mirror of
https://github.com/stoatchat/stoatchat.git
synced 2026-07-14 13:36:59 +00:00
* initial livekit support fix up code undo changes to compose file add back .env.example * move voice states to global * track current state * more stuff * fix redis key inconsistancy * split voice ops into its own library * feat(livekit): more permission handling * feat(livekit): push unfinished code * fix: include voice states in servercreate event feat: call started system message in dms * feat: implement missing permission syncs * fix: remove locked rocket version * fix: remove local testing values from config * chore: switch to ids for parameter * feat: make Channel::server return a reference * feat: support multiple voice nodes * fix: expose list of nodes * fix: respond with the url when joining a voice channel * feat: being moved between voice channels * fix: use existing node if someone is already in the voice channel * refactor: Remove VoiceChannel * chore: add pushd to debug image script * refactor: add error messages for Rabbit issues * docs: add some notes on overrides; fix defaults * fix: ensure limit is always at least 1 when sent to database * fix: change permission check for fetching channel webhooks * chore: mount API at /0.8/ as well * fix: ensure ratelimiter adjusts for version prefix * chore: bump version to 0.8.2 * chore: disable LTO because it likely overloads GitHub worker * fix: don't allow users to time themselves out closes #376 * fix: match new error type for status code * feat: init crond crate * feat: file deletion implementation * chore: fix version references * feat: add crond container definitions * chore: clarify cargo deny / tomls * feat: add company information to email footers * chore: bump version to 0.8.3 * fix: don't bump the lockfile version * fix: include `production` default value for config * chore: ignore python venv and dev script for user generation Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * test: Add tests for invite/fetch Signed-off-by: phazeschift <51278042+phazeschift@users.noreply.github.com> * test: add utilities for common setup Signed-off-by: phazeschift <51278042+phazeschift@users.noreply.github.com> * test: add delete server channel test Signed-off-by: phazeschift <51278042+phazeschift@users.noreply.github.com> * feat: allow to set an icon when creating a group Signed-off-by: Nils Ponsard <nilsponsard@gmail.com> * fix: allow message pinning and unpinning for DM-like channels Signed-off-by: Bradlee Barnes <69256931+StupidRepo@users.noreply.github.com> * fix: remove SavedMessages and Group due to given permissions Signed-off-by: Bradlee Barnes <69256931+StupidRepo@users.noreply.github.com> * feat: allow bots to manage emojis (#407) * Remove bot check on emoji create Signed-off-by: Builderb <builderbgamer@gmail.com> * Remove bot check on emoji delete Signed-off-by: Builderb <builderbgamer@gmail.com> --------- Signed-off-by: Builderb <builderbgamer@gmail.com> * feat: add option to send message with missing replies Signed-off-by: ShaksterNano <54268387+shaksternano@users.noreply.github.com> * chore: bump version to 0.8.4 chore: enable webhooks in test builds * ci: downgrade lockfile * feat: Add Mass Mentions to the backend (#394) * feat: create base of push daemon Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * Add outbound senders * Make web_push send to rabbit instead (temp stuff) * feat: stability and friend requests * make vapid fr stuff not suck * swap naming of queue * move pushd into daemons folder * fix cargo file for move into daemons folder * feat: probably working fcm push notifs * comment out fcm webpush stuff since the config keys dont exist * fix fcm, name queues according to their prod status and configure routing keys * add pushd to docker * mix: Remove old code, add stuff to pushd * fix: lockfile * feat: update rocket to 5.0.1 * fix: fix queues and ack bugs * Move rabbit messsage processing into ack queue * chore: update readme * chore: optimizations for ack database hits * pushd flowchart * misc: update flowchart * exit dependancy hell * add rocket_impl flag to authifier * make the tests file of delta actually compile * fix: don't silence every push message * fix: don't silence all messages * add debug logging for sending data to rabbit from message events * validate mentions at a server membership level * put back that import that was actually important * minor fix to lockfile * update delta authifier * feat: proper permissions for push notifications * add unit test for mention sanitization * remove local file dependancy on authifier * update ports to proper defaults * fixTM the node bindings * Theoretically configure docker releases for pushd Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * declare