Merge pull request #997 from LemmyNet/api_edit_separation

Api edit separation.
2020-07-22 22:33:39 +02:00 · 2020-07-22 22:33:39 +02:00 · 227f397d5e
parent db0d213710 59da2976ab
commit 227f397d5e
43 changed files with 2451 additions and 1087 deletions
--- a/docs/src/contributing_websocket_http_api.md
+++ b/docs/src/contributing_websocket_http_api.md
@ -17,6 +17,7 @@
 - [Errors](#errors)
 - [API documentation](#api-documentation)
  * [Sort Types](#sort-types)
+  * [Undoing actions](#undoing-actions)
  * [Websocket vs HTTP](#websocket-vs-http)
  * [User / Authentication / Admin actions](#user--authentication--admin-actions)
    + [Login](#login)
@ -43,142 +44,198 @@
      - [Request](#request-5)
      - [Response](#response-5)
      - [HTTP](#http-6)
-    + [Edit User Mention](#edit-user-mention)
+    + [Mark User Mention as read](#mark-user-mention-as-read)
      - [Request](#request-6)
      - [Response](#response-6)
      - [HTTP](#http-7)
-    + [Mark All As Read](#mark-all-as-read)
+    + [Get Private Messages](#get-private-messages)
      - [Request](#request-7)
      - [Response](#response-7)
      - [HTTP](#http-8)
-    + [Delete Account](#delete-account)
+    + [Create Private Message](#create-private-message)
      - [Request](#request-8)
      - [Response](#response-8)
      - [HTTP](#http-9)
-    + [Add admin](#add-admin)
+    + [Edit Private Message](#edit-private-message)
      - [Request](#request-9)
      - [Response](#response-9)
      - [HTTP](#http-10)
-    + [Ban user](#ban-user)
+    + [Delete Private Message](#delete-private-message)
      - [Request](#request-10)
      - [Response](#response-10)
      - [HTTP](#http-11)
-  * [Site](#site)
-    + [List Categories](#list-categories)
+    + [Mark Private Message as Read](#mark-private-message-as-read)
      - [Request](#request-11)
      - [Response](#response-11)
      - [HTTP](#http-12)
-    + [Search](#search)
+    + [Mark All As Read](#mark-all-as-read)
      - [Request](#request-12)
      - [Response](#response-12)
      - [HTTP](#http-13)
-    + [Get Modlog](#get-modlog)
+    + [Delete Account](#delete-account)
      - [Request](#request-13)
      - [Response](#response-13)
      - [HTTP](#http-14)
-    + [Create Site](#create-site)
+    + [Add admin](#add-admin)
      - [Request](#request-14)
      - [Response](#response-14)
      - [HTTP](#http-15)
-    + [Edit Site](#edit-site)
+    + [Ban user](#ban-user)
      - [Request](#request-15)
      - [Response](#response-15)
      - [HTTP](#http-16)
-    + [Get Site](#get-site)
+  * [Site](#site)
+    + [List Categories](#list-categories)
      - [Request](#request-16)
      - [Response](#response-16)
      - [HTTP](#http-17)
-    + [Transfer Site](#transfer-site)
+    + [Search](#search)
      - [Request](#request-17)
      - [Response](#response-17)
      - [HTTP](#http-18)
-    + [Get Site Config](#get-site-config)
+    + [Get Modlog](#get-modlog)
      - [Request](#request-18)
      - [Response](#response-18)
      - [HTTP](#http-19)
-    + [Save Site Config](#save-site-config)
+    + [Create Site](#create-site)
      - [Request](#request-19)
      - [Response](#response-19)
      - [HTTP](#http-20)
-  * [Community](#community)
-    + [Get Community](#get-community)
+    + [Edit Site](#edit-site)
      - [Request](#request-20)
      - [Response](#response-20)
      - [HTTP](#http-21)
-    + [Create Community](#create-community)
+    + [Get Site](#get-site)
      - [Request](#request-21)
      - [Response](#response-21)
      - [HTTP](#http-22)
-    + [List Communities](#list-communities)
+    + [Transfer Site](#transfer-site)
      - [Request](#request-22)
      - [Response](#response-22)
      - [HTTP](#http-23)
-    + [Ban from Community](#ban-from-community)
+    + [Get Site Config](#get-site-config)
      - [Request](#request-23)
      - [Response](#response-23)
      - [HTTP](#http-24)
-    + [Add Mod to Community](#add-mod-to-community)
+    + [Save Site Config](#save-site-config)
      - [Request](#request-24)
      - [Response](#response-24)
      - [HTTP](#http-25)
-    + [Edit Community](#edit-community)
+  * [Community](#community)
+    + [Get Community](#get-community)
      - [Request](#request-25)
      - [Response](#response-25)
      - [HTTP](#http-26)
-    + [Follow Community](#follow-community)
+    + [Create Community](#create-community)
      - [Request](#request-26)
      - [Response](#response-26)
      - [HTTP](#http-27)
-    + [Get Followed Communities](#get-followed-communities)
+    + [List Communities](#list-communities)
      - [Request](#request-27)
      - [Response](#response-27)
      - [HTTP](#http-28)
-    + [Transfer Community](#transfer-community)
+    + [Ban from Community](#ban-from-community)
      - [Request](#request-28)
      - [Response](#response-28)
      - [HTTP](#http-29)
-  * [Post](#post)
-    + [Create Post](#create-post)
+    + [Add Mod to Community](#add-mod-to-community)
      - [Request](#request-29)
      - [Response](#response-29)
      - [HTTP](#http-30)
-    + [Get Post](#get-post)
+    + [Edit Community](#edit-community)
      - [Request](#request-30)
      - [Response](#response-30)
      - [HTTP](#http-31)
-    + [Get Posts](#get-posts)
+    + [Delete Community](#delete-community)
      - [Request](#request-31)
      - [Response](#response-31)
      - [HTTP](#http-32)
-    + [Create Post Like](#create-post-like)
+    + [Remove Community](#remove-community)
      - [Request](#request-32)
      - [Response](#response-32)
      - [HTTP](#http-33)
-    + [Edit Post](#edit-post)
+    + [Follow Community](#follow-community)
      - [Request](#request-33)
      - [Response](#response-33)
      - [HTTP](#http-34)
-    + [Save Post](#save-post)
+    + [Get Followed Communities](#get-followed-communities)
      - [Request](#request-34)
      - [Response](#response-34)
      - [HTTP](#http-35)
-  * [Comment](#comment)
-    + [Create Comment](#create-comment)
+    + [Transfer Community](#transfer-community)
      - [Request](#request-35)
      - [Response](#response-35)
      - [HTTP](#http-36)
-    + [Edit Comment](#edit-comment)
+  * [Post](#post)
+    + [Create Post](#create-post)
      - [Request](#request-36)
      - [Response](#response-36)
      - [HTTP](#http-37)
-    + [Save Comment](#save-comment)
+    + [Get Post](#get-post)
      - [Request](#request-37)
      - [Response](#response-37)
      - [HTTP](#http-38)
-    + [Create Comment Like](#create-comment-like)
+    + [Get Posts](#get-posts)
      - [Request](#request-38)
      - [Response](#response-38)
      - [HTTP](#http-39)
+    + [Create Post Like](#create-post-like)
+      - [Request](#request-39)
+      - [Response](#response-39)
+      - [HTTP](#http-40)
+    + [Edit Post](#edit-post)
+      - [Request](#request-40)
+      - [Response](#response-40)
+      - [HTTP](#http-41)
+    + [Delete Post](#delete-post)
+      - [Request](#request-41)
+      - [Response](#response-41)
+      - [HTTP](#http-42)
+    + [Remove Post](#remove-post)
+      - [Request](#request-42)
+      - [Response](#response-42)
+      - [HTTP](#http-43)
+    + [Lock Post](#lock-post)
+      - [Request](#request-43)
+      - [Response](#response-43)
+      - [HTTP](#http-44)
+    + [Sticky Post](#sticky-post)
+      - [Request](#request-44)
+      - [Response](#response-44)
+      - [HTTP](#http-45)
+    + [Save Post](#save-post)
+      - [Request](#request-45)
+      - [Response](#response-45)
+      - [HTTP](#http-46)
+  * [Comment](#comment)
+    + [Create Comment](#create-comment)
+      - [Request](#request-46)
+      - [Response](#response-46)
+      - [HTTP](#http-47)
+    + [Edit Comment](#edit-comment)
+      - [Request](#request-47)
+      - [Response](#response-47)
+      - [HTTP](#http-48)
+    + [Delete Comment](#delete-comment)
+      - [Request](#request-48)
+      - [Response](#response-48)
+      - [HTTP](#http-49)
+    + [Remove Comment](#remove-comment)
+      - [Request](#request-49)
+      - [Response](#response-49)
+      - [HTTP](#http-50)
+    + [Mark Comment as Read](#mark-comment-as-read)
+      - [Request](#request-50)
+      - [Response](#response-50)
+      - [HTTP](#http-51)
+    + [Save Comment](#save-comment)
+      - [Request](#request-51)
+      - [Response](#response-51)
+      - [HTTP](#http-52)
+    + [Create Comment Like](#create-comment-like)
+      - [Request](#request-52)
+      - [Response](#response-52)
+      - [HTTP](#http-53)
  * [RSS / Atom feeds](#rss--atom-feeds)
    + [All](#all)
    + [Community](#community-1)
@ -281,6 +338,10 @@ These go wherever there is a `sort` field. The available sort types are:
 - `TopYear` - the most upvoted posts/communities of the current year.
 - `TopAll` - the most upvoted posts/communities on the current instance.

+### Undoing actions
+
+Whenever you see a `deleted: bool`, `removed: bool`, `read: bool`, `locked: bool`, etc, you can undo this action by sending `false`.
+
 ### Websocket vs HTTP

 - Below are the websocket JSON requests / responses. For HTTP, ignore all fields except those inside `data`.
@ -464,14 +525,17 @@ Only the first user will be able to be the admin.

 `GET /user/mentions`

-#### Edit User Mention
+#### Mark User Mention as read
+
+Only the recipient can do this.
+
 ##### Request
 ```rust
 {
-  op: "EditUserMention",
+  op: "MarkUserMentionAsRead",
  data: {
    user_mention_id: i32,
-    read: Option<bool>,
+    read: bool,
    auth: String,
  }
 }
@ -479,7 +543,7 @@ Only the first user will be able to be the admin.
 ##### Response
 ```rust
 {
-  op: "EditUserMention",
+  op: "MarkUserMentionAsRead",
  data: {
    mention: UserMentionView,
  }
@ -487,7 +551,141 @@ Only the first user will be able to be the admin.
 ```
 ##### HTTP

-`PUT /user/mention`
+`POST /user/mention/mark_as_read`
+
+#### Get Private Messages
+##### Request
+```rust
+{
+  op: "GetPrivateMessages",
+  data: {
+    unread_only: bool,
+    page: Option<i64>,
+    limit: Option<i64>,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "GetPrivateMessages",
+  data: {
+    messages: Vec<PrivateMessageView>,
+  }
+}
+```
+
+##### HTTP
+
+`GET /private_message/list`
+
+#### Create Private Message
+##### Request
+```rust
+{
+  op: "CreatePrivateMessage",
+  data: {
+    content: String,
+    recipient_id: i32,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "CreatePrivateMessage",
+  data: {
+    message: PrivateMessageView,
+  }
+}
+```
+
+##### HTTP
+
+`POST /private_message`
+
+#### Edit Private Message
+##### Request
+```rust
+{
+  op: "EditPrivateMessage",
+  data: {
+    edit_id: i32,
+    content: String,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "EditPrivateMessage",
+  data: {
+    message: PrivateMessageView,
+  }
+}
+```
+
+##### HTTP
+
+`PUT /private_message`
+
+#### Delete Private Message
+##### Request
+```rust
+{
+  op: "DeletePrivateMessage",
+  data: {
+    edit_id: i32,
+    deleted: bool,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "DeletePrivateMessage",
+  data: {
+    message: PrivateMessageView,
+  }
+}
+```
+
+##### HTTP
+
+`POST /private_message/delete`
+
+#### Mark Private Message as Read
+
+Only the recipient can do this.
+
+##### Request
+```rust
+{
+  op: "MarkPrivateMessageAsRead",
+  data: {
+    edit_id: i32,
+    read: bool,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "MarkPrivateMessageAsRead",
+  data: {
+    message: PrivateMessageView,
+  }
+}
+```
+
+##### HTTP
+
+`POST /private_message/mark_as_read`

 #### Mark All As Read

@ -856,7 +1054,6 @@ Search types are `All, Comments, Posts, Communities, Users, Url`
  data: {
    community: CommunityView,
    moderators: Vec<CommunityModeratorView>,
-    admins: Vec<UserView>,
  }
 }
 ```
@ -973,7 +1170,7 @@ Search types are `All, Comments, Posts, Communities, Users, Url`
 `POST /community/mod`

 #### Edit Community
-Mods and admins can remove and lock a community, creators can delete it.
+Only mods can edit a community.

 ##### Request
 ```rust
@ -984,10 +1181,6 @@ Mods and admins can remove and lock a community, creators can delete it.
    title: String,
    description: Option<String>,
    category_id: i32,
-    removed: Option<bool>,
-    deleted: Option<bool>,
-    reason: Option<String>,
-    expires: Option<i64>,
    auth: String
  }
 }
@ -1005,6 +1198,62 @@ Mods and admins can remove and lock a community, creators can delete it.

 `PUT /community`

+#### Delete Community
+Only a creator can delete a community
+
+##### Request
+```rust
+{
+  op: "DeleteCommunity",
+  data: {
+    edit_id: i32,
+    deleted: bool,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "DeleteCommunity",
+  data: {
+    community: CommunityView
+  }
+}
+```
+##### HTTP
+
+`POST /community/delete`
+
+#### Remove Community
+Only admins can remove a community.
+
+##### Request
+```rust
+{
+  op: "RemoveCommunity",
+  data: {
+    edit_id: i32,
+    removed: bool,
+    reason: Option<String>,
+    expires: Option<i64>,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "RemoveCommunity",
+  data: {
+    community: CommunityView
+  }
+}
+```
+##### HTTP
+
+`POST /community/remove`
+
 #### Follow Community
 ##### Request
 ```rust
@ -1090,8 +1339,9 @@ Mods and admins can remove and lock a community, creators can delete it.
    name: String,
    url: Option<String>,
    body: Option<String>,
+    nsfw: bool,
    community_id: i32,
-    auth: String
+    auth: String,
  }
 }
 ```
@ -1128,7 +1378,6 @@ Mods and admins can remove and lock a community, creators can delete it.
    comments: Vec<CommentView>,
    community: CommunityView,
    moderators: Vec<CommunityModeratorView>,
-    admins: Vec<UserView>,
  }
 }
 ```
@ -1197,25 +1446,17 @@ Post listing types are `All, Subscribed, Community`
 `POST /post/like`

 #### Edit Post
-
-Mods and admins can remove and lock a post, creators can delete it.
-
 ##### Request
 ```rust
 {
  op: "EditPost",
  data: {
    edit_id: i32,
-    creator_id: i32,
-    community_id: i32,
    name: String,
    url: Option<String>,
    body: Option<String>,
-    removed: Option<bool>,
-    deleted: Option<bool>,
-    locked: Option<bool>,
-    reason: Option<String>,
-    auth: String
+    nsfw: bool,
+    auth: String,
  }
 }
 ```
@ -1233,6 +1474,120 @@ Mods and admins can remove and lock a post, creators can delete it.

 `PUT /post`

+#### Delete Post
+##### Request
+```rust
+{
+  op: "DeletePost",
+  data: {
+    edit_id: i32,
+    deleted: bool,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "DeletePost",
+  data: {
+    post: PostView
+  }
+}
+```
+
+##### HTTP
+
+`POST /post/delete`
+
+#### Remove Post
+
+Only admins and mods can remove a post.
+
+##### Request
+```rust
+{
+  op: "RemovePost",
+  data: {
+    edit_id: i32,
+    removed: bool,
+    reason: Option<String>,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "RemovePost",
+  data: {
+    post: PostView
+  }
+}
+```
+
+##### HTTP
+
+`POST /post/remove`
+
+#### Lock Post
+
+Only admins and mods can lock a post.
+
+##### Request
+```rust
+{
+  op: "LockPost",
+  data: {
+    edit_id: i32,
+    locked: bool,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "LockPost",
+  data: {
+    post: PostView
+  }
+}
+```
+
+##### HTTP
+
+`POST /post/lock`
+
+#### Sticky Post
+
+Only admins and mods can sticky a post.
+
+##### Request
+```rust
+{
+  op: "StickyPost",
+  data: {
+    edit_id: i32,
+    stickied: bool,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "StickyPost",
+  data: {
+    post: PostView
+  }
+}
+```
+
+##### HTTP
+
+`POST /post/sticky`
+
 #### Save Post
 ##### Request
 ```rust
@ -1267,8 +1622,8 @@ Mods and admins can remove and lock a post, creators can delete it.
  data: {
    content: String,
    parent_id: Option<i32>,
-    edit_id: Option<i32>,
    post_id: i32,
+    form_id: Option<String>, // An optional form id, so you know which message came back
    auth: String
  }
 }
@ -1289,7 +1644,7 @@ Mods and admins can remove and lock a post, creators can delete it.

 #### Edit Comment

-Mods and admins can remove a comment, creators can delete it.
+Only the creator can edit the comment.

 ##### Request
 ```rust
@ -1297,15 +1652,9 @@ Mods and admins can remove a comment, creators can delete it.
  op: "EditComment",
  data: {
    content: String,
-    parent_id: Option<i32>,
    edit_id: i32,
-    creator_id: i32,
-    post_id: i32,
-    removed: Option<bool>,
-    deleted: Option<bool>,
-    reason: Option<String>,
-    read: Option<bool>,
-    auth: String
+    form_id: Option<String>,
+    auth: String,
  }
 }
 ```
@ -1322,6 +1671,92 @@ Mods and admins can remove a comment, creators can delete it.

 `PUT /comment`

+#### Delete Comment
+
+Only the creator can delete the comment.
+
+##### Request
+```rust
+{
+  op: "DeleteComment",
+  data: {
+    edit_id: i32,
+    deleted: bool,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "DeleteComment",
+  data: {
+    comment: CommentView
+  }
+}
+```
+##### HTTP
+
+`POST /comment/delete`
+
+
+#### Remove Comment
+
+Only a mod or admin can remove the comment.
+
+##### Request
+```rust
+{
+  op: "RemoveComment",
+  data: {
+    edit_id: i32,
+    removed: bool,
+    reason: Option<String>,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "RemoveComment",
+  data: {
+    comment: CommentView
+  }
+}
+```
+##### HTTP
+
+`POST /comment/remove`
+
+#### Mark Comment as Read
+
+Only the recipient can do this.
+
+##### Request
+```rust
+{
+  op: "MarkCommentAsRead",
+  data: {
+    edit_id: i32,
+    read: bool,
+    auth: String,
+  }
+}
+```
+##### Response
+```rust
+{
+  op: "MarkCommentAsRead",
+  data: {
+    comment: CommentView
+  }
+}
+```
+##### HTTP
+
+`POST /comment/mark_as_read`
+
 #### Save Comment
 ##### Request
 ```rust
@ -1357,7 +1792,6 @@ Mods and admins can remove a comment, creators can delete it.
  op: "CreateCommentLike",
  data: {
    comment_id: i32,
-    post_id: i32,
    score: i16,
    auth: String
  }
--- a/server/Cargo.lock
+++ b/server/Cargo.lock
@ -1559,7 +1559,9 @@ dependencies = [
 "bcrypt",
 "chrono",
 "diesel",
+ "lazy_static",
 "log",
+ "regex",
 "serde 1.0.114",
 "serde_json",
 "sha2",
--- a/server/lemmy_db/Cargo.toml
+++ b/server/lemmy_db/Cargo.toml
@ -13,4 +13,6 @@ strum_macros = "0.18.0"
 log = "0.4.0"
 sha2 = "0.9"
 bcrypt = "0.8.0"
-url = { version = "2.1.1", features = ["serde"] }
+url = { version = "2.1.1", features = ["serde"] }
+lazy_static = "1.3.0"
+regex = "1.3.5"
--- a/server/lemmy_db/src/comment.rs
+++ b/server/lemmy_db/src/comment.rs
@ -97,14 +97,6 @@ impl Comment {
    comment.filter(ap_id.eq(object_id)).first::<Self>(conn)
  }

-  pub fn mark_as_read(conn: &PgConnection, comment_id: i32) -> Result<Self, Error> {
-    use crate::schema::comment::dsl::*;
-
-    diesel::update(comment.find(comment_id))
-      .set(read.eq(true))
-      .get_result::<Self>(conn)
-  }
-
  pub fn permadelete(conn: &PgConnection, comment_id: i32) -> Result<Self, Error> {
    use crate::schema::comment::dsl::*;

@ -116,6 +108,46 @@ impl Comment {
      ))
      .get_result::<Self>(conn)
  }
+
+  pub fn update_deleted(
+    conn: &PgConnection,
+    comment_id: i32,
+    new_deleted: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::comment::dsl::*;
+    diesel::update(comment.find(comment_id))
+      .set(deleted.eq(new_deleted))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_removed(
+    conn: &PgConnection,
+    comment_id: i32,
+    new_removed: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::comment::dsl::*;
+    diesel::update(comment.find(comment_id))
+      .set(removed.eq(new_removed))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_read(conn: &PgConnection, comment_id: i32, new_read: bool) -> Result<Self, Error> {
+    use crate::schema::comment::dsl::*;
+    diesel::update(comment.find(comment_id))
+      .set(read.eq(new_read))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_content(
+    conn: &PgConnection,
+    comment_id: i32,
+    new_content: &str,
+  ) -> Result<Self, Error> {
+    use crate::schema::comment::dsl::*;
+    diesel::update(comment.find(comment_id))
+      .set((content.eq(new_content), updated.eq(naive_now())))
+      .get_result::<Self>(conn)
+  }
 }

