Skip to content

Commit

Permalink
Merge v0.2024.008 into 'release'.
Browse files Browse the repository at this point in the history
  • Loading branch information
kajmagnus committed Oct 11, 2024
2 parents 8340b32 + 075f4e5 commit 327b774
Show file tree
Hide file tree
Showing 50 changed files with 925 additions and 213 deletions.
15 changes: 15 additions & 0 deletions appsv/model/src/main/scala/com/debiki/core/EditedSettings.scala
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ object ContentLicense {
* Because only edited settings need to be saved to the database.
*/
case class EditedSettings(
authnDiagConf: Opt[JsObject],
userMustBeAuthenticated: Option[Boolean],
userMustBeApproved: Option[Boolean],
expireIdleAfterMins: Option[Int],
Expand Down Expand Up @@ -159,13 +160,17 @@ case class EditedSettings(
enableTags: Option[Boolean],
enableChat: Option[Boolean],
enableDirectMessages: Option[Boolean],
enableAnonSens: Opt[Bo],
enablePresence: Opt[Bo],
enableSimilarTopics: Option[Boolean],
enableCors: Option[Boolean],
allowCorsFrom: Option[String],
allowCorsCreds: Option[Boolean],
showSubCommunities: Option[Boolean],
showExperimental: Option[Boolean],
featureFlags: Option[String],
ownDomains: Opt[St],
followLinksTo: Opt[St],
allowEmbeddingFrom: Option[String],
embeddedCommentsCategoryId: Option[CategoryId],
htmlTagCssClasses: Option[String],
Expand Down Expand Up @@ -211,6 +216,7 @@ object EditedSettings {
val MaxNumFirstPosts = 10

val empty: EditedSettings = EditedSettings(
authnDiagConf = None,
userMustBeAuthenticated = None,
userMustBeApproved = None,
expireIdleAfterMins = None,
Expand Down Expand Up @@ -310,13 +316,17 @@ object EditedSettings {
enableTags = None,
enableChat = None,
enableDirectMessages = None,
enableAnonSens = None,
enablePresence = None,
enableSimilarTopics = None,
enableCors = None,
allowCorsFrom = None,
allowCorsCreds = None,
showSubCommunities = None,
showExperimental = None,
featureFlags = None,
ownDomains = None,
followLinksTo = None,
allowEmbeddingFrom = None,
embeddedCommentsCategoryId = None,
htmlTagCssClasses = None,
Expand All @@ -338,6 +348,7 @@ object EditedSettings {
* settingsToSave.title.get.get.
*/
case class SettingsToSave(
authnDiagConf: Opt[Opt[JsObject]] = None,
userMustBeAuthenticated: Option[Option[Boolean]] = None,
userMustBeApproved: Option[Option[Boolean]] = None,
expireIdleAfterMins: Option[Option[Int]] = None,
Expand Down Expand Up @@ -437,13 +448,17 @@ case class SettingsToSave(
enableTags: Option[Option[Boolean]] = None,
enableChat: Option[Option[Boolean]] = None,
enableDirectMessages: Option[Option[Boolean]] = None,
enableAnonSens: Opt[Opt[Bo]] = None,
enablePresence: Opt[Opt[Bo]] = None,
enableSimilarTopics: Option[Option[Boolean]] = None,
enableCors: Option[Option[Boolean]] = None,
allowCorsFrom: Option[Option[String]] = None,
allowCorsCreds: Option[Option[Boolean]] = None,
showSubCommunities: Option[Option[Boolean]] = None,
showExperimental: Option[Option[Boolean]] = None,
featureFlags: Option[Option[String]] = None,
ownDomains: Opt[Opt[St]] = None,
followLinksTo: Opt[Opt[St]] = None,
allowEmbeddingFrom: Option[Option[String]] = None,
embeddedCommentsCategoryId: Option[Option[CategoryId]] = None,
htmlTagCssClasses: Option[Option[String]] = None,
Expand Down
16 changes: 13 additions & 3 deletions appsv/model/src/main/scala/com/debiki/core/Site.scala
Original file line number Diff line number Diff line change
Expand Up @@ -80,12 +80,22 @@ trait SiteTrait {

def isTestSite: Bo = id <= Site.MaxTestSiteId

def isFeatureEnabled(ffName: St, serverFeatureFlags: St, onByDefault: Bo = false): Bo = {
def isFeatureEnabled(ffName: St, serverFeatureFlags: St, onByDefault: Bo = false): Bo =
SiteTrait.isFeatureEnabled(
ffName = ffName, siteFeatureFlags = featureFlags,
serverFeatureFlags = serverFeatureFlags, onByDefault = onByDefault)
}


