2 api::{get_user_from_jwt, get_user_from_jwt_opt, is_admin, Perform},
3 apub::fetcher::search_by_apub_id,
7 use actix_web::web::Data;
13 websocket::{GetUsersOnline, SendAllMessage, UserOperation},
19 diesel_option_overwrite,
34 utils::{check_slurs, check_slurs_opt},
39 use log::{debug, info};
40 use std::str::FromStr;
42 #[async_trait::async_trait(?Send)]
43 impl Perform for ListCategories {
44 type Response = ListCategoriesResponse;
48 context: &Data<LemmyContext>,
49 _websocket_id: Option<ConnectionId>,
50 ) -> Result<ListCategoriesResponse, LemmyError> {
51 let _data: &ListCategories = &self;
53 let categories = blocking(context.pool(), move |conn| Category::list_all(conn)).await??;
56 Ok(ListCategoriesResponse { categories })
60 #[async_trait::async_trait(?Send)]
61 impl Perform for GetModlog {
62 type Response = GetModlogResponse;
66 context: &Data<LemmyContext>,
67 _websocket_id: Option<ConnectionId>,
68 ) -> Result<GetModlogResponse, LemmyError> {
69 let data: &GetModlog = &self;
71 let community_id = data.community_id;
72 let mod_user_id = data.mod_user_id;
74 let limit = data.limit;
75 let removed_posts = blocking(context.pool(), move |conn| {
76 ModRemovePostView::list(conn, community_id, mod_user_id, page, limit)
80 let locked_posts = blocking(context.pool(), move |conn| {
81 ModLockPostView::list(conn, community_id, mod_user_id, page, limit)
85 let stickied_posts = blocking(context.pool(), move |conn| {
86 ModStickyPostView::list(conn, community_id, mod_user_id, page, limit)
90 let removed_comments = blocking(context.pool(), move |conn| {
91 ModRemoveCommentView::list(conn, community_id, mod_user_id, page, limit)
95 let banned_from_community = blocking(context.pool(), move |conn| {
96 ModBanFromCommunityView::list(conn, community_id, mod_user_id, page, limit)
100 let added_to_community = blocking(context.pool(), move |conn| {
101 ModAddCommunityView::list(conn, community_id, mod_user_id, page, limit)
105 // These arrays are only for the full modlog, when a community isn't given
106 let (removed_communities, banned, added) = if data.community_id.is_none() {
107 blocking(context.pool(), move |conn| {
109 ModRemoveCommunityView::list(conn, mod_user_id, page, limit)?,
110 ModBanView::list(conn, mod_user_id, page, limit)?,
111 ModAddView::list(conn, mod_user_id, page, limit)?,
112 )) as Result<_, LemmyError>
116 (Vec::new(), Vec::new(), Vec::new())
120 Ok(GetModlogResponse {
126 banned_from_community,
134 #[async_trait::async_trait(?Send)]
135 impl Perform for CreateSite {
136 type Response = SiteResponse;
140 context: &Data<LemmyContext>,
141 _websocket_id: Option<ConnectionId>,
142 ) -> Result<SiteResponse, LemmyError> {
143 let data: &CreateSite = &self;
145 let user = get_user_from_jwt(&data.auth, context.pool()).await?;
147 check_slurs(&data.name)?;
148 check_slurs_opt(&data.description)?;
150 // Make sure user is an admin
151 is_admin(context.pool(), user.id).await?;
153 let site_form = SiteForm {
154 name: data.name.to_owned(),
155 description: data.description.to_owned(),
156 icon: Some(data.icon.to_owned()),
157 banner: Some(data.banner.to_owned()),
159 enable_downvotes: data.enable_downvotes,
160 open_registration: data.open_registration,
161 enable_nsfw: data.enable_nsfw,
165 let create_site = move |conn: &'_ _| Site::create(conn, &site_form);
166 if blocking(context.pool(), create_site).await?.is_err() {
167 return Err(APIError::err("site_already_exists").into());
170 let site_view = blocking(context.pool(), move |conn| SiteView::read(conn)).await??;
172 Ok(SiteResponse { site: site_view })
176 #[async_trait::async_trait(?Send)]
177 impl Perform for EditSite {
178 type Response = SiteResponse;
181 context: &Data<LemmyContext>,
182 websocket_id: Option<ConnectionId>,
183 ) -> Result<SiteResponse, LemmyError> {
184 let data: &EditSite = &self;
185 let user = get_user_from_jwt(&data.auth, context.pool()).await?;
187 check_slurs(&data.name)?;
188 check_slurs_opt(&data.description)?;
190 // Make sure user is an admin
191 is_admin(context.pool(), user.id).await?;
193 let found_site = blocking(context.pool(), move |conn| Site::read(conn, 1)).await??;
195 let icon = diesel_option_overwrite(&data.icon);
196 let banner = diesel_option_overwrite(&data.banner);
