t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: mark all notifications as read/unread

Browse source 
fix: check profile status, warning, and biography length
fix: check post warning and tags length
This commit is contained in:
trisua 2025-05-28 13:06:48 -04:00
parent 3f6f1eda9f
commit 013bc0b45f
4 changed files with 54 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

12
crates/app/src/routes/api/v1/auth/profile.rs
View file

@ -105,6 +105,18 @@ pub async fn update_user_settings_request(
return Json(Error::DataTooLong("display name".to_string()).into());
}
if req.warning.len() > 2048 {
return Json(Error::DataTooLong("warning".to_string()).into());
}
if req.status.len() > 256 {
return Json(Error::DataTooLong("status".to_string()).into());
}
if req.biography.len() > 4096 {
return Json(Error::DataTooLong("warning".to_string()).into());
}
// check percentage themes
if !req.theme_sat.is_empty() && !req.theme_sat.ends_with("%") {
req.theme_sat = format!("{}%", req.theme_sat)

10
crates/app/src/routes/api/v1/communities/posts.rs
View file

@ -289,6 +289,16 @@ pub async fn update_context_request(
None => return Json(Error::NotAllowed.into()),
};
// check lengths
if req.context.tags.len() > 512 {
return Json(Error::DataTooLong("tags".to_string()).into());
}
if req.context.content_warning.len() > 512 {
return Json(Error::DataTooLong("warning".to_string()).into());
}
// ...
match data.update_post_context(id, user, req.context).await {
Ok(_) => Json(ApiReturn {
ok: true,

1
crates/core/src/database/auth.rs
View file

@ -706,6 +706,7 @@ impl DataManager {
auto_method!(update_user_notification_count(i32)@get_user_by_id -> "UPDATE users SET notification_count = $1 WHERE id = $2" --cache-key-tmpl=cache_clear_user);
auto_method!(incr_user_notifications()@get_user_by_id -> "UPDATE users SET notification_count = notification_count + 1 WHERE id = $1" --cache-key-tmpl=cache_clear_user --incr);
auto_method!(decr_user_notifications()@get_user_by_id -> "UPDATE users SET notification_count = notification_count - 1 WHERE id = $1" --cache-key-tmpl=cache_clear_user --decr=notification_count);
auto_method!(set_user_notifications(i32)@get_user_by_id -> "UPDATE users SET notification_count = $1 WHERE id = $2" --cache-key-tmpl=cache_clear_user);
auto_method!(incr_user_follower_count()@get_user_by_id -> "UPDATE users SET follower_count = follower_count + 1 WHERE id = $1" --cache-key-tmpl=cache_clear_user --incr);
auto_method!(decr_user_follower_count()@get_user_by_id -> "UPDATE users SET follower_count = follower_count - 1 WHERE id = $1" --cache-key-tmpl=cache_clear_user --decr=follower_count);

39
crates/core/src/database/notifications.rs
View file

@ -250,22 +250,45 @@ impl DataManager {
pub async fn update_all_notifications_read(&self, user: &User, read: bool) -> Result<()> {
let notifications = self.get_notifications_by_owner(user.id).await?;
if notifications.len() > 1000 {
return Err(Error::MiscError(
"Too many notifications to do this".to_string(),
));
}
let mut changed_count: i32 = 0;
for notification in notifications {
if notification.read == read {
// no need to update this
continue;
}
self.update_notification_read(notification.id, read, user)
.await?
changed_count += 1;
self.2
.remove(format!("atto.notification:{}", notification.id))
.await;
}
// execute
let conn = match self.connect().await {
Ok(c) => c,
Err(e) => return Err(Error::DatabaseConnection(e.to_string())),
};
let res = execute!(
&conn,
"UPDATE notifications SET read = $1 WHERE owner = $2",
params![&{ if read { 1 } else { 0 } }, &(user.id as i64)]
);
if let Err(e) = res {
return Err(Error::DatabaseError(e.to_string()));
}
// use changed_count to update user counts
if read == false {
// we don't need to update when marking things as read since that should just be 0
self.set_user_notifications(user.id, changed_count).await?;
} else {
self.set_user_notifications(user.id, 0).await?;
}
// ...
Ok(())
}
}