diff --git a/client/coral-embed-stream/src/components/Comment.js b/client/coral-embed-stream/src/components/Comment.js
index 4fa7d234b..c3b7095e2 100644
--- a/client/coral-embed-stream/src/components/Comment.js
+++ b/client/coral-embed-stream/src/components/Comment.js
@@ -195,8 +195,16 @@ export default class Comment extends React.Component {
editComment: React.PropTypes.func,
}
+ editComment = (...args) => {
+ return this.props.editComment(this.props.comment.id, this.props.asset.id, ...args);
+ }
+
onClickEdit (e) {
e.preventDefault();
+ if (!can(this.props.currentUser, 'INTERACT_WITH_COMMUNITY')) {
+ this.props.addNotification('error', t('error.NOT_AUTHORIZED'));
+ return;
+ }
this.setState({isEditing: true});
}
@@ -239,7 +247,8 @@ export default class Comment extends React.Component {
}
if (can(this.props.currentUser, 'INTERACT_WITH_COMMUNITY')) {
this.props.setActiveReplyBox(this.props.comment.id);
- return;
+ } else {
+ this.props.addNotification('error', t('error.NOT_AUTHORIZED'));
}
return;
}
@@ -468,7 +477,7 @@ export default class Comment extends React.Component {
{
this.state.isEditing
?
: null}
diff --git a/client/coral-embed-stream/src/components/EditableCommentContent.js b/client/coral-embed-stream/src/components/EditableCommentContent.js
index 1373707a0..5e4e354db 100644
--- a/client/coral-embed-stream/src/components/EditableCommentContent.js
+++ b/client/coral-embed-stream/src/components/EditableCommentContent.js
@@ -4,6 +4,7 @@ import {CommentForm} from 'coral-plugin-commentbox/CommentForm';
import styles from './Comment.css';
import {CountdownSeconds} from './CountdownSeconds';
import {getEditableUntilDate} from './util';
+import {can} from 'coral-framework/services/perms';
import {Icon} from 'coral-ui';
import t from 'coral-framework/services/i18n';
@@ -47,7 +48,6 @@ export class EditableCommentContent extends React.Component {
}
constructor(props) {
super(props);
- this.editComment = this.editComment.bind(this);
this.editWindowExpiryTimeout = null;
}
componentDidMount() {
@@ -65,7 +65,12 @@ export class EditableCommentContent extends React.Component {
this.editWindowExpiryTimeout = clearTimeout(this.editWindowExpiryTimeout);
}
}
- async editComment(edit) {
+ editComment = async (edit) => {
+ if (!can(this.props.currentUser, 'INTERACT_WITH_COMMUNITY')) {
+ this.props.addNotification('error', t('error.NOT_AUTHORIZED'));
+ return;
+ }
+
const {editComment, addNotification, stopEditing} = this.props;
if (typeof editComment !== 'function') {return;}
let response;
diff --git a/client/coral-embed-stream/src/components/Stream.js b/client/coral-embed-stream/src/components/Stream.js
index c912d1a72..165b3ce4c 100644
--- a/client/coral-embed-stream/src/components/Stream.js
+++ b/client/coral-embed-stream/src/components/Stream.js
@@ -57,7 +57,10 @@ class Stream extends React.Component {
constructor(props) {
super(props);
- this.state = resetCursors(this.state, props);
+ this.state = {
+ ...resetCursors(this.state, props),
+ keepCommentBox: false,
+ };
}
componentWillReceiveProps(next) {
@@ -68,6 +71,12 @@ class Stream extends React.Component {
this.setState(resetCursors);
return;
}
+
+ // Keep comment box when user was live suspended, banned, ...
+ if (!this.userIsDegraged(this.props) && this.userIsDegraged(next)) {
+ this.setState({keepCommentBox: true});
+ }
+
if (
prevComments && nextComments &&
nextComments.nodes.length < prevComments.nodes.length
@@ -133,6 +142,10 @@ class Stream extends React.Component {
return view;
}
+ userIsDegraged({auth: {user}} = this.props) {
+ return !can(user, 'INTERACT_WITH_COMMUNITY');
+ }
+
render() {
const {
commentClassNames,
@@ -150,6 +163,7 @@ class Stream extends React.Component {
pluginProps,
editName
} = this.props;
+ const {keepCommentBox} = this.state;
const view = this.getVisibleComments();
const open = asset.closedAt === null;
@@ -171,6 +185,8 @@ class Stream extends React.Component {
me.ignoredUsers.find((u) => u.id === comment.user.id)
);
};
+
+ const showCommentBox = loggedIn && ((!banned && !temporarilySuspended && !highlightedComment) || keepCommentBox);
return (
@@ -199,10 +215,7 @@ class Stream extends React.Component {
editName={editName}
currentUsername={user.username}
/>}
- {loggedIn &&
