forked from mirrors/catstodon
Add confirmation page when importing blocked domains (#1773)
* Move glitch-soc-specific strings to glitch-soc-specific locale files * Add confirmation page when importing blocked domains
This commit is contained in:
parent
3a08411306
commit
b91196f4b7
11 changed files with 183 additions and 48 deletions
|
@ -4,6 +4,17 @@ module Admin
|
||||||
class DomainBlocksController < BaseController
|
class DomainBlocksController < BaseController
|
||||||
before_action :set_domain_block, only: [:show, :destroy, :edit, :update]
|
before_action :set_domain_block, only: [:show, :destroy, :edit, :update]
|
||||||
|
|
||||||
|
def batch
|
||||||
|
@form = Form::DomainBlockBatch.new(form_domain_block_batch_params.merge(current_account: current_account, action: action_from_button))
|
||||||
|
@form.save
|
||||||
|
rescue ActionController::ParameterMissing
|
||||||
|
flash[:alert] = I18n.t('admin.email_domain_blocks.no_domain_block_selected')
|
||||||
|
rescue Mastodon::NotPermittedError
|
||||||
|
flash[:alert] = I18n.t('admin.domain_blocks.created_msg')
|
||||||
|
else
|
||||||
|
redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
|
||||||
|
end
|
||||||
|
|
||||||
def new
|
def new
|
||||||
authorize :domain_block, :create?
|
authorize :domain_block, :create?
|
||||||
@domain_block = DomainBlock.new(domain: params[:_domain])
|
@domain_block = DomainBlock.new(domain: params[:_domain])
|
||||||
|
@ -76,5 +87,15 @@ module Admin
|
||||||
def resource_params
|
def resource_params
|
||||||
params.require(:domain_block).permit(:domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate)
|
params.require(:domain_block).permit(:domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def form_domain_block_batch_params
|
||||||
|
params.require(:form_domain_block_batch).permit(domain_blocks_attributes: [:enabled, :domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate])
|
||||||
|
end
|
||||||
|
|
||||||
|
def action_from_button
|
||||||
|
if params[:save]
|
||||||
|
'save'
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -21,30 +21,33 @@ module Admin
|
||||||
|
|
||||||
def import
|
def import
|
||||||
authorize :domain_block, :create?
|
authorize :domain_block, :create?
|
||||||
begin
|
|
||||||
@import = Admin::Import.new(import_params)
|
|
||||||
parse_import_data!(export_headers)
|
|
||||||
|
|
||||||
@data.take(ROWS_PROCESSING_LIMIT).each do |row|
|
@import = Admin::Import.new(import_params)
|
||||||
domain = row['#domain'].strip
|
parse_import_data!(export_headers)
|
||||||
next if DomainBlock.rule_for(domain).present?
|
|
||||||
|
|
||||||
domain_block = DomainBlock.new(domain: domain,
|
@global_private_comment = I18n.t('admin.export_domain_blocks.import.private_comment_template', source: @import.data_file_name, date: I18n.l(Time.now.utc))
|
||||||
severity: row['#severity'].strip,
|
|
||||||
reject_media: row['#reject_media'].strip,
|
@form = Form::DomainBlockBatch.new
|
||||||
reject_reports: row['#reject_reports'].strip,
|
@domain_blocks = @data.take(ROWS_PROCESSING_LIMIT).filter_map do |row|
|
||||||
public_comment: row['#public_comment'].strip,
|
domain = row['#domain'].strip
|
||||||
obfuscate: row['#obfuscate'].strip)
|
next if DomainBlock.rule_for(domain).present?
|
||||||
if domain_block.save
|
|
||||||
DomainBlockWorker.perform_async(domain_block.id)
|
domain_block = DomainBlock.new(domain: domain,
|
||||||
log_action :create, domain_block
|
severity: row['#severity'].strip,
|
||||||
end
|
reject_media: row['#reject_media'].strip,
|
||||||
end
|
reject_reports: row['#reject_reports'].strip,
|
||||||
flash[:notice] = I18n.t('admin.domain_blocks.created_msg')
|
private_comment: @global_private_comment,
|
||||||
rescue ActionController::ParameterMissing
|
public_comment: row['#public_comment']&.strip,
|
||||||
flash[:error] = I18n.t('admin.export_domain_blocks.no_file')
|
obfuscate: row['#obfuscate'].strip)
|
||||||
|
|
||||||
|
domain_block if domain_block.valid?
