8 use crate::site::FederatedInstances;
10 newtypes::{CommunityId, LocalUserId, PersonId, PostId},
13 person_block::PersonBlock,
14 post::{Post, PostRead, PostReadForm},
18 traits::{Crud, Readable},
21 use lemmy_db_views::local_user_view::{LocalUserSettingsView, LocalUserView};
22 use lemmy_db_views_actor::{
23 community_person_ban_view::CommunityPersonBanView,
24 community_view::CommunityView,
26 use lemmy_utils::{claims::Claims, settings::structs::FederationConfig, ApiError, LemmyError};
29 pub async fn blocking<F, T>(pool: &DbPool, f: F) -> Result<T, LemmyError>
31 F: FnOnce(&diesel::PgConnection) -> T + Send + 'static,
34 let pool = pool.clone();
35 let res = actix_web::web::block(move || {
36 let conn = pool.get()?;
38 Ok(res) as Result<T, LemmyError>
45 pub async fn is_mod_or_admin(
48 community_id: CommunityId,
49 ) -> Result<(), LemmyError> {
50 let is_mod_or_admin = blocking(pool, move |conn| {
51 CommunityView::is_mod_or_admin(conn, person_id, community_id)
55 return Err(ApiError::err_plain("not_a_mod_or_admin").into());
60 pub fn is_admin(local_user_view: &LocalUserView) -> Result<(), LemmyError> {
61 if !local_user_view.person.admin {
62 return Err(ApiError::err_plain("not_an_admin").into());
67 pub async fn get_post(post_id: PostId, pool: &DbPool) -> Result<Post, LemmyError> {
68 blocking(pool, move |conn| Post::read(conn, post_id))
70 .map_err(|_| ApiError::err_plain("couldnt_find_post").into())
73 pub async fn mark_post_as_read(
77 ) -> Result<PostRead, LemmyError> {
78 let post_read_form = PostReadForm { post_id, person_id };
80 blocking(pool, move |conn| {
81 PostRead::mark_as_read(conn, &post_read_form)
84 .map_err(|_| ApiError::err_plain("couldnt_mark_post_as_read").into())
87 pub async fn get_local_user_view_from_jwt(
91 ) -> Result<LocalUserView, LemmyError> {
92 let claims = Claims::decode(jwt, &secret.jwt_secret)
93 .map_err(|e| ApiError::err("not_logged_in", e))?
95 let local_user_id = LocalUserId(claims.sub);
97 blocking(pool, move |conn| LocalUserView::read(conn, local_user_id)).await??;
98 // Check for a site ban
99 if local_user_view.person.banned {
100 return Err(ApiError::err_plain("site_ban").into());
103 // Check for user deletion
104 if local_user_view.person.deleted {
105 return Err(ApiError::err_plain("deleted").into());
108 check_validator_time(&local_user_view.local_user.validator_time, &claims)?;
113 /// Checks if user's token was issued before user's password reset.
114 pub fn check_validator_time(
115 validator_time: &chrono::NaiveDateTime,
117 ) -> Result<(), LemmyError> {
118 let user_validation_time = validator_time.timestamp();
119 if user_validation_time > claims.iat {
120 Err(ApiError::err_plain("not_logged_in").into())
126 pub async fn get_local_user_view_from_jwt_opt(
127 jwt: &Option<String>,
130 ) -> Result<Option<LocalUserView>, LemmyError> {
132 Some(jwt) => Ok(Some(get_local_user_view_from_jwt(jwt, pool, secret).await?)),
137 pub async fn get_local_user_settings_view_from_jwt(
141 ) -> Result<LocalUserSettingsView, LemmyError> {
142 let claims = Claims::decode(jwt, &secret.jwt_secret)
143 .map_err(|e| ApiError::err("not_logged_in", e))?
