discourse/app/models/user_profile.rb

# frozen_string_literal: true

require_dependency 'upload_creator'
class UserProfile < ActiveRecord::Base
  self.ignored_columns = %w{
    card_background
    profile_background
  }

  belongs_to :user, inverse_of: :user_profile
  belongs_to :card_background_upload, class_name: "Upload"
  belongs_to :profile_background_upload, class_name: "Upload"

  validates :bio_raw, length: { maximum: 3000 }
  validates :website, url: true, allow_blank: true, if: Proc.new { |c| c.new_record? || c.website_changed? }
  validates :user, presence: true
  before_save :cook
  after_save :trigger_badges

  validate :website_domain_validator, if: Proc.new { |c| c.new_record? || c.website_changed? }

  has_many :user_profile_views, dependent: :destroy

  BAKED_VERSION = 1

  def bio_excerpt(length = 350, opts = {})
    excerpt = PrettyText.excerpt(bio_cooked, length, opts).sub(/<br>$/, '')
    return excerpt if excerpt.blank? || (user.has_trust_level?(TrustLevel[1]) && !user.suspended?)
    PrettyText.strip_links(excerpt)
  end

  def bio_processed
    return bio_cooked if bio_cooked.blank? || (user.has_trust_level?(TrustLevel[1]) && !user.suspended?)
    PrettyText.strip_links(bio_cooked)
  end

  def bio_summary
    return nil unless bio_cooked.present?
    bio_excerpt(500, strip_links: true, text_entities: true)
  end

  def recook_bio
    self.bio_raw_will_change!
    cook
  end

  def upload_card_background(upload)
    self.update!(card_background_upload: upload)
  end

  def clear_card_background
    self.update!(card_background_upload: nil)
  end

  def upload_profile_background(upload)
    self.update!(profile_background_upload: upload)
  end

  def clear_profile_background
    self.update!(profile_background_upload: nil)
  end

  def self.rebake_old(limit)
    problems = []
    UserProfile.where('bio_cooked_version IS NULL OR bio_cooked_version < ?', BAKED_VERSION)
      .limit(limit).each do |p|
      begin
        p.rebake!
      rescue => e
        problems << { profile: p, ex: e }
      end
    end
    problems
  end

  def rebake!
    update_columns(bio_cooked: cooked, bio_cooked_version: BAKED_VERSION)
  end

  def self.import_url_for_user(background_url, user, options = nil)
    tempfile = FileHelper.download(
      background_url,
      max_file_size: SiteSetting.max_image_size_kb.kilobytes,
      tmp_file_name: "sso-profile-background",
      follow_redirect: true
    )

    return unless tempfile

    ext = FastImage.type(tempfile).to_s
    tempfile.rewind

    is_card_background = !options || options[:is_card_background]
    type = is_card_background ? "card_background" : "profile_background"

    upload = UploadCreator.new(tempfile, "external-profile-background." + ext, origin: background_url, type: type).create_for(user.id)

    if (is_card_background)
      user.user_profile.upload_card_background(upload)
    else
      user.user_profile.upload_profile_background(upload)
    end

  rescue Net::ReadTimeout, OpenURI::HTTPError
    # skip saving, we are not connected to the net
  ensure
    tempfile.close! if tempfile && tempfile.respond_to?(:close!)
  end

  protected

  def trigger_badges
    BadgeGranter.queue_badge_grant(Badge::Trigger::UserChange, user: self)
  end

  private

  def cooked
    if self.bio_raw.present?
      PrettyText.cook(self.bio_raw, omit_nofollow: user.has_trust_level?(TrustLevel[3]) && !SiteSetting.tl3_links_no_follow)
    else
      nil
    end
  end

  def cook
    if self.bio_raw.present?
      if bio_raw_changed?
        self.bio_cooked = cooked
        self.bio_cooked_version = BAKED_VERSION
      end
    else
      self.bio_cooked = nil
    end
  end

  def website_domain_validator
    allowed_domains = SiteSetting.user_website_domains_whitelist
    return if (allowed_domains.blank? || self.website.blank?)

    domain = begin
      URI.parse(self.website).host
    rescue URI::Error
    end
    self.errors.add :base, (I18n.t('user.website.domain_not_allowed', domains: allowed_domains.split('|').join(", "))) unless allowed_domains.split('|').include?(domain)
  end

end

# == Schema Information
#
# Table name: user_profiles
#
#  user_id                      :integer          not null, primary key
#  location                     :string
#  website                      :string
#  bio_raw                      :text
#  bio_cooked                   :text
#  dismissed_banner_key         :integer
#  bio_cooked_version           :integer
#  badge_granted_title          :boolean          default(FALSE)
#  views                        :integer          default(0), not null
#  profile_background_upload_id :integer
#  card_background_upload_id    :integer
#
# Indexes
#
#  index_user_profiles_on_bio_cooked_version  (bio_cooked_version)
#  index_user_profiles_on_card_background     (card_background)
#  index_user_profiles_on_profile_background  (profile_background)
#
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging 2019-05-02 18:17:27 -04:00			`# frozen_string_literal: true`

