sudoxreboot/habitica
1
0
Fork 0
mirror of https://github.com/sudoxnym/habitica.git synced 2026-05-17 19:28:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
habitica/website/server/controllers/api-v4/admin.js

192 lines
5.3 KiB
JavaScript
Raw Permalink Normal View History

🧑‍💼🎛️ Overhaul (#15270) * Add option to search for users by email or username in admin panel * Make Admin panel design more consistent * fix test * fix width of items * escape regex for searching users * load own user when pressing enter on empty field * add styling for warning buttons * improve sub styling * fix checkbox alignment in admin panel * Unify date preview display * Fix bottom button display * admin panel display improvements * remove autocannon file * search improvements * time travel button display fix * fix loading spinner * fix sorting * Split email search into multiple queries * fix email search * remove console * fix line break
2024-08-29 14:15:45 +00:00
import validator from 'validator';
Add interface to block ip-addresses or clients due to abuse (#15484) * Read IP blocks from database * begin building general blocking solution * add new frontend files * Add UI for managing blockers * correctly reset local data after creating blocker * Tweak wording * Add UI for managing blockers * restructure admin pages * improve test coverage * Improve blocker UI * add blocker to block emails from registration * lint fix * fix * lint fixes * fix import * add new permission for managing blockers * improve permission check * fix managing permissions from admin * improve navbar display for non fullAccess admin * update block error strings * lint fix * add option to errorHandler to skip logging * validate blocker value during input * improve blocker form display * chore(subproj): reconcile habitica-images * fix(scripts): use same Mongo version for dev/test * fix(whitespace): eof * documentation improvements * remove nconf import * remove old test --------- Co-authored-by: Kalista Payne <kalista@habitica.com> Co-authored-by: Kalista Payne <sabrecat@gmail.com>
2025-08-06 20:08:07 +00:00
import merge from 'lodash/merge';
import { v4 as uuid } from 'uuid';
🧑‍💼🎛️ Overhaul (#15270) * Add option to search for users by email or username in admin panel * Make Admin panel design more consistent * fix test * fix width of items * escape regex for searching users * load own user when pressing enter on empty field * add styling for warning buttons * improve sub styling * fix checkbox alignment in admin panel * Unify date preview display * Fix bottom button display * admin panel display improvements * remove autocannon file * search improvements * time travel button display fix * fix loading spinner * fix sorting * Split email search into multiple queries * fix email search * remove console * fix line break
2024-08-29 14:15:45 +00:00
import { authWithHeaders } from '../../middlewares/auth';
import { ensurePermission } from '../../middlewares/ensureAccessRight';
import { model as User } from '../../models/user';
Improve Adminpanel with local logs (#15404) * log armoire, quoest response and cron events to history * show user history in admin panel * allow stats to be edited from admin panel * Improve admin panel stats input * improve setting client in history * fix tests * fix lint * fix armoire buying issue * Improve hero saving * Formatting fix * Improve user history logging * allow class to be changed from admin panel * make terminating subscriptions easier * support decimal extraMonths * Fix editing some achievements in admin panel * log if a user invites party to quest * Log more quest events into user history * make userhistory length configurable * fix some numbered achievements * fix extraMonths field * Automatically set up group plan subs with admin panel * show party info nicer in admin panel * improve admin panel sub handling * add missing brace * display when there are unsaved changes * fix setting group plan * fix showing group id * Display group plan info in admin panel * fix setting hourglass promo date * Improve termination handling in admin panel * reload data after certain save events in admin panel * remove console * fix plan.extraMonths not being reset if terminating a sub * add more options when cancelling subs * reload data after group plan change * Add a way to remove users from a party * fix issue with removing user from party * pass party id correctly * correctly call async function * Improve sub display in admin panel * fix line length * fix line * shorter * plaid * fix(lint): vue code style --------- Co-authored-by: Kalista Payne <sabrecat@gmail.com>
