From da2e66d0b87f11c24a9946c33906c90c90e1f14b Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Thu, 12 Oct 2017 20:18:09 -0400 Subject: [PATCH 01/10] Removed skype_public from schema and seeds. --- db/schema.rb | 1 - db/seeds.rb | 1 - 2 files changed, 2 deletions(-) diff --git a/db/schema.rb b/db/schema.rb index 5849cf5..2dbffc8 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -135,7 +135,6 @@ ActiveRecord::Schema.define(version: 20170703003647) do t.text "about", limit: 65535 t.string "last_ip", limit: 255 t.string "skype", limit: 255 - t.boolean "skype_public", default: false t.string "youtube", limit: 255 t.string "youtube_channelname", limit: 255 t.string "twitter", limit: 255 diff --git a/db/seeds.rb b/db/seeds.rb index 926d7b2..f6b731f 100644 --- a/db/seeds.rb +++ b/db/seeds.rb @@ -33,7 +33,6 @@ deleted_user = User.create!( role: Role.get(:disabled), badge: Badge.get(:none), skype: "echo123", - skype_public: true, last_ip: "0.0.0.0", confirmed: true, last_seen: Time.utc(0).to_datetime, -- 2.52.0 From 3e7a0e550fa3e7730bf0b2bb44a3d93a25307514 Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Thu, 12 Oct 2017 20:46:23 -0400 Subject: [PATCH 02/10] Added ability to add public key to account. --- app/controllers/users_controller.rb | 2 +- app/views/users/edit_notifications.html.erb | 5 ++++- db/migrate/20171013001146_add_public_key_to_users.rb | 5 +++++ 3 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 db/migrate/20171013001146_add_public_key_to_users.rb diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 5c55976..4890a98 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -352,7 +352,7 @@ class UsersController < ApplicationController end def user_params(add = []) - a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention] + add + a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention, :public_key] + add params.require(:user).permit(a) end end diff --git a/app/views/users/edit_notifications.html.erb b/app/views/users/edit_notifications.html.erb index 4e6de12..e0e8288 100644 --- a/app/views/users/edit_notifications.html.erb +++ b/app/views/users/edit_notifications.html.erb @@ -45,6 +45,9 @@ +

Public Key

+

All notification emails, including password resets, will be encrypted with this key if you supply it. Do not lose your private key, otherwise you won't be able to easily recover your account.

+ <%= f.text_area :public_key, placeholder: "-----BEGIN PGP PUBLIC KEY BLOCK-----" %>