FEATURE: add profile_background fields into SSO (#5701) Add profile_background and card_background fields into Discourse SSO. 2018-05-07 04:03:26 -04:00			`require_dependency 'upload_creator'`
FEATURE: Add a location field to a user's profile 2014-05-27 13:54:04 -04:00			`class UserProfile < ActiveRecord::Base`
FIX: Properly associate user_profiles background urls via upload id. `Upload#url` is more likely and can change from time to time. When it does changes, we don't want to have to look through multiple tables to ensure that the URLs are all up to date. Instead, we simply associate uploads properly to `UserProfile` so that it does not have to replicate the URLs in the table. 2019-04-28 23:58:52 -04:00			`self.ignored_columns = %w{`
			`card_background`
			`profile_background`
			`}`
REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges 2018-04-24 09:46:57 -04:00
move bio to UserProfile from User 2014-06-10 01:19:08 -04:00			`belongs_to :user, inverse_of: :user_profile`
FIX: Properly associate user_profiles background urls via upload id. `Upload#url` is more likely and can change from time to time. When it does changes, we don't want to have to look through multiple tables to ensure that the URLs are all up to date. Instead, we simply associate uploads properly to `UserProfile` so that it does not have to replicate the URLs in the table. 2019-04-28 23:58:52 -04:00			`belongs_to :card_background_upload, class_name: "Upload"`
			`belongs_to :profile_background_upload, class_name: "Upload"`
move bio to UserProfile from User 2014-06-10 01:19:08 -04:00
FIX: Don't allow profile bios longer than 3k chars 2014-09-08 15:17:31 -04:00			`validates :bio_raw, length: { maximum: 3000 }`
Improve URL validation to check for a valid host. Parsing a URL with `URI` is not sufficient as the following cases are considered valid: URI.parse("http://https://google.com") => #<URI::HTTP http://https//google.com> 2017-12-20 23:27:17 -05:00			`validates :website, url: true, allow_blank: true, if: Proc.new { \|c\| c.new_record? \|\| c.website_changed? }`
move bio to UserProfile from User 2014-06-10 01:19:08 -04:00			`validates :user, presence: true`
			`before_save :cook`
FIX: faster update of all badges Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden Delta badge grant happens once a minute, backed by redis 2014-07-22 21:42:24 -04:00			`after_save :trigger_badges`
move bio to UserProfile from User 2014-06-10 01:19:08 -04:00
FEATURE: new setting to validate user website 2016-12-26 10:24:54 -05:00			`validate :website_domain_validator, if: Proc.new { \|c\| c.new_record? \|\| c.website_changed? }`

FEATURE: Track user profile views. 2015-09-14 03:51:17 -04:00			`has_many :user_profile_views, dependent: :destroy`
FEATURE: Allow users to select a badge with an image to appear on their user card 2014-10-20 13:15:58 -04:00
SECURITY: rebake old user profiles 2014-08-05 02:37:56 -04:00			`BAKED_VERSION = 1`

Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`def bio_excerpt(length = 350, opts = {})`
FIX: Don't incluide a trailing `<br>` in the bio excerpt 2017-05-18 16:39:48 -04:00			`excerpt = PrettyText.excerpt(bio_cooked, length, opts).sub(/<br>$/, '')`
FIX: Suspended users should have links stripped from their profiles. 2014-11-25 16:14:21 -05:00			`return excerpt if excerpt.blank? \|\| (user.has_trust_level?(TrustLevel[1]) && !user.suspended?)`
move bio to UserProfile from User 2014-06-10 01:19:08 -04:00			`PrettyText.strip_links(excerpt)`
			`end`

			`def bio_processed`
FIX: Suspended users should have links stripped from their profiles. 2014-11-25 16:14:21 -05:00			`return bio_cooked if bio_cooked.blank? \|\| (user.has_trust_level?(TrustLevel[1]) && !user.suspended?)`
move bio to UserProfile from User 2014-06-10 01:19:08 -04:00			`PrettyText.strip_links(bio_cooked)`
			`end`

			`def bio_summary`
			`return nil unless bio_cooked.present?`
FIX: remove links and html 'hellips' from topic/post summaries 2014-12-07 18:23:53 -05:00			`bio_excerpt(500, strip_links: true, text_entities: true)`
move bio to UserProfile from User 2014-06-10 01:19:08 -04:00			`end`

