t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add: audit log, reports

Browse source 
add: theme preference setting
This commit is contained in:
trisua 2025-04-02 11:39:51 -04:00
parent b2df2739a7
commit d3d0c41334
38 changed files with 925 additions and 169 deletions
Download patch file Download diff file Expand all files Collapse all files

4
crates/app/src/routes/api/v1/auth/ipbans.rs
View file

@ -37,7 +37,7 @@ pub async fn create_request(
/// Delete the given IP ban.
pub async fn delete_request(
jar: CookieJar,
Path(id): Path<usize>,
Path(ip): Path<String>,
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
@ -50,7 +50,7 @@ pub async fn delete_request(
return Json(Error::NotAllowed.into());
}
match data.delete_ipban(id, user).await {
match data.delete_ipban(&ip, user).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "IP ban deleted".to_string(),

27
crates/app/src/routes/api/v1/auth/profile.rs
View file

@ -1,7 +1,9 @@
use crate::{
State, get_user_from_token,
model::{ApiReturn, Error},
routes::api::v1::{DeleteUser, UpdateUserIsVerified, UpdateUserPassword, UpdateUserUsername},
routes::api::v1::{
DeleteUser, UpdateUserIsVerified, UpdateUserPassword, UpdateUserRole, UpdateUserUsername,
},
};
use axum::{
Extension, Json,
@ -171,6 +173,29 @@ pub async fn update_user_is_verified_request(
}
}
/// Update the role of the given user.
pub async fn update_user_role_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
Json(req): Json<UpdateUserRole>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
match data.update_user_role(id, req.role, user).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "User updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
/// Delete the given user.
pub async fn delete_user_request(
jar: CookieJar,

21
crates/app/src/routes/api/v1/mod.rs
View file

@ -2,6 +2,7 @@ pub mod auth;
pub mod communities;
pub mod notifications;
pub mod reactions;
pub mod reports;
pub mod util;
use axum::{
@ -15,6 +16,7 @@ use tetratto_core::model::{
PostContext,
},
communities_permissions::CommunityPermission,
permissions::FinePermission,
reactions::AssetType,
};
@ -121,6 +123,10 @@ pub fn routes() -> Router {
"/auth/profile/{id}/settings",
post(auth::profile::update_user_settings_request),
)
.route(
"/auth/profile/{id}/role",
post(auth::profile::update_user_role_request),
)
.route(
"/auth/profile/{id}",
delete(auth::profile::delete_user_request),
@ -175,6 +181,9 @@ pub fn routes() -> Router {
// ipbans
.route("/bans/{ip}", post(auth::ipbans::create_request))
.route("/bans/id/{id}", delete(auth::ipbans::delete_request))
// reports
.route("/reports", post(reports::create_request))
.route("/reports/{id}", delete(reports::delete_request))
}
#[derive(Deserialize)]
@ -238,6 +247,13 @@ pub struct CreateReaction {
pub is_like: bool,
}
#[derive(Deserialize)]
pub struct CreateReport {
pub content: String,
pub asset: String,
pub asset_type: AssetType,
}
#[derive(Deserialize)]
pub struct UpdateUserPassword {
pub from: String,
@ -264,6 +280,11 @@ pub struct UpdateMembershipRole {
pub role: CommunityPermission,
}
#[derive(Deserialize)]
pub struct UpdateUserRole {
pub role: FinePermission,
}
#[derive(Deserialize)]
pub struct DeleteUser {
pub password: String,

6
crates/app/src/routes/api/v1/notifications.rs
View file

@ -1,11 +1,9 @@
use super::UpdateNotificationRead;
use crate::{State, get_user_from_token};
use axum::{Extension, Json, extract::Path, response::IntoResponse};
use axum_extra::extract::CookieJar;
use tetratto_core::model::{ApiReturn, Error};
use crate::{State, get_user_from_token};
use super::UpdateNotificationRead;
pub async fn delete_request(
jar: CookieJar,
Extension(data): Extension<State>,

3
crates/app/src/routes/api/v1/reactions.rs
View file

@ -1,9 +1,8 @@
use crate::{State, get_user_from_token, routes::api::v1::CreateReaction};
use axum::{Extension, Json, extract::Path, response::IntoResponse};
use axum_extra::extract::CookieJar;
use tetratto_core::model::{ApiReturn, Error, reactions::Reaction};
use crate::{State, get_user_from_token, routes::api::v1::CreateReaction};
pub async fn get_request(
jar: CookieJar,
Extension(data): Extension<State>,

55
crates/app/src/routes/api/v1/reports.rs Normal file
View file

@ -0,0 +1,55 @@
use super::CreateReport;
use crate::{State, get_user_from_token};
use axum::{Extension, Json, extract::Path, response::IntoResponse};
use axum_extra::extract::CookieJar;
use tetratto_core::model::{ApiReturn, Error, moderation::Report};
pub async fn create_request(
jar: CookieJar,
Extension(data): Extension<State>,
Json(req): Json<CreateReport>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let asset_id = match req.asset.parse::<usize>() {
Ok(n) => n,
Err(e) => return Json(Error::MiscError(e.to_string()).into()),
};
match data
.create_report(Report::new(user.id, req.content, asset_id, req.asset_type))
.await
{
Ok(_) => Json(ApiReturn {
ok: true,
message: "Report created".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub async fn delete_request(
jar: CookieJar,
Extension(data): Extension<State>,
Path(id): Path<usize>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
match data.delete_report(id, user).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Report deleted".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}

8
crates/app/src/routes/pages/mod.rs
View file

@ -1,6 +1,7 @@
pub mod auth;
pub mod communities;
pub mod misc;
pub mod mod_panel;
pub mod profile;
use axum::{Router, routing::get};
@ -20,6 +21,13 @@ pub fn routes() -> Router {
.route("/popular", get(misc::popular_request))
.route("/notifs", get(misc::notifications_request))
.fallback_service(get(misc::not_found))
// mod
.route("/mod_panel/audit_log", get(mod_panel::audit_log_request))
.route("/mod_panel/reports", get(mod_panel::reports_request))
.route(
"/mod_panel/file_report",
get(mod_panel::file_report_request),
)
// auth
.route("/auth/register", get(auth::register_request))
.route("/auth/login", get(auth::login_request))

115
crates/app/src/routes/pages/mod_panel.rs Normal file
View file

@ -0,0 +1,115 @@
use super::{PaginatedQuery, render_error};
use crate::{State, assets::initial_context, get_lang, get_user_from_token};
use axum::{
Extension,
extract::Query,
response::{Html, IntoResponse},
};
use axum_extra::extract::CookieJar;
use serde::Deserialize;
use tetratto_core::model::{Error, permissions::FinePermission, reactions::AssetType};
/// `/mod_panel/audit_log`
pub async fn audit_log_request(
jar: CookieJar,
Extension(data): Extension<State>,
Query(req): Query<PaginatedQuery>,
) -> impl IntoResponse {
let data = data.read().await;
let user = match get_user_from_token!(jar, data.0) {
Some(ua) => ua,
None => {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &None).await,
));
}
};
if !user.permissions.check(FinePermission::VIEW_AUDIT_LOG) {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &None).await,
));
}
let items = match data.0.get_audit_log_entries(12, req.page).await {
Ok(p) => p,
Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &Some(user)).await;
context.insert("items", &items);
context.insert("page", &req.page);
// return
Ok(Html(data.1.render("mod/audit_log.html", &context).unwrap()))
}
/// `/mod_panel/reports`
pub async fn reports_request(
jar: CookieJar,
Extension(data): Extension<State>,
Query(req): Query<PaginatedQuery>,
) -> impl IntoResponse {
let data = data.read().await;
let user = match get_user_from_token!(jar, data.0) {
Some(ua) => ua,
None => {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &None).await,
));
}
};
if !user.permissions.check(FinePermission::VIEW_REPORTS) {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &None).await,
));
}
let items = match data.0.get_reports(12, req.page).await {
Ok(p) => p,
Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
};
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &Some(user)).await;
context.insert("items", &items);
context.insert("page", &req.page);
// return
Ok(Html(data.1.render("mod/reports.html", &context).unwrap()))
}
#[derive(Deserialize)]
pub struct FileReportQuery {
pub asset: String,
pub asset_type: AssetType,
}
/// `/mod_panel/file_report`
pub async fn file_report_request(
jar: CookieJar,
Extension(data): Extension<State>,
Query(req): Query<FileReportQuery>,
) -> impl IntoResponse {
let data = data.read().await;
let user = match get_user_from_token!(jar, data.0) {
Some(ua) => ua,
None => {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &None).await,
));
}
};
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &Some(user)).await;
context.insert("asset", &req.asset);
context.insert("asset_type", &req.asset_type);
// return
Ok(Html(
data.1.render("mod/file_report.html", &context).unwrap(),
))
}