t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases 8 Packages Wiki Activity Actions

add: allow mods to remove associations

Browse source
This commit is contained in:
trisua 2025-08-10 22:26:13 -04:00
parent bcee3f7763
commit ba319130d2
4 changed files with 64 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

4
crates/app/src/public/html/components.lisp
View file

@ -1350,9 +1350,9 @@
(text "Listening to ")) (text "Listening to "))
(text "{{ other_user.connections.Spotify[1].data.artist }}"))) (text "{{ other_user.connections.Spotify[1].data.artist }}")))
(text "{%- endif %} {%- endmacro %} {% macro user_plate(user, show_menu=false, show_kick=false, secondary=false) -%}") (text "{%- endif %} {%- endmacro %} {% macro user_plate(user, show_menu=false, show_kick=false, secondary=false, full=false) -%}")
(div (div
("class" "flex gap_2 items_center card tiny user_plate {% if secondary -%}secondary{%- endif %}") ("class" "flex gap_2 items_center card tiny user_plate {% if secondary -%}secondary{%- endif %} {% if full -%} w_full {%- endif %}")
(a (a
("href" "/@{{ user.username }}") ("href" "/@{{ user.username }}")
(text "{{ self::avatar(username=user.username, size=\"42px\", selector_type=\"username\") }}")) (text "{{ self::avatar(username=user.username, size=\"42px\", selector_type=\"username\") }}"))

20
crates/app/src/public/html/mod/profile.lisp
View file

@ -84,7 +84,7 @@
const ui = await ns(\"ui\"); const ui = await ns(\"ui\");
const element = document.getElementById(\"mod_options\"); const element = document.getElementById(\"mod_options\");
globalThis.profile_request = async (do_confirm, path, body) => { globalThis.profile_request = async (do_confirm, path, body = null, headers = { \"Content-Type\": \"application/json\" }, method = \"POST\") => {
if (do_confirm) { if (do_confirm) {
if ( if (
!(await trigger(\"atto::confirm\", [ !(await trigger(\"atto::confirm\", [
@ -96,11 +96,9 @@
} }
fetch(`/api/v1/auth/user/{{ profile.id }}/${path}`, { fetch(`/api/v1/auth/user/{{ profile.id }}/${path}`, {
method: \"POST\", method,
headers: { headers: headers != null ? headers : undefined,
\"Content-Type\": \"application/json\", body: body != null ? JSON.stringify(body) : undefined,
},
body: JSON.stringify(body),
}) })
.then((res) => res.json()) .then((res) => res.json())
.then((res) => { .then((res) => {
@ -265,9 +263,15 @@
(span (span
(text "{{ text \"mod_panel:label.associations\" }}")))) (text "{{ text \"mod_panel:label.associations\" }}"))))
(div (div
("class" "card lowered flex flex_wrap gap_2") ("class" "card flex flex_wrap gap_4 flex_collapse")
(text "{% for user in associations -%}") (text "{% for user in associations -%}")
(text "{{ components::user_plate(user=user, show_menu=false) }}") (div
("class" "flex flex_row gap_2 items_center card small secondary")
(text "{{ components::user_plate(user=user, show_menu=false, secondary=true, full=true) }}")
(button
("class" "small square red lowered")
("onclick" "profile_request(true, 'associations/{{ user.id }}', null, null, 'DELETE')")
(icon (text "x"))))
(text "{%- endfor %}"))) (text "{%- endfor %}")))
(text "{% if invite -%}") (text "{% if invite -%}")
(div (div

46
crates/app/src/routes/api/v1/auth/profile.rs
View file

@ -283,7 +283,7 @@ pub async fn remove_applied_configuration_request(
} }
/// Append associations to the current user. /// Append associations to the current user.
pub async fn append_associations_request( pub async fn append_association_request(
jar: CookieJar, jar: CookieJar,
Extension(data): Extension<State>, Extension(data): Extension<State>,
Json(req): Json<AppendAssociations>, Json(req): Json<AppendAssociations>,
@ -331,6 +331,50 @@ pub async fn append_associations_request(
} }
} }
/// Remove an association from the given user.
pub async fn remove_association_request(
jar: CookieJar,
Extension(data): Extension<State>,
Path((uid, association)): Path<(usize, usize)>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageProfile) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
if !user.permissions.check(FinePermission::MANAGE_USERS) {
return Json(Error::NotAllowed.into());
}
// get user
let mut other_user = match data.get_user_by_id(uid).await {
Ok(x) => x,
Err(e) => return Json(e.into()),
};
// find association and remove
other_user.associated.remove(
match other_user.associated.iter().position(|x| x == &association) {
Some(x) => x,
None => return Json(Error::GeneralNotFound("association".to_string()).into()),
},
);
// ...
match data
.update_user_associated(other_user.id, other_user.associated)
.await
{
Ok(_) => Json(ApiReturn {
ok: true,
message: "Associations updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
/// Update the password of the given user. /// Update the password of the given user.
/// ///
/// Does not support third-party grants. /// Does not support third-party grants.

6
crates/app/src/routes/api/v1/mod.rs
View file

@ -397,6 +397,10 @@ pub fn routes() -> Router {
"/auth/user/{id}/totp/codes", "/auth/user/{id}/totp/codes",
post(auth::profile::refresh_totp_codes_request), post(auth::profile::refresh_totp_codes_request),
) )
.route(
"/auth/user/{id}/associations/{association}",
delete(auth::profile::remove_association_request),
)
.route( .route(
"/auth/user/{username}/totp/check", "/auth/user/{username}/totp/check",
get(auth::profile::has_totp_enabled_request), get(auth::profile::has_totp_enabled_request),
@ -404,7 +408,7 @@ pub fn routes() -> Router {
.route("/auth/user/me/seen", post(auth::profile::seen_request)) .route("/auth/user/me/seen", post(auth::profile::seen_request))
.route( .route(
"/auth/user/me/append_associations", "/auth/user/me/append_associations",
put(auth::profile::append_associations_request), put(auth::profile::append_association_request),
) )
.route("/auth/user/find/{id}", get(auth::profile::redirect_from_id)) .route("/auth/user/find/{id}", get(auth::profile::redirect_from_id))
.route( .route(