add: app_data api

2025-07-17 13:34:10 -04:00 · 2025-07-17 13:34:10 -04:00 · f423daf2fc
commit f423daf2fc
parent 5c520f4308
38 changed files with 410 additions and 91 deletions
--- a/crates/app/src/routes/api/v1/app_data.rs
+++ b/crates/app/src/routes/api/v1/app_data.rs
@ -0,0 +1,136 @@
+use crate::{
+    get_app_from_key,
+    routes::api::v1::{InsertAppData, QueryAppData, UpdateAppDataValue},
+    State,
+};
+use axum::{Extension, Json, extract::Path, response::IntoResponse};
+use axum_extra::extract::CookieJar;
+use tetratto_core::model::{
+    apps::{AppData, AppDataQuery},
+    ApiReturn, Error,
+};
+
+pub async fn query_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Json(req): Json<QueryAppData>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let app = match get_app_from_key!(data, jar) {
+        Some(x) => x,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data
+        .query_app_data(AppDataQuery {
+            app: app.id,
+            query: req.query,
+            mode: req.mode,
+        })
+        .await
+    {
+        Ok(x) => Json(ApiReturn {
+            ok: true,
+            message: "Success".to_string(),
+            payload: Some(x),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn create_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Json(req): Json<InsertAppData>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let app = match get_app_from_key!(data, jar) {
+        Some(x) => x,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let owner = match data.get_user_by_id(app.owner).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    // check size
+    let new_size = app.data_used + req.value.len();
+    if new_size > AppData::user_limit(&owner) {
+        return Json(Error::AppHitStorageLimit.into());
+    }
+
+    // ...
+    match data
+        .create_app_data(AppData::new(app.id, req.key, req.value))
+        .await
+    {
+        Ok(s) => Json(ApiReturn {
+            ok: true,
+            message: "App created".to_string(),
+            payload: s.id.to_string(),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn update_value_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Path(id): Path<usize>,
+    Json(req): Json<UpdateAppDataValue>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let app = match get_app_from_key!(data, jar) {
+        Some(x) => x,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let owner = match data.get_user_by_id(app.owner).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    let app_data = match data.get_app_data_by_id(id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    // check size
+    let size_without = app.data_used - app_data.value.len();
+    let new_size = size_without + req.value.len();
+
+    if new_size > AppData::user_limit(&owner) {
+        return Json(Error::AppHitStorageLimit.into());
+    }
+
+    // ...
+    match data.update_app_data_value(id, &req.value).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Data updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
+pub async fn delete_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Path(id): Path<usize>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    if get_app_from_key!(data, jar).is_none() {
+        return Json(Error::NotAllowed.into());
+    }
+
+    match data.delete_app_data(id).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "Data deleted".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
--- a/crates/app/src/routes/api/v1/apps.rs
+++ b/crates/app/src/routes/api/v1/apps.rs
@ -239,3 +239,34 @@ pub async fn grant_request(
        Err(e) => Json(e.into()),
    }
 }
+
+pub async fn roll_api_key_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Path(id): Path<usize>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let app = match data.get_app_by_id(id).await {
+        Ok(x) => x,
+        Err(e) => return Json(e.into()),
+    };
+
+    if user.id != app.owner {
+        return Json(Error::NotAllowed.into());
+    }
+
+    let new_key = tetratto_shared::hash::random_id_salted_len(32);
+    match data.update_app_api_key(id, &new_key).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "App updated".to_string(),
+            payload: Some(new_key),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
--- a/crates/app/src/routes/api/v1/mod.rs
+++ b/crates/app/src/routes/api/v1/mod.rs
@ -1,3 +1,4 @@
+pub mod app_data;
 pub mod apps;
 pub mod auth;
 pub mod channels;
@ -19,9 +20,9 @@ use axum::{
    routing::{any, delete, get, post, put},
    Router,
 };
-use serde::Deserialize;
+use serde::{Deserialize};
 use tetratto_core::model::{
-    apps::AppQuota,
+    apps::{AppDataSelectMode, AppDataSelectQuery, AppQuota},
    auth::AchievementName,
    communities::{
        CommunityContext, CommunityJoinAccess, CommunityReadAccess, CommunityWriteAccess,
@ -32,7 +33,7 @@ use tetratto_core::model::{
    littleweb::{DomainData, DomainTld, ServiceFsEntry},
    oauth::AppScope,
    permissions::{FinePermission, SecondaryPermission},
-    products::{ProductType, ProductPrice},
+    products::{ProductPrice, ProductType},
    reactions::AssetType,
    stacks::{StackMode, StackPrivacy, StackSort},
 };
@ -419,6 +420,7 @@ pub fn routes() -> Router {
        )
        // apps
        .route("/apps", post(apps::create_request))
+        .route("/apps/{id}", delete(apps::delete_request))
        .route("/apps/{id}/title", post(apps::update_title_request))
        .route("/apps/{id}/homepage", post(apps::update_homepage_request))
        .route("/apps/{id}/redirect", post(apps::update_redirect_request))
@ -427,8 +429,13 @@ pub fn routes() -> Router {
            post(apps::update_quota_status_request),
        )
        .route("/apps/{id}/scopes", post(apps::update_scopes_request))
-        .route("/apps/{id}", delete(apps::delete_request))
        .route("/apps/{id}/grant", post(apps::grant_request))
+        .route("/apps/{id}/roll", post(apps::roll_api_key_request))
+        // app data
+        .route("/app_data", post(app_data::create_request))
+        .route("/app_data/query", post(app_data::query_request))
+        .route("/app_data/{id}", delete(app_data::delete_request))
+        .route("/app_data/{id}/value", post(app_data::update_value_request))
        // warnings
        .route("/warnings/{id}", get(auth::user_warnings::get_request))
        .route("/warnings/{id}", post(auth::user_warnings::create_request))
@ -1148,3 +1155,20 @@ pub struct UpdateProductPrice {
 pub struct UpdateUploadAlt {
    pub alt: String,
 }
+
+#[derive(Deserialize)]
+pub struct UpdateAppDataValue {
+    pub value: String,
+}
+
+#[derive(Deserialize)]
+pub struct InsertAppData {
+    pub key: String,
+    pub value: String,
+}
+
+#[derive(Deserialize)]
+pub struct QueryAppData {
+    pub query: AppDataSelectQuery,
+    pub mode: AppDataSelectMode,
+}