Sanitize html (#3708)

[lemmy.git] / crates / api / src / community / hide.rs

diff --git a/crates/api/src/community/hide.rs b/crates/api/src/community/hide.rs
index 111a89d010da94591486c59e71e64a7248bd8bcc..4c05a71cfdc9dc73245d9f96fa2566c3b4741d3d 100644 (file)
--- a/crates/api/src/community/hide.rs
+++ b/crates/api/src/community/hide.rs
@@ -1,10 +1,11 @@
 use crate::Perform;
 use actix_web::web::Data;
 use lemmy_api_common::{
+  build_response::build_community_response,
   community::{CommunityResponse, HideCommunity},
-  utils::{get_local_user_view_from_jwt, is_admin},
+  context::LemmyContext,
+  utils::{is_admin, local_user_view_from_jwt, sanitize_html_opt},
 };
-use lemmy_apub::protocol::activities::community::update::UpdateCommunity;
 use lemmy_db_schema::{
   source::{
     community::{Community, CommunityUpdateForm},
@@ -12,24 +13,18 @@ use lemmy_db_schema::{
   },
   traits::Crud,
 };
-use lemmy_utils::{error::LemmyError, ConnectionId};
-use lemmy_websocket::{send::send_community_ws_message, LemmyContext, UserOperationCrud};
+use lemmy_utils::error::{LemmyError, LemmyErrorExt, LemmyErrorType};
 
 #[async_trait::async_trait(?Send)]
 impl Perform for HideCommunity {
   type Response = CommunityResponse;
 
-  #[tracing::instrument(skip(context, websocket_id))]
-  async fn perform(
-    &self,
-    context: &Data<LemmyContext>,
-    websocket_id: Option<ConnectionId>,
-  ) -> Result<CommunityResponse, LemmyError> {
+  #[tracing::instrument(skip(context))]
+  async fn perform(&self, context: &Data<LemmyContext>) -> Result<CommunityResponse, LemmyError> {
     let data: &HideCommunity = self;
 
     // Verify its a admin (only admin can hide or unhide it)
-    let local_user_view =
-      get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
+    let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
     is_admin(&local_user_view)?;
 
     let community_form = CommunityUpdateForm::builder()
@@ -39,25 +34,17 @@ impl Perform for HideCommunity {
     let mod_hide_community_form = ModHideCommunityForm {
       community_id: data.community_id,
       mod_person_id: local_user_view.person.id,
-      reason: data.reason.clone(),
+      reason: sanitize_html_opt(&data.reason),
       hidden: Some(data.hidden),
     };
 
     let community_id = data.community_id;
-    let updated_community = Community::update(context.pool(), community_id, &community_form)
+    Community::update(&mut context.pool(), community_id, &community_form)
       .await
-      .map_err(|e| LemmyError::from_error_message(e, "couldnt_update_community_hidden_status"))?;
+      .with_lemmy_type(LemmyErrorType::CouldntUpdateCommunityHiddenStatus)?;
 
-    ModHideCommunity::create(context.pool(), &mod_hide_community_form).await?;
+    ModHideCommunity::create(&mut context.pool(), &mod_hide_community_form).await?;
 
-    UpdateCommunity::send(
-      updated_community.into(),
-      &local_user_view.person.into(),
-      context,
-    )
-    .await?;
-
-    let op = UserOperationCrud::EditCommunity;
-    send_community_ws_message(data.community_id, op, websocket_id, None, context).await
+    build_community_response(context, local_user_view, community_id).await
   }
 }