add: audit log, reports

add: theme preference setting
2025-04-02 11:39:51 -04:00 · 2025-04-02 11:39:51 -04:00 · d3d0c41334
commit d3d0c41334
parent b2df2739a7
38 changed files with 925 additions and 169 deletions
--- a/crates/core/src/database/auth.rs
+++ b/crates/core/src/database/auth.rs
@ -1,5 +1,6 @@
 use super::*;
 use crate::cache::Cache;
+use crate::model::moderation::AuditLogEntry;
 use crate::model::{
    Error, Result,
    auth::{Token, User, UserSettings},
@ -262,6 +263,17 @@ impl DataManager {

        self.cache_clear_user(&other_user).await;

+        // create audit log entry
+        self.create_audit_log_entry(AuditLogEntry::new(
+            user.id,
+            format!(
+                "invoked `update_user_verified_status` with x value `{}` and y value `{}`",
+                other_user.id, x
+            ),
+        ))
+        .await?;
+
+        // ...
        Ok(())
    }

@ -326,6 +338,67 @@ impl DataManager {
        Ok(())
    }

+    pub async fn update_user_role(
+        &self,
+        id: usize,
+        role: FinePermission,
+        user: User,
+    ) -> Result<()> {
+        // check permission
+        if !user.permissions.check(FinePermission::MANAGE_USERS) {
+            return Err(Error::NotAllowed);
+        }
+
+        let other_user = self.get_user_by_id(id).await?;
+
+        if other_user.permissions.check_manager() && !user.permissions.check_admin() {
+            return Err(Error::MiscError(
+                "Cannot manage the role of other managers".to_string(),
+            ));
+        }
+
+        if other_user.permissions == user.permissions {
+            return Err(Error::MiscError(
+                "Cannot manage users of equal level to you".to_string(),
+            ));
+        }
+
+        // ...
+        let conn = match self.connect().await {
+            Ok(c) => c,
+            Err(e) => return Err(Error::DatabaseConnection(e.to_string())),
+        };
+
+        let res = execute!(
+            &conn,
+            "UPDATE users SET permissions = $1 WHERE id = $2",
+            &[
+                &(role.bits()).to_string().as_str(),
+                &id.to_string().as_str()
+            ]
+        );
+
+        if let Err(e) = res {
+            return Err(Error::DatabaseError(e.to_string()));
+        }
+
+        self.cache_clear_user(&other_user).await;
+
+        // create audit log entry
+        self.create_audit_log_entry(AuditLogEntry::new(
+            user.id,
+            format!(
+                "invoked `update_user_role` with x value `{}` and y value `{}`",
+                other_user.id,
+                role.bits()
+            ),
+        ))
+        .await?;
+
+        // ...
+        Ok(())
+    }
+
    pub async fn cache_clear_user(&self, user: &User) {
        self.2.remove(format!("atto.user:{}", user.id)).await;
        self.2.remove(format!("atto.user:{}", user.username)).await;