-use crate::{sensitive::Sensitive, site::FederatedInstances};
+use crate::{request::purge_image_from_pictrs, sensitive::Sensitive, site::FederatedInstances};
+use chrono::NaiveDateTime;
use lemmy_db_schema::{
+ impls::person::is_banned,
newtypes::{CommunityId, LocalUserId, PersonId, PostId},
source::{
- comment::Comment,
- community::Community,
+ comment::{Comment, CommentUpdateForm},
+ community::{Community, CommunityUpdateForm},
email_verification::{EmailVerification, EmailVerificationForm},
+ instance::Instance,
+ local_site::LocalSite,
+ local_site_rate_limit::LocalSiteRateLimit,
password_reset_request::PasswordResetRequest,
- person::Person,
+ person::{Person, PersonUpdateForm},
person_block::PersonBlock,
post::{Post, PostRead, PostReadForm},
registration_application::RegistrationApplication,
secret::Secret,
- site::Site,
},
traits::{Crud, Readable},
utils::DbPool,
+ ListingType,
};
use lemmy_db_views::{
- comment_view::CommentQueryBuilder,
+ comment_view::CommentQuery,
structs::{LocalUserSettingsView, LocalUserView},
};
use lemmy_db_views_actor::structs::{
use lemmy_utils::{
claims::Claims,
email::{send_email, translations::Lang},
+ error::LemmyError,
+ rate_limit::RateLimitConfig,
settings::structs::Settings,
- utils::generate_random_string,
- LemmyError,
+ utils::{build_slur_regex, generate_random_string},
};
+use regex::Regex;
+use reqwest_middleware::ClientWithMiddleware;
use rosetta_i18n::{Language, LanguageId};
+use std::str::FromStr;
use tracing::warn;
pub async fn blocking<F, T>(pool: &DbPool, f: F) -> Result<T, LemmyError>
where
- F: FnOnce(&diesel::PgConnection) -> T + Send + 'static,
+ F: FnOnce(&mut diesel::PgConnection) -> T + Send + 'static,
T: Send + 'static,
{
let pool = pool.clone();
let blocking_span = tracing::info_span!("blocking operation");
- let res = actix_web::web::block(move || {
+ actix_web::web::block(move || {
let entered = blocking_span.enter();
- let conn = pool.get()?;
- let res = (f)(&conn);
+ let mut conn = pool.get()?;
+ let res = (f)(&mut conn);
drop(entered);
Ok(res) as Result<T, LemmyError>
})
- .await?;
-
- res
+ .await?
}
#[tracing::instrument(skip_all)]
let local_user_id = LocalUserId(claims.sub);
let local_user_view =
blocking(pool, move |conn| LocalUserView::read(conn, local_user_id)).await??;
- // Check for a site ban
- if local_user_view.person.is_banned() {
- return Err(LemmyError::from_message("site_ban"));
- }
-
- // Check for user deletion
- if local_user_view.person.deleted {
- return Err(LemmyError::from_message("deleted"));
- }
+ check_user_valid(
+ local_user_view.person.banned,
+ local_user_view.person.ban_expires,
+ local_user_view.person.deleted,
+ )?;
check_validator_time(&local_user_view.local_user.validator_time, &claims)?;
/// Checks if user's token was issued before user's password reset.
pub fn check_validator_time(
- validator_time: &chrono::NaiveDateTime,
+ validator_time: &NaiveDateTime,
claims: &Claims,
) -> Result<(), LemmyError> {
let user_validation_time = validator_time.timestamp();
}
}
-#[tracing::instrument(skip_all)]
-pub async fn get_local_user_settings_view_from_jwt(
- jwt: &Sensitive<String>,
- pool: &DbPool,
- secret: &Secret,
-) -> Result<LocalUserSettingsView, LemmyError> {
- let claims = Claims::decode(jwt.as_ref(), &secret.jwt_secret)
- .map_err(|e| e.with_message("not_logged_in"))?