<%= f.submit "Save changes", class: "btn blue left" %>

-<% end %> \ No newline at end of file +<% end %> diff --git a/db/migrate/20171013001146_add_public_key_to_users.rb b/db/migrate/20171013001146_add_public_key_to_users.rb new file mode 100644 index 0000000..a03743c --- /dev/null +++ b/db/migrate/20171013001146_add_public_key_to_users.rb @@ -0,0 +1,5 @@ +class AddPublicKeyToUsers < ActiveRecord::Migration + def change + add_column :users, :public_key, :text + end +end -- 2.52.0 From a6148790da639e4fccdc0638b5f5bf3e1b09b8ee Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Fri, 13 Oct 2017 22:49:54 -0400 Subject: [PATCH 03/10] Made notification emails get encrypted for accounts with a public key. --- Gemfile | 1 + app/mailers/redstoner_mailer.rb | 30 +++++++++++++++++++++++++----- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index 4216fe2..8c8cb60 100644 --- a/Gemfile +++ b/Gemfile @@ -16,6 +16,7 @@ gem 'highlight_js-rails', github: 'RedstonerServer/highlight_js-rails' gem 'kaminari', github: 'jomo/kaminari', branch: 'patch-2' # pagination gem 'jquery-textcomplete-rails', github: 'RedstonerServer/jquery-textcomplete-rails' # @mentions gem 'actionpack-action_caching', github: 'antulik/actionpack-action_caching', ref: '8c6e52c69315d67437f480da5dce4b7c8737fb32' +gem 'mail-gpg' # Gems used only for assets and not required # in production environments by default. diff --git a/app/mailers/redstoner_mailer.rb b/app/mailers/redstoner_mailer.rb index 1b387f8..e1e22b2 100644 --- a/app/mailers/redstoner_mailer.rb +++ b/app/mailers/redstoner_mailer.rb @@ -19,29 +19,49 @@ class RedstonerMailer < ActionMailer::Base def new_thread_mention_mail(user, thread) @user = user @thread = thread - mail(to: @user.email, subject: "#{thread.author.name} mentioned you in '#{thread.title}' on Redstoner") + if @user.public_key? + mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}}) + else + mail(to: @user.email, subject: "#{thread.author.name} mentioned you in '#{thread.title}' on Redstoner") + end end def new_thread_reply_mail(user, reply) @user = user @reply = reply - mail(to: @user.email, subject: "#{reply.author.name} replied to '#{reply.thread.title}' on Redstoner") + if @user.public_key? + mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}}) + else + mail(to: @user.email, subject: "#{reply.author.name} replied to '#{reply.thread.title}' on Redstoner") + end end def new_post_mention_mail(user, post) @user = user @post = post - mail(to: @user.email, subject: "#{post.author.name} mentioned you in '#{post.title}' on Redstoner") + if @user.public_key? + mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}}) + else + mail(to: @user.email, subject: "#{post.author.name} mentioned you in '#{post.title}' on Redstoner") + end end def new_post_comment_mail(user, comment) @user = user @comment = comment - mail(to: @user.email, subject: "#{comment.author.name} replied to '#{comment.blogpost.title}' on Redstoner") + if @user.public_key? + mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}}) + else + mail(to: @user.email, subject: "#{comment.author.name} replied to '#{comment.blogpost.title}' on Redstoner") + end end def email_change_confirm_mail(user) @user = user - mail(to: @user.email, subject: "Email change on Redstoner.com") + if @user.public_key? + mail(to: @user.email, subject: "Encrypted Notification from Redstoner", gpg: {encrypt: true, keys: {@user.email => @user.public_key}}) + else + mail(to: @user.email, subject: "Email change on Redstoner.com") + end end end -- 2.52.0 From 751462bbedb2e2133b630156527650ebc506d347 Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Fri, 13 Oct 2017 23:28:08 -0400 Subject: [PATCH 04/10] Added public_key to schema. --- db/schema.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/db/schema.rb b/db/schema.rb index 5849cf5..2f38b71 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -154,6 +154,7 @@ ActiveRecord::Schema.define(version: 20170703003647) do t.boolean "utc_time", default: false t.boolean "header_scroll", default: false t.boolean "dark", default: false + t.text "public_key", limit: 65535 end add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree -- 2.52.0 From 8c99e9631be251500449cdf891486f879323becc Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Sun, 15 Oct 2017 15:33:22 -0400 Subject: [PATCH 05/10] Added Mastodon and onion service links to footer. --- app/assets/images/mastodon.png | Bin 0 -> 477 bytes app/assets/images/tor.png | Bin 0 -> 581 bytes app/views/layouts/_footer.html.erb | 8 +++++++- 3 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 app/assets/images/mastodon.png create mode 100644 app/assets/images/tor.png diff --git a/app/assets/images/mastodon.png b/app/assets/images/mastodon.png new file mode 100644 index 0000000000000000000000000000000000000000..a4305d917783afa22d50edee16e8d1da1314a86c GIT binary patch literal 477 zcmeAS@N?(olHy`uVBq!ia0y~yU=RRd4rT@h1`S>QUCfMPUw;05@$uL8YahI(-}>?U-@C8BkKX&d@7AZC*FP>j{ibpI z)5=YcOV&TK>Ax;kd47rE-wg~53<@Pde!&cXkNo@d`%(1IFE8($pKKuh@86e=Yv#76 zd$=la{9G8!o4{Ub%D}*I+|$J|MB=h<*K@vR10J@y8_K`SZF6R7eRuG;eH8Pn{&_my z_g^w3%=N5SI&x(CO(`Aj6r&@D53@Qn94bAg8)#h?)5z#iHh*f+`|UwjFQ;-&{CDN+ z>q0yGxYEBD1r4UYy7%(5Yk7I75dR`Yo4FIDv=7CF^uBD(Ts0|)Be&4_jYUr0HV?&X zZ%bW#zPVkWJI|@B$z;)U&V`(hWu9qRaBXb=`;+ZKgWS9B&<#9cm5kHYx|~1%u-`W; q+j92FB|m09E}9iFJ>_;?Eu%JzghpuoZd(Qh1_n=8KbLh*2~7adsOX#k literal 0 HcmV?d00001 diff --git a/app/assets/images/tor.png b/app/assets/images/tor.png new file mode 100644 index 0000000000000000000000000000000000000000..47a4a1690a234a59ea2c2fbbae37c569abc3721c GIT binary patch literal 581 zcmeAS@N?(olHy`uVBq!ia0y~yU=RRd4rT@h1`S>QUbVeR|WJG;9?L>TFSu9pv=J_ znX`$(!zrSCqEp#=1`9p^#=VkxD;PK#)c6?Grr%_!-od~MGRjVz!LH>pL&JWCzkmN| ztLT6J@cHVgYhnJ8o{nLj&h9n_F52=oa$Kew3fe+UnhN4dpFX~L^ZMbVyAL1UzxnLp zv9kw{o!PhN(#g$B7tN^+oiM4Qt+${h%dxpCvbM6QrnRv;*04H6r8Hc>xG1kM&ORq4 zCfh|cyR$OGRW99DI625P!9z1H)-E={Hr9kY+TAKFH#9iNH`v!az*gVi)5Xux!Y9bX zGu+NiSKi4{!_msb)>y+jBF|Es!BmP@S3^m~Dvn#oZ`~aR1_srVAirP+7S0*!Dax{< z9PFP@pI*6g<-+L`+uK`P>+*6^BFxOp3^WvEcrH%jJITPnu*}oNF+}2Was#uUrI{$3 z$^xB(>RSCe2hQsrX*-fC;x9D8Xy)>7Bfq}u()z4*}Q$iB}dIZTi literal 0 HcmV?d00001 diff --git a/app/views/layouts/_footer.html.erb b/app/views/layouts/_footer.html.erb index 930eb26..cc2b2fd 100644 --- a/app/views/layouts/_footer.html.erb +++ b/app/views/layouts/_footer.html.erb @@ -13,6 +13,12 @@ <% end %> | <%= link_to "https://twitter.com/RedstonerServer", title: "Redstoner on Twitter" do %> Twitter <%= image_tag("twitter.png") %> + <% end %> | + <%= link_to "https://mstdn.io/@RedstonerServer", title: "Redstoner on Mastodon" do %> + Mastodon <%= image_tag("mastodon.png") %> + <% end %> | + <%= link_to "http://rdstnr4biap5nao2.onion", title: "Redstoner over Tor" do %> + Onion Service <%= image_tag("tor.png") %> <% end %> <% if current_user %> | <%= link_to "/slack/?" + {mail: current_user.try(:email)}.to_param do %> @@ -20,4 +26,4 @@ <% end %> <% end %> - \ No newline at end of file + -- 2.52.0 From 29ef493a1bd4c95ced33c8711add6c0ebc6fb74d Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Sun, 15 Oct 2017 15:58:06 -0400 Subject: [PATCH 06/10] Added title to donate page. --- app/views/statics/donate.html.erb | 1 + 1 file changed, 1 insertion(+) diff --git a/app/views/statics/donate.html.erb b/app/views/statics/donate.html.erb index 8f82cde..c304917 100644 --- a/app/views/statics/donate.html.erb +++ b/app/views/statics/donate.html.erb @@ -1,3 +1,4 @@ +<% title "Donate" %>

