forked from jmug/stoatchat
chore: ensure restrict_reactions is used in conjunction with reactions list
This commit is contained in:
8
Cargo.lock
generated
8
Cargo.lock
generated
@@ -2580,8 +2580,8 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "rauth"
|
name = "rauth"
|
||||||
version = "1.0.3"
|
version = "1.0.4"
|
||||||
source = "git+https://github.com/insertish/rauth?tag=1.0.3#a62eae5076d94730d06e76d438cbca0d70161856"
|
source = "git+https://github.com/insertish/rauth?tag=1.0.4#2d3bc59623672e3ff57c49a90c4d3cd20780dbba"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"async-std",
|
"async-std",
|
||||||
"async-trait",
|
"async-trait",
|
||||||
@@ -3080,8 +3080,8 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "rocket_rauth"
|
name = "rocket_rauth"
|
||||||
version = "1.0.3"
|
version = "1.0.4"
|
||||||
source = "git+https://github.com/insertish/rauth?tag=1.0.3#a62eae5076d94730d06e76d438cbca0d70161856"
|
source = "git+https://github.com/insertish/rauth?tag=1.0.4#2d3bc59623672e3ff57c49a90c4d3cd20780dbba"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"iso8601-timestamp",
|
"iso8601-timestamp",
|
||||||
"rauth",
|
"rauth",
|
||||||
|
|||||||
@@ -65,16 +65,20 @@ pub async fn message_send(
|
|||||||
data.validate()
|
data.validate()
|
||||||
.map_err(|error| Error::FailedValidation { error })?;
|
.map_err(|error| Error::FailedValidation { error })?;
|
||||||
|
|
||||||
|
// Validate Message is within reasonable length limits
|
||||||
Message::validate_sum(&data.content, &data.embeds)?;
|
Message::validate_sum(&data.content, &data.embeds)?;
|
||||||
|
|
||||||
|
// Ensure the request is unique
|
||||||
idempotency.consume_nonce(data.nonce).await?;
|
idempotency.consume_nonce(data.nonce).await?;
|
||||||
|
|
||||||
|
// Ensure we have permissions to send a message
|
||||||
let channel = target.as_channel(db).await?;
|
let channel = target.as_channel(db).await?;
|
||||||
let mut permissions = perms(&user).channel(&channel);
|
let mut permissions = perms(&user).channel(&channel);
|
||||||
permissions
|
permissions
|
||||||
.throw_permission_and_view_channel(db, Permission::SendMessage)
|
.throw_permission_and_view_channel(db, Permission::SendMessage)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
|
// Check the message is not empty
|
||||||
if (data.content.as_ref().map_or(true, |v| v.is_empty()))
|
if (data.content.as_ref().map_or(true, |v| v.is_empty()))
|
||||||
&& (data.attachments.as_ref().map_or(true, |v| v.is_empty()))
|
&& (data.attachments.as_ref().map_or(true, |v| v.is_empty()))
|
||||||
&& (data.embeds.as_ref().map_or(true, |v| v.is_empty()))
|
&& (data.embeds.as_ref().map_or(true, |v| v.is_empty()))
|
||||||
@@ -82,6 +86,22 @@ pub async fn message_send(
|
|||||||
return Err(Error::EmptyMessage);
|
return Err(Error::EmptyMessage);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Ensure restrict_reactions is not specified without reactions list
|
||||||
|
if let Some(interactions) = &data.interactions {
|
||||||
|
if interactions.restrict_reactions {
|
||||||
|
let disallowed = if let Some(list) = &interactions.reactions {
|
||||||
|
list.len() == 0
|
||||||
|
} else {
|
||||||
|
true
|
||||||
|
};
|
||||||
|
|
||||||
|
if disallowed {
|
||||||
|
return Err(Error::InvalidProperty);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Start constructing the message
|
||||||
let message_id = Ulid::new().to_string();
|
let message_id = Ulid::new().to_string();
|
||||||
let mut message = Message {
|
let mut message = Message {
|
||||||
id: message_id.clone(),
|
id: message_id.clone(),
|
||||||
|
|||||||
@@ -98,6 +98,8 @@ pub struct Interactions {
|
|||||||
#[serde(skip_serializing_if = "Option::is_none", default)]
|
#[serde(skip_serializing_if = "Option::is_none", default)]
|
||||||
pub reactions: Option<IndexSet<String>>,
|
pub reactions: Option<IndexSet<String>>,
|
||||||
/// Whether reactions should be restricted to the given list
|
/// Whether reactions should be restricted to the given list
|
||||||
|
///
|
||||||
|
/// Can only be set to true if reactions list is of at least length 1
|
||||||
#[serde(skip_serializing_if = "if_false", default)]
|
#[serde(skip_serializing_if = "if_false", default)]
|
||||||
pub restrict_reactions: bool,
|
pub restrict_reactions: bool,
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -20,10 +20,10 @@ pub enum Error {
|
|||||||
/// This error was not labeled :(
|
/// This error was not labeled :(
|
||||||
LabelMe,
|
LabelMe,
|
||||||
|
|
||||||
// ? Onboarding related errors.
