Class: UserBadgesController

Inherits:
ApplicationController show all
Defined in:
app/controllers/user_badges_controller.rb

Constant Summary collapse

MAX_BADGES =

This was limited in PR#2360 to make it divisible by 8

96

Constants inherited from ApplicationController

ApplicationController::CHALLENGE_KEY, ApplicationController::HONEYPOT_KEY, ApplicationController::LEGACY_NO_THEMES, ApplicationController::LEGACY_NO_UNOFFICIAL_PLUGINS, ApplicationController::NO_PLUGINS, ApplicationController::NO_THEMES, ApplicationController::NO_UNOFFICIAL_PLUGINS, ApplicationController::SAFE_MODE

Constants included from CanonicalURL::ControllerExtensions

CanonicalURL::ControllerExtensions::ALLOWED_CANONICAL_PARAMS

Instance Attribute Summary

Attributes inherited from ApplicationController

#theme_id

Instance Method Summary collapse

Methods inherited from ApplicationController

#application_layout, #can_cache_content?, #clear_notifications, #conditionally_allow_site_embedding, #current_homepage, #discourse_expires_in, #dont_cache_page, #ember_cli_required?, #fetch_user_from_params, #guardian, #handle_permalink, #handle_theme, #handle_unverified_request, #has_escaped_fragment?, #immutable_for, #login_method, #no_cookies, #perform_refresh_session, #post_ids_including_replies, #preload_json, #rate_limit_second_factor!, #redirect_with_client_support, #render_json_dump, #render_serialized, requires_plugin, #rescue_discourse_actions, #resolve_safe_mode, #secure_session, #serialize_data, #set_current_user_for_logs, #set_layout, #set_mobile_view, #set_mp_snapshot_fields, #show_browser_update?, #store_preloaded, #use_crawler_layout?, #with_resolved_locale

Methods included from VaryHeader

#ensure_vary_header

Methods included from ThemeResolver

resolve_theme_id

Methods included from ReadOnlyMixin

#add_readonly_header, #allowed_in_staff_writes_only_mode?, #block_if_readonly_mode, #check_readonly_mode, #get_or_check_readonly_mode, #get_or_check_staff_writes_only_mode, included, #staff_writes_only_mode?

Methods included from Hijack

#hijack

Methods included from GlobalPath

#cdn_path, #cdn_relative_path, #full_cdn_url, #path, #upload_cdn_path

Methods included from JsonError

#create_errors_json

Methods included from CanonicalURL::ControllerExtensions

#canonical_url, #default_canonical, included

Methods included from CurrentUser

#clear_current_user, #current_user, has_auth_cookie?, #is_api?, #is_user_api?, #log_off_user, #log_on_user, lookup_from_env, #refresh_session

Instance Method Details

#createObject 



80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
 
# File 'app/controllers/user_badges_controller.rb', line 80

def create
  params.require(:username)
  user = fetch_user_from_params

  return render json: failed_json, status: 403 unless can_assign_badge_to_user?(user)

  badge = fetch_badge_from_params
  post_id = nil

  if params[:reason].present?
    unless is_badge_reason_valid? params[:reason]
      return(
        render json: failed_json.merge(message: I18n.t("invalid_grant_badge_reason_link")),
               status: 400
      )
    end

    if route = Discourse.route_for(params[:reason])
      if route[:controller] == "topics" && route[:action] == "show"
        topic_id = (route[:id] || route[:topic_id]).to_i
        post_number = route[:post_number] || 1
        post_id = Post.find_by(topic_id: topic_id, post_number: post_number)&.id if topic_id > 0
      end
    end
  end

  grant_opts_from_params =
    DiscoursePluginRegistry.apply_modifier(
      :user_badges_badge_grant_opts,
      { granted_by: current_user, post_id: post_id },
      { param: params },
    )

  user_badge = BadgeGranter.grant(badge, user, grant_opts_from_params)

  render_serialized(user_badge, DetailedUserBadgeSerializer, root: "user_badge")
end

#destroyObject 



118
119
120
121
122
123
124
125
126
127
128
129
 
# File 'app/controllers/user_badges_controller.rb', line 118

def destroy
  params.require(:id)
  user_badge = UserBadge.find(params[:id])

  unless can_assign_badge_to_user?(user_badge.user)
    render json: failed_json, status: 403
    return
  end

  BadgeGranter.revoke(user_badge, revoked_by: current_user)
  render json: success_json
end

#indexObject 



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'app/controllers/user_badges_controller.rb', line 8

def index
  params.permit %i[granted_before offset username]

  badge = fetch_badge_from_params
  user_badges = badge.user_badges.order("granted_at DESC, id DESC").limit(MAX_BADGES)
  user_badges =
    user_badges.includes(
      :user,
      :granted_by,
      badge: :badge_type,
      post: :topic,
      user: %i[primary_group flair_group],
    )

  grant_count = nil

  if params[:username]
    user_id = User.where(username_lower: params[:username].downcase).pick(:id)
    user_badges = user_badges.where(user_id: user_id) if user_id
    grant_count = badge.user_badges.where(user_id: user_id).count
  end

  offset = fetch_int_from_params(:offset, default: 0)
  user_badges = user_badges.offset(offset) if offset > 0

  user_badges_topic_ids = user_badges.map { |user_badge| user_badge.post&.topic_id }.compact

  user_badges =
    UserBadges.new(
      user_badges: user_badges,
      username: params[:username],
      grant_count: grant_count,
    )

  render_serialized(
    user_badges,
    UserBadgesSerializer,
    root: :user_badge_info,
    include_long_description: true,
    allowed_user_badge_topic_ids: guardian.can_see_topic_ids(topic_ids: user_badges_topic_ids),
  )
end

#toggle_favoriteObject 



131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
 
# File 'app/controllers/user_badges_controller.rb', line 131

def toggle_favorite
  params.require(:user_badge_id)
  user_badge = UserBadge.find(params[:user_badge_id])
  user_badges = user_badge.user.user_badges

  return render json: failed_json, status: 403 unless can_favorite_badge?(user_badge)

  if !user_badge.is_favorite &&
       user_badges.select(:badge_id).distinct.where(is_favorite: true).count >=
         SiteSetting.max_favorite_badges
    return render json: failed_json, status: 400
  end

  UserBadge.where(user_id: user_badge.user_id, badge_id: user_badge.badge_id).update_all(
    is_favorite: !user_badge.is_favorite,
  )
  UserBadge.update_featured_ranks!(user_badge.user_id)
end

#usernameObject

Raises:



51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
# File 'app/controllers/user_badges_controller.rb', line 51

def username
  params.permit [:grouped]

  user =
    fetch_user_from_params(
      include_inactive:
        current_user.try(:staff?) || (current_user && SiteSetting.show_inactive_accounts),
    )
  raise Discourse::NotFound unless guardian.can_see_profile?(user)
  user_badges = user.user_badges

  user_badges = user_badges.group(:badge_id).select_for_grouping if params[:grouped]

  user_badges =
    user_badges
      .includes(badge: %i[badge_grouping badge_type image_upload])
      .includes(post: :topic)
      .includes(:granted_by)

  user_badges_topic_ids = user_badges.map { |user_badge| user_badge.post&.topic_id }.compact

  render_serialized(
    user_badges,
    DetailedUserBadgeSerializer,
    allowed_user_badge_topic_ids: guardian.can_see_topic_ids(topic_ids: user_badges_topic_ids),
    root: :user_badges,
  )
end