t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add: user account warnings

Browse source
This commit is contained in:
trisua 2025-04-11 22:12:43 -04:00
parent 535a854a47
commit 5995aaf31c
16 changed files with 459 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
crates/app/src/assets.rs
View file

@ -66,6 +66,7 @@ pub const MOD_REPORTS: &str = include_str!("./public/html/mod/reports.html");
pub const MOD_FILE_REPORT: &str = include_str!("./public/html/mod/file_report.html"); pub const MOD_FILE_REPORT: &str = include_str!("./public/html/mod/file_report.html");
pub const MOD_IP_BANS: &str = include_str!("./public/html/mod/ip_bans.html"); pub const MOD_IP_BANS: &str = include_str!("./public/html/mod/ip_bans.html");
pub const MOD_PROFILE: &str = include_str!("./public/html/mod/profile.html"); pub const MOD_PROFILE: &str = include_str!("./public/html/mod/profile.html");
pub const MOD_WARNINGS: &str = include_str!("./public/html/mod/warnings.html");
// langs // langs
pub const LANG_EN_US: &str = include_str!("./langs/en-US.toml"); pub const LANG_EN_US: &str = include_str!("./langs/en-US.toml");
@ -197,6 +198,7 @@ pub(crate) async fn write_assets(config: &Config) -> PathBufD {
write_template!(html_path->"mod/file_report.html"(crate::assets::MOD_FILE_REPORT) --config=config); write_template!(html_path->"mod/file_report.html"(crate::assets::MOD_FILE_REPORT) --config=config);
write_template!(html_path->"mod/ip_bans.html"(crate::assets::MOD_IP_BANS) --config=config); write_template!(html_path->"mod/ip_bans.html"(crate::assets::MOD_IP_BANS) --config=config);
write_template!(html_path->"mod/profile.html"(crate::assets::MOD_PROFILE) --config=config); write_template!(html_path->"mod/profile.html"(crate::assets::MOD_PROFILE) --config=config);
write_template!(html_path->"mod/warnings.html"(crate::assets::MOD_WARNINGS) --config=config);
html_path html_path
} }

2
crates/app/src/langs/en-US.toml
View file

@ -112,3 +112,5 @@ version = "1.0.0"
"mod_panel:label.open_reported_content" = "Open reported content" "mod_panel:label.open_reported_content" = "Open reported content"
"mod_panel:label.manage_profile" = "Manage profile" "mod_panel:label.manage_profile" = "Manage profile"
"mod_panel:label.permissions_level_builder" = "Permission level builder" "mod_panel:label.permissions_level_builder" = "Permission level builder"
"mod_panel:label.warnings" = "Warnings"
"mod_panel:label.create_warning" = "Create warning"

8
crates/app/src/public/html/mod/profile.html
View file

@ -22,6 +22,14 @@
<span>View settings</span> <span>View settings</span>
</a> </a>
<a
href="/mod_panel/profile/{{ profile.id }}/warnings"
class="button quaternary"
>
{{ icon "shield-alert" }}
<span>View warnings</span>
</a>
<button <button
class="red quaternary" class="red quaternary"
onclick="delete_account(event)" onclick="delete_account(event)"

