t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases 4 Packages Wiki Activity Actions

add: full links api

Browse source
This commit is contained in:
trisua 2025-06-24 16:34:55 -04:00
parent c2dbe2f114
commit ffdb767518
12 changed files with 532 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

285
crates/app/src/routes/api/v1/auth/links.rs Normal file
View file

@ -0,0 +1,285 @@
use axum::{
response::IntoResponse,
extract::{Json, Path},
Extension,
};
use axum_extra::extract::CookieJar;
use crate::{
get_user_from_token,
image::{save_webp_buffer, JsonMultipart},
routes::api::v1::{
CreateLink, UpdateLinkHref, UpdateLinkLabel, UpdateLinkPosition, UploadLinkIcon,
},
State,
};
use tetratto_core::model::{
links::Link,
oauth,
uploads::{MediaType, MediaUpload},
ApiReturn, Error,
};
pub async fn get_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
if get_user_from_token!(jar, data, oauth::AppScope::UserReadLinks).is_none() {
return Json(Error::NotAllowed.into());
};
let link = match data.get_link_by_id(id).await {
Ok(x) => x,
Err(e) => return Json(e.into()),
};
Json(ApiReturn {
ok: true,
message: "Success".to_string(),
payload: Some(link),
})
}
pub async fn list_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReadLinks) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
match data.get_links_by_owner(user.id).await {
Ok(x) => Json(ApiReturn {
ok: true,
message: "Success".to_string(),
payload: Some(x),
}),
Err(e) => Json(e.into()),
}
}
pub async fn create_request(
jar: CookieJar,
Extension(data): Extension<State>,
Json(props): Json<CreateLink>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserCreateLinks) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
match data
.create_link(
Link::new(
user.id,
props.label,
props.href,
match data.get_links_by_owner_count(user.id).await {
Ok(c) => (c + 1) as usize,
Err(e) => return Json(e.into()),
},
),
&user,
)
.await
{
Ok(x) => Json(ApiReturn {
ok: true,
message: "Link created".to_string(),
payload: Some(x.id.to_string()),
}),
Err(e) => Json(e.into()),
}
}
pub async fn update_label_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
Json(props): Json<UpdateLinkLabel>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
// ...
match data.update_link_label(id, &props.label).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub async fn update_href_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
Json(props): Json<UpdateLinkHref>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
// ...
match data.update_link_href(id, &props.href).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub async fn update_position_request(
jar: CookieJar,
Path(id): Path<usize>,
Extension(data): Extension<State>,
Json(props): Json<UpdateLinkPosition>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
if props.position < 0 {
return Json(Error::MiscError("Position must be an unsigned integer".to_string()).into());
}
// ...
match data.update_link_position(id, props.position).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub const MAXIMUM_FILE_SIZE: usize = 131072; // 128 KiB
pub async fn upload_icon_request(
jar: CookieJar,
Extension(data): Extension<State>,
JsonMultipart(images, props): JsonMultipart<UploadLinkIcon>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageNotes) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let id = match props.id.parse::<usize>() {
Ok(i) => i,
Err(_) => return Json(Error::Unknown.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
// create upload
let upload = match data
.create_upload(MediaUpload::new(MediaType::Webp, user.id))
.await
{
Ok(n) => n,
Err(e) => return Json(e.into()),
};
let image = match images.get(0) {
Some(i) => i,
None => return Json(Error::MiscError("Missing file".to_string()).into()),
};
if image.len() > MAXIMUM_FILE_SIZE {
return Json(Error::FileTooLarge.into());
}
// upload
if let Err(e) = save_webp_buffer(&upload.path(&data.0.0).to_string(), image.to_vec(), None) {
return Json(Error::MiscError(e.to_string()).into());
}
// ...
match data.update_link_upload_id(id, upload.id as i64).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link updated".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}
pub async fn delete_request(
jar: CookieJar,
Extension(data): Extension<State>,
Path(id): Path<usize>,
) -> impl IntoResponse {
let data = &(data.read().await).0;
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserManageStacks) {
Some(ua) => ua,
None => return Json(Error::NotAllowed.into()),
};
let link = match data.get_link_by_id(id).await {
Ok(n) => n,
Err(e) => return Json(e.into()),
};
if link.owner != user.id {
return Json(Error::NotAllowed.into());
}
match data.delete_link(id).await {
Ok(_) => Json(ApiReturn {
ok: true,
message: "Link deleted".to_string(),
payload: (),
}),
Err(e) => Json(e.into()),
}
}

1
crates/app/src/routes/api/v1/auth/mod.rs
View file

@ -1,6 +1,7 @@
pub mod connections;
pub mod images;
pub mod ipbans;
pub mod links;
pub mod profile;
pub mod social;
pub mod user_warnings;

38
crates/app/src/routes/api/v1/mod.rs
View file

@ -597,6 +597,18 @@ pub fn routes() -> Router {
// uploads
.route("/uploads/{id}", get(uploads::get_request))
.route("/uploads/{id}", delete(uploads::delete_request))
// links
.route("/links", get(auth::links::list_request))
.route("/links", post(auth::links::create_request))
.route("/links/{id}", get(auth::links::get_request))
.route("/links/{id}", delete(auth::links::delete_request))
.route("/links/icon", post(auth::links::upload_icon_request))
.route("/links/{id}/label", post(auth::links::update_label_request))
.route("/links/{id}/href", post(auth::links::update_href_request))
.route(
"/links/{id}/position",
post(auth::links::update_position_request),
)
}
#[derive(Deserialize)]
@ -970,3 +982,29 @@ pub struct RemoveJournalDir {
pub struct UpdateNoteTags {
pub tags: Vec<String>,
}
#[derive(Deserialize)]
pub struct CreateLink {
pub label: String,
pub href: String,
}
#[derive(Deserialize)]
pub struct UpdateLinkLabel {
pub label: String,
}
#[derive(Deserialize)]
pub struct UpdateLinkHref {
pub href: String,
}
#[derive(Deserialize)]
pub struct UpdateLinkPosition {
pub position: i32,
}
#[derive(Deserialize)]
pub struct UploadLinkIcon {
pub id: String,
}