mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2024-11-25 02:35:57 +03:00
301543616b
* [feature] Add domain permission drafts and excludes * fix typescript complaining * lint * make filenames more consistent * test own domain excluded
324 lines
9.8 KiB
Go
324 lines
9.8 KiB
Go
// GoToSocial
|
|
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package admin
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
"net/url"
|
|
|
|
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
|
|
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
|
|
"github.com/superseriousbusiness/gotosocial/internal/db"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtscontext"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
|
"github.com/superseriousbusiness/gotosocial/internal/id"
|
|
"github.com/superseriousbusiness/gotosocial/internal/log"
|
|
"github.com/superseriousbusiness/gotosocial/internal/paging"
|
|
"github.com/superseriousbusiness/gotosocial/internal/util"
|
|
)
|
|
|
|
// DomainPermissionDraftGet returns one
|
|
// domain permission draft with the given id.
|
|
func (p *Processor) DomainPermissionDraftGet(
|
|
ctx context.Context,
|
|
id string,
|
|
) (*apimodel.DomainPermission, gtserror.WithCode) {
|
|
permDraft, err := p.state.DB.GetDomainPermissionDraftByID(ctx, id)
|
|
if err != nil && !errors.Is(err, db.ErrNoEntries) {
|
|
err := gtserror.Newf("db error getting domain permission draft %s: %w", id, err)
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
if permDraft == nil {
|
|
err := fmt.Errorf("domain permission draft %s not found", id)
|
|
return nil, gtserror.NewErrorNotFound(err, err.Error())
|
|
}
|
|
|
|
return p.apiDomainPerm(ctx, permDraft, false)
|
|
}
|
|
|
|
// DomainPermissionDraftsGet returns a page of
|
|
// DomainPermissionDrafts with the given parameters.
|
|
func (p *Processor) DomainPermissionDraftsGet(
|
|
ctx context.Context,
|
|
subscriptionID string,
|
|
domain string,
|
|
permType gtsmodel.DomainPermissionType,
|
|
page *paging.Page,
|
|
) (*apimodel.PageableResponse, gtserror.WithCode) {
|
|
permDrafts, err := p.state.DB.GetDomainPermissionDrafts(
|
|
ctx,
|
|
permType,
|
|
subscriptionID,
|
|
domain,
|
|
page,
|
|
)
|
|
if err != nil && !errors.Is(err, db.ErrNoEntries) {
|
|
err := gtserror.Newf("db error: %w", err)
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
count := len(permDrafts)
|
|
if count == 0 {
|
|
return paging.EmptyResponse(), nil
|
|
}
|
|
|
|
// Get the lowest and highest
|
|
// ID values, used for paging.
|
|
lo := permDrafts[count-1].ID
|
|
hi := permDrafts[0].ID
|
|
|
|
// Convert each perm draft to API model.
|
|
items := make([]any, len(permDrafts))
|
|
for i, permDraft := range permDrafts {
|
|
apiPermDraft, err := p.apiDomainPerm(ctx, permDraft, false)
|
|
if err != nil {
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
items[i] = apiPermDraft
|
|
}
|
|
|
|
// Assemble next/prev page queries.