 #[derive(Identifiable, Queryable, Associations, PartialEq, Debug, Clone)]
--- a/server/lemmy_db/src/community.rs
+++ b/server/lemmy_db/src/community.rs
@ -1,4 +1,5 @@
 use crate::{
+  naive_now,
  schema::{community, community_follower, community_moderator, community_user_ban},
  Bannable,
  Crud,
@ -29,7 +30,6 @@ pub struct Community {
  pub last_refreshed_at: chrono::NaiveDateTime,
 }

-// TODO add better delete, remove, lock actions here.
 #[derive(Insertable, AsChangeset, Clone, Serialize, Deserialize, Debug)]
 #[table_name = "community"]
 pub struct CommunityForm {
@ -99,6 +99,60 @@ impl Community {
    use crate::schema::community::dsl::*;
    community.filter(local.eq(true)).load::<Community>(conn)
  }
+
+  pub fn update_deleted(
+    conn: &PgConnection,
+    community_id: i32,
+    new_deleted: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::community::dsl::*;
+    diesel::update(community.find(community_id))
+      .set(deleted.eq(new_deleted))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_removed(
+    conn: &PgConnection,
+    community_id: i32,
+    new_removed: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::community::dsl::*;
+    diesel::update(community.find(community_id))
+      .set(removed.eq(new_removed))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_creator(
+    conn: &PgConnection,
+    community_id: i32,
+    new_creator_id: i32,
+  ) -> Result<Self, Error> {
+    use crate::schema::community::dsl::*;
+    diesel::update(community.find(community_id))
+      .set((creator_id.eq(new_creator_id), updated.eq(naive_now())))
+      .get_result::<Self>(conn)
+  }
+
+  fn community_mods_and_admins(
+    conn: &PgConnection,
+    community_id: i32,
+  ) -> Result<Vec<i32>, Error> {
+    use crate::{community_view::CommunityModeratorView, user_view::UserView};
+    let mut mods_and_admins: Vec<i32> = Vec::new();
+    mods_and_admins.append(
+      &mut CommunityModeratorView::for_community(conn, community_id)
+        .map(|v| v.into_iter().map(|m| m.user_id).collect())?,
+    );
+    mods_and_admins
+      .append(&mut UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())?);
+    Ok(mods_and_admins)
+  }
+
+  pub fn is_mod_or_admin(conn: &PgConnection, user_id: i32, community_id: i32) -> bool {
+    Self::community_mods_and_admins(conn, community_id)
+      .unwrap_or_default()
+      .contains(&user_id)
+  }
 }

 #[derive(Identifiable, Queryable, Associations, PartialEq, Debug)]
--- a/server/lemmy_db/src/community_view.rs
+++ b/server/lemmy_db/src/community_view.rs
@ -295,18 +295,18 @@ pub struct CommunityModeratorView {
 }

 impl CommunityModeratorView {
-  pub fn for_community(conn: &PgConnection, from_community_id: i32) -> Result<Vec<Self>, Error> {
+  pub fn for_community(conn: &PgConnection, for_community_id: i32) -> Result<Vec<Self>, Error> {
    use super::community_view::community_moderator_view::dsl::*;
    community_moderator_view
-      .filter(community_id.eq(from_community_id))
+      .filter(community_id.eq(for_community_id))
      .order_by(published)
      .load::<Self>(conn)
  }

-  pub fn for_user(conn: &PgConnection, from_user_id: i32) -> Result<Vec<Self>, Error> {
+  pub fn for_user(conn: &PgConnection, for_user_id: i32) -> Result<Vec<Self>, Error> {
    use super::community_view::community_moderator_view::dsl::*;
    community_moderator_view
-      .filter(user_id.eq(from_user_id))
+      .filter(user_id.eq(for_user_id))
      .order_by(published)
      .load::<Self>(conn)
  }
--- a/server/lemmy_db/src/lib.rs
+++ b/server/lemmy_db/src/lib.rs
@ -2,9 +2,12 @@
 pub extern crate diesel;
 #[macro_use]
 pub extern crate strum_macros;
+#[macro_use]
+pub extern crate lazy_static;
 pub extern crate bcrypt;
 pub extern crate chrono;
 pub extern crate log;
+pub extern crate regex;
 pub extern crate serde;
 pub extern crate serde_json;
 pub extern crate sha2;
@ -12,6 +15,7 @@ pub extern crate strum;

 use chrono::NaiveDateTime;
 use diesel::{dsl::*, result::Error, *};
+use regex::Regex;
 use serde::{Deserialize, Serialize};
 use std::{env, env::VarError};

@ -172,10 +176,19 @@ pub fn naive_now() -> NaiveDateTime {
  chrono::prelude::Utc::now().naive_utc()
 }

+pub fn is_email_regex(test: &str) -> bool {
+  EMAIL_REGEX.is_match(test)
+}
+
+lazy_static! {
+  static ref EMAIL_REGEX: Regex =
+    Regex::new(r"^[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$").unwrap();
+}
+
 #[cfg(test)]
 mod tests {
  use super::fuzzy_search;
-  use crate::get_database_url_from_env;
+  use crate::{get_database_url_from_env, is_email_regex};
  use diesel::{Connection, PgConnection};

  pub fn establish_unpooled_connection() -> PgConnection {
@ -194,4 +207,10 @@ mod tests {
    let test = "This is a fuzzy search";
    assert_eq!(fuzzy_search(test), "%This%is%a%fuzzy%search%".to_string());
  }
+
+  #[test]
+  fn test_email() {
+    assert!(is_email_regex("gush@gmail.com"));
+    assert!(!is_email_regex("nada_neutho"));
+  }
 }
--- a/server/lemmy_db/src/post.rs
+++ b/server/lemmy_db/src/post.rs
@ -108,6 +108,50 @@ impl Post {
      ))
      .get_result::<Self>(conn)
  }
+
+  pub fn update_deleted(
+    conn: &PgConnection,
+    post_id: i32,
+    new_deleted: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::post::dsl::*;
+    diesel::update(post.find(post_id))
+      .set(deleted.eq(new_deleted))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_removed(
+    conn: &PgConnection,
+    post_id: i32,
+    new_removed: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::post::dsl::*;
+    diesel::update(post.find(post_id))
+      .set(removed.eq(new_removed))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_locked(conn: &PgConnection, post_id: i32, new_locked: bool) -> Result<Self, Error> {
+    use crate::schema::post::dsl::*;
+    diesel::update(post.find(post_id))
+      .set(locked.eq(new_locked))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_stickied(
+    conn: &PgConnection,
+    post_id: i32,
+    new_stickied: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::post::dsl::*;
+    diesel::update(post.find(post_id))
+      .set(stickied.eq(new_stickied))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn is_post_creator(user_id: i32, post_creator_id: i32) -> bool {
+    user_id == post_creator_id
+  }
 }

 impl Crud<PostForm> for Post {
--- a/server/lemmy_db/src/private_message.rs
+++ b/server/lemmy_db/src/private_message.rs
@ -1,4 +1,4 @@
-use crate::{schema::private_message, Crud};
+use crate::{naive_now, schema::private_message, Crud};
 use diesel::{dsl::*, result::Error, *};
 use serde::{Deserialize, Serialize};

@ -80,6 +80,50 @@ impl PrivateMessage {
      .filter(ap_id.eq(object_id))
      .first::<Self>(conn)
  }
+
+  pub fn update_content(
+    conn: &PgConnection,
+    private_message_id: i32,
+    new_content: &str,
+  ) -> Result<Self, Error> {
+    use crate::schema::private_message::dsl::*;
+    diesel::update(private_message.find(private_message_id))
+      .set((content.eq(new_content), updated.eq(naive_now())))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_deleted(
+    conn: &PgConnection,
+    private_message_id: i32,
+    new_deleted: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::private_message::dsl::*;
+    diesel::update(private_message.find(private_message_id))
+      .set(deleted.eq(new_deleted))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn update_read(
+    conn: &PgConnection,
+    private_message_id: i32,
+    new_read: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::private_message::dsl::*;
+    diesel::update(private_message.find(private_message_id))
+      .set(read.eq(new_read))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn mark_all_as_read(conn: &PgConnection, for_recipient_id: i32) -> Result<Vec<Self>, Error> {
+    use crate::schema::private_message::dsl::*;
+    diesel::update(
+      private_message
+        .filter(recipient_id.eq(for_recipient_id))
+        .filter(read.eq(false)),
+    )
+    .set(read.eq(true))
+    .get_results::<Self>(conn)
+  }
 }

 #[cfg(test)]
@ -180,6 +224,10 @@ mod tests {
    let read_private_message = PrivateMessage::read(&conn, inserted_private_message.id).unwrap();
    let updated_private_message =
      PrivateMessage::update(&conn, inserted_private_message.id, &private_message_form).unwrap();
+    let deleted_private_message =
+      PrivateMessage::update_deleted(&conn, inserted_private_message.id, true).unwrap();
+    let marked_read_private_message =
+      PrivateMessage::update_read(&conn, inserted_private_message.id, true).unwrap();
    let num_deleted = PrivateMessage::delete(&conn, inserted_private_message.id).unwrap();
    User_::delete(&conn, inserted_creator.id).unwrap();
    User_::delete(&conn, inserted_recipient.id).unwrap();
@ -187,6 +235,8 @@ mod tests {
    assert_eq!(expected_private_message, read_private_message);
    assert_eq!(expected_private_message, updated_private_message);
    assert_eq!(expected_private_message, inserted_private_message);
+    assert!(deleted_private_message.deleted);
+    assert!(marked_read_private_message.read);
    assert_eq!(1, num_deleted);
  }
 }
--- a/server/lemmy_db/src/user.rs
+++ b/server/lemmy_db/src/user.rs
@ -1,4 +1,5 @@
 use crate::{
+  is_email_regex,
  naive_now,
  schema::{user_, user_::dsl::*},
  Crud,
@ -125,9 +126,18 @@ impl User_ {
    use crate::schema::user_::dsl::*;
    user_.filter(actor_id.eq(object_id)).first::<Self>(conn)
  }
-}

-impl User_ {
+  pub fn find_by_email_or_username(
+    conn: &PgConnection,
+    username_or_email: &str,
+  ) -> Result<Self, Error> {
+    if is_email_regex(username_or_email) {
+      Self::find_by_email(conn, username_or_email)
+    } else {
+      Self::find_by_username(conn, username_or_email)
+    }
+  }
+
  pub fn find_by_username(conn: &PgConnection, username: &str) -> Result<User_, Error> {
    user_.filter(name.eq(username)).first::<User_>(conn)
  }
--- a/server/lemmy_db/src/user_mention.rs
+++ b/server/lemmy_db/src/user_mention.rs
@ -52,6 +52,30 @@ impl Crud<UserMentionForm> for UserMention {
  }
 }

+impl UserMention {
+  pub fn update_read(
+    conn: &PgConnection,
+    user_mention_id: i32,
+    new_read: bool,
+  ) -> Result<Self, Error> {
+    use crate::schema::user_mention::dsl::*;
+    diesel::update(user_mention.find(user_mention_id))
+      .set(read.eq(new_read))
+      .get_result::<Self>(conn)
+  }
+
+  pub fn mark_all_as_read(conn: &PgConnection, for_recipient_id: i32) -> Result<Vec<Self>, Error> {
+    use crate::schema::user_mention::dsl::*;
+    diesel::update(
+      user_mention
+        .filter(recipient_id.eq(for_recipient_id))
+        .filter(read.eq(false)),
+    )
+    .set(read.eq(true))
+    .get_results::<Self>(conn)
+  }
+}
+
 #[cfg(test)]
 mod tests {
  use crate::{
--- a/server/lemmy_utils/Cargo.toml
+++ b/server/lemmy_utils/Cargo.toml
@ -19,4 +19,4 @@ serde_json = { version = "1.0.52", features = ["preserve_order"]}
 comrak = "0.7"
 lazy_static = "1.3.0"
 openssl = "0.10"
-url = { version = "2.1.1", features = ["serde"] }
+url = { version = "2.1.1", features = ["serde"] }
--- a/server/lemmy_utils/src/lib.rs
+++ b/server/lemmy_utils/src/lib.rs
@ -44,10 +44,6 @@ pub fn convert_datetime(datetime: NaiveDateTime) -> DateTime<FixedOffset> {
  DateTime::<FixedOffset>::from_utc(datetime, *now.offset())
 }

-pub fn is_email_regex(test: &str) -> bool {
-  EMAIL_REGEX.is_match(test)
-}
-
 pub fn remove_slurs(test: &str) -> String {
  SLUR_REGEX.replace_all(test, "*removed*").to_string()
 }
@ -165,7 +161,6 @@ pub fn is_valid_post_title(title: &str) -> bool {
 #[cfg(test)]
 mod tests {
  use crate::{
-    is_email_regex,
    is_valid_community_name,
    is_valid_post_title,
    is_valid_username,
@ -185,12 +180,6 @@ mod tests {
    assert_eq!(mentions[1].domain, "lemmy-alpha:8540".to_string());
  }

-  #[test]
-  fn test_email() {
-    assert!(is_email_regex("gush@gmail.com"));
-    assert!(!is_email_regex("nada_neutho"));
-  }
-
  #[test]
  fn test_valid_register_username() {
    assert!(is_valid_username("Hello_98"));
--- a/server/src/api/claims.rs
+++ b/server/src/api/claims.rs
@ -1,7 +1,7 @@
 use diesel::{result::Error, PgConnection};
 use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, TokenData, Validation};
 use lemmy_db::{user::User_, Crud};
-use lemmy_utils::{is_email_regex, settings::Settings};
+use lemmy_utils::settings::Settings;
 use serde::{Deserialize, Serialize};

 type Jwt = String;
@ -54,18 +54,6 @@ impl Claims {
    .unwrap()
  }

-  // TODO: move these into user?
-  pub fn find_by_email_or_username(
-    conn: &PgConnection,
-    username_or_email: &str,
-  ) -> Result<User_, Error> {
-    if is_email_regex(username_or_email) {
-      User_::find_by_email(conn, username_or_email)
-    } else {
-      User_::find_by_username(conn, username_or_email)
-    }
-  }
-
  pub fn find_by_jwt(conn: &PgConnection, jwt: &str) -> Result<User_, Error> {
    let claims: Claims = Claims::decode(&jwt).expect("Invalid token").claims;
    User_::read(&conn, claims.id)
--- a/server/src/api/comment.rs
+++ b/server/src/api/comment.rs
@ -1,5 +1,5 @@
 use crate::{
-  api::{claims::Claims, APIError, Oper, Perform},
+  api::{claims::Claims, is_mod_or_admin, APIError, Oper, Perform},
  apub::{ApubLikeableType, ApubObjectType},
  blocking,
  websocket::{
@ -15,12 +15,10 @@ use lemmy_db::{
  comment_view::*,
  community_view::*,
  moderator::*,
-  naive_now,
  post::*,
  site_view::*,
  user::*,
  user_mention::*,
-  user_view::*,
  Crud,
  Likeable,
  ListingType,
@ -44,22 +42,38 @@ use std::str::FromStr;
 pub struct CreateComment {
  content: String,
  parent_id: Option<i32>,
-  edit_id: Option<i32>, // TODO this isn't used
  pub post_id: i32,
+  form_id: Option<String>,
  auth: String,
 }

 #[derive(Serialize, Deserialize)]
 pub struct EditComment {
  content: String,
-  parent_id: Option<i32>, // TODO why are the parent_id, creator_id, post_id, etc fields required? They aren't going to change
  edit_id: i32,
-  creator_id: i32,
-  pub post_id: i32,
-  removed: Option<bool>,
-  deleted: Option<bool>,
+  form_id: Option<String>,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct DeleteComment {
+  edit_id: i32,
+  deleted: bool,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct RemoveComment {
+  edit_id: i32,
+  removed: bool,
  reason: Option<String>,
-  read: Option<bool>,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct MarkCommentAsRead {
+  edit_id: i32,
+  read: bool,
  auth: String,
 }

@ -74,12 +88,12 @@ pub struct SaveComment {
 pub struct CommentResponse {
  pub comment: CommentView,
  pub recipient_ids: Vec<i32>,
+  pub form_id: Option<String>,
 }

 #[derive(Serialize, Deserialize)]
 pub struct CreateCommentLike {
  comment_id: i32,
-  pub post_id: i32,
  score: i16,
  auth: String,
 }
@ -150,6 +164,12 @@ impl Perform for Oper<CreateComment> {
      return Err(APIError::err("site_ban").into());
    }

+    // Check if post is locked, no new comments
+    if post.locked {
+      return Err(APIError::err("locked").into());
+    }
+
+    // Create the comment
    let comment_form2 = comment_form.clone();
    let inserted_comment =
      match blocking(pool, move |conn| Comment::create(&conn, &comment_form2)).await? {
@ -157,6 +177,7 @@ impl Perform for Oper<CreateComment> {
        Err(_e) => return Err(APIError::err("couldnt_create_comment").into()),
      };

+    // Necessary to update the ap_id
    let inserted_comment_id = inserted_comment.id;
    let updated_comment: Comment = match blocking(pool, move |conn| {
      let apub_id =
@ -175,8 +196,15 @@ impl Perform for Oper<CreateComment> {

    // Scan the comment for user mentions, add those rows
    let mentions = scrape_text_for_mentions(&comment_form.content);
-    let recipient_ids =
-      send_local_notifs(mentions, updated_comment.clone(), user.clone(), post, pool).await?;
+    let recipient_ids = send_local_notifs(
+      mentions,
+      updated_comment.clone(),
+      user.clone(),
+      post,
+      pool,
+      true,
+    )
+    .await?;

    // You like your own comment by default
    let like_form = CommentLikeForm {
@ -201,6 +229,7 @@ impl Perform for Oper<CreateComment> {
    let mut res = CommentResponse {
      comment: comment_view,
      recipient_ids,
+      form_id: data.form_id.to_owned(),
    };

    if let Some(ws) = websocket_info {
@ -237,122 +266,34 @@ impl Perform for Oper<EditComment> {

    let user_id = claims.id;

-    let user = blocking(pool, move |conn| User_::read(&conn, user_id)).await??;
-
    let edit_id = data.edit_id;
    let orig_comment =
      blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??;

-    let mut editors: Vec<i32> = vec![orig_comment.creator_id];
-    let mut moderators: Vec<i32> = vec![];
-
-    let community_id = orig_comment.community_id;
-    moderators.append(
-      &mut blocking(pool, move |conn| {
-        CommunityModeratorView::for_community(&conn, community_id)
-          .map(|v| v.into_iter().map(|m| m.user_id).collect())
-      })
-      .await??,
-    );
-    moderators.append(
-      &mut blocking(pool, move |conn| {
-        UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())
-      })
-      .await??,
-    );
-
-    editors.extend(&moderators);
-    // You are allowed to mark the comment as read even if you're banned.
-    if data.read.is_none() {
-      // Verify its the creator or a mod, or an admin
-
-      if !editors.contains(&user_id) {
-        return Err(APIError::err("no_comment_edit_allowed").into());
-      }
-
-      // Check for a community ban
-      let community_id = orig_comment.community_id;
-      let is_banned =
-        move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
-      if blocking(pool, is_banned).await? {
-        return Err(APIError::err("community_ban").into());
-      }
-
-      // Check for a site ban
-      if user.banned {
-        return Err(APIError::err("site_ban").into());
-      }
-    } else {
-      // check that user can mark as read
-      let parent_id = orig_comment.parent_id;
-      match parent_id {
-        Some(pid) => {
-          let parent_comment =
-            blocking(pool, move |conn| CommentView::read(&conn, pid, None)).await??;
-          if user_id != parent_comment.creator_id {
-            return Err(APIError::err("no_comment_edit_allowed").into());
-          }
-        }
-        None => {
-          let parent_post_id = orig_comment.post_id;
-          let parent_post = blocking(pool, move |conn| Post::read(conn, parent_post_id)).await??;
-          if user_id != parent_post.creator_id {
-            return Err(APIError::err("no_comment_edit_allowed").into());
-          }
-        }
-      }
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
    }

