tetratto/crates/app/src/routes/api/v1/communities/posts.rs

use std::fs::exists;
use axum::{body::Body, extract::Path, response::IntoResponse, Extension, Json};
use axum_extra::extract::CookieJar;
use image::ImageFormat;
use pathbufd::PathBufD;
use tetratto_core::model::{
    communities::Post,
    permissions::FinePermission,
    uploads::{MediaType, MediaUpload},
    ApiReturn, Error,
};
use crate::{
    get_user_from_token,
    image::{save_buffer, JsonMultipart},
    routes::api::v1::{
        auth::images::read_image, CreatePost, CreateRepost, UpdatePostContent, UpdatePostContext,
    },
    State,
};

// maximum file dimensions: 2048x2048px (4 MiB)
pub const MAXIUMUM_FILE_SIZE: usize = 4194304;

pub async fn create_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    JsonMultipart(images, req): JsonMultipart<CreatePost>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    if !user.permissions.check(FinePermission::SUPPORTER) {
        if images.len() > 0 {
            // this is currently supporter only until it's been tested better...
            // after it's fully release, file limit will be raised to 8 MiB for supporters,
            // and left at 4 for non-supporters
            return Json(Error::RequiresSupporter.into());
        }
    }

    if images.len() > 4 {
        return Json(
            Error::MiscError("Too many uploads. Please use a maximum of 4".to_string()).into(),
        );
    }

    let mut props = Post::new(
        req.content,
        match req.community.parse::<usize>() {
            Ok(x) => x,
            Err(e) => return Json(Error::MiscError(e.to_string()).into()),
        },
        if let Some(rt) = req.replying_to {
            match rt.parse::<usize>() {
                Ok(x) => Some(x),
                Err(e) => return Json(Error::MiscError(e.to_string()).into()),
            }
        } else {
            None
        },
        user.id,
    );

    if !req.answering.is_empty() {
        // we're answering a question!
        props.context.answering = match req.answering.parse::<usize>() {
            Ok(x) => x,
            Err(e) => return Json(Error::MiscError(e.to_string()).into()),
        };
    }

    // check sizes
    for img in &images {
        if img.len() > MAXIUMUM_FILE_SIZE {
            return Json(Error::DataTooLong("image".to_string()).into());
        }
    }

    // create uploads
    for _ in 0..images.len() {
        props.uploads.push(
            match data
                .create_upload(MediaUpload::new(MediaType::Webp, props.owner))
                .await
            {
                Ok(u) => u.id,
                Err(e) => return Json(e.into()),
            },
        );
    }

    // ...
    match data.create_post(props.clone()).await {
        Ok(id) => {
            // write to uploads
            for (i, upload_id) in props.uploads.iter().enumerate() {
                let image = match images.get(i) {
                    Some(img) => img,
                    None => {
                        if let Err(e) = data.delete_upload(*upload_id).await {
                            return Json(e.into());
                        }

                        continue;
                    }
                };

                let upload = match data.get_upload_by_id(*upload_id).await {
                    Ok(u) => u,
                    Err(e) => return Json(e.into()),
                };

                if let Err(e) = save_buffer(
                    &upload.path(&data.0).to_string(),
                    image.to_vec(),
                    ImageFormat::WebP,
                ) {
                    return Json(Error::MiscError(e.to_string()).into());
                }
            }

            // return
            Json(ApiReturn {
                ok: true,
                message: "Post created".to_string(),
                payload: Some(id.to_string()),
            })
        }
        Err(e) => Json(e.into()),
    }
}

pub async fn create_repost_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
    Json(req): Json<CreateRepost>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data
        .create_post(Post::repost(
            req.content,
            match req.community.parse::<usize>() {
                Ok(x) => x,
                Err(e) => return Json(Error::MiscError(e.to_string()).into()),
            },
            user.id,
            id,
        ))
        .await
    {
        Ok(id) => Json(ApiReturn {
            ok: true,
            message: "Post reposted".to_string(),
            payload: Some(id.to_string()),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn get_upload_request(
    Path(id): Path<usize>,
    Extension(data): Extension<State>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;

    let upload = data.get_upload_by_id(id).await.unwrap();
    let path = upload.path(&data.0);

    if !exists(&path).unwrap() {
        return Err((
            [("Content-Type", "image/svg+xml")],
            Body::from(read_image(PathBufD::current().extend(&[
                data.0.dirs.media.as_str(),
                "images",
                "default-banner.svg",
            ]))),
        ));
    }

