Compare commits
35 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
ba798490e2 | ||
|
|
5132270f2e | ||
|
|
4a0957b5ec | ||
|
|
1bfb2a7214 | ||
|
|
84483cee7a | ||
|
|
4bfd79c42c | ||
|
|
413aa04dca | ||
|
|
5d3e65e076 | ||
|
|
98da8a28a0 | ||
|
|
84b57dee57 | ||
|
|
1fef495d5e | ||
|
|
310d82819d | ||
|
|
5611dab86f | ||
|
|
01ded209c6 | ||
|
|
a1a21252d0 | ||
|
|
0dc5442498 | ||
|
|
9fb55f74dc | ||
|
|
24cfc33907 | ||
|
|
ce2a4eccbd | ||
|
|
ff68679bad | ||
|
|
9bdb7d7feb | ||
|
|
3c51fad74d | ||
|
|
4344419cdb | ||
|
|
65efea020d | ||
|
|
b9360b4d88 | ||
|
|
12c187a386 | ||
|
|
2846f09c45 | ||
|
|
50835f08c8 | ||
|
|
c413fbcb58 | ||
|
|
c674a9fd4e | ||
|
|
b2da2a8587 | ||
|
|
d0ea88f1f8 | ||
|
|
92b466a5f0 | ||
|
|
aeeafebefc | ||
|
|
bf0048a052 |
18
.github/workflows/docs-test.yml
vendored
@@ -14,16 +14,10 @@ jobs:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- uses: pnpm/action-setup@v4
|
||||
with:
|
||||
package_json_file: ./docs/package.json
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: lts/*
|
||||
cache: pnpm
|
||||
cache-dependency-path: ./docs/pnpm-lock.yaml
|
||||
|
||||
- name: Install dependencies
|
||||
run: pnpm install
|
||||
- name: Test build website
|
||||
run: pnpm run build
|
||||
- name: Setup Mise
|
||||
uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- run: mise docs:build
|
||||
|
||||
18
.github/workflows/docs.yml
vendored
@@ -16,19 +16,13 @@ jobs:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- uses: pnpm/action-setup@v4
|
||||
with:
|
||||
package_json_file: ./docs/package.json
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: lts/*
|
||||
cache: pnpm
|
||||
cache-dependency-path: ./docs/pnpm-lock.yaml
|
||||
|
||||
- name: Install dependencies
|
||||
run: pnpm install
|
||||
- name: Build website
|
||||
run: pnpm run build
|
||||
- name: Setup Mise
|
||||
uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- run: mise docs:build
|
||||
|
||||
- name: Upload Build Artifact
|
||||
uses: actions/upload-pages-artifact@v3
|
||||
|
||||
19
.github/workflows/git-town.yml
vendored
Normal file
@@ -0,0 +1,19 @@
|
||||
name: Git Town
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
git-town:
|
||||
name: Display the branch stack
|
||||
runs-on: ubuntu-slim
|
||||
|
||||
if: ${{ !startsWith(github.head_ref, 'release-please--') }}
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
- uses: stoatchat/action-git-town@4bc5c942e4603bffa0806b51d5fe5f0bc5deb0ac
|
||||
24
.github/workflows/publish-crates.yml
vendored
Normal file
@@ -0,0 +1,24 @@
|
||||
name: Publish Crates
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
jobs:
|
||||
publish:
|
||||
name: Publish Crates
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Setup Mise
|
||||
uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Publish
|
||||
run: mise publish --workspace
|
||||
48
.github/workflows/release-please.yml
vendored
@@ -33,28 +33,30 @@ jobs:
|
||||
token: ${{ steps.app-token.outputs.token }}
|
||||
config-file: release-please-config.json
|
||||
|
||||
publish-please:
|
||||
name: Publish Please
|
||||
needs: release-please
|
||||
if: needs.release-please.outputs.release_created == 'true'
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- id: app-token
|
||||
uses: actions/create-github-app-token@v2
|
||||
- name: Install latest stable
|
||||
uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
|
||||
with:
|
||||
app-id: ${{ secrets.GH_STOAT_RELEASE_APP_ID }}
|
||||
private-key: ${{ secrets.GH_STOAT_RELEASE_APP_PRIVATE_KEY }}
|
||||
|
||||
- name: Send release notification webhook
|
||||
toolchain: stable
|
||||
|
||||
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
token: ${{ steps.app-token.outputs.token }}
|
||||
- name: Update Cargo.lock
|
||||
if: ${{ steps.rp.outputs.prs_created == 'true' || steps.rp.outputs.prs_updated == 'true' }}
|
||||
env:
|
||||
GH_TOKEN: ${{ steps.app-token.outputs.token }}
|
||||
run: |
|
||||
RELEASE_URL="https://github.com/revoltchat/backend/releases/tag/${{ needs.release-please.outputs.tag_name }}"
|
||||
curl -X POST "${{ secrets.STOAT_WEBHOOK_UPDATES_URL }}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"content\": \"$RELEASE_URL\"}"
|
||||
|
||||
- name: Publish crates
|
||||
uses: katyo/publish-crates@v2
|
||||
with:
|
||||
registry-token: ${{ secrets.CRATES_IO_PUBLISH_TOKEN }}
|
||||
PR_NUMBER=$(echo '${{ steps.rp.outputs.prs }}' | jq -r '.[0].number')
|
||||
gh pr checkout "$PR_NUMBER"
|
||||
|
||||
cargo update -w
|
||||
|
||||
if git diff --quiet Cargo.lock; then
|
||||
echo "No changes to Cargo.lock"
|
||||
else
|
||||
git config user.name "github-actions[bot]"
|
||||
git config user.email "github-actions[bot]@users.noreply.github.com"
|
||||
git add Cargo.lock
|
||||
git commit -s -m "chore: update Cargo.lock"
|
||||
git push
|
||||
fi
|
||||
|
||||
19
.github/workflows/release-webhook.yml
vendored
Normal file
@@ -0,0 +1,19 @@
|
||||
name: Release Webhook
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
jobs:
|
||||
release-webhook:
|
||||
name: Send Release Webhook
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Send release notification webhook
|
||||
run: |
|
||||
RELEASE_URL="https://github.com/${{ github.repository }}/releases/tag/${{ github.event.release.tag_name }}"
|
||||
curl -X POST "${{ secrets.STOAT_WEBHOOK_UPDATES_URL }}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"content\": \"$RELEASE_URL\"}"
|
||||
34
.github/workflows/rust.yaml
vendored
@@ -18,49 +18,41 @@ jobs:
|
||||
runs-on: arc-runner-set
|
||||
steps:
|
||||
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
# Using our own runners for now:
|
||||
# - name: Free up disk space
|
||||
# run: |
|
||||
# sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc
|
||||
|
||||
- name: Install latest stable
|
||||
uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
|
||||
- name: Setup Mise
|
||||
uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
|
||||
with:
|
||||
toolchain: stable
|
||||
components: rustfmt, clippy
|
||||
|
||||
- name: Install cargo-nextest
|
||||
uses: taiki-e/install-action@a58ae9526b2c3acee9ad8e1926b950b7863305d4 # 2.65.16
|
||||
with:
|
||||
tool: cargo-nextest@0.9.119
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Run cargo build
|
||||
run: cargo build
|
||||
|
||||
- name: Run services in background
|
||||
run: |
|
||||
docker compose -f compose.yml up -d
|
||||
|
||||
- name: Run cargo test
|
||||
- run: mise build
|
||||
- run: mise docker:start
|
||||
|
||||
- name: Reference Test
|
||||
env:
|
||||
TEST_DB: REFERENCE
|
||||
run: |
|
||||
cargo nextest run
|
||||
mise test
|
||||
|
||||
- name: Run cargo test (with MongoDB)
|
||||
- name: MongoDB Test
|
||||
env:
|
||||
TEST_DB: MONGODB
|
||||
MONGODB: mongodb://localhost
|
||||
run: |
|
||||
cargo nextest run
|
||||
mise test
|
||||
|
||||
- name: Start API in background
|
||||
if: github.event_name != 'pull_request' && github.ref_name == 'main'
|
||||
env:
|
||||
TEST_DB: REFERENCE
|
||||
run: |
|
||||
cargo build --bin revolt-delta && (cargo run --bin revolt-delta &)
|
||||
mise build --bin revolt-delta && (mise service:api &)
|
||||
|
||||
- name: Wait for API to go up
|
||||
if: github.event_name != 'pull_request' && github.ref_name == 'main'
|
||||
|
||||
19
.mise/config.toml
Normal file
@@ -0,0 +1,19 @@
|
||||
[tools]
|
||||
node = "25.4.0"
|
||||
pnpm = "10.28.1"
|
||||
|
||||
gh = "2.25.0"
|
||||
|
||||
rust = "1.92.0"
|
||||
"cargo:cargo-nextest" = "0.9.122"
|
||||
|
||||
"github:git-town/git-town" = "22.4.0"
|
||||
|
||||
[settings]
|
||||
experimental = true
|
||||
idiomatic_version_file_enable_tools = ["rust"]
|
||||
|
||||
[tasks.start]
|
||||
description = "Run all services"
|
||||
depends = ["docker:start", "build"]
|
||||
run = [{ task = "service:*" }]
|
||||
5
.mise/tasks/build
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Build project"
|
||||
set -e
|
||||
|
||||
cargo build "$@"
|
||||
5
.mise/tasks/check
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Check project with clippy"
|
||||
set -e
|
||||
|
||||
cargo clippy
|
||||
5
.mise/tasks/docker/start
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Start Docker containers"
|
||||
set -e
|
||||
|
||||
docker compose up -d
|
||||
5
.mise/tasks/docker/stop
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Stop Docker containers"
|
||||
set -e
|
||||
|
||||
docker compose down
|
||||
7
.mise/tasks/docs/_default
Executable file
@@ -0,0 +1,7 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Start the Stoat Developers website"
|
||||
#MISE depends=["docs:install"]
|
||||
#MISE dir="{{config_root}}/docs"
|
||||
set -e
|
||||
|
||||
pnpm build
|
||||
7
.mise/tasks/docs/build
Executable file
@@ -0,0 +1,7 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Build the Stoat Developers website"
|
||||
#MISE depends=["docs:install"]
|
||||
#MISE dir="{{config_root}}/docs"
|
||||
set -e
|
||||
|
||||
pnpm build
|
||||
6
.mise/tasks/docs/install
Executable file
@@ -0,0 +1,6 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Install dependencies for docs site"
|
||||
#MISE dir="{{config_root}}/docs"
|
||||
set -e
|
||||
|
||||
pnpm i --frozen-lockfile
|
||||
5
.mise/tasks/publish
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Publish project"
|
||||
set -e
|
||||
|
||||
cargo publish "$@"
|
||||
5
.mise/tasks/service/api
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Run API server"
|
||||
set -e
|
||||
|
||||
cargo run --bin revolt-delta
|
||||
5
.mise/tasks/service/crond
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Run cron daemon"
|
||||
set -e
|
||||
|
||||
cargo run --bin revolt-crond
|
||||
5
.mise/tasks/service/events
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Run events server"
|
||||
set -e
|
||||
|
||||
cargo run --bin revolt-bonfire
|
||||
5
.mise/tasks/service/files
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Run file server"
|
||||
set -e
|
||||
|
||||
cargo run --bin revolt-autumn
|
||||
5
.mise/tasks/service/gifbox
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Run GIF proxy server"
|
||||
set -e
|
||||
|
||||
cargo run --bin revolt-gifbox
|
||||
5
.mise/tasks/service/proxy
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Run proxy server"
|
||||
set -e
|
||||
|
||||
cargo run --bin revolt-january
|
||||
5
.mise/tasks/service/pushd
Executable file
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Run push daemon"
|
||||
set -e
|
||||
|
||||
cargo run --bin revolt-pushd
|
||||
8
.mise/tasks/test
Executable file
@@ -0,0 +1,8 @@
|
||||
#!/usr/bin/env bash
|
||||
#MISE description="Test project"
|
||||
set -e
|
||||
|
||||
: "${TEST_DB:=REFERENCE}"
|
||||
export TEST_DB
|
||||
|
||||
cargo nextest run
|
||||
@@ -1,3 +1,3 @@
|
||||
{
|
||||
".": "0.9.2"
|
||||
".": "0.11.0"
|
||||
}
|
||||
56
CHANGELOG.md
@@ -1,5 +1,61 @@
|
||||
# Changelog
|
||||
|
||||
## [0.11.0](https://github.com/stoatchat/stoatchat/compare/v0.10.3...v0.11.0) (2026-02-10)
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* appeal to the almighty Spamhaus ([#524](https://github.com/stoatchat/stoatchat/issues/524)) ([5132270](https://github.com/stoatchat/stoatchat/commit/5132270f2edd6df25ce414daa42ed1b2aa6fa7a9))
|
||||
|
||||
## [0.10.3](https://github.com/stoatchat/stoatchat/compare/v0.10.2...v0.10.3) (2026-02-07)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* update `Revolt` -> `Stoat` in email titles/desc. ([#508](https://github.com/stoatchat/stoatchat/issues/508)) ([84483ce](https://github.com/stoatchat/stoatchat/commit/84483cee7af3e5dfa16f7fe13e334c4d9f5abd60))
|
||||
|
||||
## [0.10.2](https://github.com/stoatchat/stoatchat/compare/v0.10.1...v0.10.2) (2026-01-25)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* thumbnailification requires rgb8/rgba8 ([#505](https://github.com/stoatchat/stoatchat/issues/505)) ([413aa04](https://github.com/stoatchat/stoatchat/commit/413aa04dcaf8bff3935ed1e5f31432e11a03ce6f))
|
||||
|
||||
## [0.10.1](https://github.com/stoatchat/stoatchat/compare/v0.10.0...v0.10.1) (2026-01-25)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* use Rust 1.92.0 for Docker build ([#503](https://github.com/stoatchat/stoatchat/issues/503)) ([98da8a2](https://github.com/stoatchat/stoatchat/commit/98da8a28a0aa2fee4e8eee1d86bd7c49e3187477))
|
||||
|
||||
## [0.10.0](https://github.com/stoatchat/stoatchat/compare/v0.9.4...v0.10.0) (2026-01-25)
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* allow kicking members from voice channels ([#495](https://github.com/stoatchat/stoatchat/issues/495)) ([0dc5442](https://github.com/stoatchat/stoatchat/commit/0dc544249825a49c793309edee5ec1838458a6da))
|
||||
* repository architecture for files crate w. added tests ([#498](https://github.com/stoatchat/stoatchat/issues/498)) ([01ded20](https://github.com/stoatchat/stoatchat/commit/01ded209c62208fc906d6aab9b08c04e860e10ef))
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* expose ratelimit headers via cors ([#496](https://github.com/stoatchat/stoatchat/issues/496)) ([a1a2125](https://github.com/stoatchat/stoatchat/commit/a1a21252d0ad58937e41f16e5fb86f96bebd2a51))
|
||||
|
||||
## [0.9.4](https://github.com/stoatchat/stoatchat/compare/v0.9.3...v0.9.4) (2026-01-10)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* checkout repo. before bumping lock ([#490](https://github.com/stoatchat/stoatchat/issues/490)) ([b2da2a8](https://github.com/stoatchat/stoatchat/commit/b2da2a858787853be43136fd526a0bd72baf78ef))
|
||||
* persist credentials for git repo ([#492](https://github.com/stoatchat/stoatchat/issues/492)) ([c674a9f](https://github.com/stoatchat/stoatchat/commit/c674a9fd4e0abbd51569870e4b38074d4a1de03c))
|
||||
|
||||
## [0.9.3](https://github.com/stoatchat/stoatchat/compare/v0.9.2...v0.9.3) (2026-01-10)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* pipeline fixes ([#487](https://github.com/stoatchat/stoatchat/issues/487)) ([aeeafeb](https://github.com/stoatchat/stoatchat/commit/aeeafebefc36a43a656cf797c9251ca50292733c))
|
||||
|
||||
## [0.9.2](https://github.com/stoatchat/stoatchat/compare/v0.9.1...v0.9.2) (2026-01-10)
|
||||
|
||||
|
||||
|
||||
752
Cargo.lock
generated
36
Cargo.toml
@@ -14,9 +14,37 @@ redis23 = { package = "redis", version = "0.23.3", git = "https://github.com/rev
|
||||
#authifier = { package = "authifier", version = "1.0.10", path = "../authifier/crates/authifier" }
|
||||
#rocket_authifier = { package = "rocket_authifier", version = "1.0.10", path = "../authifier/crates/rocket_authifier" }