132
crates/app/src/public/html/mod/warnings.html Normal file
View file

@ -0,0 +1,132 @@
{% extends "root.html" %} {% block head %}
<title>User warnings - {{ config.name }}</title>
{% endblock %} {% block body %} {{ macros::nav(selected="notifications") }}
<main class="flex flex-col gap-2">
<div class="card-nest">
<div class="card small flex items-center justify-between gap-2">
<span class="flex items-center gap-2">
{{ icon "gavel" }}
<span>{{ text "mod_panel:label.create_warning" }}</span>
</span>
<a
href="/mod_panel/profile/{{ profile.id }}"
class="button quaternary small red"
>
{{ icon "x" }}
<span>{{ text "dialog:action.cancel" }}</span>
</a>
</div>
<form
class="card flex flex-col gap-2"
onsubmit="create_warning_from_form(event)"
>
<div class="flex flex-col gap-1">
<label for="content"
>{{ text "communities:label.content" }}</label
>
<textarea
type="text"
name="content"
id="content"
placeholder="content"
required
minlength="2"
maxlength="4096"
></textarea>
</div>
<button class="primary">
{{ text "communities:action.create" }}
</button>
</form>
</div>
<div class="card-nest">
<div class="card small flex items-center justify-between gap-2">
<span class="flex items-center gap-2">
{{ icon "message-circle-warning" }}
<span>{{ text "mod_panel:label.warnings" }}</span>
</span>
</div>
<div class="card flex flex-col gap-4">
{% for item in items %}
<div class="card-nest">
<div class="card small flex items-center justify-between gap-2">
<a
class="flex items-center gap-2 flush"
href="/api/v1/auth/user/find/{{ item.moderator }}"
title="Moderator"
>
<!-- prettier-ignore -->
{{ components::avatar(username=item.moderator, selector_type="id") }}
<span>{{ item.moderator }}</span>
<span class="fade date">{{ item.created }}</span>
</a>
<button
class="small quaternary red"
onclick="remove_warning('{{ item.id }}')"
>
{{ icon "trash" }}
<span>{{ text "general:action.delete" }}</span>
</button>
</div>
<div class="card secondary flex flex-col gap-2">
<span class="no_p_margin"
>{{ item.content|markdown|safe }}</span
>
</div>
</div>
{% endfor %}
<!-- prettier-ignore -->
{{ components::pagination(page=page, items=items|length) }}
</div>
</div>
</main>
<script>
async function create_warning_from_form(e) {
e.preventDefault();
await trigger("atto::debounce", ["warnings::create"]);
fetch("/api/v1/warnings/{{ profile.id }}", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
content: e.target.content.value,
}),
})
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
if (res.ok) {
e.target.reset();
}
});
}
function remove_warning(id) {
fetch(`/api/v1/warnings/${id}`, {
method: "DELETE",
})
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
});
}
</script>
{% endblock %}

2
crates/app/src/routes/api/v1/auth/ipbans.rs
View file

@ -27,7 +27,7 @@ pub async fn create_request(
match data.create_ipban(IpBan::new(ip, user.id, req.reason)).await { match data.create_ipban(IpBan::new(ip, user.id, req.reason)).await {
Ok(_) => Json(ApiReturn { Ok(_) => Json(ApiReturn {
ok: true, ok: true,
message: "IP ban deleted".to_string(), message: "IP ban created".to_string(),
payload: (), payload: (),
}), }),
Err(e) => Json(e.into()), Err(e) => Json(e.into()),

1
crates/app/src/routes/api/v1/auth/mod.rs
View file

@ -2,6 +2,7 @@ pub mod images;
pub mod ipbans; pub mod ipbans;
pub mod profile; pub mod profile;
pub mod social; pub mod social;
pub mod user_warnings;
use super::{LoginProps, RegisterProps}; use super::{LoginProps, RegisterProps};
use crate::{ use crate::{

65
crates/app/src/routes/api/v1/auth/user_warnings.rs Normal file
View file

@ -0,0 +1,65 @@
use crate::{
get_user_from_token,
model::{ApiReturn, Error},
routes::api::v1::CreateUserWarning,
State,
};
use axum::{Extension, Json, extract::Path, response::IntoResponse};
use axum_extra::extract::CookieJar;
use tetratto_core::model::{auth::UserWarning, permissions::FinePermission};
/// Create a new user warning.
pub async fn create_request(
jar: CookieJar,
Path(uid): Path<usize>,
Extension(data): Extension<State>,
Json(req): Json<CreateUserWarning>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
if !user.permissions.check(FinePermission::MANAGE_BANS) {
return Json(Error::NotAllowed.into());
}
match data
.create_user_warning(UserWarning::new(uid, user.id, req.content))
.await
{
Ok(_) => Json(ApiReturn {
ok: true,
message: "User warning created".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
/// Delete the given user warning.
pub async fn delete_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
if !user.permissions.check(FinePermission::MANAGE_WARNINGS) {
return Json(Error::NotAllowed.into());
}
match data.delete_user_warning(id, user).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "User warning deleted".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}

11
crates/app/src/routes/api/v1/mod.rs
View file

@ -162,6 +162,12 @@ pub fn routes() -> Router {
"/auth/user/find_by_ip/{ip}", "/auth/user/find_by_ip/{ip}",
get(auth::profile::redirect_from_ip), get(auth::profile::redirect_from_ip),
) )
// warnings
.route("/warnings/{id}", post(auth::user_warnings::create_request))
.route(
"/warnings/{id}",
delete(auth::user_warnings::delete_request),
)
// notifications // notifications
.route( .route(
"/notifications/my", "/notifications/my",
@ -326,3 +332,8 @@ pub struct CreateIpBan {
pub struct DisableTotp { pub struct DisableTotp {
pub totp: String, pub totp: String,
} }
#[derive(Deserialize)]
pub struct CreateUserWarning {
pub content: String,
}

