lemmy/server/src/api/post.rs

487 lines
13 KiB
Rust
Raw Normal View History

2019-05-05 05:20:38 +00:00
use super::*;
2020-04-13 13:06:41 +00:00
use crate::apub::activities::{post_create, post_update};
use diesel::PgConnection;
2019-05-05 05:20:38 +00:00
use std::str::FromStr;
2020-04-13 13:06:41 +00:00
#[derive(Serialize, Deserialize, Debug)]
2019-05-05 05:20:38 +00:00
pub struct CreatePost {
name: String,
url: Option<String>,
body: Option<String>,
nsfw: bool,
pub community_id: i32,
auth: String,
2019-05-05 05:20:38 +00:00
}
#[derive(Serialize, Deserialize, Clone)]
pub struct PostResponse {
pub post: PostView,
2019-05-05 05:20:38 +00:00
}
#[derive(Serialize, Deserialize)]
pub struct GetPost {
pub id: i32,
auth: Option<String>,
2019-05-05 05:20:38 +00:00
}
#[derive(Serialize, Deserialize)]
pub struct GetPostResponse {
post: PostView,
comments: Vec<CommentView>,
community: CommunityView,
moderators: Vec<CommunityModeratorView>,
admins: Vec<UserView>,
pub online: usize,
2019-05-05 05:20:38 +00:00
}
2020-03-14 00:05:42 +00:00
#[derive(Serialize, Deserialize, Debug)]
2019-05-05 05:20:38 +00:00
pub struct GetPosts {
type_: String,
sort: String,
page: Option<i64>,
limit: Option<i64>,
pub community_id: Option<i32>,
auth: Option<String>,
2019-05-05 05:20:38 +00:00
}
#[derive(Serialize, Deserialize, Debug)]
2019-05-05 05:20:38 +00:00
pub struct GetPostsResponse {
pub posts: Vec<PostView>,
2019-05-05 05:20:38 +00:00
}
#[derive(Serialize, Deserialize)]
pub struct CreatePostLike {
post_id: i32,
score: i16,
auth: String,
2019-05-05 05:20:38 +00:00
}
#[derive(Serialize, Deserialize)]
pub struct EditPost {
pub edit_id: i32,
creator_id: i32,
community_id: i32,
name: String,
url: Option<String>,
body: Option<String>,
removed: Option<bool>,
deleted: Option<bool>,
nsfw: bool,
2019-05-05 05:20:38 +00:00
locked: Option<bool>,
2019-09-09 06:14:13 +00:00
stickied: Option<bool>,
2019-05-05 05:20:38 +00:00
reason: Option<String>,
auth: String,
2019-05-05 05:20:38 +00:00
}
#[derive(Serialize, Deserialize)]
pub struct SavePost {
post_id: i32,
save: bool,
auth: String,
2019-05-05 05:20:38 +00:00
}
impl Perform<PostResponse> for Oper<CreatePost> {
fn perform(&self, conn: &PgConnection) -> Result<PostResponse, Error> {
2019-05-05 16:20:30 +00:00
let data: &CreatePost = &self.data;
2019-05-05 05:20:38 +00:00
let claims = match Claims::decode(&data.auth) {
Ok(claims) => claims.claims,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("not_logged_in").into()),
2019-05-05 05:20:38 +00:00
};
if let Err(slurs) = slur_check(&data.name) {
return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
}
if let Some(body) = &data.body {
if let Err(slurs) = slur_check(body) {
return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
}
}
2019-05-05 05:20:38 +00:00
let user_id = claims.id;
// Check for a community ban
if CommunityUserBanView::get(&conn, user_id, data.community_id).is_ok() {
2020-01-16 14:39:08 +00:00
return Err(APIError::err("community_ban").into());
2019-05-05 05:20:38 +00:00
}
// Check for a site ban
2020-04-09 19:26:22 +00:00
let user = User_::read(&conn, user_id)?;
if user.banned {
2020-01-16 14:39:08 +00:00
return Err(APIError::err("site_ban").into());
2019-05-05 05:20:38 +00:00
}
// Fetch Iframely and Pictshare cached image
let (iframely_title, iframely_description, iframely_html, pictshare_thumbnail) =
fetch_iframely_and_pictshare_data(data.url.to_owned());
2019-05-05 05:20:38 +00:00
let post_form = PostForm {
name: data.name.to_owned(),
url: data.url.to_owned(),
body: data.body.to_owned(),
community_id: data.community_id,
