Redstoner/redstoner.com
Archived
0
Fork 0
Code Issues Pull Requests 2 Wiki Activity

Compare commits

base: Redstoner:master
Branches Tags
Redstoner:master Redstoner:permission-and-message-improvements Redstoner:mastodon Redstoner:badge Redstoner:memory Redstoner:api Redstoner:pm
..
compare: Redstoner:badge
Branches Tags
Redstoner:master Redstoner:permission-and-message-improvements Redstoner:mastodon Redstoner:badge Redstoner:memory Redstoner:api Redstoner:pm

3 Commits
master ... badge

Author SHA1 Message Date
MrYummy
4d9d4a4dfc removed unneeded parentheses and text limits 2017-08-06 13:29:03 +02:00
MrYummy
626ba221e0 Removed swap file 2017-07-11 03:38:17 +02:00
MrYummy
0cebefa406 Added permissions to badges 2017-07-10 21:26:15 +02:00
73 changed files with 436 additions and 705 deletions
Expand all files Collapse all files

1
.gitattributes vendored
View File

@@ -1 +0,0 @@
public/* linguist-vendored

6
Gemfile
View File

@@ -7,17 +7,15 @@ gem 'jquery-rails'
gem 'bcrypt' # To use ActiveModel's has_secure_password
gem 'sanitize'
gem 'strip_attributes'
gem 'redcarpet'
gem 'redcarpet', '~> 3.2.3'
gem 'hirb' # pretty console output
gem 'rb-readline'
gem 'rest-client'
gem 'activerecord-session_store'
gem 'highlight_js-rails', github: 'RedstonerServer/highlight_js-rails'
gem 'kaminari', github: 'jomo/kaminari', branch: 'patch-2' # pagination
gem 'jquery-textcomplete-rails' # @mentions
gem 'jquery-textcomplete-rails', github: 'RedstonerServer/jquery-textcomplete-rails' # @mentions
gem 'actionpack-action_caching', github: 'antulik/actionpack-action_caching', ref: '8c6e52c69315d67437f480da5dce4b7c8737fb32'
gem 'mail-gpg', github: 'jomo/mail-gpg', ref: 'a666b48ee866dfa3eaa700f9c5edf4d195d0f8c9'
gem 'totp'
# Gems used only for assets and not required
# in production environments by default.

277
Gemfile.lock
View File

@@ -5,6 +5,15 @@ GIT
highlight_js-rails (8.4)
rails (>= 3.1.1)
GIT
remote: git://github.com/RedstonerServer/jquery-textcomplete-rails.git
revision: 8bf23af2d8fa1c5226c2b6889c7796adfe1f8772
specs:
jquery-textcomplete-rails (0.1.4)
coffee-rails (>= 3.2.0)
railties (>= 3.2.0)
sass-rails (>= 3.2.0)
GIT
remote: git://github.com/antulik/actionpack-action_caching.git
revision: 8c6e52c69315d67437f480da5dce4b7c8737fb32
@@ -22,235 +31,201 @@ GIT
actionpack (>= 3.0.0)
activesupport (>= 3.0.0)
GIT
remote: git://github.com/jomo/mail-gpg.git
revision: a666b48ee866dfa3eaa700f9c5edf4d195d0f8c9
ref: a666b48ee866dfa3eaa700f9c5edf4d195d0f8c9
specs:
mail-gpg (0.3.1)
gpgme (~> 2.0, >= 2.0.2)
mail (~> 2.5, >= 2.5.3)
GIT
remote: git://github.com/rails/rails.git
revision: 22aec58a2565a76e0f55d05d045b7a45715c5bb9
revision: 2c8f567e53580872d8c6dfe61201e58793ca131e
branch: 4-2-stable
specs:
actionmailer (4.2.10)
actionpack (= 4.2.10)
actionview (= 4.2.10)
activejob (= 4.2.10)
actionmailer (4.2.5.1)
actionpack (= 4.2.5.1)
actionview (= 4.2.5.1)
activejob (= 4.2.5.1)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 1.0, >= 1.0.5)
actionpack (4.2.10)
actionview (= 4.2.10)
activesupport (= 4.2.10)
actionpack (4.2.5.1)
actionview (= 4.2.5.1)
activesupport (= 4.2.5.1)
rack (~> 1.6)
rack-test (~> 0.6.2)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (4.2.10)
activesupport (= 4.2.10)
actionview (4.2.5.1)
activesupport (= 4.2.5.1)
builder (~> 3.1)
erubis (~> 2.7.0)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (4.2.10)
activesupport (= 4.2.10)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
activejob (4.2.5.1)
activesupport (= 4.2.5.1)
globalid (>= 0.3.0)
activemodel (4.2.10)
activesupport (= 4.2.10)
activemodel (4.2.5.1)
activesupport (= 4.2.5.1)
builder (~> 3.1)
activerecord (4.2.10)
activemodel (= 4.2.10)
activesupport (= 4.2.10)
activerecord (4.2.5.1)
activemodel (= 4.2.5.1)
activesupport (= 4.2.5.1)
arel (~> 6.0)
activesupport (4.2.10)
activesupport (4.2.5.1)
i18n (~> 0.7)
json (~> 1.7, >= 1.7.7)
minitest (~> 5.1)
thread_safe (~> 0.3, >= 0.3.4)
tzinfo (~> 1.1)
rails (4.2.10)
actionmailer (= 4.2.10)
actionpack (= 4.2.10)
actionview (= 4.2.10)
activejob (= 4.2.10)
activemodel (= 4.2.10)
activerecord (= 4.2.10)
activesupport (= 4.2.10)
rails (4.2.5.1)
actionmailer (= 4.2.5.1)
actionpack (= 4.2.5.1)
actionview (= 4.2.5.1)
activejob (= 4.2.5.1)
activemodel (= 4.2.5.1)
activerecord (= 4.2.5.1)
activesupport (= 4.2.5.1)
bundler (>= 1.3.0, < 2.0)
railties (= 4.2.10)
railties (= 4.2.5.1)
sprockets-rails
railties (4.2.10)
actionpack (= 4.2.10)
activesupport (= 4.2.10)
railties (4.2.5.1)
actionpack (= 4.2.5.1)
activesupport (= 4.2.5.1)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
GEM
remote: https://rubygems.org/
specs:
activerecord-session_store (1.1.1)
actionpack (>= 4.0)
activerecord (>= 4.0)
multi_json (~> 1.11, >= 1.11.2)
rack (>= 1.5.2, < 3)
railties (>= 4.0)
airbrussh (1.3.1)
sshkit (>= 1.6.1, != 1.7.0)
arel (6.0.4)
base32 (0.3.2)
bcrypt (3.1.12)
better_errors (2.5.0)
activerecord-session_store (0.1.2)
actionpack (>= 4.0.0, < 5)
activerecord (>= 4.0.0, < 5)
railties (>= 4.0.0, < 5)
arel (6.0.3)
bcrypt (3.1.10)
better_errors (2.1.1)
coderay (>= 1.0.0)
erubi (>= 1.0.0)
erubis (>= 2.6.6)
rack (>= 0.9.0)
binding_of_caller (0.8.0)
binding_of_caller (0.7.2)
debug_inspector (>= 0.0.1)
builder (3.2.3)
capistrano (3.11.0)
airbrussh (>= 1.0.0)
builder (3.2.2)
capistrano (3.4.0)
i18n
rake (>= 10.0.0)
sshkit (>= 1.9.0)
sshkit (~> 1.3)
capistrano-bundler (1.1.4)
capistrano (~> 3.1)
sshkit (~> 1.2)
capistrano-rails (1.1.8)
capistrano-rails (1.1.6)
capistrano (~> 3.1)
capistrano-bundler (~> 1.1)
capistrano-rbenv (2.1.4)
capistrano-rbenv (2.0.4)
capistrano (~> 3.1)
sshkit (~> 1.3)
choice (0.2.0)
coderay (1.1.2)
coffee-rails (4.2.2)
coderay (1.1.0)
coffee-rails (4.1.1)
coffee-script (>= 2.2.0)
railties (>= 4.0.0)
railties (>= 4.0.0, < 5.1.x)
coffee-script (2.4.1)
coffee-script-source
execjs
coffee-script-source (1.12.2)
concurrent-ruby (1.1.3)
crass (1.0.4)
debug_inspector (0.0.3)
domain_name (0.5.20180417)
coffee-script-source (1.10.0)
concurrent-ruby (1.0.0)
crass (1.0.2)
debug_inspector (0.0.2)
domain_name (0.5.25)
unf (>= 0.0.5, < 1.0.0)
erubi (1.7.1)
erubis (2.7.0)
execjs (2.7.0)
ffi (1.9.25)
globalid (0.4.1)
activesupport (>= 4.2.0)
gpgme (2.0.16)
mini_portile2 (~> 2.3)
execjs (2.6.0)
globalid (0.3.6)
activesupport (>= 4.1.0)
hirb (0.7.3)
http-cookie (1.0.3)
http-cookie (1.0.2)
domain_name (~> 0.5)
i18n (0.9.5)
concurrent-ruby (~> 1.0)
jquery-rails (4.3.3)
rails-dom-testing (>= 1, < 3)
i18n (0.7.0)
jquery-rails (4.1.0)
rails-dom-testing (~> 1.0)
railties (>= 4.2.0)
thor (>= 0.14, < 2.0)
jquery-textcomplete-rails (0.1.5)
coffee-rails (>= 3.2.0)
railties (>= 3.2.0)
sass-rails (>= 3.2.0)
kgio (2.11.2)
loofah (2.2.3)
crass (~> 1.0.2)
json (1.8.3)
kgio (2.10.0)
loofah (2.0.3)
nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
mime-types (3.2.2)
mime-types-data (~> 3.2015)
mime-types-data (3.2018.0812)
mini_mime (1.0.1)
mini_portile2 (2.3.0)
minitest (5.11.3)
multi_json (1.13.1)
mysql2 (0.5.2)
mail (2.6.3)
mime-types (>= 1.16, < 3)
mime-types (2.99)
mini_portile2 (2.0.0)
minitest (5.8.4)
mysql2 (0.4.2)
net-scp (1.2.1)
net-ssh (>= 2.6.5)
net-ssh (5.0.2)
net-ssh (3.0.2)
netrc (0.11.0)
nokogiri (1.8.5)
mini_portile2 (~> 2.3.0)
nokogumbo (2.0.1)
nokogiri (~> 1.8, >= 1.8.4)
rack (1.6.11)
nokogiri (1.6.7.2)
mini_portile2 (~> 2.0.0.rc2)
nokogumbo (1.4.7)
nokogiri
rack (1.6.4)
rack-test (0.6.3)
rack (>= 1.0)
rails-deprecated_sanitizer (1.0.3)
activesupport (>= 4.2.0.alpha)
rails-dom-testing (1.0.9)
activesupport (>= 4.2.0, < 5.0)
nokogiri (~> 1.6)
rails-dom-testing (1.0.7)
activesupport (>= 4.2.0.beta, < 5.0)
nokogiri (~> 1.6.0)
rails-deprecated_sanitizer (>= 1.0.1)
rails-erd (1.5.2)
rails-erd (1.4.5)
activerecord (>= 3.2)
activesupport (>= 3.2)
choice (~> 0.2.0)
ruby-graphviz (~> 1.2)
rails-html-sanitizer (1.0.4)
loofah (~> 2.2, >= 2.2.2)
raindrops (0.19.0)
rake (12.3.2)
rb-fsevent (0.10.3)
rb-inotify (0.9.10)
ffi (>= 0.5.0, < 2)
rb-readline (0.5.5)
redcarpet (3.4.0)
rest-client (2.0.2)
rails-html-sanitizer (1.0.3)
loofah (~> 2.0)
raindrops (0.15.0)
rake (10.5.0)
rb-readline (0.5.3)
redcarpet (3.2.3)
rest-client (1.8.0)
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 4.0)
netrc (~> 0.8)
ruby-graphviz (1.2.4)
sanitize (5.0.0)
mime-types (>= 1.16, < 3.0)
netrc (~> 0.7)
ruby-graphviz (1.2.2)
sanitize (4.0.1)
crass (~> 1.0.2)
nokogiri (>= 1.8.0)
nokogumbo (~> 2.0)
sass (3.7.2)
sass-listen (~> 4.0.0)
sass-listen (4.0.0)
rb-fsevent (~> 0.9, >= 0.9.4)
rb-inotify (~> 0.9, >= 0.9.7)
sass-rails (5.0.7)
railties (>= 4.0.0, < 6)
nokogiri (>= 1.4.4)
nokogumbo (~> 1.4.1)
sass (3.4.21)
sass-rails (5.0.4)
railties (>= 4.0.0, < 5.0)
sass (~> 3.1)
sprockets (>= 2.8, < 4.0)
sprockets-rails (>= 2.0, < 4.0)
tilt (>= 1.1, < 3)
sprockets (3.7.2)
sprockets (3.5.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
sprockets-rails (3.0.0)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
sshkit (1.18.0)
sqlite3 (1.3.11)
sshkit (1.8.1)
net-scp (>= 1.1.2)
net-ssh (>= 2.8.0)
strip_attributes (1.8.0)
activemodel (>= 3.0, < 6.0)
thor (0.20.3)
thread_safe (0.3.6)
tilt (2.0.8)
totp (1.0.0)
base32
tzinfo (1.2.5)
strip_attributes (1.7.1)
activemodel (>= 3.0, < 5.0)
thor (0.19.1)
thread_safe (0.3.5)
tilt (2.0.2)
tzinfo (1.2.2)
thread_safe (~> 0.1)
uglifier (4.1.20)
execjs (>= 0.3.0, < 3)
uglifier (2.7.2)
execjs (>= 0.3.0)
json (>= 1.8.0)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.5)
unicorn (5.4.1)
unf_ext (0.0.7.1)
unicorn (5.0.1)
kgio (~> 2.6)
rack
raindrops (~> 0.7)
webrick (1.4.2)
webrick (1.3.1)
PLATFORMS
ruby
@@ -267,24 +242,22 @@ DEPENDENCIES
highlight_js-rails!
hirb
jquery-rails
jquery-textcomplete-rails
jquery-textcomplete-rails!
kaminari!
mail-gpg!
mysql2
rails!
rails-erd
rb-readline
redcarpet
redcarpet (~> 3.2.3)
rest-client
sanitize
sass-rails
sqlite3
strip_attributes
totp
tzinfo-data
uglifier
unicorn
webrick
BUNDLED WITH
1.17.3
1.11.2

