2020-01-26 20:34:25 +01:00
|
|
|
defmodule Mobilizon.GraphQL.Resolvers.User do
|
2019-01-03 14:59:59 +01:00
|
|
|
@moduledoc """
|
2019-09-22 16:26:23 +02:00
|
|
|
Handles the user-related GraphQL calls.
|
2019-01-03 14:59:59 +01:00
|
|
|
"""
|
2019-09-08 00:05:54 +02:00
|
|
|
|
2019-09-22 16:26:23 +02:00
|
|
|
import Mobilizon.Users.Guards
|
|
|
|
|
2021-10-29 10:42:37 +02:00
|
|
|
alias Mobilizon.{Actors, Admin, Config, Events, FollowedGroupActivity, Users}
|
2019-03-05 17:23:05 +01:00
|
|
|
alias Mobilizon.Actors.Actor
|
2023-05-03 11:57:46 +02:00
|
|
|
alias Mobilizon.Federation.ActivityPub.Actions
|
2023-01-31 19:35:29 +01:00
|
|
|
alias Mobilizon.Service.Akismet
|
2020-06-27 19:12:45 +02:00
|
|
|
alias Mobilizon.Service.Auth.Authenticator
|
2020-02-18 08:57:00 +01:00
|
|
|
alias Mobilizon.Storage.{Page, Repo}
|
|
|
|
alias Mobilizon.Users.{Setting, User}
|
2019-09-08 00:05:54 +02:00
|
|
|
|
2020-01-26 21:36:50 +01:00
|
|
|
alias Mobilizon.Web.{Auth, Email}
|
2020-09-29 09:53:48 +02:00
|
|
|
import Mobilizon.Web.Gettext
|
2020-01-23 00:55:07 +01:00
|
|
|
|
2018-11-28 17:16:23 +01:00
|
|
|
require Logger
|
2018-11-06 10:30:27 +01:00
|
|
|
|
|
|
|
@doc """
|
2019-10-15 21:18:03 +02:00
|
|
|
Find an user by its ID
|
2018-11-06 10:30:27 +01:00
|
|
|
"""
|
2021-09-28 19:40:37 +02:00
|
|
|
@spec find_user(any(), map(), Absinthe.Resolution.t()) :: {:ok, User.t()} | {:error, String.t()}
|
2020-06-11 19:13:21 +02:00
|
|
|
def find_user(_parent, %{id: id}, %{context: %{current_user: %User{role: role}}})
|
|
|
|
when is_moderator(role) do
|
2022-09-20 16:53:26 +02:00
|
|
|
case Users.get_user_with_actors(id) do
|
|
|
|
{:ok, %User{} = user} ->
|
|
|
|
{:ok, user}
|
|
|
|
|
|
|
|
_ ->
|
|
|
|
{:error, :user_not_found}
|
2020-06-11 19:13:21 +02:00
|
|
|
end
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
|
2022-09-20 16:53:26 +02:00
|
|
|
def find_user(_parent, _args, _resolution) do
|
|
|
|
{:error, :unauthorized}
|
|
|
|
end
|
|
|
|
|
2018-11-06 10:30:27 +01:00
|
|
|
@doc """
|
|
|
|
Return current logged-in user
|
|
|
|
"""
|
2021-09-24 16:46:42 +02:00
|
|
|
@spec get_current_user(any, map(), Absinthe.Resolution.t()) ::
|
|
|
|
{:error, :unauthenticated} | {:ok, Mobilizon.Users.User.t()}
|
2021-09-10 11:35:32 +02:00
|
|
|
def get_current_user(_parent, _args, %{context: %{current_user: %User{} = user}}) do
|
2018-11-06 10:30:27 +01:00
|
|
|
{:ok, user}
|
|
|
|
end
|
|
|
|
|
|
|
|
def get_current_user(_parent, _args, _resolution) do
|
2020-11-30 10:24:31 +01:00
|
|
|
{:error, :unauthenticated}
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
|
2019-03-01 11:41:28 +01:00
|
|
|
@doc """
|
|
|
|
List instance users
|
|
|
|
"""
|
2021-09-28 19:40:37 +02:00
|
|
|
@spec list_users(any(), map(), Absinthe.Resolution.t()) ::
|
|
|
|
{:ok, Page.t(User.t())} | {:error, :unauthorized}
|
2020-06-11 19:13:21 +02:00
|
|
|
def list_users(
|
2019-03-01 11:41:28 +01:00
|
|
|
_parent,
|
2022-01-14 18:10:50 +01:00
|
|
|
args,
|
2020-01-26 20:34:25 +01:00
|
|
|
%{context: %{current_user: %User{role: role}}}
|
2019-03-06 18:45:26 +01:00
|
|
|
)
|
|
|
|
when is_moderator(role) do
|
2022-01-14 18:10:50 +01:00
|
|
|
{:ok, Users.list_users(Keyword.new(args))}
|
2019-03-01 11:41:28 +01:00
|
|
|
end
|
|
|
|
|
2020-06-11 19:13:21 +02:00
|
|
|
def list_users(_parent, _args, _resolution) do
|
2020-11-30 10:24:31 +01:00
|
|
|
{:error, :unauthorized}
|
2020-01-26 20:34:25 +01:00
|
|
|
end
|
2019-03-06 18:45:26 +01:00
|
|
|
|
2018-11-12 23:30:47 +01:00
|
|
|
@doc """
|
2018-11-06 10:30:27 +01:00
|
|
|
Login an user. Returns a token and the user
|
|
|
|
"""
|
2021-09-28 19:40:37 +02:00
|
|
|
@spec login_user(any(), map(), Absinthe.Resolution.t()) ::
|
|
|
|
{:ok, map()} | {:error, :user_not_found | String.t()}
|
2020-08-28 09:23:49 +02:00
|
|
|
def login_user(_parent, %{email: email, password: password}, %{context: context}) do
|
|
|
|
with {:ok,
|
|
|
|
%{
|
|
|
|
access_token: _access_token,
|
|
|
|
refresh_token: _refresh_token,
|
|
|
|
user: %User{} = user
|
|
|
|
} = user_and_tokens} <- Authenticator.authenticate(email, password),
|
2021-09-10 11:27:59 +02:00
|
|
|
{:ok, %User{} = user} <- update_user_login_information(user, context) do
|
|
|
|
{:ok, %{user_and_tokens | user: user}}
|
2020-08-28 09:23:49 +02:00
|
|
|
else
|
2018-11-06 10:30:27 +01:00
|
|
|
{:error, :user_not_found} ->
|
2020-11-30 10:24:31 +01:00
|
|
|
{:error, :user_not_found}
|
2018-11-06 10:30:27 +01:00
|
|
|
|
2020-07-06 17:33:40 +02:00
|
|
|
{:error, :disabled_user} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "This user has been disabled")}
|
2020-07-06 17:33:40 +02:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
{:error, _error} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error,
|
|
|
|
dgettext(
|
|
|
|
"errors",
|
|
|
|
"Impossible to authenticate, either your email or password are invalid."
