diff --git a/crates/core/database/src/util/reference.rs b/crates/core/database/src/util/reference.rs index 204aff0d..64357a96 100644 --- a/crates/core/database/src/util/reference.rs +++ b/crates/core/database/src/util/reference.rs @@ -7,7 +7,7 @@ use schemars::{ JsonSchema, }; -use crate::{Bot, Channel, Database, Webhook}; +use crate::{Bot, Channel, Database, Message, Webhook}; /// Reference to some object in the database #[derive(Serialize, Deserialize)] @@ -32,6 +32,11 @@ impl Reference { db.fetch_channel(&self.id).await } + /// Fetch message from Ref + pub async fn as_message(&self, db: &Database) -> Result { + db.fetch_message(&self.id).await + } + /// Fetch webhook from Ref pub async fn as_webhook(&self, db: &Database) -> Result { db.fetch_webhook(&self.id).await diff --git a/crates/delta/src/routes/channels/channel_fetch.rs b/crates/delta/src/routes/channels/channel_fetch.rs index da762a87..3589f636 100644 --- a/crates/delta/src/routes/channels/channel_fetch.rs +++ b/crates/delta/src/routes/channels/channel_fetch.rs @@ -1,8 +1,11 @@ -use revolt_quark::{ - models::{Channel, User}, - perms, Database, Permission, Ref, Result, +use revolt_database::{ + util::{permissions::DatabasePermissionQuery, reference::Reference}, + Database, User, }; +use revolt_models::v0; +use revolt_permissions::{calculate_channel_permissions, ChannelPermission}; +use revolt_result::Result; use rocket::{serde::json::Json, State}; /// # Fetch Channel @@ -10,12 +13,54 @@ use rocket::{serde::json::Json, State}; /// Fetch channel by its id. #[openapi(tag = "Channel Information")] #[get("/")] -pub async fn req(db: &State, user: User, target: Ref) -> Result> { +pub async fn fetch_channel( + db: &State, + user: User, + target: Reference, +) -> Result> { let channel = target.as_channel(db).await?; - perms(&user) - .channel(&channel) - .throw_permission(db, Permission::ViewChannel) - .await?; - Ok(Json(channel)) + let mut query = DatabasePermissionQuery::new(db, &user).channel(&channel); + calculate_channel_permissions(&mut query) + .await + .throw_if_lacking_channel_permission(ChannelPermission::ViewChannel)?; + + Ok(Json(channel.into())) +} + +#[cfg(test)] +mod test { + use crate::{rocket, util::test::TestHarness}; + use revolt_database::Channel; + use revolt_models::v0; + use rocket::http::{Header, Status}; + + #[rocket::async_test] + async fn fetch_channel() { + let harness = TestHarness::new().await; + let (_, session, user) = harness.new_user().await; + + let group = Channel::create_group( + &harness.db, + v0::DataCreateGroup { + name: TestHarness::rand_string(), + ..Default::default() + }, + user.id.to_string(), + ) + .await + .unwrap(); + + let response = harness + .client + .get(format!("/channels/{}", group.id())) + .header(Header::new("x-session-token", session.token.to_string())) + .dispatch() + .await; + + assert_eq!(response.status(), Status::Ok); + + let channel: v0::Channel = response.into_json().await.expect("`Channel`"); + assert_eq!(channel, group.into()); + } } diff --git a/crates/delta/src/routes/channels/message_fetch.rs b/crates/delta/src/routes/channels/message_fetch.rs index 3fcba734..85897ffa 100644 --- a/crates/delta/src/routes/channels/message_fetch.rs +++ b/crates/delta/src/routes/channels/message_fetch.rs @@ -1,26 +1,34 @@ -use revolt_quark::{ - models::{Message, User}, - perms, Db, Error, Permission, Ref, Result, +use revolt_database::{ + util::{permissions::DatabasePermissionQuery, reference::Reference}, + Database, User, }; - -use rocket::serde::json::Json; +use revolt_models::v0; +use revolt_permissions::{calculate_channel_permissions, ChannelPermission}; +use revolt_result::{create_error, Result}; +use rocket::{serde::json::Json, State}; /// # Fetch Message /// /// Retrieves a message by its id. #[openapi(tag = "Messaging")] #[get("//messages/")] -pub async fn req(db: &Db, user: User, target: Ref, msg: Ref) -> Result> { +pub async fn req( + db: &State, + user: User, + target: Reference, + msg: Reference, +) -> Result> { let channel = target.as_channel(db).await?; - perms(&user) - .channel(&channel) - .throw_permission(db, Permission::ViewChannel) - .await?; + + let mut query = DatabasePermissionQuery::new(db, &user).channel(&channel); + calculate_channel_permissions(&mut query) + .await + .throw_if_lacking_channel_permission(ChannelPermission::ViewChannel)?; let message = msg.as_message(db).await?; - if message.channel != channel.as_id() { - return Err(Error::NotFound); + if message.channel != channel.id() { + return Err(create_error!(NotFound)); } - Ok(Json(message)) + Ok(Json(message.into())) } diff --git a/crates/delta/src/routes/channels/mod.rs b/crates/delta/src/routes/channels/mod.rs index 8dd0b69c..4204bd14 100644 --- a/crates/delta/src/routes/channels/mod.rs +++ b/crates/delta/src/routes/channels/mod.rs @@ -30,7 +30,7 @@ mod webhook_fetch_all; pub fn routes() -> (Vec, OpenApi) { openapi_get_routes_spec![ channel_ack::req, - channel_fetch::req, + channel_fetch::fetch_channel, members_fetch::req, channel_delete::req, channel_edit::req,