t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add(ui): ability to log out

Browse source
This commit is contained in:
trisua 2025-03-23 16:37:43 -04:00
parent d2ca9e23d3
commit b3cac5f97a
29 changed files with 499 additions and 124 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Cargo.lock generated
View file

@ -2569,6 +2569,7 @@ name = "tetratto-core"
version = "0.1.0"
dependencies = [
"bb8-postgres",
"bitflags 2.9.0",
"pathbufd",
"rusqlite",
"serde",

31
README.md
View file

@ -1,31 +1,10 @@
# 🐐 tetratto!
This is the year of the personal website.
Tetratto (`4 * 10^-18`) is a _super_ simple **dynamic** site server which takes in a conglomeration of HTML files (which are actually Jinja templates) and static files like CSS and JS, then serves them!
Tetratto is your personal journal!
## Features
- Templated HTML files (`html/` directory)
- Markdown posts (`posts/` directory, served with `html/post.html` template)
- Super simple SQLite database for authentication (and other stuff)
## Usage
Install Tetratto CLI:
```bash
cargo install tetratto
```
Clone the `./example` directory to get started.
You can run a project by running `tetratto` in the directory. The entry file for CSS is assumed to be `public/css/style.css`. Note that your `index.html` file should _not_ include boilerplate stuff, and should instead just include a `{% block body %}` for beginning your content in the body. `{% block head %}` can be used to place data in the page head element. Templates should all extend the `_atto/root.html` template.
### Config
You can configure Tetratto by editing the project's `tetratto.toml` file.
- `name`: the `{{ name }}` variable in templates (default: `Tetratto`)
- `port`: the port the server is served on (default: `4118`)
- `database`: the name of the file to store the SQLite database in (default: `./atto.db`)
- Create new pages in your journal (essentially just posts)
- Create new pages in your journal where people can post messages (essentially message boards that you control)
- Follow other people and see their (public) journal entries
- Journal entries can either be public, unlisted (only accessible via link), and fully private (only accessible to moderators and the owner)

10
crates/app/src/assets.rs
View file

@ -8,6 +8,7 @@ use std::{
use tera::Context;
use tetratto_core::{config::Config, model::auth::User};
use tetratto_l10n::LangFile;
use tetratto_shared::hash::salt;
use tokio::sync::RwLock;
use crate::{create_dir_if_not_exists, write_if_track, write_template};
@ -21,8 +22,9 @@ pub const FAVICON: &str = include_str!("./public/images/favicon.svg");
pub const STYLE_CSS: &str = include_str!("./public/css/style.css");
// js
pub const ATTO_JS: &str = include_str!("./public/js/atto.js");
pub const LOADER_JS: &str = include_str!("./public/js/loader.js");
pub const ATTO_JS: &str = include_str!("./public/js/atto.js");
pub const ME_JS: &str = include_str!("./public/js/me.js");
// html
pub const ROOT: &str = include_str!("./public/html/root.html");
@ -165,11 +167,15 @@ pub(crate) async fn init_dirs(config: &Config) {
write_template!(langs_path->"en-US.toml"(LANG_EN_US));
}
/// A random ASCII value inserted into the URL of static assets to "break" the cache. Essentially just for cache busting.
pub(crate) static CACHE_BREAKER: LazyLock<String> = LazyLock::new(|| salt());
/// Create the initial template context.
pub(crate) fn initial_context(config: &Config, lang: &LangFile, user: &Option<User>) -> Context {
let mut ctx = Context::new();
ctx.insert("config", &config);
ctx.insert("user", &user);
ctx.insert("lang", &lang);
ctx.insert("lang", &lang.data);
ctx.insert("random_cache_breaker", &CACHE_BREAKER.clone());
ctx
}

14
crates/app/src/langs/en-US.toml
View file

@ -2,5 +2,15 @@ name = "com.tetratto.langs:en-US"
version = "1.0.0"
[data]
"general:action.login" = "Login"
"general:action.register" = "Register"
"general:link.home" = "Home"
"dialog:action.okay" = "Ok"
"dialog:action.continue" = "Continue"
"dialog:action.cancel" = "Cancel"
"dialog:action.yes" = "Yes"
"dialog:action.no" = "No"
"auth:action.login" = "Login"
"auth:action.register" = "Register"
"auth:action.logout" = "Logout"
"auth:link.my_profile" = "My profile"