- .claims;
- let local_user_id = LocalUserId(claims.sub);
- let local_user_view = blocking(pool, move |conn| {
- LocalUserSettingsView::read(conn, local_user_id)
- })
- .await??;
- // Check for a site ban
- if local_user_view.person.is_banned() {
- return Err(LemmyError::from_message("site_ban"));
- }
-
- check_validator_time(&local_user_view.local_user.validator_time, &claims)?;
-
- Ok(local_user_view)
-}
-
#[tracing::instrument(skip_all)]
pub async fn get_local_user_settings_view_from_jwt_opt(
jwt: Option<&Sensitive<String>>,
secret: &Secret,
) -> Result<Option<LocalUserSettingsView>, LemmyError> {
match jwt {
- Some(jwt) => Ok(Some(
- get_local_user_settings_view_from_jwt(jwt, pool, secret).await?,
- )),
+ Some(jwt) => {
+ let claims = Claims::decode(jwt.as_ref(), &secret.jwt_secret)
+ .map_err(|e| e.with_message("not_logged_in"))?
+ .claims;
+ let local_user_id = LocalUserId(claims.sub);
+ let local_user_view = blocking(pool, move |conn| {
+ LocalUserSettingsView::read(conn, local_user_id)
+ })
+ .await??;
+ check_user_valid(
+ local_user_view.person.banned,
+ local_user_view.person.ban_expires,
+ local_user_view.person.deleted,
+ )?;
+
+ check_validator_time(&local_user_view.local_user.validator_time, &claims)?;
+
+ Ok(Some(local_user_view))
+ }
None => Ok(None),
}
}
+pub fn check_user_valid(
+ banned: bool,
+ ban_expires: Option<NaiveDateTime>,
+ deleted: bool,
+) -> Result<(), LemmyError> {
+ // Check for a site ban
+ if is_banned(banned, ban_expires) {
+ return Err(LemmyError::from_message("site_ban"));
+ }
+
+ // check for account deletion
+ if deleted {
+ return Err(LemmyError::from_message("deleted"));
+ }
+
+ Ok(())
+}
#[tracing::instrument(skip_all)]
pub async fn check_community_ban(
pool: &DbPool,
) -> Result<(), LemmyError> {
let is_banned =
- move |conn: &'_ _| CommunityPersonBanView::get(conn, person_id, community_id).is_ok();
+ move |conn: &mut _| CommunityPersonBanView::get(conn, person_id, community_id).is_ok();
if blocking(pool, is_banned).await? {
Err(LemmyError::from_message("community_ban"))
} else {
potential_blocker_id: PersonId,
pool: &DbPool,
) -> Result<(), LemmyError> {
- let is_blocked = move |conn: &'_ _| PersonBlock::read(conn, potential_blocker_id, my_id).is_ok();
+ let is_blocked = move |conn: &mut _| PersonBlock::read(conn, potential_blocker_id, my_id).is_ok();
if blocking(pool, is_blocked).await? {
Err(LemmyError::from_message("person_block"))
} else {
}
#[tracing::instrument(skip_all)]
-pub async fn check_downvotes_enabled(score: i16, pool: &DbPool) -> Result<(), LemmyError> {
- if score == -1 {
- let site = blocking(pool, Site::read_local_site).await??;
- if !site.enable_downvotes {
- return Err(LemmyError::from_message("downvotes_disabled"));
- }
+pub fn check_downvotes_enabled(score: i16, local_site: &LocalSite) -> Result<(), LemmyError> {
+ if score == -1 && !local_site.enable_downvotes {
+ return Err(LemmyError::from_message("downvotes_disabled"));
}
Ok(())
}
#[tracing::instrument(skip_all)]
-pub async fn check_private_instance(
+pub fn check_private_instance(
local_user_view: &Option<LocalUserView>,
- pool: &DbPool,
+ local_site: &LocalSite,
) -> Result<(), LemmyError> {
- if local_user_view.is_none() {
- let site = blocking(pool, Site::read_local_site).await?;
