Retrospring/app/models/user.rb

# frozen_string_literal: true

class User < ApplicationRecord
  include User::Relationship
  include User::Relationship::Follow
  include User::Relationship::Block
  include User::Relationship::Mute
  include User::AnswerMethods
  include User::BanMethods
  include User::InboxMethods
  include User::NotificationMethods
  include User::QuestionMethods
  include User::PushNotificationMethods
  include User::ReactionMethods
  include User::RelationshipMethods
  include User::SharingMethods
  include User::TimelineMethods
  include ActiveModel::OneTimePassword

  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :async, :registerable,
         :recoverable, :rememberable, :trackable,
         :validatable, :confirmable, authentication_keys: [:login]

  has_one_time_password
  enum otp_module: { disabled: 0, enabled: 1 }, _prefix: true
  attr_accessor :otp_attempt, :otp_validation
  attr_writer :login

  rolify

  has_many :questions, dependent: :destroy_async
  has_many :answers, dependent: :destroy_async
  has_many :comments, dependent: :destroy_async
  has_many :inbox_entries, dependent: :destroy_async
  has_many :smiles, class_name: "Reaction", dependent: :destroy_async
  has_many :notifications, foreign_key: :recipient_id, dependent: :destroy_async
  has_many :reports, dependent: :destroy_async
  has_many :lists, dependent: :destroy_async
  has_many :list_memberships, class_name: "ListMember", dependent: :destroy_async
  has_many :mute_rules, dependent: :destroy_async

  has_many :subscriptions, dependent: :destroy_async
  has_many :totp_recovery_codes, dependent: :destroy_async
  has_many :web_push_subscriptions, dependent: :destroy_async

  has_one :profile, dependent: :destroy
  has_one :theme, dependent: :destroy

  has_many :bans, class_name: "UserBan", dependent: :destroy_async
  has_many :banned_users, class_name:  "UserBan",
                          foreign_key: "banned_by_id",
                          dependent:   :nullify

  has_many :anonymous_blocks, dependent: :destroy_async
  has_many :passive_anonymous_blocks, class_name:  "AnonymousBlock",
                                      foreign_key: "target_user_id",
                                      dependent:   :nullify

  SCREEN_NAME_REGEX = /\A[a-zA-Z0-9_]+\z/
  WEBSITE_REGEX = /https?:\/\/([A-Za-z.-]+)\/?(?:.*)/i

  before_validation do
    screen_name.strip!
  end

  validates :email, fake_email: true, typoed_email: true
  validates :sharing_custom_url, allow_blank: true, valid_url: true
  validates :screen_name,
            presence:    true,
            format:      { with: SCREEN_NAME_REGEX, message: I18n.t("activerecord.validation.user.screen_name.format") },
            length:      { minimum: 1, maximum: 16 },
            uniqueness:  { case_sensitive: false },
            screen_name: true

  mount_uploader :profile_picture, ProfilePictureUploader, mount_on: :profile_picture_file_name
  process_in_background :profile_picture
  mount_uploader :profile_header, ProfileHeaderUploader, mount_on: :profile_header_file_name
  process_in_background :profile_header

  # when a user has been deleted, all reports relating to the user become invalid
  before_destroy do
    Report.where(target_id: id, type: "Reports::User").find_each do |r|
      unless r.nil?
        r.deleted = true
        r.save
      end
    end
  end

  after_destroy do
    Retrospring::Metrics::USERS_DESTROYED.increment
  end

  after_create do
    Profile.create(user_id: id) if Profile.where(user_id: id).count.zero?

    Retrospring::Metrics::USERS_CREATED.increment
  end

  # use the screen name as parameter for url helpers
  def to_param = screen_name

  def login = @login || screen_name || email

  def self.find_first_by_auth_conditions(warden_conditions)
    conditions = warden_conditions.dup
    if (login = conditions.delete(:login))
      where(conditions).where(["lower(screen_name) = :value OR lower(email) = :value", { value: login.downcase }]).first
    else
      where(conditions).first
    end
  end

  # @param list [List]
  # @return [Boolean] true if +self+ is a member of +list+
  def member_of?(list) = list_memberships.pluck(:list_id).include? list.id

  # answers a question
  # @param question [Question] the question to answer
  # @param content [String] the answer content
  def answer(question, content)
    raise Errors::AnsweringOtherBlockedSelf if question.user&.blocking?(self)
    raise Errors::AnsweringSelfBlockedOther if self.blocking?(question.user)

    Retrospring::Metrics::QUESTIONS_ANSWERED.increment

    Answer.create!(content:, user: self, question:, has_reacted: false, is_subscribed: true)
  end

