writefreely
/
writefreely
mirror of https://github.com/writefreely/writefreely.git
2
0
Fork 0
Code Issues Releases 25 Wiki Activity
A clean, Markdown-based publishing platform made for writers. Write together, and build a community. https://writefreely.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
564 Commits
45 Branches
234 MiB
 
 
 
 
 
Tree: 9873fc443f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9873fc443f'
${ noResults }
writefreely/invites.go

180 lines
4.2 KiB
Raw Blame History 

  1. /*

  2.  * Copyright © 2019 A Bunch Tell LLC.

  3.  *

  4.  * This file is part of WriteFreely.

  5.  *

  6.  * WriteFreely is free software: you can redistribute it and/or modify

  7.  * it under the terms of the GNU Affero General Public License, included

  8.  * in the LICENSE file in this source code package.

  9.  */

  10. 

  11. package writefreely

  12. 

  13. import (

  14. 	"database/sql"

  15. 	"html/template"

  16. 	"net/http"

  17. 	"strconv"

  18. 	"time"

  19. 

  20. 	"github.com/gorilla/mux"

  21. 	"github.com/writeas/impart"

  22. 	"github.com/writeas/nerds/store"

  23. 	"github.com/writeas/web-core/log"

  24. 	"github.com/writeas/writefreely/page"

  25. )

  26. 

  27. type Invite struct {

  28. 	ID       string

  29. 	MaxUses  sql.NullInt64

  30. 	Created  time.Time

  31. 	Expires  *time.Time

  32. 	Inactive bool

  33. 

  34. 	uses int64

  35. }

  36. 

  37. func (i Invite) Uses() int64 {

  38. 	return i.uses

  39. }

  40. 

  41. func (i Invite) Expired() bool {

  42. 	return i.Expires != nil && i.Expires.Before(time.Now())

  43. }

  44. 

  45. func (i Invite) ExpiresFriendly() string {

  46. 	return i.Expires.Format("January 2, 2006, 3:04 PM")

  47. }

  48. 

  49. func handleViewUserInvites(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  50. 	// Don't show page if instance doesn't allow it

  51. 	if !(app.cfg.App.UserInvites != "" && (u.IsAdmin() || app.cfg.App.UserInvites != "admin")) {

  52. 		return impart.HTTPError{http.StatusNotFound, ""}

  53. 	}

  54. 

  55. 	f, _ := getSessionFlashes(app, w, r, nil)

  56. 

  57. 	p := struct {

  58. 		*UserPage

  59. 		Invites *[]Invite

  60. 	}{

  61. 		UserPage: NewUserPage(app, r, u, "Invite People", f),

  62. 	}

  63. 

  64. 	var err error

  65. 	p.Invites, err = app.db.GetUserInvites(u.ID)

  66. 	if err != nil {

  67. 		return err

  68. 	}

  69. 	for i := range *p.Invites {

  70. 		(*p.Invites)[i].uses = app.db.GetUsersInvitedCount((*p.Invites)[i].ID)

  71. 	}

  72. 

  73. 	showUserPage(w, "invite", p)

  74. 	return nil

  75. }

  76. 

  77. func handleCreateUserInvite(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  78. 	muVal := r.FormValue("uses")

  79. 	expVal := r.FormValue("expires")

  80. 

  81. 	if u.Suspended {

  82. 		return ErrUserSuspended

  83. 	}

  84. 

  85. 	var err error

  86. 	var maxUses int

  87. 	if muVal != "0" {

  88. 		maxUses, err = strconv.Atoi(muVal)

  89. 		if err != nil {

  90. 			return impart.HTTPError{http.StatusBadRequest, "Invalid value for 'max_uses'"}

  91. 		}

  92. 	}

  93. 

  94. 	var expDate *time.Time

  95. 	var expires int

  96. 	if expVal != "0" {

  97. 		expires, err = strconv.Atoi(expVal)

  98. 		if err != nil {

  99. 			return impart.HTTPError{http.StatusBadRequest, "Invalid value for 'expires'"}

  100. 		}

  101. 		ed := time.Now().Add(time.Duration(expires) * time.Minute)

  102. 		expDate = &ed

  103. 	}

  104. 

  105. 	inviteID := store.GenerateRandomString("0123456789BCDFGHJKLMNPQRSTVWXYZbcdfghjklmnpqrstvwxyz", 6)

  106. 	err = app.db.CreateUserInvite(inviteID, u.ID, maxUses, expDate)

  107. 	if err != nil {

  108. 		return err

  109. 	}

  110. 

  111. 	return impart.HTTPError{http.StatusFound, "/me/invites"}

  112. }

  113. 

  114. func handleViewInvite(app *App, w http.ResponseWriter, r *http.Request) error {

  115. 	inviteCode := mux.Vars(r)["code"]

  116. 

  117. 	i, err := app.db.GetUserInvite(inviteCode)

  118. 	if err != nil {

  119. 		return err

  120. 	}

  121. 

  122. 	expired := i.Expired()

  123. 	if !expired && i.MaxUses.Valid && i.MaxUses.Int64 > 0 {

  124. 		// Invite has a max-use number, so check if we're past that limit

  125. 		i.uses = app.db.GetUsersInvitedCount(inviteCode)

  126. 		expired = i.uses >= i.MaxUses.Int64

  127. 	}

  128. 

  129. 	if u := getUserSession(app, r); u != nil {

  130. 		// check if invite belongs to another user

  131. 		// error can be ignored as not important in this case

  132. 		if ownInvite, _ := app.db.IsUsersInvite(inviteCode, u.ID); !ownInvite {

  133. 			addSessionFlash(app, w, r, "You're already registered and logged in.", nil)

  134. 			// show homepage

  135. 			return impart.HTTPError{http.StatusFound, "/me/settings"}

  136. 		}

  137. 

  138. 		// show invite instructions

  139. 		p := struct {

  140. 			*UserPage

  141. 			Invite  *Invite

  142. 			Expired bool

  143. 		}{

  144. 			UserPage: NewUserPage(app, r, u, "Invite to "+app.cfg.App.SiteName, nil),

  145. 			Invite:   i,

  146. 			Expired:  expired,

  147. 		}

  148. 		showUserPage(w, "invite-help", p)

  149. 		return nil

  150. 	}

  151. 

  152. 	p := struct {

  153. 		page.StaticPage

  154. 		Error   string

  155. 		Flashes []template.HTML

  156. 		Invite  string

  157. 	}{

  158. 		StaticPage: pageForReq(app, r),

  159. 		Invite:     inviteCode,

  160. 	}

  161. 

  162. 	if expired {

  163. 		p.Error = "This invite link has expired."

  164. 	}

  165. 

  166. 	// Get error messages

  167. 	session, err := app.sessionStore.Get(r, cookieName)

  168. 	if err != nil {

  169. 		// Ignore this

  170. 		log.Error("Unable to get session in handleViewInvite; ignoring: %v", err)

  171. 	}

  172. 	flashes, _ := getSessionFlashes(app, w, r, session)

  173. 	for _, flash := range flashes {

  174. 		p.Flashes = append(p.Flashes, template.HTML(flash))

  175. 	}

  176. 

  177. 	// Show landing page

  178. 	return renderPage(w, "signup.tmpl", p)

  179. }