new permissions:

* list members may be nominated as moderators by admin * admin may allow moderators to nominate more moderators * admin may set allowed senders to one of the following: * owners and mods * all subscribers * everyone * moderators are now able to remove members from list
2022-04-22 12:35:16 +02:00
parent 7bf492e469
commit b9b3196ae6
9 changed files with 305 additions and 36 deletions
--- a/src/main/java/de/srsoftware/widerhall/data/ListMember.java
+++ b/src/main/java/de/srsoftware/widerhall/data/ListMember.java
@@ -1,17 +1,15 @@
 package de.srsoftware.widerhall.data;

 import de.srsoftware.widerhall.Util;
-import org.antlr.runtime.MismatchedTokenException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.stringtemplate.v4.ST;

 import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.util.*;

 import static de.srsoftware.widerhall.Constants.*;
-import static de.srsoftware.widerhall.Constants.STATE;
+import static de.srsoftware.widerhall.Util.t;

 /**
 * @author Stephan Richter
@@ -47,6 +45,37 @@ public class ListMember {
        this.token = token;
    }

+    public String addNewModerator(String userEmail) {
+        if (!isAllowedToEditMods()) return t("You are not allowed to nominate new mods for {}",list.email());
+        User moderator = null;
+        try {
+            moderator = User.load(userEmail);
+        } catch (SQLException e) {
+            LOG.warn("Failed to load user for {}",userEmail,e);
+            return t("Failed to load user for {}",userEmail);
+        }
+        if (moderator == null) return t("No such user: {}",userEmail);
+
+        ListMember member = null;
+        try {
+            member = ListMember.load(list,moderator);
+        } catch (SQLException e) {
+            LOG.warn("Failed to load list member for {}/{}",moderator.email(),list.email(),e);
+            return t("Failed to load list member for {}/{}",moderator.email(),list.email());
+        }
+        try {
+            if (member == null) {
+                ListMember.create(list, moderator, ListMember.STATE_MODERATOR);
+            } else {
+                member.setState(ListMember.STATE_MODERATOR);
+            }
+        } catch (SQLException e) {
+            LOG.warn("Failed to make {} a moderator of {}",moderator.email(),list.email(),e);
+            return t("Failed to make {} a moderator of {}",moderator.email(),list.email());
+        }
+        return null;
+    }
+
    /**
     * tries to confirm the token:
     * This method loads the list member, that is assigned with the token.
@@ -113,6 +142,68 @@ public class ListMember {
        Database.open().query(sql).compile().run();
    }

+    public String dropMember(String userEmail) {
+        if (!isModerator()) return t("You are not allowed to remove members of {}",list.email());
+        User user = null;
+        try {
+            user = User.load(userEmail);
+        } catch (SQLException e) {
+            LOG.warn("Failed to load user for {}",userEmail,e);
+            return t("Failed to load user for {}",userEmail);
+        }
+        if (user == null) return t("No such user: {}",userEmail);
+
+        ListMember member = null;
+        try {
+            member = ListMember.load(list,user);
+        } catch (SQLException e) {
+            LOG.warn("Failed to load list member for {}/{}",user.email(),list.email(),e);
+            return t("Failed to load list member for {}/{}",user.email(),list.email());
+        }
+
+        if (member == null) return t("{} is no member of {}",user.email(),list.email());
+        if (member.isOwner()) return t("You are not allowed to remvoe the list owner!");
+
+        try {
+            member.unsubscribe();
+        } catch (SQLException e) {
+            LOG.warn("Failed to un-subscribe {} from {}",user.email(),list.email(),e);
+            return t("Failed to un-subscribe {} from {}",user.email(),list.email());
+        }
+        return null;
+    }
+
+    public String dropModerator(String userEmail) {
+        if (!isAllowedToEditMods()) return t("You are not allowed to edit mods of {}",list.email());
+        User moderator = null;
+        try {
+            moderator = User.load(userEmail);
+        } catch (SQLException e) {
+            LOG.warn("Failed to load user for {}",userEmail,e);
+            return t("Failed to load user for {}",userEmail);
+        }
+        if (moderator == null) return t("No such user: {}",userEmail);
+
+        ListMember member = null;
+        try {
+            member = ListMember.load(list,moderator);
+        } catch (SQLException e) {
+            LOG.warn("Failed to load list member for {}/{}",moderator.email(),list.email(),e);
+            return t("Failed to load list member for {}/{}",moderator.email(),list.email());
+        }
+        try {
+            if (member == null) {
+                ListMember.create(list, moderator, ListMember.STATE_SUBSCRIBER);
+            } else {
+                member.setState(ListMember.STATE_SUBSCRIBER);
+            }
+        } catch (SQLException e) {
+            LOG.warn("Failed to make {} a subscriber of {}",moderator.email(),list.email(),e);
+            return t("Failed to make {} a subscriber of {}",moderator.email(),list.email());
+        }
+        return null;
+    }
+
    /**
     * create a new ListMember object from a ResultSet
     * @param rs
@@ -136,6 +227,12 @@ public class ListMember {
        return (state & testState) > 0;
    }