4
crates/app/src/routes/pages/mod.rs
View file

@ -35,6 +35,10 @@ pub fn routes() -> Router {
"/mod_panel/profile/{id}", "/mod_panel/profile/{id}",
get(mod_panel::manage_profile_request), get(mod_panel::manage_profile_request),
) )
.route(
"/mod_panel/profile/{id}/warnings",
get(mod_panel::manage_profile_warnings_request),
)
// auth // auth
.route("/auth/register", get(auth::register_request)) .route("/auth/register", get(auth::register_request))
.route("/auth/login", get(auth::login_request)) .route("/auth/login", get(auth::login_request))

48
crates/app/src/routes/pages/mod_panel.rs
View file

@ -184,3 +184,51 @@ pub async fn manage_profile_request(
// return // return
Ok(Html(data.1.render("mod/profile.html", &context).unwrap())) Ok(Html(data.1.render("mod/profile.html", &context).unwrap()))
} }
/// `/mod_panel/profile/{id}/warnings`
pub async fn manage_profile_warnings_request(
jar: CookieJar,
Extension(data): Extension<State>,
Path(id): Path<usize>,
Query(req): Query<PaginatedQuery>,
) -> impl IntoResponse {
let data = data.read().await;
let user = match get_user_from_token!(jar, data.0) {
Some(ua) => ua,
None => {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &None).await,
));
}
};
if !user.permissions.check(FinePermission::MANAGE_USERS) {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &None).await,
));
}
let profile = match data.0.get_user_by_id(id).await {
Ok(p) => p,
Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
let list = match data
.0
.get_user_warnings_by_user(profile.id, 12, req.page)
.await
{
Ok(p) => p,
Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &Some(user)).await;
context.insert("profile", &profile);
context.insert("items", &list);
context.insert("page", &req.page);
// return
Ok(Html(data.1.render("mod/warnings.html", &context).unwrap()))
}

1
crates/core/src/database/common.rs
View file

@ -24,6 +24,7 @@ impl DataManager {
execute!(&conn, common::CREATE_TABLE_IPBANS).unwrap(); execute!(&conn, common::CREATE_TABLE_IPBANS).unwrap();
execute!(&conn, common::CREATE_TABLE_AUDIT_LOG).unwrap(); execute!(&conn, common::CREATE_TABLE_AUDIT_LOG).unwrap();
execute!(&conn, common::CREATE_TABLE_REPORTS).unwrap(); execute!(&conn, common::CREATE_TABLE_REPORTS).unwrap();
execute!(&conn, common::CREATE_TABLE_USER_WARNINGS).unwrap();
Ok(()) Ok(())
} }

1
crates/core/src/database/drivers/common.rs
View file

@ -9,3 +9,4 @@ pub const CREATE_TABLE_USERBLOCKS: &str = include_str!("./sql/create_userblocks.
pub const CREATE_TABLE_IPBANS: &str = include_str!("./sql/create_ipbans.sql"); pub const CREATE_TABLE_IPBANS: &str = include_str!("./sql/create_ipbans.sql");
pub const CREATE_TABLE_AUDIT_LOG: &str = include_str!("./sql/create_audit_log.sql"); pub const CREATE_TABLE_AUDIT_LOG: &str = include_str!("./sql/create_audit_log.sql");
pub const CREATE_TABLE_REPORTS: &str = include_str!("./sql/create_reports.sql"); pub const CREATE_TABLE_REPORTS: &str = include_str!("./sql/create_reports.sql");
pub const CREATE_TABLE_USER_WARNINGS: &str = include_str!("./sql/create_user_warnings.sql");

7
crates/core/src/database/drivers/sql/create_user_warnings.sql Normal file
View file

@ -0,0 +1,7 @@
CREATE TABLE IF NOT EXISTS user_warnings (
id BIGINT NOT NULL PRIMARY KEY,
created BIGINT NOT NULL,
receiver BIGINT NOT NULL,
moderator BIGINT NOT NULL,
content TEXT NOT NULL
)

1
crates/core/src/database/mod.rs
View file

@ -9,6 +9,7 @@ mod notifications;
mod posts; mod posts;
mod reactions; mod reactions;
mod reports; mod reports;
mod user_warnings;
mod userblocks; mod userblocks;
mod userfollows; mod userfollows;

