add: audit log and reports table

TODO: audit log/reports UIs
2025-04-01 23:16:09 -04:00 · 2025-04-01 23:16:09 -04:00 · b2df2739a7
commit b2df2739a7
parent 9a9b72bdbb
16 changed files with 387 additions and 6 deletions
--- a/crates/app/src/routes/api/v1/auth/ipbans.rs
+++ b/crates/app/src/routes/api/v1/auth/ipbans.rs
@ -0,0 +1,61 @@
+use crate::{
+    State, get_user_from_token,
+    model::{ApiReturn, Error},
+    routes::api::v1::CreateIpBan,
+};
+use axum::{Extension, Json, extract::Path, response::IntoResponse};
+use axum_extra::extract::CookieJar;
+use tetratto_core::model::{auth::IpBan, permissions::FinePermission};
+
+/// Create a new IP ban.
+pub async fn create_request(
+    jar: CookieJar,
+    Path(ip): Path<String>,
+    Extension(data): Extension<State>,
+    Json(req): Json<CreateIpBan>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    if !user.permissions.check(FinePermission::MANAGE_BANS) {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data.create_ipban(IpBan::new(ip, user.id, req.reason)).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "IP ban deleted".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+/// Delete the given IP ban.
+pub async fn delete_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    if !user.permissions.check(FinePermission::MANAGE_BANS) {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data.delete_ipban(id, user).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "IP ban deleted".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
--- a/crates/app/src/routes/api/v1/auth/mod.rs
+++ b/crates/app/src/routes/api/v1/auth/mod.rs
@ -1,4 +1,5 @@
 pub mod images;
+pub mod ipbans;
 pub mod profile;
 pub mod social;

--- a/crates/app/src/routes/api/v1/mod.rs
+++ b/crates/app/src/routes/api/v1/mod.rs
@ -172,6 +172,9 @@ pub fn routes() -> Router {
            "/communities/{cid}/memberships/{uid}/role",
            post(communities::communities::update_membership_role),
        )
+        // ipbans
+        .route("/bans/{ip}", post(auth::ipbans::create_request))
+        .route("/bans/id/{id}", delete(auth::ipbans::delete_request))
 }

 #[derive(Deserialize)]
@ -265,3 +268,8 @@ pub struct UpdateMembershipRole {
 pub struct DeleteUser {
    pub password: String,
 }
+
+#[derive(Deserialize)]
+pub struct CreateIpBan {
+    pub reason: String,
+}