t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity Actions

add: implement 9 new scopes, 21 new api endpoints

Browse source
This commit is contained in:
trisua 2025-06-13 17:47:00 -04:00
parent c3139ef1d2
commit 8f16068a34
14 changed files with 973 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

89
crates/app/src/routes/api/v1/auth/social.rs
View file

@ -1,10 +1,19 @@
use crate::{
State, get_user_from_token,
check_user_blocked_or_private, get_user_from_token,
model::{ApiReturn, Error},
routes::pages::PaginatedQuery,
State,
};
use axum::{
extract::{Path, Query},
response::IntoResponse,
Extension, Json,
};
use axum::{Extension, Json, extract::Path, response::IntoResponse};
use axum_extra::extract::CookieJar;
use tetratto_core::model::auth::{FollowResult, IpBlock, Notification, UserBlock, UserFollow};
use tetratto_core::model::{
auth::{FollowResult, IpBlock, Notification, UserBlock, UserFollow},
oauth,
};
/// Toggle following on the given user.
pub async fn follow_request(
@ -13,7 +22,7 @@ pub async fn follow_request(
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageFollowing) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
@ -74,7 +83,7 @@ pub async fn cancel_follow_request(
Path(id): Path<usize>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageFollowing) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
@ -95,7 +104,7 @@ pub async fn accept_follow_request(
Path(id): Path<usize>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageFollowers) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
@ -142,7 +151,7 @@ pub async fn block_request(
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageBlocks) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
@ -205,7 +214,7 @@ pub async fn ip_block_request(
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateIpBlock) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
@ -232,3 +241,67 @@ pub async fn ip_block_request(
}
}
}
/// Get the followers of the given user.
pub async fn followers_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
Query(props): Query<PaginatedQuery>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadProfiles) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let other_user = match data.get_user_by_id(id).await {
Ok(ua) => ua,
Err(e) => return Json(e.into()),
};
check_user_blocked_or_private!(Some(&user), other_user, data, @api);
match data.get_userfollows_by_receiver(id, 12, props.page).await {
Ok(f) => Json(ApiReturn {
ok: true,
message: "Success".to_string(),
payload: match data.fill_userfollows_with_initiator(f).await {
Ok(f) => Some(data.userfollows_user_filter(&f)),
Err(e) => return Json(e.into()),
},
}),
Err(e) => Json(e.into()),
}
}
/// Get the following of the given user.
pub async fn following_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
Query(props): Query<PaginatedQuery>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadProfiles) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let other_user = match data.get_user_by_id(id).await {
Ok(ua) => ua,
Err(e) => return Json(e.into()),
};
check_user_blocked_or_private!(Some(&user), other_user, data, @api);
match data.get_userfollows_by_initiator(id, 12, props.page).await {
Ok(f) => Json(ApiReturn {
ok: true,
message: "Success".to_string(),
payload: match data.fill_userfollows_with_receiver(f).await {
Ok(f) => Some(data.userfollows_user_filter(&f)),
Err(e) => return Json(e.into()),
},
}),
Err(e) => Json(e.into()),
}
}

69
crates/app/src/routes/api/v1/auth/user_warnings.rs
View file

@ -1,12 +1,16 @@
use crate::{
get_user_from_token,
model::{ApiReturn, Error},
routes::api::v1::CreateUserWarning,
routes::{api::v1::CreateUserWarning, pages::PaginatedQuery},
State,
};
use axum::{Extension, Json, extract::Path, response::IntoResponse};
use axum::{
extract::{Path, Query},
response::IntoResponse,
Extension, Json,
};
use axum_extra::extract::CookieJar;
use tetratto_core::model::{auth::UserWarning, permissions::FinePermission};
use tetratto_core::model::{auth::UserWarning, oauth, permissions::FinePermission};
/// Create a new user warning.
pub async fn create_request(
@ -16,7 +20,7 @@ pub async fn create_request(
Json(req): Json<CreateUserWarning>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
let user = match get_user_from_token!(jar, data, oauth::AppScope::ModManageWarnings) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
@ -45,7 +49,7 @@ pub async fn delete_request(
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
let user = match get_user_from_token!(jar, data, oauth::AppScope::ModManageWarnings) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
@ -63,3 +67,58 @@ pub async fn delete_request(
Err(e) => Json(e.into()),
}
}
/// Get all warnings for the given user.
pub async fn on_user_request(
jar: CookieJar,
Extension(data): Extension<State>,
Query(props): Query<PaginatedQuery>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::ModManageWarnings) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
if !user.permissions.check(FinePermission::MANAGE_WARNINGS) {
return Json(Error::NotAllowed.into());
}
match data
.get_user_warnings_by_user(user.id, 12, props.page)
.await
{
Ok(w) => Json(ApiReturn {
ok: true,
message: "Success".to_string(),
payload: Some(w),
}),
Err(e) => Json(e.into()),
}
}
/// Get a single warning.
pub async fn get_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::ModManageWarnings) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
if !user.permissions.check(FinePermission::MANAGE_WARNINGS) {
return Json(Error::NotAllowed.into());
}
match data.get_user_warning_by_id(id).await {
Ok(w) => Json(ApiReturn {
ok: true,
message: "Success".to_string(),
payload: Some(w),
}),
Err(e) => Json(e.into()),
}
}