2025-03-17 21:48:21 +00:00
import { model as UserHistory } from '../../models/userHistory';
Add interface to block ip-addresses or clients due to abuse (#15484) * Read IP blocks from database * begin building general blocking solution * add new frontend files * Add UI for managing blockers * correctly reset local data after creating blocker * Tweak wording * Add UI for managing blockers * restructure admin pages * improve test coverage * Improve blocker UI * add blocker to block emails from registration * lint fix * fix * lint fixes * fix import * add new permission for managing blockers * improve permission check * fix managing permissions from admin * improve navbar display for non fullAccess admin * update block error strings * lint fix * add option to errorHandler to skip logging * validate blocker value during input * improve blocker form display * chore(subproj): reconcile habitica-images * fix(scripts): use same Mongo version for dev/test * fix(whitespace): eof * documentation improvements * remove nconf import * remove old test --------- Co-authored-by: Kalista Payne <kalista@habitica.com> Co-authored-by: Kalista Payne <sabrecat@gmail.com>
2025-08-06 20:08:07 +00:00
import { model as Blocker } from '../../models/blocker';
Improve Adminpanel with local logs (#15404) * log armoire, quoest response and cron events to history * show user history in admin panel * allow stats to be edited from admin panel * Improve admin panel stats input * improve setting client in history * fix tests * fix lint * fix armoire buying issue * Improve hero saving * Formatting fix * Improve user history logging * allow class to be changed from admin panel * make terminating subscriptions easier * support decimal extraMonths * Fix editing some achievements in admin panel * log if a user invites party to quest * Log more quest events into user history * make userhistory length configurable * fix some numbered achievements * fix extraMonths field * Automatically set up group plan subs with admin panel * show party info nicer in admin panel * improve admin panel sub handling * add missing brace * display when there are unsaved changes * fix setting group plan * fix showing group id * Display group plan info in admin panel * fix setting hourglass promo date * Improve termination handling in admin panel * reload data after certain save events in admin panel * remove console * fix plan.extraMonths not being reset if terminating a sub * add more options when cancelling subs * reload data after group plan change * Add a way to remove users from a party * fix issue with removing user from party * pass party id correctly * correctly call async function * Improve sub display in admin panel * fix line length * fix line * shorter * plaid * fix(lint): vue code style --------- Co-authored-by: Kalista Payne <sabrecat@gmail.com>
2025-03-17 21:48:21 +00:00
import {
NotFound,
} from '../../libs/errors';
🧑‍💼🎛️ Overhaul (#15270) * Add option to search for users by email or username in admin panel * Make Admin panel design more consistent * fix test * fix width of items * escape regex for searching users * load own user when pressing enter on empty field * add styling for warning buttons * improve sub styling * fix checkbox alignment in admin panel * Unify date preview display * Fix bottom button display * admin panel display improvements * remove autocannon file * search improvements * time travel button display fix * fix loading spinner * fix sorting * Split email search into multiple queries * fix email search * remove console * fix line break
2024-08-29 14:15:45 +00:00
const api = {};
/**
* @api {get} /api/v4/admin/search/:userIdentifier Search for users by username or email
* @apiParam (Path) {String} userIdentifier The username or email of the user to search for
* @apiName SearchUsers
* @apiGroup Admin
* @apiPermission Admin
*
* @apiDescription Returns a list of users that match the search criteria
*
* @apiSuccess {Object} data The User list
*
* @apiUse NoAuthHeaders
* @apiUse NoAccount
* @apiUse NoUser
* @apiUse NotAdmin
*/
