Compare commits

..

81 Commits

Author SHA1 Message Date
Zomatree
805f2c4528 feat: env var to control rabbitmq event ingress
Signed-off-by: Zomatree <me@zomatree.live>
2026-03-15 19:31:04 +00:00
Zomatree
5a6155fdb6 fix: update incorrect env var name
Signed-off-by: Zomatree <me@zomatree.live>
2026-03-10 01:46:02 +00:00
Zomatree
c5844b6281 fix/hosepipe 2026-03-05 04:24:54 +00:00
Tom
24d0d2b726 fix: no node state set on channel creation (#653)
* fix: no node state set on channel creation

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* Update "join_call" logic to handle issue of "user is already connected to a channel that cannot be found"

Fixes stoatchat/for-web#951

Signed-off-by: Chris Hultin <chris.hultin@gmail.com>

* feat: remove node key when channel is empty or deleted

---------

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>
Signed-off-by: Chris Hultin <chris.hultin@gmail.com>
Co-authored-by: Chris Hultin <chris.hultin@gmail.com>
2026-03-02 20:45:42 -08:00
Kristian Kjærgård
f777e2863c feat: add bug report template for issue tracking (#627)
Signed-off-by: Bobby <31723128+kris6673@users.noreply.github.com>
2026-03-01 11:16:45 -08:00
Jacob Schlecht
a80ad1cbe5 fix: Fix typo for p256dh in vapid notification flow (#622)
* fix: Fix typo for p256dh in vapid notification flow

This commit was made without the use of generative AI.

Signed-off-by: Jacob Schlecht <dadadah@echoha.us>

* fix: Revert .clone() change as it works fine without that change

This commit was made without the use of generative AI.

Signed-off-by: Jacob Schlecht <dadadah@echoha.us>

---------

Signed-off-by: Jacob Schlecht <dadadah@echoha.us>
2026-03-01 11:06:13 -08:00
Christopher Hultin
0b522ebddc feat: expose global and user limits in root API response (#644)
* feat: expose global and user limits in root API response

Signed-off-by: Chris Hultin <chris.hultin@gmail.com>

* add missing file upload limits

Signed-off-by: Chris Hultin <chris.hultin@gmail.com>

* extract logic to generate "UserLimits" struct from "config"

Signed-off-by: Chris Hultin <chris.hultin@gmail.com>

* convert user limits from feature limits function to impl function

Signed-off-by: Chris Hultin <chris.hultin@gmail.com>

* picking nits

Signed-off-by: Chris Hultin <chris.hultin@gmail.com>

---------

Signed-off-by: Chris Hultin <chris.hultin@gmail.com>
2026-03-01 11:03:49 -08:00
stoat-tofu[bot]
6bd045eb79 chore: modify .github/workflows/release-webhook.yml 2026-02-20 20:45:25 +00:00
Tom
0698e115e8 fix: default video resolution is a non-existent size (#601)
fixes #588
2026-02-18 10:07:35 +00:00
stoat-release[bot]
8e3765df4c chore(main): release 0.11.5 (#598)
* chore(main): release 0.11.5

* chore: update Cargo.lock

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

---------

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-17 22:14:57 +00:00
Paul Makles
1c98ead695 revert: disable user update events (#593)
* Revert "fix: cut presence traffic too while we engineer a new events architecture (#561)"

This reverts commit 1f8ea963ad.

* Revert "fix: cut events traffic while we engineer a new events architecture (#559)"

This reverts commit a11986ba1a.

* chore: only revert user update
2026-02-17 22:13:17 +00:00
stoat-release[bot]
8849d03cd2 chore(main): release 0.11.4 (#591)
* chore(main): release 0.11.4

* chore: update Cargo.lock

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

---------

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-16 20:02:01 +00:00
Paul Makles
a75e4eabfc fix: add separate config option for redis events replica url (#590) 2026-02-16 19:37:04 +00:00
stoat-release[bot]
74f0c537e6 chore(main): release 0.11.3 (#562)
* chore(main): release 0.11.3

* chore: update Cargo.lock

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

---------

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-13 19:50:32 +00:00
Paul Makles
1f8ea963ad fix: cut presence traffic too while we engineer a new events architecture (#561)
Signed-off-by: izzy <me@insrt.uk>
2026-02-13 19:49:23 +00:00
stoat-release[bot]
7c7f4f24de chore(main): release 0.11.2 (#560)
* chore(main): release 0.11.2

* chore: update Cargo.lock

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

---------

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-13 19:42:13 +00:00
Paul Makles
a11986ba1a fix: cut events traffic while we engineer a new events architecture (#559)
Signed-off-by: izzy <me@insrt.uk>
2026-02-13 19:40:51 +00:00
stoat-release[bot]
2e87696c83 chore(main): release 0.11.1 (#554) 2026-02-13 00:21:29 +00:00
Angelo Kontaxis
94cb916231 fix: bots in multiple voice channel logic (#544) 2026-02-13 00:11:15 +00:00
Paul Makles
95c7dbc793 ci: do not interpolate directly into release workflows (#545) 2026-02-12 16:47:05 +00:00
stoat-release[bot]
ba798490e2 chore(main): release 0.11.0 (#525)
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-10 20:48:36 +00:00
Paul Makles
5132270f2e feat: appeal to the almighty Spamhaus (#524) 2026-02-10 20:46:49 +00:00
Tanner Stirrat
4a0957b5ec Update repo readme header (#511)
Update README.md

Signed-off-by: Tanner Stirrat <tstirrat@gmail.com>
2026-02-09 20:51:56 +00:00
stoat-release[bot]
1bfb2a7214 chore(main): release 0.10.3 (#509)
* chore(main): release 0.10.3

* chore: update Cargo.lock

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

---------

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-09 20:51:30 +00:00
Paul Makles
84483cee7a fix: update Revolt -> Stoat in email titles/desc. (#508) 2026-02-07 16:24:53 +00:00
stoat-release[bot]
4bfd79c42c chore(main): release 0.10.2 (#506)
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-01-25 22:43:56 +00:00
Paul Makles
413aa04dca fix: thumbnailification requires rgb8/rgba8 (#505) 2026-01-25 22:36:31 +00:00
stoat-release[bot]
5d3e65e076 chore(main): release 0.10.1 (#504)
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-01-25 21:27:20 +00:00
Paul Makles
98da8a28a0 fix: use Rust 1.92.0 for Docker build (#503) 2026-01-25 21:03:34 +00:00
stoat-release[bot]
84b57dee57 chore(main): release 0.10.0 (#502)
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-01-25 20:58:16 +00:00
stoat-tofu[bot]
1fef495d5e chore: modify .github/workflows/git-town.yml 2026-01-25 20:50:19 +00:00
stoat-tofu[bot]
310d82819d chore: modify .github/workflows/git-town.yml 2026-01-25 20:44:37 +00:00
stoat-tofu[bot]
5611dab86f chore: modify .github/workflows/git-town.yml 2026-01-25 20:41:30 +00:00
Paul Makles
01ded209c6 feat: repository architecture for files crate w. added tests (#498) 2026-01-25 20:32:22 +00:00
Angelo Kontaxis
a1a21252d0 fix: expose ratelimit headers via cors (#496) 2026-01-25 19:43:06 +00:00
Angelo Kontaxis
0dc5442498 feat: allow kicking members from voice channels (#495) 2026-01-25 19:42:48 +00:00
Paul Makles
9fb55f74dc chore: add git-town to mise tools (#497) 2026-01-24 23:46:10 +00:00
stoat-tofu[bot]
24cfc33907 chore: modify .github/workflows/git-town.yml 2026-01-24 23:44:00 +00:00
stoat-tofu[bot]
ce2a4eccbd chore: modify .github/workflows/git-town.yml 2026-01-24 23:36:32 +00:00
stoat-tofu[bot]
ff68679bad chore: modify .github/workflows/git-town.yml 2026-01-24 23:35:02 +00:00
stoat-tofu[bot]
9bdb7d7feb chore: modify .github/workflows/git-town.yml 2026-01-24 02:20:09 +00:00
stoat-tofu[bot]
3c51fad74d chore: modify .github/workflows/git-town.yml 2026-01-24 02:18:41 +00:00
stoat-tofu[bot]
4344419cdb chore: modify .github/workflows/git-town.yml 2026-01-24 02:10:51 +00:00
stoat-tofu[bot]
65efea020d chore: modify .github/workflows/git-town.yml 2026-01-24 02:01:05 +00:00
stoat-tofu[bot]
b9360b4d88 chore: modify .github/workflows/git-town.yml 2026-01-24 01:54:01 +00:00
stoat-tofu[bot]
12c187a386 chore: modify .github/workflows/git-town.yml 2026-01-24 01:11:53 +00:00
Paul Makles
2846f09c45 chore: switch to mise for tooling & update crates for publishing (#494) 2026-01-21 23:41:58 +00:00
stoat-release[bot]
50835f08c8 chore(main): release 0.9.4 (#491)
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: izzy <me@insrt.uk>
2026-01-10 17:55:04 +00:00
stoat-tofu[bot]
c413fbcb58 chore: modify .github/workflows/release-webhook.yml 2026-01-10 16:33:17 +00:00
Paul Makles
c674a9fd4e fix: persist credentials for git repo (#492) 2026-01-10 16:25:29 +00:00
Paul Makles
b2da2a8587 fix: checkout repo. before bumping lock (#490) 2026-01-10 16:22:42 +00:00
stoat-release[bot]
d0ea88f1f8 chore(main): release 0.9.3 (#488)
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
2026-01-10 16:04:28 +00:00
Paul Makles
92b466a5f0 chore: switch back to docker hub since we cache it now (#489) 2026-01-10 14:49:51 +00:00
Paul Makles
aeeafebefc fix: pipeline fixes (#487) 2026-01-10 14:46:57 +00:00
stoat-tofu[bot]
bf0048a052 chore: modify .github/workflows/release-webhook.yml 2026-01-10 13:19:24 +00:00
stoat-release[bot]
b4ba02218f chore(main): release 0.9.2 (#486)
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
2026-01-10 13:07:06 +00:00
Paul Makles
d13609c372 fix: disable publish for services (#485) 2026-01-10 13:06:33 +00:00
stoat-release[bot]
58fb269450 chore(main): release 0.9.1 (#484)
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
2026-01-10 12:59:50 +00:00
Paul Makles
303e52b476 fix(ci): pipeline fixes (marked as fix to force release) (#483) 2026-01-10 12:59:20 +00:00
stoat-release[bot]
868894f500 chore(main): release 0.9.0 (#475)
Co-authored-by: stoat-release[bot] <245062572+stoat-release[bot]@users.noreply.github.com>
2026-01-10 12:51:09 +00:00
Paul Makles
67d49b461f ci: use our arc runner set for Rust builds (#482) 2026-01-10 12:44:26 +00:00
Paul Makles
f89ee5a370 ci: send release notification on create (#481) 2026-01-09 21:05:42 +00:00
Angelo Kontaxis
2afea56e56 feat: add id field to role (#470) 2026-01-09 20:06:16 +00:00
Paul Makles
a5387b64af ci: use dev-dependency for revolt-presence (#480) 2026-01-09 19:21:45 +00:00
Paul Makles
0b178fc791 fix: correct string_cache in lockfile (#479) 2026-01-09 19:10:01 +00:00
Paul Makles
5d27a91e90 fix: correct miniz_oxide in lockfile (#478) 2026-01-09 19:05:49 +00:00
Paul Makles
e2016a2ab4 ci: add the dependency chain into release please (#477) 2026-01-08 23:07:33 +00:00
Paul Makles
924c7f5b18 ci: bootstrap sha (#476) 2026-01-08 22:39:44 +00:00
Paul Makles
22e46194ab ci: switch release please to simple mode (#474) 2026-01-08 22:36:04 +00:00
Paul Makles
ffdb2b6900 ci: switch api server as main package for release please (#473) 2026-01-08 22:24:45 +00:00
Paul Makles
a7b870c397 chore: configure release please (#472) 2026-01-08 22:16:50 +00:00
Simon Marty
b48eb28fc2 docs: remove outdated notice about perf. regression (#467) 2026-01-07 21:12:24 +00:00
Angelo Kontaxis
dc9c82aa4e fix: github webhook incorrect payload and formatting (#468) 2026-01-07 21:11:42 +00:00
Paul Makles
24fedf8c4d fix: respond with 201 if no body in requests (#465)
Signed-off-by: izzy <me@insrt.uk>
2025-11-16 15:24:39 +00:00
Paul Makles
dda20f44ae ci: correct build to ./docs/build (#463) 2025-11-14 22:11:21 +00:00
Paul Makles
0b7c132ace docs: initialise new docs with docusaurus (#460)
* docs: initialise new docs with docusaurus

* chore: sign off
Signed-off-by: izzy <me@insrt.uk>

* chore: lock pnpm version in package.json

Signed-off-by: izzy <me@insrt.uk>

* ci: specify package json to load pnpm version from

Signed-off-by: izzy <me@insrt.uk>

* docs: update repo. lifecycle details

Signed-off-by: izzy <me@insrt.uk>

* docs: add external links to for-web, for-android
chore: add default.nix to docs

* docs: correct headings in contrib

* ci: use cache dependency path

* fix: docusaurus configuration

---------

Signed-off-by: izzy <me@insrt.uk>
2025-11-14 22:06:20 +00:00
Paul Makles
e006cdd051 ci: prevent concurrency on docker/rust actions (#461) 2025-11-14 21:41:22 +00:00
stoat-tofu[bot]
ac2971a78d chore: modify .github/workflows/validate-pr-title.yml 2025-11-14 20:25:09 +00:00
Paul Makles
b7c2ca84ab chore: update branding in transactional emails (#458)
Signed-off-by: izzy <me@insrt.uk>
2025-11-12 22:19:34 +00:00
Paul Makles
82b492e529 ci: normalise workflow triggers (#459)
Signed-off-by: izzy <me@insrt.uk>
2025-11-12 22:17:11 +00:00
Angelo Kontaxis
d567155f12 feat: voice chats v2 (#414)
* initial livekit support

fix up code

undo changes to compose file

add back .env.example

* move voice states to global

* track current state

* more stuff

* fix redis key inconsistancy

* split voice ops into its own library

* feat(livekit): more permission handling

* feat(livekit): push unfinished code

* fix: include voice states in servercreate event
feat: call started system message in dms

* feat: implement missing permission syncs

* fix: remove locked rocket version

* fix: remove local testing values from config

* chore: switch to ids for parameter

* feat: make Channel::server return a reference

* feat: support multiple voice nodes

* fix: expose list of nodes

* fix: respond with the url when joining a voice channel

* feat: being moved between voice channels

* fix: use existing node if someone is already in the voice channel

* refactor: Remove VoiceChannel

* chore: add pushd to debug image script

* refactor: add error messages for Rabbit issues

* docs: add some notes on overrides; fix defaults

* fix: ensure limit is always at least 1 when sent to database

* fix: change permission check for fetching channel webhooks

* chore: mount API at /0.8/ as well

* fix: ensure ratelimiter adjusts for version prefix

* chore: bump version to 0.8.2

* chore: disable LTO because it likely overloads GitHub worker

* fix: don't allow users to time themselves out
closes #376

* fix: match new error type for status code

* feat: init crond crate

* feat: file deletion implementation

* chore: fix version references

* feat: add crond container definitions

* chore: clarify cargo deny / tomls

* feat: add company information to email footers

* chore: bump version to 0.8.3

* fix: don't bump the lockfile version

* fix: include `production` default value for config

* chore: ignore python venv and dev script for user generation

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* test: Add tests for invite/fetch

Signed-off-by: phazeschift <51278042+phazeschift@users.noreply.github.com>

* test: add utilities for common setup

Signed-off-by: phazeschift <51278042+phazeschift@users.noreply.github.com>

* test: add delete server channel test

Signed-off-by: phazeschift <51278042+phazeschift@users.noreply.github.com>

* feat: allow to set an icon when creating a group

Signed-off-by: Nils Ponsard <nilsponsard@gmail.com>

* fix: allow message pinning and unpinning for DM-like channels

Signed-off-by: Bradlee Barnes <69256931+StupidRepo@users.noreply.github.com>

* fix: remove SavedMessages and Group due to given permissions

Signed-off-by: Bradlee Barnes <69256931+StupidRepo@users.noreply.github.com>

* feat: allow bots to manage emojis (#407)

* Remove bot check on emoji create

Signed-off-by: Builderb <builderbgamer@gmail.com>

* Remove bot check on emoji delete

Signed-off-by: Builderb <builderbgamer@gmail.com>

---------

Signed-off-by: Builderb <builderbgamer@gmail.com>

* feat: add option to send message with missing replies

Signed-off-by: ShaksterNano <54268387+shaksternano@users.noreply.github.com>

* chore: bump version to 0.8.4
chore: enable webhooks in test builds

* ci: downgrade lockfile

* feat: Add Mass Mentions to the backend (#394)

* feat: create base of push daemon

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* Add outbound senders

* Make web_push send to rabbit instead (temp stuff)

* feat: stability and friend requests

* make vapid fr stuff not suck

* swap naming of queue

* move pushd into daemons folder

* fix cargo file for move into daemons folder

* feat: probably working fcm push notifs

* comment out fcm webpush stuff since the config keys dont exist

* fix fcm, name queues according to their prod status and configure routing keys

* add pushd to docker

* mix: Remove old code, add stuff to pushd

* fix: lockfile

* feat: update rocket to 5.0.1

* fix: fix queues and ack bugs

* Move rabbit messsage processing into ack queue

* chore: update readme

* chore: optimizations for ack database hits

* pushd flowchart

* misc: update flowchart

* exit dependancy hell

* add rocket_impl flag to authifier

* make the tests file of delta actually compile

* fix: don't silence every push message

* fix: don't silence all messages

* add debug logging for sending data to rabbit from message events

* validate mentions at a server membership level

* put back that import that was actually important

* minor fix to lockfile

* update delta authifier

* feat: proper permissions for push notifications

* add unit test for mention sanitization

* remove local file dependancy on authifier

* update ports to proper defaults

* fixTM the node bindings

* Theoretically configure docker releases for pushd

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* declare exchange in pushd and delta

* fix createbuckets script

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* fix: reference db implementation

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* fix: remove finally redundant code

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* fix: changes

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* fix: other changes

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* fix: make channel name return result

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* Add role mention parsing

* feat: update to mongo 3.1, add member generator.

