t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases 5 Packages Wiki Activity Actions

add: global notes

Browse source
This commit is contained in:
trisua 2025-06-26 02:56:22 -04:00
parent 59581f69c9
commit 2cd04b0db0
24 changed files with 371 additions and 608 deletions
Download patch file Download diff file Expand all files Collapse all files

285
crates/app/src/routes/api/v1/auth/links.rs
View file

@ -1,285 +0,0 @@
use axum::{
response::IntoResponse,
extract::{Json, Path},
Extension,
};
use axum_extra::extract::CookieJar;
use crate::{
get_user_from_token,
image::{save_webp_buffer, JsonMultipart},
routes::api::v1::{
CreateLink, UpdateLinkHref, UpdateLinkLabel, UpdateLinkPosition, UploadLinkIcon,
},
State,
};
use tetratto_core::model::{
links::Link,
oauth,
uploads::{MediaType, MediaUpload},
ApiReturn, Error,
};
pub async fn get_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
if get_user_from_token!(jar, data, oauth::AppScope::UserReadLinks).is_none() {
return Json(Error::NotAllowed.into());
};
let link = match data.get_link_by_id(id).await {
Ok(x) => x,
Err(e) => return Json(e.into()),
};
Json(ApiReturn {
ok: true,
message: "Success".to_string(),
payload: Some(link),
})
}
pub async fn list_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadLinks) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
match data.get_links_by_owner(user.id).await {
Ok(x) => Json(ApiReturn {
ok: true,
message: "Success".to_string(),
payload: Some(x),
}),
Err(e) => Json(e.into()),
}
}
pub async fn create_request(
jar: CookieJar,
Extension(data): Extension<State>,
Json(props): Json<CreateLink>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateLinks) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
match data
.create_link(
Link::new(
user.id,
props.label,
props.href,
match data.get_links_by_owner_count(user.id).await {
Ok(c) => (c + 1) as usize,
Err(e) => return Json(e.into()),
},
),
&user,
)
.await
{
Ok(x) => Json(ApiReturn {
ok: true,
message: "Link created".to_string(),
payload: Some(x.id.to_string()),
}),
Err(e) => Json(e.into()),
}
}
pub async fn update_label_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
Json(props): Json<UpdateLinkLabel>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
// ...
match data.update_link_label(id, &props.label).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub async fn update_href_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
Json(props): Json<UpdateLinkHref>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
// ...
match data.update_link_href(id, &props.href).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub async fn update_position_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
Json(props): Json<UpdateLinkPosition>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
if props.position < 0 {
return Json(Error::MiscError("Position must be an unsigned integer".to_string()).into());
}
// ...
match data.update_link_position(id, props.position).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub const MAXIMUM_FILE_SIZE: usize = 131072; // 128 KiB
pub async fn upload_icon_request(
jar: CookieJar,
Extension(data): Extension<State>,
JsonMultipart(images, props): JsonMultipart<UploadLinkIcon>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let id = match props.id.parse::<usize>() {
Ok(i) => i,
Err(_) => return Json(Error::Unknown.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
// create upload
let upload = match data
.create_upload(MediaUpload::new(MediaType::Webp, user.id))
.await
{
Ok(n) => n,
Err(e) => return Json(e.into()),
};
let image = match images.get(0) {
Some(i) => i,
None => return Json(Error::MiscError("Missing file".to_string()).into()),
};
if image.len() > MAXIMUM_FILE_SIZE {
return Json(Error::FileTooLarge.into());
}
// upload
if let Err(e) = save_webp_buffer(&upload.path(&data.0.0).to_string(), image.to_vec(), None) {
return Json(Error::MiscError(e.to_string()).into());
}
// ...
match data.update_link_upload_id(id, upload.id as i64).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub async fn delete_request(
jar: CookieJar,
Extension(data): Extension<State>,
Path(id): Path<usize>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageStacks) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
match data.delete_link(id).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link deleted".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}

1
crates/app/src/routes/api/v1/auth/mod.rs
View file

@ -1,7 +1,6 @@
pub mod connections;
pub mod images;
pub mod ipbans;
pub mod links;
pub mod profile;
pub mod social;
pub mod user_warnings;