116
LICENSE.txt
View File

@@ -1,116 +0,0 @@
CC0 1.0 Universal
Statement of Purpose
The laws of most jurisdictions throughout the world automatically confer
exclusive Copyright and Related Rights (defined below) upon the creator and
subsequent owner(s) (each and all, an "owner") of an original work of
authorship and/or a database (each, a "Work").
Certain owners wish to permanently relinquish those rights to a Work for the
purpose of contributing to a commons of creative, cultural and scientific
works ("Commons") that the public can reliably and without fear of later
claims of infringement build upon, modify, incorporate in other works, reuse
and redistribute as freely as possible in any form whatsoever and for any
purposes, including without limitation commercial purposes. These owners may
contribute to the Commons to promote the ideal of a free culture and the
further production of creative, cultural and scientific works, or to gain
reputation or greater distribution for their Work in part through the use and
efforts of others.
For these and/or other purposes and motivations, and without any expectation
of additional consideration or compensation, the person associating CC0 with a
Work (the "Affirmer"), to the extent that he or she is an owner of Copyright
and Related Rights in the Work, voluntarily elects to apply CC0 to the Work
and publicly distribute the Work under its terms, with knowledge of his or her
Copyright and Related Rights in the Work and the meaning and intended legal
effect of CC0 on those rights.
1. Copyright and Related Rights. A Work made available under CC0 may be
protected by copyright and related or neighboring rights ("Copyright and
Related Rights"). Copyright and Related Rights include, but are not limited
to, the following:
i. the right to reproduce, adapt, distribute, perform, display, communicate,
and translate a Work;
ii. moral rights retained by the original author(s) and/or performer(s);
iii. publicity and privacy rights pertaining to a person's image or likeness
depicted in a Work;
iv. rights protecting against unfair competition in regards to a Work,
subject to the limitations in paragraph 4(a), below;
v. rights protecting the extraction, dissemination, use and reuse of data in
a Work;
vi. database rights (such as those arising under Directive 96/9/EC of the
European Parliament and of the Council of 11 March 1996 on the legal
protection of databases, and under any national implementation thereof,
including any amended or successor version of such directive); and
vii. other similar, equivalent or corresponding rights throughout the world
based on applicable law or treaty, and any national implementations thereof.
2. Waiver. To the greatest extent permitted by, but not in contravention of,
applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and
unconditionally waives, abandons, and surrenders all of Affirmer's Copyright
and Related Rights and associated claims and causes of action, whether now
known or unknown (including existing as well as future claims and causes of
action), in the Work (i) in all territories worldwide, (ii) for the maximum
duration provided by applicable law or treaty (including future time
extensions), (iii) in any current or future medium and for any number of
copies, and (iv) for any purpose whatsoever, including without limitation
commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes
the Waiver for the benefit of each member of the public at large and to the
detriment of Affirmer's heirs and successors, fully intending that such Waiver
shall not be subject to revocation, rescission, cancellation, termination, or
any other legal or equitable action to disrupt the quiet enjoyment of the Work
by the public as contemplated by Affirmer's express Statement of Purpose.
3. Public License Fallback. Should any part of the Waiver for any reason be
judged legally invalid or ineffective under applicable law, then the Waiver
shall be preserved to the maximum extent permitted taking into account
Affirmer's express Statement of Purpose. In addition, to the extent the Waiver
is so judged Affirmer hereby grants to each affected person a royalty-free,
non transferable, non sublicensable, non exclusive, irrevocable and
unconditional license to exercise Affirmer's Copyright and Related Rights in
the Work (i) in all territories worldwide, (ii) for the maximum duration
provided by applicable law or treaty (including future time extensions), (iii)
in any current or future medium and for any number of copies, and (iv) for any
purpose whatsoever, including without limitation commercial, advertising or
promotional purposes (the "License"). The License shall be deemed effective as
of the date CC0 was applied by Affirmer to the Work. Should any part of the
License for any reason be judged legally invalid or ineffective under
applicable law, such partial invalidity or ineffectiveness shall not
invalidate the remainder of the License, and in such case Affirmer hereby
affirms that he or she will not (i) exercise any of his or her remaining
Copyright and Related Rights in the Work or (ii) assert any associated claims
and causes of action with respect to the Work, in either case contrary to
Affirmer's express Statement of Purpose.
4. Limitations and Disclaimers.
a. No trademark or patent rights held by Affirmer are waived, abandoned,
surrendered, licensed or otherwise affected by this document.
b. Affirmer offers the Work as-is and makes no representations or warranties
of any kind concerning the Work, express, implied, statutory or otherwise,
including without limitation warranties of title, merchantability, fitness
for a particular purpose, non infringement, or the absence of latent or
other defects, accuracy, or the present or absence of errors, whether or not
discoverable, all to the greatest extent permissible under applicable law.
c. Affirmer disclaims responsibility for clearing rights of other persons
that may apply to the Work or any use thereof, including without limitation
any person's Copyright and Related Rights in the Work. Further, Affirmer
disclaims responsibility for obtaining any necessary consents, permissions
or other rights required for any use of the Work.
d. Affirmer understands and acknowledges that Creative Commons is not a
party to this document and has no duty or obligation with respect to this
CC0 or use of the Work.
For more information, please see
<http://creativecommons.org/publicdomain/zero/1.0/>

BIN
app/assets/images/discord.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 315 B

BIN
app/assets/images/mastodon.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 477 B

BIN
app/assets/images/tor.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 581 B

10
app/controllers/application_controller.rb
View File

@@ -1,6 +1,6 @@
class ApplicationController < ActionController::Base
protect_from_forgery
before_filter :update_ip, :update_seen, :check_banned, :check_2fa
before_filter :update_ip, :update_seen, :check_banned
# TODO: use SSL
@@ -41,14 +41,6 @@ class ApplicationController < ActionController::Base
end
end
def check_2fa
# Over complicated way of asking if the user is logged in as a mod without TOTP enabled while they are not on their login settings screen, logging out, or updating their login settings.
if current_user && current_user.mod? && !current_user.totp_enabled? && !(controller_name == "users" && action_name == "edit_login") && !(controller_name == "sessions" && action_name == "destroy") && !(controller_name == "users" && action_name == "update_login")
flash[:alert] = "Due to your staff rank, you are required to enable 2FA."
redirect_to :controller => "users", :action => "edit_login", :id => current_user.id
end
end
#roles
def disabled?