|
|
query := make(url.Values, 3)
|
|
if subscriptionID != "" {
|
|
query.Set(apiutil.DomainPermissionSubscriptionIDKey, subscriptionID)
|
|
}
|
|
if domain != "" {
|
|
query.Set(apiutil.DomainPermissionDomainKey, domain)
|
|
}
|
|
if permType != gtsmodel.DomainPermissionUnknown {
|
|
query.Set(apiutil.DomainPermissionPermTypeKey, permType.String())
|
|
}
|
|
|
|
return paging.PackageResponse(paging.ResponseParams{
|
|
Items: items,
|
|
Path: "/api/v1/admin/domain_permission_drafts",
|
|
Next: page.Next(lo, hi),
|
|
Prev: page.Prev(lo, hi),
|
|
Query: query,
|
|
}), nil
|
|
}
|
|
|
|
func (p *Processor) DomainPermissionDraftCreate(
|
|
ctx context.Context,
|
|
acct *gtsmodel.Account,
|
|
domain string,
|
|
permType gtsmodel.DomainPermissionType,
|
|
obfuscate bool,
|
|
publicComment string,
|
|
privateComment string,
|
|
) (*apimodel.DomainPermission, gtserror.WithCode) {
|
|
permDraft := >smodel.DomainPermissionDraft{
|
|
ID: id.NewULID(),
|
|
PermissionType: permType,
|
|
Domain: domain,
|
|
CreatedByAccountID: acct.ID,
|
|
CreatedByAccount: acct,
|
|
PrivateComment: privateComment,
|
|
PublicComment: publicComment,
|
|
Obfuscate: &obfuscate,
|
|
}
|
|
|
|
if err := p.state.DB.PutDomainPermissionDraft(ctx, permDraft); err != nil {
|
|
if errors.Is(err, db.ErrAlreadyExists) {
|
|
const text = "a domain permission draft already exists with this permission type, domain, and subscription ID"
|
|
err := fmt.Errorf("%w: %s", err, text)
|
|
return nil, gtserror.NewErrorConflict(err, text)
|
|
}
|
|
|
|
// Real error.
|
|
err := gtserror.Newf("db error putting domain permission draft: %w", err)
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
return p.apiDomainPerm(ctx, permDraft, false)
|
|
}
|
|
|
|
func (p *Processor) DomainPermissionDraftAccept(
|
|
ctx context.Context,
|
|
acct *gtsmodel.Account,
|
|
id string,
|
|
overwrite bool,
|
|
) (*apimodel.DomainPermission, string, gtserror.WithCode) {
|
|
permDraft, err := p.state.DB.GetDomainPermissionDraftByID(ctx, id)
|
|
if err != nil && !errors.Is(err, db.ErrNoEntries) {
|
|
err := gtserror.Newf("db error getting domain permission draft %s: %w", id, err)
|
|
return nil, "", gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
if permDraft == nil {
|
|
err := fmt.Errorf("domain permission draft %s not found", id)
|
|
return nil, "", gtserror.NewErrorNotFound(err, err.Error())
|
|
}
|
|
|
|
var (
|
|
// Existing permission
|
|
// entry, if it exists.
|
|
existing gtsmodel.DomainPermission
|
|
)
|
|
|
|
// Try to get existing entry.
|
|
switch permDraft.PermissionType {
|
|
case gtsmodel.DomainPermissionBlock:
|
|
existing, err = p.state.DB.GetDomainBlock(
|
|
gtscontext.SetBarebones(ctx),
|
|
permDraft.Domain,
|
|
)
|
|
case gtsmodel.DomainPermissionAllow:
|
|
existing, err = p.state.DB.GetDomainAllow(
|
|
gtscontext.SetBarebones(ctx),
|
|
permDraft.Domain,
|
|
)
|
|
}
|
|
|
|
if err != nil && !errors.Is(err, db.ErrNoEntries) {
|
|
err := gtserror.Newf("db error getting domain permission %s: %w", id, err)
|
|
return nil, "", gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
// Check if we got existing entry.
|
|
existed := !util.IsNil(existing)
|
|
if existed && !overwrite {
|
|
// Domain permission exists and we shouldn't
|
|
// overwrite it, leave everything alone.
|
|
const text = "a domain permission already exists with this permission type and domain"
|
|
return nil, "", gtserror.NewErrorConflict(errors.New(text), text)
|
|
}
|
|
|
|
// Function to clean up the accepted draft, only called if
|
|
// creating or updating permission from draft is successful.
|
|
deleteDraft := func() {
|
|
if err := p.state.DB.DeleteDomainPermissionDraft(ctx, permDraft.ID); err != nil {
|
|
log.Errorf(ctx, "db error deleting domain permission draft: %v", err)
|
|
}
|
|
}
|
|
|
|
if !existed {
|
|
// Easy case, we just need to create a new domain
|
|
// permission from the draft, and then delete it.
