Add check so only mods can change stickied/locked state of posts
This commit is contained in:
parent
803aad3b3e
commit
50559de6d2
3 changed files with 42 additions and 8 deletions
|
@ -1,12 +1,24 @@
|
||||||
use crate::{activities::receive::get_actor_as_user, objects::FromApub, ActorType, PageExt};
|
use crate::{
|
||||||
|
activities::receive::get_actor_as_user,
|
||||||
|
inbox::receive_for_community::verify_mod_activity,
|
||||||
|
objects::FromApub,
|
||||||
|
ActorType,
|
||||||
|
PageExt,
|
||||||
|
};
|
||||||
use activitystreams::{
|
use activitystreams::{
|
||||||
activity::{Create, Dislike, Like, Remove, Update},
|
activity::{Announce, Create, Dislike, Like, Remove, Update},
|
||||||
prelude::*,
|
prelude::*,
|
||||||
};
|
};
|
||||||
use anyhow::Context;
|
use anyhow::Context;
|
||||||
use lemmy_api_structs::{blocking, post::PostResponse};
|
use lemmy_api_structs::{blocking, post::PostResponse};
|
||||||
use lemmy_db_queries::{source::post::Post_, Likeable};
|
use lemmy_db_queries::{source::post::Post_, ApubObject, Crud, Likeable};
|
||||||
use lemmy_db_schema::source::post::{Post, PostLike, PostLikeForm};
|
use lemmy_db_schema::{
|
||||||
|
source::{
|
||||||
|
community::Community,
|
||||||
|
post::{Post, PostLike, PostLikeForm},
|
||||||
|
},
|
||||||
|
DbUrl,
|
||||||
|
};
|
||||||
use lemmy_db_views::post_view::PostView;
|
use lemmy_db_views::post_view::PostView;
|
||||||
use lemmy_utils::{location_info, LemmyError};
|
use lemmy_utils::{location_info, LemmyError};
|
||||||
use lemmy_websocket::{messages::SendPost, LemmyContext, UserOperation};
|
use lemmy_websocket::{messages::SendPost, LemmyContext, UserOperation};
|
||||||
|
@ -42,6 +54,7 @@ pub(crate) async fn receive_create_post(
|
||||||
|
|
||||||
pub(crate) async fn receive_update_post(
|
pub(crate) async fn receive_update_post(
|
||||||
update: Update,
|
update: Update,
|
||||||
|
announce: Option<Announce>,
|
||||||
context: &LemmyContext,
|
context: &LemmyContext,
|
||||||
request_counter: &mut i32,
|
request_counter: &mut i32,
|
||||||
) -> Result<(), LemmyError> {
|
) -> Result<(), LemmyError> {
|
||||||
|
@ -49,6 +62,27 @@ pub(crate) async fn receive_update_post(
|
||||||
let page = PageExt::from_any_base(update.object().to_owned().one().context(location_info!())?)?
|
let page = PageExt::from_any_base(update.object().to_owned().one().context(location_info!())?)?
|
||||||
.context(location_info!())?;
|
.context(location_info!())?;
|
||||||
|
|
||||||
|
let post_id: DbUrl = page
|
||||||
|
.id_unchecked()
|
||||||
|
.context(location_info!())?
|
||||||
|
.to_owned()
|
||||||
|
.into();
|
||||||
|
let old_post = blocking(context.pool(), move |conn| {
|
||||||
|
Post::read_from_apub_id(conn, &post_id)
|
||||||
|
})
|
||||||
|
.await??;
|
||||||
|
|
||||||
|
// If sticked or locked state was changed, make sure the actor is a mod
|
||||||
|
let stickied = page.ext_one.stickied.context(location_info!())?;
|
||||||
|
let locked = !page.ext_one.comments_enabled.context(location_info!())?;
|
||||||
|
if stickied != old_post.stickied || locked != old_post.locked {
|
||||||
|
let community = blocking(context.pool(), move |conn| {
|
||||||
|
Community::read(conn, old_post.community_id)
|
||||||
|
})
|
||||||
|
.await??;
|
||||||
|
verify_mod_activity(&update, announce, &community, context).await?;
|
||||||
|
}
|
||||||
|
|
||||||
let post = Post::from_apub(&page, context, user.actor_id(), request_counter).await?;
|
let post = Post::from_apub(&page, context, user.actor_id(), request_counter).await?;
|
||||||
|
|
||||||
let post_id = post.id;
|
let post_id = post.id;
|
||||||
|
|
|
@ -26,7 +26,7 @@ use std::fmt::Debug;
|
||||||
use url::Url;
|
use url::Url;
|
||||||
|
|
||||||
pub mod community_inbox;
|
pub mod community_inbox;
|
||||||
mod receive_for_community;
|
pub(crate) mod receive_for_community;
|
||||||
pub mod shared_inbox;
|
pub mod shared_inbox;
|
||||||
pub mod user_inbox;
|
pub mod user_inbox;
|
||||||
|
|
||||||
|
|
|
@ -139,7 +139,7 @@ pub(in crate::inbox) async fn receive_update_for_community(
|
||||||
};
|
};
|
||||||
if actor.id != original_author {
|
if actor.id != original_author {
|
||||||
let community = extract_community_from_cc(&update, context).await?;
|
let community = extract_community_from_cc(&update, context).await?;
|
||||||
verify_mod_activity(&update, announce, &community, context).await?;
|
verify_mod_activity(&update, announce.to_owned(), &community, context).await?;
|
||||||
}
|
}
|
||||||
|
|
||||||
let kind = update
|
let kind = update
|
||||||
|
@ -147,7 +147,7 @@ pub(in crate::inbox) async fn receive_update_for_community(
|
||||||
.as_single_kind_str()
|
.as_single_kind_str()
|
||||||
.and_then(|s| s.parse().ok());
|
.and_then(|s| s.parse().ok());
|
||||||
match kind {
|
match kind {
|
||||||
Some(PageOrNote::Page) => receive_update_post(update, context, request_counter).await,
|
Some(PageOrNote::Page) => receive_update_post(update, announce, context, request_counter).await,
|
||||||
Some(PageOrNote::Note) => receive_update_comment(update, context, request_counter).await,
|
Some(PageOrNote::Note) => receive_update_comment(update, context, request_counter).await,
|
||||||
_ => receive_unhandled_activity(update),
|
_ => receive_unhandled_activity(update),
|
||||||
}
|
}
|
||||||
|
@ -538,7 +538,7 @@ where
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn verify_mod_activity<T, Kind>(
|
pub(crate) async fn verify_mod_activity<T, Kind>(
|
||||||
mod_action: &T,
|
mod_action: &T,
|
||||||
announce: Option<Announce>,
|
announce: Option<Announce>,
|
||||||
community: &Community,
|
community: &Community,
|
||||||
|
|
Loading…
Reference in a new issue