BLENDER: Add Admin page for Issues or Comments that contain external links

Author: bartvdbraak

models/issues/comment.go

@@ -1313,3 +1313,17 @@ func InsertIssueComments(ctx context.Context, comments []*Comment) error {
 	}
 	return committer.Commit()
 }
+
+// GetRecentComments returns the most recent issue comments
+func GetRecentComments(ctx context.Context, opts *db.ListOptions) ([]*Comment, error) {
+	sess := db.GetEngine(ctx).
+		Where("type = ?", CommentTypeComment).
+		OrderBy("created_unix DESC")
+
+	if opts != nil {
+		sess = db.SetSessionPagination(sess, opts)
+	}
+
+	comments := make([]*Comment, 0, opts.PageSize)
+	return comments, sess.Find(&comments)
+}

models/issues/issue.go

@@ -824,3 +824,17 @@ func ChangeIssueTimeEstimate(ctx context.Context, issue *Issue, doer *user_model
 		return nil
 	})
 }
+
+// GetRecentIssues returns the most recently created issues
+func GetRecentIssues(ctx context.Context, opts *db.ListOptions) ([]*Issue, error) {
+	sess := db.GetEngine(ctx).
+		Where("is_pull = ?", false).
+		OrderBy("created_unix DESC")
+
+	if opts != nil {
+		sess = db.SetSessionPagination(sess, opts)
+	}
+
+	issues := make([]*Issue, 0, opts.PageSize)
+	return issues, sess.Find(&issues)
+}

options/locale/locale_en-US.ini

@@ -2957,8 +2957,10 @@ first_page = First
 last_page = Last
 total = Total: %d
 settings = Admin Settings
+spam_management = Spam Management
 spamreports = Spam Reports
-users_with_links = Users (Potential Spam)
+users_with_links = Users with Links
+issues_with_links = Issues/Comments with Links
 
 dashboard.new_version_hint = Gitea %s is now available, you are running %s. Check <a target="_blank" rel="noreferrer" href="%s">the blog</a> for more details.
 dashboard.statistic = Summary

routers/utils/utils.go

@@ -12,3 +12,17 @@ import (
 func SanitizeFlashErrorString(x string) string {
 	return strings.ReplaceAll(html.EscapeString(x), "\n", "<br>")
 }
+
+func ContainsHyperlink(text string) bool {
+	text = strings.ToLower(text)
+	return strings.Contains(text, "http://") || strings.Contains(text, "https://")
+}
+
+func ContainsExcludedDomain(snippet string, domains []string) bool {
+	for _, domain := range domains {
+		if strings.Contains(snippet, domain) {
+			return true
+		}
+	}
+	return false
+}

