|
|
|
@ -1,5 +1,15 @@
|
|
|
|
|
use crate::{
|
|
|
|
|
api::{claims::Claims, is_mod_or_admin, APIError, Oper, Perform},
|
|
|
|
|
api::{
|
|
|
|
|
check_community_ban,
|
|
|
|
|
check_slurs,
|
|
|
|
|
check_slurs_opt,
|
|
|
|
|
get_user_from_jwt,
|
|
|
|
|
get_user_from_jwt_opt,
|
|
|
|
|
is_mod_or_admin,
|
|
|
|
|
APIError,
|
|
|
|
|
Oper,
|
|
|
|
|
Perform,
|
|
|
|
|
},
|
|
|
|
|
apub::{ApubLikeableType, ApubObjectType},
|
|
|
|
|
blocking,
|
|
|
|
|
fetch_iframely_and_pictrs_data,
|
|
|
|
@ -19,20 +29,13 @@ use lemmy_db::{
|
|
|
|
|
post::*,
|
|
|
|
|
post_view::*,
|
|
|
|
|
site_view::*,
|
|
|
|
|
user::*,
|
|
|
|
|
Crud,
|
|
|
|
|
Likeable,
|
|
|
|
|
ListingType,
|
|
|
|
|
Saveable,
|
|
|
|
|
SortType,
|
|
|
|
|
};
|
|
|
|
|
use lemmy_utils::{
|
|
|
|
|
is_valid_post_title,
|
|
|
|
|
make_apub_endpoint,
|
|
|
|
|
slur_check,
|
|
|
|
|
slurs_vec_to_str,
|
|
|
|
|
EndpointType,
|
|
|
|
|
};
|
|
|
|
|
use lemmy_utils::{is_valid_post_title, make_apub_endpoint, EndpointType};
|
|
|
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
|
use std::str::FromStr;
|
|
|
|
|
use url::Url;
|
|
|
|
@ -146,41 +149,16 @@ impl Perform for Oper<CreatePost> {
|
|
|
|
|
websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<PostResponse, LemmyError> {
|
|
|
|
|
let data: &CreatePost = &self.data;
|
|
|
|
|
let user = get_user_from_jwt(&data.auth, pool).await?;
|
|
|
|
|
|
|
|
|
|
let claims = match Claims::decode(&data.auth) {
|
|
|
|
|
Ok(claims) => claims.claims,
|
|
|
|
|
Err(_e) => return Err(APIError::err("not_logged_in").into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if let Err(slurs) = slur_check(&data.name) {
|
|
|
|
|
return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if let Some(body) = &data.body {
|
|
|
|
|
if let Err(slurs) = slur_check(body) {
|
|
|
|
|
return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
check_slurs(&data.name)?;
|
|
|
|
|
check_slurs_opt(&data.body)?;
|
|
|
|
|
|
|
|
|
|
if !is_valid_post_title(&data.name) {
|
|
|
|
|
return Err(APIError::err("invalid_post_title").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let user_id = claims.id;
|
|
|
|
|
|
|
|
|
|
// Check for a community ban
|
|
|
|
|
let community_id = data.community_id;
|
|
|
|
|
let is_banned =
|
|
|
|
|
move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
|
|
|
|
|
if blocking(pool, is_banned).await? {
|
|
|
|
|
return Err(APIError::err("community_ban").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for a site ban
|
|
|
|
|
let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
|
|
|
|
|
if user.banned {
|
|
|
|
|
return Err(APIError::err("site_ban").into());
|
|
|
|
|
}
|
|
|
|
|
check_community_ban(user.id, data.community_id, pool).await?;
|
|
|
|
|
|
|
|
|
|
if let Some(url) = data.url.as_ref() {
|
|
|
|
|
match Url::parse(url) {
|
|
|
|
@ -198,7 +176,7 @@ impl Perform for Oper<CreatePost> {
|
|
|
|
|
url: data.url.to_owned(),
|
|
|
|
|
body: data.body.to_owned(),
|
|
|
|
|
community_id: data.community_id,
|
|
|
|
|
creator_id: user_id,
|
|
|
|
|
creator_id: user.id,
|
|
|
|
|
removed: None,
|
|
|
|
|
deleted: None,
|
|
|
|
|
nsfw: data.nsfw,
|
|
|
|