- !banned &&
- !temporarilySuspended &&
- !highlightedComment &&
+ {showCommentBox &&
}
diff --git a/client/coral-embed-stream/src/containers/Embed.js b/client/coral-embed-stream/src/containers/Embed.js
index 68f76ccc5..bf05caf29 100644
--- a/client/coral-embed-stream/src/containers/Embed.js
+++ b/client/coral-embed-stream/src/containers/Embed.js
@@ -12,6 +12,8 @@ import {getDefinitionName} from 'coral-framework/utils';
import {withQuery} from 'coral-framework/hocs';
import Embed from '../components/Embed';
import Stream from './Stream';
+import {addNotification} from 'coral-framework/actions/notification';
+import t from 'coral-framework/services/i18n';
import {setActiveTab} from '../actions/embed';
import {viewAllComments} from '../actions/stream';
@@ -20,12 +22,63 @@ const {logout, checkLogin} = authActions;
const {fetchAssetSuccess} = assetActions;
class EmbedContainer extends React.Component {
+ subscriptions = [];
+
+ subscribeToUpdates(props = this.props) {
+ if (props.auth.loggedIn) {
+ const newSubscriptions = [{
+ document: USER_BANNED_SUBSCRIPTION,
+ updateQuery: () => {
+ addNotification('info', t('your_account_has_been_banned'));
+ },
+ },
+ {
+ document: USER_SUSPENDED_SUBSCRIPTION,
+ updateQuery: () => {
+ addNotification('info', t('your_account_has_been_suspended'));
+ },
+ },
+ {
+ document: USERNAME_REJECTED_SUBSCRIPTION,
+ updateQuery: () => {
+ addNotification('info', t('your_username_has_been_rejected'));
+ },
+ }];
+
+ this.subscriptions = newSubscriptions.map((s) => props.data.subscribeToMore({
+ document: s.document,
+ variables: {
+ user_id: props.auth.user.id,
+ },
+ updateQuery: s.updateQuery,
+ }));
+ }
+ }
+
+ unsubscribe() {
+ this.subscriptions.forEach((unsubscribe) => unsubscribe());
+ this.subscriptions = [];
+ }
+
+ resubscribe(props) {
+ this.unsubscribe();
+ this.subscribeToUpdates(props);
+ }
+
+ componentDidMount() {
+ this.subscribeToUpdates();
+ }
+
+ componentWillUnmount() {
+ this.unsubscribe();
+ }
componentWillReceiveProps(nextProps) {
if (this.props.auth.loggedIn !== nextProps.auth.loggedIn) {
// Refetch after login/logout.
this.props.data.refetch();
+ this.resubscribe(nextProps);
}
const {fetchAssetSuccess} = this.props;
@@ -52,6 +105,45 @@ class EmbedContainer extends React.Component {
}
}
+const USER_BANNED_SUBSCRIPTION = gql`
+ subscription UserBanned($user_id: ID!) {
+ userBanned(user_id: $user_id){
+ id
+ status
+ canEditName
+ suspension {
+ until
+ }
+ }
+ }
+`;
+
+const USER_SUSPENDED_SUBSCRIPTION = gql`
+ subscription UserSuspended($user_id: ID!) {
+ userSuspended(user_id: $user_id){
+ id
+ status
+ canEditName
+ suspension {
+ until
+ }
+ }
+ }
+`;
+
+const USERNAME_REJECTED_SUBSCRIPTION = gql`
+ subscription UsernameRejected($user_id: ID!) {
+ usernameRejected(user_id: $user_id){
+ id
+ status
+ canEditName
+ suspension {
+ until
+ }
+ }
+ }
+`;
+
const EMBED_QUERY = gql`
query CoralEmbedStream_Embed($assetId: ID, $assetUrl: String, $commentId: ID!, $hasComment: Boolean!, $excludeIgnored: Boolean) {
asset(id: $assetId, url: $assetUrl) {
@@ -95,6 +187,7 @@ const mapDispatchToProps = (dispatch) =>
setActiveTab,
viewAllComments,
fetchAssetSuccess,
+ addNotification,
},
dispatch
);
diff --git a/client/coral-embed-stream/src/containers/Stream.js b/client/coral-embed-stream/src/containers/Stream.js
index f6e1fd9ec..3491fc846 100644
--- a/client/coral-embed-stream/src/containers/Stream.js
+++ b/client/coral-embed-stream/src/containers/Stream.js
@@ -30,11 +30,8 @@ class StreamContainer extends React.Component {
subscriptions = [];
subscribeToUpdates() {
- const sub1 = this.props.data.subscribeToMore({
+ const newSubscriptions = [{
document: COMMENTS_EDITED_SUBSCRIPTION,
- variables: {
- assetId: this.props.root.asset.id,
- },
updateQuery: (prev, {subscriptionData: {data: {commentEdited}}}) => {
// Ignore mutations from me.
@@ -52,13 +49,9 @@ class StreamContainer extends React.Component {
return removeCommentFromEmbedQuery(prev, commentEdited.id);
}
},
- });
-
- const sub2 = this.props.data.subscribeToMore({
+ },
+ {
document: COMMENTS_ADDED_SUBSCRIPTION,
- variables: {
- assetId: this.props.root.asset.id,
- },
updateQuery: (prev, {subscriptionData: {data: {commentAdded}}}) => {
// Ignore mutations from me.