|
||||||
end
|
end
|
||||||
redirect_to admin_instances_path(limited: '1')
|
|
||||||
|
@warning_domains = Instance.where(domain: @domain_blocks.map(&:domain)).where('EXISTS (SELECT 1 FROM follows JOIN accounts ON follows.account_id = accounts.id OR follows.target_account_id = accounts.id WHERE accounts.domain = instances.domain)').pluck(:domain)
|
||||||
|
rescue ActionController::ParameterMissing
|
||||||
|
flash.now[:alert] = I18n.t('admin.export_domain_blocks.no_file')
|
||||||
|
set_dummy_import!
|
||||||
|
render :new
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
|
@ -102,6 +102,12 @@ ready(() => {
|
||||||
const registrationMode = document.getElementById('form_admin_settings_registrations_mode');
|
const registrationMode = document.getElementById('form_admin_settings_registrations_mode');
|
||||||
if (registrationMode) onChangeRegistrationMode(registrationMode);
|
if (registrationMode) onChangeRegistrationMode(registrationMode);
|
||||||
|
|
||||||
|
const checkAllElement = document.querySelector('#batch_checkbox_all');
|
||||||
|
if (checkAllElement) {
|
||||||
|
checkAllElement.checked = [].every.call(document.querySelectorAll(batchCheckboxClassName), (content) => content.checked);
|
||||||
|
checkAllElement.indeterminate = !checkAllElement.checked && [].some.call(document.querySelectorAll(batchCheckboxClassName), (content) => content.checked);
|
||||||
|
}
|
||||||
|
|
||||||
document.querySelector('a#add-instance-button')?.addEventListener('click', (e) => {
|
document.querySelector('a#add-instance-button')?.addEventListener('click', (e) => {
|
||||||
const domain = document.getElementById('by_domain')?.value;
|
const domain = document.getElementById('by_domain')?.value;
|
||||||
|
|
||||||
|
|
35
app/models/form/domain_block_batch.rb
Normal file
35
app/models/form/domain_block_batch.rb
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
class Form::DomainBlockBatch
|
||||||
|
include ActiveModel::Model
|
||||||
|
include Authorization
|
||||||
|
include AccountableConcern
|
||||||
|
|
||||||
|
attr_accessor :domain_blocks_attributes, :action, :current_account
|
||||||
|
|
||||||
|
def save
|
||||||
|
case action
|
||||||
|
when 'save'
|
||||||
|
save!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def domain_blocks
|
||||||
|
@domain_blocks ||= domain_blocks_attributes.values.filter_map do |attributes|
|
||||||
|
DomainBlock.new(attributes.without('enabled')) if ActiveModel::Type::Boolean.new.cast(attributes['enabled'])
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def save!
|
||||||
|
domain_blocks.each do |domain_block|
|
||||||
|
authorize(domain_block, :create?)
|
||||||
|
next if DomainBlock.rule_for(domain_block.domain).present?
|
||||||
|
|
||||||
|
domain_block.save!
|
||||||
|
DomainBlockWorker.perform_async(domain_block.id)
|
||||||
|
log_action :create, domain_block
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
27
app/views/admin/export_domain_blocks/_domain_block.html.haml
Normal file
27
app/views/admin/export_domain_blocks/_domain_block.html.haml
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
- existing_relationships ||= false
|
||||||
|
|
||||||
|
.batch-table__row{ class: [existing_relationships && 'batch-table__row--attention'] }
|
||||||
|
%label.batch-table__row__select.batch-table__row__select--aligned.batch-checkbox
|
||||||
|
= f.check_box :enabled, checked: !existing_relationships
|
||||||
|
.batch-table__row__content.pending-account
|
||||||
|
.pending-account__header
|
||||||
|
%strong
|
||||||
|
= f.object.domain
|
||||||
|
= f.hidden_field :domain
|
||||||
|
= f.hidden_field :severity
|
||||||
|
= f.hidden_field :reject_media
|
||||||
|
= f.hidden_field :reject_reports
|
||||||
|
= f.hidden_field :obfuscate
|
||||||
|
= f.hidden_field :private_comment
|
||||||
|
= f.hidden_field :public_comment
|
||||||
|
|
||||||
|
%br/
|
||||||
|
|
||||||
|
= f.object.policies.map { |policy| t(policy, scope: 'admin.instances.content_policies.policies') }.join(' • ')
|
||||||
|
- if f.object.public_comment.present?