+    public boolean isAllowedToEditMods(){
+        if (isOwner()) return true;
+        if (isModerator()) return list.modsMayEditMods();
+        return false;
+    }
+
    public boolean isAwaiting(){
        return hasState(STATE_AWAITING_CONFIRMATION);
    }
@@ -152,6 +249,35 @@ public class ListMember {
        return hasState(STATE_SUBSCRIBER|STATE_MODERATOR|STATE_OWNER);
    }

+    public MailingList list(){
+        return list;
+    }
+    /**
+     * return a set of list emails of MailingLists the given user attends
+     * @param user
+     * @return
+     */
+    public static Set<ListMember> listsOf(User user) {
+        var listEmails = new HashSet<String>();
+        try {
+            var request = Database.open()
+                    .select(TABLE_NAME);
+            if (!user.hashPermission(User.PERMISSION_ADMIN)) request = request.where(USER_EMAIL, user.email());
+            var rs = request.compile().exec();
+            while (rs.next()) listEmails.add(rs.getString(LIST_EMAIL));
+        } catch (SQLException e) {
+            LOG.warn("Collecting lists of {} failed: ",user.email(),e);
+        }
+        var lists = MailingList.loadAll(listEmails);
+        var result = new HashSet<ListMember>();
+        try {
+            for (var ml : lists) result.add(ListMember.load(ml,user));
+        } catch (SQLException e) {
+            e.printStackTrace();
+        }
+
+        return result;
+    }

    /**
     * return a set of list emails of MailingLists owned by the given user
@@ -230,6 +356,17 @@ public class ListMember {
        return this;
    }

+    public ListMember setState(int newState) throws SQLException {
+        Database.open()
+                .update(TABLE_NAME)
+                .set(STATE,newState)
+                .where(USER_EMAIL,user.email())
+                .where(LIST_EMAIL,list.email())
+                .compile()
+                .run();
+        return this;
+    }
+
    /**
     * convert state flag to readable text
     * @return
@@ -253,11 +390,9 @@ public class ListMember {

    /**
     * unsubscribe a list member
-     * @param list
-     * @param user
     * @throws SQLException
     */
-    public static void unsubscribe(MailingList list, User user) throws SQLException {
+    public void unsubscribe() throws SQLException {
        var db = Database.open();
        var rs = db.select(TABLE_NAME)
                .where(LIST_EMAIL,list.email())
@@ -265,7 +400,7 @@ public class ListMember {
                .compile()
                .exec();
        while (rs.next()){
-            int state = Util.unset(rs.getInt(STATE),STATE_SUBSCRIBER,STATE_AWAITING_CONFIRMATION); // drop subscription and awaiting flags
+            int state = Util.unset(rs.getInt(STATE),STATE_SUBSCRIBER,STATE_MODERATOR,STATE_AWAITING_CONFIRMATION); // drop subscription and awaiting flags
            var req = state < 1 ? db.deleteFrom(TABLE_NAME) : db.update(TABLE_NAME).set(STATE,state).set(TOKEN,null);
            req.where(LIST_EMAIL,list.email()).where(USER_EMAIL,user.email()).compile().run();
        }
--- a/src/main/java/de/srsoftware/widerhall/data/MailingList.java
+++ b/src/main/java/de/srsoftware/widerhall/data/MailingList.java
@@ -35,6 +35,7 @@ public class MailingList implements MessageHandler {
    public static final String KEY_OPEN_FOR_GUESTS = "open_for_guests";
    public static final String KEY_OPEN_FOR_SUBSCRIBERS = "open_for_subscribers";
    public static final String KEY_ARCHIVE = "archive";
+    public static final String KEY_MODS_CAN_EDIT_MODS = "edit_mods";
    private static final Logger LOG = LoggerFactory.getLogger(MailingList.class);
    private static final String IMAP_HOST = "imap_host";
    private static final String IMAP_PORT = "imap_port";
@@ -55,7 +56,7 @@ public class MailingList implements MessageHandler {
    public static final int STATE_OPEN_FOR_GUESTS = 64; // allow anyone to send via this list?
    public static final int STATE_PUBLIC_ARCHIVE = 128; // save received messages in archive?
    public static final int STATE_OPEN_FOR_SUBSCRIBERS = 256; // allow mods to send via this list?
-    public static final int STATE_MODS_CAN_CREATE_MODS = 512; // allow mods to make subscribers to mods?
+    public static final int STATE_MODS_CAN_EDIT_MODS = 512; // allow mods to make subscribers to mods?
    private static final int VISIBLE = 1;
    private static final int HIDDEN = 0;
    private static final int DEFAULT_STATE = STATE_PENDING|STATE_HIDE_RECEIVERS|STATE_PUBLIC_ARCHIVE;
@@ -137,17 +138,6 @@ public class MailingList implements MessageHandler {
        Database.open().query(sql).compile().run();
    }