@@ -81,9 +74,15 @@ class StreamContainer extends React.Component {
return insertCommentIntoEmbedQuery(prev, commentAdded);
}
- });
+ }];
- this.subscriptions.push(sub1, sub2);
+ this.subscriptions = newSubscriptions.map((s) => this.props.data.subscribeToMore({
+ document: s.document,
+ variables: {
+ assetId: this.props.root.asset.id,
+ },
+ updateQuery: s.updateQuery,
+ }));
}
unsubscribe() {
@@ -173,7 +172,7 @@ const commentFragment = gql`
`;
const COMMENTS_ADDED_SUBSCRIPTION = gql`
- subscription onCommentAdded($assetId: ID!, $excludeIgnored: Boolean){
+ subscription CommentAdded($assetId: ID!, $excludeIgnored: Boolean){
commentAdded(asset_id: $assetId){
parent {
id
@@ -185,7 +184,7 @@ const COMMENTS_ADDED_SUBSCRIPTION = gql`
`;
const COMMENTS_EDITED_SUBSCRIPTION = gql`
- subscription onCommentEdited($assetId: ID!){
+ subscription CommentEdited($assetId: ID!){
commentEdited(asset_id: $assetId){
id
body
diff --git a/client/coral-embed/src/index.js b/client/coral-embed/src/index.js
index 5b42fa541..82eea8ef7 100644
--- a/client/coral-embed/src/index.js
+++ b/client/coral-embed/src/index.js
@@ -28,6 +28,7 @@ const snackbarStyles = {
// This function should return value of window.Coral
const Coral = {};
const Talk = (Coral.Talk = {});
+let notificationTimeout = null;
// build the URL to load in the pym iframe
function buildStreamIframeUrl(talkBaseUrl, query) {
@@ -110,14 +111,15 @@ function configurePymParent(pymParent, opts) {
snackbar.className = `coral-notif-${type}`;
snackbar.textContent = text;
- setTimeout(() => {
+ clearTimeout(notificationTimeout);
+ notificationTimeout = setTimeout(() => {
snackbar.style.transform = 'translate(-50%, 0)';
snackbar.style.opacity = 1;
- }, 0);
- setTimeout(() => {
- snackbar.style.opacity = 0;
- }, 5000);
+ notificationTimeout = setTimeout(() => {
+ snackbar.style.opacity = 0;
+ }, 7000);
+ }, 0);
});
// Helps child show notifications at the right scrollTop
diff --git a/client/coral-framework/reducers/auth.js b/client/coral-framework/reducers/auth.js
index 5a05de28e..7ab12cf53 100644
--- a/client/coral-framework/reducers/auth.js
+++ b/client/coral-framework/reducers/auth.js
@@ -151,6 +151,20 @@ export default function auth (state = initialState, action) {
case actions.SET_REDIRECT_URI:
return state
.set('redirectUri', action.uri);
+ case 'APOLLO_SUBSCRIPTION_RESULT':
+ if (action.operationName === 'UserBanned' && state.getIn(['user', 'id']) === action.variables.user_id) {
+ return state
+ .mergeIn(['user'], action.result.data.userBanned);
+ }
+ if (action.operationName === 'UserSuspended' && state.getIn(['user', 'id']) === action.variables.user_id) {
+ return state
+ .mergeIn(['user'], action.result.data.userSuspended);
+ }
+ if (action.operationName === 'UsernameRejected' && state.getIn(['user', 'id']) === action.variables.user_id) {
+ return state
+ .mergeIn(['user'], action.result.data.usernameRejected);
+ }
+ return state;
default :
return state;
}
diff --git a/client/coral-plugin-commentbox/CommentBox.js b/client/coral-plugin-commentbox/CommentBox.js
index 5105667ed..efa1d27ed 100644
--- a/client/coral-plugin-commentbox/CommentBox.js
+++ b/client/coral-plugin-commentbox/CommentBox.js
@@ -1,6 +1,7 @@
import React, {PropTypes} from 'react';
import t from 'coral-framework/services/i18n';
+import {can} from 'coral-framework/services/perms';
import Slot from 'coral-framework/components/Slot';
import {connect} from 'react-redux';
@@ -43,8 +44,14 @@ class CommentBox extends React.Component {
assetId,
parentId,
addNotification,
+ currentUser,
} = this.props;
+ if (!can(currentUser, 'INTERACT_WITH_COMMUNITY')) {
+ addNotification('error', t('error.NOT_AUTHORIZED'));
+ return;
+ }
+
let comment = {
asset_id: assetId,
parent_id: parentId,
@@ -126,7 +133,7 @@ class CommentBox extends React.Component {
handleChange = (e) => this.setState({body: e.target.value});
render () {
- const {styles, isReply, authorId, maxCharCount} = this.props;
+ const {styles, isReply, currentUser, maxCharCount} = this.props;
let {cancelButtonClicked} = this.props;
if (isReply && typeof cancelButtonClicked !== 'function') {
@@ -145,7 +152,7 @@ class CommentBox extends React.Component {
charCountEnable={this.props.charCountEnable}
bodyPlaceholder={t('comment.comment')}
bodyInputId={isReply ? 'replyText' : 'commentText'}
- saveComment={authorId && this.postComment}
+ saveComment={currentUser && this.postComment}
buttonContainerStart={
diff --git a/graph/context.js b/graph/context.js
index 66086dc89..d2306cbc8 100644
--- a/graph/context.js
+++ b/graph/context.js
@@ -3,6 +3,7 @@ const mutators = require('./mutators');
const uuid = require('uuid');
const plugins = require('../services/plugins');
+const pubsub = require('../services/pubsub');
const debug = require('debug')('talk:graph:context');
/**
@@ -32,7 +33,7 @@ const decorateContextPlugins = (context, contextPlugins) => contextPlugins.reduc
* Stores the request context.