* integrate mass mentions into pushd

* patch redis-rs with updated versions

* feat: chunk role mentions

* move permission bits to 37/38 to avoid livekit conflict

* change role mention format to <%id>

* fix the lockfile from merge

* fix: PR change requests

* feat: add tests

* fix: i am a dumbass

* fix: tests, again

---------

Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com>

* fix: show full branch name on github webhook messages

* fix: dont leak invisible presence to others

* fix: add back missing early adopter badge

* fix: update branch from main

* fix: update branch from main

* Merge remote-tracking branch 'origin/main' into livekit

* feat: private livekit nodes

* fix: remove node from channel voice state

* fix: get_voice_state has incorrect unique_key and allowed_sources should be lowercase

* chore: bump livekit dep

* feat: ability to force disconnect existing voice connection

* chore: cleanup code

* feat: - track call length
- move voice and video limits to config
- seperate VoiceInformation into model and db model
- fix build scripts

* fix: move call system message to daemon,
check max participants when creating a token to avoid giving tokens but erroring when attempting to join,
check if the channel actually supports voice

* fix: dont set max participants in livekit

* fix: remove VoiceChannel channel type
fix: calculate user overwrites correctly
fix: dont include personal info in livekit user metadata
fix: revoke video permissons on denied publish
fix: add video to default permissions

* fix: update migration

* feat: Send push notifications for dm call start/end

* chore: cleanup

* feat: allow users to specify who is notified when starting a call

* feat: track join time

* merge: branch 'main' into feat/livekit

* fix: include voice-ingress in build

* fix: dont presume channel has a node

* chore: add error logging to internal errors

* chore: add debug logging to voice ingress

* refactor: seperate out disconnect logic

* fix: return correct error if user is already in a voice channel

* fix: dont break on user not still being in channel and force disconnecting

* fix: add Speak and Listen to default permissions

* fix: include channel ids in UserMoveVoiceChannel

* chore: add temp sentry logging system

* fix: handle track_muted and track_unmuted

* fix: dont set notification recipients when empty vec is passed

* fix: only send UserMoveVoiceChannel to the user

* fix: preserve order of replies in message (#447)

Signed-off-by: Aeledfyr <aeledfyr@gmail.com>

* fix: prevent timing out members which have TimeoutMembers permission

* chore: update ci

* fix: temporarily disable call started system messages
See #457

* fix: update code from review
2025-11-12 21:27:04 +00:00
261 changed files with 4384 additions and 3226 deletions

147
.github/ISSUE_TEMPLATE/bug.yml vendored Normal file
View File

@@ -0,0 +1,147 @@
name: Bug Report
description: Report a bug in Stoat — please fill out every required field to help us triage quickly.
title: "[Bug]: "
labels:
- bug
- unconfirmed
body:
# ── Thank you section ────────────────────────────────────────────────────────
- type: markdown
attributes:
value: |
**Thank you for taking the time to report a bug for Stoat!**
Please follow the instructions below and provide as much detail as possible to help us understand and reproduce the issue.
# ── Pre-flight checks ────────────────────────────────────────────────────────
- type: checkboxes
id: preflight
attributes:
label: Pre-flight checklist
description: Please confirm all of the following before submitting.
options:
- label: I am on the latest available version of Stoat.
required: true
- label: I searched existing issues and did not find a duplicate.
required: true
- label: This is a bug report, not a support question or feature request.
required: true
# ── Bug description ──────────────────────────────────────────────────────────
- type: textarea
id: description
attributes:
label: Bug description
description: >
What happened? What did you expect to happen instead?
Keep this brief — detailed steps go in the next field.
placeholder: "Example: When I open a DM thread, new messages from the other person do not appear unless I reload the page."
validations:
required: true
# ── Steps to reproduce ───────────────────────────────────────────────────────
- type: textarea
id: steps
attributes:
label: Steps to reproduce
description: >
Provide a numbered list of every step needed to trigger the bug.
The clearer this is, the faster we can fix it.
placeholder: |
1. Log in to Stoat on the web client.
2. Open a direct message conversation.
3. Ask the other person to send a message.
4. Observe that the message does not appear without reloading.
validations:
required: true
# ── Expected behavior ────────────────────────────────────────────────────────
- type: textarea
id: expected
attributes:
label: Expected behavior
description: What should have happened?
placeholder: "New messages should appear in real time without a page reload."
validations:
required: true
# ── Client / platform ────────────────────────────────────────────────────────
- type: dropdown
id: platform
attributes:
label: Client / platform
description: Which Stoat client are you using?
options:
- Web (browser)
- Stoat for Desktop
- Android
- iOS
- Self-hosted server
validations:
required: true
# ── Client version ───────────────────────────────────────────────────────────
- type: input
id: version
attributes:
label: Client version
description: >
Find this in **Settings**. For the web client, include the build
number shown in the footer or About page.
placeholder: "e.g. Stoat for Desktop 1.3.0 or 0.2.1 (2025-10-10)"
validations:
required: true
# ── OS / browser details ─────────────────────────────────────────────────────
- type: input
id: os
attributes:
label: OS / browser details
description: Your operating system and, for web bugs, your browser and its version.
placeholder: "e.g. Windows 11, Chrome 121 or macOS 14.3, Stoat for Desktop 1.3.0 or Android 14"
validations:
required: true
# ── Reproducibility ──────────────────────────────────────────────────────────
- type: dropdown
id: reproducibility
attributes:
label: Reproducibility
description: How consistently does this bug occur?
options:
- Always
- Usually
- Rarely
- Only once
- Unknown
validations:
required: true
# ── Screenshots or video ─────────────────────────────────────────────────────
- type: textarea
id: screenshots
attributes:
label: Screenshots or video
description: Paste images or drag-and-drop a screen recording here. GitHub accepts common image and video formats.
validations:
required: false
# ── Additional context ───────────────────────────────────────────────────────
- type: textarea
id: additional
attributes:
label: Additional context
description: >
Anything else that might help: workarounds you found, links to related issues,
self-hosted configuration details (Redis, MongoDB, LiveKit, SMTP), network environment, etc.
validations:
required: false
# ── Closing note ─────────────────────────────────────────────────────────────
- type: markdown
attributes:
value: |
---
A maintainer will review your report. Please watch for follow-up questions — issues
that go unanswered are harder to resolve and may be closed after 30 days of inactivity.

View File

@@ -7,19 +7,20 @@ on:
pull_request:
paths:
- "Dockerfile"
workflow_dispatch:
permissions:
contents: read
packages: write
concurrency:
group: ${{ github.head_ref }}
concurrency:
group: ${{ github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
base:
name: Test base image build
runs-on: ubuntu-latest
runs-on: arc-runner-set
if: github.event_name == 'pull_request'
steps:
# Configure build environment
@@ -40,7 +41,7 @@ jobs:
cache-to: type=gha,scope=buildx-base-multi-arch,mode=max
publish:
runs-on: self-hosted
runs-on: arc-runner-set
if: github.event_name != 'pull_request'
name: Publish Docker images
steps:

View File

@@ -14,16 +14,10 @@ jobs:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: pnpm/action-setup@v4
with:
package_json_file: ./docs/package.json
- uses: actions/setup-node@v4
with:
node-version: lts/*
cache: pnpm
cache-dependency-path: ./docs/pnpm-lock.yaml
- name: Install dependencies
run: pnpm install
- name: Test build website
run: pnpm run build
- name: Setup Mise
uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
- run: mise docs:build

View File

@@ -16,19 +16,13 @@ jobs:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: pnpm/action-setup@v4
with:
package_json_file: ./docs/package.json
- uses: actions/setup-node@v4
with:
node-version: lts/*
cache: pnpm
cache-dependency-path: ./docs/pnpm-lock.yaml
- name: Install dependencies
run: pnpm install
- name: Build website
run: pnpm run build
- name: Setup Mise
uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
- run: mise docs:build
- name: Upload Build Artifact
uses: actions/upload-pages-artifact@v3

19
.github/workflows/git-town.yml vendored Normal file
View File

@@ -0,0 +1,19 @@
name: Git Town
on:
pull_request:
jobs:
git-town:
name: Display the branch stack
runs-on: ubuntu-slim
if: ${{ !startsWith(github.head_ref, 'release-please--') }}
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: stoatchat/action-git-town@4bc5c942e4603bffa0806b51d5fe5f0bc5deb0ac

24
.github/workflows/publish-crates.yml vendored Normal file
View File

@@ -0,0 +1,24 @@
name: Publish Crates
on:
workflow_dispatch:
release:
types: [published]
jobs:
publish:
name: Publish Crates
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
- name: Setup Mise
uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Publish
run: mise publish --workspace

63
.github/workflows/release-please.yml vendored Normal file
View File

@@ -0,0 +1,63 @@
name: Release Please
on:
push:
branches: [main] # updates/opens the release PR when commits land on main
workflow_dispatch:
permissions:
contents: write
pull-requests: write
id-token: write
concurrency:
group: release-please
cancel-in-progress: true
jobs:
release-please:
name: Release Please
runs-on: ubuntu-latest
outputs:
release_created: ${{ steps.rp.outputs.release_created }}
tag_name: ${{ steps.rp.outputs.tag_name }}
steps:
- id: app-token
uses: actions/create-github-app-token@v2
with:
app-id: ${{ secrets.GH_STOAT_RELEASE_APP_ID }}
private-key: ${{ secrets.GH_STOAT_RELEASE_APP_PRIVATE_KEY }}
- id: rp
uses: googleapis/release-please-action@v4
with:
token: ${{ steps.app-token.outputs.token }}
config-file: release-please-config.json
- name: Install latest stable
uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
with:
toolchain: stable
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
token: ${{ steps.app-token.outputs.token }}
- name: Update Cargo.lock
if: ${{ steps.rp.outputs.prs_created == 'true' || steps.rp.outputs.prs_updated == 'true' }}
env:
GH_TOKEN: ${{ steps.app-token.outputs.token }}
RP_PR_OUTPUT_JSON: ${{ steps.rp.outputs.prs }}
run: |
PR_NUMBER=$(echo "$RP_PR_OUTPUT_JSON" | jq -r '.[0].number')
gh pr checkout "$PR_NUMBER"
cargo update -w
if git diff --quiet Cargo.lock; then
echo "No changes to Cargo.lock"
else
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git add Cargo.lock
git commit -s -m "chore: update Cargo.lock"
git push
fi

23
.github/workflows/release-webhook.yml vendored Normal file
View File

@@ -0,0 +1,23 @@
name: Release Webhook
on:
workflow_dispatch:
release:
types: [published]
jobs:
release-webhook:
name: Send Release Webhook
runs-on: ubuntu-latest
steps:
- name: Send release notification webhook
env:
TAG_NAME: ${{ github.event.release.tag_name }}
REPOSITORY: ${{ github.repository }}
WEBHOOK_URL: ${{ secrets.STOAT_WEBHOOK_UPDATES_URL }}
run: |
RELEASE_URL="https://github.com/${REPOSITORY}/releases/tag/${TAG_NAME}"
curl -X POST "$WEBHOOK_URL" \
-H "Content-Type: application/json" \
-d "{\"content\": \"$RELEASE_URL\"}"

View File

@@ -5,8 +5,8 @@ on:
branches: [main]
pull_request:
concurrency:
group: ${{ github.head_ref }}
concurrency:
group: ${{ github.head_ref || github.ref }}
cancel-in-progress: true
env:
@@ -15,63 +15,54 @@ env:
jobs:
check:
name: Rust project
runs-on: ubuntu-latest
runs-on: arc-runner-set
steps:
- uses: actions/checkout@v2
- name: Free up disk space
run: |
sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc
- name: Install latest stable
uses: actions-rs/toolchain@v1
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
toolchain: stable
override: true
components: rustfmt, clippy
- name: Install cargo-nextest
uses: baptiste0928/cargo-install@v1
persist-credentials: false
# Using our own runners for now:
# - name: Free up disk space
# run: |
# sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc
- name: Setup Mise
uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
with:
crate: cargo-nextest
args: --locked
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Run cargo build
uses: actions-rs/cargo@v1
with:
command: build
- name: Run services in background
run: |
docker compose -f compose.yml up -d
- name: Run cargo test
- run: mise build
- run: mise docker:start
- name: Reference Test
env:
TEST_DB: REFERENCE
run: |
cargo nextest run
mise test
- name: Run cargo test (with MongoDB)
- name: MongoDB Test
env:
TEST_DB: MONGODB
MONGODB: mongodb://localhost
run: |
cargo nextest run
mise test
- name: Start API in background
if: github.event_name != 'pull_request' && github.ref_name == 'main'
env:
TEST_DB: REFERENCE
run: |
cargo build --bin revolt-delta && (cargo run --bin revolt-delta &)
mise build --bin revolt-delta && (mise service:api &)
- name: Wait for API to go up
if: github.event_name != 'pull_request' && github.ref_name == 'main'
uses: nev7n/wait_for_response@v1
uses: nev7n/wait_for_response@7fef3c1a6e8939d0b09062f14fec50d3c5d15fa1 # v1.0.1
with:
url: "http://localhost:14702/"
- name: Checkout API repository
if: github.event_name != 'pull_request' && github.ref_name == 'main'
uses: actions/checkout@v3
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
repository: stoatchat/javascript-client-api
path: api
@@ -83,10 +74,10 @@ jobs:
- name: Commit changes
if: github.event_name != 'pull_request' && github.ref_name == 'main'
uses: EndBug/add-and-commit@v4
uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4
with:
cwd: "api"
add: "*.json"
author_name: Revolt CI
author_email: revolt-ci@users.noreply.github.com
author_name: Stoat CI
author_email: stoat-ci@users.noreply.github.com
message: "chore: generate OpenAPI specification"

19
.mise/config.toml Normal file
View File

@@ -0,0 +1,19 @@
[tools]
node = "25.4.0"
pnpm = "10.28.1"
gh = "2.25.0"
rust = "1.92.0"
"cargo:cargo-nextest" = "0.9.122"
"github:git-town/git-town" = "22.4.0"
[settings]
experimental = true
idiomatic_version_file_enable_tools = ["rust"]
[tasks.start]
description = "Run all services"
depends = ["docker:start", "build"]
run = [{ task = "service:*" }]

5
.mise/tasks/build Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Build project"
set -e
cargo build "$@"

5
.mise/tasks/check Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Check project with clippy"
set -e
cargo clippy

5
.mise/tasks/docker/start Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Start Docker containers"
set -e
docker compose up -d

5
.mise/tasks/docker/stop Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Stop Docker containers"
set -e
docker compose down

7
.mise/tasks/docs/_default Executable file
View File

@@ -0,0 +1,7 @@
#!/usr/bin/env bash
#MISE description="Start the Stoat Developers website"
#MISE depends=["docs:install"]
#MISE dir="{{config_root}}/docs"
set -e
pnpm build

7
.mise/tasks/docs/build Executable file
View File

@@ -0,0 +1,7 @@
#!/usr/bin/env bash
#MISE description="Build the Stoat Developers website"
#MISE depends=["docs:install"]
#MISE dir="{{config_root}}/docs"
set -e
pnpm build

6
.mise/tasks/docs/install Executable file
View File

@@ -0,0 +1,6 @@
#!/usr/bin/env bash
#MISE description="Install dependencies for docs site"
#MISE dir="{{config_root}}/docs"
set -e
pnpm i --frozen-lockfile

5
.mise/tasks/publish Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Publish project"
set -e
cargo publish "$@"

5
.mise/tasks/service/api Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Run API server"
set -e
cargo run --bin revolt-delta

5
.mise/tasks/service/crond Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Run cron daemon"
set -e
cargo run --bin revolt-crond

5
.mise/tasks/service/events Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Run events server"
set -e
cargo run --bin revolt-bonfire

5
.mise/tasks/service/files Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Run file server"
set -e
cargo run --bin revolt-autumn

5
.mise/tasks/service/gifbox Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Run GIF proxy server"
set -e
cargo run --bin revolt-gifbox

5
.mise/tasks/service/proxy Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Run proxy server"
set -e
cargo run --bin revolt-january

5
.mise/tasks/service/pushd Executable file
View File

@@ -0,0 +1,5 @@
#!/usr/bin/env bash
#MISE description="Run push daemon"
set -e
cargo run --bin revolt-pushd

8
.mise/tasks/test Executable file
View File

@@ -0,0 +1,8 @@
#!/usr/bin/env bash
#MISE description="Test project"
set -e
: "${TEST_DB:=REFERENCE}"
export TEST_DB
cargo nextest run