|
||||||
|
•
|
||||||
|
= f.object.public_comment
|
||||||
|
- if existing_relationships
|
||||||
|
•
|
||||||
|
= fa_icon 'warning fw'
|
||||||
|
= t('admin.export_domain_blocks.import.existing_relationships_warning')
|
21
app/views/admin/export_domain_blocks/import.html.haml
Normal file
21
app/views/admin/export_domain_blocks/import.html.haml
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
- content_for :page_title do
|
||||||
|
= t('admin.export_domain_blocks.import.title')
|
||||||
|
|
||||||
|
%p= t('admin.export_domain_blocks.import.description_html')
|
||||||
|
|
||||||
|
- if defined?(@global_private_comment) && @global_private_comment.present?
|
||||||
|
%p= t('admin.export_domain_blocks.import.private_comment_description_html', comment: @global_private_comment)
|
||||||
|
|
||||||
|
= form_for(@form, url: batch_admin_domain_blocks_path) do |f|
|
||||||
|
.batch-table
|
||||||
|
.batch-table__toolbar
|
||||||
|
%label.batch-table__toolbar__select.batch-checkbox-all
|
||||||
|
= check_box_tag :batch_checkbox_all, nil, false
|
||||||
|
.batch-table__toolbar__actions
|
||||||
|
= f.button safe_join([fa_icon('copy'), t('admin.domain_blocks.import')]), name: :save, class: 'table-action-link', type: :submit, data: { confirm: t('admin.reports.are_you_sure') }
|
||||||
|
.batch-table__body
|
||||||
|
- if @domain_blocks.empty?
|
||||||
|
= nothing_here 'nothing-here--under-tabs'
|
||||||
|
- else
|
||||||
|
= f.simple_fields_for :domain_blocks, @domain_blocks do |ff|
|
||||||
|
= render 'domain_block', f: ff, existing_relationships: @warning_domains.include?(ff.object.domain)
|
|
@ -4,6 +4,26 @@ en:
|
||||||
custom_emojis:
|
custom_emojis:
|
||||||
batch_copy_error: 'An error occurred when copying some of the selected emoji: %{message}'
|
batch_copy_error: 'An error occurred when copying some of the selected emoji: %{message}'
|
||||||
batch_error: 'An error occurred: %{message}'
|
batch_error: 'An error occurred: %{message}'
|
||||||
|
domain_allows:
|
||||||
|
export: Export
|
||||||
|
import: Import
|
||||||
|
domain_blocks:
|
||||||
|
export: Export
|
||||||
|
import: Import
|
||||||
|
export_domain_allows:
|
||||||
|
new:
|
||||||
|
title: Import domain allows
|
||||||
|
no_file: No file selected
|
||||||
|
export_domain_blocks:
|
||||||
|
import:
|
||||||
|
description_html: You are about to import a list of domain blocks. Please review this list very carefully, especially if you have not authored this list yourself.
