Merge branch 'master' into webhooks
This commit is contained in:
@@ -11,8 +11,8 @@ pub mod routes;
|
||||
pub mod util;
|
||||
|
||||
use async_std::channel::unbounded;
|
||||
use revolt_quark::authifier::{Authifier, AuthifierEvent};
|
||||
use revolt_quark::events::client::EventV1;
|
||||
use revolt_quark::rauth::{RAuth, RAuthEvent};
|
||||
use revolt_quark::DatabaseInfo;
|
||||
use rocket::data::ToByteUnit;
|
||||
|
||||
@@ -28,25 +28,25 @@ async fn rocket() -> _ {
|
||||
let db = DatabaseInfo::Auto.connect().await.unwrap();
|
||||
db.migrate_database().await.unwrap();
|
||||
|
||||
// Setup rAuth event channel
|
||||
// Setup Authifier event channel
|
||||
let (sender, receiver) = unbounded();
|
||||
|
||||
// Setup rAuth
|
||||
let rauth = RAuth {
|
||||
// Setup Authifier
|
||||
let authifier = Authifier {
|
||||
database: db.clone().into(),
|
||||
config: revolt_quark::util::rauth::config(),
|
||||
config: revolt_quark::util::authifier::config(),
|
||||
event_channel: Some(sender),
|
||||
};
|
||||
|
||||
// Launch a listener for rAuth events
|
||||
// Launch a listener for Authifier events
|
||||
async_std::task::spawn(async move {
|
||||
while let Ok(event) = receiver.recv().await {
|
||||
match &event {
|
||||
RAuthEvent::CreateSession { .. } | RAuthEvent::CreateAccount { .. } => {
|
||||
AuthifierEvent::CreateSession { .. } | AuthifierEvent::CreateAccount { .. } => {
|
||||
EventV1::Auth(event).global().await
|
||||
}
|
||||
RAuthEvent::DeleteSession { user_id, .. }
|
||||
| RAuthEvent::DeleteAllSessions { user_id, .. } => {
|
||||
AuthifierEvent::DeleteSession { user_id, .. }
|
||||
| AuthifierEvent::DeleteAllSessions { user_id, .. } => {
|
||||
let id = user_id.to_string();
|
||||
EventV1::Auth(event).private(id).await
|
||||
}
|
||||
@@ -66,7 +66,7 @@ async fn rocket() -> _ {
|
||||
.mount("/", revolt_quark::web::cors::catch_all_options_routes())
|
||||
.mount("/", revolt_quark::web::ratelimiter::routes())
|
||||
.mount("/swagger/", revolt_quark::web::swagger::routes())
|
||||
.manage(rauth)
|
||||
.manage(authifier)
|
||||
.manage(db)
|
||||
.manage(cors.clone())
|
||||
.attach(revolt_quark::web::ratelimiter::RatelimitFairing)
|
||||
|
||||
@@ -10,6 +10,7 @@ mod invites;
|
||||
mod onboard;
|
||||
mod push;
|
||||
mod root;
|
||||
mod safety;
|
||||
mod servers;
|
||||
mod sync;
|
||||
mod users;
|
||||
@@ -28,9 +29,10 @@ pub fn mount(mut rocket: Rocket<Build>) -> Rocket<Build> {
|
||||
"/servers" => servers::routes(),
|
||||
"/invites" => invites::routes(),
|
||||
"/custom" => customisation::routes(),
|
||||
"/auth/account" => rocket_rauth::routes::account::routes(),
|
||||
"/auth/session" => rocket_rauth::routes::session::routes(),
|
||||
"/auth/mfa" => rocket_rauth::routes::mfa::routes(),
|
||||