View File

@@ -0,0 +1,3 @@
{
".": "0.11.5"
}

149
CHANGELOG.md Normal file
View File

@@ -0,0 +1,149 @@
# Changelog
## [0.11.5](https://github.com/stoatchat/stoatchat/compare/v0.11.4...v0.11.5) (2026-02-17)
### Reverts
* disable user update events ([#593](https://github.com/stoatchat/stoatchat/issues/593)) ([1c98ead](https://github.com/stoatchat/stoatchat/commit/1c98ead69579b4700be0b51c9020bb8402336cc6))
## [0.11.4](https://github.com/stoatchat/stoatchat/compare/v0.11.3...v0.11.4) (2026-02-16)
### Bug Fixes
* add separate config option for redis events replica url ([#590](https://github.com/stoatchat/stoatchat/issues/590)) ([a75e4ea](https://github.com/stoatchat/stoatchat/commit/a75e4eabfc4b34aba7620c82ba77558a32d9e10a))
## [0.11.3](https://github.com/stoatchat/stoatchat/compare/v0.11.2...v0.11.3) (2026-02-13)
### Bug Fixes
* cut presence traffic too while we engineer a new events architecture ([#561](https://github.com/stoatchat/stoatchat/issues/561)) ([1f8ea96](https://github.com/stoatchat/stoatchat/commit/1f8ea963ad742f693f405e6438f1c343c81e6579))
## [0.11.2](https://github.com/stoatchat/stoatchat/compare/v0.11.1...v0.11.2) (2026-02-13)
### Bug Fixes
* cut events traffic while we engineer a new events architecture ([#559](https://github.com/stoatchat/stoatchat/issues/559)) ([a11986b](https://github.com/stoatchat/stoatchat/commit/a11986ba1ad16b672ff1080913a684567d88adbb))
## [0.11.1](https://github.com/stoatchat/stoatchat/compare/v0.11.0...v0.11.1) (2026-02-13)
### Bug Fixes
* bots in multiple voice channel logic ([#544](https://github.com/stoatchat/stoatchat/issues/544)) ([94cb916](https://github.com/stoatchat/stoatchat/commit/94cb916231b9b8befb2e94065917ff40815bec52))
## [0.11.0](https://github.com/stoatchat/stoatchat/compare/v0.10.3...v0.11.0) (2026-02-10)
### Features
* appeal to the almighty Spamhaus ([#524](https://github.com/stoatchat/stoatchat/issues/524)) ([5132270](https://github.com/stoatchat/stoatchat/commit/5132270f2edd6df25ce414daa42ed1b2aa6fa7a9))
## [0.10.3](https://github.com/stoatchat/stoatchat/compare/v0.10.2...v0.10.3) (2026-02-07)
### Bug Fixes
* update `Revolt` -&gt; `Stoat` in email titles/desc. ([#508](https://github.com/stoatchat/stoatchat/issues/508)) ([84483ce](https://github.com/stoatchat/stoatchat/commit/84483cee7af3e5dfa16f7fe13e334c4d9f5abd60))
## [0.10.2](https://github.com/stoatchat/stoatchat/compare/v0.10.1...v0.10.2) (2026-01-25)
### Bug Fixes
* thumbnailification requires rgb8/rgba8 ([#505](https://github.com/stoatchat/stoatchat/issues/505)) ([413aa04](https://github.com/stoatchat/stoatchat/commit/413aa04dcaf8bff3935ed1e5f31432e11a03ce6f))
## [0.10.1](https://github.com/stoatchat/stoatchat/compare/v0.10.0...v0.10.1) (2026-01-25)
### Bug Fixes
* use Rust 1.92.0 for Docker build ([#503](https://github.com/stoatchat/stoatchat/issues/503)) ([98da8a2](https://github.com/stoatchat/stoatchat/commit/98da8a28a0aa2fee4e8eee1d86bd7c49e3187477))
## [0.10.0](https://github.com/stoatchat/stoatchat/compare/v0.9.4...v0.10.0) (2026-01-25)
### Features
* allow kicking members from voice channels ([#495](https://github.com/stoatchat/stoatchat/issues/495)) ([0dc5442](https://github.com/stoatchat/stoatchat/commit/0dc544249825a49c793309edee5ec1838458a6da))
* repository architecture for files crate w. added tests ([#498](https://github.com/stoatchat/stoatchat/issues/498)) ([01ded20](https://github.com/stoatchat/stoatchat/commit/01ded209c62208fc906d6aab9b08c04e860e10ef))
### Bug Fixes
* expose ratelimit headers via cors ([#496](https://github.com/stoatchat/stoatchat/issues/496)) ([a1a2125](https://github.com/stoatchat/stoatchat/commit/a1a21252d0ad58937e41f16e5fb86f96bebd2a51))
## [0.9.4](https://github.com/stoatchat/stoatchat/compare/v0.9.3...v0.9.4) (2026-01-10)
### Bug Fixes
* checkout repo. before bumping lock ([#490](https://github.com/stoatchat/stoatchat/issues/490)) ([b2da2a8](https://github.com/stoatchat/stoatchat/commit/b2da2a858787853be43136fd526a0bd72baf78ef))
* persist credentials for git repo ([#492](https://github.com/stoatchat/stoatchat/issues/492)) ([c674a9f](https://github.com/stoatchat/stoatchat/commit/c674a9fd4e0abbd51569870e4b38074d4a1de03c))
## [0.9.3](https://github.com/stoatchat/stoatchat/compare/v0.9.2...v0.9.3) (2026-01-10)
### Bug Fixes
* pipeline fixes ([#487](https://github.com/stoatchat/stoatchat/issues/487)) ([aeeafeb](https://github.com/stoatchat/stoatchat/commit/aeeafebefc36a43a656cf797c9251ca50292733c))
## [0.9.2](https://github.com/stoatchat/stoatchat/compare/v0.9.1...v0.9.2) (2026-01-10)
### Bug Fixes
* disable publish for services ([#485](https://github.com/stoatchat/stoatchat/issues/485)) ([d13609c](https://github.com/stoatchat/stoatchat/commit/d13609c37279d6a40445dcd99564e5c3dd03bac1))
## [0.9.1](https://github.com/stoatchat/stoatchat/compare/v0.9.0...v0.9.1) (2026-01-10)
### Bug Fixes
* **ci:** pipeline fixes (marked as fix to force release) ([#483](https://github.com/stoatchat/stoatchat/issues/483)) ([303e52b](https://github.com/stoatchat/stoatchat/commit/303e52b476585eea81c33837f1b01506ce387684))
## [0.9.0](https://github.com/stoatchat/stoatchat/compare/v0.8.8...v0.9.0) (2026-01-10)
### Features
* add id field to role ([#470](https://github.com/stoatchat/stoatchat/issues/470)) ([2afea56](https://github.com/stoatchat/stoatchat/commit/2afea56e56017f02de98e67316b4457568ad5b26))
* add ratelimits to gifbox ([1542047](https://github.com/stoatchat/stoatchat/commit/154204742d21cbeff6e2577b00f50b495ea44631))
* include groups and dms in fetch mutuals ([caa8607](https://github.com/stoatchat/stoatchat/commit/caa86074680d46223cebc20f41e9c91c41ec825d))
* include member payload in ServerMemberJoin event ([480f210](https://github.com/stoatchat/stoatchat/commit/480f210ce85271e13d1dac58a5dae08de108579d))
* initial work on tenor gif searching ([b0c977b](https://github.com/stoatchat/stoatchat/commit/b0c977b324b8144c1152589546eb8fec5954c3e7))
* make message lexer use unowned string ([1561481](https://github.com/stoatchat/stoatchat/commit/1561481eb4cdc0f385fbf0a81e4950408050e11f))
* ready payload field customisation ([db57706](https://github.com/stoatchat/stoatchat/commit/db577067948f13e830b5fb773034e9713a1abaff))
* require auth for search ([b5cd5e3](https://github.com/stoatchat/stoatchat/commit/b5cd5e30ef7d5e56e8964fb7c543965fa6bf5a4a))
* trending and categories routes ([5885e06](https://github.com/stoatchat/stoatchat/commit/5885e067a627b8fff1c8ce2bf9e852ff8cf3f07a))
* voice chats v2 ([#414](https://github.com/stoatchat/stoatchat/issues/414)) ([d567155](https://github.com/stoatchat/stoatchat/commit/d567155f124e4da74115b1a8f810062f7c6559d9))
### Bug Fixes
* add license to revolt-parser ([5335124](https://github.com/stoatchat/stoatchat/commit/53351243064cac8d499dd74284be73928fa78a43))
* allow for disabling default features ([65fbd36](https://github.com/stoatchat/stoatchat/commit/65fbd3662462aed1333b79e59155fa6377e83fcc))
* apple music to use original url instead of metadata url ([bfe4018](https://github.com/stoatchat/stoatchat/commit/bfe4018e436a4075bae780dd4d35a9b58315e12f))
* apply uname fix to january and autumn ([8f9015a](https://github.com/stoatchat/stoatchat/commit/8f9015a6ff181d208d9269ab8691bd417d39811a))
* **ci:** publish images under stoatchat and remove docker hub ([d65c1a1](https://github.com/stoatchat/stoatchat/commit/d65c1a1ab3bdc7e5684b03f280af77d881661a3d))
* correct miniz_oxide in lockfile ([#478](https://github.com/stoatchat/stoatchat/issues/478)) ([5d27a91](https://github.com/stoatchat/stoatchat/commit/5d27a91e901dd2ea3e860aeaed8468db6c5f3214))
* correct shebang for try-tag-and-release ([050ba16](https://github.com/stoatchat/stoatchat/commit/050ba16d4adad5d0fb247867aa3e94e3d42bd12d))
* correct string_cache in lockfile ([#479](https://github.com/stoatchat/stoatchat/issues/479)) ([0b178fc](https://github.com/stoatchat/stoatchat/commit/0b178fc791583064bf9ca94b1d39b42d021e1d79))
* don't remove timeouts when a member leaves a server ([#409](https://github.com/stoatchat/stoatchat/issues/409)) ([e635bc2](https://github.com/stoatchat/stoatchat/commit/e635bc23ec857d648d5705e1a3875d7bc3402b0d))
* don't update the same field while trying to remove it ([f4ee35f](https://github.com/stoatchat/stoatchat/commit/f4ee35fb093ca49f0a64ff4b17fd61587df28145)), closes [#392](https://github.com/stoatchat/stoatchat/issues/392)
* github webhook incorrect payload and formatting ([#468](https://github.com/stoatchat/stoatchat/issues/468)) ([dc9c82a](https://github.com/stoatchat/stoatchat/commit/dc9c82aa4e9667ea6639256c65ac8de37a24d1f7))
* implement Serialize to ClientMessage ([dea0f67](https://github.com/stoatchat/stoatchat/commit/dea0f675dde7a63c7a59b38d469f878b7a8a3af4))
* newly created roles should be ranked the lowest ([947eb15](https://github.com/stoatchat/stoatchat/commit/947eb15771ed6785b3dcd16c354c03ded5e4cbe0))
* permit empty `remove` array in edit requests ([6ad3da5](https://github.com/stoatchat/stoatchat/commit/6ad3da5f35f989a2e7d8e29718b98374248e76af))
* preserve order of replies in message ([#447](https://github.com/stoatchat/stoatchat/issues/447)) ([657a3f0](https://github.com/stoatchat/stoatchat/commit/657a3f08e5d652814bbf0647e089ed9ebb139bbf))
* prevent timing out members which have TimeoutMembers permission ([e36fc97](https://github.com/stoatchat/stoatchat/commit/e36fc9738bac0de4f3fcbccba521f1e3754f7ae7))
* relax settings name regex ([3a34159](https://github.com/stoatchat/stoatchat/commit/3a3415915f0d0fdce1499d47a2b7fa097f5946ea))
* remove authentication tag bytes from attachment download ([32e6600](https://github.com/stoatchat/stoatchat/commit/32e6600272b885c595c094f0bc69459250220dcb))
* rename openapi operation ids ([6048587](https://github.com/stoatchat/stoatchat/commit/6048587d348fbca0dc3a9b47690c56df8fece576)), closes [#406](https://github.com/stoatchat/stoatchat/issues/406)
* respond with 201 if no body in requests ([#465](https://github.com/stoatchat/stoatchat/issues/465)) ([24fedf8](https://github.com/stoatchat/stoatchat/commit/24fedf8c4d9cd3160bdec97aa451520f8beaa739))
* swap to using reqwest for query building ([38dd4d1](https://github.com/stoatchat/stoatchat/commit/38dd4d10797b3e6e397fc219e818f379bdff19f2))
* use `trust_cloudflare` config value instead of env var ([cc7a796](https://github.com/stoatchat/stoatchat/commit/cc7a7962a882e1627fcd0bc75858a017415e8cfc))
* use our own result types instead of tenors types ([a92152d](https://github.com/stoatchat/stoatchat/commit/a92152d86da136997817e797c7af8e38731cdde8))

1210
Cargo.lock generated

File diff suppressed because it is too large Load Diff

View File

@@ -11,13 +11,40 @@ members = [
[patch.crates-io]
redis23 = { package = "redis", version = "0.23.3", git = "https://github.com/revoltchat/redis-rs", rev = "523b2937367e17bd0073722bf6e23d06042cb4e4" }
authifier = { package = "authifier", version = "1.0.10", path = "../authifier/crates/authifier" }
rocket_authifier = { package = "rocket_authifier", version = "1.0.10", path = "../authifier/crates/rocket_authifier" }
iso8601-timestamp = { path = "../iso8601-timestamp" }
#authifier = { package = "authifier", version = "1.0.10", path = "../authifier/crates/authifier" }
#rocket_authifier = { package = "rocket_authifier", version = "1.0.10", path = "../authifier/crates/rocket_authifier" }
# I'm 99% sure this is overloading the GitHub worker
# hence builds have been failing since, let's just
# disable it for now. In the future, we could use this
# if we were rolling our own CI (that is now).
[profile.release]
lto = true
[workspace.dependencies]
# Async
async-trait = "0.1.89"
tokio = { version = "1.49.0", features = ["macros", "rt"] }
# Error Handling
anyhow = "1.0.100"
thiserror = "2.0.18"
# Other Utilities
uuid = { version = "1.19.0", features = ["v4"] }
# Axum (HTTP server)
axum-macros = "0.4.1"
axum_typed_multipart = "0.12.1"
axum = { version = "0.7.5", features = ["multipart"] }
tower-http = { version = "0.5.2", features = ["cors", "trace"] }
# Image Processing
jxl-oxide = { version = "0.12.5", features = ["image"] }
image = "0.25.9"
# OpenTelemetry
tracing = "0.1.44"
tracing-subscriber = { version = "0.3.22", features = [
"env-filter",
] } # consider https://crates.io/crates/better-tracing
opentelemetry = { version = "0.31.0", features = ["logs"] }
opentelemetry_sdk = { version = "0.31.0", features = ["logs"] }
opentelemetry-otlp = { version = "0.31.0", features = ["logs"] }
opentelemetry-appender-tracing = { version = "0.31.1" }

View File

@@ -1,5 +1,5 @@
# Build Stage
FROM --platform="${BUILDPLATFORM}" rust:1.86.0-slim-bookworm
FROM --platform="${BUILDPLATFORM}" rust:1.92.0-slim-bookworm
USER 0:0
WORKDIR /home/rust/src

View File

@@ -1,5 +1,5 @@
# Build Stage
FROM rust:1.86.0-slim-bookworm
FROM rust:1.92.0-slim-bookworm
USER 0:0
WORKDIR /home/rust/src

View File

@@ -1,6 +1,6 @@
<div align="center">
<h1>
Revolt Backend
Stoat Backend
[![Stars](https://img.shields.io/github/stars/revoltchat/backend?style=flat-square&logoColor=white)](https://github.com/revoltchat/backend/stargazers)
[![Forks](https://img.shields.io/github/forks/revoltchat/backend?style=flat-square&logoColor=white)](https://github.com/revoltchat/backend/network/members)
@@ -37,22 +37,19 @@ The services and libraries that power the Revolt service.<br/>
Rust 1.86.0 or higher.
> [!CAUTION]
> The events server has a significant performance regression between Rust 1.77.2 and 1.78.0 onwards, see [issue #341](https://github.com/revoltchat/backend/issues/341). This is currently solved by build time options but we are looking for a proper fix.
## Development Guide
Before contributing, make yourself familiar with [our contribution guidelines](https://developers.revolt.chat/contrib.html) and the [technical documentation for this project](https://revoltchat.github.io/backend/).
Before getting started, you'll want to install:
- Rust toolchain (rustup recommended)
- mise
- Docker
- Git
- mold (optional, faster compilation)
> A **default.nix** is available for Nix users!
> Just run `nix-shell` and continue.
> Run `nix-shell` to activate mise.
As a heads-up, the development environment uses the following ports:
@@ -75,7 +72,7 @@ Now you can clone and build the project:
```bash
git clone https://github.com/revoltchat/backend revolt-backend
cd revolt-backend
cargo build
mise build
```
A default configuration `Revolt.toml` is present in this project that is suited for development.