			`def recook_bio`
			`self.bio_raw_will_change!`
			`cook`
			`end`

Rename "User Expansion" to the much clearer "User Card" 2014-10-20 12:11:36 -04:00			`def upload_card_background(upload)`
FIX: Properly associate user_profiles background urls via upload id. `Upload#url` is more likely and can change from time to time. When it does changes, we don't want to have to look through multiple tables to ensure that the URLs are all up to date. Instead, we simply associate uploads properly to `UserProfile` so that it does not have to replicate the URLs in the table. 2019-04-28 23:58:52 -04:00			`self.update!(card_background_upload: upload)`
FEATURE: Allow a user to upload an image for their expansion background. 2014-10-16 15:05:36 -04:00			`end`

Rename "User Expansion" to the much clearer "User Card" 2014-10-20 12:11:36 -04:00			`def clear_card_background`
FIX: Properly associate user_profiles background urls via upload id. `Upload#url` is more likely and can change from time to time. When it does changes, we don't want to have to look through multiple tables to ensure that the URLs are all up to date. Instead, we simply associate uploads properly to `UserProfile` so that it does not have to replicate the URLs in the table. 2019-04-28 23:58:52 -04:00			`self.update!(card_background_upload: nil)`
FEATURE: Allow a user to upload an image for their expansion background. 2014-10-16 15:05:36 -04:00			`end`

move profile_background from User to UserProfile 2014-06-11 21:52:50 -04:00			`def upload_profile_background(upload)`
FIX: Properly associate user_profiles background urls via upload id. `Upload#url` is more likely and can change from time to time. When it does changes, we don't want to have to look through multiple tables to ensure that the URLs are all up to date. Instead, we simply associate uploads properly to `UserProfile` so that it does not have to replicate the URLs in the table. 2019-04-28 23:58:52 -04:00			`self.update!(profile_background_upload: upload)`
move profile_background from User to UserProfile 2014-06-11 21:52:50 -04:00			`end`

			`def clear_profile_background`
FIX: Properly associate user_profiles background urls via upload id. `Upload#url` is more likely and can change from time to time. When it does changes, we don't want to have to look through multiple tables to ensure that the URLs are all up to date. Instead, we simply associate uploads properly to `UserProfile` so that it does not have to replicate the URLs in the table. 2019-04-28 23:58:52 -04:00			`self.update!(profile_background_upload: nil)`
move profile_background from User to UserProfile 2014-06-11 21:52:50 -04:00			`end`

SECURITY: rebake old user profiles 2014-08-05 02:37:56 -04:00			`def self.rebake_old(limit)`
			`problems = []`
			`UserProfile.where('bio_cooked_version IS NULL OR bio_cooked_version < ?', BAKED_VERSION)`
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`.limit(limit).each do \|p\|`
SECURITY: rebake old user profiles 2014-08-05 02:37:56 -04:00			`begin`
			`p.rebake!`
			`rescue => e`
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`problems << { profile: p, ex: e }`
SECURITY: rebake old user profiles 2014-08-05 02:37:56 -04:00			`end`
			`end`
			`problems`
			`end`

			`def rebake!`
			`update_columns(bio_cooked: cooked, bio_cooked_version: BAKED_VERSION)`
			`end`

FEATURE: add profile_background fields into SSO (#5701) Add profile_background and card_background fields into Discourse SSO. 2018-05-07 04:03:26 -04:00			`def self.import_url_for_user(background_url, user, options = nil)`
			`tempfile = FileHelper.download(`
			`background_url,`
			`max_file_size: SiteSetting.max_image_size_kb.kilobytes,`
			`tmp_file_name: "sso-profile-background",`
			`follow_redirect: true`
			`)`

			`return unless tempfile`

			`ext = FastImage.type(tempfile).to_s`
			`tempfile.rewind`

			`is_card_background = !options \|\| options[:is_card_background]`
			`type = is_card_background ? "card_background" : "profile_background"`

			`upload = UploadCreator.new(tempfile, "external-profile-background." + ext, origin: background_url, type: type).create_for(user.id)`

			`if (is_card_background)`
			`user.user_profile.upload_card_background(upload)`
			`else`
			`user.user_profile.upload_profile_background(upload)`
			`end`

			`rescue Net::ReadTimeout, OpenURI::HTTPError`
			`# skip saving, we are not connected to the net`
			`ensure`
			`tempfile.close! if tempfile && tempfile.respond_to?(:close!)`
			`end`

