BLENDER: Add Admin page for Issues or Comments that contain external links

Author: bartvdbraak

models/issues/comment.go

@@ -1313,3 +1313,21 @@ func InsertIssueComments(ctx context.Context, comments []*Comment) error {
 	}
 	return committer.Commit()
 }
+
+// GetRecentComments returns the most recent issue comments
+func GetRecentComments(ctx context.Context, opts *db.ListOptions) ([]*Comment, error) {
+	sess := db.GetEngine(ctx).
+		Where("type = ?", CommentTypeComment).
+		OrderBy("created_unix DESC")
+
+	if opts != nil {
+		sess = db.SetSessionPagination(sess, opts)
+	}
+
+	cap := 0
+	if opts != nil {
+			cap = opts.PageSize
+	}
+	comments := make([]*Comment, 0, cap)
+	return comments, sess.Find(&comments)
+}

models/issues/issue.go

@@ -824,3 +824,21 @@ func ChangeIssueTimeEstimate(ctx context.Context, issue *Issue, doer *user_model
 		return nil
 	})
 }
+
+// GetRecentIssues returns the most recently created issues
+func GetRecentIssues(ctx context.Context, opts *db.ListOptions) ([]*Issue, error) {
+	sess := db.GetEngine(ctx).
+		Where("is_pull = ?", false).
+		OrderBy("created_unix DESC")
+
+	if opts != nil {
+		sess = db.SetSessionPagination(sess, opts)
+	}
+
+	cap := 0
+	if opts != nil {
+			cap = opts.PageSize
+	}
+	issues := make([]*Issue, 0, cap)
+	return issues, sess.Find(&issues)
+}

options/locale/locale_en-US.ini

@@ -167,6 +167,8 @@ filter.private = Private
 no_results_found = No results found.
 internal_error_skipped = Internal error occurred but is skipped: %s
 
+type = Type
+
 [search]
 search = Search...
 type_tooltip = Search type
@@ -2957,8 +2959,15 @@ first_page = First
 last_page = Last
 total = Total: %d
 settings = Admin Settings
+
+spam_management = Spam Management
 spamreports = Spam Reports
-users_with_links = Users (Potential Spam)
+users_with_links = Users with Links
+issues_with_links = Issues/Comments with Links
+issues_with_links.found_links = Found Links
+issues_with_links.created = Created
+issues_with_links.updated = Updated
+issues_with_links.user.created = User Created
 
 dashboard.new_version_hint = Gitea %s is now available, you are running %s. Check <a target="_blank" rel="noreferrer" href="%s">the blog</a> for more details.
 dashboard.statistic = Summary

routers/utils/utils.go

@@ -12,3 +12,17 @@ import (
 func SanitizeFlashErrorString(x string) string {
 	return strings.ReplaceAll(html.EscapeString(x), "\n", "<br>")
 }
+
+func ContainsHyperlink(text string) bool {
+	text = strings.ToLower(text)
+	return strings.Contains(text, "http://") || strings.Contains(text, "https://")
+}
+
+func ContainsExcludedDomain(snippet string, domains []string) bool {
+	for _, domain := range domains {
+		if strings.Contains(snippet, domain) {
+			return true
+		}
+	}
+	return false
+}