@ -244,7 +222,7 @@ impl Perform for Oper<CreatePost> {
|
|
|
|
|
// They like their own post by default
|
|
|
|
|
let like_form = PostLikeForm {
|
|
|
|
|
post_id: inserted_post.id,
|
|
|
|
|
user_id,
|
|
|
|
|
user_id: user.id,
|
|
|
|
|
score: 1,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
@ -258,7 +236,7 @@ impl Perform for Oper<CreatePost> {
|
|
|
|
|
// Refetch the view
|
|
|
|
|
let inserted_post_id = inserted_post.id;
|
|
|
|
|
let post_view = match blocking(pool, move |conn| {
|
|
|
|
|
PostView::read(conn, inserted_post_id, Some(user_id))
|
|
|
|
|
PostView::read(conn, inserted_post_id, Some(user.id))
|
|
|
|
|
})
|
|
|
|
|
.await?
|
|
|
|
|
{
|
|
|
|
@ -290,17 +268,8 @@ impl Perform for Oper<GetPost> {
|
|
|
|
|
websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<GetPostResponse, LemmyError> {
|
|
|
|
|
let data: &GetPost = &self.data;
|
|
|
|
|
|
|
|
|
|
let user_id: Option<i32> = match &data.auth {
|
|
|
|
|
Some(auth) => match Claims::decode(&auth) {
|
|
|
|
|
Ok(claims) => {
|
|
|
|
|
let user_id = claims.claims.id;
|
|
|
|
|
Some(user_id)
|
|
|
|
|
}
|
|
|
|
|
Err(_e) => None,
|
|
|
|
|
},
|
|
|
|
|
None => None,
|
|
|
|
|
};
|
|
|
|
|
let user = get_user_from_jwt_opt(&data.auth, pool).await?;
|
|
|
|
|
let user_id = user.map(|u| u.id);
|
|
|
|
|
|
|
|
|
|
let id = data.id;
|
|
|
|
|
let post_view = match blocking(pool, move |conn| PostView::read(conn, id, user_id)).await? {
|
|
|
|
@ -369,19 +338,7 @@ impl Perform for Oper<GetPosts> {
|
|
|
|
|
websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<GetPostsResponse, LemmyError> {
|
|
|
|
|
let data: &GetPosts = &self.data;
|
|
|
|
|
|
|
|
|
|
// For logged in users, you need to get back subscribed, and settings
|
|
|
|
|
let user: Option<User_> = match &data.auth {
|
|
|
|
|
Some(auth) => match Claims::decode(&auth) {
|
|
|
|
|
Ok(claims) => {
|
|
|
|
|
let user_id = claims.claims.id;
|
|
|
|
|
let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
|
|
|
|
|
Some(user)
|
|
|
|
|
}
|
|
|
|
|
Err(_e) => None,
|
|
|
|
|
},
|
|
|
|
|
None => None,
|
|
|
|
|
};
|
|
|
|
|
let user = get_user_from_jwt_opt(&data.auth, pool).await?;
|
|
|
|
|
|
|
|
|
|
let user_id = match &user {
|
|
|
|
|
Some(user) => Some(user.id),
|
|
|
|
@ -446,13 +403,7 @@ impl Perform for Oper<CreatePostLike> {
|
|
|
|
|
websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<PostResponse, LemmyError> {
|
|
|
|
|
let data: &CreatePostLike = &self.data;
|
|
|
|
|
|
|
|
|
|
let claims = match Claims::decode(&data.auth) {
|
|
|
|
|
Ok(claims) => claims.claims,
|
|
|
|
|
Err(_e) => return Err(APIError::err("not_logged_in").into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let user_id = claims.id;
|
|
|
|
|
let user = get_user_from_jwt(&data.auth, pool).await?;
|
|
|
|
|
|
|
|
|
|
// Don't do a downvote if site has downvotes disabled
|
|
|
|
|
if data.score == -1 {
|
|
|
|
@ -466,22 +417,11 @@ impl Perform for Oper<CreatePostLike> {
|
|
|
|
|
let post_id = data.post_id;
|
|
|
|
|
let post = blocking(pool, move |conn| Post::read(conn, post_id)).await??;
|
|
|
|
|
|
|
|
|
|
let community_id = post.community_id;
|
|
|
|
|
let is_banned =