View File

@@ -12,6 +12,10 @@ services:
- "27017:27017"
volumes:
- ./.data/db:/data/db
ulimits:
nofile:
soft: 65536
hard: 65536
# MinIO
minio:
@@ -55,7 +59,7 @@ services:
# Mock SMTP server
maildev:
image: soulteary/maildev
image: maildev/maildev
ports:
- "14025:25"
- "14080:8080"

View File

@@ -1,8 +1,9 @@
[package]
name = "revolt-bonfire"
version = "0.8.9"
version = "0.11.5"
license = "AGPL-3.0-or-later"
edition = "2021"
publish = false
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
@@ -35,15 +36,19 @@ async-std = { version = "1.8.0", features = [
"tokio02",
"attributes",
] }
async-trait = "0.1.89"
# core
authifier = { version = "1.0.15" }
authifier = { version = "1.0.16" }
revolt-result = { path = "../core/result" }
revolt-models = { path = "../core/models" }
revolt-config = { path = "../core/config" }
revolt-database = { path = "../core/database", features = ["voice"] }
revolt-permissions = { version = "0.8.9", path = "../core/permissions" }
revolt-permissions = { path = "../core/permissions" }
revolt-presence = { path = "../core/presence", features = ["redis-is-patched"] }
# redis
fred = { version = "8.0.1", features = ["subscriber-client"] }
# Redis
amqprs = { version = "1.7.0" }

View File

@@ -169,7 +169,9 @@ impl State {
}) {
if let Ok(Some(voice_state)) = get_channel_voice_state(channel).await {
if let Some(server) = channel.server() {
let set = voice_state_server_members.entry(server.to_string()).or_default();
let set = voice_state_server_members
.entry(server.to_string())
.or_default();
for participant in &voice_state.participants {
user_ids.insert(participant.id.clone());
@@ -396,28 +398,29 @@ impl State {
}
/// Push presence change to the user and all associated server topics
pub async fn broadcast_presence_change(&self, target: bool) {
if if let Some(status) = &self.cache.users.get(&self.cache.user_id).unwrap().status {
status.presence != Some(Presence::Invisible)
} else {
true
} {
let event = EventV1::UserUpdate {
id: self.cache.user_id.clone(),
data: v0::PartialUser {
online: Some(target),
..Default::default()
},
clear: vec![],
event_id: Some(ulid::Ulid::new().to_string()),
};
pub async fn broadcast_presence_change(&self, _target: bool) {
// disabled events
// if if let Some(status) = &self.cache.users.get(&self.cache.user_id).unwrap().status {
// status.presence != Some(Presence::Invisible)
// } else {
// true
// } {
// let event = EventV1::UserUpdate {
// id: self.cache.user_id.clone(),
// data: v0::PartialUser {
// online: Some(target),
// ..Default::default()
// },
// clear: vec![],
// event_id: Some(ulid::Ulid::new().to_string()),
// };
for server in self.cache.servers.keys() {
event.clone().p(server.clone()).await;
}
// for server in self.cache.servers.keys() {
// event.clone().p(server.clone()).await;
// }
event.p(self.cache.user_id.clone()).await;
}
// event.p(self.cache.user_id.clone()).await;
// }
}
/// Handle an incoming event for protocol version 1

View File

@@ -1,6 +1,18 @@
use std::env;
use amqprs::{
channel::{
BasicConsumeArguments, Channel, ExchangeDeclareArguments, QueueBindArguments,
QueueDeclareArguments,
},
connection::{Connection, OpenConnectionArguments},
consumer::AsyncConsumer,
BasicProperties, Deliver,
};
use async_std::net::TcpListener;
use async_trait::async_trait;
use redis_kiss::AsyncCommands;
use revolt_database::util::rabbit::set_rabbitmq_connection;
use revolt_presence::clear_region;
#[macro_use]
@@ -31,6 +43,55 @@ async fn main() {
let try_socket = TcpListener::bind(bind).await;
let listener = try_socket.expect("Failed to bind");
let config = revolt_config::config().await;
let rmq_conn = Connection::open(&OpenConnectionArguments::new(
&config.rabbit.host,
config.rabbit.port,
&config.rabbit.username,
&config.rabbit.password,
))
.await
.expect("Failed to connect to RabbitMQ");
set_rabbitmq_connection(rmq_conn.clone());
if std::env::var("ENABLE_RABBITMQ_INGRESS").as_deref().is_ok_and(|v| v == "1") {
let channel = rmq_conn
.open_channel(None)
.await
.expect("Failed to open RabbitMQ channel.");
channel
.exchange_declare(
ExchangeDeclareArguments::new("events", "fanout")
.durable(true)
.finish(),
)
.await
.expect("Failed to declare exchange");
channel
.queue_declare(QueueDeclareArguments::new("events").durable(true).finish())
.await
.expect("Failed to declare queue");
channel
.queue_bind(QueueBindArguments::new("events", "events", "events"))
.await
.expect("Failed to bind queue");
channel
.basic_consume(
RabbitToRedisConsumer,
BasicConsumeArguments::new("events", "")
.manual_ack(false)
.finish(),
)
.await
.expect("Failed to consume channel");
}
// Start accepting new connections and spawn a client for each connection.
while let Ok((stream, addr)) = listener.accept().await {
async_std::task::spawn(async move {
@@ -40,3 +101,32 @@ async fn main() {
});
}
}
struct RabbitToRedisConsumer;
#[async_trait]
impl AsyncConsumer for RabbitToRedisConsumer {
async fn consume(
&mut self,
_channel: &Channel,
_deliver: Deliver,
basic_properties: BasicProperties,
content: Vec<u8>,
) {
let mut redis_conn = redis_kiss::get_connection()
.await
.expect("Failed to connect to Redis.");
let pubsub_channel = basic_properties
.headers()
.expect("No headers")
.get(&"c".try_into().unwrap())
.expect("No channel header")
.to_string();
redis_conn
.publish(pubsub_channel, content)
.await
.expect("failed to publish")
}
}

View File

@@ -218,7 +218,13 @@ async fn listener(
kill_signal_r: async_channel::Receiver<()>,
write: &Mutex<WsWriter>,
) {
let redis_config = RedisConfig::from_url(&REDIS_URI).unwrap();
let stoat_config = revolt_config::config().await;
let url = stoat_config
.database
.redis_pubsub
.unwrap_or(REDIS_URI.to_string());
let redis_config = RedisConfig::from_url(&url).unwrap();
let subscriber = match report_internal_error!(
fred::types::Builder::from_config(redis_config).build_subscriber_client()
) {
@@ -457,6 +463,7 @@ async fn worker(
};
match payload {
// disabled events
ClientMessage::BeginTyping { channel } => {
if !subscribed.read().await.contains(&channel) {
continue;

View File

@@ -1,10 +1,11 @@
[package]
name = "revolt-coalesced"
version = "0.8.9"
version = "0.11.5"
edition = "2021"
license = "MIT"
authors = ["Paul Makles <me@insrt.uk>", "Zomatree <me@zomatree.live>"]
description = "Revolt Backend: Coalescion service"
repository = "https://github.com/stoatchat/stoatchat"
[features]
tokio = ["dep:tokio"]
@@ -15,8 +16,13 @@ default = ["tokio"]
[dependencies]
tokio = { version = "1.47.0", features = ["sync"], optional = true }
indexmap = { version = "*", optional = true }
lru = { version = "*", optional = true }
indexmap = { version = "2.13.0", optional = true }
lru = { version = "0.16.3", optional = true }
[dev-dependencies]
tokio = { version = "1.47.0", features = ["rt", "rt-multi-thread", "macros", "time"] }
tokio = { version = "1.47.0", features = [
"rt",
"rt-multi-thread",
"macros",
"time",
] }

View File

@@ -15,7 +15,7 @@ use crate::{CoalescionServiceConfig, Error};
#[derive(Debug, Clone)]
#[allow(clippy::type_complexity)]
/// Coalescion service
/// # Coalescion service
///
/// See module description for example usage.
pub struct CoalescionService<Id: Hash + Clone + Eq> {

View File

@@ -1,10 +1,11 @@
[package]
name = "revolt-config"
version = "0.8.9"
version = "0.11.5"
edition = "2021"
license = "MIT"
authors = ["Paul Makles <me@insrt.uk>"]
description = "Revolt Backend: Configuration"
repository = "https://github.com/stoatchat/stoatchat"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
@@ -37,4 +38,4 @@ sentry = { version = "0.31.5", optional = true }
sentry-anyhow = { version = "0.38.1", optional = true }
# Core
revolt-result = { version = "0.8.9", path = "../result", optional = true }
revolt-result = { version = "0.11.5", path = "../result", optional = true }

View File

@@ -244,7 +244,7 @@ voice_quality = 16000
# Whether the user can use video streams in voice calls
video = true
# Mamimum resolution (width, height) of video streams in voice calls
# Maximum resolution (width, height) of video streams in voice calls
video_resolution = [1080, 720]
# Minimum and maximum aspect ratio of video streams in voice calls
@@ -283,8 +283,8 @@ voice_quality = 16000
# Whether the user can use video streams in voice calls
video = true
# Mamimum resolution (width, height) of video streams in voice calls
video_resolution = [1080, 720]
# Maximum resolution (width, height) of video streams in voice calls
video_resolution = [1280, 720]
# Minimum and maximum aspect ratio of video streams in voice calls
video_aspect_ratio = [0.3, 2.5]
@@ -312,4 +312,4 @@ files = ""
proxy = ""
pushd = ""
crond = ""
gifbox = ""
gifbox = ""

View File

@@ -1,4 +1,4 @@
use std::collections::HashMap;
use std::{collections::HashMap, path::Path};
use cached::proc_macro::cached;
use config::{Config, File, FileFormat};
@@ -94,10 +94,19 @@ static CONFIG_BUILDER: Lazy<RwLock<Config>> = Lazy::new(|| {
}
}
for path in CONFIG_SEARCH_PATHS {
if std::path::Path::new(path).exists() {
builder = builder.add_source(File::new(path, FileFormat::Toml));
let cwd = std::env::current_dir().unwrap();
let mut cwd: Option<&Path> = Some(&cwd);
while let Some(path) = cwd {
for config_path in CONFIG_SEARCH_PATHS {
let config_path = path.join(config_path);
if config_path.exists() {
builder = builder
.add_source(File::new(config_path.to_str().unwrap(), FileFormat::Toml));
}
}
cwd = path.parent();
}
builder.build().unwrap()
@@ -108,6 +117,7 @@ static CONFIG_BUILDER: Lazy<RwLock<Config>> = Lazy::new(|| {
pub struct Database {
pub mongodb: String,
pub redis: String,
pub redis_pubsub: Option<String>,
}
#[derive(Deserialize, Debug, Clone)]
@@ -439,7 +449,7 @@ pub async fn config() -> Settings {
let mut config = read().await.try_deserialize::<Settings>().unwrap();
// inject REDIS_URI for redis-kiss library
if std::env::var("REDIS_URL").is_err() {
if std::env::var("REDIS_URI").is_err() {
std::env::set_var("REDIS_URI", config.database.redis.clone());
}

View File

@@ -1,10 +1,11 @@
[package]
name = "revolt-database"
version = "0.8.9"
version = "0.11.5"
edition = "2021"
license = "AGPL-3.0-or-later"
authors = ["Paul Makles <me@insrt.uk>"]
description = "Revolt Backend: Database Implementation"
repository = "https://github.com/stoatchat/stoatchat"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
@@ -15,8 +16,14 @@ mongodb = ["dep:mongodb", "bson", "authifier/database-mongodb"]
# ... Other
tasks = ["isahc", "linkify", "url-escape"]
async-std-runtime = ["async-std", "authifier/async-std-runtime"]
rocket-impl = ["rocket"]
axum-impl = ["axum"]
rocket-impl = [
"rocket",
"schemars",
"revolt_okapi",
"revolt_rocket_okapi",
"authifier/rocket_impl",
]
axum-impl = ["axum", "revolt-result/axum"]
redis-is-patched = ["revolt-presence/redis-is-patched"]
voice = ["livekit-api", "livekit-protocol", "livekit-runtime"]
@@ -25,19 +32,19 @@ default = ["mongodb", "async-std-runtime", "tasks"]
[dependencies]
# Core
revolt-config = { version = "0.8.9", path = "../config", features = [
revolt-config = { version = "0.11.5", path = "../config", features = [
"report-macros",
] }
revolt-result = { version = "0.8.9", path = "../result" }
revolt-models = { version = "0.8.9", path = "../models", features = [
revolt-result = { version = "0.11.5", path = "../result" }
revolt-models = { version = "0.11.5", path = "../models", features = [
"validator",
] }
revolt-presence = { version = "0.8.9", path = "../presence" }
revolt-permissions = { version = "0.8.9", path = "../permissions", features = [
revolt-presence = { version = "0.11.5", path = "../presence" }
revolt-permissions = { version = "0.11.5", path = "../permissions", features = [
"serde",
"bson",
] }
revolt-parser = { version = "0.8.9", path = "../parser" }
revolt-parser = { version = "0.11.5", path = "../parser" }
# Utility
log = "0.4"
@@ -47,7 +54,7 @@ ulid = "1.0.0"
nanoid = "0.4.0"
base64 = "0.21.3"
once_cell = "1.17"
indexmap = "2.12.0"
indexmap = "1.9.1"
decancer = "1.6.2"
deadqueue = "0.2.4"
linkify = { optional = true, version = "0.8.1" }
@@ -59,7 +66,7 @@ isahc = { optional = true, version = "1.7", features = ["json"] }
serde_json = "1"
revolt_optional_struct = "0.2.0"
serde = { version = "1", features = ["derive"] }
iso8601-timestamp = { version = "0.4.0", features = ["serde", "bson"] }
iso8601-timestamp = { version = "0.2.10", features = ["serde", "bson"] }
# Events
redis-kiss = { version = "0.1.4" }
@@ -82,23 +89,23 @@ async-recursion = "1.0.4"
async-std = { version = "1.8.0", features = ["attributes"], optional = true }
# Axum Impl
axum = { version = "0.8.6", optional = true }
axum = { version = "0.7.5", optional = true }
# Rocket Impl
schemars = { version = "0.8.8", optional = true }
rocket = { version = "0.5.1", default-features = false, features = [
"json",
], optional = true }
# Openapi Schema
utoipa = { version = "5.4.0", optional = true }
revolt_okapi = { version = "0.9.1", optional = true }
revolt_rocket_okapi = { version = "0.10.0", optional = true }
# Authifier
authifier = { version = "1.0.15" }
authifier = { version = "1.0.16" }
# RabbitMQ
amqprs = { version = "1.7.0" }
# Voice
livekit-api = { version = "=0.4.4", optional = true}
livekit-protocol = { version = "=0.4.0", optional = true }
livekit-runtime = { version = "=0.3.1", features = ["tokio"], optional = true }
livekit-api = { version = "0.4.4", optional = true }
livekit-protocol = { version = "0.4.0", optional = true }
livekit-runtime = { version = "0.3.1", features = ["tokio"], optional = true }

View File

@@ -47,6 +47,7 @@
],
"roles": {
"__ID:5__": {
"_id": "__ID:5__",
"name": "Moderator",
"permissions": {
"a": 545270208,
@@ -55,6 +56,7 @@
"rank": 1
},
"__ID:6__": {
"_id": "__ID:6__",
"name": "Owner",
"permissions": {
"a": 0,

View File

@@ -11,6 +11,8 @@ use revolt_presence::filter_online;
use serde_json::to_string;
// TODO: move away from storing Connection and Channel to using thread local singletons - #659
#[derive(Clone)]
pub struct AMQP {
#[allow(unused)]

View File

@@ -10,6 +10,7 @@ use authifier::config::SMTPSettings;
use authifier::config::Shield;
use authifier::config::Template;
use authifier::config::Templates;
use authifier::config::EmailExpiryConfig;
use authifier::Authifier;
use rand::Rng;
use revolt_config::config;
@@ -69,7 +70,7 @@ impl DatabaseInfo {
.await;
#[cfg(not(feature = "mongodb"))]
return Err("MongoDB not enabled.".to_string())
return Err("MongoDB not enabled.".to_string());
} else {
DatabaseInfo::Reference.connect().await
}
@@ -90,7 +91,7 @@ impl DatabaseInfo {
.await;
#[cfg(not(feature = "mongodb"))]
return Err("MongoDB not enabled.".to_string())
return Err("MongoDB not enabled.".to_string());
}
_ => unreachable!("must specify REFERENCE or MONGODB"),
}
@@ -137,29 +138,33 @@ impl Database {
.api
.smtp
.reply_to
.unwrap_or("support@revolt.chat".into()),
.unwrap_or("support@stoat.chat".into()),
),
port: config.api.smtp.port,
use_tls: config.api.smtp.use_tls,
use_starttls: config.api.smtp.use_starttls,
},
expiry: Default::default(),
expiry: EmailExpiryConfig {
expire_verification: 3600 * 24 * 7,
expire_password_reset: 3600 * 24,
expire_account_deletion: 3600 * 24,
},
templates: if config.production {
Templates {
verify: Template {
title: "Verify your Revolt account.".into(),
title: "Verify your Stoat account.".into(),
text: include_str!("../../templates/verify.txt").into(),
url: format!("{}/login/verify/", config.hosts.app),
html: Some(include_str!("../../templates/verify.html").into()),
},
reset: Template {
title: "Reset your Revolt password.".into(),
title: "Reset your Stoat password.".into(),
text: include_str!("../../templates/reset.txt").into(),
url: format!("{}/login/reset/", config.hosts.app),
html: Some(include_str!("../../templates/reset.html").into()),
},
reset_existing: Template {
title: "You already have a Revolt account, reset your password."
title: "You already have a Stoat account, reset your password."
.into(),
text: include_str!("../../templates/reset-existing.txt").into(),
url: format!("{}/login/reset/", config.hosts.app),