    Ok((
        [("Content-Type", upload.what.mime())],
        Body::from(read_image(path)),
    ))
}

pub async fn delete_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data.delete_post(id, user).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Post deleted".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn update_content_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
    Json(req): Json<UpdatePostContent>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data.update_post_content(id, user, req.content).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Post updated".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}

pub async fn update_context_request(
    jar: CookieJar,
    Extension(data): Extension<State>,
    Path(id): Path<usize>,
    Json(req): Json<UpdatePostContext>,
) -> impl IntoResponse {
    let data = &(data.read().await).0;
    let user = match get_user_from_token!(jar, data) {
        Some(ua) => ua,
        None => return Json(Error::NotAllowed.into()),
    };

    match data.update_post_context(id, user, req.context).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
            message: "Post updated".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
    }
}
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`use std::fs::exists;`
			`use axum::{body::Body, extract::Path, response::IntoResponse, Extension, Json};`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`use axum_extra::extract::CookieJar;`
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`use image::ImageFormat;`
			`use pathbufd::PathBufD;`
			`use tetratto_core::model::{`
			`communities::Post,`
			`permissions::FinePermission,`
			`uploads::{MediaType, MediaUpload},`
			`ApiReturn, Error,`
			`};`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`use crate::{`
add reposts/quotes fix #2 2025-04-10 18:16:52 -04:00			`get_user_from_token,`
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`image::{save_buffer, JsonMultipart},`
			`routes::api::v1::{`
			`auth::images::read_image, CreatePost, CreateRepost, UpdatePostContent, UpdatePostContext,`
			`},`
add reposts/quotes fix #2 2025-04-10 18:16:52 -04:00			`State,`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`};`

add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`// maximum file dimensions: 2048x2048px (4 MiB)`
			`pub const MAXIUMUM_FILE_SIZE: usize = 4194304;`

add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`pub async fn create_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`JsonMultipart(images, req): JsonMultipart<CreatePost>,`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`if !user.permissions.check(FinePermission::SUPPORTER) {`
			`if images.len() > 0 {`
			`// this is currently supporter only until it's been tested better...`
			`// after it's fully release, file limit will be raised to 8 MiB for supporters,`
			`// and left at 4 for non-supporters`
			`return Json(Error::RequiresSupporter.into());`
			`}`
			`}`

fix: only allow 4 uploads at once 2025-05-11 14:43:09 -04:00			`if images.len() > 4 {`
			`return Json(`
			`Error::MiscError("Too many uploads. Please use a maximum of 4".to_string()).into(),`
			`);`
			`}`

add: questions, requests 2025-04-12 22:25:54 -04:00			`let mut props = Post::new(`
			`req.content,`
			`match req.community.parse::<usize>() {`
			`Ok(x) => x,`
			`Err(e) => return Json(Error::MiscError(e.to_string()).into()),`
			`},`
			`if let Some(rt) = req.replying_to {`
			`match rt.parse::<usize>() {`
			`Ok(x) => Some(x),`
add: profiles ui, communities ui, posts ui 2025-03-29 00:26:56 -04:00			`Err(e) => return Json(Error::MiscError(e.to_string()).into()),`
add: questions, requests 2025-04-12 22:25:54 -04:00			`}`
			`} else {`
			`None`
			`},`
			`user.id,`
			`);`

			`if !req.answering.is_empty() {`
			`// we're answering a question!`
			`props.context.answering = match req.answering.parse::<usize>() {`
			`Ok(x) => x,`
			`Err(e) => return Json(Error::MiscError(e.to_string()).into()),`
			`};`
			`}`

add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`// check sizes`
			`for img in &images {`
			`if img.len() > MAXIUMUM_FILE_SIZE {`
			`return Json(Error::DataTooLong("image".to_string()).into());`
			`}`
			`}`

			`// create uploads`
			`for _ in 0..images.len() {`
			`props.uploads.push(`
			`match data`
			`.create_upload(MediaUpload::new(MediaType::Webp, props.owner))`
			`.await`
			`{`
			`Ok(u) => u.id,`
			`Err(e) => return Json(e.into()),`
			`},`
			`);`
			`}`

			`// ...`
			`match data.create_post(props.clone()).await {`
			`Ok(id) => {`
			`// write to uploads`
			`for (i, upload_id) in props.uploads.iter().enumerate() {`
			`let image = match images.get(i) {`
			`Some(img) => img,`
			`None => {`
			`if let Err(e) = data.delete_upload(*upload_id).await {`
			`return Json(e.into());`
			`}`

			`continue;`
			`}`
			`};`

			`let upload = match data.get_upload_by_id(*upload_id).await {`
			`Ok(u) => u,`
			`Err(e) => return Json(e.into()),`
			`};`

			`if let Err(e) = save_buffer(`
			`&upload.path(&data.0).to_string(),`
			`image.to_vec(),`
			`ImageFormat::WebP,`
			`) {`
			`return Json(Error::MiscError(e.to_string()).into());`
			`}`
			`}`

