t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add reposts/quotes

Browse source 
fix #2
This commit is contained in:
trisua 2025-04-10 18:16:52 -04:00
parent 15e24b9a61
commit df32b9d65e
43 changed files with 708 additions and 234 deletions
Download patch file Download diff file Expand all files Collapse all files

3
crates/app/Cargo.toml
View file

@ -1,6 +1,6 @@
[package]
name = "tetratto"
version = "1.0.1"
version = "1.0.2"
edition = "2024"
[features]
@ -19,6 +19,7 @@ tower-http = { version = "0.6.2", features = ["trace", "fs"] }
axum = { version = "0.8.3", features = ["macros"] }
tokio = { version = "1.44.2", features = ["macros", "rt-multi-thread"] }
axum-extra = { version = "0.10.1", features = ["cookie", "multipart"] }
ammonia = "4.0.0"
tetratto-shared = { path = "../shared" }
tetratto-core = { path = "../core", features = [
"redis",

5
crates/app/src/avif.rs
View file

@ -71,7 +71,10 @@ pub fn save_avif_buffer(path: &str, bytes: Vec<u8>) -> std::io::Result<()> {
let file = File::create(path)?;
let mut writer = BufWriter::new(file);
if let Err(_) = pre_img_buffer.write_to(&mut writer, image::ImageFormat::Avif) {
if pre_img_buffer
.write_to(&mut writer, image::ImageFormat::Avif)
.is_err()
{
return Err(std::io::Error::new(
std::io::ErrorKind::Other,
"Image conversion failed",

5
crates/app/src/langs/en-US.toml
View file

@ -18,6 +18,8 @@ version = "1.0.0"
"general:action.back" = "Back"
"general:action.report" = "Report"
"general:action.manage" = "Manage"
"general:label.safety" = "Safety"
"general:label.share" = "Share"
"general:action.add_account" = "Add account"
"general:action.switch_account" = "Switch account"
"general:label.mod" = "Mod"
@ -75,6 +77,9 @@ version = "1.0.0"
"communities:label.new_title" = "New title"
"communities:label.pinned" = "Pinned"
"communities:label.edit_content" = "Edit content"
"communities:label.repost" = "Repost"
"communities:label.quote_post" = "Quote post"
"communities:label.expand_original" = "Expand original"
"notifs:action.mark_as_read" = "Mark as read"
"notifs:action.mark_as_unread" = "Mark as unread"

1
crates/app/src/main.rs
View file

@ -2,6 +2,7 @@ mod assets;
mod avif;
mod macros;
mod routes;
mod sanitize;
use assets::{init_dirs, write_assets};
pub use tetratto_core::*;

1
crates/app/src/public/css/style.css
View file

@ -524,6 +524,7 @@ select {
resize: vertical;
width: 100%;
font-family: inherit;
font-size: 16px;
/* personality */
background: transparent;
color: inherit;

12
crates/app/src/public/html/communities/feed.html
View file

@ -42,7 +42,11 @@
<div class="card flex flex-col gap-4">
<!-- prettier-ignore -->
{% for post in pinned %}
{{ components::post(post=post[0], owner=post[1], secondary=true, show_community=false, can_manage_post=can_manage_posts) }}
{% if post[0].context.repost and post[0].context.repost.reposting %}
{{ components::repost(repost=post[2], post=post[0], owner=post[1], secondary=true, show_community=false, can_manage_post=can_manage_posts) }}
{% else %}
{{ components::post(post=post[0], owner=post[1], secondary=true, show_community=false, can_manage_post=can_manage_posts) }}
{% endif %}
{% endfor %}
</div>
</div>
@ -57,7 +61,11 @@
<div class="card flex flex-col gap-4">
<!-- prettier-ignore -->
{% for post in feed %}
{{ components::post(post=post[0], owner=post[1], secondary=true, show_community=false, can_manage_post=can_manage_posts) }}
{% if post[0].context.repost and post[0].context.repost.reposting %}
{{ components::repost(repost=post[2], post=post[0], owner=post[1], secondary=true, show_community=false, can_manage_post=can_manage_posts) }}
{% else %}
{{ components::post(post=post[0], owner=post[1], secondary=true, show_community=false, can_manage_post=can_manage_posts) }}
{% endif %}
{% endfor %}
{{ components::pagination(page=page, items=feed|length) }}

