src/socket.io/admin/user.js

"use strict";

var async = require('async');
var validator = require('validator');

var db = require('../../database');
var groups = require('../../groups');
var user = require('../../user');
var events = require('../../events');
var meta = require('../../meta');

var User = {};

User.makeAdmins = function (socket, uids, callback) {
	if(!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	user.getUsersFields(uids, ['banned'], function (err, userData) {
		if (err) {
			return callback(err);
		}

		for(var i = 0; i < userData.length; i++) {
			if (userData[i] && parseInt(userData[i].banned, 10) === 1) {
				return callback(new Error('[[error:cant-make-banned-users-admin]]'));
			}
		}

		async.each(uids, function (uid, next) {
			groups.join('administrators', uid, next);
		}, callback);
	});
};

User.removeAdmins = function (socket, uids, callback) {
	if(!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	async.eachSeries(uids, function (uid, next) {
		groups.getMemberCount('administrators', function (err, count) {
			if (err) {
				return next(err);
			}

			if (count === 1) {
				return next(new Error('[[error:cant-remove-last-admin]]'));
			}

			groups.leave('administrators', uid, next);
		});
	}, callback);
};

User.createUser = function (socket, userData, callback) {
	if (!userData) {
		return callback(new Error('[[error:invalid-data]]'));
	}
	user.create(userData, callback);
};


User.resetLockouts = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	async.each(uids, user.auth.resetLockout, callback);
};

User.resetFlags = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	user.resetFlags(uids, callback);
};

User.validateEmail = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	uids = uids.filter(function (uid) {
		return parseInt(uid, 10);
	});

	async.each(uids, function (uid, next) {
		user.setUserField(uid, 'email:confirmed', 1, next);
	}, function (err) {
		if (err) {
			return callback(err);
		}
		db.sortedSetRemove('users:notvalidated', uids, callback);
	});
};

User.sendValidationEmail = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	if (parseInt(meta.config.requireEmailConfirmation, 10) !== 1) {
		return callback(new Error('[[error:email-confirmations-are-disabled]]'));
	}

	user.getUsersFields(uids, ['uid', 'email'], function (err, usersData) {
		if (err) {
			return callback(err);
		}

		async.eachLimit(usersData, 50, function (userData, next) {
			if (userData.email && userData.uid) {
				user.email.sendValidationEmail(userData.uid, userData.email, next);
			} else {
				next();
			}
		}, callback);
	});
};

User.sendPasswordResetEmail = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	uids = uids.filter(function (uid) {
		return parseInt(uid, 10);
	});

	async.each(uids, function (uid, next) {
		user.getUserFields(uid, ['email', 'username'], function (err, userData) {
			if (err) {
				return next(err);
			}
			if (!userData.email) {
				return next(new Error('[[error:user-doesnt-have-email, ' + userData.username + ']]'));
			}
			user.reset.send(userData.email, next);
		});
	}, callback);
};

User.deleteUsers = function (socket, uids, callback) {
	deleteUsers(socket, uids, function (uid, next) {
		user.deleteAccount(uid, next);
	}, callback);
};

User.deleteUsersAndContent = function (socket, uids, callback) {
	deleteUsers(socket, uids, function (uid, next) {
		user.delete(socket.uid, uid, next);
	}, callback);
};

function deleteUsers(socket, uids, method, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	async.each(uids, function (uid, next) {
		async.waterfall([
			function (next) {
				user.isAdministrator(uid, next);
			},
			function (isAdmin, next) {
				if (isAdmin) {
					return next(new Error('[[error:cant-delete-other-admins]]'));
				}

				method(uid, next);
			},
			function (next) {
				events.log({
					type: 'user-delete',
					uid: socket.uid,
					targetUid: uid,
					ip: socket.ip
				});
				next();
			}
		], next);
	}, callback);
}

User.search = function (socket, data, callback) {
	user.search({query: data.query, searchBy: data.searchBy, uid: socket.uid}, function (err, searchData) {
		if (err) {
			return callback(err);
		}
		if (!searchData.users.length) {
			return callback(null, searchData);
		}

		var userData = searchData.users;
		var uids = userData.map(function (user) {
			return user && user.uid;
		});

		user.getUsersFields(uids, ['email', 'flags', 'lastonline', 'joindate'], function (err, userInfo) {
			if (err) {
				return callback(err);
			}

			userData.forEach(function (user, index) {
				if (user && userInfo[index]) {
					user.email = validator.escape(String(userInfo[index].email || ''));
					user.flags = userInfo[index].flags || 0;
					user.lastonlineISO = userInfo[index].lastonlineISO;
					user.joindateISO = userInfo[index].joindateISO;
				}
			});

			callback(null, searchData);
		});
	});
};

