Add reason when banning a user

10 files changed, 109 insertions, 13 deletions

diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts
index 8f429d0b5..0e2be7123 100644
--- a/server/controllers/api/users.ts
+++ b/server/controllers/api/users.ts
@@ -302,8 +302,9 @@ async function unblockUser (req: express.Request, res: express.Response, next: e
 
 async function blockUser (req: express.Request, res: express.Response, next: express.NextFunction) {
   const user: UserModel = res.locals.user
+  const reason = req.body.reason
 
-  await changeUserBlock(res, user, true)
+  await changeUserBlock(res, user, true, reason)
 
   return res.status(204).end()
 }
@@ -454,10 +455,11 @@ function success (req: express.Request, res: express.Response, next: express.Nex
   res.end()
 }
 
-async function changeUserBlock (res: express.Response, user: UserModel, block: boolean) {
+async function changeUserBlock (res: express.Response, user: UserModel, block: boolean, reason?: string) {
   const oldUserAuditView = new UserAuditView(user.toFormattedJSON())
 
   user.blocked = block
+  user.blockedReason = reason || null
 
   await sequelizeTypescript.transaction(async t => {
     await OAuthTokenModel.deleteUserToken(user.id, t)
@@ -465,6 +467,8 @@ async function changeUserBlock (res: express.Response, user: UserModel, block: b
     await user.save({ transaction: t })
   })
 
+  await Emailer.Instance.addUserBlockJob(user, block, reason)
+
   auditLogger.update(
     res.locals.oauth.token.User.Account.Actor.getIdentifier(),
     new UserAuditView(user.toFormattedJSON()),
diff --git a/server/helpers/custom-validators/users.ts b/server/helpers/custom-validators/users.ts
index 4a0d79ae5..c3cdefd4e 100644
--- a/server/helpers/custom-validators/users.ts
+++ b/server/helpers/custom-validators/users.ts
@@ -42,6 +42,10 @@ function isUserBlockedValid (value: any) {
   return isBooleanValid(value)
 }
 
+function isUserBlockedReasonValid (value: any) {
+  return value === null || (exists(value) && validator.isLength(value, CONSTRAINTS_FIELDS.USERS.BLOCKED_REASON))
+}
+
 function isUserRoleValid (value: any) {
   return exists(value) && validator.isInt('' + value) && UserRole[value] !== undefined
 }
@@ -59,6 +63,7 @@ function isAvatarFile (files: { [ fieldname: string ]: Express.Multer.File[] } |
 export {
   isUserBlockedValid,
   isUserPasswordValid,
+  isUserBlockedReasonValid,
   isUserRoleValid,
   isUserVideoQuotaValid,
   isUserUsernameValid,
diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts
index 0a651beed..ea561b686 100644
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@@ -254,7 +254,8 @@ const CONSTRAINTS_FIELDS = {
     DESCRIPTION: { min: 3, max: 250 }, // Length
     USERNAME: { min: 3, max: 20 }, // Length
     PASSWORD: { min: 6, max: 255 }, // Length
-    VIDEO_QUOTA: { min: -1 }
+    VIDEO_QUOTA: { min: -1 },
+    BLOCKED_REASON: { min: 3, max: 250 } // Length
   },
   VIDEO_ABUSES: {
     REASON: { min: 2, max: 300 } // Length
diff --git a/server/initializers/migrations/0245-user-blocked.ts b/server/initializers/migrations/0245-user-blocked.ts
index 67afea5ed..5a04ecd2b 100644
--- a/server/initializers/migrations/0245-user-blocked.ts
+++ b/server/initializers/migrations/0245-user-blocked.ts
@@ -1,8 +1,5 @@
 import * as Sequelize from 'sequelize'
-import { createClient } from 'redis'
-import { CONFIG } from '../constants'
-import { JobQueue } from '../../lib/job-queue'
-import { initDatabaseModels } from '../database'
+import { CONSTRAINTS_FIELDS } from '../constants'
 
 async function up (utils: {
   transaction: Sequelize.Transaction
@@ -31,6 +28,15 @@ async function up (utils: {
     }
     await utils.queryInterface.changeColumn('user', 'blocked', data)
   }
+
+  {
+    const data = {
+      type: Sequelize.STRING(CONSTRAINTS_FIELDS.USERS.BLOCKED_REASON.max),
+      allowNull: true,
+      defaultValue: null
+    }
+    await utils.queryInterface.addColumn('user', 'blockedReason', data)
+  }
 }
 
 function down (options) {
diff --git a/server/lib/emailer.ts b/server/lib/emailer.ts
index ded321bf7..3faeffd77 100644
--- a/server/lib/emailer.ts
+++ b/server/lib/emailer.ts
@@ -89,7 +89,7 @@ class Emailer {
     return JobQueue.Instance.createJob({ type: 'email', payload: emailPayload })
   }
 
-  async addVideoAbuseReport (videoId: number) {
+  async addVideoAbuseReportJob (videoId: number) {
     const video = await VideoModel.load(videoId)
     if (!video) throw new Error('Unknown Video id during Abuse report.')
 
@@ -108,6 +108,27 @@ class Emailer {
     return JobQueue.Instance.createJob({ type: 'email', payload: emailPayload })
   }
 
+  addUserBlockJob (user: UserModel, blocked: boolean, reason?: string) {
+    const reasonString = reason ? ` for the following reason: ${reason}` : ''
+    const blockedWord = blocked ? 'blocked' : 'unblocked'
+    const blockedString = `Your account ${user.username} on ${CONFIG.WEBSERVER.HOST} has been ${blockedWord}${reasonString}.`
+
+    const text = 'Hi,\n\n' +
+      blockedString +
+      '\n\n' +
+      'Cheers,\n' +
+      `PeerTube.`
+
+    const to = user.email
+    const emailPayload: EmailPayload = {
+      to: [ to ],
+      subject: '[PeerTube] Account ' + blockedWord,
+      text
+    }
+
+    return JobQueue.Instance.createJob({ type: 'email', payload: emailPayload })
+  }
+
   sendMail (to: string[], subject: string, text: string) {
     if (!this.transporter) {
       throw new Error('Cannot send mail because SMTP is not configured.')
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 94d8ab53b..771c414a0 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -5,7 +5,7 @@ import { body, param } from 'express-validator/check'
 import { omit } from 'lodash'
 import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc'
 import {
-  isUserAutoPlayVideoValid,
+  isUserAutoPlayVideoValid, isUserBlockedReasonValid,
   isUserDescriptionValid,
   isUserDisplayNameValid,
   isUserNSFWPolicyValid,
@@ -76,9 +76,10 @@ const usersRemoveValidator = [
 
 const usersBlockingValidator = [
   param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
+  body('reason').optional().custom(isUserBlockedReasonValid).withMessage('Should have a valid blocking reason'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking usersRemove parameters', { parameters: req.params })
+    logger.debug('Checking usersBlocking parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
     if (!await checkUserIdExist(req.params.id, res)) return
diff --git a/server/models/account/user.ts b/server/models/account/user.ts
index ea6d63312..81b0651fd 100644
--- a/server/models/account/user.ts
+++ b/server/models/account/user.ts
@@ -21,6 +21,7 @@ import { hasUserRight, USER_ROLE_LABELS, UserRight } from '../../../shared'
 import { User, UserRole } from '../../../shared/models/users'
 import {
   isUserAutoPlayVideoValid,
+  isUserBlockedReasonValid,
   isUserBlockedValid,
   isUserNSFWPolicyValid,
   isUserPasswordValid,
@@ -107,6 +108,12 @@ export class UserModel extends Model<UserModel> {
   @Column
   blocked: boolean
 
+  @AllowNull(true)
+  @Default(null)
+  @Is('UserBlockedReason', value => throwIfNotValid(value, isUserBlockedReasonValid, 'blocked reason'))
+  @Column
+  blockedReason: string
+
   @AllowNull(false)
   @Is('UserRole', value => throwIfNotValid(value, isUserRoleValid, 'role'))
   @Column
@@ -284,6 +291,8 @@ export class UserModel extends Model<UserModel> {
       roleLabel: USER_ROLE_LABELS[ this.role ],
       videoQuota: this.videoQuota,
       createdAt: this.createdAt,
+      blocked: this.blocked,
+      blockedReason: this.blockedReason,
       account: this.Account.toFormattedJSON(),
       videoChannels: []
     }
diff --git a/server/models/video/video-abuse.ts b/server/models/video/video-abuse.ts
index a6319bb79..39f0c2cb2 100644
--- a/server/models/video/video-abuse.ts
+++ b/server/models/video/video-abuse.ts
@@ -57,7 +57,7 @@ export class VideoAbuseModel extends Model<VideoAbuseModel> {
 
   @AfterCreate
   static sendEmailNotification (instance: VideoAbuseModel) {
-    return Emailer.Instance.addVideoAbuseReport(instance.videoId)
+    return Emailer.Instance.addVideoAbuseReportJob(instance.videoId)
   }
 
   static listForApi (start: number, count: number, sort: string) {
diff --git a/server/tests/api/server/email.ts b/server/tests/api/server/email.ts
index 4be013c84..65d6a759f 100644
--- a/server/tests/api/server/email.ts
+++ b/server/tests/api/server/email.ts
@@ -2,7 +2,17 @@
 
 import * as chai from 'chai'
 import 'mocha'
-import { askResetPassword, createUser, reportVideoAbuse, resetPassword, runServer, uploadVideo, userLogin, wait } from '../../utils'
+import {
+  askResetPassword,
+  blockUser,
+  createUser,
+  reportVideoAbuse,
+  resetPassword,
+  runServer,
+  unblockUser,
+  uploadVideo,
+  userLogin
+} from '../../utils'
 import { flushTests, killallServers, ServerInfo, setAccessTokensToServers } from '../../utils/index'
 import { mockSmtpServer } from '../../utils/miscs/email'
 import { waitJobs } from '../../utils/server/jobs'
@@ -112,6 +122,42 @@ describe('Test emails', function () {
     })
   })
 
+  describe('When blocking/unblocking user', async function () {
+    it('Should send the notification email when blocking a user', async function () {
+      this.timeout(10000)
+
+      const reason = 'my super bad reason'
+      await blockUser(server.url, userId, server.accessToken, 204, reason)
+
+      await waitJobs(server)
+      expect(emails).to.have.lengthOf(3)
+
+      const email = emails[2]
+
+      expect(email['from'][0]['address']).equal('test-admin@localhost')
+      expect(email['to'][0]['address']).equal('user_1@example.com')
+      expect(email['subject']).contains(' blocked')
+      expect(email['text']).contains(' blocked')
+      expect(email['text']).contains(reason)
+    })
+
+    it('Should send the notification email when unblocking a user', async function () {
+      this.timeout(10000)
+
+      await unblockUser(server.url, userId, server.accessToken, 204)
+
+      await waitJobs(server)
+      expect(emails).to.have.lengthOf(4)
+
+      const email = emails[3]
+
+      expect(email['from'][0]['address']).equal('test-admin@localhost')
+      expect(email['to'][0]['address']).equal('user_1@example.com')
+      expect(email['subject']).contains(' unblocked')
+      expect(email['text']).contains(' unblocked')
+    })
+  })
+
   after(async function () {
     killallServers([ server ])
   })
diff --git a/server/tests/utils/users/users.ts b/server/tests/utils/users/users.ts
index 7e15fc86e..f786de6e3 100644
--- a/server/tests/utils/users/users.ts
+++ b/server/tests/utils/users/users.ts
@@ -134,11 +134,14 @@ function removeUser (url: string, userId: number | string, accessToken: string,
           .expect(expectedStatus)
 }
 
-function blockUser (url: string, userId: number | string, accessToken: string, expectedStatus = 204) {
+function blockUser (url: string, userId: number | string, accessToken: string, expectedStatus = 204, reason?: string) {
   const path = '/api/v1/users'
+  let body: any
+  if (reason) body = { reason }
 
   return request(url)
     .post(path + '/' + userId + '/block')
+    .send(body)
     .set('Accept', 'application/json')
     .set('Authorization', 'Bearer ' + accessToken)
     .expect(expectedStatus)