gorb/backend
5
0
Fork 1
Code Issues 14 Pull requests Projects Releases Packages 1 Wiki Activity Actions

Merge branch 'wip/ban'
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
Details
ci/woodpecker/push/publish-docs Pipeline was successful
Details

Browse source
This commit is contained in:
Radical 2025-07-25 00:31:34 +02:00
commit d64dc92b99
12 changed files with 231 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
migrations/2025-07-22-195121_add_ban/down.sql Normal file
View file

@ -0,0 +1,2 @@
-- This file should undo anything in `up.sql`
DROP TABLE guild_bans;

8
migrations/2025-07-22-195121_add_ban/up.sql Normal file
View file

@ -0,0 +1,8 @@
-- Your SQL goes here
CREATE TABLE guild_bans (
guild_uuid uuid NOT NULL REFERENCES guilds(uuid) ON DELETE CASCADE,
user_uuid uuid NOT NULL REFERENCES users(uuid),
reason VARCHAR(200) DEFAULT NULL,
banned_since TIMESTAMPTZ NOT NULL DEFAULT NOW(),
PRIMARY KEY (user_uuid, guild_uuid)
);

57
src/api/v1/guilds/uuid/bans.rs Normal file
View file

@ -0,0 +1,57 @@
use std::sync::Arc;
use axum::{
Extension, Json,
extract::{Path, State},
http::StatusCode,
response::IntoResponse,
};
use uuid::Uuid;
use crate::{
AppState,
api::v1::auth::CurrentUser,
error::Error,
objects::{GuildBan, Member, Permissions},
utils::global_checks,
};
pub async fn get(
State(app_state): State<Arc<AppState>>,
Path(guild_uuid): Path<Uuid>,
Extension(CurrentUser(uuid)): Extension<CurrentUser<Uuid>>,
) -> Result<impl IntoResponse, Error> {
global_checks(&app_state, uuid).await?;
let mut conn = app_state.pool.get().await?;
let caller = Member::check_membership(&mut conn, uuid, guild_uuid).await?;
caller
.check_permission(&app_state, Permissions::BanMember)
.await?;
let all_guild_bans = GuildBan::fetch_all(&mut conn, guild_uuid).await?;
Ok((StatusCode::OK, Json(all_guild_bans)))
}
pub async fn unban(
State(app_state): State<Arc<AppState>>,
Path((guild_uuid, user_uuid)): Path<(Uuid, Uuid)>,
Extension(CurrentUser(uuid)): Extension<CurrentUser<Uuid>>,
) -> Result<impl IntoResponse, Error> {
global_checks(&app_state, uuid).await?;
let mut conn = app_state.pool.get().await?;
let caller = Member::check_membership(&mut conn, uuid, guild_uuid).await?;
caller
.check_permission(&app_state, Permissions::BanMember)
.await?;
let ban = GuildBan::fetch_one(&mut conn, guild_uuid, user_uuid).await?;
ban.unban(&mut conn).await?;
Ok(StatusCode::OK)
}

6
src/api/v1/guilds/uuid/mod.rs
View file

@ -7,11 +7,12 @@ use axum::{
extract::{Multipart, Path, State},
http::StatusCode,
response::IntoResponse,
routing::{get, patch, post},
routing::{delete, get, patch, post},
};
use bytes::Bytes;
use uuid::Uuid;
mod bans;
mod channels;
mod invites;
mod members;
@ -42,6 +43,9 @@ pub fn router() -> Router<Arc<AppState>> {
.route("/invites", post(invites::create))
// Members
.route("/members", get(members::get))
// Bans
.route("/bans", get(bans::get))
.route("/bans/{uuid}", delete(bans::unban))
}
/// `GET /api/v1/guilds/{uuid}` DESCRIPTION

3
src/api/v1/members/mod.rs
View file

@ -2,7 +2,7 @@ use std::sync::Arc;
use axum::{
Router,
routing::{delete, get},
routing::{delete, get, post},
};
use crate::AppState;
@ -13,4 +13,5 @@ pub fn router() -> Router<Arc<AppState>> {
Router::new()
.route("/{uuid}", get(uuid::get))
.route("/{uuid}", delete(uuid::delete))
.route("/{uuid}/ban", post(uuid::ban::post))
}

