X-Git-Url: http://these/git/?a=blobdiff_plain;f=crates%2Fapi_crud%2Fsrc%2Fprivate_message%2Fupdate.rs;h=09b50540dba830f5f3c2a9bfb7217a3dbc1607af;hb=3471f3533cb724b2cf6953d563aadfcc9f66c1d2;hp=b2d8e48f9987da2cb28721002701bf0300e2f846;hpb=203e35899e12e8696d0c871b5c12b27a5751b4a2;p=lemmy.git

diff --git a/crates/api_crud/src/private_message/update.rs b/crates/api_crud/src/private_message/update.rs
index b2d8e48f..09b50540 100644
--- a/crates/api_crud/src/private_message/update.rs
+++ b/crates/api_crud/src/private_message/update.rs
@@ -3,7 +3,7 @@ use actix_web::web::Data;
 use lemmy_api_common::{
   context::LemmyContext,
   private_message::{EditPrivateMessage, PrivateMessageResponse},
-  utils::{local_site_to_slur_regex, local_user_view_from_jwt},
+  utils::{local_site_to_slur_regex, local_user_view_from_jwt, sanitize_html},
 };
 use lemmy_db_schema::{
   source::{
@@ -15,7 +15,7 @@ use lemmy_db_schema::{
 };
 use lemmy_db_views::structs::PrivateMessageView;
 use lemmy_utils::{
-  error::LemmyError,
+  error::{LemmyError, LemmyErrorExt, LemmyErrorType},
   utils::{slurs::remove_slurs, validation::is_valid_body_field},
 };
 
@@ -30,32 +30,34 @@ impl PerformCrud for EditPrivateMessage {
   ) -> Result<PrivateMessageResponse, LemmyError> {
     let data: &EditPrivateMessage = self;
     let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
-    let local_site = LocalSite::read(context.pool()).await?;
+    let local_site = LocalSite::read(&mut context.pool()).await?;
 
     // Checking permissions
     let private_message_id = data.private_message_id;
-    let orig_private_message = PrivateMessage::read(context.pool(), private_message_id).await?;
+    let orig_private_message =
+      PrivateMessage::read(&mut context.pool(), private_message_id).await?;
     if local_user_view.person.id != orig_private_message.creator_id {
-      return Err(LemmyError::from_message("no_private_message_edit_allowed"));
+      return Err(LemmyErrorType::EditPrivateMessageNotAllowed)?;
     }
 
     // Doing the update
-    let content_slurs_removed = remove_slurs(&data.content, &local_site_to_slur_regex(&local_site));
-    is_valid_body_field(&Some(content_slurs_removed.clone()), false)?;
+    let content = sanitize_html(&data.content);
+    let content = remove_slurs(&content, &local_site_to_slur_regex(&local_site));
+    is_valid_body_field(&Some(content.clone()), false)?;
 
     let private_message_id = data.private_message_id;
     PrivateMessage::update(
-      context.pool(),
+      &mut context.pool(),
       private_message_id,
       &PrivateMessageUpdateForm::builder()
-        .content(Some(content_slurs_removed))
+        .content(Some(content))
         .updated(Some(Some(naive_now())))
         .build(),
     )
     .await
-    .map_err(|e| LemmyError::from_error_message(e, "couldnt_update_private_message"))?;
+    .with_lemmy_type(LemmyErrorType::CouldntUpdatePrivateMessage)?;
 
-    let view = PrivateMessageView::read(context.pool(), private_message_id).await?;
+    let view = PrivateMessageView::read(&mut context.pool(), private_message_id).await?;
 
     Ok(PrivateMessageResponse {
       private_message_view: view,