|
||||
|
||||
# I'm 99% sure this is overloading the GitHub worker
|
||||
# hence builds have been failing since, let's just
|
||||
# disable it for now. In the future, we could use this
|
||||
# if we were rolling our own CI (that is now).
|
||||
[profile.release]
|
||||
lto = true
|
||||
|
||||
[workspace.dependencies]
|
||||
# Async
|
||||
async-trait = "0.1.89"
|
||||
tokio = { version = "1.49.0", features = ["macros", "rt"] }
|
||||
|
||||
# Error Handling
|
||||
anyhow = "1.0.100"
|
||||
thiserror = "2.0.18"
|
||||
|
||||
# Other Utilities
|
||||
uuid = { version = "1.19.0", features = ["v4"] }
|
||||
|
||||
# Axum (HTTP server)
|
||||
axum-macros = "0.4.1"
|
||||
axum_typed_multipart = "0.12.1"
|
||||
axum = { version = "0.7.5", features = ["multipart"] }
|
||||
tower-http = { version = "0.5.2", features = ["cors", "trace"] }
|
||||
|
||||
# Image Processing
|
||||
jxl-oxide = { version = "0.12.5", features = ["image"] }
|
||||
image = "0.25.9"
|
||||
|
||||
# OpenTelemetry
|
||||
tracing = "0.1.44"
|
||||
tracing-subscriber = { version = "0.3.22", features = [
|
||||
"env-filter",
|
||||
] } # consider https://crates.io/crates/better-tracing
|
||||
opentelemetry = { version = "0.31.0", features = ["logs"] }
|
||||
opentelemetry_sdk = { version = "0.31.0", features = ["logs"] }
|
||||
opentelemetry-otlp = { version = "0.31.0", features = ["logs"] }
|
||||
opentelemetry-appender-tracing = { version = "0.31.1" }
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# Build Stage
|
||||
FROM --platform="${BUILDPLATFORM}" rust:1.86.0-slim-bookworm
|
||||
FROM --platform="${BUILDPLATFORM}" rust:1.92.0-slim-bookworm
|
||||
USER 0:0
|
||||
WORKDIR /home/rust/src
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# Build Stage
|
||||
FROM rust:1.86.0-slim-bookworm
|
||||
FROM rust:1.92.0-slim-bookworm
|
||||
USER 0:0
|
||||
WORKDIR /home/rust/src
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<div align="center">
|
||||
<h1>
|
||||
Revolt Backend
|
||||
Stoat Backend
|
||||
|
||||
[](https://github.com/revoltchat/backend/stargazers)
|
||||
[](https://github.com/revoltchat/backend/network/members)
|
||||
@@ -43,13 +43,13 @@ Before contributing, make yourself familiar with [our contribution guidelines](h
|
||||
|
||||
Before getting started, you'll want to install:
|
||||
|
||||
- Rust toolchain (rustup recommended)
|
||||
- mise
|
||||
- Docker
|
||||
- Git
|
||||
- mold (optional, faster compilation)
|
||||
|
||||
> A **default.nix** is available for Nix users!
|
||||
> Just run `nix-shell` and continue.
|
||||
> Run `nix-shell` to activate mise.
|
||||
|
||||
As a heads-up, the development environment uses the following ports:
|
||||
|
||||
@@ -72,7 +72,7 @@ Now you can clone and build the project:
|
||||
```bash
|
||||
git clone https://github.com/revoltchat/backend revolt-backend
|
||||
cd revolt-backend
|
||||
cargo build
|
||||
mise build
|
||||
```
|
||||
|
||||
A default configuration `Revolt.toml` is present in this project that is suited for development.
|
||||
|
||||
@@ -12,6 +12,10 @@ services:
|
||||
- "27017:27017"
|
||||
volumes:
|
||||
- ./.data/db:/data/db
|
||||
ulimits:
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
|
||||
# MinIO
|
||||
minio:
|
||||
@@ -55,7 +59,7 @@ services:
|
||||
|
||||
# Mock SMTP server
|
||||
maildev:
|
||||
image: soulteary/maildev
|
||||
image: maildev/maildev
|
||||
ports:
|
||||
- "14025:25"
|
||||
- "14080:8080"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "revolt-bonfire"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
license = "AGPL-3.0-or-later"
|
||||
edition = "2021"
|
||||
publish = false
|
||||
@@ -38,7 +38,7 @@ async-std = { version = "1.8.0", features = [
|
||||
] }
|
||||
|
||||
# core
|
||||
authifier = { version = "1.0.15" }
|
||||
authifier = { version = "1.0.16" }
|
||||
revolt-result = { path = "../core/result" }
|
||||
revolt-models = { path = "../core/models" }
|
||||
revolt-config = { path = "../core/config" }
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
[package]
|
||||
name = "revolt-coalesced"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "MIT"
|
||||
authors = ["Paul Makles <me@insrt.uk>", "Zomatree <me@zomatree.live>"]
|
||||
description = "Revolt Backend: Coalescion service"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
[features]
|
||||
tokio = ["dep:tokio"]
|
||||
@@ -15,8 +16,13 @@ default = ["tokio"]
|
||||
|
||||
[dependencies]
|
||||
tokio = { version = "1.47.0", features = ["sync"], optional = true }
|
||||
indexmap = { version = "*", optional = true }
|
||||
lru = { version = "*", optional = true }
|
||||
indexmap = { version = "2.13.0", optional = true }
|
||||
lru = { version = "0.16.3", optional = true }
|
||||
|
||||
[dev-dependencies]
|
||||
tokio = { version = "1.47.0", features = ["rt", "rt-multi-thread", "macros", "time"] }
|
||||
tokio = { version = "1.47.0", features = [
|
||||
"rt",
|
||||
"rt-multi-thread",
|
||||
"macros",
|
||||
"time",
|
||||
] }
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
[package]
|
||||
name = "revolt-config"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "MIT"
|
||||
authors = ["Paul Makles <me@insrt.uk>"]
|
||||
description = "Revolt Backend: Configuration"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
@@ -37,4 +38,4 @@ sentry = { version = "0.31.5", optional = true }
|
||||
sentry-anyhow = { version = "0.38.1", optional = true }
|
||||
|
||||
# Core
|
||||
revolt-result = { version = "0.9.2", path = "../result", optional = true }
|
||||
revolt-result = { version = "0.11.0", path = "../result", optional = true }
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
use std::collections::HashMap;
|
||||
use std::{collections::HashMap, path::Path};
|
||||
|
||||
use cached::proc_macro::cached;
|
||||
use config::{Config, File, FileFormat};
|
||||
@@ -94,10 +94,19 @@ static CONFIG_BUILDER: Lazy<RwLock<Config>> = Lazy::new(|| {
|
||||
}
|
||||
}
|
||||
|
||||
for path in CONFIG_SEARCH_PATHS {
|
||||
if std::path::Path::new(path).exists() {
|
||||
builder = builder.add_source(File::new(path, FileFormat::Toml));
|
||||
let cwd = std::env::current_dir().unwrap();
|
||||
let mut cwd: Option<&Path> = Some(&cwd);
|
||||
|
||||
while let Some(path) = cwd {
|
||||
for config_path in CONFIG_SEARCH_PATHS {
|
||||
let config_path = path.join(config_path);
|
||||
if config_path.exists() {
|
||||
builder = builder
|
||||
.add_source(File::new(config_path.to_str().unwrap(), FileFormat::Toml));
|
||||
}
|
||||
}
|
||||
|
||||
cwd = path.parent();
|
||||
}
|
||||
|
||||
builder.build().unwrap()
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
[package]
|
||||
name = "revolt-database"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "AGPL-3.0-or-later"
|
||||
authors = ["Paul Makles <me@insrt.uk>"]
|
||||
description = "Revolt Backend: Database Implementation"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
@@ -15,8 +16,14 @@ mongodb = ["dep:mongodb", "bson", "authifier/database-mongodb"]
|
||||
# ... Other
|
||||
tasks = ["isahc", "linkify", "url-escape"]
|
||||
async-std-runtime = ["async-std", "authifier/async-std-runtime"]
|
||||
rocket-impl = ["rocket", "schemars", "revolt_okapi", "revolt_rocket_okapi", "authifier/rocket_impl"]
|
||||
axum-impl = ["axum"]
|
||||
rocket-impl = [
|
||||
"rocket",
|
||||
"schemars",
|
||||
"revolt_okapi",
|
||||
"revolt_rocket_okapi",
|
||||
"authifier/rocket_impl",
|
||||
]
|
||||
axum-impl = ["axum", "revolt-result/axum"]
|
||||
redis-is-patched = ["revolt-presence/redis-is-patched"]
|
||||
voice = ["livekit-api", "livekit-protocol", "livekit-runtime"]
|
||||
|
||||
@@ -25,19 +32,19 @@ default = ["mongodb", "async-std-runtime", "tasks"]
|
||||
|
||||
[dependencies]
|
||||
# Core
|
||||
revolt-config = { version = "0.9.2", path = "../config", features = [
|
||||
revolt-config = { version = "0.11.0", path = "../config", features = [
|
||||
"report-macros",
|
||||
] }
|
||||
revolt-result = { version = "0.9.2", path = "../result" }
|
||||
revolt-models = { version = "0.9.2", path = "../models", features = [
|
||||
revolt-result = { version = "0.11.0", path = "../result" }
|
||||
revolt-models = { version = "0.11.0", path = "../models", features = [
|
||||
"validator",
|
||||
] }
|
||||
revolt-presence = { version = "0.9.2", path = "../presence" }
|
||||
revolt-permissions = { version = "0.9.2", path = "../permissions", features = [
|
||||
revolt-presence = { version = "0.11.0", path = "../presence" }
|
||||
revolt-permissions = { version = "0.11.0", path = "../permissions", features = [
|
||||
"serde",
|
||||
"bson",
|
||||
] }
|
||||
revolt-parser = { version = "0.9.2", path = "../parser" }
|
||||
revolt-parser = { version = "0.11.0", path = "../parser" }
|
||||
|
||||
# Utility
|
||||
log = "0.4"
|
||||
@@ -93,12 +100,12 @@ revolt_okapi = { version = "0.9.1", optional = true }
|
||||
revolt_rocket_okapi = { version = "0.10.0", optional = true }
|
||||
|
||||
# Authifier
|
||||
authifier = { version = "1.0.15" }
|
||||
authifier = { version = "1.0.16" }
|
||||
|
||||
# RabbitMQ
|
||||
amqprs = { version = "1.7.0" }
|
||||
|
||||
# Voice
|
||||
livekit-api = { version = "0.4.4", optional = true}
|
||||
livekit-api = { version = "0.4.4", optional = true }
|
||||
livekit-protocol = { version = "0.4.0", optional = true }
|
||||
livekit-runtime = { version = "0.3.1", features = ["tokio"], optional = true }
|
||||
|
||||
@@ -10,6 +10,7 @@ use authifier::config::SMTPSettings;
|
||||
use authifier::config::Shield;
|
||||
use authifier::config::Template;
|
||||
use authifier::config::Templates;
|
||||
use authifier::config::EmailExpiryConfig;
|
||||
use authifier::Authifier;
|
||||
use rand::Rng;
|
||||
use revolt_config::config;
|
||||
@@ -69,7 +70,7 @@ impl DatabaseInfo {
|
||||
.await;
|
||||
|
||||
#[cfg(not(feature = "mongodb"))]
|
||||
return Err("MongoDB not enabled.".to_string())
|
||||
return Err("MongoDB not enabled.".to_string());
|
||||
} else {
|
||||
DatabaseInfo::Reference.connect().await
|
||||
}
|
||||
@@ -90,7 +91,7 @@ impl DatabaseInfo {
|
||||
.await;
|
||||
|
||||
#[cfg(not(feature = "mongodb"))]
|
||||
return Err("MongoDB not enabled.".to_string())
|
||||
return Err("MongoDB not enabled.".to_string());
|
||||
}
|
||||
_ => unreachable!("must specify REFERENCE or MONGODB"),
|
||||
}
|
||||
@@ -137,29 +138,33 @@ impl Database {
|
||||
.api
|
||||
.smtp
|
||||
.reply_to
|
||||
.unwrap_or("support@revolt.chat".into()),
|
||||
.unwrap_or("support@stoat.chat".into()),
|
||||
),
|
||||
port: config.api.smtp.port,
|
||||
use_tls: config.api.smtp.use_tls,
