gorb/backend
4
0
Fork 1
Code Issues 1 Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions

Compare commits

base: gorb:95c942eee419c89a4dad069f307ca366890ebaaa
Branches Tags
gorb:main
gorb:wip/federation-impl
gorb:wip/local-data-folder
gorb:wip/invite-deletion
..
compare: gorb:419f37b108075eab5c67ad03c51bbfd8dc7e4a42
Branches Tags
gorb:main
gorb:wip/federation-impl
gorb:wip/local-data-folder
gorb:wip/invite-deletion

No commits in common. "95c942eee419c89a4dad069f307ca366890ebaaa" and "419f37b108075eab5c67ad03c51bbfd8dc7e4a42" have entirely different histories.
95c942eee4 ... 419f37b108

12 changed files with 87 additions and 167 deletions
Download patch file Download diff file Expand all files Collapse all files

14
migrations/2025-06-06-145916_guild_ownership_changes/down.sql
View file

@ -1,14 +0,0 @@
-- This file should undo anything in `up.sql`
ALTER TABLE guilds
ADD COLUMN owner_uuid UUID REFERENCES users(uuid);
UPDATE guilds g
SET owner_uuid = gm.user_uuid
FROM guild_members gm
WHERE gm.guild_uuid = g.uuid AND gm.is_owner = TRUE;
ALTER TABLE guilds
ALTER COLUMN owner_uuid SET NOT NULL;
ALTER TABLE guild_members
DROP COLUMN is_owner;

14
migrations/2025-06-06-145916_guild_ownership_changes/up.sql
View file

@ -1,14 +0,0 @@
-- Your SQL goes here
ALTER TABLE guild_members
ADD COLUMN is_owner BOOLEAN NOT NULL DEFAULT false;
UPDATE guild_members gm
SET is_owner = true
FROM guilds g
WHERE gm.guild_uuid = g.uuid AND gm.user_uuid = g.owner_uuid;
CREATE UNIQUE INDEX one_owner_per_guild ON guild_members (guild_uuid)
WHERE is_owner;
ALTER TABLE guilds
DROP COLUMN owner_uuid;

14
src/api/v1/channels/uuid/mod.rs
View file

@ -4,7 +4,11 @@ pub mod messages;
pub mod socket; pub mod socket;
use crate::{ use crate::{
api::v1::auth::check_access_token, error::Error, objects::{Channel, Member, Permissions}, utils::{get_auth_header, global_checks}, Data Data,
api::v1::auth::check_access_token,
error::Error,
objects::{Channel, Member},
utils::{get_auth_header, global_checks},
}; };
use actix_web::{HttpRequest, HttpResponse, delete, get, patch, web}; use actix_web::{HttpRequest, HttpResponse, delete, get, patch, web};
use serde::Deserialize; use serde::Deserialize;
@ -55,9 +59,7 @@ pub async fn delete(
let channel = Channel::fetch_one(&data, channel_uuid).await?; let channel = Channel::fetch_one(&data, channel_uuid).await?;
let member = Member::check_membership(&mut conn, uuid, channel.guild_uuid).await?; Member::check_membership(&mut conn, uuid, channel.guild_uuid).await?;
member.check_permission(&data, Permissions::DeleteChannel).await?;
channel.delete(&data).await?; channel.delete(&data).await?;
@ -123,9 +125,7 @@ pub async fn patch(
let mut channel = Channel::fetch_one(&data, channel_uuid).await?; let mut channel = Channel::fetch_one(&data, channel_uuid).await?;
let member = Member::check_membership(&mut conn, uuid, channel.guild_uuid).await?; Member::check_membership(&mut conn, uuid, channel.guild_uuid).await?;
member.check_permission(&data, Permissions::ManageChannel).await?;
if let Some(new_name) = &new_info.name { if let Some(new_name) = &new_info.name {
channel.set_name(&data, new_name.to_string()).await?; channel.set_name(&data, new_name.to_string()).await?;

