mirror of
https://github.com/LemmyNet/lemmy.git
synced 2024-12-23 11:21:32 +00:00
Userview safe updated.
This commit is contained in:
parent
efdcbc44c4
commit
028d1d0efc
5 changed files with 98 additions and 69 deletions
|
@ -140,6 +140,11 @@ impl<T> MaybeOptional<T> for Option<T> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub(crate) trait ToSafe {
|
||||||
|
type SafeColumns;
|
||||||
|
fn safe_columns_tuple() -> Self::SafeColumns;
|
||||||
|
}
|
||||||
|
|
||||||
pub fn get_database_url_from_env() -> Result<String, VarError> {
|
pub fn get_database_url_from_env() -> Result<String, VarError> {
|
||||||
env::var("LEMMY_DATABASE_URL")
|
env::var("LEMMY_DATABASE_URL")
|
||||||
}
|
}
|
||||||
|
|
|
@ -40,6 +40,26 @@ pub struct User_ {
|
||||||
pub deleted: bool,
|
pub deleted: bool,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// A safe representation of user, without the sensitive info
|
||||||
|
#[derive(Clone, Queryable, Identifiable, PartialEq, Debug, Serialize)]
|
||||||
|
#[table_name = "user_"]
|
||||||
|
pub struct UserSafe {
|
||||||
|
pub id: i32,
|
||||||
|
pub name: String,
|
||||||
|
pub preferred_username: Option<String>,
|
||||||
|
pub avatar: Option<String>,
|
||||||
|
pub admin: bool,
|
||||||
|
pub banned: bool,
|
||||||
|
pub published: chrono::NaiveDateTime,
|
||||||
|
pub updated: Option<chrono::NaiveDateTime>,
|
||||||
|
pub matrix_user_id: Option<String>,
|
||||||
|
pub actor_id: String,
|
||||||
|
pub bio: Option<String>,
|
||||||
|
pub local: bool,
|
||||||
|
pub banner: Option<String>,
|
||||||
|
pub deleted: bool,
|
||||||
|
}
|
||||||
|
|
||||||
#[derive(Insertable, AsChangeset, Clone)]
|
#[derive(Insertable, AsChangeset, Clone)]
|
||||||
#[table_name = "user_"]
|
#[table_name = "user_"]
|
||||||
pub struct UserForm {
|
pub struct UserForm {
|
||||||
|
@ -69,25 +89,6 @@ pub struct UserForm {
|
||||||
pub banner: Option<Option<String>>,
|
pub banner: Option<Option<String>>,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// A safe representation of user, without the sensitive info
|
|
||||||
#[derive(Clone, Debug, Serialize)]
|
|
||||||
pub struct UserSafe {
|
|
||||||
pub id: i32,
|
|
||||||
pub name: String,
|
|
||||||
pub preferred_username: Option<String>,
|
|
||||||
pub avatar: Option<String>,
|
|
||||||
pub admin: bool,
|
|
||||||
pub banned: bool,
|
|
||||||
pub published: chrono::NaiveDateTime,
|
|
||||||
pub updated: Option<chrono::NaiveDateTime>,
|
|
||||||
pub matrix_user_id: Option<String>,
|
|
||||||
pub actor_id: String,
|
|
||||||
pub bio: Option<String>,
|
|
||||||
pub local: bool,
|
|
||||||
pub banner: Option<String>,
|
|
||||||
pub deleted: bool,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl Crud<UserForm> for User_ {
|
impl Crud<UserForm> for User_ {
|
||||||
fn read(conn: &PgConnection, user_id: i32) -> Result<Self, Error> {
|
fn read(conn: &PgConnection, user_id: i32) -> Result<Self, Error> {
|
||||||
user_
|
user_
|
||||||
|
@ -219,23 +220,46 @@ impl User_ {
|
||||||
