diff --git a/crates/app/src/public/html/post/likes.html b/crates/app/src/public/html/post/likes.html
index f1c826e..bafbf1e 100644
--- a/crates/app/src/public/html/post/likes.html
+++ b/crates/app/src/public/html/post/likes.html
@@ -33,11 +33,6 @@
{{ icon "quote" }}
{{ text "communities:label.quotes" }}
-
-
- {{ icon "heart" }}
- {{ text "communities:label.likes" }}
-
{% if (user and user.id == post.owner) or can_manage_posts %}
@@ -48,6 +43,11 @@
{{ text "communities:label.edit_content" }}
{% endif %}
+
+ {{ icon "heart" }}
+ {{ text "communities:label.likes" }}
+
+
{{ icon "settings" }}
{{ text "communities:action.configure" }}
diff --git a/crates/app/src/public/html/post/post.html b/crates/app/src/public/html/post/post.html
index f4536ba..8d5682f 100644
--- a/crates/app/src/public/html/post/post.html
+++ b/crates/app/src/public/html/post/post.html
@@ -73,11 +73,6 @@
{{ icon "quote" }}
{{ text "communities:label.quotes" }}
-
-
- {{ icon "heart" }}
- {{ text "communities:label.likes" }}
-
{% if (user and user.id == post.owner) or can_manage_posts %}
@@ -88,6 +83,12 @@
{{ text "communities:label.edit_content" }}
{% endif %}
+
+
+ {{ icon "heart" }}
+ {{ text "communities:label.likes" }}
+
+
{{ icon "settings" }}
{{ text "communities:action.configure" }}
diff --git a/crates/app/src/public/html/post/quotes.html b/crates/app/src/public/html/post/quotes.html
index 7202025..8030d66 100644
--- a/crates/app/src/public/html/post/quotes.html
+++ b/crates/app/src/public/html/post/quotes.html
@@ -33,11 +33,6 @@
{{ icon "quote" }}
{{ text "communities:label.quotes" }}
-
-
- {{ icon "heart" }}
- {{ text "communities:label.likes" }}
-
{% if (user and user.id == post.owner) or can_manage_posts %}
@@ -48,6 +43,11 @@
{{ text "communities:label.edit_content" }}
{% endif %}
+
+ {{ icon "heart" }}
+ {{ text "communities:label.likes" }}
+
+
{{ icon "settings" }}
{{ text "communities:action.configure" }}
diff --git a/crates/app/src/public/html/post/reposts.html b/crates/app/src/public/html/post/reposts.html
index da84561..b82059d 100644
--- a/crates/app/src/public/html/post/reposts.html
+++ b/crates/app/src/public/html/post/reposts.html
@@ -33,11 +33,6 @@
{{ icon "quote" }}
{{ text "communities:label.quotes" }}
-
-
- {{ icon "heart" }}
- {{ text "communities:label.likes" }}
-
{% if (user and user.id == post.owner) or can_manage_posts %}
@@ -48,6 +43,11 @@
{{ text "communities:label.edit_content" }}
{% endif %}
+
+ {{ icon "heart" }}
+ {{ text "communities:label.likes" }}
+
+
{{ icon "settings" }}
{{ text "communities:action.configure" }}
diff --git a/crates/app/src/routes/pages/communities.rs b/crates/app/src/routes/pages/communities.rs
index 3ce74a9..27ae107 100644
--- a/crates/app/src/routes/pages/communities.rs
+++ b/crates/app/src/routes/pages/communities.rs
@@ -842,31 +842,44 @@ pub async fn likes_request(
Extension(data): Extension,
) -> impl IntoResponse {
let data = data.read().await;
- let user = get_user_from_token!(jar, data.0);
+ let user = match get_user_from_token!(jar, data.0) {
+ Some(ua) => ua,
+ None => {
+ return Err(Html(
+ render_error(Error::NotAllowed, &jar, &data, &None).await,
+ ));
+ }
+ };
let post = match data.0.get_post_by_id(id).await {
Ok(p) => p,
- Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
+ Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
let community = match data.0.get_community_by_id(post.community).await {
Ok(c) => c,
- Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
+ Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
- let ignore_users = if let Some(ref ua) = user {
- data.0.get_userblocks_receivers(ua.id).await
- } else {
- Vec::new()
- };
+ let ignore_users = data.0.get_userblocks_receivers(user.id).await;
// ...
- let owner = match data.0.get_user_by_id(post.owner).await {
- Ok(ua) => ua,
- Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
- };
+ let ua = Some(user.clone());
+ let membership = data
+ .0
+ .get_membership_by_owner_community(user.id, community.id)
+ .await
+ .unwrap();
- check_user_blocked_or_private!(user, owner, data, jar);
+ if user.id != post.owner
+ && user.id != community.owner
+ && !membership.role.check(CommunityPermission::MANAGE_POSTS)
+ && !user.permissions.check(FinePermission::MANAGE_POSTS)
+ {
+ return Err(Html(
+ render_error(Error::NotAllowed, &jar, &data, &None).await,
+ ));
+ }
// check repost
let reposting = data.0.get_post_reposting(&post, &ignore_users).await;
@@ -874,36 +887,32 @@ pub async fn likes_request(
// check question
let question = match data.0.get_post_question(&post, &ignore_users).await {
Ok(q) => q,
- Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
+ Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
// check permissions
- let (can_read, _) = check_permissions!(community, jar, data, user);
+ let (can_read, _) = check_permissions!(community, jar, data, ua);
if !can_read {
return Err(Html(
- render_error(Error::NotAllowed, &jar, &data, &user).await,
+ render_error(Error::NotAllowed, &jar, &data, &Some(user)).await,
));
}
// ...
- let ignore_users = if let Some(ref ua) = user {
- data.0.get_userblocks_receivers(ua.id).await
- } else {
- Vec::new()
- };
+ let ignore_users = data.0.get_userblocks_receivers(user.id).await;
let list = match data.0.get_reactions_by_asset(post.id, 12, props.page).await {
Ok(p) => match data.0.fill_reactions(&p, ignore_users).await {
Ok(p) => p,
- Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
+ Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
},
- Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
+ Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
// init context
let lang = get_lang!(jar, data.0);
- let mut context = initial_context(&data.0.0, lang, &user).await;
+ let mut context = initial_context(&data.0.0, lang, &Some(user)).await;
let (
is_owner,
@@ -914,7 +923,7 @@ pub async fn likes_request(
can_manage_community,
can_manage_roles,
can_manage_questions,
- ) = community_context_bools!(data, user, community);
+ ) = community_context_bools!(data, ua, community);
context.insert("post", &post);
context.insert("question", &question);