github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-13 00:25:02 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FEATURE: Send suspect users to the review queue (#8811)

Browse Source
This commit is contained in:
Roman Rizzi
2020-01-29 15:38:27 -03:00
committed by GitHub
parent 09e8be3209
commit 2ee6a615b7
8 changed files with 107 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/assets/javascripts/discourse/templates/components/reviewable-user.hbs
View File

@ -21,6 +21,14 @@
name=(i18n 'review.user.email') name=(i18n 'review.user.email')
value=reviewable.payload.email}} value=reviewable.payload.email}}
{{reviewable-field classes='reviewable-user-details bio'
name=(i18n 'review.user.bio')
value=reviewable.payload.bio}}
{{reviewable-field classes='reviewable-user-details bio'
name=(i18n 'review.user.website')
value=reviewable.payload.website}}
{{#each userFields as |f|}} {{#each userFields as |f|}}
{{reviewable-field classes='reviewable-user-details user-field' {{reviewable-field classes='reviewable-user-details user-field'
name=f.name name=f.name

43
app/jobs/scheduled/enqueue_suspect_users.rb Normal file
View File

@ -0,0 +1,43 @@
# frozen_string_literal: true
module Jobs
class EnqueueSuspectUsers < ::Jobs::Scheduled
every 2.hours
def execute(_args)
return unless SiteSetting.approve_suspect_users
users = AdminUserIndexQuery.new
.suspect_users
.joins("LEFT OUTER JOIN reviewables r ON r.target_id = users.id AND r.target_type = 'User'")
.where('r.id IS NULL')
.limit(10)
users.each do |user|
user_profile = user.user_profile
reviewable = ReviewableUser.needs_review!(
target: user,
created_by: Discourse.system_user,
reviewable_by_moderator: true,
payload: {
username: user.username,
name: user.name,
email: user.email,
bio: user_profile.bio_raw,
website: user_profile.website,
}
)
if reviewable.created_new
reviewable.add_score(
Discourse.system_user,
ReviewableScore.types[:needs_approval],
reason: :suspect_user,
force_review: true
)
end
end
end
end
end

4
app/models/reviewable_user.rb
View File

@ -59,6 +59,10 @@ class ReviewableUser < Reviewable
if target.present? if target.present?
destroyer = UserDestroyer.new(performed_by) destroyer = UserDestroyer.new(performed_by)
if reviewable_scores.any? { |rs| rs.reason == 'suspect_user' }
DiscourseEvent.trigger(:suspect_user_deleted, target)
end
begin begin
delete_args = {} delete_args = {}
delete_args[:block_ip] = true if args[:block_ip] delete_args[:block_ip] = true if args[:block_ip]

4
app/serializers/reviewable_user_serializer.rb
View File

@ -7,7 +7,9 @@ class ReviewableUserSerializer < ReviewableSerializer
payload_attributes( payload_attributes(
:username, :username,
:email, :email,
:name :name,
:bio,
:website
) )
def link_admin def link_admin

2
config/locales/client.en.yml
View File

@ -443,6 +443,8 @@ en:
deleted_post: "(post deleted)" deleted_post: "(post deleted)"
deleted_user: "(user deleted)" deleted_user: "(user deleted)"
user: user:
bio: "Bio"
website: "Website"
username: "Username" username: "Username"
email: "Email" email: "Email"
name: "Name" name: "Name"

2
config/locales/server.en.yml
View File

@ -1511,6 +1511,7 @@ en:
markdown_typographer_quotation_marks: "List of double and single quotes replacement pairs" markdown_typographer_quotation_marks: "List of double and single quotes replacement pairs"
post_undo_action_window_mins: "Number of minutes users are allowed to undo recent actions on a post (like, flag, etc)." post_undo_action_window_mins: "Number of minutes users are allowed to undo recent actions on a post (like, flag, etc)."
must_approve_users: "Staff must approve all new user accounts before they are allowed to access the site." must_approve_users: "Staff must approve all new user accounts before they are allowed to access the site."
approve_suspect_users: "Staff must approve all suspect accounts"
pending_users_reminder_delay: "Notify moderators if new users have been waiting for approval for longer than this many hours. Set to -1 to disable notifications." pending_users_reminder_delay: "Notify moderators if new users have been waiting for approval for longer than this many hours. Set to -1 to disable notifications."
maximum_session_age: "User will remain logged in for n hours since last visit" maximum_session_age: "User will remain logged in for n hours since last visit"
ga_universal_tracking_code: "Google Universal Analytics (analytics.js) tracking code ID, eg: UA-12345678-9; see <a href='https://google.com/analytics' target='_blank'>https://google.com/analytics</a>" ga_universal_tracking_code: "Google Universal Analytics (analytics.js) tracking code ID, eg: UA-12345678-9; see <a href='https://google.com/analytics' target='_blank'>https://google.com/analytics</a>"
@ -4667,6 +4668,7 @@ en:
invite_only: "All new users should be invited. See `invite_only`." invite_only: "All new users should be invited. See `invite_only`."
email_auth_res_enqueue: "This email failed a DMARC check, it most likely isn't from whom it seems to be from. Check the raw email headers for more information." email_auth_res_enqueue: "This email failed a DMARC check, it most likely isn't from whom it seems to be from. Check the raw email headers for more information."
email_spam: "This email was flagged as spam by the header defined in `email_in_spam_header`." email_spam: "This email was flagged as spam by the header defined in `email_in_spam_header`."
suspect_user: "Users in the suspect list must be examined by staff. See `approve_suspect_users`."
actions: actions:
agree: agree:

2
config/site_settings.yml
View File

@ -855,6 +855,8 @@ posting:
approve_new_topics_unless_trust_level: approve_new_topics_unless_trust_level:
default: 0 default: 0
enum: "TrustLevelSetting" enum: "TrustLevelSetting"
approve_suspect_users:
default: false
approve_unless_staged: approve_unless_staged:
default: false default: false
notify_about_queued_posts_after: notify_about_queued_posts_after:

43
spec/jobs/enqueue_suspect_users_spec.rb Normal file
View File

@ -0,0 +1,43 @@
# frozen_string_literal: true
require 'rails_helper'
describe Jobs::EnqueueSuspectUsers do
before { SiteSetting.approve_suspect_users = true }
it 'does nothing when there are no suspect users' do
subject.execute({})
expect(ReviewableUser.count).to be_zero
end
context 'with suspect users' do
fab!(:suspect_user) { Fabricate(:active_user, created_at: 1.day.ago) }
it 'creates a reviewable when there is a suspect user' do
subject.execute({})
expect(ReviewableUser.count).to eq(1)
end
it 'only creates one reviewable per user' do
review_user = ReviewableUser.needs_review!(
target: suspect_user,
created_by: Discourse.system_user,
reviewable_by_moderator: true
)
subject.execute({})
expect(ReviewableUser.count).to eq(1)
expect(ReviewableUser.last).to eq(review_user)
end
it 'adds a score' do
subject.execute({})
score = ReviewableScore.last
expect(score.reason).to eq('suspect_user')
end
end
end