-
- // The site might not be set up yet
- if let Ok(site) = site {
- if site.private_instance {
- return Err(LemmyError::from_message("instance_is_private"));
- }
- }
+ if local_user_view.is_none() && local_site.private_instance {
+ return Err(LemmyError::from_message("instance_is_private"));
}
Ok(())
}
#[tracing::instrument(skip_all)]
pub async fn build_federated_instances(
+ local_site: &LocalSite,
pool: &DbPool,
- settings: &Settings,
) -> Result<Option<FederatedInstances>, LemmyError> {
- let federation_config = &settings.federation;
- let hostname = &settings.hostname;
- let federation = federation_config.to_owned();
- if federation.enabled {
- let distinct_communities = blocking(pool, move |conn| {
- Community::distinct_federated_communities(conn)
- })
- .await??;
-
- let allowed = federation.allowed_instances;
- let blocked = federation.blocked_instances;
-
- let mut linked = distinct_communities
- .iter()
- .map(|actor_id| Ok(actor_id.host_str().unwrap_or("").to_string()))
- .collect::<Result<Vec<String>, LemmyError>>()?;
-
- if let Some(allowed) = allowed.as_ref() {
- linked.extend_from_slice(allowed);
- }
-
- if let Some(blocked) = blocked.as_ref() {
- linked.retain(|a| !blocked.contains(a) && !a.eq(hostname));
- }
+ if local_site.federation_enabled {
+ // TODO I hate that this requires 3 queries
+ let linked = blocking(pool, Instance::linked).await??;
+ let allowed = blocking(pool, Instance::allowlist).await??;
+ let blocked = blocking(pool, Instance::blocklist).await??;
- // Sort and remove dupes
- linked.sort_unstable();
- linked.dedup();
+ // These can return empty vectors, so convert them to options
+ let allowed = (!allowed.is_empty()).then(|| allowed);
+ let blocked = (!blocked.is_empty()).then(|| blocked);
Ok(Some(FederatedInstances {
linked,
.await??;
let email = &user.local_user.email.to_owned().expect("email");
- let lang = get_user_lang(user);
+ let lang = get_interface_language(user);
let subject = &lang.password_reset_subject(&user.person.name);
let protocol_and_hostname = settings.get_protocol_and_hostname();
let reset_link = format!("{}/password_change/{}", protocol_and_hostname, &token);
);
blocking(pool, move |conn| EmailVerification::create(conn, &form)).await??;
- let lang = get_user_lang(user);
+ let lang = get_interface_language(user);
let subject = lang.verify_email_subject(&settings.hostname);
let body = lang.verify_email_body(&settings.hostname, &user.person.name, verify_link);
send_email(&subject, new_email, &user.person.name, &body, settings)?;
settings: &Settings,
) -> Result<(), LemmyError> {
let email = &user.local_user.email.to_owned().expect("email");
- let lang = get_user_lang(user);
+ let lang = get_interface_language(user);
let subject = &lang.email_verified_subject(&user.person.actor_id);
let body = &lang.email_verified_body();
send_email(subject, email, &user.person.name, body, settings)
}
-pub fn get_user_lang(user: &LocalUserView) -> Lang {
- let user_lang = LanguageId::new(user.local_user.lang.clone());
- Lang::from_language_id(&user_lang).unwrap_or_else(|| {
+pub fn get_interface_language(user: &LocalUserView) -> Lang {
+ lang_str_to_lang(&user.local_user.interface_language)
+}
+
+pub fn get_interface_language_from_settings(user: &LocalUserSettingsView) -> Lang {
