tetratto/crates/app/src/routes/api/v1/communities/posts.rs

use axum::{
    extract::Path,
    http::{HeaderMap, HeaderValue},
    response::IntoResponse,
    Extension, Json,
};
use axum_extra::extract::CookieJar;
use tetratto_core::model::{
    addr::RemoteAddr,
    communities::{Poll, PollVote, Post},
    permissions::FinePermission,
    uploads::{MediaType, MediaUpload},
    ApiReturn, Error,
};
use crate::{
    get_user_from_token,
    image::{save_webp_buffer, JsonMultipart},
    routes::api::v1::{CreatePost, CreateRepost, UpdatePostContent, UpdatePostContext, VoteInPoll},
    State,
};

// maximum file dimensions: 2048x2048px (4 MiB)
pub const MAXIMUM_FILE_SIZE: usize = 4194304;

pub async fn create_request(
    jar: CookieJar,
    headers: HeaderMap,
    Extension(data): Extension<State>,
    JsonMultipart(images, req): JsonMultipart<CreatePost>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    if !user.permissions.check(FinePermission::SUPPORTER) {
        if images.len() > 0 {
            // this is currently supporter only until it's been tested better...
            // after it's fully release, file limit will be raised to 8 MiB for supporters,
            // and left at 4 for non-supporters
            return Json(Error::RequiresSupporter.into());
        }
    }

    if images.len() > 4 {
        return Json(
            Error::MiscError("Too many uploads. Please use a maximum of 4".to_string()).into(),
        );
    }

    // get real ip
    let real_ip = headers
        .get(data.0.0.security.real_ip_header.to_owned())
        .unwrap_or(&HeaderValue::from_static(""))
        .to_str()
        .unwrap_or("")
        .to_string();

    // check for ip ban
    if data
        .get_ipban_by_addr(RemoteAddr::from(real_ip.as_str()))
        .await
        .is_ok()
    {
        return Json(Error::NotAllowed.into());
    }

    // create poll
    let poll_id = if let Some(p) = req.poll {
        match data
            .create_poll(Poll::new(
                user.id,
                if let Some(expires) = p.expires {
                    expires
                } else {
                    86400000
                },
                p.option_a,
                p.option_b,
                p.option_c,
                p.option_d,
            ))
            .await
        {
            Ok(p) => p,
            Err(e) => return Json(e.into()),
        }
    } else {
        0
    };

    // ...
    let mut props = Post::new(
        req.content,
        match req.community.parse::<usize>() {
            Ok(x) => x,
            Err(e) => return Json(Error::MiscError(e.to_string()).into()),
        },
        if let Some(rt) = req.replying_to {
            match rt.parse::<usize>() {
                Ok(x) => Some(x),
                Err(e) => return Json(Error::MiscError(e.to_string()).into()),
            }
        } else {
            None
        },
        user.id,
        poll_id,
    );

    if !req.answering.is_empty() {
        // we're answering a question!
        props.context.answering = match req.answering.parse::<usize>() {
            Ok(x) => x,
            Err(e) => return Json(Error::MiscError(e.to_string()).into()),
        };
    }

    // check sizes
    for img in &images {
        if img.len() > MAXIMUM_FILE_SIZE {
            return Json(Error::DataTooLong("image".to_string()).into());
        }
    }

    // create uploads
    for _ in 0..images.len() {
        props.uploads.push(
            match data
                .create_upload(MediaUpload::new(MediaType::Webp, props.owner))
                .await
            {
                Ok(u) => u.id,
                Err(e) => return Json(e.into()),
            },
        );
    }

    // ...
    match data.create_post(props.clone()).await {
        Ok(id) => {
            // write to uploads
            for (i, upload_id) in props.uploads.iter().enumerate() {
                let image = match images.get(i) {
                    Some(img) => img,
                    None => {
                        if let Err(e) = data.delete_upload(*upload_id).await {
                            return Json(e.into());
                        }

                        continue;
                    }
                };

                let upload = match data.get_upload_by_id(*upload_id).await {
                    Ok(u) => u,
                    Err(e) => return Json(e.into()),
                };

                if let Err(e) =
                    save_webp_buffer(&upload.path(&data.0.0).to_string(), image.to_vec(), None)
                {
                    return Json(Error::MiscError(e.to_string()).into());
                }
            }

