nodebb/src/socket.io/admin/user.js

'use strict';

var async = require('async');
var validator = require('validator');
var winston = require('winston');

var db = require('../../database');
var groups = require('../../groups');
var user = require('../../user');
var events = require('../../events');
var meta = require('../../meta');
var plugins = require('../../plugins');

var User = module.exports;

User.makeAdmins = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	async.waterfall([
		function (next) {
			user.getUsersFields(uids, ['banned'], next);
		},
		function (userData, next) {
			for (var i = 0; i < userData.length; i += 1) {
				if (userData[i] && userData[i].banned) {
					return callback(new Error('[[error:cant-make-banned-users-admin]]'));
				}
			}

			async.each(uids, function (uid, next) {
				groups.join('administrators', uid, next);
			}, next);
		},
	], callback);
};

User.removeAdmins = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	async.eachSeries(uids, function (uid, next) {
		async.waterfall([
			function (next) {
				groups.getMemberCount('administrators', next);
			},
			function (count, next) {
				if (count === 1) {
					return next(new Error('[[error:cant-remove-last-admin]]'));
				}

				groups.leave('administrators', uid, next);
			},
		], next);
	}, callback);
};

User.createUser = function (socket, userData, callback) {
	if (!userData) {
		return callback(new Error('[[error:invalid-data]]'));
	}
	user.create(userData, callback);
};

User.resetLockouts = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	async.each(uids, user.auth.resetLockout, callback);
};

User.validateEmail = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	uids = uids.filter(function (uid) {
		return parseInt(uid, 10);
	});

	async.waterfall([
		function (next) {
			async.each(uids, function (uid, next) {
				user.setUserField(uid, 'email:confirmed', 1, next);
			}, next);
		},
		function (next) {
			db.sortedSetRemove('users:notvalidated', uids, next);
		},
	], callback);
};

User.sendValidationEmail = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	if (!meta.config.requireEmailConfirmation) {
		return callback(new Error('[[error:email-confirmations-are-disabled]]'));
	}

	async.eachLimit(uids, 50, function (uid, next) {
		user.email.sendValidationEmail(uid, next);
	}, callback);
};

User.sendPasswordResetEmail = function (socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	uids = uids.filter(function (uid) {
		return parseInt(uid, 10);
	});

	async.each(uids, function (uid, next) {
		async.waterfall([
			function (next) {
				user.getUserFields(uid, ['email', 'username'], next);
			},
			function (userData, next) {
				if (!userData.email) {
					return next(new Error('[[error:user-doesnt-have-email, ' + userData.username + ']]'));
				}
				user.reset.send(userData.email, next);
			},
		], next);
	}, callback);
};

User.deleteUsers = function (socket, uids, callback) {
	deleteUsers(socket, uids, function (uid, next) {
		user.deleteAccount(uid, next);
	}, callback);
};

User.deleteUsersAndContent = function (socket, uids, callback) {
	deleteUsers(socket, uids, function (uid, next) {
		user.delete(socket.uid, uid, next);
	}, callback);
};

function deleteUsers(socket, uids, method, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}
	async.waterfall([
		function (next) {
			groups.isMembers(uids, 'administrators', next);
		},
		function (isMembers, next) {
			if (isMembers.includes(true)) {
				return callback(new Error('[[error:cant-delete-other-admins]]'));
			}

			callback();

			async.each(uids, function (uid, next) {
				async.waterfall([
					function (next) {
						method(uid, next);
					},
					function (userData, next) {
						events.log({
							type: 'user-delete',
							uid: socket.uid,
							targetUid: uid,
							ip: socket.ip,
							username: userData.username,
							email: userData.email,
						}, next);
					},
					function (next) {
						plugins.fireHook('action:user.delete', {
							callerUid: socket.uid,
							uid: uid,
							ip: socket.ip,
						});
						next();
					},
				], next);
			}, next);
		},
	], function (err) {
		if (err) {
			winston.error(err);
		}
	});
}

