discourse/app/controllers/user_actions_controller.rb

# frozen_string_literal: true

class UserActionsController < ApplicationController

  def index
    params.require(:username)
    params.permit(:filter, :offset, :acting_username, :limit)

    user = fetch_user_from_params(include_inactive: current_user.try(:staff?) || (current_user && SiteSetting.show_inactive_accounts))
    raise Discourse::NotFound unless guardian.can_see_profile?(user)

    offset = [0, params[:offset].to_i].max
    action_types = (params[:filter] || "").split(",").map(&:to_i)
    limit = params.fetch(:limit, 30).to_i

    opts = {
      user_id: user.id,
      user: user,
      offset: offset,
      limit: limit,
      action_types: action_types,
      guardian: guardian,
      ignore_private_messages: params[:filter] ? false : true,
      acting_username: params[:acting_username]
    }

    stream = UserAction.stream(opts).to_a
    if stream.empty? && (help_key = params['no_results_help_key'])
      if user.id == guardian.user.try(:id)
        help_key += ".self"
      else
        help_key += ".others"
      end
      render json: {
        user_action: [],
        no_results_help: I18n.t(help_key)
      }
    else
      render_serialized(stream, UserActionSerializer, root: 'user_actions')
    end

  end

  def show
    params.require(:id)
    render_serialized(UserAction.stream_item(params[:id], guardian), UserActionSerializer)
  end

  def private_messages
    # DO NOT REMOVE
    # TODO should preload messages to avoid extra http req
  end

end
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging 2019-05-02 18:17:27 -04:00			`# frozen_string_literal: true`

Initial release of Discourse 2013-02-05 14:16:51 -05:00			`class UserActionsController < ApplicationController`
FEATURE: remove bookmark button in activity feed 2014-05-09 11:49:39 -04:00
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`def index`
introduce strong_parameters 2013-05-26 21:02:58 -04:00			`params.require(:username)`
FEATURE: Quick access panels in user menu (#8073) * Extract QuickAccessPanel from UserNotifications. * FEATURE: Quick access panels in user menu. This feature adds quick access panels for bookmarks and personal messages. It allows uses to browse recent items directly in the user menu, without being redirected to the full pages. * REFACTOR: Use QuickAccessItem for messages. Reusing `DefaultNotificationItem` feels nice but it actually requires a lot of extra work that is not needed for a quick access item. Also, `DefaultNotificationItem` shows an incorrect tooptip ("unread private message"), and it is not trivial to remove / override that. * Use a plain JS object instead. An Ember object was required when `DefaultNotificationItem` was used. * Prefix instead suffix `_` for private helpers. * Set to null instead of deleting object keys. JavaScript engines can optimize object property access based on the object’s shape. https://mathiasbynens.be/notes/shapes-ics * Change trivial try/catch to one-liners. * Return the promise in case needs to be waited on. * Refactor showAll to a link with href * Store `emptyStatePlaceholderItemText` in state. * Store items in Session singleton instead. We can drop `staleItems` (and `findStaleItems`) altogether. Because `(old) items === staleItems` when switching back to a quick access panel. * Add `limit` parameter to the `user_actions` API. * Explicitly import Session instead. 2019-09-09 11:03:57 -04:00			`params.permit(:filter, :offset, :acting_username, :limit)`
introduce strong_parameters 2013-05-26 21:02:58 -04:00
FEATURE: new site setting show_inactive_accounts 2017-12-07 01:23:27 -05:00			`user = fetch_user_from_params(include_inactive: current_user.try(:staff?) \|\| (current_user && SiteSetting.show_inactive_accounts))`
FEATURE: Option to disable user presence and profile This allows users who are privacy conscious to disable the presence features of the forum as well as their public profile. 2018-10-10 13:00:08 -04:00			`raise Discourse::NotFound unless guardian.can_see_profile?(user)`