User.deleteInvitation = function (socket, data, callback) {
	user.deleteInvitation(data.invitedBy, data.email, callback);
};

User.acceptRegistration = function (socket, data, callback) {
	user.acceptRegistration(data.username, function (err, uid) {
		if (err) {
			return callback(err);
		}
		events.log({
			type: 'registration-approved',
			uid: socket.uid,
			ip: socket.ip,
			targetUid: uid,
		});
		callback();
	});
};

User.rejectRegistration = function (socket, data, callback) {
	user.rejectRegistration(data.username, function (err) {
		if (err) {
			return callback(err);
		}
		events.log({
			type: 'registration-rejected',
			uid: socket.uid,
			ip: socket.ip,
			username: data.username,
		});
		callback();
	});
};

User.restartJobs = function (socket, data, callback) {
	user.startJobs(callback);
};

module.exports = User;
socket.io admin/user 2014-04-15 02:25:42 -04:00			`"use strict";`

closes #4103 2016-01-25 13:36:10 +02:00			`var async = require('async');`
closes #5060 2016-09-27 13:31:50 +03:00			`var validator = require('validator');`

closes #4103 2016-01-25 13:36:10 +02:00			`var db = require('../../database');`
			`var groups = require('../../groups');`
			`var user = require('../../user');`
			`var events = require('../../events');`
			`var meta = require('../../meta');`
socket.io admin/user 2014-04-15 02:25:42 -04:00
closes #4103 2016-01-25 13:36:10 +02:00			`var User = {};`
socket.io admin/user 2014-04-15 02:25:42 -04:00
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.makeAdmins = function (socket, uids, callback) {`
some checks to make last admin isnt removed 2014-06-13 22:48:24 -04:00			`if(!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
socket.io admin/user 2014-04-15 02:25:42 -04:00
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`user.getUsersFields(uids, ['banned'], function (err, userData) {`
closes #2225 2014-10-06 12:41:56 -04:00			`if (err) {`
			`return callback(err);`
			`}`

Fix space-infix-ops linter rule 2016-10-13 11:42:29 +02:00			`for(var i = 0; i < userData.length; i++) {`
closes #2225 2014-10-06 12:41:56 -04:00			`if (userData[i] && parseInt(userData[i].banned, 10) === 1) {`
			`return callback(new Error('[[error:cant-make-banned-users-admin]]'));`
			`}`
			`}`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`async.each(uids, function (uid, next) {`
closes #2225 2014-10-06 12:41:56 -04:00			`groups.join('administrators', uid, next);`
			`}, callback);`
			`});`
socket.io admin/user 2014-04-15 02:25:42 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.removeAdmins = function (socket, uids, callback) {`
closes #1487 ban and delete user admin actions takes an array of uids now. 2014-05-05 16:48:09 -04:00			`if(!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`async.eachSeries(uids, function (uid, next) {`
			`groups.getMemberCount('administrators', function (err, count) {`
some checks to make last admin isnt removed 2014-06-13 22:48:24 -04:00			`if (err) {`
			`return next(err);`
			`}`

			`if (count === 1) {`
			`return next(new Error('[[error:cant-remove-last-admin]]'));`
			`}`

			`groups.leave('administrators', uid, next);`
			`});`
closes #1487 ban and delete user admin actions takes an array of uids now. 2014-05-05 16:48:09 -04:00			`}, callback);`
some checks to make last admin isnt removed 2014-06-13 22:48:24 -04:00			`};`
closes #1487 ban and delete user admin actions takes an array of uids now. 2014-05-05 16:48:09 -04:00
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.createUser = function (socket, userData, callback) {`
socket.io admin/user 2014-04-15 02:25:42 -04:00			`if (!userData) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
			`user.create(userData, callback);`
			`};`


Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.resetLockouts = function (socket, uids, callback) {`
closes #1971 2014-08-14 08:34:38 -04:00			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