|
|
|
|
|
move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
|
|
|
|
|
if blocking(pool, is_banned).await? {
|
|
|
|
|
return Err(APIError::err("community_ban").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for a site ban
|
|
|
|
|
let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
|
|
|
|
|
if user.banned {
|
|
|
|
|
return Err(APIError::err("site_ban").into());
|
|
|
|
|
}
|
|
|
|
|
check_community_ban(user.id, post.community_id, pool).await?;
|
|
|
|
|
|
|
|
|
|
let like_form = PostLikeForm {
|
|
|
|
|
post_id: data.post_id,
|
|
|
|
|
user_id,
|
|
|
|
|
user_id: user.id,
|
|
|
|
|
score: data.score,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
@ -508,6 +448,7 @@ impl Perform for Oper<CreatePostLike> {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let post_id = data.post_id;
|
|
|
|
|
let user_id = user.id;
|
|
|
|
|
let post_view = match blocking(pool, move |conn| {
|
|
|
|
|
PostView::read(conn, post_id, Some(user_id))
|
|
|
|
|
})
|
|
|
|
@ -541,47 +482,22 @@ impl Perform for Oper<EditPost> {
|
|
|
|
|
websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<PostResponse, LemmyError> {
|
|
|
|
|
let data: &EditPost = &self.data;
|
|
|
|
|
let user = get_user_from_jwt(&data.auth, pool).await?;
|
|
|
|
|
|
|
|
|
|
if let Err(slurs) = slur_check(&data.name) {
|
|
|
|
|
return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if let Some(body) = &data.body {
|
|
|
|
|
if let Err(slurs) = slur_check(body) {
|
|
|
|
|
return Err(APIError::err(&slurs_vec_to_str(slurs)).into());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
check_slurs(&data.name)?;
|
|
|
|
|
check_slurs_opt(&data.body)?;
|
|
|
|
|
|
|
|
|
|
if !is_valid_post_title(&data.name) {
|
|
|
|
|
return Err(APIError::err("invalid_post_title").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let claims = match Claims::decode(&data.auth) {
|
|
|
|
|
Ok(claims) => claims.claims,
|
|
|
|
|
Err(_e) => return Err(APIError::err("not_logged_in").into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let user_id = claims.id;
|
|
|
|
|
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
|
|
|
|
|
|
|
|
|
|
// Check for a community ban
|
|
|
|
|
let community_id = orig_post.community_id;
|
|
|
|
|
let is_banned =
|
|
|
|
|
move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
|
|
|
|
|
if blocking(pool, is_banned).await? {
|
|
|
|
|
return Err(APIError::err("community_ban").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for a site ban
|
|
|
|
|
let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
|
|
|
|
|
if user.banned {
|
|
|
|
|
return Err(APIError::err("site_ban").into());
|
|
|
|
|
}
|
|
|
|
|
check_community_ban(user.id, orig_post.community_id, pool).await?;
|
|
|
|
|
|
|
|
|
|
// Verify that only the creator can edit
|
|
|
|
|
if !Post::is_post_creator(user_id, orig_post.creator_id) {
|
|
|
|
|
if !Post::is_post_creator(user.id, orig_post.creator_id) {
|
|
|
|
|
return Err(APIError::err("no_post_edit_allowed").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -630,7 +546,7 @@ impl Perform for Oper<EditPost> {
|
|
|
|
|
