t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add: request-to-join communities

Browse source 
add: private joined communities setting
add: "void" community
add: ability to delete communities
This commit is contained in:
trisua 2025-04-01 15:03:56 -04:00
parent 3a8af17154
commit d0c1fbcf9a
20 changed files with 669 additions and 122 deletions
Download patch file Download diff file Expand all files Collapse all files

12
Cargo.lock generated
View file

@ -145,6 +145,17 @@ version = "0.7.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50" checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50"
[[package]]
name = "async-recursion"
version = "1.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]] [[package]]
name = "async-trait" name = "async-trait"
version = "0.1.88" version = "0.1.88"
@ -3066,6 +3077,7 @@ dependencies = [
name = "tetratto-core" name = "tetratto-core"
version = "0.1.0" version = "0.1.0"
dependencies = [ dependencies = [
"async-recursion",
"bb8-postgres", "bb8-postgres",
"bitflags 2.9.0", "bitflags 2.9.0",
"pathbufd", "pathbufd",

6
crates/app/src/langs/en-US.toml
View file

@ -16,7 +16,6 @@ version = "1.0.0"
"dialog:action.no" = "No" "dialog:action.no" = "No"
"dialog:action.save_and_close" = "Save and close" "dialog:action.save_and_close" = "Save and close"
"auth:action.login" = "Login" "auth:action.login" = "Login"
"auth:action.register" = "Register" "auth:action.register" = "Register"
"auth:action.logout" = "Logout" "auth:action.logout" = "Logout"
@ -37,17 +36,22 @@ version = "1.0.0"
"communities:label.create_new" = "Create new community" "communities:label.create_new" = "Create new community"
"communities:label.name" = "Name" "communities:label.name" = "Name"
"communities:action.join" = "Join" "communities:action.join" = "Join"
"communities:action.cancel_request" = "Cancel request"
"communities:action.leave" = "Leave" "communities:action.leave" = "Leave"
"communities:action.configure" = "Configure" "communities:action.configure" = "Configure"
"communities:label.create_post" = "Create post" "communities:label.create_post" = "Create post"
"communities:label.content" = "Content" "communities:label.content" = "Content"
"communities:label.posts" = "Posts" "communities:label.posts" = "Posts"
"communities:label.not_allowed_to_read" = "You're not allowed to view this community's posts"
"communities:label.might_need_to_join" = "You might need to join this community in order to interact with it!"
"communities:label.create_reply" = "Create reply" "communities:label.create_reply" = "Create reply"
"communities:label.replies" = "Replies" "communities:label.replies" = "Replies"
"communities:action.continue_thread" = "Continue thread" "communities:action.continue_thread" = "Continue thread"
"communities:tab.members" = "Members" "communities:tab.members" = "Members"
"communities:label.select_member" = "Select member" "communities:label.select_member" = "Select member"
"communities:label.user_id" = "User ID" "communities:label.user_id" = "User ID"
"communities:label.danger_zone" = "Danger zone"
"communities:label.delete_community" = "Delete community"
"notifs:action.mark_as_read" = "Mark as read" "notifs:action.mark_as_read" = "Mark as read"
"notifs:action.mark_as_unread" = "Mark as unread" "notifs:action.mark_as_unread" = "Mark as unread"

1
crates/app/src/public/css/style.css
View file

@ -880,6 +880,7 @@ dialog::backdrop {
.toast { .toast {
box-shadow: 0 0 8px var(--color-shadow); box-shadow: 0 0 8px var(--color-shadow);
width: max-content; width: max-content;
max-width: calc(100dvw - 1rem);
border-radius: var(--radius); border-radius: var(--radius);
padding: 0.75rem 1rem; padding: 0.75rem 1rem;
animation: popin ease-in-out 1 0.15s running; animation: popin ease-in-out 1 0.15s running;

74
crates/app/src/public/html/communities/base.html
View file

@ -20,7 +20,7 @@
{% if community.context.display_name %} {% if community.context.display_name %}
{{ community.context.display_name }} {{ community.context.display_name }}
{% else %} {% else %}
{{ community.username }} {{ community.title }}
{% endif %} {% endif %}
</h3> </h3>
@ -30,7 +30,8 @@
{% if user %} {% if user %}
<div class="card flex" id="join_or_leave"> <div class="card flex" id="join_or_leave">
{% if not is_owner %} {% if not is_joined %} {% if not is_owner %} {% if not is_joined %} {% if not
is_pending %}
<button class="primary" onclick="join_community()"> <button class="primary" onclick="join_community()">
{{ icon "circle-plus" }} {{ icon "circle-plus" }}
<span>{{ text "communities:action.join" }}</span> <span>{{ text "communities:action.join" }}</span>
@ -50,10 +51,55 @@
res.ok ? "success" : "error", res.ok ? "success" : "error",
res.message, res.message,
]); ]);
setTimeout(() => {
window.location.reload();
}, 150);
}); });
}; };
</script> </script>
{% else %} {% else %}
<button
class="quaternary red"
onclick="cancel_request()"
>
{{ icon "x" }}
<span
>{{ text "communities:action.cancel_request"
}}</span
>
</button>
<script>
globalThis.cancel_request = async () => {
if (
!(await trigger("atto::confirm", [
"Are you sure you would like to do this?",
]))
) {
return;
}
fetch(
"/api/v1/communities/{{ community.id }}/memberships/{{ user.id }}",
{
method: "DELETE",
},
)
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
setTimeout(() => {
window.location.reload();
}, 150);
});
};
</script>
{% endif %} {% else %}
<button <button
class="quaternary red" class="quaternary red"
onclick="leave_community()" onclick="leave_community()"
@ -84,6 +130,10 @@
res.ok ? "success" : "error", res.ok ? "success" : "error",
res.message, res.message,
]); ]);
setTimeout(() => {
window.location.reload();
}, 150);
}); });
}; };
</script> </script>
@ -154,7 +204,25 @@
</div> </div>
</div> </div>
<div class="rhs w-full">{% block content %}{% endblock %}</div> <div class="rhs w-full">
{% if can_read %} {% block content %}{% endblock %} {% else %}
<div class="card-nest">
<div class="card small flex items-center gap-2">
{{ icon "frown" }}
<b
>{{ text "communities:label.not_allowed_to_read"
}}</b
>
</div>
<div class="card">
<span>
{{ text "communities:label.might_need_to_join" }}
</span>
</div>
</div>
{% endif %}
</div>
</div> </div>
</div> </div>
</article> </article>

