add seperate non token webhook routes

This commit is contained in:
Zomatree
2023-01-27 17:26:32 +00:00
parent 758b1e43e7
commit 781d51df6f
7 changed files with 138 additions and 23 deletions

View File

@@ -2,16 +2,22 @@ use rocket::Route;
use revolt_rocket_okapi::revolt_okapi::openapi3::OpenApi;
mod webhook_delete;
mod webhook_delete_token;
mod webhook_edit;
mod webhook_edit_token;
mod webhook_execute;
mod webhook_fetch_token;
mod webhook_fetch;
mod webhook_execute_github;
pub fn routes() -> (Vec<Route>, OpenApi) {
openapi_get_routes_spec![
webhook_delete_token::req,
webhook_delete::req,
webhook_edit_token::req,
webhook_edit::req,
webhook_execute::req,
webhook_fetch_token::req,
webhook_fetch::req,
webhook_execute_github::req
]

View File

@@ -1,16 +1,19 @@
use revolt_quark::{Db, Ref, Result, EmptyResponse, Error};
use revolt_quark::{Db, Ref, Result, EmptyResponse, models::User, perms, Permission};
/// # Deletes a webhook
/// # Deletes a webhook with a token
///
/// deletes a webhook
/// deletes a webhook with a token
#[openapi(tag = "Webhooks")]
#[delete("/<target>/<token>")]
pub async fn req(db: &Db, target: Ref, token: String) -> Result<EmptyResponse> {
#[delete("/<target>")]
pub async fn req(db: &Db, user: User, target: Ref) -> Result<EmptyResponse> {
let webhook = target.as_webhook(db).await?;
(webhook.token == token)
.then_some(())
.ok_or(Error::InvalidCredentials)?;
let channel = Ref::from_unchecked(webhook.channel.clone()).as_channel(db).await?;
perms(&user)
.channel(&channel)
.throw_permission(db, Permission::ManageWebhooks)
.await?;
webhook.delete(db).await?;

View File

@@ -0,0 +1,18 @@
use revolt_quark::{Db, Ref, Result, EmptyResponse, Error};
/// # Deletes a webhook with a token
///
/// deletes a webhook with a token
#[openapi(tag = "Webhooks")]
#[delete("/<target>/<token>")]
pub async fn req(db: &Db, target: Ref, token: String) -> Result<EmptyResponse> {
let webhook = target.as_webhook(db).await?;
(webhook.token == token)
.then_some(())
.ok_or(Error::InvalidCredentials)?;
webhook.delete(db).await?;
Ok(EmptyResponse)
}

View File

@@ -1,4 +1,4 @@
use revolt_quark::{Db, Ref, Result, Error, models::{webhook::{FieldsWebhook, Webhook, PartialWebhook}, File}};
use revolt_quark::{Db, Ref, Result, Error, models::{webhook::{FieldsWebhook, Webhook, PartialWebhook}, File, User}, Permission, perms};
use serde::{Serialize, Deserialize};
use validator::Validate;
use rocket::serde::json::Json;
@@ -19,17 +19,20 @@ pub struct WebhookEditBody {
///
/// edits a webhook
#[openapi(tag = "Webhooks")]
#[patch("/<target>/<token>", data="<data>")]
pub async fn req(db: &Db, target: Ref, token: String, data: Json<WebhookEditBody>) -> Result<Json<Webhook>> {
#[patch("/<target>", data="<data>")]
pub async fn req(db: &Db, target: Ref, user: User, data: Json<WebhookEditBody>) -> Result<Json<Webhook>> {
let data = data.into_inner();
data.validate()
.map_err(|error| Error::FailedValidation { error })?;
let mut webhook = target.as_webhook(db).await?;
(webhook.token == token)
.then_some(())
.ok_or(Error::InvalidCredentials)?;
let channel = Ref::from_unchecked(webhook.channel.clone()).as_channel(db).await?;
perms(&user)
.channel(&channel)
.throw_permission(db, Permission::ManageWebhooks)
.await?;
if data.name.is_none()
&& data.avatar.is_none()

View File

@@ -0,0 +1,57 @@
use revolt_quark::{Db, Ref, Result, Error, models::{webhook::{FieldsWebhook, Webhook, PartialWebhook}, File}};
use serde::{Serialize, Deserialize};
use validator::Validate;
use rocket::serde::json::Json;
#[derive(Serialize, Deserialize, Validate, JsonSchema)]
pub struct WebhookEditBody {
#[validate(length(min = 1, max = 32))]
name: Option<String>,
#[validate(length(min = 1, max = 128))]
avatar: Option<String>,
#[serde(default)]
remove: Vec<FieldsWebhook>
}
/// # Edits a webhook with a token
///
/// edits a webhook with a token
#[openapi(tag = "Webhooks")]
#[patch("/<target>/<token>", data="<data>")]
pub async fn req(db: &Db, target: Ref, token: String, data: Json<WebhookEditBody>) -> Result<Json<Webhook>> {
let data = data.into_inner();
data.validate()
.map_err(|error| Error::FailedValidation { error })?;
let mut webhook = target.as_webhook(db).await?;
(webhook.token == token)
.then_some(())
.ok_or(Error::InvalidCredentials)?;
if data.name.is_none()
&& data.avatar.is_none()
&& data.remove.is_empty()
{
return Ok(Json(webhook))
};
let mut partial = PartialWebhook::default();
let WebhookEditBody { name, avatar, remove } = data;
if let Some(name) = name {
partial.name = Some(name)
}
if let Some(avatar) = avatar {
let file = File::use_avatar(db, &avatar, &webhook.id).await?;
partial.avatar = Some(file)
}
webhook.update(db, partial, remove).await?;
Ok(Json(webhook))
}

View File

@@ -1,17 +1,28 @@
use revolt_quark::{Db, Ref, Result, Error, models::Webhook};
use revolt_quark::{Db, Ref, Result, models::{Webhook, File}};
use rocket::serde::json::Json;
use serde::{Serialize, Deserialize};
// This route is used to get the info about the webhook by clients to get the name and avatar,
// so this function cant return the token or require any permissions.
#[derive(Serialize, Deserialize, Debug, JsonSchema)]
pub struct WebhookData {
#[serde(rename = "_id")]
pub id: String,
pub name: String,
#[serde(skip_serializing_if = "Option::is_none")]
pub avatar: Option<File>,
pub channel: String,
}
/// # gets a webhook
///
/// gets a webhook
#[openapi(tag = "Webhooks")]
#[get("/<target>/<token>")]
pub async fn req(db: &Db, target: Ref, token: String) -> Result<Json<Webhook>> {
let webhook = target.as_webhook(db).await?;
#[get("/<target>")]
pub async fn req(db: &Db, target: Ref) -> Result<Json<WebhookData>> {
let Webhook { id, name, avatar, channel, .. } = target.as_webhook(db).await?;
(webhook.token == token)
.then_some(())
.ok_or(Error::InvalidCredentials)?;
Ok(Json(webhook))
Ok(Json(WebhookData { id, name, avatar, channel }))
}

View File

@@ -0,0 +1,17 @@
use revolt_quark::{Db, Ref, Result, Error, models::Webhook};
use rocket::serde::json::Json;
/// # gets a webhook
///
/// gets a webhook
#[openapi(tag = "Webhooks")]
#[get("/<target>/<token>")]
pub async fn req(db: &Db, target: Ref, token: String) -> Result<Json<Webhook>> {
let webhook = target.as_webhook(db).await?;
(webhook.token == token)
.then_some(())
.ok_or(Error::InvalidCredentials)?;
Ok(Json(webhook))
}