*/
class Context {
- constructor({user = null}, pubsub) {
+ constructor({user = null}) {
// Generate a new context id for the request.
this.id = uuid.v4();
diff --git a/graph/index.js b/graph/index.js
index 4e99714d9..7495c0605 100644
--- a/graph/index.js
+++ b/graph/index.js
@@ -1,6 +1,5 @@
const schema = require('./schema');
const Context = require('./context');
-const pubsub = require('./pubsub');
const {createSubscriptionManager} = require('./subscriptions');
module.exports = {
@@ -11,7 +10,7 @@ module.exports = {
// Load in the new context here, this'll create the loaders + mutators for
// the lifespan of this request.
- context: new Context(req, pubsub)
+ context: new Context(req)
}),
createSubscriptionManager
};
diff --git a/graph/mutators/action.js b/graph/mutators/action.js
index 19db33183..d62d3b4c5 100644
--- a/graph/mutators/action.js
+++ b/graph/mutators/action.js
@@ -16,7 +16,7 @@ const {CREATE_ACTION, DELETE_ACTION} = require('../../perms/constants');
const createAction = async ({user = {}, pubsub, loaders: {Comments}}, {item_id, item_type, action_type, group_id, metadata = {}}) => {
let comment;
- if (pubsub && item_type === 'COMMENTS') {
+ if (item_type === 'COMMENTS') {
comment = await Comments.get.load(item_id);
if (!comment) {
throw new Error('Comment not found');
@@ -38,7 +38,7 @@ const createAction = async ({user = {}, pubsub, loaders: {Comments}}, {item_id,
await UsersService.setStatus(item_id, 'PENDING');
}
- if (pubsub && comment) {
+ if (comment) {
pubsub.publish('commentFlagged', comment);
}
diff --git a/graph/mutators/comment.js b/graph/mutators/comment.js
index df6ed71ce..f32172a4d 100644
--- a/graph/mutators/comment.js
+++ b/graph/mutators/comment.js
@@ -177,11 +177,8 @@ const createComment = async (context, {tags = [], body, asset_id, parent_id = nu
}
Comments.countByAssetID.incr(asset_id);
- if (pubsub) {
-
- // Publish the newly added comment via the subscription.
- pubsub.publish('commentAdded', comment);
- }
+ // Publish the newly added comment via the subscription.
+ pubsub.publish('commentAdded', comment);
}
return comment;
@@ -346,17 +343,14 @@ const setStatus = async ({user, loaders: {Comments}, pubsub}, {id, status}) => {
// adjust the affected user's karma in the next tick.
process.nextTick(adjustKarma(Comments, id, status));
- if (pubsub) {
+ if (status === 'ACCEPTED') {
- if (status === 'ACCEPTED') {
+ // Publish the comment status change via the subscription.
+ pubsub.publish('commentAccepted', comment);
+ } else if (status === 'REJECTED') {
- // Publish the comment status change via the subscription.
- pubsub.publish('commentAccepted', comment);
- } else if (status === 'REJECTED') {
-
- // Publish the comment status change via the subscription.
- pubsub.publish('commentRejected', comment);
- }
+ // Publish the comment status change via the subscription.
+ pubsub.publish('commentRejected', comment);
}
return comment;
@@ -379,11 +373,9 @@ const edit = async (context, {id, asset_id, edit: {body}}) => {
// Execute the edit.
const comment = await CommentsService.edit(id, context.user.id, {body, status});
- if (context.pubsub) {
+ // Publish the edited comment via the subscription.
+ context.pubsub.publish('commentEdited', comment);
- // Publish the edited comment via the subscription.