|
|
|
|
)}
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-08-12 16:04:16 +02:00
|
|
|
@doc """
|
|
|
|
Refresh a token
|
|
|
|
"""
|
2021-09-28 19:40:37 +02:00
|
|
|
@spec refresh_token(any(), map(), Absinthe.Resolution.t()) ::
|
|
|
|
{:ok, map()} | {:error, String.t()}
|
2021-05-31 12:08:06 +02:00
|
|
|
def refresh_token(_parent, %{refresh_token: refresh_token}, _resolution) do
|
2020-01-23 21:59:50 +01:00
|
|
|
with {:ok, user, _claims} <- Auth.Guardian.resource_from_token(refresh_token),
|
2019-08-12 17:41:41 +02:00
|
|
|
{:ok, _old, {exchanged_token, _claims}} <-
|
2021-05-31 12:08:06 +02:00
|
|
|
Auth.Guardian.exchange(refresh_token, "refresh", "access"),
|
|
|
|
{:ok, new_refresh_token} <- Authenticator.generate_refresh_token(user),
|
|
|
|
{:ok, _claims} <- Auth.Guardian.revoke(refresh_token) do
|
|
|
|
{:ok, %{access_token: exchanged_token, refresh_token: new_refresh_token}}
|
2019-08-12 16:04:16 +02:00
|
|
|
else
|
|
|
|
{:error, message} ->
|
|
|
|
Logger.debug("Cannot refresh user token: #{inspect(message)}")
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "Cannot refresh the token")}
|
2019-08-12 16:04:16 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-01-26 20:34:25 +01:00
|
|
|
def refresh_token(_parent, _params, _context) do
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "You need to have an existing token to get a refresh token")}
|
2020-01-26 20:34:25 +01:00
|
|
|
end
|
2019-08-12 16:04:16 +02:00
|
|
|
|
2021-09-28 19:40:37 +02:00
|
|
|
@spec logout(any(), map(), Absinthe.Resolution.t()) ::
|
|
|
|
{:ok, String.t()}
|
|
|
|
| {:error, :token_not_found | :unable_to_logout | :unauthenticated | :invalid_argument}
|
2021-05-25 11:00:46 +02:00
|
|
|
def logout(_parent, %{refresh_token: refresh_token}, %{context: %{current_user: %User{}}}) do
|
|
|
|
with {:ok, _claims} <- Auth.Guardian.decode_and_verify(refresh_token, %{"typ" => "refresh"}),
|
|
|
|
{:ok, _claims} <- Auth.Guardian.revoke(refresh_token) do
|
|
|
|
{:ok, refresh_token}
|
|
|
|
else
|
|
|
|
{:error, :token_not_found} ->
|
|
|
|
{:error, :token_not_found}
|
|
|
|
|
|
|
|
{:error, error} ->
|
|
|
|
Logger.debug("Cannot remove user refresh token: #{inspect(error)}")
|
|
|
|
{:error, :unable_to_logout}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def logout(_parent, %{refresh_token: _refresh_token}, _context) do
|
|
|
|
{:error, :unauthenticated}
|
|
|
|
end
|
|
|
|
|
|
|
|
def logout(_parent, _params, _context) do
|
|
|
|
{:error, :invalid_argument}
|
|
|
|
end
|
|
|
|
|
2018-11-12 23:30:47 +01:00
|
|
|
@doc """
|
2019-03-22 10:53:38 +01:00
|
|
|
Register an user:
|
|
|
|
- check registrations are enabled
|
2018-11-06 10:30:27 +01:00
|
|
|
- create the user
|
|
|
|
- send a validation email to the user
|
|
|
|
"""
|
2021-09-28 19:40:37 +02:00
|
|
|
@spec create_user(any, %{email: String.t()}, any) :: {:ok, User.t()} | {:error, String.t()}
|
2023-01-31 19:33:33 +01:00
|
|
|
def create_user(_parent, %{email: email} = args, %{context: context}) do
|
|
|
|
current_ip = Map.get(context, :ip)
|
|
|
|
user_agent = Map.get(context, :user_agent, "")
|
|
|
|
now = DateTime.utc_now()
|
|
|
|
|
2021-11-16 11:38:17 +01:00
|
|
|
with {:ok, email} <- lowercase_domain(email),
|
|
|
|
:registration_ok <- check_registration_config(email),
|
2021-08-08 19:46:39 +02:00
|
|
|
:not_deny_listed <- check_registration_denylist(email),
|
2023-01-31 19:35:29 +01:00
|
|
|
{:akismet, :ham} <-
|
|
|
|
{:akismet, Akismet.check_user(email, current_ip, user_agent)},
|
2023-01-31 19:33:33 +01:00
|
|
|
{:ok, %User{} = user} <-
|
|
|
|
args
|
|
|
|
|> Map.merge(%{email: email, current_sign_in_ip: current_ip, current_sign_in_at: now})
|
|
|
|
|> Users.register() do
|
2022-04-05 12:16:22 +02:00
|
|
|
Email.User.send_confirmation_email(user, Map.get(args, :locale, "en"))
|
2018-11-29 17:43:22 +01:00
|
|
|
{:ok, user}
|
2019-03-22 10:53:38 +01:00
|
|
|
else
|
2021-11-16 11:38:17 +01:00
|
|
|
{:error, :invalid_email} ->
|
|
|
|
{:error, dgettext("errors", "Your email seems to be using an invalid format")}
|
|
|
|
|
2019-12-17 12:09:24 +01:00
|
|
|
:registration_closed ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "Registrations are not open")}
|
2019-03-22 10:53:38 +01:00