			`// return`
			`Json(ApiReturn {`
			`ok: true,`
			`message: "Post created".to_string(),`
			`payload: Some(id.to_string()),`
			`})`
			`}`
add: ability to join/leave/be banned from communities 2025-03-31 15:39:49 -04:00			`Err(e) => Json(e.into()),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`}`
			`}`

add reposts/quotes fix #2 2025-04-10 18:16:52 -04:00			`pub async fn create_repost_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
			`Json(req): Json<CreateRepost>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

			`match data`
			`.create_post(Post::repost(`
			`req.content,`
			`match req.community.parse::<usize>() {`
			`Ok(x) => x,`
			`Err(e) => return Json(Error::MiscError(e.to_string()).into()),`
			`},`
			`user.id,`
			`id,`
			`))`
			`.await`
			`{`
			`Ok(id) => Json(ApiReturn {`
			`ok: true,`
			`message: "Post reposted".to_string(),`
			`payload: Some(id.to_string()),`
			`}),`
			`Err(e) => Json(e.into()),`
			`}`
			`}`

add: post image uploads (supporter) 2025-05-11 14:27:55 -04:00			`pub async fn get_upload_request(`
			`Path(id): Path<usize>,`
			`Extension(data): Extension<State>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`

			`let upload = data.get_upload_by_id(id).await.unwrap();`
			`let path = upload.path(&data.0);`

			`if !exists(&path).unwrap() {`
			`return Err((`
			`[("Content-Type", "image/svg+xml")],`
			`Body::from(read_image(PathBufD::current().extend(&[`
			`data.0.dirs.media.as_str(),`
			`"images",`
			`"default-banner.svg",`
			`]))),`
			`));`
			`}`

			`Ok((`
			`[("Content-Type", upload.what.mime())],`
			`Body::from(read_image(path)),`
			`))`
			`}`

add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`pub async fn delete_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

add: post comments add: user follow api, user block api 2025-03-25 22:52:47 -04:00			`match data.delete_post(id, user).await {`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
add: communities list page TODO(ui): implement community creation, community viewing, community posting TODO(ui): implement profile following, followers, and posts feed 2025-03-27 18:10:47 -04:00			`message: "Post deleted".to_string(),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`payload: (),`
			`}),`
add: ability to join/leave/be banned from communities 2025-03-31 15:39:49 -04:00			`Err(e) => Json(e.into()),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`}`
			`}`

			`pub async fn update_content_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
add: profiles ui, communities ui, posts ui 2025-03-29 00:26:56 -04:00			`Json(req): Json<UpdatePostContent>,`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

add: user follows, user blocks, ip bans TODO: implement user following API endpoints TODO: implement user blocking API endpoints TODO: don't allow blocked users to interact with the users who blocked them 2025-03-25 21:19:55 -04:00			`match data.update_post_content(id, user, req.content).await {`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
add: communities list page TODO(ui): implement community creation, community viewing, community posting TODO(ui): implement profile following, followers, and posts feed 2025-03-27 18:10:47 -04:00			`message: "Post updated".to_string(),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`payload: (),`
			`}),`
add: ability to join/leave/be banned from communities 2025-03-31 15:39:49 -04:00			`Err(e) => Json(e.into()),`
add: pages api add: entries base add: entries api 2025-03-24 19:55:08 -04:00			`}`
			`}`
add: journal entry context 2025-03-24 20:23:52 -04:00
			`pub async fn update_context_request(`
			`jar: CookieJar,`
			`Extension(data): Extension<State>,`
			`Path(id): Path<usize>,`
add: profiles ui, communities ui, posts ui 2025-03-29 00:26:56 -04:00			`Json(req): Json<UpdatePostContext>,`
add: journal entry context 2025-03-24 20:23:52 -04:00			`) -> impl IntoResponse {`
			`let data = &(data.read().await).0;`
			`let user = match get_user_from_token!(jar, data) {`
			`Some(ua) => ua,`
			`None => return Json(Error::NotAllowed.into()),`
			`};`

add: user follows, user blocks, ip bans TODO: implement user following API endpoints TODO: implement user blocking API endpoints TODO: don't allow blocked users to interact with the users who blocked them 2025-03-25 21:19:55 -04:00			`match data.update_post_context(id, user, req.context).await {`
add: journal entry context 2025-03-24 20:23:52 -04:00			`Ok(_) => Json(ApiReturn {`
			`ok: true,`
add: communities list page TODO(ui): implement community creation, community viewing, community posting TODO(ui): implement profile following, followers, and posts feed 2025-03-27 18:10:47 -04:00			`message: "Post updated".to_string(),`
add: journal entry context 2025-03-24 20:23:52 -04:00			`payload: (),`
			`}),`
add: ability to join/leave/be banned from communities 2025-03-31 15:39:49 -04:00			`Err(e) => Json(e.into()),`
add: journal entry context 2025-03-24 20:23:52 -04:00			`}`
			`}`