use crate::PerformCrud;
use actix_web::web::Data;
-use lemmy_api_common::{blocking, check_community_ban, get_local_user_view_from_jwt, post::*};
-use lemmy_apub::ApubObjectType;
-use lemmy_db_queries::{source::post::Post_, Crud};
-use lemmy_db_schema::{naive_now, source::post::*};
-use lemmy_db_views::post_view::PostView;
+use lemmy_api_common::{
+ build_response::build_post_response,
+ context::LemmyContext,
+ post::{EditPost, PostResponse},
+ request::fetch_site_data,
+ utils::{
+ check_community_ban,
+ local_site_to_slur_regex,
+ local_user_view_from_jwt,
+ sanitize_html_opt,
+ },
+};
+use lemmy_db_schema::{
+ source::{
+ actor_language::CommunityLanguage,
+ local_site::LocalSite,
+ post::{Post, PostUpdateForm},
+ },
+ traits::Crud,
+ utils::{diesel_option_overwrite, naive_now},
+};
use lemmy_utils::{
- request::fetch_iframely_and_pictrs_data,
- utils::{check_slurs, check_slurs_opt, is_valid_post_title},
- ApiError,
- ConnectionId,
- LemmyError,
+ error::{LemmyError, LemmyErrorExt, LemmyErrorType},
+ utils::{
+ slurs::check_slurs_opt,
+ validation::{check_url_scheme, clean_url_params, is_valid_body_field, is_valid_post_title},
+ },
};
-use lemmy_websocket::{messages::SendPost, LemmyContext, UserOperation};
#[async_trait::async_trait(?Send)]
impl PerformCrud for EditPost {
type Response = PostResponse;
- async fn perform(
- &self,
- context: &Data<LemmyContext>,
- websocket_id: Option<ConnectionId>,
- ) -> Result<PostResponse, LemmyError> {
- let data: &EditPost = &self;
- let local_user_view = get_local_user_view_from_jwt(&data.auth, context.pool()).await?;
+ #[tracing::instrument(skip(context))]
+ async fn perform(&self, context: &Data<LemmyContext>) -> Result<PostResponse, LemmyError> {
+ let data: &EditPost = self;
+ let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
+ let local_site = LocalSite::read(&mut context.pool()).await?;
+
+ let data_url = data.url.as_ref();
+
+ // TODO No good way to handle a clear.
+ // Issue link: https://github.com/LemmyNet/lemmy/issues/2287
+ let url = Some(data_url.map(clean_url_params).map(Into::into));
- check_slurs(&data.name)?;
- check_slurs_opt(&data.body)?;
+ let slur_regex = local_site_to_slur_regex(&local_site);
+ check_slurs_opt(&data.name, &slur_regex)?;
+ check_slurs_opt(&data.body, &slur_regex)?;
- if !is_valid_post_title(&data.name) {
- return Err(ApiError::err("invalid_post_title").into());
+ if let Some(name) = &data.name {
+ is_valid_post_title(name)?;
}
+ is_valid_body_field(&data.body, true)?;
+ check_url_scheme(&data.url)?;
+
let post_id = data.post_id;
- let orig_post = blocking(context.pool(), move |conn| Post::read(conn, post_id)).await??;
+ let orig_post = Post::read(&mut context.pool(), post_id).await?;
check_community_ban(
local_user_view.person.id,
orig_post.community_id,
- context.pool(),
+ &mut context.pool(),
)
.await?;
// Verify that only the creator can edit
if !Post::is_post_creator(local_user_view.person.id, orig_post.creator_id) {
- return Err(ApiError::err("no_post_edit_allowed").into());
+ return Err(LemmyErrorType::NoPostEditAllowed)?;
}
- // Fetch Iframely and Pictrs cached image
+ // Fetch post links and Pictrs cached image
let data_url = data.url.as_ref();
- let (iframely_title, iframely_description, iframely_html, pictrs_thumbnail) =
- fetch_iframely_and_pictrs_data(context.client(), data_url).await;
-
- let post_form = PostForm {
- name: data.name.trim().to_owned(),
- url: data_url.map(|u| u.to_owned().into()),
- body: data.body.to_owned(),
- nsfw: data.nsfw,
- creator_id: orig_post.creator_id.to_owned(),
- community_id: orig_post.community_id,
- removed: Some(orig_post.removed),
- deleted: Some(orig_post.deleted),
- locked: Some(orig_post.locked),
- stickied: Some(orig_post.stickied),
- updated: Some(naive_now()),
- embed_title: iframely_title,
- embed_description: iframely_description,
- embed_html: iframely_html,
- thumbnail_url: pictrs_thumbnail.map(|u| u.into()),
- ap_id: Some(orig_post.ap_id),
- local: orig_post.local,
- published: None,
- };
-
- let post_id = data.post_id;
- let res = blocking(context.pool(), move |conn| {
- Post::update(conn, post_id, &post_form)
- })
+ let (metadata_res, thumbnail_url) =
+ fetch_site_data(context.client(), context.settings(), data_url, true).await;
+ let (embed_title, embed_description, embed_video_url) = metadata_res
+ .map(|u| (Some(u.title), Some(u.description), Some(u.embed_video_url)))
+ .unwrap_or_default();
+
+ let name = sanitize_html_opt(&data.name);
+ let body = sanitize_html_opt(&data.body);
+ let body = diesel_option_overwrite(body);
+ let embed_title = embed_title.map(|e| sanitize_html_opt(&e));
+ let embed_description = embed_description.map(|e| sanitize_html_opt(&e));
+
+ let language_id = self.language_id;
+ CommunityLanguage::is_allowed_community_language(
+ &mut context.pool(),
+ language_id,
+ orig_post.community_id,
+ )
.await?;
- let updated_post: Post = match res {
- Ok(post) => post,
- Err(e) => {
- let err_type = if e.to_string() == "value too long for type character varying(200)" {
- "post_title_too_long"
- } else {
- "couldnt_update_post"
- };
-
- return Err(ApiError::err(err_type).into());
- }
- };
-
- // Send apub update
- updated_post
- .send_update(&local_user_view.person, context)
- .await?;
-
- let post_id = data.post_id;
- let post_view = blocking(context.pool(), move |conn| {
- PostView::read(conn, post_id, Some(local_user_view.person.id))
- })
- .await??;
- let res = PostResponse { post_view };
+ let post_form = PostUpdateForm::builder()
+ .name(name)
+ .url(url)
+ .body(body)
+ .nsfw(data.nsfw)
+ .embed_title(embed_title)
+ .embed_description(embed_description)
+ .embed_video_url(embed_video_url)
+ .language_id(data.language_id)
+ .thumbnail_url(Some(thumbnail_url))
+ .updated(Some(Some(naive_now())))
+ .build();
- context.chat_server().do_send(SendPost {
- op: UserOperation::EditPost,
- post: res.clone(),
- websocket_id,
- });
+ let post_id = data.post_id;
+ Post::update(&mut context.pool(), post_id, &post_form)
+ .await
+ .with_lemmy_type(LemmyErrorType::CouldntUpdatePost)?;
- Ok(res)
+ build_post_response(
+ context,
+ orig_post.community_id,
+ local_user_view.person.id,
+ post_id,
+ )
+ .await
}
}