|
||||
use_starttls: config.api.smtp.use_starttls,
|
||||
},
|
||||
expiry: Default::default(),
|
||||
expiry: EmailExpiryConfig {
|
||||
expire_verification: 3600 * 24 * 7,
|
||||
expire_password_reset: 3600 * 24,
|
||||
expire_account_deletion: 3600 * 24,
|
||||
},
|
||||
templates: if config.production {
|
||||
Templates {
|
||||
verify: Template {
|
||||
title: "Verify your Revolt account.".into(),
|
||||
title: "Verify your Stoat account.".into(),
|
||||
text: include_str!("../../templates/verify.txt").into(),
|
||||
url: format!("{}/login/verify/", config.hosts.app),
|
||||
html: Some(include_str!("../../templates/verify.html").into()),
|
||||
},
|
||||
reset: Template {
|
||||
title: "Reset your Revolt password.".into(),
|
||||
title: "Reset your Stoat password.".into(),
|
||||
text: include_str!("../../templates/reset.txt").into(),
|
||||
url: format!("{}/login/reset/", config.hosts.app),
|
||||
html: Some(include_str!("../../templates/reset.html").into()),
|
||||
},
|
||||
reset_existing: Template {
|
||||
title: "You already have a Revolt account, reset your password."
|
||||
title: "You already have a Stoat account, reset your password."
|
||||
.into(),
|
||||
text: include_str!("../../templates/reset-existing.txt").into(),
|
||||
url: format!("{}/login/reset/", config.hosts.app),
|
||||
|
||||
@@ -72,6 +72,7 @@ auto_derived!(
|
||||
CanReceive,
|
||||
CanPublish,
|
||||
JoinedAt,
|
||||
VoiceChannel,
|
||||
}
|
||||
|
||||
/// Member removal intention
|
||||
@@ -224,13 +225,14 @@ impl Member {
|
||||
|
||||
pub fn remove_field(&mut self, field: &FieldsMember) {
|
||||
match field {
|
||||
FieldsMember::JoinedAt => (),
|
||||
FieldsMember::JoinedAt => {},
|
||||
FieldsMember::Avatar => self.avatar = None,
|
||||
FieldsMember::Nickname => self.nickname = None,
|
||||
FieldsMember::Roles => self.roles.clear(),
|
||||
FieldsMember::Timeout => self.timeout = None,
|
||||
FieldsMember::CanReceive => self.can_receive = true,
|
||||
FieldsMember::CanPublish => self.can_publish = true,
|
||||
FieldsMember::VoiceChannel => {},
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -330,14 +330,15 @@ impl AbstractServerMembers for MongoDb {
|
||||
|
||||
impl IntoDocumentPath for FieldsMember {
|
||||
fn as_path(&self) -> Option<&'static str> {
|
||||
Some(match self {
|
||||
FieldsMember::JoinedAt => "joined_at",
|
||||
FieldsMember::Avatar => "avatar",
|
||||
FieldsMember::Nickname => "nickname",
|
||||
FieldsMember::Roles => "roles",
|
||||
FieldsMember::Timeout => "timeout",
|
||||
FieldsMember::CanPublish => "can_publish",
|
||||
FieldsMember::CanReceive => "can_receive",
|
||||
})
|
||||
match self {
|
||||
FieldsMember::JoinedAt => Some("joined_at"),
|
||||
FieldsMember::Avatar => Some("avatar"),
|
||||
FieldsMember::Nickname => Some("nickname"),
|
||||
FieldsMember::Roles => Some("roles"),
|
||||
FieldsMember::Timeout => Some("timeout"),
|
||||
FieldsMember::CanPublish => Some("can_publish"),
|
||||
FieldsMember::CanReceive => Some("can_receive"),
|
||||
FieldsMember::VoiceChannel => None,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -691,6 +691,7 @@ impl From<crate::FieldsMember> for FieldsMember {
|
||||
crate::FieldsMember::CanReceive => FieldsMember::CanReceive,
|
||||
crate::FieldsMember::CanPublish => FieldsMember::CanPublish,
|
||||
crate::FieldsMember::JoinedAt => FieldsMember::JoinedAt,
|
||||
crate::FieldsMember::VoiceChannel => FieldsMember::VoiceChannel,
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -705,6 +706,7 @@ impl From<FieldsMember> for crate::FieldsMember {
|
||||
FieldsMember::CanReceive => crate::FieldsMember::CanReceive,
|
||||
FieldsMember::CanPublish => crate::FieldsMember::CanPublish,
|
||||
FieldsMember::JoinedAt => crate::FieldsMember::JoinedAt,
|
||||
FieldsMember::VoiceChannel => crate::FieldsMember::VoiceChannel,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,6 +4,6 @@ Please navigate to: {{url}}
|
||||
|
||||
This email is intended for {{email}}
|
||||
|
||||
This email has no association with Revolt or Revolt Platforms Ltd.
|
||||
This email has no association with Stoat or Revolt Platforms Ltd.
|
||||
Learn more about third party instances here:
|
||||
https://developers.revolt.chat/faq.html
|
||||
|
||||
@@ -5,6 +5,6 @@ Please navigate to: {{url}}
|
||||
|
||||
This email is intended for {{email}}
|
||||
|
||||
This email has no association with Revolt or Revolt Platforms Ltd.
|
||||
This email has no association with Stoat or Revolt Platforms Ltd.
|
||||
Learn more about third party instances here:
|
||||
https://developers.revolt.chat/faq.html
|
||||
|
||||
@@ -1,13 +1,20 @@
|
||||
[package]
|
||||
name = "revolt-files"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "AGPL-3.0-or-later"
|
||||
authors = ["Paul Makles <me@insrt.uk>"]
|
||||
description = "Revolt Backend: S3 and encryption subroutines"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
[dependencies]
|
||||
tracing = "0.1"
|
||||
anyhow = { workspace = true }
|
||||
thiserror = { workspace = true }
|
||||
|
||||
tracing = { workspace = true }
|
||||
|
||||
tokio = { workspace = true }
|
||||
async-trait = { workspace = true }
|
||||
|
||||
ffprobe = "0.4.0"
|
||||
imagesize = "0.13.0"
|
||||
@@ -20,14 +27,14 @@ typenum = "1.17.0"
|
||||
aws-config = "1.5.5"
|
||||
aws-sdk-s3 = { version = "1.46.0", features = ["behavior-version-latest"] }
|
||||
|
||||
revolt-config = { version = "0.9.2", path = "../config", features = [
|
||||
revolt-config = { version = "0.11.0", path = "../config", features = [
|
||||
"report-macros",
|
||||
] }
|
||||
revolt-result = { version = "0.9.2", path = "../result" }
|
||||
revolt-result = { version = "0.11.0", path = "../result" }
|
||||
|
||||
# image processing
|
||||
jxl-oxide = "0.8.1"
|
||||
image = { version = "0.25.2" }
|
||||
jxl-oxide = { workspace = true }
|
||||
image = { workspace = true }
|
||||
|
||||
# svg rendering
|
||||
usvg = "0.44.0"
|
||||
@@ -36,3 +43,6 @@ tiny-skia = "0.11.4"
|
||||
|
||||
# encoding
|
||||
webp = "0.3.0"
|
||||
|
||||
[dev-dependencies]
|
||||
uuid = { workspace = true }
|
||||
|
||||
75
crates/core/files/src/implementation/encryption_impl.rs
Normal file
@@ -0,0 +1,75 @@
|
||||
use aes_gcm::{
|
||||
aead::{Aead, AeadCore, AeadMutInPlace, OsRng},
|
||||
Aes256Gcm, Key, KeyInit, Nonce,
|
||||
};
|
||||
use base64::{prelude::BASE64_STANDARD, Engine};
|
||||
|
||||
use crate::EncryptionRepository;
|
||||
|
||||
pub struct EncryptionKey {
|
||||
key: String,
|
||||
}
|
||||
|
||||
impl EncryptionKey {
|
||||
pub async fn from_config() -> EncryptionKey {
|
||||
EncryptionKey::new(revolt_config::config().await.files.encryption_key)
|
||||
}
|
||||
|
||||
pub fn new(key: String) -> EncryptionKey {
|
||||
EncryptionKey { key }
|
||||
}
|
||||
|
||||
fn create_cipher(&self) -> Aes256Gcm {
|
||||
let key = &BASE64_STANDARD
|
||||
.decode(self.key.clone())
|
||||
.expect("valid base64 string")[..];
|
||||
let key: &Key<Aes256Gcm> = key.into();
|
||||
Aes256Gcm::new(key)
|
||||
}
|
||||
}
|
||||
|
||||
impl EncryptionRepository for EncryptionKey {
|
||||
fn decrypt_buffer(&self, mut buf: Vec<u8>, iv: &str) -> anyhow::Result<Vec<u8>> {
|
||||
let iv = &BASE64_STANDARD.decode(iv).unwrap()[..];
|
||||
let iv: &Nonce<typenum::consts::U12> = iv.into();
|
||||
|
||||
self.create_cipher()
|
||||
.decrypt_in_place(iv, b"", &mut buf)
|
||||
.map_err(|error| {
|
||||
tracing::error!("{}", error);
|
||||
anyhow::anyhow!("EncryptionRepository: decryption failed")
|
||||
})?;
|
||||
|
||||
Ok(buf)
|
||||
}
|
||||
|
||||
fn encrypt_buffer(&self, buf: &[u8]) -> anyhow::Result<(Vec<u8>, String)> {
|
||||
let iv = Aes256Gcm::generate_nonce(&mut OsRng);
|
||||
|
||||
let buf = self.create_cipher().encrypt(&iv, buf).map_err(|error| {
|
||||
tracing::error!("{}", error);
|
||||
anyhow::anyhow!("EncryptionRepository: encryption failed")
|
||||
})?;
|
||||
|
||||
Ok((buf, BASE64_STANDARD.encode(iv)))
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
|
||||
#[test]
|
||||
fn test_encrypt_and_decrypt() {
|
||||
let encryption =
|
||||
EncryptionKey::new("XkbJ8gBzrouQ+15Ri23xCC81+aZE26Z6+gXzglFxOD4=".to_string());
|
||||
|
||||
let buf: Vec<u8> = vec![67];
|
||||
let (ciphertext, iv) = encryption.encrypt_buffer(&buf[..]).unwrap();
|
||||
assert_eq!(ciphertext.len(), 17);
|
||||
|
||||
let plaintext = encryption.decrypt_buffer(ciphertext, &iv).unwrap();
|
||||
assert_eq!(plaintext.len(), 1);
|
||||
assert_eq!(plaintext[0], 67);
|
||||
}
|
||||
}
|
||||
316
crates/core/files/src/implementation/media_impl.rs
Normal file
@@ -0,0 +1,316 @@
|
||||
use anyhow::Result;
|
||||
use image::{DynamicImage, ImageBuffer, ImageReader};
|
||||
use jxl_oxide::integration::JxlDecoder;
|
||||
use revolt_config::report_internal_error;
|
||||
use std::io::{BufRead, Read, Seek};
|
||||
use tempfile::NamedTempFile;
|
||||
use tiny_skia::Pixmap;
|
||||
|
||||
use crate::{MediaError, MediaRepository};
|
||||
|
||||
pub struct MediaImpl {
|
||||
config: revolt_config::Files,
|
||||
}
|
||||
|
||||
impl MediaImpl {
|
||||
pub async fn from_config() -> MediaImpl {
|
||||
MediaImpl {
|
||||
config: revolt_config::config().await.files,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn new(config: revolt_config::Files) -> MediaImpl {
|
||||
MediaImpl { config }
|
||||
}
|
||||
}
|
||||
|
||||
impl MediaRepository for MediaImpl {
|
||||
fn image_size(&self, f: &NamedTempFile) -> Option<(usize, usize)> {
|
||||
if let Ok(size) = imagesize::size(f.path())
|
||||
.inspect_err(|err| tracing::error!("Failed to generate image size! {err:?}"))
|
||||
{
|
||||
Some((size.width, size.height))
|
||||
} else {
|
||||
None
|
||||
}
|
||||
}
|
||||
|
||||
fn image_size_vec(&self, v: &[u8], mime: &str) -> Option<(usize, usize)> {
|
||||
match mime {
|
||||
"image/svg+xml" => {
|
||||
let tree =
|
||||
report_internal_error!(usvg::Tree::from_data(v, &Default::default())).ok()?;
|
||||
|
||||
let size = tree.size();
|
||||
Some((size.width() as usize, size.height() as usize))
|
||||
}
|
||||
_ => {
|
||||
if let Ok(size) = imagesize::blob_size(v)
|
||||
.inspect_err(|err| tracing::error!("Failed to generate image size! {err:?}"))
|
||||
{
|
||||
Some((size.width, size.height))
|
||||
} else {
|
||||
None
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn decode_image<R: Read + BufRead + Seek>(
|
||||
&self,
|
||||
reader: &mut R,
|
||||
mime: &str,
|
||||
) -> Result<DynamicImage, MediaError> {
|
||||
match mime {
|
||||
"image/jxl" => {
|
||||
let decoder =
|
||||
JxlDecoder::new(reader).map_err(|e| MediaError::from(anyhow::anyhow!(e)))?;
