decidim-cdtb 0.1.3 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d908d1cc4021da9869dd10cacb1fe06b360301d4e13f1a70a55fdc90a2712b6a
-  data.tar.gz: e7a0c808803bbbd6dc75e5bdfaee7b3acfb1311c085f17eb41a9de32fc7795fa
+  metadata.gz: 241f6ab9b3dcf2a9c90d13e458459776a5cedf5d0beff5ffbe9114b0c0f687ba
+  data.tar.gz: 2d9a4ef96c973b47296869acf12083a4f5862fdab7e7135e6ad36e6674115edc
 SHA512:
-  metadata.gz: 20ddde6eddf59ab12b7ca8d6f489692a04183331f0c1ef496b199b4350cdd103d2b23ca94329199d36f2a9e7222ea0c3269da25648ec0acb47bdde6b38666b92
-  data.tar.gz: 2dd41a8a1f79ffd4506c6b18d58393d3a88d8a021e0acf05cfbd4e4ac1dcc22250294c8de29d7168c2fce29bf2d2df71c0b9905414a3df1e28991aa665be8d36
+  metadata.gz: 37c3ba1e514d44cecf61948a84f89b16c01dd67f7993b972fda6f6b006997b0afaabf3dcacf312ff85a9ef142d6f1576dd822824c1d5e492bbc200a4bff3cc20
+  data.tar.gz: 1517ff9df9d457abab99ed385d3fb0c7d1e4a6bdf080a8c29ba5fe3a766d8024ae294f37bc8fe4c90142155914bba4bfd20cdf51108a590b33ba168d977cd27e

data/.rubocop.yml

@@ -11,7 +11,7 @@ AllCops:
 
 Metrics/BlockLength:
   Enabled: true
-  Max: 30
+  Max: 50
   Exclude:
     - lib/tasks/*.rake
 

data/CHANGELOG.md

@@ -1,5 +1,18 @@
 ## [Unreleased]
 
+## [0.1.6] - 2024-04-11 (Malifetes ben fetes)
+
+- Add remover users task
+
+## [0.1.5] - 2024-02-08 (Pastissos voladors de colors)
+
+- Fix homepage in rubygems.org
+- Add organization id and name in spam csv
+
+## [0.1.4] - 2024-01-30 (Peus grans com gegants)
+
+- Add users spam detector task
+
 ## [0.1.3] - 2023-06-23 (Tan iguals com especials)
 
 - Validate migrations task

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    decidim-cdtb (0.1.3)
+    decidim-cdtb (0.1.6)
       decidim (>= 0.26.2)
       rails (>= 6)
       ruby-progressbar
@@ -775,4 +775,4 @@ DEPENDENCIES
   sqlite3
 
