tetratto/crates/app/src/routes/api/v1/notes.rs

use axum::{
    response::IntoResponse,
    extract::{Json, Path},
    Extension,
};
use crate::cookie::CookieJar;
use tetratto_shared::unix_epoch_timestamp;
use crate::{
    get_user_from_token,
    routes::api::v1::{
        CreateNote, RenderMarkdown, UpdateNoteContent, UpdateNoteDir, UpdateNoteTags,
        UpdateNoteTitle,
    },
    State,
};
use tetratto_core::{
    database::NAME_REGEX,
    model::{
        auth::AchievementName,
        journals::{JournalPrivacyPermission, Note},
        oauth,
        permissions::FinePermission,
        uploads::CustomEmoji,
        ApiReturn, Error,
    },
};

pub async fn get_request(
    jar: CookieJar,
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    let note = match data.get_note_by_id(id).await {
        Ok(x) => x,
        Err(e) => return Json(e.into()),
    };

    let journal = match data.get_journal_by_id(note.id).await {
        Ok(x) => x,
        Err(e) => return Json(e.into()),
    };

    if journal.privacy == JournalPrivacyPermission::Private
        && user.id != journal.owner
        && !user.permissions.contains(FinePermission::MANAGE_JOURNALS)
    {
        return Json(Error::NotAllowed.into());
    }

    Json(ApiReturn {
        ok: true,
        message: "Success".to_string(),
        payload: Some(note),
    })
}

pub async fn list_request(
    jar: CookieJar,
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    let journal = match data.get_journal_by_id(id).await {
        Ok(x) => x,
        Err(e) => return Json(e.into()),
    };

    if journal.privacy == JournalPrivacyPermission::Private
        && user.id != journal.owner
        && !user.permissions.contains(FinePermission::MANAGE_JOURNALS)
    {
        return Json(Error::NotAllowed.into());
    }

    match data.get_notes_by_journal(id).await {
        Ok(x) => Json(ApiReturn {
            ok: true,
            message: "Success".to_string(),
            payload: Some(x),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn create_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Json(props): Json<CreateNote>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateNotes) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data
        .create_note(Note::new(
            user.id,
            props.title,
            match props.journal.parse() {
                Ok(x) => x,
                Err(_) => return Json(Error::Unknown.into()),
            },
            props.content,
        ))
        .await
    {
        Ok(x) => Json(ApiReturn {
            ok: true,
            message: "Note created".to_string(),
            payload: Some(x.id.to_string()),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn update_title_request(
    jar: CookieJar,
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
    Json(mut props): Json<UpdateNoteTitle>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    let note = match data.get_note_by_id(id).await {
        Ok(n) => n,
        Err(e) => return Json(e.into()),
    };

    props.title = props.title.replace(" ", "_").to_lowercase();

    // check name
    let regex = regex::RegexBuilder::new(NAME_REGEX)
        .multi_line(true)
        .build()
        .unwrap();

    if regex.captures(&props.title).is_some() {
        return Json(Error::MiscError("This title contains invalid characters".to_string()).into());
    }

    // make sure this title isn't already in use
    if data
        .get_note_by_journal_title(note.journal, &props.title)
        .await
        .is_ok()
    {
        return Json(Error::TitleInUse.into());
    }

    // ...
    match data.update_note_title(id, &user, &props.title).await {
        Ok(_) => {
            // update note global status
            if note.is_global {
                if let Err(e) = data.update_note_is_global(id, 0).await {
                    return Json(e.into());
                }
            }

            // ...
            Json(ApiReturn {
                ok: true,
                message: "Note updated".to_string(),
                payload: (),
            })
        }
        Err(e) => Json(e.into()),
    }
}

pub async fn update_content_request(
    jar: CookieJar,
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
    Json(props): Json<UpdateNoteContent>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let mut user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    // award achievement
    if let Err(e) = data
        .add_achievement(&mut user, AchievementName::EditNote.into(), true)
        .await
    {
        return Json(e.into());
    }

    // ...
    match data.update_note_content(id, &user, &props.content).await {
        Ok(_) => {
            if let Err(e) = data
                .update_note_edited(id, unix_epoch_timestamp() as i64)
                .await
            {
                return Json(e.into());
            }

            Json(ApiReturn {
                ok: true,
                message: "Note updated".to_string(),
                payload: (),
            })
        }
        Err(e) => Json(e.into()),
    }
}

pub async fn delete_request(
    jar: CookieJar,
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data.delete_note(id, &user).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Note deleted".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn delete_by_dir_request(
    jar: CookieJar,
    Path((journal, id)): Path<(usize, usize)>,
    Extension(data): Extension<State>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data.delete_notes_by_journal_dir(journal, id, &user).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Notes deleted".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn render_markdown_request(Json(req): Json<RenderMarkdown>) -> impl IntoResponse {
    tetratto_shared::markdown::render_markdown(&CustomEmoji::replace(&req.content))
        .replace("\\@", "@")
        .replace("%5C@", "@")
}

pub async fn update_dir_request(
    jar: CookieJar,
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
    Json(props): Json<UpdateNoteDir>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    let note = match data.get_note_by_id(id).await {
        Ok(x) => x,
        Err(e) => return Json(e.into()),
    };

    let journal = match data.get_journal_by_id(note.journal).await {
        Ok(x) => x,
        Err(e) => return Json(e.into()),
    };

    // make sure dir exists
    let dir = match props.dir.parse::<usize>() {
        Ok(d) => d,
        Err(_) => return Json(Error::Unknown.into()),
    };

    if dir != 0 {
        if journal.dirs.iter().find(|x| x.0 == dir).is_none() {
            return Json(Error::GeneralNotFound("directory".to_string()).into());
        }
    }

    // ...
    match data.update_note_dir(id, &user, dir as i64).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Note updated".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn update_tags_request(
    jar: CookieJar,
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
    Json(props): Json<UpdateNoteTags>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data.update_note_tags(id, &user, props.tags).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Note updated".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn publish_request(
    jar: CookieJar,
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    let note = match data.get_note_by_id(id).await {
        Ok(n) => n,
        Err(e) => return Json(e.into()),
    };

    if user.id != note.owner {
        return Json(Error::NotAllowed.into());
    }

    // check count
    if data.get_user_global_notes_count(user.id).await.unwrap_or(0)
        >= if user.permissions.check(FinePermission::SUPPORTER) {
            10
        } else {
            5
        }
    {
        return Json(
            Error::MiscError(
                "You already have the maximum number of global notes you can have".to_string(),
            )
            .into(),
        );
    }

    // make sure note doesn't already exist globally
    if data.get_global_note_by_title(&note.title).await.is_ok() {
        return Json(
            Error::MiscError(
                "Note name is already in use globally. Please change the name and try again"
                    .to_string(),
            )
            .into(),
        );
    }

    // ...
    match data.update_note_is_global(id, 1).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Note updated".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn unpublish_request(
    jar: CookieJar,
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    let note = match data.get_note_by_id(id).await {
        Ok(n) => n,
        Err(e) => return Json(e.into()),
    };

    if user.id != note.owner {
        return Json(Error::NotAllowed.into());
    }

    // ...
    match data.update_note_is_global(id, 0).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Note updated".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`use axum::{`
			`response::IntoResponse,`
			`extract::{Json, Path},`
			`Extension,`
			`};`
add: user requests in js app sdk 2025-07-19 00:44:12 -04:00			`use crate::cookie::CookieJar;`
add: journals + notes 2025-06-19 15:48:04 -04:00			`use tetratto_shared::unix_epoch_timestamp;`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`use crate::{`
			`get_user_from_token,`
add: journal note tags and directories 2025-06-21 19:44:28 -04:00			`routes::api::v1::{`
			`CreateNote, RenderMarkdown, UpdateNoteContent, UpdateNoteDir, UpdateNoteTags,`
			`UpdateNoteTitle,`
			`},`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`State,`
			`};`
fix: journal privacy 2025-06-19 16:19:57 -04:00			`use tetratto_core::{`
			`database::NAME_REGEX,`
			`model::{`
add: 4 more achievements 2025-06-29 18:38:32 -04:00			`auth::AchievementName,`
fix: journal privacy 2025-06-19 16:19:57 -04:00			`journals::{JournalPrivacyPermission, Note},`
			`oauth,`
			`permissions::FinePermission,`
			`uploads::CustomEmoji,`
			`ApiReturn, Error,`
			`},`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`};`

			`pub async fn get_request(`
			`jar: CookieJar,`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`let note = match data.get_note_by_id(id).await {`
			`Ok(x) => x,`
			`Err(e) => return Json(e.into()),`
			`};`

			`let journal = match data.get_journal_by_id(note.id).await {`
			`Ok(x) => x,`
			`Err(e) => return Json(e.into()),`
			`};`

