writefreely
/
writefreely
mirror of https://github.com/writefreely/writefreely.git
2
0
Fork 0
Code Issues Releases 25 Wiki Activity
A clean, Markdown-based publishing platform made for writers. Write together, and build a community. https://writefreely.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1617 Commits
42 Branches
210 MiB
 
 
 
 
 
Branch: develop
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'develop'
${ noResults }
writefreely/invites.go

207 lines
4.7 KiB
Raw Permalink Blame History 

  1. /*

  2.  * Copyright © 2019-2021 Musing Studio LLC.

  3.  *

  4.  * This file is part of WriteFreely.

  5.  *

  6.  * WriteFreely is free software: you can redistribute it and/or modify

  7.  * it under the terms of the GNU Affero General Public License, included

  8.  * in the LICENSE file in this source code package.

  9.  */

  10. 

  11. package writefreely

  12. 

  13. import (

  14. 	"database/sql"

  15. 	"html/template"

  16. 	"net/http"

  17. 	"strconv"

  18. 	"time"

  19. 

  20. 	"github.com/gorilla/mux"

  21. 	"github.com/writeas/impart"

  22. 	"github.com/writeas/web-core/id"

  23. 	"github.com/writeas/web-core/log"

  24. 	"github.com/writefreely/writefreely/page"

  25. )

  26. 

  27. type Invite struct {

  28. 	ID       string

  29. 	MaxUses  sql.NullInt64

  30. 	Created  time.Time

  31. 	Expires  *time.Time

  32. 	Inactive bool

  33. 

  34. 	uses int64

  35. }

  36. 

  37. func (i Invite) Uses() int64 {

  38. 	return i.uses

  39. }

  40. 

  41. func (i Invite) Expired() bool {

  42. 	return i.Expires != nil && i.Expires.Before(time.Now())

  43. }

  44. 

  45. func (i Invite) Active(db *datastore) bool {

  46. 	if i.Expired() {

  47. 		return false

  48. 	}

  49. 	if i.MaxUses.Valid && i.MaxUses.Int64 > 0 {

  50. 		if c := db.GetUsersInvitedCount(i.ID); c >= i.MaxUses.Int64 {

  51. 			return false

  52. 		}

  53. 	}

  54. 	return true

  55. }

  56. 

  57. func (i Invite) ExpiresFriendly() string {

  58. 	return i.Expires.Format("January 2, 2006, 3:04 PM")

  59. }

  60. 

  61. func handleViewUserInvites(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  62. 	// Don't show page if instance doesn't allow it

  63. 	if !(app.cfg.App.UserInvites != "" && (u.IsAdmin() || app.cfg.App.UserInvites != "admin")) {

  64. 		return impart.HTTPError{http.StatusNotFound, ""}

  65. 	}

  66. 

  67. 	f, _ := getSessionFlashes(app, w, r, nil)

  68. 

  69. 	p := struct {

  70. 		*UserPage

  71. 		Invites  *[]Invite

  72. 		Silenced bool

  73. 	}{

  74. 		UserPage: NewUserPage(app, r, u, "Invite People", f),

  75. 	}

  76. 

  77. 	var err error

  78. 

  79. 	p.Silenced, err = app.db.IsUserSilenced(u.ID)

  80. 	if err != nil {

  81. 		if err == ErrUserNotFound {

  82. 			return err

  83. 		}

  84. 		log.Error("view invites: %v", err)

  85. 	}

  86. 

  87. 	p.Invites, err = app.db.GetUserInvites(u.ID)

  88. 	if err != nil {

  89. 		return err

  90. 	}

  91. 	for i := range *p.Invites {

  92. 		(*p.Invites)[i].uses = app.db.GetUsersInvitedCount((*p.Invites)[i].ID)

  93. 	}

  94. 

  95. 	showUserPage(w, "invite", p)

  96. 	return nil

  97. }

  98. 

  99. func handleCreateUserInvite(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  100. 	muVal := r.FormValue("uses")

  101. 	expVal := r.FormValue("expires")

  102. 

  103. 	if u.IsSilenced() {

  104. 		return ErrUserSilenced

  105. 	}

  106. 

