thredded 0.4.0 → 0.5.0

data/db/seeds.rb

@@ -15,8 +15,8 @@ module Thredded
     attr_reader :user, :users, :messageboard, :topics, :private_topics, :posts
 
     SKIP_CALLBACKS = [
-      [Thredded::Post, :commit, :after, :notify_at_users],
-      [Thredded::PrivatePost, :commit, :after, :notify_at_users],
+      [Thredded::Post, :commit, :after, :auto_follow_and_notify],
+      [Thredded::PrivatePost, :commit, :after, :notify_users],
     ].freeze
 
     def self.run(users: 200, topics: 55, posts: (1..60))
@@ -44,12 +44,12 @@ module Thredded
     end
 
     def create_first_user
-      @user ||= ::User.first || ::User.create(name: 'Joe', email: 'joe@example.com')
+      @user ||= ::User.first || FactoryGirl.create(:user, :approved, :admin, name: 'Joe', email: 'joe@example.com')
     end
 
-    def create_users(count: 5)
+    def create_users(count:)
       log "Creating #{count} users..."
-      @users = [user] + FactoryGirl.create_list(:user, count)
+      @users = [user] + FactoryGirl.create_list(:user, count, *(%i(approved) if rand > 0.1))
     end
 
     def create_messageboard

data/db/upgrade_migrations/20160429222452_upgrade_v0_3_to_v0_4.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
-
-class UpgradeV03ToV04 < ActiveRecord::Migration[5.0]
+class UpgradeV03ToV04 < ActiveRecord::Migration
   def up
     create_table :thredded_messageboard_groups do |t|
       t.string :name

data/db/upgrade_migrations/20160501151908_upgrade_v0_4_to_v0_5.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+# rubocop:disable Metrics/MethodLength
+class UpgradeV04ToV05 < ActiveRecord::Migration
+  def change
+    # Topic following
+    create_table :thredded_user_topic_follows do |t|
+      t.integer :user_id, null: false
+      t.integer :topic_id, null: false
+      t.datetime :created_at, null: false
+      t.integer :reason, limit: 1
+      t.index [:user_id, :topic_id], name: :thredded_user_topic_follows_user_topic, unique: true
+    end
+
+    # Moderation
+    change_table :thredded_posts, bulk: true do |t|
+      t.integer :moderation_state, null: false, default: 1
+      t.index [:moderation_state, :updated_at],
+              order: { updated_at: :asc },
+              name:  :index_thredded_posts_for_display
+    end
+    change_column_default :thredded_posts, :moderation_state, from: 1, to: nil
+
+    change_table :thredded_topics, bulk: true do |t|
+      t.integer :moderation_state, null: false, default: 1
+      t.index %i(moderation_state sticky updated_at),
+              order: { sticky: :desc, updated_at: :desc },
+              name:  :index_thredded_topics_for_display
+    end
+    change_column_default :thredded_topics, :moderation_state, from: 1, to: nil
+
+    change_table :thredded_user_details do |t|
+      t.integer :moderation_state, null: false, default: 1
+      t.timestamp :moderation_state_changed_at
+      t.index %i(moderation_state moderation_state_changed_at),
+              order: { moderation_state_changed_at: :desc },
+              name: :index_thredded_user_details_for_moderations
+    end
+    change_column_default :thredded_user_details, :moderation_state, from: 1, to: 0 # pending_moderation
+
+    create_table :thredded_post_moderation_records do |t|
+      t.references :post
+      t.references :messageboard
+      t.text :post_content, limit: 65_535
+      t.references :post_user
+      t.text :post_user_name
+      t.references :moderator
+      t.integer :moderation_state, null: false
+      t.integer :previous_moderation_state, null: false
+      t.timestamp :created_at, null: false
+      t.index [:messageboard_id, :created_at],
+              order: { created_at: :desc },
+              name:  :index_thredded_moderation_records_for_display
+    end
+  end
+end
+# rubocop:enable Metrics/MethodLength