|
|
|
|
2020-09-29 09:53:48 +02:00
|
|
|
:not_allowlisted ->
|
|
|
|
{:error, dgettext("errors", "Your email is not on the allowlist")}
|
2019-12-17 12:09:24 +01:00
|
|
|
|
2021-08-08 19:46:39 +02:00
|
|
|
:deny_listed ->
|
|
|
|
{:error,
|
|
|
|
dgettext(
|
|
|
|
"errors",
|
|
|
|
"Your e-mail has been denied registration or uses a disallowed e-mail provider"
|
|
|
|
)}
|
|
|
|
|
2023-01-31 19:35:29 +01:00
|
|
|
{:akismet, _} ->
|
|
|
|
{:error,
|
|
|
|
dgettext(
|
|
|
|
"errors",
|
|
|
|
"Your registration has been detected as spam and cannot be processed."
|
|
|
|
)}
|
|
|
|
|
2020-10-01 15:07:15 +02:00
|
|
|
{:error, error} ->
|
|
|
|
{:error, error}
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-28 19:40:37 +02:00
|
|
|
@spec check_registration_config(String.t()) ::
|
|
|
|
:registration_ok | :registration_closed | :not_allowlisted
|
2021-08-08 19:46:39 +02:00
|
|
|
defp check_registration_config(email) do
|
2019-12-17 12:09:24 +01:00
|
|
|
cond do
|
|
|
|
Config.instance_registrations_open?() ->
|
|
|
|
:registration_ok
|
|
|
|
|
2020-09-29 09:53:48 +02:00
|
|
|
Config.instance_registrations_allowlist?() ->
|
2021-09-10 11:27:59 +02:00
|
|
|
check_allow_listed_email(email)
|
2019-12-17 12:09:24 +01:00
|
|
|
|
|
|
|
true ->
|
|
|
|
:registration_closed
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-10 11:27:59 +02:00
|
|
|
@spec check_registration_denylist(String.t()) :: :deny_listed | :not_deny_listed
|
2021-08-08 19:46:39 +02:00
|
|
|
defp check_registration_denylist(email) do
|
|
|
|
# Remove everything behind the +
|
|
|
|
email = String.replace(email, ~r/(\+.*)(?=\@)/, "")
|
|
|
|
|
2021-11-16 11:38:17 +01:00
|
|
|
if email_in_list?(email, Config.instance_registrations_denylist()),
|
2021-08-08 19:46:39 +02:00
|
|
|
do: :deny_listed,
|
|
|
|
else: :not_deny_listed
|
|
|
|
end
|
|
|
|
|
2021-09-10 11:27:59 +02:00
|
|
|
@spec check_allow_listed_email(String.t()) :: :registration_ok | :not_allowlisted
|
|
|
|
defp check_allow_listed_email(email) do
|
2021-11-16 11:38:17 +01:00
|
|
|
if email_in_list?(email, Config.instance_registrations_allowlist()),
|
2021-08-08 19:46:39 +02:00
|
|
|
do: :registration_ok,
|
|
|
|
else: :not_allowlisted
|
|
|
|
end
|
|
|
|
|
2021-11-16 11:38:17 +01:00
|
|
|
@spec email_in_list?(String.t(), list(String.t())) :: boolean()
|
|
|
|
defp email_in_list?(email, list) do
|
|
|
|
[_, domain] = split_email(email)
|
2019-12-17 12:09:24 +01:00
|
|
|
|
2021-08-08 19:46:39 +02:00
|
|
|
domain in list or email in list
|
2019-12-17 12:09:24 +01:00
|
|
|
end
|
|
|
|
|
2021-11-16 11:38:17 +01:00
|
|
|
# Domains should always be lower-case, so let's force that
|
|
|
|
@spec lowercase_domain(String.t()) :: {:ok, String.t()} | {:error, :invalid_email}
|
2022-10-18 16:19:41 +02:00
|
|
|
defp lowercase_domain(email) when is_binary(email) do
|
2021-11-16 11:38:17 +01:00
|
|
|
case split_email(email) do
|
|
|
|
[user_part, domain_part] ->
|
|
|
|
{:ok, "#{user_part}@#{String.downcase(domain_part)}"}
|
|
|
|
|
|
|
|
_ ->
|
|
|
|
{:error, :invalid_email}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-10-18 16:19:41 +02:00
|
|
|
defp lowercase_domain(_), do: {:error, :invalid_email}
|
|
|
|
|
2021-11-16 11:38:17 +01:00
|
|
|
@spec split_email(String.t()) :: list(String.t())
|
|
|
|
defp split_email(email), do: String.split(email, "@", parts: 2, trim: true)
|
|
|
|
|
2018-11-06 10:30:27 +01:00
|
|
|
@doc """
|
2019-10-15 21:18:03 +02:00
|
|
|
Validate an user, get its actor and a token
|
2018-11-06 10:30:27 +01:00
|
|
|
"""
|
2021-09-24 16:46:42 +02:00
|
|
|
@spec validate_user(map(), %{token: String.t()}, map()) :: {:ok, map()} | {:error, String.t()}
|
2018-11-06 10:30:27 +01:00
|
|
|
def validate_user(_parent, %{token: token}, _resolution) do
|
2021-09-10 11:35:32 +02:00
|
|
|
case Email.User.check_confirmation_token(token) do
|
|
|
|
{:ok, %User{} = user} ->
|
|
|
|
actor = Users.get_actor_for_user(user)
|
|
|
|
|
|
|
|
{:ok, %{access_token: access_token, refresh_token: refresh_token}} =
|
|
|
|
Authenticator.generate_tokens(user)
|
|
|
|
|
|
|
|
{:ok,
|
|
|
|
%{
|
|
|
|
access_token: access_token,
|
|
|
|
refresh_token: refresh_token,
|
|
|
|
user: Map.put(user, :default_actor, actor)
|
|