+    // Check for a community ban
+    let community_id = orig_comment.community_id;
+    let is_banned =
+      move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
+    if blocking(pool, is_banned).await? {
+      return Err(APIError::err("community_ban").into());
+    }
+
+    // Verify that only the creator can edit
+    if user_id != orig_comment.creator_id {
+      return Err(APIError::err("no_comment_edit_allowed").into());
+    }
+
+    // Do the update
    let content_slurs_removed = remove_slurs(&data.content.to_owned());
-
    let edit_id = data.edit_id;
-    let read_comment = blocking(pool, move |conn| Comment::read(conn, edit_id)).await??;
-
-    let comment_form = {
-      if data.read.is_none() {
-        // the ban etc checks should been made and have passed
-        // the comment can be properly edited
-        let post_removed = if moderators.contains(&user_id) {
-          data.removed
-        } else {
-          Some(read_comment.removed)
-        };
-
-        CommentForm {
-          content: content_slurs_removed,
-          parent_id: read_comment.parent_id,
-          post_id: read_comment.post_id,
-          creator_id: read_comment.creator_id,
-          removed: post_removed.to_owned(),
-          deleted: data.deleted.to_owned(),
-          read: Some(read_comment.read),
-          published: None,
-          updated: Some(naive_now()),
-          ap_id: read_comment.ap_id,
-          local: read_comment.local,
-        }
-      } else {
-        // the only field that can be updated it the read field
-        CommentForm {
-          content: read_comment.content,
-          parent_id: read_comment.parent_id,
-          post_id: read_comment.post_id,
-          creator_id: read_comment.creator_id,
-          removed: Some(read_comment.removed).to_owned(),
-          deleted: Some(read_comment.deleted).to_owned(),
-          read: data.read.to_owned(),
-          published: None,
-          updated: orig_comment.updated,
-          ap_id: read_comment.ap_id,
-          local: read_comment.local,
-        }
-      }
-    };
-
-    let edit_id = data.edit_id;
-    let comment_form2 = comment_form.clone();
    let updated_comment = match blocking(pool, move |conn| {
-      Comment::update(conn, edit_id, &comment_form2)
+      Comment::update_content(conn, edit_id, &content_slurs_removed)
    })
    .await?
    {
@ -360,54 +301,19 @@ impl Perform for Oper<EditComment> {
      Err(_e) => return Err(APIError::err("couldnt_update_comment").into()),
    };

-    if data.read.is_none() {
-      if let Some(deleted) = data.deleted.to_owned() {
-        if deleted {
-          updated_comment
-            .send_delete(&user, &self.client, pool)
-            .await?;
-        } else {
-          updated_comment
-            .send_undo_delete(&user, &self.client, pool)
-            .await?;
-        }
-      } else if let Some(removed) = data.removed.to_owned() {
-        if moderators.contains(&user_id) {
-          if removed {
-            updated_comment
-              .send_remove(&user, &self.client, pool)
-              .await?;
-          } else {
-            updated_comment
-              .send_undo_remove(&user, &self.client, pool)
-              .await?;
-          }
-        }
-      } else {
-        updated_comment
-          .send_update(&user, &self.client, pool)
-          .await?;
-      }
+    // Send the apub update
+    updated_comment
+      .send_update(&user, &self.client, pool)
+      .await?;

-      // Mod tables
-      if moderators.contains(&user_id) {
-        if let Some(removed) = data.removed.to_owned() {
-          let form = ModRemoveCommentForm {
-            mod_user_id: user_id,
-            comment_id: data.edit_id,
-            removed: Some(removed),
-            reason: data.reason.to_owned(),
-          };
-          blocking(pool, move |conn| ModRemoveComment::create(conn, &form)).await??;
-        }
-      }
-    }
-
-    let post_id = data.post_id;
+    // Do the mentions / recipients
+    let post_id = orig_comment.post_id;
    let post = blocking(pool, move |conn| Post::read(conn, post_id)).await??;

-    let mentions = scrape_text_for_mentions(&comment_form.content);
-    let recipient_ids = send_local_notifs(mentions, updated_comment, user, post, pool).await?;
+    let updated_comment_content = updated_comment.content.to_owned();
+    let mentions = scrape_text_for_mentions(&updated_comment_content);
+    let recipient_ids =
+      send_local_notifs(mentions, updated_comment, user, post, pool, false).await?;

    let edit_id = data.edit_id;
    let comment_view = blocking(pool, move |conn| {
@ -418,6 +324,7 @@ impl Perform for Oper<EditComment> {
    let mut res = CommentResponse {
      comment: comment_view,
      recipient_ids,
+      form_id: data.form_id.to_owned(),
    };

    if let Some(ws) = websocket_info {
@ -436,6 +343,291 @@ impl Perform for Oper<EditComment> {
  }
 }

+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<DeleteComment> {
+  type Response = CommentResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<CommentResponse, LemmyError> {
+    let data: &DeleteComment = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    let edit_id = data.edit_id;
+    let orig_comment =
+      blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
+    }
+
+    // Check for a community ban
+    let community_id = orig_comment.community_id;
+    let is_banned =
+      move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
+    if blocking(pool, is_banned).await? {
+      return Err(APIError::err("community_ban").into());
+    }
+
+    // Verify that only the creator can delete
+    if user_id != orig_comment.creator_id {
+      return Err(APIError::err("no_comment_edit_allowed").into());
+    }
+
+    // Do the delete
+    let deleted = data.deleted;
+    let updated_comment = match blocking(pool, move |conn| {
+      Comment::update_deleted(conn, edit_id, deleted)
+    })
+    .await?
+    {
+      Ok(comment) => comment,
+      Err(_e) => return Err(APIError::err("couldnt_update_comment").into()),
+    };
+
+    // Send the apub message
+    if deleted {
+      updated_comment
+        .send_delete(&user, &self.client, pool)
+        .await?;
+    } else {
+      updated_comment
+        .send_undo_delete(&user, &self.client, pool)
+        .await?;
+    }
+
+    // Refetch it
+    let edit_id = data.edit_id;
+    let comment_view = blocking(pool, move |conn| {
+      CommentView::read(conn, edit_id, Some(user_id))
+    })
+    .await??;
+
+    // Build the recipients
+    let post_id = comment_view.post_id;
+    let post = blocking(pool, move |conn| Post::read(conn, post_id)).await??;
+    let mentions = vec![];
+    let recipient_ids =
+      send_local_notifs(mentions, updated_comment, user, post, pool, false).await?;
+
+    let mut res = CommentResponse {
+      comment: comment_view,
+      recipient_ids,
+      form_id: None,
+    };
+
+    if let Some(ws) = websocket_info {
+      ws.chatserver.do_send(SendComment {
+        op: UserOperation::DeleteComment,
+        comment: res.clone(),
+        my_id: ws.id,
+      });
+
+      // strip out the recipient_ids, so that
+      // users don't get double notifs
+      res.recipient_ids = Vec::new();
+    }
+
+    Ok(res)
+  }
+}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<RemoveComment> {
+  type Response = CommentResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<CommentResponse, LemmyError> {
+    let data: &RemoveComment = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    let edit_id = data.edit_id;
+    let orig_comment =
+      blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
+    }
+
+    // Check for a community ban
+    let community_id = orig_comment.community_id;
+    let is_banned =
+      move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
+    if blocking(pool, is_banned).await? {
+      return Err(APIError::err("community_ban").into());
+    }
+
+    // Verify that only a mod or admin can remove
+    is_mod_or_admin(pool, user_id, community_id).await?;
+
+    // Do the remove
+    let removed = data.removed;
+    let updated_comment = match blocking(pool, move |conn| {
+      Comment::update_removed(conn, edit_id, removed)
+    })
+    .await?
+    {
+      Ok(comment) => comment,
+      Err(_e) => return Err(APIError::err("couldnt_update_comment").into()),
+    };
+
+    // Mod tables
+    let form = ModRemoveCommentForm {
+      mod_user_id: user_id,
+      comment_id: data.edit_id,
+      removed: Some(removed),
+      reason: data.reason.to_owned(),
+    };
+    blocking(pool, move |conn| ModRemoveComment::create(conn, &form)).await??;
+
+    // Send the apub message
+    if removed {
+      updated_comment
+        .send_remove(&user, &self.client, pool)
+        .await?;
+    } else {
+      updated_comment
+        .send_undo_remove(&user, &self.client, pool)
+        .await?;
+    }
+
+    // Refetch it
+    let edit_id = data.edit_id;
+    let comment_view = blocking(pool, move |conn| {
+      CommentView::read(conn, edit_id, Some(user_id))
+    })
+    .await??;
+
+    // Build the recipients
+    let post_id = comment_view.post_id;
+    let post = blocking(pool, move |conn| Post::read(conn, post_id)).await??;
+    let mentions = vec![];
+    let recipient_ids =
+      send_local_notifs(mentions, updated_comment, user, post, pool, false).await?;
+
+    let mut res = CommentResponse {
+      comment: comment_view,
+      recipient_ids,
+      form_id: None,
+    };
+
+    if let Some(ws) = websocket_info {
+      ws.chatserver.do_send(SendComment {
+        op: UserOperation::RemoveComment,
+        comment: res.clone(),
+        my_id: ws.id,
+      });
+
+      // strip out the recipient_ids, so that
+      // users don't get double notifs
+      res.recipient_ids = Vec::new();
+    }
+
+    Ok(res)
+  }
+}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<MarkCommentAsRead> {
+  type Response = CommentResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    _websocket_info: Option<WebsocketInfo>,
+  ) -> Result<CommentResponse, LemmyError> {
+    let data: &MarkCommentAsRead = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    let edit_id = data.edit_id;
+    let orig_comment =
+      blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
+    }
+
+    // Check for a community ban
+    let community_id = orig_comment.community_id;
+    let is_banned =
+      move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
+    if blocking(pool, is_banned).await? {
+      return Err(APIError::err("community_ban").into());
+    }
+
+    // Verify that only the recipient can mark as read
+    // Needs to fetch the parent comment / post to get the recipient
+    let parent_id = orig_comment.parent_id;
+    match parent_id {
+      Some(pid) => {
+        let parent_comment =
+          blocking(pool, move |conn| CommentView::read(&conn, pid, None)).await??;
+        if user_id != parent_comment.creator_id {
+          return Err(APIError::err("no_comment_edit_allowed").into());
+        }
+      }
+      None => {
+        let parent_post_id = orig_comment.post_id;
+        let parent_post = blocking(pool, move |conn| Post::read(conn, parent_post_id)).await??;
+        if user_id != parent_post.creator_id {
+          return Err(APIError::err("no_comment_edit_allowed").into());
+        }
+      }
+    }
+
+    // Do the mark as read
+    let read = data.read;
+    match blocking(pool, move |conn| Comment::update_read(conn, edit_id, read)).await? {
+      Ok(comment) => comment,
+      Err(_e) => return Err(APIError::err("couldnt_update_comment").into()),
+    };
+
+    // Refetch it
+    let edit_id = data.edit_id;
+    let comment_view = blocking(pool, move |conn| {
+      CommentView::read(conn, edit_id, Some(user_id))
+    })
+    .await??;
+
+    let res = CommentResponse {
+      comment: comment_view,
+      recipient_ids: Vec::new(),
+      form_id: None,
+    };
+
+    Ok(res)
+  }
+}
+
 #[async_trait::async_trait(?Send)]
 impl Perform for Oper<SaveComment> {
  type Response = CommentResponse;
@ -480,6 +672,7 @@ impl Perform for Oper<SaveComment> {
    Ok(CommentResponse {
      comment: comment_view,
      recipient_ids: Vec::new(),
+      form_id: None,
    })
  }
 }
@ -512,8 +705,12 @@ impl Perform for Oper<CreateCommentLike> {
      }
    }

+    let comment_id = data.comment_id;
+    let orig_comment =
+      blocking(pool, move |conn| CommentView::read(&conn, comment_id, None)).await??;
+
    // Check for a community ban
-    let post_id = data.post_id;
+    let post_id = orig_comment.post_id;
    let post = blocking(pool, move |conn| Post::read(conn, post_id)).await??;
    let community_id = post.community_id;
    let is_banned =
@ -550,7 +747,7 @@ impl Perform for Oper<CreateCommentLike> {

    let like_form = CommentLikeForm {
      comment_id: data.comment_id,
-      post_id: data.post_id,
+      post_id,
      user_id,
      score: data.score,
    };
@ -587,6 +784,7 @@ impl Perform for Oper<CreateCommentLike> {
    let mut res = CommentResponse {
      comment: liked_comment,
      recipient_ids,
+      form_id: None,
    };

    if let Some(ws) = websocket_info {
@ -675,9 +873,10 @@ pub async fn send_local_notifs(
  user: User_,
  post: Post,
  pool: &DbPool,
+  do_send_email: bool,
 ) -> Result<Vec<i32>, LemmyError> {
  let ids = blocking(pool, move |conn| {
-    do_send_local_notifs(conn, &mentions, &comment, &user, &post)
+    do_send_local_notifs(conn, &mentions, &comment, &user, &post, do_send_email)
  })
  .await?;

@ -690,6 +889,7 @@ fn do_send_local_notifs(
  comment: &Comment,
  user: &User_,
  post: &Post,
+  do_send_email: bool,
 ) -> Vec<i32> {
  let mut recipient_ids = Vec::new();
  let hostname = &format!("https://{}", Settings::get().hostname);
@ -720,7 +920,7 @@ fn do_send_local_notifs(
      };

      // Send an email to those users that have notifications on
-      if mention_user.send_notifications_to_email {
+      if do_send_email && mention_user.send_notifications_to_email {
        if let Some(mention_email) = mention_user.email {
          let subject = &format!("{} - Mentioned by {}", Settings::get().hostname, user.name,);
          let html = &format!(
@ -744,7 +944,7 @@ fn do_send_local_notifs(
          if let Ok(parent_user) = User_::read(&conn, parent_comment.creator_id) {
            recipient_ids.push(parent_user.id);

-            if parent_user.send_notifications_to_email {
+            if do_send_email && parent_user.send_notifications_to_email {
              if let Some(comment_reply_email) = parent_user.email {
                let subject = &format!("{} - Reply from {}", Settings::get().hostname, user.name,);
                let html = &format!(
@ -767,7 +967,7 @@ fn do_send_local_notifs(
        if let Ok(parent_user) = User_::read(&conn, post.creator_id) {
          recipient_ids.push(parent_user.id);

-          if parent_user.send_notifications_to_email {
+          if do_send_email && parent_user.send_notifications_to_email {
            if let Some(post_reply_email) = parent_user.email {
              let subject = &format!("{} - Reply from {}", Settings::get().hostname, user.name,);
              let html = &format!(
--- a/server/src/api/community.rs
+++ b/server/src/api/community.rs
@ -1,6 +1,6 @@
 use super::*;
 use crate::{
-  api::{claims::Claims, APIError, Oper, Perform},
+  api::{claims::Claims, is_admin, is_mod_or_admin, APIError, Oper, Perform},
  apub::ActorType,
  blocking,
  websocket::{
@ -34,7 +34,6 @@ pub struct GetCommunity {
 pub struct GetCommunityResponse {
  pub community: CommunityView,
  pub moderators: Vec<CommunityModeratorView>,
-  pub admins: Vec<UserView>,
  pub online: usize,
 }

@ -101,9 +100,21 @@ pub struct EditCommunity {
  title: String,
  description: Option<String>,
  category_id: i32,
-  removed: Option<bool>,
-  deleted: Option<bool>,
  nsfw: bool,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct DeleteCommunity {
+  pub edit_id: i32,
+  deleted: bool,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct RemoveCommunity {
+  pub edit_id: i32,
+  removed: bool,
  reason: Option<String>,
  expires: Option<i64>,
  auth: String,
@ -184,13 +195,6 @@ impl Perform for Oper<GetCommunity> {
      Err(_e) => return Err(APIError::err("couldnt_find_community").into()),
    };

-    let site = blocking(pool, move |conn| Site::read(conn, 1)).await??;
-    let site_creator_id = site.creator_id;
-    let mut admins = blocking(pool, move |conn| UserView::admins(conn)).await??;
-    let creator_index = admins.iter().position(|r| r.id == site_creator_id).unwrap();
-    let creator_user = admins.remove(creator_index);
-    admins.insert(0, creator_user);
-
    let online = if let Some(ws) = websocket_info {
      if let Some(id) = ws.id {
        ws.chatserver.do_send(JoinCommunityRoom {
@ -212,7 +216,6 @@ impl Perform for Oper<GetCommunity> {
    let res = GetCommunityResponse {
      community: community_view,
      moderators,
-      admins,
      online,
    };

@ -366,24 +369,15 @@ impl Perform for Oper<EditCommunity> {
      return Err(APIError::err("site_ban").into());
    }

-    // Verify its a mod
+    // Verify its a mod (only mods can edit it)
    let edit_id = data.edit_id;
-    let mut editors: Vec<i32> = Vec::new();
-    editors.append(
-      &mut blocking(pool, move |conn| {
-        CommunityModeratorView::for_community(conn, edit_id)
-          .map(|v| v.into_iter().map(|m| m.user_id).collect())
-      })
-      .await??,
-    );
-    editors.append(
-      &mut blocking(pool, move |conn| {
-        UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())
-      })
-      .await??,
-    );
-    if !editors.contains(&user_id) {
-      return Err(APIError::err("no_community_edit_allowed").into());
+    let mods: Vec<i32> = blocking(pool, move |conn| {
+      CommunityModeratorView::for_community(conn, edit_id)
+        .map(|v| v.into_iter().map(|m| m.user_id).collect())
+    })
+    .await??;
+    if !mods.contains(&user_id) {
+      return Err(APIError::err("not_a_moderator").into());
    }

    let edit_id = data.edit_id;
@ -395,8 +389,8 @@ impl Perform for Oper<EditCommunity> {
      description: data.description.to_owned(),
      category_id: data.category_id.to_owned(),
      creator_id: read_community.creator_id,
-      removed: data.removed.to_owned(),
-      deleted: data.deleted.to_owned(),
+      removed: Some(read_community.removed),
+      deleted: Some(read_community.deleted),
      nsfw: data.nsfw,
      updated: Some(naive_now()),
      actor_id: read_community.actor_id,
@ -408,7 +402,7 @@ impl Perform for Oper<EditCommunity> {
    };

    let edit_id = data.edit_id;
-    let updated_community = match blocking(pool, move |conn| {
+    match blocking(pool, move |conn| {
      Community::update(conn, edit_id, &community_form)
    })
    .await?
@ -417,42 +411,77 @@ impl Perform for Oper<EditCommunity> {
      Err(_e) => return Err(APIError::err("couldnt_update_community").into()),
    };

-    // Mod tables
-    if let Some(removed) = data.removed.to_owned() {
-      let expires = match data.expires {
-        Some(time) => Some(naive_from_unix(time)),
-        None => None,
-      };
-      let form = ModRemoveCommunityForm {
-        mod_user_id: user_id,
-        community_id: data.edit_id,
-        removed: Some(removed),
-        reason: data.reason.to_owned(),
-        expires,
-      };
-      blocking(pool, move |conn| ModRemoveCommunity::create(conn, &form)).await??;
+    // TODO there needs to be some kind of an apub update
+    // process for communities and users
+
+    let edit_id = data.edit_id;
+    let community_view = blocking(pool, move |conn| {
+      CommunityView::read(conn, edit_id, Some(user_id))
+    })
+    .await??;
+
+    let res = CommunityResponse {
+      community: community_view,
+    };
+
+    send_community_websocket(&res, websocket_info, UserOperation::EditCommunity);
+
+    Ok(res)
+  }
+}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<DeleteCommunity> {
+  type Response = CommunityResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<CommunityResponse, LemmyError> {
+    let data: &DeleteCommunity = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
    }

-    if let Some(deleted) = data.deleted.to_owned() {
-      if deleted {
-        updated_community
-          .send_delete(&user, &self.client, pool)
-          .await?;
-      } else {
-        updated_community
-          .send_undo_delete(&user, &self.client, pool)
-          .await?;
-      }
-    } else if let Some(removed) = data.removed.to_owned() {
-      if removed {
-        updated_community
-          .send_remove(&user, &self.client, pool)
-          .await?;
-      } else {
-        updated_community
-          .send_undo_remove(&user, &self.client, pool)
-          .await?;
-      }
+    // Verify its the creator (only a creator can delete the community)
+    let edit_id = data.edit_id;
+    let read_community = blocking(pool, move |conn| Community::read(conn, edit_id)).await??;
+    if read_community.creator_id != user_id {
+      return Err(APIError::err("no_community_edit_allowed").into());
+    }
+
+    // Do the delete
+    let edit_id = data.edit_id;
+    let deleted = data.deleted;
+    let updated_community = match blocking(pool, move |conn| {
+      Community::update_deleted(conn, edit_id, deleted)
+    })
+    .await?
+    {
+      Ok(community) => community,
+      Err(_e) => return Err(APIError::err("couldnt_update_community").into()),
+    };
+
+    // Send apub messages
+    if deleted {
+      updated_community
+        .send_delete(&user, &self.client, pool)
+        .await?;
+    } else {
+      updated_community
+        .send_undo_delete(&user, &self.client, pool)
+        .await?;
    }

    let edit_id = data.edit_id;
@ -465,20 +494,88 @@ impl Perform for Oper<EditCommunity> {
      community: community_view,
    };

-    if let Some(ws) = websocket_info {
-      // Strip out the user id and subscribed when sending to others
-      let mut res_sent = res.clone();
-      res_sent.community.user_id = None;
-      res_sent.community.subscribed = None;
+    send_community_websocket(&res, websocket_info, UserOperation::DeleteCommunity);

-      ws.chatserver.do_send(SendCommunityRoomMessage {
-        op: UserOperation::EditCommunity,
-        response: res_sent,
-        community_id: data.edit_id,
-        my_id: ws.id,
-      });
+    Ok(res)
+  }
+}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<RemoveCommunity> {
+  type Response = CommunityResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<CommunityResponse, LemmyError> {
+    let data: &RemoveCommunity = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
    }