data/heroku.gemfile.lock

@@ -1,6 +1,6 @@
 GIT
   remote: https://github.com/amatsuda/kaminari
-  revision: 9c44b6461f00471886caff921feea36f29dbb06d
+  revision: f93231e6e7624dde21b528726ec471029ffb8b02
   specs:
     kaminari (1.0.0.alpha)
       actionpack (>= 3.0.0)
@@ -17,7 +17,7 @@ GIT
 PATH
   remote: .
   specs:
-    thredded (0.4.0)
+    thredded (0.5.0)
       active_record_union (>= 1.1.1)
       autoprefixer-rails
       autosize-rails
@@ -86,7 +86,7 @@ GEM
       tzinfo (~> 1.1)
     addressable (2.4.0)
     arel (7.0.0)
-    autoprefixer-rails (6.3.6)
+    autoprefixer-rails (6.3.6.2)
       execjs
     autosize-rails (1.18.17)
       rails (>= 3.1)
@@ -109,7 +109,7 @@ GEM
     db_text_search (0.2.0)
       activerecord (>= 4.1.15, < 6.0)
     erubis (2.7.0)
-    execjs (2.6.0)
+    execjs (2.7.0)
     factory_girl (4.7.0)
       activesupport (>= 3.0.0)
     factory_girl_rails (4.7.0)
@@ -128,12 +128,12 @@ GEM
       nokogiri (>= 1.4)
     html-pipeline-vimeo (0.1.1)
       html-pipeline (~> 2.0)
-    html-pipeline-youtube (0.1.2)
+    html-pipeline-youtube (0.1.3)
       html-pipeline (~> 2.0)
     htmlentities (4.3.4)
     http_accept_language (2.0.5)
     i18n (0.7.0)
-    inline_svg (0.7.0)
+    inline_svg (0.8.0)
       activesupport (>= 4.0.4)
       loofah (>= 2.0)
       nokogiri (~> 1.6)
@@ -151,25 +151,27 @@ GEM
     mail (2.6.4)
       mime-types (>= 1.16, < 4)
     method_source (0.8.2)
-    mime-types (3.0)
+    mime-types (3.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2016.0221)
-    mini_portile2 (2.0.0)
-    minitest (5.8.4)
-    multi_json (1.12.0)
+    mime-types-data (3.2016.0521)
+    mini_portile2 (2.1.0)
+    minitest (5.9.0)
+    multi_json (1.12.1)
     newrelic_rpm (3.15.2.317)
     nio4r (1.2.1)
-    nokogiri (1.6.7.2)
-      mini_portile2 (~> 2.0.0.rc2)
+    nokogiri (1.6.8)
+      mini_portile2 (~> 2.1.0)
+      pkg-config (~> 1.1.7)
     nokogumbo (1.4.7)
       nokogiri
     pg (0.18.4)
+    pkg-config (1.1.7)
     puma (3.4.0)
     pundit (1.1.0)
       activesupport (>= 3.0.0)
     rack (2.0.0.rc1)
       json
-    rack-canonical-host (0.2.1)
+    rack-canonical-host (0.2.2)
       addressable (> 0, < 3)
       rack (>= 1.0.0, < 3)
     rack-test (0.6.3)
@@ -215,8 +217,8 @@ GEM
     rb-gravatar (1.0.5)
     ref (2.0.0)
     request_store (1.3.1)
-    rinku (1.7.3)
-    rollbar (2.11.3)
+    rinku (2.0.0)
+    rollbar (2.11.5)
       multi_json
     sanitize (4.0.1)
       crass (~> 1.0.2)
@@ -247,12 +249,12 @@ GEM
       ref
     thor (0.19.1)
     thread_safe (0.3.5)
-    tilt (2.0.3)
+    tilt (2.0.5)
     turbolinks (2.5.3)
       coffee-rails
     tzinfo (1.2.2)
       thread_safe (~> 0.1)
-    websocket-driver (0.6.3)
+    websocket-driver (0.6.4)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.2)
 

data/lib/generators/thredded/install/templates/initializer.rb

@@ -34,6 +34,9 @@ Thredded.moderator_column = :admin
 # The name of the admin flag column on the users table.
 Thredded.admin_column = :admin
 
+# Whether posts and topics pending moderation are visible to regular users.
+Thredded.content_visible_while_pending_moderation = true
+
 # This model can be customized further by overriding a handful of methods on the User model.
 # For more information, see app/models/thredded/user_extender.rb.
 