			`if journal.privacy == JournalPrivacyPermission::Private`
			`&& user.id != journal.owner`
			`&& !user.permissions.contains(FinePermission::MANAGE_JOURNALS)`
			`{`
			`return Json(Error::NotAllowed.into());`
			`}`

			`Json(ApiReturn {`
			`ok: true,`
			`message: "Success".to_string(),`
			`payload: Some(note),`
			`})`
			`}`

			`pub async fn list_request(`
			`jar: CookieJar,`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`let journal = match data.get_journal_by_id(id).await {`
			`Ok(x) => x,`
			`Err(e) => return Json(e.into()),`
			`};`

			`if journal.privacy == JournalPrivacyPermission::Private`
			`&& user.id != journal.owner`
			`&& !user.permissions.contains(FinePermission::MANAGE_JOURNALS)`
			`{`
			`return Json(Error::NotAllowed.into());`
			`}`

			`match data.get_notes_by_journal(id).await {`
			`Ok(x) => Json(ApiReturn {`
			`ok: true,`
			`message: "Success".to_string(),`
			`payload: Some(x),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`

			`pub async fn create_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Json(props): Json<CreateNote>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateNotes) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`match data`
			`.create_note(Note::new(`
			`user.id,`
			`props.title,`
			`match props.journal.parse() {`
			`Ok(x) => x,`
			`Err(_) => return Json(Error::Unknown.into()),`
			`},`
			`props.content,`
			`))`
			`.await`
			`{`
			`Ok(x) => Json(ApiReturn {`
			`ok: true,`
			`message: "Note created".to_string(),`
add: journals + notes 2025-06-19 15:48:04 -04:00			`payload: Some(x.id.to_string()),`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`

			`pub async fn update_title_request(`
			`jar: CookieJar,`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
add: journals + notes 2025-06-19 15:48:04 -04:00			`Json(mut props): Json<UpdateNoteTitle>,`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

add: journals + notes 2025-06-19 15:48:04 -04:00			`let note = match data.get_note_by_id(id).await {`
			`Ok(n) => n,`
			`Err(e) => return Json(e.into()),`
			`};`

fix: make journal and note titles lowercase add: remove journal index route 2025-06-19 16:34:08 -04:00			`props.title = props.title.replace(" ", "_").to_lowercase();`
add: journals + notes 2025-06-19 15:48:04 -04:00
fix: journal privacy 2025-06-19 16:19:57 -04:00			`// check name`
			`let regex = regex::RegexBuilder::new(NAME_REGEX)`
			`.multi_line(true)`
			`.build()`
			`.unwrap();`

			`if regex.captures(&props.title).is_some() {`
			`return Json(Error::MiscError("This title contains invalid characters".to_string()).into());`
			`}`

add: journals + notes 2025-06-19 15:48:04 -04:00			`// make sure this title isn't already in use`
			`if data`
			`.get_note_by_journal_title(note.journal, &props.title)`
			`.await`
			`.is_ok()`
			`{`
			`return Json(Error::TitleInUse.into());`
			`}`

			`// ...`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`match data.update_note_title(id, &user, &props.title).await {`
add: global notes 2025-06-26 02:56:22 -04:00			`Ok(_) => {`
			`// update note global status`
			`if note.is_global {`
			`if let Err(e) = data.update_note_is_global(id, 0).await {`
			`return Json(e.into());`
			`}`
			`}`

			`// ...`
			`Json(ApiReturn {`
			`ok: true,`
			`message: "Note updated".to_string(),`
			`payload: (),`
			`})`
			`}`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`Err(e) => Json(e.into()),`
			`}`
			`}`

			`pub async fn update_content_request(`
			`jar: CookieJar,`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
			`Json(props): Json<UpdateNoteContent>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
add: 4 more achievements 2025-06-29 18:38:32 -04:00			`let mut user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

add: 4 more achievements 2025-06-29 18:38:32 -04:00			`// award achievement`
			`if let Err(e) = data`
add: dedicated responses tab for profiles 2025-07-06 13:34:20 -04:00			`.add_achievement(&mut user, AchievementName::EditNote.into(), true)`
add: 4 more achievements 2025-06-29 18:38:32 -04:00			`.await`
			`{`
			`return Json(e.into());`
			`}`

			`// ...`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`match data.update_note_content(id, &user, &props.content).await {`
add: journals + notes 2025-06-19 15:48:04 -04:00			`Ok(_) => {`
			`if let Err(e) = data`
			`.update_note_edited(id, unix_epoch_timestamp() as i64)`
			`.await`
			`{`
			`return Json(e.into());`
			`}`

