Merge branch 'disco-improve-modlogs' into 'develop'

Draft: Add modlog on unban, and split concept of private/public modlog entries

See merge request fatchan/jschan!345

controllers/forms.js

@@ -57,7 +57,7 @@ router.post('/board/:board/transfer', useSession, sessionRefresh, csrf, Boards.e
 	hasPerms.any(Permissions.MANAGE_BOARD_OWNER, Permissions.MANAGE_GLOBAL_BOARDS), transferController.paramConverter, transferController.controller);
 router.post('/board/:board/settings', geoIp, processIp, useSession, sessionRefresh, csrf, Boards.exists, setBoardLanguage, calcPerms, isLoggedIn,
 	hasPerms.one(Permissions.MANAGE_BOARD_SETTINGS), boardSettingsController.paramConverter, boardSettingsController.controller);
-router.post('/board/:board/editbans', useSession, sessionRefresh, csrf, Boards.exists, setBoardLanguage, calcPerms, isLoggedIn,
+router.post('/board/:board/editbans', geoIp, processIp, useSession, sessionRefresh, csrf, Boards.exists, setBoardLanguage, calcPerms, isLoggedIn,
 	hasPerms.one(Permissions.MANAGE_BOARD_BANS), editBansController.paramConverter, editBansController.controller); //edit bans
 router.post('/board/:board/addfilter', useSession, sessionRefresh, csrf, Boards.exists, setBoardLanguage, calcPerms, isLoggedIn,
 	hasPerms.one(Permissions.MANAGE_BOARD_SETTINGS), addFilterController.paramConverter, addFilterController.controller); //add new filter
@@ -95,7 +95,7 @@ router.post('/board/:board/deletestaff', useSession, sessionRefresh, csrf, Board
 	hasPerms.one(Permissions.MANAGE_BOARD_STAFF), deleteStaffController.paramConverter, deleteStaffController.controller); //delete board staff
 
 //global management forms
-router.post('/global/editbans', useSession, sessionRefresh, csrf, calcPerms, isLoggedIn,
+router.post('/global/editbans', geoIp, processIp, useSession, sessionRefresh, csrf, calcPerms, isLoggedIn,
 	hasPerms.one(Permissions.MANAGE_GLOBAL_BANS), editBansController.paramConverter, editBansController.controller); //remove bans
 router.post('/global/deleteboard', useSession, sessionRefresh, csrf, deleteBoardController.paramConverter, calcPerms, isLoggedIn,
 	hasPerms.one(Permissions.MANAGE_GLOBAL_BOARDS), deleteBoardController.controller); //delete board from global management panel

controllers/forms/editbans.js

@@ -8,6 +8,8 @@ const config = require(__dirname+'/../../lib/misc/config.js')
 	, editBanNote = require(__dirname+'/../../models/forms/editbannote.js')
 	, upgradeBans = require(__dirname+'/../../models/forms/upgradebans.js')
 	, paramConverter = require(__dirname+'/../../lib/middleware/input/paramconverter.js')
+	, ModlogActions = require(__dirname+'/../../lib/input/modlogactions.js')
+	, { Bans, Modlogs } = require(__dirname+'/../../db/')
 	, { checkSchema, lengthBody, numberBody, inArrayBody } = require(__dirname+'/../../lib/input/schema.js');
 
 module.exports = {
@@ -44,6 +46,13 @@ module.exports = {
 			});
 		}
 
+		let bans = [];
+		try {
+			bans = await Bans.get(req.body.checkedbans, req.params.board ? req.params.board : null);
+		} catch (e) {
+			return next(e);
+		}
+
 		let amount = 0;
 		let message;
 		try {
@@ -71,6 +80,25 @@ module.exports = {
 				default:
 					throw __('Invalid ban action'); //should never happen anyway
 			}
+
+			// inserting these into non-public modlogs
+			const modlogs = bans.map(b => ({
+				board: Array.isArray(b.board) ? b.board.find(bx => bx != null) : b.board, //TODO: if in future multiple are allowed, update this to use an array
+				showLinks: true,
+				postLinks: [],
+				actions: [ModlogActions.BAN],
+				public: false,
+				date: new Date(),
+				showUser: true,
+				message: message,
+				user: req.session.user,
+				ip: {
+					cloak: res.locals.ip.cloak,
+					raw: res.locals.ip.raw,
+				}
+			}));
+			await Modlogs.insertMany(modlogs);
+
 		} catch (err) {
 			return next(err);
 		}

db/bans.js

@@ -29,6 +29,15 @@ module.exports = {
 		}).toArray();
 	},
 
+	get: (ids, board) => {
+		return db.find({
+			'board': board,
+			'_id': {
+				'$in': ids
+			},
+		}).toArray();
+	},
+
 	upgrade: async (board, ids, upgradeType) => {
 		const substrProjection = upgradeType === 1
 			? ['$ip.cloak', 0, 16]

db/modlogs.js

@@ -7,10 +7,11 @@ module.exports = {
 
 	db,
 
-	getDates: (board) => {
+	getDates: (board, publicOnly=true) => {
 		return db.aggregate([
 			{
 				'$match': {
+					...(publicOnly ? { 'public': true } : {}),
 					'board': board
 				}
 			},
@@ -70,7 +71,7 @@ module.exports = {
 		return db.countDocuments(filter);
 	},
 
