add: full journals api

add: full notes api
2025-06-18 21:00:07 -04:00 · 2025-06-18 21:00:07 -04:00 · 42421bd906
commit 42421bd906
parent 102ea0ee35
11 changed files with 476 additions and 12 deletions
--- a/crates/app/src/public/html/components.lisp
+++ b/crates/app/src/public/html/components.lisp
@ -1019,6 +1019,18 @@
        ("data-turbo" "false")
        (icon (text "rabbit"))
        (str (text "general:link.reference")))
+
+    (a
+        ("href" "{{ config.policies.terms_of_service }}")
+        ("class" "button")
+        (icon (text "heart-handshake"))
+        (text "Terms of service"))
+
+    (a
+        ("href" "{{ config.policies.privacy }}")
+        ("class" "button")
+        (icon (text "cookie"))
+        (text "Privacy policy"))
    (b ("class" "title") (str (text "general:label.account")))
    (button
        ("onclick" "trigger('me::switch_account')")
--- a/crates/app/src/routes/api/v1/journals.rs
+++ b/crates/app/src/routes/api/v1/journals.rs
@ -0,0 +1,153 @@
+use axum::{
+    response::IntoResponse,
+    extract::{Json, Path},
+    Extension,
+};
+use axum_extra::extract::CookieJar;
+use crate::{
+    get_user_from_token,
+    routes::api::v1::{UpdateJournalView, CreateJournal, UpdateJournalTitle},
+    State,
+};
+use tetratto_core::model::{
+    journals::{Journal, JournalPrivacyPermission},
+    oauth,
+    permissions::FinePermission,
+    ApiReturn, Error,
+};
+
+pub async fn get_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let journal = match data.get_journal_by_id(id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    if journal.privacy == JournalPrivacyPermission::Private
+        && user.id != journal.owner
+        && !user.permissions.contains(FinePermission::MANAGE_JOURNALS)
+    {
+        return Json(Error::NotAllowed.into());
+    }
+
+    Json(ApiReturn {
+        ok: true,
+        message: "Success".to_string(),
+        payload: Some(journal),
+    })
+}
+
+pub async fn list_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.get_journals_by_user(user.id).await {
+        Ok(x) => Json(ApiReturn {
+            ok: true,
+            message: "Success".to_string(),
+            payload: Some(x),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn create_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Json(props): Json<CreateJournal>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data
+        .create_journal(Journal::new(user.id, props.title))
+        .await
+    {
+        Ok(x) => Json(ApiReturn {
+            ok: true,
+            message: "Journal created".to_string(),
+            payload: Some(x),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn update_title_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(props): Json<UpdateJournalTitle>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.update_journal_title(id, &user, &props.title).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Journal updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn update_privacy_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(props): Json<UpdateJournalView>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.update_journal_privacy(id, &user, props.view).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Journal updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn delete_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.delete_journal(id, &user).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Journal deleted".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
--- a/crates/app/src/routes/api/v1/mod.rs
+++ b/crates/app/src/routes/api/v1/mod.rs
@ -2,6 +2,8 @@ pub mod apps;
 pub mod auth;
 pub mod channels;
 pub mod communities;
+pub mod journals;
+pub mod notes;
 pub mod notifications;
 pub mod reactions;
 pub mod reports;
@ -22,6 +24,7 @@ use tetratto_core::model::{
        PollOption, PostContext,
    },
    communities_permissions::CommunityPermission,
+    journals::JournalPrivacyPermission,
    oauth::AppScope,
    permissions::FinePermission,
    reactions::AssetType,
@ -530,7 +533,9 @@ pub fn routes() -> Router {
            delete(communities::emojis::delete_request),
        )
        // stacks
+        .route("/stacks", get(stacks::list_request))
        .route("/stacks", post(stacks::create_request))
+        .route("/stacks/{id}", get(stacks::get_request))
        .route("/stacks/{id}/name", post(stacks::update_name_request))
        .route("/stacks/{id}/privacy", post(stacks::update_privacy_request))
        .route("/stacks/{id}/mode", post(stacks::update_mode_request))
@ -541,6 +546,23 @@ pub fn routes() -> Router {
        .route("/stacks/{id}/block", post(stacks::block_request))
        .route("/stacks/{id}/block", delete(stacks::unblock_request))
        .route("/stacks/{id}", delete(stacks::delete_request))
+        // journals
+        .route("/journals", get(journals::list_request))
+        .route("/journals", post(journals::create_request))
+        .route("/journals/{id}", get(journals::get_request))
+        .route("/journals/{id}", delete(journals::delete_request))
+        .route("/journals/{id}/title", post(journals::update_title_request))
+        .route(
+            "/journals/{id}/privacy",
+            post(journals::update_privacy_request),
+        )
+        // notes
+        .route("/notes", post(notes::create_request))
+        .route("/notes/{id}", get(notes::get_request))
+        .route("/notes/{id}", delete(notes::delete_request))
+        .route("/notes/{id}/title", post(notes::update_title_request))
