Redstoner/redstoner.com
Archived
0
Fork 0
Code Issues Pull Requests 2 Wiki Activity

Compare commits

base: Redstoner:permission-and-message-improvements
Branches Tags
Redstoner:master Redstoner:permission-and-message-improvements Redstoner:mastodon Redstoner:badge Redstoner:memory Redstoner:api Redstoner:pm
..
compare: Redstoner:badge
Branches Tags
Redstoner:master Redstoner:permission-and-message-improvements Redstoner:mastodon Redstoner:badge Redstoner:memory Redstoner:api Redstoner:pm

3 Commits
permission ... badge

Author SHA1 Message Date
MrYummy
4d9d4a4dfc removed unneeded parentheses and text limits 2017-08-06 13:29:03 +02:00
MrYummy
626ba221e0 Removed swap file 2017-07-11 03:38:17 +02:00
MrYummy
0cebefa406 Added permissions to badges 2017-07-10 21:26:15 +02:00
48 changed files with 265 additions and 395 deletions
Expand all files Collapse all files

1
Gemfile
View File

@@ -16,7 +16,6 @@ gem 'highlight_js-rails', github: 'RedstonerServer/highlight_js-rails'
gem 'kaminari', github: 'jomo/kaminari', branch: 'patch-2' # pagination
gem 'jquery-textcomplete-rails', github: 'RedstonerServer/jquery-textcomplete-rails' # @mentions
gem 'actionpack-action_caching', github: 'antulik/actionpack-action_caching', ref: '8c6e52c69315d67437f480da5dce4b7c8737fb32'
gem 'mail-gpg', github: 'jomo/mail-gpg', ref: 'a666b48ee866dfa3eaa700f9c5edf4d195d0f8c9'
# Gems used only for assets and not required
# in production environments by default.

13
Gemfile.lock
View File

@@ -31,15 +31,6 @@ GIT
actionpack (>= 3.0.0)
activesupport (>= 3.0.0)
GIT
remote: git://github.com/jomo/mail-gpg.git
revision: a666b48ee866dfa3eaa700f9c5edf4d195d0f8c9
ref: a666b48ee866dfa3eaa700f9c5edf4d195d0f8c9
specs:
mail-gpg (0.3.1)
gpgme (~> 2.0, >= 2.0.2)
mail (~> 2.5, >= 2.5.3)
GIT
remote: git://github.com/rails/rails.git
revision: 2c8f567e53580872d8c6dfe61201e58793ca131e
@@ -144,8 +135,6 @@ GEM
execjs (2.6.0)
globalid (0.3.6)
activesupport (>= 4.1.0)
gpgme (2.0.11)
mini_portile (>= 0.5.0)
hirb (0.7.3)
http-cookie (1.0.2)
domain_name (~> 0.5)
@@ -161,7 +150,6 @@ GEM
mail (2.6.3)
mime-types (>= 1.16, < 3)
mime-types (2.99)
mini_portile (0.6.2)
mini_portile2 (2.0.0)
minitest (5.8.4)
mysql2 (0.4.2)
@@ -256,7 +244,6 @@ DEPENDENCIES
jquery-rails
jquery-textcomplete-rails!
kaminari!
mail-gpg!
mysql2
rails!
rails-erd

BIN
app/assets/images/mastodon.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 477 B

BIN
app/assets/images/tor.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 581 B

2
app/controllers/blogposts_controller.rb
View File

@@ -69,7 +69,7 @@ class BlogpostsController < ApplicationController
end
def auth
unless mod? && current_user.confirmed?
unless mod?
flash[:alert] = "You are not allowed to edit posts!"
redirect_to @post ? @post : blogposts_path
end

24
app/controllers/forumgroups_controller.rb
View File

@@ -17,8 +17,21 @@ class ForumgroupsController < ApplicationController
end
def update
if admin? && current_user.confirmed?
if admin?
@group = Forumgroup.find(params[:id])
group_badges = Badgeassociation.where(forumgroup: @group)
["read-", "write-"].each_with_index do |p,i|
current_badges = group_badges.where(permission: i+1).pluck(:badge_id)
params.select{|k,v| k.start_with? p}.each do |k,v|
name = k.gsub(p, "")
if current_badges.include? (bid = Badge.find_by(name: name).id)
current_badges.delete bid
else
Badgeassociation.create!(badge: Badge.find_by(name: name), forumgroup: @group, permission: i+1)
end
end
current_badges.each {|b| Badgeassociation.find_by(badge_id: b, forumgroup: @group, permission: i+1).delete}
end
if @group.update_attributes(group_params)
flash[:notice] = "Forum group updated"
redirect_to @group
@@ -41,8 +54,13 @@ class ForumgroupsController < ApplicationController
end
def create
if admin? && current_user.confirmed?
if admin?
@group = Forumgroup.new(group_params)
["read-", "write-"].each_with_index do |p,i|
params.select{|k,v| k.start_with? p}.each do |k,v|
Badgeassociation.create!(badge: Badge.find_by(name: k.gsub(p, "")), forumgroup: @group, permission: i+1)
end
end
if @group.save
flash[:notice] = "Forum group created."
redirect_to @group
@@ -57,7 +75,7 @@ class ForumgroupsController < ApplicationController
end
def destroy
if admin? && current_user.confirmed?
if admin?
@group = Forumgroup.find(params[:id])
if @group.destroy
flash[:notice] = "forum group deleted."

24
app/controllers/forums_controller.rb
View File

@@ -34,7 +34,20 @@ class ForumsController < ApplicationController
end
def update
if admin? && current_user.confirmed?
if admin?
forum_badges = Badgeassociation.where(forum: @forum)
["read-", "write-"].each_with_index do |p,i|
current_badges = forum_badges.where(permission: i+1).pluck(:badge_id)
params.select{|k,v| k.start_with? p}.each do |k,v|
name = k.gsub(p, "")
if current_badges.include? (bid = Badge.find_by(name: name).id)
current_badges.delete bid
else
Badgeassociation.create!(badge: Badge.find_by(name: name), forum: @forum, permission: i+1)
end
end
current_badges.each {|b| Badgeassociation.find_by(badge_id: b, forum: @forum, permission: i+1).delete}
end
if @forum.update_attributes(forum_params)
flash[:notice] = "Forum updated"
redirect_to @forum
@@ -48,8 +61,13 @@ class ForumsController < ApplicationController
end
def create
if admin? && current_user.confirmed?
if admin?
@forum = Forum.new(forum_params([:forumgroup_id]))
["read-", "write-"].each_with_index do |p,i|
params.select{|k,v| k.start_with? p}.each do |k,v|
Badgeassociation.create!(badge: Badge.find_by(name: k.gsub(p, "")), forum: @forum, permission: i+1)
end
end
if @forum.save
flash[:notice] = "Forum created."
redirect_to @forum
@@ -64,7 +82,7 @@ class ForumsController < ApplicationController
end
def destroy
if admin? && current_user.confirmed?
if admin?
if @forum.destroy
flash[:notice] = "Forum deleted."
else