View File

@@ -1,12 +1,20 @@
use amqprs::{
channel::{BasicPublishArguments},
BasicProperties, FieldTable,
};
use authifier::AuthifierEvent;
use revolt_result::Error;
use serde::{Deserialize, Serialize};
use revolt_models::v0::{
AppendMessage, Channel, ChannelUnread, ChannelVoiceState, Emoji, FieldsChannel, FieldsMember, FieldsMessage, FieldsRole, FieldsServer, FieldsUser, FieldsWebhook, Member, MemberCompositeKey, Message, PartialChannel, PartialMember, PartialMessage, PartialRole, PartialServer, PartialUser, PartialUserVoiceState, PartialWebhook, PolicyChange, RemovalIntention, Report, Server, User, UserSettings, UserVoiceState, Webhook
AppendMessage, Channel, ChannelUnread, ChannelVoiceState, Emoji, FieldsChannel, FieldsMember,
FieldsMessage, FieldsRole, FieldsServer, FieldsUser, FieldsWebhook, Member, MemberCompositeKey,
Message, PartialChannel, PartialMember, PartialMessage, PartialRole, PartialServer,
PartialUser, PartialUserVoiceState, PartialWebhook, PolicyChange, RemovalIntention, Report,
Server, User, UserSettings, UserVoiceState, Webhook,
};
use crate::Database;
use crate::{util::rabbit::get_channel, Database};
/// Ping Packet
#[derive(Serialize, Deserialize, Debug, Clone)]
@@ -304,14 +312,23 @@ pub enum EventV1 {
impl EventV1 {
/// Publish helper wrapper
pub async fn p(self, channel: String) {
#[cfg(not(debug_assertions))]
redis_kiss::p(channel, self).await;
#[cfg(debug_assertions)]
info!("Publishing event to {channel}: {self:?}");
#[cfg(debug_assertions)]
redis_kiss::publish(channel, self).await.unwrap();
let rmq = get_channel().await;
let mut headers = FieldTable::new();
headers.insert("c".try_into().unwrap(), channel.clone().into());
let mut properties = BasicProperties::default();
properties.with_headers(headers);
rmq.basic_publish(
properties,
serde_json::to_string(&self).unwrap().into_bytes(),
BasicPublishArguments::new("events", "events"),
)
.await
.unwrap();
}
/// Publish user event

View File

@@ -25,10 +25,6 @@ pub use mongodb;
#[macro_use]
extern crate bson;
#[cfg(feature = "utoipa")]
#[macro_use]
extern crate utoipa;
#[cfg(not(feature = "async-std-runtime"))]
compile_error!("async-std-runtime feature must be enabled.");
@@ -64,7 +60,7 @@ macro_rules! database_derived {
macro_rules! auto_derived {
( $( $item:item )+ ) => {
$(
#[derive(Serialize, Deserialize, Debug, Clone, PartialEq)]
#[derive(Serialize, Deserialize, Debug, Clone, Eq, PartialEq)]
$item
)+
};
@@ -72,8 +68,8 @@ macro_rules! auto_derived {
macro_rules! auto_derived_partial {
( $item:item, $name:expr ) => {
#[derive(OptionalStruct, Serialize, Deserialize, Debug, Clone, PartialEq)]
#[optional_derive(Serialize, Deserialize, Debug, Clone, Default, PartialEq)]
#[derive(OptionalStruct, Serialize, Deserialize, Debug, Clone, Eq, PartialEq)]
#[optional_derive(Serialize, Deserialize, Debug, Clone, Default, Eq, PartialEq)]
#[optional_name = $name]
#[opt_skip_serializing_none]
#[opt_some_priority]

View File

@@ -25,7 +25,7 @@ struct MigrationInfo {
revision: i32,
}
pub const LATEST_REVISION: i32 = 49; // MUST BE +1 to last migration
pub const LATEST_REVISION: i32 = 50; // MUST BE +1 to last migration
pub async fn migrate_database(db: &MongoDb) {
let migrations = db.col::<Document>("migrations");
@@ -1246,7 +1246,7 @@ pub async fn run_migrations(db: &MongoDb, revision: i32) -> i32 {
.expect("Failed to update voice channels");
};
if revision <= 48 {
if revision <= 48 {
info!("Running migration [revision 48 / 22-10-2025]: Add Video + Listen to default permissions");
db.col::<Document>("servers")
@@ -1264,6 +1264,48 @@ pub async fn run_migrations(db: &MongoDb, revision: i32) -> i32 {
.expect("Failed to update default_permissions");
};
if revision <= 49 {
info!("Running migration [revision 49 / 12-12-2025]: Add _id key to roles");
#[derive(Serialize, Deserialize, Clone)]
struct Server {
#[serde(rename = "_id")]
pub id: String,
#[serde(default = "HashMap::<String, Document>::new")]
pub roles: HashMap<String, Document>,
}
let mut servers = db
.db()
.collection::<Server>("servers")
.find(doc! {
"roles": {
"$exists": true,
"$ne": {}
}
})
.await
.unwrap()
.map(|res| res.expect("Failed to decode Server { id, roles }"));
while let Some(server) = servers.next().await {
let mut doc = doc! {};
for id in server.roles.keys() {
doc.insert(
format!("roles.{id}._id"),
id,
);
}
db.db()
.collection::<Server>("servers")
.update_one(doc! { "_id": &server.id }, doc! { "$set": doc })
.await
.unwrap();
}
};
// Reminder to update LATEST_REVISION when adding new migrations.
LATEST_REVISION.max(revision)
}

View File

@@ -14,7 +14,7 @@ auto_derived!(
}
/// Composite primary key consisting of channel and user id
#[derive(Hash, Eq)]
#[derive(Hash)]
pub struct ChannelCompositeKey {
/// Channel Id
pub channel: String,

View File

@@ -247,7 +247,7 @@ impl AbstractMessages for ReferenceDb {
let mut messages = self.messages.lock().await;
if let Some(message) = messages.get_mut(id) {
if let Some(users) = message.reactions.get_mut(emoji) {
users.swap_remove(&user.to_string());
users.remove(&user.to_string());
}
Ok(())
@@ -260,7 +260,7 @@ impl AbstractMessages for ReferenceDb {
async fn clear_reaction(&self, id: &str, emoji: &str) -> Result<()> {
let mut messages = self.messages.lock().await;
if let Some(message) = messages.get_mut(id) {
message.reactions.swap_remove(emoji);
message.reactions.remove(emoji);
Ok(())
} else {
Err(create_error!(NotFound))

View File

@@ -55,7 +55,7 @@ auto_derived_partial!(
auto_derived!(
/// Composite primary key consisting of server and user id
#[derive(Hash, Default, Eq)]
#[derive(Hash, Default)]
pub struct MemberCompositeKey {
/// Server Id
pub server: String,
@@ -72,6 +72,7 @@ auto_derived!(
CanReceive,
CanPublish,
JoinedAt,
VoiceChannel,
}
/// Member removal intention
@@ -224,13 +225,14 @@ impl Member {
pub fn remove_field(&mut self, field: &FieldsMember) {
match field {
FieldsMember::JoinedAt => (),
FieldsMember::JoinedAt => {},
FieldsMember::Avatar => self.avatar = None,
FieldsMember::Nickname => self.nickname = None,
FieldsMember::Roles => self.roles.clear(),
FieldsMember::Timeout => self.timeout = None,
FieldsMember::CanReceive => self.can_receive = true,
FieldsMember::CanPublish => self.can_publish = true,
FieldsMember::VoiceChannel => {},
}
}

View File

@@ -330,14 +330,15 @@ impl AbstractServerMembers for MongoDb {
impl IntoDocumentPath for FieldsMember {
fn as_path(&self) -> Option<&'static str> {
Some(match self {
FieldsMember::JoinedAt => "joined_at",
FieldsMember::Avatar => "avatar",
FieldsMember::Nickname => "nickname",
FieldsMember::Roles => "roles",
FieldsMember::Timeout => "timeout",
FieldsMember::CanPublish => "can_publish",
FieldsMember::CanReceive => "can_receive",
})
match self {
FieldsMember::JoinedAt => Some("joined_at"),
FieldsMember::Avatar => Some("avatar"),
FieldsMember::Nickname => Some("nickname"),
FieldsMember::Roles => Some("roles"),
FieldsMember::Timeout => Some("timeout"),
FieldsMember::CanPublish => Some("can_publish"),
FieldsMember::CanReceive => Some("can_receive"),
FieldsMember::VoiceChannel => None,
}
}
}

View File

@@ -68,6 +68,9 @@ auto_derived_partial!(
auto_derived_partial!(
/// Role
pub struct Role {
/// Unique Id
#[serde(rename = "_id")]
pub id: String,
/// Role name
pub name: String,
/// Permissions available to this role
@@ -246,7 +249,6 @@ impl Server {
role.update(
db,
&self.id,
role_id,
PartialRole {
permissions: Some(permissions),
..Default::default()
@@ -297,6 +299,7 @@ impl Role {
/// Into optional struct
pub fn into_optional(self) -> PartialRole {
PartialRole {
id: Some(self.id),
name: Some(self.name),
permissions: Some(self.permissions),
colour: self.colour,
@@ -306,20 +309,29 @@ impl Role {
}
/// Create a role
pub async fn create(&self, db: &Database, server_id: &str) -> Result<String> {
let role_id = Ulid::new().to_string();
db.insert_role(server_id, &role_id, self).await?;
pub async fn create(db: &Database, server: &Server, name: String) -> Result<Self> {
let role = Role {
id: Ulid::new().to_string(),
name,
// Rank of the new role should be below the lowest role
rank: server.roles.len() as i64,
colour: None,
hoist: false,
permissions: Default::default(),
};
db.insert_role(&server.id, &role).await?;
EventV1::ServerRoleUpdate {
id: server_id.to_string(),
role_id: role_id.to_string(),
data: self.clone().into_optional().into(),
id: server.id.clone(),
role_id: role.id.clone(),
data: role.clone().into_optional().into(),
clear: vec![],
}
.p(server_id.to_string())
.p(server.id.clone())
.await;
Ok(role_id)
Ok(role)
}
/// Update server data
@@ -327,7 +339,6 @@ impl Role {
&mut self,
db: &Database,
server_id: &str,
role_id: &str,
partial: PartialRole,
remove: Vec<FieldsRole>,
) -> Result<()> {
@@ -337,14 +348,14 @@ impl Role {
self.apply_options(partial.clone());
db.update_role(server_id, role_id, &partial, remove.clone())
db.update_role(server_id, &self.id, &partial, remove.clone())
.await?;
EventV1::ServerRoleUpdate {
id: server_id.to_string(),
role_id: role_id.to_string(),
role_id: self.id.clone(),
data: partial.into(),
clear: vec![],
clear: remove.into_iter().map(Into::into).collect(),
}
.p(server_id.to_string())
.await;
@@ -360,15 +371,15 @@ impl Role {
}
/// Delete a role
pub async fn delete(self, db: &Database, server_id: &str, role_id: &str) -> Result<()> {
pub async fn delete(self, db: &Database, server_id: &str) -> Result<()> {
EventV1::ServerRoleDelete {
id: server_id.to_string(),
role_id: role_id.to_string(),
role_id: self.id.clone(),
}
.p(server_id.to_string())
.await;
db.delete_role(server_id, role_id).await
db.delete_role(server_id, &self.id).await
}
}

View File

@@ -29,7 +29,7 @@ pub trait AbstractServers: Sync + Send {
async fn delete_server(&self, id: &str) -> Result<()>;
/// Insert a new role into server object
async fn insert_role(&self, server_id: &str, role_id: &str, role: &Role) -> Result<()>;
async fn insert_role(&self, server_id: &str, role: &Role) -> Result<()>;
/// Update an existing role on a server
async fn update_role(

View File

@@ -69,7 +69,7 @@ impl AbstractServers for MongoDb {
}
/// Insert a new role into server object
async fn insert_role(&self, server_id: &str, role_id: &str, role: &Role) -> Result<()> {
async fn insert_role(&self, server_id: &str, role: &Role) -> Result<()> {
self.col::<Document>(COL)
.update_one(
doc! {
@@ -77,7 +77,7 @@ impl AbstractServers for MongoDb {
},
doc! {
"$set": {
"roles.".to_owned() + role_id: to_document(role)
"roles.".to_owned() + &role.id: to_document(role)
.map_err(|_| create_database_error!("to_document", "role"))?
}
},

View File

@@ -72,10 +72,10 @@ impl AbstractServers for ReferenceDb {
}
/// Insert a new role into server object
async fn insert_role(&self, server_id: &str, role_id: &str, role: &Role) -> Result<()> {
async fn insert_role(&self, server_id: &str, role: &Role) -> Result<()> {
let mut servers = self.servers.lock().await;
if let Some(server) = servers.get_mut(server_id) {
server.roles.insert(role_id.to_string(), role.clone());
server.roles.insert(role.id.clone(), role.clone());
Ok(())
} else {
Err(create_error!(NotFound))

View File

@@ -4,6 +4,7 @@ use revolt_result::{create_error, Error, Result};
use crate::{Database, User};
#[async_trait::async_trait]
impl<S> FromRequestParts<S> for User
where
Database: FromRef<S>,

View File

@@ -4,6 +4,8 @@ mod model;
mod ops;
#[cfg(feature = "rocket-impl")]
mod rocket;
#[cfg(feature = "rocket-impl")]
mod schema;
pub use model::*;
pub use ops::*;

View File

@@ -15,7 +15,7 @@ use serde_json::json;
use ulid::Ulid;
auto_derived_partial!(
/// User
/// # User
pub struct User {
/// Unique Id
#[serde(rename = "_id")]

View File

@@ -0,0 +1,31 @@
use revolt_okapi::openapi3::{SecurityScheme, SecuritySchemeData};
use revolt_rocket_okapi::{
gen::OpenApiGenerator,
request::{OpenApiFromRequest, RequestHeaderInput},
};
use crate::User;
impl OpenApiFromRequest<'_> for User {
fn from_request_input(
_gen: &mut OpenApiGenerator,
_name: String,
_required: bool,
) -> revolt_rocket_okapi::Result<RequestHeaderInput> {
let mut requirements = schemars::Map::new();
requirements.insert("Session Token".to_owned(), vec![]);
Ok(RequestHeaderInput::Security(
"Session Token".to_owned(),
SecurityScheme {
data: SecuritySchemeData::ApiKey {
name: "x-session-token".to_owned(),
location: "header".to_owned(),
},
description: Some("Used to authenticate as a user.".to_owned()),
extensions: schemars::Map::new(),
},
requirements,
))
}
}

View File

@@ -17,7 +17,7 @@ use super::DelayedTask;
use crate::Channel::TextChannel;
/// Enumeration of possible events
#[derive(Debug, PartialEq)]
#[derive(Debug, Eq, PartialEq)]
pub enum AckEvent {
/// Add mentions for a channel
ProcessMessage {

View File

@@ -691,6 +691,7 @@ impl From<crate::FieldsMember> for FieldsMember {
crate::FieldsMember::CanReceive => FieldsMember::CanReceive,
crate::FieldsMember::CanPublish => FieldsMember::CanPublish,
crate::FieldsMember::JoinedAt => FieldsMember::JoinedAt,
crate::FieldsMember::VoiceChannel => FieldsMember::VoiceChannel,
}
}
}
@@ -705,6 +706,7 @@ impl From<FieldsMember> for crate::FieldsMember {
FieldsMember::CanReceive => crate::FieldsMember::CanReceive,
FieldsMember::CanPublish => crate::FieldsMember::CanPublish,
FieldsMember::JoinedAt => crate::FieldsMember::JoinedAt,
FieldsMember::VoiceChannel => crate::FieldsMember::VoiceChannel,
}
}
}
@@ -896,6 +898,7 @@ impl From<SystemMessageChannels> for crate::SystemMessageChannels {
impl From<crate::Role> for Role {
fn from(value: crate::Role) -> Self {
Role {
id: value.id,
name: value.name,
permissions: value.permissions,
colour: value.colour,
@@ -908,6 +911,7 @@ impl From<crate::Role> for Role {
impl From<Role> for crate::Role {
fn from(value: Role) -> crate::Role {
crate::Role {
id: value.id,
name: value.name,
permissions: value.permissions,
colour: value.colour,
@@ -920,6 +924,7 @@ impl From<Role> for crate::Role {
impl From<crate::PartialRole> for PartialRole {
fn from(value: crate::PartialRole) -> Self {
PartialRole {
id: value.id,
name: value.name,
permissions: value.permissions,
colour: value.colour,
@@ -932,6 +937,7 @@ impl From<crate::PartialRole> for PartialRole {
impl From<PartialRole> for crate::PartialRole {
fn from(value: PartialRole) -> crate::PartialRole {
crate::PartialRole {
id: value.id,
name: value.name,
permissions: value.permissions,
colour: value.colour,