Improve Adminpanel with local logs (#15404) * log armoire, quoest response and cron events to history * show user history in admin panel * allow stats to be edited from admin panel * Improve admin panel stats input * improve setting client in history * fix tests * fix lint * fix armoire buying issue * Improve hero saving * Formatting fix * Improve user history logging * allow class to be changed from admin panel * make terminating subscriptions easier * support decimal extraMonths * Fix editing some achievements in admin panel * log if a user invites party to quest * Log more quest events into user history * make userhistory length configurable * fix some numbered achievements * fix extraMonths field * Automatically set up group plan subs with admin panel * show party info nicer in admin panel * improve admin panel sub handling * add missing brace * display when there are unsaved changes * fix setting group plan * fix showing group id * Display group plan info in admin panel * fix setting hourglass promo date * Improve termination handling in admin panel * reload data after certain save events in admin panel * remove console * fix plan.extraMonths not being reset if terminating a sub * add more options when cancelling subs * reload data after group plan change * Add a way to remove users from a party * fix issue with removing user from party * pass party id correctly * correctly call async function * Improve sub display in admin panel * fix line length * fix line * shorter * plaid * fix(lint): vue code style --------- Co-authored-by: Kalista Payne <sabrecat@gmail.com>
2025-03-17 21:48:21 +00:00
api.searchHero = {
🧑‍💼🎛️ Overhaul (#15270) * Add option to search for users by email or username in admin panel * Make Admin panel design more consistent * fix test * fix width of items * escape regex for searching users * load own user when pressing enter on empty field * add styling for warning buttons * improve sub styling * fix checkbox alignment in admin panel * Unify date preview display * Fix bottom button display * admin panel display improvements * remove autocannon file * search improvements * time travel button display fix * fix loading spinner * fix sorting * Split email search into multiple queries * fix email search * remove console * fix line break
2024-08-29 14:15:45 +00:00
method: 'GET',
url: '/admin/search/:userIdentifier',
middlewares: [authWithHeaders(), ensurePermission('userSupport')],
async handler (req, res) {
req.checkParams('userIdentifier', res.t('userIdentifierRequired')).notEmpty();
const validationErrors = req.validationErrors();
if (validationErrors) throw validationErrors;
const { userIdentifier } = req.params;
const re = new RegExp(String.raw`^${userIdentifier.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}`);
let query;
let users = [];
if (validator.isUUID(userIdentifier)) {
query = { _id: userIdentifier };
} else if (validator.isEmail(userIdentifier)) {
const emailFields = [
'auth.local.email',
'auth.google.emails.value',
'auth.apple.emails.value',
'auth.facebook.emails.value',
];
for (const field of emailFields) {
const emailQuery = { [field]: userIdentifier };
// eslint-disable-next-line no-await-in-loop
const found = await User.findOne(emailQuery)
.select('contributor backer profile auth')
.lean()
.exec();
if (found) {
users.push(found);
}
}
} else {
query = { 'auth.local.lowerCaseUsername': { $regex: re, $options: 'i' } };
}
if (query) {
users = await User
.find(query)
.select('contributor backer profile auth')
.limit(30)
.lean()
.exec();
}
res.respond(200, users);
},
};
Improve Adminpanel with local logs (#15404) * log armoire, quoest response and cron events to history * show user history in admin panel * allow stats to be edited from admin panel * Improve admin panel stats input * improve setting client in history * fix tests * fix lint * fix armoire buying issue * Improve hero saving * Formatting fix * Improve user history logging * allow class to be changed from admin panel * make terminating subscriptions easier * support decimal extraMonths * Fix editing some achievements in admin panel * log if a user invites party to quest * Log more quest events into user history * make userhistory length configurable * fix some numbered achievements * fix extraMonths field * Automatically set up group plan subs with admin panel * show party info nicer in admin panel * improve admin panel sub handling * add missing brace * display when there are unsaved changes * fix setting group plan * fix showing group id * Display group plan info in admin panel * fix setting hourglass promo date * Improve termination handling in admin panel * reload data after certain save events in admin panel * remove console * fix plan.extraMonths not being reset if terminating a sub * add more options when cancelling subs * reload data after group plan change * Add a way to remove users from a party * fix issue with removing user from party * pass party id correctly * correctly call async function * Improve sub display in admin panel * fix line length * fix line * shorter * plaid * fix(lint): vue code style --------- Co-authored-by: Kalista Payne <sabrecat@gmail.com>