18
app/controllers/info_controller.rb
View File

@@ -22,9 +22,9 @@ class InfoController < ApplicationController
def create
@info = Info.new(info_params)
if @info.save
redirect_to @info, notice: 'The info page has been created!'
redirect_to @info, notice: 'Info has been created.'
else
flash[:alert] = "An error occured while creating the info page."
flash[:alert] = "Error creating info"
render action: "new"
end
end
@@ -32,18 +32,18 @@ class InfoController < ApplicationController
def update
@info.attributes = info_params()
if @info.save
redirect_to @info, notice: 'The info page has been updated!'
redirect_to @info, notice: 'Info has been updated.'
else
flash[:alert] = "An error occured while updating the info page."
flash[:alert] = "There was a problem while updating the info"
render action: "edit"
end
end
def destroy
if @info.destroy
flash[:notice] = "The info page has been deleted!"
flash[:notice] = "Info deleted!"
else
flash[:alert] = "An error occured while deleting the info page."
flash[:alert] = "There was a problem while deleting this info"
end
redirect_to info_index_path
end
@@ -62,9 +62,9 @@ class InfoController < ApplicationController
end
def auth
unless mod? && current_user.confirmed?
flash[:alert] = "You are not allowed to edit info pages!"
unless mod?
flash[:alert] = "You are not allowed to edit info!"
redirect_to @info ? @info : info_index_path
end
end
end
end

27
app/controllers/statics_controller.rb
View File

@@ -17,29 +17,8 @@ class StaticsController < ApplicationController
end
def online
@players = []
@count = 0
begin
json = JSON.parse(File.read("/etc/minecraft/redstoner/plugins/ModuleLoader/players.json"))
rescue
flash.now[:alert] = "The server is currently offline."
else
case json["dataFormat"]
when "v1"
@players = json["players"].collect!{ |p| User.find_by(uuid: p["UUID"].tr("-", "")) or User.new(name: p["name"], ign: p["name"], uuid: p["UUID"].tr("-", ""), role: Role.get("normal"), badge: Badge.get("none"), confirmed: true) }
@count = json["amount"]
when "v2"
json["players"].reject{|p| !mod? && p["vanished"] == "true"}.each do |p|
@players.push(User.find_by(uuid: p["UUID"].tr("-", "")) || User.new(name: p["name"], ign: p["name"], uuid: p["UUID"].tr("-", ""), role: Role.get("normal"), badge: Badge.get("none"), confirmed: true))
end
@count = @players.count
else
flash.now[:alert] = "The server is using an incompatible data format. We are aware of this issue and are most likely already working on it."
end
@players.sort_by!(&:role).reverse!
end
end
def privacy
json = JSON.parse(File.read("/etc/minecraft/redstoner/plugins/JavaUtils/players.json"))
@players = json["players"].collect!{ |p| User.find_by(uuid: p["UUID"].tr("-", "")) or User.new(name: p["name"], ign: p["name"], uuid: p["UUID"].tr("-", ""), role: Role.get("normal"), badge: Badge.get("none"), confirmed: true) }.sort_by!(&:role).reverse!
@count = json["amount"]
end
end

41
app/controllers/users_controller.rb
View File

@@ -10,22 +10,12 @@ class UsersController < ApplicationController
role = Role.find_by(name: params[:role])
badge = Badge.find_by(name: params[:badge])
@users = User.search(params[:search], role, badge, params.include?(:staff), params.include?(:donor))
@users = User.search(params[:search], role, badge, params.include?(:staff))
@count = @users.size
@users = @users.page(params[:page]).per(100)
end
def show
begin
@ban_json = JSON.parse(File.read("/etc/minecraft/redstoner/banned-players.json")).detect {|u| u["uuid"].tr("-", "") == @user.uuid}
rescue
if @user.is?(current_user)
flash.now[:alert] = "An error occured while checking if you are banned from the server!"
else
flash.now[:alert] = "An error occured while checking if this user is banned from the server!"
end
@ban_json = nil
end
end
# SIGNUP
@@ -135,7 +125,7 @@ class UsersController < ApplicationController
end
def resend_mail
if (@user.is?(current_user) || (mod? && current_user.confirmed?)) && !@user.confirmed?
if (@user.is?(current_user) || mod?) && !@user.confirmed?
RedstonerMailer.register_mail(@user, false).deliver_now
flash[:notice] = "Check your inbox for the confirmation mail."
else
@@ -145,16 +135,11 @@ class UsersController < ApplicationController
end
def update
if (mod? && current_user.role >= @user.role && current_user.confirmed?) || (@user.is?(current_user) && confirmed?)
if (mod? && current_user.role >= @user.role ) || (@user.is?(current_user) && confirmed?)
if mod?
userdata = user_params([:name, :skype, :youtube, :twitter, :about, :role, :badge, :confirmed, :header_scroll, :utc_time, :dark])
userdata = user_params([:name, :skype, :skype_public, :youtube, :twitter, :about, :role, :badge, :confirmed, :header_scroll, :utc_time, :dark])
else
userdata = user_params([:name, :skype, :youtube, :twitter, :about, :header_scroll, :utc_time, :dark])
end
if User.find_by(name: userdata[:name]) && User.find_by(name: userdata[:name]) != @user
flash[:alert] = "You have entered a name that belongs to someone else. Please try another."
redirect_to edit_user_path(@user)
return
userdata = user_params([:name, :skype, :skype_public, :youtube, :twitter, :about, :header_scroll, :utc_time, :dark])
end
if userdata[:role]
role = Role.get(userdata[:role])
@@ -188,7 +173,7 @@ class UsersController < ApplicationController
end
def ban
if mod? && current_user.role >= @user.role && current_user.confirmed?
if mod? && current_user.role >= @user.role
@user.role = Role.get :banned
flash[:notice] = "'#{@user.name}' has been banned!"
else
@@ -198,7 +183,7 @@ class UsersController < ApplicationController
end
def unban
if mod? && current_user.role >= @user.role && current_user.confirmed?
if mod? && current_user.role >= @user.role
@user.role = Role.get :normal
flash[:notice] = "\"#{@user.name}\" has been unbanned!"
else
@@ -208,7 +193,7 @@ class UsersController < ApplicationController
end
def destroy
if superadmin? && current_user.confirmed?
if superadmin?
if @user.destroy
flash[:notice] = "User deleted forever."
redirect_to users_url
@@ -223,28 +208,28 @@ class UsersController < ApplicationController
end
def edit_notifications
unless @user.is?(current_user) || (admin? && current_user.role > @user.role) || superadmin?
unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
flash[:alert] = "You are not allowed to edit this user's notification settings!"
redirect_to @user
end
end
def edit_login
unless @user.is?(current_user) || (admin? && current_user.role > @user.role) || superadmin?
unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
flash[:alert] = "You are not allowed to edit this user's login details!"
redirect_to @user
end
end
def edit_website_settings
unless @user.is?(current_user) || (admin? && current_user.role > @user.role) || superadmin?
unless @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
flash[:alert] = "You are not allowed to edit this user's website settings!"
redirect_to @user
end
end
def update_login
if @user.is?(current_user) || (admin? && current_user.role > @user.role && current_user.confirmed?) || (superadmin? && current_user.confirmed?)
if @user.is?(current_user) || admin? && current_user.role > @user.role || superadmin?
authenticated = !@user.is?(current_user) || @user.authenticate(params[:current_password])
if params[:user][:password].present?
@user.password = params[:user][:password]
@@ -362,7 +347,7 @@ class UsersController < ApplicationController
end
def user_params(add = [])
a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention, :public_key] + add
a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention] + add
params.require(:user).permit(a)
end
end