- context.pubsub.publish('commentEdited', comment);
- }
return comment;
};
diff --git a/graph/mutators/user.js b/graph/mutators/user.js
index cf0106a2c..448ac750a 100644
--- a/graph/mutators/user.js
+++ b/graph/mutators/user.js
@@ -2,16 +2,28 @@ const errors = require('../../errors');
const UsersService = require('../../services/users');
const {SET_USER_STATUS, SUSPEND_USER, REJECT_USERNAME} = require('../../perms/constants');
-const setUserStatus = ({user}, {id, status}) => {
- return UsersService.setStatus(id, status);
+const setUserStatus = async ({user, pubsub}, {id, status}) => {
+ const result = await UsersService.setStatus(id, status);
+ if (result && result.status === 'BANNED') {
+ pubsub.publish('userBanned', result);
+ }
+ return result;
};
-const suspendUser = ({user}, {id, message, until}) => {
- return UsersService.suspendUser(id, message, until);
+const suspendUser = async ({user, pubsub}, {id, message, until}) => {
+ const result = await UsersService.suspendUser(id, message, until);
+ if (result) {
+ pubsub.publish('userSuspended', result);
+ }
+ return result;
};
-const rejectUsername = ({user}, {id, message}) => {
- return UsersService.rejectUsername(id, message);
+const rejectUsername = async ({user, pubsub}, {id, message}) => {
+ const result = await UsersService.rejectUsername(id, message);
+ if (result) {
+ pubsub.publish('usernameRejected', result);
+ }
+ return result;
};
const ignoreUser = ({user}, userToIgnore) => {
diff --git a/graph/resolvers/subscription.js b/graph/resolvers/subscription.js
index 1f26d5ff3..f6da9fb54 100644
--- a/graph/resolvers/subscription.js
+++ b/graph/resolvers/subscription.js
@@ -14,6 +14,15 @@ const Subscription = {
commentFlagged(comment) {
return comment;
},
+ userBanned(user) {
+ return user;
+ },
+ userSuspended(user) {
+ return user;
+ },
+ usernameRejected(user) {
+ return user;
+ },
};
module.exports = Subscription;
diff --git a/graph/resolvers/user.js b/graph/resolvers/user.js
index 035af22cb..2878d6561 100644
--- a/graph/resolvers/user.js
+++ b/graph/resolvers/user.js
@@ -6,6 +6,7 @@ const {
SEARCH_OTHERS_COMMENTS,
UPDATE_USER_ROLES,
SEARCH_COMMENT_METRICS,
+ VIEW_SUSPENSION_INFO,
LIST_OWN_TOKENS
} = require('../../perms/constants');
@@ -84,6 +85,13 @@ const User = {
if (requestingUser && requestingUser.can(SEARCH_COMMENT_METRICS)) {
return KarmaService.model(user);
}
+ },
+
+ suspension({id, suspension}, _, {user}) {
+ if (user.id !== id && !user.can(VIEW_SUSPENSION_INFO)) {
+ return null;
+ }
+ return suspension;
}
};
diff --git a/graph/subscriptions.js b/graph/subscriptions.js
index ec2d5b786..ce1eb1a09 100644
--- a/graph/subscriptions.js
+++ b/graph/subscriptions.js
@@ -3,7 +3,7 @@ const {SubscriptionServer} = require('subscriptions-transport-ws');
const _ = require('lodash');
const debug = require('debug')('talk:graph:subscriptions');
-const pubsub = require('./pubsub');
+const pubsub = require('../services/pubsub');
const schema = require('./schema');
const Context = require('./context');
const plugins = require('../services/plugins');
@@ -21,6 +21,9 @@ const {
SUBSCRIBE_COMMENT_FLAGGED,
SUBSCRIBE_ALL_COMMENT_EDITED,
SUBSCRIBE_ALL_COMMENT_ADDED,
+ SUBSCRIBE_ALL_USER_SUSPENDED,
+ SUBSCRIBE_ALL_USER_BANNED,
+ SUBSCRIBE_ALL_USERNAME_REJECTED,
} = require('../perms/constants');
/**
@@ -83,6 +86,45 @@ const setupFunctions = plugins.get('server', 'setupFunctions').reduce((acc, {plu
}
},
}),
+ userSuspended: (options, args) => ({
+ userSuspended: {
+ filter: (user, context) => {
+ if (
+ !context.user
+ || args.user_id !== user.id && !context.user.can(SUBSCRIBE_ALL_USER_SUSPENDED)
+ ) {
+ return false;
+ }
+ return !args.user_id || user.id === args.user_id;
+ }
+ },
+ }),
+ userBanned: (options, args) => ({
+ userBanned: {
+ filter: (user, context) => {
+ if (
+ !context.user
+ || args.user_id !== user.id && !context.user.can(SUBSCRIBE_ALL_USER_BANNED)
+ ) {
+ return false;
+ }
+ return !args.user_id || user.id === args.user_id;
+ }
+ },
+ }),
+ usernameRejected: (options, args) => ({
+ usernameRejected: {
+ filter: (user, context) => {
+ if (
+ !context.user
+ || args.user_id !== user.id && !context.user.can(SUBSCRIBE_ALL_USERNAME_REJECTED)
+ ) {
+ return false;
+ }
+ return !args.user_id || user.id === args.user_id;
+ }
+ },
+ }),
});
/**
@@ -117,10 +159,10 @@ const createSubscriptionManager = (server) => new SubscriptionServer({
} catch (e) {
console.error(e);
- return new Context({}, pubsub);
+ return new Context({});
}
- return new Context(req, pubsub);
+ return new Context(req);
};
return baseParams;
diff --git a/graph/typeDefs.graphql b/graph/typeDefs.graphql
index 7801872a6..4a38ce266 100644
--- a/graph/typeDefs.graphql
+++ b/graph/typeDefs.graphql
@@ -61,6 +61,10 @@ type UserProfile {
provider: String!
}
+type SuspensionInfo {
+ until: Date
+}
+
# Any person who can author comments, create actions, and view comments on a
# stream.
type User {
@@ -108,6 +112,10 @@ type User {
# returns user status
status: USER_STATUS
+
+ # returns suspension info. Only available to Admins and Moderators
+ # or on own logged in User.
+ suspension: SuspensionInfo
}
# UsersQuery allows the ability to query users by a specific fields.
@@ -1034,6 +1042,21 @@ type Subscription {
# Get an update whenever a comment has been rejected.
# Requires the `ADMIN` or `MODERATOR` role.
commentRejected(asset_id: ID): Comment
+
+ # Get an update whenever a user has been suspended.
+ # `user_id` must match id of current user except for
+ # users with the `ADMIN` or `MODERATOR` role.
+ userSuspended(user_id: ID): User
+
+ # Get an update whenever a user has been banned.
