From 2718b26018e3d32e3be3b7133852e7a7109a421d Mon Sep 17 00:00:00 2001
From: butlerx <cianbutlerx@gmail.com>
Date: Thu, 14 Jul 2016 17:05:42 +0100
Subject: [PATCH] Add support for account, \n add db migration for userlockout
 \n add email asking user to reset when account lockout

---
 .../user-lockout-en_US/user-lockout.html.ejs  | 15 ++++
 .../user-lockout-en_US/user-lockout.text.ejs  | 10 +++
 lib/users/unlock-account-email.js             | 33 ++++++++
 package.json                                  |  6 +-
 .../pg/migrations/019.do.add-user-lock.sql    |  9 +++
 users.js                                      |  5 +-
 web/locale/en_US/messages.po                  | 77 +------------------
 7 files changed, 77 insertions(+), 78 deletions(-)
 create mode 100644 email-templates/user-lockout-en_US/user-lockout.html.ejs
 create mode 100644 email-templates/user-lockout-en_US/user-lockout.text.ejs
 create mode 100644 lib/users/unlock-account-email.js
 create mode 100644 scripts/database/pg/migrations/019.do.add-user-lock.sql

diff --git a/email-templates/user-lockout-en_US/user-lockout.html.ejs b/email-templates/user-lockout-en_US/user-lockout.html.ejs
new file mode 100644
index 00000000..fef409b8
--- /dev/null
+++ b/email-templates/user-lockout-en_US/user-lockout.html.ejs
@@ -0,0 +1,15 @@
+<% include ../common-en_US/header.ejs %>
+
+<h1>Hi <%=name%>,</h1>
+
+<p>We have noticed multiple failed attempts to login to your zen account so for security reasons have locked your account.  </p>
+
+<p>To unlock your account you will need to change your password.</p>
+<p>Please follow the link below to reset your password.</br>
+<a href="<%=resetlink%>"><%=resetlink%></a></p>
+
+
+<p>Best wishes,</br>
+The CoderDojo Foundation Team</p>
+
+<% include ../common-en_US/footer.ejs %>
diff --git a/email-templates/user-lockout-en_US/user-lockout.text.ejs b/email-templates/user-lockout-en_US/user-lockout.text.ejs
new file mode 100644
index 00000000..4bdd215b
--- /dev/null
+++ b/email-templates/user-lockout-en_US/user-lockout.text.ejs
@@ -0,0 +1,10 @@
+Hi <%=name%>;
+
+We have noticed multiple failed attempts to login to your zen account so for security reasons have locked your account.
+
+To unlock your account you will need to change your password.
+Please follow the link below to reset your password.
+<%=resetlink%>
+
+Best wishes,
+The CoderDojo Foundation Team
diff --git a/lib/users/unlock-account-email.js b/lib/users/unlock-account-email.js
new file mode 100644
index 00000000..b54659f6
--- /dev/null
+++ b/lib/users/unlock-account-email.js
@@ -0,0 +1,33 @@
+'use strict';
+var async = require('async');
+var _ = require('lodash');
+var protocol = process.env.PROTOCOL || 'http';
+var zenHostname = process.env.HOSTNAME || '127.0.0.1:8000';
+
+function unlockAccountEmail (args, cb) {
+  var seneca = this;
+  var email = args.email;
+  var locality = args.locality || 'en_US';
+  var emailCode = 'user-lockout-';
+  var emailSubject = 'CoderDojo Zen Account Lockout';
+
+  seneca.act({role: 'cd-users', cmd: 'get_users_by_email', email: email}, function (err, users) {
+    if (err) return done(err);
+    if (options['email-notifications'].sendemail) {
+      seneca.act({role: 'email-notifications', cmd: 'send'}, {
+        code: emailCode,
+        locality: locality,
+        to: email,
+        subject: emailSubject,
+        content: {name: users[0].name, resetlink: protocol + '://' + zenHostname + '/reset_password', year: moment(new Date()).format('YYYY')}
+      }, function (err, response) {
+        if (err) return done(err);
+        return done(null, { ok: true });
+      });
+    } else {
+      return done(null, {ok: false});
+    }
+  });
+}
+
+module.exports = unlockAccountEmail;
diff --git a/package.json b/package.json
index e09ef016..8f39f0e6 100644
--- a/package.json
+++ b/package.json
@@ -41,11 +41,11 @@
     "po2json": "0.4.2",
     "postgrator": "2.2.0",
     "request": "2.58.0",
-    "seneca": "0.7.2",
-    "seneca-auth": "0.2.10",
+    "seneca": "1.4.0",
+    "seneca-auth": "1.0.0",
     "seneca-mail": "0.2.1",
     "seneca-postgresql-store": "1.1.3",
-    "seneca-user": "0.2.10",
+    "seneca-user": "1.0.0",
     "cp-permissions-plugin": "git://github.com/CoderDojo/cp-permissions-plugin#0.0.1",
     "shortid": "2.2.2",
     "xoauth2": "1.1.0"
diff --git a/scripts/database/pg/migrations/019.do.add-user-lock.sql b/scripts/database/pg/migrations/019.do.add-user-lock.sql
new file mode 100644
index 00000000..6976c745
--- /dev/null
+++ b/scripts/database/pg/migrations/019.do.add-user-lock.sql
@@ -0,0 +1,9 @@
+DO $$
+    BEGIN
+        BEGIN
+            ALTER TABLE sys_user ADD COLUMN lock_try integer;
+        EXCEPTION
+            WHEN duplicate_column THEN RAISE NOTICE 'column token already exists in sys_user.';
+        END;
+    END;
+$$
diff --git a/users.js b/users.js
index d5cf78b5..a455c47a 100644
--- a/users.js
+++ b/users.js
@@ -32,8 +32,9 @@ module.exports = function (options) {
   seneca.add({role: plugin, cmd: 'kpi_number_of_youths_registered'}, cmd_kpi_number_of_youths_registered);
   seneca.add({role: plugin, cmd: 'kpi_number_of_champions_and_mentors_registered'}, cmd_kpi_number_of_champions_and_mentors_registered);
   seneca.add({role: plugin, cmd: 'kpi_number_of_youth_females_registered'}, cmd_kpi_number_of_youth_females_registered);
-  seneca.add({role: 'cd-users', cmd: 'is_self'}, require('./lib/users/is-self'));
-  seneca.add({role: 'cd-users', cmd: 'is_parent_of'}, require('./lib/users/is-parent-of'));
+  seneca.add({role: plugin, cmd: 'is_self'}, require('./lib/users/is-self'));
+  seneca.add({role: plugin, cmd: 'is_parent_of'}, require('./lib/users/is-parent-of'));
+  seneca.add({role: plugin, cmd: 'unlock_account_email'}, require('./lib/users/unlock-account-email'));
 
   function cmd_load_prev_founder (args, done) {
     var seneca = this;
diff --git a/web/locale/en_US/messages.po b/web/locale/en_US/messages.po
index 8bf11977..5cc39007 100644
--- a/web/locale/en_US/messages.po
+++ b/web/locale/en_US/messages.po
@@ -498,9 +498,6 @@ msgstr "All Dojos are independent, autonomous, community groups set up to inspir
 msgid "We commit to inspiring and supporting young people to learn how to create technology"
 msgstr "We commit to inspiring and supporting young people to learn how to create technology"
 
-msgid "We commit to inspiring and supporting young people to learn how to create technology"
-msgstr "We commit to inspiring and supporting young people to learn how to create technology"
-
 msgid "We commit to the highest possible standards of child protection in our jurisdiction"
 msgstr "We commit to the highest possible standards of child protection in our jurisdiction"
 
@@ -597,9 +594,6 @@ msgstr "Next"
 msgid "Dojo Menu"
 msgstr "Dojo Menu"
 
-msgid "Events"
-msgstr "Events"
-
 msgid "Forum"
 msgstr "Forum"
 
@@ -669,9 +663,6 @@ msgstr "Send Request"
 msgid "Contact"
 msgstr "Contact"
 
-msgid "Email"
-msgstr "Email"
-
 msgid "Dojo Email"
 msgstr "Dojo Email"
 
@@ -882,9 +873,6 @@ msgstr "unverified"
 msgid "Stage"
 msgstr "Stage"
 
-msgid "Dojo Email"
-msgstr "Dojo Email"
-
 msgid "User Email"
 msgstr "User Email"
 
@@ -957,15 +945,9 @@ msgstr "You must be over 18 years old..."
 msgid "Please include country code..."
 msgstr "Please include country code..."
 
-msgid "Address"
-msgstr "Address"
-
 msgid "Enter your street level address..."
 msgstr "Enter your street level address..."
 
-msgid "Address is empty"
-msgstr "Address is empty"
-
 msgid "Technical Experience"
 msgstr "Technical Experience"
 
@@ -1242,9 +1224,6 @@ msgstr "Newspaper/Magazine"
 msgid "Radio"
 msgstr "Radio"
 
-msgid "Family/Friends"
-msgstr "Family/Friends"
-
 msgid "Error loading profile"
 msgstr "Error loading profile:"
 
@@ -1323,9 +1302,6 @@ msgstr "Type"
 msgid "For"
 msgstr "For"
 
-msgid "Name"
-msgstr "Name"
-
 msgid "Capacity"
 msgstr "Capacity"
 
@@ -1707,9 +1683,6 @@ msgstr "Add Youth over 13"
 msgid "This profile is private"
 msgstr "This profile is private"
 
-msgid "We need mentors!"
-msgstr "We need mentors!"
-
 msgid "Find out more about becoming a CoderDojo mentor"
 msgstr "Find out more about becoming a CoderDojo mentor"
 
@@ -1743,15 +1716,9 @@ msgstr "An error has occured verifying the charter agreement."
 msgid "error.general"
 msgstr "There was an error on this page. Our technical staff have been notified"
 
-msgid "Gather your Team"
-msgstr "Gather your Team"
-
 msgid "Find a Venue"
 msgstr "Find a Venue"
 
-msgid "Plan your Dojo"
-msgstr "Plan your Dojo"
-
 msgid "Promote your Dojo"
 msgstr "Promote your Dojo"
 
@@ -1866,15 +1833,9 @@ msgstr "Optionally describe how this was achieved."
 msgid "Data Protection: Our Dojo only uses data provided for the intended purpose. abides by data protection regulations in our jurisdiction."
 msgstr "Data Protection: Our Dojo only uses data provided for the intended purpose. abides by data protection regulations in our jurisdiction."
 
-msgid "Optionally describe how this was achieved."
-msgstr "Optionally describe how this was achieved."
-
 msgid "Diversity among our attendees is respected"
 msgstr "Diversity among our attendees is respected"
 
-msgid "Optionally describe how this was achieved."
-msgstr "Optionally describe how this was achieved."
-
 msgid "We will work to help engage with and improve the greater CoderDojo movement by"
 msgstr "We will work to help engage with and improve the greater CoderDojo movement by"
 
@@ -1887,9 +1848,6 @@ msgstr "Contributing to Kata, the community knowledge base at kata.coderdojo.com
 msgid "Connecting with local and international Dojos to share insights and supports"
 msgstr "Connecting with local and international Dojos to share insights and supports"
 
-msgid "Optionally describe how this was achieved."
-msgstr "Optionally describe how this was achieved."
-
 msgid "Admin permissions cannot be removed from a Dojo owner."
 msgstr "Admin permissions cannot be removed from a Dojo owner."
 
@@ -2089,15 +2047,6 @@ msgstr "Invitation was sent successfully."
 msgid "An error has occurred while sending invitation"
 msgstr "An error has occurred while sending invitation"
 
-msgid "We will work to embody the CoderDojo ethos"
-msgstr "We will work to embody the CoderDojo ethos"
-
-msgid "All mentors and young people are aware of online safety best practices and we only allow age appropriate content at our Dojo"
-msgstr "All mentors and young people are aware of online safety best practices and we only allow age appropriate content at our Dojo"
-
-msgid "Optionally describe how this was achieved."
-msgstr "Optionally describe how this was achieved."
-
 msgid "Our Dojo abides by data protection regulations in our jurisdiction"
 msgstr "Our Dojo abides by data protection regulations in our jurisdiction"
 
@@ -2107,15 +2056,6 @@ msgstr "Inclusion is a fundamental principle of CoderDojo, <a href=\"http://kata
 msgid "Our Dojo will work to engage with and improve the greater CoderDojo movement by:"
 msgstr "Our Dojo will work to engage with and improve the greater CoderDojo movement by:"
 
-msgid "Communicating with the CoderDojo Foundation"
-msgstr "Communicating with the CoderDojo Foundation"
-
-msgid "Contributing to Kata, the community knowledge base at kata.coderdojo.com"
-msgstr "Contributing to Kata, the community knowledge base at kata.coderdojo.com"
-
-msgid "Connecting with local and international Dojos to share insights and supports"
-msgstr "Connecting with local and international Dojos to share insights and supports"
-
 msgid "This dojo has no coordinates."
 msgstr "This dojo has no coordinates."
 