|
||||
|
||||
DynamicImage::from_decoder(decoder)
|
||||
.map_err(|e| MediaError::from(anyhow::anyhow!(e)))
|
||||
}
|
||||
"image/svg+xml" => {
|
||||
let mut buf = Vec::new();
|
||||
reader
|
||||
.read_to_end(&mut buf)
|
||||
.map_err(|e| MediaError::from(anyhow::anyhow!(e)))?;
|
||||
|
||||
let tree: usvg::Tree = usvg::Tree::from_data(&buf, &Default::default())
|
||||
.map_err(|e| MediaError::from(anyhow::anyhow!(e)))?;
|
||||
|
||||
let size = tree.size();
|
||||
let mut pixmap = Pixmap::new(size.width() as u32, size.height() as u32)
|
||||
.ok_or_else(|| MediaError::ImageProcessingFailed {
|
||||
cause: "failed to create Pixmap, likely zero sized".to_string(),
|
||||
})?;
|
||||
|
||||
let mut pixmap_mut = pixmap.as_mut();
|
||||
resvg::render(&tree, Default::default(), &mut pixmap_mut);
|
||||
|
||||
Ok(DynamicImage::ImageRgba8(
|
||||
ImageBuffer::from_vec(
|
||||
size.width() as u32,
|
||||
size.height() as u32,
|
||||
pixmap.data().to_vec(),
|
||||
)
|
||||
.ok_or_else(|| MediaError::ImageProcessingFailed {
|
||||
cause: "buffer is not big enough".to_string(),
|
||||
})?,
|
||||
))
|
||||
}
|
||||
_ => {
|
||||
let image: ImageReader<&mut R> = image::ImageReader::new(reader)
|
||||
.with_guessed_format()
|
||||
.map_err(|e| MediaError::from(anyhow::anyhow!(e)))?;
|
||||
|
||||
let image: Result<DynamicImage, MediaError> = image
|
||||
.decode()
|
||||
.map_err(|e| MediaError::from(anyhow::anyhow!(e)));
|
||||
|
||||
image
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn is_valid_image<R: Read + BufRead + Seek>(&self, reader: &mut R, mime: &str) -> bool {
|
||||
match mime {
|
||||
"image/jxl" => jxl_oxide::JxlImage::builder()
|
||||
.read(reader)
|
||||
.inspect_err(|err| tracing::error!("Failed to read JXL! {err:?}"))
|
||||
.is_ok(),
|
||||
_ => !matches!(
|
||||
image::ImageReader::new(reader)
|
||||
.with_guessed_format()
|
||||
.inspect_err(|err| tracing::error!("Failed to read image! {err:?}"))
|
||||
.map(|f| f.decode()),
|
||||
Err(_) | Ok(Err(_))
|
||||
),
|
||||
}
|
||||
}
|
||||
|
||||
fn create_thumbnail(&self, image: DynamicImage, tag: &str) -> Vec<u8> {
|
||||
let [w, h] = self.config.preview.get(tag).unwrap();
|
||||
|
||||
let image = image.thumbnail(image.width().min(*w as u32), image.height().min(*h as u32));
|
||||
let image = match image {
|
||||
DynamicImage::ImageRgb8(_) => image,
|
||||
DynamicImage::ImageRgba8(_) => image,
|
||||
_ => {
|
||||
if image.has_alpha() {
|
||||
image.to_rgba8().into()
|
||||
} else {
|
||||
image.to_rgb8().into()
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
let encoder = webp::Encoder::from_image(&image).expect("Could not create encoder.");
|
||||
if self.config.webp_quality != 100.0 {
|
||||
encoder.encode(self.config.webp_quality).to_vec()
|
||||
} else {
|
||||
encoder.encode_lossless().to_vec()
|
||||
}
|
||||
}
|
||||
|
||||
fn video_size(&self, f: &NamedTempFile) -> Option<(i64, i64)> {
|
||||
if let Ok(data) = ffprobe::ffprobe(f.path())
|
||||
.inspect_err(|err| tracing::error!("Failed to ffprobe file! {err:?}"))
|
||||
{
|
||||
for stream in data.streams {
|
||||
if let (Some(w), Some(h)) = (stream.width, stream.height) {
|
||||
return Some((w, h));
|
||||
}
|
||||
}
|
||||
|
||||
None
|
||||
} else {
|
||||
None
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use std::io::Cursor;
|
||||
|
||||
use crate::{MediaImpl, MediaRepository};
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_jpeg() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/test.jpeg");
|
||||
assert_eq!(media.image_size_vec(buf, "image/jpeg"), Some((655, 582)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/jpeg").unwrap();
|
||||
media.create_thumbnail(image, "attachments");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_jpeg_extra_bytes() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = [
|
||||
&include_bytes!("../../tests/assets/test.jpeg")[..],
|
||||
&[0u8; 16],
|
||||
]
|
||||
.concat();
|
||||
assert_eq!(media.image_size_vec(&buf, "image/jpeg"), Some((655, 582)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/jpeg").unwrap();
|
||||
media.create_thumbnail(image, "emojis");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_png() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/test.png");
|
||||
assert_eq!(media.image_size_vec(buf, "image/png"), Some((900, 900)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/png").unwrap();
|
||||
media.create_thumbnail(image, "emojis");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_png_extra_bytes() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = [
|
||||
&include_bytes!("../../tests/assets/test.png")[..],
|
||||
&[0u8; 16],
|
||||
]
|
||||
.concat();
|
||||
assert_eq!(media.image_size_vec(&buf, "image/png"), Some((900, 900)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/png").unwrap();
|
||||
media.create_thumbnail(image, "emojis");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_floating_point_png() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/test-float.png");
|
||||
assert_eq!(media.image_size_vec(buf, "image/png"), Some((300, 300)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/png").unwrap();
|
||||
media.create_thumbnail(image, "avatars");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_corrupted_png() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/corrupted.png");
|
||||
assert_eq!(media.image_size_vec(buf, "image/png"), Some((900, 900)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
media.decode_image(&mut reader, "image/png").unwrap_err();
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_animated_png() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/anim-icos.apng");
|
||||
assert_eq!(media.image_size_vec(buf, "image/png"), Some((128, 128)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/png").unwrap();
|
||||
media.create_thumbnail(image, "attachments");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_jxl() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/dice.jxl");
|
||||
assert_eq!(media.image_size_vec(buf, "image/jxl"), Some((800, 600)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/jxl").unwrap();
|
||||
media.create_thumbnail(image, "attachments");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_animated_jxl() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/anim-icos.jxl");
|
||||
assert_eq!(media.image_size_vec(buf, "image/jxl"), Some((128, 128)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/jxl").unwrap();
|
||||
media.create_thumbnail(image, "attachments");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_webp() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/dice.webp");
|
||||
assert_eq!(media.image_size_vec(buf, "image/webp"), Some((800, 600)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/webp").unwrap();
|
||||
media.create_thumbnail(image, "attachments");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_animated_webp() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/anim-icos.webp");
|
||||
assert_eq!(media.image_size_vec(buf, "image/webp"), Some((128, 128)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/webp").unwrap();
|
||||
media.create_thumbnail(image, "attachments");
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn asset_test_animated_gif() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let buf = include_bytes!("../../tests/assets/anim-icos.gif");
|
||||
assert_eq!(media.image_size_vec(buf, "image/gif"), Some((128, 128)));
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
let image = media.decode_image(&mut reader, "image/gif").unwrap();
|
||||
media.create_thumbnail(image, "attachments");
|
||||
}
|
||||
}
|
||||
7
crates/core/files/src/implementation/mod.rs
Normal file
@@ -0,0 +1,7 @@
|
||||
mod encryption_impl;
|
||||
mod media_impl;
|
||||
mod s3_impl;
|
||||
|
||||
pub use encryption_impl::EncryptionKey;
|
||||
pub use media_impl::MediaImpl;
|
||||
pub use s3_impl::S3Storage;
|
||||
118
crates/core/files/src/implementation/s3_impl.rs
Normal file
@@ -0,0 +1,118 @@
|
||||
use std::io::Write;
|
||||
|
||||
use anyhow::Context;
|
||||
use aws_sdk_s3::{
|
||||
config::{Credentials, Region},
|
||||
Client, Config,
|
||||
};
|
||||
use revolt_config::FilesS3;
|
||||
|
||||
use crate::{EncryptionRepository, FileStorageRepository};
|
||||
|
||||
pub struct S3Storage<ER: EncryptionRepository> {
|
||||
client: Client,
|
||||
encryption: ER,
|
||||
}
|
||||
|
||||
impl<ER: EncryptionRepository> S3Storage<ER> {
|
||||
pub async fn from_config(encryption: ER) -> S3Storage<ER> {
|
||||
S3Storage::new(encryption, revolt_config::config().await.files.s3)
|
||||
}
|
||||
|
||||
pub fn new(encryption: ER, s3_config: FilesS3) -> S3Storage<ER> {
|
||||
let provider_name = "my-creds";
|
||||
let creds = Credentials::new(
|
||||
s3_config.access_key_id,
|
||||
s3_config.secret_access_key,
|
||||
None,
|
||||
None,
|
||||
provider_name,
|
||||
);
|
||||
|
||||
let config = Config::builder()
|
||||
.region(Region::new(s3_config.region))
|
||||
.endpoint_url(s3_config.endpoint)
|
||||
.force_path_style(s3_config.path_style_buckets)
|
||||
.credentials_provider(creds)
|
||||
.build();
|
||||
|
||||
S3Storage {
|
||||
client: Client::from_conf(config),
|
||||
encryption,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[async_trait::async_trait]
|
||||
impl<ER: EncryptionRepository> FileStorageRepository for S3Storage<ER> {
|
||||
async fn create_bucket(&self, bucket_id: &str) -> anyhow::Result<()> {
|
||||
self.client
|
||||
.create_bucket()
|
||||
.bucket(bucket_id)
|
||||
.send()
|
||||
.await
|
||||
.with_context(|| format!("failed to create bucket {bucket_id}"))?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn fetch_and_decrypt_file(
|
||||
&self,
|
||||
bucket_id: &str,
|
||||
path: &str,
|
||||
iv: &str,
|
||||
) -> anyhow::Result<Vec<u8>> {
|
||||
let mut object = self
|
||||
.client
|
||||
.get_object()
|
||||
.bucket(bucket_id)
|
||||
.key(path)
|
||||
.send()
|
||||
.await
|
||||
.with_context(|| format!("failed to get object at {path} in {bucket_id}"))?;
|
||||
|
||||
let mut buf = vec![];
|
||||
while let Some(bytes) = object.body.next().await {
|
||||
let data = bytes?;
|
||||
buf.write_all(&data)?;
|
||||
}
|
||||
|
||||
if iv.is_empty() {
|
||||
Ok(buf)
|
||||
} else {
|
||||
self.encryption.decrypt_buffer(buf, iv)
|
||||
}
|
||||
}
|
||||
|
||||
async fn encrypt_and_upload_file(
|
||||
&self,
|
||||
bucket_id: &str,
|
||||
path: &str,
|
||||
buf: &[u8],
|
||||
) -> anyhow::Result<String> {
|
||||
let (buf, iv) = self.encryption.encrypt_buffer(buf)?;
|
||||
|
||||
