feat(users): implement relationships, DMs, proper perms

This commit is contained in:
Paul Makles
2022-02-04 13:38:24 +00:00
parent 63064cc9bb
commit 1aafa51033
11 changed files with 117 additions and 77 deletions

View File

@@ -1,11 +1,13 @@
use revolt_quark::{Error, Result};
use revolt_quark::models::User;
use revolt_quark::{Result, Database};
use futures::try_join;
use mongodb::bson::doc;
use mongodb::options::{Collation, FindOneOptions};
use rocket::serde::json::Value;
use rocket::State;
use rocket::serde::json::Json;
#[put("/<username>/friend")]
pub async fn req(/*user: UserRef,*/ username: String) -> Result<Value> {
todo!()
pub async fn req(db: &State<Database>, user: User, username: String) -> Result<Json<User>> {
let mut target = db.fetch_user_by_username(&username).await?;
user.add_friend(db, &mut target).await?;
Ok(Json(target.with_auto_perspective(db, &user).await))
}

View File

@@ -1,10 +1,13 @@
use revolt_quark::{Error, Result};
use revolt_quark::models::User;
use revolt_quark::{Result, Database};
use futures::try_join;
use mongodb::bson::doc;
use rocket::serde::json::Value;
use rocket::State;
use rocket::serde::json::Json;
#[put("/<target>/block")]
pub async fn req(/*user: UserRef, target: Ref*/ target: String) -> Result<Value> {
todo!()
#[put("/<username>/block")]
pub async fn req(db: &State<Database>, user: User, username: String) -> Result<Json<User>> {
let mut target = db.fetch_user_by_username(&username).await?;
user.block_user(db, &mut target).await?;
Ok(Json(target.with_auto_perspective(db, &user).await))
}

View File

@@ -1,3 +1,5 @@
//! Edit currently authenticated user.
use revolt_quark::models::File;
use revolt_quark::{Error, Result, Database};
use revolt_quark::models::user::{FieldsUser, User, PartialUser};
@@ -96,5 +98,5 @@ pub async fn req(db: &State<Database>, mut user: User, data: Json<Data>) -> Resu
}
db.update_user(&user.id, &partial, data.remove.unwrap_or_default()).await?;
Ok(Json(user))
Ok(Json(user.foreign()))
}

View File

@@ -1,9 +1,13 @@
use revolt_quark::{Error, Result};
//! Fetch direct messages that the current user is involved in
//!
//! This includes group DMs and "active" 1:1 DMs.
use revolt_quark::{Result, models::{Channel, User}, Database};
use mongodb::bson::doc;
use rocket::serde::json::Value;
use rocket::{serde::json::Json, State};
#[get("/dms")]
pub async fn req(/*user: UserRef*/) -> Result<Value> {
todo!()
pub async fn req(db: &State<Database>, user: User) -> Result<Json<Vec<Channel>>> {
db.find_direct_messages(&user.id).await.map(Json)
}

View File

@@ -1,9 +1,19 @@
use revolt_quark::{Error, Result};
//! Fetch another user's profile
//!
//! Will fail if the authenticated user does not
//! have permission to access the other user's profile.
use mongodb::bson::doc;
use rocket::serde::json::Value;
use revolt_quark::{Ref, Result, Error, models::{User, user::UserProfile}, perms, Database};
use rocket::{serde::json::Json, State};
#[get("/<target>/profile")]
pub async fn req(/*user: UserRef, target: Ref*/ target: String) -> Result<Value> {
todo!()
pub async fn req(db: &State<Database>, user: User, target: Ref) -> Result<Json<UserProfile>> {
let target = target.as_user(db).await?;
if perms(&user).user(&target).calc_user(db).await.get_view_profile() {
Ok(Json(target.profile.unwrap_or_default()))
} else {
Err(Error::NotFound)
}
}

View File

@@ -7,5 +7,5 @@ use rocket::serde::json::Json;
#[get("/@me")]
pub async fn req(user: User) -> Result<Json<User>> {
Ok(Json(user))
Ok(Json(user.foreign()))
}

View File

@@ -10,9 +10,10 @@ use rocket::{serde::json::Json, State};
#[get("/<target>")]
pub async fn req(db: &State<Database>, user: User, target: Ref) -> Result<Json<User>> {
let target = target.as_user(db).await?;
if perms(&user).user(&target).calc_user(db).await.get_access() {
Ok(Json(target))
let permissions = perms(&user).user(&target).calc_user(db).await;
if permissions.get_access() {
Ok(Json(target.with_perspective(&user, &permissions)))
} else {
Err(Error::NotFound)
}

View File

@@ -1,11 +1,22 @@
use revolt_quark::{Error, Result};
//! Fetch IDs of servers and friends that are mutually shared between the
//! authenticated user and the target user
use futures::StreamExt;
use mongodb::bson::{doc, Document};
use mongodb::options::FindOptions;
use revolt_quark::models::User;
use revolt_quark::{Error, Result, perms, Database, Ref};
use rocket::State;
use rocket::serde::json::Value;
#[get("/<target>/mutual")]
pub async fn req(/*user: UserRef, target: Ref*/ target: String) -> Result<Value> {
todo!()
pub async fn req(db: &State<Database>, user: User, target: Ref) -> Result<Value> {
let target = target.as_user(db).await?;
if perms(&user).user(&target).calc_user(db).await.get_view_profile() {
Ok(json!({
"users": db.fetch_mutual_user_ids(&user.id, &target.id).await?,
"servers": db.fetch_mutual_server_ids(&user.id, &target.id).await?
}))
} else {
Err(Error::NotFound)
}
}

View File

@@ -1,10 +1,13 @@
use revolt_quark::{Error, Result};
use revolt_quark::models::User;
use revolt_quark::{Result, Database};
use futures::try_join;
use mongodb::bson::doc;
use rocket::serde::json::Value;
use rocket::State;
use rocket::serde::json::Json;
#[delete("/<target>/friend")]
pub async fn req(/*user: UserRef, target: Ref*/ target: String) -> Result<Value> {
todo!()
#[delete("/<username>/friend")]
pub async fn req(db: &State<Database>, user: User, username: String) -> Result<Json<User>> {
let mut target = db.fetch_user_by_username(&username).await?;
user.remove_friend(db, &mut target).await?;
Ok(Json(target.with_auto_perspective(db, &user).await))
}

View File

@@ -1,10 +1,13 @@
use revolt_quark::{Error, Result};
use revolt_quark::models::User;
use revolt_quark::{Result, Database};
use futures::try_join;
use mongodb::bson::doc;
use rocket::serde::json::Value;
use rocket::State;
use rocket::serde::json::Json;
#[delete("/<target>/block")]
pub async fn req(/*user: UserRef, target: Ref*/ target: String) -> Result<Value> {
todo!()
#[delete("/<username>/block")]
pub async fn req(db: &State<Database>, user: User, username: String) -> Result<Json<User>> {
let mut target = db.fetch_user_by_username(&username).await?;
user.unblock_user(db, &mut target).await?;
Ok(Json(target.with_auto_perspective(db, &user).await))
}