30
app/mailers/redstoner_mailer.rb
View File

@@ -19,49 +19,29 @@ class RedstonerMailer < ActionMailer::Base
def new_thread_mention_mail(user, thread)
@user = user
@thread = thread
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "#{thread.author.name} mentioned you in '#{thread.title}' on Redstoner")
end
mail(to: @user.email, subject: "#{thread.author.name} mentioned you in '#{thread.title}' on Redstoner")
end
def new_thread_reply_mail(user, reply)
@user = user
@reply = reply
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "#{reply.author.name} replied to '#{reply.thread.title}' on Redstoner")
end
mail(to: @user.email, subject: "#{reply.author.name} replied to '#{reply.thread.title}' on Redstoner")
end
def new_post_mention_mail(user, post)
@user = user
@post = post
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "#{post.author.name} mentioned you in '#{post.title}' on Redstoner")
end
mail(to: @user.email, subject: "#{post.author.name} mentioned you in '#{post.title}' on Redstoner")
end
def new_post_comment_mail(user, comment)
@user = user
@comment = comment
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "#{comment.author.name} replied to '#{comment.blogpost.title}' on Redstoner")
end
mail(to: @user.email, subject: "#{comment.author.name} replied to '#{comment.blogpost.title}' on Redstoner")
end
def email_change_confirm_mail(user)
@user = user
if @user.public_key?
mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}})
else
mail(to: @user.email, subject: "Email change on Redstoner.com")
end
mail(to: @user.email, subject: "Email change on Redstoner.com")
end
end

1
app/models/badge.rb
View File

@@ -1,6 +1,7 @@
class Badge < ActiveRecord::Base
include Comparable
has_many :users
has_and_belongs_to_many :forums
def self.get (input)
if input.is_a?(String) || input.is_a?(Symbol)

7
app/models/badgeassociation.rb Normal file
View File

@@ -0,0 +1,7 @@
class Badgeassociation < ActiveRecord::Base
belongs_to :badge
belongs_to :forum
belongs_to :forumgroup
end

2
app/models/blogpost.rb
View File

@@ -8,8 +8,6 @@ class Blogpost < ActiveRecord::Base
belongs_to :user_editor, class_name: "User", foreign_key: "user_editor_id"
has_many :comments, :dependent => :destroy
accepts_nested_attributes_for :comments
validates_length_of :title, in: 5..255
validates_length_of :content, in: 5..20000
def author
@author ||= if self.user_author.present?

9
app/models/forum.rb
View File

@@ -1,10 +1,13 @@
class Forum < ActiveRecord::Base
belongs_to :forumgroup
has_many :forumthreads
has_many :badgeassociations
has_many :badges, through: :badgeassociations
belongs_to :role_read, class_name: "Role", foreign_key: "role_read_id"
belongs_to :role_write, class_name: "Role", foreign_key: "role_write_id"
has_and_belongs_to_many :labels
validates_length_of :name, in: 4..30
def to_s
name
@@ -19,11 +22,11 @@ class Forum < ActiveRecord::Base
end
def can_read?(user)
group && group.can_read?(user) && (role_read.nil? || (!user.nil? && user.role >= role_read))
group && group.can_read?(user) && (role_read.nil? || (!user.nil? && user.role >= role_read) || Badgeassociation.find_by(badge: user.badge, forum: self, permission: 1))
end
def can_write?(user)
group.can_write?(user) && (role_write.nil? || (!user.nil? && user.role >= role_write))
group.can_write?(user) && (role_write.nil? || (!user.nil? && user.role >= role_write || Badgeassociation.find_by(badge: user.badge, forum: self, permission: 2)))
end
def can_view?(user)

9
app/models/forumgroup.rb
View File

@@ -4,21 +4,22 @@ class Forumgroup < ActiveRecord::Base
belongs_to :role_write, class_name: "Role", foreign_key: "role_write_id"
accepts_nested_attributes_for :forums
has_many :badgeassociations
has_many :badges, through: :badgeassociations
validates_presence_of :name, :position
validates_length_of :name, in: 4..20
validates_length_of :name, in: 2..20
def to_s
name
end
def can_read?(user)
role_read.nil? || (!user.nil? && user.role >= role_read)
role_read.nil? || (!user.nil? && user.role >= role_read) || Badgeassociation.find_by(badge: user.badge, forumgroup: self, permission: 1)
end
def can_write?(user)
!user.nil? && user.confirmed? && (role_write.nil? || user.role >= role_write)
!user.nil? && user.confirmed? && (role_write.nil? || user.role >= role_write) || Badgeassociation.find_by(badge: user.badge, forumgroup: self, permission: 2)
end
def can_view?(user)

3
app/models/forumthread.rb
View File

@@ -11,7 +11,6 @@ class Forumthread < ActiveRecord::Base
validates_presence_of :title, :author, :forum
validates_presence_of :content
validates_length_of :title, in: 5..255
validates_length_of :content, in: 5..20000
accepts_nested_attributes_for :threadreplies
@@ -87,7 +86,7 @@ class Forumthread < ActiveRecord::Base
.joins("LEFT JOIN roles as forumgroup_role_read ON forumgroups.role_read_id = forumgroup_role_read.id")
.joins("LEFT JOIN roles as forumgroup_role_write ON forumgroups.role_write_id = forumgroup_role_write.id")
threads = threads.where("forumthreads.user_author_id = ? OR (#{can_read}) OR (#{sticky_can_write})", user_id, role_value, role_value, role_value, role_value)
threads = threads.where("forumthreads.user_author_id = ? OR (#{can_read}) OR (#{sticky_can_write}) OR (?)", user_id, role_value, role_value, role_value, role_value, Forum.find(forum).can_read?(user))
if query
threads = threads.where("#{match[2]}", query[0..99], query[0..99])
elsif [title, content, reply].any?