18
app/controllers/forumgroups_controller.rb
View File

@@ -19,6 +19,19 @@ class ForumgroupsController < ApplicationController
def update
if admin?
@group = Forumgroup.find(params[:id])
group_badges = Badgeassociation.where(forumgroup: @group)
["read-", "write-"].each_with_index do |p,i|
current_badges = group_badges.where(permission: i+1).pluck(:badge_id)
params.select{|k,v| k.start_with? p}.each do |k,v|
name = k.gsub(p, "")
if current_badges.include? (bid = Badge.find_by(name: name).id)
current_badges.delete bid
else
Badgeassociation.create!(badge: Badge.find_by(name: name), forumgroup: @group, permission: i+1)
end
end
current_badges.each {|b| Badgeassociation.find_by(badge_id: b, forumgroup: @group, permission: i+1).delete}
end
if @group.update_attributes(group_params)
flash[:notice] = "Forum group updated"
redirect_to @group
@@ -43,6 +56,11 @@ class ForumgroupsController < ApplicationController
def create
if admin?
@group = Forumgroup.new(group_params)
["read-", "write-"].each_with_index do |p,i|
params.select{|k,v| k.start_with? p}.each do |k,v|
Badgeassociation.create!(badge: Badge.find_by(name: k.gsub(p, "")), forumgroup: @group, permission: i+1)
end
end
if @group.save
flash[:notice] = "Forum group created."
redirect_to @group

20
app/controllers/forums_controller.rb
View File

@@ -35,6 +35,19 @@ class ForumsController < ApplicationController
def update
if admin?
forum_badges = Badgeassociation.where(forum: @forum)
["read-", "write-"].each_with_index do |p,i|
current_badges = forum_badges.where(permission: i+1).pluck(:badge_id)
params.select{|k,v| k.start_with? p}.each do |k,v|
name = k.gsub(p, "")
if current_badges.include? (bid = Badge.find_by(name: name).id)
current_badges.delete bid
else
Badgeassociation.create!(badge: Badge.find_by(name: name), forum: @forum, permission: i+1)
end
end
current_badges.each {|b| Badgeassociation.find_by(badge_id: b, forum: @forum, permission: i+1).delete}
end
if @forum.update_attributes(forum_params)
flash[:notice] = "Forum updated"
redirect_to @forum
@@ -50,6 +63,11 @@ class ForumsController < ApplicationController
def create
if admin?
@forum = Forum.new(forum_params([:forumgroup_id]))
["read-", "write-"].each_with_index do |p,i|
params.select{|k,v| k.start_with? p}.each do |k,v|
Badgeassociation.create!(badge: Badge.find_by(name: k.gsub(p, "")), forum: @forum, permission: i+1)
end
end
if @forum.save
flash[:notice] = "Forum created."
redirect_to @forum
@@ -89,7 +107,7 @@ class ForumsController < ApplicationController
end
def forum_params(add = [])
a = [:name, :position, :role_read_id, :role_write_id, :necro_length, :disable_deletion] + add
a = [:name, :position, :role_read_id, :role_write_id, :necro_length] + add
params.require(:forum).permit(a)
end
end

3
app/controllers/forumthreads_controller.rb
View File

@@ -10,7 +10,6 @@ class ForumthreadsController < ApplicationController
@threads = Forumthread.filter(current_user, params[:title].try(:slice, 0..255), params[:content].try(:slice, 0..255), params[:reply].try(:slice, 0..255), params[:label], User.find_by(ign: params[:author].to_s.strip) || params[:author], params[:query].try(:slice, 0..255), Forum.find_by(id: params[:forum]))
.page(params[:page]).per(30)
end
def show
if params[:reverse] == "true"
@replies = @thread.replies.order(id: :desc).page(params[:page])
@@ -73,7 +72,7 @@ class ForumthreadsController < ApplicationController
end
def destroy
if mod? || (@thread.author.is?(current_user) && !@thread.forum.disable_deletion)
if mod? || @thread.author.is?(current_user)
if @thread.destroy
flash[:notice] = "Thread deleted!"
else

6
app/controllers/sessions_controller.rb
View File

@@ -21,10 +21,6 @@ class SessionsController < ApplicationController
flash[:alert] = "Your account has been disabled!"
elsif user.banned?
flash[:alert] = "You are banned!"
elsif user.totp_enabled && !TOTP.valid?(user.totp_secret, params[:totp_code].to_i)
flash[:alert] = "You're doing it wrong!"
render action: 'new'
return
else
session[:user_id] = user.id
flash[:notice] = "Logged in!"
@@ -114,4 +110,4 @@ class SessionsController < ApplicationController
redirect_to login_path
end
end
end
end

27
app/controllers/statics_controller.rb
View File

@@ -17,29 +17,8 @@ class StaticsController < ApplicationController
end
def online
@players = []
@count = 0
begin
json = JSON.parse(File.read("/etc/minecraft/info/players.json"))
rescue
flash.now[:alert] = "The server is currently offline."
else
case json["dataFormat"]
when "v1"
@players = json["players"].collect!{ |p| User.find_by(uuid: p["UUID"].tr("-", "")) or User.new(name: p["name"], ign: p["name"], uuid: p["UUID"].tr("-", ""), role: Role.get("normal"), badge: Badge.get("none"), confirmed: true) }
@count = json["amount"]
when "v2"
json["players"].reject{|p| !mod? && p["vanished"] == "true"}.each do |p|
@players.push(User.find_by(uuid: p["UUID"].tr("-", "")) || User.new(name: p["name"], ign: p["name"], uuid: p["UUID"].tr("-", ""), role: Role.get("normal"), badge: Badge.get("none"), confirmed: true))
end
@count = @players.count
else
flash.now[:alert] = "The server is using an incompatible data format. We are aware of this issue and are most likely already working on it."
end
@players.sort_by!(&:role).reverse!
end
end
def privacy
json = JSON.parse(File.read("/etc/minecraft/redstoner/plugins/JavaUtils/players.json"))
@players = json["players"].collect!{ |p| User.find_by(uuid: p["UUID"].tr("-", "")) or User.new(name: p["name"], ign: p["name"], uuid: p["UUID"].tr("-", ""), role: Role.get("normal"), badge: Badge.get("none"), confirmed: true) }.sort_by!(&:role).reverse!
@count = json["amount"]
end
end

42
app/controllers/users_controller.rb
View File

@@ -10,18 +10,12 @@ class UsersController < ApplicationController
role = Role.find_by(name: params[:role])
badge = Badge.find_by(name: params[:badge])
@users = User.search(params[:search], role, badge, params.include?(:staff), params.include?(:donor))
@users = User.search(params[:search], role, badge, params.include?(:staff))
@count = @users.size
@users = @users.page(params[:page]).per(100)
end
def show
begin
@ban_json = JSON.parse(File.read("/etc/minecraft/info/banned-players.json")).detect {|u| u["uuid"].tr("-", "") == @user.uuid}
rescue
flash.now[:alert] = "An error occured while checking if this user is banned from the server!"
@ban_json = nil
end
end
# SIGNUP
@@ -87,12 +81,6 @@ class UsersController < ApplicationController
@user.uuid = user_profile["id"]
@user.ign = user_profile["name"] # correct case
if User.find_by(uuid: @user.uuid)
flash[:alert] = "You already have a Redstoner account associated with this Minecraft account. Please log in instead."
redirect_to login_path
return
end
if validate_token(@user.uuid, @user.email, params[:registration_token])
destroy_token(params[:email])
@user.last_ip = request.remote_ip # showing in mail
@@ -149,14 +137,9 @@ class UsersController < ApplicationController
def update
if (mod? && current_user.role >= @user.role ) || (@user.is?(current_user) && confirmed?)
if mod?
userdata = user_params([:name, :discord, :youtube, :twitter, :about, :role, :badge, :confirmed, :header_scroll, :utc_time, :dark])
userdata = user_params([:name, :skype, :skype_public, :youtube, :twitter, :about, :role, :badge, :confirmed, :header_scroll, :utc_time, :dark])
else
userdata = user_params([:name, :discord, :youtube, :twitter, :about, :header_scroll, :utc_time, :dark])
end
if User.find_by(name: userdata[:name]) && User.find_by(name: userdata[:name]) != @user
flash[:alert] = "You have entered a name that belongs to someone else. Please try another."
redirect_to edit_user_path(@user)
return
userdata = user_params([:name, :skype, :skype_public, :youtube, :twitter, :about, :header_scroll, :utc_time, :dark])
end
if userdata[:role]
role = Role.get(userdata[:role])
@@ -235,11 +218,6 @@ class UsersController < ApplicationController
unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
flash[:alert] = "You are not allowed to edit this user's login details!"
redirect_to @user
return
end
if !@user.totp_enabled
@user.update(totp_secret: TOTP.secret)
end
end
@@ -262,18 +240,6 @@ class UsersController < ApplicationController
@user.email_token = SecureRandom.hex(16) if mail_changed
@user.confirmed = !mail_changed
if params[:user][:totp_enabled] == "1" && !@user.totp_enabled
if TOTP.valid?(@user.totp_secret, params[:totp_code].to_i)
@user.totp_enabled = true
else
flash[:alert] = "Wrong TOTP code!"
render action: "edit_login"
return
end
elsif params[:user][:totp_enabled] == "0" && @user.totp_enabled
@user.totp_enabled = false
end
# checking here for password so we can send back changes to the view
if authenticated
if @user.save
@@ -381,7 +347,7 @@ class UsersController < ApplicationController
end
def user_params(add = [])
a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention, :public_key, :totp_code] + add
a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention] + add
params.require(:user).permit(a)
end
end