164
crates/app/src/public/html/communities/settings.html
View file

@ -32,16 +32,39 @@
Everybody Everybody
</option> </option>
<option <option
value="Unlisted" value="Joined"
selected="{% if community.read_access == 'Unlisted' %}true{% else %}false{% endif %}" selected="{% if community.read_access == 'Joined' %}true{% else %}false{% endif %}"
> >
Unlisted Joined
</option>
</select>
</div>
</div>
<div class="card-nest" ui_ident="join_access">
<div class="card small">
<b>Join access</b>
</div>
<div class="card">
<select onchange="save_access(event, 'join')">
<option
value="Everybody"
selected="{% if community.join_access == 'Everybody' %}true{% else %}false{% endif %}"
>
Everybody
</option> </option>
<option <option
value="Private" value="Request"
selected="{% if community.read_access == 'Private' %}true{% else %}false{% endif %}" selected="{% if community.join_access == 'Request' %}true{% else %}false{% endif %}"
> >
Private Request
</option>
<option
value="Nobody"
selected="{% if community.join_access == 'Nobody' %}true{% else %}false{% endif %}"
>
Nobody
</option> </option>
</select> </select>
</div> </div>
@ -77,6 +100,20 @@
</div> </div>
</div> </div>
<div class="card-nest" ui_ident="danger_zone">
<div class="card small flex gap-1 items-center red">
{{ icon "skull" }}
<b> {{ text "communities:label.danger_zone" }} </b>
</div>
<div class="card flex flex-wrap gap-2">
<button class="red quaternary" onclick="delete_community()">
{{ icon "trash" }}
<span>{{ text "communities:label.delete_community" }}</span>
</button>
</div>
</div>
<div class="flex gap-2 flex-wrap"> <div class="flex gap-2 flex-wrap">
<button onclick="save_context()"> <button onclick="save_context()">
{{ icon "check" }} {{ icon "check" }}
@ -185,6 +222,11 @@
const element = document.getElementById("membership_info"); const element = document.getElementById("membership_info");
const ui = ns("ui"); const ui = ns("ui");
const uid = new URLSearchParams(window.location.search).get("uid");
if (uid) {
document.getElementById("uid").value = uid;
}
globalThis.ban_user = async (uid) => { globalThis.ban_user = async (uid) => {
if ( if (
!(await trigger("atto::confirm", [ !(await trigger("atto::confirm", [
@ -245,6 +287,57 @@
}); });
}; };
globalThis.update_user_role = async (uid, new_role) => {
if (
!(await trigger("atto::confirm", [
"Are you sure you would like to do this?",
]))
) {
return;
}
fetch(
`/api/v1/communities/{{ community.id }}/memberships/${uid}/role`,
{
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
role: Number.parseInt(new_role),
}),
},
)
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
});
};
globalThis.kick_user = async (uid, new_role) => {
if (
!(await trigger("atto::confirm", [
"Are you sure you would like to do this?",
]))
) {
return;
}
fetch(`/api/v1/communities/{{ community.id }}/memberships/${uid}`, {
method: "DELETE",
})
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
});
};
globalThis.select_user_from_form = (e) => { globalThis.select_user_from_form = (e) => {
e.preventDefault(); e.preventDefault();
fetch( fetch(
@ -261,9 +354,11 @@
return; return;
} }
element.innerHTML = `<div class="flex gap-2" ui_ident="actions"> element.innerHTML = `<div class="flex gap-2 flex-wrap" ui_ident="actions">
<a target="_blank" class="button" href="/api/v1/auth/profile/find/${e.target.uid.value}">Open user profile</a> <a target="_blank" class="button" href="/api/v1/auth/profile/find/${e.target.uid.value}">Open user profile</a>
${res.payload.role !== 33 ? `<button class="red quaternary" onclick="ban_user('${e.target.uid.value}')">Ban</button>` : `<button class="quaternary" onclick="unban_user('${e.target.uid.value}')">Unban</button>`} ${res.payload.role !== 33 ? `<button class="red quaternary" onclick="ban_user('${e.target.uid.value}')">Ban</button>` : `<button class="quaternary" onclick="unban_user('${e.target.uid.value}')">Unban</button>`}
${res.payload.role !== 65 ? `<button class="red quaternary" onclick="update_user_role('${e.target.uid.value}', 65)">Send to review</button>` : `<button class="green quaternary" onclick="update_user_role('${e.target.uid.value}', 5)">Accept join request</button>`}
<button class="red quaternary" onclick="kick_user('${e.target.uid.value}')">Kick</button>
</div>`; </div>`;
ui.refresh_container(element, ["actions"]); ui.refresh_container(element, ["actions"]);
@ -278,34 +373,11 @@
], ],
null, null,
{ {
role: async (new_role) => { role: (new_role) => {
if ( return update_user_role(
!(await trigger("atto::confirm", [ e.target.uid.value,
"Are you sure you would like to do this?", user_role,
])) );
) {
return;
}
fetch(
`/api/v1/communities/{{ community.id }}/memberships/${e.target.uid.value}/role`,
{
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
role: Number.parseInt(new_role),
}),
},
)
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
});
}, },
}, },
); );
@ -400,8 +472,30 @@
}); });
}; };
globalThis.delete_community = async () => {
if (
!(await trigger("atto::confirm", [
"Are you sure you would like to do this? This action is permanent.",
]))
) {
return;
}
fetch(`/api/v1/communities/{{ community.id }}`, {
method: "DELETE",
})
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
});
};
ui.refresh_container(document.getElementById("manage_fields"), [ ui.refresh_container(document.getElementById("manage_fields"), [
"read_access", "read_access",
"join_access",
"write_access", "write_access",
"change_avatar", "change_avatar",
"change_banner", "change_banner",

7
crates/app/src/public/html/profile/base.html
View file

@ -75,7 +75,7 @@
</div> </div>
</div> </div>
{% if not is_self %} {% if not is_self and user %}
<div class="card-nest"> <div class="card-nest">
<div class="card small"> <div class="card small">
<b>{{ text "auth:label.relationship" }}</b> <b>{{ text "auth:label.relationship" }}</b>
@ -157,8 +157,8 @@
</script> </script>
</div> </div>
</div> </div>
{% endif %} {% endif %} {% if not profile.settings.private_communities or
is_self %}
<div class="card-nest"> <div class="card-nest">
<div class="card small flex gap-2 items-center"> <div class="card small flex gap-2 items-center">
{{ icon "users-round" }} {{ icon "users-round" }}
@ -174,6 +174,7 @@
{% endfor %} {% endfor %}
</div> </div>
</div> </div>
{% endif %}
</div> </div>
<div class="rhs w-full">{% block content %}{% endblock %}</div> <div class="rhs w-full">{% block content %}{% endblock %}</div>

13
crates/app/src/public/html/profile/settings.html
View file

@ -378,10 +378,21 @@
profile_settings, profile_settings,
[ [
[ [
["private_profile", "Private profile"], [
"private_profile",
"Only allow users I'm following to view my profile",
],
"{{ user.settings.private_profile }}", "{{ user.settings.private_profile }}",
"checkbox", "checkbox",
], ],
[
[
"private_communities",
"Keep my joined communities private",
],
"{{ user.settings.private_communities }}",
"checkbox",
],
], ],
settings, settings,
); );

59
crates/app/src/routes/api/v1/communities/communities.rs
View file

@ -14,8 +14,9 @@ use tetratto_core::model::{
use crate::{ use crate::{
State, get_user_from_token, State, get_user_from_token,
routes::api::v1::{ routes::api::v1::{
CreateCommunity, UpdateCommunityContext, UpdateCommunityReadAccess, UpdateCommunityTitle, CreateCommunity, UpdateCommunityContext, UpdateCommunityJoinAccess,
UpdateCommunityWriteAccess, UpdateMembershipRole, UpdateCommunityReadAccess, UpdateCommunityTitle, UpdateCommunityWriteAccess,
UpdateMembershipRole,
}, },
}; };
@ -175,6 +176,31 @@ pub async fn update_write_access_request(
} }
} }
pub async fn update_join_access_request(
jar: CookieJar,
Extension(data): Extension<State>,
Path(id): Path<usize>,
Json(req): Json<UpdateCommunityJoinAccess>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
match data
.update_community_join_access(id, user, req.access)
.await
{
Ok(_) => Json(ApiReturn {
ok: true,
message: "Community updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub async fn get_membership( pub async fn get_membership(
jar: CookieJar, jar: CookieJar,
Extension(data): Extension<State>, Extension(data): Extension<State>,
@ -225,9 +251,9 @@ pub async fn create_membership(
)) ))
.await .await
{ {
Ok(_) => Json(ApiReturn { Ok(m) => Json(ApiReturn {
ok: true, ok: true,
message: "Community joined".to_string(), message: m,
payload: (), payload: (),
}), }),
Err(e) => Json(e.into()), Err(e) => Json(e.into()),
@ -329,6 +355,31 @@ pub async fn update_membership_role(
return Json(e.into()); return Json(e.into());
}; };
if let Err(e) = data.incr_community_member_count(community.id).await {
return Json(e.into());
}
} else if req.role.check(CommunityPermission::REQUESTED) {
// user was demoted to a request again
if let Err(e) = data.decr_community_member_count(community.id).await {
return Json(e.into());
}
} else if membership.role.check(CommunityPermission::REQUESTED) {
// user was accepted to community
if let Err(e) = data
.create_notification(Notification::new(
"You have been accepted into a community you requested to join!"
.to_string(),
format!(
"You have been accepted into [{}](/community/{}).",
community.title, community.title
),
membership.owner,
))
.await
{
return Json(e.into());
};
if let Err(e) = data.incr_community_member_count(community.id).await { if let Err(e) = data.incr_community_member_count(community.id).await {
return Json(e.into()); return Json(e.into());
} }

14
crates/app/src/routes/api/v1/mod.rs
View file

@ -10,7 +10,10 @@ use axum::{
}; };
use serde::Deserialize; use serde::Deserialize;
use tetratto_core::model::{ use tetratto_core::model::{
communities::{CommunityContext, CommunityReadAccess, CommunityWriteAccess, PostContext}, communities::{
CommunityContext, CommunityJoinAccess, CommunityReadAccess, CommunityWriteAccess,
PostContext,
},
communities_permissions::CommunityPermission, communities_permissions::CommunityPermission,
reactions::AssetType, reactions::AssetType,
}; };
@ -53,6 +56,10 @@ pub fn routes() -> Router {
"/communities/{id}/access/write", "/communities/{id}/access/write",
post(communities::communities::update_write_access_request), post(communities::communities::update_write_access_request),
) )
.route(
"/communities/{id}/access/join",
post(communities::communities::update_join_access_request),
)
.route( .route(
"/communities/{id}/upload/avatar", "/communities/{id}/upload/avatar",
post(communities::images::upload_avatar_request), post(communities::images::upload_avatar_request),
@ -194,6 +201,11 @@ pub struct UpdateCommunityWriteAccess {
pub access: CommunityWriteAccess, pub access: CommunityWriteAccess,
} }
#[derive(Deserialize)]
pub struct UpdateCommunityJoinAccess {
pub access: CommunityJoinAccess,
}
#[derive(Deserialize)] #[derive(Deserialize)]
pub struct CreatePost { pub struct CreatePost {
pub content: String, pub content: String,