198 let site_form = SiteForm {
199 name: data.name.to_owned(),
200 description: data.description.to_owned(),
203 creator_id: found_site.creator_id,
204 updated: Some(naive_now()),
205 enable_downvotes: data.enable_downvotes,
206 open_registration: data.open_registration,
207 enable_nsfw: data.enable_nsfw,
210 let update_site = move |conn: &'_ _| Site::update(conn, 1, &site_form);
211 if blocking(context.pool(), update_site).await?.is_err() {
212 return Err(APIError::err("couldnt_update_site").into());
215 let site_view = blocking(context.pool(), move |conn| SiteView::read(conn)).await??;
217 let res = SiteResponse { site: site_view };
219 context.chat_server().do_send(SendAllMessage {
220 op: UserOperation::EditSite,
221 response: res.clone(),
229 #[async_trait::async_trait(?Send)]
230 impl Perform for GetSite {
231 type Response = GetSiteResponse;
235 context: &Data<LemmyContext>,
236 websocket_id: Option<ConnectionId>,
237 ) -> Result<GetSiteResponse, LemmyError> {
238 let data: &GetSite = &self;
240 // TODO refactor this a little
241 let res = blocking(context.pool(), move |conn| Site::read(conn, 1)).await?;
242 let site_view = if res.is_ok() {
243 Some(blocking(context.pool(), move |conn| SiteView::read(conn)).await??)
244 } else if let Some(setup) = Settings::get().setup.as_ref() {
245 let register = Register {
246 username: setup.admin_username.to_owned(),
247 email: setup.admin_email.to_owned(),
248 password: setup.admin_password.to_owned(),
249 password_verify: setup.admin_password.to_owned(),
253 captcha_answer: None,
255 let login_response = register.perform(context, websocket_id).await?;
256 info!("Admin {} created", setup.admin_username);
258 let create_site = CreateSite {
259 name: setup.site_name.to_owned(),
263 enable_downvotes: true,
264 open_registration: true,
266 auth: login_response.jwt,
268 create_site.perform(context, websocket_id).await?;
269 info!("Site {} created", setup.site_name);
270 Some(blocking(context.pool(), move |conn| SiteView::read(conn)).await??)
275 let mut admins = blocking(context.pool(), move |conn| UserView::admins(conn)).await??;
277 // Make sure the site creator is the top admin
278 if let Some(site_view) = site_view.to_owned() {
279 let site_creator_id = site_view.creator_id;
280 // TODO investigate why this is sometimes coming back null
281 // Maybe user_.admin isn't being set to true?
282 if let Some(creator_index) = admins.iter().position(|r| r.id == site_creator_id) {
283 let creator_user = admins.remove(creator_index);
284 admins.insert(0, creator_user);
288 let banned = blocking(context.pool(), move |conn| UserView::banned(conn)).await??;
292 .send(GetUsersOnline)
296 let my_user = get_user_from_jwt_opt(&data.auth, context.pool())
299 u.password_encrypted = "".to_string();
300 u.private_key = None;
310 version: version::VERSION.to_string(),
312 federated_instances: Settings::get().get_allowed_instances(),
317 #[async_trait::async_trait(?Send)]
318 impl Perform for Search {
319 type Response = SearchResponse;
323 context: &Data<LemmyContext>,
324 _websocket_id: Option<ConnectionId>,
325 ) -> Result<SearchResponse, LemmyError> {
326 let data: &Search = &self;
330 match search_by_apub_id(&data.q, context).await {
331 Ok(r) => return Ok(r),
332 Err(e) => debug!("Failed to resolve search query as activitypub ID: {}", e),
335 let user = get_user_from_jwt_opt(&data.auth, context.pool()).await?;
336 let user_id = user.map(|u| u.id);
338 let type_ = SearchType::from_str(&data.type_)?;
340 let mut posts = Vec::new();
341 let mut comments = Vec::new();
342 let mut communities = Vec::new();
343 let mut users = Vec::new();
345 // TODO no clean / non-nsfw searching rn
347 let q = data.q.to_owned();
348 let page = data.page;
349 let limit = data.limit;
350 let sort = SortType::from_str(&data.sort)?;
351 let community_id = data.community_id;
353 SearchType::Posts => {
354 posts = blocking(context.pool(), move |conn| {
355 PostQueryBuilder::create(conn)
358 .for_community_id(community_id)
367 SearchType::Comments => {
368 comments = blocking(context.pool(), move |conn| {
369 CommentQueryBuilder::create(&conn)
379 SearchType::Communities => {
380 communities = blocking(context.pool(), move |conn| {