@@ -54,6 +57,18 @@ Thredded.admin_column = :admin
 # Set the layout for rendering the thredded views.
 Thredded.layout = 'thredded/application'
 
+# ==> Post Content Formatting
+# Customize the way Thredded handles post formatting.
+
+# Change the default html-pipeline filters used by thredded.
+# E.g. to remove BBCode support:
+# Thredded::ContentFormatter.pipeline_filters -= [HTML::Pipeline::BbcodeFilter]
+
+# Change the HTML sanitization settings used by Thredded.
+# See the Sanitize docs for more information on the underlying library: https://github.com/rgrove/sanitize/#readme
+# E.g. to allow a custom element <custom-element>:
+# Thredded::ContentFormatter.whitelist[:elements] += %w(custom-element)
+
 # ==> Error Handling
 # By default Thredded just renders a flash alert on errors such as Topic not found, or Login required.
 # Below is an example of overriding the default behavior on LoginRequired:

data/lib/html/pipeline/at_mention_filter.rb

@@ -4,15 +4,18 @@ require 'thredded/at_users'
 module HTML
   class Pipeline
     class AtMentionFilter < Filter
+      # @param context [Hash]
+      # @options context :users_provider [#call(usernames)] given usernames, returns a list of users.
       def initialize(text, context = nil, result = nil)
         super text, context, result
         @text = text.to_s.delete("\r")
-        @post = context[:post]
+        @users_provider = context[:users_provider]
         @view_context = context[:view_context]
       end
 
       def call
-        html = Thredded::AtUsers.render(@text, @post, @view_context)
+        return html unless @users_provider
+        html = Thredded::AtUsers.render(@text, @users_provider, @view_context)
         html.rstrip!
         html
       end

data/lib/thredded.rb

@@ -46,6 +46,9 @@ module Thredded
   # @return [Symbol] The name of the admin flag column on the users table for the default permissions model
   mattr_accessor :admin_column
 
+  # @return [Boolean] Whether posts that are pending moderation are visible to regular users.
+  mattr_accessor :content_visible_while_pending_moderation
+
   self.active_user_threshold = 5.minutes
   self.admin_column = :admin
   self.avatar_url = ->(user) { Gravatar.src(user.email, 128, 'mm') }
@@ -53,6 +56,7 @@ module Thredded
   self.layout = 'thredded/application'
   self.moderator_column = :admin
   self.user_name_column = :name
+  self.content_visible_while_pending_moderation = true
 
   # @return [Class<Thredded::UserExtender>] the user class from the host application.
   def self.user_class

data/lib/thredded/at_users.rb

@@ -1,11 +1,12 @@
 # frozen_string_literal: true
 module Thredded
   class AtUsers
-    def self.render(content, post, view_context)
+    # @param users_provider [#call(usernames)] given usernames, returns a list of users.
+    def self.render(content, users_provider, view_context)
       at_names = AtNotificationExtractor.new(content).run
 
       if at_names.any?
-        members = post.readers_from_user_names(at_names)
+        members = users_provider.call(at_names)
 
         members.each do |member|
           member_path = Thredded.user_path(view_context, member)

data/lib/thredded/content_formatter.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+module Thredded
+  # Generates HTML from content source.
+  class ContentFormatter
+    # Sanitization whitelist options.
+    mattr_accessor :whitelist
+
+    self.whitelist = HTML::Pipeline::SanitizationFilter::WHITELIST.deep_merge(
+      elements: HTML::Pipeline::SanitizationFilter::WHITELIST[:elements] + %w(iframe span figure figcaption),
+      transformers: HTML::Pipeline::SanitizationFilter::WHITELIST[:transformers] + [
+        lambda do |env|
+          node = env[:node]
+
+          a_tags = node.css('a')
+          a_tags.each do |a_tag|
+            a_tag['href'] ||= '#'
+            if a_tag['href'].starts_with? 'http'
+              a_tag['target'] = '_blank'
+              a_tag['rel']    = 'nofollow noopener'
+            end
+          end
+        end
+      ],
+      attributes:     {
+        'a'      => %w(href rel),
+        'iframe' => %w(src width height frameborder allowfullscreen sandbox seamless),
+        'span'   => %w(class),
+      },
+      add_attributes: {
+        'iframe' => {
+          'seamless' => 'seamless',
+          'sandbox'  => 'allow-same-origin allow-scripts allow-forms',
+        }
+      }
+    )
+
+    # HTML::Pipeline filters.
+    mattr_accessor :pipeline_filters
+
+    self.pipeline_filters = [
+      HTML::Pipeline::VimeoFilter,
+      HTML::Pipeline::YoutubeFilter,
+      HTML::Pipeline::BbcodeFilter,
+      HTML::Pipeline::MarkdownFilter,
+      HTML::Pipeline::SanitizationFilter,
+      HTML::Pipeline::AtMentionFilter,
+      HTML::Pipeline::EmojiFilter,
+      HTML::Pipeline::AutolinkFilter,
+    ].freeze
+
+    # @param view_context [Object] the context of the rendering view.
+    # @param pipeline_options [Hash]
+    def initialize(view_context, pipeline_options = {})
+      @view_context = view_context
+      @pipeline_options = pipeline_options
+    end
+
+    # @param content [String]
+    # @return [String] formatted and sanitized html-safe content.
+    def format_content(content)
+      pipeline = HTML::Pipeline.new(content_pipeline_filters, content_pipeline_options.merge(@pipeline_options))
+      result = pipeline.call(content, view_context: @view_context)
+      result[:output].to_s.html_safe
+    end
+
+    protected
+
+    # @return [Array<HTML::Pipeline::Filter]>]
+    def content_pipeline_filters
+      ContentFormatter.pipeline_filters
+    end
+
+    # @return [Hash] options for HTML::Pipeline.new
+    def content_pipeline_options
+      {
+        asset_root: Rails.application.config.action_controller.asset_host || '',
+        whitelist: ContentFormatter.whitelist
+      }
+    end
+  end
+end