			`async.each(uids, user.auth.resetLockout, callback);`
			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.resetFlags = function (socket, uids, callback) {`
closes #2458 2014-12-21 16:29:32 -05:00			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

			`user.resetFlags(uids, callback);`
			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.validateEmail = function (socket, uids, callback) {`
closes #2213 2014-10-06 13:11:12 -04:00			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`uids = uids.filter(function (uid) {`
closes #2213 2014-10-06 13:11:12 -04:00			`return parseInt(uid, 10);`
			`});`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`async.each(uids, function (uid, next) {`
closes #2213 2014-10-06 13:11:12 -04:00			`user.setUserField(uid, 'email:confirmed', 1, next);`
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`}, function (err) {`
closes #3436 2016-01-20 16:12:57 +02:00			`if (err) {`
			`return callback(err);`
			`}`
			`db.sortedSetRemove('users:notvalidated', uids, callback);`
			`});`
closes #2315 2014-11-03 15:31:41 -05:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.sendValidationEmail = function (socket, uids, callback) {`
closes #2640 2015-02-11 14:44:56 -05:00			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
closes #2971 2015-04-13 17:29:43 -04:00
closes #2640 2015-02-11 14:44:56 -05:00			`if (parseInt(meta.config.requireEmailConfirmation, 10) !== 1) {`
			`return callback(new Error('[[error:email-confirmations-are-disabled]]'));`
			`}`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`user.getUsersFields(uids, ['uid', 'email'], function (err, usersData) {`
closes #2640 2015-02-11 14:44:56 -05:00			`if (err) {`
			`return callback(err);`
			`}`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`async.eachLimit(usersData, 50, function (userData, next) {`
closes #2640 2015-02-11 14:44:56 -05:00			`if (userData.email && userData.uid) {`
closes #2971 2015-04-13 17:29:43 -04:00			`user.email.sendValidationEmail(userData.uid, userData.email, next);`
closes #2640 2015-02-11 14:44:56 -05:00			`} else {`
			`next();`
			`}`
			`}, callback);`
			`});`
			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.sendPasswordResetEmail = function (socket, uids, callback) {`
closes #2315 2014-11-03 15:31:41 -05:00			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`uids = uids.filter(function (uid) {`
closes #2315 2014-11-03 15:31:41 -05:00			`return parseInt(uid, 10);`
			`});`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`async.each(uids, function (uid, next) {`
			`user.getUserFields(uid, ['email', 'username'], function (err, userData) {`
closes #2315 2014-11-03 15:31:41 -05:00			`if (err) {`
			`return next(err);`
			`}`
			`if (!userData.email) {`
			`return next(new Error('[[error:user-doesnt-have-email, ' + userData.username + ']]'));`
			`}`
			`user.reset.send(userData.email, next);`
			`});`
closes #2213 2014-10-06 13:11:12 -04:00			`}, callback);`
			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.deleteUsers = function (socket, uids, callback) {`
			`deleteUsers(socket, uids, function (uid, next) {`
closes #2832 2016-08-12 01:55:38 +03:00			`user.deleteAccount(uid, next);`
			`}, callback);`
			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.deleteUsersAndContent = function (socket, uids, callback) {`
			`deleteUsers(socket, uids, function (uid, next) {`
closes #2832 2016-08-12 01:55:38 +03:00			`user.delete(socket.uid, uid, next);`
			`}, callback);`
			`};`

			`function deleteUsers(socket, uids, method, callback) {`
			`if (!Array.isArray(uids)) {`
closes #1487 ban and delete user admin actions takes an array of uids now. 2014-05-05 16:48:09 -04:00			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
socket.io admin/user 2014-04-15 02:25:42 -04:00
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`async.each(uids, function (uid, next) {`
log self account delete, logout on self account delete 2016-01-22 13:06:22 +02:00			`async.waterfall([`
			`function (next) {`
			`user.isAdministrator(uid, next);`
			`},`
			`function (isAdmin, next) {`
			`if (isAdmin) {`
			`return next(new Error('[[error:cant-delete-other-admins]]'));`
prevent administrators from being deleted - first remove them from admin group 2014-09-16 12:19:58 -04:00			`}`