2
app/models/threadreply.rb
View File

@@ -43,7 +43,7 @@ class Threadreply < ActiveRecord::Base
unless old_content.present?
posts.each do |post|
# don't send mail to the author of this reply, don't send to banned/disabled users
if post.author != author && post.author.normal? && post.author.confirmed? && thread.can_read?(post.author)
if post.author != author && post.author.normal? && post.author.confirmed? # &&
users << post.author if post.author.mail_other_thread_reply?
end
end

6
app/models/user.rb
View File

@@ -22,8 +22,6 @@ class User < ActiveRecord::Base
validates :email, uniqueness: {case_sensitive: false}, format: {with: /\A.+@(.+\..{2,}|\[(IPv6)?[0-9a-f:.]+\])\z/i, message: "That doesn't look like an email address."}
validates :ign, uniqueness: {case_sensitive: false}, format: {with: /\A[a-z\d_]+\z/i, message: "Username is invalid (a-z, 0-9, _)."}
validates :public_key, format: {with: /\A(-----BEGIN PGP PUBLIC KEY BLOCK-----((.|\n)*?)-----END PGP PUBLIC KEY BLOCK-----)?\z/i, message: "That doesn't look like a PGP formatted public key."}
has_many :blogposts
has_many :comments
@@ -177,14 +175,12 @@ class User < ActiveRecord::Base
self.email_token ||= SecureRandom.hex(16)
end
def self.search (search, role, badge, staff, donor)
def self.search (search, role, badge, staff)
users = User.joins(:role)
if role
users = users.where(role: role)
elsif staff
users = users.where("roles.value >= ?", Role.get(:mod).to_i)
elsif donor
users = users.where("badge_id = ? OR badge_id = ?", Badge.get(:donor), Badge.get(:donorplus))
end
users = users.where(badge: badge) if badge
if search

20
app/views/blogposts/edit.html.erb
View File

@@ -1,20 +1,10 @@
<% title "Edit News: #{@post.title}" %>
<%
def can_edit?
mod? && current_user.confirmed?
end
%>
<h1>Edit post</h1>
<%= form_for @post do |f|%>
<%= f.text_field :title, disabled: !can_edit? %>
<%= render partial: "md_editor", locals: {name: "blogpost[content]", content: @post.content, options: {disabled: !can_edit?}} %>
<p><%= f.submit "Update Post", class: "btn blue left", disabled: !can_edit? %></p>
<% end %>
<p><%= button_to "Delete post", @post, method: "delete", data: {confirm: "Delete post & comments forever?"}, class: "btn red right", disabled: !can_edit? %></p>
<div class="clear"></div>
<% if !current_user.confirmed? %>
<span class='red-alert'>You must confirm your email before you can edit blog posts.</span>
<%= f.text_field :title %>
<%= render partial: "md_editor", locals: {name: "blogpost[content]", content: @post.content} %>
<p><%= f.submit "Update Post", class: "btn blue left" %></p>
<% end %>
<p><%= button_to "Delete post", @post, method: "delete", data: {confirm: "Delete post & comments forever?"}, class: "btn red right" %></p>
<div class="clear"></div>

16
app/views/blogposts/new.html.erb
View File

@@ -1,19 +1,9 @@
<% title "New Blog Post" %>
<%
def can_create?
admin? && current_user.confirmed?
end
%>
<h1>New Post</h1>
<%= form_for @post do |f|%>
<%= f.text_field :title, placeholder: "Title", disabled: !can_create? %>
<%= render partial: "md_editor", locals: {name: "blogpost[content]", content: @post.content, options: {disabled: !can_create?}} %>
<p><%= f.submit "Create Post", class: "btn blue left", disabled: !can_create? %></p>
<%= f.text_field :title, placeholder: "Title" %>
<%= render partial: "md_editor", locals: {name: "blogpost[content]", content: @post.content} %>
<p><%= f.submit "Create Post", class: "btn blue left" %></p>
<div class="clear"></div>
<% if !current_user.confirmed? %>
<span class='red-alert'>You must confirm your email before you can create new blog posts.</span>
<% end %>
<% end %>

38
app/views/forumgroups/edit.html.erb
View File

@@ -1,11 +1,5 @@
<% title "Manage Forums" %>
<%
def can_edit?
admin? && current_user.confirmed?
end
%>
<h1>Manage Forums</h1>
<div class="item-group">
<div class="header">
@@ -25,26 +19,38 @@
<table>
<tr>
<td><%= f.label :name %></td>
<td><%= f.text_field :name, placeholder: "Name", disabled: !can_edit? %></td>
<td><%= f.text_field :name, placeholder: "Name" %></td>
</tr>
<tr>
<td><%= f.label :position %></td>
<td><%= f.number_field :position, placeholder: "Position", disabled: !can_edit? %></td>
<td><%= f.number_field :position, placeholder: "Position" %></td>
</tr>
<tr>
<td><%= f.label :role_read_id, "Min. read role" %></td>
<td><%= f.select :role_read_id, role_selection, { include_blank: "None" }, { disabled: !can_edit? } %></td>
<td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
</tr>
<tr>
<td><b>Badges with read permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "read-#{b}", nil, Badgeassociation.find_by(badge: b, forumgroup: @group, permission: 1) %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :role_write_id, "Min. write role" %></td>
<td><%= f.select :role_write_id, role_selection, { include_blank: false }, { disabled: !can_edit? } %></td>
<td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
</tr>
<tr>
<td><b>Badges with write permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "write-#{b}", nil, Badgeassociation.find_by(badge: b, forumgroup: @group, permission: 2) %>
<% end %>
</td>
</tr>
</table>
<p><%= f.submit "Update group", class: "btn blue left", disabled: !can_edit? %></p>
<p><%= f.submit "Update group", class: "btn blue left" %></p>
<% end %>
<p><%= button_to "Delete group", @group, :method => "delete", data: {confirm: "Delete group?\nForums + Threads will not be accessible!"}, class: "btn red right", disabled: !can_edit? %></p>
<p><%= button_to "Delete group", @group, :method => "delete", data: {confirm: "Delete group?\nForums + Threads will not be accessible!"}, class: "btn red right" %></p>
<div class="clear"></div>
<% if !current_user.confirmed? %>
<span class='red-alert'>You must confirm your email before you can edit forum groups.</span>
<% end %>

36
app/views/forumgroups/new.html.erb
View File

@@ -1,36 +1,42 @@
<% title "New Forum: #{@group.name}" %>
<%
def can_create?
admin? && current_user.confirmed?
end
%>
<h1>New forum group</h1>
<% role_selection = Role.all_from_to(:normal, :admin).collect{|p|[p.name, p.id]} %>
<%= form_for @group do |f|%>
<table>
<tr>
<td><%= f.label :name %></td>
<td><%= f.text_field :name, placeholder: "Name", disabled: !can_create? %></td>
<td><%= f.text_field :name, placeholder: "Name" %></td>
</tr>
<tr>
<td><%= f.label :position %></td>
<td><%= f.number_field :position, placeholder: "Position", disabled: !can_create? %></td>
<td><%= f.number_field :position, placeholder: "Position" %></td>
</tr>
<tr>
<td><%= f.label :role_read_id, "Min. read role" %></td>
<td><%= f.select :role_read_id, role_selection, { include_blank: "None" }, { disabled: !can_create? } %></td>
<td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
</tr>
<tr>
<td><b>Badges with read permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "read-#{b}" %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :role_write_id, "Min. write role" %></td>
<td><%= f.select :role_write_id, role_selection, { include_blank: false }, { disabled: !can_create? } %></td>
<td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
</tr>
<tr>
<td><b>Badges with write permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "write-#{b}" %>
<% end %>
</td>
</tr>
</table>
<p><%= f.submit "Create group", class: "btn blue left", disabled: !can_create? %></p>
<p><%= f.submit "Create group", class: "btn blue left" %></p>
<div class="clear"></div>
<% if !current_user.confirmed? %>
<span class='red-alert'>You must confirm your email before you can create new forum groups.</span>
<% end %>
<% end %>