|
|
}}
|
|
|
|
|
|
|
|
{:error, :invalid_token} ->
|
|
|
|
Logger.info("Invalid token #{token} to validate user")
|
|
|
|
{:error, dgettext("errors", "Unable to validate user")}
|
2020-01-26 20:34:25 +01:00
|
|
|
|
2021-09-10 11:35:32 +02:00
|
|
|
{:error, %Ecto.Changeset{} = err} ->
|
|
|
|
Logger.info("Unable to validate user with token #{token}")
|
|
|
|
Logger.debug(inspect(err))
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "Unable to validate user")}
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@doc """
|
|
|
|
Send the confirmation email again.
|
2021-03-25 10:22:40 +01:00
|
|
|
We only do this to accounts not activated
|
2018-11-06 10:30:27 +01:00
|
|
|
"""
|
2019-10-01 13:08:09 +02:00
|
|
|
def resend_confirmation_email(_parent, args, _resolution) do
|
2022-10-18 16:19:41 +02:00
|
|
|
with {:ok, email} <- lowercase_domain(Map.get(args, :email)),
|
|
|
|
{:ok, %User{locale: locale} = user} <-
|
|
|
|
Users.get_user_by_email(email, activated: false, unconfirmed: false),
|
2018-11-06 10:32:53 +01:00
|
|
|
{:ok, email} <-
|
2020-01-23 00:55:07 +01:00
|
|
|
Email.User.resend_confirmation_email(user, Map.get(args, :locale, locale)) do
|
2018-11-06 10:30:27 +01:00
|
|
|
{:ok, email}
|
|
|
|
else
|
|
|
|
{:error, :user_not_found} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "No user to validate with this email was found")}
|
2018-11-06 10:32:53 +01:00
|
|
|
|
2022-10-18 16:19:41 +02:00
|
|
|
{:error, :invalid_email} ->
|
|
|
|
{:error, dgettext("errors", "This email doesn't seem to be valid")}
|
|
|
|
|
2018-11-06 10:30:27 +01:00
|
|
|
{:error, :email_too_soon} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "You requested again a confirmation email too soon")}
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@doc """
|
|
|
|
Send an email to reset the password from an user
|
|
|
|
"""
|
2019-10-01 13:08:09 +02:00
|
|
|
def send_reset_password(_parent, args, _resolution) do
|
2022-10-18 16:19:41 +02:00
|
|
|
with {:ok, email} <- lowercase_domain(Map.get(args, :email)),
|
2021-03-25 10:22:40 +01:00
|
|
|
{:ok, %User{locale: locale} = user} <-
|
|
|
|
Users.get_user_by_email(email, activated: true, unconfirmed: false),
|
2020-06-27 19:12:45 +02:00
|
|
|
{:can_reset_password, true} <-
|
2022-04-05 12:16:22 +02:00
|
|
|
{:can_reset_password, Authenticator.can_reset_password?(user)} do
|
|
|
|
Email.User.send_password_reset_email(user, Map.get(args, :locale, locale))
|
2018-11-06 10:30:27 +01:00
|
|
|
{:ok, email}
|
|
|
|
else
|
2020-06-27 19:12:45 +02:00
|
|
|
{:can_reset_password, false} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "This user can't reset their password")}
|
2020-06-27 19:12:45 +02:00
|
|
|
|
2022-10-18 16:19:41 +02:00
|
|
|
{:error, :invalid_email} ->
|
|
|
|
{:error, dgettext("errors", "This email doesn't seem to be valid")}
|
|
|
|
|
2018-11-06 10:30:27 +01:00
|
|
|
{:error, :user_not_found} ->
|
2018-11-27 17:54:54 +01:00
|
|
|
# TODO : implement rate limits for this endpoint
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "No user with this email was found")}
|
2018-11-06 10:32:53 +01:00
|
|
|
|
2018-11-06 10:30:27 +01:00
|
|
|
{:error, :email_too_soon} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "You requested again a confirmation email too soon")}
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@doc """
|
|
|
|
Reset the password from an user
|
|
|
|
"""
|
2021-09-10 11:27:59 +02:00
|
|
|
@spec reset_password(map(), %{password: String.t(), token: String.t()}, map()) ::
|
|
|
|
{:ok, map()} | {:error, String.t()}
|
2018-11-06 10:30:27 +01:00
|
|
|
def reset_password(_parent, %{password: password, token: token}, _resolution) do
|
2021-09-10 11:27:59 +02:00
|
|
|
case Email.User.check_reset_password_token(password, token) do
|
|
|
|
{:ok, %User{email: email} = user} ->
|
|
|
|
{:ok, tokens} = Authenticator.authenticate(email, password)
|
|
|
|
{:ok, Map.put(tokens, :user, user)}
|
|
|
|
|
2021-09-10 11:35:32 +02:00
|
|
|
{:error, %Ecto.Changeset{errors: [password: {"registration.error.password_too_short", _}]}} ->
|
|
|
|
{:error,
|
|
|
|
gettext(
|
|
|
|
"The password you have choosen is too short. Please make sure your password contains at least 6 charaters."