+ lang_str_to_lang(&user.local_user.interface_language)
+}
+
+fn lang_str_to_lang(lang: &str) -> Lang {
+ let lang_id = LanguageId::new(lang);
+ Lang::from_language_id(&lang_id).unwrap_or_else(|| {
let en = LanguageId::new("en");
Lang::from_language_id(&en).expect("default language")
})
}
+pub fn local_site_rate_limit_to_rate_limit_config(
+ local_site_rate_limit: &LocalSiteRateLimit,
+) -> RateLimitConfig {
+ let l = local_site_rate_limit;
+ RateLimitConfig {
+ message: l.message,
+ message_per_second: l.message_per_second,
+ post: l.post,
+ post_per_second: l.post_per_second,
+ register: l.register,
+ register_per_second: l.register_per_second,
+ image: l.image,
+ image_per_second: l.image_per_second,
+ comment: l.comment,
+ comment_per_second: l.comment_per_second,
+ search: l.search,
+ search_per_second: l.search_per_second,
+ }
+}
+
+pub fn local_site_to_slur_regex(local_site: &LocalSite) -> Option<Regex> {
+ build_slur_regex(local_site.slur_filter_regex.as_deref())
+}
+
+pub fn local_site_opt_to_slur_regex(local_site: &Option<LocalSite>) -> Option<Regex> {
+ local_site
+ .as_ref()
+ .map(local_site_to_slur_regex)
+ .unwrap_or(None)
+}
+
pub fn send_application_approved_email(
user: &LocalUserView,
settings: &Settings,
) -> Result<(), LemmyError> {
let email = &user.local_user.email.to_owned().expect("email");
- let lang = get_user_lang(user);
+ let lang = get_interface_language(user);
let subject = lang.registration_approved_subject(&user.person.actor_id);
let body = lang.registration_approved_body(&settings.hostname);
send_email(&subject, email, &user.person.name, &body, settings)
}
+/// Send a new applicant email notification to all admins
+pub async fn send_new_applicant_email_to_admins(
+ applicant_username: &str,
+ pool: &DbPool,
+ settings: &Settings,
+) -> Result<(), LemmyError> {
+ // Collect the admins with emails
+ let admins = blocking(pool, move |conn| {
+ LocalUserSettingsView::list_admins_with_emails(conn)
+ })
+ .await??;
+
+ let applications_link = &format!(
+ "{}/registration_applications",
+ settings.get_protocol_and_hostname(),
+ );
+
+ for admin in &admins {
+ let email = &admin.local_user.email.to_owned().expect("email");
+ let lang = get_interface_language_from_settings(admin);
+ let subject = lang.new_application_subject(applicant_username, &settings.hostname);
+ let body = lang.new_application_body(applications_link);
+ send_email(&subject, email, &admin.person.name, &body, settings)?;
+ }
+ Ok(())
+}
+
pub async fn check_registration_application(
- site: &Site,
local_user_view: &LocalUserView,
+ local_site: &LocalSite,
pool: &DbPool,
) -> Result<(), LemmyError> {
- if site.require_application
+ if local_site.require_application
&& !local_user_view.local_user.accepted_application
&& !local_user_view.person.admin
{
})
.await??;
if let Some(deny_reason) = registration.deny_reason {
- let lang = get_user_lang(local_user_view);
+ let lang = get_interface_language(local_user_view);
let registration_denied_message = format!("{}: {}", lang.registration_denied(), &deny_reason);
return Err(LemmyError::from_message(®istration_denied_message));
} else {
Ok(())
}
-/// TODO this check should be removed after https://github.com/LemmyNet/lemmy/issues/868 is done.