            // return
            Json(ApiReturn {
                ok: true,
                message: "Post created".to_string(),
                payload: Some(id.to_string()),
            })
        }
        Err(e) => Json(e.into()),
    }
}

pub async fn create_repost_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
    Json(req): Json<CreateRepost>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data
        .create_post(Post::repost(
            req.content,
            match req.community.parse::<usize>() {
                Ok(x) => x,
                Err(e) => return Json(Error::MiscError(e.to_string()).into()),
            },
            user.id,
            id,
        ))
        .await
    {
        Ok(id) => Json(ApiReturn {
            ok: true,
            message: "Post reposted".to_string(),
            payload: Some(id.to_string()),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn delete_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data.fake_delete_post(id, user, true).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Post deleted".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn purge_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    if !user.permissions.check(FinePermission::MANAGE_POSTS) {
        return Json(Error::NotAllowed.into());
    }

    match data.delete_post(id, user).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Post deleted".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn restore_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    if !user.permissions.check(FinePermission::MANAGE_POSTS) {
        return Json(Error::NotAllowed.into());
    }

    match data.fake_delete_post(id, user, false).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Post restored".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn update_content_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
    Json(req): Json<UpdatePostContent>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data.update_post_content(id, user, req.content).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Post updated".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn update_context_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
    Json(req): Json<UpdatePostContext>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    // check lengths
    if req.context.tags.len() > 512 {
        return Json(Error::DataTooLong("tags".to_string()).into());
    }

    if req.context.content_warning.len() > 512 {
        return Json(Error::DataTooLong("warning".to_string()).into());
    }

    // ...
    match data.update_post_context(id, user, req.context).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Post updated".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn vote_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
    Json(req): Json<VoteInPoll>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    let post = match data.get_post_by_id(id).await {
        Ok(p) => p,
        Err(e) => return Json(e.into()),
    };

    let poll = match data.get_poll_by_id(post.poll_id).await {
        Ok(p) => p,
        Err(e) => return Json(e.into()),
    };

    // check associated accounts for prior votes
    for id in user.associated {
        if data.get_pollvote_by_owner_poll(id, poll.id).await.is_ok() {
            return Json(
                Error::MiscError(
                    "You've already voted on this poll on a different account".to_string(),
                )
                .into(),
            );
        }
    }

    // ...
    match data
        .create_pollvote(PollVote::new(user.id, poll.id, req.option))
        .await
    {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Vote cast".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}
add: ban ipv6 addresses by prefix assumes all ipv6 addresses have 64-bit prefix (8 bytes at the start + 2 bytes for colons) 2025-05-21 23:32:45 -04:00			`use axum::{`
			`extract::Path,`
			`http::{HeaderMap, HeaderValue},`
			`response::IntoResponse,`
			`Extension, Json,`
			`};`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`use axum_extra::extract::CookieJar;`
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`use tetratto_core::model::{`
add: ban ipv6 addresses by prefix assumes all ipv6 addresses have 64-bit prefix (8 bytes at the start + 2 bytes for colons) 2025-05-21 23:32:45 -04:00			`addr::RemoteAddr,`
add: polls backend TODO: polls frontend 2025-06-03 23:35:34 -04:00			`communities::{Poll, PollVote, Post},`
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`permissions::FinePermission,`
			`uploads::{MediaType, MediaUpload},`
			`ApiReturn, Error,`
			`};`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`use crate::{`
add reposts/quotes fix #2 2025-04-10 18:16:52 -04:00			`get_user_from_token,`
add: lossy encode webp images 2025-05-17 11:28:58 -04:00			`image::{save_webp_buffer, JsonMultipart},`
add: polls backend TODO: polls frontend 2025-06-03 23:35:34 -04:00			`routes::api::v1::{CreatePost, CreateRepost, UpdatePostContent, UpdatePostContext, VoteInPoll},`
add reposts/quotes fix #2 2025-04-10 18:16:52 -04:00			`State,`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`};`