"/safety" => safety::routes(),
|
||||
"/auth/account" => rocket_authifier::routes::account::routes(),
|
||||
"/auth/session" => rocket_authifier::routes::session::routes(),
|
||||
"/auth/mfa" => rocket_authifier::routes::mfa::routes(),
|
||||
"/onboard" => onboard::routes(),
|
||||
"/push" => push::routes(),
|
||||
"/sync" => sync::routes(),
|
||||
@@ -108,6 +110,12 @@ fn custom_openapi_spec() -> OpenApi {
|
||||
"Emojis"
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "Platform Moderation",
|
||||
"tags": [
|
||||
"User Safety"
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "Authentication",
|
||||
"tags": [
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
use crate::util::regex::RE_USERNAME;
|
||||
use revolt_quark::{models::User, rauth::models::Session, Database, EmptyResponse, Error, Result};
|
||||
use revolt_quark::{
|
||||
authifier::models::Session, models::User, Database, EmptyResponse, Error, Result,
|
||||
};
|
||||
|
||||
use rocket::{serde::json::Json, State};
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
use revolt_quark::{models::User, rauth::models::Session};
|
||||
use revolt_quark::{authifier::models::Session, models::User};
|
||||
use rocket::serde::json::Json;
|
||||
use serde::Serialize;
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
use revolt_quark::{
|
||||
rauth::{
|
||||
authifier::{
|
||||
models::{Session, WebPushSubscription},
|
||||
RAuth,
|
||||
Authifier,
|
||||
},
|
||||
EmptyResponse, Error, Result,
|
||||
};
|
||||
@@ -16,13 +16,13 @@ use rocket::{serde::json::Json, State};
|
||||
#[openapi(tag = "Web Push")]
|
||||
#[post("/subscribe", data = "<data>")]
|
||||
pub async fn req(
|
||||
rauth: &State<RAuth>,
|
||||
authifier: &State<Authifier>,
|
||||
mut session: Session,
|
||||
data: Json<WebPushSubscription>,
|
||||
) -> Result<EmptyResponse> {
|
||||
session.subscription = Some(data.into_inner());
|
||||
session
|
||||
.save(rauth)
|
||||
.save(authifier)
|
||||
.await
|
||||
.map(|_| EmptyResponse)
|
||||
.map_err(|_| Error::DatabaseError {
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
use revolt_quark::{
|
||||
rauth::{models::Session, RAuth},
|
||||
authifier::{models::Session, Authifier},
|
||||
EmptyResponse, Error, Result,
|
||||
};
|
||||
|
||||
@@ -10,10 +10,10 @@ use rocket::State;
|
||||
/// Remove the Web Push subscription associated with the current session.
|
||||
#[openapi(tag = "Web Push")]
|
||||
#[post("/unsubscribe")]
|
||||
pub async fn req(rauth: &State<RAuth>, mut session: Session) -> Result<EmptyResponse> {
|
||||
pub async fn req(authifier: &State<Authifier>, mut session: Session) -> Result<EmptyResponse> {
|
||||
session.subscription = None;
|
||||
session
|
||||
.save(rauth)
|
||||
.save(authifier)
|
||||
.await
|
||||