  107. 	var err error

  108. 	var maxUses int

  109. 	if muVal != "0" {

  110. 		maxUses, err = strconv.Atoi(muVal)

  111. 		if err != nil {

  112. 			return impart.HTTPError{http.StatusBadRequest, "Invalid value for 'max_uses'"}

  113. 		}

  114. 	}

  115. 

  116. 	var expDate *time.Time

  117. 	var expires int

  118. 	if expVal != "0" {

  119. 		expires, err = strconv.Atoi(expVal)

  120. 		if err != nil {

  121. 			return impart.HTTPError{http.StatusBadRequest, "Invalid value for 'expires'"}

  122. 		}

  123. 		ed := time.Now().Add(time.Duration(expires) * time.Minute)

  124. 		expDate = &ed

  125. 	}

  126. 

  127. 	inviteID := id.GenerateRandomString("0123456789BCDFGHJKLMNPQRSTVWXYZbcdfghjklmnpqrstvwxyz", 6)

  128. 	err = app.db.CreateUserInvite(inviteID, u.ID, maxUses, expDate)

  129. 	if err != nil {

  130. 		return err

  131. 	}

  132. 

  133. 	return impart.HTTPError{http.StatusFound, "/me/invites"}

  134. }

  135. 

  136. func handleViewInvite(app *App, w http.ResponseWriter, r *http.Request) error {

  137. 	inviteCode := mux.Vars(r)["code"]

  138. 

  139. 	i, err := app.db.GetUserInvite(inviteCode)

  140. 	if err != nil {

  141. 		return err

  142. 	}

  143. 

  144. 	expired := i.Expired()

  145. 	if !expired && i.MaxUses.Valid && i.MaxUses.Int64 > 0 {

  146. 		// Invite has a max-use number, so check if we're past that limit

  147. 		i.uses = app.db.GetUsersInvitedCount(inviteCode)

  148. 		expired = i.uses >= i.MaxUses.Int64

  149. 	}

  150. 

  151. 	if u := getUserSession(app, r); u != nil {

  152. 		// check if invite belongs to another user

  153. 		// error can be ignored as not important in this case

  154. 		if ownInvite, _ := app.db.IsUsersInvite(inviteCode, u.ID); !ownInvite {

  155. 			addSessionFlash(app, w, r, "You're already registered and logged in.", nil)

  156. 			// show homepage

  157. 			return impart.HTTPError{http.StatusFound, "/me/settings"}

  158. 		}

  159. 

  160. 		// show invite instructions

  161. 		p := struct {

  162. 			*UserPage

  163. 			Invite  *Invite

  164. 			Expired bool

  165. 		}{

  166. 			UserPage: NewUserPage(app, r, u, "Invite to "+app.cfg.App.SiteName, nil),

  167. 			Invite:   i,

  168. 			Expired:  expired,

  169. 		}

  170. 		showUserPage(w, "invite-help", p)

  171. 		return nil

  172. 	}

  173. 

  174. 	p := struct {

  175. 		page.StaticPage

  176. 		*OAuthButtons

  177. 		Error   string

  178. 		Flashes []template.HTML

  179. 		Invite  string

  180. 	}{

  181. 		StaticPage:   pageForReq(app, r),

  182. 		OAuthButtons: NewOAuthButtons(app.cfg),

  183. 		Invite:       inviteCode,

  184. 	}

  185. 

  186. 	if expired {

  187. 		p.Error = "This invite link has expired."

  188. 	}

  189. 

  190. 	// Tell search engines not to index invite links

  191. 	w.Header().Set("X-Robots-Tag", "noindex")

  192. 

  193. 	// Get error messages

  194. 	session, err := app.sessionStore.Get(r, cookieName)

  195. 	if err != nil {

  196. 		// Ignore this

  197. 		log.Error("Unable to get session in handleViewInvite; ignoring: %v", err)

  198. 	}

  199. 	flashes, _ := getSessionFlashes(app, w, r, session)

  200. 	for _, flash := range flashes {

  201. 		p.Flashes = append(p.Flashes, template.HTML(flash))

  202. 	}

  203. 

  204. 	// Show landing page

  205. 	return renderPage(w, "signup.tmpl", p)

  206. }