1
app/helpers/users_helper.rb
View File

@@ -51,4 +51,5 @@ module UsersHelper
return nil
end
end
end

34
app/mailers/redstoner_mailer.rb
View File

@@ -1,8 +1,8 @@
class RedstonerMailer < ActionMailer::Base
add_template_helper(ApplicationHelper)
default from: "\"Redstoner\" <noreply@redstoner.com>"
default reply_to: "staff@redstoner.com"
default from: "info@redstoner.com"
default reply_to: "redstonerserver+website@gmail.com"
def register_mail(user, uses_mc_pass)
@user = user
@@ -19,49 +19,29 @@ class RedstonerMailer < ActionMailer::Base
def new_thread_mention_mail(user, thread)
@user = user
@thread = thread
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "#{thread.author.name} mentioned you in '#{thread.title}' on Redstoner")
end
mail(to: @user.email, subject: "#{thread.author.name} mentioned you in '#{thread.title}' on Redstoner")
end
def new_thread_reply_mail(user, reply)
@user = user
@reply = reply
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "#{reply.author.name} replied to '#{reply.thread.title}' on Redstoner")
end
mail(to: @user.email, subject: "#{reply.author.name} replied to '#{reply.thread.title}' on Redstoner")
end
def new_post_mention_mail(user, post)
@user = user
@post = post
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "#{post.author.name} mentioned you in '#{post.title}' on Redstoner")
end
mail(to: @user.email, subject: "#{post.author.name} mentioned you in '#{post.title}' on Redstoner")
end
def new_post_comment_mail(user, comment)
@user = user
@comment = comment
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "#{comment.author.name} replied to '#{comment.blogpost.title}' on Redstoner")
end
mail(to: @user.email, subject: "#{comment.author.name} replied to '#{comment.blogpost.title}' on Redstoner")
end
def email_change_confirm_mail(user)
@user = user
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "Email change on Redstoner.com")
end
mail(to: @user.email, subject: "Email change on Redstoner.com")
end
end

1
app/models/badge.rb
View File

@@ -1,6 +1,7 @@
class Badge < ActiveRecord::Base
include Comparable
has_many :users
has_and_belongs_to_many :forums
def self.get (input)
if input.is_a?(String) || input.is_a?(Symbol)

7
app/models/badgeassociation.rb Normal file
View File

@@ -0,0 +1,7 @@
class Badgeassociation < ActiveRecord::Base
belongs_to :badge
belongs_to :forum
belongs_to :forumgroup
end

2
app/models/blogpost.rb
View File

@@ -8,8 +8,6 @@ class Blogpost < ActiveRecord::Base
belongs_to :user_editor, class_name: "User", foreign_key: "user_editor_id"
has_many :comments, :dependent => :destroy
accepts_nested_attributes_for :comments
validates_length_of :title, in: 5..255
validates_length_of :content, in: 5..20000
def author
@author ||= if self.user_author.present?

9
app/models/forum.rb
View File

@@ -1,10 +1,13 @@
class Forum < ActiveRecord::Base
belongs_to :forumgroup
has_many :forumthreads
has_many :badgeassociations
has_many :badges, through: :badgeassociations
belongs_to :role_read, class_name: "Role", foreign_key: "role_read_id"
belongs_to :role_write, class_name: "Role", foreign_key: "role_write_id"
has_and_belongs_to_many :labels
validates_length_of :name, in: 4..30
def to_s
name
@@ -19,11 +22,11 @@ class Forum < ActiveRecord::Base
end
def can_read?(user)
group && group.can_read?(user) && (role_read.nil? || (!user.nil? && user.role >= role_read))
group && group.can_read?(user) && (role_read.nil? || (!user.nil? && user.role >= role_read) || Badgeassociation.find_by(badge: user.badge, forum: self, permission: 1))
end
def can_write?(user)
group.can_write?(user) && (role_write.nil? || (!user.nil? && user.role >= role_write))
group.can_write?(user) && (role_write.nil? || (!user.nil? && user.role >= role_write || Badgeassociation.find_by(badge: user.badge, forum: self, permission: 2)))
end
def can_view?(user)

9
app/models/forumgroup.rb
View File

@@ -4,21 +4,22 @@ class Forumgroup < ActiveRecord::Base
belongs_to :role_write, class_name: "Role", foreign_key: "role_write_id"
accepts_nested_attributes_for :forums
has_many :badgeassociations
has_many :badges, through: :badgeassociations
validates_presence_of :name, :position
validates_length_of :name, in: 4..20
validates_length_of :name, in: 2..20
def to_s
name
end
def can_read?(user)
role_read.nil? || (!user.nil? && user.role >= role_read)
role_read.nil? || (!user.nil? && user.role >= role_read) || Badgeassociation.find_by(badge: user.badge, forumgroup: self, permission: 1)
end
def can_write?(user)
!user.nil? && user.confirmed? && (role_write.nil? || user.role >= role_write)
!user.nil? && user.confirmed? && (role_write.nil? || user.role >= role_write) || Badgeassociation.find_by(badge: user.badge, forumgroup: self, permission: 2)
end
def can_view?(user)

3
app/models/forumthread.rb
View File

@@ -11,7 +11,6 @@ class Forumthread < ActiveRecord::Base
validates_presence_of :title, :author, :forum
validates_presence_of :content
validates_length_of :title, in: 5..255
validates_length_of :content, in: 5..20000
accepts_nested_attributes_for :threadreplies
@@ -87,7 +86,7 @@ class Forumthread < ActiveRecord::Base
.joins("LEFT JOIN roles as forumgroup_role_read ON forumgroups.role_read_id = forumgroup_role_read.id")
.joins("LEFT JOIN roles as forumgroup_role_write ON forumgroups.role_write_id = forumgroup_role_write.id")
threads = threads.where("forumthreads.user_author_id = ? OR (#{can_read}) OR (#{sticky_can_write})", user_id, role_value, role_value, role_value, role_value)
threads = threads.where("forumthreads.user_author_id = ? OR (#{can_read}) OR (#{sticky_can_write}) OR (?)", user_id, role_value, role_value, role_value, role_value, Forum.find(forum).can_read?(user))
if query
threads = threads.where("#{match[2]}", query[0..99], query[0..99])
elsif [title, content, reply].any?

2
app/models/threadreply.rb
View File

@@ -43,7 +43,7 @@ class Threadreply < ActiveRecord::Base
unless old_content.present?
posts.each do |post|
# don't send mail to the author of this reply, don't send to banned/disabled users
if post.author != author && post.author.normal? && post.author.confirmed? && thread.can_read?(post.author)
if post.author != author && post.author.normal? && post.author.confirmed? # &&
users << post.author if post.author.mail_other_thread_reply?
end
end

9
app/models/user.rb
View File

@@ -21,9 +21,6 @@ class User < ActiveRecord::Base
validates :email, uniqueness: {case_sensitive: false}, format: {with: /\A.+@(.+\..{2,}|\[(IPv6)?[0-9a-f:.]+\])\z/i, message: "That doesn't look like an email address."}
validates :ign, uniqueness: {case_sensitive: false}, format: {with: /\A[a-z\d_]+\z/i, message: "Username is invalid (a-z, 0-9, _)."}
validates :discord, uniqueness: {case_sensitive: false}, format: {with: /\A^(?!everyone|here|discordtag|.*```.*)([^@#:]{2,32}#[0-9]{4})$\z/i, message: "Discord name is invalid."}, allow_blank: true
validates :public_key, format: {with: /\A(-----BEGIN PGP PUBLIC KEY BLOCK-----((.|\n)*?)-----END PGP PUBLIC KEY BLOCK-----)?\z/i, message: "That doesn't look like a PGP formatted public key."}
has_many :blogposts
has_many :comments
@@ -169,7 +166,7 @@ class User < ActiveRecord::Base
self.ign.strip! if self.ign
self.email.strip! if self.email
self.about.strip! if self.about
self.discord.strip! if self.discord
self.skype.strip! if self.skype
self.youtube.strip! if self.youtube
self.twitter.strip! if self.twitter
end
@@ -178,14 +175,12 @@ class User < ActiveRecord::Base
self.email_token ||= SecureRandom.hex(16)
end
def self.search (search, role, badge, staff, donor)
def self.search (search, role, badge, staff)
users = User.joins(:role)
if role
users = users.where(role: role)
elsif staff
users = users.where("roles.value >= ?", Role.get(:mod).to_i)
elsif donor
users = users.where("badge_id = ? OR badge_id = ?", Badge.get(:donor), Badge.get(:donorplus))
end
users = users.where(badge: badge) if badge
if search

8
app/views/blogposts/edit.html.erb
View File

@@ -1,10 +1,10 @@
<% title "Edit Post: #{@post.title}" %>
<% title "Edit News: #{@post.title}" %>
<h1>Edit Post: #{@post.title}</h1>
<h1>Edit post</h1>
<%= form_for @post do |f|%>
<%= f.text_field :title %>
<%= render partial: "md_editor", locals: {name: "blogpost[content]", content: @post.content} %>
<p><%= f.submit "Update Post", class: "btn blue left" %></p>
<% end %>
<p><%= button_to "Delete Post", @post, method: "delete", data: {confirm: "Delete post & comments forever?"}, class: "btn red right" %></p>
<div class="clear"></div>
<p><%= button_to "Delete post", @post, method: "delete", data: {confirm: "Delete post & comments forever?"}, class: "btn red right" %></p>
<div class="clear"></div>

