add: temporary bans

crates/app/src/routes/api/v1/auth/connections/stripe.rs

@@ -179,7 +179,7 @@ pub async fn stripe_webhook(
                 let new_user_permissions = user.permissions | FinePermission::SUPPORTER;
 
                 if let Err(e) = data
-                    .update_user_role(user.id, new_user_permissions, user.clone(), true)
+                    .update_user_role(user.id, new_user_permissions, &user, true)
                     .await
                 {
                     return Json(e.into());
@@ -225,7 +225,7 @@ pub async fn stripe_webhook(
                     user.secondary_permissions | SecondaryPermission::DEVELOPER_PASS;
 
                 if let Err(e) = data
-                    .update_user_secondary_role(user.id, new_user_permissions, user.clone(), true)
+                    .update_user_secondary_role(user.id, new_user_permissions, &user, true)
                     .await
                 {
                     return Json(e.into());
@@ -284,7 +284,7 @@ pub async fn stripe_webhook(
                 let new_user_permissions = user.permissions - FinePermission::SUPPORTER;
 
                 if let Err(e) = data
-                    .update_user_role(user.id, new_user_permissions, user.clone(), true)
+                    .update_user_role(user.id, new_user_permissions, &user, true)
                     .await
                 {
                     return Json(e.into());
@@ -310,7 +310,7 @@ pub async fn stripe_webhook(
                     user.secondary_permissions - SecondaryPermission::DEVELOPER_PASS;
 
                 if let Err(e) = data
-                    .update_user_secondary_role(user.id, new_user_permissions, user.clone(), true)
+                    .update_user_secondary_role(user.id, new_user_permissions, &user, true)
                     .await
                 {
                     return Json(e.into());
@@ -396,7 +396,7 @@ pub async fn stripe_webhook(
                 let new_user_permissions = user.permissions - FinePermission::SUPPORTER;
 
                 if let Err(e) = data
-                    .update_user_role(user.id, new_user_permissions, user.clone(), true)
+                    .update_user_role(user.id, new_user_permissions, &user, true)
                     .await
                 {
                     return Json(e.into());
@@ -437,7 +437,7 @@ pub async fn stripe_webhook(
                     user.secondary_permissions - SecondaryPermission::DEVELOPER_PASS;
 
                 if let Err(e) = data
-                    .update_user_secondary_role(user.id, new_user_permissions, user.clone(), true)
+                    .update_user_secondary_role(user.id, new_user_permissions, &user, true)
                     .await
                 {
                     return Json(e.into());

crates/app/src/routes/api/v1/auth/profile.rs

@@ -4,9 +4,9 @@ use crate::{
     model::{ApiReturn, Error},
     routes::api::v1::{
         AppendAssociations, AwardAchievement, DeleteUser, DisableTotp, RefreshGrantToken,
-        UpdateSecondaryUserRole, UpdateUserAwaitingPurchase, UpdateUserBanReason,
-        UpdateUserInviteCode, UpdateUserIsDeactivated, UpdateUserIsVerified, UpdateUserPassword,
-        UpdateUserRole, UpdateUserUsername,
+        UpdateSecondaryUserRole, UpdateUserAwaitingPurchase, UpdateUserBanExpire,
+        UpdateUserBanReason, UpdateUserInviteCode, UpdateUserIsDeactivated, UpdateUserIsVerified,
+        UpdateUserPassword, UpdateUserRole, UpdateUserUsername,
     },
     State,
 };
@@ -423,7 +423,7 @@ pub async fn update_user_role_request(
         None => return Json(Error::NotAllowed.into()),
     };
 
-    match data.update_user_role(id, req.role, user, false).await {
+    match data.update_user_role(id, req.role, &user, false).await {
         Ok(_) => Json(ApiReturn {
             ok: true,
             message: "User updated".to_string(),
@@ -449,7 +449,7 @@ pub async fn update_user_secondary_role_request(
     };
 
     match data
-        .update_user_secondary_role(id, req.role, user, false)
+        .update_user_secondary_role(id, req.role, &user, false)
         .await
     {
         Ok(_) => Json(ApiReturn {
@@ -490,6 +490,35 @@ pub async fn update_user_ban_reason_request(
     }
 }
 
+/// Update the ban expiration date of the given user.
+///
+/// Does not support third-party grants.
+pub async fn update_user_ban_expire_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(req): Json<UpdateUserBanExpire>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    if !user.permissions.check(FinePermission::MANAGE_USERS) {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data.update_user_ban_expire(id, req.expire as i64).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "User updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
 /// Update the current user's last seen value.
 pub async fn seen_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
     let data = &(data.read().await).0;

crates/app/src/routes/api/v1/mod.rs

@@ -340,6 +340,10 @@ pub fn routes() -> Router {
             "/auth/user/{id}/ban_reason",
             post(auth::profile::update_user_ban_reason_request),
         )
+        .route(
+            "/auth/user/{id}/ban_expire",
+            post(auth::profile::update_user_ban_expire_request),
+        )
         .route(
             "/auth/user/{id}",
             delete(auth::profile::delete_user_request),
@@ -916,6 +920,11 @@ pub struct UpdateUserBanReason {
     pub reason: String,
 }
 
+#[derive(Deserialize)]
+pub struct UpdateUserBanExpire {
+    pub expire: usize,
+}
+
 #[derive(Deserialize)]
 pub struct UpdateUserInviteCode {
     pub invite_code: String,