10
src/api/v1/guilds/uuid/channels.rs
View file

@ -1,5 +1,9 @@
use crate::{ use crate::{
api::v1::auth::check_access_token, error::Error, objects::{Channel, Member, Permissions}, utils::{get_auth_header, global_checks, order_by_is_above}, Data Data,
api::v1::auth::check_access_token,
error::Error,
objects::{Channel, Member},
utils::{get_auth_header, global_checks, order_by_is_above},
}; };
use ::uuid::Uuid; use ::uuid::Uuid;
use actix_web::{HttpRequest, HttpResponse, get, post, web}; use actix_web::{HttpRequest, HttpResponse, get, post, web};
@ -70,9 +74,9 @@ pub async fn create(
global_checks(&data, uuid).await?; global_checks(&data, uuid).await?;
let member = Member::check_membership(&mut conn, uuid, guild_uuid).await?; Member::check_membership(&mut conn, uuid, guild_uuid).await?;
member.check_permission(&data, Permissions::CreateChannel).await?; // FIXME: Logic to check permissions, should probably be done in utils.rs
let channel = Channel::new( let channel = Channel::new(
data.clone(), data.clone(),

10
src/api/v1/guilds/uuid/icon.rs
View file

@ -5,7 +5,11 @@ use futures_util::StreamExt as _;
use uuid::Uuid; use uuid::Uuid;
use crate::{ use crate::{
api::v1::auth::check_access_token, error::Error, objects::{Guild, Member, Permissions}, utils::{get_auth_header, global_checks}, Data Data,
api::v1::auth::check_access_token,
error::Error,
objects::{Guild, Member},
utils::{get_auth_header, global_checks},
}; };
/// `PUT /api/v1/guilds/{uuid}/icon` Icon upload /// `PUT /api/v1/guilds/{uuid}/icon` Icon upload
@ -32,9 +36,7 @@ pub async fn upload(
global_checks(&data, uuid).await?; global_checks(&data, uuid).await?;
let member = Member::check_membership(&mut conn, uuid, guild_uuid).await?; Member::check_membership(&mut conn, uuid, guild_uuid).await?;
member.check_permission(&data, Permissions::ManageServer).await?;
let mut guild = Guild::fetch_one(&mut conn, guild_uuid).await?; let mut guild = Guild::fetch_one(&mut conn, guild_uuid).await?;

10
src/api/v1/guilds/uuid/invites/mod.rs
View file

@ -3,7 +3,11 @@ use serde::Deserialize;
use uuid::Uuid; use uuid::Uuid;
use crate::{ use crate::{
api::v1::auth::check_access_token, error::Error, objects::{Guild, Member, Permissions}, utils::{get_auth_header, global_checks}, Data Data,
api::v1::auth::check_access_token,
error::Error,
objects::{Guild, Member},
utils::{get_auth_header, global_checks},
}; };
#[derive(Deserialize)] #[derive(Deserialize)]
@ -57,9 +61,7 @@ pub async fn create(
global_checks(&data, uuid).await?; global_checks(&data, uuid).await?;
let member = Member::check_membership(&mut conn, uuid, guild_uuid).await?; Member::check_membership(&mut conn, uuid, guild_uuid).await?;
member.check_permission(&data, Permissions::CreateInvite).await?;
let guild = Guild::fetch_one(&mut conn, guild_uuid).await?; let guild = Guild::fetch_one(&mut conn, guild_uuid).await?;

10
src/api/v1/guilds/uuid/roles/mod.rs
View file

@ -3,7 +3,11 @@ use actix_web::{HttpRequest, HttpResponse, get, post, web};
use serde::Deserialize; use serde::Deserialize;
use crate::{ use crate::{
api::v1::auth::check_access_token, error::Error, objects::{Member, Permissions, Role}, utils::{get_auth_header, global_checks, order_by_is_above}, Data Data,
api::v1::auth::check_access_token,
error::Error,
objects::{Member, Role},
utils::{get_auth_header, global_checks, order_by_is_above},
}; };
pub mod uuid; pub mod uuid;
@ -66,9 +70,9 @@ pub async fn create(
global_checks(&data, uuid).await?; global_checks(&data, uuid).await?;
let member = Member::check_membership(&mut conn, uuid, guild_uuid).await?; Member::check_membership(&mut conn, uuid, guild_uuid).await?;
member.check_permission(&data, Permissions::CreateRole).await?; // FIXME: Logic to check permissions, should probably be done in utils.rs
let role = Role::new(&mut conn, guild_uuid, role_info.name.clone()).await?; let role = Role::new(&mut conn, guild_uuid, role_info.name.clone()).await?;