data/lib/thredded/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module Thredded
-  VERSION = '0.4.0'
+  VERSION = '0.5.0'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: thredded
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Joel Oliveira
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-05-20 00:00:00.000000000 Z
+date: 2016-06-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bbcoder
@@ -626,6 +626,7 @@ files:
 - Procfile
 - README.mkdn
 - app/assets/images/thredded/breadcrumb-chevron.svg
+- app/assets/images/thredded/moderation.svg
 - app/assets/images/thredded/private-messages.svg
 - app/assets/images/thredded/settings.svg
 - app/assets/javascripts/thredded.es6
@@ -670,20 +671,24 @@ files:
 - app/assets/stylesheets/thredded/components/_topics.scss
 - app/assets/stylesheets/thredded/layout/_main-container.scss
 - app/assets/stylesheets/thredded/layout/_main-navigation.scss
+- app/assets/stylesheets/thredded/layout/_moderation.scss
 - app/assets/stylesheets/thredded/layout/_navigation.scss
 - app/assets/stylesheets/thredded/layout/_search-navigation.scss
 - app/assets/stylesheets/thredded/layout/_user-navigation.scss
 - app/assets/stylesheets/thredded/utilities/_is-compact.scss
 - app/assets/stylesheets/thredded/utilities/_is-expanded.scss
 - app/commands/thredded/at_notification_extractor.rb
+- app/commands/thredded/autofollow_mentioned_users.rb
 - app/commands/thredded/members_marked_notified.rb
 - app/commands/thredded/messageboard_destroyer.rb
-- app/commands/thredded/notify_mentioned_users.rb
+- app/commands/thredded/moderate_post.rb
+- app/commands/thredded/notify_following_users.rb
 - app/commands/thredded/notify_private_topic_users.rb
 - app/controllers/thredded/application_controller.rb
 - app/controllers/thredded/autocomplete_users_controller.rb
 - app/controllers/thredded/messageboard_groups_controller.rb
 - app/controllers/thredded/messageboards_controller.rb
+- app/controllers/thredded/moderation_controller.rb
 - app/controllers/thredded/post_permalinks_controller.rb
 - app/controllers/thredded/posts_controller.rb
 - app/controllers/thredded/preferences_controller.rb
@@ -697,17 +702,17 @@ files:
 - app/helpers/thredded/application_helper.rb
 - app/helpers/thredded/urls_helper.rb
 - app/jobs/thredded/activity_updater_job.rb
-- app/jobs/thredded/at_notifier_job.rb
+- app/jobs/thredded/auto_follow_and_notify_job.rb
 - app/jobs/thredded/notify_private_topic_users_job.rb
 - app/mailer_previews/thredded/base_mailer_preview.rb
 - app/mailer_previews/thredded/post_mailer_preview.rb
-- app/mailer_previews/thredded/private_post_mailer_preview.rb
 - app/mailer_previews/thredded/private_topic_mailer_preview.rb
 - app/mailers/thredded/base_mailer.rb
 - app/mailers/thredded/post_mailer.rb
-- app/mailers/thredded/private_post_mailer.rb
 - app/mailers/thredded/private_topic_mailer.rb
+- app/models/concerns/thredded/content_moderation_state.rb
 - app/models/concerns/thredded/friendly_id_reserved_words_and_pagination.rb
+- app/models/concerns/thredded/moderation_state.rb
 - app/models/concerns/thredded/post_common.rb
 - app/models/concerns/thredded/topic_common.rb
 - app/models/concerns/thredded/user_topic_read_state_common.rb
@@ -719,6 +724,7 @@ files:
 - app/models/thredded/null_user.rb
 - app/models/thredded/null_user_topic_read_state.rb
 - app/models/thredded/post.rb
+- app/models/thredded/post_moderation_record.rb
 - app/models/thredded/post_notification.rb
 - app/models/thredded/private_post.rb
 - app/models/thredded/private_topic.rb
