admins can BAN senders of abusive hotline messages

Value

As an admin running a channel that can receive messages from people i don't know
I want a way to permanently ban users who send abusive messages or photos
So that I can do my work free from verbal violence without having to shut off hotline messages (which would impair my work)

GIVEN a channel with HOTLINE ON

WHEN a user sends a hotline message
THEN that message will be prefixed by the header [HOTLINE MESSAGE @<N>] (where N is an integer from 1 to 100)

GIVEN an admin, alice, on a channel foo

BAN @123
-> bans an unwanted subscriber from this channel.

GIVEN an admin, alice, of a channel with HOTLINE mode on

AND GIVEN a subscriber bob that has sent an abusive message prefixed with [HOTLINE FROM @2]
WHEN alice issues BAN 2 OR BAN @2
THEN bob receives a message that says An admin of this channel has banned you. Any further interaction will not be received by the admins of the channel.
AND THEN all admins of the channel receive a notification saying The sender of hotline message #2 has been banned.

GIVEN an admin has already blocked the sender of HOTLINE MESSAGE 2

WHEN another admin issues BAN @2
THEN that admin will receive a response saying The sender of hotline message 2 has already been banned.
AND THEN other admins will not receive any notification, nor will the sender of message #2 (closed)

GIVEN a user bob, who has been blocked from channel #foo

WHEN bob issues any message to #foo (including HELP, INFO, or HELLO)
THEN bob receives a response that says Sorry, you are banned from this channel

WHEN a user is banned

THEN the system will only ever store the sha-256 hash of their password (so that even banned users will not have their phone numbers permanently stored on our system without their knowledge if they choose to leave signalboost entirely)

this feature will require a new table called bans, which should (likely) have the following fields:
- id: string (a uuid)
- channelPhoneNumber: string (a valid e164-formatted phone number)
- hashedMemberPhoneNumber: string (salted sha256 hash of a valid e164-formatted phone number)
- createdAt: Date
- updatedAt: Date
should also have a unique index on channelPhoneNumber + memberPhoneNumber combinations (both for faster lookup and to avoid dupes)
- for an example of such an index, see: app/db/migrations/20200531233616-create-hotlineMessages.js

whenever an admin issues a ban:
- parse a hotline message id from the ban command
- use the id to lookup the hotlineMessage record, and retrieve the memberPhoneNumber
- create a ban record joining the channelPhoneNumber and memberPhoneNumber (unless such a ban already exists)

whenever an incoming message arrives on a channel (in app/dispatcher/index)
- hash the sender's phone number and look it up in the bans table (along with the channel phone number)
  - see app.util.sha256Hash to do this!
- if there is a ban, drop the message, if not proceed with processing
- consider extending the set of detect<SomeCondition> helpers in app.dispatcher.dispatch as a good spot to stick this checkz
as a potential optimisation (to save on queries for a routine that will run on every incoming relayable message):
- create a hasMany association between channel and bans
- include bans in app.db.repositories.channel.findDeep
- now, we don't need to query the bans table to check for bans, as it will already been eagerly loaded by the call to channelRepository.findDeep in dispatcher/index.js:67

where HELP text is defined:

relevant files where creating new commands takes place:

all commands and message strings need translations!

Edited Oct 08, 2020 by aguestuser

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information