2025-03-17 21:48:21 +00:00
/**
* @api {get} /api/v4/admin/user/:userId/history Get the history of a user
* @apiParam (Path) {String} userIdentifier The username or email of the user
* @apiName GetUserHistory
* @apiGroup Admin
* @apiPermission Admin
*
* @apiDescription Returns the history of a user
*
* @apiSuccess {Object} data The User history
*
* @apiUse NoAuthHeaders
* @apiUse NoAccount
* @apiUse NoUser
* @apiUse NotAdmin
*/
api.getUserHistory = {
method: 'GET',
url: '/admin/user/:userId/history',
middlewares: [authWithHeaders(), ensurePermission('userSupport')],
async handler (req, res) {
req.checkParams('userId', res.t('heroIdRequired')).notEmpty().isUUID();
const validationErrors = req.validationErrors();
if (validationErrors) throw validationErrors;
const { userId } = req.params;
const history = await UserHistory
.findOne({ userId })
.lean()
.exec();
if (!history) throw new NotFound(res.t('userWithIDNotFound', { userId }));
res.respond(200, history);
},
};
Add interface to block ip-addresses or clients due to abuse (#15484) * Read IP blocks from database * begin building general blocking solution * add new frontend files * Add UI for managing blockers * correctly reset local data after creating blocker * Tweak wording * Add UI for managing blockers * restructure admin pages * improve test coverage * Improve blocker UI * add blocker to block emails from registration * lint fix * fix * lint fixes * fix import * add new permission for managing blockers * improve permission check * fix managing permissions from admin * improve navbar display for non fullAccess admin * update block error strings * lint fix * add option to errorHandler to skip logging * validate blocker value during input * improve blocker form display * chore(subproj): reconcile habitica-images * fix(scripts): use same Mongo version for dev/test * fix(whitespace): eof * documentation improvements * remove nconf import * remove old test --------- Co-authored-by: Kalista Payne <kalista@habitica.com> Co-authored-by: Kalista Payne <sabrecat@gmail.com>
2025-08-06 20:08:07 +00:00
api.getBlockers = {
method: 'GET',
url: '/admin/blockers',
middlewares: [authWithHeaders(), ensurePermission('accessControl')],
async handler (req, res) {
const blockers = await Blocker
.find({ disabled: false })
.lean()
.exec();
res.respond(200, blockers);
},
};
api.createBlocker = {
method: 'POST',
url: '/admin/blockers',
middlewares: [authWithHeaders(), ensurePermission('accessControl')],
async handler (req, res) {
const id = uuid();
const blocker = await Blocker({
_id: id,
...Blocker.sanitize(req.body),
}).save();
res.respond(200, blocker);
},
};
api.updateBlocker = {
method: 'PUT',
url: '/admin/blockers/:blockerId',
middlewares: [authWithHeaders(), ensurePermission('accessControl')],
async handler (req, res) {
req.checkParams('blockerId', res.t('blockerIdRequired')).notEmpty().isUUID();
const validationErrors = req.validationErrors();
if (validationErrors) throw validationErrors;
const blocker = await Blocker.findById(req.params.blockerId).exec();
if (!blocker) throw new NotFound(res.t('blockerNotFound'));
merge(blocker, Blocker.sanitize(req.body));
const savedBlocker = await blocker.save();
res.respond(200, savedBlocker);
},
};
api.deleteBlocker = {
method: 'DELETE',
url: '/admin/blockers/:blockerId',
middlewares: [authWithHeaders(), ensurePermission('accessControl')],
async handler (req, res) {
req.checkParams('blockerId', res.t('blockerIdRequired')).notEmpty().isUUID();
const validationErrors = req.validationErrors();
if (validationErrors) throw validationErrors;
const blocker = await Blocker.findById(req.params.blockerId).exec();
if (!blocker) throw new NotFound(res.t('blockerNotFound'));
blocker.disabled = true;
const savedBlocker = await blocker.save();
res.respond(200, savedBlocker);
},
};
🧑‍💼🎛️ Overhaul (#15270) * Add option to search for users by email or username in admin panel * Make Admin panel design more consistent * fix test * fix width of items * escape regex for searching users * load own user when pressing enter on empty field * add styling for warning buttons * improve sub styling * fix checkbox alignment in admin panel * Unify date preview display * Fix bottom button display * admin panel display improvements * remove autocannon file * search improvements * time travel button display fix * fix loading spinner * fix sorting * Split email search into multiple queries * fix email search * remove console * fix line break
2024-08-29 14:15:45 +00:00
export default api;
Reference in a new issue Copy permalink