Sanitize html (#3708)

[lemmy.git] / crates / api / src / site / purge / community.rs

diff --git a/crates/api/src/site/purge/community.rs b/crates/api/src/site/purge/community.rs
index 5f1e38881784b40dc884162d12638f1c2a543cde..bd8d9d386829467f0fabae6f57788cd4f044e217 100644 (file)
--- a/crates/api/src/site/purge/community.rs
+++ b/crates/api/src/site/purge/community.rs
@@ -1,9 +1,10 @@
 use crate::Perform;
 use actix_web::web::Data;
 use lemmy_api_common::{
+  context::LemmyContext,
   request::purge_image_from_pictrs,
   site::{PurgeCommunity, PurgeItemResponse},
-  utils::{blocking, get_local_user_view_from_jwt, is_admin, purge_image_posts_for_community},
+  utils::{is_admin, local_user_view_from_jwt, purge_image_posts_for_community, sanitize_html_opt},
 };
 use lemmy_db_schema::{
   source::{
@@ -12,33 +13,24 @@ use lemmy_db_schema::{
   },
   traits::Crud,
 };
-use lemmy_utils::{error::LemmyError, ConnectionId};
-use lemmy_websocket::LemmyContext;
+use lemmy_utils::error::LemmyError;
 
 #[async_trait::async_trait(?Send)]
 impl Perform for PurgeCommunity {
   type Response = PurgeItemResponse;
 
-  #[tracing::instrument(skip(context, _websocket_id))]
-  async fn perform(
-    &self,
-    context: &Data<LemmyContext>,
-    _websocket_id: Option<ConnectionId>,
-  ) -> Result<Self::Response, LemmyError> {
+  #[tracing::instrument(skip(context))]
+  async fn perform(&self, context: &Data<LemmyContext>) -> Result<Self::Response, LemmyError> {
     let data: &Self = self;
-    let local_user_view =
-      get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
+    let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
 
-    // Only let admins purge an item
+    // Only let admin purge an item
     is_admin(&local_user_view)?;
 
     let community_id = data.community_id;
 
     // Read the community to get its images
-    let community = blocking(context.pool(), move |conn| {
-      Community::read(conn, community_id)
-    })
-    .await??;
+    let community = Community::read(&mut context.pool(), community_id).await?;
 
     if let Some(banner) = community.banner {
       purge_image_from_pictrs(context.client(), context.settings(), &banner)
@@ -54,28 +46,22 @@ impl Perform for PurgeCommunity {
 
     purge_image_posts_for_community(
       community_id,
-      context.pool(),
+      &mut context.pool(),
       context.settings(),
       context.client(),
     )
     .await?;
 
-    blocking(context.pool(), move |conn| {
-      Community::delete(conn, community_id)
-    })
-    .await??;
+    Community::delete(&mut context.pool(), community_id).await?;
 
     // Mod tables
-    let reason = data.reason.to_owned();
+    let reason = sanitize_html_opt(&data.reason);
     let form = AdminPurgeCommunityForm {
       admin_person_id: local_user_view.person.id,
       reason,
     };
 
-    blocking(context.pool(), move |conn| {
-      AdminPurgeCommunity::create(conn, &form)
-    })
-    .await??;
+    AdminPurgeCommunity::create(&mut context.pool(), &form).await?;
 
     Ok(PurgeItemResponse { success: true })
   }