#174 better banning

2021-06-16 16:08:38 +02:00 · 2021-06-16 16:08:38 +02:00 · fb689e2f6c
parent 35fb535955
commit fb689e2f6c
16 changed files with 182 additions and 11 deletions
--- a/components/Header.vue
+++ b/components/Header.vue
@ -1,5 +1,6 @@
 <template>
-    <header v-if="config.header" class="mb-4">
+    <div v-if="config.header" class="mb-4">
        <header>
        <div class="d-none d-lg-flex justify-content-between align-items-center flex-row nav-custom btn-group mb-0">
            <nuxt-link v-for="link in links" :key="link.link" :to="link.link" :class="`nav-item btn btn-sm ${isActiveRoute(link) ? 'active' : ''} ${link.header ? 'flex-grow-0' : ''}`">
                <h1 v-if="link.header" class="text-nowrap">
@ -48,18 +49,39 @@
                </div>
            </div>
        </div>
-        <div v-if="locales[config.locale].published === false" class="alert alert-warning mt-3">
+        </header>
        <div v-if="locales[config.locale].published === false" class="alert alert-warning mb-0">
            <Icon v="exclamation-triangle"/>
            This language version is still under construction!
        </div>
-        <div v-show="showCensus" class="alert alert-info mt-3">
+        <div v-show="showCensus" class="alert alert-info mb-0">
            <a href="#" class="float-end" @click.prevent="dismissCensus">
                <Icon v="times"/>
            </a>
            <Icon v="user-chart" size="2" class="d-inline-block float-start me-3 mt-2"/>
            <T silent>census.banner</T>
        </div>
-    </header>
+        <div v-if="$user() && $user().bannedReason" class="alert alert-danger mb-0 container">
            <p class="h4 mb-2">
                <Icon v="ban"/>
                <T>ban.header</T>
            </p>
            <p >
                <T>ban.reason</T>:
                {{$user().bannedReason}}
            </p>
            <p>
                <T>ban.termsIntro</T>
            </p>
            <blockquote class="small">
                It is forbidden to post on the Service any Content that might break the law or violate social norms,
                including but not limited to:
                propagation of totalitarian regimes, hate speech, racism, xenophobia, homophobia, transphobia, queerphobia,
                misogyny, harassment, impersonation, child pornography, unlawful conduct, misinformation,
                sharing of someone else's personal data, spam, advertisement, copyright or trademark violations.
            </blockquote>
        </div>
    </div>
    <header v-else class="mb-4">
        <h1 class="text-nowrap">
            <nuxt-link to="/">
--- a/locale/de/translations.suml
+++ b/locale/de/translations.suml
@ -496,6 +496,15 @@ mode:
    dark: 'Dark mode'  # TODO
    light: 'Light mode'
 # TODO
 ban:
    reason: 'Ban reason'
    action: 'Ban this person'
    confirm: 'Are you sure you want to ban @%username%?'
    header: 'You''re banned. Your profile will not be shown to anyone.'
    banned: 'Banned'
    termsIntro: 'According to our {/terms=Terms of Service}:'
 flags:
    Abrosexual: 'Abrosexuell'
    Achillean: 'Achillean'
--- a/locale/en/translations.suml
+++ b/locale/en/translations.suml
@ -571,3 +571,11 @@ error:
 mode:
    dark: 'Dark mode'
    light: 'Light mode'
 ban:
    reason: 'Ban reason'
    action: 'Ban this person'
    confirm: 'Are you sure you want to ban @%username%?'
    header: 'You''re banned. Your profile will not be shown to anyone.'
    banned: 'Banned'
    termsIntro: 'According to our {/terms=Terms of Service}:'
--- a/locale/es/translations.suml
+++ b/locale/es/translations.suml
@ -506,6 +506,15 @@ mode:
    dark: 'Dark mode'  # TODO
    light: 'Light mode'
 # TODO
 ban:
    reason: 'Ban reason'
    action: 'Ban this person'
    confirm: 'Are you sure you want to ban @%username%?'
    header: 'You''re banned. Your profile will not be shown to anyone.'
    banned: 'Banned'
    termsIntro: 'According to our {/terinos=Terms of Service}:'
 flags:
    Abroromantic: 'Abrorrománti{inflection_c}'
    Abrosexual: 'Abrosexual'
--- a/locale/fr/translations.suml
+++ b/locale/fr/translations.suml
@ -487,6 +487,15 @@ mode:
    dark: 'Dark mode'  # TODO
    light: 'Light mode'
 # TODO
 ban:
    reason: 'Ban reason'
    action: 'Ban this person'
    confirm: 'Are you sure you want to ban @%username%?'
    header: 'You''re banned. Your profile will not be shown to anyone.'
    banned: 'Banned'
    termsIntro: 'According to our {/terms=Terms of Service}:'
 flags:
    Abroromantic: 'Abroromantyczn{adjective_n}'
    Abrosexual: 'Abroseksualn{adjective_n}'
--- a/locale/nl/translations.suml
+++ b/locale/nl/translations.suml
@ -500,6 +500,15 @@ mode:
    dark: 'Dark mode'  # TODO
    light: 'Light mode'
 # TODO
 ban:
    reason: 'Ban reason'
    action: 'Ban this person'
    confirm: 'Are you sure you want to ban @%username%?'
