Merge pull request #3792 from withspectrum/2.4.26

2.4.26

Author: brianlovin

api/index.js

@@ -94,25 +94,33 @@ import createSubscriptionsServer from './routes/create-subscription-server';
 const subscriptionsServer = createSubscriptionsServer(server, '/websocket');
 
 // Start API wrapped in Apollo Engine
-// const engine = new ApolloEngine({
-//   logging: {
-//     level: 'WARN',
-//   },
-//   apiKey: process.env.APOLLO_ENGINE_API_KEY,
-//   // Only send perf data to the remote server in production
-//   reporting: {
-//     disabled: process.env.NODE_ENV !== 'production',
-//     hostname: process.env.NOW_URL || undefined,
-//     privateHeaders: ['authorization', 'Authorization', 'AUTHORIZATION'],
-//   },
-// });
-
-// engine.listen({
-//   port: PORT,
-//   httpServer: server,
-//   graphqlPaths: ['/api'],
-// });
-server.listen(PORT);
+const engine = new ApolloEngine({
+  logging: {
+    level: 'WARN',
+  },
+  apiKey: process.env.APOLLO_ENGINE_API_KEY,
+  // Only send perf data to the remote server in production
+  reporting: {
+    disabled: process.env.NODE_ENV !== 'production',
+    hostname: process.env.NOW_URL || undefined,
+    privateHeaders: ['authorization', 'Authorization', 'AUTHORIZATION'],
+  },
+  queryCache: {
+    // Don't cache logged-in user responses
+    privateFullQueryStore: 'disabled',
+  },
+  sessionAuth: {
+    cookie: 'session',
+    // TODO(@mxstbr): Ping Apollo to note that we need both of those
+    // header: 'Authorization'
+  },
+});
+
+engine.listen({
+  port: PORT,
+  httpServer: server,
+  graphqlPaths: ['/api'],
+});
 debug(`GraphQL server running at http://localhost:${PORT}/api`);
 
 process.on('unhandledRejection', async err => {

api/mutations/user/index.js

@@ -14,6 +14,7 @@ import unsubscribeWebPush from './unsubscribeWebPush';
 import updateUserEmail from './updateUserEmail';
 import deleteCurrentUser from './deleteCurrentUser';
 import subscribeExpoPush from './subscribeExpoPush';
+import reportUser from './reportUser';
 
 module.exports = {
   Mutation: {
@@ -24,5 +25,6 @@ module.exports = {
     updateUserEmail,
     deleteCurrentUser,
     subscribeExpoPush,
+    reportUser,
   },
 };

api/mutations/user/reportUser.js

@@ -0,0 +1,64 @@
+// @flow
+import { isAuthedResolver } from '../../utils/permissions';
+import UserError from '../../utils/UserError';
+import { _adminProcessUserReportedQueue } from 'shared/bull/queues';
+import type { GraphQLContext } from '../../';
+import { events } from 'shared/analytics';
+import { trackQueue } from 'shared/bull/queues';
+
+type ReportUserInput = {
+  input: {
+    userId: string,
+    reason: string,
+  },
+};
+
+export default isAuthedResolver(
+  async (_: any, args: ReportUserInput, ctx: GraphQLContext) => {
+    const {
+      input: { userId, reason },
+    } = args;
+    const { loaders, user: currentUser } = ctx;
+
+    if (currentUser.id === userId) {
+      return new UserError('You cannot report yourself.');
+    }
+
+    const reportedUser = await loaders.user.load(userId);
+
+    if (!reportedUser) {
+      return new UserError(`User with ID ${userId} does not exist.`);
+    }
+
+    try {
+      trackQueue.add({
+        userId,
+        event: events.USER_WAS_REPORTED,
+        properties: {
+          reason,
+          reportedBy: currentUser.id,
+        },
+      });
+
+      trackQueue.add({
+        userId: currentUser.id,
+        event: events.USER_REPORTED_USER,
+        properties: {
+          reason,
+          reportedUser: userId,
+        },
+      });
+
+      await _adminProcessUserReportedQueue.add({
+        userId,
+        reason,
+        reportedBy: currentUser.id,
+        reportedAt: new Date(),
+      });
+    } catch (err) {
+      console.error(err);
+      return false;
+    }
+    return true;
+  }
+);

api/package.json

@@ -22,7 +22,7 @@
     "cors": "^2.8.3",
     "cryptr": "^3.0.0",
     "dataloader": "^1.4.0",
-    "debounce": "^1.1.0",
+    "debounce": "^1.2.0",
     "debug": "^2.6.8",
     "draft-js": "^0.10.5",
     "draft-js-code-editor-plugin": "0.2.1",
@@ -113,7 +113,7 @@
     "sanitize-filename": "^1.6.1",
     "serialize-javascript": "^1.5.0",
     "session-rethinkdb": "^2.0.0",
-    "shortid": "^2.2.12",
+    "shortid": "^2.2.13",
     "slate": "^0.20.1",
     "slate-markdown": "0.1.0",
     "slugg": "^1.1.0",

api/queries/community/metaData.js

@@ -11,6 +11,7 @@ export default async (root: DBCommunity, _: any, ctx: GraphQLContext) => {
     return {
       channels: 0,
       members: 0,
+      onlineMembers: 0,
     };
   }
 

api/routes/api/graphql.js

@@ -15,6 +15,9 @@ export default graphqlExpress(req => {
   return {
     schema,
     formatError: createErrorFormatter(req),
+    tracing: true,
+    cacheControl: true,
+    engine: false,
     context: {
       loaders,
       user: currentUser,

api/types/Community.js

@@ -41,7 +41,7 @@ const Community = /* GraphQL */ `
     node: Thread!
   }
 
-  type CommunityMetaData {
+  type CommunityMetaData @cacheControl(maxAge: 1800) {
     members: Int
     channels: Int
     onlineMembers: Int