exchange in pushd and delta * fix createbuckets script Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * fix: reference db implementation Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * fix: remove finally redundant code Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * fix: changes Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * fix: other changes Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * fix: make channel name return result Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * Add role mention parsing * feat: update to mongo 3.1, add member generator. * integrate mass mentions into pushd * patch redis-rs with updated versions * feat: chunk role mentions * move permission bits to 37/38 to avoid livekit conflict * change role mention format to <%id> * fix the lockfile from merge * fix: PR change requests * feat: add tests * fix: i am a dumbass * fix: tests, again --------- Signed-off-by: IAmTomahawkx <iamtomahawkx@gmail.com> * fix: show full branch name on github webhook messages * fix: dont leak invisible presence to others * fix: add back missing early adopter badge * fix: update branch from main * fix: update branch from main * Merge remote-tracking branch 'origin/main' into livekit * feat: private livekit nodes * fix: remove node from channel voice state * fix: get_voice_state has incorrect unique_key and allowed_sources should be lowercase * chore: bump livekit dep * feat: ability to force disconnect existing voice connection * chore: cleanup code * feat: - track call length - move voice and video limits to config - seperate VoiceInformation into model and db model - fix build scripts * fix: move call system message to daemon, check max participants when creating a token to avoid giving tokens but erroring when attempting to join, check if the channel actually supports voice * fix: dont set max participants in livekit * fix: remove VoiceChannel channel type fix: calculate user overwrites correctly fix: dont include personal info in livekit user metadata fix: revoke video permissons on denied publish fix: add video to default permissions * fix: update migration * feat: Send push notifications for dm call start/end * chore: cleanup * feat: allow users to specify who is notified when starting a call * feat: track join time * merge: branch 'main' into feat/livekit * fix: include voice-ingress in build * fix: dont presume channel has a node * chore: add error logging to internal errors * chore: add debug logging to voice ingress * refactor: seperate out disconnect logic * fix: return correct error if user is already in a voice channel * fix: dont break on user not still being in channel and force disconnecting * fix: add Speak and Listen to default permissions * fix: include channel ids in UserMoveVoiceChannel * chore: add temp sentry logging system * fix: handle track_muted and track_unmuted * fix: dont set notification recipients when empty vec is passed * fix: only send UserMoveVoiceChannel to the user * fix: preserve order of replies in message (#447) Signed-off-by: Aeledfyr <aeledfyr@gmail.com> * fix: prevent timing out members which have TimeoutMembers permission * chore: update ci * fix: temporarily disable call started system messages See #457 * fix: update code from review
148 lines
5.0 KiB
Rust
148 lines
5.0 KiB
Rust
use crate::{
|
|
ChannelPermission, ChannelType, PermissionQuery, PermissionValue, RelationshipStatus,
|
|
UserPermission, ALLOW_IN_TIMEOUT, DEFAULT_PERMISSION_DIRECT_MESSAGE,
|
|
DEFAULT_PERMISSION_SAVED_MESSAGES, DEFAULT_PERMISSION_VIEW_ONLY,
|
|
};
|
|
|
|
/// Calculate permissions against a user
|
|
pub async fn calculate_user_permissions<P: PermissionQuery>(query: &mut P) -> PermissionValue {
|
|
if query.are_we_privileged().await {
|
|
return u64::MAX.into();
|
|
}
|
|
|
|
if query.are_the_users_same().await {
|
|
return u64::MAX.into();
|
|
}
|
|
|
|
let mut permissions = 0_u64;
|
|
match query.user_relationship().await {
|
|
RelationshipStatus::Friend => return u64::MAX.into(),
|
|
RelationshipStatus::Blocked | RelationshipStatus::BlockedOther => {
|
|
return (UserPermission::Access as u64).into()
|
|
}
|
|
RelationshipStatus::Incoming | RelationshipStatus::Outgoing => {
|
|
permissions = UserPermission::Access as u64;
|
|
}
|
|
_ => {}
|
|
}
|
|
|
|
if query.have_mutual_connection().await {
|
|
permissions = UserPermission::Access as u64 + UserPermission::ViewProfile as u64;
|
|
|
|
if query.user_is_bot().await || query.are_we_a_bot().await {
|
|
permissions += UserPermission::SendMessage as u64;
|
|
}
|
|
|
|
permissions.into()
|
|
} else {
|
|
permissions.into()
|
|
}
|
|
|
|
// TODO: add boolean switch for permission for users to globally message a user
|
|
// maybe an enum?