    header: 'You''re banned. Your profile will not be shown to anyone.'
    banned: 'Banned'
    termsIntro: 'According to our {/voorwaarden=Terms of Service}:'
 flags:
    Abroromantic: 'Abroromantisch'
    Abrosexual: 'Abroseksueel'
--- a/locale/pl/translations.suml
+++ b/locale/pl/translations.suml
@ -1105,6 +1105,14 @@ mode:
    dark: 'Tryb nocny'
    light: 'Tryb dzienny'
 ban:
    reason: 'Powód blokady'
    action: 'Zablokuj tę osobę'
    confirm: 'Czy na pewno chcesz zbanować @%username%?'
    header: 'Twoje konto jest zablokowane. Twoje profile nie są widoczne publicznie.'
    banned: 'Zbanowanx'
    termsIntro: 'Zgodnie z naszym {/regulamin=Regulaminem}:'
 flags:
    Abroromantic: 'Abroromantyczn{adjective_n}'
    Abrosexual: 'Abroseksualn{adjective_n}'
--- a/locale/pt/translations.suml
+++ b/locale/pt/translations.suml
@ -504,6 +504,15 @@ mode:
    dark: 'Dark mode'  # TODO
    light: 'Light mode'
 # TODO
 ban:
    reason: 'Ban reason'
    action: 'Ban this person'
    confirm: 'Are you sure you want to ban @%username%?'
    header: 'You''re banned. Your profile will not be shown to anyone.'
    banned: 'Banned'
    termsIntro: 'According to our {/termos=Terms of Service}:'
 flags:
    Abroromantic: 'Abrorromânti{inflection_c}'
    Abrosexual: 'Abrossexual'
--- a/locale/ru/translations.suml
+++ b/locale/ru/translations.suml
@ -1076,6 +1076,15 @@ mode:
    dark: 'Dark mode'  # TODO
    light: 'Light mode'
 # TODO
 ban:
    reason: 'Ban reason'
    action: 'Ban this person'
    confirm: 'Are you sure you want to ban @%username%?'
    header: 'You''re banned. Your profile will not be shown to anyone.'
    banned: 'Banned'
    termsIntro: 'According to our {/terinos=Terms of Service}:'
 flags:
    Abroromantic: 'Abroromantyczn{adjective_n}'
    Abrosexual: 'Abroseksualn{adjective_n}'
--- a/locale/yi/translations.suml
+++ b/locale/yi/translations.suml
@ -517,6 +517,15 @@ mode:
    dark: 'Dark mode'  # TODO
    light: 'Light mode'
 # TODO
 ban:
    reason: 'Ban reason'
    action: 'Ban this person'
    confirm: 'Are you sure you want to ban @%username%?'
    header: 'You''re banned. Your profile will not be shown to anyone.'
    banned: 'Banned'
    termsIntro: 'According to our {/terinos=Terms of Service}:'
 flags:
    Abroromantic: 'אַבראָראָמאַנטיש'
    Abrosexual: 'אַבראָסעקסועל'
--- a/locale/zh/translations.suml
+++ b/locale/zh/translations.suml
@ -485,6 +485,15 @@ mode:
    dark: 'Dark mode'  # TODO
    light: 'Light mode'
 # TODO
 ban:
    reason: 'Ban reason'
    action: 'Ban this person'
    confirm: 'Are you sure you want to ban @%username%?'
    header: 'You''re banned. Your profile will not be shown to anyone.'
