add: grant scopes for all community endpoints
This commit is contained in:
parent
ca8f510a3a
commit
c3139ef1d2
10 changed files with 342 additions and 75 deletions
|
|
@ -22,6 +22,7 @@ use tetratto_core::{
|
|||
cache::Cache,
|
||||
model::{
|
||||
auth::{Token, UserSettings},
|
||||
oauth,
|
||||
permissions::FinePermission,
|
||||
socket::{PacketType, SocketMessage, SocketMethod},
|
||||
},
|
||||
|
|
@ -72,7 +73,7 @@ pub async fn redirect_from_ip(
|
|||
|
||||
pub async fn me_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadProfile) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -92,7 +93,7 @@ pub async fn update_user_settings_request(
|
|||
Json(mut req): Json<UserSettings>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageProfile) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -145,7 +146,7 @@ pub async fn append_associations_request(
|
|||
Json(req): Json<AppendAssociations>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let mut user = match get_user_from_token!(jar, data) {
|
||||
let mut user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageProfile) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -188,6 +189,8 @@ pub async fn append_associations_request(
|
|||
}
|
||||
|
||||
/// Update the password of the given user.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn update_user_password_request(
|
||||
jar: CookieJar,
|
||||
Path(id): Path<usize>,
|
||||
|
|
@ -218,6 +221,9 @@ pub async fn update_user_password_request(
|
|||
}
|
||||
}
|
||||
|
||||
/// Update a user's username.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn update_user_username_request(
|
||||
jar: CookieJar,
|
||||
Path(id): Path<usize>,
|
||||
|
|
@ -249,6 +255,8 @@ pub async fn update_user_username_request(
|
|||
}
|
||||
|
||||
/// Update the tokens of the given user.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn update_user_tokens_request(
|
||||
jar: CookieJar,
|
||||
Path(id): Path<usize>,
|
||||
|
|
@ -276,6 +284,8 @@ pub async fn update_user_tokens_request(
|
|||
}
|
||||
|
||||
/// Update the verification status of the given user.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn update_user_is_verified_request(
|
||||
jar: CookieJar,
|
||||
Path(id): Path<usize>,
|
||||
|
|
@ -302,6 +312,8 @@ pub async fn update_user_is_verified_request(
|
|||
}
|
||||
|
||||
/// Update the role of the given user.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn update_user_role_request(
|
||||
jar: CookieJar,
|
||||
Path(id): Path<usize>,
|
||||
|
|
@ -327,7 +339,7 @@ pub async fn update_user_role_request(
|
|||
/// Update the current user's last seen value.
|
||||
pub async fn seen_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageProfile) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -343,6 +355,8 @@ pub async fn seen_request(jar: CookieJar, Extension(data): Extension<State>) ->
|
|||
}
|
||||
|
||||
/// Delete the given user.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn delete_user_request(
|
||||
jar: CookieJar,
|
||||
Path(id): Path<usize>,
|
||||
|
|
@ -373,6 +387,8 @@ pub async fn delete_user_request(
|
|||
}
|
||||
|
||||
/// Enable TOTP for a user.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn enable_totp_request(
|
||||
jar: CookieJar,
|
||||
Path(id): Path<usize>,
|
||||
|
|
@ -395,6 +411,8 @@ pub async fn enable_totp_request(
|
|||
}
|
||||
|
||||
/// Disable TOTP for a user.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn disable_totp_request(
|
||||
jar: CookieJar,
|
||||
Path(id): Path<usize>,
|
||||
|
|
@ -433,6 +451,8 @@ pub async fn disable_totp_request(
|
|||
}
|
||||
|
||||
/// Refresh TOTP recovery codes for a user.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn refresh_totp_codes_request(
|
||||
jar: CookieJar,
|
||||
Path(id): Path<usize>,
|
||||
|
|
@ -498,7 +518,7 @@ pub async fn subscription_handler(
|
|||
Path((user_id, id)): Path<(String, String)>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadSockets) {
|
||||
Some(ua) => ua,
|
||||
None => return Err("Socket refused"),
|
||||
};
|
||||
|
|
@ -624,7 +644,7 @@ pub async fn post_to_socket_request(
|
|||
Json(msg): Json<SocketMessage>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadSockets) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -654,7 +674,7 @@ pub async fn get_user_gpa_request(
|
|||
Extension(data): Extension<State>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadProfile) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
|
|||
|
|
@ -5,10 +5,10 @@ use axum::{
|
|||