20
crates/app/src/public/html/communities/post.html
View file

@ -7,9 +7,18 @@
{{ icon "arrow-up" }}
<span>{{ text "communities:action.continue_thread" }}</span>
</a>
{% endif %} {{ components::post(post=post, owner=owner, community=community,
show_community=true, can_manage_post=can_manage_posts) }} {% if user and
post.context.comments_enabled %}
{% endif %}
<!-- prettier-ignore -->
<div style="display: contents;">
{% if post.context.repost and post.context.repost.reposting %}
{{ components::repost(repost=reposting, post=post, owner=owner, community=community, show_community=true, can_manage_post=can_manage_posts) }}
{% else %}
{{ components::post(post=post, owner=owner, community=community, show_community=true, can_manage_post=can_manage_posts) }}
{% endif %}
</div>
{% if user and post.context.comments_enabled %}
<div class="card-nest">
<div class="card small">
<b>{{ text "communities:label.create_reply" }}</b>
@ -116,6 +125,11 @@
"{{ post.context.comments_enabled }}",
"checkbox",
],
[
["reposts_enabled", "Allow people to repost your post"],
"{{ post.context.reposts_enabled }}",
"checkbox",
],
[
["is_nsfw", "Mark as NSFW"],
"{{ community.context.is_nsfw }}",

7
crates/app/src/public/html/communities/settings.html
View file

@ -396,10 +396,15 @@
}, 250);
</script>
<!-- prettier-ignore -->
<script type="application/json" id="settings_json">{{ community_context_serde|safe }}</script>
<script>
setTimeout(() => {
const ui = ns("ui");
const settings = JSON.parse("{{ community_context_serde|safe }}");
const settings = JSON.parse(
document.getElementById("settings_json").innerHTML,
);
globalThis.upload_avatar = (e) => {
e.preventDefault();

134
crates/app/src/public/html/components.html
View file

@ -104,6 +104,45 @@ community %}
</span>
{% endif %}
</div>
{%- endmacro %} {% macro repost(repost, post, owner, secondary=false,
community=false, show_community=true, can_manage_post=false) -%}
<div style="display: contents">
<!-- prettier-ignore -->
<div style="display: none" id="repost-content:{{ post.id }}">
{% if repost %}
{{ components::post(post=repost[1], owner=repost[0], secondary=not secondary, community=false, show_community=false, can_manage_post=false) }}
{% else %}
<div class="card tertiary red flex items-center gap-2">
{{ icon "frown" }}
<span>Could not find original post...</span>
</div>
{% endif %}
</div>
{{ components::post(post=post, owner=owner, secondary=secondary,
community=community, show_community=show_community,
can_manage_post=can_manage_post) }}
<script>
document.getElementById("post-content:{{ post.id }}").innerHTML +=
document.getElementById("repost-content:{{ post.id }}").innerHTML;
document.getElementById("repost-content:{{ post.id }}").remove();
document
.getElementById("post:{{ post.id }}")
.querySelector(".avatar")
.setAttribute("style", "--size: 24px");
document
.getElementById("post:{{ post.id }}")
.querySelector(".name")
.parentElement.prepend(
document
.getElementById("post:{{ post.id }}")
.querySelector(".avatar"),
);
</script>
</div>
{%- endmacro %} {% macro post(post, owner, secondary=false, community=false,
show_community=true, can_manage_post=false) -%} {% if community and
show_community and post.community != config.town_square %}
@ -130,6 +169,7 @@ show_community and post.community != config.town_square %}
{% endif %}
<div
class="card flex flex-col gap-2 {% if secondary %}secondary{% endif %}"
id="post:{{ post.id }}"
>
<div class="w-full flex gap-2">
<a href="/@{{ owner.username }}">
@ -150,13 +190,6 @@ show_community and post.community != config.town_square %}
</div>
{% else %}
<span class="fade date">{{ post.created }}</span>
{% endif %} {% if show_community %}
<a href="/api/v1/communities/find/{{ post.community }}">
<!-- prettier-ignore -->
{% if not community %}
{{ components::community_avatar(id=post.community) }}
{% endif %}
</a>
{% endif %} {% if post.context.is_nsfw %}
<span
title="NSFW post"
@ -165,6 +198,15 @@ show_community and post.community != config.town_square %}
>
{{ icon "square-asterisk" }}
</span>
{% endif %} {% if post.context.repost and
post.context.repost.reposting %}
<span
title="Repost"
class="flex items-center"
style="color: var(--color-primary)"
>
{{ icon "repeat-2" }}
</span>
{% endif %}
</div>
@ -175,7 +217,16 @@ show_community and post.community != config.town_square %}
</div>
<div class="flex justify-between items-center gap-2 w-full">
{% if user %}
{% if user %} {% if post.context.repost and
post.context.repost.reposting %}
<a
href="/post/{{ post.context.repost.reposting }}"
class="button small camo"
>
{{ icon "expand" }}
<span>{{ text "communities:label.expand_original" }}</span>
</a>
{% else %}
<div
class="flex gap-1 reactions_box"
hook="check_reactions"
@ -184,7 +235,7 @@ show_community and post.community != config.town_square %}
{{ components::likes(id=post.id, asset_type="Post",
likes=post.likes, dislikes=post.dislikes) }}
</div>
{% else %}
{% endif %} {% else %}
<div></div>
{% endif %}
@ -213,7 +264,26 @@ show_community and post.community != config.town_square %}
</button>
<div class="inner">
{% if user.id != post.owner %}
{% if config.town_square and
post.context.reposts_enabled %}
<b class="title">{{ text "general:label.share" }}</b>
<button
onclick="trigger('me::repost', ['{{ post.id }}', '', '{{ config.town_square }}'])"
>
{{ icon "repeat-2" }}
<span>{{ text "communities:label.repost" }}</span>
</button>
<button
onclick="window.REPOST_ID = '{{ post.id }}'; document.getElementById('quote_dialog').showModal()"
>
{{ icon "quote" }}
<span
>{{ text "communities:label.quote_post" }}</span
>
</button>
{% endif %} {% if user.id != post.owner %}
<b class="title">{{ text "general:label.safety" }}</b>
<button
class="red"
onclick="trigger('me::report', ['{{ post.id }}', 'post'])"
@ -483,4 +553,46 @@ user.settings.theme_hue %}
match_user_theme();
}, 150);
</script>
{% endif %} {% endif %} {% endif %} {%- endmacro %}
{% endif %} {% endif %} {% endif %} {%- endmacro %} {% macro quote_form() -%} {%
if config.town_square and user %}
<div class="card-nest">
<div class="card small flex flex-col">
<div class="flex items-center gap-2">
{{ icon "quote" }}
<span>{{ text "communities:label.quote_post" }}</span>
</div>
</div>
<form
class="card flex flex-col gap-2"
onsubmit="create_repost_from_form(event)"
>
<div class="flex flex-col gap-1">
<label for="content">{{ text "communities:label.content" }}</label>
<textarea
type="text"
name="content"
id="content"
placeholder="content"
required
minlength="2"
maxlength="4096"
></textarea>
</div>
<button class="primary">{{ text "communities:action.create" }}</button>
</form>
</div>
<script>
async function create_repost_from_form(e) {
e.preventDefault();
await trigger("atto::debounce", ["posts::create"]);
await trigger("me::repost", [
window.REPOST_ID,
e.target.content.value,
"{{ config.town_square }}",
]);
}
</script>
{% endif %} {%- endmacro %}

14
crates/app/src/public/html/profile/base.html
View file

@ -67,7 +67,10 @@
</div>
</div>
<div class="card flex flex-col gap-2" id="social">
<div
class="card flex flex-col items-center gap-2"
id="social"
>
<div class="w-full flex">
<a
href="/@{{ profile.username }}/followers"
@ -84,6 +87,15 @@
<span>{{ text "auth:label.following" }}</span>
</a>
</div>
{% if is_following_you %}
<b
class="notification chip w-content flex items-center gap-2"
>
{{ icon "heart" }}
<span>Follows you</span>
</b>
{% endif %}
</div>
</div>

12
crates/app/src/public/html/profile/posts.html
View file

@ -9,7 +9,11 @@
<div class="card flex flex-col gap-4">
<!-- prettier-ignore -->
{% for post in pinned %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true, can_manage_post=is_self) }}
{% if post[0].context.repost and post[0].context.repost.reposting %}
{{ components::repost(repost=post[3], post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true, can_manage_post=is_self) }}
{% else %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2], can_manage_post=is_self) }}
{% endif %}
{% endfor %}
</div>
</div>
@ -24,7 +28,11 @@
<div class="card flex flex-col gap-4">
<!-- prettier-ignore -->
{% for post in posts %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true, can_manage_post=is_self) }}
{% if post[0].context.repost and post[0].context.repost.reposting %}
{{ components::repost(repost=post[3], post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true, can_manage_post=is_self) }}
{% else %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2], can_manage_post=is_self) }}
{% endif %}
{% endfor %}
{{ components::pagination(page=page, items=posts|length) }}

7
crates/app/src/public/html/profile/settings.html
View file

@ -326,10 +326,15 @@
{% endfor %}
</div>
<!-- prettier-ignore -->
<script type="application/json" id="settings_json">{{ user_settings_serde|safe }}</script>
<script>
setTimeout(() => {
const ui = ns("ui");
const settings = JSON.parse("{{ user_settings_serde|safe }}");
const settings = JSON.parse(
document.getElementById("settings_json").innerHTML,
);
let tokens = JSON.parse("{{ user_tokens_serde|safe }}");
globalThis.remove_token = async (id) => {

20
crates/app/src/public/html/root.html
View file

@ -317,6 +317,26 @@ macros -%}
</div>
</div>
</dialog>
<dialog id="quote_dialog">
<div class="inner flex flex-col gap-2">
{{ components::quote_form() }}
<div class="flex justify-between">
<div></div>
<div class="flex gap-2">
<button
class="bold red quaternary"
onclick="document.getElementById('quote_dialog').close()"
type="button"
>
{{ icon "x" }} {{ text "dialog:action.close" }}
</button>
</div>
</div>
</div>
</dialog>
{% endif %} {% if user and use_user_theme %} {{
components::theme(user=user) }} {% endif %}
</body>

6
crates/app/src/public/html/timelines/following.html
View file

@ -7,7 +7,11 @@
<!-- prettier-ignore -->
<div class="card w-full flex flex-col gap-2">
{% for post in list %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true) }}
{% if post[0].context.repost and post[0].context.repost.reposting %}
{{ components::repost(repost=post[3], post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true) }}
{% else %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2]) }}
{% endif %}
{% endfor %}
{{ components::pagination(page=page, items=list|length) }}

6
crates/app/src/public/html/timelines/home.html
View file

@ -19,7 +19,11 @@
<!-- prettier-ignore -->
<div class="card w-full flex flex-col gap-2">
{% for post in list %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true) }}
{% if post[0].context.repost and post[0].context.repost.reposting %}
{{ components::repost(repost=post[3], post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true) }}
{% else %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2]) }}
{% endif %}
{% endfor %}
{{ components::pagination(page=page, items=list|length) }}

6
crates/app/src/public/html/timelines/popular.html
View file

@ -7,7 +7,11 @@
<!-- prettier-ignore -->
<div class="card w-full flex flex-col gap-2">
{% for post in list %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true) }}
{% if post[0].context.repost and post[0].context.repost.reposting %}
{{ components::repost(repost=post[3], post=post[0], owner=post[1], secondary=true, community=post[2], show_community=true) }}
{% else %}
{{ components::post(post=post[0], owner=post[1], secondary=true, community=post[2]) }}
{% endif %}
{% endfor %}
{{ components::pagination(page=page, items=list|length) }}