40
app/views/forums/edit.html.erb
View File

@@ -1,11 +1,5 @@
<% title "Edit Forum: #{@forum.name}" %>
<%
def can_edit?
admin? && current_user.confirmed?
end
%>
<%= link_to "(Edit) #{@forum.group.name}", edit_forumgroup_path(@forum.group) %> → <%= @forum.name %>
<h1>Edit Forum</h1>
<% role_selection = Role.all_from_to(:normal, :admin).collect{|p|[p.name, p.id]} %>
@@ -13,30 +7,42 @@
<table>
<tr>
<td><%= f.label :name %></td>
<td><%= f.text_field :name, placeholder: "Name", disabled: !can_edit? %></td>
<td><%= f.text_field :name, placeholder: "Name" %></td>
</tr>
<tr>
<td><%= f.label :position %></td>
<td><%= f.number_field :position, placeholder: "Position", disabled: !can_edit? %></td>
<td><%= f.number_field :position, placeholder: "Position" %></td>
</tr>
<tr>
<td><%= f.label :role_read_id, "Min. read role" %></td>
<td><%= f.select :role_read_id, role_selection, { include_blank: "None" }, { disabled: !can_edit? } %></td>
<td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
</tr>
<tr>
<td><b>Badges with read permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "read-#{b}", nil, Badgeassociation.find_by(badge: b, forum: @forum, permission: 1) %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :role_write_id, "Min. write role" %></td>
<td><%= f.select :role_write_id, role_selection, { include_blank: false }, { disabled: !can_edit? } %></td>
<td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
</tr>
<tr>
<td><b>Badges with write permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "write-#{b}", nil, Badgeassociation.find_by(badge: b, forum: @forum, permission: 2) %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :necro_length, "Necropost warning delay (in days)" %></td>
<td><%= f.number_field :necro_length, placeholder: "Warning Delay (leave blank for no warning)", disabled: !can_edit? %></td>
<td><%= f.number_field :necro_length, placeholder: "Warning Delay (leave blank for no warning)" %></td>
</tr>
</table>
<p><%= f.submit "Update forum", class: "btn blue left", disabled: !can_edit? %></p>
<p><%= f.submit "Update forum", class: "btn blue left" %></p>
<% end %>
<p><%= button_to "Delete forum", @forum, method: "delete", data: {confirm: "Delete forum forever?\nThreads won't be accessible!"}, class: "btn red right", disabled: !can_edit? %></p>
<p><%= button_to "Delete forum", @forum, method: "delete", data: {confirm: "Delete forum forever?\nThreads won't be accessible!"}, class: "btn red right" %></p>
<div class="clear"></div>
<% if !current_user.confirmed? %>
<span class='red-alert'>You must confirm your email before you can edit forums.</span>
<% end %>

2
app/views/forums/index.html.erb
View File

@@ -56,4 +56,6 @@
<% if admin? %>
<%= link_to "New group", new_forumgroup_path, class: "btn blue" %>
<% elsif mod? %>
<%= link_to "New group", "#", class: "btn blue", disabled: true %>
<% end %>

38
app/views/forums/new.html.erb
View File

@@ -1,11 +1,5 @@
<% title "New Forum: #{@forum.group.name}" %>
<%
def can_create?
admin? && current_user.confirmed?
end
%>
<%= link_to @forum.group, forumgroup_path(@forum.group) %> → New forum
<h1>New Forum</h1>
<% role_selection = Role.all_from_to(:normal, :admin).collect{|p|[p.name, p.id]} %>
@@ -13,30 +7,42 @@
<table>
<tr>
<td><%= f.label :name %></td>
<td><%= f.text_field :name, placeholder: "Name", disabled: !can_create? %></td>
<td><%= f.text_field :name, placeholder: "Name" %></td>
</tr>
<tr>
<td><%= f.label :position %></td>
<td><%= f.number_field :position, placeholder: "Position", disabled: !can_create? %></td>
<td><%= f.number_field :position, placeholder: "Position" %></td>
</tr>
<tr>
<td><%= f.label :role_read_id, "Min. read role" %></td>
<td><%= f.select :role_read_id, role_selection, { include_blank: "None"}, { disabled: !can_create? } %></td>
<td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
</tr>
<tr>
<td><b>Badges with read permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "read-#{b}" %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :role_write_id, "Min. write role" %></td>
<td><%= f.select :role_write_id, role_selection, { include_blank: false }, { disabled: !can_create? } %></td>
<td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
</tr>
<tr>
<td><b>Badges with write permission</b></td>
<td>
<% Badge.where("name != 'none'").each do |b| %>
<%=b%><%= check_box_tag "write-#{b}" %>
<% end %>
</td>
</tr>
<tr>
<td><%= f.label :necro_length, "Necropost warning delay (in days)" %></td>
<td><%= f.number_field :necro_length, placeholder: "Warning Delay (leave blank for no warning)", disabled: !can_create? %></td>
<td><%= f.number_field :necro_length, placeholder: "Warning Delay (leave blank for no warning)" %></td>
</tr>
</table>
<%= f.hidden_field :forumgroup_id %>
<p><%= f.submit "Create forum", class: "btn blue left", disabled: !can_create? %></p>
<p><%= f.submit "Create forum", class: "btn blue left" %></p>
<div class="clear"></div>
<% if !current_user.confirmed? %>
<span class='red-alert'>You must confirm your email before you can create new forums.</span>
<% end %>
<% end %>

20
app/views/info/edit.html.erb
View File

@@ -1,20 +1,10 @@
<% title "Edit Info: #{@info.title}" %>
<%
def can_edit?
mod? && current_user.confirmed?
end
%>
<h1>Edit Info</h1>
<%= form_for @info do |f|%>
<%= f.text_field :title, disabled: !can_edit? %>
<%= render partial: "md_editor", locals: {name: "info[content]", content: @info.content, options: {disabled: !can_edit?}} %>
<p><%= f.submit "Update Info", class: "btn blue left", disabled: !can_edit? %></p>
<% end %>
<p><%= button_to "Delete Info", @info, method: "delete", data: {confirm: "Are you sure you want to delete this info page?"}, class: "btn red right", disabled: !can_edit? %></p>
<div class="clear"></div>
<% if !current_user.confirmed? %>
<span class='red-alert'>You must confirm your email before you can edit info pages.</span>
<%= f.text_field :title%>
<%= render partial: "md_editor", locals: {name: "info[content]", content: @info.content} %>
<p><%= f.submit "Update Info", class: "btn blue left" %></p>
<% end %>
<p><%= button_to "Delete Info", @info, method: "delete", data: {confirm: "Delete Info forever?"}, class: "btn red right" %></p>
<div class="clear"></div>