+    // Verify its an admin (only an admin can remove a community)
+    is_admin(pool, user_id).await?;
+
+    // Do the remove
+    let edit_id = data.edit_id;
+    let removed = data.removed;
+    let updated_community = match blocking(pool, move |conn| {
+      Community::update_removed(conn, edit_id, removed)
+    })
+    .await?
+    {
+      Ok(community) => community,
+      Err(_e) => return Err(APIError::err("couldnt_update_community").into()),
+    };
+
+    // Mod tables
+    let expires = match data.expires {
+      Some(time) => Some(naive_from_unix(time)),
+      None => None,
+    };
+    let form = ModRemoveCommunityForm {
+      mod_user_id: user_id,
+      community_id: data.edit_id,
+      removed: Some(removed),
+      reason: data.reason.to_owned(),
+      expires,
+    };
+    blocking(pool, move |conn| ModRemoveCommunity::create(conn, &form)).await??;
+
+    // Apub messages
+    if removed {
+      updated_community
+        .send_remove(&user, &self.client, pool)
+        .await?;
+    } else {
+      updated_community
+        .send_undo_remove(&user, &self.client, pool)
+        .await?;
+    }
+
+    let edit_id = data.edit_id;
+    let community_view = blocking(pool, move |conn| {
+      CommunityView::read(conn, edit_id, Some(user_id))
+    })
+    .await??;
+
+    let res = CommunityResponse {
+      community: community_view,
+    };
+
+    send_community_websocket(&res, websocket_info, UserOperation::RemoveCommunity);
+
    Ok(res)
  }
 }
@ -654,27 +751,10 @@ impl Perform for Oper<BanFromCommunity> {

    let user_id = claims.id;

-    let mut community_moderators: Vec<i32> = vec![];
-
    let community_id = data.community_id;

-    community_moderators.append(
-      &mut blocking(pool, move |conn| {
-        CommunityModeratorView::for_community(&conn, community_id)
-          .map(|v| v.into_iter().map(|m| m.user_id).collect())
-      })
-      .await??,
-    );
-    community_moderators.append(
-      &mut blocking(pool, move |conn| {
-        UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())
-      })
-      .await??,
-    );
-
-    if !community_moderators.contains(&user_id) {
-      return Err(APIError::err("couldnt_update_community").into());
-    }
+    // Verify that only mods or admins can ban
+    is_mod_or_admin(pool, user_id, community_id).await?;

    let community_user_ban_form = CommunityUserBanForm {
      community_id: data.community_id,
@ -694,6 +774,7 @@ impl Perform for Oper<BanFromCommunity> {
    }

    // Mod tables
+    // TODO eventually do correct expires
    let expires = match data.expires {
      Some(time) => Some(naive_from_unix(time)),
      None => None,
@ -753,27 +834,10 @@ impl Perform for Oper<AddModToCommunity> {
      user_id: data.user_id,
    };

-    let mut community_moderators: Vec<i32> = vec![];
-
    let community_id = data.community_id;

-    community_moderators.append(
-      &mut blocking(pool, move |conn| {
-        CommunityModeratorView::for_community(&conn, community_id)
-          .map(|v| v.into_iter().map(|m| m.user_id).collect())
-      })
-      .await??,
-    );
-    community_moderators.append(
-      &mut blocking(pool, move |conn| {
-        UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())
-      })
-      .await??,
-    );
-
-    if !community_moderators.contains(&user_id) {
-      return Err(APIError::err("couldnt_update_community").into());
-    }
+    // Verify that only mods or admins can add mod
+    is_mod_or_admin(pool, user_id, community_id).await?;

    if data.added {
      let join = move |conn: &'_ _| CommunityModerator::join(conn, &community_moderator_form);
@ -852,26 +916,9 @@ impl Perform for Oper<TransferCommunity> {
      return Err(APIError::err("not_an_admin").into());
    }

-    let community_form = CommunityForm {
-      name: read_community.name,
-      title: read_community.title,
-      description: read_community.description,
-      category_id: read_community.category_id,
-      creator_id: data.user_id, // This makes the new user the community creator
-      removed: None,
-      deleted: None,
-      nsfw: read_community.nsfw,
-      updated: Some(naive_now()),
-      actor_id: read_community.actor_id,
-      local: read_community.local,
-      private_key: read_community.private_key,
-      public_key: read_community.public_key,
-      last_refreshed_at: None,
-      published: None,
-    };
-
    let community_id = data.community_id;
-    let update = move |conn: &'_ _| Community::update(conn, community_id, &community_form);
+    let new_creator = data.user_id;
+    let update = move |conn: &'_ _| Community::update_creator(conn, community_id, new_creator);
    if blocking(pool, update).await?.is_err() {
      return Err(APIError::err("couldnt_update_community").into());
    };
@ -941,8 +988,27 @@ impl Perform for Oper<TransferCommunity> {
    Ok(GetCommunityResponse {
      community: community_view,
      moderators,
-      admins,
      online: 0,
    })
  }
 }
+
+pub fn send_community_websocket(
+  res: &CommunityResponse,
+  websocket_info: Option<WebsocketInfo>,
+  op: UserOperation,
+) {
+  if let Some(ws) = websocket_info {
+    // Strip out the user id and subscribed when sending to others
+    let mut res_sent = res.clone();
+    res_sent.community.user_id = None;
+    res_sent.community.subscribed = None;
+
+    ws.chatserver.do_send(SendCommunityRoomMessage {
+      op,
+      response: res_sent,
+      community_id: res.community.id,
+      my_id: ws.id,
+    });
+  }
+}
--- a/server/src/api/mod.rs
+++ b/server/src/api/mod.rs
@ -1,6 +1,14 @@
-use crate::{websocket::WebsocketInfo, DbPool, LemmyError};
+use crate::{blocking, websocket::WebsocketInfo, DbPool, LemmyError};
 use actix_web::client::Client;
-use lemmy_db::{community::*, community_view::*, moderator::*, site::*, user::*, user_view::*};
+use lemmy_db::{
+  community::*,
+  community_view::*,
+  moderator::*,
+  site::*,
+  user::*,
+  user_view::*,
+  Crud,
+};

 pub mod claims;
 pub mod comment;
@ -44,3 +52,25 @@ pub trait Perform {
    websocket_info: Option<WebsocketInfo>,
  ) -> Result<Self::Response, LemmyError>;
 }
+
+pub async fn is_mod_or_admin(
+  pool: &DbPool,
+  user_id: i32,
+  community_id: i32,
+) -> Result<(), LemmyError> {
+  let is_mod_or_admin = blocking(pool, move |conn| {
+    Community::is_mod_or_admin(conn, user_id, community_id)
+  })
+  .await?;
+  if !is_mod_or_admin {
+    return Err(APIError::err("not_an_admin").into());
+  }
+  Ok(())
+}
+pub async fn is_admin(pool: &DbPool, user_id: i32) -> Result<(), LemmyError> {
+  let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+  if !user.admin {
+    return Err(APIError::err("not_an_admin").into());
+  }
+  Ok(())
+}
--- a/server/src/api/post.rs
+++ b/server/src/api/post.rs
@ -1,5 +1,5 @@
 use crate::{
-  api::{claims::Claims, APIError, Oper, Perform},
+  api::{claims::Claims, is_mod_or_admin, APIError, Oper, Perform},
  apub::{ApubLikeableType, ApubObjectType},
  blocking,
  fetch_iframely_and_pictrs_data,
@ -18,10 +18,8 @@ use lemmy_db::{
  naive_now,
  post::*,
  post_view::*,
-  site::*,
  site_view::*,
  user::*,
-  user_view::*,
  Crud,
  Likeable,
  ListingType,
@ -66,7 +64,6 @@ pub struct GetPostResponse {
  comments: Vec<CommentView>,
  community: CommunityView,
  moderators: Vec<CommunityModeratorView>,
-  admins: Vec<UserView>,
  pub online: usize,
 }

@ -96,20 +93,42 @@ pub struct CreatePostLike {
 #[derive(Serialize, Deserialize)]
 pub struct EditPost {
  pub edit_id: i32,
-  creator_id: i32,
-  community_id: i32,
  name: String,
  url: Option<String>,
  body: Option<String>,
-  removed: Option<bool>,
-  deleted: Option<bool>,
  nsfw: bool,
-  locked: Option<bool>,
-  stickied: Option<bool>,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct DeletePost {
+  pub edit_id: i32,
+  deleted: bool,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct RemovePost {
+  pub edit_id: i32,
+  removed: bool,
  reason: Option<String>,
  auth: String,
 }

+#[derive(Serialize, Deserialize)]
+pub struct LockPost {
+  pub edit_id: i32,
+  locked: bool,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct StickyPost {
+  pub edit_id: i32,
+  stickied: bool,
+  auth: String,
+}
+
 #[derive(Serialize, Deserialize)]
 pub struct SavePost {
  post_id: i32,
@ -311,14 +330,6 @@ impl Perform for Oper<GetPost> {
    })
    .await??;

-    let site_creator_id =
-      blocking(pool, move |conn| Site::read(conn, 1).map(|s| s.creator_id)).await??;
-
-    let mut admins = blocking(pool, move |conn| UserView::admins(conn)).await??;
-    let creator_index = admins.iter().position(|r| r.id == site_creator_id).unwrap();
-    let creator_user = admins.remove(creator_index);
-    admins.insert(0, creator_user);
-
    let online = if let Some(ws) = websocket_info {
      if let Some(id) = ws.id {
        ws.chatserver.do_send(JoinPostRoom {
@ -343,7 +354,6 @@ impl Perform for Oper<GetPost> {
      comments,
      community,
      moderators,
-      admins,
      online,
    })
  }
@ -549,35 +559,10 @@ impl Perform for Oper<EditPost> {
    let user_id = claims.id;

    let edit_id = data.edit_id;
-    let read_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
-
-    // Verify its the creator or a mod or admin
-    let community_id = read_post.community_id;
-    let mut editors: Vec<i32> = vec![read_post.creator_id];
-    let mut moderators: Vec<i32> = vec![];
-
-    moderators.append(
-      &mut blocking(pool, move |conn| {
-        CommunityModeratorView::for_community(conn, community_id)
-          .map(|v| v.into_iter().map(|m| m.user_id).collect())
-      })
-      .await??,
-    );
-    moderators.append(
-      &mut blocking(pool, move |conn| {
-        UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())
-      })
-      .await??,
-    );
-
-    editors.extend(&moderators);
-
-    if !editors.contains(&user_id) {
-      return Err(APIError::err("no_post_edit_allowed").into());
-    }
+    let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;

    // Check for a community ban
-    let community_id = read_post.community_id;
+    let community_id = orig_post.community_id;
    let is_banned =
      move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
    if blocking(pool, is_banned).await? {
@ -590,55 +575,34 @@ impl Perform for Oper<EditPost> {
      return Err(APIError::err("site_ban").into());
    }

+    // Verify that only the creator can edit
+    if !Post::is_post_creator(user_id, orig_post.creator_id) {
+      return Err(APIError::err("no_post_edit_allowed").into());
+    }
+
    // Fetch Iframely and Pictrs cached image
    let (iframely_title, iframely_description, iframely_html, pictrs_thumbnail) =
      fetch_iframely_and_pictrs_data(&self.client, data.url.to_owned()).await;

-    let post_form = {
-      // only modify some properties if they are a moderator
-      if moderators.contains(&user_id) {
-        PostForm {
-          name: data.name.trim().to_owned(),
-          url: data.url.to_owned(),
-          body: data.body.to_owned(),
-          creator_id: read_post.creator_id.to_owned(),
-          community_id: read_post.community_id,
-          removed: data.removed.to_owned(),
-          deleted: data.deleted.to_owned(),
-          nsfw: data.nsfw,
-          locked: data.locked.to_owned(),
-          stickied: data.stickied.to_owned(),
-          updated: Some(naive_now()),
-          embed_title: iframely_title,
-          embed_description: iframely_description,
-          embed_html: iframely_html,
-          thumbnail_url: pictrs_thumbnail,
-          ap_id: read_post.ap_id,
-          local: read_post.local,
-          published: None,
-        }
-      } else {
-        PostForm {
-          name: read_post.name.trim().to_owned(),
-          url: data.url.to_owned(),
-          body: data.body.to_owned(),
-          creator_id: read_post.creator_id.to_owned(),
-          community_id: read_post.community_id,
-          removed: Some(read_post.removed),
-          deleted: data.deleted.to_owned(),
-          nsfw: data.nsfw,
-          locked: Some(read_post.locked),
-          stickied: Some(read_post.stickied),
-          updated: Some(naive_now()),
-          embed_title: iframely_title,
-          embed_description: iframely_description,
-          embed_html: iframely_html,
-          thumbnail_url: pictrs_thumbnail,
-          ap_id: read_post.ap_id,
-          local: read_post.local,
-          published: None,
-        }
-      }
+    let post_form = PostForm {
+      name: data.name.trim().to_owned(),
+      url: data.url.to_owned(),
+      body: data.body.to_owned(),
+      nsfw: data.nsfw,
+      creator_id: orig_post.creator_id.to_owned(),
+      community_id: orig_post.community_id,
+      removed: Some(orig_post.removed),
+      deleted: Some(orig_post.deleted),
+      locked: Some(orig_post.locked),
+      stickied: Some(orig_post.stickied),
+      updated: Some(naive_now()),
+      embed_title: iframely_title,
+      embed_description: iframely_description,
+      embed_html: iframely_html,
+      thumbnail_url: pictrs_thumbnail,
+      ap_id: orig_post.ap_id,
+      local: orig_post.local,
+      published: None,
    };

    let edit_id = data.edit_id;
@ -656,58 +620,8 @@ impl Perform for Oper<EditPost> {
      }
    };

-    if moderators.contains(&user_id) {
-      // Mod tables
-      if let Some(removed) = data.removed.to_owned() {
-        let form = ModRemovePostForm {
-          mod_user_id: user_id,
-          post_id: data.edit_id,
-          removed: Some(removed),
-          reason: data.reason.to_owned(),
-        };
-        blocking(pool, move |conn| ModRemovePost::create(conn, &form)).await??;
-      }
-
-      if let Some(locked) = data.locked.to_owned() {
-        let form = ModLockPostForm {
-          mod_user_id: user_id,
-          post_id: data.edit_id,
-          locked: Some(locked),
-        };
-        blocking(pool, move |conn| ModLockPost::create(conn, &form)).await??;
-      }
-
-      if let Some(stickied) = data.stickied.to_owned() {
-        let form = ModStickyPostForm {
-          mod_user_id: user_id,
-          post_id: data.edit_id,
-          stickied: Some(stickied),
-        };
-        blocking(pool, move |conn| ModStickyPost::create(conn, &form)).await??;
-      }
-    }
-
-    if let Some(deleted) = data.deleted.to_owned() {
-      if deleted {
-        updated_post.send_delete(&user, &self.client, pool).await?;
-      } else {
-        updated_post
-          .send_undo_delete(&user, &self.client, pool)
-          .await?;
-      }
-    } else if let Some(removed) = data.removed.to_owned() {
-      if moderators.contains(&user_id) {
-        if removed {
-          updated_post.send_remove(&user, &self.client, pool).await?;
-        } else {
-          updated_post
-            .send_undo_remove(&user, &self.client, pool)
-            .await?;
-        }
-      }
-    } else {
-      updated_post.send_update(&user, &self.client, pool).await?;
-    }
+    // Send apub update
+    updated_post.send_update(&user, &self.client, pool).await?;

    let edit_id = data.edit_id;
    let post_view = blocking(pool, move |conn| {
@ -729,6 +643,324 @@ impl Perform for Oper<EditPost> {
  }
 }

+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<DeletePost> {
+  type Response = PostResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<PostResponse, LemmyError> {
+    let data: &DeletePost = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    let edit_id = data.edit_id;
+    let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
+    }
+
+    // Check for a community ban
+    let community_id = orig_post.community_id;
+    let is_banned =
+      move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
+    if blocking(pool, is_banned).await? {
+      return Err(APIError::err("community_ban").into());
+    }
+
+    // Verify that only the creator can delete
+    if !Post::is_post_creator(user_id, orig_post.creator_id) {
+      return Err(APIError::err("no_post_edit_allowed").into());
+    }
+
+    // Update the post
+    let edit_id = data.edit_id;
+    let deleted = data.deleted;
+    let updated_post = blocking(pool, move |conn| {
+      Post::update_deleted(conn, edit_id, deleted)
+    })
+    .await??;
+
+    // apub updates
+    if deleted {
+      updated_post.send_delete(&user, &self.client, pool).await?;
+    } else {
+      updated_post
+        .send_undo_delete(&user, &self.client, pool)
+        .await?;
+    }
+
+    // Refetch the post
+    let edit_id = data.edit_id;
+    let post_view = blocking(pool, move |conn| {
+      PostView::read(conn, edit_id, Some(user_id))
+    })
+    .await??;
+
+    let res = PostResponse { post: post_view };
+
+    if let Some(ws) = websocket_info {
+      ws.chatserver.do_send(SendPost {
+        op: UserOperation::DeletePost,
+        post: res.clone(),
+        my_id: ws.id,
+      });
+    }
+
+    Ok(res)
+  }
+}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<RemovePost> {
+  type Response = PostResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<PostResponse, LemmyError> {
+    let data: &RemovePost = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    let edit_id = data.edit_id;
+    let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
+    }
+
+    // Check for a community ban
+    let community_id = orig_post.community_id;
+    let is_banned =
+      move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
+    if blocking(pool, is_banned).await? {
+      return Err(APIError::err("community_ban").into());
+    }
+
+    // Verify that only the mods can remove
+    is_mod_or_admin(pool, user_id, community_id).await?;
+
+    // Update the post
+    let edit_id = data.edit_id;
+    let removed = data.removed;
+    let updated_post = blocking(pool, move |conn| {
+      Post::update_removed(conn, edit_id, removed)
+    })
+    .await??;
+
+    // Mod tables
+    let form = ModRemovePostForm {
+      mod_user_id: user_id,
+      post_id: data.edit_id,
+      removed: Some(removed),
+      reason: data.reason.to_owned(),
+    };
+    blocking(pool, move |conn| ModRemovePost::create(conn, &form)).await??;
+
+    // apub updates
+    if removed {
+      updated_post.send_remove(&user, &self.client, pool).await?;
+    } else {
+      updated_post
+        .send_undo_remove(&user, &self.client, pool)
+        .await?;
+    }
+
+    // Refetch the post
+    let edit_id = data.edit_id;
+    let post_view = blocking(pool, move |conn| {
+      PostView::read(conn, edit_id, Some(user_id))
+    })
+    .await??;
+
+    let res = PostResponse { post: post_view };
+
+    if let Some(ws) = websocket_info {
+      ws.chatserver.do_send(SendPost {
+        op: UserOperation::RemovePost,
+        post: res.clone(),
+        my_id: ws.id,
+      });
+    }
+
+    Ok(res)
+  }
+}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<LockPost> {
+  type Response = PostResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<PostResponse, LemmyError> {
+    let data: &LockPost = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    let edit_id = data.edit_id;
+    let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
+    }
+
+    // Check for a community ban
+    let community_id = orig_post.community_id;
+    let is_banned =
+      move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
+    if blocking(pool, is_banned).await? {
+      return Err(APIError::err("community_ban").into());
+    }
+
+    // Verify that only the mods can lock
+    is_mod_or_admin(pool, user_id, community_id).await?;
+
+    // Update the post
+    let edit_id = data.edit_id;
+    let locked = data.locked;
+    let updated_post =
+      blocking(pool, move |conn| Post::update_locked(conn, edit_id, locked)).await??;
+
+    // Mod tables
+    let form = ModLockPostForm {
+      mod_user_id: user_id,
+      post_id: data.edit_id,
+      locked: Some(locked),
+    };
+    blocking(pool, move |conn| ModLockPost::create(conn, &form)).await??;
+
+    // apub updates
+    updated_post.send_update(&user, &self.client, pool).await?;
+
+    // Refetch the post
+    let edit_id = data.edit_id;
+    let post_view = blocking(pool, move |conn| {
+      PostView::read(conn, edit_id, Some(user_id))
+    })
+    .await??;
+
+    let res = PostResponse { post: post_view };
+
+    if let Some(ws) = websocket_info {
+      ws.chatserver.do_send(SendPost {
+        op: UserOperation::LockPost,
+        post: res.clone(),
+        my_id: ws.id,
+      });
+    }
+
+    Ok(res)
+  }
+}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<StickyPost> {
+  type Response = PostResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<PostResponse, LemmyError> {
+    let data: &StickyPost = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    let edit_id = data.edit_id;
+    let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
+    }
+
+    // Check for a community ban
+    let community_id = orig_post.community_id;
+    let is_banned =
+      move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
+    if blocking(pool, is_banned).await? {
+      return Err(APIError::err("community_ban").into());
+    }
+
+    // Verify that only the mods can sticky
+    is_mod_or_admin(pool, user_id, community_id).await?;
+
+    // Update the post
+    let edit_id = data.edit_id;
+    let stickied = data.stickied;
+    let updated_post = blocking(pool, move |conn| {
+      Post::update_stickied(conn, edit_id, stickied)
+    })
+    .await??;
+
+    // Mod tables
+    let form = ModStickyPostForm {
+      mod_user_id: user_id,
+      post_id: data.edit_id,
+      stickied: Some(stickied),
+    };
+    blocking(pool, move |conn| ModStickyPost::create(conn, &form)).await??;
+
+    // Apub updates
+    // TODO stickied should pry work like locked for ease of use
+    updated_post.send_update(&user, &self.client, pool).await?;
+
+    // Refetch the post
+    let edit_id = data.edit_id;
+    let post_view = blocking(pool, move |conn| {
+      PostView::read(conn, edit_id, Some(user_id))
+    })
+    .await??;
+
+    let res = PostResponse { post: post_view };
+
+    if let Some(ws) = websocket_info {
+      ws.chatserver.do_send(SendPost {
+        op: UserOperation::StickyPost,
+        post: res.clone(),
+        my_id: ws.id,
+      });
+    }
+
+    Ok(res)
+  }
+}
+
 #[async_trait::async_trait(?Send)]
 impl Perform for Oper<SavePost> {
  type Response = PostResponse;
--- a/server/src/api/site.rs
+++ b/server/src/api/site.rs
@ -1,6 +1,6 @@
 use super::user::Register;
 use crate::{
-  api::{claims::Claims, APIError, Oper, Perform},
+  api::{claims::Claims, is_admin, APIError, Oper, Perform},
  apub::fetcher::search_by_apub_id,
  blocking,
  version,
@ -257,10 +257,7 @@ impl Perform for Oper<CreateSite> {
    let user_id = claims.id;