User.search = function (socket, data, callback) {
	var searchData;
	async.waterfall([
		function (next) {
			user.search({
				query: data.query,
				searchBy: data.searchBy,
				uid: socket.uid,
			}, next);
		},
		function (_searchData, next) {
			searchData = _searchData;
			if (!searchData.users.length) {
				return callback(null, searchData);
			}

			var uids = searchData.users.map(function (user) {
				return user && user.uid;
			});

			user.getUsersFields(uids, ['email', 'flags', 'lastonline', 'joindate'], next);
		},
		function (userInfo, next) {
			searchData.users.forEach(function (user, index) {
				if (user && userInfo[index]) {
					user.email = validator.escape(String(userInfo[index].email || ''));
					user.flags = userInfo[index].flags || 0;
					user.lastonlineISO = userInfo[index].lastonlineISO;
					user.joindateISO = userInfo[index].joindateISO;
				}
			});
			next(null, searchData);
		},
	], callback);
};

User.deleteInvitation = function (socket, data, callback) {
	user.deleteInvitation(data.invitedBy, data.email, callback);
};

User.acceptRegistration = function (socket, data, callback) {
	async.waterfall([
		function (next) {
			user.acceptRegistration(data.username, next);
		},
		function (uid, next) {
			events.log({
				type: 'registration-approved',
				uid: socket.uid,
				ip: socket.ip,
				targetUid: uid,
			});
			next(null, uid);
		},
	], callback);
};

User.rejectRegistration = function (socket, data, callback) {
	async.waterfall([
		function (next) {
			user.rejectRegistration(data.username, next);
		},
		function (next) {
			events.log({
				type: 'registration-rejected',
				uid: socket.uid,
				ip: socket.ip,
				username: data.username,
			});
			next();
		},
	], callback);
};

User.restartJobs = function (socket, data, callback) {
	user.startJobs(callback);
};
ESlint quotes 8 years ago			`'use strict';`
socket.io admin/user 11 years ago
closes #4103 9 years ago			`var async = require('async');`
closes #5060 9 years ago			`var validator = require('validator');`
change user delete so it returns quickly 6 years ago			`var winston = require('winston');`
closes #5060 9 years ago
closes #4103 9 years ago			`var db = require('../../database');`
			`var groups = require('../../groups');`
			`var user = require('../../user');`
			`var events = require('../../events');`
			`var meta = require('../../meta');`
new hook, action:user.delete 8 years ago			`var plugins = require('../../plugins');`
socket.io admin/user 11 years ago
style changes 8 years ago			`var User = module.exports;`
socket.io admin/user 11 years ago
Fix space-before-function-paren linter rule 8 years ago			`User.makeAdmins = function (socket, uids, callback) {`
ESlint keyword-spacing, no-multi-spaces 8 years ago			`if (!Array.isArray(uids)) {`
some checks to make last admin isnt removed 11 years ago			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
socket.io admin/user 11 years ago
style changes 8 years ago			`async.waterfall([`
			`function (next) {`
			`user.getUsersFields(uids, ['banned'], next);`
			`},`
			`function (userData, next) {`
			`for (var i = 0; i < userData.length; i += 1) {`
remove parseInts 6 years ago			`if (userData[i] && userData[i].banned) {`
style changes 8 years ago			`return callback(new Error('[[error:cant-make-banned-users-admin]]'));`
			`}`
closes #2225 11 years ago			`}`

style changes 8 years ago			`async.each(uids, function (uid, next) {`
			`groups.join('administrators', uid, next);`
			`}, next);`
			`},`
			`], callback);`
socket.io admin/user 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.removeAdmins = function (socket, uids, callback) {`
ESlint keyword-spacing, no-multi-spaces 8 years ago			`if (!Array.isArray(uids)) {`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

Fix space-before-function-paren linter rule 8 years ago			`async.eachSeries(uids, function (uid, next) {`
style changes 8 years ago			`async.waterfall([`
			`function (next) {`
			`groups.getMemberCount('administrators', next);`
			`},`
			`function (count, next) {`
			`if (count === 1) {`
			`return next(new Error('[[error:cant-remove-last-admin]]'));`
			`}`
some checks to make last admin isnt removed 11 years ago
style changes 8 years ago			`groups.leave('administrators', uid, next);`
			`},`
			`], next);`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`}, callback);`
some checks to make last admin isnt removed 11 years ago			`};`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago
Fix space-before-function-paren linter rule 8 years ago			`User.createUser = function (socket, userData, callback) {`
socket.io admin/user 11 years ago			`if (!userData) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
			`user.create(userData, callback);`
			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.resetLockouts = function (socket, uids, callback) {`
closes #1971 11 years ago			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

			`async.each(uids, user.auth.resetLockout, callback);`
			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.validateEmail = function (socket, uids, callback) {`
closes #2213 11 years ago			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

Fix space-before-function-paren linter rule 8 years ago			`uids = uids.filter(function (uid) {`
closes #2213 11 years ago			`return parseInt(uid, 10);`
			`});`

style changes 8 years ago			`async.waterfall([`
			`function (next) {`
			`async.each(uids, function (uid, next) {`
			`user.setUserField(uid, 'email:confirmed', 1, next);`
			`}, next);`
			`},`
			`function (next) {`
			`db.sortedSetRemove('users:notvalidated', uids, next);`
			`},`
			`], callback);`
closes #2315 10 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.sendValidationEmail = function (socket, uids, callback) {`
closes #2640 10 years ago			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
closes #2971 10 years ago
Parse int (#6853) * Store config fields as JSON in the db Fewer parseInts * Remove unnecessary parseInts * remove some dupe code add tests * remove console.log * remove more parseInts * WIP: read meta.configs defaults from defaults.json remove more parseInts * more work * add log for failing test * update admin pwd * fix tests, dont require posts/cache before configs are initialized * handle saves * Test boolean conditions * remove more parseInts * Fix boolean values * remove lots more parseInts * removed json parsing * renamed var to number * categories dont have timestamp 6 years ago			`if (!meta.config.requireEmailConfirmation) {`
closes #2640 10 years ago			`return callback(new Error('[[error:email-confirmations-are-disabled]]'));`
			`}`

refactor for sendValidationEmail, and sending better dummy data for welcome email template 8 years ago			`async.eachLimit(uids, 50, function (uid, next) {`
			`user.email.sendValidationEmail(uid, next);`
			`}, callback);`
closes #2640 10 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.sendPasswordResetEmail = function (socket, uids, callback) {`
closes #2315 10 years ago			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

Fix space-before-function-paren linter rule 8 years ago			`uids = uids.filter(function (uid) {`
closes #2315 10 years ago			`return parseInt(uid, 10);`
			`});`

Fix space-before-function-paren linter rule 8 years ago			`async.each(uids, function (uid, next) {`
style changes 8 years ago			`async.waterfall([`
			`function (next) {`
			`user.getUserFields(uid, ['email', 'username'], next);`
			`},`
			`function (userData, next) {`
			`if (!userData.email) {`
			`return next(new Error('[[error:user-doesnt-have-email, ' + userData.username + ']]'));`
			`}`
			`user.reset.send(userData.email, next);`
			`},`
			`], next);`
closes #2213 11 years ago			`}, callback);`
			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.deleteUsers = function (socket, uids, callback) {`
			`deleteUsers(socket, uids, function (uid, next) {`
closes #2832 9 years ago			`user.deleteAccount(uid, next);`
			`}, callback);`
			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.deleteUsersAndContent = function (socket, uids, callback) {`
			`deleteUsers(socket, uids, function (uid, next) {`
closes #2832 9 years ago			`user.delete(socket.uid, uid, next);`
			`}, callback);`
			`};`

			`function deleteUsers(socket, uids, method, callback) {`
			`if (!Array.isArray(uids)) {`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
change user delete so it returns quickly 6 years ago			`async.waterfall([`
			`function (next) {`
			`groups.isMembers(uids, 'administrators', next);`
			`},`
			`function (isMembers, next) {`
			`if (isMembers.includes(true)) {`
			`return callback(new Error('[[error:cant-delete-other-admins]]'));`
			`}`
socket.io admin/user 11 years ago
change user delete so it returns quickly 6 years ago			`callback();`
prevent administrators from being deleted - first remove them from admin group 11 years ago
change user delete so it returns quickly 6 years ago			`async.each(uids, function (uid, next) {`
			`async.waterfall([`
			`function (next) {`
			`method(uid, next);`
			`},`
add username/email to user-delete event 6 years ago			`function (userData, next) {`
change user delete so it returns quickly 6 years ago			`events.log({`
			`type: 'user-delete',`
			`uid: socket.uid,`
			`targetUid: uid,`
			`ip: socket.ip,`
add username/email to user-delete event 6 years ago			`username: userData.username,`
			`email: userData.email,`
change user delete so it returns quickly 6 years ago			`}, next);`
			`},`
			`function (next) {`
			`plugins.fireHook('action:user.delete', {`
			`callerUid: socket.uid,`
			`uid: uid,`
			`ip: socket.ip,`
			`});`
			`next();`
			`},`
			`], next);`
			`}, next);`
			`},`
			`], function (err) {`
			`if (err) {`
			`winston.error(err);`
			`}`
			`});`
closes #2832 9 years ago			`}`
socket.io admin/user 11 years ago
Fix space-before-function-paren linter rule 8 years ago			`User.search = function (socket, data, callback) {`
more tests 8 years ago			`var searchData;`
			`async.waterfall([`
			`function (next) {`
closes #6154 7 years ago			`user.search({`
			`query: data.query,`
			`searchBy: data.searchBy,`
			`uid: socket.uid,`
			`}, next);`
more tests 8 years ago			`},`
			`function (_searchData, next) {`
			`searchData = _searchData;`
			`if (!searchData.users.length) {`
			`return callback(null, searchData);`
closes #2458 10 years ago			`}`

more tests 8 years ago			`var uids = searchData.users.map(function (user) {`
			`return user && user.uid;`
			`});`

			`user.getUsersFields(uids, ['email', 'flags', 'lastonline', 'joindate'], next);`
			`},`
			`function (userInfo, next) {`
			`searchData.users.forEach(function (user, index) {`
closes #4820 9 years ago			`if (user && userInfo[index]) {`
closes #5060 9 years ago			`user.email = validator.escape(String(userInfo[index].email \|\| ''));`
closes #4820 9 years ago			`user.flags = userInfo[index].flags \|\| 0;`
changes to manage/users 9 years ago			`user.lastonlineISO = userInfo[index].lastonlineISO;`
			`user.joindateISO = userInfo[index].joindateISO;`
closes #2458 10 years ago			`}`
			`});`
more tests 8 years ago			`next(null, searchData);`
ESlint comma-dangle 8 years ago			`},`
more tests 8 years ago			`], callback);`
socket.io admin/user 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.deleteInvitation = function (socket, data, callback) {`
Finished adding a new delete to also remove the reference from the invites list on the APM. 9 years ago			`user.deleteInvitation(data.invitedBy, data.email, callback);`
In the process of adding the delete button to the invitation panel. Apparently, the delete method doesn't work with the invitation items, so I might need to add some extra logic. 9 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.acceptRegistration = function (socket, data, callback) {`
more tests group cover upload tests registration approval queue tests 8 years ago			`async.waterfall([`
			`function (next) {`
			`user.acceptRegistration(data.username, next);`
			`},`
			`function (uid, next) {`
			`events.log({`
			`type: 'registration-approved',`
			`uid: socket.uid,`
			`ip: socket.ip,`
ESlint comma-dangle 8 years ago			`targetUid: uid,`
more tests group cover upload tests registration approval queue tests 8 years ago			`});`
			`next(null, uid);`
ESlint comma-dangle 8 years ago			`},`
more tests group cover upload tests registration approval queue tests 8 years ago			`], callback);`
closes #1306 10 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.rejectRegistration = function (socket, data, callback) {`
more tests group cover upload tests registration approval queue tests 8 years ago			`async.waterfall([`
			`function (next) {`
			`user.rejectRegistration(data.username, next);`
			`},`
			`function (next) {`
			`events.log({`
			`type: 'registration-rejected',`
			`uid: socket.uid,`
			`ip: socket.ip,`
			`username: data.username,`
			`});`
			`next();`
ESlint comma-dangle 8 years ago			`},`
more tests group cover upload tests registration approval queue tests 8 years ago			`], callback);`
closes #1306 10 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`User.restartJobs = function (socket, data, callback) {`
closes #4766 9 years ago			`user.startJobs(callback);`
			`};`