16
app/views/info/new.html.erb
View File

@@ -1,19 +1,9 @@
<% title "New Info" %>
<%
def can_create?
mod? && current_user.confirmed?
end
%>
<h1>New Info</h1>
<%= form_for @info, url: info_index_path do |f|%>
<%= f.text_field :title, placeholder: "Title", disabled: !can_create? %>
<%= render partial: "md_editor", locals: {name: "info[content]", content: @info.content, options: {disabled: !can_create?}} %>
<p><%= f.submit "Create Info", class: "btn blue left", disabled: !can_create? %></p>
<%= f.text_field :title, placeholder: "Title" %>
<%= render partial: "md_editor", locals: {name: "info[content]", content: @info.content} %>
<p><%= f.submit "Create Info", class: "btn blue left" %></p>
<div class="clear"></div>
<% if !current_user.confirmed? %>
<span class='red-alert'>You must confirm your email before you can create new info pages.</span>
<% end %>
<% end %>

8
app/views/layouts/_footer.html.erb
View File

@@ -13,12 +13,6 @@
<% end %> |
<%= link_to "https://twitter.com/RedstonerServer", title: "Redstoner on Twitter" do %>
Twitter <%= image_tag("twitter.png") %>
<% end %> |
<%= link_to "https://mstdn.io/@RedstonerServer", title: "Redstoner on Mastodon" do %>
Mastodon <%= image_tag("mastodon.png") %>
<% end %> |
<%= link_to "http://rdstnr4biap5nao2.onion", title: "Redstoner over Tor" do %>
Onion Service <%= image_tag("tor.png") %>
<% end %>
<% if current_user %>
| <%= link_to "/slack/?" + {mail: current_user.try(:email)}.to_param do %>
@@ -26,4 +20,4 @@
<% end %>
<% end %>
</div>
</div>
</div>

6
app/views/redstoner_mailer/email_change_confirm_mail.html.erb
View File

@@ -13,7 +13,7 @@
</div>
<p></p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game.</p>
<p>Your Redstoner team</p>
</div>
@@ -25,9 +25,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

6
app/views/redstoner_mailer/new_post_comment_mail.html.erb
View File

@@ -14,7 +14,7 @@
%>
<p><%= link_to "Click here", blogpost_url(@comment.blogpost, page: page) + "#comment-#{@comment.id}", style: "text-decoration: none; color: #4096EE;" %> to view the blog post.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>Your Redstoner team</p>
</div>
@@ -24,9 +24,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

6
app/views/redstoner_mailer/new_post_mention_mail.html.erb
View File

@@ -10,7 +10,7 @@
<p><%= link_to "Click here", blogpost_url(@post), style: "text-decoration: none; color: #4096EE;" %> to view the blog post.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>Your Redstoner team</p>
</div>
@@ -21,9 +21,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

6
app/views/redstoner_mailer/new_thread_mention_mail.html.erb
View File

@@ -11,7 +11,7 @@
<p><%= link_to "Click here", forumthread_url(@thread), style: "text-decoration: none; color: #4096EE;" %> to view the thread.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>Your Redstoner team</p>
</div>
@@ -23,9 +23,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

6
app/views/redstoner_mailer/new_thread_reply_mail.html.erb
View File

@@ -15,7 +15,7 @@
%>
<p><%= link_to "Click here", forumthread_url(@reply.thread, page: page) + "#reply-#{@reply.id}", style: "text-decoration: none; color: #4096EE;" %> to view the thread.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game or on the forums!</p>
<p>Your Redstoner team</p>
</div>
@@ -26,8 +26,8 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>

6
app/views/redstoner_mailer/register_mail.html.erb
View File

@@ -25,7 +25,7 @@
</div>
<p></p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(staff: ""), style: "text-decoration: none; color: #4096EE;" %> in-game.</p>
<p>If you have any questions or problems, just ask one of our <%= link_to "Staff", users_url(role: "staff"), style: "text-decoration: none; color: #4096EE;" %> in-game.</p>
<p>Your Redstoner team</p>
</div>
@@ -37,9 +37,9 @@
<p>You can contact us via:
<%= link_to "Website", root_url, style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Twitter", "https://twitter.com/RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Mastodon", "https://mstdn.io/@RedstonerServer", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Google+", "https://google.com/+Redstoner", style: "text-decoration: none; color: #4096EE;" %> |
<%= link_to "Email", "mailto:redstonerserver+website@gmail.com", style: "text-decoration: none; color: #4096EE;" %>
</p>
</div>
</div>
</div>
</div>

7
app/views/statics/donate.html.erb
View File

@@ -1,4 +1,3 @@
<% title "Donate" %>
<h1>Donate</h1>
<p>Running a server is really stressful and requires a lot of work.<br>
@@ -12,7 +11,7 @@
<li>Donator+ ($20 or more)
</ul>
<p>We also have a <%= link_to "list of users who donated", users_path(donor: "") %> already!</p>
<p>We also have <%= link_to "list of users who donated", users_path(badge: "donor") %> already!</p>
<h3>Perks for you</h3>
<p>For <i>Donator</i> and <i>Donator+</i></p>
@@ -26,11 +25,11 @@
<div class="donations">
<div class="donation">
<div class="left">
<img src="https://crafatar.com/renders/body/97a4928198f045998e0e7a97eabae6ae?overlay=true&scale=3" alt="sponsor's skin" class="body">
<img src="<%= image_url("anonymous_skin.png") %>" alt="sponsor's skin" class="body">
</div>
<div>
<h1>Donate to our server sponsor</h1>
<h4>PotatoKek pays for the server hardware. You can help him by donating here.</h4>
<h4>They pay for our server, but prefer to stay anonymous</h4>
<form target="_blank" method="post" action="https://www.paypal.com/cgi-bin/webscr">
<% if current_user %>
<input name="custom" type="hidden" placeholder="Your Minecraft name" value="<%= current_user.ign %>">

