Blacklist functionality

Some API improvements
2017-09-17 16:36:23 +02:00 · 2017-09-17 16:36:23 +02:00 · 9203b5cee7
commit 9203b5cee7
parent c343e4efd3
40 changed files with 726 additions and 398 deletions
--- a/models/blacklist.js
+++ b/models/blacklist.js
@ -0,0 +1,61 @@
+'use strict';
+
+const knex = require('../lib/knex');
+const dtHelpers = require('../lib/dt-helpers');
+const shares = require('./shares');
+const tools = require('../lib/tools-async');
+
+async function listDTAjax(context, params) {
+    shares.enforceGlobalPermission(context, 'manageBlacklist');
+
+    return await dtHelpers.ajaxList(
+        params,
+        builder => builder
+            .from('blacklist'),
+        ['blacklist.email']
+    );
+}
+
+async function add(context, email) {
+    return await knex.transaction(async tx => {
+        shares.enforceGlobalPermission(context, 'manageBlacklist');
+
+        const existing = await tx('blacklist').where('email', email).first();
+        if (!existing) {
+            await tx('blacklist').insert({email});
+        }
+    });
+}
+
+async function remove(context, email) {
+    shares.enforceGlobalPermission(context, 'manageBlacklist');
+    await knex('blacklist').where('email', email).del();
+}
+
+async function isBlacklisted(email) {
+    const existing = await knex('blacklist').where('email', email).first();
+    return !!existing;
+}
+
+async function serverValidate(context, data) {
+    shares.enforceGlobalPermission(context, 'manageBlacklist');
+    const result = {};
+
+    if (data.email) {
+        const user = await knex('blacklist').where('email', data.email).first();
+
+        result.email = {};
+        result.email.invalid = await tools.validateEmail(data.email) !== 0;
+        result.email.exists = !!user;
+    }
+
+    return result;
+}
+
+module.exports = {
+    listDTAjax,
+    add,
+    remove,
+    isBlacklisted,
+    serverValidate
+};
--- a/models/subscriptions.js
+++ b/models/subscriptions.js
@ -208,6 +208,8 @@ async function listDTAjax(context, listId, segmentId, params) {
    return await knex.transaction(async tx => {
        await shares.enforceEntityPermissionTx(tx, context, 'list', listId, 'viewSubscriptions');

+        const listTable = getTableName(listId);
+
        // All the data transformation below is to reuse ajaxListTx and groupSubscription methods so as to keep the code DRY
        // We first construct the columns to contain all which is supposed to be show and extraColumns which contain
        // everything else that constitutes the subscription.
@ -218,7 +220,14 @@ async function listDTAjax(context, listId, segmentId, params) {
        const groupedFieldsMap = await getGroupedFieldsMap(tx, listId);
        const listFlds = await fields.listByOrderListTx(tx, listId, ['column', 'id']);

-        const columns = ['id', 'cid', 'email', 'status', 'created'];
+        const columns = [
+            listTable + '.id',
+            listTable + '.cid',
+            listTable + '.email',
+            listTable + '.status',
+            listTable + '.created',
+            { name: 'blacklisted', raw: 'not isnull(blacklist.email)' }
+        ];
        const extraColumns = [];
        let listFldIdx = columns.length;
        const idxMap = {};
@ -228,10 +237,10 @@ async function listDTAjax(context, listId, segmentId, params) {
            const fld = groupedFieldsMap[fldKey];

            if (fld.column) {
-                columns.push(fld.column);
+                columns.push(listTable + '.' + fld.column);
            } else {
                columns.push({
-                    name: fldKey,
+                    name: listTable + '.' + fldKey,
                    raw: 0
                })
            }
@ -245,14 +254,14 @@ async function listDTAjax(context, listId, segmentId, params) {

            if (fld.column) {
                if (!(fldKey in idxMap)) {
-                    extraColumns.push(fld.column);
+                    extraColumns.push(listTable + '.' + fld.column);
                    idxMap[fldKey] = listFldIdx;
                    listFldIdx += 1;
                }

            } else {
                for (const optionColumn in fld.groupedOptions) {
-                    extraColumns.push(optionColumn);
+                    extraColumns.push(listTable + '.' + optionColumn);
                    idxMap[optionColumn] = listFldIdx;
                    listFldIdx += 1;
                }
@ -265,7 +274,10 @@ async function listDTAjax(context, listId, segmentId, params) {
            tx,
            params,
            builder => {
-                const query = builder.from(getTableName(listId));
+                const query = builder
+                    .from(listTable)
+                    .leftOuterJoin('blacklist', listTable + '.email', 'blacklist.email')
+                ;
                query.where(function() {
                    addSegmentQuery(this);
                });
--- a/models/users.js
+++ b/models/users.js
@ -267,6 +267,8 @@ async function getByUsernameIfPasswordMatch(username, password) {
            throw new interoperableErrors.IncorrectPasswordError();
        }

+        delete user.password;
+
        return user;

    } catch (err) {