Class: Invite

Inherits:
ActiveRecord::Base
  • Object
show all
Includes:
RateLimiter::OnCreateRecord, Trashable
Defined in:
app/models/invite.rb

Defined Under Namespace

Classes: RedemptionFailed, UserExists, ValidationFailed

Constant Summary collapse

BULK_INVITE_EMAIL_LIMIT = 
200
DOMAIN_REGEX = 
/\A(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)+([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])\z/

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Trashable

#recover!, #trash!, #trashed?

Methods included from RateLimiter::OnCreateRecord

#default_rate_limiter, #disable_rate_limits!, included

Class Method Details

.base_directoryObject 



299
300
301
302
303
304
305
306
307
 
# File 'app/models/invite.rb', line 299

def self.base_directory
  File.join(
    Rails.root,
    "public",
    "uploads",
    "csv",
    RailsMultisite::ConnectionManagement.current_db,
  )
end

.emailed_status_typesObject 



54
55
56
57
 
# File 'app/models/invite.rb', line 54

def self.emailed_status_types
  @emailed_status_types ||=
    Enum.new(not_required: 0, pending: 1, bulk_pending: 2, sending: 3, sent: 4)
end

.expired(inviter) ⇒ Object 



254
255
256
257
258
259
260
261
262
263
 
# File 'app/models/invite.rb', line 254

def self.expired(inviter)
  Invite
    .distinct
    .joins("LEFT JOIN invited_users ON invites.id = invited_users.invite_id")
    .joins("LEFT JOIN users ON invited_users.user_id = users.id")
    .where(invited_by_id: inviter.id)
    .where("redemption_count < max_redemptions_allowed")
    .where("expires_at < ?", Time.zone.now)
    .order("invites.expires_at ASC")
end

.find_user_by_email(email) ⇒ Object 



239
240
241
 
# File 'app/models/invite.rb', line 239

def self.find_user_by_email(email)
  User.with_email(Email.downcase(email)).where(staged: false).first
end

.generate(invited_by, opts = nil) ⇒ Object

Raises:



135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
 
# File 'app/models/invite.rb', line 135

def self.generate(invited_by, opts = nil)
  opts ||= {}
  time_zone = Time.find_zone(invited_by&.user_option&.timezone) || Time.zone
  email = Email.downcase(opts[:email]) if opts[:email].present?

  raise UserExists.new(new.user_exists_error_msg(email)) if find_user_by_email(email)

  if email.present?
    invite =
      Invite
        .with_deleted
        .where(email: email, invited_by_id: invited_by.id)
        .order("created_at DESC")
        .first

    if invite && (invite.expired? || invite.deleted_at)
      invite.destroy
      invite = nil
    end
    email_digest = Digest::SHA256.hexdigest(email)
    RateLimiter.new(invited_by, "reinvites-per-day-#{email_digest}", 3, 1.day.to_i).performed!
  end

  emailed_status =
    if opts[:skip_email] || invite&.emailed_status == emailed_status_types[:not_required]
      emailed_status_types[:not_required]
    elsif opts[:emailed_status].present?
      opts[:emailed_status]
    elsif email.present?
      emailed_status_types[:pending]
    else
      emailed_status_types[:not_required]
    end

  if invite
    invite.update_columns(
      created_at: Time.zone.now,
      updated_at: Time.zone.now,
      expires_at: opts[:expires_at] || time_zone.now + SiteSetting.invite_expiry_days.days,
      emailed_status: emailed_status,
    )
  else
    create_args =
      opts.slice(:email, :domain, :moderator, :custom_message, :max_redemptions_allowed)
    create_args[:invited_by] = invited_by
    create_args[:email] = email
    create_args[:emailed_status] = emailed_status
    create_args[:expires_at] = opts[:expires_at] ||
      time_zone.now + SiteSetting.invite_expiry_days.days

    invite = Invite.create!(create_args)
  end

  topic_id = opts[:topic]&.id || opts[:topic_id]
  invite.topic_invites.find_or_create_by!(topic_id: topic_id) if topic_id.present?

  group_ids = opts[:group_ids]
  if group_ids.present?
    group_ids.each { |group_id| invite.invited_groups.find_or_create_by!(group_id: group_id) }
  end

  if emailed_status == emailed_status_types[:pending]
    invite.update_column(:emailed_status, emailed_status_types[:sending])
    Jobs.enqueue(:invite_email, invite_id: invite.id, invite_to_topic: opts[:invite_to_topic])
  end

  invite.reload
end

.invalidate_for_email(email) ⇒ Object 



277
278
279
 
# File 'app/models/invite.rb', line 277

def self.invalidate_for_email(email)
  Invite.find_by(email: Email.downcase(email))&.invalidate!
end