creator_id: user_id,
removed: None,
deleted: None,
nsfw: data.nsfw,
2019-05-05 05:20:38 +00:00
locked: None,
2019-09-09 06:14:13 +00:00
stickied: None,
updated: None,
embed_title: iframely_title,
embed_description: iframely_description,
embed_html: iframely_html,
thumbnail_url: pictshare_thumbnail,
2020-04-04 00:04:57 +00:00
ap_id: "changeme".into(),
local: true,
published: None,
2019-05-05 05:20:38 +00:00
};
let inserted_post = match Post::create(&conn, &post_form) {
Ok(post) => post,
Err(e) => {
let err_type = if e.to_string() == "value too long for type character varying(200)" {
"post_title_too_long"
} else {
"couldnt_create_post"
};
return Err(APIError::err(err_type).into());
}
2019-05-05 05:20:38 +00:00
};
2020-04-13 13:06:41 +00:00
let updated_post = match Post::update_ap_id(&conn, inserted_post.id) {
2020-04-04 00:04:57 +00:00
Ok(post) => post,
Err(_e) => return Err(APIError::err("couldnt_create_post").into()),
};
2020-04-13 13:06:41 +00:00
post_create(&updated_post, &user, conn)?;
2020-04-09 19:04:31 +00:00
2019-05-05 05:20:38 +00:00
// They like their own post by default
let like_form = PostLikeForm {
post_id: inserted_post.id,
user_id,
score: 1,
2019-05-05 05:20:38 +00:00
};
// Only add the like if the score isnt 0
let _inserted_like = match PostLike::like(&conn, &like_form) {
Ok(like) => like,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("couldnt_like_post").into()),
2019-05-05 05:20:38 +00:00
};
// Refetch the view
let post_view = match PostView::read(&conn, inserted_post.id, Some(user_id)) {
Ok(post) => post,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("couldnt_find_post").into()),
2019-05-05 05:20:38 +00:00
};
2020-01-16 14:39:08 +00:00
Ok(PostResponse { post: post_view })
2019-05-05 05:20:38 +00:00
}
}
impl Perform<GetPostResponse> for Oper<GetPost> {
fn perform(&self, conn: &PgConnection) -> Result<GetPostResponse, Error> {
2019-05-05 16:20:30 +00:00
let data: &GetPost = &self.data;
2019-05-05 05:20:38 +00:00
let user_id: Option<i32> = match &data.auth {
Some(auth) => match Claims::decode(&auth) {
Ok(claims) => {
let user_id = claims.claims.id;
Some(user_id)
2019-05-05 05:20:38 +00:00
}
Err(_e) => None,
},
None => None,
2019-05-05 05:20:38 +00:00
};
let post_view = match PostView::read(&conn, data.id, user_id) {
Ok(post) => post,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("couldnt_find_post").into()),
2019-05-05 05:20:38 +00:00
};
let comments = CommentQueryBuilder::create(&conn)
.for_post_id(data.id)
.my_user_id(user_id)
.limit(9999)
.list()?;
2019-05-05 05:20:38 +00:00
let community = CommunityView::read(&conn, post_view.community_id, user_id)?;
let moderators = CommunityModeratorView::for_community(&conn, post_view.community_id)?;
let site_creator_id = Site::read(&conn, 1)?.creator_id;
let mut admins = UserView::admins(&conn)?;
let creator_index = admins.iter().position(|r| r.id == site_creator_id).unwrap();
let creator_user = admins.remove(creator_index);
admins.insert(0, creator_user);
2019-05-05 05:20:38 +00:00
// Return the jwt
Ok(GetPostResponse {
post: post_view,
comments,
community,
moderators,
admins,
online: 0,
})
2019-05-05 05:20:38 +00:00
}
}
impl Perform<GetPostsResponse> for Oper<GetPosts> {
fn perform(&self, conn: &PgConnection) -> Result<GetPostsResponse, Error> {
2019-05-05 16:20:30 +00:00
let data: &GetPosts = &self.data;
2019-05-05 05:20:38 +00:00
let user_claims: Option<Claims> = match &data.auth {
Some(auth) => match Claims::decode(&auth) {
Ok(claims) => Some(claims.claims),
Err(_e) => None,
},
None => None,
2019-05-05 05:20:38 +00:00
};