115
crates/app/src/routes/pages/communities.rs
View file

@ -11,26 +11,12 @@ use tetratto_core::model::{
Error, Error,
auth::User, auth::User,
communities::{Community, CommunityReadAccess}, communities::{Community, CommunityReadAccess},
communities_permissions::CommunityPermission,
}; };
macro_rules! check_permissions { macro_rules! check_permissions {
($community:ident, $jar:ident, $data:ident, $user:ident) => { ($community:ident, $jar:ident, $data:ident, $user:ident) => {{
match $community.read_access { let mut is_member: bool = false;
CommunityReadAccess::Private => {
if let Some(ref ua) = $user {
if ua.id != $community.owner {
return Err(Html(
render_error(Error::NotAllowed, &$jar, &$data, &$user).await,
));
}
} else {
return Err(Html(
render_error(Error::NotAllowed, &$jar, &$data, &$user).await,
));
}
}
_ => (),
};
if let Some(ref ua) = $user { if let Some(ref ua) = $user {
if let Ok(membership) = $data if let Ok(membership) = $data
@ -42,30 +28,54 @@ macro_rules! check_permissions {
return Err(Html( return Err(Html(
render_error(Error::NotAllowed, &$jar, &$data, &$user).await, render_error(Error::NotAllowed, &$jar, &$data, &$user).await,
)); ));
} else if membership.role.check_member() {
is_member = true;
} }
} }
} }
};
match $community.read_access {
CommunityReadAccess::Joined => {
if !is_member {
false
} else {
true
}
}
_ => true,
}
}};
} }
macro_rules! community_context_bools { macro_rules! community_context_bools {
($data:ident, $user:ident, $community:ident) => {{ ($data:ident, $user:ident, $community:ident) => {{
let membership = if let Some(ref ua) = $user {
match $data
.0
.get_membership_by_owner_community(ua.id, $community.id)
.await
{
Ok(m) => Some(m),
Err(_) => None,
}
} else {
None
};
let is_owner = if let Some(ref ua) = $user { let is_owner = if let Some(ref ua) = $user {
ua.id == $community.owner ua.id == $community.owner
} else { } else {
false false
}; };
let is_joined = if let Some(ref ua) = $user { let is_joined = if let Some(ref membership) = membership {
if let Ok(membership) = $data membership.role.check_member()
.0 } else {
.get_membership_by_owner_community(ua.id, $community.id) false
.await };
{
membership.role.check_member() let is_pending = if let Some(ref membership) = membership {
} else { membership.role.check(CommunityPermission::REQUESTED)
false
}
} else { } else {
false false
}; };
@ -76,7 +86,7 @@ macro_rules! community_context_bools {
false false
}; };
(is_owner, is_joined, can_post) (is_owner, is_joined, is_pending, can_post)
}}; }};
} }
@ -120,12 +130,16 @@ pub fn community_context(
community: &Community, community: &Community,
is_owner: bool, is_owner: bool,
is_joined: bool, is_joined: bool,
is_pending: bool,
can_post: bool, can_post: bool,
can_read: bool,
) { ) {
context.insert("community", &community); context.insert("community", &community);
context.insert("is_owner", &is_owner); context.insert("is_owner", &is_owner);
context.insert("is_joined", &is_joined); context.insert("is_joined", &is_joined);
context.insert("is_pending", &is_pending);
context.insert("can_post", &can_post); context.insert("can_post", &can_post);
context.insert("can_read", &can_read);
} }
/// `/community/{title}` /// `/community/{title}`
@ -143,8 +157,21 @@ pub async fn feed_request(
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)), Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
}; };
if community.id == 0 {
// don't show page for void community
return Err(Html(
render_error(
Error::GeneralNotFound("community".to_string()),
&jar,
&data,
&user,
)
.await,
));
}
// check permissions // check permissions
check_permissions!(community, jar, data, user); let can_read = check_permissions!(community, jar, data, user);
// ... // ...
let feed = match data let feed = match data
@ -163,10 +190,19 @@ pub async fn feed_request(
let lang = get_lang!(jar, data.0); let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &user).await; let mut context = initial_context(&data.0.0, lang, &user).await;
let (is_owner, is_joined, can_post) = community_context_bools!(data, user, community); let (is_owner, is_joined, is_pending, can_post) =
community_context_bools!(data, user, community);
context.insert("feed", &feed); context.insert("feed", &feed);
community_context(&mut context, &community, is_owner, is_joined, can_post); community_context(
&mut context,
&community,
is_owner,
is_joined,
is_pending,
can_post,
can_read,
);
// return // return
Ok(Html( Ok(Html(
@ -242,7 +278,7 @@ pub async fn post_request(
}; };
// check permissions // check permissions
check_permissions!(community, jar, data, user); let can_read = check_permissions!(community, jar, data, user);
// ... // ...
let feed = match data.0.get_post_comments(post.id, 12, props.page).await { let feed = match data.0.get_post_comments(post.id, 12, props.page).await {
@ -257,7 +293,8 @@ pub async fn post_request(
let lang = get_lang!(jar, data.0); let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &user).await; let mut context = initial_context(&data.0.0, lang, &user).await;
let (is_owner, is_joined, can_post) = community_context_bools!(data, user, community); let (is_owner, is_joined, is_pending, can_post) =
community_context_bools!(data, user, community);
context.insert("post", &post); context.insert("post", &post);
context.insert("replies", &feed); context.insert("replies", &feed);
@ -269,7 +306,15 @@ pub async fn post_request(
.await .await
.unwrap_or(User::deleted()), .unwrap_or(User::deleted()),
); );
community_context(&mut context, &community, is_owner, is_joined, can_post); community_context(
&mut context,
&community,
is_owner,
is_joined,
is_pending,
can_post,
can_read,
);
// return // return
Ok(Html( Ok(Html(

1
crates/core/Cargo.toml
View file

@ -24,3 +24,4 @@ rusqlite = { version = "0.34.0", optional = true }
tokio-postgres = { version = "0.7.13", optional = true } tokio-postgres = { version = "0.7.13", optional = true }
bb8-postgres = { version = "0.9.0", optional = true } bb8-postgres = { version = "0.9.0", optional = true }
bitflags = "2.9.0" bitflags = "2.9.0"
async-recursion = "1.1.1"

3
crates/core/src/config.rs
View file

@ -145,7 +145,7 @@ pub struct Config {
/// version built with the server binary. /// version built with the server binary.
#[serde(default = "default_no_track")] #[serde(default = "default_no_track")]
pub no_track: Vec<String>, pub no_track: Vec<String>,
/// A list of usernames which cannot be used. /// A list of usernames which cannot be used. This also includes community names.
#[serde(default = "default_banned_usernames")] #[serde(default = "default_banned_usernames")]
pub banned_usernames: Vec<String>, pub banned_usernames: Vec<String>,
} }
@ -195,6 +195,7 @@ fn default_banned_usernames() -> Vec<String> {
"notifs".to_string(), "notifs".to_string(),
"notification".to_string(), "notification".to_string(),
"post".to_string(), "post".to_string(),
"void".to_string(),
] ]
} }

199
crates/core/src/database/communities.rs
View file

@ -1,6 +1,6 @@
use super::*; use super::*;
use crate::cache::Cache; use crate::cache::Cache;
use crate::model::communities::{CommunityContext, CommunityMembership}; use crate::model::communities::{CommunityContext, CommunityJoinAccess, CommunityMembership};
use crate::model::communities_permissions::CommunityPermission; use crate::model::communities_permissions::CommunityPermission;
use crate::model::{ use crate::model::{
Error, Result, Error, Result,
@ -10,6 +10,8 @@ use crate::model::{
permissions::FinePermission, permissions::FinePermission,
}; };
use crate::{auto_method, execute, get, query_row}; use crate::{auto_method, execute, get, query_row};
use pathbufd::PathBufD;
use std::fs::{exists, remove_file};
#[cfg(feature = "sqlite")] #[cfg(feature = "sqlite")]
use rusqlite::Row; use rusqlite::Row;
@ -31,16 +33,91 @@ impl DataManager {
owner: get!(x->4(isize)) as usize, owner: get!(x->4(isize)) as usize,
read_access: serde_json::from_str(&get!(x->5(String))).unwrap(), read_access: serde_json::from_str(&get!(x->5(String))).unwrap(),
write_access: serde_json::from_str(&get!(x->6(String))).unwrap(), write_access: serde_json::from_str(&get!(x->6(String))).unwrap(),
join_access: serde_json::from_str(&get!(x->7(String))).unwrap(),
// likes // likes
likes: get!(x->7(isize)) as isize, likes: get!(x->8(isize)) as isize,
dislikes: get!(x->8(isize)) as isize, dislikes: get!(x->9(isize)) as isize,
// counts // counts
member_count: get!(x->9(isize)) as usize, member_count: get!(x->10(isize)) as usize,
} }
} }
auto_method!(get_community_by_id()@get_community_from_row -> "SELECT * FROM communities WHERE id = $1" --name="community" --returns=Community --cache-key-tmpl="atto.community:{}"); pub async fn get_community_by_id(&self, id: usize) -> Result<Community> {
auto_method!(get_community_by_title(&str)@get_community_from_row -> "SELECT * FROM communities WHERE title = $1" --name="community" --returns=Community --cache-key-tmpl="atto.community:{}"); if id == 0 {
return Ok(Community::void());
}
if let Some(cached) = self.2.get(format!("atto.community:{}", id)).await {
return Ok(serde_json::from_str(&cached).unwrap());
}
let conn = match self.connect().await {
Ok(c) => c,
Err(e) => return Err(Error::DatabaseConnection(e.to_string())),
};
let res = query_row!(
&conn,
"SELECT * FROM communities WHERE id = $1",
&[&(id as isize)],
|x| { Ok(Self::get_community_from_row(x)) }
);
if res.is_err() {
return Ok(Community::void());
// return Err(Error::GeneralNotFound("community".to_string()));
}
let x = res.unwrap();
self.2
.set(
format!("atto.community:{}", id),
serde_json::to_string(&x).unwrap(),
)
.await;
Ok(x)
}
pub async fn get_community_by_title(&self, id: &str) -> Result<Community> {
if id == "void" {
return Ok(Community::void());
}
if let Some(cached) = self.2.get(format!("atto.community:{}", id)).await {
return Ok(serde_json::from_str(&cached).unwrap());
}
let conn = match self.connect().await {
Ok(c) => c,
Err(e) => return Err(Error::DatabaseConnection(e.to_string())),
};
let res = query_row!(
&conn,
"SELECT * FROM communities WHERE title = $1",
&[id],
|x| { Ok(Self::get_community_from_row(x)) }
);
if res.is_err() {
return Ok(Community::void());
// return Err(Error::GeneralNotFound("community".to_string()));
}
let x = res.unwrap();
self.2
.set(
format!("atto.community:{}", id),
serde_json::to_string(&x).unwrap(),
)
.await;
Ok(x)
}
auto_method!(get_community_by_id_no_void()@get_community_from_row -> "SELECT * FROM communities WHERE id = $1" --name="community" --returns=Community --cache-key-tmpl="atto.community:{}");
auto_method!(get_community_by_title_no_void(&str)@get_community_from_row -> "SELECT * FROM communities WHERE title = $1" --name="community" --returns=Community --cache-key-tmpl="atto.community:{}");
/// Create a new community in the database. /// Create a new community in the database.
/// ///
@ -60,9 +137,30 @@ impl DataManager {
)); ));
} }
if self.0.banned_usernames.contains(&data.title) {
return Err(Error::MiscError("This title cannot be used".to_string()));
}
// check number of communities
let memberships = self.get_memberships_by_owner(data.owner).await?;
let mut admin_count = 0; // you can not make anymore communities if you are already admin of at least 5
for membership in memberships {
if membership.role.check(CommunityPermission::ADMINISTRATOR) {
admin_count += 1;
}
}
if admin_count >= 5 {
return Err(Error::MiscError(
"You are already owner/co-owner of too many communities to create another"
.to_string(),
));
}
// make sure community doesn't already exist with title // make sure community doesn't already exist with title
if self if self
.get_community_by_title(&data.title.to_lowercase()) .get_community_by_title_no_void(&data.title.to_lowercase())
.await .await
.is_ok() .is_ok()
{ {
@ -77,7 +175,7 @@ impl DataManager {
let res = execute!( let res = execute!(
&conn, &conn,
"INSERT INTO communities VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)", "INSERT INTO communities VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11)",
&[ &[
&data.id.to_string().as_str(), &data.id.to_string().as_str(),
&data.created.to_string().as_str(), &data.created.to_string().as_str(),
@ -86,6 +184,7 @@ impl DataManager {
&data.owner.to_string().as_str(), &data.owner.to_string().as_str(),
&serde_json::to_string(&data.read_access).unwrap().as_str(), &serde_json::to_string(&data.read_access).unwrap().as_str(),
&serde_json::to_string(&data.write_access).unwrap().as_str(), &serde_json::to_string(&data.write_access).unwrap().as_str(),
&serde_json::to_string(&data.join_access).unwrap().as_str(),
&0.to_string().as_str(), &0.to_string().as_str(),
&0.to_string().as_str(), &0.to_string().as_str(),
&0.to_string().as_str() &0.to_string().as_str()
@ -118,17 +217,79 @@ impl DataManager {
.await; .await;
} }
auto_method!(delete_community()@get_community_by_id:MANAGE_COMMUNITIES -> "DELETE communities pages WHERE id = $1" --cache-key-tmpl=cache_clear_community); pub async fn delete_community(&self, id: usize, user: User) -> Result<()> {
auto_method!(update_community_title(String)@get_community_by_id:MANAGE_COMMUNITIES -> "UPDATE communities SET title = $1 WHERE id = $2" --cache-key-tmpl=cache_clear_community); let y = self.get_community_by_id(id).await?;
auto_method!(update_community_context(CommunityContext)@get_community_by_id:MANAGE_COMMUNITIES -> "UPDATE communities SET context = $1 WHERE id = $2" --serde --cache-key-tmpl=cache_clear_community);
auto_method!(update_community_read_access(CommunityReadAccess)@get_community_by_id:MANAGE_COMMUNITIES -> "UPDATE communities SET read_access = $1 WHERE id = $2" --serde --cache-key-tmpl=cache_clear_community);
auto_method!(update_community_write_access(CommunityWriteAccess)@get_community_by_id:MANAGE_COMMUNITIES -> "UPDATE communities SET write_access = $1 WHERE id = $2" --serde --cache-key-tmpl=cache_clear_community);
auto_method!(incr_community_likes()@get_community_by_id -> "UPDATE communities SET likes = likes + 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --incr); if user.id != y.owner {
auto_method!(incr_community_dislikes()@get_community_by_id -> "UPDATE communities SET dislikes = dislikes + 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --incr); if !user.permissions.check(FinePermission::MANAGE_COMMUNITIES) {
auto_method!(decr_community_likes()@get_community_by_id -> "UPDATE communities SET likes = likes - 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --decr); return Err(Error::NotAllowed);
auto_method!(decr_community_dislikes()@get_community_by_id -> "UPDATE communities SET dislikes = dislikes - 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --decr); }
}
auto_method!(incr_community_member_count()@get_community_by_id -> "UPDATE communities SET member_count = member_count + 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --incr); let conn = match self.connect().await {
auto_method!(decr_community_member_count()@get_community_by_id -> "UPDATE communities SET member_count = member_count - 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --decr); Ok(c) => c,
Err(e) => return Err(Error::DatabaseConnection(e.to_string())),
};
let res = execute!(
&conn,
"DELETE FROM communities WHERE id = $1",
&[&id.to_string()]
);
if let Err(e) = res {
return Err(Error::DatabaseError(e.to_string()));
}
self.cache_clear_community(&y).await;
// remove memberships
let res = execute!(
&conn,
"DELETE FROM memberships WHERE community = $1",
&[&id.to_string()]
);
if let Err(e) = res {
return Err(Error::DatabaseError(e.to_string()));
}
// remove images
let avatar = PathBufD::current().extend(&[
self.0.dirs.media.as_str(),
"community_avatars",
&format!("{}.avif", &y.id),
]);
let banner = PathBufD::current().extend(&[
self.0.dirs.media.as_str(),
"community_banners",
&format!("{}.avif", &y.id),
]);
if exists(&avatar).unwrap() {
remove_file(avatar).unwrap();
}
if exists(&banner).unwrap() {
remove_file(banner).unwrap();
}
// ...
Ok(())
}
auto_method!(update_community_title(String)@get_community_by_id_no_void:MANAGE_COMMUNITIES -> "UPDATE communities SET title = $1 WHERE id = $2" --cache-key-tmpl=cache_clear_community);
auto_method!(update_community_context(CommunityContext)@get_community_by_id_no_void:MANAGE_COMMUNITIES -> "UPDATE communities SET context = $1 WHERE id = $2" --serde --cache-key-tmpl=cache_clear_community);
auto_method!(update_community_read_access(CommunityReadAccess)@get_community_by_id_no_void:MANAGE_COMMUNITIES -> "UPDATE communities SET read_access = $1 WHERE id = $2" --serde --cache-key-tmpl=cache_clear_community);
auto_method!(update_community_write_access(CommunityWriteAccess)@get_community_by_id_no_void:MANAGE_COMMUNITIES -> "UPDATE communities SET write_access = $1 WHERE id = $2" --serde --cache-key-tmpl=cache_clear_community);
auto_method!(update_community_join_access(CommunityJoinAccess)@get_community_by_id_no_void:MANAGE_COMMUNITIES -> "UPDATE communities SET join_access = $1 WHERE id = $2" --serde --cache-key-tmpl=cache_clear_community);
auto_method!(incr_community_likes()@get_community_by_id_no_void -> "UPDATE communities SET likes = likes + 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --incr);
auto_method!(incr_community_dislikes()@get_community_by_id_no_void -> "UPDATE communities SET dislikes = dislikes + 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --incr);
auto_method!(decr_community_likes()@get_community_by_id_no_void -> "UPDATE communities SET likes = likes - 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --decr);
auto_method!(decr_community_dislikes()@get_community_by_id_no_void -> "UPDATE communities SET dislikes = dislikes - 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --decr);
auto_method!(incr_community_member_count()@get_community_by_id_no_void -> "UPDATE communities SET member_count = member_count + 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --incr);
auto_method!(decr_community_member_count()@get_community_by_id_no_void -> "UPDATE communities SET member_count = member_count - 1 WHERE id = $1" --cache-key-tmpl=cache_clear_community --decr);
} }

1
crates/core/src/database/drivers/sql/create_communities.sql
View file

@ -6,6 +6,7 @@ CREATE TABLE IF NOT EXISTS communities (
owner INTEGER NOT NULL, owner INTEGER NOT NULL,
read_access TEXT NOT NULL, read_access TEXT NOT NULL,
write_access TEXT NOT NULL, write_access TEXT NOT NULL,
join_access TEXT NOT NULL,
-- likes -- likes
likes INTEGER NOT NULL, likes INTEGER NOT NULL,
dislikes INTEGER NOT NULL, dislikes INTEGER NOT NULL,

62
crates/core/src/database/memberships.rs
View file

@ -1,9 +1,13 @@
use super::*; use super::*;
use crate::cache::Cache; use crate::cache::Cache;
use crate::model::auth::Notification;
use crate::model::communities::Community; use crate::model::communities::Community;
use crate::model::{ use crate::model::{
Error, Result, auth::User, communities::CommunityMembership, Error, Result,
communities_permissions::CommunityPermission, permissions::FinePermission, auth::User,
communities::{CommunityJoinAccess, CommunityMembership},
communities_permissions::CommunityPermission,
permissions::FinePermission,
}; };
use crate::{auto_method, execute, get, query_row, query_rows}; use crate::{auto_method, execute, get, query_row, query_rows};
@ -73,7 +77,8 @@ impl DataManager {
let res = query_rows!( let res = query_rows!(
&conn, &conn,
"SELECT * FROM memberships WHERE owner = $1 AND role IS NOT 33", // 33 = banned, 65 = pending membership
"SELECT * FROM memberships WHERE owner = $1 AND role IS NOT 33 AND role IS NOT 65 ORDER BY created DESC",
&[&(owner as isize)], &[&(owner as isize)],
|x| { Self::get_membership_from_row(x) } |x| { Self::get_membership_from_row(x) }
); );
@ -89,7 +94,8 @@ impl DataManager {
/// ///
/// # Arguments /// # Arguments
/// * `data` - a mock [`CommunityMembership`] object to insert /// * `data` - a mock [`CommunityMembership`] object to insert
pub async fn create_membership(&self, data: CommunityMembership) -> Result<()> { #[async_recursion::async_recursion]
pub async fn create_membership(&self, data: CommunityMembership) -> Result<String> {
// make sure membership doesn't already exist // make sure membership doesn't already exist
if self if self
.get_membership_by_owner_community(data.owner, data.community) .get_membership_by_owner_community(data.owner, data.community)
@ -99,6 +105,34 @@ impl DataManager {
return Err(Error::MiscError("Already joined community".to_string())); return Err(Error::MiscError("Already joined community".to_string()));
} }
// check permission
let community = self.get_community_by_id(data.community).await?;
match community.join_access {
CommunityJoinAccess::Nobody => return Err(Error::NotAllowed),
CommunityJoinAccess::Request => {
if !data.role.check(CommunityPermission::REQUESTED) {
let mut data = data.clone();
data.role = CommunityPermission::DEFAULT | CommunityPermission::REQUESTED;
// send notification to the owner
self.create_notification(Notification::new(
"You've received a community join request!".to_string(),
format!(
"[Somebody](/api/v1/auth/profile/find/{}) is asking to join your [community](/community/{}).\n\n[Click here to review their request](/community/{}/manage?uid={}#/members).",
data.owner, data.community, data.community, data.owner
),
community.owner,
))
.await?;
// ...
return self.create_membership(data).await;
}
}
_ => (),
}
// ... // ...
let conn = match self.connect().await { let conn = match self.connect().await {
Ok(c) => c, Ok(c) => c,
@ -121,11 +155,18 @@ impl DataManager {
return Err(Error::DatabaseError(e.to_string())); return Err(Error::DatabaseError(e.to_string()));
} }
self.incr_community_member_count(data.community) if !data.role.check(CommunityPermission::REQUESTED) {
.await // users who are just a requesting to join do not count towards the member count
.unwrap(); self.incr_community_member_count(data.community)
.await
.unwrap();
}
Ok(()) Ok(if data.role.check(CommunityPermission::REQUESTED) {
"Join request sent".to_string()
} else {
"Community joined".to_string()
})
} }
/// Delete a membership given its `id` /// Delete a membership given its `id`
@ -134,7 +175,10 @@ impl DataManager {
if user.id != y.owner { if user.id != y.owner {
// pull other user's membership status // pull other user's membership status
if let Ok(z) = self.get_membership_by_id(user.id).await { if let Ok(z) = self
.get_membership_by_owner_community(user.id, y.community)
.await
{
// somebody with MANAGE_ROLES _and_ a higher role number can remove us // somebody with MANAGE_ROLES _and_ a higher role number can remove us
if (!z.role.check(CommunityPermission::MANAGE_ROLES) | (z.role < y.role)) if (!z.role.check(CommunityPermission::MANAGE_ROLES) | (z.role < y.role))
&& !z.role.check(CommunityPermission::ADMINISTRATOR) && !z.role.check(CommunityPermission::ADMINISTRATOR)

2
crates/core/src/database/notifications.rs
View file

@ -36,7 +36,7 @@ impl DataManager {
let res = query_rows!( let res = query_rows!(
&conn, &conn,
"SELECT * FROM notifications WHERE owner = $1", "SELECT * FROM notifications WHERE owner = $1 ORDER BY created DESC",
&[&(owner as isize)], &[&(owner as isize)],
|x| { Self::get_notification_from_row(x) } |x| { Self::get_notification_from_row(x) }
); );

2
crates/core/src/database/reactions.rs
View file

@ -96,7 +96,7 @@ impl DataManager {
} { } {
return Err(e); return Err(e);
} else if data.is_like { } else if data.is_like {
let community = self.get_community_by_id(data.asset).await.unwrap(); let community = self.get_community_by_id_no_void(data.asset).await.unwrap();
if community.owner != user.id { if community.owner != user.id {
if let Err(e) = self if let Err(e) = self

3
crates/core/src/model/auth.rs
View file

@ -33,6 +33,8 @@ pub struct UserSettings {
pub biography: String, pub biography: String,
#[serde(default)] #[serde(default)]
pub private_profile: bool, pub private_profile: bool,
#[serde(default)]
pub private_communities: bool,
} }
impl Default for UserSettings { impl Default for UserSettings {
@ -41,6 +43,7 @@ impl Default for UserSettings {
display_name: String::new(), display_name: String::new(),
biography: String::new(), biography: String::new(),
private_profile: false, private_profile: false,
private_communities: false,
} }
} }
} }

52
crates/core/src/model/communities.rs
View file

@ -11,13 +11,15 @@ pub struct Community {
pub context: CommunityContext, pub context: CommunityContext,
/// The ID of the owner of the community. /// The ID of the owner of the community.
pub owner: usize, pub owner: usize,
/// Who can read the community page. /// Who can read the community.
pub read_access: CommunityReadAccess, pub read_access: CommunityReadAccess,
/// Who can write to the community page (create posts belonging to it). /// Who can write to the community (create posts belonging to it).
/// ///
/// The owner of the community page (and moderators) are the ***only*** people /// The owner of the community (and moderators) are the ***only*** people
/// capable of removing posts. /// capable of removing posts.
pub write_access: CommunityWriteAccess, pub write_access: CommunityWriteAccess,
/// Who can join the community.
pub join_access: CommunityJoinAccess,
// likes // likes
pub likes: isize, pub likes: isize,
pub dislikes: isize, pub dislikes: isize,
@ -42,6 +44,25 @@ impl Community {
owner, owner,
read_access: CommunityReadAccess::default(), read_access: CommunityReadAccess::default(),
write_access: CommunityWriteAccess::default(), write_access: CommunityWriteAccess::default(),
join_access: CommunityJoinAccess::default(),
likes: 0,
dislikes: 0,
member_count: 0,
}
}
/// Create the "void" community. This is where all posts with a deleted community
/// resolve to.
pub fn void() -> Self {
Self {
id: 0,
created: 0,
title: "void".to_string(),
context: CommunityContext::default(),
owner: 0,
read_access: CommunityReadAccess::Joined,
write_access: CommunityWriteAccess::Owner,
join_access: CommunityJoinAccess::Nobody,
likes: 0, likes: 0,
dislikes: 0, dislikes: 0,
member_count: 0, member_count: 0,
@ -69,10 +90,8 @@ impl Default for CommunityContext {
pub enum CommunityReadAccess { pub enum CommunityReadAccess {
/// Everybody can view the community. /// Everybody can view the community.
Everybody, Everybody,
/// Only people with the link to the community. /// Only people in the community can view the community.
Unlisted, Joined,
/// Only the owner of the community.
Private,
} }
impl Default for CommunityReadAccess { impl Default for CommunityReadAccess {
@ -100,7 +119,24 @@ impl Default for CommunityWriteAccess {
} }
} }
#[derive(Serialize, Deserialize)] /// Who can join a [`Community`].
#[derive(Serialize, Deserialize, PartialEq, Eq)]
pub enum CommunityJoinAccess {
/// Joins are closed. Nobody can join the community.
Nobody,
/// All authenticated users can join the community.
Everybody,
/// People must send a request to join.
Request,
}
impl Default for CommunityJoinAccess {
fn default() -> Self {
Self::Everybody
}
}
#[derive(Clone, Serialize, Deserialize)]
pub struct CommunityMembership { pub struct CommunityMembership {
pub id: usize, pub id: usize,
pub created: usize, pub created: usize,

1
crates/core/src/model/communities_permissions.rs
View file

@ -14,6 +14,7 @@ bitflags! {
const MANAGE_POSTS = 1 << 3; const MANAGE_POSTS = 1 << 3;
const MANAGE_ROLES = 1 << 4; const MANAGE_ROLES = 1 << 4;
const BANNED = 1 << 5; const BANNED = 1 << 5;
const REQUESTED = 1 << 6;
const _ = !0; const _ = !0;
} }