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let post_view = blocking(pool, move |conn| {
|
|
|
|
|
PostView::read(conn, edit_id, Some(user_id))
|
|
|
|
|
PostView::read(conn, edit_id, Some(user.id))
|
|
|
|
|
})
|
|
|
|
|
.await??;
|
|
|
|
|
|
|
|
|
@ -658,33 +574,15 @@ impl Perform for Oper<DeletePost> {
|
|
|
|
|
websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<PostResponse, LemmyError> {
|
|
|
|
|
let data: &DeletePost = &self.data;
|
|
|
|
|
|
|
|
|
|
let claims = match Claims::decode(&data.auth) {
|
|
|
|
|
Ok(claims) => claims.claims,
|
|
|
|
|
Err(_e) => return Err(APIError::err("not_logged_in").into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let user_id = claims.id;
|
|
|
|
|
let user = get_user_from_jwt(&data.auth, pool).await?;
|
|
|
|
|
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
|
|
|
|
|
|
|
|
|
|
// Check for a site ban
|
|
|
|
|
let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
|
|
|
|
|
if user.banned {
|
|
|
|
|
return Err(APIError::err("site_ban").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for a community ban
|
|
|
|
|
let community_id = orig_post.community_id;
|
|
|
|
|
let is_banned =
|
|
|
|
|
move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
|
|
|
|
|
if blocking(pool, is_banned).await? {
|
|
|
|
|
return Err(APIError::err("community_ban").into());
|
|
|
|
|
}
|
|
|
|
|
check_community_ban(user.id, orig_post.community_id, pool).await?;
|
|
|
|
|
|
|
|
|
|
// Verify that only the creator can delete
|
|
|
|
|
if !Post::is_post_creator(user_id, orig_post.creator_id) {
|
|
|
|
|
if !Post::is_post_creator(user.id, orig_post.creator_id) {
|
|
|
|
|
return Err(APIError::err("no_post_edit_allowed").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -708,7 +606,7 @@ impl Perform for Oper<DeletePost> {
|
|
|
|
|
// Refetch the post
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let post_view = blocking(pool, move |conn| {
|
|
|
|
|
PostView::read(conn, edit_id, Some(user_id))
|
|
|
|
|
PostView::read(conn, edit_id, Some(user.id))
|
|
|
|
|
})
|
|
|
|
|
.await??;
|
|
|
|
|
|
|
|
|
@ -736,33 +634,15 @@ impl Perform for Oper<RemovePost> {
|
|
|
|
|
websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<PostResponse, LemmyError> {
|
|
|
|
|
let data: &RemovePost = &self.data;
|
|
|
|
|
|
|
|
|
|
let claims = match Claims::decode(&data.auth) {
|
|
|
|
|
Ok(claims) => claims.claims,
|
|
|
|
|
Err(_e) => return Err(APIError::err("not_logged_in").into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let user_id = claims.id;
|
|
|
|
|
let user = get_user_from_jwt(&data.auth, pool).await?;
|
|
|
|
|
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
|
|
|
|
|
|
|
|
|
|
// Check for a site ban
|
|
|
|
|
let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
|
|
|
|
|
if user.banned {
|
|
|
|
|
return Err(APIError::err("site_ban").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for a community ban
|
|
|
|
|
let community_id = orig_post.community_id;
|
|
|
|
|
let is_banned =
|
|
|
|
|
move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
|
|
|
|
|
if blocking(pool, is_banned).await? {
|
|
|
|
|
return Err(APIError::err("community_ban").into());