47
src/api/v1/members/uuid/ban.rs Normal file
View file

@ -0,0 +1,47 @@
use std::sync::Arc;
use axum::{
Extension,
extract::{Json, Path, State},
http::StatusCode,
response::IntoResponse,
};
use serde::Deserialize;
use crate::{
AppState,
api::v1::auth::CurrentUser,
error::Error,
objects::{Member, Permissions},
utils::global_checks,
};
use uuid::Uuid;
#[derive(Deserialize)]
pub struct RequstBody {
reason: String,
}
pub async fn post(
State(app_state): State<Arc<AppState>>,
Path(member_uuid): Path<Uuid>,
Extension(CurrentUser(uuid)): Extension<CurrentUser<Uuid>>,
Json(payload): Json<RequstBody>,
) -> Result<impl IntoResponse, Error> {
global_checks(&app_state, uuid).await?;
let mut conn = app_state.pool.get().await?;
let member = Member::fetch_one_with_member(&app_state, None, member_uuid).await?;
let caller = Member::check_membership(&mut conn, uuid, member.guild_uuid).await?;
caller
.check_permission(&app_state, Permissions::BanMember)
.await?;
member.ban(&mut conn, &payload.reason).await?;
Ok(StatusCode::OK)
}

6
src/api/v1/members/uuid/mod.rs
View file

@ -1,5 +1,7 @@
//! `/api/v1/members/{uuid}` Member specific endpoints
pub mod ban;
use std::sync::Arc;
use crate::{
@ -29,7 +31,7 @@ pub async fn get(
let me = Me::get(&mut conn, uuid).await?;
let member = Member::fetch_one_with_member(&app_state, &me, member_uuid).await?;
let member = Member::fetch_one_with_member(&app_state, Some(&me), member_uuid).await?;
Member::check_membership(&mut conn, uuid, member.guild_uuid).await?;
Ok((StatusCode::OK, Json(member)))
@ -46,7 +48,7 @@ pub async fn delete(
let me = Me::get(&mut conn, uuid).await?;
let member = Member::fetch_one_with_member(&app_state, &me, member_uuid).await?;
let member = Member::fetch_one_with_member(&app_state, Some(&me), member_uuid).await?;
let deleter = Member::check_membership(&mut conn, uuid, member.guild_uuid).await?;

57
src/objects/bans.rs Normal file
View file

@ -0,0 +1,57 @@
use diesel::{ExpressionMethods, QueryDsl, Queryable, Selectable, SelectableHelper};
use serde::{Deserialize, Serialize};
use uuid::Uuid;
use diesel_async::RunQueryDsl;
use crate::{Conn, error::Error, objects::load_or_empty, schema::guild_bans};
#[derive(Selectable, Queryable, Serialize, Deserialize)]
#[diesel(table_name = guild_bans)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct GuildBan {
pub guild_uuid: Uuid,
pub user_uuid: Uuid,
pub reason: Option<String>,
pub banned_since: chrono::DateTime<chrono::Utc>,
}
impl GuildBan {
pub async fn fetch_one(
conn: &mut Conn,
guild_uuid: Uuid,
user_uuid: Uuid,
) -> Result<GuildBan, Error> {
use guild_bans::dsl;
let guild_ban = dsl::guild_bans
.filter(dsl::guild_uuid.eq(guild_uuid))
.filter(dsl::user_uuid.eq(user_uuid))
.select(GuildBan::as_select())
.get_result(conn)
.await?;
Ok(guild_ban)
}
pub async fn fetch_all(conn: &mut Conn, guild_uuid: Uuid) -> Result<Vec<Self>, Error> {
use guild_bans::dsl;
let all_guild_bans = load_or_empty(
dsl::guild_bans
.filter(dsl::guild_uuid.eq(guild_uuid))
.load(conn)
.await,
)?;
Ok(all_guild_bans)
}
pub async fn unban(self, conn: &mut Conn) -> Result<(), Error> {
use guild_bans::dsl;
diesel::delete(guild_bans::table)
.filter(dsl::guild_uuid.eq(self.guild_uuid))
.filter(dsl::user_uuid.eq(self.user_uuid))
.execute(conn)
.await?;
Ok(())
}
}