41
app/views/statics/privacy.html.erb
View File

@@ -1,41 +0,0 @@
<% title "Privacy Policy" %>
<h1>Privacy Policy</h1>
<p>Please note that this privacy policy is not legally binding. It is simply a reference intended to inform you about what is done with your information. Also, this privacy policy only applies to the Redstoner website and forums. The Minecraft server will have its own privacy policy at some point.</p>
<h2>How your information is stored and protected</h2>
<p>Everything on the website is stored in a database, to which access is strictly limited. Only users of the administrator rank or former administrators who are well known and are trusted by the rest of the current administrators may access the database. Offsite backups of this data are made daily only to the network and servers of at least one current administrator via an encrypted SSH connection.</p>
<p>Passwords are stored using the bcrypt algorithm. Plaintext passwords are never logged or stored anywhere.</p>
<p>The website code is <%= link_to "open source", "https://github.com/RedstonerServer/redstoner.com" %> and undergoes heavy testing and review before it is deployed to ensure no exploitable bugs or backdoors make it onto the production server.</p>
<p>All connections to our website are automatically forced to be made over HTTPS to ensure your data is protected while in transit. We maintain <%= link_to "good TLS paramters", "https://www.ssllabs.com/ssltest/analyze.html?d=redstoner.com" %> and also employ other techniques to ensure secure connections such as <%= link_to "being on the HSTS preload list", "https://hstspreload.org/?domain=redstoner.com" %> and OCSP stapling.</p>
<h2>Information we collect</h2>
<p>This information is needed in order for your account to be created:</p>
<ul>
<li>Your Minecraft account's IGN and UUID.</li>
<li>Your email address.</li>
<li>A unique password.</li>
</ul>
<p>This information is optional and is obtained only if you provide it:</p>
<ul>
<li>Your Skype username.</li>
<li>Your YouTube channel ID.</li>
<li>Your Twitter username.</li>
</ul>
<p>This information is also collected, however does not affect your Redstoner account directly:</p>
<ul>
<li>Your IP address.</li>
</ul>
<h2>How your information is used and who it is visible to</h2>
<ul>
<li><b>Minecraft account IGN and UUID</b> - This is used to link your Minecraft account with your Redstoner account. Anyone can see these.</li>
<li><b>Your email address</b> - This is used to send you email notifications about forums activity that you are involved in. These notifications can be disabled in your account settings. This is also used to perform a password reuse check, which is explained in more detail below. Only users of the moderator rank or higher can see your email address.</li>
<li><b>Your password</b> - This is used to authenticate you. This too is used to perform a password reuse check. The plaintext version is visible to no one, but the hashed version is visible only to users of the administrator rank or higher.</li>
<li><b>Your Skype username</b> - This is used to add a link to your profile that allows others to easily contact you over Skype. Anyone can see this.</li>
<li><b>Your YouTube channel</b> - This is used to add a link to your profile that allows others to easily find your YouTube channel. Anyone can see this.</li>
<li><b>Your Twitter username</b> - This is used to add a link to your profile that allows others to easily contact you over Twitter. Anyone can see this.</li>
<li><b>Your IP address</b> - This is used to help us identify and ban troublemakers from our forums. Only users of the moderator rank and above can see this.</li>
</ul>
<h2>Password reuse check</h2>
<p>When you first sign up on our website, we use your email address and password to check if you are reusing your password with your Mojang account. This is done by attempting to log into Mojang's server using this information. If it succeeds, then your confirmation email will contain a note warning you not to reuse your password. <b>The information used to perform this check is never used to actually take over your Minecraft account. In fact, we can't because your password is hashed after the check and is totally unusable to us. If you get this warning not to reuse your password, it is still highly recommended that you change your password for your Mojang account and also use a password manager.</b></p>
<h2>Who your information is shared with</h2>
<p>We do not share your information with any third parties. The only time we will release information is if we are legally required to.</p>
<hr>
<p><sup>This privacy policy was last revised October 31, 2017.</sup></p>

20
app/views/users/edit.html.erb
View File

@@ -2,7 +2,7 @@
<%
def can_edit?
(@user.is?(current_user) && confirmed?) || (mod? && current_user.role >= @user.role && current_user.confirmed?)
(@user.is?(current_user) && confirmed?) || (mod? && current_user.role >= @user.role)
end
%>
@@ -23,7 +23,7 @@
<td>Role</td>
<td>
<% if current_user.role >= @user.role %>
<%= f.select :role, Role.all_to(current_user.role), {}, { disabled: !can_edit? } %>
<%= f.select :role, Role.all_to(current_user.role) %>
<% end %>
</td>
</tr>
@@ -31,7 +31,7 @@
<td>Badge</td>
<td>
<% if current_user.role >= Role.get(:mod) %>
<%= f.select :badge, Badge.all, {}, { disabled: !can_edit? } %>
<%= f.select :badge, Badge.all %>
<% end %>
</td>
</tr>
@@ -48,6 +48,12 @@
<%= f.text_field :skype, placeholder: "Skype username", disabled: !can_edit? %>
</td>
</tr>
<tr>
<td>Show Skype to</td>
<td>
<%= f.select :skype_public, [["Staff only", false], ["All users", true]], {}, { disabled: !can_edit? } %>
</td>
</tr>
<tr>
<td>YouTube Channel ID</td>
<td>
@@ -57,7 +63,7 @@
<tr>
<td>Twitter username</td>
<td>
<%= f.text_field :twitter, placeholder: "Twitter username", disabled: !can_edit? %>
<%= f.text_field :twitter, placeholder: "Twitter username", disabled: !(@user.is?(current_user) && confirmed? || (mod? && current_user.role >= @user.role)) %>
</td>
</tr>
<tr>
@@ -69,7 +75,7 @@
</tbody>
</table>
<p><%= f.submit "Save profile", class: "btn variable-size left", disabled: !can_edit? %></p>
<p><%= f.submit "Save profile", class: "btn variable-size left", disabled: (!@user.confirmed? && @user.is?(current_user)) %></p>
<p>
<%= link_to "Edit login details", edit_login_user_path(@user), class: "btn variable-size right" %>
<%= link_to "Notification settings", edit_notifications_user_path(@user), class: "btn variable-size right" %>
@@ -77,9 +83,7 @@
</p>
<div class="clear"></div>
<% if !@user.is?(current_user) && !current_user.confirmed? %>
<span class='red-alert'>You must confirm your own email before you can edit other profiles.</span>
<% elsif !@user.confirmed? %>
<% if !@user.confirmed? %>
<% if @user.is?(current_user) %>
<span class='red-alert'>Please confirm your email address first!</span>
<% else %>

29
app/views/users/edit_notifications.html.erb
View File

@@ -1,11 +1,5 @@
<% title "Edit Notification Settings: #{@user.name}" %>
<%
def can_edit?
(@user.is?(current_user) && confirmed?) || (mod? && current_user.role >= @user.role && current_user.confirmed?)
end
%>
<%= link_to @user.name, @user %> → Edit Notification Settings
<h1>Edit Notification Settings</h1>
@@ -17,13 +11,13 @@
<tr>
<td>replies to my thread</td>
<td>
<%= f.check_box :mail_own_thread_reply, disabled: !can_edit? %>
<%= f.check_box :mail_own_thread_reply %>
</td>
</tr>
<tr>
<td>replies to a thread I already replied to</td>
<td>
<%= f.check_box :mail_other_thread_reply, disabled: !can_edit? %>
<%= f.check_box :mail_other_thread_reply %>
</td>
</tr>
<tr>
@@ -32,13 +26,13 @@
<i>(Currently used for staff only)</i>
</td>
<td>
<%= f.check_box :mail_own_blogpost_comment, disabled: !can_edit? %>
<%= f.check_box :mail_own_blogpost_comment %>
</td>
</tr>
<tr>
<td>comments a blog post I already commented</td>
<td>
<%= f.check_box :mail_other_blogpost_comment, disabled: !can_edit? %>
<%= f.check_box :mail_other_blogpost_comment %>
</td>
</tr>
<tr>
@@ -46,20 +40,11 @@
mentions me in a thread or comment
</td>
<td>
<%= f.check_box :mail_mention, disabled: !can_edit? %>
<%= f.check_box :mail_mention %>
</td>
</tr>
</tbody>
</table>
<h3>Public Key</h1>
<p>All notification emails will be encrypted with this key if you supply it.</p>
<%= f.text_area :public_key, placeholder: "-----BEGIN PGP PUBLIC KEY BLOCK-----", disabled: !can_edit? %>
<p><%= f.submit "Save changes", class: "btn blue left", disabled: !can_edit? %></p>
<p><%= f.submit "Save changes", class: "btn blue left" %></p>
<div class="clear"></div>
<% if !@user.is?(current_user) && !current_user.confirmed? %>
<span class='red-alert'>You must confirm your own email before you can edit other user's notification settings.</span>
<% elsif !@user.confirmed? && @user.is?(current_user) %>
<span class='red-alert'>You need to confirm your email before you can edit your notification settings.</span>
<% end %>
<% end %>
<% end %>