|
|
|
|
|
}
|
|
|
|
|
check_community_ban(user.id, orig_post.community_id, pool).await?;
|
|
|
|
|
|
|
|
|
|
// Verify that only the mods can remove
|
|
|
|
|
is_mod_or_admin(pool, user_id, community_id).await?;
|
|
|
|
|
is_mod_or_admin(pool, user.id, orig_post.community_id).await?;
|
|
|
|
|
|
|
|
|
|
// Update the post
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
@ -774,7 +654,7 @@ impl Perform for Oper<RemovePost> {
|
|
|
|
|
|
|
|
|
|
// Mod tables
|
|
|
|
|
let form = ModRemovePostForm {
|
|
|
|
|
mod_user_id: user_id,
|
|
|
|
|
mod_user_id: user.id,
|
|
|
|
|
post_id: data.edit_id,
|
|
|
|
|
removed: Some(removed),
|
|
|
|
|
reason: data.reason.to_owned(),
|
|
|
|
@ -792,6 +672,7 @@ impl Perform for Oper<RemovePost> {
|
|
|
|
|
|
|
|
|
|
// Refetch the post
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let user_id = user.id;
|
|
|
|
|
let post_view = blocking(pool, move |conn| {
|
|
|
|
|
PostView::read(conn, edit_id, Some(user_id))
|
|
|
|
|
})
|
|
|
|
@ -821,33 +702,15 @@ impl Perform for Oper<LockPost> {
|
|
|
|
|
websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<PostResponse, LemmyError> {
|
|
|
|
|
let data: &LockPost = &self.data;
|
|
|
|
|
|
|
|
|
|
let claims = match Claims::decode(&data.auth) {
|
|
|
|
|
Ok(claims) => claims.claims,
|
|
|
|
|
Err(_e) => return Err(APIError::err("not_logged_in").into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let user_id = claims.id;
|
|
|
|
|
let user = get_user_from_jwt(&data.auth, pool).await?;
|
|
|
|
|
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
|
|
|
|
|
|
|
|
|
|
// Check for a site ban
|
|
|
|
|
let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
|
|
|
|
|
if user.banned {
|
|
|
|
|
return Err(APIError::err("site_ban").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for a community ban
|
|
|
|
|
let community_id = orig_post.community_id;
|
|
|
|
|
let is_banned =
|
|
|
|
|
move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
|
|
|
|
|
if blocking(pool, is_banned).await? {
|
|
|
|
|
return Err(APIError::err("community_ban").into());
|
|
|
|
|
}
|
|
|
|
|
check_community_ban(user.id, orig_post.community_id, pool).await?;
|
|
|
|
|
|
|
|
|
|
// Verify that only the mods can lock
|
|
|
|
|
is_mod_or_admin(pool, user_id, community_id).await?;
|
|
|
|
|
is_mod_or_admin(pool, user.id, orig_post.community_id).await?;
|
|
|
|
|
|
|
|
|
|
// Update the post
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
@ -857,7 +720,7 @@ impl Perform for Oper<LockPost> {
|
|
|
|
|
|
|
|
|
|
// Mod tables
|
|
|
|
|
let form = ModLockPostForm {
|
|
|
|
|
mod_user_id: user_id,
|
|
|
|
|
mod_user_id: user.id,
|
|
|
|
|
post_id: data.edit_id,
|
|
|
|
|
locked: Some(locked),
|
|
|
|
|
};
|
|
|
|
@ -869,7 +732,7 @@ impl Perform for Oper<LockPost> {
|
|
|
|
|
// Refetch the post
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let post_view = blocking(pool, move |conn| {
|
|
|
|
|
PostView::read(conn, edit_id, Some(user_id))
|
|
|
|
|
PostView::read(conn, edit_id, Some(user.id))
|
|
|
|
|
})
|
|
|
|
|
.await??;
|
|
|
|
|
|
|
|
|
@ -897,33 +760,15 @@ impl Perform for Oper<StickyPost> {
|
|
|
|