};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use tetratto_core::model::{
|
||||
ApiReturn, Error,
|
||||
auth::Notification,
|
||||
communities::{Community, CommunityMembership},
|
||||
communities_permissions::CommunityPermission,
|
||||
oauth, ApiReturn, Error,
|
||||
};
|
||||
|
||||
use crate::{
|
||||
|
|
@ -44,7 +44,7 @@ pub async fn create_request(
|
|||
Json(req): Json<CreateCommunity>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateCommunities) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -73,7 +73,7 @@ pub async fn delete_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityDelete) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -95,7 +95,7 @@ pub async fn update_title_request(
|
|||
Json(req): Json<UpdateCommunityTitle>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -117,7 +117,7 @@ pub async fn update_context_request(
|
|||
Json(req): Json<UpdateCommunityContext>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -149,7 +149,7 @@ pub async fn update_read_access_request(
|
|||
Json(req): Json<UpdateCommunityReadAccess>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -174,7 +174,7 @@ pub async fn update_write_access_request(
|
|||
Json(req): Json<UpdateCommunityWriteAccess>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -199,7 +199,7 @@ pub async fn update_join_access_request(
|
|||
Json(req): Json<UpdateCommunityJoinAccess>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -224,7 +224,7 @@ pub async fn update_owner_request(
|
|||
Json(req): Json<UpdateCommunityOwner>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityTransferOwnership) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -255,7 +255,7 @@ pub async fn get_membership(
|
|||
Path((cid, uid)): Path<(usize, usize)>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityReadMemberships) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -286,7 +286,7 @@ pub async fn create_membership(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserJoinCommunities) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -314,7 +314,7 @@ pub async fn delete_membership(
|
|||
Path((cid, uid)): Path<(usize, usize)>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageMemberships) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -341,7 +341,7 @@ pub async fn update_membership_role(
|
|||
Json(req): Json<UpdateMembershipRole>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageMemberships) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -449,7 +449,7 @@ pub async fn supports_titles_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
if get_user_from_token!(jar, data).is_none() {
|
||||
if get_user_from_token!(jar, data, oauth::AppScope::UserReadCommunities).is_none() {
|
||||
return Json(Error::NotAllowed.into());
|
||||
}
|
||||
|
||||
|
|
@ -468,3 +468,55 @@ pub async fn supports_titles_request(
|
|||
payload: (),
|
||||
})
|
||||
}
|
||||
|
||||
pub async fn get_request(
|
||||
jar: CookieJar,
|
||||
Extension(data): Extension<State>,
|
||||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
if get_user_from_token!(jar, data, oauth::AppScope::UserReadCommunities).is_none() {
|
||||
return Json(Error::NotAllowed.into());
|
||||
}
|
||||
|
||||
match data.get_community_by_id_no_void(id).await {
|
||||
Ok(c) => Json(ApiReturn {
|
||||
ok: true,
|
||||
message: "Success".to_string(),
|
||||
payload: Some(c),
|
||||
}),
|
||||
Err(e) => Json(e.into()),
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn get_communities_request(
|
||||
jar: CookieJar,
|
||||
Extension(data): Extension<State>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadCommunities) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
||||
let memberships = match data.get_memberships_by_owner(user.id).await {
|
||||
Ok(p) => p,
|
||||
Err(e) => return Json(e.into()),
|
||||
};
|
||||
|
||||
let mut communities: Vec<Community> = Vec::new();
|
||||
for membership in memberships {
|
||||
let community = match data.get_community_by_id_no_void(membership.community).await {
|
||||
Ok(p) => p,
|
||||
Err(e) => return Json(e.into()),
|
||||
};
|
||||
|
||||
communities.push(community)
|
||||
}
|
||||
|
||||
Json(ApiReturn {
|
||||
ok: true,
|
||||
message: "Success".to_string(),
|
||||
payload: Some(communities),
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,9 +1,16 @@
|
|||
use axum::{extract::Path, response::IntoResponse, Extension, Json};
|
||||
use axum::{
|
||||
extract::{Path, Query},
|
||||
response::IntoResponse,
|
||||
Extension, Json,
|
||||