20
app/views/users/edit_website_settings.html.erb
View File

@@ -1,11 +1,5 @@
<% title "Edit Website Settings: #{@user.name}" %>
<%
def can_edit?
(@user.is?(current_user) && confirmed?) || (mod? && current_user.role >= @user.role && current_user.confirmed?)
end
%>
<%= link_to @user.name, @user %> → Edit Website Settings
<h1>Edit Website Settings</h1>
@@ -16,31 +10,25 @@
<tr>
<td>Header moves with scrolling (Experimental - do not report bugs)</td>
<td>
<%= f.check_box :header_scroll, disabled: !can_edit? %>
<%= f.check_box :header_scroll %>
</td>
</tr>
<tr>
<td>Show exact UTC times</td>
<td>
<%= f.check_box :utc_time, disabled: !can_edit? %>
<%= f.check_box :utc_time %>
</td>
</tr>
<tr>
<td>Dark theme*</td>
<td>
<%= f.check_box :dark, disabled: !can_edit? %>
<%= f.check_box :dark %>
</td>
</tr>
</tbody>
</table>
<p><%= f.submit "Save changes", class: "btn blue left", disabled: !can_edit? %></p>
<p><%= f.submit "Save changes", class: "btn blue left" %></p>
<div class="clear"></div>
<% if !@user.is?(current_user) && !current_user.confirmed? %>
<span class='red-alert'>You must confirm your own email before you can edit other user's website settings.</span>
<% elsif !@user.confirmed? && @user.is?(current_user) %>
<span class='red-alert'>You need to confirm your email before you can edit your website settings.</span>
<% end %>
<% end %>
<br><br><br>
*Warning: If as a result to enabling this style your eyes get infected with a severe case of eye cancer, we are not reliable for any damage. Please contact your doctor in advance to ensure that in case of infection you will be treated accordingly. Quality theme brought to you by Redempt™.

2
app/views/users/index.html.erb
View File

@@ -14,8 +14,6 @@
text = "All '#{params[:role]}' and '#{params[:badge]}' users"
elsif params.include?(:staff)
text = "All staff"
elsif params.include?(:donor)
text = "All donors"
else
text = "All users"
end

25
app/views/users/show.html.erb
View File

@@ -15,28 +15,15 @@
<h1><%= @user.name %></h1>
<div class="clear"></div>
<% if @ban_json && (@ban_json["expires"] == "forever" || !(DateTime.parse(@ban_json["expires"]) <= DateTime.now)) %>
<% if @user.is?(current_user) %>
<span class="user-banned">You are banned on the server for "<%=@ban_json["reason"]%>"<%=" until #{@ban_json["expires"]}" unless @ban_json["expires"] == "forever"%></span>
<% else %>
<span class="user-banned">This user is banned on the server for "<%=@ban_json["reason"]%>"<%=" until #{@ban_json["expires"]}" unless @ban_json["expires"] == "forever"%></span>
<% end %>
<% end %>
<% if @user.banned? %>
<% if @user.is?(current_user) %>
<span class="user-banned">You are banned on the website!</span>
<% else %>
<span class="user-banned">This user is banned on the website!</span>
<% end %>
<span class="user-banned">This user is banned!</span>
<% end %>
<br>
<% if !@user.confirmed? %>
<% if @user.is?(current_user) %>
<span class="user-unconfirmed">You haven't confirmed your email "<u><%= @user.email %></u>" yet!</span>
<% if @user.is?(current_user) || mod? %>
<span class="user-unconfirmed">Please confirm your email <u><%= @user.email %></u> !</span>
<%= button_to "Resend the confirmation mail", resend_mail_user_path, class: "btn dark", form_class: "inline-block", data: {confirm: "Did you check your spam folder?"} %>
<% elsif mod? %>
<span class="user-unconfirmed">This user hasn't confirmed their email "<u><%= @user.email %></u>" yet!</span>
<%= button_to "Resend the confirmation mail", resend_mail_user_path, class: "btn dark", form_class: "inline-block" %>
<% else %>
<span class="user-unconfirmed">This user hasn't confirmed their email yet!</span>
<% end %>
@@ -65,7 +52,7 @@
<td><b>Role</b></td>
<td><%= link_to @user.role, users_path(:role => @user.role.name) %></td>
</tr>
<% if current_user && !@user.skype.blank? %>
<% if current_user && !@user.skype.blank? && (@user.skype_public || current_user == @user || mod?) %>
<tr>
<td><b>Skype</b></td>
<td><%= link_to @user.skype, "skype:#{@user.skype}?chat", target: "_blank" %></a></td>

1
config/routes.rb
View File

@@ -9,7 +9,6 @@ Redstoner::Application.routes.draw do
get 'donate'
get 'home'
get 'online'
get 'privacy'
get 'index'
end
end

6
db/migrate/20170708011014_remove_skype_visibility_from_users.rb
View File

@@ -1,6 +0,0 @@
class RemoveSkypeVisibilityFromUsers < ActiveRecord::Migration
def change
remove_column :users, :skype_public
User.update_all skype: nil
end
end

10
db/migrate/20170710141543_create_badgeassociations.rb Normal file
View File

@@ -0,0 +1,10 @@
class CreateBadgeassociations < ActiveRecord::Migration
def change
create_table :badgeassociations do |t|
t.references :badge
t.references :forum
t.references :forumgroup
t.integer :permission #1 = read, 2 = write
end
end
end

5
db/migrate/20171013001146_add_public_key_to_users.rb
View File

@@ -1,5 +0,0 @@
class AddPublicKeyToUsers < ActiveRecord::Migration
def change
add_column :users, :public_key, :text
end
end

4
db/schema.rb
View File

@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20171013001146) do
ActiveRecord::Schema.define(version: 20170703003647) do
create_table "badges", force: :cascade do |t|
t.string "name", limit: 191
@@ -135,6 +135,7 @@ ActiveRecord::Schema.define(version: 20171013001146) do
t.text "about", limit: 65535
t.string "last_ip", limit: 255
t.string "skype", limit: 255
t.boolean "skype_public", default: false
t.string "youtube", limit: 255
t.string "youtube_channelname", limit: 255
t.string "twitter", limit: 255
@@ -153,7 +154,6 @@ ActiveRecord::Schema.define(version: 20171013001146) do
t.boolean "utc_time", default: false
t.boolean "header_scroll", default: false
t.boolean "dark", default: false
t.text "public_key", limit: 65535
end
add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree

1
db/seeds.rb
View File

@@ -33,6 +33,7 @@ deleted_user = User.create!(
role: Role.get(:disabled),
badge: Badge.get(:none),
skype: "echo123",
skype_public: true,
last_ip: "0.0.0.0",
confirmed: true,
last_seen: Time.utc(0).to_datetime,