// Move to somewhere better?
object SiteTrait {
def isFeatureEnabled(ffName: St, siteFeatureFlags: St, serverFeatureFlags: St,
onByDefault: Bo = false): Bo = {
val offName = "0" + ffName // zero — same as when disabling options in Vim
val enabledWholeServer = serverFeatureFlags.contains(ffName)
val disabledWholeServer = serverFeatureFlags.contains(offName)
val enabledThisSite = featureFlags.contains(ffName)
val disabledThisSite = featureFlags.contains(offName)
val enabledThisSite = siteFeatureFlags.contains(ffName)
val disabledThisSite = siteFeatureFlags.contains(offName)
val enabledSomewhere = onByDefault || enabledWholeServer || enabledThisSite
val disabledSomewhere = disabledWholeServer || disabledThisSite

Expand Down
3 changes: 3 additions & 0 deletions appsv/model/src/main/scala/com/debiki/core/package.scala
Original file line number Diff line number Diff line change
Expand Up @@ -1115,6 +1115,7 @@ package object core {
*/
sealed trait WhichAliasPat {
def anyPat: Opt[Pat]
def anyAnonStatus: Opt[AnonStatus]
}


Expand All @@ -1127,6 +1128,7 @@ package object core {

case class SameAnon(anon: Anonym) extends WhichAliasPat {
def anyPat: Opt[Pat] = Some(anon)
def anyAnonStatus: Opt[AnonStatus] = Some(anon.anonStatus)
}

/** Reuses any already existing anonym with the same anon status,
Expand All @@ -1137,6 +1139,7 @@ package object core {
*/
case class LazyCreatedAnon(anonStatus: AnonStatus) extends WhichAliasPat {
def anyPat: Opt[Pat] = None // might not yet exist
def anyAnonStatus: Opt[AnonStatus] = Some(anonStatus)
}

// Let's not support creating more than one anonym per user & page, for now.
Expand Down
1 change: 1 addition & 0 deletions appsv/rdb/src/main/resources/db/migration/db-wip.sql
Original file line number Diff line number Diff line change
Expand Up @@ -722,6 +722,7 @@ Add?:


page_html_cache_t — restrict col lengths
-- ? add: param_logged_in_c bool, to inc/exclude authn diag stuff? [cached_html_loggedin_param]


-- Remove email "identities" from identities3?
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@ trait SettingsSiteDaoMixin extends SiteTransaction {
site_id,
category_id,
page_id,
authn_diag_conf_c,
user_must_be_auth,
user_must_be_approved,
expire_idle_after_mins,
Expand Down Expand Up @@ -157,28 +158,33 @@ trait SettingsSiteDaoMixin extends SiteTransaction {
enable_tags,
enable_chat,
enable_direct_messages,
enable_anon_posts_c,
enable_online_status_c,
enable_similar_topics,
enable_cors,
allow_cors_from,
allow_cors_creds,
show_sub_communities,
experimental,
feature_flags,
own_domains_c,
follow_links_to_c,
allow_embedding_from,
embedded_comments_category_id,
html_tag_css_classes)
values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
values (?, ?, ?, ?::jsonb, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?::jsonb, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?::jsonb, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
"""