View File

@@ -10,16 +10,16 @@ use once_cell::sync::Lazy;
use serde::{Deserialize, Serialize};
#[derive(Serialize, Deserialize)]
#[cfg_attr(feature = "utoipa", derive(IntoParams))]
#[cfg_attr(feature = "utoipa", into_params(names("Idempotency-Key"), parameter_in=Header))]
pub struct IdempotencyKey(String);
pub struct IdempotencyKey {
key: String,
}
static TOKEN_CACHE: Lazy<Mutex<lru::LruCache<String, ()>>> =
Lazy::new(|| Mutex::new(lru::LruCache::new(NonZeroUsize::new(1000).unwrap())));
impl IdempotencyKey {
pub fn unchecked_from_string(key: String) -> Self {
Self(key)
Self { key }
}
// Backwards compatibility.
@@ -32,56 +32,56 @@ impl IdempotencyKey {
}
cache.put(v.clone(), ());
self.0 = v;
self.key = v;
}
Ok(())
}
pub fn into_key(self) -> String {
self.0
self.key
}
}
// #[cfg(feature = "rocket-impl")]
// use revolt_rocket_okapi::{
// gen::OpenApiGenerator,
// request::{OpenApiFromRequest, RequestHeaderInput},
// revolt_okapi::openapi3::{Parameter, ParameterValue},
// };
#[cfg(feature = "rocket-impl")]
use revolt_rocket_okapi::{
gen::OpenApiGenerator,
request::{OpenApiFromRequest, RequestHeaderInput},
revolt_okapi::openapi3::{Parameter, ParameterValue},
};
// #[cfg(feature = "rocket-impl")]
// use schemars::schema::{InstanceType, SchemaObject, SingleOrVec};
#[cfg(feature = "rocket-impl")]
use schemars::schema::{InstanceType, SchemaObject, SingleOrVec};
// #[cfg(feature = "rocket-impl")]
// impl OpenApiFromRequest<'_> for IdempotencyKey {
// fn from_request_input(
// _gen: &mut OpenApiGenerator,
// _name: String,
// _required: bool,
// ) -> revolt_rocket_okapi::Result<RequestHeaderInput> {
// Ok(RequestHeaderInput::Parameter(Parameter {
// name: "Idempotency-Key".to_string(),
// description: Some("Unique key to prevent duplicate requests".to_string()),
// allow_empty_value: false,
// required: false,
// deprecated: false,
// extensions: schemars::Map::new(),
// location: "header".to_string(),
// value: ParameterValue::Schema {
// allow_reserved: false,
// example: None,
// examples: None,
// explode: None,
// style: None,
// schema: SchemaObject {
// instance_type: Some(SingleOrVec::Single(Box::new(InstanceType::String))),
// ..Default::default()
// },
// },
// }))
// }
// }
#[cfg(feature = "rocket-impl")]
impl OpenApiFromRequest<'_> for IdempotencyKey {
fn from_request_input(
_gen: &mut OpenApiGenerator,
_name: String,
_required: bool,
) -> revolt_rocket_okapi::Result<RequestHeaderInput> {
Ok(RequestHeaderInput::Parameter(Parameter {
name: "Idempotency-Key".to_string(),
description: Some("Unique key to prevent duplicate requests".to_string()),
allow_empty_value: false,
required: false,
deprecated: false,
extensions: schemars::Map::new(),
location: "header".to_string(),
value: ParameterValue::Schema {
allow_reserved: false,
example: None,
examples: None,
explode: None,
style: None,
schema: SchemaObject {
instance_type: Some(SingleOrVec::Single(Box::new(InstanceType::String))),
..Default::default()
},
},
}))
}
}
#[cfg(feature = "rocket-impl")]
use rocket::{
@@ -110,16 +110,18 @@ impl<'r> FromRequest<'r> for IdempotencyKey {
));
}
let idempotency = IdempotencyKey(key);
let idempotency = IdempotencyKey { key };
let mut cache = TOKEN_CACHE.lock().await;
if cache.get(&idempotency.0).is_some() {
if cache.get(&idempotency.key).is_some() {
return Outcome::Error((Status::Conflict, create_error!(DuplicateNonce)));
}
cache.put(idempotency.0.clone(), ());
cache.put(idempotency.key.clone(), ());
return Outcome::Success(idempotency);
}
Outcome::Success(IdempotencyKey(ulid::Ulid::new().to_string()))
Outcome::Success(IdempotencyKey {
key: ulid::Ulid::new().to_string(),
})
}
}

View File

@@ -5,7 +5,6 @@ pub mod idempotency;
pub mod permissions;
pub mod reference;
pub mod test_fixtures;
#[cfg(feature = "utoipa")]
pub mod utoipa;
pub mod rabbit;
pub use funcs::*;

View File

@@ -0,0 +1,48 @@
use amqprs::{channel::Channel, connection::Connection};
use once_cell::sync::OnceCell;
use std::{
collections::HashMap, future::ready, sync::{LazyLock, RwLock}, thread::{ThreadId, current}
};
static RABBIT_CONNECTION: OnceCell<Connection> = OnceCell::new();
static RABBIT_CHANNELS: LazyLock<RwLock<HashMap<ThreadId, Channel>>> =
LazyLock::new(|| RwLock::new(HashMap::new()));
pub async fn get_channel_with_init<F: AsyncFnOnce(Channel) -> Channel>(init: F) -> Channel {
let conn = RABBIT_CONNECTION
.get()
.expect("Rabbit connection is not initialised.");
let thread_id = current().id();
let channel = RABBIT_CHANNELS
.read()
.expect("Channels poisioned")
.get(&thread_id)
.cloned();
if let Some(channel) = channel {
channel
} else {
let mut channel =
conn.open_channel(None)
.await
.expect("Failed to open rabbitmq channel");
channel = init(channel).await;
RABBIT_CHANNELS
.write()
.expect("Channels poisioned")
.insert(thread_id, channel.clone());
channel
}
}
pub async fn get_channel() -> Channel {
get_channel_with_init(ready).await
}
pub fn set_rabbitmq_connection(connection: Connection) -> bool {
RABBIT_CONNECTION.set(connection).is_ok()
}

View File

@@ -3,6 +3,11 @@ use std::str::FromStr;
use revolt_result::Result;
#[cfg(feature = "rocket-impl")]
use rocket::request::FromParam;
#[cfg(feature = "rocket-impl")]
use schemars::{
schema::{InstanceType, Schema, SchemaObject, SingleOrVec},
JsonSchema,
};
use crate::{
Bot, Channel, Database, Emoji, Invite, Member, Message, Server, ServerBan, User, Webhook,
@@ -107,3 +112,17 @@ impl<'r> FromParam<'r> for Reference<'r> {
Ok(Reference::from_unchecked(param))
}
}
#[cfg(feature = "rocket-impl")]
impl<'a> JsonSchema for Reference<'a> {
fn schema_name() -> String {
"Id".to_string()
}
fn json_schema(_gen: &mut schemars::gen::SchemaGenerator) -> Schema {
Schema::Object(SchemaObject {
instance_type: Some(SingleOrVec::Single(Box::new(InstanceType::String))),
..Default::default()
})
}
}

View File

@@ -1,49 +0,0 @@
use utoipa::{
openapi::{
schema::SchemaType,
security::{ApiKey, ApiKeyValue, SecurityScheme},
ObjectBuilder, OpenApi, RefOr, Schema, Type,
},
Modify, PartialSchema, ToSchema,
};
use crate::util::reference::Reference;
pub struct TokenSecurity;
impl Modify for TokenSecurity {
fn modify(&self, openapi: &mut OpenApi) {
let components = openapi.components.get_or_insert_default();
components.add_security_scheme(
"Session-Token",
SecurityScheme::ApiKey(ApiKey::Header(ApiKeyValue::new(
"X-Session-Token".to_string(),
))),
);
components.add_security_scheme(
"Bot-Token",
SecurityScheme::ApiKey(ApiKey::Header(ApiKeyValue::new("X-Bot-Ticket".to_string()))),
);
}
}
impl ToSchema for Reference<'_> {
fn name() -> std::borrow::Cow<'static, str> {
std::borrow::Cow::Borrowed("Reference")
}
}
impl PartialSchema for Reference<'_> {
fn schema() -> RefOr<Schema> {
RefOr::T(
ObjectBuilder::new()
.description(Some("An id referencing a stoat model."))
.schema_type(SchemaType::Type(Type::String))
.examples(["01FD58YK5W7QRV5H3D64KTQYX3"])
.build()
.into(),
)
}
}

View File

@@ -16,29 +16,33 @@ mod voice_client;
pub use voice_client::VoiceClient;
async fn get_connection() -> Result<Conn> {
_get_connection().await.map_err(|_| create_error!(InternalError))
_get_connection()
.await
.map_err(|_| create_error!(InternalError))
}
pub async fn raise_if_in_voice(user: &User, channel_id: &str) -> Result<()> {
let mut conn = get_connection().await?;
if user.bot.is_some()
// bots can be in as many voice channels as it wants so we just check if its already connected to the one its trying to connect to
&& conn.sismember(format!("vc:{}", &user.id), channel_id)
if user.bot.is_some() {
// bots can be in as many voice channels as it wants so we just check if its already connected to the one its trying to connect to
if conn
.sismember(format!("vc:{}", &user.id), channel_id)
.await
.to_internal_error()?
{
Err(create_error!(AlreadyConnected))
{
return Err(create_error!(AlreadyConnected));
};
} else if conn
.scard::<_, u32>(format!("vc:{}", &user.id)) // check if the current vc set is empty
.await
.to_internal_error()?
> 0
{
Err(create_error!(AlreadyConnected))
} else {
Ok(())
}
return Err(create_error!(AlreadyConnected));
};
Ok(())
}
pub async fn set_channel_node(channel: &str, node: &str) -> Result<()> {
@@ -57,6 +61,14 @@ pub async fn get_channel_node(channel: &str) -> Result<Option<String>> {
.to_internal_error()
}
pub async fn delete_channel_node(channel: &str) -> Result<()> {
get_connection()
.await?
.del(format!("node:{channel}"))
.await
.to_internal_error()
}
pub async fn get_user_voice_channels(user_id: &str) -> Result<Vec<String>> {
get_connection()
.await?
@@ -224,6 +236,7 @@ pub async fn delete_channel_voice_state(
let mut pipeline = Pipeline::new();
pipeline.del(format!("vc_members:{channel_id}"));
pipeline.del(format!("node:{channel_id}"));
for user_id in user_ids {
let unique_key = format!("{user_id}:{parent_id}");
@@ -565,15 +578,24 @@ pub async fn get_call_notification_recipients(
.to_internal_error()
}
pub async fn remove_user_from_voice_channels(db: &Database, voice_client: &VoiceClient, user_id: &str) -> Result<()> {
pub async fn remove_user_from_voice_channels(
db: &Database,
voice_client: &VoiceClient,
user_id: &str,
) -> Result<()> {
for channel_id in get_user_voice_channels(user_id).await? {
remove_user_from_voice_channel(db, voice_client, &channel_id, user_id).await?;
};
}
Ok(())
}
pub async fn remove_user_from_voice_channel(db: &Database, voice_client: &VoiceClient, channel_id: &str, user_id: &str) -> Result<()> {
pub async fn remove_user_from_voice_channel(
db: &Database,
voice_client: &VoiceClient,
channel_id: &str,
user_id: &str,
) -> Result<()> {
if let Some(node) = get_channel_node(channel_id).await? {
let _ = voice_client.remove_user(&node, user_id, channel_id).await;
}
@@ -585,7 +607,11 @@ pub async fn remove_user_from_voice_channel(db: &Database, voice_client: &VoiceC
Ok(())
}
pub async fn delete_voice_channel(voice_client: &VoiceClient, channel_id: &str, server_id: Option<&str>) -> Result<()> {
pub async fn delete_voice_channel(
voice_client: &VoiceClient,
channel_id: &str,
server_id: Option<&str>,
) -> Result<()> {
if let Some(users) = get_voice_channel_members(channel_id).await? {
let node = get_channel_node(channel_id).await?.unwrap();
@@ -595,4 +621,4 @@ pub async fn delete_voice_channel(voice_client: &VoiceClient, channel_id: &str,
};
Ok(())
}
}

View File

@@ -4,6 +4,6 @@ Please navigate to: {{url}}
This email is intended for {{email}}
This email has no association with Revolt or Revolt Platforms Ltd.
This email has no association with Stoat or Revolt Platforms Ltd.
Learn more about third party instances here:
https://developers.revolt.chat/faq.html

View File

@@ -5,6 +5,6 @@ Please navigate to: {{url}}
This email is intended for {{email}}
This email has no association with Revolt or Revolt Platforms Ltd.
This email has no association with Stoat or Revolt Platforms Ltd.
Learn more about third party instances here:
https://developers.revolt.chat/faq.html

View File

@@ -1,13 +1,20 @@
[package]
name = "revolt-files"
version = "0.8.9"
version = "0.11.5"
edition = "2021"
license = "AGPL-3.0-or-later"
authors = ["Paul Makles <me@insrt.uk>"]
description = "Revolt Backend: S3 and encryption subroutines"
repository = "https://github.com/stoatchat/stoatchat"
[dependencies]
tracing = "0.1"
anyhow = { workspace = true }
thiserror = { workspace = true }
tracing = { workspace = true }
tokio = { workspace = true }
async-trait = { workspace = true }
ffprobe = "0.4.0"
imagesize = "0.13.0"
@@ -20,14 +27,14 @@ typenum = "1.17.0"
aws-config = "1.5.5"
aws-sdk-s3 = { version = "1.46.0", features = ["behavior-version-latest"] }
revolt-config = { version = "0.8.9", path = "../config", features = [
revolt-config = { version = "0.11.5", path = "../config", features = [
"report-macros",
] }
revolt-result = { version = "0.8.9", path = "../result" }
revolt-result = { version = "0.11.5", path = "../result" }
# image processing
jxl-oxide = "0.8.1"
image = { version = "0.25.2" }
jxl-oxide = { workspace = true }
image = { workspace = true }
# svg rendering
usvg = "0.44.0"
@@ -36,3 +43,6 @@ tiny-skia = "0.11.4"
# encoding
webp = "0.3.0"
[dev-dependencies]
uuid = { workspace = true }

View File

@@ -0,0 +1,75 @@
use aes_gcm::{
aead::{Aead, AeadCore, AeadMutInPlace, OsRng},
Aes256Gcm, Key, KeyInit, Nonce,
};
use base64::{prelude::BASE64_STANDARD, Engine};
use crate::EncryptionRepository;
pub struct EncryptionKey {
key: String,
}
impl EncryptionKey {
pub async fn from_config() -> EncryptionKey {
EncryptionKey::new(revolt_config::config().await.files.encryption_key)
}
pub fn new(key: String) -> EncryptionKey {
EncryptionKey { key }
}
fn create_cipher(&self) -> Aes256Gcm {
let key = &BASE64_STANDARD
.decode(self.key.clone())
.expect("valid base64 string")[..];
let key: &Key<Aes256Gcm> = key.into();
Aes256Gcm::new(key)
}
}
impl EncryptionRepository for EncryptionKey {
fn decrypt_buffer(&self, mut buf: Vec<u8>, iv: &str) -> anyhow::Result<Vec<u8>> {
let iv = &BASE64_STANDARD.decode(iv).unwrap()[..];
let iv: &Nonce<typenum::consts::U12> = iv.into();
self.create_cipher()
.decrypt_in_place(iv, b"", &mut buf)
.map_err(|error| {
tracing::error!("{}", error);
anyhow::anyhow!("EncryptionRepository: decryption failed")
})?;
Ok(buf)
}
fn encrypt_buffer(&self, buf: &[u8]) -> anyhow::Result<(Vec<u8>, String)> {
let iv = Aes256Gcm::generate_nonce(&mut OsRng);
let buf = self.create_cipher().encrypt(&iv, buf).map_err(|error| {
tracing::error!("{}", error);
anyhow::anyhow!("EncryptionRepository: encryption failed")
})?;
Ok((buf, BASE64_STANDARD.encode(iv)))
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_encrypt_and_decrypt() {
let encryption =
EncryptionKey::new("XkbJ8gBzrouQ+15Ri23xCC81+aZE26Z6+gXzglFxOD4=".to_string());
let buf: Vec<u8> = vec![67];
let (ciphertext, iv) = encryption.encrypt_buffer(&buf[..]).unwrap();
assert_eq!(ciphertext.len(), 17);
let plaintext = encryption.decrypt_buffer(ciphertext, &iv).unwrap();
assert_eq!(plaintext.len(), 1);
assert_eq!(plaintext[0], 67);
}
}