13
crates/app/src/macros.rs
View file

@ -55,7 +55,7 @@ macro_rules! create_dir_if_not_exists {
#[macro_export]
macro_rules! get_user_from_token {
(($jar:ident, $db:expr) <optional>) => {{
($jar:ident, $db:expr) => {{
if let Some(token) = $jar.get("__Secure-atto-token") {
match $db
.get_user_by_token(&tetratto_shared::hash::hash(
@ -70,17 +70,6 @@ macro_rules! get_user_from_token {
None
}
}};
($jar:ident, $db:ident) => {{
if let Some(token) = $jar.get("__Secure-Atto-Token") {
match $db.get_user_by_token(token) {
Ok(ua) => ua,
Err(_) => return axum::response::Html(crate::data::assets::REDIRECT_TO_AUTH),
}
} else {
None
}
}};
}
#[macro_export]

26
crates/app/src/public/css/style.css
View file

@ -318,6 +318,27 @@ table ol {
background: var(--color-surface);
}
.card-nest {
box-shadow: var(--shadow-x-offset) var(--shadow-y-offset) var(--shadow-size)
var(--color-shadow);
border-radius: var(--radius);
}
.card-nest .card {
box-shadow: 0;
}
.card-nest > .card:first-child {
border-bottom-left-radius: 0;
border-bottom-right-radius: 0;
background: var(--color-super-raised);
}
.card-nest > .card:last-child {
border-top-left-radius: 0;
border-top-right-radius: 0;
}
/* buttons */
button,
.button {
@ -616,6 +637,11 @@ dialog[open] {
display: block;
}
dialog::backdrop {
background: hsla(0, 0%, 0%, 50%);
backdrop-filter: blur(5px);
}
/* dropdown */
.dropdown {
position: relative;

31
crates/app/src/public/html/auth/login.html
View file

@ -1,7 +1,7 @@
{% extends "auth/base.html" %} {% block head %}
<title>Login</title>
{% endblock %} {% block title %}Login{% endblock %} {% block content %}
<form class="w-full flex flex-col gap-4">
<form class="w-full flex flex-col gap-4" onsubmit="login(event)">
<div class="flex flex-col gap-1">
<label for="username"><b>Username</b></label>
<input
@ -26,6 +26,35 @@
<button>Submit</button>
</form>
<script>
function login(e) {
e.preventDefault();
fetch("/api/v1/auth/login", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
username: e.target.username.value,
password: e.target.password.value,
}),
})
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "sucesss" : "error",
res.message,
]);
if (res.ok) {
setTimeout(() => {
window.location.href = "/";
}, 150);
}
});
}
</script>
{% endblock %} {% block footer %}
<span class="small w-full text-center"
>Or, <a href="/auth/register">register</a></span

20
crates/app/src/public/html/macros.html
View file

@ -12,7 +12,7 @@
class="button {% if selected == 'home' %}active{% endif %}"
>
{{ icon "house" }}
<span class="desktop">Home</span>
<span class="desktop">{{ text "general:link.home" }}</span>
</a>
{% endif %}
</div>
@ -30,6 +30,20 @@
{{ macros::avatar(username=user.username, size="24px") }}
{{ icon "chevron-down" c(dropdown-arrow) }}
</button>
<div class="inner">
<b class="title">{{ user.username }}</b>
<a href="/@{{ user.username }}">
{{ icon "book-heart" }}
<span>{{ text "auth:link.my_profile" }}</span>
</a>
<div class="title"></div>
<button class="red" onclick="trigger('me::logout')">
{{ icon "log-out" }}
<span>{{ text "auth:action.logout" }}</span>
</button>
</div>
</div>
{% else %}
<div class="dropdown">
@ -44,11 +58,11 @@
<div class="inner">
<a href="/auth/login" class="button">
{{ icon "log-in" }}
<span>Login</span>
<span>{{ text "auth:action.login" }}</span>
</a>
<a href="/auth/register" class="button">
{{ icon "user-plus" }}
<span>Register</span>
<span>{{ text "auth:action.register" }}</span>
</a>
</div>
</div>