@@ -2128,6 +2068,9 @@ msgstr "You have been invited to register as a parent/guardian on Zen, the Coder
 msgid "CoderDojo Zen Password Reset Request"
 msgstr "CoderDojo Zen Password Reset Request"
 
+msgid "CoderDojo Zen Account Lockout"
+msgstr "CoderDojo Zen Account Lockout"
+
 msgid "You have been invited to connect with a parent/guardian on Zen!"
 msgstr "You have been invited to connect with a parent/guardian on Zen!"
 
@@ -2179,9 +2122,6 @@ msgstr "Welcome New CoderDojo Champion!"
 msgid "The first step towards setting up a Dojo in your area is filling out the form below and giving us a little more information about yourself."
 msgstr "The first step towards setting up a Dojo in your area is filling out the form below and giving us a little more information about yourself."
 
-msgid "The purpose of us gathering this information is so we can tailor support to you as your start your Dojo journey!"
-msgstr "The purpose of us gathering this information is so we can tailor support to you as your start your Dojo journey!"
-
 msgid "If you wish to learn more about the process of starting a CoderDojo in your area before completing this form please see Kata, the CoderDojo Community Knowledge Base."
 msgstr "If you wish to learn more about the process of starting a CoderDojo in your area before completing this form please see Kata, the CoderDojo Community Knowledge Base."
 
@@ -2302,9 +2242,6 @@ msgstr "Parent profile does not exist."
 msgid "You have a Dojo application awaiting verification. You can create another Dojo after it has been verified."
 msgstr "You have a Dojo application awaiting verification. You can create another Dojo after it has been verified."
 
-msgid "No Dojos match your search query."
-msgstr "No Dojos match your search query."
-
 msgid "Please let us know how you heard about CoderDojo"
 msgstr "Please let us know how you heard about CoderDojo"
 
@@ -2578,9 +2515,6 @@ msgstr "My Events"
 msgid "Review Champion Application"
 msgstr "Review Champion Application"
 
-msgid "Manage Dojo Users"
-msgstr "Manage Dojo Users"
-
 msgid "Setup Dojo"
 msgstr "Setup Dojo"
 
@@ -3003,9 +2937,6 @@ msgstr "Changes to our Privacy Statement"
 msgid "Any changes to this Privacy Statement will be posted on the Website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any time we decide to use personal data in a manner significantly different from that stated in this Privacy Statement, or otherwise disclosed to you at the time it was collected, we will notify you by email, and you will have a choice as to whether or not we use your information in the new manner."
 msgstr "Any changes to this Privacy Statement will be posted on the Website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any time we decide to use personal data in a manner significantly different from that stated in this Privacy Statement, or otherwise disclosed to you at the time it was collected, we will notify you by email, and you will have a choice as to whether or not we use your information in the new manner."
 
-msgid "Contact"
-msgstr "Contact"
-
 msgid "We welcome any queries, comments or requests you may have regarding this Privacy Statement.  Please contact us in writing at Dogpatch Labs, The CHQ Building, Custom House Quay, Dublin 1, IRELAND or by e-mail at info@coderdojo.com."
 msgstr "We welcome any queries, comments or requests you may have regarding this Privacy Statement.  Please contact us in writing at Dogpatch Labs, The CHQ Building, Custom House Quay, Dublin 1, IRELAND or by e-mail at info@coderdojo.com."
 
@@ -3052,4 +2983,4 @@ msgid "Are you sure you want to remove this child?"
 msgstr "Are you sure you want to remove this child?"
 
 msgid "A new dojo has been created"
-msgstr "A new dojo has been created!"
\ No newline at end of file
+msgstr "A new dojo has been created!"