150
crates/core/src/database/user_warnings.rs Normal file
View file

@ -0,0 +1,150 @@
use super::*;
use crate::cache::Cache;
use crate::model::auth::{Notification, UserWarning};
use crate::model::moderation::AuditLogEntry;
use crate::model::{Error, Result, auth::User, permissions::FinePermission};
use crate::{auto_method, execute, get, query_row, query_rows, params};
#[cfg(feature = "sqlite")]
use rusqlite::Row;
#[cfg(feature = "postgres")]
use tokio_postgres::Row;
impl DataManager {
/// Get a [`UserWarning`] from an SQL row.
pub(crate) fn get_user_warning_from_row(
#[cfg(feature = "sqlite")] x: &Row<'_>,
#[cfg(feature = "postgres")] x: &Row,
) -> UserWarning {
UserWarning {
id: get!(x->0(i64)) as usize,
created: get!(x->1(i64)) as usize,
receiver: get!(x->2(i64)) as usize,
moderator: get!(x->3(i64)) as usize,
content: get!(x->4(String)),
}
}
auto_method!(get_user_warning_by_ip(&str)@get_user_warning_from_row -> "SELECT * FROM user_warning WHERE ip = $1" --name="user warning" --returns=UserWarning --cache-key-tmpl="atto.user_warning:{}");
/// Get all user warnings by user (paginated).
///
/// # Arguments
/// * `user` - the ID of the user to fetch warnings for
/// * `batch` - the limit of items in each page
/// * `page` - the page number
pub async fn get_user_warnings_by_user(
&self,
user: usize,
batch: usize,
page: usize,
) -> Result<Vec<UserWarning>> {
let conn = match self.connect().await {
Ok(c) => c,
Err(e) => return Err(Error::DatabaseConnection(e.to_string())),
};
let res = query_rows!(
&conn,
"SELECT * FROM user_warnings WHERE receiver = $1 ORDER BY created DESC LIMIT $2 OFFSET $3",
&[&(user as i64), &(batch as i64), &((page * batch) as i64)],
|x| { Self::get_user_warning_from_row(x) }
);
if res.is_err() {
return Err(Error::GeneralNotFound("user warning".to_string()));
}
Ok(res.unwrap())
}
/// Create a new user warning in the database.
///
/// # Arguments
/// * `data` - a mock [`UserWarning`] object to insert
pub async fn create_user_warning(&self, data: UserWarning) -> Result<()> {
let user = self.get_user_by_id(data.moderator).await?;
// ONLY moderators can create warnings
if !user.permissions.check(FinePermission::MANAGE_WARNINGS) {
return Err(Error::NotAllowed);
}
let conn = match self.connect().await {
Ok(c) => c,
Err(e) => return Err(Error::DatabaseConnection(e.to_string())),
};
let res = execute!(
&conn,
"INSERT INTO user_warnings VALUES ($1, $2, $3, $4, $5)",
params![
&(data.id as i64),
&(data.created as i64),
&(data.receiver as i64),
&(data.moderator as i64),
&data.content
]
);
if let Err(e) = res {
return Err(Error::DatabaseError(e.to_string()));
}
// create audit log entry
self.create_audit_log_entry(AuditLogEntry::new(
user.id,
format!(
"invoked `create_user_warning` with x value `{}`",
data.receiver
),
))
.await?;
// send notification
self.create_notification(Notification::new(
"You have received a new account warning.".to_string(),
data.content,
data.receiver,
))
.await?;
// return
Ok(())
}
pub async fn delete_user_warning(&self, id: usize, user: User) -> Result<()> {
// ONLY moderators can manage warnings
if !user.permissions.check(FinePermission::MANAGE_WARNINGS) {
return Err(Error::NotAllowed);
}
let conn = match self.connect().await {
Ok(c) => c,
Err(e) => return Err(Error::DatabaseConnection(e.to_string())),
};
let res = execute!(
&conn,
"DELETE FROM user_warnings WHERE id = $1",
&[&(id as i64)]
);
if let Err(e) = res {
return Err(Error::DatabaseError(e.to_string()));
}
self.2.remove(format!("atto.user_warning:{}", id)).await;
// create audit log entry
self.create_audit_log_entry(AuditLogEntry::new(
user.id,
format!("invoked `delete_user_warning` with x value `{id}`"),
))
.await?;
// return
Ok(())
}
}

25
crates/core/src/model/auth.rs
View file

@ -351,3 +351,28 @@ impl IpBan {
} }
} }
} }
#[derive(Serialize, Deserialize)]
pub struct UserWarning {
pub id: usize,
pub created: usize,
pub receiver: usize,
pub moderator: usize,
pub content: String,
}
impl UserWarning {
/// Create a new [`UserWarning`].
pub fn new(user: usize, moderator: usize, content: String) -> Self {
Self {
id: AlmostSnowflake::new(1234567890)
.to_string()
.parse::<usize>()
.unwrap(),
created: unix_epoch_timestamp() as usize,
receiver: user,
moderator,
content,
}
}
}