18
crates/app/src/public/html/misc/index.html
View file

@ -2,22 +2,12 @@
{{ macros::nav(selected="home") }}
<main class="flex flex-col gap-2">
<h1>Hello, world!</h1>
<div class="pillmenu">
<a class="active" href="#">A</a>
<a href="#">B</a>
<a href="#">C</a>
<div class="card-nest">
<div class="card">
<b>✨ Welcome to <i>{{ config.name }}</i>!</b>
</div>
<div class="card w-full flex flex-col gap-2">
<div class="flex gap-2 flex-wrap">
<button>Hello, world!</button>
<button class="secondary">Hello, world!</button>
<button class="camo">Hello, world!</button>
</div>
<input type="text" placeholder="abcd" />
<div class="card">We're still working on your feed...</div>
</div>
</main>
{% endblock %}

137
crates/app/src/public/html/root.html
View file

@ -22,6 +22,7 @@
globalThis.ns_config = {
root: "/js/",
verbose: globalThis.ns_verbose,
version: "cache-breaker-{{ random_cache_breaker }}",
};
globalThis._app_base = {
@ -76,5 +77,141 @@
atto["hooks::partial_embeds"]();
});
</script>
<!-- dialogs -->
<dialog id="link_filter">
<div class="inner">
<p>Pressing continue will bring you to the following URL:</p>
<pre><code id="link_filter_url"></code></pre>
<p>Are sure you want to go there?</p>
<hr />
<div class="flex gap-2">
<a
class="button primary bold"
id="link_filter_continue"
rel="noopener noreferrer"
target="_blank"
onclick="document.getElementById('link_filter').close()"
>
{{ text "dialog:action.continue" }}
</a>
<button
class="bold"
type="button"
onclick="document.getElementById('link_filter').close()"
>
{{ text "dialog:action.cancel" }}
</button>
</div>
</div>
</dialog>
<dialog id="web_api_prompt">
<div class="inner flex flex-col gap-2">
<form
class="flex gap-2 flex-col"
onsubmit="event.preventDefault()"
>
<label for="prompt" id="web_api_prompt:msg"></label>
<input id="prompt" name="prompt" />
<div class="flex justify-between">
<div></div>
<div class="flex gap-2">
<button
class="primary bold circle"
onclick="globalThis.web_api_prompt_submit(document.getElementById('prompt').value); document.getElementById('prompt').value = ''"
type="button"
>
{{ icon "check" }} {{ text "dialog:action.okay"
}}
</button>
<button
class="bold red camo"
onclick="globalThis.web_api_prompt_submit('')"
type="button"
>
{{ icon "x" }} {{ text "dialog:action.cancel" }}
</button>
</div>
</div>
</form>
</div>
</dialog>
<dialog id="web_api_prompt_long">
<div class="inner flex flex-col gap-2">
<form
class="flex gap-2 flex-col"
onsubmit="event.preventDefault()"
>
<label
for="prompt_long"
id="web_api_prompt_long:msg"
></label>
<textarea id="prompt_long" name="prompt_long"></textarea>
<div class="flex justify-between">
<div></div>
<div class="flex gap-2">
<button
class="primary bold circle"
onclick="globalThis.web_api_prompt_long_submit(document.getElementById('prompt_long').value); document.getElementById('prompt_long').value = ''"
type="button"
>
{{ icon "check" }} {{ text "dialog:action.okay"
}}
</button>
<button
class="bold red camo"
onclick="globalThis.web_api_prompt_long_submit('')"
type="button"
>
{{ icon "x" }} {{ text "dialog:action.cancel" }}
</button>
</div>
</div>
</form>
</div>
</dialog>
<dialog id="web_api_confirm">
<div class="inner flex flex-col gap-2">
<form
class="flex gap-2 flex-col"
onsubmit="event.preventDefault()"
>
<label id="web_api_confirm:msg"></label>
<div class="flex justify-between">
<div></div>
<div class="flex gap-2">
<button
class="primary bold circle"
onclick="globalThis.web_api_confirm_submit(true)"
type="button"
>
{{ icon "check" }} {{ text "dialog:action.yes"
}}
</button>
<button
class="bold red camo"
onclick="globalThis.web_api_confirm_submit(false)"
type="button"
>
{{ icon "x" }} {{ text "dialog:action.no" }}
</button>
</div>
</div>
</form>
</div>
</dialog>
</body>
</html>