let user_id = match &user_claims {
Some(claims) => Some(claims.id),
None => None,
};
let show_nsfw = match &user_claims {
Some(claims) => claims.show_nsfw,
None => false,
};
2019-05-05 05:20:38 +00:00
let type_ = ListingType::from_str(&data.type_)?;
2019-05-05 05:20:38 +00:00
let sort = SortType::from_str(&data.sort)?;
let posts = match PostQueryBuilder::create(&conn)
.listing_type(type_)
.sort(&sort)
.show_nsfw(show_nsfw)
.for_community_id(data.community_id)
.my_user_id(user_id)
.page(data.page)
.limit(data.limit)
.list()
{
2019-05-05 05:20:38 +00:00
Ok(posts) => posts,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("couldnt_get_posts").into()),
2019-05-05 05:20:38 +00:00
};
2020-01-16 14:39:08 +00:00
Ok(GetPostsResponse { posts })
2019-05-05 05:20:38 +00:00
}
}
impl Perform<PostResponse> for Oper<CreatePostLike> {
fn perform(&self, conn: &PgConnection) -> Result<PostResponse, Error> {
2019-05-05 16:20:30 +00:00
let data: &CreatePostLike = &self.data;
2019-05-05 05:20:38 +00:00
let claims = match Claims::decode(&data.auth) {
Ok(claims) => claims.claims,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("not_logged_in").into()),
2019-05-05 05:20:38 +00:00
};
let user_id = claims.id;
// Don't do a downvote if site has downvotes disabled
if data.score == -1 {
let site = SiteView::read(&conn)?;
if !site.enable_downvotes {
2020-01-16 14:39:08 +00:00
return Err(APIError::err("downvotes_disabled").into());
}
}
2019-05-05 05:20:38 +00:00
// Check for a community ban
let post = Post::read(&conn, data.post_id)?;
if CommunityUserBanView::get(&conn, user_id, post.community_id).is_ok() {
2020-01-16 14:39:08 +00:00
return Err(APIError::err("community_ban").into());
2019-05-05 05:20:38 +00:00
}
// Check for a site ban
if UserView::read(&conn, user_id)?.banned {
2020-01-16 14:39:08 +00:00
return Err(APIError::err("site_ban").into());
2019-05-05 05:20:38 +00:00
}
let like_form = PostLikeForm {
post_id: data.post_id,
user_id,
score: data.score,
2019-05-05 05:20:38 +00:00
};
// Remove any likes first
PostLike::remove(&conn, &like_form)?;
// Only add the like if the score isnt 0
let do_add = like_form.score != 0 && (like_form.score == 1 || like_form.score == -1);
2019-05-15 16:46:39 +00:00
if do_add {
2019-05-05 05:20:38 +00:00
let _inserted_like = match PostLike::like(&conn, &like_form) {
Ok(like) => like,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("couldnt_like_post").into()),
2019-05-05 05:20:38 +00:00
};
}
let post_view = match PostView::read(&conn, data.post_id, Some(user_id)) {
Ok(post) => post,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("couldnt_find_post").into()),
2019-05-05 05:20:38 +00:00
};
// just output the score
Ok(PostResponse { post: post_view })
2019-05-05 05:20:38 +00:00
}
}
impl Perform<PostResponse> for Oper<EditPost> {
fn perform(&self, conn: &PgConnection) -> Result<PostResponse, Error> {
2019-05-05 16:20:30 +00:00
let data: &EditPost = &self.data;
if let Err(slurs) = slur_check(&data.name) {
return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
}
if let Some(body) = &data.body {
if let Err(slurs) = slur_check(body) {
return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
}
}
2019-05-05 05:20:38 +00:00
let claims = match Claims::decode(&data.auth) {
Ok(claims) => claims.claims,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("not_logged_in").into()),
2019-05-05 05:20:38 +00:00
};
let user_id = claims.id;
// Verify its the creator or a mod or admin
let mut editors: Vec<i32> = vec![data.creator_id];
editors.append(
&mut CommunityModeratorView::for_community(&conn, data.community_id)?
.into_iter()
.map(|m| m.user_id)
.collect(),
);
editors.append(&mut UserView::admins(&conn)?.into_iter().map(|a| a.id).collect());
2019-05-05 05:20:38 +00:00
if !editors.contains(&user_id) {
2020-01-16 14:39:08 +00:00
return Err(APIError::err("no_post_edit_allowed").into());
2019-05-05 05:20:38 +00:00
}
// Check for a community ban
if CommunityUserBanView::get(&conn, user_id, data.community_id).is_ok() {
2020-01-16 14:39:08 +00:00
return Err(APIError::err("community_ban").into());
2019-05-05 05:20:38 +00:00
}
// Check for a site ban
2020-04-13 13:06:41 +00:00
let user = User_::read(&conn, user_id)?;
if user.banned {
2020-01-16 14:39:08 +00:00
return Err(APIError::err("site_ban").into());
2019-05-05 05:20:38 +00:00
}
// Fetch Iframely and Pictshare cached image
let (iframely_title, iframely_description, iframely_html, pictshare_thumbnail) =
fetch_iframely_and_pictshare_data(data.url.to_owned());
2020-04-04 00:04:57 +00:00
let read_post = Post::read(&conn, data.edit_id)?;
2019-05-05 05:20:38 +00:00
let post_form = PostForm {
name: data.name.to_owned(),
url: data.url.to_owned(),
body: data.body.to_owned(),
creator_id: data.creator_id.to_owned(),
community_id: data.community_id,
removed: data.removed.to_owned(),
deleted: data.deleted.to_owned(),
nsfw: data.nsfw,
2019-05-05 05:20:38 +00:00
locked: data.locked.to_owned(),
2019-09-09 06:14:13 +00:00
stickied: data.stickied.to_owned(),
updated: Some(naive_now()),
embed_title: iframely_title,
embed_description: iframely_description,
embed_html: iframely_html,
thumbnail_url: pictshare_thumbnail,
2020-04-04 00:04:57 +00:00
ap_id: read_post.ap_id,
local: read_post.local,
published: None,
2019-05-05 05:20:38 +00:00
};
2020-04-13 13:06:41 +00:00
let updated_post = match Post::update(&conn, data.edit_id, &post_form) {
2019-05-05 05:20:38 +00:00
Ok(post) => post,
Err(e) => {
let err_type = if e.to_string() == "value too long for type character varying(200)" {
"post_title_too_long"
} else {
"couldnt_update_post"
};
return Err(APIError::err(err_type).into());
}
2019-05-05 05:20:38 +00:00
};
// Mod tables
if let Some(removed) = data.removed.to_owned() {
let form = ModRemovePostForm {
mod_user_id: user_id,
post_id: data.edit_id,
removed: Some(removed),
reason: data.reason.to_owned(),
};
ModRemovePost::create(&conn, &form)?;
}
if let Some(locked) = data.locked.to_owned() {
let form = ModLockPostForm {
mod_user_id: user_id,
post_id: data.edit_id,
locked: Some(locked),
};
ModLockPost::create(&conn, &form)?;
}
2019-09-09 06:14:13 +00:00
if let Some(stickied) = data.stickied.to_owned() {
let form = ModStickyPostForm {
mod_user_id: user_id,
post_id: data.edit_id,
stickied: Some(stickied),
};
ModStickyPost::create(&conn, &form)?;
}
2020-04-13 13:06:41 +00:00
post_update(&updated_post, &user, conn)?;
2019-05-05 05:20:38 +00:00
let post_view = PostView::read(&conn, data.edit_id, Some(user_id))?;
2020-01-16 14:39:08 +00:00
Ok(PostResponse { post: post_view })
2019-05-05 05:20:38 +00:00
}
}
impl Perform<PostResponse> for Oper<SavePost> {
fn perform(&self, conn: &PgConnection) -> Result<PostResponse, Error> {
2019-05-05 16:20:30 +00:00
let data: &SavePost = &self.data;
2019-05-05 05:20:38 +00:00
let claims = match Claims::decode(&data.auth) {
Ok(claims) => claims.claims,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("not_logged_in").into()),
2019-05-05 05:20:38 +00:00
};
let user_id = claims.id;
let post_saved_form = PostSavedForm {
post_id: data.post_id,
user_id,
2019-05-05 05:20:38 +00:00
};
if data.save {
match PostSaved::save(&conn, &post_saved_form) {
Ok(post) => post,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("couldnt_save_post").into()),
2019-05-05 05:20:38 +00:00
};
} else {
match PostSaved::unsave(&conn, &post_saved_form) {
Ok(post) => post,
2020-01-16 14:39:08 +00:00
Err(_e) => return Err(APIError::err("couldnt_save_post").into()),
2019-05-05 05:20:38 +00:00
};
}
let post_view = PostView::read(&conn, data.post_id, Some(user_id))?;
2020-01-16 14:39:08 +00:00
Ok(PostResponse { post: post_view })
2019-05-05 05:20:38 +00:00
}
}