nodebb/src/socket.io/admin/user.js

"use strict";


var db = require('../../database'),
	groups = require('../../groups'),
	user = require('../../user'),
	events = require('../../events'),
	websockets = require('../index'),
	async = require('async'),
	User = {};


User.makeAdmins = function(socket, uids, callback) {
	if(!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	user.getMultipleUserFields(uids, ['banned'], function(err, userData) {
		if (err) {
			return callback(err);
		}

		for(var i=0; i<userData.length; i++) {
			if (userData[i] && parseInt(userData[i].banned, 10) === 1) {
				return callback(new Error('[[error:cant-make-banned-users-admin]]'));
			}
		}

		async.each(uids, function(uid, next) {
			groups.join('administrators', uid, next);
		}, callback);
	});
};

User.removeAdmins = function(socket, uids, callback) {
	if(!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	if (uids.indexOf(socket.uid.toString()) !== -1) {
		return callback(new Error('[[error:cant-remove-self-as-admin]]'));
	}

	async.eachSeries(uids, function(uid, next) {
		groups.getMemberCount('administrators', function(err, count) {
			if (err) {
				return next(err);
			}

			if (count === 1) {
				return next(new Error('[[error:cant-remove-last-admin]]'));
			}

			groups.leave('administrators', uid, next);
		});
	}, callback);
};

User.createUser = function(socket, userData, callback) {
	if (!userData) {
		return callback(new Error('[[error:invalid-data]]'));
	}
	user.create(userData, callback);
};

User.banUsers = function(socket, uids, callback) {
	toggleBan(uids, User.banUser, callback);
};

User.unbanUsers = function(socket, uids, callback) {
	toggleBan(uids, user.unban, callback);
};

function toggleBan(uids, method, callback) {
	if(!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}
	async.each(uids, method, callback);
}

User.banUser = function(uid, callback) {
	user.isAdministrator(uid, function(err, isAdmin) {
		if (err || isAdmin) {
			return callback(err || new Error('[[error:cant-ban-other-admins]]'));
		}

		user.ban(uid, function(err) {
			if (err) {
				return callback(err);
			}

			websockets.in('uid_' + uid).emit('event:banned');

			websockets.logoutUser(uid);
			callback();
		});
	});
};

User.resetLockouts = function(socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	async.each(uids, user.auth.resetLockout, callback);
};

User.resetFlags = function(socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	user.resetFlags(uids, callback);
};

User.validateEmail = function(socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	uids = uids.filter(function(uid) {
		return parseInt(uid, 10);
	});

	async.each(uids, function(uid, next) {
		user.setUserField(uid, 'email:confirmed', 1, next);
	}, callback);
};

User.sendPasswordResetEmail = function(socket, uids, callback) {
	if (!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	uids = uids.filter(function(uid) {
		return parseInt(uid, 10);
	});

	async.each(uids, function(uid, next) {
		user.getUserFields(uid, ['email', 'username'], function(err, userData) {
			if (err) {
				return next(err);
			}
			if (!userData.email) {
				return next(new Error('[[error:user-doesnt-have-email, ' + userData.username + ']]'));
			}
			user.reset.send(userData.email, next);
		});
	}, callback);
};

User.deleteUsers = function(socket, uids, callback) {
	if(!Array.isArray(uids)) {
		return callback(new Error('[[error:invalid-data]]'));
	}

	async.each(uids, function(uid, next) {
		user.isAdministrator(uid, function(err, isAdmin) {
			if (err || isAdmin) {
				return callback(err || new Error('[[error:cant-delete-other-admins]]'));
			}

			user.delete(uid, function(err) {
				if (err) {
					return next(err);
				}

				events.log({
					type: 'user-delete',
					uid: socket.uid,
					targetUid: uid,
					ip: socket.ip
				});

				websockets.logoutUser(uid);
				next();
			});
		});
	}, callback);
};

User.search = function(socket, data, callback) {
	user.search({query: data.query, searchBy: data.searchBy, startsWith: false, uid: socket.uid}, function(err, searchData) {
		if (err) {
			return callback(err);
		}
		if (!searchData.users.length) {
			return callback(null, searchData);
		}

		var userData = searchData.users;
		var uids = userData.map(function(user) {
			return user && user.uid;
		});

		async.parallel({
			users: function(next) {
				user.getMultipleUserFields(uids, ['email'], next);
			},
			flagCounts: function(next) {
				var sets = uids.map(function(uid) {
					return 'uid:' + uid + ':flagged_by';
				});
				db.setsCount(sets, next);
			}
		}, function(err, results) {
			if (err) {
				return callback(err);
			}

			userData.forEach(function(user, index) {
				if (user) {
					user.email = (results.users[index] && results.users[index].email) || '';
					user.flags = results.flagCounts[index] || 0;
				}
			});

			callback(null, searchData);
		});
	});
};

module.exports = User;
socket.io admin/user 11 years ago			`"use strict";`


closes #2458 10 years ago			`var db = require('../../database'),`
			`groups = require('../../groups'),`
socket.io admin/user 11 years ago			`user = require('../../user'),`
			`events = require('../../events'),`
fixes error during user delete and ban 11 years ago			`websockets = require('../index'),`
socket.io admin/user 11 years ago			`async = require('async'),`
			`User = {};`


closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`User.makeAdmins = function(socket, uids, callback) {`
some checks to make last admin isnt removed 11 years ago			`if(!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
socket.io admin/user 11 years ago
closes #2225 11 years ago			`user.getMultipleUserFields(uids, ['banned'], function(err, userData) {`
			`if (err) {`
			`return callback(err);`
			`}`

			`for(var i=0; i<userData.length; i++) {`
			`if (userData[i] && parseInt(userData[i].banned, 10) === 1) {`
			`return callback(new Error('[[error:cant-make-banned-users-admin]]'));`
			`}`
			`}`

			`async.each(uids, function(uid, next) {`
			`groups.join('administrators', uid, next);`
			`}, callback);`
			`});`
socket.io admin/user 11 years ago			`};`

some checks to make last admin isnt removed 11 years ago			`User.removeAdmins = function(socket, uids, callback) {`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`if(!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

some checks to make last admin isnt removed 11 years ago			`if (uids.indexOf(socket.uid.toString()) !== -1) {`
			`return callback(new Error('[[error:cant-remove-self-as-admin]]'));`
			`}`

			`async.eachSeries(uids, function(uid, next) {`
			`groups.getMemberCount('administrators', function(err, count) {`
			`if (err) {`
			`return next(err);`
			`}`

			`if (count === 1) {`
			`return next(new Error('[[error:cant-remove-last-admin]]'));`
			`}`

			`groups.leave('administrators', uid, next);`
			`});`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`}, callback);`
some checks to make last admin isnt removed 11 years ago			`};`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago
socket.io admin/user 11 years ago			`User.createUser = function(socket, userData, callback) {`
			`if (!userData) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
			`user.create(userData, callback);`
			`};`

closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`User.banUsers = function(socket, uids, callback) {`
removed duplication 11 years ago			`toggleBan(uids, User.banUser, callback);`
			`};`

			`User.unbanUsers = function(socket, uids, callback) {`
			`toggleBan(uids, user.unban, callback);`
			`};`

fixed missing comma 11 years ago			`function toggleBan(uids, method, callback) {`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`if(!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
removed duplication 11 years ago			`async.each(uids, method, callback);`
			`}`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago
closes #1483 11 years ago			`User.banUser = function(uid, callback) {`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`user.isAdministrator(uid, function(err, isAdmin) {`
socket.io admin/user 11 years ago			`if (err \|\| isAdmin) {`
			`return callback(err \|\| new Error('[[error:cant-ban-other-admins]]'));`
			`}`

closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`user.ban(uid, function(err) {`
socket.io admin/user 11 years ago			`if (err) {`
			`return callback(err);`
			`}`

online count fixes for cluster 11 years ago			`websockets.in('uid_' + uid).emit('event:banned');`
socket.io admin/user 11 years ago
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`websockets.logoutUser(uid);`
socket.io admin/user 11 years ago			`callback();`
			`});`
			`});`
closes #1483 11 years ago			`};`
socket.io admin/user 11 years ago
closes #1971 11 years ago			`User.resetLockouts = function(socket, uids, callback) {`
			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