6
src/objects/guild.rs
View file

@ -26,6 +26,7 @@ pub struct GuildBuilder {
name: String, name: String,
description: Option<String>, description: Option<String>,
icon: Option<String>, icon: Option<String>,
owner_uuid: Uuid,
} }
impl GuildBuilder { impl GuildBuilder {
@ -39,6 +40,7 @@ impl GuildBuilder {
name: self.name, name: self.name,
description: self.description, description: self.description,
icon: self.icon.and_then(|i| i.parse().ok()), icon: self.icon.and_then(|i| i.parse().ok()),
owner_uuid: self.owner_uuid,
roles, roles,
member_count, member_count,
}) })
@ -51,6 +53,7 @@ pub struct Guild {
name: String, name: String,
description: Option<String>, description: Option<String>,
icon: Option<Url>, icon: Option<Url>,
owner_uuid: Uuid,
pub roles: Vec<Role>, pub roles: Vec<Role>,
member_count: i64, member_count: i64,
} }
@ -107,6 +110,7 @@ impl Guild {
name: name.clone(), name: name.clone(),
description: None, description: None,
icon: None, icon: None,
owner_uuid,
}; };
insert_into(guilds::table) insert_into(guilds::table)
@ -121,7 +125,6 @@ impl Guild {
nickname: None, nickname: None,
user_uuid: owner_uuid, user_uuid: owner_uuid,
guild_uuid, guild_uuid,
is_owner: true,
}; };
insert_into(guild_members::table) insert_into(guild_members::table)
@ -134,6 +137,7 @@ impl Guild {
name, name,
description: None, description: None,
icon: None, icon: None,
owner_uuid,
roles: vec![], roles: vec![],
member_count: 1, member_count: 1,
}) })

26
src/objects/member.rs
View file

@ -5,7 +5,7 @@ use diesel_async::RunQueryDsl;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use uuid::Uuid; use uuid::Uuid;
use crate::{error::Error, objects::{Permissions, Role}, schema::guild_members, Conn, Data}; use crate::{Conn, Data, error::Error, schema::guild_members};
use super::{User, load_or_empty}; use super::{User, load_or_empty};
@ -17,11 +17,10 @@ pub struct MemberBuilder {
pub nickname: Option<String>, pub nickname: Option<String>,
pub user_uuid: Uuid, pub user_uuid: Uuid,
pub guild_uuid: Uuid, pub guild_uuid: Uuid,
pub is_owner: bool,
} }
impl MemberBuilder { impl MemberBuilder {
pub async fn build(&self, data: &Data) -> Result<Member, Error> { async fn build(&self, data: &Data) -> Result<Member, Error> {
let user = User::fetch_one(data, self.user_uuid).await?; let user = User::fetch_one(data, self.user_uuid).await?;
Ok(Member { Ok(Member {
@ -29,22 +28,9 @@ impl MemberBuilder {
nickname: self.nickname.clone(), nickname: self.nickname.clone(),
user_uuid: self.user_uuid, user_uuid: self.user_uuid,
guild_uuid: self.guild_uuid, guild_uuid: self.guild_uuid,
is_owner: self.is_owner,
user, user,
}) })
} }
pub async fn check_permission(&self, data: &Data, permission: Permissions) -> Result<(), Error> {
if !self.is_owner {
let roles = Role::fetch_from_member(&data, self.uuid).await?;
let allowed = roles.iter().any(|r| r.permissions & permission as i64 != 0);
if !allowed {
return Err(Error::Forbidden("Not allowed".to_string()))
}
}
Ok(())
}
} }
#[derive(Serialize, Deserialize)] #[derive(Serialize, Deserialize)]
@ -53,7 +39,6 @@ pub struct Member {
pub nickname: Option<String>, pub nickname: Option<String>,
pub user_uuid: Uuid, pub user_uuid: Uuid,
pub guild_uuid: Uuid, pub guild_uuid: Uuid,
pub is_owner: bool,
user: User, user: User,
} }
@ -73,16 +58,16 @@ impl Member {
conn: &mut Conn, conn: &mut Conn,
user_uuid: Uuid, user_uuid: Uuid,
guild_uuid: Uuid, guild_uuid: Uuid,
) -> Result<MemberBuilder, Error> { ) -> Result<(), Error> {
use guild_members::dsl; use guild_members::dsl;
let member_builder = dsl::guild_members dsl::guild_members
.filter(dsl::user_uuid.eq(user_uuid)) .filter(dsl::user_uuid.eq(user_uuid))
.filter(dsl::guild_uuid.eq(guild_uuid)) .filter(dsl::guild_uuid.eq(guild_uuid))
.select(MemberBuilder::as_select()) .select(MemberBuilder::as_select())
.get_result(conn) .get_result(conn)
.await?; .await?;
Ok(member_builder) Ok(())
} }
pub async fn fetch_one(data: &Data, user_uuid: Uuid, guild_uuid: Uuid) -> Result<Self, Error> { pub async fn fetch_one(data: &Data, user_uuid: Uuid, guild_uuid: Uuid) -> Result<Self, Error> {
@ -128,7 +113,6 @@ impl Member {
guild_uuid, guild_uuid,
user_uuid, user_uuid,
nickname: None, nickname: None,
is_owner: false,
}; };
insert_into(guild_members::table) insert_into(guild_members::table)