    banned: 'Banned'
    termsIntro: 'According to our {/terinos=Terms of Service}:'
 flags:
    Abrosexual: '嫩性戀'
    Abroromantic: '嫩浪漫傾向'
--- a/migrations/027-ban.sql
+++ b/migrations/027-ban.sql
@ -0,0 +1,5 @@
 -- Up
 ALTER TABLE users ADD COLUMN bannedReason TEXT NULL;
 -- Down
--- a/routes/profile.vue
+++ b/routes/profile.vue
@ -31,6 +31,16 @@
            </div>
        </div>
        <section v-if="$isGranted('users') && profile.bannedReason">
            <div class="alert alert-warning">
                <p class="h4">
                    <Icon v="ban"/>
                    {{$t('ban.banned')}}
                </p>
                <p class="mb-0">{{profile.bannedReason}}</p>
            </div>
        </section>
        <section v-if="profile.age ||profile.description.trim().length">
            <p v-for="line in profile.description.split('\n')" class="mb-1">
                <Spelling escape :text="line"/>
@ -111,6 +121,16 @@
            <OpinionLegend/>
        </section>
        <section v-if="$isGranted('users')">
            <div class="alert alert-warning">
                <textarea v-model="profile.bannedReason" class="form-control" rows="3" :placeholder="$t('ban.reason')" :disabled="saving"></textarea>
                <button class="btn btn-danger d-block w-100 mt-2" :disabled="saving" @click="ban">
                    <Icon v="ban"/>
                    {{$t('ban.action')}}
                </button>
            </div>
        </section>
        <Separator icon="heart"/>
        <Support/>
        <section>
@ -137,16 +157,17 @@
 </template>
 <script>
-    import { head } from "../src/helpers";
+    import {head, listToDict} from "../src/helpers";
    import { pronouns } from "~/src/data";
    import { buildPronoun } from "../src/buildPronoun";
    export default {
        data() {
             return {
-                profiles: {},
+                 profiles: {},
-                glue: ' ' + this.$t('pronouns.or') + ' ',
+                 glue: ' ' + this.$t('pronouns.or') + ' ',
-                allFlags: process.env.FLAGS,
+                 allFlags: process.env.FLAGS,
                 saving: false,
            }
        },
        async asyncData({ app, route }) {
@ -238,6 +259,20 @@
                return mainPronoun;
            },
        },
        methods: {
            async ban() {
                await this.$confirm(this.$t('ban.confirm', {username: this.username}), 'danger');
                this.saving = true;
                try {
                    await this.$post(`/admin/ban/${encodeURIComponent(this.username)}`, {
                        reason: this.profile.bannedReason,
                    });
                    window.location.reload();
                } finally {
                    this.saving = false;
                }
            }
        },
        head() {
            return head({
                title: `@${this.username}`,
--- a/server/routes/admin.js
+++ b/server/routes/admin.js
@ -117,4 +117,20 @@ router.get('/admin/stats', handleErrorAsync(async (req, res) => {
    return res.json(stats);
 }));
 const normalise = s => s.trim().toLowerCase();
 router.post('/admin/ban/:username', handleErrorAsync(async (req, res) => {
    if (!req.isGranted('users')) {
        return res.status(401).json({error: 'Unauthorised'});
    }
    await req.db.get(SQL`
        UPDATE users
        SET bannedReason = ${req.body.reason || null} 
        WHERE lower(trim(replace(replace(replace(replace(replace(replace(replace(replace(replace(username, 'Ą', 'ą'), 'Ć', 'ć'), 'Ę', 'ę'), 'Ł', 'ł'), 'Ń', 'ń'), 'Ó', 'ó'), 'Ś', 'ś'), 'Ż', 'ż'), 'Ź', 'ż'))) = ${normalise(req.params.username)}
    `);
    return res.json(true);
 }));
 export default router;
--- a/server/routes/profile.js
+++ b/server/routes/profile.js
@ -24,9 +24,9 @@ const calcAge = birthday => {
    return parseInt(Math.floor(diff / 1000 / 60 / 60 / 24 / 365.25));
 }
-const fetchProfiles = async (db, username, self) => {
+const fetchProfiles = async (db, username, self, isAdmin) => {
    const profiles = await db.all(SQL`
-        SELECT profiles.*, users.id, users.username, users.email, users.avatarSource FROM profiles LEFT JOIN users on users.id == profiles.userId 
+        SELECT profiles.*, users.id, users.username, users.email, users.avatarSource, users.bannedReason FROM profiles LEFT JOIN users on users.id == profiles.userId 
        WHERE lower(trim(replace(replace(replace(replace(replace(replace(replace(replace(replace(username, 'Ą', 'ą'), 'Ć', 'ć'), 'Ę', 'ę'), 'Ł', 'ł'), 'Ń', 'ń'), 'Ó', 'ó'), 'Ś', 'ś'), 'Ż', 'ż'), 'Ź', 'ż'))) = ${normalise(username)}
        AND profiles.active = 1
        ORDER BY profiles.locale
@ -34,6 +34,9 @@ const fetchProfiles = async (db, username, self) => {
    const p = {}
    for (let profile of profiles) {
        if (profile.bannedReason !== null && !isAdmin && !self) {
            return {};
        }
        p[profile.locale] = {
            id: profile.id,
            userId: profile.userId,
@ -52,6 +55,7 @@ const fetchProfiles = async (db, username, self) => {
            teamName: profile.teamName,
            footerName: profile.footerName,
            footerAreas: profile.footerAreas ? profile.footerAreas.split(',') : [],
            bannedReason: profile.bannedReason,
        };
    }
    return p;
@ -60,7 +64,7 @@ const fetchProfiles = async (db, username, self) => {
 const router = Router();
 router.get('/profile/get/:username', handleErrorAsync(async (req, res) => {
-    return res.json(await fetchProfiles(req.db, req.params.username, req.user && req.user.username === req.params.username))
+    return res.json(await fetchProfiles(req.db, req.params.username, req.user && req.user.username === req.params.username, req.isGranted('users')))
 }));
 router.post('/profile/save', handleErrorAsync(async (req, res) => {
--- a/server/routes/user.js
+++ b/server/routes/user.js
@ -157,6 +157,7 @@ const reloadUser = async (req, res, next) => {
        || req.user.email !== dbUser.email
        || req.user.roles !== dbUser.roles
        || req.user.avatarSource !== dbUser.avatarSource
        || req.user.bannedReason !== dbUser.bannedReason
    ) {
        const newUser = {
            ...dbUser,