closes #2832 2016-08-12 01:55:38 +03:00			`method(uid, next);`
log self account delete, logout on self account delete 2016-01-22 13:06:22 +02:00			`},`
			`function (next) {`
closes #2550, closes #2518 2015-02-01 19:11:58 -05:00			`events.log({`
			`type: 'user-delete',`
			`uid: socket.uid,`
			`targetUid: uid,`
			`ip: socket.ip`
			`});`
prevent administrators from being deleted - first remove them from admin group 2014-09-16 12:19:58 -04:00			`next();`
log self account delete, logout on self account delete 2016-01-22 13:06:22 +02:00			`}`
			`], next);`
closes #1487 ban and delete user admin actions takes an array of uids now. 2014-05-05 16:48:09 -04:00			`}, callback);`
closes #2832 2016-08-12 01:55:38 +03:00			`}`
socket.io admin/user 2014-04-15 02:25:42 -04:00
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.search = function (socket, data, callback) {`
			`user.search({query: data.query, searchBy: data.searchBy, uid: socket.uid}, function (err, searchData) {`
socket.io admin/user 2014-04-15 02:25:42 -04:00			`if (err) {`
			`return callback(err);`
			`}`
closes #2458 2014-12-21 16:29:32 -05:00			`if (!searchData.users.length) {`
			`return callback(null, searchData);`
			`}`

			`var userData = searchData.users;`
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`var uids = userData.map(function (user) {`
closes #2458 2014-12-21 16:29:32 -05:00			`return user && user.uid;`
			`});`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`user.getUsersFields(uids, ['email', 'flags', 'lastonline', 'joindate'], function (err, userInfo) {`
closes #2458 2014-12-21 16:29:32 -05:00			`if (err) {`
			`return callback(err);`
			`}`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`userData.forEach(function (user, index) {`
closes #4820 2016-07-04 17:49:02 +03:00			`if (user && userInfo[index]) {`
closes #5060 2016-09-27 13:31:50 +03:00			`user.email = validator.escape(String(userInfo[index].email \|\| ''));`
closes #4820 2016-07-04 17:49:02 +03:00			`user.flags = userInfo[index].flags \|\| 0;`
changes to manage/users 2016-10-07 17:35:24 +03:00			`user.lastonlineISO = userInfo[index].lastonlineISO;`
			`user.joindateISO = userInfo[index].joindateISO;`
closes #2458 2014-12-21 16:29:32 -05:00			`}`
			`});`
socket.io admin/user 2014-04-15 02:25:42 -04:00
closes #2458 2014-12-21 16:29:32 -05:00			`callback(null, searchData);`
socket.io admin/user 2014-04-15 02:25:42 -04:00			`});`
			`});`
			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.deleteInvitation = function (socket, data, callback) {`
Finished adding a new delete to also remove the reference from the invites list on the APM. 2016-03-06 11:59:31 -06:00			`user.deleteInvitation(data.invitedBy, data.email, callback);`
In the process of adding the delete button to the invitation panel. Apparently, the delete method doesn't work with the invitation items, so I might need to add some extra logic. 2016-03-03 21:09:44 -06:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.acceptRegistration = function (socket, data, callback) {`
closes #5143 2016-10-24 14:39:17 +03:00			`user.acceptRegistration(data.username, function (err, uid) {`
			`if (err) {`
			`return callback(err);`
			`}`
			`events.log({`
			`type: 'registration-approved',`
			`uid: socket.uid,`
			`ip: socket.ip,`
			`targetUid: uid,`
			`});`
			`callback();`
			`});`
closes #1306 2015-06-27 21:26:19 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.rejectRegistration = function (socket, data, callback) {`
closes #5143 2016-10-24 14:39:17 +03:00			`user.rejectRegistration(data.username, function (err) {`
			`if (err) {`
			`return callback(err);`
			`}`
			`events.log({`
			`type: 'registration-rejected',`
			`uid: socket.uid,`
			`ip: socket.ip,`
			`username: data.username,`
			`});`
			`callback();`
			`});`
closes #1306 2015-06-27 21:26:19 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`User.restartJobs = function (socket, data, callback) {`
closes #4766 2016-08-26 10:04:38 -04:00			`user.startJobs(callback);`
			`};`
closes #1306 2015-06-27 21:26:19 -04:00
In the process of adding the delete button to the invitation panel. Apparently, the delete method doesn't work with the invitation items, so I might need to add some extra logic. 2016-03-03 21:09:44 -06:00			`module.exports = User;`