39
src/objects/mod.rs
View file

@ -27,7 +27,6 @@ pub use member::Member;
pub use message::Message; pub use message::Message;
pub use password_reset_token::PasswordResetToken; pub use password_reset_token::PasswordResetToken;
pub use role::Role; pub use role::Role;
pub use role::Permissions;
pub use user::User; pub use user::User;
use crate::error::Error; use crate::error::Error;
@ -112,6 +111,44 @@ impl MailClient {
} }
} }
#[derive(Clone, Copy)]
pub enum Permissions {
SendMessage = 1,
CreateChannel = 2,
DeleteChannel = 4,
ManageChannel = 8,
CreateRole = 16,
DeleteRole = 32,
ManageRole = 64,
CreateInvite = 128,
ManageInvite = 256,
ManageServer = 512,
ManageMember = 1024,
}
impl Permissions {
pub fn fetch_permissions(permissions: i64) -> Vec<Self> {
let all_perms = vec![
Self::SendMessage,
Self::CreateChannel,
Self::DeleteChannel,
Self::ManageChannel,
Self::CreateRole,
Self::DeleteRole,
Self::ManageRole,
Self::CreateInvite,
Self::ManageInvite,
Self::ManageServer,
Self::ManageMember,
];
all_perms
.into_iter()
.filter(|p| permissions & (*p as i64) != 0)
.collect()
}
}
#[derive(Deserialize)] #[derive(Deserialize)]
pub struct StartAmountQuery { pub struct StartAmountQuery {
pub start: Option<i64>, pub start: Option<i64>,