.map(|_| EmptyResponse)
|
||||
.map_err(|_| Error::DatabaseError {
|
||||
|
||||
@@ -119,12 +119,21 @@ pub async fn root() -> Result<Json<RevoltConfig>> {
|
||||
app: APP_URL.to_string(),
|
||||
vapid: VAPID_PUBLIC_KEY.to_string(),
|
||||
build: BuildInformation {
|
||||
commit_sha: env!("VERGEN_GIT_SHA", "<failed to generate>").to_string(),
|
||||
commit_timestamp: env!("VERGEN_GIT_COMMIT_TIMESTAMP", "<failed to generate>")
|
||||
commit_sha: option_env!("VERGEN_GIT_SHA")
|
||||
.unwrap_or_else(|| "<failed to generate>")
|
||||
.to_string(),
|
||||
commit_timestamp: option_env!("VERGEN_GIT_COMMIT_TIMESTAMP")
|
||||
.unwrap_or_else(|| "<failed to generate>")
|
||||
.to_string(),
|
||||
semver: option_env!("VERGEN_GIT_SEMVER")
|
||||
.unwrap_or_else(|| "<failed to generate>")
|
||||
.to_string(),
|
||||
origin_url: option_env!("GIT_ORIGIN_URL")
|
||||
.unwrap_or_else(|| "<failed to generate>")
|
||||
.to_string(),
|
||||
timestamp: option_env!("VERGEN_BUILD_TIMESTAMP")
|
||||
.unwrap_or_else(|| "<failed to generate>")
|
||||
.to_string(),
|
||||
semver: env!("VERGEN_GIT_SEMVER", "<failed to generate>").to_string(),
|
||||
origin_url: env!("GIT_ORIGIN_URL", "<failed to generate>").to_string(),
|
||||
timestamp: env!("VERGEN_BUILD_TIMESTAMP", "<failed to generate>").to_string(),
|
||||
},
|
||||
}))
|
||||
}
|
||||
|
||||
11
crates/delta/src/routes/safety/mod.rs
Normal file
11
crates/delta/src/routes/safety/mod.rs
Normal file
@@ -0,0 +1,11 @@
|
||||
use revolt_rocket_okapi::revolt_okapi::openapi3::OpenApi;
|
||||
use rocket::Route;
|
||||
|
||||
mod report_content;
|
||||
|
||||
pub fn routes() -> (Vec<Route>, OpenApi) {
|
||||
openapi_get_routes_spec![
|
||||
// Reports
|
||||
report_content::report_content
|
||||
]
|
||||
}
|
||||
159
crates/delta/src/routes/safety/report_content.rs
Normal file
159
crates/delta/src/routes/safety/report_content.rs
Normal file
@@ -0,0 +1,159 @@
|
||||
use revolt_quark::events::client::EventV1;
|
||||
use revolt_quark::models::report::ReportedContent;
|
||||
use revolt_quark::models::snapshot::{Snapshot, SnapshotContent};
|
||||
use revolt_quark::models::{Report, User};
|
||||
use revolt_quark::{Db, Error, Result};
|
||||
use serde::Deserialize;
|
||||
use ulid::Ulid;
|
||||
use validator::Validate;
|
||||
|
||||
use rocket::serde::json::Json;
|
||||
|
||||
/// # Report Data
|
||||
#[derive(Validate, Deserialize, JsonSchema)]
|
||||
pub struct DataReportContent {
|
||||
/// Content being reported
|
||||
content: ReportedContent,
|
||||
/// Additional report description
|
||||
#[validate(length(min = 0, max = 1000))]
|
||||
#[serde(default)]
|
||||
additional_context: String,
|
||||
}
|
||||
|
||||
/// # Report Content
|
||||
///
|
||||
/// Report a piece of content to the moderation team.