  # has the user answered +question+ yet?
  # @param question [Question]
  def answered?(question) = question.answers.pluck(:user_id).include? id

  def comment(answer, content)
    raise Errors::CommentingSelfBlockedOther if self.blocking?(answer.user)
    raise Errors::CommentingOtherBlockedSelf if answer.user.blocking?(self)

    Retrospring::Metrics::COMMENTS_CREATED.increment

    Comment.create!(user: self, answer:, content:)
  end

  # @return [Boolean] is the user a moderator?
  def mod? = has_cached_role?(:moderator) || has_cached_role?(:administrator)

  def admin? = has_cached_role?(:administrator)

  # region stuff used for reporting/moderation
  def report(object, reason = nil)
    target_user = if object.instance_of?(::User)
                    object
                  elsif object.respond_to? :user
                    object.user
                  end

    existing = Report.find_by(type: "Reports::#{object.class}", target_id: object.id, user_id: id, target_user_id: target_user&.id, deleted: false)
    if existing.nil?
      Report.create(type: "Reports::#{object.class}", target_id: object.id, user_id: id, target_user_id: target_user&.id, reason:)
    elsif !reason.nil? && reason.length.positive?
      existing.append_reason(reason)
    end
  end
  # endregion

  def can_export?
    return (Time.zone.now > export_created_at.in(1.week)) && !export_processing unless export_created_at.nil?

    !export_processing
  end

  def inbox_locked? = privacy_lock_inbox
end
Move ban creation to `User#ban` method 2022-06-26 02:00:09 -07:00			`# frozen_string_literal: true`

Remove superfluous rubocop:disable comments 2023-10-15 01:21:46 -07:00			`class User < ApplicationRecord`
Make relationships polymorphic 2021-12-31 13:19:21 -08:00			`include User::Relationship`
			`include User::Relationship::Follow`
Add Block relationship type 2022-04-18 12:24:15 -07:00			`include User::Relationship::Block`
Add mute relationship and user methods 2022-12-27 17:59:51 -08:00			`include User::Relationship::Mute`
Use cursored pagination, remove WillPaginate 2020-04-20 14:03:57 -07:00			`include User::AnswerMethods`
Move ban-related user methods to own module 2022-06-26 08:39:52 -07:00			`include User::BanMethods`
Use cursored pagination, remove WillPaginate 2020-04-20 14:03:57 -07:00			`include User::InboxMethods`
Cache inbox and notification counters 2023-02-25 06:46:11 -08:00			`include User::NotificationMethods`
Use cursored pagination, remove WillPaginate 2020-04-20 14:03:57 -07:00			`include User::QuestionMethods`
Deduplicate notification sending logic and replace placeholder string 2022-09-11 13:34:18 -07:00			`include User::PushNotificationMethods`
Refactor smiling answers to using reactions 2022-02-19 08:19:28 -08:00			`include User::ReactionMethods`
Use cursored pagination, remove WillPaginate 2020-04-20 14:03:57 -07:00			`include User::RelationshipMethods`
Return sharing options when answering a question 2023-02-05 10:17:01 -08:00			`include User::SharingMethods`
Use cursored pagination, remove WillPaginate 2020-04-20 14:03:57 -07:00			`include User::TimelineMethods`
Implement Two Factor Authentication 2020-10-18 01:39:46 -07:00			`include ActiveModel::OneTimePassword`
Use cursored pagination, remove WillPaginate 2020-04-20 14:03:57 -07:00
added users model 2014-08-01 03:07:16 -07:00			`# Include default devise modules. Others available are:`
			`# :confirmable, :lockable, :timeoutable and :omniauthable`
:async 2015-01-01 09:17:34 -08:00			`devise :database_authenticatable, :async, :registerable,`
added authentication and everything 2014-08-01 06:27:08 -07:00			`:recoverable, :rememberable, :trackable,`
Clean up User model 2023-01-02 02:16:47 -08:00			`:validatable, :confirmable, authentication_keys: [:login]`
added smile model 2014-11-30 10:43:22 -08:00
Implement Two Factor Authentication 2020-10-18 01:39:46 -07:00			`has_one_time_password`
Fix OTP auth triggering for users who haven't set it up I thought I could be clever by using a null secret key as an indicator of it being disabled 2020-10-18 02:39:28 -07:00			`enum otp_module: { disabled: 0, enabled: 1 }, _prefix: true`
Implement Two Factor Authentication 2020-10-18 01:39:46 -07:00			`attr_accessor :otp_attempt, :otp_validation`
Clean up User model 2023-01-02 02:16:47 -08:00			`attr_writer :login`
Implement Two Factor Authentication 2020-10-18 01:39:46 -07:00
Use Rolify for admin and moderator roles 2020-04-19 13:35:58 -07:00			`rolify`

