add: user account warnings

2025-04-11 22:12:43 -04:00 · 2025-04-11 22:12:43 -04:00 · 5995aaf31c
commit 5995aaf31c
parent 535a854a47
16 changed files with 459 additions and 1 deletions
--- a/crates/app/src/routes/api/v1/auth/ipbans.rs
+++ b/crates/app/src/routes/api/v1/auth/ipbans.rs
@ -27,7 +27,7 @@ pub async fn create_request(
    match data.create_ipban(IpBan::new(ip, user.id, req.reason)).await {
        Ok(_) => Json(ApiReturn {
            ok: true,
-            message: "IP ban deleted".to_string(),
+            message: "IP ban created".to_string(),
            payload: (),
        }),
        Err(e) => Json(e.into()),
--- a/crates/app/src/routes/api/v1/auth/mod.rs
+++ b/crates/app/src/routes/api/v1/auth/mod.rs
@ -2,6 +2,7 @@ pub mod images;
 pub mod ipbans;
 pub mod profile;
 pub mod social;
+pub mod user_warnings;

 use super::{LoginProps, RegisterProps};
 use crate::{
--- a/crates/app/src/routes/api/v1/auth/user_warnings.rs
+++ b/crates/app/src/routes/api/v1/auth/user_warnings.rs
@ -0,0 +1,65 @@
+use crate::{
+    get_user_from_token,
+    model::{ApiReturn, Error},
+    routes::api::v1::CreateUserWarning,
+    State,
+};
+use axum::{Extension, Json, extract::Path, response::IntoResponse};
+use axum_extra::extract::CookieJar;
+use tetratto_core::model::{auth::UserWarning, permissions::FinePermission};
+
+/// Create a new user warning.
+pub async fn create_request(
+    jar: CookieJar,
+    Path(uid): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(req): Json<CreateUserWarning>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    if !user.permissions.check(FinePermission::MANAGE_BANS) {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data
+        .create_user_warning(UserWarning::new(uid, user.id, req.content))
+        .await
+    {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "User warning created".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+/// Delete the given user warning.
+pub async fn delete_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    if !user.permissions.check(FinePermission::MANAGE_WARNINGS) {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data.delete_user_warning(id, user).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "User warning deleted".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
--- a/crates/app/src/routes/api/v1/mod.rs
+++ b/crates/app/src/routes/api/v1/mod.rs
@ -162,6 +162,12 @@ pub fn routes() -> Router {
            "/auth/user/find_by_ip/{ip}",
            get(auth::profile::redirect_from_ip),
        )
+        // warnings
+        .route("/warnings/{id}", post(auth::user_warnings::create_request))
+        .route(
+            "/warnings/{id}",
+            delete(auth::user_warnings::delete_request),
+        )
        // notifications
        .route(
            "/notifications/my",
@ -326,3 +332,8 @@ pub struct CreateIpBan {
 pub struct DisableTotp {
    pub totp: String,
 }
+
+#[derive(Deserialize)]
+pub struct CreateUserWarning {
+    pub content: String,
+}
--- a/crates/app/src/routes/pages/mod.rs
+++ b/crates/app/src/routes/pages/mod.rs
@ -35,6 +35,10 @@ pub fn routes() -> Router {
            "/mod_panel/profile/{id}",
            get(mod_panel::manage_profile_request),
        )
+        .route(
+            "/mod_panel/profile/{id}/warnings",
+            get(mod_panel::manage_profile_warnings_request),
+        )
        // auth
        .route("/auth/register", get(auth::register_request))
        .route("/auth/login", get(auth::login_request))
--- a/crates/app/src/routes/pages/mod_panel.rs
+++ b/crates/app/src/routes/pages/mod_panel.rs
@ -184,3 +184,51 @@ pub async fn manage_profile_request(
    // return
    Ok(Html(data.1.render("mod/profile.html", &context).unwrap()))
 }
+
+/// `/mod_panel/profile/{id}/warnings`
+pub async fn manage_profile_warnings_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Path(id): Path<usize>,
+    Query(req): Query<PaginatedQuery>,
+) -> impl IntoResponse {
+    let data = data.read().await;
+    let user = match get_user_from_token!(jar, data.0) {
+        Some(ua) => ua,
+        None => {
+            return Err(Html(
+                render_error(Error::NotAllowed, &jar, &data, &None).await,
+            ));
+        }
+    };
+
+    if !user.permissions.check(FinePermission::MANAGE_USERS) {
+        return Err(Html(
+            render_error(Error::NotAllowed, &jar, &data, &None).await,
+        ));
+    }
+
+    let profile = match data.0.get_user_by_id(id).await {
+        Ok(p) => p,
+        Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
+    };
+
+    let list = match data
+        .0
+        .get_user_warnings_by_user(profile.id, 12, req.page)
+        .await
+    {
+        Ok(p) => p,
+        Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
+    };
+
+    let lang = get_lang!(jar, data.0);
+    let mut context = initial_context(&data.0.0, lang, &Some(user)).await;
+
+    context.insert("profile", &profile);
+    context.insert("items", &list);
+    context.insert("page", &req.page);
+
+    // return
+    Ok(Html(data.1.render("mod/warnings.html", &context).unwrap()))
+}