jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
a698ca2b8cdab52ef2f6845c8db436553e71da1f
danbooru/app/models/email_address.rb
evazion 94e125709c users: add Restricted user level. 
Add a Restricted user level. Restricted users are level 10, below
Members. New users start out as Restricted if they sign up from a proxy
or an IP recently used by another user.

Restricted users can't update or edit any public content on the site
until they verify their email address, at which point they're promoted
to Member. Restricted users are only allowed to do personal actions
like keep favorites, keep favgroups and saved searches, mark dmails as
read or deleted, or mark forum posts as read.

The restricted state already existed before, the only change here is
that now it's an actual user level instead of a hidden state. Before it
was based on two hidden flags on the user, the `requires_verification`
flag (set when a user signs up from a proxy, etc), and the `is_verified`
flag (set after the user verifies their email). Making it a user level
means that now the Restricted status will be shown publicly.

Introducing a new level below Member means that we have to change every
`is_member?` check to `!is_anonymous` for every place where we used
`is_member?` to check that the current user is logged in.
2021-01-07 17:10:29 -06:00

86 lines
2.1 KiB
Ruby
Raw Blame History

class EmailAddress < ApplicationRecord
belongs_to :user, inverse_of: :email_address
validates :address, presence: true, confirmation: true, format: { with: EmailValidator::EMAIL_REGEX }
validates :normalized_address, uniqueness: true
validates :user_id, uniqueness: true
validate :validate_deliverable, on: :deliverable
def self.visible(user)
if user.is_moderator?
where(user: User.where("level < ?", user.level).or(User.where(id: user.id)))
else
none
end
end
def address=(value)
self.normalized_address = EmailValidator.normalize(value) || address
super
end
def is_restricted?
EmailValidator.is_restricted?(normalized_address)
end
def is_normalized?
address == normalized_address
end
def is_valid?
EmailValidator.is_valid?(address)
end
def self.restricted(restricted = true)
domains = Danbooru.config.email_domain_verification_list
domain_regex = domains.map { |domain| Regexp.escape(domain) }.join("|")
if restricted.to_s.truthy?
where_not_regex(:normalized_address, "@(#{domain_regex})$")
elsif restricted.to_s.falsy?
where_regex(:normalized_address, "@(#{domain_regex})$")
else
all
end
end
def self.search(params)
q = search_attributes(params, :id, :created_at, :updated_at, :user, :address, :normalized_address, :is_verified, :is_deliverable)
q = q.restricted(params[:is_restricted])
q = q.apply_default_order(params)
q
end
def validate_deliverable
if EmailValidator.undeliverable?(address)
errors.add(:address, "is invalid or does not exist")
end
end
def verify!
transaction do
update!(is_verified: true)
if user.is_restricted? && !is_restricted?
user.update!(level: User::Levels::MEMBER, is_verified: is_verified?)
end
end
end
concerning :VerificationMethods do
def verifier
@verifier ||= Danbooru::MessageVerifier.new(:email_verification_key)
end
def verification_key
verifier.generate(id)
end
def valid_key?(key)
id == verifier.verified(key)
end
end
end
Reference in New Issue View Git Blame Copy Permalink