add: full journals api

add: full notes api
2025-06-18 21:00:07 -04:00 · 2025-06-18 21:00:07 -04:00 · 42421bd906
commit 42421bd906
parent 102ea0ee35
11 changed files with 476 additions and 12 deletions
--- a/crates/app/src/routes/api/v1/notes.rs
+++ b/crates/app/src/routes/api/v1/notes.rs
@ -0,0 +1,182 @@
+use axum::{
+    response::IntoResponse,
+    extract::{Json, Path},
+    Extension,
+};
+use axum_extra::extract::CookieJar;
+use crate::{
+    get_user_from_token,
+    routes::api::v1::{CreateNote, UpdateNoteContent, UpdateNoteTitle},
+    State,
+};
+use tetratto_core::model::{
+    journals::{JournalPrivacyPermission, Note},
+    oauth,
+    permissions::FinePermission,
+    ApiReturn, Error,
+};
+
+pub async fn get_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let note = match data.get_note_by_id(id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    let journal = match data.get_journal_by_id(note.id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    if journal.privacy == JournalPrivacyPermission::Private
+        && user.id != journal.owner
+        && !user.permissions.contains(FinePermission::MANAGE_JOURNALS)
+    {
+        return Json(Error::NotAllowed.into());
+    }
+
+    Json(ApiReturn {
+        ok: true,
+        message: "Success".to_string(),
+        payload: Some(note),
+    })
+}
+
+pub async fn list_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadJournals) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let journal = match data.get_journal_by_id(id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    if journal.privacy == JournalPrivacyPermission::Private
+        && user.id != journal.owner
+        && !user.permissions.contains(FinePermission::MANAGE_JOURNALS)
+    {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data.get_notes_by_journal(id).await {
+        Ok(x) => Json(ApiReturn {
+            ok: true,
+            message: "Success".to_string(),
+            payload: Some(x),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn create_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Json(props): Json<CreateNote>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateNotes) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data
+        .create_note(Note::new(
+            user.id,
+            props.title,
+            match props.journal.parse() {
+                Ok(x) => x,
+                Err(_) => return Json(Error::Unknown.into()),
+            },
+            props.content,
+        ))
+        .await
+    {
+        Ok(x) => Json(ApiReturn {
+            ok: true,
+            message: "Note created".to_string(),
+            payload: Some(x),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn update_title_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(props): Json<UpdateNoteTitle>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.update_note_title(id, &user, &props.title).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Note updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn update_content_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(props): Json<UpdateNoteContent>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.update_note_content(id, &user, &props.content).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Note updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn delete_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.delete_note(id, &user).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Note deleted".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}