Noah Petherbridge
96e5b1abfa
Implement block lists. They work like friend lists but are unidirectional, but take effect in both directions (blocker and blockee can not see one another on the site -- except admin users can always see all users). * Profile page says 404 * User gallery says 404 * User search page filters out blocked users * Compose endpoint blocks sending messages to blocked users (except admin) * Site Gallery filters photos by blocked (and uncertified) users * Inbox page hides chat list for blocked users (can still read the chat history if you have a link to the old thread)
81 lines
2.1 KiB
Go
81 lines
2.1 KiB
Go
package inbox
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"git.kirsle.net/apps/gosocial/pkg/models"
|
|
"git.kirsle.net/apps/gosocial/pkg/session"
|
|
"git.kirsle.net/apps/gosocial/pkg/templates"
|
|
)
|
|
|
|
// Compose a new chat coming from a user's profile page.
|
|
func Compose() http.HandlerFunc {
|
|
tmpl := templates.Must("inbox/compose.html")
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
// To whom?
|
|
username := r.FormValue("to")
|
|
user, err := models.FindUser(username)
|
|
if err != nil {
|
|
templates.NotFoundPage(w, r)
|
|
return
|
|
}
|
|
|
|
currentUser, err := session.CurrentUser(r)
|
|
if err != nil {
|
|
session.FlashError(w, r, "Unexpected error: could not get currentUser.")
|
|
templates.Redirect(w, "/")
|
|
return
|
|
}
|
|
|
|
if currentUser.ID == user.ID {
|
|
session.FlashError(w, r, "You cannot send a message to yourself.")
|
|
templates.Redirect(w, "/messages")
|
|
return
|
|
}
|
|
|
|
// Any blocking?
|
|
if models.IsBlocking(currentUser.ID, user.ID) && !currentUser.IsAdmin {
|
|
session.FlashError(w, r, "You are blocked from sending a message to this user.")
|
|
templates.Redirect(w, "/messages")
|
|
return
|
|
}
|
|
|
|
// POSTing?
|
|
if r.Method == http.MethodPost {
|
|
var (
|
|
message = r.FormValue("message")
|
|
from = r.FormValue("from") // e.g. "inbox", default "profile", where to redirect to
|
|
)
|
|
if len(message) == 0 {
|
|
session.FlashError(w, r, "A message is required.")
|
|
templates.Redirect(w, r.URL.Path+"?to="+username)
|
|
return
|
|
}
|
|
|
|
// Post it!
|
|
m, err := models.SendMessage(currentUser.ID, user.ID, message)
|
|
if err != nil {
|
|
session.FlashError(w, r, "Failed to create the message in the database: %s", err)
|
|
templates.Redirect(w, r.URL.Path+"?to="+username)
|
|
return
|
|
}
|
|
|
|
session.Flash(w, r, "Your message has been delivered!")
|
|
if from == "inbox" {
|
|
templates.Redirect(w, fmt.Sprintf("/messages/read/%d", m.ID))
|
|
}
|
|
templates.Redirect(w, "/messages")
|
|
return
|
|
}
|
|
|
|
var vars = map[string]interface{}{
|
|
"User": user,
|
|
}
|
|
if err := tmpl.Execute(w, r, vars); err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
})
|
|
}
|