))
|
))
|
||||||
.get_result::<Self>(conn)
|
.get_result::<Self>(conn)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
pub fn to_safe(&self) -> UserSafe {
|
mod safe_type {
|
||||||
UserSafe {
|
use crate::{schema::user_::columns::*, user::User_, ToSafe};
|
||||||
id: self.id,
|
type Columns = (
|
||||||
name: self.name.to_owned(),
|
id,
|
||||||
preferred_username: self.preferred_username.to_owned(),
|
name,
|
||||||
avatar: self.avatar.to_owned(),
|
preferred_username,
|
||||||
admin: self.admin,
|
avatar,
|
||||||
banned: self.banned,
|
admin,
|
||||||
published: self.published,
|
banned,
|
||||||
updated: self.updated,
|
published,
|
||||||
matrix_user_id: self.matrix_user_id.to_owned(),
|
updated,
|
||||||
actor_id: self.actor_id.to_owned(),
|
matrix_user_id,
|
||||||
bio: self.bio.to_owned(),
|
actor_id,
|
||||||
local: self.local,
|
bio,
|
||||||
banner: self.banner.to_owned(),
|
local,
|
||||||
deleted: self.deleted,
|
banner,
|
||||||
|
deleted,
|
||||||
|
);
|
||||||
|
|
||||||
|
impl ToSafe for User_ {
|
||||||
|
type SafeColumns = Columns;
|
||||||
|
fn safe_columns_tuple() -> Self::SafeColumns {
|
||||||
|
(
|
||||||
|
id,
|
||||||
|
name,
|
||||||
|
preferred_username,
|
||||||
|
avatar,
|
||||||
|
admin,
|
||||||
|
banned,
|
||||||
|
published,
|
||||||
|
updated,
|
||||||
|
matrix_user_id,
|
||||||
|
actor_id,
|
||||||
|
bio,
|
||||||
|
local,
|
||||||
|
banner,
|
||||||
|
deleted,
|
||||||
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,6 +4,7 @@ use crate::{
|
||||||
community::{Community, CommunityFollower},
|
community::{Community, CommunityFollower},
|
||||||
schema::{category, community, community_aggregates, community_follower, user_},
|
schema::{category, community, community_aggregates, community_follower, user_},
|
||||||
user::{UserSafe, User_},
|
user::{UserSafe, User_},
|
||||||
|
ToSafe,
|
||||||
};
|
};
|
||||||
use diesel::{result::Error, *};
|
use diesel::{result::Error, *};
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
|
@ -39,11 +40,17 @@ impl CommunityView {
|
||||||
.inner_join(user_::table)
|
.inner_join(user_::table)
|
||||||
.inner_join(category::table)
|
.inner_join(category::table)
|
||||||
.inner_join(community_aggregates::table)
|
.inner_join(community_aggregates::table)
|
||||||
.first::<(Community, User_, Category, CommunityAggregates)>(conn)?;
|
.select((
|
||||||
|
community::all_columns,
|
||||||
|
User_::safe_columns_tuple(),
|
||||||
|
category::all_columns,
|
||||||
|
community_aggregates::all_columns,
|
||||||
|
))
|
||||||
|
.first::<(Community, UserSafe, Category, CommunityAggregates)>(conn)?;
|
||||||
|
|
||||||
Ok(CommunityView {
|
Ok(CommunityView {
|
||||||
community,
|
community,
|
||||||
creator: creator.to_safe(),
|
creator,
|
||||||
category,
|
category,
|
||||||
subscribed,
|
subscribed,
|
||||||
counts,
|
counts,
|
||||||
|
|
|
@ -2,6 +2,7 @@ use crate::{
|
||||||
schema::{site, user_},
|
schema::{site, user_},
|
||||||
site::Site,
|
site::Site,
|
||||||
user::{UserSafe, User_},
|
user::{UserSafe, User_},
|
||||||
|
ToSafe,
|
||||||
};
|
};
|
||||||
use diesel::{result::Error, *};
|
use diesel::{result::Error, *};
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
|
@ -16,11 +17,9 @@ impl SiteView {
|
||||||
pub fn read(conn: &PgConnection) -> Result<Self, Error> {
|
pub fn read(conn: &PgConnection) -> Result<Self, Error> {
|
||||||
let (site, creator) = site::table
|
let (site, creator) = site::table
|
||||||
.inner_join(user_::table)
|
.inner_join(user_::table)
|
||||||
.first::<(Site, User_)>(conn)?;
|
.select((site::all_columns, User_::safe_columns_tuple()))
|
||||||
|
.first::<(Site, UserSafe)>(conn)?;
|
||||||
|
|
||||||
Ok(SiteView {
|
Ok(SiteView { site, creator })
|
||||||
site,
|
|
||||||
creator: creator.to_safe(),
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,6 +6,7 @@ use crate::{
|
||||||
user::{UserSafe, User_},
|
user::{UserSafe, User_},
|
||||||
MaybeOptional,
|
MaybeOptional,
|
||||||
SortType,
|
SortType,
|
||||||
|
ToSafe,
|
||||||
};
|
};
|
||||||
use diesel::{dsl::*, result::Error, *};
|
use diesel::{dsl::*, result::Error, *};
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
|
@ -37,30 +38,30 @@ impl UserViewSafe {
|
||||||
let (user, counts) = user_::table
|
let (user, counts) = user_::table
|
||||||
.find(id)
|
.find(id)
|
||||||
.inner_join(user_aggregates::table)
|
.inner_join(user_aggregates::table)
|
||||||
.first::<(User_, UserAggregates)>(conn)?;
|
.select((User_::safe_columns_tuple(), user_aggregates::all_columns))
|
||||||
Ok(Self {
|
.first::<(UserSafe, UserAggregates)>(conn)?;
|
||||||
user: user.to_safe(),
|
Ok(Self { user, counts })
|
||||||
counts,
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn admins(conn: &PgConnection) -> Result<Vec<Self>, Error> {
|
pub fn admins(conn: &PgConnection) -> Result<Vec<Self>, Error> {
|
||||||
let admins = user_::table
|
let admins = user_::table
|
||||||
.inner_join(user_aggregates::table)
|
.inner_join(user_aggregates::table)
|
||||||
|
.select((User_::safe_columns_tuple(), user_aggregates::all_columns))
|
||||||
.filter(user_::admin.eq(true))
|
.filter(user_::admin.eq(true))
|
||||||
.order_by(user_::published)
|
.order_by(user_::published)
|
||||||
.load::<(User_, UserAggregates)>(conn)?;
|
.load::<(UserSafe, UserAggregates)>(conn)?;
|
||||||
|
|
||||||
Ok(vec_to_user_view_safe(admins))
|
Ok(to_vec(admins))
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn banned(conn: &PgConnection) -> Result<Vec<Self>, Error> {
|
pub fn banned(conn: &PgConnection) -> Result<Vec<Self>, Error> {
|
||||||
let banned = user_::table
|
let banned = user_::table
|
||||||
.inner_join(user_aggregates::table)
|
.inner_join(user_aggregates::table)
|
||||||
|
.select((User_::safe_columns_tuple(), user_aggregates::all_columns))
|
||||||
.filter(user_::banned.eq(true))
|
.filter(user_::banned.eq(true))
|
||||||
.load::<(User_, UserAggregates)>(conn)?;
|
.load::<(UserSafe, UserAggregates)>(conn)?;
|
||||||
|
|
||||||
Ok(vec_to_user_view_safe(banned))
|
Ok(to_vec(banned))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -77,34 +78,24 @@ mod join_types {
|
||||||
pub(super) type BoxedUserJoin<'a> = BoxedSelectStatement<
|
pub(super) type BoxedUserJoin<'a> = BoxedSelectStatement<
|
||||||
'a,
|
'a,
|
||||||
(
|
(
|
||||||
|
// UserSafe column types
|
||||||
(
|
(
|
||||||
Integer,
|
Integer,
|
||||||
Text,
|
Text,
|
||||||
Nullable<Text>,
|
Nullable<Text>,
|
||||||
Text,
|
|
||||||
Nullable<Text>,
|
Nullable<Text>,
|
||||||
Nullable<Text>,
|
Bool,
|
||||||
diesel::sql_types::Bool,
|
|
||||||
Bool,
|
Bool,
|
||||||
Timestamp,
|
Timestamp,
|
||||||
Nullable<Timestamp>,
|
Nullable<Timestamp>,
|
||||||
Bool,
|
|
||||||
Text,
|
|
||||||
SmallInt,
|
|
||||||
SmallInt,
|
|
||||||
Text,
|
|
||||||
Bool,
|
|
||||||
Bool,
|
|
||||||
Nullable<Text>,
|
Nullable<Text>,
|
||||||
Text,
|
Text,
|
||||||
Nullable<Text>,
|
Nullable<Text>,
|
||||||
Bool,
|
Bool,
|
||||||
Nullable<Text>,
|
Nullable<Text>,
|
||||||
Nullable<Text>,
|
|
||||||
Timestamp,
|
|
||||||
Nullable<Text>,
|
|
||||||
Bool,
|
Bool,
|
||||||
),
|
),
|
||||||
|
// UserAggregates column types
|
||||||
(Integer, Integer, BigInt, BigInt, BigInt, BigInt),
|
(Integer, Integer, BigInt, BigInt, BigInt, BigInt),
|
||||||
),
|
),
|
||||||
JoinOn<
|
JoinOn<
|
||||||
|
@ -128,7 +119,10 @@ pub struct UserQueryBuilder<'a> {
|
||||||
|
|
||||||
impl<'a> UserQueryBuilder<'a> {
|
impl<'a> UserQueryBuilder<'a> {
|
||||||
pub fn create(conn: &'a PgConnection) -> Self {
|
pub fn create(conn: &'a PgConnection) -> Self {
|
||||||
let query = user_::table.inner_join(user_aggregates::table).into_boxed();
|
let query = user_::table
|
||||||
|
.inner_join(user_aggregates::table)
|
||||||
|
.select((User_::safe_columns_tuple(), user_aggregates::all_columns))
|
||||||
|
.into_boxed();
|
||||||
|
|
||||||
UserQueryBuilder {
|
UserQueryBuilder {
|
||||||
conn,
|
conn,
|
||||||
|
@ -192,17 +186,17 @@ impl<'a> UserQueryBuilder<'a> {
|
||||||
let (limit, offset) = limit_and_offset(self.page, self.limit);
|
let (limit, offset) = limit_and_offset(self.page, self.limit);
|
||||||
query = query.limit(limit).offset(offset);
|
query = query.limit(limit).offset(offset);
|
||||||
|
|
||||||
let res = query.load::<(User_, UserAggregates)>(self.conn)?;
|
let res = query.load::<(UserSafe, UserAggregates)>(self.conn)?;
|
||||||
|
|
||||||
Ok(vec_to_user_view_safe(res))
|
Ok(to_vec(res))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn vec_to_user_view_safe(users: Vec<(User_, UserAggregates)>) -> Vec<UserViewSafe> {
|
fn to_vec(users: Vec<(UserSafe, UserAggregates)>) -> Vec<UserViewSafe> {
|
||||||
users
|
users
|
||||||
.iter()
|
.iter()
|
||||||
.map(|a| UserViewSafe {
|
.map(|a| UserViewSafe {
|
||||||
user: a.0.to_safe(),
|
user: a.0.to_owned(),
|
||||||
counts: a.1.to_owned(),
|
counts: a.1.to_owned(),
|
||||||
})
|
})
|
||||||
.collect::<Vec<UserViewSafe>>()
|
.collect::<Vec<UserViewSafe>>()
|
||||||
|
|
Loading…
Reference in a new issue