feat(users): implement relationships, DMs, proper perms

This commit is contained in:
Paul Makles
2022-02-04 13:38:24 +00:00
parent 63064cc9bb
commit 1aafa51033
11 changed files with 117 additions and 77 deletions

View File

@@ -1,9 +1,19 @@
use revolt_quark::{Error, Result};
//! Fetch another user's profile
//!
//! Will fail if the authenticated user does not
//! have permission to access the other user's profile.
use mongodb::bson::doc;
use rocket::serde::json::Value;
use revolt_quark::{Ref, Result, Error, models::{User, user::UserProfile}, perms, Database};
use rocket::{serde::json::Json, State};
#[get("/<target>/profile")]
pub async fn req(/*user: UserRef, target: Ref*/ target: String) -> Result<Value> {
todo!()
pub async fn req(db: &State<Database>, user: User, target: Ref) -> Result<Json<UserProfile>> {
let target = target.as_user(db).await?;
if perms(&user).user(&target).calc_user(db).await.get_view_profile() {
Ok(Json(target.profile.unwrap_or_default()))
} else {
Err(Error::NotFound)
}
}