self.client
|
||||
.put_object()
|
||||
.bucket(bucket_id)
|
||||
.key(path)
|
||||
.body(buf.into())
|
||||
.send()
|
||||
.await
|
||||
.with_context(|| format!("failed to put object at {path} in {bucket_id}"))?;
|
||||
|
||||
Ok(iv)
|
||||
}
|
||||
|
||||
async fn delete_file(&self, bucket_id: &str, path: &str) -> anyhow::Result<()> {
|
||||
self.client
|
||||
.delete_object()
|
||||
.bucket(bucket_id)
|
||||
.key(path)
|
||||
.send()
|
||||
.await
|
||||
.with_context(|| format!("failed to delete object at {path} in {bucket_id}"))?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
@@ -1,293 +1,182 @@
|
||||
use std::io::{BufRead, Read, Seek, Write};
|
||||
mod implementation;
|
||||
mod repositories;
|
||||
|
||||
use aes_gcm::{
|
||||
aead::{AeadCore, AeadMutInPlace, OsRng},
|
||||
Aes256Gcm, Key, KeyInit, Nonce,
|
||||
};
|
||||
use image::{DynamicImage, ImageBuffer};
|
||||
use revolt_config::{config, report_internal_error, FilesS3};
|
||||
use revolt_result::{create_error, Result};
|
||||
pub use implementation::*;
|
||||
pub use repositories::*;
|
||||
|
||||
use aws_sdk_s3::{
|
||||
config::{Credentials, Region},
|
||||
Client, Config,
|
||||
};
|
||||
use std::io::{BufRead, Read, Seek};
|
||||
|
||||
use image::DynamicImage;
|
||||
use revolt_config::{report_internal_error, Files, FilesLimit, FilesS3};
|
||||
use revolt_result::Result;
|
||||
|
||||
use base64::prelude::*;
|
||||
use tempfile::NamedTempFile;
|
||||
use tiny_skia::Pixmap;
|
||||
|
||||
/// Size of the authentication tag in the buffer
|
||||
pub const AUTHENTICATION_TAG_SIZE_BYTES: usize = 16;
|
||||
|
||||
/// Create an S3 client
|
||||
pub fn create_client(s3_config: FilesS3) -> Client {
|
||||
let provider_name = "my-creds";
|
||||
let creds = Credentials::new(
|
||||
s3_config.access_key_id,
|
||||
s3_config.secret_access_key,
|
||||
None,
|
||||
None,
|
||||
provider_name,
|
||||
);
|
||||
|
||||
let config = Config::builder()
|
||||
.region(Region::new(s3_config.region))
|
||||
.endpoint_url(s3_config.endpoint)
|
||||
.force_path_style(s3_config.path_style_buckets)
|
||||
.credentials_provider(creds)
|
||||
.build();
|
||||
|
||||
Client::from_conf(config)
|
||||
}
|
||||
|
||||
/// Create an AES-256-GCM cipher
|
||||
pub fn create_cipher(key: &str) -> Aes256Gcm {
|
||||
let key = &BASE64_STANDARD.decode(key).expect("valid base64 string")[..];
|
||||
let key: &Key<Aes256Gcm> = key.into();
|
||||
Aes256Gcm::new(key)
|
||||
}
|
||||
|
||||
/// Fetch a file from S3 (and decrypt it)
|
||||
pub async fn fetch_from_s3(bucket_id: &str, path: &str, nonce: &str) -> Result<Vec<u8>> {
|
||||
let config = config().await;
|
||||
let client = create_client(config.files.s3);
|
||||
|
||||
// Send a request for the file
|
||||
let mut obj =
|
||||
report_internal_error!(client.get_object().bucket(bucket_id).key(path).send().await)?;
|
||||
|
||||
// Read the file from remote
|
||||
let mut buf = vec![];
|
||||
while let Some(bytes) = obj.body.next().await {
|
||||
let data = report_internal_error!(bytes)?;
|
||||
report_internal_error!(buf.write_all(&data))?;
|
||||
// is there a more efficient way to do this?
|
||||
// we just want the Vec<u8>
|
||||
}
|
||||
|
||||
// File is not encrypted
|
||||
if nonce.is_empty() {
|
||||
return Ok(buf);
|
||||
}
|
||||
|
||||
// Recover nonce as bytes
|
||||
let nonce = &BASE64_STANDARD.decode(nonce).unwrap()[..];
|
||||
let nonce: &Nonce<typenum::consts::U12> = nonce.into();
|
||||
|
||||
// Decrypt the file
|
||||
create_cipher(&config.files.encryption_key)
|
||||
.decrypt_in_place(nonce, b"", &mut buf)
|
||||
.map_err(|_| create_error!(InternalError))?;
|
||||
|
||||
// Remove the authentication tag bytes that were added during encryption
|
||||
buf.truncate(buf.len() - AUTHENTICATION_TAG_SIZE_BYTES);
|
||||
|
||||
Ok(buf)
|
||||
pub async fn fetch_from_s3(bucket_id: &str, path: &str, iv: &str) -> Result<Vec<u8>> {
|
||||
let encryption = implementation::EncryptionKey::from_config().await;
|
||||
let storage = implementation::S3Storage::from_config(encryption).await;
|
||||
report_internal_error!(storage.fetch_and_decrypt_file(bucket_id, path, iv).await)
|
||||
}
|
||||
|
||||
/// Encrypt and upload a file to S3 (returning its nonce/IV)
|
||||
pub async fn upload_to_s3(bucket_id: &str, path: &str, buf: &[u8]) -> Result<String> {
|
||||
let config = config().await;
|
||||
let client = create_client(config.files.s3);
|
||||
|
||||
// Generate a nonce
|
||||
let nonce = Aes256Gcm::generate_nonce(&mut OsRng);
|
||||
|
||||
// Extend the buffer for in-place encryption
|
||||
let mut buf = [buf, &[0; AUTHENTICATION_TAG_SIZE_BYTES]].concat();
|
||||
|
||||
// Encrypt the file in place
|
||||
create_cipher(&config.files.encryption_key)
|
||||
.encrypt_in_place(&nonce, b"", &mut buf)
|
||||
.map_err(|_| create_error!(InternalError))?;
|
||||
|
||||
// Upload the file to remote
|
||||
report_internal_error!(
|
||||
client
|
||||
.put_object()
|
||||
.bucket(bucket_id)
|
||||
.key(path)
|
||||
.body(buf.into())
|
||||
.send()
|
||||
.await
|
||||
)?;
|
||||
|
||||
Ok(BASE64_STANDARD.encode(nonce))
|
||||
let encryption = implementation::EncryptionKey::from_config().await;
|
||||
let storage = implementation::S3Storage::from_config(encryption).await;
|
||||
report_internal_error!(storage.encrypt_and_upload_file(bucket_id, path, buf).await)
|
||||
}
|
||||
|
||||
/// Delete a file from S3 by path
|
||||
pub async fn delete_from_s3(bucket_id: &str, path: &str) -> Result<()> {
|
||||
let config = config().await;
|
||||
let client = create_client(config.files.s3);
|
||||
|
||||
report_internal_error!(
|
||||
client
|
||||
.delete_object()
|
||||
.bucket(bucket_id)
|
||||
.key(path)
|
||||
.send()
|
||||
.await
|
||||
)?;
|
||||
|
||||
Ok(())
|
||||
let encryption = implementation::EncryptionKey::from_config().await;
|
||||
let storage = implementation::S3Storage::from_config(encryption).await;
|
||||
report_internal_error!(storage.delete_file(bucket_id, path).await)
|
||||
}
|
||||
|
||||
/// Determine size of image at temp file
|
||||
pub fn image_size(f: &NamedTempFile) -> Option<(usize, usize)> {
|
||||
if let Ok(size) = imagesize::size(f.path())
|
||||
.inspect_err(|err| tracing::error!("Failed to generate image size! {err:?}"))
|
||||
{
|
||||
Some((size.width, size.height))
|
||||
} else {
|
||||
None
|
||||
}
|
||||
let media = MediaImpl::new(Files {
|
||||
blocked_mime_types: Default::default(),
|
||||
clamd_host: Default::default(),
|
||||
encryption_key: Default::default(),
|
||||
limit: FilesLimit {
|
||||
max_mega_pixels: 0,
|
||||
max_pixel_side: 0,
|
||||
min_file_size: 0,
|
||||
min_resolution: [0, 0],
|
||||
},
|
||||
preview: Default::default(),
|
||||
s3: FilesS3 {
|
||||
access_key_id: Default::default(),
|
||||
default_bucket: Default::default(),
|
||||
endpoint: Default::default(),
|
||||
path_style_buckets: Default::default(),
|
||||
region: Default::default(),
|
||||
secret_access_key: Default::default(),
|
||||
},
|
||||
scan_mime_types: Default::default(),
|
||||
webp_quality: Default::default(),
|
||||
});
|
||||
|
||||
media.image_size(f)
|
||||
}
|
||||
|
||||
/// Determine size of image with buffer
|
||||
pub fn image_size_vec(v: &[u8], mime: &str) -> Option<(usize, usize)> {
|
||||
match mime {
|
||||
"image/svg+xml" => {
|
||||
let tree =
|
||||
report_internal_error!(usvg::Tree::from_data(v, &Default::default())).ok()?;
|
||||
let media = MediaImpl::new(Files {
|
||||
blocked_mime_types: Default::default(),
|
||||
clamd_host: Default::default(),
|
||||
encryption_key: Default::default(),
|
||||
limit: FilesLimit {
|
||||
max_mega_pixels: 0,
|
||||
max_pixel_side: 0,
|
||||
min_file_size: 0,
|
||||
min_resolution: [0, 0],
|
||||
},
|
||||
preview: Default::default(),
|
||||
s3: FilesS3 {
|
||||
access_key_id: Default::default(),
|
||||
default_bucket: Default::default(),
|
||||
endpoint: Default::default(),
|
||||
path_style_buckets: Default::default(),
|
||||
region: Default::default(),
|
||||
secret_access_key: Default::default(),
|
||||
},
|
||||
scan_mime_types: Default::default(),
|
||||
webp_quality: Default::default(),
|
||||
});
|
||||
|
||||
let size = tree.size();
|
||||
Some((size.width() as usize, size.height() as usize))
|
||||
}
|
||||
_ => {
|
||||
if let Ok(size) = imagesize::blob_size(v)
|
||||
.inspect_err(|err| tracing::error!("Failed to generate image size! {err:?}"))
|
||||
{
|
||||
Some((size.width, size.height))
|
||||
} else {
|
||||
None
|
||||
}
|
||||
}
|
||||
}
|
||||
media.image_size_vec(v, mime)
|
||||
}
|
||||
|
||||
/// Determine size of video at temp file
|
||||
pub fn video_size(f: &NamedTempFile) -> Option<(i64, i64)> {
|
||||
if let Ok(data) = ffprobe::ffprobe(f.path())
|
||||
.inspect_err(|err| tracing::error!("Failed to ffprobe file! {err:?}"))
|
||||
{
|
||||
// Use first valid stream
|
||||
for stream in data.streams {
|
||||
if let (Some(w), Some(h)) = (stream.width, stream.height) {
|
||||
return Some((w, h));
|
||||
}
|
||||
}
|
||||
let media = MediaImpl::new(Files {
|
||||
blocked_mime_types: Default::default(),
|
||||
clamd_host: Default::default(),
|
||||
encryption_key: Default::default(),
|
||||
limit: FilesLimit {
|
||||
max_mega_pixels: 0,
|
||||
max_pixel_side: 0,
|
||||
min_file_size: 0,
|
||||
min_resolution: [0, 0],
|
||||
},
|
||||
preview: Default::default(),
|
||||
s3: FilesS3 {
|
||||
access_key_id: Default::default(),
|
||||
default_bucket: Default::default(),
|
||||
endpoint: Default::default(),
|
||||
path_style_buckets: Default::default(),
|
||||
region: Default::default(),
|
||||
secret_access_key: Default::default(),
|
||||
},
|
||||
scan_mime_types: Default::default(),
|
||||
webp_quality: Default::default(),
|
||||
});
|
||||
|
||||
None
|
||||
} else {
|
||||
None
|
||||
}
|
||||
media.video_size(f)
|
||||
}
|
||||
|
||||
/// Decode image from reader
|
||||
pub fn decode_image<R: Read + BufRead + Seek>(reader: &mut R, mime: &str) -> Result<DynamicImage> {
|
||||
match mime {
|
||||
// Read image using jxl-oxide crate
|
||||
"image/jxl" => {
|
||||
let jxl_image = report_internal_error!(jxl_oxide::JxlImage::builder().read(reader))?;
|
||||
if let Ok(frame) = jxl_image.render_frame(0) {
|
||||
match frame.color_channels().len() {
|
||||
3 => Ok(DynamicImage::ImageRgb8(
|
||||
DynamicImage::ImageRgb32F(
|
||||
ImageBuffer::from_vec(
|
||||
jxl_image.width(),
|
||||
jxl_image.height(),
|
||||
frame.image().buf().to_vec(),
|
||||
)
|
||||
.ok_or_else(|| create_error!(ImageProcessingFailed))?,
|
||||
)
|
||||
.to_rgb8(),
|
||||
)),
|
||||
4 => Ok(DynamicImage::ImageRgba8(
|
||||