2
app/views/blogposts/index.html.erb
View File

@@ -1,7 +1,7 @@
<% title "News" %>
<h1>News</h1>
<%= link_to 'New Post', new_blogpost_path, class: "btn blue" if mod? %>
<%= link_to 'Make new Post', new_blogpost_path, class: "btn blue" if mod? %>
<div id="posts">
<% @posts.each do |p| %>
<div class="item-group with-avatar" id="post-<%= p.id %>">

4
app/views/comments/_new.html.erb
View File

@@ -1,5 +1,5 @@
<h3>New Comment</h3>
<h3>New comment</h3>
<%= form_for [@post, @comment] do |f| %>
<%= render partial: "md_editor", locals: {name: "comment[content]", content: @comment.content} %>
<p><%= f.submit class: "btn blue" %></p>
<% end %>
<% end %>

6
app/views/comments/edit.html.erb
View File

@@ -1,10 +1,10 @@
<% title "Edit Comment: #{@comment.blogpost.title}" %>
<h1>Edit Comment</h1>
<h1>Edit comment</h1>
<%= form_for [@comment.blogpost, @comment] do |f| %>
<%= render partial: "md_editor", locals: {name: "comment[content]", content: @comment.content} %>
<p><%= f.submit "Update Comment", class: "btn blue left" %></p>
<% end %>
<p><%= button_to "Delete Comment", [@comment.blogpost, @comment] , method: "delete", data: {confirm: "Delete comment forever?"}, class: "btn red right" %></p>
<div class="clear"></div>
<p><%= button_to "Delete comment", [@comment.blogpost, @comment] , method: "delete", data: {confirm: "Delete comment forever?"}, class: "btn red right" %></p>
<div class="clear"></div>

20
app/views/forumgroups/edit.html.erb
View File

@@ -29,12 +29,28 @@
<td><%= f.label :role_read_id, "Min. read role" %></td>
<td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
</tr>
<tr>
<td><b>Badges with read permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "read-#{b}", nil, Badgeassociation.find_by(badge: b, forumgroup: @group, permission: 1) %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :role_write_id, "Min. write role" %></td>
<td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
</tr>
<tr>
<td><b>Badges with write permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "write-#{b}", nil, Badgeassociation.find_by(badge: b, forumgroup: @group, permission: 2) %>
<% end %>
</td>
</tr>
</table>
<p><%= f.submit "Update Group", class: "btn blue left" %></p>
<p><%= f.submit "Update group", class: "btn blue left" %></p>
<% end %>
<p><%= button_to "Delete Group", @group, :method => "delete", data: {confirm: "Delete group?\nForums + Threads will not be accessible!"}, class: "btn red right" %></p>
<p><%= button_to "Delete group", @group, :method => "delete", data: {confirm: "Delete group?\nForums + Threads will not be accessible!"}, class: "btn red right" %></p>
<div class="clear"></div>

20
app/views/forumgroups/new.html.erb
View File

@@ -1,6 +1,6 @@
<% title "New Forum: #{@group.name}" %>
<h1>New Forum Group</h1>
<h1>New forum group</h1>
<% role_selection = Role.all_from_to(:normal, :admin).collect{|p|[p.name, p.id]} %>
<%= form_for @group do |f|%>
<table>
@@ -16,11 +16,27 @@
<td><%= f.label :role_read_id, "Min. read role" %></td>
<td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
</tr>
<tr>
<td><b>Badges with read permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "read-#{b}" %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :role_write_id, "Min. write role" %></td>
<td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
</tr>
<tr>
<td><b>Badges with write permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "write-#{b}" %>
<% end %>
</td>
</tr>
</table>
<p><%= f.submit "Create Group", class: "btn blue left" %></p>
<p><%= f.submit "Create group", class: "btn blue left" %></p>
<div class="clear"></div>
<% end %>

24
app/views/forums/edit.html.erb
View File

@@ -17,20 +17,32 @@
<td><%= f.label :role_read_id, "Min. read role" %></td>
<td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
</tr>
<tr>
<td><b>Badges with read permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "read-#{b}", nil, Badgeassociation.find_by(badge: b, forum: @forum, permission: 1) %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :role_write_id, "Min. write role" %></td>
<td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
</tr>
<tr>
<td><b>Badges with write permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "write-#{b}", nil, Badgeassociation.find_by(badge: b, forum: @forum, permission: 2) %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :necro_length, "Necropost warning delay (in days)" %></td>
<td><%= f.number_field :necro_length, placeholder: "Warning Delay (leave blank for no warning)" %></td>
</tr>
<tr>
<td><%= f.label :disable_deletion, "Disable deletion of threads for non-staff" %></td>
<td><%= f.check_box :disable_deletion %></td>
</tr>
</table>
<p><%= f.submit "Update Forum", class: "btn blue left" %></p>
<p><%= f.submit "Update forum", class: "btn blue left" %></p>
<% end %>
<p><%= button_to "Delete Forum", @forum, method: "delete", data: {confirm: "Delete forum forever?\nThreads won't be accessible!"}, class: "btn red right" %></p>
<p><%= button_to "Delete forum", @forum, method: "delete", data: {confirm: "Delete forum forever?\nThreads won't be accessible!"}, class: "btn red right" %></p>
<div class="clear"></div>

2
app/views/forums/index.html.erb
View File

@@ -1,6 +1,6 @@
<% title "Forums" %>
<%= link_to "Search All Threads", forumthreads_path, class: "btn blue right" %>
<%= link_to "All threads", forumthreads_path, class: "btn blue right" %>
<br>
<div id="forum_groups">
<% @groups.each do |group| %>

22
app/views/forums/new.html.erb
View File

@@ -17,20 +17,32 @@
<td><%= f.label :role_read_id, "Min. read role" %></td>
<td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
</tr>
<tr>
<td><b>Badges with read permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "read-#{b}" %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :role_write_id, "Min. write role" %></td>
<td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
</tr>
<tr>
<td><b>Badges with write permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "write-#{b}" %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :necro_length, "Necropost warning delay (in days)" %></td>
<td><%= f.number_field :necro_length, placeholder: "Warning Delay (leave blank for no warning)" %></td>
</tr>
<tr>
<td><%= f.label :disable_deletion %></td>
<td><%= f.check_box :disable_deletion %></td>
</tr>
</table>
<%= f.hidden_field :forumgroup_id %>
<p><%= f.submit "Create Forum", class: "btn blue left" %></p>
<p><%= f.submit "Create forum", class: "btn blue left" %></p>
<div class="clear"></div>
<% end %>

19
app/views/forums/show.atom.builder
View File

@@ -1,19 +0,0 @@
atom_feed do |feed|
feed.title @forum.name + "'s Latest Threads"
feed.updated Time.now
@threads.limit(10).each do |thread|
unless thread.sticky?
feed.entry thread do |entry|
entry.updated thread.updated_at
entry.author do |a|
a.name thread.author.name
a.uri user_url(thread.author)
end
entry.url forumthread_url(thread)
entry.title thread.title
entry.content render_md(thread.content).html_safe, :type => 'html'
end
end
end
end

2
app/views/forums/show.html.erb
View File

@@ -6,7 +6,7 @@
</h1>
<% if @forum.can_write?(current_user) %>
<p>
<%= link_to "New Thread", new_forumthread_path(forum: @forum), class: "btn blue" %>
<%= link_to "New thread", new_forumthread_path(forum: @forum), class: "btn blue" %>
</p>
<% end %>

12
app/views/forumthreads/edit.html.erb
View File

@@ -11,9 +11,7 @@
end
%>
<% forum = Forum.find(@thread.forum_id) %>
<h1>Edit Thread</h1>
<h1>Edit thread</h1>
<%= link_to @thread.forum.group, forumgroup_path(@thread.forum.group) %> → <%= link_to @thread.forum, @thread.forum %> → <%= link_to @thread, @thread %> → Edit thread
<%= form_for @thread do |f|%>
<table>
@@ -37,9 +35,7 @@
<%= f.text_field :title, placeholder: "Title" %>
</div>
<%= render partial: "md_editor", locals: {name: "forumthread[content]", content: @thread.content} %>
<p><%= f.submit "Update Thread", class: "btn blue left" %></p>
<p><%= f.submit "Update thread", class: "btn blue left" %></p>
<% end %>
<% if mod? || !forum.disable_deletion %>
<%= button_to "Delete Thread", @thread, :method => "delete", data: {confirm: "Delete thread & comments forever?"}, class: "btn red right" %>
<% end %>
<div class="clear"></div>
<%= button_to "Delete thread", @thread, :method => "delete", data: {confirm: "Delete thread & comments forever?"}, class: "btn red right" %>
<div class="clear"></div>

6
app/views/forumthreads/index.html.erb
View File

@@ -10,14 +10,14 @@
if params[:forum]
text = "forum '#{Forum.find(params[:forum]).name}'"
if params_list.except(:forum).any?
text = "Search Results in #{text} (#{@threads.total_count})"
text = "Search results in #{text} (#{@threads.total_count})"
else
text = text.capitalize
end
elsif params_list.any?
text = "Search Results (#{@threads.total_count})"
text = "Search results (#{@threads.total_count})"
else
text = "All Threads"
text = "All threads"
end
%>
<%= title text %>

6
app/views/forumthreads/new.html.erb
View File

@@ -8,7 +8,7 @@
%>
<%= link_to @thread.forum.group, forumgroup_path(@thread.forum.group) %> → <%= link_to @thread.forum, @thread.forum %> → New thread
<h1>New Thread</h1>
<h1>New thread</h1>
<%= form_for @thread do |f|%>
<table>
<% if mod? %>
@@ -30,6 +30,6 @@
</div>
<%= render partial: "md_editor", locals: {name: "forumthread[content]", content: @thread.content} %>
<%= f.hidden_field :forum_id %>
<p><%= f.submit "Create Thread", class: "btn blue left" %></p>
<p><%= f.submit "Create thread", class: "btn blue left" %></p>
<div class="clear"></div>
<% end %>
<% end %>