 BUNDLED WITH
-   2.3.6
+   2.4.22

data/README.md

@@ -36,17 +36,6 @@ bin/rake cdtb:org_by_host_like[vila]
 host: localhost, time_zone: Madrid, locales: ca + [ca, es, oc], available authorizations: [postal_letter, members_picker_authorization_handler]
 ```
 
-### Fix nicknames
-
-In a previous version than Decidim v0.25 a validation to the `Decidim::User.nickname` was added with a migration to fix existing nicknames. But the migration was only taking into acocunt managed (impersonated) users.
-
-This task iterates (with `find_each`) over all non managed users and nicknamizes the nickname.
-
-To execute the task run:
-
-```
-bin/rake cdtb:fix_nicknames
-```
 
 ### Anonymize production dump
 
@@ -76,6 +65,58 @@ To migrate from S3 to local storage, the identified steps will be:
     `bin/rake cache:clear`
 5. Restart the Rails server
 
+### Detect spam
+
+To detect spam in Decidim.
+
+#### Detect spam users
+Detects users susceptible of being spammers. It can run on all organizations or be scoped to a single organization by passing the organization ID as the rake task parameter.
+
+This rake task export a .csv with a list of all the searched users. A column indicates if each user is suspicious of being a spammer or not.
+The columns in the CSV are: "ID, "Is suspicious?", "Name", "Email", "Nickname", "Personal URL", "About"
+
+Examples:
+`bin/rake cdtb:spam:users[org_id]` --> find users in organization with an id.
+`bin/rake cdtb:spam:users` --> find all users in all organizations.
+
+To set custom words in the rake, you can override it with an initalizer:
+
+```
+Decidim::Cdtb.configure do |config|
+  config.spam_words = ENV["CDTB_SPAM_WORDS"]&.split(",")
+end
+```
+
+### Users
+
+Tasks related with users.
+
+### Fix nicknames
+
+In a previous version than Decidim v0.25 a validation to the `Decidim::User.nickname` was added with a migration to fix existing nicknames. But the migration was only taking into account managed (impersonated) users.
+
+This task iterates (with `find_each`) over all non managed users and nicknamizes the nickname.
+
+To execute the task run:
+
+```
+bin/rake cdtb:users:fix_nicknames
+```
+
+#### Remove users
+
+You can delete users through a CSV with the user ID. The purpose is to be able to eliminate potentially spammy users.
+
+This task reports and hide the user's comments, blocks the user, and finally deletes the user.
+
+The CSV will have a header and one column with the user ID.
+
+To execute the task run:
+
+```
+bundle exec rake cdtb:users:remove[spam_users.csv]
+```
+
 ### Upgrades:
 
 #### Upgrade modules

data/decidim-cdtb.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
 
   spec.summary = "CodiTramuntana's Decidim Toolbelt (cdtb)."
   spec.description = "A gem to help managing Decidim applications."
-  spec.homepage = "http://github.com/CodiTramunana/cdtb"
+  spec.homepage = "https://github.com/CodiTramuntana/decidim-module-cdtb"
   spec.license = "MIT"
   spec.required_ruby_version = ">= 2.7.5"
 

data/lib/decidim/cdtb/engine.rb

@@ -10,6 +10,10 @@ module Decidim
         # Workaround for https://stackoverflow.com/questions/72970170/upgrading-to-rails-6-1-6-1-causes-psychdisallowedclass-tried-to-load-unspecif
         Rails.application.config.active_record.use_yaml_unsafe_load = true
       end
+
+      config.after_initialize do
+        Decidim::Cdtb.config.spam_regexp = Regexp.union(Decidim::Cdtb.config.spam_words)
+      end
     end
   end
 end

data/lib/decidim/cdtb/spam/user_spam_detector.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+require "csv"
+
+module Decidim
+  module Cdtb
+    module Spam
+      # Detect spam behavior in users
+      #
+      class UserSpamDetector < ::Decidim::Cdtb::Task
+        # rubocop:disable Style/RedundantRegexpEscape
+        URL_REGEX = %r{(https?:\/\/(?:www\.|(?!www))[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]{2,}|
+        www\.[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]{2,}|https?:\/\/(?:www\.|
+        (?!www))[a-zA-Z0-9]+\.[^\s]{2,}|www\.[a-zA-Z0-9]+\.[^\s]{2,})}.freeze
+        # rubocop:enable Style/RedundantRegexpEscape
+
+        def initialize(organization = nil)
+          @organization = organization
+          progress_bar = { title: "Decidim::User" }
+          super("SPAM DETECTOR", progress_bar: progress_bar)
+        end
+
+        def prepare_execution(_ctx)
+          @users = if @organization.present?
+                     Decidim::User.where(organization: @organization)
+                   else
+                     Decidim::User.all
+                   end
+
+          @num_users = @users.count
+          log_task_info("Checking #{@num_users} users...")
+        end
+
+        def total_items
+          @num_users
+        end
+
+        # rubocop:disable Metrics/AbcSize
+        def do_execution(context)