-pub async fn check_private_instance_and_federation_enabled(
+pub fn check_private_instance_and_federation_enabled(
+ local_site: &LocalSite,
+) -> Result<(), LemmyError> {
+ if local_site.private_instance && local_site.federation_enabled {
+ return Err(LemmyError::from_message(
+ "Cannot have both private instance and federation enabled.",
+ ));
+ }
+ Ok(())
+}
+
+pub async fn purge_image_posts_for_person(
+ banned_person_id: PersonId,
pool: &DbPool,
settings: &Settings,
+ client: &ClientWithMiddleware,
) -> Result<(), LemmyError> {
- let site_opt = blocking(pool, Site::read_local_site).await?;
+ let posts = blocking(pool, move |conn: &mut _| {
+ Post::fetch_pictrs_posts_for_creator(conn, banned_person_id)
+ })
+ .await??;
+ for post in posts {
+ if let Some(url) = post.url {
+ purge_image_from_pictrs(client, settings, &url).await.ok();
+ }
+ if let Some(thumbnail_url) = post.thumbnail_url {
+ purge_image_from_pictrs(client, settings, &thumbnail_url)
+ .await
+ .ok();
+ }
+ }
+
+ blocking(pool, move |conn| {
+ Post::remove_pictrs_post_images_and_thumbnails_for_creator(conn, banned_person_id)
+ })
+ .await??;
+
+ Ok(())
+}
- if let Ok(site) = site_opt {
- if site.private_instance && settings.federation.enabled {
- return Err(LemmyError::from_message(
- "Cannot have both private instance and federation enabled.",
- ));
+pub async fn purge_image_posts_for_community(
+ banned_community_id: CommunityId,
+ pool: &DbPool,
+ settings: &Settings,
+ client: &ClientWithMiddleware,
+) -> Result<(), LemmyError> {
+ let posts = blocking(pool, move |conn: &mut _| {
+ Post::fetch_pictrs_posts_for_community(conn, banned_community_id)
+ })
+ .await??;
+ for post in posts {
+ if let Some(url) = post.url {
+ purge_image_from_pictrs(client, settings, &url).await.ok();
+ }
+ if let Some(thumbnail_url) = post.thumbnail_url {
+ purge_image_from_pictrs(client, settings, &thumbnail_url)
+ .await
+ .ok();
}
}
+
+ blocking(pool, move |conn| {
+ Post::remove_pictrs_post_images_and_thumbnails_for_community(conn, banned_community_id)
+ })
+ .await??;
+
Ok(())
}
-pub async fn remove_user_data(banned_person_id: PersonId, pool: &DbPool) -> Result<(), LemmyError> {
+pub async fn remove_user_data(
+ banned_person_id: PersonId,
+ pool: &DbPool,
+ settings: &Settings,
+ client: &ClientWithMiddleware,
+) -> Result<(), LemmyError> {
+ // Purge user images
+ let person = blocking(pool, move |conn| Person::read(conn, banned_person_id)).await??;
+ if let Some(avatar) = person.avatar {
+ purge_image_from_pictrs(client, settings, &avatar)
+ .await
+ .ok();
+ }
+ if let Some(banner) = person.banner {
+ purge_image_from_pictrs(client, settings, &banner)
+ .await
+ .ok();
+ }
+
+ // Update the fields to None
+ blocking(pool, move |conn| {
+ Person::update(
+ conn,
+ banned_person_id,
+ &PersonUpdateForm::builder()
+ .avatar(Some(None))
+ .banner(Some(None))
+ .build(),
+ )
+ })
+ .await??;
+
// Posts
- blocking(pool, move |conn: &'_ _| {
+ blocking(pool, move |conn: &mut _| {
Post::update_removed_for_creator(conn, banned_person_id, None, true)
})
.await??;
+ // Purge image posts
+ purge_image_posts_for_person(banned_person_id, pool, settings, client).await?;
+
// Communities
// Remove all communities where they're the top mod
// for now, remove the communities manually
- let first_mod_communities = blocking(pool, move |conn: &'_ _| {
+ let first_mod_communities = blocking(pool, move |conn: &mut _| {
CommunityModeratorView::get_community_first_mods(conn)
})
.await??;
.collect();