|
||||||
|
existing_relationships_warning: Existing follow relationships
|
||||||
|
private_comment_description_html: 'To help you track where imported blocks come from, imported blocks will be created with the following private comment: <q>%{comment}</q>'
|
||||||
|
private_comment_template: Imported from %{source} on %{date}
|
||||||
|
title: Import domain blocks
|
||||||
|
new:
|
||||||
|
title: Import domain blocks
|
||||||
|
no_file: No file selected
|
||||||
settings:
|
settings:
|
||||||
captcha_enabled:
|
captcha_enabled:
|
||||||
desc_html: This relies on external scripts from hCaptcha, which may be a security and privacy concern. In addition, <strong>this can make the registration process significantly less accessible to some (especially disabled) people</strong>. For these reasons, please consider alternative measures such as approval-based or invite-based registration.<br>Users that have been invited through a limited-use invite will not need to solve a CAPTCHA
|
desc_html: This relies on external scripts from hCaptcha, which may be a security and privacy concern. In addition, <strong>this can make the registration process significantly less accessible to some (especially disabled) people</strong>. For these reasons, please consider alternative measures such as approval-based or invite-based registration.<br>Users that have been invited through a limited-use invite will not need to solve a CAPTCHA
|
||||||
|
|
|
@ -421,8 +421,6 @@ en:
|
||||||
add_new: Allow federation with domain
|
add_new: Allow federation with domain
|
||||||
created_msg: Domain has been successfully allowed for federation
|
created_msg: Domain has been successfully allowed for federation
|
||||||
destroyed_msg: Domain has been disallowed from federation
|
destroyed_msg: Domain has been disallowed from federation
|
||||||
export: Export
|
|
||||||
import: Import
|
|
||||||
undo: Disallow federation with domain
|
undo: Disallow federation with domain
|
||||||
domain_blocks:
|
domain_blocks:
|
||||||
add_new: Add new domain block
|
add_new: Add new domain block
|
||||||
|
@ -431,8 +429,6 @@ en:
|
||||||
domain: Domain
|
domain: Domain
|
||||||
edit: Edit domain block
|
edit: Edit domain block
|
||||||
existing_domain_block_html: You have already imposed stricter limits on %{name}, you need to <a href="%{unblock_url}">unblock it</a> first.
|
existing_domain_block_html: You have already imposed stricter limits on %{name}, you need to <a href="%{unblock_url}">unblock it</a> first.
|
||||||
export: Export
|
|
||||||
import: Import
|
|
||||||
new:
|
new:
|
||||||
create: Create block
|
create: Create block
|
||||||
hint: The domain block will not prevent creation of account entries in the database, but will retroactively and automatically apply specific moderation methods on those accounts.
|
hint: The domain block will not prevent creation of account entries in the database, but will retroactively and automatically apply specific moderation methods on those accounts.
|
||||||
|
@ -473,14 +469,6 @@ en:
|
||||||
resolved_dns_records_hint_html: The domain name resolves to the following MX domains, which are ultimately responsible for accepting e-mail. Blocking an MX domain will block sign-ups from any e-mail address which uses the same MX domain, even if the visible domain name is different. <strong>Be careful not to block major e-mail providers.</strong>
|
resolved_dns_records_hint_html: The domain name resolves to the following MX domains, which are ultimately responsible for accepting e-mail. Blocking an MX domain will block sign-ups from any e-mail address which uses the same MX domain, even if the visible domain name is different. <strong>Be careful not to block major e-mail providers.</strong>
|
||||||
resolved_through_html: Resolved through %{domain}
|
resolved_through_html: Resolved through %{domain}
|
||||||
title: Blocked e-mail domains
|
title: Blocked e-mail domains
|
||||||
export_domain_allows:
|
|
||||||
new:
|
|
||||||
title: Import domain allows
|
|
||||||
no_file: No file selected
|
|
||||||
export_domain_blocks:
|
|
||||||
new:
|
|
||||||
title: Import domain blocks
|
|
||||||
no_file: No file selected
|
|
||||||
follow_recommendations:
|
follow_recommendations:
|
||||||
description_html: "<strong>Follow recommendations help new users quickly find interesting content</strong>. When a user has not interacted with others enough to form personalized follow recommendations, these accounts are recommended instead. They are re-calculated on a daily basis from a mix of accounts with the highest recent engagements and highest local follower counts for a given language."
|
description_html: "<strong>Follow recommendations help new users quickly find interesting content</strong>. When a user has not interacted with others enough to form personalized follow recommendations, these accounts are recommended instead. They are re-calculated on a daily basis from a mix of accounts with the highest recent engagements and highest local follower counts for a given language."