+ # `user_id` must match id of current user except for
+ # users with the `ADMIN` or `MODERATOR` role.
+ userBanned(user_id: ID): User
+
+ # Get an update whenever a username has been rejected.
+ # `user_id` must match id of current user except for
+ # users with the `ADMIN` or `MODERATOR` role.
+ usernameRejected(user_id: ID): User
}
################################################################################
diff --git a/locales/en.yml b/locales/en.yml
index 1fac86785..03256e75e 100644
--- a/locales/en.yml
+++ b/locales/en.yml
@@ -1,4 +1,7 @@
en:
+ your_account_has_been_suspended: Your account has been temporarily suspended.
+ your_account_has_been_banned: Your account has been banned.
+ your_username_has_been_rejected: Your account has been suspended because your username has been deemed inappropriate. To restore your account please enter a new username.
bandialog:
are_you_sure: "Are you sure you would like to ban {0}?"
ban_user: "Ban User?"
diff --git a/locales/es.yml b/locales/es.yml
index 62ea0e97e..7297fedd5 100644
--- a/locales/es.yml
+++ b/locales/es.yml
@@ -1,4 +1,7 @@
es:
+ your_account_has_been_suspended: Su cuenta ha sido temporalmente suspendida.
+ your_account_has_been_banned: Su cuenta ha sido suspendida.
+ your_username_has_been_rejected: Su cuenta ha sido suspendida porque tu nombre de usuario ha sido considerado no apropiado para el espacio. Para recuperar la cuenta, por favor ingresar un nuevo nombre de usuario.
bandialog:
are_you_sure: "¿Estás segura que quieres suspender a {0}?"
ban_user: "¿Quieres suspender el Usuario?"
diff --git a/perms/constants.js b/perms/constants.js
index abfd16c6f..383f36daf 100644
--- a/perms/constants.js
+++ b/perms/constants.js
@@ -26,6 +26,7 @@ module.exports = {
SEARCH_COMMENT_METRICS: 'SEARCH_COMMENT_METRICS',
LIST_OWN_TOKENS: 'LIST_OWN_TOKENS',
SEARCH_COMMENT_STATUS_HISTORY: 'SEARCH_COMMENT_STATUS_HISTORY',
+ VIEW_SUSPENSION_INFO: 'VIEW_SUSPENSION_INFO',
// subscriptions
SUBSCRIBE_COMMENT_ACCEPTED: 'SUBSCRIBE_COMMENT_ACCEPTED',
@@ -33,4 +34,7 @@ module.exports = {
SUBSCRIBE_COMMENT_FLAGGED: 'SUBSCRIBE_COMMENT_FLAGGED',
SUBSCRIBE_ALL_COMMENT_ADDED: 'SUBSCRIBE_ALL_COMMENT_ADDED',
SUBSCRIBE_ALL_COMMENT_EDITED: 'SUBSCRIBE_ALL_COMMENT_EDITED',
+ SUBSCRIBE_ALL_USER_SUSPENDED: 'SUBSCRIBE_ALL_USER_SUSPENDED',
+ SUBSCRIBE_ALL_USER_BANNED: 'SUBSCRIBE_ALL_USER_BANNED',
+ SUBSCRIBE_ALL_USERNAME_REJECTED: 'SUBSCRIBE_ALL_USERNAME_REJECTED',
};
diff --git a/perms/queryReducer.js b/perms/queryReducer.js
index ed84f2265..0b76c225a 100644
--- a/perms/queryReducer.js
+++ b/perms/queryReducer.js
@@ -19,6 +19,8 @@ module.exports = (user, perm) => {
return check(user, ['ADMIN']);
case types.SEARCH_COMMENT_STATUS_HISTORY:
return check(user, ['ADMIN', 'MODERATOR']);
+ case types.VIEW_SUSPENSION_INFO:
+ return check(user, ['ADMIN', 'MODERATOR']);
default:
break;
}
diff --git a/perms/subscriptionReducer.js b/perms/subscriptionReducer.js
index 0b06902cf..e0f73526a 100644
--- a/perms/subscriptionReducer.js
+++ b/perms/subscriptionReducer.js
@@ -13,6 +13,12 @@ module.exports = (user, perm) => {
return check(user, ['ADMIN', 'MODERATOR']);
case types.SUBSCRIBE_ALL_COMMENT_ADDED:
return check(user, ['ADMIN', 'MODERATOR']);
+ case types.SUBSCRIBE_ALL_USER_SUSPENDED:
+ return check(user, ['ADMIN', 'MODERATOR']);
+ case types.SUBSCRIBE_ALL_USER_BANNED:
+ return check(user, ['ADMIN', 'MODERATOR']);
+ case types.SUBSCRIBE_ALL_USERNAME_REJECTED:
+ return check(user, ['ADMIN', 'MODERATOR']);
default:
break;
}
diff --git a/plugin-api/beta/client/hocs/withReaction.js b/plugin-api/beta/client/hocs/withReaction.js
index 1ed777996..72de7f5c4 100644
--- a/plugin-api/beta/client/hocs/withReaction.js
+++ b/plugin-api/beta/client/hocs/withReaction.js
@@ -8,6 +8,7 @@ import {compose, gql} from 'react-apollo';
import withFragments from 'coral-framework/hocs/withFragments';
import withMutation from 'coral-framework/hocs/withMutation';
import {showSignInDialog} from 'coral-framework/actions/auth';
+import {addNotification} from 'coral-framework/actions/notification';
import {capitalize} from 'coral-framework/helpers/strings';
import {getMyActionSummary, getTotalActionCount} from 'coral-framework/utils';
import * as PropTypes from 'prop-types';
@@ -248,6 +249,7 @@ export default (reaction) => (WrappedComponent) => {
return (WrappedComponent) => {
});
const mapDispatchToProps = (dispatch) =>
- bindActionCreators({showSignInDialog}, dispatch);
+ bindActionCreators({showSignInDialog, addNotification}, dispatch);
const enhance = compose(
withFragments({
diff --git a/plugins/coral-plugin-like/client/LikeButton.js b/plugins/coral-plugin-like/client/LikeButton.js
index 68a516c3f..7d17ef056 100644
--- a/plugins/coral-plugin-like/client/LikeButton.js
+++ b/plugins/coral-plugin-like/client/LikeButton.js
@@ -13,6 +13,7 @@ class LikeButton extends React.Component {
postReaction,
deleteReaction,
showSignInDialog,
+ addNotification,
alreadyReacted,
user,
} = this.props;
@@ -25,6 +26,7 @@ class LikeButton extends React.Component {
// If the current user is suspended, do nothing.
if (!can(user, 'INTERACT_WITH_COMMUNITY')) {
+ addNotification('error', t('error.NOT_AUTHORIZED'));
return;
}
diff --git a/plugins/coral-plugin-love/client/LoveButton.js b/plugins/coral-plugin-love/client/LoveButton.js
index 0fc7bd7ca..7450ad668 100644
--- a/plugins/coral-plugin-love/client/LoveButton.js
+++ b/plugins/coral-plugin-love/client/LoveButton.js
@@ -13,6 +13,7 @@ class LoveButton extends React.Component {
postReaction,
deleteReaction,
showSignInDialog,
+ addNotification,
alreadyReacted,
user,
} = this.props;
@@ -25,6 +26,7 @@ class LoveButton extends React.Component {
// If the current user is suspended, do nothing.
if (!can(user, 'INTERACT_WITH_COMMUNITY')) {
+ addNotification('error', t('error.NOT_AUTHORIZED'));
return;
}
diff --git a/plugins/coral-plugin-respect/client/RespectButton.js b/plugins/coral-plugin-respect/client/RespectButton.js
index bde8c9669..9bc556b67 100644
--- a/plugins/coral-plugin-respect/client/RespectButton.js
+++ b/plugins/coral-plugin-respect/client/RespectButton.js
@@ -14,6 +14,7 @@ class RespectButton extends React.Component {
deleteReaction,
showSignInDialog,
alreadyReacted,
+ addNotification,
user,
} = this.props;
@@ -25,6 +26,7 @@ class RespectButton extends React.Component {
// If the current user is suspended, do nothing.
if (!can(user, 'INTERACT_WITH_COMMUNITY')) {
+ addNotification('error', t('error.NOT_AUTHORIZED'));
return;
}
diff --git a/routes/api/users/index.js b/routes/api/users/index.js
index 10d72fe3a..47ff46853 100644
--- a/routes/api/users/index.js
+++ b/routes/api/users/index.js
@@ -1,8 +1,8 @@
const express = require('express');
const router = express.Router();
const UsersService = require('../../../services/users');
-const CommentsService = require('../../../services/comments');
const mailer = require('../../../services/mailer');
+const pubsub = require('../../../services/pubsub');
const errors = require('../../../errors');
const authorization = require('../../../middleware/authorization');
const i18n = require('../../../services/i18n');
@@ -53,11 +53,16 @@ router.post('/:user_id/role', authorization.needed('ADMIN'), (req, res, next) =>
router.post('/:user_id/status', authorization.needed('ADMIN'), (req, res, next) => {
UsersService
.setStatus(req.params.user_id, req.body.status)
- .then((status) => {
- res.status(201).json(status);
+ .then((user) => {
- if (status === 'BANNED' && req.body.comment_id) {
- return CommentsService.pushStatus(req.body.comment_id, 'rejected', req.params.user_id);
+ // TODO: current updating status behavior is weird.
+ if (user) {
+ if (user.status === 'BANNED') {
+ pubsub.publish('userBanned', user);
+ }
+ res.status(201).json(user.status);
+ } else {
+ res.status(500).json();
}
})
.catch(next);
diff --git a/graph/pubsub.js b/services/pubsub.js
similarity index 69%
rename from graph/pubsub.js
rename to services/pubsub.js
index 704f83725..a42ffb314 100644
--- a/graph/pubsub.js
+++ b/services/pubsub.js
@@ -1,5 +1,5 @@
const {RedisPubSub} = require('graphql-redis-subscriptions');
-const {connectionOptions} = require('../services/redis');
+const {connectionOptions} = require('./redis');
module.exports = new RedisPubSub({connection: connectionOptions});
diff --git a/services/users.js b/services/users.js
index 78ec57b4c..dea208c8e 100644
--- a/services/users.js
+++ b/services/users.js
@@ -435,7 +435,10 @@ module.exports = class UsersService {
return Promise.reject(new Error(`status ${status} is not supported`));
}
- return UserModel.update({
+ // TODO: current updating status behavior is weird.
