add: user account warnings

crates/app/src/routes/api/v1/auth/ipbans.rs

@@ -27,7 +27,7 @@ pub async fn create_request(
     match data.create_ipban(IpBan::new(ip, user.id, req.reason)).await {
         Ok(_) => Json(ApiReturn {
             ok: true,
-            message: "IP ban deleted".to_string(),
+            message: "IP ban created".to_string(),
             payload: (),
         }),
         Err(e) => Json(e.into()),

crates/app/src/routes/api/v1/auth/mod.rs

@@ -2,6 +2,7 @@ pub mod images;
 pub mod ipbans;
 pub mod profile;
 pub mod social;
+pub mod user_warnings;
 
 use super::{LoginProps, RegisterProps};
 use crate::{

crates/app/src/routes/api/v1/auth/user_warnings.rs

@@ -0,0 +1,65 @@
+use crate::{
+    get_user_from_token,
+    model::{ApiReturn, Error},
+    routes::api::v1::CreateUserWarning,
+    State,
+};
+use axum::{Extension, Json, extract::Path, response::IntoResponse};
+use axum_extra::extract::CookieJar;
+use tetratto_core::model::{auth::UserWarning, permissions::FinePermission};
+
+/// Create a new user warning.
+pub async fn create_request(
+    jar: CookieJar,
+    Path(uid): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(req): Json<CreateUserWarning>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    if !user.permissions.check(FinePermission::MANAGE_BANS) {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data
+        .create_user_warning(UserWarning::new(uid, user.id, req.content))
+        .await
+    {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "User warning created".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+/// Delete the given user warning.
+pub async fn delete_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    if !user.permissions.check(FinePermission::MANAGE_WARNINGS) {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data.delete_user_warning(id, user).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "User warning deleted".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}