|
|
var (
|
|
new *apimodel.DomainPermission
|
|
actionID string
|
|
errWithCode gtserror.WithCode
|
|
)
|
|
|
|
if permDraft.PermissionType == gtsmodel.DomainPermissionBlock {
|
|
new, actionID, errWithCode = p.createDomainBlock(
|
|
ctx,
|
|
acct,
|
|
permDraft.Domain,
|
|
*permDraft.Obfuscate,
|
|
permDraft.PublicComment,
|
|
permDraft.PrivateComment,
|
|
permDraft.SubscriptionID,
|
|
)
|
|
}
|
|
|
|
if permDraft.PermissionType == gtsmodel.DomainPermissionAllow {
|
|
new, actionID, errWithCode = p.createDomainAllow(
|
|
ctx,
|
|
acct,
|
|
permDraft.Domain,
|
|
*permDraft.Obfuscate,
|
|
permDraft.PublicComment,
|
|
permDraft.PrivateComment,
|
|
permDraft.SubscriptionID,
|
|
)
|
|
}
|
|
|
|
// Clean up the draft
|
|
// before returning.
|
|
deleteDraft()
|
|
|
|
return new, actionID, errWithCode
|
|
}
|
|
|
|
// Domain permission exists but we should overwrite
|
|
// it by just updating the existing domain permission.
|
|
// Domain can't change, so no need to re-run side effects.
|
|
existing.SetCreatedByAccountID(permDraft.CreatedByAccountID)
|
|
existing.SetCreatedByAccount(permDraft.CreatedByAccount)
|
|
existing.SetPrivateComment(permDraft.PrivateComment)
|
|
existing.SetPublicComment(permDraft.PublicComment)
|
|
existing.SetObfuscate(permDraft.Obfuscate)
|
|
existing.SetSubscriptionID(permDraft.SubscriptionID)
|
|
|
|
switch dp := existing.(type) {
|
|
case *gtsmodel.DomainBlock:
|
|
err = p.state.DB.UpdateDomainBlock(ctx, dp)
|
|
|
|
case *gtsmodel.DomainAllow:
|
|
err = p.state.DB.UpdateDomainAllow(ctx, dp)
|
|
}
|
|
|
|
if err != nil {
|
|
err := gtserror.Newf("db error updating existing domain permission: %w", err)
|
|
return nil, "", gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
// Clean up the draft
|
|
// before returning.
|
|
deleteDraft()
|
|
|
|
apiPerm, errWithCode := p.apiDomainPerm(ctx, existing, false)
|
|
return apiPerm, "", errWithCode
|
|
}
|
|
|
|
func (p *Processor) DomainPermissionDraftRemove(
|
|
ctx context.Context,
|
|
acct *gtsmodel.Account,
|
|
id string,
|
|
excludeTarget bool,
|
|
) (*apimodel.DomainPermission, gtserror.WithCode) {
|
|
permDraft, err := p.state.DB.GetDomainPermissionDraftByID(ctx, id)
|
|
if err != nil && !errors.Is(err, db.ErrNoEntries) {
|
|
err := gtserror.Newf("db error getting domain permission draft %s: %w", id, err)
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
if permDraft == nil {
|
|
err := fmt.Errorf("domain permission draft %s not found", id)
|
|
return nil, gtserror.NewErrorNotFound(err, err.Error())
|
|
}
|
|
|
|
// Delete the permission draft.
|
|
if err := p.state.DB.DeleteDomainPermissionDraft(ctx, permDraft.ID); err != nil {
|
|
err := gtserror.Newf("db error deleting domain permission draft: %w", err)
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
if excludeTarget {
|
|
// Add a domain permission exclude
|
|
// targeting the permDraft's domain.
|
|
_, err = p.DomainPermissionExcludeCreate(
|
|
ctx,
|
|
acct,
|
|
permDraft.Domain,
|
|
permDraft.PrivateComment,
|
|
)
|
|
if err != nil && !errors.Is(err, db.ErrAlreadyExists) {
|
|
err := gtserror.Newf("db error creating domain permission exclude: %w", err)
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
}
|
|
|
|
return p.apiDomainPerm(ctx, permDraft, false)
|
|
}
|