13
app/views/layouts/_footer.html.erb
View File

@@ -13,12 +13,11 @@
<% end %> |
<%= link_to "https://twitter.com/RedstonerServer", title: "Redstoner on Twitter" do %>
Twitter <%= image_tag("twitter.png") %>
<% end %> |
<%= link_to "https://mstdn.io/@RedstonerServer", title: "Redstoner on Mastodon" do %>
Mastodon <%= image_tag("mastodon.png") %>
<% end %> |
<%= link_to "https://discord.gg/QjfcPEJ", title: "Redstoner's Official Discord" do %>
Discord <%= image_tag("discord.png") %>
<% end %>
<% if current_user %>
| <%= link_to "/slack/?" + {mail: current_user.try(:email)}.to_param do %>
Join us on <img src="/slack/badge.svg" alt="Slack">
<% end %>
<% end %>
</div>
</div>
</div>

2
app/views/layouts/application.html.erb
View File

@@ -10,7 +10,7 @@
<% end %>
<%= csrf_meta_tags %>
<%= favicon_link_tag "favicon.ico" %>
<%= javascript_include_tag "https://cdn.jsdelivr.net/gh/jomo/ago.js@0.0.1/ago.min.js", crossorigin: :anonymous, integrity: "sha256-xw0JUUdbuZQCVO+QScoxrlEsD4nZGCjMRh9PP8GLhcY=" %>
<%= javascript_include_tag "https://cdn.rawgit.com/jomo/ago.js/v0.0.1/ago.min.js", crossorigin: :anonymous, integrity: "sha256-xw0JUUdbuZQCVO+QScoxrlEsD4nZGCjMRh9PP8GLhcY=" %>
<%= javascript_include_tag "application" %>
<link type="application/atom+xml" rel="alternate" href="<%= blogposts_path(:atom) %>">
<%= yield(:site_headers) %>

8
app/views/redstoner_mailer/email_change_confirm_mail.html.erb
View File

@@ -13,7 +13,7 @@
</div>
<p></p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game.</p>
<p>Your Redstoner team</p>
</div>
@@ -25,9 +25,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:staff@redstoner.com", style: "text-decoration: none; color: #4096EE;" %>
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

8
app/views/redstoner_mailer/new_post_comment_mail.html.erb
View File

@@ -14,7 +14,7 @@
%>
<p><%= link_to "Click here", blogpost_url(@comment.blogpost, page: page) + "#comment-#{@comment.id}", style: "text-decoration: none; color: #4096EE;" %> to view the blog post.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>Your Redstoner team</p>
</div>
@@ -24,9 +24,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:staff@redstoner.com", style: "text-decoration: none; color: #4096EE;" %>
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

8
app/views/redstoner_mailer/new_post_mention_mail.html.erb
View File

@@ -10,7 +10,7 @@
<p><%= link_to "Click here", blogpost_url(@post), style: "text-decoration: none; color: #4096EE;" %> to view the blog post.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>Your Redstoner team</p>
</div>
@@ -21,9 +21,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:staff@redstoner.com", style: "text-decoration: none; color: #4096EE;" %>
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

8
app/views/redstoner_mailer/new_thread_mention_mail.html.erb
View File

@@ -11,7 +11,7 @@
<p><%= link_to "Click here", forumthread_url(@thread), style: "text-decoration: none; color: #4096EE;" %> to view the thread.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>Your Redstoner team</p>
</div>
@@ -23,9 +23,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:staff@redstoner.com", style: "text-decoration: none; color: #4096EE;" %>
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

8
app/views/redstoner_mailer/new_thread_reply_mail.html.erb
View File

@@ -15,7 +15,7 @@
%>
<p><%= link_to "Click here", forumthread_url(@reply.thread, page: page) + "#reply-#{@reply.id}", style: "text-decoration: none; color: #4096EE;" %> to view the thread.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>Your Redstoner team</p>
</div>
@@ -26,8 +26,8 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:staff@redstoner.com", style: "text-decoration: none; color: #4096EE;" %>
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>

8
app/views/redstoner_mailer/register_mail.html.erb
View File

@@ -25,7 +25,7 @@
</div>
<p></p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game.</p>
<p>Your Redstoner team</p>
</div>
@@ -37,9 +37,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:staff@redstoner.com", style: "text-decoration: none; color: #4096EE;" %>
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

14
app/views/sessions/new.html.erb
View File

@@ -1,6 +1,6 @@
<% title "Log In" %>
<% title "Log in" %>
<h1>Log In</h1>
<h1>Log in</h1>
<p>Not a member? <%= link_to "Join us", signup_path %>!</p>
<%= form_tag login_path do |f| %>
<table>
@@ -16,14 +16,6 @@
<td></td>
<td><%= link_to "Lost your password?", lost_password_users_path %></td>
</tr>
<tr>
<td><%= label_tag :totp_code %></td>
<td><%= text_field_tag :totp_code, nil, placeholder: "123456", required: false %></td>
</tr>
<tr>
<td></td>
<td>Leave this field blank if you do not have 2FA enabled.</td>
</tr>
</table>
<p><%= submit_tag "Log in", class: "btn blue" %></p>
<% end %>
<% end %>

8
app/views/statics/donate.html.erb
View File

@@ -1,4 +1,3 @@
<% title "Donate" %>
<h1>Donate</h1>
<p>Running a server is really stressful and requires a lot of work.<br>
@@ -12,14 +11,13 @@
<li>Donator+ ($20 or more)
</ul>
<p>We also have a <%= link_to "list of users who donated", users_path(donor: "") %> already!</p>
<p>We also have <%= link_to "list of users who donated", users_path(badge: "donor") %> already!</p>
<h3>Perks for you</h3>
<p>For <i>Donator</i> and <i>Donator+</i></p>
<ul>
<li>The warm feeling of donating for a good thing, plus a huge "<b>thank you</b>"!
<li>You can have a nickname. See <%= link_to "our nickname guidelines", info_path("12-nickname-guidelines") %>
<li>You can chat in <font color="red">color</font> in-game.</i>
<li>A "$" next to your name <i>(Including website)</i>
<li><i>Donator+</i> has access to the in-game command <code>/lol id</code></li>
</ul>
@@ -27,11 +25,11 @@
<div class="donations">
<div class="donation">
<div class="left">
<img src="https://crafatar.com/renders/body/d2693e91-93e1-4e3f-929f-f38e1ce8df03?overlay=true&scale=3" alt="sponsor's skin" class="body">
<img src="<%= image_url("anonymous_skin.png") %>" alt="sponsor's skin" class="body">
</div>
<div>
<h1>Donate to our server sponsor</h1>
<h4>Pepich1851 pays for the server hardware. You can help him by donating here.</h4>
<h4>They pay for our server, but prefer to stay anonymous</h4>
<form target="_blank" method="post" action="https://www.paypal.com/cgi-bin/webscr">
<% if current_user %>
<input name="custom" type="hidden" placeholder="Your Minecraft name" value="<%= current_user.ign %>">

41
app/views/statics/privacy.html.erb
View File

@@ -1,41 +0,0 @@
<% title "Privacy Policy" %>
<h1>Privacy Policy</h1>
<p>Please note that this privacy policy is not legally binding. It is simply a reference intended to inform you about what is done with your information. Also, this privacy policy only applies to the Redstoner website and forums. The Minecraft server will have its own privacy policy at some point.</p>
<h2>How your information is stored and protected</h2>
<p>Everything on the website is stored in a database, to which access is strictly limited. Only users of the administrator rank or former administrators who are well known and are trusted by the rest of the current administrators may access the database. Offsite backups of this data are made daily only to the network and servers of at least one current administrator via an encrypted SSH connection.</p>
<p>Passwords are stored using the bcrypt algorithm. Plaintext passwords are never logged or stored anywhere.</p>
<p>The website code is <%= link_to "open source", "https://github.com/RedstonerServer/redstoner.com" %> and undergoes heavy testing and review before it is deployed to ensure no exploitable bugs or backdoors make it onto the production server.</p>
<p>All connections to our website are automatically forced to be made over HTTPS to ensure your data is protected while in transit. We maintain <%= link_to "good TLS paramters", "https://www.ssllabs.com/ssltest/analyze.html?d=redstoner.com" %> and also employ other techniques to ensure secure connections such as <%= link_to "being on the HSTS preload list", "https://hstspreload.org/?domain=redstoner.com" %> and OCSP stapling.</p>
<h2>Information we collect</h2>
<p>This information is needed in order for your account to be created:</p>
<ul>
<li>Your Minecraft account's IGN and UUID.</li>
<li>Your email address.</li>
<li>A unique password.</li>
</ul>
<p>This information is optional and is obtained only if you provide it:</p>
<ul>
<li>Your Skype username.</li>
<li>Your YouTube channel ID.</li>
<li>Your Twitter username.</li>
</ul>
<p>This information is also collected, however does not affect your Redstoner account directly:</p>
<ul>
<li>Your IP address.</li>
</ul>
<h2>How your information is used and who it is visible to</h2>
<ul>
<li><b>Minecraft account IGN and UUID</b> - This is used to link your Minecraft account with your Redstoner account. Anyone can see these.</li>
<li><b>Your email address</b> - This is used to send you email notifications about forums activity that you are involved in. These notifications can be disabled in your account settings. This is also used to perform a password reuse check, which is explained in more detail below. Only users of the moderator rank or higher can see your email address.</li>
<li><b>Your password</b> - This is used to authenticate you. This too is used to perform a password reuse check. The plaintext version is visible to no one, but the hashed version is visible only to users of the administrator rank or higher.</li>
<li><b>Your Skype username</b> - This is used to add a link to your profile that allows others to easily contact you over Skype. Anyone can see this.</li>
<li><b>Your YouTube channel</b> - This is used to add a link to your profile that allows others to easily find your YouTube channel. Anyone can see this.</li>
<li><b>Your Twitter username</b> - This is used to add a link to your profile that allows others to easily contact you over Twitter. Anyone can see this.</li>
<li><b>Your IP address</b> - This is used to help us identify and ban troublemakers from our forums. Only users of the moderator rank and above can see this.</li>
</ul>
<h2>Password reuse check</h2>
<p>When you first sign up on our website, we use your email address and password to check if you are reusing your password with your Mojang account. This is done by attempting to log into Mojang's server using this information. If it succeeds, then your confirmation email will contain a note warning you not to reuse your password. <b>The information used to perform this check is never used to actually take over your Minecraft account. In fact, we can't because your password is hashed after the check and is totally unusable to us. If you get this warning not to reuse your password, it is still highly recommended that you change your password for your Mojang account and also use a password manager.</b></p>
<h2>Who your information is shared with</h2>
<p>We do not share your information with any third parties. The only time we will release information is if we are legally required to.</p>
<hr>
<p><sup>This privacy policy was last revised October 31, 2017.</sup></p>