-    /**
-     * load the set of mailing lists a given user is allowed to edit
-     * @param user
-     * @return
-     */
-    public static Set<MailingList> editableBy(User user) {
-        var list = new HashSet<MailingList>();
-        for (String key : ListMember.listsOwnedBy(user)) list.add(load(key));
-        return list;
-    }
-
    public String email() {
        return email;
    }
@@ -295,10 +285,32 @@ public class MailingList implements MessageHandler {
        return ml;
    }

+    /**
+     * Load a ML object by it's identifying email address.
+     * This is a cached method: if the ML has been loaded before, the already-loaded object will be returned.
+     * @param listEmails
+     * @return
+     */
+    public static Set<MailingList> loadAll(Collection<String> listEmails) {
+        if (listEmails == null) return null;
+        if (listEmails.isEmpty()) return Set.of();
+        var list = new HashSet<MailingList>();
+        try {
+            var rs = Database.open()
+                    .select(TABLE_NAME)
+                    .where(EMAIL,listEmails)
+                    .compile().exec();
+            while (rs.next()) list.add(MailingList.from(rs));
+        } catch (SQLException e) {
+            LOG.debug("Failed to load MailingLists: ",e);
+        }
+        return list;
+    }
+
    public boolean mayBeAlteredBy(User user) {
        if (user.hashPermission(PERMISSION_ADMIN)) return true;
        try {
-            if (ListMember.load(this,user).isOwner()) return true;
+            if (ListMember.load(this,user).isModerator()) return true;
        } catch (SQLException e) {
            LOG.debug("Error loading list member for ({}, {})",user.email(),email());
        }
@@ -343,6 +355,28 @@ public class MailingList implements MessageHandler {
        return map;
    }

+    /**
+     * load the set of mailing lists a given user is allowed to edit
+     * @param user
+     * @return
+     */
+    public static List<MailingList> moderatedBy(User user) {
+        return ListMember.listsOf(user)
+                .stream()
+                .filter(listMember -> listMember.isModerator())
+                .map(ListMember::list)
+                .toList();
+
+    }
+
+    public boolean modsMayEditMods(){
+        return hasState(STATE_MODS_CAN_EDIT_MODS);
+    }
+
+    public MailingList modsMayNominateMods(boolean allowed) throws SQLException {
+        return setFlag(STATE_MODS_CAN_EDIT_MODS,allowed);
+    }
+
    public String name(){
        return name;
    }
@@ -482,7 +516,7 @@ public class MailingList implements MessageHandler {
    private void sendConfirmationRequest(User user, String token) throws MessagingException, UnsupportedEncodingException {
        var subject = t("Please confirm your list subscription");
        var config = Configuration.instance();
-        var url = new StringBuilder(config.baseUrl()).append("/confirm?token=").append(token);
+        var url = new StringBuilder(config.baseUrl()).append("/web/confirm?token=").append(token);
        var text = t("Please go to {} in order to complete your list subscription!",url);
        smtp.send(email(),name(),user.email(),subject,text);
    }