40
crates/app/src/routes/api/v1/mod.rs
View file

@ -588,6 +588,8 @@ pub fn routes() -> Router {
.route("/notes/{id}/content", post(notes::update_content_request))
.route("/notes/{id}/dir", post(notes::update_dir_request))
.route("/notes/{id}/tags", post(notes::update_tags_request))
.route("/notes/{id}/global", post(notes::publish_request))
.route("/notes/{id}/global", delete(notes::unpublish_request))
.route("/notes/from_journal/{id}", get(notes::list_request))
.route("/notes/preview", post(notes::render_markdown_request))
.route(
@ -597,18 +599,6 @@ pub fn routes() -> Router {
// uploads
.route("/uploads/{id}", get(uploads::get_request))
.route("/uploads/{id}", delete(uploads::delete_request))
// links
.route("/links", get(auth::links::list_request))
.route("/links", post(auth::links::create_request))
.route("/links/{id}", get(auth::links::get_request))
.route("/links/{id}", delete(auth::links::delete_request))
.route("/links/icon", post(auth::links::upload_icon_request))
.route("/links/{id}/label", post(auth::links::update_label_request))
.route("/links/{id}/href", post(auth::links::update_href_request))
.route(
"/links/{id}/position",
post(auth::links::update_position_request),
)
}
#[derive(Deserialize)]
@ -982,29 +972,3 @@ pub struct RemoveJournalDir {
pub struct UpdateNoteTags {
pub tags: Vec<String>,
}
#[derive(Deserialize)]
pub struct CreateLink {
pub label: String,
pub href: String,
}
#[derive(Deserialize)]
pub struct UpdateLinkLabel {
pub label: String,
}
#[derive(Deserialize)]
pub struct UpdateLinkHref {
pub href: String,
}
#[derive(Deserialize)]
pub struct UpdateLinkPosition {
pub position: i32,
}
#[derive(Deserialize)]
pub struct UploadLinkIcon {
pub id: String,
}

109
crates/app/src/routes/api/v1/notes.rs
View file

@ -164,11 +164,21 @@ pub async fn update_title_request(
// ...
match data.update_note_title(id, &user, &props.title).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Note updated".to_string(),
payload: (),
}),
Ok(_) => {
// update note global status
if note.is_global {
if let Err(e) = data.update_note_is_global(id, 0).await {
return Json(e.into());
}
}
// ...
Json(ApiReturn {
ok: true,
message: "Note updated".to_string(),
payload: (),
})
}
Err(e) => Json(e.into()),
}
}
@ -318,3 +328,92 @@ pub async fn update_tags_request(
Err(e) => Json(e.into()),
}
}
pub async fn publish_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let note = match data.get_note_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if user.id != note.owner {
return Json(Error::NotAllowed.into());
}
// check count
if data.get_user_global_notes_count(user.id).await.unwrap_or(0)
>= if user.permissions.check(FinePermission::SUPPORTER) {
10
} else {
5
}
{
return Json(
Error::MiscError(
"You already have the maximum number of global notes you can have".to_string(),
)
.into(),
);
}
// make sure note doesn't already exist globally
if data.get_global_note_by_title(&note.title).await.is_ok() {
return Json(
Error::MiscError(
"Note name is already in use globally. Please change the name and try again"
.to_string(),
)
.into(),
);
}
// ...
match data.update_note_is_global(id, 1).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Note updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub async fn unpublish_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let note = match data.get_note_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if user.id != note.owner {
return Json(Error::NotAllowed.into());
}
// ...
match data.update_note_is_global(id, 0).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Note updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}