};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use tetratto_core::model::{communities::PostDraft, ApiReturn, Error};
|
||||
use tetratto_core::model::{communities::PostDraft, oauth, ApiReturn, Error};
|
||||
use crate::{
|
||||
get_user_from_token,
|
||||
routes::api::v1::{CreatePostDraft, UpdatePostContent},
|
||||
routes::{
|
||||
api::v1::{CreatePostDraft, UpdatePostContent},
|
||||
pages::PaginatedQuery,
|
||||
},
|
||||
State,
|
||||
};
|
||||
|
||||
|
|
@ -13,7 +20,7 @@ pub async fn create_request(
|
|||
Json(req): Json<CreatePostDraft>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateDrafts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -37,7 +44,7 @@ pub async fn delete_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserDeleteDrafts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -59,7 +66,7 @@ pub async fn update_content_request(
|
|||
Json(req): Json<UpdatePostContent>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserEditDrafts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -73,3 +80,71 @@ pub async fn update_content_request(
|
|||
Err(e) => Json(e.into()),
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn get_request(
|
||||
jar: CookieJar,
|
||||
Extension(data): Extension<State>,
|
||||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadDrafts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
||||
match data.get_draft_by_id(id).await {
|
||||
Ok(d) => {
|
||||
if d.owner != user.id {
|
||||
return Json(Error::NotAllowed.into());
|
||||
}
|
||||
|
||||
Json(ApiReturn {
|
||||
ok: true,
|
||||
message: "Success".to_string(),
|
||||
payload: Some(d),
|
||||
})
|
||||
}
|
||||
Err(e) => Json(e.into()),
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn get_drafts_request(
|
||||
jar: CookieJar,
|
||||
Extension(data): Extension<State>,
|
||||
Query(props): Query<PaginatedQuery>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadDrafts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
||||
match data.get_drafts_by_user(user.id, 12, props.page).await {
|
||||
Ok(_) => Json(ApiReturn {
|
||||
ok: true,
|
||||
message: "Success".to_string(),
|
||||
payload: (),
|
||||
}),
|
||||
Err(e) => Json(e.into()),
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn get_all_drafts_request(
|
||||
jar: CookieJar,
|
||||
Extension(data): Extension<State>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadDrafts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
||||
match data.get_drafts_by_user_all(user.id).await {
|
||||
Ok(_) => Json(ApiReturn {
|
||||
ok: true,
|
||||
message: "Success".to_string(),
|
||||
payload: (),
|
||||
}),
|
||||
Err(e) => Json(e.into()),
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ use crate::{
|
|||
use axum::{body::Body, extract::Path, response::IntoResponse, Extension, Json};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use tetratto_core::model::{
|
||||
oauth,
|
||||
uploads::{CustomEmoji, MediaType, MediaUpload},
|
||||
ApiReturn, Error,
|
||||
};
|
||||
|
|
@ -88,7 +89,7 @@ pub async fn create_request(
|
|||
img: Image,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityCreateEmojis) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -174,7 +175,7 @@ pub async fn update_name_request(
|
|||
Json(req): Json<UpdateEmojiName>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManageEmojis) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -195,7 +196,7 @@ pub async fn delete_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManageEmojis) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -215,7 +216,7 @@ pub async fn get_my_request(
|
|||
Extension(data): Extension<State>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadEmojis) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ use axum::{Extension, Json, body::Body, extract::Path, response::IntoResponse};
|
|||
use axum_extra::extract::CookieJar;
|
||||
use pathbufd::{PathBufD, pathd};
|
||||
use std::fs::exists;
|
||||
use tetratto_core::model::{ApiReturn, Error, permissions::FinePermission};
|
||||
use tetratto_core::model::{ApiReturn, Error, permissions::FinePermission, oauth};
|
||||
|
||||
use crate::{
|
||||
State,
|
||||
|
|
@ -110,7 +110,7 @@ pub async fn upload_avatar_request(
|
|||
) -> impl IntoResponse {
|
||||
// get user from token
|
||||
let data = &(data.read().await).0;
|
||||
let auth_user = match get_user_from_token!(jar, data) {
|
||||
let auth_user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -165,7 +165,7 @@ pub async fn upload_banner_request(
|
|||
) -> impl IntoResponse {
|
||||
// get user from token
|
||||
let data = &(data.read().await).0;
|
||||
let auth_user = match get_user_from_token!(jar, data) {
|
||||
let auth_user = match get_user_from_token!(jar, data, oauth::AppScope::CommunityManage) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ use axum_extra::extract::CookieJar;
|
|||
use tetratto_core::model::{
|
||||
addr::RemoteAddr,
|
||||
communities::{Poll, PollVote, Post},
|
||||
oauth,
|
||||
permissions::FinePermission,
|
||||
uploads::{MediaType, MediaUpload},
|
||||
ApiReturn, Error,
|
||||
|
|
@ -32,7 +33,7 @@ pub async fn create_request(
|
|||
JsonMultipart(images, req): JsonMultipart<CreatePost>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreatePosts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -188,7 +189,7 @@ pub async fn create_repost_request(
|
|||
Json(req): Json<CreateRepost>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreatePosts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -220,7 +221,7 @@ pub async fn delete_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserDeletePosts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -241,7 +242,7 @@ pub async fn purge_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::ModPurgePosts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -266,7 +267,7 @@ pub async fn restore_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::ModDeletePosts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -292,7 +293,7 @@ pub async fn update_content_request(
|
|||
Json(req): Json<UpdatePostContent>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserEditPosts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -314,7 +315,7 @@ pub async fn update_context_request(
|
|||
Json(req): Json<UpdatePostContext>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserEditPosts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -346,7 +347,7 @@ pub async fn vote_request(
|
|||
Json(req): Json<VoteInPoll>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserVote) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -394,7 +395,7 @@ pub async fn update_is_open_request(
|
|||
Json(req): Json<UpdatePostIsOpen>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserEditPosts) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
|
|||
|
|
@ -5,7 +5,9 @@ use axum::{
|
|||
Extension, Json,
|
||||
};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use tetratto_core::model::{addr::RemoteAddr, auth::IpBlock, communities::Question, ApiReturn, Error};
|
||||
use tetratto_core::model::{
|
||||
addr::RemoteAddr, auth::IpBlock, communities::Question, ApiReturn, Error, oauth,
|
||||
};
|
||||
use crate::{get_user_from_token, routes::api::v1::CreateQuestion, State};
|
||||
|
||||
pub async fn create_request(
|
||||
|
|
@ -15,7 +17,7 @@ pub async fn create_request(
|
|||
Json(req): Json<CreateQuestion>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = get_user_from_token!(jar, data);
|
||||
let user = get_user_from_token!(jar, data, oauth::AppScope::UserCreateQuestions);
|
||||
|
||||
if req.is_global && user.is_none() {
|
||||
return Json(Error::NotAllowed.into());
|
||||
|
|
@ -75,7 +77,7 @@ pub async fn delete_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserDeleteQuestions) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
@ -96,7 +98,7 @@ pub async fn ip_block_request(
|
|||
Path(id): Path<usize>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateIpBlock) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
|
|
|||
|
|
@ -46,6 +46,14 @@ pub fn routes() -> Router {
|
|||
"/communities",
|
||||
post(communities::communities::create_request),
|
||||
)
|
||||
.route(
|
||||
"/communities/my/all",
|
||||
post(communities::communities::get_communities_request),
|
||||
)
|
||||
.route(
|
||||
"/communities/{id}",
|
||||
get(communities::communities::get_request),
|
||||
)
|
||||
.route(
|
||||
"/communities/{id}",
|
||||
delete(communities::communities::delete_request),
|
||||
|
|
@ -127,6 +135,12 @@ pub fn routes() -> Router {
|
|||
)
|
||||
// drafts
|
||||
.route("/drafts", post(communities::drafts::create_request))
|
||||
.route("/drafts/my", get(communities::drafts::get_drafts_request))
|
||||
.route(
|
||||
"/drafts/my/all",
|
||||
get(communities::drafts::get_all_drafts_request),
|
||||
)
|
||||
.route("/drafts/{id}", get(communities::drafts::get_request))
|
||||
.route("/drafts/{id}", delete(communities::drafts::delete_request))
|
||||
.route(
|
||||
"/drafts/{id}/content",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue