add: user settings ui

crates/app/src/routes/api/v1/auth/images.rs

@@ -72,8 +72,11 @@ pub async fn avatar_request(
         }
     };
 
-    let path =
-        PathBufD::current().extend(&["avatars", &data.0.dirs.media, &format!("{}.avif", &user.id)]);
+    let path = PathBufD::current().extend(&[
+        data.0.dirs.media.as_str(),
+        "avatars",
+        &format!("{}.avif", &user.id),
+    ]);
 
     if !exists(&path).unwrap() {
         return (
@@ -114,8 +117,11 @@ pub async fn banner_request(
         }
     };
 
-    let path =
-        PathBufD::current().extend(&["banners", &data.0.dirs.media, &format!("{}.avif", &user.id)]);
+    let path = PathBufD::current().extend(&[
+        data.0.dirs.media.as_str(),
+        "banners",
+        &format!("{}.avif", &user.id),
+    ]);
 
     if !exists(&path).unwrap() {
         return (

crates/app/src/routes/api/v1/auth/profile.rs

@@ -1,7 +1,7 @@
 use crate::{
     State, get_user_from_token,
     model::{ApiReturn, Error},
-    routes::api::v1::UpdateUserIsVerified,
+    routes::api::v1::{UpdateUserIsVerified, UpdateUserPassword, UpdateUserUsername},
 };
 use axum::{
     Extension, Json,
@@ -59,6 +59,70 @@ pub async fn update_profile_settings_request(
     }
 }
 
+/// Update the password of the given user.
+pub async fn update_profile_password_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(req): Json<UpdateUserPassword>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    if user.id != id {
+        if !user.permissions.check(FinePermission::MANAGE_USERS) {
+            return Json(Error::NotAllowed.into());
+        }
+    }
+
+    match data
+        .update_user_password(id, req.from, req.to, user, false)
+        .await
+    {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Password updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn update_profile_username_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(req): Json<UpdateUserUsername>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    if user.id != id {
+        if !user.permissions.check(FinePermission::MANAGE_USERS) {
+            return Json(Error::NotAllowed.into());
+        }
+    }
+
+    if data.get_user_by_username(&req.to).await.is_ok() {
+        return Json(Error::UsernameInUse.into());
+    }
+
+    match data.update_user_username(id, req.to, user).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Username updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
 /// Update the tokens of the given user.
 pub async fn update_profile_tokens_request(
     jar: CookieJar,

crates/app/src/routes/api/v1/communities/images.rs

@@ -34,8 +34,8 @@ pub async fn avatar_request(
     };
 
     let path = PathBufD::current().extend(&[
+        data.0.dirs.media.as_str(),
         "community_avatars",
-        &data.0.dirs.media,
         &format!("{}.avif", &community.id),
     ]);
 
@@ -79,8 +79,8 @@ pub async fn banner_request(
     };
 
     let path = PathBufD::current().extend(&[
+        data.0.dirs.media.as_str(),
         "community_banners",
-        &data.0.dirs.media,
         &format!("{}.avif", &community.id),
     ]);
 
@@ -132,7 +132,7 @@ pub async fn upload_avatar_request(
     let path = pathd!(
         "{}/community_avatars/{}.avif",
         data.0.dirs.media,
-        &auth_user.id
+        &community.id
     );
 
     // check file size
@@ -188,7 +188,7 @@ pub async fn upload_banner_request(
     let path = pathd!(
         "{}/community_banners/{}.avif",
         data.0.dirs.media,
-        &auth_user.id
+        &community.id
     );
 
     // check file size

crates/app/src/routes/api/v1/mod.rs

@@ -109,6 +109,14 @@ pub fn routes() -> Router {
             "/auth/profile/{id}/settings",
             post(auth::profile::update_profile_settings_request),
         )
+        .route(
+            "/auth/profile/{id}/password",
+            post(auth::profile::update_profile_password_request),
+        )
+        .route(
+            "/auth/profile/{id}/username",
+            post(auth::profile::update_profile_username_request),
+        )
         .route(
             "/auth/profile/{id}/tokens",
             post(auth::profile::update_profile_tokens_request),
@@ -189,6 +197,17 @@ pub struct CreateReaction {
     pub is_like: bool,
 }
 
+#[derive(Deserialize)]
+pub struct UpdateUserPassword {
+    pub from: String,
+    pub to: String,
+}
+
+#[derive(Deserialize)]
+pub struct UpdateUserUsername {
+    pub to: String,
+}
+
 #[derive(Deserialize)]
 pub struct UpdateUserIsVerified {
     pub is_verified: bool,