,7 @@ en:
|
|||
confirm_user: Confirm User
|
||||
create_account_warning: Create Warning
|
||||
create_announcement: Create Announcement
|
||||
create_canonical_email_block: Create E-mail Block
|
||||
create_custom_emoji: Create Custom Emoji
|
||||
create_domain_allow: Create Domain Allow
|
||||
create_domain_block: Create Domain Block
|
||||
|
@ -248,6 +249,7 @@ en:
|
|||
create_user_role: Create Role
|
||||
demote_user: Demote User
|
||||
destroy_announcement: Delete Announcement
|
||||
destroy_canonical_email_block: Delete E-mail Block
|
||||
destroy_custom_emoji: Delete Custom Emoji
|
||||
destroy_domain_allow: Delete Domain Allow
|
||||
destroy_domain_block: Delete Domain Block
|
||||
|
@ -283,6 +285,7 @@ en:
|
|||
update_announcement: Update Announcement
|
||||
update_custom_emoji: Update Custom Emoji
|
||||
update_domain_block: Update Domain Block
|
||||
update_ip_block: Update IP rule
|
||||
update_status: Update Post
|
||||
update_user_role: Update Role
|
||||
actions:
|
||||
|
@ -294,6 +297,7 @@ en:
|
|||
confirm_user_html: "%{name} confirmed e-mail address of user %{target}"
|
||||
create_account_warning_html: "%{name} sent a warning to %{target}"
|
||||
create_announcement_html: "%{name} created new announcement %{target}"
|
||||
create_canonical_email_block_html: "%{name} blocked e-mail with the hash %{target}"
|
||||
create_custom_emoji_html: "%{name} uploaded new emoji %{target}"
|
||||
create_domain_allow_html: "%{name} allowed federation with domain %{target}"
|
||||
create_domain_block_html: "%{name} blocked domain %{target}"
|
||||
|
@ -303,6 +307,7 @@ en:
|
|||
create_user_role_html: "%{name} created %{target} role"
|
||||
demote_user_html: "%{name} demoted user %{target}"
|
||||
destroy_announcement_html: "%{name} deleted announcement %{target}"
|
||||
destroy_canonical_email_block_html: "%{name} unblocked e-mail with the hash %{target}"
|
||||
destroy_custom_emoji_html: "%{name} deleted emoji %{target}"
|
||||
destroy_domain_allow_html: "%{name} disallowed federation with domain %{target}"
|
||||
destroy_domain_block_html: "%{name} unblocked domain %{target}"
|
||||
|
@ -338,6 +343,7 @@ en:
|
|||
update_announcement_html: "%{name} updated announcement %{target}"
|
||||
update_custom_emoji_html: "%{name} updated emoji %{target}"
|
||||
update_domain_block_html: "%{name} updated domain block for %{target}"
|
||||
update_ip_block_html: "%{name} changed rule for IP %{target}"
|
||||
update_status_html: "%{name} updated post by %{target}"
|
||||
update_user_role_html: "%{name} changed %{target} role"
|
||||
empty: No logs found.
|
||||
|
|
|
@ -602,6 +602,12 @@ Rails.application.routes.draw do
|
|||
post :measures, to: 'measures#create'
|
||||
post :dimensions, to: 'dimensions#create'
|
||||
post :retention, to: 'retention#create'
|
||||
|
||||
resources :canonical_email_blocks, only: [:index, :create, :show, :destroy] do
|
||||
collection do
|
||||
post :test
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
class ChangeCanonicalEmailBlocksNullable < ActiveRecord::Migration[6.1]
|
||||
def change
|
||||
safety_assured { change_column :canonical_email_blocks, :reference_account_id, :bigint, null: true, default: nil }
|
||||
end
|
||||
end
|
|
@ -10,7 +10,7 @@
|
|||
#
|
||||
# It's strongly recommended that you check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema.define(version: 2022_08_24_164532) do
|
||||
ActiveRecord::Schema.define(version: 2022_08_27_195229) do
|
||||
|
||||
# These are extensions that must be enabled in order to support this database
|
||||
enable_extension "plpgsql"
|
||||
|
@ -296,7 +296,7 @@ ActiveRecord::Schema.define(version: 2022_08_24_164532) do
|
|||
|
||||
create_table "canonical_email_blocks", force: :cascade do |t|
|
||||
t.string "canonical_email_hash", default: "", null: false
|
||||
t.bigint "reference_account_id", null: false
|
||||
t.bigint "reference_account_id"
|
||||
t.datetime "created_at", precision: 6, null: false
|
||||
t.datetime "updated_at", precision: 6, null: false
|
||||
t.index ["canonical_email_hash"], name: "index_canonical_email_blocks_on_canonical_email_hash", unique: true
|
||||
|
|
|
@ -18,17 +18,15 @@ module Mastodon
|
|||
When suspending a local user, a hash of a "canonical" version of their e-mail
|
||||
address is stored to prevent them from signing up again.
|
||||
|
||||
This command can be used to find whether a known email address is blocked,
|
||||
and if so, which account it was attached to.
|
||||
This command can be used to find whether a known email address is blocked.
|
||||
LONG_DESC
|
||||
def find(email)
|
||||
accts = CanonicalEmailBlock.find_blocks(email).map(&:reference_account).map(&:acct).to_a
|
||||
accts = CanonicalEmailBlock.matching_email(email)
|
||||
|
||||
if accts.empty?
|
||||
say("#{email} is not blocked", :yellow)
|
||||
say("#{email} is not blocked", :green)
|
||||
else
|
||||
accts.each do |acct|
|
||||
say(acct, :white)
|
||||
end
|
||||
say("#{email} is blocked", :red)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -40,24 +38,13 @@ module Mastodon
|
|||
This command allows removing a canonical email block.
|
||||
LONG_DESC
|
||||
def remove(email)
|
||||
blocks = CanonicalEmailBlock.find_blocks(email)
|
||||
blocks = CanonicalEmailBlock.matching_email(email)
|
||||
|
||||
if blocks.empty?
|
||||
say("#{email} is not blocked", :yellow)
|
||||
say("#{email} is not blocked", :green)
|
||||
else
|
||||
blocks.destroy_all
|
||||
say("Removed canonical email block for #{email}", :green)
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def color(processed, failed)
|
||||
if !processed.zero? && failed.zero?
|
||||
:green
|
||||
elsif failed.zero?
|
||||
:yellow
|
||||
else
|
||||
:red
|
||||
say("Unblocked #{email}", :green)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue