t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add: allow users to block users who have blocked them/private users

Browse source 
fix: anonymous post page panic
add: allow users to select home timeline
This commit is contained in:
trisua 2025-04-24 16:40:03 -04:00
parent 2460e2f8c5
commit d42375441f
15 changed files with 313 additions and 122 deletions
Download patch file Download diff file Expand all files Collapse all files

9
crates/app/src/assets.rs
View file

@ -6,7 +6,10 @@ use std::{
sync::LazyLock,
};
use tera::Context;
use tetratto_core::{config::Config, model::auth::User};
use tetratto_core::{
config::Config,
model::auth::{DefaultTimelineChoice, User},
};
use tetratto_l10n::LangFile;
use tetratto_shared::hash::salt;
use tokio::sync::RwLock;
@ -48,6 +51,7 @@ pub const PROFILE_FOLLOWING: &str = include_str!("./public/html/profile/followin
pub const PROFILE_FOLLOWERS: &str = include_str!("./public/html/profile/followers.html");
pub const PROFILE_WARNING: &str = include_str!("./public/html/profile/warning.html");
pub const PROFILE_PRIVATE: &str = include_str!("./public/html/profile/private.html");
pub const PROFILE_BLOCKED: &str = include_str!("./public/html/profile/blocked.html");
pub const COMMUNITIES_LIST: &str = include_str!("./public/html/communities/list.html");
pub const COMMUNITIES_BASE: &str = include_str!("./public/html/communities/base.html");
@ -197,6 +201,7 @@ pub(crate) async fn write_assets(config: &Config) -> PathBufD {
write_template!(html_path->"profile/followers.html"(crate::assets::PROFILE_FOLLOWERS) --config=config);
write_template!(html_path->"profile/warning.html"(crate::assets::PROFILE_WARNING) --config=config);
write_template!(html_path->"profile/private.html"(crate::assets::PROFILE_PRIVATE) --config=config);
write_template!(html_path->"profile/blocked.html"(crate::assets::PROFILE_BLOCKED) --config=config);
write_template!(html_path->"communities/list.html"(crate::assets::COMMUNITIES_LIST) -d "communities" --config=config);
write_template!(html_path->"communities/base.html"(crate::assets::COMMUNITIES_BASE) --config=config);
@ -284,9 +289,11 @@ pub(crate) async fn initial_context(
if let Some(ua) = user {
ctx.insert("is_helper", &ua.permissions.check_helper());
ctx.insert("is_manager", &ua.permissions.check_manager());
ctx.insert("home", ua.settings.default_timeline.relative_url());
} else {
ctx.insert("is_helper", &false);
ctx.insert("is_manager", &false);
ctx.insert("home", DefaultTimelineChoice::default().relative_url());
}
ctx.insert("lang", &lang.data);

2
crates/app/src/langs/en-US.toml
View file

@ -58,6 +58,8 @@ version = "1.0.0"
"auth:label.private_profile_message" = "This profile is private, meaning you can only view it if they follow you."
"auth:action.request_to_follow" = "Request to follow"
"auth:action.cancel_follow_request" = "Cancel follow request"
"auth:label.blocked_profile" = "You're blocked"
"auth:label.blocked_profile_message" = "This user has blocked you."
"communities:action.create" = "Create"
"communities:action.select" = "Select"

82
crates/app/src/macros.rs
View file

@ -94,3 +94,85 @@ macro_rules! get_lang {
}
}};
}
#[macro_export]
macro_rules! check_user_blocked_or_private {
($user:ident, $other_user:ident, $data:ident, $jar:ident) => {
// check if we're blocked
if let Some(ref ua) = $user {
if $data
.0
.get_userblock_by_initiator_receiver($other_user.id, ua.id)
.await
.is_ok()
{
let lang = get_lang!($jar, $data.0);
let mut context = initial_context(&$data.0.0, lang, &$user).await;
context.insert("profile", &$other_user);
context.insert(
"is_blocking",
&$data
.0
.get_userblock_by_initiator_receiver(ua.id, $other_user.id)
.await
.is_ok(),
);
return Ok(Html(
$data.1.render("profile/blocked.html", &context).unwrap(),
));
}
}
// check for private profile
if $other_user.settings.private_profile {
if let Some(ref ua) = $user {
if (ua.id != $other_user.id)
&& !ua.permissions.check(FinePermission::MANAGE_USERS)
&& $data
.0
.get_userfollow_by_initiator_receiver($other_user.id, ua.id)
.await
.is_err()
{
let lang = get_lang!($jar, $data.0);
let mut context = initial_context(&$data.0.0, lang, &$user).await;
context.insert("profile", &$other_user);
context.insert(
"follow_requested",
&$data
.0
.get_request_by_id_linked_asset(ua.id, $other_user.id)
.await
.is_ok(),
);
context.insert(
"is_blocking",
&$data
.0
.get_userblock_by_initiator_receiver(ua.id, $other_user.id)
.await
.is_ok(),
);
return Ok(Html(
$data.1.render("profile/private.html", &context).unwrap(),
));
}
} else {
let lang = get_lang!($jar, $data.0);
let mut context = initial_context(&$data.0.0, lang, &$user).await;
context.insert("profile", &$other_user);
context.insert("follow_requested", &false);
context.insert("is_following", &false);
return Ok(Html(
$data.1.render("profile/private.html", &context).unwrap(),
));
}
}
};
}

2
crates/app/src/public/html/macros.html
View file

@ -8,7 +8,7 @@
{% if show_lhs %}
<a
href="/"
href="{{ home }}"
class="button {% if selected == 'home' %}active{% endif %}"
>
{{ icon "house" }}

3
crates/app/src/public/html/post/post.html
View file

@ -125,7 +125,8 @@
ui.refresh_container(element, []);
const can_manage_pins = "{{ can_manage_pins }}" === "true";
const is_owner = "{{ user.id == post.owner }}" === "true";
const is_owner =
"{{ user and user.id == post.owner }}" === "true";
const settings_fields = [
[

65
crates/app/src/public/html/profile/blocked.html Normal file
View file

@ -0,0 +1,65 @@
{% extends "root.html" %} {% block head %}
<title>{{ profile.username }} (blocked) - {{ config.name }}</title>
{% endblock %} {% block body %} {{ macros::nav() }}
<main class="flex flex-col gap-2">
<div class="card-nest">
<div class="card small flex items-center justify-between gap-2">
<div class="flex items-center gap-2">
{{ components::avatar(username=profile.username, size="24px") }}
<span>{{ profile.username }}</span>
</div>
<b class="notification chip"
>{{ text "auth:label.blocked_profile" }}</b
>
</div>
<div class="card flex flex-col gap-2">
<span>{{ text "auth:label.blocked_profile_message" }}</span>
<div class="card w-full secondary flex gap-2">
{% if user %} {% if not is_blocking %}
<button onclick="toggle_block_user()" class="quaternary red">
{{ icon "shield" }}
<span>{{ text "auth:action.block" }}</span>
</button>
{% else %}
<button onclick="toggle_block_user()" class="quaternary red">
{{ icon "shield-off" }}
<span>{{ text "auth:action.unblock" }}</span>
</button>
{% endif %}
<script>
globalThis.toggle_block_user = async () => {
if (
!(await trigger("atto::confirm", [
"Are you sure you would like to do this?",
]))
) {
return;
}
fetch("/api/v1/auth/user/{{ profile.id }}/block", {
method: "POST",
})
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
});
};
</script>
{% endif %}
<a href="/" class="button red quaternary">
{{ icon "x" }}
<span>{{ text "general:action.back" }}</span>
</a>
</div>
</div>
</div>
</main>
{% endblock %}

31
crates/app/src/public/html/profile/private.html
View file

@ -45,6 +45,16 @@
{{ icon "user-minus" }}
<span>{{ text "auth:action.unfollow" }}</span>
</button>
{% endif %} {% if not is_blocking %}
<button onclick="toggle_block_user()" class="quaternary red">
{{ icon "shield" }}
<span>{{ text "auth:action.block" }}</span>
</button>
{% else %}
<button onclick="toggle_block_user()" class="quaternary red">
{{ icon "shield-off" }}
<span>{{ text "auth:action.unblock" }}</span>
</button>
{% endif %}
<script>
@ -117,6 +127,27 @@
.classList.remove("hidden");
});
};
globalThis.toggle_block_user = async () => {
if (
!(await trigger("atto::confirm", [
"Are you sure you would like to do this?",
]))
) {
return;
}
fetch("/api/v1/auth/user/{{ profile.id }}/block", {
method: "POST",
})
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
});
};
</script>
{% endif %}

70
crates/app/src/public/html/profile/settings.html
View file

@ -33,6 +33,75 @@
<div class="w-full flex flex-col gap-2" data-tab="account">
<div class="card tertiary flex flex-col gap-2" id="account_settings">
<div class="card-nest" ui_ident="home_timeline">
<div class="card small">
<b>Home timeline</b>
</div>
<div class="card">
<select
onchange="set_setting_field('default_timeline', event.target.selectedOptions[0].value)"
>
<option
value="MyCommunities"
selected="{% if home == '/' %}true{% else %}false{% endif %}"
>
My communities
</option>
<option
value="MyCommunitiesQuestions"
selected="{% if home == '/questions' %}true{% else %}false{% endif %}"
>
My communities (questions)
</option>
<option
value="PopularPosts"
selected="{% if home == '/popular' %}true{% else %}false{% endif %}"
>
Popular
</option>
<option
value="PopularQuestions"
selected="{% if home == '/popular/questions' %}true{% else %}false{% endif %}"
>
Popular (questions)
</option>
<option
value="FollowingPosts"
selected="{% if home == '/following' %}true{% else %}false{% endif %}"
>
Following
</option>
<option
value="FollowingQuestions"
selected="{% if home == '/following/questions' %}true{% else %}false{% endif %}"
>
Following (questions)
</option>
<option
value="AllPosts"
selected="{% if home == '/all' %}true{% else %}false{% endif %}"
>
All
</option>
<option
value="AllQuestions"
selected="{% if home == '/all/questions' %}true{% else %}false{% endif %}"
>
All (questions)
</option>
</select>
<span class="fade"
>This represents the timeline the home button takes you
to.</span
>
</div>
</div>
<div class="card-nest" ui_ident="change_password">
<div class="card small">
<b>{{ text "settings:label.change_password" }}</b>
@ -737,6 +806,7 @@
const theme_settings = document.getElementById("theme_settings");
ui.refresh_container(account_settings, [
"home_timeline",
"change_password",
"change_username",
"two_factor_authentication",

118
crates/app/src/routes/pages/profile.rs
View file

@ -1,5 +1,8 @@
use super::{render_error, PaginatedQuery, ProfileQuery};
use crate::{assets::initial_context, get_lang, get_user_from_token, sanitize::clean_settings, State};
use crate::{
assets::initial_context, check_user_blocked_or_private, get_lang, get_user_from_token,
sanitize::clean_settings, State,
};
use axum::{
Extension,
extract::{Path, Query},
@ -173,69 +176,7 @@ pub async fn posts_request(
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
};
// check if we're blocked
if let Some(ref ua) = user {
if data
.0
.get_userblock_by_initiator_receiver(other_user.id, ua.id)
.await
.is_ok()
{
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &user).await,
));
}
}
// check for private profile
if other_user.settings.private_profile {
if let Some(ref ua) = user {
if (ua.id != other_user.id)
&& !ua.permissions.check(FinePermission::MANAGE_USERS)
&& data
.0
.get_userfollow_by_initiator_receiver(other_user.id, ua.id)
.await
.is_err()
{
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &user).await;
context.insert("profile", &other_user);
context.insert(
"follow_requested",
&data
.0
.get_request_by_id_linked_asset(ua.id, other_user.id)
.await
.is_ok(),
);
context.insert(
"is_following",
&data
.0
.get_userfollow_by_initiator_receiver(ua.id, other_user.id)
.await
.is_ok(),
);
return Ok(Html(
data.1.render("profile/private.html", &context).unwrap(),
));
}
} else {
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &user).await;
context.insert("profile", &other_user);
context.insert("follow_requested", &false);
context.insert("is_following", &false);
return Ok(Html(
data.1.render("profile/private.html", &context).unwrap(),
));
}
}
check_user_blocked_or_private!(user, other_user, data, jar);
// check for warning
if props.warning {
@ -371,19 +312,7 @@ pub async fn following_request(
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
};
// check if we're blocked
if let Some(ref ua) = user {
if data
.0
.get_userblock_by_initiator_receiver(other_user.id, ua.id)
.await
.is_ok()
{
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &user).await,
));
}
}
check_user_blocked_or_private!(user, other_user, data, jar);
// check for private profile
if other_user.settings.private_profile {
@ -498,40 +427,7 @@ pub async fn followers_request(
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
};
// check if we're blocked
if let Some(ref ua) = user {
if data
.0
.get_userblock_by_initiator_receiver(other_user.id, ua.id)
.await
.is_ok()
{
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &user).await,
));
}
}
// check for private profile
if other_user.settings.private_profile {
if let Some(ref ua) = user {
if ua.id != other_user.id
&& data
.0
.get_userfollow_by_initiator_receiver(other_user.id, ua.id)
.await
.is_err()
{
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &user).await,
));
}
} else {
return Err(Html(
render_error(Error::NotAllowed, &jar, &data, &user).await,
));
}
}
check_user_blocked_or_private!(user, other_user, data, jar);
// fetch data
let list = match data