Merge branch 'master' into feature/rs-oauth

# Conflicts:
#	app/models/user.rb
#	config/routes.rb
#	db/schema.rb

app/models/setting.rb

@@ -2,6 +2,12 @@
 class Setting < RailsSettings::Base
   cache_prefix { "v1" }
 
+  field :primary_domain, type: :string,
+    default: ENV["PRIMARY_DOMAIN"].presence
+
+  field :accounts_domain, type: :string,
+    default: ENV["AKKOUNTS_DOMAIN"].presence
+
   #
   # Internal services
   #
@@ -17,6 +23,13 @@ class Setting < RailsSettings::Base
     account accounts donations mail webmaster support
   ]
 
+  #
+  # XMPP
+  #
+
+  field :xmpp_default_rooms, type: :array, default: []
+  field :xmpp_autojoin_default_rooms, type: :boolean, default: false
+
   #
   # Sentry
   #
@@ -34,6 +47,9 @@ class Setting < RailsSettings::Base
   field :discourse_enabled, type: :boolean,
     default: (ENV["DISCOURSE_PUBLIC_URL"].present?.to_s || false)
 
+  field :discourse_connect_secret, type: :string, readonly: true,
+    default: ENV["DISCOURSE_CONNECT_SECRET"].presence
+
   #
   # ejabberd
   #

app/models/user.rb

@@ -1,6 +1,8 @@
 class User < ApplicationRecord
   include EmailValidatable
 
+  attr_accessor :display_name
+
   serialize :preferences, UserPreferences
 
   # Relations
@@ -18,8 +20,8 @@ class User < ApplicationRecord
 
   has_many :remote_storage_authorizations
 
-  validates_uniqueness_of :cn
-  validates_length_of :cn, :minimum => 3
+  validates_uniqueness_of :cn, scope: :ou
+  validates_length_of :cn, minimum: 3
   validates_format_of :cn, with: /\A([a-z0-9\-])*\z/,
                            if: Proc.new{ |u| u.cn.present? },
                            message: "is invalid. Please use only letters, numbers and -"
@@ -33,8 +35,14 @@ class User < ApplicationRecord
   validates_uniqueness_of :email
   validates :email, email: true
 
-  scope :confirmed, -> { where.not(confirmed_at: nil) }
-  scope :pending,   -> { where(confirmed_at: nil) }
+  validates_length_of :display_name, minimum: 3, maximum: 35, allow_blank: true,
+                                     if: -> { defined?(@display_name) }
+
+  validates_uniqueness_of :nostr_pubkey, allow_blank: true
+
+  scope :confirmed,  -> { where.not(confirmed_at: nil) }
+  scope :pending,    -> { where(confirmed_at: nil) }
+  scope :all_except, -> (user) { where.not(id: user) }
 
   has_encrypted :ln_login, :ln_password
 
@@ -60,16 +68,18 @@ class User < ApplicationRecord
   end
 
   def devise_after_confirmation
-    enable_service %w[ discourse gitea mediawiki xmpp ]
+    if ldap_entry[:mail] != self.email
+      # E-Mail update confirmed
+      LdapManager::UpdateEmail.call(self.dn, self.email)
+    else
+      # E-Mail from signup confirmed (i.e. account activation)
+      enable_service %w[ discourse gitea mediawiki xmpp ]
 
-    #TODO enable in development when we have easy setup of ejabberd etc.
-    return if Rails.env.development?
+      #TODO enable in development when we have easy setup of ejabberd etc.
+      return if Rails.env.development? || !Setting.ejabberd_enabled?
 
-    if inviter.present?
-      if Setting.ejabberd_enabled? &&
-          inviter.preferences[:xmpp_exchange_contacts_with_invitees]
-        exchange_xmpp_contact_with_inviter
-      end
+      XmppExchangeContactsJob.perform_later(inviter, self) if inviter.present?
+      XmppSetDefaultBookmarksJob.perform_later(self)
     end
   end
 
@@ -115,8 +125,13 @@ class User < ApplicationRecord
     @dn = Devise::LDAP::Adapter.get_dn(self.cn)
   end
 
-  def ldap_entry
-    ldap.fetch_users(uid: self.cn, ou: self.ou).first
+  def ldap_entry(reload: false)
+    return @ldap_entry if defined?(@ldap_entry) && !reload
+    @ldap_entry = ldap.fetch_users(uid: self.cn, ou: self.ou).first
+  end
+
+  def display_name
+    @display_name ||= ldap_entry[:display_name]
   end
 
   def services_enabled
@@ -141,12 +156,6 @@ class User < ApplicationRecord
     ldap.delete_attribute(dn,:service)
   end
 
-  def exchange_xmpp_contact_with_inviter
-    return unless inviter.services_enabled.include?("xmpp") &&
-                  services_enabled.include?("xmpp")
-    XmppExchangeContactsJob.perform_later(inviter, self.cn, self.ou)
-  end
-
   private
 
     def ldap