use lemmy_api_common::{
context::LemmyContext,
custom_emoji::{CustomEmojiResponse, EditCustomEmoji},
- utils::{is_admin, local_user_view_from_jwt},
+ utils::{is_admin, local_user_view_from_jwt, sanitize_html},
};
use lemmy_db_schema::source::{
custom_emoji::{CustomEmoji, CustomEmojiUpdateForm},
let data: &EditCustomEmoji = self;
let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
- let local_site = LocalSite::read(context.pool()).await?;
+ let local_site = LocalSite::read(&mut context.pool()).await?;
// Make sure user is an admin
is_admin(&local_user_view)?;
+ let alt_text = sanitize_html(&data.alt_text);
+ let category = sanitize_html(&data.category);
+
let emoji_form = CustomEmojiUpdateForm::builder()
.local_site_id(local_site.id)
- .alt_text(data.alt_text.to_string())
- .category(data.category.to_string())
+ .alt_text(alt_text)
+ .category(category)
.image_url(data.clone().image_url.into())
.build();
- let emoji = CustomEmoji::update(context.pool(), data.id, &emoji_form).await?;
- CustomEmojiKeyword::delete(context.pool(), data.id).await?;
+ let emoji = CustomEmoji::update(&mut context.pool(), data.id, &emoji_form).await?;
+ CustomEmojiKeyword::delete(&mut context.pool(), data.id).await?;
let mut keywords = vec![];
for keyword in &data.keywords {
let keyword_form = CustomEmojiKeywordInsertForm::builder()
.build();
keywords.push(keyword_form);
}
- CustomEmojiKeyword::create(context.pool(), keywords).await?;
- let view = CustomEmojiView::get(context.pool(), emoji.id).await?;
+ CustomEmojiKeyword::create(&mut context.pool(), keywords).await?;
+ let view = CustomEmojiView::get(&mut context.pool(), emoji.id).await?;
Ok(CustomEmojiResponse { custom_emoji: view })
}
}