From fc0a0a76a4133f6c8984039ecb2cd69fae18d285 Mon Sep 17 00:00:00 2001 From: Neil Lalonde Date: Tue, 10 Jan 2017 16:45:36 -0500 Subject: [PATCH] Add more info in staff action logs for blocking a user, and add logging for lock trust level, activate, and deactive user --- app/controllers/admin/users_controller.rb | 5 +++++ app/models/user_history.rb | 10 ++++++++-- app/services/staff_action_logger.rb | 17 +++++++++++++++++ app/services/user_blocker.rb | 7 +++++-- config/locales/client.en.yml | 4 ++++ config/locales/server.en.yml | 2 ++ 6 files changed, 41 insertions(+), 4 deletions(-) diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index 2ee6db17710..2359bc31e2a 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -46,6 +46,7 @@ class Admin::UsersController < Admin::AdminController def delete_all_posts @user = User.find_by(id: params[:user_id]) @user.delete_all_posts!(guardian) + # staff action logs will have an entry for each post render nothing: true end @@ -182,6 +183,8 @@ class Admin::UsersController < Admin::AdminController @user.trust_level_locked = new_lock == "true" @user.save + StaffActionLogger.new(current_user).log_lock_trust_level(@user) + unless @user.trust_level_locked p = Promotion.new(@user) 2.times{ p.review } @@ -210,12 +213,14 @@ class Admin::UsersController < Admin::AdminController def activate guardian.ensure_can_activate!(@user) @user.activate + StaffActionLogger.new(current_user).log_user_activate(@user, I18n.t('user.activated_by_staff')) render json: success_json end def deactivate guardian.ensure_can_deactivate!(@user) @user.deactivate + StaffActionLogger.new(current_user).log_user_deactivate(@user, I18n.t('user.deactivated_by_staff')) refresh_browser @user render nothing: true end diff --git a/app/models/user_history.rb b/app/models/user_history.rb index 635014b1d08..e7db96a5f64 100644 --- a/app/models/user_history.rb +++ b/app/models/user_history.rb @@ -55,7 +55,10 @@ class UserHistory < ActiveRecord::Base rate_limited_like: 37, # not used anymore revoke_email: 38, deactivate_user: 39, - wizard_step: 40 + wizard_step: 40, + lock_trust_level: 41, + unlock_trust_level: 42, + activate_user: 43 ) end @@ -91,7 +94,10 @@ class UserHistory < ActiveRecord::Base :revoke_moderation, :backup_operation, :revoke_email, - :deactivate_user] + :deactivate_user, + :lock_trust_level, + :unlock_trust_level, + :activate_user] end def self.staff_action_ids diff --git a/app/services/staff_action_logger.rb b/app/services/staff_action_logger.rb index 57c213b4e2f..f3d6472c688 100644 --- a/app/services/staff_action_logger.rb +++ b/app/services/staff_action_logger.rb @@ -96,6 +96,14 @@ class StaffActionLogger })) end + def log_lock_trust_level(user, opts={}) + raise Discourse::InvalidParameters.new(:user) unless user && user.is_a?(User) + UserHistory.create!( params(opts).merge({ + action: UserHistory.actions[user.trust_level_locked ? :lock_trust_level : :unlock_trust_level], + target_user_id: user.id + })) + end + def log_site_setting_change(setting_name, previous_value, new_value, opts={}) raise Discourse::InvalidParameters.new(:setting_name) unless setting_name.present? && SiteSetting.respond_to?(setting_name) UserHistory.create( params(opts).merge({ @@ -353,6 +361,15 @@ class StaffActionLogger })) end + def log_user_activate(user, reason, opts={}) + raise Discourse::InvalidParameters.new(:user) unless user + UserHistory.create(params(opts).merge({ + action: UserHistory.actions[:activate_user], + target_user_id: user.id, + details: reason + })) + end + def log_wizard_step(step, opts={}) raise Discourse::InvalidParameters.new(:step) unless step UserHistory.create(params(opts).merge({ diff --git a/app/services/user_blocker.rb b/app/services/user_blocker.rb index 5ee5bc01892..cda62083c95 100644 --- a/app/services/user_blocker.rb +++ b/app/services/user_blocker.rb @@ -17,8 +17,11 @@ class UserBlocker unless @user.blocked? @user.blocked = true if @user.save - SystemMessage.create(@user, @opts[:message] || :blocked_by_staff) - StaffActionLogger.new(@by_user).log_block_user(@user) if @by_user + message_type = @opts[:message] || :blocked_by_staff + post = SystemMessage.create(@user, message_type) + if post && @by_user + StaffActionLogger.new(@by_user).log_block_user(@user, {context: "#{message_type}: '#{post.topic&.title rescue ''}'"}) + end end else false diff --git a/config/locales/client.en.yml b/config/locales/client.en.yml index 4f78ac68218..7f3deca07a7 100644 --- a/config/locales/client.en.yml +++ b/config/locales/client.en.yml @@ -2914,6 +2914,10 @@ en: deleted_tag: "deleted tag" renamed_tag: "renamed tag" revoke_email: "revoke email" + lock_trust_level: "lock trust level" + unlock_trust_level: "unlock trust level" + activate_user: "activate user" + deactivate_user: "deactivate user" screened_emails: title: "Screened Emails" description: "When someone tries to create a new account, the following email addresses will be checked and the registration will be blocked, or some other action performed." diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml index d4bb1d73f01..36c1b5e51b8 100644 --- a/config/locales/server.en.yml +++ b/config/locales/server.en.yml @@ -1615,6 +1615,8 @@ en: user: no_accounts_associated: "No accounts associated" deactivated: "Was deactivated due to too many bounced emails to '%{email}'." + deactivated_by_staff: "Deactivated by staff" + activated_by_staff: "Activated by staff" username: short: "must be at least %{min} characters" long: "must be no more than %{max} characters"