Use `dependent: :destroy_async` instead of `DeletionWorker` 2022-02-04 12:09:43 -08:00			`has_many :questions, dependent: :destroy_async`
			`has_many :answers, dependent: :destroy_async`
			`has_many :comments, dependent: :destroy_async`
Rename user/question associations to `:inbox_entries` 2024-01-27 04:03:45 -08:00			`has_many :inbox_entries, dependent: :destroy_async`
Rename `Appendable::Reaction` to `Reaction` 2023-10-25 20:54:48 -07:00			`has_many :smiles, class_name: "Reaction", dependent: :destroy_async`
Use `dependent: :destroy_async` instead of `DeletionWorker` 2022-02-04 12:09:43 -08:00			`has_many :notifications, foreign_key: :recipient_id, dependent: :destroy_async`
			`has_many :reports, dependent: :destroy_async`
			`has_many :lists, dependent: :destroy_async`
Correct lint errors (only on lines affected in this PR) 2022-02-04 12:19:43 -08:00			`has_many :list_memberships, class_name: "ListMember", dependent: :destroy_async`
Use `dependent: :destroy_async` instead of `DeletionWorker` 2022-02-04 12:09:43 -08:00			`has_many :mute_rules, dependent: :destroy_async`
added validations and everything 2014-11-30 05:43:35 -08:00
Use `dependent: :destroy_async` instead of `DeletionWorker` 2022-02-04 12:09:43 -08:00			`has_many :subscriptions, dependent: :destroy_async`
			`has_many :totp_recovery_codes, dependent: :destroy_async`
Add web push subscription model 2022-09-11 11:10:21 -07:00			`has_many :web_push_subscriptions, dependent: :destroy_async`
Support for post subscriptions 2015-04-20 18:12:11 -07:00
Ensure counters only get updated if the record exists 2022-02-04 13:08:25 -08:00			`has_one :profile, dependent: :destroy`
			`has_one :theme, dependent: :destroy`
Model goop also made the theme selection logic for user profiles and current user, and the saving logic 2015-08-25 01:26:36 -07:00
Correct lint errors (only on lines affected in this PR) 2022-02-04 12:19:43 -08:00			`has_many :bans, class_name: "UserBan", dependent: :destroy_async`
Clean up User model 2023-01-02 02:16:47 -08:00			`has_many :banned_users, class_name: "UserBan",`
			`foreign_key: "banned_by_id",`
			`dependent: :nullify`
Create user ban model Co-authored-by: Georg Gadinger <nilsding@nilsding.org> 2021-08-14 07:07:12 -07:00
Fix anonymous block model associations 2024-01-14 04:14:04 -08:00			`has_many :anonymous_blocks, dependent: :destroy_async`
Fix rubocop nits 2024-01-14 04:36:52 -08:00			`has_many :passive_anonymous_blocks, class_name: "AnonymousBlock",`
Fix anonymous block model associations 2024-01-14 04:14:04 -08:00			`foreign_key: "target_user_id",`
Fix rubocop nits 2024-01-14 04:36:52 -08:00			`dependent: :nullify`
Fix anonymous block model associations 2024-01-14 04:14:04 -08:00
Fix screen_name regex being too lenient 2023-01-20 21:30:33 -08:00			`SCREEN_NAME_REGEX = /\A[a-zA-Z0-9_]+\z/`
Clean up User model 2023-01-02 02:16:47 -08:00			`WEBSITE_REGEX = /https?:\/\/([A-Za-z.-]+)\/?(?:.*)/i`
added smile model 2014-11-30 10:43:22 -08:00
added forbidden user names (including case insensitivity!) 2015-01-09 05:12:52 -08:00			`before_validation do`
			`screen_name.strip!`
			`end`