DynamicImage::ImageRgba32F(
|
||||
ImageBuffer::from_vec(
|
||||
jxl_image.width(),
|
||||
jxl_image.height(),
|
||||
frame.image().buf().to_vec(),
|
||||
)
|
||||
.ok_or_else(|| create_error!(ImageProcessingFailed))?,
|
||||
)
|
||||
.to_rgba8(),
|
||||
)),
|
||||
_ => Err(create_error!(ImageProcessingFailed)),
|
||||
}
|
||||
} else {
|
||||
Err(create_error!(ImageProcessingFailed))
|
||||
}
|
||||
}
|
||||
// Read image using resvg
|
||||
"image/svg+xml" => {
|
||||
// usvg doesn't support Read trait so copy to buffer
|
||||
let mut buf = Vec::new();
|
||||
report_internal_error!(reader.read_to_end(&mut buf))?;
|
||||
let media = MediaImpl::new(Files {
|
||||
blocked_mime_types: Default::default(),
|
||||
clamd_host: Default::default(),
|
||||
encryption_key: Default::default(),
|
||||
limit: FilesLimit {
|
||||
max_mega_pixels: 0,
|
||||
max_pixel_side: 0,
|
||||
min_file_size: 0,
|
||||
min_resolution: [0, 0],
|
||||
},
|
||||
preview: Default::default(),
|
||||
s3: FilesS3 {
|
||||
access_key_id: Default::default(),
|
||||
default_bucket: Default::default(),
|
||||
endpoint: Default::default(),
|
||||
path_style_buckets: Default::default(),
|
||||
region: Default::default(),
|
||||
secret_access_key: Default::default(),
|
||||
},
|
||||
scan_mime_types: Default::default(),
|
||||
webp_quality: Default::default(),
|
||||
});
|
||||
|
||||
let tree = report_internal_error!(usvg::Tree::from_data(&buf, &Default::default()))?;
|
||||
let size = tree.size();
|
||||
let mut pixmap = Pixmap::new(size.width() as u32, size.height() as u32)
|
||||
.ok_or_else(|| create_error!(ImageProcessingFailed))?;
|
||||
|
||||
let mut pixmap_mut = pixmap.as_mut();
|
||||
resvg::render(&tree, Default::default(), &mut pixmap_mut);
|
||||
|
||||
Ok(DynamicImage::ImageRgba8(
|
||||
ImageBuffer::from_vec(
|
||||
size.width() as u32,
|
||||
size.height() as u32,
|
||||
pixmap.data().to_vec(),
|
||||
)
|
||||
.ok_or_else(|| create_error!(ImageProcessingFailed))?,
|
||||
))
|
||||
}
|
||||
// Check if we can read using image-rs crate
|
||||
_ => report_internal_error!(report_internal_error!(
|
||||
image::ImageReader::new(reader).with_guessed_format()
|
||||
)?
|
||||
.decode()),
|
||||
}
|
||||
report_internal_error!(media.decode_image(reader, mime))
|
||||
}
|
||||
|
||||
/// Check whether given reader has a valid image
|
||||
pub fn is_valid_image<R: Read + BufRead + Seek>(reader: &mut R, mime: &str) -> bool {
|
||||
match mime {
|
||||
// Check if we can read using jxl-oxide crate
|
||||
"image/jxl" => jxl_oxide::JxlImage::builder()
|
||||
.read(reader)
|
||||
.inspect_err(|err| tracing::error!("Failed to read JXL! {err:?}"))
|
||||
.is_ok(),
|
||||
// Check if we can read using image-rs crate
|
||||
_ => !matches!(
|
||||
image::ImageReader::new(reader)
|
||||
.with_guessed_format()
|
||||
.inspect_err(|err| tracing::error!("Failed to read image! {err:?}"))
|
||||
.map(|f| f.decode()),
|
||||
Err(_) | Ok(Err(_))
|
||||
),
|
||||
}
|
||||
let media = MediaImpl::new(Files {
|
||||
blocked_mime_types: Default::default(),
|
||||
clamd_host: Default::default(),
|
||||
encryption_key: Default::default(),
|
||||
limit: FilesLimit {
|
||||
max_mega_pixels: 0,
|
||||
max_pixel_side: 0,
|
||||
min_file_size: 0,
|
||||
min_resolution: [0, 0],
|
||||
},
|
||||
preview: Default::default(),
|
||||
s3: FilesS3 {
|
||||
access_key_id: Default::default(),
|
||||
default_bucket: Default::default(),
|
||||
endpoint: Default::default(),
|
||||
path_style_buckets: Default::default(),
|
||||
region: Default::default(),
|
||||
secret_access_key: Default::default(),
|
||||
},
|
||||
scan_mime_types: Default::default(),
|
||||
webp_quality: Default::default(),
|
||||
});
|
||||
|
||||
media.is_valid_image(reader, mime)
|
||||
}
|
||||
|
||||
/// Create thumbnail from given image
|
||||
pub async fn create_thumbnail(image: DynamicImage, tag: &str) -> Vec<u8> {
|
||||
// Load configuration
|
||||
let config = config().await;
|
||||
let [w, h] = config.files.preview.get(tag).unwrap();
|
||||
|
||||
// Create thumbnail
|
||||
//.resize(width as u32, height as u32, image::imageops::FilterType::Gaussian)
|
||||
// resize is about 2.5x slower,
|
||||
// thumbnail doesn't have terrible quality
|
||||
// so we use thumbnail
|
||||
let image = image.thumbnail(image.width().min(*w as u32), image.height().min(*h as u32));
|
||||
|
||||
// Encode it into WEBP
|
||||
let encoder = webp::Encoder::from_image(&image).expect("Could not create encoder.");
|
||||
if config.files.webp_quality != 100.0 {
|
||||
encoder.encode(config.files.webp_quality).to_vec()
|
||||
} else {
|
||||
encoder.encode_lossless().to_vec()
|
||||
}
|
||||
let media = MediaImpl::from_config().await;
|
||||
media.create_thumbnail(image, tag)
|
||||
}
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
use anyhow::Result;
|
||||
|
||||
pub trait EncryptionRepository: Send + Sync + 'static {
|
||||
fn decrypt_buffer(&self, buf: Vec<u8>, iv: &str) -> anyhow::Result<Vec<u8>>;
|
||||
fn encrypt_buffer(&self, buf: &[u8]) -> Result<(Vec<u8>, String)>;
|
||||
}
|
||||
@@ -0,0 +1,22 @@
|
||||
use anyhow::Result;
|
||||
|
||||
#[async_trait::async_trait]
|
||||
pub trait FileStorageRepository: Send + Sync + 'static {
|
||||
async fn create_bucket(&self, bucket_id: &str) -> anyhow::Result<()>;
|
||||
|
||||
async fn fetch_and_decrypt_file(
|
||||
&self,
|
||||
bucket_id: &str,
|
||||
path: &str,
|
||||
iv: &str,
|
||||
) -> Result<Vec<u8>>;
|
||||
|
||||
async fn encrypt_and_upload_file(
|
||||
&self,
|
||||
bucket_id: &str,
|
||||
path: &str,
|
||||
buf: &[u8],
|
||||
) -> Result<String>;
|
||||
|
||||
async fn delete_file(&self, bucket_id: &str, path: &str) -> Result<()>;
|
||||
}
|
||||
30
crates/core/files/src/repositories/media_repository.rs
Normal file
@@ -0,0 +1,30 @@
|
||||
use anyhow::Result;
|
||||
use image::DynamicImage;
|
||||
use std::io::{BufRead, Read, Seek};
|
||||
use tempfile::NamedTempFile;
|
||||
use thiserror::Error;
|
||||
|
||||
pub trait MediaRepository: Send + Sync + 'static {
|
||||
fn image_size(&self, f: &NamedTempFile) -> Option<(usize, usize)>;
|
||||
fn image_size_vec(&self, v: &[u8], mime: &str) -> Option<(usize, usize)>;
|
||||
|
||||
fn decode_image<R: Read + BufRead + Seek>(
|
||||
&self,
|
||||
reader: &mut R,
|
||||
mime: &str,
|
||||
) -> Result<DynamicImage, MediaError>;
|
||||
|
||||
fn is_valid_image<R: Read + BufRead + Seek>(&self, reader: &mut R, mime: &str) -> bool;
|
||||
|
||||
fn create_thumbnail(&self, image: DynamicImage, tag: &str) -> Vec<u8>;
|
||||
|
||||
fn video_size(&self, f: &NamedTempFile) -> Option<(i64, i64)>;
|
||||
}
|
||||
|
||||
#[derive(Debug, Error)]
|
||||
pub enum MediaError {
|
||||
#[error("image processing failed because {cause}")]
|
||||
ImageProcessingFailed { cause: String },
|
||||
#[error(transparent)]
|
||||
Unknown(#[from] anyhow::Error),
|
||||
}
|
||||
7
crates/core/files/src/repositories/mod.rs
Normal file
@@ -0,0 +1,7 @@
|
||||
mod encryption_repository;
|
||||
mod file_storage_repository;
|
||||
mod media_repository;
|
||||
|
||||
pub use encryption_repository::EncryptionRepository;
|
||||
pub use file_storage_repository::FileStorageRepository;
|
||||
pub use media_repository::{MediaError, MediaRepository};
|
||||
BIN
crates/core/files/tests/assets/anim-icos.apng
Normal file
|
After Width: | Height: | Size: 968 KiB |
BIN
crates/core/files/tests/assets/anim-icos.gif
Normal file
|
After Width: | Height: | Size: 375 KiB |
BIN
crates/core/files/tests/assets/anim-icos.jxl
Normal file
BIN
crates/core/files/tests/assets/anim-icos.webp
Normal file
|
After Width: | Height: | Size: 382 KiB |
BIN
crates/core/files/tests/assets/corrupted.png
Normal file
|
After Width: | Height: | Size: 4.4 KiB |
BIN
crates/core/files/tests/assets/dice.jxl
Normal file
BIN
crates/core/files/tests/assets/dice.webp
Normal file
|
After Width: | Height: | Size: 64 KiB |
BIN
crates/core/files/tests/assets/test-float.png
Normal file
|
After Width: | Height: | Size: 5.9 KiB |
BIN
crates/core/files/tests/assets/test.jpeg
Normal file
|
After Width: | Height: | Size: 3.0 KiB |
BIN
crates/core/files/tests/assets/test.png
Normal file
|
After Width: | Height: | Size: 4.4 KiB |
31
crates/core/files/tests/integration_test.rs
Normal file
@@ -0,0 +1,31 @@
|
||||
use std::io::Cursor;
|
||||
|
||||
use revolt_files::{EncryptionKey, FileStorageRepository, MediaImpl, MediaRepository, S3Storage};
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_image_roundtrip_png() {
|
||||
let media = MediaImpl::from_config().await;
|
||||
let encryption = EncryptionKey::from_config().await;
|
||||
let s3 = S3Storage::from_config(encryption).await;
|
||||
|
||||
let buf = include_bytes!("./assets/test.png");
|
||||
let bucket_id = uuid::Uuid::new_v4().to_string();
|
||||
|
||||
s3.create_bucket(&bucket_id).await.unwrap();
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
media.decode_image(&mut reader, "image/png").unwrap();
|
||||
|
||||
let iv = s3
|
||||
.encrypt_and_upload_file(&bucket_id, "/my-file", buf)
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let buf = s3
|
||||
.fetch_and_decrypt_file(&bucket_id, "/my-file", &iv)
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let mut reader = Cursor::new(buf);
|
||||
media.decode_image(&mut reader, "image/png").unwrap();
|
||||
}
|
||||
42
crates/core/files/tests/s3_test.rs
Normal file
@@ -0,0 +1,42 @@
|
||||
use revolt_files::{EncryptionKey, FileStorageRepository, S3Storage};
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_upload_and_download() {
|
||||
let encryption = EncryptionKey::from_config().await;
|
||||
let s3 = S3Storage::from_config(encryption).await;
|
||||
|
||||
let buf = [67];
|
||||
let bucket_id = uuid::Uuid::new_v4().to_string();
|
||||
|
||||
s3.create_bucket(&bucket_id).await.unwrap();
|
||||
|
||||
let iv = s3
|
||||
.encrypt_and_upload_file(&bucket_id, "/my-file", &buf)
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let buf = s3
|
||||
.fetch_and_decrypt_file(&bucket_id, "/my-file", &iv)
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
assert_eq!(buf.len(), 1);
|
||||
assert_eq!(buf[0], 67);
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_upload_and_delete() {
|
||||
let encryption = EncryptionKey::from_config().await;
|
||||
let s3 = S3Storage::from_config(encryption).await;
|
||||
|
||||
let buf = [67];
|
||||
let bucket_id = uuid::Uuid::new_v4().to_string();
|
||||
|
||||
s3.create_bucket(&bucket_id).await.unwrap();
|
||||
|
||||
s3.encrypt_and_upload_file(&bucket_id, "/my-file", &buf)
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