add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`// maximum file dimensions: 2048x2048px (4 MiB)`
add: ability to manage uploads 2025-05-11 15:20:15 -04:00			`pub const MAXIMUM_FILE_SIZE: usize = 4194304;`
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`pub async fn create_request(`
			`jar: CookieJar,`
add: ban ipv6 addresses by prefix assumes all ipv6 addresses have 64-bit prefix (8 bytes at the start + 2 bytes for colons) 2025-05-21 23:32:45 -04:00			`headers: HeaderMap,`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`Extension(data): Extension<State>,`
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`JsonMultipart(images, req): JsonMultipart<CreatePost>,`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`if !user.permissions.check(FinePermission::SUPPORTER) {`
			`if images.len() > 0 {`
			`// this is currently supporter only until it's been tested better...`
			`// after it's fully release, file limit will be raised to 8 MiB for supporters,`
			`// and left at 4 for non-supporters`
			`return Json(Error::RequiresSupporter.into());`
			`}`
			`}`

fix: only allow 4 uploads at once 2025-05-11 14:43:09 -04:00			`if images.len() > 4 {`
			`return Json(`
			`Error::MiscError("Too many uploads. Please use a maximum of 4".to_string()).into(),`
			`);`
			`}`

add: ban ipv6 addresses by prefix assumes all ipv6 addresses have 64-bit prefix (8 bytes at the start + 2 bytes for colons) 2025-05-21 23:32:45 -04:00			`// get real ip`
			`let real_ip = headers`
add: move database drivers to oiseau 2025-06-08 14:15:42 -04:00			`.get(data.0.0.security.real_ip_header.to_owned())`
add: ban ipv6 addresses by prefix assumes all ipv6 addresses have 64-bit prefix (8 bytes at the start + 2 bytes for colons) 2025-05-21 23:32:45 -04:00			`.unwrap_or(&HeaderValue::from_static(""))`
			`.to_str()`
			`.unwrap_or("")`
			`.to_string();`

			`// check for ip ban`
			`if data`
			`.get_ipban_by_addr(RemoteAddr::from(real_ip.as_str()))`
			`.await`
			`.is_ok()`
			`{`
			`return Json(Error::NotAllowed.into());`
			`}`

add: polls backend TODO: polls frontend 2025-06-03 23:35:34 -04:00			`// create poll`
			`let poll_id = if let Some(p) = req.poll {`
			`match data`
			`.create_poll(Poll::new(`
add: don't allow poll creator to vote add: unfollow user when you block them add: force other user to unfollow you by blocking them add: leave receiver communities when you block them 2025-06-05 16:23:57 -04:00			`user.id,`
			`if let Some(expires) = p.expires {`
			`expires`
			`} else {`
			`86400000`
			`},`
			`p.option_a,`
			`p.option_b,`
			`p.option_c,`
			`p.option_d,`
add: polls backend TODO: polls frontend 2025-06-03 23:35:34 -04:00			`))`
			`.await`
			`{`
			`Ok(p) => p,`
			`Err(e) => return Json(e.into()),`
			`}`
			`} else {`
			`0`
			`};`

add: ban ipv6 addresses by prefix assumes all ipv6 addresses have 64-bit prefix (8 bytes at the start + 2 bytes for colons) 2025-05-21 23:32:45 -04:00			`// ...`
add: questions, requests 2025-04-12 22:25:54 -04:00			`let mut props = Post::new(`
			`req.content,`
			`match req.community.parse::<usize>() {`
			`Ok(x) => x,`
			`Err(e) => return Json(Error::MiscError(e.to_string()).into()),`
			`},`
			`if let Some(rt) = req.replying_to {`
			`match rt.parse::<usize>() {`
			`Ok(x) => Some(x),`
add: profiles ui, communities ui, posts ui 2025-03-29 00:26:56 -04:00			`Err(e) => return Json(Error::MiscError(e.to_string()).into()),`
add: questions, requests 2025-04-12 22:25:54 -04:00			`}`
			`} else {`
			`None`
			`},`
			`user.id,`
add: polls backend TODO: polls frontend 2025-06-03 23:35:34 -04:00			`poll_id,`
add: questions, requests 2025-04-12 22:25:54 -04:00			`);`