val values = List(
siteId.asAnyRef,
NullInt,
NullVarchar,
editedSettings2.authnDiagConf.getOrElse(None).orNullJson,
editedSettings2.userMustBeAuthenticated.getOrElse(None).orNullBoolean,
editedSettings2.userMustBeApproved.getOrElse(None).orNullBoolean,
editedSettings2.expireIdleAfterMins.getOrElse(None).orNullInt,
Expand Down Expand Up @@ -277,13 +283,17 @@ trait SettingsSiteDaoMixin extends SiteTransaction {
editedSettings2.enableTags.getOrElse(None).orNullBoolean,
editedSettings2.enableChat.getOrElse(None).orNullBoolean,
editedSettings2.enableDirectMessages.getOrElse(None).orNullBoolean,
editedSettings2.enableAnonSens.getOrElse(None).orNullBoolean,
editedSettings2.enablePresence.getOrElse(None).orNullBoolean,
editedSettings2.enableSimilarTopics.getOrElse(None).orNullBoolean,
editedSettings2.enableCors.getOrElse(None).orNullBoolean,
editedSettings2.allowCorsFrom.getOrElse(None).trimOrNullVarchar,
editedSettings2.allowCorsCreds.getOrElse(None).orNullBoolean,
editedSettings2.showSubCommunities.getOrElse(None).orNullBoolean,
editedSettings2.showExperimental.getOrElse(None).orNullBoolean,
editedSettings2.featureFlags.getOrElse(None).trimOrNullVarchar,
editedSettings2.ownDomains.getOrElse(None).trimOrNullVarchar,
editedSettings2.followLinksTo.getOrElse(None).trimOrNullVarchar,
editedSettings2.allowEmbeddingFrom.getOrElse(None).trimOrNullVarchar,
editedSettings2.embeddedCommentsCategoryId.getOrElse(None).orNullInt,
editedSettings2.htmlTagCssClasses.getOrElse(None).trimOrNullVarchar)
Expand All @@ -308,6 +318,7 @@ trait SettingsSiteDaoMixin extends SiteTransaction {
}

val s = editedSettings2
maybeSet("authn_diag_conf_c", s.authnDiagConf.map(_.orNullJson))
maybeSet("user_must_be_auth", s.userMustBeAuthenticated.map(_.orNullBoolean))
maybeSet("user_must_be_approved", s.userMustBeApproved.map(_.orNullBoolean))
maybeSet("expire_idle_after_mins", s.expireIdleAfterMins.map(_.orNullInt))
Expand Down Expand Up @@ -406,13 +417,17 @@ trait SettingsSiteDaoMixin extends SiteTransaction {
maybeSet("enable_tags", s.enableTags.map(_.orNullBoolean))
maybeSet("enable_chat", s.enableChat.map(_.orNullBoolean))
maybeSet("enable_direct_messages", s.enableDirectMessages.map(_.orNullBoolean))
maybeSet("enable_anon_posts_c", s.enableAnonSens.map(_.orNullBoolean))
maybeSet("enable_online_status_c", s.enablePresence.map(_.orNullBoolean))
maybeSet("enable_similar_topics", s.enableSimilarTopics.map(_.orNullBoolean))
maybeSet("enable_cors", s.enableCors.map(_.orNullBoolean))
maybeSet("allow_cors_from", s.allowCorsFrom.map(_.orNullVarchar))
maybeSet("allow_cors_creds", s.allowCorsCreds.map(_.orNullBoolean))
maybeSet("show_sub_communities", s.showSubCommunities.map(_.orNullBoolean))
maybeSet("experimental", s.showExperimental.map(_.orNullBoolean))
maybeSet("feature_flags", s.featureFlags.map(_.trimOrNullVarchar))
maybeSet("own_domains_c", s.ownDomains.map(_.trimOrNullVarchar))
maybeSet("follow_links_to_c", s.followLinksTo.map(_.trimOrNullVarchar))
maybeSet("allow_embedding_from", s.allowEmbeddingFrom.map(_.trimOrNullVarchar))
maybeSet("embedded_comments_category_id", s.embeddedCommentsCategoryId.map(_.orNullInt))
maybeSet("html_tag_css_classes", s.htmlTagCssClasses.map(_.trimOrNullVarchar))
Expand All @@ -436,6 +451,7 @@ trait SettingsSiteDaoMixin extends SiteTransaction {