26
crates/app/src/public/js/me.js
View file

@ -149,6 +149,32 @@
});
});
self.define("repost", (_, id, content, community) => {
fetch(`/api/v1/posts/${id}/repost`, {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
content,
community,
}),
})
.then((res) => res.json())
.then((res) => {
trigger("atto::toast", [
res.ok ? "success" : "error",
res.message,
]);
if (res.ok) {
setTimeout(() => {
window.location.href = `/post/${res.payload}`;
}, 100);
}
});
});
self.define("report", (_, asset, asset_type) => {
window.open(
`/mod_panel/file_report?asset=${asset}&asset_type=${asset_type}`,

4
crates/app/src/routes/api/v1/auth/mod.rs
View file

@ -50,7 +50,7 @@ pub async fn register_request(
.to_string();
// check for ip ban
if let Ok(_) = data.get_ipban_by_ip(&real_ip).await {
if data.get_ipban_by_ip(&real_ip).await.is_ok() {
return (None, Json(Error::NotAllowed.into()));
}
@ -126,7 +126,7 @@ pub async fn login_request(
.to_string();
// check for ip ban
if let Ok(_) = data.get_ipban_by_ip(&real_ip).await {
if data.get_ipban_by_ip(&real_ip).await.is_ok() {
return (None, Json(Error::NotAllowed.into()));
}

2
crates/app/src/routes/api/v1/auth/profile.rs
View file

@ -330,7 +330,7 @@ pub async fn disable_totp_request(
}
// ...
match data.update_user_totp(id, &String::new(), &Vec::new()).await {
match data.update_user_totp(id, "", &Vec::new()).await {
Ok(()) => Json(ApiReturn {
ok: true,
message: "TOTP disabled".to_string(),

38
crates/app/src/routes/api/v1/communities/posts.rs
View file

@ -3,8 +3,9 @@ use axum_extra::extract::CookieJar;
use tetratto_core::model::{ApiReturn, Error, communities::Post};
use crate::{
State, get_user_from_token,
routes::api::v1::{CreatePost, UpdatePostContent, UpdatePostContext},
get_user_from_token,
routes::api::v1::{CreatePost, CreateRepost, UpdatePostContent, UpdatePostContext},
State,
};
pub async fn create_request(
@ -46,6 +47,39 @@ pub async fn create_request(
}
}
pub async fn create_repost_request(
jar: CookieJar,
Extension(data): Extension<State>,
Path(id): Path<usize>,
Json(req): Json<CreateRepost>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
match data
.create_post(Post::repost(
req.content,
match req.community.parse::<usize>() {
Ok(x) => x,
Err(e) => return Json(Error::MiscError(e.to_string()).into()),
},
user.id,
id,
))
.await
{
Ok(id) => Json(ApiReturn {
ok: true,
message: "Post reposted".to_string(),
payload: Some(id.to_string()),
}),
Err(e) => Json(e.into()),
}
}
pub async fn delete_request(
jar: CookieJar,
Extension(data): Extension<State>,

10
crates/app/src/routes/api/v1/mod.rs
View file

@ -81,6 +81,10 @@ pub fn routes() -> Router {
// posts
.route("/posts", post(communities::posts::create_request))
.route("/posts/{id}", delete(communities::posts::delete_request))
.route(
"/posts/{id}/repost",
post(communities::posts::create_repost_request),
)
.route(
"/posts/{id}/content",
post(communities::posts::update_content_request),
@ -247,6 +251,12 @@ pub struct CreatePost {
pub replying_to: Option<String>,
}
#[derive(Deserialize)]
pub struct CreateRepost {
pub content: String,
pub community: String,
}
#[derive(Deserialize)]
pub struct UpdatePostContent {
pub content: String,