			`async.each(uids, user.auth.resetLockout, callback);`
			`};`

closes #2458 10 years ago			`User.resetFlags = function(socket, uids, callback) {`
			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

			`user.resetFlags(uids, callback);`
			`};`

closes #2213 11 years ago			`User.validateEmail = function(socket, uids, callback) {`
			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

			`uids = uids.filter(function(uid) {`
			`return parseInt(uid, 10);`
			`});`

			`async.each(uids, function(uid, next) {`
			`user.setUserField(uid, 'email:confirmed', 1, next);`
closes #2315 10 years ago			`}, callback);`
			`};`

			`User.sendPasswordResetEmail = function(socket, uids, callback) {`
			`if (!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`

			`uids = uids.filter(function(uid) {`
			`return parseInt(uid, 10);`
			`});`

			`async.each(uids, function(uid, next) {`
			`user.getUserFields(uid, ['email', 'username'], function(err, userData) {`
			`if (err) {`
			`return next(err);`
			`}`
			`if (!userData.email) {`
			`return next(new Error('[[error:user-doesnt-have-email, ' + userData.username + ']]'));`
			`}`
			`user.reset.send(userData.email, next);`
			`});`
closes #2213 11 years ago			`}, callback);`
			`};`

closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`User.deleteUsers = function(socket, uids, callback) {`
			`if(!Array.isArray(uids)) {`
			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
socket.io admin/user 11 years ago
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`async.each(uids, function(uid, next) {`
prevent administrators from being deleted - first remove them from admin group 11 years ago			`user.isAdministrator(uid, function(err, isAdmin) {`
			`if (err \|\| isAdmin) {`
closes #2550, closes #2518 10 years ago			`return callback(err \|\| new Error('[[error:cant-delete-other-admins]]'));`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`}`
socket.io admin/user 11 years ago
prevent administrators from being deleted - first remove them from admin group 11 years ago			`user.delete(uid, function(err) {`
			`if (err) {`
			`return next(err);`
			`}`

closes #2550, closes #2518 10 years ago			`events.log({`
			`type: 'user-delete',`
			`uid: socket.uid,`
			`targetUid: uid,`
			`ip: socket.ip`
			`});`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago
prevent administrators from being deleted - first remove them from admin group 11 years ago			`websockets.logoutUser(uid);`
			`next();`
			`});`
closes #1487 ban and delete user admin actions takes an array of uids now. 11 years ago			`});`
			`}, callback);`
socket.io admin/user 11 years ago			`};`

closes #2440 10 years ago			`User.search = function(socket, data, callback) {`
pass uid to getUsers and getUsersFromSets 10 years ago			`user.search({query: data.query, searchBy: data.searchBy, startsWith: false, uid: socket.uid}, function(err, searchData) {`
socket.io admin/user 11 years ago			`if (err) {`
			`return callback(err);`
			`}`
closes #2458 10 years ago			`if (!searchData.users.length) {`
			`return callback(null, searchData);`
			`}`

			`var userData = searchData.users;`
			`var uids = userData.map(function(user) {`
			`return user && user.uid;`
			`});`

			`async.parallel({`
			`users: function(next) {`
			`user.getMultipleUserFields(uids, ['email'], next);`
			`},`
			`flagCounts: function(next) {`
			`var sets = uids.map(function(uid) {`
			`return 'uid:' + uid + ':flagged_by';`
			`});`
			`db.setsCount(sets, next);`
			`}`
			`}, function(err, results) {`
			`if (err) {`
			`return callback(err);`
			`}`

			`userData.forEach(function(user, index) {`
			`if (user) {`
			`user.email = (results.users[index] && results.users[index].email) \|\| '';`
			`user.flags = results.flagCounts[index] \|\| 0;`
			`}`
			`});`
socket.io admin/user 11 years ago
closes #2458 10 years ago			`callback(null, searchData);`
socket.io admin/user 11 years ago			`});`
			`});`
			`};`

			`module.exports = User;`