|
|
|
|
)}
|
|
|
|
|
|
|
|
{:error, _err} ->
|
|
|
|
{:error,
|
|
|
|
gettext(
|
|
|
|
"The token you provided is invalid. Make sure that the URL is exactly the one provided inside the email you got."
|
|
|
|
)}
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-11-12 23:30:47 +01:00
|
|
|
@doc "Change an user default actor"
|
2019-08-12 16:04:16 +02:00
|
|
|
def change_default_actor(
|
|
|
|
_parent,
|
|
|
|
%{preferred_username: username},
|
2021-10-25 13:20:33 +02:00
|
|
|
%{context: %{current_user: %User{} = user}}
|
2019-08-12 16:04:16 +02:00
|
|
|
) do
|
2021-10-25 13:20:33 +02:00
|
|
|
case Actors.get_local_actor_by_name(username) do
|
|
|
|
%Actor{id: actor_id} = actor ->
|
|
|
|
if actor_id in Enum.map(Users.get_actors_for_user(user), & &1.id) do
|
|
|
|
%User{} = user = Users.update_user_default_actor(user, actor)
|
|
|
|
{:ok, user}
|
|
|
|
else
|
|
|
|
{:error, dgettext("errors", "This profile does not belong to you")}
|
|
|
|
end
|
|
|
|
|
|
|
|
nil ->
|
|
|
|
{:error,
|
|
|
|
dgettext("errors", "Profile with username %{username} not found", %{username: username})}
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|
|
|
|
end
|
2019-09-18 17:32:37 +02:00
|
|
|
|
2021-03-25 10:38:31 +01:00
|
|
|
def change_default_actor(_parent, _args, _resolution), do: {:error, :unauthenticated}
|
|
|
|
|
2019-09-18 17:32:37 +02:00
|
|
|
@doc """
|
|
|
|
Returns the list of events for all of this user's identities are going to
|
|
|
|
"""
|
2020-01-26 20:34:25 +01:00
|
|
|
def user_participations(
|
|
|
|
%User{id: user_id},
|
|
|
|
args,
|
2020-06-11 19:13:21 +02:00
|
|
|
%{context: %{current_user: %User{id: logged_user_id, role: role}}}
|
2020-01-26 20:34:25 +01:00
|
|
|
) do
|
2020-06-11 19:13:21 +02:00
|
|
|
with true <- user_id == logged_user_id or is_moderator(role),
|
2020-02-18 08:57:00 +01:00
|
|
|
%Page{} = page <-
|
2019-09-18 17:32:37 +02:00
|
|
|
Events.list_participations_for_user(
|
|
|
|
user_id,
|
|
|
|
Map.get(args, :after_datetime),
|
|
|
|
Map.get(args, :before_datetime),
|
|
|
|
Map.get(args, :page),
|
|
|
|
Map.get(args, :limit)
|
|
|
|
) do
|
2020-02-18 08:57:00 +01:00
|
|
|
{:ok, page}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@doc """
|
|
|
|
Returns the list of groups this user is a member is a member of
|
|
|
|
"""
|
|
|
|
def user_memberships(
|
|
|
|
%User{id: user_id},
|
2021-12-13 17:02:10 +01:00
|
|
|
%{page: page, limit: limit} = args,
|
2020-02-18 08:57:00 +01:00
|
|
|
%{context: %{current_user: %User{id: logged_user_id}}}
|
|
|
|
) do
|
|
|
|
with true <- user_id == logged_user_id,
|
|
|
|
memberships <-
|
|
|
|
Actors.list_memberships_for_user(
|
|
|
|
user_id,
|
2021-12-13 17:02:10 +01:00
|
|
|
Map.get(args, :name),
|
2020-02-18 08:57:00 +01:00
|
|
|
page,
|
|
|
|
limit
|
|
|
|
) do
|
|
|
|
{:ok, memberships}
|
2019-09-18 17:32:37 +02:00
|
|
|
end
|
|
|
|
end
|
2019-09-24 18:08:33 +02:00
|
|
|
|
2019-10-02 17:59:07 +02:00
|
|
|
@doc """
|
|
|
|
Returns the list of draft events for the current user
|
|
|
|
"""
|
2020-01-26 20:34:25 +01:00
|
|
|
def user_drafted_events(
|
|
|
|
%User{id: user_id},
|
|
|
|
args,
|
|
|
|
%{context: %{current_user: %User{id: logged_user_id}}}
|
|
|
|
) do
|
2019-10-02 17:59:07 +02:00
|
|
|
with {:same_user, true} <- {:same_user, user_id == logged_user_id},
|
|
|
|
events <-
|
|
|
|
Events.list_drafts_for_user(user_id, Map.get(args, :page), Map.get(args, :limit)) do
|
|
|
|
{:ok, events}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-01-26 20:34:25 +01:00
|
|
|
def change_password(
|
|
|
|
_parent,
|
|
|
|
%{old_password: old_password, new_password: new_password},
|
2020-06-27 19:12:45 +02:00
|
|
|
%{context: %{current_user: %User{} = user}}
|
2020-01-26 20:34:25 +01:00
|
|
|
) do
|
2020-06-27 19:12:45 +02:00
|
|
|
with {:can_change_password, true} <-
|
|
|
|
{:can_change_password, Authenticator.can_change_password?(user)},
|
|
|
|
{:current_password, {:ok, %User{}}} <-
|
|
|
|
{:current_password, Authenticator.login(user.email, old_password)},
|
2019-09-24 18:08:33 +02:00
|
|
|
{:same_password, false} <- {:same_password, old_password == new_password},
|
|
|
|
{:ok, %User{} = user} <-
|
|
|
|
user
|
2020-01-26 20:34:25 +01:00
|
|
|
|> User.password_change_changeset(%{"password" => new_password})
|
2019-09-24 18:08:33 +02:00
|
|
|
|> Repo.update() do
|
|
|
|
{:ok, user}
|
|
|
|
else
|
2021-09-10 11:27:59 +02:00
|
|
|
{:can_change_password, false} ->
|
|
|
|
{:error, dgettext("errors", "You cannot change your password.")}
|
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
{:current_password, _} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "The current password is invalid")}
|
2019-09-24 18:08:33 +02:00
|
|
|
|
|
|
|
{:same_password, true} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "The new password must be different")}
|
2019-09-24 18:08:33 +02:00
|
|
|
|
|
|
|
{:error, %Ecto.Changeset{errors: [password: {"registration.error.password_too_short", _}]}} ->
|
|
|
|
{:error,
|
2020-09-29 09:53:48 +02:00
|
|
|
dgettext(
|
|
|
|
"errors",
|
|
|
|
"The password you have chosen is too short. Please make sure your password contains at least 6 characters."