private def readSettingsFromResultSet(rs: ResultSet): EditedSettings = {
EditedSettings(
authnDiagConf = getOptJsObject(rs, "authn_diag_conf_c"),
userMustBeAuthenticated = getOptBoolean(rs, "user_must_be_auth"),
userMustBeApproved = getOptBoolean(rs, "user_must_be_approved"),
expireIdleAfterMins = getOptInt(rs, "expire_idle_after_mins"),
Expand Down Expand Up @@ -535,13 +551,17 @@ trait SettingsSiteDaoMixin extends SiteTransaction {
enableTags = getOptBool(rs, "enable_tags"),
enableChat = getOptBool(rs, "enable_chat"),
enableDirectMessages = getOptBool(rs, "enable_direct_messages"),
enableAnonSens = getOptBool(rs, "enable_anon_posts_c"),
enablePresence = getOptBool(rs, "enable_online_status_c"),
enableSimilarTopics = getOptBool(rs, "enable_similar_topics"),
enableCors = getOptBool(rs, "enable_cors"),
allowCorsFrom = getOptString(rs, "allow_cors_from"),
allowCorsCreds = getOptBool(rs, "allow_cors_creds"),
showSubCommunities = getOptBool(rs, "show_sub_communities"),
showExperimental = getOptBool(rs, "experimental"),
featureFlags = getOptString(rs, "feature_flags"),
ownDomains = getOptString(rs, "own_domains_c"),
followLinksTo = getOptString(rs, "follow_links_to_c"),
allowEmbeddingFrom = getOptString(rs, "allow_embedding_from"),
embeddedCommentsCategoryId = getOptInt(rs, "embedded_comments_category_id"),
htmlTagCssClasses = getOptString(rs, "html_tag_css_classes"),
Expand Down
4 changes: 2 additions & 2 deletions appsv/server/controllers/AdminController.scala
Original file line number Diff line number Diff line change
Expand Up @@ -45,12 +45,12 @@ class AdminController @Inject()(cc: ControllerComponents, edContext: TyContext)
// See /-/edit-member controllers.UserController.editMember


def redirectToAdminPage(): Action[Unit] = GetAction { _ =>
def redirectToAdminPage(): Action[Unit] = GetActionIsLogin { _ =>
Redirect(routes.AdminController.viewAdminPage("").url)
}


def viewAdminPage(whatever: String): Action[Unit] = AsyncGetAction { apiReq =>
def viewAdminPage(whatever: String): Action[Unit] = AsyncGetActionIsLogin { apiReq =>
dieIfAssetsMissingIfDevTest()

if (!apiReq.user.exists(_.isStaff)) {
Expand Down
13 changes: 9 additions & 4 deletions appsv/server/controllers/LoginController.scala
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ import javax.inject.Inject
import play.api.libs.json.{JsNull, JsString, Json}
import play.api.mvc._
import talkyard.server.TyLogging
import talkyard.server.authn.LoginReason
import talkyard.server.authn.{LoginReason, MinAuthnStrength}
import talkyard.server.JsX


Expand All @@ -37,6 +37,7 @@ class LoginController @Inject()(cc: ControllerComponents, edContext: TyContext)

import context.globals
import context.security.DiscardingSessionCookies
import context.plainApiActions.PlainApiAction
import LoginController._


Expand Down Expand Up @@ -124,18 +125,22 @@ class LoginController @Inject()(cc: ControllerComponents, edContext: TyContext)

/** Clears session cookies and ends the session server side too; unsubscribes
* from any websockets channel.
*
* (Using `PlainApiAction` instead of `GetActionAllowAnyone` so can set `ignoreAlias`.)
*/
def logout(currentUrlPath: Opt[St]): Action[U] = GetActionAllowAnyone { request =>
SECURITY // optionally log out from all devices?
def logout_get_post(currentUrlPath: Opt[St]): Action[U] = PlainApiAction(
cc.parsers.empty, RateLimits.NoRateLimits, MinAuthnStrength.EmbeddingStorageSid12,
allowAnyone = true, ignoreAlias = true) { request =>
doLogout(request, redirectIfMayNotSeeUrlPath = currentUrlPath,
wasImpersonating = false)
}


def doLogout(request: GetRequest, redirectIfMayNotSeeUrlPath: Opt[St],
def doLogout(request: ApiRequest[_], redirectIfMayNotSeeUrlPath: Opt[St],
wasImpersonating: Bo): Result = {
import request.{dao, requester, siteSettings}

SECURITY // optionally log out from all devices?
AUDIT_LOG // session id destruction

requester foreach { theRequester =>
Expand Down
3 changes: 2 additions & 1 deletion appsv/server/controllers/SuperAdminController.scala
Original file line number Diff line number Diff line change
Expand Up @@ -188,7 +188,8 @@ class SuperAdminController @Inject()(cc: ControllerComponents, edContext: TyCont
if (inclStaff) {
json += "staffUsers" -> JsArray(siteStuff.staff.map { staffUser =>
JsUserInclDetails(
staffUser, usersById = Map.empty, groups = Nil, callerIsAdmin = true)
staffUser, usersById = Map.empty, groups = Nil, callerIsAdmin = true,
maySeePresence = true, sensitiveAnonDisc = false)
})
}
json
Expand Down
Loading

0 comments on commit 327b774

Please sign in to comment.