FEATURE: Badge progress - Refactor model so it stores backfill query - Implement autobiographer - Remove sample badge - Correct featured badges to only include a badge once 2014-07-03 03:29:44 -04:00			`protected`

FIX: faster update of all badges Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden Delta badge grant happens once a minute, backed by redis 2014-07-22 21:42:24 -04:00			`def trigger_badges`
			`BadgeGranter.queue_badge_grant(Badge::Trigger::UserChange, user: self)`
FEATURE: Badge progress - Refactor model so it stores backfill query - Implement autobiographer - Remove sample badge - Correct featured badges to only include a badge once 2014-07-03 03:29:44 -04:00			`end`

move bio to UserProfile from User 2014-06-10 01:19:08 -04:00			`private`

SECURITY: rebake old user profiles 2014-08-05 02:37:56 -04:00			`def cooked`
			`if self.bio_raw.present?`
Internal renaming of elder,leader,regular,basic to numbers Changed internals so trust levels are referred to with TrustLevel[1], TrustLevel[2] etc. This gives us much better flexibility naming trust levels, these names are meant to be controlled by various communities. 2014-09-05 01:20:39 -04:00			`PrettyText.cook(self.bio_raw, omit_nofollow: user.has_trust_level?(TrustLevel[3]) && !SiteSetting.tl3_links_no_follow)`
SECURITY: rebake old user profiles 2014-08-05 02:37:56 -04:00			`else`
			`nil`
			`end`
			`end`

move bio to UserProfile from User 2014-06-10 01:19:08 -04:00			`def cook`
			`if self.bio_raw.present?`
SECURITY: rebake old user profiles 2014-08-05 02:37:56 -04:00			`if bio_raw_changed?`
			`self.bio_cooked = cooked`
			`self.bio_cooked_version = BAKED_VERSION`
			`end`
move bio to UserProfile from User 2014-06-10 01:19:08 -04:00			`else`
			`self.bio_cooked = nil`
			`end`
			`end`

FEATURE: new setting to validate user website 2016-12-26 10:24:54 -05:00			`def website_domain_validator`
Revert "FIX: User website allows new TLDs" 2017-04-18 03:48:51 -04:00			`allowed_domains = SiteSetting.user_website_domains_whitelist`
			`return if (allowed_domains.blank? \|\| self.website.blank?)`
FEATURE: new setting to validate user website 2016-12-26 10:24:54 -05:00
FIX: handle bad user profile website 2018-05-17 03:51:24 -04:00			`domain = begin`
			`URI.parse(self.website).host`
FIX: store the topic links using the cooked upload url 2018-08-14 06:23:32 -04:00			`rescue URI::Error`
FIX: handle bad user profile website 2018-05-17 03:51:24 -04:00			`end`
Revert "FIX: User website allows new TLDs" 2017-04-18 03:48:51 -04:00			`self.errors.add :base, (I18n.t('user.website.domain_not_allowed', domains: allowed_domains.split('\|').join(", "))) unless allowed_domains.split('\|').include?(domain)`
FEATURE: new setting to validate user website 2016-12-26 10:24:54 -05:00			`end`

FEATURE: Add a location field to a user's profile 2014-05-27 13:54:04 -04:00			`end`
BUGFIX: missing avatars in topic map Cleanup uneeded column 2014-05-29 00:59:14 -04:00
			`# == Schema Information`
			`#`
			`# Table name: user_profiles`
			`#`
FIX: Properly associate user_profiles background urls via upload id. `Upload#url` is more likely and can change from time to time. When it does changes, we don't want to have to look through multiple tables to ensure that the URLs are all up to date. Instead, we simply associate uploads properly to `UserProfile` so that it does not have to replicate the URLs in the table. 2019-04-28 23:58:52 -04:00			`# user_id :integer not null, primary key`
			`# location :string`
			`# website :string`
			`# bio_raw :text`
			`# bio_cooked :text`
			`# dismissed_banner_key :integer`
			`# bio_cooked_version :integer`
			`# badge_granted_title :boolean default(FALSE)`
			`# views :integer default(0), not null`
			`# profile_background_upload_id :integer`
			`# card_background_upload_id :integer`
PERF: last seen index on users 2014-08-06 23:33:11 -04:00			`#`
			`# Indexes`
			`#`
DEV: annotate models (also looks like renaming of bigint(8) -> bigint in annotate which seems fine) 2019-05-02 18:34:12 -04:00			`# index_user_profiles_on_bio_cooked_version (bio_cooked_version)`
			`# index_user_profiles_on_card_background (card_background)`
			`# index_user_profiles_on_profile_background (profile_background)`
BUGFIX: missing avatars in topic map Cleanup uneeded column 2014-05-29 00:59:14 -04:00			`#`