FIX: ensure offset is always positive 2019-08-20 06:03:16 -04:00			`offset = [0, params[:offset].to_i].max`
FIX: Remove mentions filters from user and groups Additionally return no data if disabled 2017-12-07 16:16:53 -05:00			`action_types = (params[:filter] \|\| "").split(",").map(&:to_i)`
FEATURE: Quick access panels in user menu (#8073) * Extract QuickAccessPanel from UserNotifications. * FEATURE: Quick access panels in user menu. This feature adds quick access panels for bookmarks and personal messages. It allows uses to browse recent items directly in the user menu, without being redirected to the full pages. * REFACTOR: Use QuickAccessItem for messages. Reusing `DefaultNotificationItem` feels nice but it actually requires a lot of extra work that is not needed for a quick access item. Also, `DefaultNotificationItem` shows an incorrect tooptip ("unread private message"), and it is not trivial to remove / override that. * Use a plain JS object instead. An Ember object was required when `DefaultNotificationItem` was used. * Prefix instead suffix `_` for private helpers. * Set to null instead of deleting object keys. JavaScript engines can optimize object property access based on the object’s shape. https://mathiasbynens.be/notes/shapes-ics * Change trivial try/catch to one-liners. * Return the promise in case needs to be waited on. * Refactor showAll to a link with href * Store `emptyStatePlaceholderItemText` in state. * Store items in Session singleton instead. We can drop `staleItems` (and `findStaleItems`) altogether. Because `(old) items === staleItems` when switching back to a quick access panel. * Add `limit` parameter to the `user_actions` API. * Explicitly import Session instead. 2019-09-09 11:03:57 -04:00			`limit = params.fetch(:limit, 30).to_i`
Refactor + Fix: Wasn't correctly loading activity streams. Code is a lot more Ember-y now. 2013-05-22 11:20:16 -04:00
FEATURE: Consolidate likes notifications. (#6879) 2019-01-15 21:40:16 -05:00			`opts = {`
			`user_id: user.id,`
			`user: user,`
FIX: ensure offset is always positive 2019-08-20 06:03:16 -04:00			`offset: offset,`
FEATURE: Quick access panels in user menu (#8073) * Extract QuickAccessPanel from UserNotifications. * FEATURE: Quick access panels in user menu. This feature adds quick access panels for bookmarks and personal messages. It allows uses to browse recent items directly in the user menu, without being redirected to the full pages. * REFACTOR: Use QuickAccessItem for messages. Reusing `DefaultNotificationItem` feels nice but it actually requires a lot of extra work that is not needed for a quick access item. Also, `DefaultNotificationItem` shows an incorrect tooptip ("unread private message"), and it is not trivial to remove / override that. * Use a plain JS object instead. An Ember object was required when `DefaultNotificationItem` was used. * Prefix instead suffix `_` for private helpers. * Set to null instead of deleting object keys. JavaScript engines can optimize object property access based on the object’s shape. https://mathiasbynens.be/notes/shapes-ics * Change trivial try/catch to one-liners. * Return the promise in case needs to be waited on. * Refactor showAll to a link with href * Store `emptyStatePlaceholderItemText` in state. * Store items in Session singleton instead. We can drop `staleItems` (and `findStaleItems`) altogether. Because `(old) items === staleItems` when switching back to a quick access panel. * Add `limit` parameter to the `user_actions` API. * Explicitly import Session instead. 2019-09-09 11:03:57 -04:00			`limit: limit,`
FEATURE: Consolidate likes notifications. (#6879) 2019-01-15 21:40:16 -05:00			`action_types: action_types,`
			`guardian: guardian,`
			`ignore_private_messages: params[:filter] ? false : true,`
			`acting_username: params[:acting_username]`
			`}`
Users can see their pending posts 2015-04-21 14:36:46 -04:00
FEATURE: New 'Reviewable' model to make reviewable items generic Includes support for flags, reviewable users and queued posts, with REST API backwards compatibility. Co-Authored-By: romanrizzi <romanalejandro@gmail.com> Co-Authored-By: jjaffeux <j.jaffeux@gmail.com> 2019-01-03 12:03:01 -05:00			`stream = UserAction.stream(opts).to_a`
FIX: ensure offset is always positive 2019-08-20 06:03:16 -04:00			`if stream.empty? && (help_key = params['no_results_help_key'])`
FEATURE: add help text for no bookmarks in user page 2016-11-29 01:55:39 -05:00			`if user.id == guardian.user.try(:id)`
			`help_key += ".self"`
			`else`
got to be careful with integrity specs 2016-11-29 02:01:09 -05:00			`help_key += ".others"`
FEATURE: add help text for no bookmarks in user page 2016-11-29 01:55:39 -05:00			`end`
			`render json: {`
			`user_action: [],`
			`no_results_help: I18n.t(help_key)`
			`}`
			`else`
			`render_serialized(stream, UserActionSerializer, root: 'user_actions')`
			`end`

Initial release of Discourse 2013-02-05 14:16:51 -05:00			`end`

			`def show`
introduce strong_parameters 2013-05-26 21:02:58 -04:00			`params.require(:id)`
SECURITY: User action route was returning too much data 2014-08-29 13:46:50 -04:00			`render_serialized(UserAction.stream_item(params[:id], guardian), UserActionSerializer)`
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`end`

BUGFIX: 404 on /users/:user/private-messages 2014-05-12 06:02:32 -04:00			`def private_messages`
			`# DO NOT REMOVE`
FEATURE: split up group PMS on user page 2015-12-09 19:39:33 -05:00			`# TODO should preload messages to avoid extra http req`
BUGFIX: 404 on /users/:user/private-messages 2014-05-12 06:02:32 -04:00			`end`

Initial release of Discourse 2013-02-05 14:16:51 -05:00			`end`