|
|
|
|
)}
|
2019-09-24 18:08:33 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def change_password(_parent, _args, _resolution) do
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "You need to be logged-in to change your password")}
|
2019-09-24 18:08:33 +02:00
|
|
|
end
|
2020-02-13 15:48:12 +01:00
|
|
|
|
|
|
|
def change_email(_parent, %{email: new_email, password: password}, %{
|
2020-06-27 19:12:45 +02:00
|
|
|
context: %{current_user: %User{email: old_email} = user}
|
2020-02-13 15:48:12 +01:00
|
|
|
}) do
|
2021-10-05 17:43:45 +02:00
|
|
|
if Authenticator.can_change_email?(user) do
|
2023-04-19 18:33:06 +02:00
|
|
|
do_change_mail_can_change_mail(user, old_email, new_email, password)
|
2020-02-13 15:48:12 +01:00
|
|
|
else
|
2021-10-05 17:43:45 +02:00
|
|
|
{:error, dgettext("errors", "User cannot change email")}
|
2020-02-13 15:48:12 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def change_email(_parent, _args, _resolution) do
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "You need to be logged-in to change your email")}
|
2020-02-13 15:48:12 +01:00
|
|
|
end
|
|
|
|
|
2023-04-19 18:33:06 +02:00
|
|
|
@spec do_change_mail_can_change_mail(User.t(), String.t(), String.t(), String.t()) ::
|
|
|
|
{:ok, User.t()} | {:error, String.t()}
|
|
|
|
defp do_change_mail_can_change_mail(user, old_email, new_email, password) do
|
|
|
|
case Authenticator.login(old_email, password) do
|
|
|
|
{:ok, %User{}} ->
|
|
|
|
if new_email != old_email do
|
|
|
|
do_change_mail_new_email(user, new_email)
|
|
|
|
else
|
|
|
|
{:error, dgettext("errors", "The new email must be different")}
|
|
|
|
end
|
|
|
|
|
|
|
|
{:error, _} ->
|
|
|
|
{:error, dgettext("errors", "The password provided is invalid")}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@spec do_change_mail_new_email(User.t(), String.t()) :: {:ok, User.t()} | {:error, String.t()}
|
|
|
|
defp do_change_mail_new_email(user, new_email) do
|
|
|
|
if Email.Checker.valid?(new_email) do
|
|
|
|
do_change_mail(user, new_email)
|
|
|
|
else
|
|
|
|
{:error, dgettext("errors", "The new email doesn't seem to be valid")}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@spec do_change_mail(User.t(), String.t()) :: {:ok, User.t()} | {:error, String.t()}
|
|
|
|
defp do_change_mail(user, new_email) do
|
|
|
|
case Users.update_user_email(user, new_email) do
|
|
|
|
{:ok, %User{} = user} ->
|
|
|
|
user
|
|
|
|
|> Email.User.send_email_reset_old_email()
|
|
|
|
|> Email.Mailer.send_email()
|
|
|
|
|
|
|
|
user
|
|
|
|
|> Email.User.send_email_reset_new_email()
|
|
|
|
|> Email.Mailer.send_email()
|
|
|
|
|
|
|
|
{:ok, user}
|
|
|
|
|
|
|
|
{:error, %Ecto.Changeset{} = err} ->
|
|
|
|
Logger.debug(inspect(err))
|
|
|
|
{:error, dgettext("errors", "Failed to update user email")}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-10 11:27:59 +02:00
|
|
|
@spec validate_email(map(), %{token: String.t()}, map()) ::
|
|
|
|
{:ok, User.t()} | {:error, String.t()}
|
2020-02-13 15:48:12 +01:00
|
|
|
def validate_email(_parent, %{token: token}, _resolution) do
|
2021-09-10 11:27:59 +02:00
|
|
|
case Users.get_user_by_activation_token(token) do
|
|
|
|
%User{} = user ->
|
|
|
|
case Users.validate_email(user) do
|
|
|
|
{:ok, %User{} = user} ->
|
|
|
|
{:ok, user}
|
|
|
|
|
|
|
|
{:error, %Ecto.Changeset{} = err} ->
|
|
|
|
Logger.debug(inspect(err))
|
|
|
|
{:error, dgettext("errors", "Failed to validate user email")}
|
|
|
|
end
|
|
|
|
|
|
|
|
nil ->
|
2021-03-23 16:38:37 +01:00
|
|
|
{:error, dgettext("errors", "Invalid activation token")}
|
2020-02-13 15:48:12 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-08-18 17:21:58 +02:00
|
|
|
def delete_account(_parent, %{user_id: user_id}, %{
|
2021-09-10 11:35:32 +02:00
|
|
|
context: %{
|
|
|
|
current_user: %User{role: role},
|
|
|
|
current_actor: %Actor{} = moderator_actor
|
|
|
|
}
|
2020-08-18 17:21:58 +02:00
|
|
|
})
|
|
|
|
