add: user associations

crates/app/src/routes/api/v1/auth/profile.rs

@@ -3,8 +3,8 @@ use crate::{
     get_user_from_token,
     model::{ApiReturn, Error},
     routes::api::v1::{
-        DeleteUser, DisableTotp, UpdateUserIsVerified, UpdateUserPassword, UpdateUserRole,
-        UpdateUserUsername,
+        AppendAssociations, DeleteUser, DisableTotp, UpdateUserIsVerified, UpdateUserPassword,
+        UpdateUserRole, UpdateUserUsername,
     },
     State,
 };
@@ -30,6 +30,7 @@ use tetratto_core::{
 
 #[cfg(feature = "redis")]
 use redis::Commands;
+use tetratto_shared::hash;
 
 pub async fn redirect_from_id(
     Extension(data): Extension<State>,
@@ -137,6 +138,53 @@ pub async fn update_user_settings_request(
     }
 }
 
+/// Append associations to the current user.
+pub async fn append_associations_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Json(req): Json<AppendAssociations>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let mut user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    // check existing associations to remove associations to deleted users
+    // the user should take care of cleaning their ui themselves
+    for (idx, id) in user.associated.clone().iter().enumerate() {
+        if data.get_user_by_id(id.to_owned()).await.is_err() {
+            user.associated.remove(idx);
+        }
+    }
+
+    // resolve tokens
+    for token in req.tokens {
+        let hashed = hash::hash(token);
+        let user_from_token = match data.get_user_by_token(&hashed).await {
+            Ok(ua) => ua,
+            Err(_) => continue,
+        };
+
+        if user.associated.contains(&user_from_token.id) {
+            // we already know about this; skip
+            continue;
+        }
+
+        user.associated.push(user_from_token.id);
+    }
+
+    // ...
+    match data.update_user_associated(user.id, user.associated).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Associations updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
 /// Update the password of the given user.
 pub async fn update_user_password_request(
     jar: CookieJar,

crates/app/src/routes/api/v1/mod.rs

@@ -12,7 +12,7 @@ pub mod util;
 pub mod channels;
 
 use axum::{
-    routing::{any, delete, get, post},
+    routing::{any, delete, get, post, put},
     Router,
 };
 use serde::Deserialize;
@@ -207,6 +207,10 @@ pub fn routes() -> Router {
             get(auth::profile::has_totp_enabled_request),
         )
         .route("/auth/user/me/seen", post(auth::profile::seen_request))
+        .route(
+            "/auth/user/me/append_associations",
+            put(auth::profile::append_associations_request),
+        )
         .route("/auth/user/find/{id}", get(auth::profile::redirect_from_id))
         .route(
             "/auth/user/find_by_ip/{ip}",
@@ -618,3 +622,8 @@ pub struct CreatePostDraft {
 pub struct VoteInPoll {
     pub option: PollOption,
 }
+
+#[derive(Deserialize)]
+pub struct AppendAssociations {
+    pub tokens: Vec<String>,
+}

crates/app/src/routes/pages/mod_panel.rs

@@ -180,9 +180,25 @@ pub async fn manage_profile_request(
         Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
     };
 
+    let associations = {
+        let mut out = Vec::new();
+
+        for id in &profile.associated {
+            out.push(match data.0.get_user_by_id(id.to_owned()).await {
+                Ok(ua) => ua,
+                // TODO: remove from associated on error
+                Err(_) => continue,
+            });
+        }
+
+        out
+    };
+
     let lang = get_lang!(jar, data.0);
     let mut context = initial_context(&data.0.0, lang, &Some(user)).await;
+
     context.insert("profile", &profile);
+    context.insert("associations", &associations);
 
     // return
     Ok(Html(data.1.render("mod/profile.html", &context).unwrap()))