|
websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<PostResponse, LemmyError> {
|
|
|
|
|
let data: &StickyPost = &self.data;
|
|
|
|
|
|
|
|
|
|
let claims = match Claims::decode(&data.auth) {
|
|
|
|
|
Ok(claims) => claims.claims,
|
|
|
|
|
Err(_e) => return Err(APIError::err("not_logged_in").into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let user_id = claims.id;
|
|
|
|
|
let user = get_user_from_jwt(&data.auth, pool).await?;
|
|
|
|
|
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let orig_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
|
|
|
|
|
|
|
|
|
|
// Check for a site ban
|
|
|
|
|
let user = blocking(pool, move |conn| User_::read(conn, user_id)).await??;
|
|
|
|
|
if user.banned {
|
|
|
|
|
return Err(APIError::err("site_ban").into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for a community ban
|
|
|
|
|
let community_id = orig_post.community_id;
|
|
|
|
|
let is_banned =
|
|
|
|
|
move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
|
|
|
|
|
if blocking(pool, is_banned).await? {
|
|
|
|
|
return Err(APIError::err("community_ban").into());
|
|
|
|
|
}
|
|
|
|
|
check_community_ban(user.id, orig_post.community_id, pool).await?;
|
|
|
|
|
|
|
|
|
|
// Verify that only the mods can sticky
|
|
|
|
|
is_mod_or_admin(pool, user_id, community_id).await?;
|
|
|
|
|
is_mod_or_admin(pool, user.id, orig_post.community_id).await?;
|
|
|
|
|
|
|
|
|
|
// Update the post
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
@ -935,7 +780,7 @@ impl Perform for Oper<StickyPost> {
|
|
|
|
|
|
|
|
|
|
// Mod tables
|
|
|
|
|
let form = ModStickyPostForm {
|
|
|
|
|
mod_user_id: user_id,
|
|
|
|
|
mod_user_id: user.id,
|
|
|
|
|
post_id: data.edit_id,
|
|
|
|
|
stickied: Some(stickied),
|
|
|
|
|
};
|
|
|
|
@ -948,7 +793,7 @@ impl Perform for Oper<StickyPost> {
|
|
|
|
|
// Refetch the post
|
|
|
|
|
let edit_id = data.edit_id;
|
|
|
|
|
let post_view = blocking(pool, move |conn| {
|
|
|
|
|
PostView::read(conn, edit_id, Some(user_id))
|
|
|
|
|
PostView::read(conn, edit_id, Some(user.id))
|
|
|
|
|
})
|
|
|
|
|
.await??;
|
|
|
|
|
|
|
|
|
@ -976,17 +821,11 @@ impl Perform for Oper<SavePost> {
|
|
|
|
|
_websocket_info: Option<WebsocketInfo>,
|
|
|
|
|
) -> Result<PostResponse, LemmyError> {
|
|
|
|
|
let data: &SavePost = &self.data;
|
|
|
|
|
|
|
|
|
|
let claims = match Claims::decode(&data.auth) {
|
|
|
|
|
Ok(claims) => claims.claims,
|
|
|
|
|
Err(_e) => return Err(APIError::err("not_logged_in").into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let user_id = claims.id;
|
|
|
|
|
let user = get_user_from_jwt(&data.auth, pool).await?;
|
|
|
|
|
|
|
|
|
|
let post_saved_form = PostSavedForm {
|
|
|
|
|
post_id: data.post_id,
|
|
|
|
|
user_id,
|
|
|
|
|
user_id: user.id,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if data.save {
|
|
|
|
@ -1002,6 +841,7 @@ impl Perform for Oper<SavePost> {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let post_id = data.post_id;
|
|
|
|
|
let user_id = user.id;
|
|
|
|
|
let post_view = blocking(pool, move |conn| {
|
|
|
|
|
PostView::read(conn, post_id, Some(user_id))
|
|
|
|
|
})
|
|
|
|
|