when is_moderator(role) do
|
2021-09-10 11:35:32 +02:00
|
|
|
with %User{disabled: false} = user <- Users.get_user(user_id),
|
2020-08-18 17:21:58 +02:00
|
|
|
{:ok, %User{}} <-
|
2023-05-03 11:57:46 +02:00
|
|
|
do_delete_account(%User{} = user) do
|
2020-08-18 17:21:58 +02:00
|
|
|
Admin.log_action(moderator_actor, "delete", user)
|
|
|
|
else
|
|
|
|
%User{disabled: true} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "User already disabled")}
|
2020-08-18 17:21:58 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
def delete_account(_parent, args, %{
|
|
|
|
context: %{current_user: %User{email: email} = user}
|
2020-02-13 15:48:12 +01:00
|
|
|
}) do
|
2020-06-27 19:12:45 +02:00
|
|
|
with {:user_has_password, true} <- {:user_has_password, Authenticator.has_password?(user)},
|
|
|
|
{:confirmation_password, password} when not is_nil(password) <-
|
|
|
|
{:confirmation_password, Map.get(args, :password)},
|
|
|
|
{:current_password, {:ok, _}} <-
|
|
|
|
{:current_password, Authenticator.authenticate(email, password)} do
|
2020-10-13 15:07:51 +02:00
|
|
|
do_delete_account(user, reserve_email: false)
|
2020-06-27 19:12:45 +02:00
|
|
|
else
|
|
|
|
# If the user hasn't got any password (3rd-party auth)
|
|
|
|
{:user_has_password, false} ->
|
2020-10-13 15:07:51 +02:00
|
|
|
do_delete_account(user, reserve_email: false)
|
2020-06-11 19:13:21 +02:00
|
|
|
|
2020-06-27 19:12:45 +02:00
|
|
|
{:confirmation_password, nil} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "The password provided is invalid")}
|
2020-06-27 19:12:45 +02:00
|
|
|
|
|
|
|
{:current_password, _} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "The password provided is invalid")}
|
2020-02-13 15:48:12 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def delete_account(_parent, _args, _resolution) do
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "You need to be logged-in to delete your account")}
|
2020-02-13 15:48:12 +01:00
|
|
|
end
|
2020-02-18 08:57:00 +01:00
|
|
|
|
2020-10-13 15:07:51 +02:00
|
|
|
@spec do_delete_account(User.t(), Keyword.t()) :: {:ok, User.t()}
|
2023-05-03 11:57:46 +02:00
|
|
|
defp do_delete_account(%User{} = user, options \\ []) do
|
2020-06-11 19:13:21 +02:00
|
|
|
with actors <- Users.get_actors_for_user(user),
|
|
|
|
activated <- not is_nil(user.confirmed_at),
|
|
|
|
# Detach actors from user
|
2020-10-13 15:07:51 +02:00
|
|
|
:ok <- Enum.each(actors, fn actor -> Actors.update_actor(actor, %{user_id: nil}) end),
|
2020-06-11 19:13:21 +02:00
|
|
|
# Launch a background job to delete actors
|
|
|
|
:ok <-
|
|
|
|
Enum.each(actors, fn actor ->
|
2020-10-13 15:07:51 +02:00
|
|
|
actor_performing = Keyword.get(options, :actor_performing, actor)
|
2021-09-28 19:40:37 +02:00
|
|
|
Actions.Delete.delete(actor, actor_performing, true)
|
2021-11-26 14:30:46 +01:00
|
|
|
end) do
|
|
|
|
# Delete user
|
|
|
|
Users.delete_user(user, reserve_email: Keyword.get(options, :reserve_email, activated))
|
2020-06-11 19:13:21 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-02-18 08:57:00 +01:00
|
|
|
@spec user_settings(User.t(), map(), map()) :: {:ok, list(Setting.t())} | {:error, String.t()}
|
2020-06-11 19:13:21 +02:00
|
|
|
def user_settings(%User{} = user, _args, %{
|
|
|
|
context: %{current_user: %User{role: role}}
|
|
|
|
})
|
|
|
|
when is_moderator(role) do
|
|
|
|
with {:setting, settings} <- {:setting, Users.get_setting(user)} do
|
|
|
|
{:ok, settings}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-02-18 08:57:00 +01:00
|
|
|
def user_settings(%User{id: user_id} = user, _args, %{
|
|
|
|
context: %{current_user: %User{id: logged_user_id}}
|
|
|
|
}) do
|
|
|
|
with {:same_user, true} <- {:same_user, user_id == logged_user_id},
|
|
|
|
{:setting, settings} <- {:setting, Users.get_setting(user)} do
|
|
|
|
{:ok, settings}
|
|
|
|
else
|
|
|
|
{:same_user, _} ->
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "User requested is not logged-in")}