74
crates/app/src/routes/pages/journals.rs
View file

@ -81,7 +81,7 @@ pub async fn app_request(
};
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0.0, lang, &Some(user)).await;
let mut context = initial_context(&data.0.0.0, lang, &Some(user.clone())).await;
context.insert("selected_journal", &selected_journal);
context.insert("selected_note", &selected_note);
@ -89,6 +89,7 @@ pub async fn app_request(
context.insert("journal", &journal);
context.insert("note", &note);
context.insert("owner", &user);
context.insert("journals", &journals);
context.insert("notes", &notes);
@ -185,6 +186,10 @@ pub async fn view_request(
context.insert("selected_note", &0);
} else {
context.insert("selected_note", &selected_note);
context.insert(
"redis_views",
&data.0.get_note_views(note.as_ref().unwrap().id).await,
);
}
context.insert("journal", &journal);
@ -292,3 +297,70 @@ pub async fn index_view_request(
// return
Ok(Html(data.1.render("journals/app.html", &context).unwrap()))
}
/// `/x/{note}`
pub async fn global_view_request(
jar: CookieJar,
Extension(data): Extension<State>,
Path(mut selected_note): Path<String>,
) -> impl IntoResponse {
let data = data.read().await;
let user = match get_user_from_token!(jar, data.0) {
Some(ua) => Some(ua),
None => None,
};
if selected_note == "index" {
selected_note = String::new();
}
// if we don't have a selected journal, we shouldn't be here probably
if selected_note == "journal.css" {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &user).await,
));
}
// ...
let note = match data.0.get_global_note_by_title(&selected_note).await {
Ok(x) => x,
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
};
let journal = match data.0.get_journal_by_id(note.journal).await {
Ok(x) => x,
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
};
// get owner
let owner = match data.0.get_user_by_id(note.owner).await {
Ok(ua) => ua,
Err(e) => {
return Err(Html(render_error(e, &jar, &data, &user).await));
}
};
check_user_blocked_or_private!(user, owner, data, jar);
// ...
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0.0, lang, &user).await;
data.0.incr_note_views(note.id).await;
context.insert("selected_journal", &note.journal);
context.insert("selected_note", &selected_note);
context.insert("redis_views", &data.0.get_note_views(note.id).await);
context.insert("journal", &journal);
context.insert("note", &note);
context.insert("owner", &owner);
context.insert::<[i8; 0], &str>("notes", &[]);
context.insert("view_mode", &true);
context.insert("is_editor", &false);
context.insert("global_mode", &true);
// return
Ok(Html(data.1.render("journals/app.html", &context).unwrap()))
}

47
crates/app/src/routes/pages/links.rs
View file

@ -1,47 +0,0 @@
use axum::{
extract::Path,
response::{Html, IntoResponse},
Extension,
};
use axum_extra::extract::CookieJar;
use tetratto_core::model::{permissions::FinePermission, Error};
use crate::{get_user_from_token, State};
use super::render_error;
/// `/links/{id}`
pub async fn navigate_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = data.read().await;
let user = match get_user_from_token!(jar, data.0) {
Some(ua) => ua,
None => {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &None).await,
));
}
};
let link = match data.0.get_link_by_id(id).await {
Ok(x) => x,
Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
let owner = match data.0.get_user_by_id(link.owner).await {
Ok(x) => x,
Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
if owner.permissions.check(FinePermission::SUPPORTER) {
if let Err(e) = data.0.incr_link_clicks(link.id).await {
return Err(Html(render_error(e, &jar, &data, &Some(user)).await));
}
}
Ok(Html(format!(
"<!doctype html /><html><head><meta http-equiv=\"refresh\" content=\"0; url={}\" /></head><body>Navigating...</body></html>",
link.href
)))
}

4
crates/app/src/routes/pages/mod.rs
View file

@ -4,7 +4,6 @@ pub mod communities;
pub mod developer;
pub mod forge;
pub mod journals;
pub mod links;
pub mod misc;
pub mod mod_panel;
pub mod profile;
@ -138,8 +137,7 @@ pub fn routes() -> Router {
.route("/journals/{journal}/{note}", get(journals::app_request))
.route("/@{owner}/{journal}", get(journals::index_view_request))
.route("/@{owner}/{journal}/{note}", get(journals::view_request))
// links
.route("/links/{id}", get(links::navigate_request))
.route("/x/{note}", get(journals::global_view_request))
}
pub async fn render_error(