			`Json(ApiReturn {`
			`ok: true,`
			`message: "Note updated".to_string(),`
			`payload: (),`
			`})`
			`}`
add: full journals api add: full notes api 2025-06-18 21:00:07 -04:00			`Err(e) => Json(e.into()),`
			`}`
			`}`

			`pub async fn delete_request(`
			`jar: CookieJar,`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`match data.delete_note(id, &user).await {`
			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
			`message: "Note deleted".to_string(),`
			`payload: (),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`
add: journals + notes 2025-06-19 15:48:04 -04:00
add: journal note tags and directories 2025-06-21 19:44:28 -04:00			`pub async fn delete_by_dir_request(`
			`jar: CookieJar,`
			`Path((journal, id)): Path<(usize, usize)>,`
			`Extension(data): Extension<State>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`match data.delete_notes_by_journal_dir(journal, id, &user).await {`
			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
			`message: "Notes deleted".to_string(),`
			`payload: (),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`

add: journals + notes 2025-06-19 15:48:04 -04:00			`pub async fn render_markdown_request(Json(req): Json<RenderMarkdown>) -> impl IntoResponse {`
			`tetratto_shared::markdown::render_markdown(&CustomEmoji::replace(&req.content))`
			`.replace("\\@", "@")`
			`.replace("%5C@", "@")`
			`}`
add: journal note tags and directories 2025-06-21 19:44:28 -04:00
			`pub async fn update_dir_request(`
			`jar: CookieJar,`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
			`Json(props): Json<UpdateNoteDir>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`let note = match data.get_note_by_id(id).await {`
			`Ok(x) => x,`
			`Err(e) => return Json(e.into()),`
			`};`

			`let journal = match data.get_journal_by_id(note.journal).await {`
			`Ok(x) => x,`
			`Err(e) => return Json(e.into()),`
			`};`

			`// make sure dir exists`
			`let dir = match props.dir.parse::<usize>() {`
			`Ok(d) => d,`
			`Err(_) => return Json(Error::Unknown.into()),`
			`};`

			`if dir != 0 {`
			`if journal.dirs.iter().find(\|x\| x.0 == dir).is_none() {`
			`return Json(Error::GeneralNotFound("directory".to_string()).into());`
			`}`
			`}`

			`// ...`
			`match data.update_note_dir(id, &user, dir as i64).await {`
			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
			`message: "Note updated".to_string(),`
			`payload: (),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`

			`pub async fn update_tags_request(`
			`jar: CookieJar,`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
			`Json(props): Json<UpdateNoteTags>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`match data.update_note_tags(id, &user, props.tags).await {`
			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
			`message: "Note updated".to_string(),`
			`payload: (),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`
add: global notes 2025-06-26 02:56:22 -04:00
			`pub async fn publish_request(`
			`jar: CookieJar,`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`let note = match data.get_note_by_id(id).await {`
			`Ok(n) => n,`
			`Err(e) => return Json(e.into()),`
			`};`

			`if user.id != note.owner {`
			`return Json(Error::NotAllowed.into());`
			`}`

			`// check count`
			`if data.get_user_global_notes_count(user.id).await.unwrap_or(0)`
			`>= if user.permissions.check(FinePermission::SUPPORTER) {`
			`10`
			`} else {`
			`5`
			`}`
			`{`
			`return Json(`
			`Error::MiscError(`
			`"You already have the maximum number of global notes you can have".to_string(),`
			`)`
			`.into(),`
			`);`
			`}`

			`// make sure note doesn't already exist globally`
			`if data.get_global_note_by_title(&note.title).await.is_ok() {`
			`return Json(`
			`Error::MiscError(`
			`"Note name is already in use globally. Please change the name and try again"`
			`.to_string(),`
			`)`
			`.into(),`
			`);`
			`}`

			`// ...`
			`match data.update_note_is_global(id, 1).await {`
			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
			`message: "Note updated".to_string(),`
			`payload: (),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`

			`pub async fn unpublish_request(`
			`jar: CookieJar,`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`let note = match data.get_note_by_id(id).await {`
			`Ok(n) => n,`
			`Err(e) => return Json(e.into()),`
			`};`

			`if user.id != note.owner {`
			`return Json(Error::NotAllowed.into());`
			`}`

			`// ...`
			`match data.update_note_is_global(id, 0).await {`
			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
			`message: "Note updated".to_string(),`
			`payload: (),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`