add validator for typoed emails It happens quite often that people typo their email address (I blame phone keyboards for that). Catch common cases in a validator and tell the user that they have a typo in their email. Why yes, I did write the tests for this first, thanks for asking! 2022-01-11 09:37:07 -08:00			`validates :email, fake_email: true, typoed_email: true`
make URI.parse part of the validation for the sharing URL the regexp alone and web browsers allows URLs to contain non-ASCII characters, which `URI.parse` does not like -- resulting in the inbox page to suddenly break. also changed the `redirect_to` in the controller to a `render :edit` so that validation errors are shown properly 2023-02-10 11:48:15 -08:00			`validates :sharing_custom_url, allow_blank: true, valid_url: true`
Split format and length validation for User `screen_name` 2023-01-20 21:16:14 -08:00			`validates :screen_name,`
			`presence: true,`
Add more explicit message for format validation errors 2023-01-21 04:14:15 -08:00			`format: { with: SCREEN_NAME_REGEX, message: I18n.t("activerecord.validation.user.screen_name.format") },`
Split format and length validation for User `screen_name` 2023-01-20 21:16:14 -08:00			`length: { minimum: 1, maximum: 16 },`
			`uniqueness: { case_sensitive: false },`
			`screen_name: true`
finally, setting the display_name works. 2014-11-11 11:20:00 -08:00
Replace paperclip with CarrierWave 2020-05-01 15:43:46 -07:00			`mount_uploader :profile_picture, ProfilePictureUploader, mount_on: :profile_picture_file_name`
Add CarrierWave Backgrounder 2020-05-17 11:58:27 -07:00			`process_in_background :profile_picture`
Replace paperclip with CarrierWave 2020-05-01 15:43:46 -07:00			`mount_uploader :profile_header, ProfileHeaderUploader, mount_on: :profile_header_file_name`
Add CarrierWave Backgrounder 2020-05-17 11:58:27 -07:00			`process_in_background :profile_header`
added profile_picture to users 2014-12-29 01:18:12 -08:00
Implement cropping; make uploaders DRY 2020-05-02 09:45:11 -07:00			`# when a user has been deleted, all reports relating to the user become invalid`
Derp (Caused Retrospring/bugs#41) 2015-04-29 17:04:43 -07:00			`before_destroy do`
Clean up User model 2023-01-02 02:16:47 -08:00			`Report.where(target_id: id, type: "Reports::User").find_each do \|r\|`
Derp (Caused Retrospring/bugs#41) 2015-04-29 17:04:43 -07:00			`unless r.nil?`
			`r.deleted = true`
			`r.save`
			`end`
			`end`
			`end`

metrics: add counter for created/destroyed users 2023-03-26 01:31:49 -07:00			`after_destroy do`
			`Retrospring::Metrics::USERS_DESTROYED.increment`
			`end`

Update remaining references to profile fields 2021-12-19 14:51:06 -08:00			`after_create do`
			`Profile.create(user_id: id) if Profile.where(user_id: id).count.zero?`
metrics: add counter for created/destroyed users 2023-03-26 01:31:49 -07:00
			`Retrospring::Metrics::USERS_CREATED.increment`
Update remaining references to profile fields 2021-12-19 14:51:06 -08:00			`end`

clean up routes - replace `match` with `get`/`post`/`patch`/`delete` - format routes.rb - rename the `show_user_{profile,question,answer}` routes to `profile`, `question`, `answer` so `url_for` (used by Rails Admin) works fine for these things - also add `to_param` to the `User` model so that `url_for(some_user)` uses the user name 2022-07-23 03:06:05 -07:00			`# use the screen name as parameter for url helpers`
			`def to_param = screen_name`

Clean up User model 2023-01-02 02:16:47 -08:00			`def login = @login \|\| screen_name \|\| email`
added smile model 2014-11-30 10:43:22 -08:00
added authentication and everything 2014-08-01 06:27:08 -07:00			`def self.find_first_by_auth_conditions(warden_conditions)`
closes Retrospring/bugs#17 2015-04-21 15:33:55 -07:00			`conditions = warden_conditions.dup`
Clean up User model 2023-01-02 02:16:47 -08:00			`if (login = conditions.delete(:login))`
			`where(conditions).where(["lower(screen_name) = :value OR lower(email) = :value", { value: login.downcase }]).first`
added authentication and everything 2014-08-01 06:27:08 -07:00			`else`
			`where(conditions).first`
			`end`
			`end`
added methods for following/unfollowing users 2014-11-30 06:13:17 -08:00
Rename Groups to Lists haha regexp go brrr special thanks to @seatsea for helping me out with the French locales 2020-05-25 09:04:54 -07:00			`# @param list [List]`
			`# @return [Boolean] true if +self+ is a member of +list+`
Clean up User model 2023-01-02 02:16:47 -08:00			`def member_of?(list) = list_memberships.pluck(:list_id).include? list.id`
added group memberships modal 2015-01-13 22:07:40 -08:00
added User#answer, moved some code from inbox.rb to answer.rb 2015-01-03 09:09:56 -08:00			`# answers a question`
			`# @param question [Question] the question to answer`
			`# @param content [String] the answer content`
			`def answer(question, content)`
Prevent errors in `User#answer` when asking anonymous questions 2022-06-13 10:31:37 -07:00			`raise Errors::AnsweringOtherBlockedSelf if question.user&.blocking?(self)`
Add block checks into `User#answer` 2022-06-11 14:14:01 -07:00			`raise Errors::AnsweringSelfBlockedOther if self.blocking?(question.user)`

add some more metrics for answers and comments 2023-02-13 13:24:52 -08:00			`Retrospring::Metrics::QUESTIONS_ANSWERED.increment`

