FIX: add 'show emails' button from moderators in user admin section

app/assets/javascripts/admin/controllers/admin-users-list.js.es6

@@ -90,11 +90,11 @@ export default Ember.ArrayController.extend(Discourse.Presence, {
 
     @method refreshUsers
   **/
-  refreshUsers: function() {
+  refreshUsers: function(showEmails) {
     var adminUsersListController = this;
     adminUsersListController.set('loading', true);
 
-    Discourse.AdminUser.findAll(this.get('query'), { filter: this.get('username') }).then(function (result) {
+    Discourse.AdminUser.findAll(this.get('query'), { filter: this.get('username'), show_emails: showEmails }).then(function (result) {
       adminUsersListController.set('content', result);
       adminUsersListController.set('loading', false);
     });
@@ -140,6 +140,10 @@ export default Ember.ArrayController.extend(Discourse.Presence, {
       bootbox.alert(message);
       controller.refreshUsers();
     });
+  },
+
+  showEmails: function() {
+    this.refreshUsers(true);
   }
 
 });

app/assets/javascripts/admin/templates/users_list.hbs

@@ -28,9 +28,14 @@
     </div>
   {{/if}}
 
-  <h2>{{title}}</h2>
+  <div class="admin-title">
-
+    <div class="pull-left">
-  <br/>
+      <h2>{{title}}</h2>
+    </div>
+    <div class="pull-right">
+      <button {{action "showEmails"}} class="btn">{{i18n admin.users.show_emails}}</button>
+    </div>
+  </div>
 
   {{#if loading}}
     <div class='spinner'></div>
@@ -43,6 +48,7 @@
           {{/if}}
           <th>&nbsp;</th>
           <th>{{i18n username}}</th>
+          <th>{{i18n email}}</th>
           <th>{{i18n admin.users.last_emailed}}</th>
           <th>{{i18n last_seen}}</th>
           <th>{{i18n admin.user.topics_entered}}</th>
@@ -53,7 +59,6 @@
             <th>{{i18n admin.users.approved}}</th>
           {{/if}}
           <th>&nbsp;</th>
-
         </tr>
 
         {{#each model}}
@@ -67,6 +72,7 @@
             {{/if}}
             <td>{{#link-to 'adminUser' this}}{{avatar this imageSize="small"}}{{/link-to}}</td>
             <td>{{#link-to 'adminUser' this}}{{unbound username}}{{/link-to}}</td>
+            <td>{{{unbound email}}}</td>
             <td>{{{unbound last_emailed_age}}}</td>
             <td>{{{unbound last_seen_age}}}</td>
             <td>{{{unbound topics_entered}}}</td>

app/assets/stylesheets/common/admin/admin_base.scss

@@ -89,6 +89,10 @@ td.flaggers td {
   margin-top: 20px;
 }
 
+.admin-title {
+  height: 45px;
+}
+
 .admin-controls {
   background-color: dark-light-diff($primary, $secondary, 90%, -75%);
   padding: 10px 10px 3px 0;

app/controllers/admin/users_controller.rb

@@ -25,8 +25,14 @@ class Admin::UsersController < Admin::AdminController
                                     :revoke_api_key]
 
   def index
-    query = ::AdminUserIndexQuery.new(params)
+    users = ::AdminUserIndexQuery.new(params).find_users
-    render_serialized(query.find_users, AdminUserSerializer)
+
+    if params[:show_emails] == "true"
+      guardian.can_see_emails = true
+      StaffActionLogger.new(current_user).log_show_emails(users)
+    end
+
+    render_serialized(users, AdminUserSerializer)
   end
 
   def show

app/serializers/admin_user_serializer.rb

@@ -39,7 +39,7 @@ class AdminUserSerializer < BasicUserSerializer
 
   def include_email?
     # staff members can always see their email
-    scope.is_staff? && object.id == scope.user.id
+    (scope.is_staff? && object.id == scope.user.id) || scope.can_see_emails?
   end
 
   alias_method :include_associated_accounts?, :include_email?

app/services/staff_action_logger.rb

@@ -142,10 +142,24 @@ class StaffActionLogger
     }))
   end
 
+  def log_show_emails(users)
+    values = []
+
+    users.each do |user|
+      values << "(#{@admin.id}, #{UserHistory.actions[:check_email]}, #{user.id}, current_timestamp, current_timestamp)"
+    end
+
+    # bulk insert
+    UserHistory.exec_sql <<-SQL
+      INSERT INTO user_histories (acting_user_id, action, target_user_id, created_at, updated_at)
+      VALUES #{values.join(",")}
+    SQL
+  end
+
   private
 
   def params(opts)
-    {acting_user_id: @admin.id, context: opts[:context]}
+    { acting_user_id: @admin.id, context: opts[:context] }
   end
 
 end

config/locales/client.en.yml

@@ -1861,6 +1861,7 @@ en:
         last_emailed: "Last Emailed"
         not_found: "Sorry, that username doesn't exist in our system."
         active: "Active"
+        show_emails: "Show Emails"
         nav:
           new: "New"
           active: "Active"

lib/admin_user_index_query.rb

@@ -78,6 +78,7 @@ class AdminUserIndexQuery
                     .includes(:github_user_info)
                     .includes(:google_user_info)
                     .includes(:oauth2_user_info)
+                    .includes(:user_open_ids)
                     .take(100)
   end
 end

lib/guardian.rb

@@ -26,6 +26,8 @@ class Guardian
     def email; nil; end
   end
 
+  attr_accessor :can_see_emails
+
   def initialize(user=nil)
     @user = user.presence || AnonymousUser.new
   end
@@ -243,6 +245,10 @@ class Guardian
     (is_staff? || target.is_a?(Group) || !target.suspended?)
   end
 
+  def can_see_emails?
+    @can_see_emails
+  end
+
   private
 
   def is_my_own?(obj)

spec/controllers/admin/users_controller_spec.rb

@@ -22,6 +22,27 @@ describe Admin::UsersController do
         xhr :get, :index
         ::JSON.parse(response.body).should be_present
       end
+
+      context 'when showing emails' do
+
+        it "returns email for all the users" do
+          xhr :get, :index, show_emails: "true"
+          data = ::JSON.parse(response.body)
+          data.each do |user|
+            user["email"].should be_present
+          end
+        end
+
+        it "logs an enty for all email shown" do
+          UserHistory.where(action: UserHistory.actions[:check_email], acting_user_id: @user.id).count.should == 0
+
+          xhr :get, :index, show_emails: "true"
+          data = ::JSON.parse(response.body)
+
+          UserHistory.where(action: UserHistory.actions[:check_email], acting_user_id: @user.id).count.should == data.length
+        end
+
+      end
     end
 
     describe '.show' do