improvements to admin interface

app/admin.rb

@@ -210,48 +210,43 @@ post '/admin/email' do
   redirect '/'
 end
 
-post '/admin/banip' do
-  require_admin
-  site = Site[username: params[:username]]
-
-  if site.nil?
-    flash[:error] = 'User not found'
-    redirect '/admin'
-  end
-
-  if site.ip.nil? || site.ip.empty?
-    flash[:error] = 'IP is blank, cannot continue'
-    redirect '/admin'
-  end
-  sites = Site.filter(ip: site.ip, is_banned: false).all
-  sites.each {|s| s.ban!}
-  flash[:error] = "#{sites.length} sites have been banned."
-  redirect '/admin'
-end
-
 post '/admin/banhammer' do
   require_admin
 
-  site = Site[username: params[:username]]
+  if params[:usernames].empty?
+    flash[:error] = 'no usernames provided'
+    redirect '/admin'
+  end
+
+  usernames = params[:usernames].split("\n").collect {|u| u.strip}
+
+  deleted_count = 0
+  ip_deleted_count = 0
+
+  usernames.each do |username|
+    next if username == ''
+    site = Site[username: username]
+    next if site.nil? || site.is_banned
 
     if !params[:classifier].empty?
       site.untrain 'index.html'
       site.train 'index.html', params[:classifier]
     end
 
-  if site.nil?
-    flash[:error] = 'User not found'
-    redirect '/admin'
-  end
-
-  if site.is_banned
-    flash[:error] = 'User is already banned'
-    redirect '/admin'
-  end
-
     site.ban!
+    deleted_count += 1
 
-  flash[:success] = 'MISSION ACCOMPLISHED'
+    if !params[:ban_using_ips].empty? && !site.ip.empty?
+      sites = Site.filter(ip: site.ip, is_banned: false).all
+      sites.each do |s|
+        next if usernames.include?(s.username)
+        s.ban!
+      end
+      ip_deleted_count += 1
+    end
+  end
+
+  flash[:success] = "#{ip_deleted_count + deleted_count} sites have been banned, including #{ip_deleted_count} matching IPs."
   redirect '/admin'
 end
 

migrations/091_site_banned_at.rb

@@ -0,0 +1,9 @@
+Sequel.migration do
+  up {
+    DB.add_column :sites, :banned_at, Time
+  }
+
+  down {
+    DB.drop_column :sites, :banned_at
+  }
+end

models/site.rb

@@ -455,7 +455,7 @@ class Site < Sequel::Model
 
     DB.transaction {
       self.is_banned = true
-      self.updated_at = Time.now
+      self.banned_at = Time.now
       save(validate: false)
 
       if !Dir.exist? BANNED_SITES_ROOT

views/admin.erb

@@ -27,8 +27,8 @@
       <h2>Ban Site</h2>
       <form action="/admin/banhammer" method="POST">
         <%== csrf_token_input_html %>
-        <p>Site Name:</p>
-        <p><input type="text" name="username" placeholder="edwardsnowden" autocapitalize="off" autocorrect="off"></p>
+        <p>Site Username(s):</p>
+        <textarea name="usernames" cols="10" rows="5" autocapitalize="off" autocorrect="off"></textarea>
         <div class="select-Container" style="display: block; width: 100px; float: none; margin: 0 auto;">
           <select name="classifier" class="input-Select">
             <option value=""></option>
@@ -36,6 +36,7 @@
             <option value="phishing">Phishing</option>
           </select>
         </div>
+        <p>Ban sites with same IP <input type="checkbox" name="ban_using_ips" value="1"></p>
         <p><input class="btn-Action" type="submit" value="Ban"></p>
       </form>
     </div>
@@ -53,17 +54,6 @@
   </div>
 
   <div class="row">
-    <div class="col col-50">
-      <h2>Ban by IP</h2>
-      <form action="/admin/banip" method="POST">
-        <%== csrf_token_input_html %>
-        <p>All sites with this IP address will be removed.</p>
-        <p>Site Name:</p>
-        <p><input type="text" name="username" placeholder="edwardsnowden" autocapitalize="off" autocorrect="off"></p>
-        <p><input class="btn-Action" type="submit" value="Ban"></p>
-      </form>
-    </div>
-
     <div class="col col-50">
       <h2>Upgrade to Supporter</h2>
       <form id="upgradeToSupporter" action="/plan/update" method="POST">
@@ -75,9 +65,7 @@
         <p><input class="btn-Action" type="submit" value="Upgrade to Supporter"></p>
       </form>
     </div>
-  </div>
 
-  <div class="row">
     <div class="col col-50">
       <h2>Feature Site</h2>
       <form id="featureSite" action="/admin/feature" method="POST">