|
// ? Onboarding related errors
|
||||||
AlreadyOnboarded,
|
AlreadyOnboarded,
|
||||||
|
|
||||||
// ? User related errors.
|
// ? User related errors
|
||||||
UsernameTaken,
|
UsernameTaken,
|
||||||
InvalidUsername,
|
InvalidUsername,
|
||||||
UnknownUser,
|
UnknownUser,
|
||||||
@@ -33,7 +33,7 @@ pub enum Error {
|
|||||||
BlockedByOther,
|
BlockedByOther,
|
||||||
NotFriends,
|
NotFriends,
|
||||||
|
|
||||||
// ? Channel related errors.
|
// ? Channel related errors
|
||||||
UnknownChannel,
|
UnknownChannel,
|
||||||
UnknownAttachment,
|
UnknownAttachment,
|
||||||
UnknownMessage,
|
UnknownMessage,
|
||||||
@@ -50,7 +50,7 @@ pub enum Error {
|
|||||||
AlreadyInGroup,
|
AlreadyInGroup,
|
||||||
NotInGroup,
|
NotInGroup,
|
||||||
|
|
||||||
// ? Server related errors.
|
// ? Server related errors
|
||||||
UnknownServer,
|
UnknownServer,
|
||||||
InvalidRole,
|
InvalidRole,
|
||||||
Banned,
|
Banned,
|
||||||
@@ -59,12 +59,12 @@ pub enum Error {
|
|||||||
},
|
},
|
||||||
TooManyEmoji,
|
TooManyEmoji,
|
||||||
|
|
||||||
// ? Bot related errors.
|
// ? Bot related errors
|
||||||
ReachedMaximumBots,
|
ReachedMaximumBots,
|
||||||
IsBot,
|
IsBot,
|
||||||
BotIsPrivate,
|
BotIsPrivate,
|
||||||
|
|
||||||
// ? Permission errors.
|
// ? Permission errors
|
||||||
MissingPermission {
|
MissingPermission {
|
||||||
permission: Permission,
|
permission: Permission,
|
||||||
},
|
},
|
||||||
@@ -75,7 +75,7 @@ pub enum Error {
|
|||||||
CannotGiveMissingPermissions,
|
CannotGiveMissingPermissions,
|
||||||
NotOwner,
|
NotOwner,
|
||||||
|
|
||||||
// ? General errors.
|
// ? General errors
|
||||||
DatabaseError {
|
DatabaseError {
|
||||||
operation: &'static str,
|
operation: &'static str,
|
||||||
with: &'static str,
|
with: &'static str,
|
||||||
@@ -83,6 +83,7 @@ pub enum Error {
|
|||||||
InternalError,
|
InternalError,
|
||||||
InvalidOperation,
|
InvalidOperation,
|
||||||
InvalidCredentials,
|
InvalidCredentials,
|
||||||
|
InvalidProperty,
|
||||||
InvalidSession,
|
InvalidSession,
|
||||||
DuplicateNonce,
|
DuplicateNonce,
|
||||||
VosoUnavailable,
|
VosoUnavailable,
|
||||||
@@ -175,6 +176,7 @@ impl<'r> Responder<'r, 'static> for Error {
|
|||||||
Error::InternalError => Status::InternalServerError,
|
Error::InternalError => Status::InternalServerError,
|
||||||
Error::InvalidOperation => Status::BadRequest,
|
Error::InvalidOperation => Status::BadRequest,
|
||||||
Error::InvalidCredentials => Status::Unauthorized,
|
Error::InvalidCredentials => Status::Unauthorized,
|
||||||
|
Error::InvalidProperty => Status::BadRequest,
|
||||||
Error::InvalidSession => Status::Unauthorized,
|
Error::InvalidSession => Status::Unauthorized,
|
||||||
Error::DuplicateNonce => Status::Conflict,
|
Error::DuplicateNonce => Status::Conflict,
|
||||||
Error::VosoUnavailable => Status::BadRequest,
|
Error::VosoUnavailable => Status::BadRequest,
|
||||||
|
|||||||
Reference in New Issue
Block a user