+ // once a user has been `APPROVED` its status cannot be
+ // changed anymore.
+ return UserModel.findOneAndUpdate({
id,
status: {
$ne: 'APPROVED'
@@ -444,6 +447,8 @@ module.exports = class UsersService {
$set: {
status
}
+ }, {
+ new: true,
});
}
@@ -453,34 +458,37 @@ module.exports = class UsersService {
* @param {String} message message to be send to the user
* @param {Date} until date until the suspension is valid.
*/
- static suspendUser(id, message, until) {
- return UserModel.findOneAndUpdate(
+ static async suspendUser(id, message, until) {
+ const user = await UserModel.findOneAndUpdate(
{id}, {
$set: {
suspension: {
until,
},
}
- })
- .then((user) => {
- if (message) {
- let localProfile = user.profiles.find((profile) => profile.provider === 'local');
- if (localProfile) {
- const options =
- {
- template: 'suspension', // needed to know which template to render!
- locals: { // specifies the template locals.
- body: message
- },
- subject: 'Your account has been suspended',
- to: localProfile.id // This only works if the user has registered via e-mail.
- // We may want a standard way to access a user's e-mail address in the future
- };
-
- return MailerService.sendSimple(options);
- }
- }
+ }, {
+ new: true,
});
+
+ if (message) {
+ let localProfile = user.profiles.find((profile) => profile.provider === 'local');
+ if (localProfile) {
+ const options =
+ {
+ template: 'suspension', // needed to know which template to render!
+ locals: { // specifies the template locals.
+ body: message
+ },
+ subject: 'Your account has been suspended',
+ to: localProfile.id // This only works if the user has registered via e-mail.
+ // We may want a standard way to access a user's e-mail address in the future
+ };
+
+ await MailerService.sendSimple(options);
+ }
+ }
+
+ return user;
}
/**
@@ -489,34 +497,37 @@ module.exports = class UsersService {
* @param {String} message message to be send to the user
* @param {Date} until date until the suspension is valid.
*/
- static rejectUsername(id, message) {
- return UserModel.findOneAndUpdate({
+ static async rejectUsername(id, message) {
+ const user = await UserModel.findOneAndUpdate({
id
}, {
$set: {
status: 'BANNED',
canEditName: true,
}
- })
- .then((user) => {
- if (message) {
- let localProfile = user.profiles.find((profile) => profile.provider === 'local');
- if (localProfile) {
- const options =
- {
- template: 'suspension', // needed to know which template to render!
- locals: { // specifies the template locals.
- body: message
- },
- subject: 'Email Suspension',
- to: localProfile.id // This only works if the user has registered via e-mail.
- // We may want a standard way to access a user's e-mail address in the future
- };
-
- return MailerService.sendSimple(options);
- }
- }
+ }, {
+ new: true,
});
+
+ if (message) {
+ let localProfile = user.profiles.find((profile) => profile.provider === 'local');
+ if (localProfile) {
+ const options =
+ {
+ template: 'suspension', // needed to know which template to render!
+ locals: { // specifies the template locals.
+ body: message
+ },
+ subject: 'Email Suspension',
+ to: localProfile.id // This only works if the user has registered via e-mail.
+ // We may want a standard way to access a user's e-mail address in the future
+ };
+
+ await MailerService.sendSimple(options);
+ }
+ }
+
+ return user;
}
/**
diff --git a/test/server/graph/context.js b/test/server/graph/context.js
index b01917289..7d30042e4 100644
--- a/test/server/graph/context.js
+++ b/test/server/graph/context.js
@@ -3,14 +3,16 @@ const expect = require('chai').expect;
const User = require('../../../models/user');
const Context = require('../../../graph/context');
const errors = require('../../../errors');
+const SettingsService = require('../../../services/settings');
describe('graph.Context', () => {
+ beforeEach(() => SettingsService.init());
describe('#constructor: with a user', () => {
let c;
beforeEach(() => {
- c = new Context({user: new User({id: '1'})});
+ c = new Context({user: new User({id: '1', roles: ['ADMIN']})});
});
it('creates a context with a user', (done) => {
@@ -21,15 +23,10 @@ describe('graph.Context', () => {
});
it('does have access to mutators', () => {
- return c.mutators.Action.create({
- item_id: '1',
- item_type: 'COMMENTS',
- action_type: 'LIKE'
- })
- .then((action) => {
- expect(action).to.have.property('item_id', '1');
- expect(action).to.have.property('item_type', 'COMMENTS');
- expect(action).to.have.property('action_type', 'LIKE');
+ return c.mutators.Tag.add({
+ item_type: 'USERS',
+ id: '1',
+ name: 'Tag',
});
});
});
@@ -48,13 +45,13 @@ describe('graph.Context', () => {
});
it('does not have access to mutators', () => {
- return c.mutators.Action.create({
- item_id: '1',
+ return c.mutators.Tag.add({
item_type: 'COMMENTS',
- action_type: 'LIKE'
+ id: '1',
+ name: 'Tag',
})
- .then((action) => {
- expect(action).to.be.null;
+ .then(() => {
+ throw new Error('should not reach this point');
})
.catch((err) => {
expect(err).to.be.equal(errors.ErrNotAuthorized);