s3.delete_file(&bucket_id, "/my-file").await.unwrap();
|
||||
}
|
||||
@@ -1,10 +1,11 @@
|
||||
[package]
|
||||
name = "revolt-models"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "MIT"
|
||||
authors = ["Paul Makles <me@insrt.uk>"]
|
||||
description = "Revolt Backend: API Models"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
@@ -20,8 +21,8 @@ default = ["serde", "partials", "rocket"]
|
||||
|
||||
[dependencies]
|
||||
# Core
|
||||
revolt-config = { version = "0.9.2", path = "../config" }
|
||||
revolt-permissions = { version = "0.9.2", path = "../permissions" }
|
||||
revolt-config = { version = "0.11.0", path = "../config" }
|
||||
revolt-permissions = { version = "0.11.0", path = "../permissions" }
|
||||
|
||||
# Utility
|
||||
regex = "1.11"
|
||||
|
||||
@@ -95,6 +95,7 @@ auto_derived!(
|
||||
CanReceive,
|
||||
CanPublish,
|
||||
JoinedAt,
|
||||
VoiceChannel,
|
||||
}
|
||||
|
||||
/// Member removal intention
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
[package]
|
||||
name = "revolt-parser"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "MIT"
|
||||
authors = ["Zomatree <me@zomatree.live>", "Paul Makles <me@insrt.uk>"]
|
||||
description = "Revolt Backend: Message Parser"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
[dependencies]
|
||||
logos = { version = "0.15" }
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
[package]
|
||||
name = "revolt-permissions"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "MIT"
|
||||
authors = ["Paul Makles <me@insrt.uk>"]
|
||||
description = "Revolt Backend: Permission Logic"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
@@ -21,7 +22,7 @@ async-std = { version = "1.8.0", features = ["attributes"] }
|
||||
|
||||
[dependencies]
|
||||
# Core
|
||||
revolt-result = { version = "0.9.2", path = "../result" }
|
||||
revolt-result = { version = "0.11.0", path = "../result" }
|
||||
|
||||
# Utility
|
||||
auto_ops = "0.3.0"
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
[package]
|
||||
name = "revolt-presence"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "AGPL-3.0-or-later"
|
||||
authors = ["Paul Makles <me@insrt.uk>"]
|
||||
description = "Revolt Backend: User Presence"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
@@ -16,7 +17,7 @@ redis-is-patched = []
|
||||
async-std = { version = "1.8.0", features = ["attributes"] }
|
||||
|
||||
# Config for loading Redis URI
|
||||
revolt-config = { version = "0.9.2", path = "../config" }
|
||||
revolt-config = { version = "0.11.0", path = "../config" }
|
||||
|
||||
[dependencies]
|
||||
# Utility
|
||||
|
||||
@@ -1,18 +1,26 @@
|
||||
[package]
|
||||
name = "revolt-ratelimits"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2024"
|
||||
license = "MIT"
|
||||
authors = ["Zomatree <me@zomatree.live>", "Paul Makles <me@insrt.uk>"]
|
||||
description = "Revolt Backend: Ratelimit Handler"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
[features]
|
||||
rocket = ["dep:rocket", "dep:revolt_rocket_okapi", "revolt-database/rocket-impl"]
|
||||
rocket = [
|
||||
"dep:rocket",
|
||||
"dep:revolt_rocket_okapi",
|
||||
"revolt-database/rocket-impl",
|
||||
]
|
||||
axum = ["dep:axum", "revolt-database/axum-impl"]
|
||||
|
||||
default = ["rocket", "axum"]
|
||||
|
||||
[dependencies]
|
||||
revolt-database = { version = "0.9.2", path = "../database"}
|
||||
revolt-result = { version = "0.9.2", path = "../result" }
|
||||
revolt-config = { version = "0.9.2", path = "../config" }
|
||||
revolt-database = { version = "0.11.0", path = "../database" }
|
||||
revolt-result = { version = "0.11.0", path = "../result" }
|
||||
revolt-config = { version = "0.11.0", path = "../config" }
|
||||
|
||||
rocket = { version = "0.5.1", optional = true }
|
||||
revolt_rocket_okapi = { version = "0.10.0", optional = true }
|
||||
@@ -20,7 +28,7 @@ revolt_rocket_okapi = { version = "0.10.0", optional = true }
|
||||
axum = { version = "0.7.5", optional = true, features = ["macros"] }
|
||||
|
||||
serde = { version = "1", features = ["derive"] }
|
||||
authifier = { version = "1.0.15" }
|
||||
authifier = { version = "1.0.16" }
|
||||
dashmap = "5.2.0"
|
||||
async-trait = "0.1.81"
|
||||
log = "0.4"
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
[package]
|
||||
name = "revolt-result"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "MIT"
|
||||
authors = ["Paul Makles <me@insrt.uk>"]
|
||||
description = "Revolt Backend: Result and Error types"
|
||||
repository = "https://github.com/stoatchat/stoatchat"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
@@ -38,4 +39,4 @@ log = "0.4"
|
||||
# Axum
|
||||
axum = { version = "0.7.5", optional = true }
|
||||
|
||||
sentry = { version = "0.31.5", optional = true }
|
||||
sentry = { version = "0.31.5", optional = true }
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "revolt-crond"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
license = "AGPL-3.0-or-later"
|
||||
authors = ["Paul Makles <me@insrt.uk>"]
|
||||
edition = "2021"
|
||||
@@ -17,7 +17,7 @@ log = "0.4"
|
||||
tokio = { version = "1" }
|
||||
|
||||
# Core
|
||||
revolt-database = { version = "0.9.2", path = "../../core/database" }
|
||||
revolt-result = { version = "0.9.2", path = "../../core/result" }
|
||||
revolt-config = { version = "0.9.2", path = "../../core/config" }
|
||||
revolt-files = { version = "0.9.2", path = "../../core/files" }
|
||||
revolt-database = { version = "0.11.0", path = "../../core/database" }
|
||||
revolt-result = { version = "0.11.0", path = "../../core/result" }
|
||||
revolt-config = { version = "0.11.0", path = "../../core/config" }
|
||||
revolt-files = { version = "0.11.0", path = "../../core/files" }
|
||||
|
||||
@@ -1,21 +1,21 @@
|
||||
[package]
|
||||
name = "revolt-pushd"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "AGPL-3.0-or-later"
|
||||
publish = false
|
||||
|
||||
[dependencies]
|
||||
revolt-result = { version = "0.9.2", path = "../../core/result" }
|
||||
revolt-config = { version = "0.9.2", path = "../../core/config", features = [
|
||||
revolt-result = { version = "0.11.0", path = "../../core/result" }
|
||||
revolt-config = { version = "0.11.0", path = "../../core/config", features = [
|
||||
"report-macros",
|
||||
"anyhow"
|
||||
"anyhow",
|
||||
] }
|
||||
revolt-database = { version = "0.9.2", path = "../../core/database" }
|
||||
revolt-models = { version = "0.9.2", path = "../../core/models", features = [
|
||||
revolt-database = { version = "0.11.0", path = "../../core/database" }
|
||||
revolt-models = { version = "0.11.0", path = "../../core/models", features = [
|
||||
"validator",
|
||||
] }
|
||||
revolt-presence = { version = "0.9.2", path = "../../core/presence", features = [
|
||||
revolt-presence = { version = "0.11.0", path = "../../core/presence", features = [
|
||||
"redis-is-patched",
|
||||
] }
|
||||
|
||||
@@ -30,7 +30,7 @@ tokio = "1.39.2"
|
||||
async-trait = "0.1.81"
|
||||
ulid = "1.0.0"
|
||||
|
||||
authifier = "1.0.15"
|
||||
authifier = "1.0.16"
|
||||
|
||||
log = "0.4.11"
|
||||
pretty_env_logger = "0.4.0"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "revolt-voice-ingress"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
license = "AGPL-3.0-or-later"
|
||||
edition = "2021"
|
||||
publish = false
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "revolt-delta"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
license = "AGPL-3.0-or-later"
|
||||
authors = ["Paul Makles <paulmakles@gmail.com>"]
|
||||
edition = "2018"
|
||||
@@ -57,7 +57,7 @@ lettre = "0.10.0-alpha.4"
|
||||
rocket = { version = "0.5.1", default-features = false, features = ["json"] }
|
||||
rocket_cors = { git = "https://github.com/lawliet89/rocket_cors", rev = "072d90359b23e9b291df6b672c07c93de9c46011" }
|
||||
rocket_empty = { version = "0.1.1", features = ["schema"] }
|
||||
rocket_authifier = { version = "1.0.15" }
|
||||
rocket_authifier = { version = "1.0.16" }
|
||||
rocket_prometheus = "0.10.0-rc.3"
|
||||
|
||||
# spec generation
|
||||
@@ -68,7 +68,7 @@ revolt_rocket_okapi = { version = "0.10.0", features = ["swagger"] }
|
||||
amqprs = { version = "1.7.0" }
|
||||
|
||||
# core
|
||||
authifier = "1.0.15"
|
||||
authifier = "1.0.16"
|
||||
revolt-config = { path = "../core/config" }
|
||||
revolt-database = { path = "../core/database", features = [
|
||||
"rocket-impl",
|
||||
|
||||
@@ -70,6 +70,15 @@ pub async fn web() -> Rocket<Build> {
|
||||
.iter()
|
||||
.map(|s| FromStr::from_str(s).unwrap())
|
||||
.collect(),
|
||||
expose_headers: [
|
||||
"X-Ratelimit-Limit",
|
||||
"X-Ratelimit-Bucket",
|
||||
"X-Ratelimit-Remaining",
|
||||
"X-Ratelimit-Reset-After",
|
||||
]
|
||||
.iter()
|
||||
.map(|s| s.to_string())
|
||||
.collect(),
|
||||
..Default::default()
|
||||
}
|
||||
.to_cors()
|
||||
|
||||
@@ -1,4 +1,7 @@
|
||||
use revolt_database::{util::{permissions::DatabasePermissionQuery, reference::Reference}, Channel, Database, FieldsMessage, PartialMessage, SystemMessage, User, AMQP};
|
||||
use revolt_database::{
|
||||
util::{permissions::DatabasePermissionQuery, reference::Reference},
|
||||
Channel, Database, FieldsMessage, PartialMessage, SystemMessage, User, AMQP,
|
||||
};
|
||||
use revolt_models::v0::MessageAuthor;
|
||||
use revolt_permissions::{calculate_channel_permissions, ChannelPermission};
|
||||
use revolt_result::{create_error, Result};
|
||||
|
||||
@@ -98,13 +98,21 @@ pub async fn edit(
|
||||
permissions.throw_if_lacking_channel_permission(ChannelPermission::DeafenMembers)?;
|
||||
}
|
||||
|
||||
let new_voice_channel = if let Some(new_channel) = &data.voice_channel {
|
||||
if data.voice_channel.is_some() && data.remove.contains(&FieldsMember::VoiceChannel) {
|
||||
return Err(create_error!(InvalidOperation))
|
||||
}
|
||||
|
||||
if data.voice_channel.is_some() || data.remove.contains(&FieldsMember::VoiceChannel) {
|
||||
if !voice_client.is_enabled() {
|
||||
return Err(create_error!(LiveKitUnavailable));
|
||||
};
|
||||
|
||||
permissions.throw_if_lacking_channel_permission(ChannelPermission::MoveMembers)?;
|
||||
if member.id.user != user.id {
|
||||
permissions.throw_if_lacking_channel_permission(ChannelPermission::MoveMembers)?;
|
||||
}
|
||||
}
|
||||
|
||||
let new_voice_channel = if let Some(new_channel) = &data.voice_channel {
|
||||
// ensure the channel we are moving them to is in the server and is a voice channel
|
||||
|
||||
let channel = Reference::from_unchecked(new_channel)
|
||||
@@ -116,6 +124,9 @@ pub async fn edit(
|
||||
Err(create_error!(UnknownChannel))?