routers/web/admin/issues_with_links.go

@@ -0,0 +1,179 @@
+package admin
+
+import (
+	"net/http"
+	"sort"
+	"strings"
+	"time"
+
+	"code.gitea.io/gitea/modules/log"
+
+	issue_model "code.gitea.io/gitea/models/issues"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/routers/utils"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/services/context"
+	user_model "code.gitea.io/gitea/models/user"
+)
+
+const tplIssuesWithLinks templates.TplName = "admin/issues_with_links"
+
+// item with link in content
+type linkItem struct {
+	Type        string
+	Content     string
+	User        *user_model.User
+	UserCreated time.Time
+	RepoLink    string
+	ItemLink    string
+	Created			time.Time
+}
+
+// IssuesWithLinks shows issues and comments with external links
+func IssuesWithLinks(ctx *context.Context) {
+	ctx.Data["Title"] = ctx.Tr("admin.issues_with_links")
+	ctx.Data["PageIsIssuesWithLinks"] = true
+
+	page := ctx.FormInt("page")
+	if page <= 1 {
+		page = 1
+	}
+
+	// fetch recent issues and comments
+	limit := setting.UI.Admin.UserPagingNum
+	issues, err := issue_model.GetRecentIssues(ctx, &db.ListOptions{Page: page, PageSize: limit})
+	if err != nil {
+		ctx.ServerError("GetRecentIssues", err)
+		return
+	}
+	comments, err := issue_model.GetRecentComments(ctx, &db.ListOptions{Page: page, PageSize: limit})
+	if err != nil {
+		ctx.ServerError("GetRecentComments", err)
+		return
+	}
+
+	var excludedDomains = []string{
+		"localhost:3000",
+		"github.com",
+	}
+
+	var items []linkItem
+	appendIfHasLink := func(typeLabel, content, itemLink, repoLink string, created time.Time, u *user_model.User) {
+		if !utils.ContainsHyperlink(content) {
+			return
+		}
+
+		snippet := extractFirstLinkSnippet(content)
+		if snippet == "" || utils.ContainsExcludedDomain(snippet, excludedDomains) {
+			return
+		}
+
+		items = append(items, linkItem{
+			Type:        typeLabel,
+			Content:     snippet,
+			User:        u,
+			UserCreated: u.CreatedUnix.AsTime(),
+			RepoLink:    repoLink,
+			ItemLink:    itemLink,
+			Created: 		 created,
+		})
+	}
+
+	for _, issue := range issues {
+
+		if issue.Content == "" {
+			continue
+		}
+
+		if issue.Repo == nil {
+			issue.Repo, err = repo_model.GetRepositoryByID(ctx, issue.RepoID)
+			if err != nil {
+				log.Warn("Could not load repo for issue %d: %v", issue.ID, err)
+				continue
+			}
+		}
+
+		u, err := user_model.GetUserByID(ctx, issue.PosterID)
+		if err != nil {
+			continue
+		}
+
+		appendIfHasLink("Issue", issue.Content, issue.HTMLURL(), issue.Repo.HTMLURL(), issue.CreatedUnix.AsTime(), u)
+	}
+
+	for _, comment := range comments {
+		if comment.Issue == nil {
+			comment.Issue, err = issue_model.GetIssueByID(ctx, comment.IssueID)
+			if err != nil {
+				log.Warn("Could not load issue for comment %d: %v", comment.ID, err)
+				continue
+			}
+		}
+
+		if comment.Issue.Repo == nil {
+			comment.Issue.Repo, err = repo_model.GetRepositoryByID(ctx, comment.Issue.RepoID)
+			if err != nil {
+				log.Warn("Could not load repo for issue %d: %v", comment.Issue.ID, err)
+				continue
+			}
+		}
+
+
+		if comment.Content == "" {
+			continue
+		}
+
+		u, err := user_model.GetUserByID(ctx, comment.PosterID)
+		if err != nil {
+			continue
+		}
+
+		appendIfHasLink("Comment", comment.Content, comment.HTMLURL(ctx), comment.Issue.Repo.HTMLURL(), comment.CreatedUnix.AsTime(), u)
+	}
+
+	// Sort by user creation date desc
+	sort.Slice(items, func(i, j int) bool {
+		return items[i].UserCreated.After(items[j].UserCreated)
+	})
+
+	total := len(items)
+	start := (page - 1) * limit
+	end := start + limit
+	if start > total {
+		start = total
+	}
+	if end > total {
+		end = total
+	}
+	paged := items[start:end]
+
+	ctx.Data["Items"] = paged
+	ctx.Data["Total"] = total
+
+	// pager
+	pager := context.NewPagination(total, limit, page, 5)
+	pager.AddParamFromRequest(ctx.Req)
+	ctx.Data["Page"] = pager
+
+	ctx.HTML(http.StatusOK, tplIssuesWithLinks)
+}
+
+// for brevity, just return the first 200 chars containing http[s]
+func extractFirstLinkSnippet(text string) string {
+	lower := strings.ToLower(text)
+	i := strings.Index(lower, "http://")
+	if i < 0 {
+		i = strings.Index(lower, "https://")
+	}
+	if i < 0 {
+		return ""
+	}
+	start := i
+	end := start + 200
+	if end > len(text) {
+		end = len(text)
+	}
+	return text[start:end]
+}

routers/web/admin/users_with_links.go

@@ -2,9 +2,9 @@ package admin
 
 import (
 	"net/http"
-	"strings"
 
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/routers/utils"
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
@@ -17,7 +17,7 @@ const tplUsersWithLinks templates.TplName = "admin/users_with_links"
 // UsersWithLinks renders a list of users that contain hyperlinks in bio fields
 func UsersWithLinks(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.users.with_links")
-	ctx.Data["PageIsAdminUsers"] = true
+	ctx.Data["PageIsUsersWithLinks"] = true
 
 	// Parse filters from query parameters
 	statusActive := ctx.FormString("status_filter[is_active]")
@@ -60,8 +60,8 @@ func UsersWithLinks(ctx *context.Context) {
 	// Filter users with hyperlinks in bio fields
 	filtered := make([]*user_model.User, 0, len(users))
 	for _, u := range users {
-		if containsHyperlink(u.FullName) || containsHyperlink(u.Description) ||
-			containsHyperlink(u.Location) || containsHyperlink(u.Website) {
+		if utils.ContainsHyperlink(u.FullName) || utils.ContainsHyperlink(u.Description) ||
+			utils.ContainsHyperlink(u.Location) || utils.ContainsHyperlink(u.Website) {
 			filtered = append(filtered, u)
 		}
 	}
@@ -77,8 +77,3 @@ func UsersWithLinks(ctx *context.Context) {
 
 	ctx.HTML(http.StatusOK, tplUsersWithLinks)
 }
-
-func containsHyperlink(text string) bool {
-	text = strings.ToLower(text)
-	return strings.Contains(text, "http://") || strings.Contains(text, "https://")
-}

routers/web/web.go

@@ -761,15 +761,19 @@ func registerWebRoutes(m *web.Router) {
 		})
 
 		// BLENDER: spam reporting
-		m.Group("/users_with_links", func() {
-			m.Get("", admin.UsersWithLinks)
-		})
 		m.Group("/spamreports", func() {
 			m.Get("", admin.SpamReports)
 			m.Post("", admin.SpamReportsPost)
 		})
 		m.Post("/purge_spammer", admin.PurgeSpammerPost)
 
+		m.Group("/users_with_links", func() {
+			m.Get("", admin.UsersWithLinks)
+		})
+		m.Group("/issues_with_links", func() {
+			m.Get("", admin.IssuesWithLinks)
+		})
+
 		m.Group("/orgs", func() {
 			m.Get("", admin.Organizations)
 		})

templates/admin/issues_with_links.tmpl

@@ -0,0 +1,38 @@
+{{template "admin/layout_head" (dict "ctxData" . "pageClass" "admin issues")}}
+<div class="admin-setting-content">
+  <h4 class="ui top attached header">
+    {{ctx.Locale.Tr "admin.issues_with_links"}} ({{.Total}})
+  </h4>
+  <div class="ui attached table segment">
+    <table class="ui very basic striped table unstackable">
+      <thead>
+        <tr>
+          <th>Type</th>
+          <th>Found Link(s)</th>
+          <th>Created</th>
+          <th>{{ctx.Locale.Tr "admin.users.name"}}</th>
+          <th>User Created</th>
+          <th>Repository</th>
+        </tr>
+      </thead>
+      <tbody>
+        {{range .Items}}
+        <tr>
+          <td>{{.Type}}</td>
+          <td class="gt-ellipsis tw-max-w-96"><a href="{{.ItemLink}}" target="_blank">{{.Content}}</a></td>
+          <td>{{DateUtils.AbsoluteShort .Created}}</td>
+          <td><a href="{{.User.HomeLink}}">{{.User.Name}}</a></td>
+          <td>{{DateUtils.AbsoluteShort .UserCreated}}</td>
+          <td><a href="{{.RepoLink}}" target="_blank">{{.RepoLink}}</a></td>
+        </tr>
+        {{else}}
+        <tr class="no-results-row">
+          <td class="tw-text-center" colspan="5">{{ctx.Locale.Tr "no_results_found"}}</td>
+        </tr>
+        {{end}}
+      </tbody>
+    </table>
+  </div>
+  {{template "base/paginate" .}}
+</div>
+{{template "admin/layout_footer" .}}

templates/admin/navbar.tmpl

@@ -13,7 +13,7 @@
 				</a>
 			</div>
 		</details>
-		<details class="item toggleable-item" {{if or .PageIsAdminUsers .PageIsAdminEmails .PageIsAdminOrganizations .PageIsAdminAuthentications .PageIsSpamReports}}open{{end}}>
+		<details class="item toggleable-item" {{if or .PageIsAdminUsers .PageIsAdminEmails .PageIsAdminOrganizations .PageIsAdminAuthentications}}open{{end}}>
 			<summary>{{ctx.Locale.Tr "admin.identity_access"}}</summary>
 			<div class="menu">
 				<a class="{{if .PageIsAdminAuthentications}}active {{end}}item" href="{{AppSubUrl}}/-/admin/auths">
@@ -28,12 +28,20 @@
 				<a class="{{if .PageIsAdminEmails}}active {{end}}item" href="{{AppSubUrl}}/-/admin/emails">
 					{{ctx.Locale.Tr "admin.emails"}}
 				</a>
+			</div>
+		</details>
+		<details class="item toggleable-item" {{if or .PageIsSpamReports .PageIsUsersWithLinks .PageIsIssuesWithLinks}}open{{end}}>
+			<summary>{{ctx.Locale.Tr "admin.spam_management"}}</summary>
+			<div class="menu">
 				<a class="{{if .PageIsSpamReports}}active {{end}}item" href="{{AppSubUrl}}/-/admin/spamreports">
 					{{ctx.Locale.Tr "admin.spamreports"}}
 				</a>
-				<a class="{{if .PageIsSpamReports}}active {{end}}item" href="{{AppSubUrl}}/-/admin/users_with_links">
+				<a class="{{if .PageIsUsersWithLinks}}active {{end}}item" href="{{AppSubUrl}}/-/admin/users_with_links">
 					{{ctx.Locale.Tr "admin.users_with_links"}}
 				</a>
+				<a class="{{if .PageIsIssuesWithLinks}}active {{end}}item" href="{{AppSubUrl}}/-/admin/issues_with_links">
+					{{ctx.Locale.Tr "admin.issues_with_links"}}
+				</a>
 			</div>
 		</details>
 		<details class="item toggleable-item" {{if or .PageIsAdminRepositories (and .EnablePackages .PageIsAdminPackages)}}open{{end}}>