145 let local_user_id = LocalUserId(claims.sub);
146 let local_user_view = blocking(pool, move |conn| {
147 LocalUserSettingsView::read(conn, local_user_id)
150 // Check for a site ban
151 if local_user_view.person.banned {
152 return Err(ApiError::err_plain("site_ban").into());
155 check_validator_time(&local_user_view.local_user.validator_time, &claims)?;
160 pub async fn get_local_user_settings_view_from_jwt_opt(
161 jwt: &Option<String>,
164 ) -> Result<Option<LocalUserSettingsView>, LemmyError> {
166 Some(jwt) => Ok(Some(
167 get_local_user_settings_view_from_jwt(jwt, pool, secret).await?,
173 pub async fn check_community_ban(
175 community_id: CommunityId,
177 ) -> Result<(), LemmyError> {
179 move |conn: &'_ _| CommunityPersonBanView::get(conn, person_id, community_id).is_ok();
180 if blocking(pool, is_banned).await? {
181 Err(ApiError::err_plain("community_ban").into())
187 pub async fn check_community_deleted_or_removed(
188 community_id: CommunityId,
190 ) -> Result<(), LemmyError> {
191 let community = blocking(pool, move |conn| Community::read(conn, community_id))
193 .map_err(|e| ApiError::err("couldnt_find_community", e))?;
194 if community.deleted || community.removed {
195 Err(ApiError::err_plain("deleted").into())
201 pub fn check_post_deleted_or_removed(post: &Post) -> Result<(), LemmyError> {
202 if post.deleted || post.removed {
203 Err(ApiError::err_plain("deleted").into())
209 pub async fn check_person_block(
211 potential_blocker_id: PersonId,
213 ) -> Result<(), LemmyError> {
214 let is_blocked = move |conn: &'_ _| PersonBlock::read(conn, potential_blocker_id, my_id).is_ok();
215 if blocking(pool, is_blocked).await? {
216 Err(ApiError::err_plain("person_block").into())
222 pub async fn check_downvotes_enabled(score: i16, pool: &DbPool) -> Result<(), LemmyError> {
224 let site = blocking(pool, Site::read_simple).await??;
225 if !site.enable_downvotes {
226 return Err(ApiError::err_plain("downvotes_disabled").into());
232 pub async fn build_federated_instances(
234 federation_config: &FederationConfig,
236 ) -> Result<Option<FederatedInstances>, LemmyError> {
237 let federation = federation_config.to_owned();
238 if federation.enabled {
239 let distinct_communities = blocking(pool, move |conn| {
240 Community::distinct_federated_communities(conn)
244 let allowed = federation.allowed_instances;
245 let blocked = federation.blocked_instances;
247 let mut linked = distinct_communities
249 .map(|actor_id| Ok(Url::parse(actor_id)?.host_str().unwrap_or("").to_string()))
250 .collect::<Result<Vec<String>, LemmyError>>()?;
252 if let Some(allowed) = allowed.as_ref() {
253 linked.extend_from_slice(allowed);
256 if let Some(blocked) = blocked.as_ref() {
257 linked.retain(|a| !blocked.contains(a) && !a.eq(hostname));
260 // Sort and remove dupes
261 linked.sort_unstable();
264 Ok(Some(FederatedInstances {
274 /// Checks the password length
275 pub fn password_length_check(pass: &str) -> Result<(), LemmyError> {
276 if !(10..=60).contains(&pass.len()) {
277 Err(ApiError::err_plain("invalid_password").into())
283 /// Checks the site description length
284 pub fn site_description_length_check(description: &str) -> Result<(), LemmyError> {
285 if description.len() > 150 {
286 Err(ApiError::err_plain("site_description_length_overflow").into())
292 /// Checks for a honeypot. If this field is filled, fail the rest of the function
293 pub fn honeypot_check(honeypot: &Option<String>) -> Result<(), LemmyError> {
294 if honeypot.is_some() {
295 Err(ApiError::err_plain("honeypot_fail").into())