routers/web/admin/issues_with_links.go

@@ -0,0 +1,241 @@
+package admin
+
+import (
+	"net/http"
+	"net/url"
+	"regexp"
+	"sort"
+	"strings"
+	"time"
+
+	"code.gitea.io/gitea/modules/log"
+
+	issue_model "code.gitea.io/gitea/models/issues"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/services/context"
+	user_model "code.gitea.io/gitea/models/user"
+)
+
+const tplIssuesWithLinks templates.TplName = "admin/issues_with_links"
+
+type linkItem struct {
+	Type        string
+	Content     string
+	User        *user_model.User
+	UserCreated time.Time
+	RepoName 		string
+	RepoLink    string
+	ItemLink    string
+	Created     time.Time
+	Updated     time.Time
+}
+
+func IssuesWithLinks(ctx *context.Context) {
+	ctx.Data["Title"] = ctx.Tr("admin.issues_with_links")
+	ctx.Data["PageIsIssuesWithLinks"] = true
+
+	page := ctx.FormInt("page")
+	if page <= 1 {
+		page = 1
+	}
+
+	sortField := ctx.FormString("sort")
+	sortOrder := strings.ToLower(ctx.FormString("order")) // asc or desc
+	if sortOrder != "asc" {
+		sortOrder = "desc"
+	}
+	ctx.Data["Sort"] = sortField
+	ctx.Data["Order"] = sortOrder
+
+	// fetch recent issues and comments
+	limit := setting.UI.Admin.UserPagingNum
+	issues, err := issue_model.GetRecentIssues(ctx, &db.ListOptions{Page: page, PageSize: limit})
+	if err != nil {
+		ctx.ServerError("GetRecentIssues", err)
+		return
+	}
+	comments, err := issue_model.GetRecentComments(ctx, &db.ListOptions{Page: page, PageSize: limit})
+	if err != nil {
+		ctx.ServerError("GetRecentComments", err)
+		return
+	}
+
+	var excludedDomains = []string{
+		getDomain(setting.AppURL),
+		"github.com",
+	}
+
+	var items []linkItem
+	appendIfHasLink := func(typeLabel, content, itemLink, repoName string, repoLink string, created time.Time, updated time.Time, u *user_model.User) {
+		links := extractAllLinks(content)
+		if len(links) == 0 {
+			return
+		}
+
+		var validLinks []string
+		for _, link := range links {
+			if !containsExcludedDomain(link, excludedDomains) {
+				validLinks = append(validLinks, link)
+			}
+		}
+
+		if len(validLinks) == 0 {
+			return
+		}
+
+		items = append(items, linkItem{
+			Type:        typeLabel,
+			Content:     strings.Join(validLinks, ", "),
+			User:        u,
+			UserCreated: u.CreatedUnix.AsTime(),
+			RepoName:    repoName,
+			RepoLink:    repoLink,
+			ItemLink:    itemLink,
+			Created:     created,
+			Updated:		 updated,
+		})
+	}
+
+	for _, issue := range issues {
+		if issue.Content == "" {
+			continue
+		}
+		if issue.Repo == nil {
+			issue.Repo, err = repo_model.GetRepositoryByID(ctx, issue.RepoID)
+			if err != nil {
+				log.Warn("Could not load repo for issue %d: %v", issue.ID, err)
+				continue
+			}
+		}
+		u, err := user_model.GetUserByID(ctx, issue.PosterID)
+		if err != nil {
+			continue
+		}
+		appendIfHasLink("Issue", issue.Content, issue.HTMLURL(), issue.Repo.Name, issue.Repo.HTMLURL(), issue.CreatedUnix.AsTime(), issue.UpdatedUnix.AsTime(), u)
+	}
+
+	for _, comment := range comments {
+		if comment.Issue == nil {
+			comment.Issue, err = issue_model.GetIssueByID(ctx, comment.IssueID)
+			if err != nil {
+				log.Warn("Could not load issue for comment %d: %v", comment.ID, err)
+				continue
+			}
+		}
+		if comment.Issue.Repo == nil {
+			comment.Issue.Repo, err = repo_model.GetRepositoryByID(ctx, comment.Issue.RepoID)
+			if err != nil {
+				log.Warn("Could not load repo for issue %d: %v", comment.Issue.ID, err)
+				continue
+			}
+		}
+		if comment.Content == "" {
+			continue
+		}
+		u, err := user_model.GetUserByID(ctx, comment.PosterID)
+		if err != nil {
+			continue
+		}
+		appendIfHasLink("Comment", comment.Content, comment.HTMLURL(ctx), comment.Issue.Repo.Name, comment.Issue.Repo.HTMLURL(), comment.CreatedUnix.AsTime(), comment.UpdatedUnix.AsTime(), u)
+	}
+
+	// Sort
+	switch sortField {
+	case "usercreated":
+		sort.Slice(items, func(i, j int) bool {
+			if sortOrder == "asc" {
+				return items[i].UserCreated.Before(items[j].UserCreated)
+			}
+			return items[i].UserCreated.After(items[j].UserCreated)
+		})
+	case "created":
+		sort.Slice(items, func(i, j int) bool {
+			if sortOrder == "asc" {
+				return items[i].Created.Before(items[j].Created)
+			}
+			return items[i].Created.After(items[j].Created)
+		})
+	default: // fallback to descending by UserCreated
+		sort.Slice(items, func(i, j int) bool {
+			return items[i].UserCreated.After(items[j].UserCreated)
+		})
+	}
+
+	total := len(items)
+	start := (page - 1) * limit
+	end := start + limit
+	if start > total {
+		start = total
+	}
+	if end > total {
+		end = total
+	}
+	paged := items[start:end]
+
+	ctx.Data["Items"] = paged
+	ctx.Data["Total"] = total
+
+	pager := context.NewPagination(total, limit, page, 5)
+	pager.AddParamFromRequest(ctx.Req)
+	ctx.Data["Page"] = pager
+
+	ctx.HTML(http.StatusOK, tplIssuesWithLinks)
+}
+
+// extractAllLinks returns all http(s) URLs from raw text and Markdown-style links.
+func extractAllLinks(text string) []string {
+	// Match Markdown-style links: [label](http://example.com)
+	mdLinkRegex := regexp.MustCompile(`\[[^\]]*\]\((https?://[^\s\)]+)\)`)
+	// Match raw URLs
+	rawURLRegex := regexp.MustCompile(`https?://[^\s<>"')\]]+`)
+
+	seen := make(map[string]bool)
+	var links []string
+
+	// Extract Markdown links
+	for _, match := range mdLinkRegex.FindAllStringSubmatch(text, -1) {
+		if len(match) > 1 {
+			url := match[1]
+			if !seen[url] {
+				seen[url] = true
+				links = append(links, url)
+			}
+		}
+	}
+
+	// Extract raw URLs
+	for _, url := range rawURLRegex.FindAllString(text, -1) {
+		if !seen[url] {
+			seen[url] = true
+			links = append(links, url)
+		}
+	}
+
+	return links
+}
+
+// containsExcludedDomain returns true if any domain in the list matches the link
+func containsExcludedDomain(link string, excluded []string) bool {
+	u, err := url.Parse(link)
+	if err != nil || u.Host == "" {
+		return false
+	}
+	for _, d := range excluded {
+		if strings.EqualFold(u.Hostname(), d) {
+			return true
+		}
+	}
+	return false
+}
+
+// getDomain extracts domain from full AppURL (e.g. https://example.com)
+func getDomain(raw string) string {
+	u, err := url.Parse(raw)
+	if err != nil {
+		return ""
+	}
+	return u.Hostname()
+}