|
||||
}
|
||||
|
||||
let channel_permissions = calculate_channel_permissions(&mut query.clone().channel(&channel)).await;
|
||||
channel_permissions.throw_if_lacking_channel_permission(ChannelPermission::Connect)?;
|
||||
|
||||
if get_user_voice_channel_in_server(&target_user.id, &server.id)
|
||||
.await?
|
||||
.is_none()
|
||||
@@ -189,10 +200,8 @@ pub async fn edit(
|
||||
partial.avatar = Some(File::use_user_avatar(db, &avatar, &user.id, &user.id).await?);
|
||||
}
|
||||
|
||||
let remove_contains_voice = remove.contains(FieldsMember::CanPublish) || remove.contains(FieldsMember::CanReceive);
|
||||
|
||||
member
|
||||
.update(db, partial, remove.into_iter().map(Into::into).collect())
|
||||
.update(db, partial, remove.clone().into_iter().map(Into::into).collect())
|
||||
.await?;
|
||||
|
||||
if let Some(new_voice_channel) = new_voice_channel {
|
||||
@@ -234,7 +243,7 @@ pub async fn edit(
|
||||
.private(target_user.id.clone())
|
||||
.await;
|
||||
};
|
||||
} else if can_publish.is_some() || can_receive.is_some() || remove_contains_voice {
|
||||
} else if can_publish.is_some() || can_receive.is_some() || remove.contains(FieldsMember::CanPublish) || remove.contains(FieldsMember::CanReceive) {
|
||||
if let Some(channel) = get_user_voice_channel_in_server(&target_user.id, &server.id).await?
|
||||
{
|
||||
let node = get_channel_node(&channel).await?.unwrap();
|
||||
@@ -253,5 +262,14 @@ pub async fn edit(
|
||||
};
|
||||
};
|
||||
|
||||
if remove.contains(&FieldsMember::VoiceChannel) {
|
||||
if let Some(channel) = get_user_voice_channel_in_server(&target_user.id, &server.id).await?
|
||||
{
|
||||
let node = get_channel_node(&channel).await?.unwrap();
|
||||
|
||||
voice_client.remove_user(&node, &user.id, &channel).await?;
|
||||
};
|
||||
}
|
||||
|
||||
Ok(Json(member.into()))
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "revolt-autumn"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "AGPL-3.0-or-later"
|
||||
publish = false
|
||||
@@ -44,16 +44,16 @@ tracing = "0.1"
|
||||
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
|
||||
|
||||
# Core crates
|
||||
revolt-files = { version = "0.9.2", path = "../../core/files" }
|
||||
revolt-config = { version = "0.9.2", path = "../../core/config" }
|
||||
revolt-database = { version = "0.9.2", path = "../../core/database", features = [
|
||||
revolt-files = { version = "0.11.0", path = "../../core/files" }
|
||||
revolt-config = { version = "0.11.0", path = "../../core/config" }
|
||||
revolt-database = { version = "0.11.0", path = "../../core/database", features = [
|
||||
"axum-impl",
|
||||
] }
|
||||
revolt-result = { version = "0.9.2", path = "../../core/result", features = [
|
||||
revolt-result = { version = "0.11.0", path = "../../core/result", features = [
|
||||
"utoipa",
|
||||
"axum",
|
||||
] }
|
||||
revolt-ratelimits = { version = "0.9.2", path = "../../core/ratelimits", features = ["axum"] }
|
||||
revolt-ratelimits = { version = "0.11.0", path = "../../core/ratelimits", features = ["axum"] }
|
||||
|
||||
# Axum / web server
|
||||
tempfile = "3.12.0"
|
||||
|
||||
@@ -34,6 +34,12 @@ pub async fn router() -> Router<AppState> {
|
||||
let cors = CorsLayer::new()
|
||||
.allow_methods([Method::POST])
|
||||
.allow_headers(AllowHeaders::mirror_request())
|
||||
.expose_headers(vec![
|
||||
"X-RateLimit-Limit".try_into().unwrap(),
|
||||
"X-RateLimit-Bucket".try_into().unwrap(),
|
||||
"X-RateLimit-Remaining".try_into().unwrap(),
|
||||
"X-RateLimit-Reset-After".try_into().unwrap(),
|
||||
])
|
||||
.allow_origin(Any);
|
||||
|
||||
Router::new()
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "revolt-gifbox"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "AGPL-3.0-or-later"
|
||||
publish = false
|
||||
@@ -17,25 +17,26 @@ tokio = { version = "1.0", features = ["full"] }
|
||||
reqwest = { version = "0.12", features = ["json"] }
|
||||
|
||||
# Core crates
|
||||
revolt-config = { version = "0.9.2", path = "../../core/config" }
|
||||
revolt-models = { version = "0.9.2", path = "../../core/models" }
|
||||
revolt-result = { version = "0.9.2", path = "../../core/result", features = [
|
||||
revolt-config = { version = "0.11.0", path = "../../core/config" }
|
||||
revolt-models = { version = "0.11.0", path = "../../core/models" }
|
||||
revolt-result = { version = "0.11.0", path = "../../core/result", features = [
|
||||
"utoipa",
|
||||
"axum",
|
||||
] }
|
||||
revolt-coalesced = { version = "0.9.2", path = "../../core/coalesced", features = [
|
||||
revolt-coalesced = { version = "0.11.0", path = "../../core/coalesced", features = [
|
||||
"queue",
|
||||
] }
|
||||
revolt-database = { version = "0.9.2", path = "../../core/database", features = [
|
||||
revolt-database = { version = "0.11.0", path = "../../core/database", features = [
|
||||
"axum-impl",
|
||||
] }
|
||||
revolt-ratelimits = { version = "0.9.2", path = "../../core/ratelimits", features = [
|
||||
revolt-ratelimits = { version = "0.11.0", path = "../../core/ratelimits", features = [
|
||||
"axum",
|
||||
] }
|
||||
|
||||
# Axum / web server
|
||||
axum = { version = "0.7.5" }
|
||||
axum-extra = { version = "0.9", features = ["typed-header"] }
|
||||
tower-http = { version = "0.5.2", features = ["cors"] }
|
||||
|
||||
# OpenAPI & documentation generation
|
||||
utoipa-scalar = { version = "0.1.0", features = ["axum"] }
|
||||
|
||||
@@ -1,5 +1,9 @@
|
||||
use crate::AppState;
|
||||
use axum::routing::{get, Router};
|
||||
use axum::{
|
||||
http::Method,
|
||||
routing::{get, Router},
|
||||
};
|
||||
use tower_http::cors::{AllowHeaders, Any, CorsLayer};
|
||||
|
||||
pub mod categories;
|
||||
pub mod root;
|
||||
@@ -7,9 +11,21 @@ pub mod search;
|
||||
pub mod trending;
|
||||
|
||||
pub fn router() -> Router<AppState> {
|
||||
let cors = CorsLayer::new()
|
||||
.allow_methods([Method::GET])
|
||||
.allow_headers(AllowHeaders::mirror_request())
|
||||
.expose_headers(vec![
|
||||
"X-RateLimit-Limit".try_into().unwrap(),
|
||||
"X-RateLimit-Bucket".try_into().unwrap(),
|
||||
"X-RateLimit-Remaining".try_into().unwrap(),
|
||||
"X-RateLimit-Reset-After".try_into().unwrap(),
|
||||
])
|
||||
.allow_origin(Any);
|
||||
|
||||
Router::new()
|
||||
.route("/", get(root::root))
|
||||
.route("/categories", get(categories::categories))
|
||||
.route("/search", get(search::search))
|
||||
.route("/trending", get(trending::trending))
|
||||
.layer(cors)
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "revolt-january"
|
||||
version = "0.9.2"
|
||||
version = "0.11.0"
|
||||
edition = "2021"
|
||||
license = "AGPL-3.0-or-later"
|
||||
publish = false
|
||||
@@ -33,13 +33,13 @@ tracing = "0.1"
|
||||
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
|
||||
|
||||
# Core crates
|
||||
revolt-config = { version = "0.9.2", path = "../../core/config" }
|
||||
revolt-models = { version = "0.9.2", path = "../../core/models" }
|
||||
revolt-result = { version = "0.9.2", path = "../../core/result", features = [
|
||||
revolt-config = { version = "0.11.0", path = "../../core/config" }
|
||||
revolt-models = { version = "0.11.0", path = "../../core/models" }
|
||||
revolt-result = { version = "0.11.0", path = "../../core/result", features = [
|
||||
"utoipa",
|
||||
"axum",
|
||||
] }
|
||||
revolt-files = { version = "0.9.2", path = "../../core/files" }
|
||||
revolt-files = { version = "0.11.0", path = "../../core/files" }
|
||||
|
||||
# Axum / web server
|
||||
axum = { version = "0.7.5" }
|
||||
|
||||
59
default.nix
@@ -1,28 +1,41 @@
|
||||
{
|
||||
pkgs ? import <nixpkgs> { },
|
||||
{ pkgs ? import (fetchTarball {
|
||||
url = "https://github.com/NixOS/nixpkgs/archive/77ef7a29d276c6d8303aece3444d61118ef71ac2.tar.gz";
|
||||
sha256 = "0pm4l48jq8plzrrrisimahxqlcpx7qqq9c99hylmf7p3zlc3phsy";
|
||||
}) {},
|
||||
}:
|
||||
|
||||
pkgs.mkShell rec {
|
||||
buildInputs = [
|
||||
# Tools
|
||||
pkgs.git
|
||||
pkgs.just
|
||||
let
|
||||
nix-ld-libs = pkgs.buildEnv {
|
||||
name = "nix-ld-libs";
|
||||
paths = with pkgs; [
|
||||
stdenv.cc.cc.lib
|
||||
zlib
|
||||
openssl.out
|
||||
];
|
||||
pathsToLink = [ "/lib" ];
|
||||
};
|
||||
|
||||
# Cargo
|
||||
pkgs.cargo
|
||||
pkgs.cargo-nextest
|
||||
pkgs.cargo-release
|
||||
|
||||
# Rust
|
||||
pkgs.rustc
|
||||
pkgs.clippy
|
||||
pkgs.rustfmt
|
||||
pkgs.pkg-config
|
||||
pkgs.openssl.dev
|
||||
|
||||
# mdbook
|
||||
pkgs.mdbook
|
||||
in pkgs.mkShell {
|
||||
packages = with pkgs; [
|
||||
mise
|
||||
cargo-binstall
|
||||
(writeShellScriptBin "fish" ''
|
||||
exec ${pkgs.fish}/bin/fish -C 'mise activate fish | source' "$@"
|
||||
'')
|
||||
];
|
||||
|
||||
RUST_SRC_PATH = "${pkgs.rust.packages.stable.rustPlatform.rustLibSrc}";
|
||||
}
|
||||
buildInputs = with pkgs; [
|
||||
pkg-config
|
||||
openssl.dev
|
||||
];
|
||||
|
||||
shellHook = ''
|
||||
export TMPDIR=/tmp
|
||||
export NIX_LD="${pkgs.stdenv.cc.libc}/lib/ld-linux-x86-64.so.2"
|
||||
export NIX_LD_LIBRARY_PATH="${nix-ld-libs}/lib"
|
||||
export LD_LIBRARY_PATH="${nix-ld-libs}/lib''${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
|
||||
|
||||
export MISE_NODE_COMPILE=false
|
||||
eval "$(mise activate bash)"
|
||||
'';
|
||||
}
|
||||
8
git-town.toml
Normal file
@@ -0,0 +1,8 @@
|
||||
# See https://www.git-town.com/configuration-file for details
|
||||
|
||||
[branches]
|
||||
main = "main"
|
||||
|
||||
[hosting]
|
||||
forge-type = "github"
|
||||
github-connector = "gh"
|
||||
@@ -1,2 +1,2 @@
|
||||
[toolchain]
|
||||
channel = "stable"
|
||||
channel = "1.92.0"
|
||||
@@ -1,15 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
set -e
|
||||
cargo build \
|
||||
--bin revolt-delta \
|
||||
--bin revolt-bonfire \
|
||||
--bin revolt-autumn \
|
||||
--bin revolt-january \
|
||||
--bin revolt-gifbox
|
||||
|
||||
trap 'pkill -f revolt-' SIGINT
|
||||
cargo run --bin revolt-delta &
|
||||
cargo run --bin revolt-bonfire &
|
||||
cargo run --bin revolt-autumn &
|
||||
cargo run --bin revolt-january &
|
||||
cargo run --bin revolt-gifbox
|
||||
@@ -1 +1 @@
|
||||
0.9.2
|
||||
0.11.0
|
||||
|
||||