for first_mod_community in banned_user_first_communities {
- blocking(pool, move |conn: &'_ _| {
- Community::update_removed(conn, first_mod_community.community.id, true)
+ let community_id = first_mod_community.community.id;
+ blocking(pool, move |conn| {
+ Community::update(
+ conn,
+ community_id,
+ &CommunityUpdateForm::builder().removed(Some(true)).build(),
+ )
+ })
+ .await??;
+
+ // Delete the community images
+ if let Some(icon) = first_mod_community.community.icon {
+ purge_image_from_pictrs(client, settings, &icon).await.ok();
+ }
+ if let Some(banner) = first_mod_community.community.banner {
+ purge_image_from_pictrs(client, settings, &banner)
+ .await
+ .ok();
+ }
+ // Update the fields to None
+ blocking(pool, move |conn| {
+ Community::update(
+ conn,
+ community_id,
+ &CommunityUpdateForm::builder()
+ .icon(Some(None))
+ .banner(Some(None))
+ .build(),
+ )
})
.await??;
}
// Comments
- blocking(pool, move |conn: &'_ _| {
+ blocking(pool, move |conn: &mut _| {
Comment::update_removed_for_creator(conn, banned_person_id, true)
})
.await??;
// Comments
// TODO Diesel doesn't allow updates with joins, so this has to be a loop
let comments = blocking(pool, move |conn| {
- CommentQueryBuilder::create(conn)
- .creator_id(banned_person_id)
- .community_id(community_id)
- .limit(std::i64::MAX)
+ CommentQuery::builder()
+ .conn(conn)
+ .creator_id(Some(banned_person_id))
+ .community_id(Some(community_id))
+ .limit(Some(i64::MAX))
+ .build()
.list()
})
.await??;
for comment_view in &comments {
let comment_id = comment_view.comment.id;
blocking(pool, move |conn| {
- Comment::update_removed(conn, comment_id, true)
+ Comment::update(
+ conn,
+ comment_id,
+ &CommentUpdateForm::builder().removed(Some(true)).build(),
+ )
})
.await??;
}
Ok(())
}
-pub async fn delete_user_account(person_id: PersonId, pool: &DbPool) -> Result<(), LemmyError> {
+pub async fn delete_user_account(
+ person_id: PersonId,
+ pool: &DbPool,
+ settings: &Settings,
+ client: &ClientWithMiddleware,
+) -> Result<(), LemmyError> {
+ // Delete their images
+ let person = blocking(pool, move |conn| Person::read(conn, person_id)).await??;
+ if let Some(avatar) = person.avatar {
+ purge_image_from_pictrs(client, settings, &avatar)
+ .await
+ .ok();
+ }
+ if let Some(banner) = person.banner {
+ purge_image_from_pictrs(client, settings, &banner)
+ .await
+ .ok();
+ }
+ // No need to update avatar and banner, those are handled in Person::delete_account
+
// Comments
- let permadelete = move |conn: &'_ _| Comment::permadelete_for_creator(conn, person_id);
+ let permadelete = move |conn: &mut _| Comment::permadelete_for_creator(conn, person_id);
blocking(pool, permadelete)
.await?
.map_err(|e| LemmyError::from_error_message(e, "couldnt_update_comment"))?;
// Posts
- let permadelete = move |conn: &'_ _| Post::permadelete_for_creator(conn, person_id);
+ let permadelete = move |conn: &mut _| Post::permadelete_for_creator(conn, person_id);
blocking(pool, permadelete)
.await?
.map_err(|e| LemmyError::from_error_message(e, "couldnt_update_post"))?;
+ // Purge image posts
+ purge_image_posts_for_person(person_id, pool, settings, client).await?;
+
blocking(pool, move |conn| Person::delete_account(conn, person_id)).await??;
Ok(())
}
+
+pub fn listing_type_with_site_default(
+ listing_type: Option<ListingType>,
+ local_site: &LocalSite,
+) -> Result<ListingType, LemmyError> {
+ Ok(listing_type.unwrap_or(ListingType::from_str(
+ &local_site.default_post_listing_type,
+ )?))
+}
projects / lemmy.git / blobdiff