    // Make sure user is an admin
-    let user = blocking(pool, move |conn| UserView::read(conn, user_id)).await??;
-    if !user.admin {
-      return Err(APIError::err("not_an_admin").into());
-    }
+    is_admin(pool, user_id).await?;

    let site_form = SiteForm {
      name: data.name.to_owned(),
@ -311,10 +308,7 @@ impl Perform for Oper<EditSite> {
    let user_id = claims.id;

    // Make sure user is an admin
-    let user = blocking(pool, move |conn| UserView::read(conn, user_id)).await??;
-    if !user.admin {
-      return Err(APIError::err("not_an_admin").into());
-    }
+    is_admin(pool, user_id).await?;

    let found_site = blocking(pool, move |conn| Site::read(conn, 1)).await??;

@ -693,12 +687,7 @@ impl Perform for Oper<GetSiteConfig> {
    let user_id = claims.id;

    // Only let admins read this
-    let admins = blocking(pool, move |conn| UserView::admins(conn)).await??;
-    let admin_ids: Vec<i32> = admins.into_iter().map(|m| m.id).collect();
-
-    if !admin_ids.contains(&user_id) {
-      return Err(APIError::err("not_an_admin").into());
-    }
+    is_admin(pool, user_id).await?;

    let config_hjson = Settings::read_config_file()?;

--- a/server/src/api/user.rs
+++ b/server/src/api/user.rs
@ -1,5 +1,5 @@
 use crate::{
-  api::{claims::Claims, APIError, Oper, Perform},
+  api::{claims::Claims, is_admin, APIError, Oper, Perform},
  apub::ApubObjectType,
  blocking,
  websocket::{
@ -110,7 +110,6 @@ pub struct GetUserDetailsResponse {
  moderates: Vec<CommunityModeratorView>,
  comments: Vec<CommentView>,
  posts: Vec<PostView>,
-  admins: Vec<UserView>,
 }

 #[derive(Serialize, Deserialize)]
@ -174,9 +173,9 @@ pub struct GetUserMentions {
 }

 #[derive(Serialize, Deserialize)]
-pub struct EditUserMention {
+pub struct MarkUserMentionAsRead {
  user_mention_id: i32,
-  read: Option<bool>,
+  read: bool,
  auth: String,
 }

@ -216,9 +215,21 @@ pub struct CreatePrivateMessage {
 #[derive(Serialize, Deserialize)]
 pub struct EditPrivateMessage {
  edit_id: i32,
-  content: Option<String>,
-  deleted: Option<bool>,
-  read: Option<bool>,
+  content: String,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct DeletePrivateMessage {
+  edit_id: i32,
+  deleted: bool,
+  auth: String,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct MarkPrivateMessageAsRead {
+  edit_id: i32,
+  read: bool,
  auth: String,
 }

@ -264,7 +275,7 @@ impl Perform for Oper<Login> {
    // Fetch that username / email
    let username_or_email = data.username_or_email.clone();
    let user = match blocking(pool, move |conn| {
-      Claims::find_by_email_or_username(conn, &username_or_email)
+      User_::find_by_email_or_username(conn, &username_or_email)
    })
    .await?
    {
@ -631,14 +642,6 @@ impl Perform for Oper<GetUserDetails> {
    })
    .await??;

-    let site_creator_id =
-      blocking(pool, move |conn| Site::read(conn, 1).map(|s| s.creator_id)).await??;
-
-    let mut admins = blocking(pool, move |conn| UserView::admins(conn)).await??;
-    let creator_index = admins.iter().position(|r| r.id == site_creator_id).unwrap();
-    let creator_user = admins.remove(creator_index);
-    admins.insert(0, creator_user);
-
    // If its not the same user, remove the email, and settings
    // TODO an if let chain would be better here, but can't figure it out
    // TODO separate out settings into its own thing
@ -653,7 +656,6 @@ impl Perform for Oper<GetUserDetails> {
      moderates,
      comments,
      posts,
-      admins,
    })
  }
 }
@ -677,10 +679,7 @@ impl Perform for Oper<AddAdmin> {
    let user_id = claims.id;

    // Make sure user is an admin
-    let is_admin = move |conn: &'_ _| UserView::read(conn, user_id).map(|u| u.admin);
-    if !blocking(pool, is_admin).await?? {
-      return Err(APIError::err("not_an_admin").into());
-    }
+    is_admin(pool, user_id).await?;

    let added = data.added;
    let added_user_id = data.user_id;
@ -739,10 +738,7 @@ impl Perform for Oper<BanUser> {
    let user_id = claims.id;

    // Make sure user is an admin
-    let is_admin = move |conn: &'_ _| UserView::read(conn, user_id).map(|u| u.admin);
-    if !blocking(pool, is_admin).await?? {
-      return Err(APIError::err("not_an_admin").into());
-    }
+    is_admin(pool, user_id).await?;

    let ban = data.ban;
    let banned_user_id = data.user_id;
@ -862,7 +858,7 @@ impl Perform for Oper<GetUserMentions> {
 }

 #[async_trait::async_trait(?Send)]
-impl Perform for Oper<EditUserMention> {
+impl Perform for Oper<MarkUserMentionAsRead> {
  type Response = UserMentionResponse;

  async fn perform(
@ -870,7 +866,7 @@ impl Perform for Oper<EditUserMention> {
    pool: &DbPool,
    _websocket_info: Option<WebsocketInfo>,
  ) -> Result<UserMentionResponse, LemmyError> {
-    let data: &EditUserMention = &self.data;
+    let data: &MarkUserMentionAsRead = &self.data;

    let claims = match Claims::decode(&data.auth) {
      Ok(claims) => claims.claims,
@ -887,15 +883,9 @@ impl Perform for Oper<EditUserMention> {
      return Err(APIError::err("couldnt_update_comment").into());
    }

-    let user_mention_form = UserMentionForm {
-      recipient_id: read_user_mention.recipient_id,
-      comment_id: read_user_mention.comment_id,
-      read: data.read.to_owned(),
-    };
-
    let user_mention_id = read_user_mention.id;
-    let update_mention =
-      move |conn: &'_ _| UserMention::update(conn, user_mention_id, &user_mention_form);
+    let read = data.read;
+    let update_mention = move |conn: &'_ _| UserMention::update_read(conn, user_mention_id, read);
    if blocking(pool, update_mention).await?.is_err() {
      return Err(APIError::err("couldnt_update_comment").into());
    };
@ -940,70 +930,26 @@ impl Perform for Oper<MarkAllAsRead> {
    .await??;

    // TODO: this should probably be a bulk operation
+    // Not easy to do as a bulk operation,
+    // because recipient_id isn't in the comment table
    for reply in &replies {
      let reply_id = reply.id;
-      let mark_as_read = move |conn: &'_ _| Comment::mark_as_read(conn, reply_id);
+      let mark_as_read = move |conn: &'_ _| Comment::update_read(conn, reply_id, true);
      if blocking(pool, mark_as_read).await?.is_err() {
        return Err(APIError::err("couldnt_update_comment").into());
      }
    }

-    // Mentions
-    let mentions = blocking(pool, move |conn| {
-      UserMentionQueryBuilder::create(conn, user_id)
-        .unread_only(true)
-        .page(1)
-        .limit(999)
-        .list()
-    })
-    .await??;
-
-    // TODO: this should probably be a bulk operation
-    for mention in &mentions {
-      let mention_form = UserMentionForm {
-        recipient_id: mention.to_owned().recipient_id,
-        comment_id: mention.to_owned().id,
-        read: Some(true),
-      };
-
-      let user_mention_id = mention.user_mention_id;
-      let update_mention =
-        move |conn: &'_ _| UserMention::update(conn, user_mention_id, &mention_form);
-      if blocking(pool, update_mention).await?.is_err() {
-        return Err(APIError::err("couldnt_update_comment").into());
-      }
+    // Mark all user mentions as read
+    let update_user_mentions = move |conn: &'_ _| UserMention::mark_all_as_read(conn, user_id);
+    if blocking(pool, update_user_mentions).await?.is_err() {
+      return Err(APIError::err("couldnt_update_comment").into());
    }

-    // messages
-    let messages = blocking(pool, move |conn| {
-      PrivateMessageQueryBuilder::create(conn, user_id)
-        .page(1)
-        .limit(999)
-        .unread_only(true)
-        .list()
-    })
-    .await??;
-
-    // TODO: this should probably be a bulk operation
-    for message in &messages {
-      let private_message_form = PrivateMessageForm {
-        content: message.to_owned().content,
-        creator_id: message.to_owned().creator_id,
-        recipient_id: message.to_owned().recipient_id,
-        deleted: None,
-        read: Some(true),
-        updated: None,
-        ap_id: message.to_owned().ap_id,
-        local: message.local,
-        published: None,
-      };
-
-      let message_id = message.id;
-      let update_pm =
-        move |conn: &'_ _| PrivateMessage::update(conn, message_id, &private_message_form);
-      if blocking(pool, update_pm).await?.is_err() {
-        return Err(APIError::err("couldnt_update_private_message").into());
-      }
+    // Mark all private_messages as read
+    let update_pm = move |conn: &'_ _| PrivateMessage::mark_all_as_read(conn, user_id);
+    if blocking(pool, update_pm).await?.is_err() {
+      return Err(APIError::err("couldnt_update_private_message").into());
    }

    Ok(GetRepliesResponse { replies: vec![] })
@ -1293,59 +1239,25 @@ impl Perform for Oper<EditPrivateMessage> {

    let user_id = claims.id;

-    let edit_id = data.edit_id;
-    let orig_private_message =
-      blocking(pool, move |conn| PrivateMessage::read(conn, edit_id)).await??;
-
    // Check for a site ban
    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
    if user.banned {
      return Err(APIError::err("site_ban").into());
    }

-    // Check to make sure they are the creator (or the recipient marking as read
-    if !(data.read.is_some() && orig_private_message.recipient_id.eq(&user_id)
-      || orig_private_message.creator_id.eq(&user_id))
-    {
+    // Checking permissions
+    let edit_id = data.edit_id;
+    let orig_private_message =
+      blocking(pool, move |conn| PrivateMessage::read(conn, edit_id)).await??;
+    if user_id != orig_private_message.creator_id {
      return Err(APIError::err("no_private_message_edit_allowed").into());
    }

-    let content_slurs_removed = match &data.content {
-      Some(content) => remove_slurs(content),
-      None => orig_private_message.content.clone(),
-    };
-
-    let private_message_form = {
-      if data.read.is_some() {
-        PrivateMessageForm {
-          content: orig_private_message.content.to_owned(),
-          creator_id: orig_private_message.creator_id,
-          recipient_id: orig_private_message.recipient_id,
-          read: data.read.to_owned(),
-          updated: orig_private_message.updated,
-          deleted: Some(orig_private_message.deleted),
-          ap_id: orig_private_message.ap_id,
-          local: orig_private_message.local,
-          published: None,
-        }
-      } else {
-        PrivateMessageForm {
-          content: content_slurs_removed,
-          creator_id: orig_private_message.creator_id,
-          recipient_id: orig_private_message.recipient_id,
-          deleted: data.deleted.to_owned(),
-          read: Some(orig_private_message.read),
-          updated: Some(naive_now()),
-          ap_id: orig_private_message.ap_id,
-          local: orig_private_message.local,
-          published: None,
-        }
-      }
-    };
-
+    // Doing the update
+    let content_slurs_removed = remove_slurs(&data.content);
    let edit_id = data.edit_id;
    let updated_private_message = match blocking(pool, move |conn| {
-      PrivateMessage::update(conn, edit_id, &private_message_form)
+      PrivateMessage::update_content(conn, edit_id, &content_slurs_removed)
    })
    .await?
    {
@ -1353,30 +1265,14 @@ impl Perform for Oper<EditPrivateMessage> {
      Err(_e) => return Err(APIError::err("couldnt_update_private_message").into()),
    };

-    if data.read.is_none() {
-      if let Some(deleted) = data.deleted.to_owned() {
-        if deleted {
-          updated_private_message
-            .send_delete(&user, &self.client, pool)
-            .await?;
-        } else {
-          updated_private_message
-            .send_undo_delete(&user, &self.client, pool)
-            .await?;
-        }
-      } else {
-        updated_private_message
-          .send_update(&user, &self.client, pool)
-          .await?;
-      }
-    } else {
-      updated_private_message
-        .send_update(&user, &self.client, pool)
-        .await?;
-    }
+    // Send the apub update
+    updated_private_message
+      .send_update(&user, &self.client, pool)
+      .await?;

    let edit_id = data.edit_id;
    let message = blocking(pool, move |conn| PrivateMessageView::read(conn, edit_id)).await??;
+    let recipient_id = message.recipient_id;

    let res = PrivateMessageResponse { message };

@ -1384,7 +1280,146 @@ impl Perform for Oper<EditPrivateMessage> {
      ws.chatserver.do_send(SendUserRoomMessage {
        op: UserOperation::EditPrivateMessage,
        response: res.clone(),
-        recipient_id: orig_private_message.recipient_id,
+        recipient_id,
+        my_id: ws.id,
+      });
+    }
+
+    Ok(res)
+  }
+}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<DeletePrivateMessage> {
+  type Response = PrivateMessageResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<PrivateMessageResponse, LemmyError> {
+    let data: &DeletePrivateMessage = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
+    }
+
+    // Checking permissions
+    let edit_id = data.edit_id;
+    let orig_private_message =
+      blocking(pool, move |conn| PrivateMessage::read(conn, edit_id)).await??;
+    if user_id != orig_private_message.creator_id {
+      return Err(APIError::err("no_private_message_edit_allowed").into());
+    }
+
+    // Doing the update
+    let edit_id = data.edit_id;
+    let deleted = data.deleted;
+    let updated_private_message = match blocking(pool, move |conn| {
+      PrivateMessage::update_deleted(conn, edit_id, deleted)
+    })
+    .await?
+    {
+      Ok(private_message) => private_message,
+      Err(_e) => return Err(APIError::err("couldnt_update_private_message").into()),
+    };
+
+    // Send the apub update
+    if data.deleted {
+      updated_private_message
+        .send_delete(&user, &self.client, pool)
+        .await?;
+    } else {
+      updated_private_message
+        .send_undo_delete(&user, &self.client, pool)
+        .await?;
+    }
+
+    let edit_id = data.edit_id;
+    let message = blocking(pool, move |conn| PrivateMessageView::read(conn, edit_id)).await??;
+    let recipient_id = message.recipient_id;
+
+    let res = PrivateMessageResponse { message };
+
+    if let Some(ws) = websocket_info {
+      ws.chatserver.do_send(SendUserRoomMessage {
+        op: UserOperation::DeletePrivateMessage,
+        response: res.clone(),
+        recipient_id,
+        my_id: ws.id,
+      });
+    }
+
+    Ok(res)
+  }
+}
+
+#[async_trait::async_trait(?Send)]
+impl Perform for Oper<MarkPrivateMessageAsRead> {
+  type Response = PrivateMessageResponse;
+
+  async fn perform(
+    &self,
+    pool: &DbPool,
+    websocket_info: Option<WebsocketInfo>,
+  ) -> Result<PrivateMessageResponse, LemmyError> {
+    let data: &MarkPrivateMessageAsRead = &self.data;
+
+    let claims = match Claims::decode(&data.auth) {
+      Ok(claims) => claims.claims,
+      Err(_e) => return Err(APIError::err("not_logged_in").into()),
+    };
+
+    let user_id = claims.id;
+
+    // Check for a site ban
+    let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
+    if user.banned {
+      return Err(APIError::err("site_ban").into());
+    }
+
+    // Checking permissions
+    let edit_id = data.edit_id;
+    let orig_private_message =
+      blocking(pool, move |conn| PrivateMessage::read(conn, edit_id)).await??;
+    if user_id != orig_private_message.recipient_id {
+      return Err(APIError::err("couldnt_update_private_message").into());
+    }
+
+    // Doing the update
+    let edit_id = data.edit_id;
+    let read = data.read;
+    match blocking(pool, move |conn| {
+      PrivateMessage::update_read(conn, edit_id, read)
+    })
+    .await?
+    {
+      Ok(private_message) => private_message,
+      Err(_e) => return Err(APIError::err("couldnt_update_private_message").into()),
+    };
+
+    // No need to send an apub update
+
+    let edit_id = data.edit_id;
+    let message = blocking(pool, move |conn| PrivateMessageView::read(conn, edit_id)).await??;
+    let recipient_id = message.recipient_id;
+
+    let res = PrivateMessageResponse { message };
+
+    if let Some(ws) = websocket_info {
+      ws.chatserver.do_send(SendUserRoomMessage {
+        op: UserOperation::MarkPrivateMessageAsRead,
+        response: res.clone(),
+        recipient_id,
        my_id: ws.id,
      });
    }
--- a/server/src/apub/shared_inbox.rs
+++ b/server/src/apub/shared_inbox.rs
@ -393,7 +393,7 @@ async fn receive_create_comment(
  // anyway.
  let mentions = scrape_text_for_mentions(&inserted_comment.content);
  let recipient_ids =
-    send_local_notifs(mentions, inserted_comment.clone(), user, post, pool).await?;
+    send_local_notifs(mentions, inserted_comment.clone(), user, post, pool, true).await?;

  // Refetch the view
  let comment_view = blocking(pool, move |conn| {
@ -404,6 +404,7 @@ async fn receive_create_comment(
  let res = CommentResponse {
    comment: comment_view,
    recipient_ids,
+    form_id: None,
  };

  chat_server.do_send(SendComment {
@ -558,7 +559,7 @@ async fn receive_update_comment(
  let post = blocking(pool, move |conn| Post::read(conn, post_id)).await??;

  let mentions = scrape_text_for_mentions(&updated_comment.content);
-  let recipient_ids = send_local_notifs(mentions, updated_comment, user, post, pool).await?;
+  let recipient_ids = send_local_notifs(mentions, updated_comment, user, post, pool, false).await?;

  // Refetch the view
  let comment_view =
@ -567,6 +568,7 @@ async fn receive_update_comment(
  let res = CommentResponse {
    comment: comment_view,
    recipient_ids,
+    form_id: None,
  };

  chat_server.do_send(SendComment {
@ -616,6 +618,7 @@ async fn receive_like_comment(
  let res = CommentResponse {
    comment: comment_view,
    recipient_ids,
+    form_id: None,
  };

  chat_server.do_send(SendComment {
@ -665,6 +668,7 @@ async fn receive_dislike_comment(
  let res = CommentResponse {
    comment: comment_view,
    recipient_ids,
+    form_id: None,
  };

  chat_server.do_send(SendComment {
@ -960,6 +964,7 @@ async fn receive_delete_comment(
  let res = CommentResponse {
    comment: comment_view,
    recipient_ids,
+    form_id: None,
  };

  chat_server.do_send(SendComment {
@ -1017,6 +1022,7 @@ async fn receive_remove_comment(
  let res = CommentResponse {
    comment: comment_view,
    recipient_ids,
+    form_id: None,
  };

  chat_server.do_send(SendComment {
@ -1108,6 +1114,7 @@ async fn receive_undo_delete_comment(
  let res = CommentResponse {
    comment: comment_view,
    recipient_ids,
+    form_id: None,
  };

  chat_server.do_send(SendComment {
@ -1165,6 +1172,7 @@ async fn receive_undo_remove_comment(
  let res = CommentResponse {
    comment: comment_view,
    recipient_ids,
+    form_id: None,
  };

  chat_server.do_send(SendComment {
@ -1464,6 +1472,7 @@ async fn receive_undo_like_comment(
  let res = CommentResponse {
    comment: comment_view,
    recipient_ids,
+    form_id: None,
  };

  chat_server.do_send(SendComment {
--- a/server/src/apub/user.rs
+++ b/server/src/apub/user.rs
@ -1,5 +1,4 @@
 use crate::{
-  api::claims::Claims,
  apub::{
    activities::send_activity,
    create_apub_response,
@ -253,7 +252,7 @@ pub async fn get_apub_user_http(
 ) -> Result<HttpResponse<Body>, LemmyError> {
  let user_name = info.into_inner().user_name;
  let user = blocking(&db, move |conn| {
-    Claims::find_by_email_or_username(conn, &user_name)
+    User_::find_by_email_or_username(conn, &user_name)
  })
  .await??;
  let u = user.to_apub(&db).await?;
--- a/server/src/routes/api.rs
+++ b/server/src/routes/api.rs
@ -53,7 +53,9 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
          .route("", web::put().to(route_post::<EditCommunity>))
          .route("/list", web::get().to(route_get::<ListCommunities>))
          .route("/follow", web::post().to(route_post::<FollowCommunity>))
+          .route("/delete", web::post().to(route_post::<DeleteCommunity>))
          // Mod Actions
+          .route("/remove", web::post().to(route_post::<RemoveCommunity>))
          .route("/transfer", web::post().to(route_post::<TransferCommunity>))
          .route("/ban_user", web::post().to(route_post::<BanFromCommunity>))
          .route("/mod", web::post().to(route_post::<AddModToCommunity>)),
@ -71,6 +73,10 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
          .wrap(rate_limit.message())
          .route("", web::get().to(route_get::<GetPost>))
          .route("", web::put().to(route_post::<EditPost>))
+          .route("/delete", web::post().to(route_post::<DeletePost>))
+          .route("/remove", web::post().to(route_post::<RemovePost>))
+          .route("/lock", web::post().to(route_post::<LockPost>))
+          .route("/sticky", web::post().to(route_post::<StickyPost>))
          .route("/list", web::get().to(route_get::<GetPosts>))
          .route("/like", web::post().to(route_post::<CreatePostLike>))
          .route("/save", web::put().to(route_post::<SavePost>)),
@ -81,6 +87,12 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
          .wrap(rate_limit.message())
          .route("", web::post().to(route_post::<CreateComment>))
          .route("", web::put().to(route_post::<EditComment>))
+          .route("/delete", web::post().to(route_post::<DeleteComment>))
+          .route("/remove", web::post().to(route_post::<RemoveComment>))
+          .route(
+            "/mark_as_read",
+            web::post().to(route_post::<MarkCommentAsRead>),
+          )
          .route("/like", web::post().to(route_post::<CreateCommentLike>))
          .route("/save", web::put().to(route_post::<SaveComment>)),
      )
@ -90,7 +102,15 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
          .wrap(rate_limit.message())
          .route("/list", web::get().to(route_get::<GetPrivateMessages>))
          .route("", web::post().to(route_post::<CreatePrivateMessage>))
-          .route("", web::put().to(route_post::<EditPrivateMessage>)),
+          .route("", web::put().to(route_post::<EditPrivateMessage>))
+          .route(
+            "/delete",
+            web::post().to(route_post::<DeletePrivateMessage>),
+          )
+          .route(
+            "/mark_as_read",
+            web::post().to(route_post::<MarkPrivateMessageAsRead>),
+          ),
      )
      // User
      .service(
@ -107,7 +127,10 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
          .wrap(rate_limit.message())
          .route("", web::get().to(route_get::<GetUserDetails>))
          .route("/mention", web::get().to(route_get::<GetUserMentions>))
-          .route("/mention", web::put().to(route_post::<EditUserMention>))
+          .route(
+            "/mention/mark_as_read",
+            web::post().to(route_post::<MarkUserMentionAsRead>),
+          )
          .route("/replies", web::get().to(route_get::<GetReplies>))
          .route(
            "/followed_communities",
--- a/server/src/websocket/mod.rs
+++ b/server/src/websocket/mod.rs
@ -28,19 +28,28 @@ pub enum UserOperation {
  GetCommunity,
  CreateComment,
  EditComment,
+  DeleteComment,
+  RemoveComment,
+  MarkCommentAsRead,
  SaveComment,
  CreateCommentLike,
  GetPosts,
  CreatePostLike,
  EditPost,
+  DeletePost,
+  RemovePost,
+  LockPost,
+  StickyPost,
  SavePost,
  EditCommunity,
+  DeleteCommunity,
+  RemoveCommunity,
  FollowCommunity,
  GetFollowedCommunities,
  GetUserDetails,
  GetReplies,
  GetUserMentions,
-  EditUserMention,
+  MarkUserMentionAsRead,
  GetModlog,
  BanFromCommunity,
  AddModToCommunity,
@ -59,6 +68,8 @@ pub enum UserOperation {
  PasswordChange,
  CreatePrivateMessage,
  EditPrivateMessage,
+  DeletePrivateMessage,
+  MarkPrivateMessageAsRead,
  GetPrivateMessages,
  UserJoin,
  GetComments,
--- a/server/src/websocket/server.rs
+++ b/server/src/websocket/server.rs
@ -212,6 +212,9 @@ impl ChatServer {

    // Also leave all communities
    // This avoids double messages
+    // TODO found a bug, whereby community messages like
+    // delete and remove aren't sent, because
+    // you left the community room
    for sessions in self.community_rooms.values_mut() {
      sessions.remove(&id);
    }
@ -443,18 +446,28 @@ impl ChatServer {
        UserOperation::AddAdmin => do_user_operation::<AddAdmin>(args).await,
        UserOperation::BanUser => do_user_operation::<BanUser>(args).await,
        UserOperation::GetUserMentions => do_user_operation::<GetUserMentions>(args).await,
-        UserOperation::EditUserMention => do_user_operation::<EditUserMention>(args).await,
+        UserOperation::MarkUserMentionAsRead => {
+          do_user_operation::<MarkUserMentionAsRead>(args).await
+        }
        UserOperation::MarkAllAsRead => do_user_operation::<MarkAllAsRead>(args).await,
        UserOperation::DeleteAccount => do_user_operation::<DeleteAccount>(args).await,
        UserOperation::PasswordReset => do_user_operation::<PasswordReset>(args).await,
        UserOperation::PasswordChange => do_user_operation::<PasswordChange>(args).await,
+        UserOperation::UserJoin => do_user_operation::<UserJoin>(args).await,
+        UserOperation::SaveUserSettings => do_user_operation::<SaveUserSettings>(args).await,
+
+        // Private Message ops
        UserOperation::CreatePrivateMessage => {
          do_user_operation::<CreatePrivateMessage>(args).await
        }
        UserOperation::EditPrivateMessage => do_user_operation::<EditPrivateMessage>(args).await,
+        UserOperation::DeletePrivateMessage => {
+          do_user_operation::<DeletePrivateMessage>(args).await
+        }
+        UserOperation::MarkPrivateMessageAsRead => {
+          do_user_operation::<MarkPrivateMessageAsRead>(args).await
+        }
        UserOperation::GetPrivateMessages => do_user_operation::<GetPrivateMessages>(args).await,
-        UserOperation::UserJoin => do_user_operation::<UserJoin>(args).await,
-        UserOperation::SaveUserSettings => do_user_operation::<SaveUserSettings>(args).await,

        // Site ops
        UserOperation::GetModlog => do_user_operation::<GetModlog>(args).await,
@ -473,6 +486,8 @@ impl ChatServer {
        UserOperation::ListCommunities => do_user_operation::<ListCommunities>(args).await,
        UserOperation::CreateCommunity => do_user_operation::<CreateCommunity>(args).await,
        UserOperation::EditCommunity => do_user_operation::<EditCommunity>(args).await,
+        UserOperation::DeleteCommunity => do_user_operation::<DeleteCommunity>(args).await,
+        UserOperation::RemoveCommunity => do_user_operation::<RemoveCommunity>(args).await,
        UserOperation::FollowCommunity => do_user_operation::<FollowCommunity>(args).await,
        UserOperation::GetFollowedCommunities => {
          do_user_operation::<GetFollowedCommunities>(args).await
@ -485,12 +500,19 @@ impl ChatServer {
        UserOperation::GetPost => do_user_operation::<GetPost>(args).await,
        UserOperation::GetPosts => do_user_operation::<GetPosts>(args).await,
        UserOperation::EditPost => do_user_operation::<EditPost>(args).await,
+        UserOperation::DeletePost => do_user_operation::<DeletePost>(args).await,
+        UserOperation::RemovePost => do_user_operation::<RemovePost>(args).await,
+        UserOperation::LockPost => do_user_operation::<LockPost>(args).await,
+        UserOperation::StickyPost => do_user_operation::<StickyPost>(args).await,
        UserOperation::CreatePostLike => do_user_operation::<CreatePostLike>(args).await,
        UserOperation::SavePost => do_user_operation::<SavePost>(args).await,

        // Comment ops
        UserOperation::CreateComment => do_user_operation::<CreateComment>(args).await,
        UserOperation::EditComment => do_user_operation::<EditComment>(args).await,
+        UserOperation::DeleteComment => do_user_operation::<DeleteComment>(args).await,
+        UserOperation::RemoveComment => do_user_operation::<RemoveComment>(args).await,
+        UserOperation::MarkCommentAsRead => do_user_operation::<MarkCommentAsRead>(args).await,
        UserOperation::SaveComment => do_user_operation::<SaveComment>(args).await,
        UserOperation::GetComments => do_user_operation::<GetComments>(args).await,
        UserOperation::CreateCommentLike => do_user_operation::<CreateCommentLike>(args).await,
--- a/ui/src/api_tests/api.spec.ts
+++ b/ui/src/api_tests/api.spec.ts
@ -4,22 +4,28 @@ import {
  LoginForm,
  LoginResponse,
  PostForm,
+  DeletePostForm,
+  RemovePostForm,
+  // TODO need to test LockPost and StickyPost federated
  PostResponse,
  SearchResponse,
  FollowCommunityForm,
  CommunityResponse,
  GetFollowedCommunitiesResponse,
-  GetPostForm,
  GetPostResponse,
  CommentForm,
+  DeleteCommentForm,
+  RemoveCommentForm,
  CommentResponse,
  CommunityForm,
-  GetCommunityForm,
+  DeleteCommunityForm,
+  RemoveCommunityForm,
  GetCommunityResponse,
  CommentLikeForm,
  CreatePostLikeForm,
  PrivateMessageForm,
  EditPrivateMessageForm,
+  DeletePrivateMessageForm,
  PrivateMessageResponse,
  PrivateMessagesResponse,
  GetUserMentionsResponse,
@ -97,7 +103,6 @@ describe('main', () => {
        name,
        auth: lemmyAlphaAuth,
        community_id: 2,
-        creator_id: 2,
        nsfw: false,
      };

@ -266,7 +271,6 @@ describe('main', () => {
        name,
        auth: lemmyAlphaAuth,
        community_id: 3,
-        creator_id: 2,
        nsfw: false,
      };

@ -323,7 +327,6 @@ describe('main', () => {
        edit_id: 2,
        auth: lemmyAlphaAuth,
        community_id: 3,
-        creator_id: 2,
        nsfw: false,
      };

@ -382,7 +385,6 @@ describe('main', () => {
      let unlikeCommentForm: CommentLikeForm = {
        comment_id: createResponse.comment.id,
        score: 0,
-        post_id: 2,
        auth: lemmyAlphaAuth,
      };

@ -585,7 +587,6 @@ describe('main', () => {
        name: postName,
        auth: lemmyBetaAuth,
        community_id: createCommunityRes.community.id,
-        creator_id: 2,
        nsfw: false,
      };

@ -620,19 +621,16 @@ describe('main', () => {
      expect(createCommentRes.comment.content).toBe(commentContent);

      // lemmy_beta deletes the comment
-      let deleteCommentForm: CommentForm = {
-        content: commentContent,
+      let deleteCommentForm: DeleteCommentForm = {
        edit_id: createCommentRes.comment.id,
-        post_id: createPostRes.post.id,
        deleted: true,
        auth: lemmyBetaAuth,
-        creator_id: createCommentRes.comment.creator_id,
      };

      let deleteCommentRes: CommentResponse = await fetch(
-        `${lemmyBetaApiUrl}/comment`,
+        `${lemmyBetaApiUrl}/comment/delete`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -649,19 +647,16 @@ describe('main', () => {
      expect(getPostRes.comments[0].deleted).toBe(true);

      // lemmy_beta undeletes the comment
-      let undeleteCommentForm: CommentForm = {
-        content: commentContent,
+      let undeleteCommentForm: DeleteCommentForm = {
        edit_id: createCommentRes.comment.id,
-        post_id: createPostRes.post.id,
        deleted: false,
        auth: lemmyBetaAuth,
-        creator_id: createCommentRes.comment.creator_id,
      };

      let undeleteCommentRes: CommentResponse = await fetch(
-        `${lemmyBetaApiUrl}/comment`,
+        `${lemmyBetaApiUrl}/comment/delete`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -677,23 +672,22 @@ describe('main', () => {
      expect(getPostUndeleteRes.comments[0].deleted).toBe(false);

      // lemmy_beta deletes the post
-      let deletePostForm: PostForm = {
-        name: postName,
+      let deletePostForm: DeletePostForm = {
        edit_id: createPostRes.post.id,
-        auth: lemmyBetaAuth,
-        community_id: createPostRes.post.community_id,
-        creator_id: createPostRes.post.creator_id,
-        nsfw: false,
        deleted: true,
+        auth: lemmyBetaAuth,
      };

-      let deletePostRes: PostResponse = await fetch(`${lemmyBetaApiUrl}/post`, {
-        method: 'PUT',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        body: wrapper(deletePostForm),
-      }).then(d => d.json());
+      let deletePostRes: PostResponse = await fetch(
+        `${lemmyBetaApiUrl}/post/delete`,
+        {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+          },
+          body: wrapper(deletePostForm),
+        }
+      ).then(d => d.json());
      expect(deletePostRes.post.deleted).toBe(true);

      // Make sure lemmy_alpha sees the post is deleted
@ -703,20 +697,16 @@ describe('main', () => {
      expect(getPostResAgain.post.deleted).toBe(true);

      // lemmy_beta undeletes the post
-      let undeletePostForm: PostForm = {
-        name: postName,
+      let undeletePostForm: DeletePostForm = {
        edit_id: createPostRes.post.id,
-        auth: lemmyBetaAuth,
-        community_id: createPostRes.post.community_id,
-        creator_id: createPostRes.post.creator_id,
-        nsfw: false,
        deleted: false,
+        auth: lemmyBetaAuth,
      };

      let undeletePostRes: PostResponse = await fetch(
-        `${lemmyBetaApiUrl}/post`,
+        `${lemmyBetaApiUrl}/post/delete`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -732,20 +722,16 @@ describe('main', () => {
      expect(getPostResAgainTwo.post.deleted).toBe(false);

      // lemmy_beta deletes the community
-      let deleteCommunityForm: CommunityForm = {
-        name: communityName,
-        title: communityName,
-        category_id: 1,
+      let deleteCommunityForm: DeleteCommunityForm = {
        edit_id: createCommunityRes.community.id,
-        nsfw: false,
        deleted: true,
        auth: lemmyBetaAuth,
      };

      let deleteResponse: CommunityResponse = await fetch(
-        `${lemmyBetaApiUrl}/community`,
+        `${lemmyBetaApiUrl}/community/delete`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -765,20 +751,16 @@ describe('main', () => {
      expect(getCommunityRes.community.deleted).toBe(true);

      // lemmy_beta undeletes the community
-      let undeleteCommunityForm: CommunityForm = {
-        name: communityName,
-        title: communityName,
-        category_id: 1,
+      let undeleteCommunityForm: DeleteCommunityForm = {
        edit_id: createCommunityRes.community.id,
-        nsfw: false,
        deleted: false,
        auth: lemmyBetaAuth,
      };

      let undeleteCommunityRes: CommunityResponse = await fetch(
-        `${lemmyBetaApiUrl}/community`,
+        `${lemmyBetaApiUrl}/community/delete`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -861,7 +843,6 @@ describe('main', () => {
        name: postName,
        auth: lemmyBetaAuth,
        community_id: createCommunityRes.community.id,
-        creator_id: 2,
        nsfw: false,
      };

@ -896,19 +877,16 @@ describe('main', () => {
      expect(createCommentRes.comment.content).toBe(commentContent);

      // lemmy_beta removes the comment
-      let removeCommentForm: CommentForm = {
-        content: commentContent,
+      let removeCommentForm: RemoveCommentForm = {
        edit_id: createCommentRes.comment.id,
-        post_id: createPostRes.post.id,
        removed: true,
        auth: lemmyBetaAuth,
-        creator_id: createCommentRes.comment.creator_id,
      };

      let removeCommentRes: CommentResponse = await fetch(
-        `${lemmyBetaApiUrl}/comment`,
+        `${lemmyBetaApiUrl}/comment/remove`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -925,19 +903,16 @@ describe('main', () => {
      expect(getPostRes.comments[0].removed).toBe(true);

      // lemmy_beta undeletes the comment
-      let unremoveCommentForm: CommentForm = {
-        content: commentContent,
+      let unremoveCommentForm: RemoveCommentForm = {
        edit_id: createCommentRes.comment.id,
-        post_id: createPostRes.post.id,
        removed: false,
        auth: lemmyBetaAuth,
-        creator_id: createCommentRes.comment.creator_id,
      };

      let unremoveCommentRes: CommentResponse = await fetch(
-        `${lemmyBetaApiUrl}/comment`,
+        `${lemmyBetaApiUrl}/comment/remove`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -953,23 +928,22 @@ describe('main', () => {
      expect(getPostUnremoveRes.comments[0].removed).toBe(false);

      // lemmy_beta deletes the post
-      let removePostForm: PostForm = {
-        name: postName,
+      let removePostForm: RemovePostForm = {
        edit_id: createPostRes.post.id,
-        auth: lemmyBetaAuth,
-        community_id: createPostRes.post.community_id,
-        creator_id: createPostRes.post.creator_id,
-        nsfw: false,
        removed: true,
+        auth: lemmyBetaAuth,
      };

-      let removePostRes: PostResponse = await fetch(`${lemmyBetaApiUrl}/post`, {
-        method: 'PUT',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        body: wrapper(removePostForm),
-      }).then(d => d.json());
+      let removePostRes: PostResponse = await fetch(
+        `${lemmyBetaApiUrl}/post/remove`,
+        {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+          },
+          body: wrapper(removePostForm),
+        }
+      ).then(d => d.json());
      expect(removePostRes.post.removed).toBe(true);

      // Make sure lemmy_alpha sees the post is deleted
@ -979,20 +953,16 @@ describe('main', () => {
      expect(getPostResAgain.post.removed).toBe(true);

      // lemmy_beta unremoves the post
-      let unremovePostForm: PostForm = {
-        name: postName,
+      let unremovePostForm: RemovePostForm = {
        edit_id: createPostRes.post.id,
-        auth: lemmyBetaAuth,
-        community_id: createPostRes.post.community_id,
-        creator_id: createPostRes.post.creator_id,
-        nsfw: false,
        removed: false,
+        auth: lemmyBetaAuth,
      };

      let unremovePostRes: PostResponse = await fetch(
-        `${lemmyBetaApiUrl}/post`,
+        `${lemmyBetaApiUrl}/post/remove`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -1007,21 +977,17 @@ describe('main', () => {
      }).then(d => d.json());
      expect(getPostResAgainTwo.post.removed).toBe(false);

-      // lemmy_beta deletes the community
-      let removeCommunityForm: CommunityForm = {
-        name: communityName,
-        title: communityName,
-        category_id: 1,
+      // lemmy_beta removes the community
+      let removeCommunityForm: RemoveCommunityForm = {
        edit_id: createCommunityRes.community.id,
-        nsfw: false,
        removed: true,
        auth: lemmyBetaAuth,
      };

      let removeCommunityRes: CommunityResponse = await fetch(
-        `${lemmyBetaApiUrl}/community`,
+        `${lemmyBetaApiUrl}/community/remove`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -1029,7 +995,7 @@ describe('main', () => {
        }
      ).then(d => d.json());

-      // Make sure the delete went through
+      // Make sure the remove went through
      expect(removeCommunityRes.community.removed).toBe(true);

      // Re-get it from alpha, make sure its removed there too
@ -1041,20 +1007,16 @@ describe('main', () => {
      expect(getCommunityRes.community.removed).toBe(true);

      // lemmy_beta unremoves the community
-      let unremoveCommunityForm: CommunityForm = {
-        name: communityName,
-        title: communityName,
-        category_id: 1,
+      let unremoveCommunityForm: RemoveCommunityForm = {
        edit_id: createCommunityRes.community.id,
-        nsfw: false,
        removed: false,
        auth: lemmyBetaAuth,
      };

      let unremoveCommunityRes: CommunityResponse = await fetch(
-        `${lemmyBetaApiUrl}/community`,
+        `${lemmyBetaApiUrl}/community/remove`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -1149,16 +1111,16 @@ describe('main', () => {
      );

      // lemmy alpha deletes the private message
-      let deletePrivateMessageForm: EditPrivateMessageForm = {
+      let deletePrivateMessageForm: DeletePrivateMessageForm = {
        deleted: true,
        edit_id: createRes.message.id,
        auth: lemmyAlphaAuth,
      };

      let deleteRes: PrivateMessageResponse = await fetch(
-        `${lemmyAlphaApiUrl}/private_message`,
+        `${lemmyAlphaApiUrl}/private_message/delete`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -1182,16 +1144,16 @@ describe('main', () => {
      expect(getPrivateMessagesDeletedRes.messages.length).toBe(0);

      // lemmy alpha undeletes the private message
-      let undeletePrivateMessageForm: EditPrivateMessageForm = {
+      let undeletePrivateMessageForm: DeletePrivateMessageForm = {
        deleted: false,
        edit_id: createRes.message.id,
        auth: lemmyAlphaAuth,
      };

      let undeleteRes: PrivateMessageResponse = await fetch(
-        `${lemmyAlphaApiUrl}/private_message`,
+        `${lemmyAlphaApiUrl}/private_message/delete`,
        {
-          method: 'PUT',
+          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
          },
@ -1252,7 +1214,6 @@ describe('main', () => {
        name: postName,
        auth: lemmyAlphaAuth,
        community_id: 2,
-        creator_id: 2,
        nsfw: false,
      };

@ -1363,7 +1324,6 @@ describe('main', () => {
        name: betaPostName,
        auth: lemmyBetaAuth,
        community_id: 2,
-        creator_id: 2,
        nsfw: false,
      };

--- a/ui/src/components/comment-form.tsx
+++ b/ui/src/components/comment-form.tsx
@ -115,34 +115,9 @@ export class CommentForm extends Component<CommentFormProps, CommentFormState> {
    );
  }

-  handleFinished(op: UserOperation, data: CommentResponse) {
-    let isReply =
-      this.props.node !== undefined && data.comment.parent_id !== null;
-    let xor =
-      +!(data.comment.parent_id !== null) ^ +(this.props.node !== undefined);
-
-    if (
-      (data.comment.creator_id == UserService.Instance.user.id &&
-        ((op == UserOperation.CreateComment &&
-          // If its a reply, make sure parent child match
-          isReply &&
-          data.comment.parent_id == this.props.node.comment.id) ||
-          // Otherwise, check the XOR of the two
-          (!isReply && xor))) ||
-      // If its a comment edit, only check that its from your user, and that its a
-      // text edit only
-
-      (data.comment.creator_id == UserService.Instance.user.id &&
-        op == UserOperation.EditComment &&
-        data.comment.content)
-    ) {
-      this.state.finished = true;
-      this.setState(this.state);
-    }
-  }
-
-  handleCommentSubmit(val: string) {
-    this.state.commentForm.content = val;
+  handleCommentSubmit(msg: { val: string; formId: string }) {
+    this.state.commentForm.content = msg.val;
+    this.state.commentForm.form_id = msg.formId;
    if (this.props.edit) {
      WebSocketService.Instance.editComment(this.state.commentForm);
    } else {
@ -160,12 +135,16 @@ export class CommentForm extends Component<CommentFormProps, CommentFormState> {

    // Only do the showing and hiding if logged in
    if (UserService.Instance.user) {
-      if (res.op == UserOperation.CreateComment) {
+      if (
+        res.op == UserOperation.CreateComment ||
+        res.op == UserOperation.EditComment
+      ) {
        let data = res.data as CommentResponse;
-        this.handleFinished(res.op, data);
-      } else if (res.op == UserOperation.EditComment) {
-        let data = res.data as CommentResponse;
-        this.handleFinished(res.op, data);
+
+        // This only finishes this form, if the randomly generated form_id matches the one received
+        if (this.state.commentForm.form_id == data.form_id) {
+          this.setState({ finished: true });
+        }
      }
    }
  }
--- a/ui/src/components/comment-node.tsx
+++ b/ui/src/components/comment-node.tsx
@ -3,8 +3,10 @@ import { Link } from 'inferno-router';
 import {
  CommentNode as CommentNodeI,
  CommentLikeForm,
-  CommentForm as CommentFormI,
-  EditUserMentionForm,
+  DeleteCommentForm,
+  RemoveCommentForm,
+  MarkCommentAsReadForm,
+  MarkUserMentionAsReadForm,
  SaveCommentForm,
  BanFromCommunityForm,
  BanUserForm,
@ -848,16 +850,12 @@ export class CommentNode extends Component<CommentNodeProps, CommentNodeState> {
  }

  handleDeleteClick(i: CommentNode) {
-    let deleteForm: CommentFormI = {
-      content: i.props.node.comment.content,
+    let deleteForm: DeleteCommentForm = {
      edit_id: i.props.node.comment.id,
-      creator_id: i.props.node.comment.creator_id,
-      post_id: i.props.node.comment.post_id,
-      parent_id: i.props.node.comment.parent_id,
      deleted: !i.props.node.comment.deleted,
      auth: null,
    };
-    WebSocketService.Instance.editComment(deleteForm);
+    WebSocketService.Instance.deleteComment(deleteForm);
  }

  handleSaveCommentClick(i: CommentNode) {
@ -901,7 +899,6 @@ export class CommentNode extends Component<CommentNodeProps, CommentNodeState> {

    let form: CommentLikeForm = {
      comment_id: i.comment.id,
-      post_id: i.comment.post_id,
      score: this.state.my_vote,
    };

@ -929,7 +926,6 @@ export class CommentNode extends Component<CommentNodeProps, CommentNodeState> {

    let form: CommentLikeForm = {
      comment_id: i.comment.id,
-      post_id: i.comment.post_id,
      score: this.state.my_vote,
    };

@ -950,17 +946,13 @@ export class CommentNode extends Component<CommentNodeProps, CommentNodeState> {

  handleModRemoveSubmit(i: CommentNode) {
    event.preventDefault();
-    let form: CommentFormI = {
-      content: i.props.node.comment.content,
+    let form: RemoveCommentForm = {
      edit_id: i.props.node.comment.id,
-      creator_id: i.props.node.comment.creator_id,
-      post_id: i.props.node.comment.post_id,
-      parent_id: i.props.node.comment.parent_id,
      removed: !i.props.node.comment.removed,
      reason: i.state.removeReason,
      auth: null,
    };
-    WebSocketService.Instance.editComment(form);
+    WebSocketService.Instance.removeComment(form);

    i.state.showRemoveDialog = false;
    i.setState(i.state);
@ -969,22 +961,18 @@ export class CommentNode extends Component<CommentNodeProps, CommentNodeState> {
  handleMarkRead(i: CommentNode) {
    // if it has a user_mention_id field, then its a mention
    if (i.props.node.comment.user_mention_id) {
-      let form: EditUserMentionForm = {
+      let form: MarkUserMentionAsReadForm = {
        user_mention_id: i.props.node.comment.user_mention_id,
        read: !i.props.node.comment.read,
      };
-      WebSocketService.Instance.editUserMention(form);
+      WebSocketService.Instance.markUserMentionAsRead(form);
    } else {
-      let form: CommentFormI = {
-        content: i.props.node.comment.content,
+      let form: MarkCommentAsReadForm = {
        edit_id: i.props.node.comment.id,
-        creator_id: i.props.node.comment.creator_id,
-        post_id: i.props.node.comment.post_id,
-        parent_id: i.props.node.comment.parent_id,
        read: !i.props.node.comment.read,
        auth: null,
      };
-      WebSocketService.Instance.editComment(form);
+      WebSocketService.Instance.markCommentAsRead(form);
    }

    i.state.readLoading = true;
--- a/ui/src/components/community.tsx
+++ b/ui/src/components/community.tsx
@ -355,12 +355,15 @@ export class Community extends Component<any, State> {
      let data = res.data as GetCommunityResponse;
      this.state.community = data.community;
      this.state.moderators = data.moderators;
-      this.state.admins = data.admins;
      this.state.online = data.online;
      document.title = `/c/${this.state.community.name} - ${this.state.site.name}`;
      this.setState(this.state);
      this.fetchData();
-    } else if (res.op == UserOperation.EditCommunity) {
+    } else if (
+      res.op == UserOperation.EditCommunity ||
+      res.op == UserOperation.DeleteCommunity ||
+      res.op == UserOperation.RemoveCommunity
+    ) {
      let data = res.data as CommunityResponse;
      this.state.community = data.community;
      this.setState(this.state);
@ -376,7 +379,13 @@ export class Community extends Component<any, State> {
      this.state.loading = false;
      this.setState(this.state);
      setupTippy();
-    } else if (res.op == UserOperation.EditPost) {
+    } else if (
+      res.op == UserOperation.EditPost ||
+      res.op == UserOperation.DeletePost ||
+      res.op == UserOperation.RemovePost ||
+      res.op == UserOperation.LockPost ||
+      res.op == UserOperation.StickyPost
+    ) {
      let data = res.data as PostResponse;
      editPostFindRes(data, this.state.posts);
      this.setState(this.state);
@ -405,7 +414,11 @@ export class Community extends Component<any, State> {
      this.state.comments = data.comments;
      this.state.loading = false;
      this.setState(this.state);
-    } else if (res.op == UserOperation.EditComment) {
+    } else if (
+      res.op == UserOperation.EditComment ||
+      res.op == UserOperation.DeleteComment ||
+      res.op == UserOperation.RemoveComment
+    ) {
      let data = res.data as CommentResponse;
      editCommentRes(data, this.state.comments);
      this.setState(this.state);
@ -428,6 +441,7 @@ export class Community extends Component<any, State> {
    } else if (res.op == UserOperation.GetSite) {
      let data = res.data as GetSiteResponse;
      this.state.site = data.site;
+      this.state.admins = data.admins;
      this.setState(this.state);
    }
  }
--- a/ui/src/components/inbox.tsx
+++ b/ui/src/components/inbox.tsx
@ -446,27 +446,54 @@ export class Inbox extends Component<any, InboxState> {
      let found: PrivateMessageI = this.state.messages.find(
        m => m.id === data.message.id
      );
-      found.content = data.message.content;
-      found.updated = data.message.updated;
-      found.deleted = data.message.deleted;
-      // If youre in the unread view, just remove it from the list
-      if (this.state.unreadOrAll == UnreadOrAll.Unread && data.message.read) {
-        this.state.messages = this.state.messages.filter(
-          r => r.id !== data.message.id
-        );
-      } else {
-        let found = this.state.messages.find(c => c.id == data.message.id);
-        found.read = data.message.read;
+      if (found) {
+        found.content = data.message.content;
+        found.updated = data.message.updated;
+      }
+      this.setState(this.state);
+    } else if (res.op == UserOperation.DeletePrivateMessage) {
+      let data = res.data as PrivateMessageResponse;
+      let found: PrivateMessageI = this.state.messages.find(
+        m => m.id === data.message.id
+      );
+      if (found) {
+        found.deleted = data.message.deleted;
+        found.updated = data.message.updated;
+      }
+      this.setState(this.state);
+    } else if (res.op == UserOperation.MarkPrivateMessageAsRead) {
+      let data = res.data as PrivateMessageResponse;
+      let found: PrivateMessageI = this.state.messages.find(
+        m => m.id === data.message.id
+      );
+
+      if (found) {
+        found.updated = data.message.updated;
+
+        // If youre in the unread view, just remove it from the list
+        if (this.state.unreadOrAll == UnreadOrAll.Unread && data.message.read) {
+          this.state.messages = this.state.messages.filter(
+            r => r.id !== data.message.id
+          );
+        } else {
+          let found = this.state.messages.find(c => c.id == data.message.id);
+          found.read = data.message.read;
+        }
      }
      this.sendUnreadCount();
-      window.scrollTo(0, 0);
      this.setState(this.state);
-      setupTippy();
    } else if (res.op == UserOperation.MarkAllAsRead) {
      // Moved to be instant
-    } else if (res.op == UserOperation.EditComment) {
+    } else if (
+      res.op == UserOperation.EditComment ||
+      res.op == UserOperation.DeleteComment ||
+      res.op == UserOperation.RemoveComment
+    ) {
      let data = res.data as CommentResponse;
      editCommentRes(data, this.state.replies);
+      this.setState(this.state);
+    } else if (res.op == UserOperation.MarkCommentAsRead) {
+      let data = res.data as CommentResponse;

      // If youre in the unread view, just remove it from the list
      if (this.state.unreadOrAll == UnreadOrAll.Unread && data.comment.read) {
@ -480,7 +507,7 @@ export class Inbox extends Component<any, InboxState> {
      this.sendUnreadCount();
      this.setState(this.state);
      setupTippy();
-    } else if (res.op == UserOperation.EditUserMention) {
+    } else if (res.op == UserOperation.MarkUserMentionAsRead) {
      let data = res.data as UserMentionResponse;

      let found = this.state.mentions.find(c => c.id == data.mention.id);
--- a/ui/src/components/main.tsx
+++ b/ui/src/components/main.tsx
@ -702,7 +702,11 @@ export class Main extends Component<any, MainState> {
      this.state.comments = data.comments;
      this.state.loading = false;
      this.setState(this.state);
-    } else if (res.op == UserOperation.EditComment) {
+    } else if (
+      res.op == UserOperation.EditComment ||
+      res.op == UserOperation.DeleteComment ||
+      res.op == UserOperation.RemoveComment
+    ) {
      let data = res.data as CommentResponse;
      editCommentRes(data, this.state.comments);
      this.setState(this.state);
--- a/ui/src/components/markdown-textarea.tsx
+++ b/ui/src/components/markdown-textarea.tsx
@ -21,7 +21,7 @@ interface MarkdownTextAreaProps {
  replyType?: boolean;
  focus?: boolean;
  disabled?: boolean;
-  onSubmit?(val: string): any;
+  onSubmit?(msg: { val: string; formId: string }): any;
  onContentChange?(val: string): any;
  onReplyCancel?(): any;
 }
@ -391,7 +391,8 @@ export class MarkdownTextArea extends Component<
    event.preventDefault();
    i.state.loading = true;
    i.setState(i.state);
-    i.props.onSubmit(i.state.content);
+    let msg = { val: i.state.content, formId: i.formId };
+    i.props.onSubmit(msg);
  }

  handleReplyCancel(i: MarkdownTextArea) {
--- a/ui/src/components/post-form.tsx
+++ b/ui/src/components/post-form.tsx
@ -71,9 +71,6 @@ export class PostForm extends Component<PostFormProps, PostFormState> {
      nsfw: false,
      auth: null,
      community_id: null,
-      creator_id: UserService.Instance.user
-        ? UserService.Instance.user.id
-        : null,
    },
    communities: [],
    loading: false,
@ -99,7 +96,6 @@ export class PostForm extends Component<PostFormProps, PostFormState> {
        name: this.props.post.name,
        community_id: this.props.post.community_id,
        edit_id: this.props.post.id,
-        creator_id: this.props.post.creator_id,
        url: this.props.post.url,
        nsfw: this.props.post.nsfw,
        auth: null,
--- a/ui/src/components/post-listing.tsx
+++ b/ui/src/components/post-listing.tsx
@ -4,7 +4,10 @@ import { WebSocketService, UserService } from '../services';
 import {
  Post,
  CreatePostLikeForm,
-  PostForm as PostFormI,
+  DeletePostForm,
+  RemovePostForm,
+  LockPostForm,
+  StickyPostForm,
  SavePostForm,
  CommunityUser,
  UserView,
@ -33,7 +36,6 @@ import {
  setupTippy,
  hostname,
  previewLines,
-  toast,
 } from '../utils';
 import { i18n } from '../i18next';

@ -1114,18 +1116,12 @@ export class PostListing extends Component<PostListingProps, PostListingState> {
  }

  handleDeleteClick(i: PostListing) {
-    let deleteForm: PostFormI = {
-      body: i.props.post.body,
-      community_id: i.props.post.community_id,
-      name: i.props.post.name,
-      url: i.props.post.url,
+    let deleteForm: DeletePostForm = {
      edit_id: i.props.post.id,
-      creator_id: i.props.post.creator_id,
      deleted: !i.props.post.deleted,
-      nsfw: i.props.post.nsfw,
      auth: null,
    };
-    WebSocketService.Instance.editPost(deleteForm);
+    WebSocketService.Instance.deletePost(deleteForm);
  }

  handleSavePostClick(i: PostListing) {
@ -1163,46 +1159,34 @@ export class PostListing extends Component<PostListingProps, PostListingState> {

  handleModRemoveSubmit(i: PostListing) {
    event.preventDefault();
-    let form: PostFormI = {
-      name: i.props.post.name,
-      community_id: i.props.post.community_id,
+    let form: RemovePostForm = {
      edit_id: i.props.post.id,
-      creator_id: i.props.post.creator_id,
      removed: !i.props.post.removed,
      reason: i.state.removeReason,
-      nsfw: i.props.post.nsfw,
      auth: null,
    };
-    WebSocketService.Instance.editPost(form);
+    WebSocketService.Instance.removePost(form);

    i.state.showRemoveDialog = false;
    i.setState(i.state);
  }

  handleModLock(i: PostListing) {
-    let form: PostFormI = {
-      name: i.props.post.name,
-      community_id: i.props.post.community_id,
+    let form: LockPostForm = {
      edit_id: i.props.post.id,
-      creator_id: i.props.post.creator_id,
-      nsfw: i.props.post.nsfw,
      locked: !i.props.post.locked,
      auth: null,
    };
-    WebSocketService.Instance.editPost(form);
+    WebSocketService.Instance.lockPost(form);
  }

  handleModSticky(i: PostListing) {
-    let form: PostFormI = {
-      name: i.props.post.name,
-      community_id: i.props.post.community_id,
+    let form: StickyPostForm = {
      edit_id: i.props.post.id,
-      creator_id: i.props.post.creator_id,
-      nsfw: i.props.post.nsfw,
      stickied: !i.props.post.stickied,
      auth: null,
    };
-    WebSocketService.Instance.editPost(form);
+    WebSocketService.Instance.stickyPost(form);
  }

  handleModBanFromCommunityShow(i: PostListing) {
--- a/ui/src/components/post.tsx
+++ b/ui/src/components/post.tsx
@ -8,7 +8,7 @@ import {
  GetPostResponse,
  PostResponse,
  Comment,
-  CommentForm as CommentFormI,
+  MarkCommentAsReadForm,
  CommentResponse,
  CommentSortType,
  CommentViewType,
@ -168,16 +168,12 @@ export class Post extends Component<any, PostState> {
      UserService.Instance.user &&
      UserService.Instance.user.id == parent_user_id
    ) {
-      let form: CommentFormI = {
-        content: found.content,
+      let form: MarkCommentAsReadForm = {
        edit_id: found.id,
-        creator_id: found.creator_id,
-        post_id: found.post_id,
-        parent_id: found.parent_id,
        read: true,
        auth: null,
      };
-      WebSocketService.Instance.editComment(form);
+      WebSocketService.Instance.markCommentAsRead(form);
      UserService.Instance.user.unreadCount--;
      UserService.Instance.sub.next({
        user: UserService.Instance.user,
@ -409,7 +405,6 @@ export class Post extends Component<any, PostState> {
      this.state.comments = data.comments;
      this.state.community = data.community;
      this.state.moderators = data.moderators;
-      this.state.siteRes.admins = data.admins;
      this.state.online = data.online;
      this.state.loading = false;
      document.title = `${this.state.post.name} - ${this.state.siteRes.site.name}`;
@ -436,7 +431,11 @@ export class Post extends Component<any, PostState> {
        this.state.comments.unshift(data.comment);
        this.setState(this.state);
      }
-    } else if (res.op == UserOperation.EditComment) {
+    } else if (
+      res.op == UserOperation.EditComment ||
+      res.op == UserOperation.DeleteComment ||
+      res.op == UserOperation.RemoveComment
+    ) {
      let data = res.data as CommentResponse;
      editCommentRes(data, this.state.comments);
      this.setState(this.state);
@ -453,7 +452,13 @@ export class Post extends Component<any, PostState> {
      let data = res.data as PostResponse;
      createPostLikeRes(data, this.state.post);
      this.setState(this.state);
-    } else if (res.op == UserOperation.EditPost) {
+    } else if (
+      res.op == UserOperation.EditPost ||
+      res.op == UserOperation.DeletePost ||
+      res.op == UserOperation.RemovePost ||
+      res.op == UserOperation.LockPost ||
+      res.op == UserOperation.StickyPost
+    ) {
      let data = res.data as PostResponse;
      this.state.post = data.post;
      this.setState(this.state);
@ -463,7 +468,11 @@ export class Post extends Component<any, PostState> {
      this.state.post = data.post;
      this.setState(this.state);
      setupTippy();
-    } else if (res.op == UserOperation.EditCommunity) {
+    } else if (
+      res.op == UserOperation.EditCommunity ||
+      res.op == UserOperation.DeleteCommunity ||
+      res.op == UserOperation.RemoveCommunity
+    ) {
      let data = res.data as CommunityResponse;
      this.state.community = data.community;
      this.state.post.community_id = data.community.id;
@ -521,7 +530,6 @@ export class Post extends Component<any, PostState> {
      let data = res.data as GetCommunityResponse;
      this.state.community = data.community;
      this.state.moderators = data.moderators;
-      this.state.siteRes.admins = data.admins;
      this.setState(this.state);
    }
  }
--- a/ui/src/components/private-message-form.tsx
+++ b/ui/src/components/private-message-form.tsx
@ -263,7 +263,11 @@ export class PrivateMessageForm extends Component<
      this.state.loading = false;
      this.setState(this.state);
      return;
-    } else if (res.op == UserOperation.EditPrivateMessage) {
+    } else if (
+      res.op == UserOperation.EditPrivateMessage ||
+      res.op == UserOperation.DeletePrivateMessage ||
+      res.op == UserOperation.MarkPrivateMessageAsRead
+    ) {
      let data = res.data as PrivateMessageResponse;
      this.state.loading = false;
      this.props.onEdit(data.message);
--- a/ui/src/components/private-message.tsx
+++ b/ui/src/components/private-message.tsx
@ -2,7 +2,8 @@ import { Component, linkEvent } from 'inferno';
 import { Link } from 'inferno-router';
 import {
  PrivateMessage as PrivateMessageI,
-  EditPrivateMessageForm,
+  DeletePrivateMessageForm,
+  MarkPrivateMessageAsReadForm,
 } from '../interfaces';
 import { WebSocketService, UserService } from '../services';
 import { mdToHtml, pictrsAvatarThumbnail, showAvatars, toast } from '../utils';
@ -243,11 +244,11 @@ export class PrivateMessage extends Component<
  }

  handleDeleteClick(i: PrivateMessage) {
-    let form: EditPrivateMessageForm = {
+    let form: DeletePrivateMessageForm = {
      edit_id: i.props.privateMessage.id,
      deleted: !i.props.privateMessage.deleted,
    };
-    WebSocketService.Instance.editPrivateMessage(form);
+    WebSocketService.Instance.deletePrivateMessage(form);
  }

  handleReplyCancel() {
@ -257,11 +258,11 @@ export class PrivateMessage extends Component<
  }

  handleMarkRead(i: PrivateMessage) {
-    let form: EditPrivateMessageForm = {
+    let form: MarkPrivateMessageAsReadForm = {
      edit_id: i.props.privateMessage.id,
      read: !i.props.privateMessage.read,
    };
-    WebSocketService.Instance.editPrivateMessage(form);
+    WebSocketService.Instance.markPrivateMessageAsRead(form);
  }

  handleMessageCollapse(i: PrivateMessage) {
--- a/ui/src/components/sidebar.tsx
+++ b/ui/src/components/sidebar.tsx
@ -4,7 +4,8 @@ import {
  Community,
  CommunityUser,
  FollowCommunityForm,
-  CommunityForm as CommunityFormI,
+  DeleteCommunityForm,
+  RemoveCommunityForm,
  UserView,
 } from '../interfaces';
 import { WebSocketService, UserService } from '../services';
@ -284,16 +285,11 @@ export class Sidebar extends Component<SidebarProps, SidebarState> {

  handleDeleteClick(i: Sidebar) {
    event.preventDefault();
-    let deleteForm: CommunityFormI = {
-      name: i.props.community.name,
-      title: i.props.community.title,
-      category_id: i.props.community.category_id,
+    let deleteForm: DeleteCommunityForm = {
      edit_id: i.props.community.id,
      deleted: !i.props.community.deleted,
-      nsfw: i.props.community.nsfw,
-      auth: null,
    };
-    WebSocketService.Instance.editCommunity(deleteForm);
+    WebSocketService.Instance.deleteCommunity(deleteForm);
  }

  handleUnsubscribe(communityId: number) {
@ -350,18 +346,13 @@ export class Sidebar extends Component<SidebarProps, SidebarState> {

  handleModRemoveSubmit(i: Sidebar) {
    event.preventDefault();
-    let deleteForm: CommunityFormI = {
-      name: i.props.community.name,
-      title: i.props.community.title,
-      category_id: i.props.community.category_id,
+    let removeForm: RemoveCommunityForm = {
      edit_id: i.props.community.id,
      removed: !i.props.community.removed,
      reason: i.state.removeReason,
      expires: getUnixTime(i.state.removeExpires),
-      nsfw: i.props.community.nsfw,
-      auth: null,
    };
-    WebSocketService.Instance.editCommunity(deleteForm);
+    WebSocketService.Instance.removeCommunity(removeForm);

    i.state.showRemoveDialog = false;
    i.setState(i.state);
--- a/ui/src/components/user-details.tsx
+++ b/ui/src/components/user-details.tsx
@ -1,7 +1,7 @@
 import { Component, linkEvent } from 'inferno';
 import { WebSocketService, UserService } from '../services';
 import { Subscription } from 'rxjs';
-import { retryWhen, delay, take, last } from 'rxjs/operators';
+import { retryWhen, delay, take } from 'rxjs/operators';
 import { i18n } from '../i18next';
 import {
  UserOperation,
@ -16,7 +16,6 @@ import {
  CommentResponse,
  BanUserResponse,
  PostResponse,
-  AddAdminResponse,
 } from '../interfaces';
 import {
  wsJsonToRes,
@ -41,6 +40,7 @@ interface UserDetailsProps {
  enableNsfw: boolean;
  view: UserDetailsView;
  onPageChange(page: number): number | any;
+  admins: Array<UserView>;
 }

 interface UserDetailsState {
@ -49,7 +49,6 @@ interface UserDetailsState {
  comments: Array<Comment>;
  posts: Array<Post>;
  saved?: Array<Post>;
-  admins: Array<UserView>;
 }

 export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
@ -63,7 +62,6 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
      comments: [],
      posts: [],
      saved: [],
-      admins: [],
    };

    this.subscription = WebSocketService.Instance.subject
@ -152,7 +150,7 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
            {i.type === 'posts' ? (
              <PostListing
                post={i.data as Post}
-                admins={this.state.admins}
+                admins={this.props.admins}
                showCommunity
                enableDownvotes={this.props.enableDownvotes}
                enableNsfw={this.props.enableNsfw}
@ -160,7 +158,7 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
            ) : (
              <CommentNodes
                nodes={[{ comment: i.data as Comment }]}
-                admins={this.state.admins}
+                admins={this.props.admins}
                noIndent
                showContext
                enableDownvotes={this.props.enableDownvotes}
@ -177,7 +175,7 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
      <div>
        <CommentNodes
          nodes={commentsToFlatNodes(this.state.comments)}
-          admins={this.state.admins}
+          admins={this.props.admins}
          noIndent
          showContext
          enableDownvotes={this.props.enableDownvotes}
@ -192,7 +190,7 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
        {this.state.posts.map(post => (
          <PostListing
            post={post}
-            admins={this.state.admins}
+            admins={this.props.admins}
            showCommunity
            enableDownvotes={this.props.enableDownvotes}
            enableNsfw={this.props.enableNsfw}
@ -252,7 +250,6 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
        follows: data.follows,
        moderates: data.moderates,
        posts: data.posts,
-        admins: data.admins,
      });
    } else if (res.op == UserOperation.CreateCommentLike) {
      const data = res.data as CommentResponse;
@ -260,7 +257,11 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
      this.setState({
        comments: this.state.comments,
      });
-    } else if (res.op == UserOperation.EditComment) {
+    } else if (
+      res.op == UserOperation.EditComment ||
+      res.op == UserOperation.DeleteComment ||
+      res.op == UserOperation.RemoveComment
+    ) {
      const data = res.data as CommentResponse;
      editCommentRes(data, this.state.comments);
      this.setState({
@ -298,11 +299,6 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
        posts: this.state.posts,
        comments: this.state.comments,
      });
-    } else if (res.op == UserOperation.AddAdmin) {
-      const data = res.data as AddAdminResponse;
-      this.setState({
-        admins: data.admins,
-      });
    }
  }
 }
--- a/ui/src/components/user.tsx
+++ b/ui/src/components/user.tsx
@ -13,9 +13,9 @@ import {
  DeleteAccountForm,
  WebSocketJsonResponse,
  GetSiteResponse,
-  Site,
  UserDetailsView,
  UserDetailsResponse,
+  AddAdminResponse,
 } from '../interfaces';
 import { WebSocketService, UserService } from '../services';
 import {
@ -54,7 +54,7 @@ interface UserState {
  deleteAccountLoading: boolean;
  deleteAccountShowConfirm: boolean;
  deleteAccountForm: DeleteAccountForm;
-  site: Site;
+  siteRes: GetSiteResponse;
 }

 interface UserProps {
@ -114,19 +114,24 @@ export class User extends Component<any, UserState> {
    deleteAccountForm: {
      password: null,
    },
-    site: {
-      id: undefined,
-      name: undefined,
-      creator_id: undefined,
-      published: undefined,
-      creator_name: undefined,
-      number_of_users: undefined,
-      number_of_posts: undefined,
-      number_of_comments: undefined,
-      number_of_communities: undefined,
-      enable_downvotes: undefined,
-      open_registration: undefined,
-      enable_nsfw: undefined,
+    siteRes: {
+      admins: [],
+      banned: [],
+      online: undefined,
+      site: {
+        id: undefined,
+        name: undefined,
+        creator_id: undefined,
+        published: undefined,
+        creator_name: undefined,
+        number_of_users: undefined,
+        number_of_posts: undefined,
+        number_of_comments: undefined,
+        number_of_communities: undefined,
+        enable_downvotes: undefined,
+        open_registration: undefined,
+        enable_nsfw: undefined,
+      },
    },
  };

@ -201,7 +206,7 @@ export class User extends Component<any, UserState> {
      // Couldnt get a refresh working. This does for now.
      location.reload();
    }
-    document.title = `/u/${this.state.username} - ${this.state.site.name}`;
+    document.title = `/u/${this.state.username} - ${this.state.siteRes.site.name}`;
    setupTippy();
  }

@ -236,8 +241,9 @@ export class User extends Component<any, UserState> {
              sort={SortType[this.state.sort]}
              page={this.state.page}
              limit={fetchLimit}
-              enableDownvotes={this.state.site.enable_downvotes}
-              enableNsfw={this.state.site.enable_nsfw}
+              enableDownvotes={this.state.siteRes.site.enable_downvotes}
+              enableNsfw={this.state.siteRes.site.enable_nsfw}
+              admins={this.state.siteRes.admins}
              view={this.state.view}
              onPageChange={this.handlePageChange}
            />
@ -637,7 +643,7 @@ export class User extends Component<any, UserState> {
                  />
                </div>
              </div>
-              {this.state.site.enable_nsfw && (
+              {this.state.siteRes.site.enable_nsfw && (
                <div class="form-group">
                  <div class="form-check">
                    <input
@ -1063,9 +1069,12 @@ export class User extends Component<any, UserState> {
      this.context.router.history.push('/');
    } else if (res.op == UserOperation.GetSite) {
      const data = res.data as GetSiteResponse;
-      this.setState({
-        site: data.site,
-      });
+      this.state.siteRes = data;
+      this.setState(this.state);
+    } else if (res.op == UserOperation.AddAdmin) {
+      const data = res.data as AddAdminResponse;
+      this.state.siteRes.admins = data.admins;
+      this.setState(this.state);
    }
  }
 }
--- a/ui/src/interfaces.ts
+++ b/ui/src/interfaces.ts
@ -9,19 +9,28 @@ export enum UserOperation {
  GetCommunity,
  CreateComment,
  EditComment,
+  DeleteComment,
+  RemoveComment,
+  MarkCommentAsRead,
  SaveComment,
  CreateCommentLike,
  GetPosts,
  CreatePostLike,
  EditPost,
+  DeletePost,
+  RemovePost,
+  LockPost,
+  StickyPost,
  SavePost,
  EditCommunity,
+  DeleteCommunity,
+  RemoveCommunity,
  FollowCommunity,
  GetFollowedCommunities,
  GetUserDetails,
  GetReplies,
  GetUserMentions,
-  EditUserMention,
+  MarkUserMentionAsRead,
  GetModlog,
  BanFromCommunity,
  AddModToCommunity,
@ -40,6 +49,8 @@ export enum UserOperation {
  PasswordChange,
  CreatePrivateMessage,
  EditPrivateMessage,
+  DeletePrivateMessage,
+  MarkPrivateMessageAsRead,
  GetPrivateMessages,
  UserJoin,
  GetComments,
@ -355,9 +366,9 @@ export interface GetUserMentionsResponse {
  mentions: Array<Comment>;
 }

-export interface EditUserMentionForm {
+export interface MarkUserMentionAsReadForm {
  user_mention_id: number;
-  read?: boolean;
+  read: boolean;
  auth?: string;
 }

@ -571,13 +582,23 @@ export interface UserSettingsForm {

 export interface CommunityForm {
  name: string;
+  edit_id?: number;
  title: string;
  description?: string;
  category_id: number;
-  edit_id?: number;
-  removed?: boolean;
-  deleted?: boolean;
  nsfw: boolean;
+  auth?: string;
+}
+
+export interface DeleteCommunityForm {
+  edit_id: number;
+  deleted: boolean;
+  auth?: string;
+}
+
+export interface RemoveCommunityForm {
+  edit_id: number;
+  removed: boolean;
  reason?: string;
  expires?: number;
  auth?: string;
@ -592,7 +613,6 @@ export interface GetCommunityForm {
 export interface GetCommunityResponse {
  community: Community;
  moderators: Array<CommunityUser>;
-  admins: Array<UserView>;
  online: number;
 }

@ -619,19 +639,37 @@ export interface PostForm {
  name: string;
  url?: string;
  body?: string;
-  community_id: number;
-  updated?: number;
+  community_id?: number;
  edit_id?: number;
-  creator_id: number;
-  removed?: boolean;
-  deleted?: boolean;
  nsfw: boolean;
-  locked?: boolean;
-  stickied?: boolean;
+  auth: string;
+}
+
+export interface DeletePostForm {
+  edit_id: number;
+  deleted: boolean;
+  auth: string;
+}
+
+export interface RemovePostForm {
+  edit_id: number;
+  removed: boolean;
  reason?: string;
  auth: string;
 }

+export interface LockPostForm {
+  edit_id: number;
+  locked: boolean;
+  auth: string;
+}
+
+export interface StickyPostForm {
+  edit_id: number;
+  stickied: boolean;
+  auth: string;
+}
+
 export interface PostFormParams {
  name: string;
  url?: string;
@ -649,7 +687,6 @@ export interface GetPostResponse {
  comments: Array<Comment>;
  community: Community;
  moderators: Array<CommunityUser>;
-  admins: Array<UserView>;
  online: number;
 }

@ -665,14 +702,30 @@ export interface PostResponse {

 export interface CommentForm {
  content: string;
-  post_id: number;
+  post_id?: number;
  parent_id?: number;
  edit_id?: number;
  creator_id?: number;
-  removed?: boolean;
-  deleted?: boolean;
+  form_id?: string;
+  auth: string;
+}
+
+export interface DeleteCommentForm {
+  edit_id: number;
+  deleted: boolean;
+  auth: string;
+}
+
+export interface RemoveCommentForm {
+  edit_id: number;
+  removed: boolean;
  reason?: string;
-  read?: boolean;
+  auth: string;
+}
+
+export interface MarkCommentAsReadForm {
+  edit_id: number;
+  read: boolean;
  auth: string;
 }

@ -685,11 +738,11 @@ export interface SaveCommentForm {
 export interface CommentResponse {
  comment: Comment;
  recipient_ids: Array<number>;
+  form_id?: string;
 }

 export interface CommentLikeForm {
  comment_id: number;
-  post_id: number;
  score: number;
  auth?: string;
 }
@ -835,9 +888,19 @@ export interface PrivateMessageFormParams {

 export interface EditPrivateMessageForm {
  edit_id: number;
-  content?: string;
-  deleted?: boolean;
-  read?: boolean;
+  content: string;
+  auth?: string;
+}
+
+export interface DeletePrivateMessageForm {
+  edit_id: number;
+  deleted: boolean;
+  auth?: string;
+}
+
+export interface MarkPrivateMessageAsReadForm {
+  edit_id: number;
+  read: boolean;
  auth?: string;
 }

@ -865,18 +928,26 @@ export interface UserJoinResponse {
 }

 export type MessageType =
-  | EditPrivateMessageForm
  | LoginForm
  | RegisterForm
  | CommunityForm
+  | DeleteCommunityForm
+  | RemoveCommunityForm
  | FollowCommunityForm
  | ListCommunitiesForm
  | GetFollowedCommunitiesForm
  | PostForm
+  | DeletePostForm
+  | RemovePostForm
+  | LockPostForm
+  | StickyPostForm
  | GetPostForm
  | GetPostsForm
  | GetCommunityForm
  | CommentForm
+  | DeleteCommentForm
+  | RemoveCommentForm
+  | MarkCommentAsReadForm
  | CommentLikeForm
  | SaveCommentForm
  | CreatePostLikeForm
@ -891,7 +962,7 @@ export type MessageType =
  | GetUserDetailsForm
  | GetRepliesForm
  | GetUserMentionsForm
-  | EditUserMentionForm
+  | MarkUserMentionAsReadForm
  | GetModlogForm
  | SiteForm
  | SearchForm
@ -901,6 +972,8 @@ export type MessageType =
  | PasswordChangeForm
  | PrivateMessageForm
  | EditPrivateMessageForm
+  | DeletePrivateMessageForm
+  | MarkPrivateMessageAsReadForm
  | GetPrivateMessagesForm
  | SiteConfigForm;

--- a/ui/src/services/WebSocketService.ts
+++ b/ui/src/services/WebSocketService.ts
@ -4,9 +4,18 @@ import {
  RegisterForm,
  UserOperation,
  CommunityForm,
+  DeleteCommunityForm,
+  RemoveCommunityForm,
  PostForm,
+  DeletePostForm,
+  RemovePostForm,
+  LockPostForm,
+  StickyPostForm,
  SavePostForm,
  CommentForm,
+  DeleteCommentForm,
+  RemoveCommentForm,
+  MarkCommentAsReadForm,
  SaveCommentForm,
  CommentLikeForm,
  GetPostForm,
@ -28,7 +37,7 @@ import {
  UserView,
  GetRepliesForm,
  GetUserMentionsForm,
-  EditUserMentionForm,
+  MarkUserMentionAsReadForm,
  SearchForm,
  UserSettingsForm,
  DeleteAccountForm,
@ -36,6 +45,8 @@ import {
  PasswordChangeForm,
  PrivateMessageForm,
  EditPrivateMessageForm,
+  DeletePrivateMessageForm,
+  MarkPrivateMessageAsReadForm,
  GetPrivateMessagesForm,
  GetCommentsForm,
  UserJoinForm,
@ -103,18 +114,24 @@ export class WebSocketService {
    this.ws.send(this.wsSendWrapper(UserOperation.Register, registerForm));
  }

-  public createCommunity(communityForm: CommunityForm) {
-    this.setAuth(communityForm);
-    this.ws.send(
-      this.wsSendWrapper(UserOperation.CreateCommunity, communityForm)
-    );
+  public createCommunity(form: CommunityForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.CreateCommunity, form));
  }

-  public editCommunity(communityForm: CommunityForm) {
-    this.setAuth(communityForm);
-    this.ws.send(
-      this.wsSendWrapper(UserOperation.EditCommunity, communityForm)
-    );
+  public editCommunity(form: CommunityForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.EditCommunity, form));
+  }
+
+  public deleteCommunity(form: DeleteCommunityForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.DeleteCommunity, form));
+  }
+
+  public removeCommunity(form: RemoveCommunityForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.RemoveCommunity, form));
  }

  public followCommunity(followCommunityForm: FollowCommunityForm) {
@ -140,9 +157,9 @@ export class WebSocketService {
    this.ws.send(this.wsSendWrapper(UserOperation.ListCategories, {}));
  }

-  public createPost(postForm: PostForm) {
-    this.setAuth(postForm);
-    this.ws.send(this.wsSendWrapper(UserOperation.CreatePost, postForm));
+  public createPost(form: PostForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.CreatePost, form));
  }

  public getPost(form: GetPostForm) {
@ -155,14 +172,29 @@ export class WebSocketService {
    this.ws.send(this.wsSendWrapper(UserOperation.GetCommunity, form));
  }

-  public createComment(commentForm: CommentForm) {
-    this.setAuth(commentForm);
-    this.ws.send(this.wsSendWrapper(UserOperation.CreateComment, commentForm));
+  public createComment(form: CommentForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.CreateComment, form));
  }

-  public editComment(commentForm: CommentForm) {
-    this.setAuth(commentForm);
-    this.ws.send(this.wsSendWrapper(UserOperation.EditComment, commentForm));
+  public editComment(form: CommentForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.EditComment, form));
+  }
+
+  public deleteComment(form: DeleteCommentForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.DeleteComment, form));
+  }
+
+  public removeComment(form: RemoveCommentForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.RemoveComment, form));
+  }
+
+  public markCommentAsRead(form: MarkCommentAsReadForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.MarkCommentAsRead, form));
  }

  public likeComment(form: CommentLikeForm) {
@ -190,9 +222,29 @@ export class WebSocketService {
    this.ws.send(this.wsSendWrapper(UserOperation.CreatePostLike, form));
  }

-  public editPost(postForm: PostForm) {
-    this.setAuth(postForm);
-    this.ws.send(this.wsSendWrapper(UserOperation.EditPost, postForm));
+  public editPost(form: PostForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.EditPost, form));
+  }
+
+  public deletePost(form: DeletePostForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.DeletePost, form));
+  }
+
+  public removePost(form: RemovePostForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.RemovePost, form));
+  }
+
+  public lockPost(form: LockPostForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.LockPost, form));
+  }
+
+  public stickyPost(form: StickyPostForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.StickyPost, form));
  }

  public savePost(form: SavePostForm) {
@ -245,9 +297,9 @@ export class WebSocketService {
    this.ws.send(this.wsSendWrapper(UserOperation.GetUserMentions, form));
  }

-  public editUserMention(form: EditUserMentionForm) {
+  public markUserMentionAsRead(form: MarkUserMentionAsReadForm) {
    this.setAuth(form);
-    this.ws.send(this.wsSendWrapper(UserOperation.EditUserMention, form));
+    this.ws.send(this.wsSendWrapper(UserOperation.MarkUserMentionAsRead, form));
  }

  public getModlog(form: GetModlogForm) {
@ -315,6 +367,18 @@ export class WebSocketService {
    this.ws.send(this.wsSendWrapper(UserOperation.EditPrivateMessage, form));
  }

+  public deletePrivateMessage(form: DeletePrivateMessageForm) {
+    this.setAuth(form);
+    this.ws.send(this.wsSendWrapper(UserOperation.DeletePrivateMessage, form));
+  }
+
+  public markPrivateMessageAsRead(form: MarkPrivateMessageAsReadForm) {
+    this.setAuth(form);
+    this.ws.send(
+      this.wsSendWrapper(UserOperation.MarkPrivateMessageAsRead, form)
+    );
+  }
+
  public getPrivateMessages(form: GetPrivateMessagesForm) {
    this.setAuth(form);
    this.ws.send(this.wsSendWrapper(UserOperation.GetPrivateMessages, form));
--- a/ui/translations/en.json
+++ b/ui/translations/en.json
@ -256,6 +256,7 @@
    "couldnt_save_post": "Couldn't save post.",
    "no_slurs": "No slurs.",
    "not_an_admin": "Not an admin.",
+    "not_a_moderator": "Not a moderator.",
    "site_already_exists": "Site already exists.",
    "couldnt_update_site": "Couldn't update site.",
    "couldnt_find_that_username_or_email":