|
2020-02-18 08:57:00 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@spec set_user_setting(map(), map(), map()) :: {:ok, Setting.t()} | {:error, any()}
|
|
|
|
def set_user_setting(_parent, attrs, %{
|
|
|
|
context: %{current_user: %User{id: logged_user_id}}
|
|
|
|
}) do
|
|
|
|
attrs = Map.put(attrs, :user_id, logged_user_id)
|
|
|
|
|
|
|
|
res =
|
|
|
|
case Users.get_setting(logged_user_id) do
|
|
|
|
nil ->
|
|
|
|
Users.create_setting(attrs)
|
|
|
|
|
|
|
|
%Setting{} = setting ->
|
|
|
|
Users.update_setting(setting, attrs)
|
|
|
|
end
|
|
|
|
|
|
|
|
case res do
|
|
|
|
{:ok, %Setting{} = setting} ->
|
|
|
|
{:ok, setting}
|
|
|
|
|
|
|
|
{:error, changeset} ->
|
|
|
|
Logger.debug(inspect(changeset))
|
2020-09-29 09:53:48 +02:00
|
|
|
{:error, dgettext("errors", "Error while saving user settings")}
|
2020-02-18 08:57:00 +01:00
|
|
|
end
|
|
|
|
end
|
2020-06-16 18:00:27 +02:00
|
|
|
|
|
|
|
def update_locale(_parent, %{locale: locale}, %{
|
2020-06-16 18:02:53 +02:00
|
|
|
context: %{current_user: %User{locale: current_locale} = user}
|
2020-06-16 18:00:27 +02:00
|
|
|
}) do
|
2021-09-10 11:27:59 +02:00
|
|
|
if current_locale != locale do
|
|
|
|
case Users.update_user(user, %{locale: locale}) do
|
|
|
|
{:ok, %User{} = updated_user} ->
|
|
|
|
{:ok, updated_user}
|
|
|
|
|
|
|
|
{:error, %Ecto.Changeset{} = err} ->
|
|
|
|
Logger.debug(err)
|
|
|
|
{:error, dgettext("errors", "Error while updating locale")}
|
|
|
|
end
|
2020-06-17 15:54:24 +02:00
|
|
|
else
|
2021-09-10 11:27:59 +02:00
|
|
|
{:ok, user}
|
2020-06-16 18:00:27 +02:00
|
|
|
end
|
|
|
|
end
|
2020-08-28 09:23:49 +02:00
|
|
|
|
2020-11-23 10:38:01 +01:00
|
|
|
def user_medias(%User{id: user_id}, %{page: page, limit: limit}, %{
|
|
|
|
context: %{current_user: %User{id: logged_in_user_id}}
|
|
|
|
})
|
|
|
|
when user_id == logged_in_user_id do
|
2020-11-26 11:41:13 +01:00
|
|
|
%{elements: elements, total: total} = Mobilizon.Medias.medias_for_user(user_id, page, limit)
|
2020-11-23 10:38:01 +01:00
|
|
|
|
|
|
|
{:ok,
|
|
|
|
%{
|
|
|
|
elements:
|
|
|
|
Enum.map(elements, fn element ->
|
|
|
|
%{
|
|
|
|
name: element.file.name,
|
|
|
|
url: element.file.url,
|
|
|
|
id: element.id,
|
|
|
|
content_type: element.file.content_type,
|
|
|
|
size: element.file.size
|
|
|
|
}
|
|
|
|
end),
|
|
|
|
total: total
|
|
|
|
}}
|
|
|
|
end
|
|
|
|
|
2021-11-02 19:48:38 +01:00
|
|
|
def user_followed_group_events(%User{id: user_id}, %{page: page, limit: limit} = args, %{
|
2021-10-29 10:42:37 +02:00
|
|
|
context: %{current_user: %User{id: logged_in_user_id}}
|
|
|
|
})
|
|
|
|
when user_id == logged_in_user_id do
|
2021-11-02 19:48:38 +01:00
|
|
|
activities =
|
|
|
|
FollowedGroupActivity.user_followed_group_events(
|
|
|
|
user_id,
|
|
|
|
Map.get(args, :after_datetime),
|
|
|
|
page,
|
|
|
|
limit
|
|
|
|
)
|
2021-10-29 10:42:37 +02:00
|
|
|
|
|
|
|
activities = %Page{
|
|
|
|
activities
|
|
|
|
| elements:
|
|
|
|
Enum.map(activities.elements, fn [event, group, profile] ->
|
|
|
|
%{group: group, profile: profile, event: event}
|
|
|
|
end)
|
|
|
|
}
|
|
|
|
|
|
|
|
{:ok, activities}
|
|
|
|
end
|
|
|
|
|
2020-08-28 09:23:49 +02:00
|
|
|
@spec update_user_login_information(User.t(), map()) ::
|
|
|
|
{:ok, User.t()} | {:error, Ecto.Changeset.t()}
|
|
|
|
defp update_user_login_information(
|
|
|
|
%User{current_sign_in_at: current_sign_in_at, current_sign_in_ip: current_sign_in_ip} =
|
|
|
|
user,
|
|
|
|
context
|
|
|
|
) do
|
2021-10-05 17:43:45 +02:00
|
|
|
current_ip = Map.get(context, :ip)
|
|
|
|
now = DateTime.utc_now()
|
|
|
|
|
|
|
|
Users.update_user(user, %{
|
|
|
|
last_sign_in_at: current_sign_in_at || now,
|
|
|
|
last_sign_in_ip: current_sign_in_ip || current_ip,
|
|
|
|
current_sign_in_ip: current_ip,
|
|
|
|
current_sign_in_at: now
|
|
|
|
})
|
2020-08-28 09:23:49 +02:00
|
|
|
end
|
2018-11-06 10:30:27 +01:00
|
|
|
end
|