+        .route("/notes/{id}/content", post(notes::update_content_request))
+        .route("/notes/from_journal/{id}", get(notes::list_request))
        // uploads
        .route("/uploads/{id}", get(uploads::get_request))
        .route("/uploads/{id}", delete(uploads::delete_request))
@ -846,3 +868,35 @@ pub struct CreateGrant {
 pub struct RefreshGrantToken {
    pub verifier: String,
 }
+
+#[derive(Deserialize)]
+pub struct CreateJournal {
+    pub title: String,
+}
+
+#[derive(Deserialize)]
+pub struct CreateNote {
+    pub title: String,
+    pub content: String,
+    pub journal: String,
+}
+
+#[derive(Deserialize)]
+pub struct UpdateJournalTitle {
+    pub title: String,
+}
+
+#[derive(Deserialize)]
+pub struct UpdateJournalView {
+    pub view: JournalPrivacyPermission,
+}
+
+#[derive(Deserialize)]
+pub struct UpdateNoteTitle {
+    pub title: String,
+}
+
+#[derive(Deserialize)]
+pub struct UpdateNoteContent {
+    pub content: String,
+}
--- a/crates/app/src/routes/api/v1/notes.rs
+++ b/crates/app/src/routes/api/v1/notes.rs
@ -0,0 +1,182 @@
+use axum::{
+    response::IntoResponse,
+    extract::{Json, Path},
+    Extension,
+};
+use axum_extra::extract::CookieJar;
+use crate::{
+    get_user_from_token,
+    routes::api::v1::{CreateNote, UpdateNoteContent, UpdateNoteTitle},
+    State,
+};
+use tetratto_core::model::{
+    journals::{JournalPrivacyPermission, Note},
+    oauth,
+    permissions::FinePermission,
+    ApiReturn, Error,
+};
+
+pub async fn get_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let note = match data.get_note_by_id(id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    let journal = match data.get_journal_by_id(note.id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    if journal.privacy == JournalPrivacyPermission::Private
+        && user.id != journal.owner
+        && !user.permissions.contains(FinePermission::MANAGE_JOURNALS)
+    {
+        return Json(Error::NotAllowed.into());
+    }
+
+    Json(ApiReturn {
+        ok: true,
+        message: "Success".to_string(),
+        payload: Some(note),
+    })
+}
+
+pub async fn list_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let journal = match data.get_journal_by_id(id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    if journal.privacy == JournalPrivacyPermission::Private
+        && user.id != journal.owner
+        && !user.permissions.contains(FinePermission::MANAGE_JOURNALS)
+    {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data.get_notes_by_journal(id).await {
+        Ok(x) => Json(ApiReturn {
+            ok: true,
+            message: "Success".to_string(),
+            payload: Some(x),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn create_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Json(props): Json<CreateNote>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateNotes) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data
+        .create_note(Note::new(
+            user.id,
+            props.title,
+            match props.journal.parse() {
+                Ok(x) => x,
+                Err(_) => return Json(Error::Unknown.into()),
+            },
+            props.content,
+        ))
+        .await
+    {
+        Ok(x) => Json(ApiReturn {
+            ok: true,
+            message: "Note created".to_string(),
+            payload: Some(x),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn update_title_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(props): Json<UpdateNoteTitle>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.update_note_title(id, &user, &props.title).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Note updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn update_content_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(props): Json<UpdateNoteContent>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.update_note_content(id, &user, &props.content).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Note updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn delete_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.delete_note(id, &user).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Note deleted".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
--- a/crates/app/src/routes/api/v1/stacks.rs
+++ b/crates/app/src/routes/api/v1/stacks.rs
@ -19,6 +19,54 @@ use super::{
    UpdateStackSort,
 };

+pub async fn get_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadStacks) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let stack = match data.get_stack_by_id(id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    if stack.privacy == StackPrivacy::Private
+        && user.id != stack.owner
+        && ((stack.mode != StackMode::Circle) | stack.users.contains(&user.id))
+        && !user.permissions.check(FinePermission::MANAGE_STACKS)
+    {
+        return Json(Error::NotAllowed.into());
+    }
+
+    Json(ApiReturn {
+        ok: true,
+        message: "Success".to_string(),
+        payload: Some(stack),
+    })
+}
+
+pub async fn list_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadStacks) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.get_stacks_by_user(user.id).await {
+        Ok(x) => Json(ApiReturn {
+            ok: true,
+            message: "Success".to_string(),
+            payload: Some(x),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
 pub async fn create_request(
    jar: CookieJar,
    Extension(data): Extension<State>,