.pending(inviter) ⇒ Object 



243
244
245
246
247
248
249
250
251
252
 
# File 'app/models/invite.rb', line 243

def self.pending(inviter)
  Invite
    .distinct
    .joins("LEFT JOIN invited_users ON invites.id = invited_users.invite_id")
    .joins("LEFT JOIN users ON invited_users.user_id = users.id")
    .where(invited_by_id: inviter.id)
    .where("redemption_count < max_redemptions_allowed")
    .where("expires_at > ?", Time.zone.now)
    .order("invites.updated_at DESC")
end

.redeem_for_existing_user(user) ⇒ Object 



231
232
233
234
235
236
237
 
# File 'app/models/invite.rb', line 231

def self.redeem_for_existing_user(user)
  invite = Invite.find_by(email: Email.downcase(user.email))
  if invite.present? && invite.redeemable?
    InviteRedeemer.new(invite: invite, redeeming_user: user).redeem
  end
  invite
end

.redeemed_users(inviter) ⇒ Object 



265
266
267
268
269
270
271
272
273
274
275
 
# File 'app/models/invite.rb', line 265

def self.redeemed_users(inviter)
  InvitedUser
    .joins("LEFT JOIN invites ON invites.id = invited_users.invite_id")
    .includes(user: :user_stat)
    .where("invited_users.user_id IS NOT NULL")
    .where("invites.invited_by_id = ?", inviter.id)
    .order("invited_users.redeemed_at DESC")
    .references("invite")
    .references("user")
    .references("user_stat")
end

Instance Method Details

#can_be_redeemed_by?(user) ⇒ Boolean

Returns:

  • (Boolean) 


111
112
113
114
115
116
117
 
# File 'app/models/invite.rb', line 111

def can_be_redeemed_by?(user)
  return false if !self.redeemable?
  return false if redeemed_by_user?(user)
  return true if self.domain.blank? && self.email.blank?
  return true if self.email.present? && email_matches?(user.email)
  self.domain.present? && domain_matches?(user.email)
end

#domain_matches?(email) ⇒ Boolean

Returns:

  • (Boolean) 


106
107
108
109
 
# File 'app/models/invite.rb', line 106

def domain_matches?(email)
  _, domain = email.split("@")
  self.domain == domain
end

#email_matches?(email) ⇒ Boolean

Returns:

  • (Boolean) 


102
103
104
 
# File 'app/models/invite.rb', line 102

def email_matches?(email)
  email.downcase == self.email.downcase
end

#email_xor_domainObject 



70
71
72
 
# File 'app/models/invite.rb', line 70

def email_xor_domain
  errors.add(:base, I18n.t("invite.email_xor_domain")) if email.present? && domain.present?
end

#ensure_max_redemptions_allowedObject 



309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
 
# File 'app/models/invite.rb', line 309

def ensure_max_redemptions_allowed
  if self.max_redemptions_allowed.nil?
    self.max_redemptions_allowed = 1
  else
    limit =
      (
        if invited_by&.staff?
          SiteSetting.invite_link_max_redemptions_limit
        else
          SiteSetting.invite_link_max_redemptions_limit_users
        end
      )

    if self.email.present? && self.max_redemptions_allowed != 1
      errors.add(:max_redemptions_allowed, I18n.t("invite.max_redemptions_allowed_one"))
    elsif !self.max_redemptions_allowed.between?(1, limit)
      errors.add(
        :max_redemptions_allowed,
        I18n.t("invite_link.max_redemptions_limit", max_limit: limit),
      )
    end
  end
end

#expired?Boolean

Returns:

  • (Boolean) 


119
120
121
 
# File 'app/models/invite.rb', line 119

def expired?
  expires_at < Time.zone.now
end

#invalidate!Object 



281
282
283
284
 
# File 'app/models/invite.rb', line 281

def invalidate!
  update_attribute(:invalidated_at, Time.current)
  self
end

#is_email_invite?Boolean

Email invites have specific behaviour and it’s easier to visually parse is_email_invite? than !is_invite_link?

Returns:

  • (Boolean) 


82
83
84
 
# File 'app/models/invite.rb', line 82

def is_email_invite?
  self.email.present?
end

#is_invite_link?Boolean

Even if a domain is specified on the invite, it still counts as an invite link.

Returns:

  • (Boolean) 


76
77
78
 
# File 'app/models/invite.rb', line 76

def is_invite_link?
  self.email.blank?
end

#limit_invites_per_dayObject 



295
296
297
 
# File 'app/models/invite.rb', line 295

def limit_invites_per_day
  RateLimiter.new(invited_by, "invites-per-day", SiteSetting.max_invites_per_day, 1.day.to_i)
end

#link(with_email_token: false) ⇒ Object 



123
124
125
126
127
128
129
 
# File 'app/models/invite.rb', line 123

def link(with_email_token: false)
  if with_email_token
    "#{Discourse.base_url}/invites/#{invite_key}?t=#{email_token}"
  else
    "#{Discourse.base_url}/invites/#{invite_key}"
  end
end

#link_valid?Boolean

Returns:

  • (Boolean) 


131
132
133
 
# File 'app/models/invite.rb', line 131

def link_valid?
  invalidated_at.nil?
end

#redeem(email: nil, username: nil, name: nil, password: nil, user_custom_fields: nil, ip_address: nil, session: nil, email_token: nil, redeeming_user: nil) ⇒ Object 



204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
 
# File 'app/models/invite.rb', line 204

def redeem(
  email: nil,
  username: nil,
  name: nil,
  password: nil,
  user_custom_fields: nil,
  ip_address: nil,
  session: nil,
  email_token: nil,
  redeeming_user: nil
)
  return if !redeemable?

  InviteRedeemer.new(
    invite: self,
    email: email,
    username: username,
    name: name,
    password: password,
    user_custom_fields: user_custom_fields,
    ip_address: ip_address,
    session: session,
    email_token: email_token,
    redeeming_user: redeeming_user,
  ).redeem
end

#redeemable?Boolean

Returns:

  • (Boolean) 


86
87
88
 
# File 'app/models/invite.rb', line 86

def redeemable?
  !redeemed? && !expired? && !deleted_at? && !destroyed? && link_valid?
end

#redeemed?Boolean

Returns:

  • (Boolean) 


94
95
96
97
98
99
100
 
# File 'app/models/invite.rb', line 94

def redeemed?
  if is_invite_link?
    redemption_count >= max_redemptions_allowed
  else
    self.invited_users.count > 0
  end
end

#redeemed_by_user?(redeeming_user) ⇒ Boolean

Returns:

  • (Boolean) 


90
91
92
 
# File 'app/models/invite.rb', line 90

def redeemed_by_user?(redeeming_user)
  self.invited_users.exists?(user: redeeming_user)
end

#resend_inviteObject 



286
287
288
289
290
291
292
293
 
# File 'app/models/invite.rb', line 286

def resend_invite
  self.update_columns(
    updated_at: Time.zone.now,
    invalidated_at: nil,
    expires_at: SiteSetting.invite_expiry_days.days.from_now,
  )
  Jobs.enqueue(:invite_email, invite_id: self.id)
end

#user_doesnt_already_existObject 



59
60
61
62
63
64
65
66
67
68
 
# File 'app/models/invite.rb', line 59

def user_doesnt_already_exist
  self.email_already_exists = false
  return if email.blank?
  user = Invite.find_user_by_email(email)

  if user && user.id != self.invited_users&.first&.user_id
    self.email_already_exists = true
    errors.add(:base, user_exists_error_msg(email))
  end
end

#user_exists_error_msg(email) ⇒ Object 



355
356
357
358
359
 
# File 'app/models/invite.rb', line 355

def user_exists_error_msg(email)
  error_key = SiteSetting.hide_email_address_taken? ? "generic_error_response" : "user_exists"

  I18n.t("invite.#{error_key}", email: CGI.escapeHTML(email))
end

#valid_domainObject 



345
346
347
348
349
350
351
352
353
 
# File 'app/models/invite.rb', line 345

def valid_domain
  return if self.domain.blank?

  self.domain.downcase!

  if self.domain !~ Invite::DOMAIN_REGEX
    self.errors.add(:base, I18n.t("invite.domain_not_allowed"))
  end
end

#valid_redemption_countObject 



333
334
335
336
337
338
339
340
341
342
343
 
# File 'app/models/invite.rb', line 333

def valid_redemption_count
  if self.redemption_count > self.max_redemptions_allowed
    errors.add(
      :redemption_count,
      I18n.t(
        "invite.redemption_count_less_than_max",
        max_redemptions_allowed: self.max_redemptions_allowed,
      ),
    )
  end
end