			`if !req.answering.is_empty() {`
			`// we're answering a question!`
			`props.context.answering = match req.answering.parse::<usize>() {`
			`Ok(x) => x,`
			`Err(e) => return Json(Error::MiscError(e.to_string()).into()),`
			`};`
			`}`

add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`// check sizes`
			`for img in &images {`
add: ability to manage uploads 2025-05-11 15:20:15 -04:00			`if img.len() > MAXIMUM_FILE_SIZE {`
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`return Json(Error::DataTooLong("image".to_string()).into());`
			`}`
			`}`

			`// create uploads`
			`for _ in 0..images.len() {`
			`props.uploads.push(`
			`match data`
			`.create_upload(MediaUpload::new(MediaType::Webp, props.owner))`
			`.await`
			`{`
			`Ok(u) => u.id,`
			`Err(e) => return Json(e.into()),`
			`},`
			`);`
			`}`

			`// ...`
			`match data.create_post(props.clone()).await {`
			`Ok(id) => {`
			`// write to uploads`
			`for (i, upload_id) in props.uploads.iter().enumerate() {`
			`let image = match images.get(i) {`
			`Some(img) => img,`
			`None => {`
			`if let Err(e) = data.delete_upload(*upload_id).await {`
			`return Json(e.into());`
			`}`

			`continue;`
			`}`
			`};`

			`let upload = match data.get_upload_by_id(*upload_id).await {`
			`Ok(u) => u,`
			`Err(e) => return Json(e.into()),`
			`};`

fix: username and community title validation 2025-05-19 19:31:12 -04:00			`if let Err(e) =`
add: move database drivers to oiseau 2025-06-08 14:15:42 -04:00			`save_webp_buffer(&upload.path(&data.0.0).to_string(), image.to_vec(), None)`
add: lossy encode webp images 2025-05-17 11:28:58 -04:00			`{`
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`return Json(Error::MiscError(e.to_string()).into());`
			`}`
			`}`

			`// return`
			`Json(ApiReturn {`
			`ok: true,`
			`message: "Post created".to_string(),`
			`payload: Some(id.to_string()),`
			`})`
			`}`
add: ability to join/leave/be banned from communities 2025-03-31 15:39:49 -04:00			`Err(e) => Json(e.into()),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`}`
			`}`

add reposts/quotes fix #2 2025-04-10 18:16:52 -04:00			`pub async fn create_repost_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
			`Json(req): Json<CreateRepost>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`match data`
			`.create_post(Post::repost(`
			`req.content,`
			`match req.community.parse::<usize>() {`
			`Ok(x) => x,`
			`Err(e) => return Json(Error::MiscError(e.to_string()).into()),`
			`},`
			`user.id,`
			`id,`
			`))`
			`.await`
			`{`
			`Ok(id) => Json(ApiReturn {`
			`ok: true,`
			`message: "Post reposted".to_string(),`
			`payload: Some(id.to_string()),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`

add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`pub async fn delete_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

fix: stacks manage page when user deletes profile add: allow moderators to view deleted posts 2025-05-16 16:09:21 -04:00			`match data.fake_delete_post(id, user, true).await {`
			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
			`message: "Post deleted".to_string(),`
			`payload: (),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`

add: purge/restore post api 2025-05-16 16:20:24 -04:00			`pub async fn purge_request(`
fix: stacks manage page when user deletes profile add: allow moderators to view deleted posts 2025-05-16 16:09:21 -04:00			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`if !user.permissions.check(FinePermission::MANAGE_POSTS) {`
			`return Json(Error::NotAllowed.into());`
			`}`

add: post comments add: user follow api, user block api 2025-03-25 22:52:47 -04:00			`match data.delete_post(id, user).await {`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
add: communities list page TODO(ui): implement community creation, community viewing, community posting TODO(ui): implement profile following, followers, and posts feed 2025-03-27 18:10:47 -04:00			`message: "Post deleted".to_string(),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`payload: (),`
			`}),`
add: ability to join/leave/be banned from communities 2025-03-31 15:39:49 -04:00			`Err(e) => Json(e.into()),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`}`
			`}`

add: purge/restore post api 2025-05-16 16:20:24 -04:00			`pub async fn restore_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`if !user.permissions.check(FinePermission::MANAGE_POSTS) {`
			`return Json(Error::NotAllowed.into());`
			`}`