View File

@@ -0,0 +1,316 @@
use anyhow::Result;
use image::{DynamicImage, ImageBuffer, ImageReader};
use jxl_oxide::integration::JxlDecoder;
use revolt_config::report_internal_error;
use std::io::{BufRead, Read, Seek};
use tempfile::NamedTempFile;
use tiny_skia::Pixmap;
use crate::{MediaError, MediaRepository};
pub struct MediaImpl {
config: revolt_config::Files,
}
impl MediaImpl {
pub async fn from_config() -> MediaImpl {
MediaImpl {
config: revolt_config::config().await.files,
}
}
pub fn new(config: revolt_config::Files) -> MediaImpl {
MediaImpl { config }
}
}
impl MediaRepository for MediaImpl {
fn image_size(&self, f: &NamedTempFile) -> Option<(usize, usize)> {
if let Ok(size) = imagesize::size(f.path())
.inspect_err(|err| tracing::error!("Failed to generate image size! {err:?}"))
{
Some((size.width, size.height))
} else {
None
}
}
fn image_size_vec(&self, v: &[u8], mime: &str) -> Option<(usize, usize)> {
match mime {
"image/svg+xml" => {
let tree =
report_internal_error!(usvg::Tree::from_data(v, &Default::default())).ok()?;
let size = tree.size();
Some((size.width() as usize, size.height() as usize))
}
_ => {
if let Ok(size) = imagesize::blob_size(v)
.inspect_err(|err| tracing::error!("Failed to generate image size! {err:?}"))
{
Some((size.width, size.height))
} else {
None
}
}
}
}
fn decode_image<R: Read + BufRead + Seek>(
&self,
reader: &mut R,
mime: &str,
) -> Result<DynamicImage, MediaError> {
match mime {
"image/jxl" => {
let decoder =
JxlDecoder::new(reader).map_err(|e| MediaError::from(anyhow::anyhow!(e)))?;
DynamicImage::from_decoder(decoder)
.map_err(|e| MediaError::from(anyhow::anyhow!(e)))
}
"image/svg+xml" => {
let mut buf = Vec::new();
reader
.read_to_end(&mut buf)
.map_err(|e| MediaError::from(anyhow::anyhow!(e)))?;
let tree: usvg::Tree = usvg::Tree::from_data(&buf, &Default::default())
.map_err(|e| MediaError::from(anyhow::anyhow!(e)))?;
let size = tree.size();
let mut pixmap = Pixmap::new(size.width() as u32, size.height() as u32)
.ok_or_else(|| MediaError::ImageProcessingFailed {
cause: "failed to create Pixmap, likely zero sized".to_string(),
})?;
let mut pixmap_mut = pixmap.as_mut();
resvg::render(&tree, Default::default(), &mut pixmap_mut);
Ok(DynamicImage::ImageRgba8(
ImageBuffer::from_vec(
size.width() as u32,
size.height() as u32,
pixmap.data().to_vec(),
)
.ok_or_else(|| MediaError::ImageProcessingFailed {
cause: "buffer is not big enough".to_string(),
})?,
))
}
_ => {
let image: ImageReader<&mut R> = image::ImageReader::new(reader)
.with_guessed_format()
.map_err(|e| MediaError::from(anyhow::anyhow!(e)))?;
let image: Result<DynamicImage, MediaError> = image
.decode()
.map_err(|e| MediaError::from(anyhow::anyhow!(e)));
image
}
}
}
fn is_valid_image<R: Read + BufRead + Seek>(&self, reader: &mut R, mime: &str) -> bool {
match mime {
"image/jxl" => jxl_oxide::JxlImage::builder()
.read(reader)
.inspect_err(|err| tracing::error!("Failed to read JXL! {err:?}"))
.is_ok(),
_ => !matches!(
image::ImageReader::new(reader)
.with_guessed_format()
.inspect_err(|err| tracing::error!("Failed to read image! {err:?}"))
.map(|f| f.decode()),
Err(_) | Ok(Err(_))
),
}
}
fn create_thumbnail(&self, image: DynamicImage, tag: &str) -> Vec<u8> {
let [w, h] = self.config.preview.get(tag).unwrap();
let image = image.thumbnail(image.width().min(*w as u32), image.height().min(*h as u32));
let image = match image {
DynamicImage::ImageRgb8(_) => image,
DynamicImage::ImageRgba8(_) => image,
_ => {
if image.has_alpha() {
image.to_rgba8().into()
} else {
image.to_rgb8().into()
}
}
};
let encoder = webp::Encoder::from_image(&image).expect("Could not create encoder.");
if self.config.webp_quality != 100.0 {
encoder.encode(self.config.webp_quality).to_vec()
} else {
encoder.encode_lossless().to_vec()
}
}
fn video_size(&self, f: &NamedTempFile) -> Option<(i64, i64)> {
if let Ok(data) = ffprobe::ffprobe(f.path())
.inspect_err(|err| tracing::error!("Failed to ffprobe file! {err:?}"))
{
for stream in data.streams {
if let (Some(w), Some(h)) = (stream.width, stream.height) {
return Some((w, h));
}
}
None
} else {
None
}
}
}
#[cfg(test)]
mod tests {
use std::io::Cursor;
use crate::{MediaImpl, MediaRepository};
#[tokio::test]
async fn asset_test_jpeg() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/test.jpeg");
assert_eq!(media.image_size_vec(buf, "image/jpeg"), Some((655, 582)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/jpeg").unwrap();
media.create_thumbnail(image, "attachments");
}
#[tokio::test]
async fn asset_test_jpeg_extra_bytes() {
let media = MediaImpl::from_config().await;
let buf = [
&include_bytes!("../../tests/assets/test.jpeg")[..],
&[0u8; 16],
]
.concat();
assert_eq!(media.image_size_vec(&buf, "image/jpeg"), Some((655, 582)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/jpeg").unwrap();
media.create_thumbnail(image, "emojis");
}
#[tokio::test]
async fn asset_test_png() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/test.png");
assert_eq!(media.image_size_vec(buf, "image/png"), Some((900, 900)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/png").unwrap();
media.create_thumbnail(image, "emojis");
}
#[tokio::test]
async fn asset_test_png_extra_bytes() {
let media = MediaImpl::from_config().await;
let buf = [
&include_bytes!("../../tests/assets/test.png")[..],
&[0u8; 16],
]
.concat();
assert_eq!(media.image_size_vec(&buf, "image/png"), Some((900, 900)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/png").unwrap();
media.create_thumbnail(image, "emojis");
}
#[tokio::test]
async fn asset_test_floating_point_png() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/test-float.png");
assert_eq!(media.image_size_vec(buf, "image/png"), Some((300, 300)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/png").unwrap();
media.create_thumbnail(image, "avatars");
}
#[tokio::test]
async fn asset_test_corrupted_png() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/corrupted.png");
assert_eq!(media.image_size_vec(buf, "image/png"), Some((900, 900)));
let mut reader = Cursor::new(buf);
media.decode_image(&mut reader, "image/png").unwrap_err();
}
#[tokio::test]
async fn asset_test_animated_png() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/anim-icos.apng");
assert_eq!(media.image_size_vec(buf, "image/png"), Some((128, 128)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/png").unwrap();
media.create_thumbnail(image, "attachments");
}
#[tokio::test]
async fn asset_test_jxl() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/dice.jxl");
assert_eq!(media.image_size_vec(buf, "image/jxl"), Some((800, 600)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/jxl").unwrap();
media.create_thumbnail(image, "attachments");
}
#[tokio::test]
async fn asset_test_animated_jxl() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/anim-icos.jxl");
assert_eq!(media.image_size_vec(buf, "image/jxl"), Some((128, 128)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/jxl").unwrap();
media.create_thumbnail(image, "attachments");
}
#[tokio::test]
async fn asset_test_webp() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/dice.webp");
assert_eq!(media.image_size_vec(buf, "image/webp"), Some((800, 600)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/webp").unwrap();
media.create_thumbnail(image, "attachments");
}
#[tokio::test]
async fn asset_test_animated_webp() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/anim-icos.webp");
assert_eq!(media.image_size_vec(buf, "image/webp"), Some((128, 128)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/webp").unwrap();
media.create_thumbnail(image, "attachments");
}
#[tokio::test]
async fn asset_test_animated_gif() {
let media = MediaImpl::from_config().await;
let buf = include_bytes!("../../tests/assets/anim-icos.gif");
assert_eq!(media.image_size_vec(buf, "image/gif"), Some((128, 128)));
let mut reader = Cursor::new(buf);
let image = media.decode_image(&mut reader, "image/gif").unwrap();
media.create_thumbnail(image, "attachments");
}
}

View File

@@ -0,0 +1,7 @@
mod encryption_impl;
mod media_impl;
mod s3_impl;
pub use encryption_impl::EncryptionKey;
pub use media_impl::MediaImpl;
pub use s3_impl::S3Storage;

View File

@@ -0,0 +1,118 @@
use std::io::Write;
use anyhow::Context;
use aws_sdk_s3::{
config::{Credentials, Region},
Client, Config,
};
use revolt_config::FilesS3;
use crate::{EncryptionRepository, FileStorageRepository};
pub struct S3Storage<ER: EncryptionRepository> {
client: Client,
encryption: ER,
}
impl<ER: EncryptionRepository> S3Storage<ER> {
pub async fn from_config(encryption: ER) -> S3Storage<ER> {
S3Storage::new(encryption, revolt_config::config().await.files.s3)
}
pub fn new(encryption: ER, s3_config: FilesS3) -> S3Storage<ER> {
let provider_name = "my-creds";
let creds = Credentials::new(
s3_config.access_key_id,
s3_config.secret_access_key,
None,
None,
provider_name,
);
let config = Config::builder()
.region(Region::new(s3_config.region))
.endpoint_url(s3_config.endpoint)
.force_path_style(s3_config.path_style_buckets)
.credentials_provider(creds)
.build();
S3Storage {
client: Client::from_conf(config),
encryption,
}
}
}
#[async_trait::async_trait]
impl<ER: EncryptionRepository> FileStorageRepository for S3Storage<ER> {
async fn create_bucket(&self, bucket_id: &str) -> anyhow::Result<()> {
self.client
.create_bucket()
.bucket(bucket_id)
.send()
.await
.with_context(|| format!("failed to create bucket {bucket_id}"))?;
Ok(())
}
async fn fetch_and_decrypt_file(
&self,
bucket_id: &str,
path: &str,
iv: &str,
) -> anyhow::Result<Vec<u8>> {
let mut object = self
.client
.get_object()
.bucket(bucket_id)
.key(path)
.send()
.await
.with_context(|| format!("failed to get object at {path} in {bucket_id}"))?;
let mut buf = vec![];
while let Some(bytes) = object.body.next().await {
let data = bytes?;
buf.write_all(&data)?;
}
if iv.is_empty() {
Ok(buf)
} else {
self.encryption.decrypt_buffer(buf, iv)
}
}
async fn encrypt_and_upload_file(
&self,
bucket_id: &str,
path: &str,
buf: &[u8],
) -> anyhow::Result<String> {
let (buf, iv) = self.encryption.encrypt_buffer(buf)?;
self.client
.put_object()
.bucket(bucket_id)
.key(path)
.body(buf.into())
.send()
.await
.with_context(|| format!("failed to put object at {path} in {bucket_id}"))?;
Ok(iv)
}
async fn delete_file(&self, bucket_id: &str, path: &str) -> anyhow::Result<()> {
self.client
.delete_object()
.bucket(bucket_id)
.key(path)
.send()
.await
.with_context(|| format!("failed to delete object at {path} in {bucket_id}"))?;
Ok(())
}
}

View File

@@ -1,293 +1,182 @@
use std::io::{BufRead, Read, Seek, Write};
mod implementation;
mod repositories;
use aes_gcm::{
aead::{AeadCore, AeadMutInPlace, OsRng},
Aes256Gcm, Key, KeyInit, Nonce,
};
use image::{DynamicImage, ImageBuffer};
use revolt_config::{config, report_internal_error, FilesS3};
use revolt_result::{create_error, Result};
pub use implementation::*;
pub use repositories::*;
use aws_sdk_s3::{
config::{Credentials, Region},
Client, Config,
};
use std::io::{BufRead, Read, Seek};
use image::DynamicImage;
use revolt_config::{report_internal_error, Files, FilesLimit, FilesS3};
use revolt_result::Result;
use base64::prelude::*;
use tempfile::NamedTempFile;
use tiny_skia::Pixmap;
/// Size of the authentication tag in the buffer
pub const AUTHENTICATION_TAG_SIZE_BYTES: usize = 16;
/// Create an S3 client
pub fn create_client(s3_config: FilesS3) -> Client {
let provider_name = "my-creds";
let creds = Credentials::new(
s3_config.access_key_id,
s3_config.secret_access_key,
None,
None,
provider_name,
);
let config = Config::builder()
.region(Region::new(s3_config.region))
.endpoint_url(s3_config.endpoint)
.force_path_style(s3_config.path_style_buckets)
.credentials_provider(creds)
.build();
Client::from_conf(config)
}
/// Create an AES-256-GCM cipher
pub fn create_cipher(key: &str) -> Aes256Gcm {
let key = &BASE64_STANDARD.decode(key).expect("valid base64 string")[..];
let key: &Key<Aes256Gcm> = key.into();
Aes256Gcm::new(key)
}
/// Fetch a file from S3 (and decrypt it)
pub async fn fetch_from_s3(bucket_id: &str, path: &str, nonce: &str) -> Result<Vec<u8>> {
let config = config().await;
let client = create_client(config.files.s3);
// Send a request for the file
let mut obj =
report_internal_error!(client.get_object().bucket(bucket_id).key(path).send().await)?;
// Read the file from remote
let mut buf = vec![];
while let Some(bytes) = obj.body.next().await {
let data = report_internal_error!(bytes)?;
report_internal_error!(buf.write_all(&data))?;
// is there a more efficient way to do this?
// we just want the Vec<u8>
}
// File is not encrypted
if nonce.is_empty() {
return Ok(buf);
}
// Recover nonce as bytes
let nonce = &BASE64_STANDARD.decode(nonce).unwrap()[..];
let nonce: &Nonce<typenum::consts::U12> = nonce.into();
// Decrypt the file
create_cipher(&config.files.encryption_key)
.decrypt_in_place(nonce, b"", &mut buf)
.map_err(|_| create_error!(InternalError))?;
// Remove the authentication tag bytes that were added during encryption
buf.truncate(buf.len() - AUTHENTICATION_TAG_SIZE_BYTES);
Ok(buf)
pub async fn fetch_from_s3(bucket_id: &str, path: &str, iv: &str) -> Result<Vec<u8>> {
let encryption = implementation::EncryptionKey::from_config().await;
let storage = implementation::S3Storage::from_config(encryption).await;
report_internal_error!(storage.fetch_and_decrypt_file(bucket_id, path, iv).await)
}
/// Encrypt and upload a file to S3 (returning its nonce/IV)
pub async fn upload_to_s3(bucket_id: &str, path: &str, buf: &[u8]) -> Result<String> {
let config = config().await;
let client = create_client(config.files.s3);
// Generate a nonce
let nonce = Aes256Gcm::generate_nonce(&mut OsRng);
// Extend the buffer for in-place encryption
let mut buf = [buf, &[0; AUTHENTICATION_TAG_SIZE_BYTES]].concat();
// Encrypt the file in place
create_cipher(&config.files.encryption_key)
.encrypt_in_place(&nonce, b"", &mut buf)
.map_err(|_| create_error!(InternalError))?;
// Upload the file to remote
report_internal_error!(
client
.put_object()
.bucket(bucket_id)
.key(path)
.body(buf.into())
.send()
.await
)?;
Ok(BASE64_STANDARD.encode(nonce))
let encryption = implementation::EncryptionKey::from_config().await;
let storage = implementation::S3Storage::from_config(encryption).await;
report_internal_error!(storage.encrypt_and_upload_file(bucket_id, path, buf).await)
}
/// Delete a file from S3 by path
pub async fn delete_from_s3(bucket_id: &str, path: &str) -> Result<()> {
let config = config().await;
let client = create_client(config.files.s3);
report_internal_error!(
client
.delete_object()
.bucket(bucket_id)
.key(path)
.send()
.await
)?;
Ok(())
let encryption = implementation::EncryptionKey::from_config().await;
let storage = implementation::S3Storage::from_config(encryption).await;
report_internal_error!(storage.delete_file(bucket_id, path).await)
}
/// Determine size of image at temp file
pub fn image_size(f: &NamedTempFile) -> Option<(usize, usize)> {
if let Ok(size) = imagesize::size(f.path())
.inspect_err(|err| tracing::error!("Failed to generate image size! {err:?}"))
{
Some((size.width, size.height))
} else {
None
}
let media = MediaImpl::new(Files {
blocked_mime_types: Default::default(),
clamd_host: Default::default(),
encryption_key: Default::default(),
limit: FilesLimit {
max_mega_pixels: 0,
max_pixel_side: 0,
min_file_size: 0,
min_resolution: [0, 0],
},
preview: Default::default(),
s3: FilesS3 {
access_key_id: Default::default(),
default_bucket: Default::default(),
endpoint: Default::default(),
path_style_buckets: Default::default(),
region: Default::default(),
secret_access_key: Default::default(),
},
scan_mime_types: Default::default(),
webp_quality: Default::default(),
});
media.image_size(f)
}
/// Determine size of image with buffer
pub fn image_size_vec(v: &[u8], mime: &str) -> Option<(usize, usize)> {
match mime {
"image/svg+xml" => {
let tree =
report_internal_error!(usvg::Tree::from_data(v, &Default::default())).ok()?;
let media = MediaImpl::new(Files {
blocked_mime_types: Default::default(),
clamd_host: Default::default(),
encryption_key: Default::default(),
limit: FilesLimit {
max_mega_pixels: 0,
max_pixel_side: 0,
min_file_size: 0,
min_resolution: [0, 0],
},
preview: Default::default(),
s3: FilesS3 {
access_key_id: Default::default(),
default_bucket: Default::default(),
endpoint: Default::default(),
path_style_buckets: Default::default(),
region: Default::default(),
secret_access_key: Default::default(),
},
scan_mime_types: Default::default(),
webp_quality: Default::default(),
});
let size = tree.size();
Some((size.width() as usize, size.height() as usize))
}
_ => {
if let Ok(size) = imagesize::blob_size(v)
.inspect_err(|err| tracing::error!("Failed to generate image size! {err:?}"))
{
Some((size.width, size.height))
} else {
None
}
}
}
media.image_size_vec(v, mime)
}
/// Determine size of video at temp file
pub fn video_size(f: &NamedTempFile) -> Option<(i64, i64)> {
if let Ok(data) = ffprobe::ffprobe(f.path())
.inspect_err(|err| tracing::error!("Failed to ffprobe file! {err:?}"))
{
// Use first valid stream
for stream in data.streams {
if let (Some(w), Some(h)) = (stream.width, stream.height) {
return Some((w, h));
}
}
let media = MediaImpl::new(Files {
blocked_mime_types: Default::default(),
clamd_host: Default::default(),
encryption_key: Default::default(),
limit: FilesLimit {
max_mega_pixels: 0,
max_pixel_side: 0,
min_file_size: 0,
min_resolution: [0, 0],
},
preview: Default::default(),
s3: FilesS3 {
access_key_id: Default::default(),
default_bucket: Default::default(),
endpoint: Default::default(),
path_style_buckets: Default::default(),
region: Default::default(),
secret_access_key: Default::default(),
},
scan_mime_types: Default::default(),
webp_quality: Default::default(),
});
None
} else {
None
}
media.video_size(f)
}
/// Decode image from reader
pub fn decode_image<R: Read + BufRead + Seek>(reader: &mut R, mime: &str) -> Result<DynamicImage> {
match mime {
// Read image using jxl-oxide crate
"image/jxl" => {
let jxl_image = report_internal_error!(jxl_oxide::JxlImage::builder().read(reader))?;
if let Ok(frame) = jxl_image.render_frame(0) {
match frame.color_channels().len() {
3 => Ok(DynamicImage::ImageRgb8(
DynamicImage::ImageRgb32F(
ImageBuffer::from_vec(
jxl_image.width(),
jxl_image.height(),
frame.image().buf().to_vec(),
)
.ok_or_else(|| create_error!(ImageProcessingFailed))?,
)
.to_rgb8(),
)),
4 => Ok(DynamicImage::ImageRgba8(
DynamicImage::ImageRgba32F(
ImageBuffer::from_vec(
jxl_image.width(),
jxl_image.height(),
frame.image().buf().to_vec(),
)
.ok_or_else(|| create_error!(ImageProcessingFailed))?,
)
.to_rgba8(),
)),
_ => Err(create_error!(ImageProcessingFailed)),
}
} else {
Err(create_error!(ImageProcessingFailed))
}
}
// Read image using resvg
"image/svg+xml" => {
// usvg doesn't support Read trait so copy to buffer
let mut buf = Vec::new();
report_internal_error!(reader.read_to_end(&mut buf))?;
let media = MediaImpl::new(Files {
blocked_mime_types: Default::default(),
clamd_host: Default::default(),
encryption_key: Default::default(),
limit: FilesLimit {
max_mega_pixels: 0,
max_pixel_side: 0,
min_file_size: 0,
min_resolution: [0, 0],
},
preview: Default::default(),
s3: FilesS3 {
access_key_id: Default::default(),
default_bucket: Default::default(),
endpoint: Default::default(),
path_style_buckets: Default::default(),
region: Default::default(),
secret_access_key: Default::default(),
},
scan_mime_types: Default::default(),
webp_quality: Default::default(),
});
let tree = report_internal_error!(usvg::Tree::from_data(&buf, &Default::default()))?;
let size = tree.size();
let mut pixmap = Pixmap::new(size.width() as u32, size.height() as u32)
.ok_or_else(|| create_error!(ImageProcessingFailed))?;
let mut pixmap_mut = pixmap.as_mut();
resvg::render(&tree, Default::default(), &mut pixmap_mut);
Ok(DynamicImage::ImageRgba8(
ImageBuffer::from_vec(
size.width() as u32,
size.height() as u32,
pixmap.data().to_vec(),
)
.ok_or_else(|| create_error!(ImageProcessingFailed))?,
))
}
// Check if we can read using image-rs crate
_ => report_internal_error!(report_internal_error!(
image::ImageReader::new(reader).with_guessed_format()
)?
.decode()),
}
report_internal_error!(media.decode_image(reader, mime))
}
/// Check whether given reader has a valid image
pub fn is_valid_image<R: Read + BufRead + Seek>(reader: &mut R, mime: &str) -> bool {
match mime {
// Check if we can read using jxl-oxide crate
"image/jxl" => jxl_oxide::JxlImage::builder()
.read(reader)
.inspect_err(|err| tracing::error!("Failed to read JXL! {err:?}"))
.is_ok(),
// Check if we can read using image-rs crate
_ => !matches!(
image::ImageReader::new(reader)
.with_guessed_format()
.inspect_err(|err| tracing::error!("Failed to read image! {err:?}"))
.map(|f| f.decode()),
Err(_) | Ok(Err(_))
),
}
let media = MediaImpl::new(Files {
blocked_mime_types: Default::default(),
clamd_host: Default::default(),
encryption_key: Default::default(),
limit: FilesLimit {
max_mega_pixels: 0,
max_pixel_side: 0,
min_file_size: 0,
min_resolution: [0, 0],
},
preview: Default::default(),
s3: FilesS3 {
access_key_id: Default::default(),
default_bucket: Default::default(),
endpoint: Default::default(),
path_style_buckets: Default::default(),
region: Default::default(),
secret_access_key: Default::default(),
},
scan_mime_types: Default::default(),
webp_quality: Default::default(),
});
media.is_valid_image(reader, mime)
}
/// Create thumbnail from given image
pub async fn create_thumbnail(image: DynamicImage, tag: &str) -> Vec<u8> {
// Load configuration
let config = config().await;
let [w, h] = config.files.preview.get(tag).unwrap();
// Create thumbnail
//.resize(width as u32, height as u32, image::imageops::FilterType::Gaussian)
// resize is about 2.5x slower,
// thumbnail doesn't have terrible quality
// so we use thumbnail
let image = image.thumbnail(image.width().min(*w as u32), image.height().min(*h as u32));
// Encode it into WEBP
let encoder = webp::Encoder::from_image(&image).expect("Could not create encoder.");
if config.files.webp_quality != 100.0 {
encoder.encode(config.files.webp_quality).to_vec()
} else {
encoder.encode_lossless().to_vec()
}
let media = MediaImpl::from_config().await;
media.create_thumbnail(image, tag)
}