|
|
// PrivacyLevel { Private, Friends, Mutual, Public, Global }
|
|
|
|
// TODO: add boolean switch for permission for users to mutually DM a user
|
|
}
|
|
|
|
/// Calculate permissions against a server
|
|
pub async fn calculate_server_permissions<P: PermissionQuery>(query: &mut P) -> PermissionValue {
|
|
if query.are_we_privileged().await || query.are_we_server_owner().await {
|
|
return ChannelPermission::GrantAllSafe.into();
|
|
}
|
|
|
|
if !query.are_we_a_member().await {
|
|
return 0_u64.into();
|
|
}
|
|
|
|
let mut permissions: PermissionValue = query.get_default_server_permissions().await.into();
|
|
|
|
for role_override in query.get_our_server_role_overrides().await {
|
|
permissions.apply(role_override);
|
|
}
|
|
|
|
if !query.do_we_have_publish_overwrites().await {
|
|
permissions.revoke(ChannelPermission::Speak as u64);
|
|
permissions.revoke(ChannelPermission::Video as u64);
|
|
}
|
|
|
|
if !query.do_we_have_receive_overwrites().await {
|
|
permissions.revoke(ChannelPermission::Listen as u64);
|
|
}
|
|
|
|
if query.are_we_timed_out().await {
|
|
permissions.restrict(*ALLOW_IN_TIMEOUT);
|
|
}
|
|
|
|
permissions
|
|
}
|
|
|
|
/// Calculate permissions against a channel
|
|
pub async fn calculate_channel_permissions<P: PermissionQuery>(query: &mut P) -> PermissionValue {
|
|
if query.are_we_privileged().await {
|
|
return ChannelPermission::GrantAllSafe.into();
|
|
}
|
|
|
|
match query.get_channel_type().await {
|
|
ChannelType::SavedMessages => {
|
|
if query.do_we_own_the_channel().await {
|
|
DEFAULT_PERMISSION_SAVED_MESSAGES.into()
|
|
} else {
|
|
0_u64.into()
|
|
}
|
|
}
|
|
ChannelType::DirectMessage => {
|
|
if query.are_we_part_of_the_channel().await {
|
|
query.set_recipient_as_user().await;
|
|
|
|
let permissions = calculate_user_permissions(query).await;
|
|
if permissions.has_user_permission(UserPermission::SendMessage) {
|
|
(*DEFAULT_PERMISSION_DIRECT_MESSAGE).into()
|
|
} else {
|
|
(*DEFAULT_PERMISSION_VIEW_ONLY).into()
|
|
}
|
|
} else {
|
|
0_u64.into()
|
|
}
|
|
}
|
|
ChannelType::Group => {
|
|
if query.do_we_own_the_channel().await {
|
|
ChannelPermission::GrantAllSafe.into()
|
|
} else if query.are_we_part_of_the_channel().await {
|
|
(*DEFAULT_PERMISSION_VIEW_ONLY
|
|
| query.get_default_channel_permissions().await.allow)
|
|
.into()
|
|
} else {
|
|
0_u64.into()
|
|
}
|
|
}
|
|
ChannelType::ServerChannel => {
|
|
query.set_server_from_channel().await;
|
|
|
|
if query.are_we_server_owner().await {
|
|
ChannelPermission::GrantAllSafe.into()
|
|
} else if query.are_we_a_member().await {
|
|
let mut permissions = calculate_server_permissions(query).await;
|
|
permissions.apply(query.get_default_channel_permissions().await);
|
|
|
|
for role_override in query.get_our_channel_role_overrides().await {
|
|
permissions.apply(role_override);
|
|
}
|
|
|
|
if query.are_we_timed_out().await {
|
|
permissions.restrict(*ALLOW_IN_TIMEOUT);
|
|
}
|
|
|
|
if !permissions.has_channel_permission(ChannelPermission::ViewChannel) {
|
|
permissions.revoke_all();
|
|
}
|
|
|
|
permissions
|
|
} else {
|
|
0_u64.into()
|
|
}
|
|
}
|
|
ChannelType::Unknown => 0_u64.into(),
|
|
}
|
|
}
|