Add consumable invites (#5814)

* Add consumable invites * Add UI for generating invite codes * Add tests * Display max uses and expiration in invites table, delete invite * Remove unused column and redundant validator - Default follows not used, probably bad idea - InviteCodeValidator is redundant because RegistrationsController checks invite code validity * Add admin setting to disable invites * Add admin UI for invites, configurable role for invite creation - Admin UI that lists everyone's invites, always available - Admin setting min_invite_role to control who can invite people - Non-admin invite UI only visible if users are allowed to * Do not remove invites from database, expire them instantly
2017-11-27 16:07:59 +01:00 · 2017-11-27 16:07:59 +01:00 · 740f8a95a9
commit 740f8a95a9
parent 0ea4478b68
28 changed files with 439 additions and 5 deletions
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -231,6 +231,8 @@ en:
      reset: Reset
      search: Search
      title: Known instances
+    invites:
+      title: Invites
    reports:
      action_taken_by: Action taken by
      are_you_sure: Are you sure?
@ -269,6 +271,9 @@ en:
        deletion:
          desc_html: Allow anyone to delete their account
          title: Open account deletion
+        min_invite_role:
+          disabled: No one
+          title: Allow invitations by
        open:
          desc_html: Allow anyone to create an account
          title: Open registration
@ -424,6 +429,25 @@ en:
      muting: Muting list
    upload: Upload
  in_memoriam_html: In Memoriam.
+  invites:
+    delete: Delete
+    expires_in:
+      '1800': 30 minutes
+      '21600': 6 hours
+      '3600': 1 hour
+      '43200': 12 hours
+      '86400': 1 day
+    expires_in_prompt: Never
+    generate: Generate
+    max_uses:
+      one: 1 use
+      other: "%{count} uses"
+    max_uses_prompt: No limit
+    prompt: Generate and share links with others to grant access to this instance
+    table:
+      expires_at: Expires
+      uses: Uses
+    title: Invite people
  landing_strip_html: "<strong>%{name}</strong> is a user on %{link_to_root_path}. You can follow them or interact with them if you have an account anywhere in the fediverse."
  landing_strip_signup_html: If you don't, you can <a href="%{sign_up_path}">sign up here</a>.
  media_attachments:
--- a/config/locales/simple_form.en.yml
+++ b/config/locales/simple_form.en.yml
@ -30,10 +30,12 @@ en:
        data: Data
        display_name: Display name
        email: E-mail address
+        expires_in: Expire after
        filtered_languages: Filtered languages
        header: Header
        locale: Language
        locked: Lock account
+        max_uses: Max number of uses
        new_password: New password
        note: Bio
        otp_attempt: Two-factor code
--- a/config/navigation.rb
+++ b/config/navigation.rb
@ -16,6 +16,8 @@ SimpleNavigation::Configuration.run do |navigation|
      settings.item :follower_domains, safe_join([fa_icon('users fw'), t('settings.followers')]), settings_follower_domains_url
    end

+    primary.item :invites, safe_join([fa_icon('user-plus fw'), t('invites.title')]), invites_path, if: proc { Setting.min_invite_role == 'user' }
+
    primary.item :development, safe_join([fa_icon('code fw'), t('settings.development')]), settings_applications_url do |development|
      development.item :your_apps, safe_join([fa_icon('list fw'), t('settings.your_apps')]), settings_applications_url, highlights_on: %r{/settings/applications}
    end
@ -24,6 +26,7 @@ SimpleNavigation::Configuration.run do |navigation|
      admin.item :action_logs, safe_join([fa_icon('bars fw'), t('admin.action_logs.title')]), admin_action_logs_url
      admin.item :reports, safe_join([fa_icon('flag fw'), t('admin.reports.title')]), admin_reports_url, highlights_on: %r{/admin/reports}
      admin.item :accounts, safe_join([fa_icon('users fw'), t('admin.accounts.title')]), admin_accounts_url, highlights_on: %r{/admin/accounts}
+      admin.item :invites, safe_join([fa_icon('user-plus fw'), t('admin.invites.title')]), admin_invites_path
      admin.item :instances, safe_join([fa_icon('cloud fw'), t('admin.instances.title')]), admin_instances_url, highlights_on: %r{/admin/instances}, if: -> { current_user.admin? }
      admin.item :domain_blocks, safe_join([fa_icon('lock fw'), t('admin.domain_blocks.title')]), admin_domain_blocks_url, highlights_on: %r{/admin/domain_blocks}, if: -> { current_user.admin? }
      admin.item :email_domain_blocks, safe_join([fa_icon('envelope fw'), t('admin.email_domain_blocks.title')]), admin_email_domain_blocks_url, highlights_on: %r{/admin/email_domain_blocks}, if: -> { current_user.admin? }
--- a/config/routes.rb
+++ b/config/routes.rb
@ -22,6 +22,10 @@ Rails.application.routes.draw do
  get 'manifest', to: 'manifests#show', defaults: { format: 'json' }
  get 'intent', to: 'intents#show'

+  devise_scope :user do
+    get '/invite/:invite_code', to: 'auth/registrations#new', as: :public_invite
+  end
+
  devise_for :users, path: 'auth', controllers: {
    sessions:           'auth/sessions',
    registrations:      'auth/registrations',
@ -99,6 +103,7 @@ Rails.application.routes.draw do
  resources :media,  only: [:show]
  resources :tags,   only: [:show]
  resources :emojis, only: [:show]
+  resources :invites, only: [:index, :create, :destroy]

  get '/media_proxy/:id/(*any)', to: 'media_proxy#show', as: :media_proxy

@ -112,6 +117,7 @@ Rails.application.routes.draw do
    resources :email_domain_blocks, only: [:index, :new, :create, :destroy]
    resources :action_logs, only: [:index]
    resource :settings, only: [:edit, :update]
+    resources :invites, only: [:index, :create, :destroy]

    resources :instances, only: [:index] do
      collection do
--- a/config/settings.yml
+++ b/config/settings.yml
@ -16,6 +16,7 @@ defaults: &defaults
  open_registrations: true
  closed_registrations_message: ''
  open_deletion: true
+  min_invite_role: 'admin'
  timeline_preview: true
  show_staff_badge: true
  default_sensitive: false