mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-11-01 11:35:55 +01:00
feat: track uid for email/username changes, closes #12454
This commit is contained in:
Barış Soner Uşaklı
@@ -103,10 +103,10 @@
|
||||
"nodebb-plugin-ntfy": "1.7.4",
|
||||
"nodebb-plugin-spam-be-gone": "2.2.2",
|
||||
"nodebb-rewards-essentials": "1.0.0",
|
||||
"nodebb-theme-harmony": "1.2.53",
|
||||
"nodebb-theme-harmony": "1.2.54",
|
||||
"nodebb-theme-lavender": "7.1.8",
|
||||
"nodebb-theme-peace": "2.2.4",
|
||||
"nodebb-theme-persona": "13.3.18",
|
||||
"nodebb-theme-persona": "13.3.19",
|
||||
"nodebb-widget-essentials": "7.0.16",
|
||||
"nodemailer": "6.9.13",
|
||||
"nprogress": "0.2.0",
|
||||
|
||||
@@ -454,7 +454,7 @@ usersAPI.addEmail = async (caller, { email, skipConfirmation, uid }) => {
|
||||
throw new Error('[[error:email-taken]]');
|
||||
}
|
||||
await user.setUserField(uid, 'email', email);
|
||||
await user.email.confirmByUid(uid);
|
||||
await user.email.confirmByUid(uid, caller.uid);
|
||||
}
|
||||
} else {
|
||||
await usersAPI.update(caller, { uid, email });
|
||||
@@ -504,7 +504,7 @@ usersAPI.confirmEmail = async (caller, { uid, email, sessionId }) => {
|
||||
await user.email.confirmByCode(code, sessionId);
|
||||
return true;
|
||||
} else if (current && current === email) { // i.e. old account w/ unconf. email in user hash
|
||||
await user.email.confirmByUid(uid);
|
||||
await user.email.confirmByUid(uid, caller.uid);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@@ -70,7 +70,7 @@ User.validateEmail = async function (socket, uids) {
|
||||
if (email) {
|
||||
await user.setUserField(uid, 'email', email);
|
||||
}
|
||||
await user.email.confirmByUid(uid);
|
||||
await user.email.confirmByUid(uid, socket.uid);
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
@@ -214,10 +214,11 @@ UserEmail.confirmByCode = async function (code, sessionId) {
|
||||
};
|
||||
|
||||
// confirm uid's email via ACP
|
||||
UserEmail.confirmByUid = async function (uid) {
|
||||
UserEmail.confirmByUid = async function (uid, callerUid = 0) {
|
||||
if (!(parseInt(uid, 10) > 0)) {
|
||||
throw new Error('[[error:invalid-uid]]');
|
||||
}
|
||||
callerUid = callerUid || uid;
|
||||
const currentEmail = await user.getUserField(uid, 'email');
|
||||
if (!currentEmail) {
|
||||
throw new Error('[[error:invalid-email]]');
|
||||
@@ -241,7 +242,7 @@ UserEmail.confirmByUid = async function (uid) {
|
||||
db.sortedSetAddBulk([
|
||||
['email:uid', uid, currentEmail.toLowerCase()],
|
||||
['email:sorted', 0, `${currentEmail.toLowerCase()}:${uid}`],
|
||||
[`user:${uid}:emails`, Date.now(), `${currentEmail}:${Date.now()}`],
|
||||
[`user:${uid}:emails`, Date.now(), `${currentEmail}:${Date.now()}:${callerUid}`],
|
||||
]),
|
||||
user.setUserField(uid, 'email:confirmed', 1),
|
||||
groups.join('verified-users', uid),
|
||||
|
||||
@@ -60,13 +60,24 @@ module.exports = function (User) {
|
||||
|
||||
User.getHistory = async function (set) {
|
||||
const data = await db.getSortedSetRevRangeWithScores(set, 0, -1);
|
||||
return data.map((set) => {
|
||||
data.forEach((set) => {
|
||||
set.timestamp = set.score;
|
||||
set.timestampISO = utils.toISOString(set.score);
|
||||
set.value = validator.escape(String(set.value.split(':')[0]));
|
||||
const parts = set.value.split(':');
|
||||
set.value = validator.escape(String(parts[0]));
|
||||
set.byUid = validator.escape(String(parts[2] || ''));
|
||||
delete set.score;
|
||||
return set;
|
||||
});
|
||||
|
||||
const uids = _.uniq(data.map(d => d && d.byUid).filter(Boolean));
|
||||
const usersData = await User.getUsersFields(uids, ['uid', 'username', 'userslug', 'picture']);
|
||||
const uidToUser = _.zipObject(uids, usersData);
|
||||
data.forEach((d) => {
|
||||
if (d.byUid) {
|
||||
d.byUser = uidToUser[d.byUid];
|
||||
}
|
||||
});
|
||||
return data;
|
||||
};
|
||||
|
||||
async function getFlagMetadata(flags) {
|
||||
|
||||
@@ -48,7 +48,7 @@ module.exports = function (User) {
|
||||
if (field === 'email') {
|
||||
return await updateEmail(updateUid, data.email);
|
||||
} else if (field === 'username') {
|
||||
return await updateUsername(updateUid, data.username);
|
||||
return await updateUsername(updateUid, data.username, uid);
|
||||
} else if (field === 'fullname') {
|
||||
return await updateFullname(updateUid, data.fullname);
|
||||
}
|
||||
@@ -247,7 +247,7 @@ module.exports = function (User) {
|
||||
}
|
||||
}
|
||||
|
||||
async function updateUsername(uid, newUsername) {
|
||||
async function updateUsername(uid, newUsername, callerUid) {
|
||||
if (!newUsername) {
|
||||
return;
|
||||
}
|
||||
@@ -260,7 +260,7 @@ module.exports = function (User) {
|
||||
await Promise.all([
|
||||
updateUidMapping('username', uid, newUsername, userData.username),
|
||||
updateUidMapping('userslug', uid, newUserslug, userData.userslug),
|
||||
db.sortedSetAdd(`user:${uid}:usernames`, now, `${newUsername}:${now}`),
|
||||
db.sortedSetAdd(`user:${uid}:usernames`, now, `${newUsername}:${now}:${callerUid}`),
|
||||
]);
|
||||
await db.sortedSetRemove('username:sorted', `${userData.username.toLowerCase()}:${uid}`);
|
||||
await db.sortedSetAdd('username:sorted', 0, `${newUsername.toLowerCase()}:${uid}`);
|
||||
|
||||
Reference in New Issue
Block a user