|
||||
#[openapi(tag = "User Safety")]
|
||||
#[post("/report", data = "<data>")]
|
||||
pub async fn report_content(db: &Db, user: User, data: Json<DataReportContent>) -> Result<()> {
|
||||
let data = data.into_inner();
|
||||
data.validate()
|
||||
.map_err(|error| Error::FailedValidation { error })?;
|
||||
|
||||
// Bots cannot create reports
|
||||
if user.bot.is_some() {
|
||||
return Err(Error::IsBot);
|
||||
}
|
||||
|
||||
// Find the content and create a snapshot of it
|
||||
// Also retrieve any references to Files
|
||||
let (content, files): (SnapshotContent, Vec<String>) = match &data.content {
|
||||
ReportedContent::Message { id, .. } => {
|
||||
let message = db.fetch_message(id).await?;
|
||||
|
||||
// Users cannot report themselves
|
||||
if message.author == user.id {
|
||||
return Err(Error::CannotReportYourself);
|
||||
}
|
||||
|
||||
// Collect message attachments
|
||||
let files = message
|
||||
.attachments
|
||||
.as_ref()
|
||||
.map(|attachments| attachments.iter().map(|x| x.id.to_string()).collect())
|
||||
.unwrap_or_default();
|
||||
|
||||
// Collect prior context
|
||||
let prior_context = db
|
||||
.fetch_messages(
|
||||
&message.channel,
|
||||
Some(15),
|
||||
Some(message.id.to_string()),
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
)
|
||||
.await?;
|
||||
|
||||
// Collect leading context
|
||||
let leading_context = db
|
||||
.fetch_messages(
|
||||
&message.channel,
|
||||
Some(15),
|
||||
None,
|
||||
Some(message.id.to_string()),
|
||||
None,
|
||||
None,
|
||||
)
|
||||
.await?;
|
||||
|
||||
(
|
||||
SnapshotContent::Message {
|
||||
message,
|
||||
prior_context,
|
||||
leading_context,
|
||||
},
|
||||
files,
|
||||
)
|
||||
}
|
||||
ReportedContent::Server { id, .. } => {
|
||||
let server = db.fetch_server(id).await?;
|
||||
|
||||
// Users cannot report their own server
|
||||
if server.owner == user.id {
|
||||
return Err(Error::CannotReportYourself);
|
||||
}
|
||||
|
||||
// Collect server's icon and banner
|
||||
let files = [&server.icon, &server.banner]
|
||||
.iter()
|
||||
.filter_map(|x| x.as_ref().map(|x| x.id.to_string()))
|
||||
.collect();
|
||||
|
||||
(SnapshotContent::Server(server), files)
|
||||
}
|
||||
ReportedContent::User { id, .. } => {
|
||||
let reported_user = db.fetch_user(id).await?;
|
||||
|
||||
// Users cannot report themselves
|
||||
if reported_user.id == user.id {
|
||||
return Err(Error::CannotReportYourself);
|
||||
}
|
||||
|
||||
// Collect user's avatar and profile background
|
||||
let files = [
|
||||
reported_user.avatar.as_ref(),
|
||||
reported_user
|
||||
.profile
|
||||
.as_ref()
|
||||
.and_then(|profile| profile.background.as_ref()),
|
||||
]
|
||||
.iter()
|
||||
.filter_map(|x| x.as_ref().map(|x| x.id.to_string()))
|
||||
.collect();
|
||||
|
||||
(SnapshotContent::User(reported_user), files)
|
||||
}
|
||||
};
|
||||
|
||||
// Mark all the attachments as reported
|
||||
for file in files {
|
||||
db.mark_attachment_as_reported(&file).await?;
|
||||
}
|
||||
|
||||
// Generate an id for the report
|
||||
let id = Ulid::new().to_string();
|
||||
|
||||
// Save a snapshot of the content
|
||||
let snapshot = Snapshot {
|
||||
id: Ulid::new().to_string(),
|
||||
report_id: id.to_string(),
|
||||
content,
|
||||
};
|
||||
|
||||
db.insert_snapshot(&snapshot).await?;
|
||||
|
||||
// Save the report
|
||||
let report = Report {
|
||||
id,
|
||||
author_id: user.id,
|
||||
content: data.content,
|
||||
additional_context: data.additional_context,
|
||||
};
|
||||
|
||||
db.insert_report(&report).await?;
|
||||
|
||||
EventV1::ReportCreate(report).global().await;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
@@ -1,5 +1,5 @@
|
||||
use crate::util::regex::RE_USERNAME;
|
||||
use revolt_quark::{models::User, rauth::models::Account, Database, Error, Result};
|
||||
use revolt_quark::{authifier::models::Account, models::User, Database, Error, Result};
|
||||
use rocket::{serde::json::Json, State};
|
||||
use serde::{Deserialize, Serialize};
|
||||
use validator::Validate;
|
||||
|
||||
Reference in New Issue
Block a user