+          progress_bar = context[:progress_bar]
+          CSV.open("spam_users.csv", "w") do |csv|
+            csv_headers = ["ID", "Is suspicious?", "Name", "Email", "Nickname", "Personal URL", "About",
+                           "Organization ID", "Organization Name"]
+            csv << csv_headers
+
+            @users.find_each do |user|
+              suspicious = "NO"
+
+              if spam_user?(user)
+                suspicious = "YES"
+                @num_applied+= 1
+              end
+
+              csv << [user.id, suspicious, user.name, user.email, user.nickname, user.personal_url, user.about,
+                      user.organization.id, user.organization.name]
+
+              progress_bar.increment
+            end
+          end
+        end
+        # rubocop:enable Metrics/AbcSize
+
+        def end_execution(_ctx)
+          if @num_applied.positive?
+            log_task_step("#{@num_applied} suspicious users")
+            log_task_step("Suspicious users list exported to spam_users.csv")
+          else
+            log_task_step("There are not suspicious users!!")
+          end
+        end
+
+        def spam_user?(user)
+          has_spam_word?(user) || has_spam_url?(user)
+        end
+
+        private
+
+        def has_spam_word?(user)
+          [user.name, user.about, user.nickname,
+           user.personal_url, user.about].compact.join("||").match?(Decidim::Cdtb.config.spam_regexp)
+        end
+
+        def has_spam_url?(user)
+          !!(user&.about =~ URL_REGEX || user.name =~ URL_REGEX)
+        end
+      end
+    end
+  end
+end

data/lib/decidim/cdtb/tasks.rb

@@ -3,7 +3,9 @@
 require "decidim/cdtb/tasks_utils"
 require "decidim/cdtb/task"
 require "decidim/cdtb/fixes/nickname_fixer"
+require "decidim/cdtb/users/remover"
 require "decidim/cdtb/multitenants/org_by_host_like"
+require "decidim/cdtb/spam/user_spam_detector"
 require "decidim/cdtb/storage/local_sharding"
 require "decidim/cdtb/storage/set_local_on_blobs"
 require "decidim/cdtb/upgrades/validate_migrations_task"

data/lib/decidim/cdtb/users/remover.rb

@@ -0,0 +1,127 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Cdtb
+    module Users
+      # Remove Decidim::User's
+      #
+      class Remover < ::Decidim::Cdtb::Task
+        def initialize(csv_path)
+          @csv_path = csv_path
+          progress_bar = { title: "Decidim::User" }
+          super("USER REMOVER", progress_bar: progress_bar)
+        end
+
+        def prepare_execution(_ctx); end
+
+        def total_items
+          File.open(@csv_path).readlines.size - 1
+        end
+
+        def do_execution(context)
+          progress_bar = context[:progress_bar]
+
+          CSV.foreach(@csv_path, headers: true, col_sep: ",") do |row|
+            user = Decidim::User.find_by(id: row[0])
+            next unless user.present?
+
+            reporter_user = Decidim::User.find_by(email: "support@coditramuntana.com",
+                                                  organization: user.organization)
+            comments = Decidim::Comments::Comment.where(decidim_author_id: user.id)
+            manage_comments(comments, reporter_user) unless comments.empty?
+            destroy_user(user) if block_user(user, reporter_user)
+            progress_bar.increment
+          end
+        end
+
+        def end_execution(_ctx)
+          log_task_step("#{@num_applied} users removed")
+        end
+
+        private
+
+        def manage_comments(comments, reporter_user)
+          comments.find_each do |comment|
+            report_comment(comment, reporter_user)
+            hide_comment(comment, reporter_user)
+          end
+        end
+
+        def block_user(user, reporter_user)
+          params = {
+            user_id: user.id,
+            justification: "Confirmed spam suspicious"
+          }
+
+          form = Decidim::Admin::BlockUserForm.from_params(params).with_context(
+            {
+              current_organization: user.organization,
+              current_user: reporter_user
+            }
+          )
+
+          Decidim::Admin::BlockUser.call(form) do
+            on(:ok) do
+              puts "OK: User #{user.id} blocked"
+              return true
+            end
+
+            on(:invalid) do
+              puts "ERROR: User #{user.id} not blocked"
+              return false
+            end
+          end
+        end
+
+        def destroy_user(user)
+          params = {
+            delete_reason: "Confirmed spam suspicious"
+          }
+
+          form = Decidim::DeleteAccountForm.from_params(params)
+
+          Decidim::DestroyAccount.call(user, form) do
+            on(:ok) do
+              puts "OK: User #{user.id} removed"
+            end
+
+            on(:invalid) do