2
crates/app/src/public/images/default-avatar.svg
View file

@ -5,5 +5,5 @@
fill="none"
xmlns="http://www.w3.org/2000/svg"
>
<rect width="460" height="460" fill="#C9B1BC" />
<rect width="460" height="460" fill="#E793B9" />
</svg>

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 181 B

After

Width:  |  Height:  |  Size: 181 B

Before After
Before After

2
crates/app/src/public/images/default-banner.svg
View file

@ -5,5 +5,5 @@
fill="none"
xmlns="http://www.w3.org/2000/svg"
>
<rect width="1500" height="350" fill="#C9B1BC" />
<rect width="1500" height="350" fill="#E793B9" />
</svg>

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 184 B

After

Width:  |  Height:  |  Size: 184 B

Before After
Before After

3
crates/app/src/public/js/atto.js
View file

@ -34,6 +34,9 @@ media_theme_pref();
(() => {
const self = reg_ns("atto");
// init
use("me", () => {});
// env
self.DEBOUNCE = [];
self.OBSERVERS = [];

30
crates/app/src/public/js/me.js Normal file
View file

@ -0,0 +1,30 @@
(() => {
const self = reg_ns("me");
self.define("logout", async () => {
if (
!(await trigger("atto::confirm", [
"Are you sure you would like to do this?",
]))
) {
return;
}
fetch("/api/v1/auth/logout", {
method: "POST",
})
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "sucesss" : "error",
res.message,
]);
if (res.ok) {
setTimeout(() => {
window.location.href = "/";
}, 150);
}
});
});
})();

52
crates/app/src/routes/api/v1/auth/mod.rs
View file

@ -11,6 +11,7 @@ use axum::{
response::IntoResponse,
};
use axum_extra::extract::CookieJar;
use tetratto_shared::hash::hash;
/// `/api/v1/auth/register`
pub async fn register_request(
@ -20,7 +21,7 @@ pub async fn register_request(
Json(props): Json<AuthProps>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = get_user_from_token!((jar, data) <optional>);
let user = get_user_from_token!(jar, data);
if user.is_some() {
return (
@ -75,7 +76,7 @@ pub async fn login_request(
Json(props): Json<AuthProps>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = get_user_from_token!((jar, data) <optional>);
let user = get_user_from_token!(jar, data);
if user.is_some() {
return (None, Json(Error::AlreadyAuthenticated.into()));
@ -125,3 +126,50 @@ pub async fn login_request(
}),
)
}
/// `/api/v1/auth/logout`
pub async fn logout_request(
jar: CookieJar,
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
Some(ua) => ua,
None => return (None, Json(Error::NotAllowed.into())),
};
// update tokens
let token = jar
.get("__Secure-atto-token")
.unwrap()
.to_string()
.replace("__Secure-atto-token=", "");
let mut new_tokens = user.tokens.clone();
new_tokens.remove(
new_tokens
.iter()
.position(|t| t.1 == hash(token.to_string()))
.unwrap(),
);
if let Err(e) = data.update_user_tokens(user.id, new_tokens).await {
return (None, Json(e.into()));
}
// ...
(
Some([(
"Set-Cookie",
format!(
"__Secure-atto-token={}; SameSite=Lax; Secure; Path=/; HostOnly=true; HttpOnly=true; Max-Age=0",
"refresh",
),
)]),
Json(ApiReturn {
ok: true,
message: "Goodbye!".to_string(),
payload: (),
}),
)
}

2
crates/app/src/routes/api/v1/mod.rs
View file

@ -7,9 +7,11 @@ use serde::Deserialize;
pub fn routes() -> Router {
Router::new()
// auth
// global
.route("/auth/register", post(auth::register_request))
.route("/auth/login", post(auth::login_request))
.route("/auth/logout", post(auth::logout_request))
// profile
.route(
"/auth/profile/{id}/avatar",