routers/web/admin/users_with_links.go

@@ -2,9 +2,9 @@ package admin
 
 import (
 	"net/http"
-	"strings"
 
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/routers/utils"
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
@@ -16,8 +16,8 @@ const tplUsersWithLinks templates.TplName = "admin/users_with_links"
 
 // UsersWithLinks renders a list of users that contain hyperlinks in bio fields
 func UsersWithLinks(ctx *context.Context) {
-	ctx.Data["Title"] = ctx.Tr("admin.users.with_links")
-	ctx.Data["PageIsAdminUsers"] = true
+	ctx.Data["Title"] = ctx.Tr("admin.users_with_links")
+	ctx.Data["PageIsUsersWithLinks"] = true
 
 	// Parse filters from query parameters
 	statusActive := ctx.FormString("status_filter[is_active]")
@@ -60,8 +60,8 @@ func UsersWithLinks(ctx *context.Context) {
 	// Filter users with hyperlinks in bio fields
 	filtered := make([]*user_model.User, 0, len(users))
 	for _, u := range users {
-		if containsHyperlink(u.FullName) || containsHyperlink(u.Description) ||
-			containsHyperlink(u.Location) || containsHyperlink(u.Website) {
+		if utils.ContainsHyperlink(u.FullName) || utils.ContainsHyperlink(u.Description) ||
+			utils.ContainsHyperlink(u.Location) || utils.ContainsHyperlink(u.Website) {
 			filtered = append(filtered, u)
 		}
 	}
@@ -77,8 +77,3 @@ func UsersWithLinks(ctx *context.Context) {
 
 	ctx.HTML(http.StatusOK, tplUsersWithLinks)
 }
-
-func containsHyperlink(text string) bool {
-	text = strings.ToLower(text)
-	return strings.Contains(text, "http://") || strings.Contains(text, "https://")
-}

routers/web/web.go

@@ -761,15 +761,19 @@ func registerWebRoutes(m *web.Router) {
 		})
 
 		// BLENDER: spam reporting
-		m.Group("/users_with_links", func() {
-			m.Get("", admin.UsersWithLinks)
-		})
 		m.Group("/spamreports", func() {
 			m.Get("", admin.SpamReports)
 			m.Post("", admin.SpamReportsPost)
 		})
 		m.Post("/purge_spammer", admin.PurgeSpammerPost)
 
+		m.Group("/users_with_links", func() {
+			m.Get("", admin.UsersWithLinks)
+		})
+		m.Group("/issues_with_links", func() {
+			m.Get("", admin.IssuesWithLinks)
+		})
+
 		m.Group("/orgs", func() {
 			m.Get("", admin.Organizations)
 		})