+              puts "ERROR: User #{user.id} not removed"
+            end
+          end
+        end
+
+        def report_comment(comment, reporter_user)
+          params = {
+            reason: "spam",
+            details: "Spam message"
+          }
+
+          form = Decidim::ReportForm.from_params(params)
+
+          CreateReport.call(form, comment, reporter_user) do
+            on(:ok) do
+              puts "OK: Comment #{comment.id} of User #{user.id} reported"
+            end
+
+            on(:invalid) do
+              puts "ERROR: Comment #{comment.id} of User #{user.id} not reported"
+            end
+          end
+        end
+
+        def hide_comment(comment, reporter_user)
+          Admin::HideResource.call(comment, reporter_user) do
+            on(:ok) do
+              puts "OK: Comment #{comment.id} of User #{user.id} hided"
+            end
+
+            on(:invalid) do
+              puts "ERROR: Comment #{comment.id} of User #{user.id} not hided"
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/decidim/cdtb/version.rb

@@ -2,7 +2,7 @@
 
 module Decidim
   module Cdtb
-    VERSION = "0.1.3"
+    VERSION = "0.1.6"
     DECIDIM_MIN_VERSION = ">= 0.26.2"
   end
 end

data/lib/decidim/cdtb.rb

@@ -5,7 +5,14 @@ require_relative "cdtb/engine"
 require_relative "cdtb/tasks"
 
 module Decidim
+  # Cdtb configuration
   module Cdtb
+    include ActiveSupport::Configurable
+
     class Error < StandardError; end
+
+    config_accessor :spam_words do
+      %w[viagra sex game free crypto crack xxx luck girls vip download]
+    end
   end
 end

data/lib/tasks/spam.rake

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+namespace :cdtb do
+  namespace :spam do
+    desc "Show a list with users suspected of spam"
+    task :users, %i[org_id] => :environment do |_task, args|
+      organization = args.org_id.present? ? Decidim::Organization.find(args.org_id) : nil
+
+      detector = ::Decidim::Cdtb::Spam::UserSpamDetector.new(organization)
+      detector.execute!
+    end
+  end
+end

data/lib/tasks/users.rake

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require "decidim/cdtb/tasks"
+
+namespace :cdtb do
+  namespace :users do
+    desc <<~EODESC
+      Fix Decidim::User's nicknames.
+    EODESC
+    task fix_nicknames: [:environment] do
+      fixer= ::Decidim::Cdtb::Fixes::NicknameFixer.new
+      fixer.execute!
+    end
+
+    desc <<~EODESC
+      Remove Decidim::User's by IDs in a CSV.
+    EODESC
+    task :remove, %i[csv_file] => [:environment] do |_taks, args|
+      service = ::Decidim::Cdtb::Users::Remover.new(args.csv_file)
+      service.execute!
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: decidim-cdtb
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.6
 platform: ruby
 authors:
 - Oliver Valls
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-07-10 00:00:00.000000000 Z
+date: 2024-04-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: decidim
@@ -105,6 +105,7 @@ files:
 - lib/decidim/cdtb/engine.rb
 - lib/decidim/cdtb/fixes/nickname_fixer.rb
 - lib/decidim/cdtb/multitenants/org_by_host_like.rb
+- lib/decidim/cdtb/spam/user_spam_detector.rb
 - lib/decidim/cdtb/storage/local_sharding.rb
 - lib/decidim/cdtb/storage/set_local_on_blobs.rb
 - lib/decidim/cdtb/task.rb
@@ -113,23 +114,25 @@ files:
 - lib/decidim/cdtb/upgrades/install_gem_migrations_step.rb
 - lib/decidim/cdtb/upgrades/upgrade_modules_task.rb
 - lib/decidim/cdtb/upgrades/validate_migrations_task.rb
+- lib/decidim/cdtb/users/remover.rb
 - lib/decidim/cdtb/version.rb
 - lib/generators/cdtb/USAGE
 - lib/generators/cdtb/templates/validate_migrations.yml
 - lib/generators/cdtb/validate_migrations_ci_generator.rb
 - lib/tasks/anonymize.rake
-- lib/tasks/cdtb.rake
 - lib/tasks/multitenants.rake
+- lib/tasks/spam.rake
 - lib/tasks/storage.rake
 - lib/tasks/upgrade.rake
+- lib/tasks/users.rake
 - sig/decidim/cdtb.rbs
-homepage: http://github.com/CodiTramunana/cdtb
+homepage: https://github.com/CodiTramuntana/decidim-module-cdtb
 licenses:
 - MIT
 metadata:
-  homepage_uri: http://github.com/CodiTramunana/cdtb
-  source_code_uri: http://github.com/CodiTramunana/cdtb
-  changelog_uri: http://github.com/CodiTramunana/cdtb/CHANGELOG.md
+  homepage_uri: https://github.com/CodiTramuntana/decidim-module-cdtb
+  source_code_uri: https://github.com/CodiTramuntana/decidim-module-cdtb
+  changelog_uri: https://github.com/CodiTramuntana/decidim-module-cdtb/CHANGELOG.md
 post_install_message: 
 rdoc_options: []
 require_paths:

data/lib/tasks/cdtb.rake

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-require "decidim/cdtb/tasks"
-
-namespace :cdtb do
-  desc <<~EODESC
-    Fix Decidim::User's nicknames.
-  EODESC
-  task fix_nicknames: [:environment] do
-    fixer= ::Decidim::Cdtb::Fixes::NicknameFixer.new
-    fixer.execute!
-  end
-end