33
crates/app/src/routes/assets.rs
View file

@ -1,27 +1,16 @@
use axum::response::IntoResponse;
/// `/public/favicon.svg`
pub async fn favicon_request() -> impl IntoResponse {
([("Content-Type", "image/svg+xml")], crate::assets::FAVICON)
macro_rules! serve_asset {
($fn_name:ident: $name:ident($type:literal)) => {
pub async fn $fn_name() -> impl IntoResponse {
([("Content-Type", $type)], crate::assets::$name)
}
};
}
/// `/css/style.css`
pub async fn style_css_request() -> impl IntoResponse {
([("Content-Type", "text/css")], crate::assets::STYLE_CSS)
}
serve_asset!(favicon_request: FAVICON("image/svg+xml"));
serve_asset!(style_css_request: STYLE_CSS("text/css"));
/// `/js/atto.js`
pub async fn atto_js_request() -> impl IntoResponse {
(
[("Content-Type", "text/javascript")],
crate::assets::ATTO_JS,
)
}
/// `/js/atto.js`
pub async fn loader_js_request() -> impl IntoResponse {
(
[("Content-Type", "text/javascript")],
crate::assets::LOADER_JS,
)
}
serve_asset!(loader_js_request: LOADER_JS("text/javascript"));
serve_asset!(atto_js_request: ATTO_JS("text/javascript"));
serve_asset!(me_js_request: ME_JS("text/javascript"));

3
crates/app/src/routes/mod.rs
View file

@ -12,8 +12,9 @@ pub fn routes(config: &Config) -> Router {
Router::new()
// assets
.route("/css/style.css", get(assets::style_css_request))
.route("/js/atto.js", get(assets::atto_js_request))
.route("/js/loader.js", get(assets::loader_js_request))
.route("/js/atto.js", get(assets::atto_js_request))
.route("/js/me.js", get(assets::me_js_request))
.nest_service(
"/public",
get_service(tower_http::services::ServeDir::new(&config.dirs.assets)),

4
crates/app/src/routes/pages/auth.rs
View file

@ -8,7 +8,7 @@ use axum_extra::extract::CookieJar;
/// `/auth/login`
pub async fn login_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
let data = data.read().await;
let user = get_user_from_token!((jar, data.0) <optional>);
let user = get_user_from_token!(jar, data.0);
if user.is_some() {
return Err(Redirect::to("/"));
@ -28,7 +28,7 @@ pub async fn register_request(
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = data.read().await;
let user = get_user_from_token!((jar, data.0) <optional>);
let user = get_user_from_token!(jar, data.0);
if user.is_some() {
return Err(Redirect::to("/"));

2
crates/app/src/routes/pages/misc.rs
View file

@ -8,7 +8,7 @@ use axum_extra::extract::CookieJar;
/// `/`
pub async fn index_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
let data = data.read().await;
let user = get_user_from_token!((jar, data.0) <optional>);
let user = get_user_from_token!(jar, data.0);
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &user);

1
crates/core/Cargo.toml
View file

@ -20,3 +20,4 @@ rusqlite = { version = "0.34.0", optional = true }
tokio-postgres = { version = "0.7.13", optional = true }
bb8-postgres = { version = "0.9.0", optional = true }
bitflags = "2.9.0"

21
crates/core/src/database/auth.rs
View file

@ -1,4 +1,5 @@
use super::*;
use crate::model::permissions::FinePermission;
use crate::model::{Error, Result};
use crate::{execute, get, query_row};
@ -18,12 +19,13 @@ impl DataManager {
) -> User {
User {
id: get!(x->0(u64)) as usize,
created: get!(x->1(u64)) as usize as usize,
created: get!(x->1(u64)) as usize,
username: get!(x->2(String)),
password: get!(x->3(String)),
salt: get!(x->4(String)),
settings: serde_json::from_str(&get!(x->5(String)).to_string()).unwrap(),
tokens: serde_json::from_str(&get!(x->6(String)).to_string()).unwrap(),
permissions: FinePermission::from_bits(get!(x->7(u32))).unwrap(),
}
}
@ -124,15 +126,16 @@ impl DataManager {
let res = execute!(
&conn,
"INSERT INTO users VALUES ($1, $2, $3, $4, $5, $6, $7)",
"INSERT INTO users VALUES ($1, $2, $3, $4, $5, $6, $7, $8)",
&[
&data.id.to_string(),
&data.created.to_string(),
&data.username,
&data.password,
&data.salt,
&serde_json::to_string(&data.settings).unwrap(),
&serde_json::to_string(&data.tokens).unwrap(),
&data.id.to_string().as_str(),
&data.created.to_string().as_str(),
&data.username.as_str(),
&data.password.as_str(),
&data.salt.as_str(),
&serde_json::to_string(&data.settings).unwrap().as_str(),
&serde_json::to_string(&data.tokens).unwrap().as_str(),
&(FinePermission::DEFAULT.bits()).to_string().as_str()
]
);

3
crates/core/src/database/drivers/sql/create_users.sql
View file

@ -5,5 +5,6 @@ CREATE TABLE IF NOT EXISTS users (
password TEXT NOT NULL,
salt TEXT NOT NULL,
settings TEXT NOT NULL,
tokens TEXT NOT NULL
tokens TEXT NOT NULL,
permissions INTEGER NOT NULL
)

4
crates/core/src/model/auth.rs
View file

@ -5,6 +5,8 @@ use tetratto_shared::{
unix_epoch_timestamp,
};
use super::permissions::FinePermission;
/// `(ip, token, creation timestamp)`
pub type Token = (String, String, usize);
@ -17,6 +19,7 @@ pub struct User {
pub salt: String,
pub settings: UserSettings,
pub tokens: Vec<Token>,
pub permissions: FinePermission,
}
#[derive(Debug, Serialize, Deserialize)]
@ -45,6 +48,7 @@ impl User {
salt,
settings: UserSettings::default(),
tokens: Vec::new(),
permissions: FinePermission::DEFAULT,
}
}

19
crates/core/src/model/mod.rs
View file

@ -1,4 +1,5 @@
pub mod auth;
pub mod permissions;
use serde::{Deserialize, Serialize};
#[derive(Serialize, Deserialize)]
@ -18,6 +19,7 @@ pub enum Error {
RegistrationDisabled,
DatabaseError(String),
IncorrectPassword,
NotAllowed,
AlreadyAuthenticated,
DataTooLong(String),
DataTooShort(String),
@ -27,14 +29,15 @@ pub enum Error {
impl ToString for Error {
fn to_string(&self) -> String {
match self {
Error::DatabaseConnection(msg) => msg.to_owned(),
Error::DatabaseError(msg) => format!("Database error: {msg}"),
Error::UserNotFound => "Unable to find user with given parameters".to_string(),
Error::RegistrationDisabled => "Registration is disabled".to_string(),
Error::IncorrectPassword => "The given password is invalid".to_string(),
Error::AlreadyAuthenticated => "Already authenticated".to_string(),
Error::DataTooLong(name) => format!("Given {name} is too long!"),
Error::DataTooShort(name) => format!("Given {name} is too short!"),
Self::DatabaseConnection(msg) => msg.to_owned(),
Self::DatabaseError(msg) => format!("Database error: {msg}"),
Self::UserNotFound => "Unable to find user with given parameters".to_string(),
Self::RegistrationDisabled => "Registration is disabled".to_string(),
Self::IncorrectPassword => "The given password is invalid".to_string(),
Self::NotAllowed => "You are not allowed to do this".to_string(),
Self::AlreadyAuthenticated => "Already authenticated".to_string(),
Self::DataTooLong(name) => format!("Given {name} is too long!"),
Self::DataTooShort(name) => format!("Given {name} is too short!"),
_ => format!("An unknown error as occurred: ({:?})", self),
}
}

123
crates/core/src/model/permissions.rs Normal file
View file

@ -0,0 +1,123 @@
use bitflags::bitflags;
use serde::{
Deserialize, Deserializer, Serialize,
de::{Error as DeError, Visitor},
};
bitflags! {
/// Fine-grained permissions built using bitwise operations.
#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct FinePermission: u32 {
const DEFAULT = 1 << 0;
const ADMINISTRATOR = 1 << 1;
const MANAGE_JOURNAL_PAGES = 1 << 2;
const MANAGE_JOURNAL_ENTRIES = 1 << 3;
const MANAGE_JOURNAL_ENTRY_COMMENTS = 1 << 4;
const MANAGE_USERS = 1 << 5;
const MANAGE_BANS = 1 << 6; // includes managing IP bans
const MANAGE_WARNINGS = 1 << 7;
const MANAGE_NOTIFICATIONS = 1 << 8;
const VIEW_REPORTS = 1 << 9;
const VIEW_AUDIT_LOG = 1 << 10;
const _ = !0;
}
}
impl Serialize for FinePermission {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: serde::Serializer,
{
serializer.serialize_u32(self.bits())
}
}
struct FinePermissionVisitor;
impl<'de> Visitor<'de> for FinePermissionVisitor {
type Value = FinePermission;
fn expecting(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {
formatter.write_str("u32")
}
fn visit_u32<E>(self, value: u32) -> Result<Self::Value, E>
where
E: DeError,
{
if let Some(permission) = FinePermission::from_bits(value) {
Ok(permission)
} else {
Ok(FinePermission::from_bits_retain(value))
}
}
fn visit_i32<E>(self, value: i32) -> Result<Self::Value, E>
where
E: DeError,
{
if let Some(permission) = FinePermission::from_bits(value as u32) {
Ok(permission)
} else {
Ok(FinePermission::from_bits_retain(value as u32))
}
}
fn visit_u64<E>(self, value: u64) -> Result<Self::Value, E>
where
E: DeError,
{
if let Some(permission) = FinePermission::from_bits(value as u32) {
Ok(permission)
} else {
Ok(FinePermission::from_bits_retain(value as u32))
}
}
}
impl<'de> Deserialize<'de> for FinePermission {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
deserializer.deserialize_any(FinePermissionVisitor)
}
}
impl FinePermission {
/// Join two [`FinePermission`]s into a single `u32`.
pub fn join(lhs: FinePermission, rhs: FinePermission) -> FinePermission {
lhs | rhs
}
/// Check if the given `input` contains the given [`FinePermission`].
pub fn check(self, permission: FinePermission) -> bool {
if (self & FinePermission::ADMINISTRATOR) == FinePermission::ADMINISTRATOR {
// has administrator permission, meaning everything else is automatically true
return true;
}
(self & permission) == permission
}
/// Check if thhe given [`FinePermission`] is qualifies as "Helper" status.
pub fn check_helper(self) -> bool {
self.check(FinePermission::MANAGE_JOURNAL_ENTRIES)
&& self.check(FinePermission::MANAGE_JOURNAL_PAGES)
&& self.check(FinePermission::MANAGE_JOURNAL_ENTRY_COMMENTS)
&& self.check(FinePermission::MANAGE_WARNINGS)
&& self.check(FinePermission::VIEW_REPORTS)
&& self.check(FinePermission::VIEW_AUDIT_LOG)
}
/// Check if thhe given [`FinePermission`] is qualifies as "Manager" status.
pub fn check_manager(self) -> bool {
self.check_helper() && self.check(FinePermission::ADMINISTRATOR)
}
}
impl Default for FinePermission {
fn default() -> Self {
Self::DEFAULT
}
}

1
crates/l10n/LICENSE Symbolic link
View file

@ -0,0 +1 @@
../../LICENSE

1
crates/shared/LICENSE Symbolic link
View file

@ -0,0 +1 @@
../../LICENSE

16
tetratto.toml
View file

@ -1,16 +0,0 @@
name = "Tetratto"
description = "🐐 tetratto!"
color = "#c9b1bc"
port = 4118
[security]
registration_enabled = true
admin_user = "admin"
real_ip_header = "CF-Connecting-IP"
[dirs]
templates = "html"
assets = "public"
[database]
name = "atto.db"