34
crates/app/src/routes/pages/communities.rs
View file

@ -1,5 +1,5 @@
use super::{PaginatedQuery, render_error};
use crate::{State, assets::initial_context, get_lang, get_user_from_token};
use crate::{assets::initial_context, get_lang, get_user_from_token, sanitize::clean_context, State};
use axum::{
Extension,
extract::{Path, Query},
@ -323,9 +323,7 @@ pub async fn settings_request(
context.insert("community", &community);
context.insert(
"community_context_serde",
&serde_json::to_string(&community.context)
.unwrap()
.replace("\"", "\\\""),
&clean_context(&community.context),
);
// return
@ -347,15 +345,38 @@ pub async fn post_request(
let user = get_user_from_token!(jar, data.0);
let post = match data.0.get_post_by_id(id).await {
Ok(ua) => ua,
Ok(p) => p,
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
};
let community = match data.0.get_community_by_id(post.community).await {
Ok(ua) => ua,
Ok(c) => c,
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
};
// check repost
let reposting = if let Some(ref repost) = post.context.repost {
if let Some(reposting) = repost.reposting {
let mut x = match data.0.get_post_by_id(reposting).await {
Ok(p) => p,
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
};
x.mark_as_repost();
Some((
match data.0.get_user_by_id(x.owner).await {
Ok(ua) => ua,
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
},
x,
))
} else {
None
}
} else {
None
};
// check permissions
let (can_read, can_manage_pins) = check_permissions!(community, jar, data, user);
@ -383,6 +404,7 @@ pub async fn post_request(
) = community_context_bools!(data, user, community);
context.insert("post", &post);
context.insert("reposting", &reposting);
context.insert("replies", &feed);
context.insert("page", &props.page);
context.insert(

10
crates/app/src/routes/pages/misc.rs
View file

@ -47,7 +47,7 @@ pub async fn index_request(
.get_posts_from_user_communities(user.id, 12, req.page)
.await
{
Ok(l) => match data.0.fill_posts_with_community(l).await {
Ok(l) => match data.0.fill_posts_with_community(l, user.id).await {
Ok(l) => l,
Err(e) => return Html(render_error(e, &jar, &data, &Some(user)).await),
},
@ -83,7 +83,7 @@ pub async fn following_request(
.get_posts_from_user_following(user.id, 12, req.page)
.await
{
Ok(l) => match data.0.fill_posts_with_community(l).await {
Ok(l) => match data.0.fill_posts_with_community(l, user.id).await {
Ok(l) => l,
Err(e) => return Err(Html(render_error(e, &jar, &data, &Some(user)).await)),
},
@ -110,7 +110,11 @@ pub async fn popular_request(
let user = get_user_from_token!(jar, data.0);
let list = match data.0.get_popular_posts(12, req.page).await {
Ok(l) => match data.0.fill_posts_with_community(l).await {
Ok(l) => match data
.0
.fill_posts_with_community(l, if let Some(ref ua) = user { ua.id } else { 0 })
.await
{
Ok(l) => l,
Err(e) => return Html(render_error(e, &jar, &data, &user).await),
},