381 CommunityQueryBuilder::create(conn)
390 SearchType::Users => {
391 users = blocking(context.pool(), move |conn| {
392 UserQueryBuilder::create(conn)
402 posts = blocking(context.pool(), move |conn| {
403 PostQueryBuilder::create(conn)
406 .for_community_id(community_id)
415 let q = data.q.to_owned();
416 let sort = SortType::from_str(&data.sort)?;
418 comments = blocking(context.pool(), move |conn| {
419 CommentQueryBuilder::create(conn)
429 let q = data.q.to_owned();
430 let sort = SortType::from_str(&data.sort)?;
432 communities = blocking(context.pool(), move |conn| {
433 CommunityQueryBuilder::create(conn)
442 let q = data.q.to_owned();
443 let sort = SortType::from_str(&data.sort)?;
445 users = blocking(context.pool(), move |conn| {
446 UserQueryBuilder::create(conn)
456 posts = blocking(context.pool(), move |conn| {
457 PostQueryBuilder::create(conn)
460 .for_community_id(community_id)
472 type_: data.type_.to_owned(),
481 #[async_trait::async_trait(?Send)]
482 impl Perform for TransferSite {
483 type Response = GetSiteResponse;
487 context: &Data<LemmyContext>,
488 _websocket_id: Option<ConnectionId>,
489 ) -> Result<GetSiteResponse, LemmyError> {
490 let data: &TransferSite = &self;
491 let mut user = get_user_from_jwt(&data.auth, context.pool()).await?;
493 // TODO add a User_::read_safe() for this.
494 user.password_encrypted = "".to_string();
495 user.private_key = None;
496 user.public_key = None;
498 let read_site = blocking(context.pool(), move |conn| Site::read(conn, 1)).await??;
500 // Make sure user is the creator
501 if read_site.creator_id != user.id {
502 return Err(APIError::err("not_an_admin").into());
505 let new_creator_id = data.user_id;
506 let transfer_site = move |conn: &'_ _| Site::transfer(conn, new_creator_id);
507 if blocking(context.pool(), transfer_site).await?.is_err() {
508 return Err(APIError::err("couldnt_update_site").into());
512 let form = ModAddForm {
513 mod_user_id: user.id,
514 other_user_id: data.user_id,
515 removed: Some(false),
518 blocking(context.pool(), move |conn| ModAdd::create(conn, &form)).await??;
520 let site_view = blocking(context.pool(), move |conn| SiteView::read(conn)).await??;
522 let mut admins = blocking(context.pool(), move |conn| UserView::admins(conn)).await??;
523 let creator_index = admins
525 .position(|r| r.id == site_view.creator_id)
526 .context(location_info!())?;
527 let creator_user = admins.remove(creator_index);
528 admins.insert(0, creator_user);
530 let banned = blocking(context.pool(), move |conn| UserView::banned(conn)).await??;
533 site: Some(site_view),
537 version: version::VERSION.to_string(),
539 federated_instances: Settings::get().get_allowed_instances(),
544 #[async_trait::async_trait(?Send)]
545 impl Perform for GetSiteConfig {
546 type Response = GetSiteConfigResponse;
550 context: &Data<LemmyContext>,
551 _websocket_id: Option<ConnectionId>,
552 ) -> Result<GetSiteConfigResponse, LemmyError> {
553 let data: &GetSiteConfig = &self;
554 let user = get_user_from_jwt(&data.auth, context.pool()).await?;
556 // Only let admins read this
557 is_admin(context.pool(), user.id).await?;
559 let config_hjson = Settings::read_config_file()?;
561 Ok(GetSiteConfigResponse { config_hjson })
565 #[async_trait::async_trait(?Send)]
566 impl Perform for SaveSiteConfig {
567 type Response = GetSiteConfigResponse;
571 context: &Data<LemmyContext>,
572 _websocket_id: Option<ConnectionId>,
573 ) -> Result<GetSiteConfigResponse, LemmyError> {
574 let data: &SaveSiteConfig = &self;
575 let user = get_user_from_jwt(&data.auth, context.pool()).await?;
577 // Only let admins read this
578 let admins = blocking(context.pool(), move |conn| UserView::admins(conn)).await??;
579 let admin_ids: Vec<i32> = admins.into_iter().map(|m| m.id).collect();
581 if !admin_ids.contains(&user.id) {
582 return Err(APIError::err("not_an_admin").into());
585 // Make sure docker doesn't have :ro at the end of the volume, so its not a read-only filesystem
586 let config_hjson = match Settings::save_config_file(&data.config_hjson) {
587 Ok(config_hjson) => config_hjson,
588 Err(_e) => return Err(APIError::err("couldnt_update_site").into()),
591 Ok(GetSiteConfigResponse { config_hjson })