8
app/views/threadreplies/edit.html.erb
View File

@@ -1,4 +1,4 @@
<% title "Edit Reply: #{@reply.thread.title}" %>
<% title "Edit Thread Reply: #{@reply.thread.title}" %>
<%
position = @reply.thread.replies.order(:id).index(@reply)
@@ -6,10 +6,10 @@
%>
<%= link_to @reply.thread.forum.group, forumgroup_path(@reply.thread.forum.group) %> → <%= link_to @reply.thread.forum, @reply.thread.forum %> → <%= link_to @reply.thread, forumthread_path(@reply.thread, page: page) + "#reply-#{@reply.id}" %> → Edit reply
<h1>Edit Reply</h1>
<h1>Edit reply</h1>
<%= form_for [@reply.thread, @reply] do |f| %>
<%= render partial: "md_editor", locals: {name: "threadreply[content]", content: @reply.content} %>
<p><%= f.submit "Reply", class: "btn blue left" %></p>
<% end %>
<p><%= button_to "Delete Reply", [@reply.thread, @reply], method: "delete", data: {confirm: "Delete reply forever?"}, class: "btn red right" %></p>
<div class="clear"></div>
<p><%= button_to "Delete reply", [@reply.thread, @reply], method: "delete", data: {confirm: "Delete reply forever?"}, class: "btn red right" %></p>
<div class="clear"></div>

4
app/views/users/change_password.html.erb
View File

@@ -1,10 +1,10 @@
<% title "Change Password" %>
<h1>Change Password</h1>
<h1>Change password</h1>
<%= form_for @user do |f| %>
<%= f.text_field :current_password %>
<%= f.text_field :email %>
<%= f.text_field :password %>
<%= f.text_field :password_confirmation %>
<% end %>
<% end %>

20
app/views/users/edit.html.erb
View File

@@ -7,7 +7,7 @@
%>
<%= link_to @user.name, @user %> → Edit
<h1>Edit Profile</h1>
<h1>Edit profile</h1>
<%= form_for @user do |f| %>
<table>
@@ -43,9 +43,15 @@
</tr>
<% end %>
<tr>
<td>Discord username</td>
<td>Skype username</td>
<td>
<%= f.text_field :discord, placeholder: "Discord username", disabled: !can_edit? %>
<%= f.text_field :skype, placeholder: "Skype username", disabled: !can_edit? %>
</td>
</tr>
<tr>
<td>Show Skype to</td>
<td>
<%= f.select :skype_public, [["Staff only", false], ["All users", true]], {}, { disabled: !can_edit? } %>
</td>
</tr>
<tr>
@@ -69,11 +75,11 @@
</tbody>
</table>
<p><%= f.submit "Save Profile", class: "btn variable-size left", disabled: (!@user.confirmed? && @user.is?(current_user)) %></p>
<p><%= f.submit "Save profile", class: "btn variable-size left", disabled: (!@user.confirmed? && @user.is?(current_user)) %></p>
<p>
<%= link_to "Login Settings", edit_login_user_path(@user), class: "btn variable-size right" %>
<%= link_to "Notification Settings", edit_notifications_user_path(@user), class: "btn variable-size right" %>
<%= link_to "Website Settings", edit_website_settings_user_path(@user), class: "btn variable-size right" %>
<%= link_to "Edit login details", edit_login_user_path(@user), class: "btn variable-size right" %>
<%= link_to "Notification settings", edit_notifications_user_path(@user), class: "btn variable-size right" %>
<%= link_to "Website settings", edit_website_settings_user_path(@user), class: "btn variable-size right" %>
</p>
<div class="clear"></div>

45
app/views/users/edit_login.html.erb
View File

@@ -1,7 +1,7 @@
<% title "Edit Login Credentials: #{@user.name}" %>
<%= link_to @user.name, @user %> → Edit Login settings
<h1>Edit Login Settings</h1>
<%= link_to @user.name, @user %> → Edit Login credentials
<h1>Edit Login credentials</h1>
<%= form_for @user, url: update_login_user_path(@user), method: :put do |f| %>
@@ -25,51 +25,14 @@
<%= f.password_field :password_confirmation %>
</td>
</tr>
</tbody>
</table>
<hr>
<table>
<tbody>
<tr>
<td>2FA Enabled</td>
<td>
<%= f.check_box :totp_enabled %>
</td>
</tr>
<tr>
<td>TOTP Secret</td>
<td>
<% if !@user.totp_enabled? %>
<%= f.text_field :totp_secret, :readonly => true %>
<% else %>
<i>2FA is currently enabled. Disable 2FA to generate a new secret.</i>
<% end %>
</td>
</tr>
</tbody>
</table>
<hr>
<table>
<tbody>
<tr>
<td>Current password</td>
<td>
<%= password_field_tag :current_password, nil, disabled: !@user.is?(current_user) %>
</td>
</tr>
<% if !@user.totp_enabled? %>
<tr>
<td>TOTP Code</td>
<td>
<%= text_field_tag :totp_code, nil, disabled: !@user.is?(current_user) %>
</td>
</tr>
<tr>
<td></td>
<td><i>Leave this field blank if you are not enabling 2FA.</i></td>
<% end %>
</tbody>
</table>
<p><%= f.submit "Save Changes", class: "btn blue left" %></p>
<p><%= f.submit "Save changes", class: "btn blue left" %></p>
<div class="clear"></div>
<% end %>
<% end %>

7
app/views/users/edit_notifications.html.erb
View File

@@ -45,9 +45,6 @@
</tr>
</tbody>
</table>
<h3>Public Key</h1>
<p>All notification emails will be encrypted with this key if you supply it.</p>
<%= f.text_area :public_key, placeholder: "-----BEGIN PGP PUBLIC KEY BLOCK-----" %>
<p><%= f.submit "Save Changes", class: "btn blue left" %></p>
<p><%= f.submit "Save changes", class: "btn blue left" %></p>
<div class="clear"></div>
<% end %>
<% end %>

8
app/views/users/edit_website_settings.html.erb
View File

@@ -8,7 +8,7 @@
<table>
<tbody>
<tr>
<td>Header moves with scrolling</td>
<td>Header moves with scrolling (Experimental - do not report bugs)</td>
<td>
<%= f.check_box :header_scroll %>
</td>
@@ -20,13 +20,15 @@
</td>
</tr>
<tr>
<td>Dark theme</td>
<td>Dark theme*</td>
<td>
<%= f.check_box :dark %>
</td>
</tr>
</tbody>
</table>
<p><%= f.submit "Save Changes", class: "btn blue left" %></p>
<p><%= f.submit "Save changes", class: "btn blue left" %></p>
<div class="clear"></div>
<% end %>
<br><br><br>
*Warning: If as a result to enabling this style your eyes get infected with a severe case of eye cancer, we are not reliable for any damage. Please contact your doctor in advance to ensure that in case of infection you will be treated accordingly. Quality theme brought to you by Redempt™.

2
app/views/users/index.html.erb
View File

@@ -14,8 +14,6 @@
text = "All '#{params[:role]}' and '#{params[:badge]}' users"
elsif params.include?(:staff)
text = "All staff"
elsif params.include?(:donor)
text = "All donors"
else
text = "All users"
end

8
app/views/users/lost_password.html.erb
View File

@@ -1,6 +1,6 @@
<% title "Reset Password" %>
<% title "Reset password" %>
<h1>Reset Password</h1>
<h1>Reset password</h1>
<p>You lost your password? Don't do that!</p>
<p>Luckily for you, you can reset your password. Please use the command <code>/gettoken &lt;your email address&gt;</code>, then fill in the form below:</p>
<%= form_tag reset_password_users_path do |f| %>
@@ -22,5 +22,5 @@
<td><%= password_field_tag :new_password, nil, placeholder: "secret", required: true, pattern: ".{8,}", title: "minimum 8 characters", "x-moz-errormessage" => "minimum 8 characters" %></td>
</tr>
</table>
<p><%= submit_tag "Reset Password", class: "btn blue" %></p>
<% end %>
<p><%= submit_tag "Reset password", class: "btn blue" %></p>
<% end %>

6
app/views/users/new.html.erb
View File

@@ -1,6 +1,6 @@
<% title "Sign Up" %>
<% title "Sign up" %>
<h1>Sign Up</h1>
<h1>Sign up</h1>
<%= form_for @user do |f| %>
<table>
@@ -38,7 +38,7 @@
You can find more details in our info page about <a href="/info/15">tokens and website registration</a>.
</p>
<%= f.submit "Sign Up", class: "btn blue" %>
<%= f.submit "Sign up", class: "btn blue" %>
<p>Contact us ingame if you have problems signing up!</p>
<% end %>