24
crates/app/src/routes/pages/profile.rs
View file

@ -1,5 +1,5 @@
use super::{PaginatedQuery, render_error};
use crate::{State, assets::initial_context, get_lang, get_user_from_token};
use crate::{assets::initial_context, get_lang, get_user_from_token, sanitize::clean_settings, State};
use axum::{
Extension,
extract::{Path, Query},
@ -44,19 +44,13 @@ pub async fn settings_request(
}
};
let settings = profile.settings.clone();
let tokens = profile.tokens.clone();
let lang = get_lang!(jar, data.0);
let mut context = initial_context(&data.0.0, lang, &Some(user)).await;
context.insert("profile", &profile);
context.insert(
"user_settings_serde",
&serde_json::to_string(&settings)
.unwrap()
.replace("\"", "\\\""),
);
context.insert("user_settings_serde", &clean_settings(&profile.settings));
context.insert(
"user_tokens_serde",
&serde_json::to_string(&tokens)
@ -158,7 +152,11 @@ pub async fn posts_request(
.get_posts_by_user(other_user.id, 12, props.page)
.await
{
Ok(p) => match data.0.fill_posts_with_community(p).await {
Ok(p) => match data
.0
.fill_posts_with_community(p, if let Some(ref ua) = user { ua.id } else { 0 })
.await
{
Ok(p) => p,
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
},
@ -166,7 +164,11 @@ pub async fn posts_request(
};
let pinned = match data.0.get_pinned_posts_by_user(other_user.id).await {
Ok(p) => match data.0.fill_posts_with_community(p).await {
Ok(p) => match data
.0
.fill_posts_with_community(p, if let Some(ref ua) = user { ua.id } else { 0 })
.await
{
Ok(p) => p,
Err(e) => return Err(Html(render_error(e, &jar, &data, &user).await)),
},
@ -219,8 +221,8 @@ pub async fn posts_request(
};
context.insert("posts", &posts);
context.insert("page", &props.page);
context.insert("pinned", &pinned);
context.insert("page", &props.page);
profile_context(
&mut context,
&user,

82
crates/app/src/sanitize.rs Normal file
View file

@ -0,0 +1,82 @@
use ammonia::Builder;
use tetratto_core::model::{auth::UserSettings, communities::CommunityContext};
/// Escape profile colors
// pub fn color_escape(color: &&&String) -> String {
// remove_tags(
// &color
// .replace(";", "")
// .replace("<", "&lt;")
// .replace(">", "%gt;")
// .replace("}", "")
// .replace("{", "")
// .replace("url(\"", "url(\"/api/v0/util/ext/image?img=")
// .replace("url('", "url('/api/v0/util/ext/image?img=")
// .replace("url(https://", "url(/api/v0/util/ext/image?img=https://"),
// )
// }
/// Clean profile metadata
pub fn remove_tags(input: &str) -> String {
Builder::default()
.rm_tags(&["img", "a", "span", "p", "h1", "h2", "h3", "h4", "h5", "h6"])
.clean(input)
.to_string()
.replace("&lt;", "<")
.replace("&gt;", ">")
.replace("&amp;", "&")
.replace("</script>", "</not-script")
}
fn clean_single(input: &str) -> String {
input
.replace("<", "&lt;")
.replace(">", "&gt;")
.replace("url(\"", "url(\"/api/v0/util/ext/image?img=")
.replace("url(https://", "url(/api/v0/util/ext/image?img=https://")
.replace("<style>", "")
.replace("</style>", "")
}
/// Clean user settings
pub fn clean_settings(settings: &UserSettings) -> String {
remove_tags(&serde_json::to_string(&clean_settings_raw(settings)).unwrap())
.replace("\u{200d}", "")
// how do you end up with these in your settings?
.replace("\u{0010}", "")
.replace("\u{0011}", "")
.replace("\u{0012}", "")
.replace("\u{0013}", "")
.replace("\u{0014}", "")
}
/// Clean user settings row
pub fn clean_settings_raw(settings: &UserSettings) -> UserSettings {
let mut settings = settings.to_owned();
settings.biography = clean_single(&settings.biography);
settings.theme_hue = clean_single(&settings.theme_hue);
settings.theme_sat = clean_single(&settings.theme_sat);
settings.theme_lit = clean_single(&settings.theme_lit);
settings
}
/// Clean community context
pub fn clean_context(context: &CommunityContext) -> String {
remove_tags(&serde_json::to_string(&clean_context_raw(context)).unwrap())
.replace("\u{200d}", "")
// how do you end up with these in your settings?
.replace("\u{0010}", "")
.replace("\u{0011}", "")
.replace("\u{0012}", "")
.replace("\u{0013}", "")
.replace("\u{0014}", "")
}
/// Clean community context row
pub fn clean_context_raw(context: &CommunityContext) -> CommunityContext {
let mut context = context.to_owned();
context.description = clean_single(&context.description);
context
}