You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

193 lines
4.9 KiB
JavaScript

'use strict';
const async = require('async');
const winston = require('winston');
const db = require('../../database');
const groups = require('../../groups');
const user = require('../../user');
const events = require('../../events');
const meta = require('../../meta');
const plugins = require('../../plugins');
const User = module.exports;
User.makeAdmins = async function (socket, uids) {
if (!Array.isArray(uids)) {
throw new Error('[[error:invalid-data]]');
}
const userData = await user.getUsersFields(uids, ['banned']);
userData.forEach((userData) => {
if (userData && userData.banned) {
throw new Error('[[error:cant-make-banned-users-admin]]');
}
});
for (const uid of uids) {
/* eslint-disable no-await-in-loop */
await groups.join('administrators', uid);
await events.log({
type: 'user-makeAdmin',
uid: socket.uid,
targetUid: uid,
ip: socket.ip,
});
}
};
User.removeAdmins = async function (socket, uids) {
if (!Array.isArray(uids)) {
throw new Error('[[error:invalid-data]]');
}
for (const uid of uids) {
/* eslint-disable no-await-in-loop */
const count = await groups.getMemberCount('administrators');
if (count === 1) {
throw new Error('[[error:cant-remove-last-admin]]');
}
await groups.leave('administrators', uid);
await events.log({
type: 'user-removeAdmin',
uid: socket.uid,
targetUid: uid,
ip: socket.ip,
});
}
};
User.createUser = async function (socket, userData) {
if (!userData) {
throw new Error('[[error:invalid-data]]');
}
return await user.create(userData);
};
User.resetLockouts = async function (socket, uids) {
if (!Array.isArray(uids)) {
throw new Error('[[error:invalid-data]]');
}
await Promise.all(uids.map(uid => user.auth.resetLockout(uid)));
};
User.validateEmail = async function (socket, uids) {
if (!Array.isArray(uids)) {
throw new Error('[[error:invalid-data]]');
}
uids = uids.filter(uid => parseInt(uid, 10));
await db.setObjectField(uids.map(uid => 'user:' + uid), 'email:confirmed', 1);
await db.sortedSetRemove('users:notvalidated', uids);
};
User.sendValidationEmail = async function (socket, uids) {
if (!Array.isArray(uids)) {
throw new Error('[[error:invalid-data]]');
}
if (!meta.config.requireEmailConfirmation) {
throw new Error('[[error:email-confirmations-are-disabled]]');
}
await async.eachLimit(uids, 50, async function (uid) {
await user.email.sendValidationEmail(uid);
});
};
User.sendPasswordResetEmail = async function (socket, uids) {
if (!Array.isArray(uids)) {
throw new Error('[[error:invalid-data]]');
}
uids = uids.filter(uid => parseInt(uid, 10));
await Promise.all(uids.map(async function (uid) {
const userData = await user.getUserFields(uid, ['email', 'username']);
if (!userData.email) {
throw new Error('[[error:user-doesnt-have-email, ' + userData.username + ']]');
}
await user.reset.send(userData.email);
}));
};
User.forcePasswordReset = async function (socket, uids) {
if (!Array.isArray(uids)) {
throw new Error('[[error:invalid-data]]');
}
uids = uids.filter(uid => parseInt(uid, 10));
await db.setObjectField(uids.map(uid => 'user:' + uid), 'passwordExpiry', Date.now());
await user.auth.revokeAllSessions(uids);
};
User.deleteUsers = async function (socket, uids) {
deleteUsers(socket, uids, async function (uid) {
await user.deleteAccount(uid);
});
};
User.deleteUsersAndContent = async function (socket, uids) {
deleteUsers(socket, uids, async function (uid) {
await user.delete(socket.uid, uid);
});
};
async function deleteUsers(socket, uids, method) {
if (!Array.isArray(uids)) {
throw new Error('[[error:invalid-data]]');
}
const isMembers = await groups.isMembers(uids, 'administrators');
if (isMembers.includes(true)) {
throw new Error('[[error:cant-delete-other-admins]]');
}
async function doDelete(uid) {
const userData = await method(uid);
await events.log({
type: 'user-delete',
uid: socket.uid,
targetUid: uid,
ip: socket.ip,
username: userData.username,
email: userData.email,
});
plugins.fireHook('action:user.delete', {
callerUid: socket.uid,
uid: uid,
ip: socket.ip,
});
}
try {
await Promise.all(uids.map(uid => doDelete(uid)));
} catch (err) {
winston.error(err);
}
}
User.search = async function (socket, data) {
const searchData = await user.search({
query: data.query,
searchBy: data.searchBy,
uid: socket.uid,
});
if (!searchData.users.length) {
return searchData;
}
const uids = searchData.users.map(user => user && user.uid);
const userInfo = await user.getUsersFields(uids, ['email', 'flags', 'lastonline', 'joindate']);
searchData.users.forEach(function (user, index) {
if (user && userInfo[index]) {
user.email = userInfo[index].email;
user.flags = userInfo[index].flags || 0;
user.lastonlineISO = userInfo[index].lastonlineISO;
user.joindateISO = userInfo[index].joindateISO;
}
});
return searchData;
};
User.restartJobs = async function () {
user.startJobs();
};