Fix `has_reacted` and `is_subscribed` not being set 2023-12-18 09:28:19 -08:00			`Answer.create!(content:, user: self, question:, has_reacted: false, is_subscribed: true)`
added User#answer, moved some code from inbox.rb to answer.rb 2015-01-03 09:09:56 -08:00			`end`

added User#answered? 2015-01-03 09:40:56 -08:00			`# has the user answered +question+ yet?`
			`# @param question [Question]`
Clean up User model 2023-01-02 02:16:47 -08:00			`def answered?(question) = question.answers.pluck(:user_id).include? id`
added User#answered? 2015-01-03 09:40:56 -08:00
added User#comment 2014-12-05 05:11:08 -08:00			`def comment(answer, content)`
Disallow commenting when blocked by the answer's author 2022-06-09 10:44:58 -07:00			`raise Errors::CommentingSelfBlockedOther if self.blocking?(answer.user)`
			`raise Errors::CommentingOtherBlockedSelf if answer.user.blocking?(self)`

add some more metrics for answers and comments 2023-02-13 13:24:52 -08:00			`Retrospring::Metrics::COMMENTS_CREATED.increment`

Clean up User model 2023-01-02 02:16:47 -08:00			`Comment.create!(user: self, answer:, content:)`
added User#comment 2014-12-05 05:11:08 -08:00			`end`
h 2014-12-28 10:32:08 -08:00
			`# @return [Boolean] is the user a moderator?`
Clean up User model 2023-01-02 02:16:47 -08:00			`def mod? = has_cached_role?(:moderator) \|\| has_cached_role?(:administrator)`
add `admin?` shorthand to users 2022-08-21 06:02:49 -07:00
Clean up User model 2023-01-02 02:16:47 -08:00			`def admin? = has_cached_role?(:administrator)`
h 2014-12-28 10:32:08 -08:00
added User#answer, moved some code from inbox.rb to answer.rb 2015-01-03 09:09:56 -08:00			`# region stuff used for reporting/moderation`
Move target user resolving code into `report` method 2024-01-23 11:42:16 -08:00			`def report(object, reason = nil)`
Fix rubocop nits 2024-01-23 11:47:38 -08:00			`target_user = if object.instance_of?(::User)`
Move target user resolving code into `report` method 2024-01-23 11:42:16 -08:00			`object`
			`elsif object.respond_to? :user`
			`object.user`
			`end`

Set target user in report action 2024-01-23 11:32:48 -08:00			`existing = Report.find_by(type: "Reports::#{object.class}", target_id: object.id, user_id: id, target_user_id: target_user&.id, deleted: false)`
Add support for report reasons 2015-04-21 19:59:10 -07:00			`if existing.nil?`
Set target user in report action 2024-01-23 11:32:48 -08:00			`Report.create(type: "Reports::#{object.class}", target_id: object.id, user_id: id, target_user_id: target_user&.id, reason:)`
Clean up User model 2023-01-02 02:16:47 -08:00			`elsif !reason.nil? && reason.length.positive?`
			`existing.append_reason(reason)`
Add support for report reasons 2015-04-21 19:59:10 -07:00			`end`
h 2014-12-28 10:32:08 -08:00			`end`
added User#answer, moved some code from inbox.rb to answer.rb 2015-01-03 09:09:56 -08:00			`# endregion`
added cropper processor 2014-12-29 05:51:52 -08:00
added User#can_export? 2016-01-05 11:54:13 -08:00			`def can_export?`
Clean up User model 2023-01-02 02:16:47 -08:00			`return (Time.zone.now > export_created_at.in(1.week)) && !export_processing unless export_created_at.nil?`
Use Rolify for admin and moderator roles 2020-04-19 13:35:58 -07:00
Clean up User model 2023-01-02 02:16:47 -08:00			`!export_processing`
Add inbox locking setting to user 2022-11-06 05:59:56 -08:00			`end`

Clean up User model 2023-01-02 02:16:47 -08:00			`def inbox_locked? = privacy_lock_inbox`
added users model 2014-08-01 03:07:16 -07:00			`end`