@@ -739,6 +745,7 @@ files:
 - app/models/thredded/user_permissions/write/none.rb
 - app/models/thredded/user_preference.rb
 - app/models/thredded/user_private_topic_read_state.rb
+- app/models/thredded/user_topic_follow.rb
 - app/models/thredded/user_topic_read_state.rb
 - app/policies/thredded/messageboard_group_policy.rb
 - app/policies/thredded/messageboard_policy.rb
@@ -751,7 +758,9 @@ files:
 - app/view_models/thredded/post_view.rb
 - app/view_models/thredded/posts_page_view.rb
 - app/view_models/thredded/private_topic_view.rb
+- app/view_models/thredded/private_topics_page_view.rb
 - app/view_models/thredded/topic_email_view.rb
+- app/view_models/thredded/topic_posts_page_view.rb
 - app/view_models/thredded/topic_view.rb
 - app/view_models/thredded/topics_page_view.rb
 - app/views/layouts/thredded/application.html.erb
@@ -771,21 +780,27 @@ files:
 - app/views/thredded/messageboards/edit.html.erb
 - app/views/thredded/messageboards/index.html.erb
 - app/views/thredded/messageboards/new.html.erb
-- app/views/thredded/post_mailer/at_notification.html.erb
-- app/views/thredded/post_mailer/at_notification.text.erb
+- app/views/thredded/moderation/_post.html.erb
+- app/views/thredded/moderation/_post_moderation_actions.html.erb
+- app/views/thredded/moderation/_post_moderation_record.html.erb
+- app/views/thredded/moderation/history.html.erb
+- app/views/thredded/moderation/pending.html.erb
+- app/views/thredded/post_mailer/post_notification.html.erb
+- app/views/thredded/post_mailer/post_notification.text.erb
 - app/views/thredded/posts/_form.html.erb
 - app/views/thredded/posts/_post.html.erb
 - app/views/thredded/posts/_user.html.erb
 - app/views/thredded/posts/edit.html.erb
+- app/views/thredded/posts_common/_actions.html.erb
+- app/views/thredded/posts_common/_content.html.erb
 - app/views/thredded/posts_common/_form.html.erb
-- app/views/thredded/posts_common/_post.html.erb
+- app/views/thredded/posts_common/_header.html.erb
 - app/views/thredded/posts_common/form/_after_content.html.erb
 - app/views/thredded/posts_common/form/_before_content.html.erb
 - app/views/thredded/posts_common/form/_content_field.html.erb
 - app/views/thredded/preferences/_form.html.erb
 - app/views/thredded/preferences/_header.html.erb
 - app/views/thredded/preferences/edit.html.erb
-- app/views/thredded/private_post_mailer/at_notification.html.erb
 - app/views/thredded/private_posts/_form.html.erb
 - app/views/thredded/private_posts/_private_post.html.erb
 - app/views/thredded/private_topic_mailer/message_notification.html.erb
@@ -806,6 +821,7 @@ files:
 - app/views/thredded/shared/_header.html.erb
 - app/views/thredded/shared/_nav.html.erb
 - app/views/thredded/shared/_page.html.erb
+- app/views/thredded/shared/nav/_moderation.html.erb
 - app/views/thredded/shared/nav/_notification_preferences.html.erb
 - app/views/thredded/shared/nav/_private_topics.html.erb
 - app/views/thredded/shared/nav/_standalone.html.erb
@@ -832,6 +848,7 @@ files:
 - db/seeds.rb
 - db/upgrade_migrations/20160410111522_upgrade_v0_2_to_v0_3.rb
 - db/upgrade_migrations/20160429222452_upgrade_v0_3_to_v0_4.rb
+- db/upgrade_migrations/20160501151908_upgrade_v0_4_to_v0_5.rb
 - heroku.gemfile
 - heroku.gemfile.lock
 - lib/generators/thredded/install/USAGE
@@ -842,6 +859,7 @@ files:
 - lib/tasks/thredded_tasks.rake
 - lib/thredded.rb
 - lib/thredded/at_users.rb
+- lib/thredded/content_formatter.rb
 - lib/thredded/engine.rb
 - lib/thredded/errors.rb
 - lib/thredded/main_app_route_delegator.rb