36
app/views/users/show.html.erb
View File

@@ -15,17 +15,15 @@
<h1><%= @user.name %></h1>
<div class="clear"></div>
<% if @ban_json && (@ban_json["expires"] == "forever" || !(DateTime.parse(@ban_json["expires"]) <= DateTime.now)) %>
<span class="user-banned">This user is banned on the server for "<%=@ban_json["reason"]%>"<%=" until #{@ban_json["expires"]}" unless @ban_json["expires"] == "forever"%></span>
<% end %>
<% if @user.banned? %>
<span class="user-banned">This user is banned on the website!</span>
<span class="user-banned">This user is banned!</span>
<% end %>
<br>
<% if !@user.confirmed? %>
<% if @user.is?(current_user) || mod? %>
<span class="user-unconfirmed">Please confirm your email <u><%= @user.email %></u> !</span>
<%= button_to "Resend the confirmation mail", resend_mail_user_path, class: "btn blue", form_class: "inline-block", data: {confirm: "Did you check your spam folder?"} %>
<%= button_to "Resend the confirmation mail", resend_mail_user_path, class: "btn dark", form_class: "inline-block", data: {confirm: "Did you check your spam folder?"} %>
<% else %>
<span class="user-unconfirmed">This user hasn't confirmed their email yet!</span>
<% end %>
@@ -54,10 +52,10 @@
<td><b>Role</b></td>
<td><%= link_to @user.role, users_path(:role => @user.role.name) %></td>
</tr>
<% if current_user && !@user.discord.blank? %>
<% if current_user && !@user.skype.blank? && (@user.skype_public || current_user == @user || mod?) %>
<tr>
<td><b>Discord</b></td>
<td><%= @user.discord %></td>
<td><b>Skype</b></td>
<td><%= link_to @user.skype, "skype:#{@user.skype}?chat", target: "_blank" %></a></td>
</tr>
<% end %>
<% if !@user.youtube.blank? && !@user.youtube_channelname.blank? %>
@@ -82,16 +80,6 @@
<td><b>Joined</b></td>
<td><%= ago @user.created_at %></td>
</tr>
<tr>
<td><b>Last seen</b></td>
<td>
<% if @user.last_seen %>
<%= ago @user.last_seen %>
<% else %>
Never
<% end %>
</td>
</tr>
<% if mod? || @user.is?(current_user) %>
<tr>
<td><b>Last IP</b></td>
@@ -101,6 +89,16 @@
<td><b>Email</b></td>
<td><%= mail_to @user.email, @user.email, :subject => "Redstoner" %></td>
</tr>
<tr>
<td><b>Last seen</b></td>
<td>
<% if @user.last_seen %>
<%= ago @user.last_seen %>
<% else %>
Never
<% end %>
</td>
</tr>
<% end %>
</tbody>
</table>

8
config/deploy.rb
View File

@@ -1,5 +1,5 @@
# config valid only for current version of Capistrano
lock '3.11.0'
lock '3.4.0'
set :repo_url, 'https://github.com/RedstonerServer/redstoner.com'
@@ -13,9 +13,9 @@ set :default_environment, {
set :keep_releases, 5
set :deploy_to, -> { "/var/www/#{fetch(:application)}" }
set :deploy_to, -> { "/home/www-data/apps/#{fetch(:application)}" }
set :rbenv_ruby, '2.5.0-dev'
set :rbenv_ruby, '2.0.0-p648'
set :bundle_without, %w{development test}.join(' ')
@@ -24,4 +24,4 @@ set :linked_dirs, fetch(:linked_dirs, []).push('bin', 'log', 'tmp/pids', 'tmp/ca
namespace :deploy do
after :publishing, :restart
end
end

12
config/environments/development.rb
View File

@@ -37,12 +37,12 @@ Redstoner::Application.configure do
}
config.action_mailer.smtp_settings = {
address: ENV["SMTP_ADDRESS"],
port: ENV["SMTP_PORT"],
domain: "redstoner.com",
authentication: ENV["SMTP_AUTH"],
user_name: ENV["SMTP_USERNAME"],
password: ENV["SMTP_PASSWORD"],
address: "smtp.gmail.com",
port: 587,
domain: "google.com",
authentication: "plain",
user_name: "redstonerserver@gmail.com",
password: ENV["GMAIL_PASSWORD"],
}
end

12
config/environments/production.rb
View File

@@ -71,12 +71,12 @@ Redstoner::Application.configure do
}
config.action_mailer.smtp_settings = {
address: ENV["SMTP_ADDRESS"],
port: ENV["SMTP_PORT"],
domain: "redstoner.com",
authentication: ENV["SMTP_AUTH"],
user_name: ENV["SMTP_USERNAME"],
password: ENV["SMTP_PASSWORD"],
address: "smtp.gmail.com",
port: 587,
domain: "google.com",
authentication: "plain",
user_name: "redstonerserver@gmail.com",
password: ENV["GMAIL_PASSWORD"],
}
end

1
config/routes.rb
View File

@@ -9,7 +9,6 @@ Redstoner::Application.routes.draw do
get 'donate'
get 'home'
get 'online'
get 'privacy'
get 'index'
end
end

6
config/unicorn.rb
View File

@@ -3,8 +3,8 @@ timeout 15
preload_app true
stderr_path "/var/www/redstoner/shared/log/unicorn.stderr.log"
stdout_path "/var/www/redstoner/shared/log/unicorn.stdout.log"
stderr_path "/home/www-data/apps/redstoner/shared/log/unicorn.stderr.log"
stdout_path "/home/www-data/apps/redstoner/shared/log/unicorn.stdout.log"
before_fork do |server, worker|
Signal.trap 'TERM' do
@@ -23,4 +23,4 @@ after_fork do |server, worker|
defined?(ActiveRecord::Base) and
ActiveRecord::Base.establish_connection
end
end

6
db/migrate/20170708011014_remove_skype_visibility_from_users.rb
View File

@@ -1,6 +0,0 @@
class RemoveSkypeVisibilityFromUsers < ActiveRecord::Migration
def change
remove_column :users, :skype_public
User.update_all skype: nil
end
end

10
db/migrate/20170710141543_create_badgeassociations.rb Normal file
View File

@@ -0,0 +1,10 @@
class CreateBadgeassociations < ActiveRecord::Migration
def change
create_table :badgeassociations do |t|
t.references :badge
t.references :forum
t.references :forumgroup
t.integer :permission #1 = read, 2 = write
end
end
end

5
db/migrate/20171013001146_add_public_key_to_users.rb
View File

@@ -1,5 +0,0 @@
class AddPublicKeyToUsers < ActiveRecord::Migration
def change
add_column :users, :public_key, :text
end
end

6
db/migrate/20180606223258_add_totp_to_users.rb
View File

@@ -1,6 +0,0 @@
class AddTotpToUsers < ActiveRecord::Migration
def change
add_column :users, :totp_secret, :string
add_column :users, :totp_enabled, :boolean, default: false
end
end

5
db/migrate/20190222152220_drop_forums_labels.rb
View File

@@ -1,5 +0,0 @@
class DropForumsLabels < ActiveRecord::Migration
def change
drop_table :forums_labels
end
end

6
db/migrate/20190222152638_remove_skype_add_discord_from_users.rb
View File

@@ -1,6 +0,0 @@
class RemoveSkypeAddDiscordFromUsers < ActiveRecord::Migration
def change
remove_column :users, :skype
add_column :users, :discord, :string
end
end

5
db/migrate/20190224093907_disable_deletion_forums.rb
View File

@@ -1,5 +0,0 @@
class DisableDeletionForums < ActiveRecord::Migration
def change
add_column :forums, :disable_deletion, :boolean
end
end

28
db/schema.rb
View File

@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20190224093907) do
ActiveRecord::Schema.define(version: 20170703003647) do
create_table "badges", force: :cascade do |t|
t.string "name", limit: 191
@@ -46,13 +46,17 @@ ActiveRecord::Schema.define(version: 20190224093907) do
end
create_table "forums", force: :cascade do |t|
t.string "name", limit: 255
t.integer "position", limit: 4
t.integer "role_read_id", limit: 4
t.integer "role_write_id", limit: 4
t.integer "forumgroup_id", limit: 4
t.integer "necro_length", limit: 4
t.boolean "disable_deletion", default: false
t.string "name", limit: 255
t.integer "position", limit: 4
t.integer "role_read_id", limit: 4
t.integer "role_write_id", limit: 4
t.integer "forumgroup_id", limit: 4
t.integer "necro_length", limit: 4
end
create_table "forums_labels", id: false, force: :cascade do |t|
t.integer "forum_id", limit: 4
t.integer "label_id", limit: 4
end
create_table "forumthreads", force: :cascade do |t|
@@ -130,6 +134,8 @@ ActiveRecord::Schema.define(version: 20190224093907) do
t.string "email", limit: 191
t.text "about", limit: 65535
t.string "last_ip", limit: 255
t.string "skype", limit: 255
t.boolean "skype_public", default: false
t.string "youtube", limit: 255
t.string "youtube_channelname", limit: 255
t.string "twitter", limit: 255
@@ -148,16 +154,12 @@ ActiveRecord::Schema.define(version: 20190224093907) do
t.boolean "utc_time", default: false
t.boolean "header_scroll", default: false
t.boolean "dark", default: false
t.text "public_key", limit: 65535
t.string "totp_secret", limit: 255
t.boolean "totp_enabled", default: false
t.string "discord", limit: 191
end
add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree
add_index "users", ["ign"], name: "index_users_on_ign", unique: true, using: :btree
add_index "users", ["name"], name: "index_users_on_name", unique: true, using: :btree
add_index "users", ["discord"], name: "index_users_on_discord", unique: true, using: :btree
add_index "users", ["skype"], name: "index_users_on_skype", unique: true, using: :btree
add_index "users", ["twitter"], name: "index_users_on_twitter", unique: true, using: :btree
add_index "users", ["uuid"], name: "index_users_on_uuid", unique: true, using: :btree
add_index "users", ["youtube"], name: "index_users_on_youtube", unique: true, using: :btree

5
db/seeds.rb
View File

@@ -32,7 +32,8 @@ deleted_user = User.create!(
password_confirmation: userpw,
role: Role.get(:disabled),
badge: Badge.get(:none),
discord: "echo123#9804",
skype: "echo123",
skype_public: true,
last_ip: "0.0.0.0",
confirmed: true,
last_seen: Time.utc(0).to_datetime,
@@ -40,4 +41,4 @@ deleted_user = User.create!(
utc_time: false,
dark: false
)
deleted_user.update_attribute(:ign, "Steve")
deleted_user.update_attribute(:ign, "Steve")