|
||||||
language: For language
|
language: For language
|
||||||
|
|
|
@ -194,7 +194,11 @@ Rails.application.routes.draw do
|
||||||
get '/dashboard', to: 'dashboard#index'
|
get '/dashboard', to: 'dashboard#index'
|
||||||
|
|
||||||
resources :domain_allows, only: [:new, :create, :show, :destroy]
|
resources :domain_allows, only: [:new, :create, :show, :destroy]
|
||||||
resources :domain_blocks, only: [:new, :create, :show, :destroy, :update, :edit]
|
resources :domain_blocks, only: [:new, :create, :show, :destroy, :update, :edit] do
|
||||||
|
collection do
|
||||||
|
post :batch
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
resources :export_domain_allows, only: [:new] do
|
resources :export_domain_allows, only: [:new] do
|
||||||
collection do
|
collection do
|
||||||
|
@ -485,6 +489,7 @@ Rails.application.routes.draw do
|
||||||
end
|
end
|
||||||
|
|
||||||
resource :domain_blocks, only: [:show, :create, :destroy]
|
resource :domain_blocks, only: [:show, :create, :destroy]
|
||||||
|
|
||||||
resource :directory, only: [:show]
|
resource :directory, only: [:show]
|
||||||
|
|
||||||
resources :follow_requests, only: [:index] do
|
resources :follow_requests, only: [:index] do
|
||||||
|
|
|
@ -16,6 +16,27 @@ RSpec.describe Admin::DomainBlocksController, type: :controller do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe 'POST #batch' do
|
||||||
|
it 'blocks the domains when succeeded to save' do
|
||||||
|
allow(DomainBlockWorker).to receive(:perform_async).and_return(true)
|
||||||
|
|
||||||
|
post :batch, params: {
|
||||||
|
save: '',
|
||||||
|
form_domain_block_batch: {
|
||||||
|
domain_blocks_attributes: {
|
||||||
|
'0' => { enabled: '1', domain: 'example.com', severity: 'silence' },
|
||||||
|
'1' => { enabled: '0', domain: 'mastodon.social', severity: 'suspend' },
|
||||||
|
'2' => { enabled: '1', domain: 'mastodon.online', severity: 'suspend' }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
expect(DomainBlockWorker).to have_received(:perform_async).exactly(2).times
|
||||||
|
expect(flash[:notice]).to eq I18n.t('admin.domain_blocks.created_msg')
|
||||||
|
expect(response).to redirect_to(admin_instances_path(limited: '1'))
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe 'POST #create' do
|
describe 'POST #create' do
|
||||||
it 'blocks the domain when succeeded to save' do
|
it 'blocks the domain when succeeded to save' do
|
||||||
allow(DomainBlockWorker).to receive(:perform_async).and_return(true)
|
allow(DomainBlockWorker).to receive(:perform_async).and_return(true)
|
||||||
|
|
|
@ -22,26 +22,14 @@ RSpec.describe Admin::ExportDomainBlocksController, type: :controller do
|
||||||
|
|
||||||
describe 'POST #import' do
|
describe 'POST #import' do
|
||||||
it 'blocks imported domains' do
|
it 'blocks imported domains' do
|
||||||
allow(DomainBlockWorker).to receive(:perform_async).and_return(true)
|
|
||||||
|
|
||||||
post :import, params: { admin_import: { data: fixture_file_upload('domain_blocks.csv') } }
|
post :import, params: { admin_import: { data: fixture_file_upload('domain_blocks.csv') } }
|
||||||
|
|
||||||
expect(response).to redirect_to(admin_instances_path(limited: '1'))
|
expect(assigns(:domain_blocks).map(&:domain)).to match_array ['bad.domain', 'worse.domain', 'reject.media']
|
||||||
expect(DomainBlockWorker).to have_received(:perform_async).exactly(3).times
|
|
||||||
|
|
||||||
# Header should not be imported
|
|
||||||
expect(DomainBlock.where(domain: '#domain').present?).to eq(false)
|
|
||||||
|
|
||||||
# Domains should now be added
|
|
||||||
get :export, params: { format: :csv }
|
|
||||||
expect(response).to have_http_status(200)
|
|
||||||
expect(response.body).to eq(IO.read(File.join(file_fixture_path, 'domain_blocks.csv')))
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'displays error on no file selected' do
|
it 'displays error on no file selected' do
|
||||||
post :import, params: { admin_import: {} }
|
post :import, params: { admin_import: {} }
|
||||||
expect(response).to redirect_to(admin_instances_path(limited: '1'))
|
expect(flash[:alert]).to eq(I18n.t('admin.export_domain_blocks.no_file'))
|
||||||
expect(flash[:error]).to eq(I18n.t('admin.export_domain_blocks.no_file'))
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue