Nutomic
ad90cd77f9
* add private visibility * filter private communities in post_view.rs * also filter in comment_view * community follower state * remove unused method * sql fmt * add CommunityFollower.approved_by * implement api endpoints * api changes * only admins can create private community for now * add local api tests * fix api tests * follow remote private community * use authorized fetch for content in private community * federate community visibility * dont mark content in private community as public * expose ApprovalRequired in api * also check content fetchable for outbox/featured * address private community content to followers * implement reject activity * fix tests * add files * remove local api tests * dont use delay * is_new_instance * single query for is_new_instance * return subscribed type for pending follow * working * need to catch errors in waitUntil * clippy * fix query * lint for unused async * diesel.toml comment * add comment * avoid db reads * rename approved_by to approver_id * add helper * form init * list pending follows should return items for all communities * clippy * ci * fix down migration * fix api tests * references * rename * run git diff * ci * fix schema check * fix joins * ci * ci * skip_serializing_none * fix test --------- Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
441 lines
16 KiB
Rust
441 lines
16 KiB
Rust
use actix_web::{guard, web};
|
|
use lemmy_api::{
|
|
comment::{
|
|
distinguish::distinguish_comment,
|
|
like::like_comment,
|
|
list_comment_likes::list_comment_likes,
|
|
save::save_comment,
|
|
},
|
|
comment_report::{
|
|
create::create_comment_report,
|
|
list::list_comment_reports,
|
|
resolve::resolve_comment_report,
|
|
},
|
|
community::{
|
|
add_mod::add_mod_to_community,
|
|
ban::ban_from_community,
|
|
block::block_community,
|
|
follow::follow_community,
|
|
hide::hide_community,
|
|
pending_follows::{
|
|
approve::post_pending_follows_approve,
|
|
count::get_pending_follows_count,
|
|
list::get_pending_follows_list,
|
|
},
|
|
random::get_random_community,
|
|
transfer::transfer_community,
|
|
},
|
|
local_user::{
|
|
add_admin::add_admin,
|
|
ban_person::ban_from_site,
|
|
block::block_person,
|
|
change_password::change_password,
|
|
change_password_after_reset::change_password_after_reset,
|
|
generate_totp_secret::generate_totp_secret,
|
|
get_captcha::get_captcha,
|
|
list_banned::list_banned_users,
|
|
list_logins::list_logins,
|
|
list_media::list_media,
|
|
login::login,
|
|
logout::logout,
|
|
notifications::{
|
|
list_mentions::list_mentions,
|
|
list_replies::list_replies,
|
|
mark_all_read::mark_all_notifications_read,
|
|
mark_mention_read::mark_person_mention_as_read,
|
|
mark_reply_read::mark_reply_as_read,
|
|
unread_count::unread_count,
|
|
},
|
|
report_count::report_count,
|
|
reset_password::reset_password,
|
|
save_settings::save_user_settings,
|
|
update_totp::update_totp,
|
|
validate_auth::validate_auth,
|
|
verify_email::verify_email,
|
|
},
|
|
post::{
|
|
feature::feature_post,
|
|
get_link_metadata::get_link_metadata,
|
|
hide::hide_post,
|
|
like::like_post,
|
|
list_post_likes::list_post_likes,
|
|
lock::lock_post,
|
|
mark_read::mark_post_as_read,
|
|
save::save_post,
|
|
},
|
|
post_report::{
|
|
create::create_post_report,
|
|
list::list_post_reports,
|
|
resolve::resolve_post_report,
|
|
},
|
|
private_message::mark_read::mark_pm_as_read,
|
|
private_message_report::{
|
|
create::create_pm_report,
|
|
list::list_pm_reports,
|
|
resolve::resolve_pm_report,
|
|
},
|
|
site::{
|
|
block::block_instance,
|
|
federated_instances::get_federated_instances,
|
|
leave_admin::leave_admin,
|
|
list_all_media::list_all_media,
|
|
mod_log::get_mod_log,
|
|
purge::{
|
|
comment::purge_comment,
|
|
community::purge_community,
|
|
person::purge_person,
|
|
post::purge_post,
|
|
},
|
|
registration_applications::{
|
|
approve::approve_registration_application,
|
|
get::get_registration_application,
|
|
list::list_registration_applications,
|
|
unread_count::get_unread_registration_application_count,
|
|
},
|
|
},
|
|
sitemap::get_sitemap,
|
|
};
|
|
use lemmy_api_crud::{
|
|
comment::{
|
|
create::create_comment,
|
|
delete::delete_comment,
|
|
read::get_comment,
|
|
remove::remove_comment,
|
|
update::update_comment,
|
|
},
|
|
community::{
|
|
create::create_community,
|
|
delete::delete_community,
|
|
list::list_communities,
|
|
remove::remove_community,
|
|
update::update_community,
|
|
},
|
|
custom_emoji::{
|
|
create::create_custom_emoji,
|
|
delete::delete_custom_emoji,
|
|
list::list_custom_emojis,
|
|
update::update_custom_emoji,
|
|
},
|
|
oauth_provider::{
|
|
create::create_oauth_provider,
|
|
delete::delete_oauth_provider,
|
|
update::update_oauth_provider,
|
|
},
|
|
post::{
|
|
create::create_post,
|
|
delete::delete_post,
|
|
read::get_post,
|
|
remove::remove_post,
|
|
update::update_post,
|
|
},
|
|
private_message::{
|
|
create::create_private_message,
|
|
delete::delete_private_message,
|
|
read::get_private_message,
|
|
update::update_private_message,
|
|
},
|
|
site::{create::create_site, read::get_site, update::update_site},
|
|
tagline::{
|
|
create::create_tagline,
|
|
delete::delete_tagline,
|
|
list::list_taglines,
|
|
update::update_tagline,
|
|
},
|
|
user::{
|
|
create::{authenticate_with_oauth, register},
|
|
delete::delete_account,
|
|
},
|
|
};
|
|
use lemmy_apub::api::{
|
|
list_comments::list_comments,
|
|
list_posts::list_posts,
|
|
read_community::get_community,
|
|
read_person::read_person,
|
|
resolve_object::resolve_object,
|
|
search::search,
|
|
user_settings_backup::{export_settings, import_settings},
|
|
};
|
|
use lemmy_routes::images::image_proxy;
|
|
use lemmy_utils::rate_limit::RateLimitCell;
|
|
|
|
pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimitCell) {
|
|
cfg.service(
|
|
web::scope("/api/v3")
|
|
.route("/image_proxy", web::get().to(image_proxy))
|
|
// Site
|
|
.service(
|
|
web::scope("/site")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::get().to(get_site))
|
|
// Admin Actions
|
|
.route("", web::post().to(create_site))
|
|
.route("", web::put().to(update_site))
|
|
.route("/block", web::post().to(block_instance)),
|
|
)
|
|
.service(
|
|
web::resource("/modlog")
|
|
.wrap(rate_limit.message())
|
|
.route(web::get().to(get_mod_log)),
|
|
)
|
|
.service(
|
|
web::resource("/search")
|
|
.wrap(rate_limit.search())
|
|
.route(web::get().to(search)),
|
|
)
|
|
.service(
|
|
web::resource("/resolve_object")
|
|
.wrap(rate_limit.message())
|
|
.route(web::get().to(resolve_object)),
|
|
)
|
|
// Community
|
|
.service(
|
|
web::resource("/community")
|
|
.guard(guard::Post())
|
|
.wrap(rate_limit.register())
|
|
.route(web::post().to(create_community)),
|
|
)
|
|
.service(
|
|
web::scope("/community")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::get().to(get_community))
|
|
.route("", web::put().to(update_community))
|
|
.route("/random", web::get().to(get_random_community))
|
|
.route("/hide", web::put().to(hide_community))
|
|
.route("/list", web::get().to(list_communities))
|
|
.route("/follow", web::post().to(follow_community))
|
|
.route("/block", web::post().to(block_community))
|
|
.route("/delete", web::post().to(delete_community))
|
|
// Mod Actions
|
|
.route("/remove", web::post().to(remove_community))
|
|
.route("/transfer", web::post().to(transfer_community))
|
|
.route("/ban_user", web::post().to(ban_from_community))
|
|
.route("/mod", web::post().to(add_mod_to_community))
|
|
.service(
|
|
web::scope("/pending_follows")
|
|
.wrap(rate_limit.message())
|
|
.route("/count", web::get().to(get_pending_follows_count))
|
|
.route("/list", web::get().to(get_pending_follows_list))
|
|
.route("/approve", web::post().to(post_pending_follows_approve)),
|
|
),
|
|
)
|
|
.service(
|
|
web::scope("/federated_instances")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::get().to(get_federated_instances)),
|
|
)
|
|
// Post
|
|
.service(
|
|
// Handle POST to /post separately to add the post() rate limitter
|
|
web::resource("/post")
|
|
.guard(guard::Post())
|
|
.wrap(rate_limit.post())
|
|
.route(web::post().to(create_post)),
|
|
)
|
|
.service(
|
|
web::scope("/post")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::get().to(get_post))
|
|
.route("", web::put().to(update_post))
|
|
.route("/delete", web::post().to(delete_post))
|
|
.route("/remove", web::post().to(remove_post))
|
|
.route("/mark_as_read", web::post().to(mark_post_as_read))
|
|
.route("/hide", web::post().to(hide_post))
|
|
.route("/lock", web::post().to(lock_post))
|
|
.route("/feature", web::post().to(feature_post))
|
|
.route("/list", web::get().to(list_posts))
|
|
.route("/like", web::post().to(like_post))
|
|
.route("/like/list", web::get().to(list_post_likes))
|
|
.route("/save", web::put().to(save_post))
|
|
.route("/report", web::post().to(create_post_report))
|
|
.route("/report/resolve", web::put().to(resolve_post_report))
|
|
.route("/report/list", web::get().to(list_post_reports))
|
|
.route("/site_metadata", web::get().to(get_link_metadata)),
|
|
)
|
|
// Comment
|
|
.service(
|
|
// Handle POST to /comment separately to add the comment() rate limitter
|
|
web::resource("/comment")
|
|
.guard(guard::Post())
|
|
.wrap(rate_limit.comment())
|
|
.route(web::post().to(create_comment)),
|
|
)
|
|
.service(
|
|
web::scope("/comment")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::get().to(get_comment))
|
|
.route("", web::put().to(update_comment))
|
|
.route("/delete", web::post().to(delete_comment))
|
|
.route("/remove", web::post().to(remove_comment))
|
|
.route("/mark_as_read", web::post().to(mark_reply_as_read))
|
|
.route("/distinguish", web::post().to(distinguish_comment))
|
|
.route("/like", web::post().to(like_comment))
|
|
.route("/like/list", web::get().to(list_comment_likes))
|
|
.route("/save", web::put().to(save_comment))
|
|
.route("/list", web::get().to(list_comments))
|
|
.route("/report", web::post().to(create_comment_report))
|
|
.route("/report/resolve", web::put().to(resolve_comment_report))
|
|
.route("/report/list", web::get().to(list_comment_reports)),
|
|
)
|
|
// Private Message
|
|
.service(
|
|
web::scope("/private_message")
|
|
.wrap(rate_limit.message())
|
|
.route("/list", web::get().to(get_private_message))
|
|
.route("", web::post().to(create_private_message))
|
|
.route("", web::put().to(update_private_message))
|
|
.route("/delete", web::post().to(delete_private_message))
|
|
.route("/mark_as_read", web::post().to(mark_pm_as_read))
|
|
.route("/report", web::post().to(create_pm_report))
|
|
.route("/report/resolve", web::put().to(resolve_pm_report))
|
|
.route("/report/list", web::get().to(list_pm_reports)),
|
|
)
|
|
// User
|
|
.service(
|
|
// Account action, I don't like that it's in /user maybe /accounts
|
|
// Handle /user/register separately to add the register() rate limiter
|
|
web::resource("/user/register")
|
|
.guard(guard::Post())
|
|
.wrap(rate_limit.register())
|
|
.route(web::post().to(register)),
|
|
)
|
|
// User
|
|
.service(
|
|
// Handle /user/login separately to add the register() rate limiter
|
|
// TODO: pretty annoying way to apply rate limits for register and login, we should
|
|
// group them under a common path so that rate limit is only applied once (eg under
|
|
// /account).
|
|
web::resource("/user/login")
|
|
.guard(guard::Post())
|
|
.wrap(rate_limit.register())
|
|
.route(web::post().to(login)),
|
|
)
|
|
.service(
|
|
web::resource("/user/password_reset")
|
|
.wrap(rate_limit.register())
|
|
.route(web::post().to(reset_password)),
|
|
)
|
|
.service(
|
|
// Handle captcha separately
|
|
web::resource("/user/get_captcha")
|
|
.wrap(rate_limit.post())
|
|
.route(web::get().to(get_captcha)),
|
|
)
|
|
.service(
|
|
web::resource("/user/export_settings")
|
|
.wrap(rate_limit.import_user_settings())
|
|
.route(web::get().to(export_settings)),
|
|
)
|
|
.service(
|
|
web::resource("/user/import_settings")
|
|
.wrap(rate_limit.import_user_settings())
|
|
.route(web::post().to(import_settings)),
|
|
)
|
|
// TODO, all the current account related actions under /user need to get moved here eventually
|
|
.service(
|
|
web::scope("/account")
|
|
.wrap(rate_limit.message())
|
|
.route("/list_media", web::get().to(list_media)),
|
|
)
|
|
// User actions
|
|
.service(
|
|
web::scope("/user")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::get().to(read_person))
|
|
.route("/mention", web::get().to(list_mentions))
|
|
.route(
|
|
"/mention/mark_as_read",
|
|
web::post().to(mark_person_mention_as_read),
|
|
)
|
|
.route("/replies", web::get().to(list_replies))
|
|
// Admin action. I don't like that it's in /user
|
|
.route("/ban", web::post().to(ban_from_site))
|
|
.route("/banned", web::get().to(list_banned_users))
|
|
.route("/block", web::post().to(block_person))
|
|
// TODO Account actions. I don't like that they're in /user maybe /accounts
|
|
.route("/logout", web::post().to(logout))
|
|
.route("/delete_account", web::post().to(delete_account))
|
|
.route(
|
|
"/password_change",
|
|
web::post().to(change_password_after_reset),
|
|
)
|
|
// TODO mark_all_as_read feels off being in this section as well
|
|
.route(
|
|
"/mark_all_as_read",
|
|
web::post().to(mark_all_notifications_read),
|
|
)
|
|
.route("/save_user_settings", web::put().to(save_user_settings))
|
|
.route("/change_password", web::put().to(change_password))
|
|
.route("/report_count", web::get().to(report_count))
|
|
.route("/unread_count", web::get().to(unread_count))
|
|
.route("/verify_email", web::post().to(verify_email))
|
|
.route("/leave_admin", web::post().to(leave_admin))
|
|
.route("/totp/generate", web::post().to(generate_totp_secret))
|
|
.route("/totp/update", web::post().to(update_totp))
|
|
.route("/list_logins", web::get().to(list_logins))
|
|
.route("/validate_auth", web::get().to(validate_auth)),
|
|
)
|
|
// Admin Actions
|
|
.service(
|
|
web::scope("/admin")
|
|
.wrap(rate_limit.message())
|
|
.route("/add", web::post().to(add_admin))
|
|
.route(
|
|
"/registration_application/count",
|
|
web::get().to(get_unread_registration_application_count),
|
|
)
|
|
.route(
|
|
"/registration_application/list",
|
|
web::get().to(list_registration_applications),
|
|
)
|
|
.route(
|
|
"/registration_application/approve",
|
|
web::put().to(approve_registration_application),
|
|
)
|
|
.route(
|
|
"/registration_application",
|
|
web::get().to(get_registration_application),
|
|
)
|
|
.route("/list_all_media", web::get().to(list_all_media))
|
|
.service(
|
|
web::scope("/purge")
|
|
.route("/person", web::post().to(purge_person))
|
|
.route("/community", web::post().to(purge_community))
|
|
.route("/post", web::post().to(purge_post))
|
|
.route("/comment", web::post().to(purge_comment)),
|
|
)
|
|
.service(
|
|
web::scope("/tagline")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::post().to(create_tagline))
|
|
.route("", web::put().to(update_tagline))
|
|
.route("/delete", web::post().to(delete_tagline))
|
|
.route("/list", web::get().to(list_taglines)),
|
|
),
|
|
)
|
|
.service(
|
|
web::scope("/custom_emoji")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::post().to(create_custom_emoji))
|
|
.route("", web::put().to(update_custom_emoji))
|
|
.route("/delete", web::post().to(delete_custom_emoji))
|
|
.route("/list", web::get().to(list_custom_emojis)),
|
|
)
|
|
.service(
|
|
web::scope("/oauth_provider")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::post().to(create_oauth_provider))
|
|
.route("", web::put().to(update_oauth_provider))
|
|
.route("/delete", web::post().to(delete_oauth_provider)),
|
|
)
|
|
.service(
|
|
web::scope("/oauth")
|
|
.wrap(rate_limit.register())
|
|
.route("/authenticate", web::post().to(authenticate_with_oauth)),
|
|
),
|
|
);
|
|
cfg.service(
|
|
web::scope("/sitemap.xml")
|
|
.wrap(rate_limit.message())
|
|
.route("", web::get().to(get_sitemap)),
|
|
);
|
|
}
|