View File

@@ -0,0 +1,6 @@
use anyhow::Result;
pub trait EncryptionRepository: Send + Sync + 'static {
fn decrypt_buffer(&self, buf: Vec<u8>, iv: &str) -> anyhow::Result<Vec<u8>>;
fn encrypt_buffer(&self, buf: &[u8]) -> Result<(Vec<u8>, String)>;
}

View File

@@ -0,0 +1,22 @@
use anyhow::Result;
#[async_trait::async_trait]
pub trait FileStorageRepository: Send + Sync + 'static {
async fn create_bucket(&self, bucket_id: &str) -> anyhow::Result<()>;
async fn fetch_and_decrypt_file(
&self,
bucket_id: &str,
path: &str,
iv: &str,
) -> Result<Vec<u8>>;
async fn encrypt_and_upload_file(
&self,
bucket_id: &str,
path: &str,
buf: &[u8],
) -> Result<String>;
async fn delete_file(&self, bucket_id: &str, path: &str) -> Result<()>;
}

View File

@@ -0,0 +1,30 @@
use anyhow::Result;
use image::DynamicImage;
use std::io::{BufRead, Read, Seek};
use tempfile::NamedTempFile;
use thiserror::Error;
pub trait MediaRepository: Send + Sync + 'static {
fn image_size(&self, f: &NamedTempFile) -> Option<(usize, usize)>;
fn image_size_vec(&self, v: &[u8], mime: &str) -> Option<(usize, usize)>;
fn decode_image<R: Read + BufRead + Seek>(
&self,
reader: &mut R,
mime: &str,
) -> Result<DynamicImage, MediaError>;
fn is_valid_image<R: Read + BufRead + Seek>(&self, reader: &mut R, mime: &str) -> bool;
fn create_thumbnail(&self, image: DynamicImage, tag: &str) -> Vec<u8>;
fn video_size(&self, f: &NamedTempFile) -> Option<(i64, i64)>;
}
#[derive(Debug, Error)]
pub enum MediaError {
#[error("image processing failed because {cause}")]
ImageProcessingFailed { cause: String },
#[error(transparent)]
Unknown(#[from] anyhow::Error),
}

View File

@@ -0,0 +1,7 @@
mod encryption_repository;
mod file_storage_repository;
mod media_repository;
pub use encryption_repository::EncryptionRepository;
pub use file_storage_repository::FileStorageRepository;
pub use media_repository::{MediaError, MediaRepository};

Binary file not shown.

After

Width:  |  Height:  |  Size: 968 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 375 KiB

Binary file not shown.

Binary file not shown.

After

Width:  |  Height:  |  Size: 382 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.4 KiB

Binary file not shown.

Binary file not shown.

After

Width:  |  Height:  |  Size: 64 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.0 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 4.4 KiB

View File

@@ -0,0 +1,31 @@
use std::io::Cursor;
use revolt_files::{EncryptionKey, FileStorageRepository, MediaImpl, MediaRepository, S3Storage};
#[tokio::test]
async fn test_image_roundtrip_png() {
let media = MediaImpl::from_config().await;
let encryption = EncryptionKey::from_config().await;
let s3 = S3Storage::from_config(encryption).await;
let buf = include_bytes!("./assets/test.png");
let bucket_id = uuid::Uuid::new_v4().to_string();
s3.create_bucket(&bucket_id).await.unwrap();
let mut reader = Cursor::new(buf);
media.decode_image(&mut reader, "image/png").unwrap();
let iv = s3
.encrypt_and_upload_file(&bucket_id, "/my-file", buf)
.await
.unwrap();
let buf = s3
.fetch_and_decrypt_file(&bucket_id, "/my-file", &iv)
.await
.unwrap();
let mut reader = Cursor::new(buf);
media.decode_image(&mut reader, "image/png").unwrap();
}

View File

@@ -0,0 +1,42 @@
use revolt_files::{EncryptionKey, FileStorageRepository, S3Storage};
#[tokio::test]
async fn test_upload_and_download() {
let encryption = EncryptionKey::from_config().await;
let s3 = S3Storage::from_config(encryption).await;
let buf = [67];
let bucket_id = uuid::Uuid::new_v4().to_string();
s3.create_bucket(&bucket_id).await.unwrap();
let iv = s3
.encrypt_and_upload_file(&bucket_id, "/my-file", &buf)
.await
.unwrap();
let buf = s3
.fetch_and_decrypt_file(&bucket_id, "/my-file", &iv)
.await
.unwrap();
assert_eq!(buf.len(), 1);
assert_eq!(buf[0], 67);
}
#[tokio::test]
async fn test_upload_and_delete() {
let encryption = EncryptionKey::from_config().await;
let s3 = S3Storage::from_config(encryption).await;
let buf = [67];
let bucket_id = uuid::Uuid::new_v4().to_string();
s3.create_bucket(&bucket_id).await.unwrap();
s3.encrypt_and_upload_file(&bucket_id, "/my-file", &buf)
.await
.unwrap();
s3.delete_file(&bucket_id, "/my-file").await.unwrap();
}

View File

@@ -1,31 +1,32 @@
[package]
name = "revolt-models"
version = "0.8.9"
version = "0.11.5"
edition = "2021"
license = "MIT"
authors = ["Paul Makles <me@insrt.uk>"]
description = "Revolt Backend: API Models"
repository = "https://github.com/stoatchat/stoatchat"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[features]
serde = ["dep:serde", "revolt-permissions/serde", "indexmap/serde"]
schemas = ["dep:schemars", "revolt-permissions/schemas"]
utoipa = ["dep:utoipa"]
validator = ["dep:validator"]
rocket = ["dep:rocket"]
partials = ["dep:revolt_optional_struct", "serde", "utoipa"]
partials = ["dep:revolt_optional_struct", "serde", "schemas", "utoipa"]
default = ["serde", "partials", "rocket"]
[dependencies]
# Core
revolt-config = { version = "0.8.9", path = "../config" }
revolt-permissions = { version = "0.8.9", path = "../permissions", features = [
"utoipa",
] }
revolt-config = { version = "0.11.5", path = "../config" }
revolt-permissions = { version = "0.11.5", path = "../permissions" }
# Utility
regex = "1.11"
indexmap = "2.12.0"
indexmap = "1.9.3"
once_cell = "1.17.1"
num_enum = "0.6.1"
@@ -35,10 +36,11 @@ rocket = { optional = true, version = "0.5.0-rc.2", default-features = false }
# Serialisation
revolt_optional_struct = { version = "0.2.0", optional = true }
serde = { version = "1", features = ["derive"], optional = true }
iso8601-timestamp = { version = "0.4.0", features = ["utoipa", "bson"] }
iso8601-timestamp = { version = "0.2.11", features = ["schema", "bson"] }
# Spec Generation
utoipa = { version = "5.4.0", features = ["indexmap"], optional = true }
schemars = { version = "0.8.8", optional = true, features = ["indexmap1"] }
utoipa = { version = "4.2.3", optional = true }
# Validation
validator = { version = "0.16.0", optional = true, features = ["derive"] }

View File

@@ -2,6 +2,10 @@
#[macro_use]
extern crate serde;
#[cfg(feature = "schemas")]
#[macro_use]
extern crate schemars;
#[cfg(feature = "utoipa")]
#[macro_use]
extern crate utoipa;
@@ -17,8 +21,9 @@ macro_rules! auto_derived {
( $( $item:item )+ ) => {
$(
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
#[cfg_attr(feature = "schemas", derive(JsonSchema))]
#[cfg_attr(feature = "utoipa", derive(ToSchema))]
#[derive(Debug, Clone, PartialEq)]
#[derive(Debug, Clone, Eq, PartialEq)]
$item
)+
};
@@ -27,8 +32,19 @@ macro_rules! auto_derived {
#[cfg(feature = "partials")]
macro_rules! auto_derived_partial {
( $item:item, $name:expr ) => {
#[derive(OptionalStruct, Debug, Clone, PartialEq, Serialize, Deserialize, ToSchema)]
#[optional_derive(Debug, Clone, PartialEq, Serialize, Deserialize, ToSchema, Default)]
#[derive(
OptionalStruct, Debug, Clone, Eq, PartialEq, Serialize, Deserialize, JsonSchema,
)]
#[optional_derive(
Debug,
Clone,
Eq,
PartialEq,
Serialize,
Deserialize,
JsonSchema,
Default
)]
#[optional_name = $name]
#[opt_skip_serializing_none]
#[opt_some_priority]
@@ -39,7 +55,7 @@ macro_rules! auto_derived_partial {
#[cfg(not(feature = "partials"))]
macro_rules! auto_derived_partial {
( $item:item, $name:expr ) => {
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, ToSchema)]
#[derive(Debug, Clone, Eq, PartialEq, Serialize, Deserialize, JsonSchema)]
$item
};
}

View File

@@ -86,10 +86,10 @@ auto_derived!(
/// Information for the webhook
#[cfg_attr(feature = "validator", derive(Validate))]
pub struct CreateWebhookBody {
#[cfg_attr(feature = "validator", validate(length(min = 1, max = 32)))]
#[validate(length(min = 1, max = 32))]
pub name: String,
#[cfg_attr(feature = "validator", validate(length(min = 1, max = 128)))]
#[validate(length(min = 1, max = 128))]
pub avatar: Option<String>,
}
);

View File

@@ -271,7 +271,6 @@ auto_derived!(
/// Options when deleting a channel
#[cfg_attr(feature = "rocket", derive(FromForm))]
#[cfg_attr(feature = "utoipa", derive(IntoParams))]
pub struct OptionsChannelDelete {
/// Whether to not send a leave message
pub leave_silently: Option<bool>,

View File

@@ -1,78 +0,0 @@
auto_derived!(
/// hCaptcha Configuration
pub struct CaptchaFeature {
/// Whether captcha is enabled
pub enabled: bool,
/// Client key used for solving captcha
pub key: String,
}
/// Generic Service Configuration
pub struct Feature {
/// Whether the service is enabled
pub enabled: bool,
/// URL pointing to the service
pub url: String,
}
/// # Information about a livekit node
pub struct VoiceNode {
pub name: String,
pub lat: f64,
pub lon: f64,
pub public_url: String,
}
/// # Voice Server Configuration
pub struct VoiceFeature {
/// Whether voice is enabled
pub enabled: bool,
/// All livekit nodes
pub nodes: Vec<VoiceNode>,
}
/// Feature Configuration
pub struct RevoltFeatures {
/// hCaptcha configuration
pub captcha: CaptchaFeature,
/// Whether email verification is enabled
pub email: bool,
/// Whether this server is invite only
pub invite_only: bool,
/// File server service configuration
pub autumn: Feature,
/// Proxy service configuration
pub january: Feature,
/// Voice server configuration
pub livekit: VoiceFeature,
}
/// Build Information
pub struct BuildInformation {
/// Commit Hash
pub commit_sha: String,
/// Commit Timestamp
pub commit_timestamp: String,
/// Git Semver
pub semver: String,
/// Git Origin URL
pub origin_url: String,
/// Build Timestamp
pub timestamp: String,
}
/// Server Configuration
pub struct RevoltConfig {
/// Revolt API Version
pub revolt: String,
/// Features enabled on this Revolt node
pub features: RevoltFeatures,
/// WebSocket URL
pub ws: String,
/// URL pointing to the client serving this node
pub app: String,
/// Web Push VAPID public key
pub vapid: String,
/// Build information
pub build: BuildInformation,
}
);

View File

@@ -46,7 +46,7 @@ auto_derived!(
#[cfg_attr(feature = "validator", derive(Validate))]
pub struct DataCreateEmoji {
/// Server name
#[cfg_attr(feature = "validator", validate(length(min = 1, max = 32), regex = "RE_EMOJI"))]
#[validate(length(min = 1, max = 32), regex = "RE_EMOJI")]
pub name: String,
/// Parent information
pub parent: EmojiParent,

Some files were not shown because too many files have changed in this diff Show More