-	findBetweenDate: (board, start, end) => {
+	findBetweenDate: (board, start, end, publicOnly=true) => {
 		const startDate = Mongo.ObjectId.createFromTime(Math.floor(start.getTime()/1000));
 		const endDate = Mongo.ObjectId.createFromTime(Math.floor(end.getTime()/1000));
 		return db.find({
@@ -78,7 +79,8 @@ module.exports = {
 				'$gte': startDate,
 				'$lte': endDate
 			},
-			'board': board._id
+			'board': board._id,
+			...(publicOnly ? { 'public': true } : {}),
 		}, {
 			projection: {
 				'ip': 0,

lib/post/filteractions.js

@@ -18,10 +18,11 @@ module.exports = async (req, res, globalFilter, hitFilter, filterMode,
 			'redirect': redirect
 		});
 	} else {
-		const banBoard = globalFilter ? null : res.locals.board._id;
+		const banBoard = globalFilter ? [null, res.locals.board._id] : res.locals.board._id;
 		const banDate = new Date();
 		const banExpiry = new Date(filterBanDuration + banDate.getTime());
 		const ban = {
+			'global': globalFilter ? true : false,
 			'ip': {
 				'cloak': res.locals.ip.cloak,
 				'raw': res.locals.ip.raw,

migrations/1.4.2.js

@@ -0,0 +1,12 @@
+'use strict';
+
+module.exports = async(db) => {
+
+	console.log('Updating modlogs to add public flag');
+	await db.collection('modlog').updateMany({}, {
+		'$set': {
+			'public': true,
+		},
+	});
+
+};

migrations/1.5.0.js

@@ -0,0 +1,14 @@
+'use strict';
+
+module.exports = async(db) => {
+
+	console.log('Updating all bans with board: null to be global true');
+	await db.collection('bans').updateMany({
+		board: null,
+	}, {
+		'$set': {
+			'global': true,
+		},
+	});
+
+};

models/forms/actionhandler.js

@@ -110,7 +110,7 @@ module.exports = async (req, res, next) => {
 	if (deleting) {
 
 		//OP delete protection. for old OPs or with a lot of replies
-		if (!isStaffOrGlobal) {
+		if (!isStaffOrGlobal) { //TODO: make this use a permission bit
 			const { deleteProtectionAge, deleteProtectionCount } = res.locals.board.settings;
 			if (deleteProtectionAge > 0 || deleteProtectionCount > 0) {
 				const protectedThread = res.locals.posts.some(p => {
@@ -332,6 +332,7 @@ module.exports = async (req, res, next) => {
 					showLinks: !deleting,
 					postLinks: [],
 					actions: modlogActions,
+					public: true,
 					date: logDate,
 					showUser: !req.body.hide_name || logUser === null ? true : false,
 					message: message,

models/forms/banposter.js

@@ -16,7 +16,7 @@ module.exports = async (req, res) => {
 	const bans = [];
 
 	if (req.body.ban || req.body.global_ban) {
-		const banBoard = req.body.global_ban ? null : req.params.board;
+		const banBoard = req.body.global_ban ? [null, req.params.board] : req.params.board;
 		const ipPosts = res.locals.posts.reduce((acc, post) => {
 			if (!acc[post.ip.cloak]) {
 				acc[post.ip.cloak] = [];
@@ -55,6 +55,7 @@ module.exports = async (req, res) => {
 					.join('.');
 			}
 			bans.push({
+				'global': req.body.global_ban != null,
 				'range': banRange,
 				'ip': banIp,
 				'reason': banReason,
@@ -73,7 +74,7 @@ module.exports = async (req, res) => {
 	}
 
 	if (req.body.report_ban || req.body.global_report_ban) {
-		const banBoard = req.body.global_report_ban ? null : req.params.board;
+		const banBoard = req.body.global_report_ban ? [null, req.params.board] : req.params.board;
 		res.locals.posts.forEach(post => {
 			let ips = [];
 			if (req.body.report_ban) {
@@ -95,6 +96,7 @@ module.exports = async (req, res) => {
 			ips = ips.filter(n => n);
 			[...new Set(ips)].forEach(ip => {
 				bans.push({
+					'global': req.body.global_report_ban != null,
 					'range': 0,
 					'ip': ip,
 					'reason': banReason,
@@ -106,6 +108,7 @@ module.exports = async (req, res) => {
 					allowAppeal,
 					'appeal': null,
 					'showUser': !req.body.hide_name,
+					'note': null,
 					'seen': false
 				});
 			});

models/forms/editpost.js

@@ -168,6 +168,7 @@ todo: handle some more situations
 			thread: post.thread,
 		}],
 		actions: [ModlogActions.EDIT],
+		public: true, //TODO: take an optional checkbox also controlled by a BO/global delegated perm
 		date: new Date(),
 		showUser: req.body.hide_name ? false : true,
 		message: req.body.log_message || null,

views/mixins/ban.pug

@@ -6,10 +6,10 @@ mixin ban(ban, banpage)
 			if !banpage || (ban.appeal == null && ban.allowAppeal === true)
 				input.post-check(type='checkbox', name='checkedbans' value=ban._id)
 		td
-			if ban.board
-				a(href=`/${ban.board}/`) /#{ban.board}/
+			if ban.global === true
+				| #{__('Global')} (#{ban.board.filter(n => n).join(', ')})
 			else
-				| #{__('Global')}
+				a(href=`/${ban.board}/`) /#{ban.board}/
 		td= ban.reason
 		- const ip = viewRawIp === true ? ban.ip.raw : ban.ip.cloak;
 		if viewRawIp === true