Donate

Running a server is really stressful and requires a lot of work.
-- 2.52.0 From 1ec1c09490c5f3481e87a599d81c7ae4b0227691 Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Sun, 15 Oct 2017 20:01:56 -0400 Subject: [PATCH 07/10] Fixed schema version number. --- db/schema.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/schema.rb b/db/schema.rb index 2dbffc8..197024d 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20170703003647) do +ActiveRecord::Schema.define(version: 20170708011014) do create_table "badges", force: :cascade do |t| t.string "name", limit: 191 -- 2.52.0 From 91d6082d3759bd65a95a0dee063a46d2e6f6d2f6 Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Wed, 18 Oct 2017 17:06:41 -0400 Subject: [PATCH 08/10] Fixed schema version number. --- db/schema.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/schema.rb b/db/schema.rb index 2f38b71..91cfe91 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20170703003647) do +ActiveRecord::Schema.define(version: 20171013001146) do create_table "badges", force: :cascade do |t| t.string "name", limit: 191 -- 2.52.0 From d2d64d20f0437b5dcd3439292ab913e2e1990da2 Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Wed, 18 Oct 2017 17:17:08 -0400 Subject: [PATCH 09/10] Changed the public key usage informational text. --- app/views/users/edit_notifications.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/users/edit_notifications.html.erb b/app/views/users/edit_notifications.html.erb index e0e8288..9c45445 100644 --- a/app/views/users/edit_notifications.html.erb +++ b/app/views/users/edit_notifications.html.erb @@ -46,7 +46,7 @@

Public Key

-

All notification emails, including password resets, will be encrypted with this key if you supply it. Do not lose your private key, otherwise you won't be able to easily recover your account.

+

All notification emails will be encrypted with this key if you supply it.

<%= f.text_area :public_key, placeholder: "-----BEGIN PGP PUBLIC KEY BLOCK-----" %>

<%= f.submit "Save changes", class: "btn blue left" %>

-- 2.52.0 From 5ab615e18f093e7654bae3c628bd3349532fdfd5 Mon Sep 17 00:00:00 2001 From: Logan Fick Date: Wed, 18 Oct 2017 17:30:42 -0400 Subject: [PATCH 10/10] Added public key validation. --- app/models/user.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/models/user.rb b/app/models/user.rb index 14364ed..4f682c6 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -22,6 +22,8 @@ class User < ActiveRecord::Base validates :email, uniqueness: {case_sensitive: false}, format: {with: /\A.+@(.+\..{2,}|\[(IPv6)?[0-9a-f:.]+\])\z/i, message: "That doesn't look like an email address."} validates :ign, uniqueness: {case_sensitive: false}, format: {with: /\A[a-z\d_]+\z/i, message: "Username is invalid (a-z, 0-9, _)."} + validates :public_key, format: {with: /\A(-----BEGIN PGP PUBLIC KEY BLOCK-----((.|\n)*?)-----END PGP PUBLIC KEY BLOCK-----)?\z/i, message: "That doesn't look like a PGP formatted public key."} + has_many :blogposts has_many :comments -- 2.52.0