35
src/objects/member.rs
View file

@ -9,8 +9,8 @@ use uuid::Uuid;
use crate::{
AppState, Conn,
error::Error,
objects::{Me, Permissions, Role},
schema::guild_members,
objects::{GuildBan, Me, Permissions, Role},
schema::{guild_bans, guild_members},
};
use super::{User, load_or_empty};
@ -122,7 +122,7 @@ impl Member {
pub async fn fetch_one_with_member(
app_state: &AppState,
me: &Me,
me: Option<&Me>,
uuid: Uuid,
) -> Result<Self, Error> {
let mut conn = app_state.pool.get().await?;
@ -134,7 +134,7 @@ impl Member {
.get_result(&mut conn)
.await?;
member.build(app_state, Some(me)).await
member.build(app_state, me).await
}
pub async fn fetch_all(
@ -169,6 +169,13 @@ impl Member {
) -> Result<Self, Error> {
let mut conn = app_state.pool.get().await?;
let banned = GuildBan::fetch_one(&mut conn, guild_uuid, user_uuid).await;
match banned {
Ok(_) => Err(Error::Forbidden("User banned".to_string())),
Err(Error::SqlError(diesel::result::Error::NotFound)) => Ok(()),
Err(e) => Err(e),
}?;
let member_uuid = Uuid::now_v7();
let member = MemberBuilder {
@ -198,4 +205,24 @@ impl Member {
Ok(())
}
pub async fn ban(self, conn: &mut Conn, reason: &String) -> Result<(), Error> {
if self.is_owner {
return Err(Error::Forbidden("Can not ban owner".to_string()));
}
use guild_bans::dsl;
insert_into(guild_bans::table)
.values((
dsl::guild_uuid.eq(self.guild_uuid),
dsl::user_uuid.eq(self.user_uuid),
dsl::reason.eq(reason),
))
.execute(conn)
.await?;
self.delete(conn).await?;
Ok(())
}
}

2
src/objects/mod.rs
View file

@ -7,6 +7,7 @@ use log::debug;
use serde::Deserialize;
use uuid::Uuid;
mod bans;
mod channel;
mod email_token;
mod friends;
@ -19,6 +20,7 @@ mod password_reset_token;
mod role;
mod user;
pub use bans::GuildBan;
pub use channel::Channel;
pub use email_token::EmailToken;
pub use friends::Friend;

3
src/objects/role.rs
View file

@ -176,6 +176,8 @@ pub enum Permissions {
ManageGuild = 32,
/// Lets users change member settings (nickname, etc)
ManageMember = 64,
/// Lets users ban members
BanMember = 128,
/// Lets users kick members
KickMember = 256,
}
@ -190,6 +192,7 @@ impl Permissions {
Self::ManageInvite,
Self::ManageGuild,
Self::ManageMember,
Self::BanMember,
Self::KickMember,
];

13
src/schema.rs
View file

@ -47,6 +47,16 @@ diesel::table! {
}
}
diesel::table! {
guild_bans (user_uuid, guild_uuid) {
guild_uuid -> Uuid,
user_uuid -> Uuid,
#[max_length = 200]
reason -> Nullable<Varchar>,
banned_since -> Timestamptz,
}
}
diesel::table! {
guild_members (uuid) {
uuid -> Uuid,
@ -154,6 +164,8 @@ diesel::joinable!(access_tokens -> refresh_tokens (refresh_token));
diesel::joinable!(access_tokens -> users (uuid));
diesel::joinable!(channel_permissions -> channels (channel_uuid));
diesel::joinable!(channels -> guilds (guild_uuid));
diesel::joinable!(guild_bans -> guilds (guild_uuid));
diesel::joinable!(guild_bans -> users (user_uuid));
diesel::joinable!(guild_members -> guilds (guild_uuid));
diesel::joinable!(guild_members -> users (user_uuid));
diesel::joinable!(instance_permissions -> users (uuid));
@ -171,6 +183,7 @@ diesel::allow_tables_to_appear_in_same_query!(
channels,
friend_requests,
friends,
guild_bans,
guild_members,
guilds,
instance_permissions,