			`match data.fake_delete_post(id, user, false).await {`
			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
			`message: "Post restored".to_string(),`
			`payload: (),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`

add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`pub async fn update_content_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
add: profiles ui, communities ui, posts ui 2025-03-29 00:26:56 -04:00			`Json(req): Json<UpdatePostContent>,`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

add: user follows, user blocks, ip bans TODO: implement user following API endpoints TODO: implement user blocking API endpoints TODO: don't allow blocked users to interact with the users who blocked them 2025-03-25 21:19:55 -04:00			`match data.update_post_content(id, user, req.content).await {`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
add: communities list page TODO(ui): implement community creation, community viewing, community posting TODO(ui): implement profile following, followers, and posts feed 2025-03-27 18:10:47 -04:00			`message: "Post updated".to_string(),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`payload: (),`
			`}),`
add: ability to join/leave/be banned from communities 2025-03-31 15:39:49 -04:00			`Err(e) => Json(e.into()),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`}`
			`}`
add: journal entry context 2025-03-24 20:23:52 -04:00
			`pub async fn update_context_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
add: profiles ui, communities ui, posts ui 2025-03-29 00:26:56 -04:00			`Json(req): Json<UpdatePostContext>,`
add: journal entry context 2025-03-24 20:23:52 -04:00			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

fix: mark all notifications as read/unread fix: check profile status, warning, and biography length fix: check post warning and tags length 2025-05-28 13:06:48 -04:00			`// check lengths`
			`if req.context.tags.len() > 512 {`
			`return Json(Error::DataTooLong("tags".to_string()).into());`
			`}`

			`if req.context.content_warning.len() > 512 {`
			`return Json(Error::DataTooLong("warning".to_string()).into());`
			`}`

			`// ...`
add: user follows, user blocks, ip bans TODO: implement user following API endpoints TODO: implement user blocking API endpoints TODO: don't allow blocked users to interact with the users who blocked them 2025-03-25 21:19:55 -04:00			`match data.update_post_context(id, user, req.context).await {`
add: journal entry context 2025-03-24 20:23:52 -04:00			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
add: communities list page TODO(ui): implement community creation, community viewing, community posting TODO(ui): implement profile following, followers, and posts feed 2025-03-27 18:10:47 -04:00			`message: "Post updated".to_string(),`
add: journal entry context 2025-03-24 20:23:52 -04:00			`payload: (),`
			`}),`
add: ability to join/leave/be banned from communities 2025-03-31 15:39:49 -04:00			`Err(e) => Json(e.into()),`
add: journal entry context 2025-03-24 20:23:52 -04:00			`}`
			`}`
add: polls backend TODO: polls frontend 2025-06-03 23:35:34 -04:00
			`pub async fn vote_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
			`Json(req): Json<VoteInPoll>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`let post = match data.get_post_by_id(id).await {`
			`Ok(p) => p,`
			`Err(e) => return Json(e.into()),`
			`};`

			`let poll = match data.get_poll_by_id(post.poll_id).await {`
			`Ok(p) => p,`
			`Err(e) => return Json(e.into()),`
			`};`

add: check associated when voting on polls 2025-06-06 15:57:31 -04:00			`// check associated accounts for prior votes`
			`for id in user.associated {`
			`if data.get_pollvote_by_owner_poll(id, poll.id).await.is_ok() {`
			`return Json(`
			`Error::MiscError(`
			`"You've already voted on this poll on a different account".to_string(),`
			`)`
			`.into(),`
			`);`
			`}`
			`}`

add: polls backend TODO: polls frontend 2025-06-03 23:35:34 -04:00			`// ...`
			`match data`
			`.create_pollvote(PollVote::new(user.id, poll.id, req.option))`
			`.await`
			`{`
			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
			`message: "Vote cast".to_string(),`
			`payload: (),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`