98
src/objects/role.rs
View file

@ -3,14 +3,14 @@ use diesel::{
update, update,
}; };
use diesel_async::RunQueryDsl; use diesel_async::RunQueryDsl;
use serde::{Deserialize, Serialize}; use serde::Serialize;
use uuid::Uuid; use uuid::Uuid;
use crate::{error::Error, schema::{role_members, roles}, utils::order_by_is_above, Conn, Data}; use crate::{Conn, error::Error, schema::roles, utils::order_by_is_above};
use super::{HasIsAbove, HasUuid, load_or_empty}; use super::{HasIsAbove, HasUuid, load_or_empty};
#[derive(Deserialize, Serialize, Clone, Queryable, Selectable, Insertable)] #[derive(Serialize, Clone, Queryable, Selectable, Insertable)]
#[diesel(table_name = roles)] #[diesel(table_name = roles)]
#[diesel(check_for_backend(diesel::pg::Pg))] #[diesel(check_for_backend(diesel::pg::Pg))]
pub struct Role { pub struct Role {
@ -19,28 +19,7 @@ pub struct Role {
name: String, name: String,
color: i32, color: i32,
is_above: Option<Uuid>, is_above: Option<Uuid>,
pub permissions: i64, permissions: i64,
}
#[derive(Serialize, Clone, Queryable, Selectable, Insertable)]
#[diesel(table_name = role_members)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct RoleMember {
role_uuid: Uuid,
member_uuid: Uuid,
}
impl RoleMember {
async fn fetch_role(&self, conn: &mut Conn) -> Result<Role, Error> {
use roles::dsl;
let role: Role = dsl::roles
.filter(dsl::uuid.eq(self.role_uuid))
.select(Role::as_select())
.get_result(conn)
.await?;
Ok(role)
}
} }
impl HasUuid for Role { impl HasUuid for Role {
@ -69,33 +48,6 @@ impl Role {
Ok(roles) Ok(roles)
} }
pub async fn fetch_from_member(data: &Data, member_uuid: Uuid) -> Result<Vec<Self>, Error> {
if let Ok(roles) = data.get_cache_key(format!("{}_roles", member_uuid)).await {
return Ok(serde_json::from_str(&roles)?)
}
let mut conn = data.pool.get().await?;
use role_members::dsl;
let role_memberships: Vec<RoleMember> = load_or_empty(
dsl::role_members
.filter(dsl::member_uuid.eq(member_uuid))
.select(RoleMember::as_select())
.load(&mut conn)
.await,
)?;
let mut roles = vec![];
for membership in role_memberships {
roles.push(membership.fetch_role(&mut conn).await?);
}
data.set_cache_key(format!("{}_roles", member_uuid), roles.clone(), 300).await?;
Ok(roles)
}
pub async fn fetch_one(conn: &mut Conn, role_uuid: Uuid) -> Result<Self, Error> { pub async fn fetch_one(conn: &mut Conn, role_uuid: Uuid) -> Result<Self, Error> {
use roles::dsl; use roles::dsl;
let role: Role = dsl::roles let role: Role = dsl::roles
@ -107,10 +59,6 @@ impl Role {
Ok(role) Ok(role)
} }
pub async fn fetch_permissions(&self) -> Vec<Permissions> {
Permissions::fetch_permissions(self.permissions.clone())
}
pub async fn new(conn: &mut Conn, guild_uuid: Uuid, name: String) -> Result<Self, Error> { pub async fn new(conn: &mut Conn, guild_uuid: Uuid, name: String) -> Result<Self, Error> {
let role_uuid = Uuid::now_v7(); let role_uuid = Uuid::now_v7();
@ -146,41 +94,3 @@ impl Role {
Ok(new_role) Ok(new_role)
} }
} }
#[derive(Clone, Copy, PartialEq, Eq)]
pub enum Permissions {
SendMessage = 1,
CreateChannel = 2,
DeleteChannel = 4,
ManageChannel = 8,
CreateRole = 16,
DeleteRole = 32,
ManageRole = 64,
CreateInvite = 128,
ManageInvite = 256,
ManageServer = 512,
ManageMember = 1024,
}
impl Permissions {
pub fn fetch_permissions(permissions: i64) -> Vec<Self> {
let all_perms = vec![
Self::SendMessage,
Self::CreateChannel,
Self::DeleteChannel,
Self::ManageChannel,
Self::CreateRole,
Self::DeleteRole,
Self::ManageRole,
Self::CreateInvite,
Self::ManageInvite,
Self::ManageServer,
Self::ManageMember,
];
all_perms
.into_iter()
.filter(|p| permissions & (*p as i64) != 0)
.collect()
}
}

3
src/schema.rs
View file

@ -38,13 +38,13 @@ diesel::table! {
user_uuid -> Uuid, user_uuid -> Uuid,
#[max_length = 100] #[max_length = 100]
nickname -> Nullable<Varchar>, nickname -> Nullable<Varchar>,
is_owner -> Bool,
} }
} }
diesel::table! { diesel::table! {
guilds (uuid) { guilds (uuid) {
uuid -> Uuid, uuid -> Uuid,
owner_uuid -> Uuid,
#[max_length = 100] #[max_length = 100]
name -> Varchar, name -> Varchar,
#[max_length = 300] #[max_length = 300]
@ -139,6 +139,7 @@ diesel::joinable!(channel_permissions -> channels (channel_uuid));
diesel::joinable!(channels -> guilds (guild_uuid)); diesel::joinable!(channels -> guilds (guild_uuid));
diesel::joinable!(guild_members -> guilds (guild_uuid)); diesel::joinable!(guild_members -> guilds (guild_uuid));
diesel::joinable!(guild_members -> users (user_uuid)); diesel::joinable!(guild_members -> users (user_uuid));
diesel::joinable!(guilds -> users (owner_uuid));
diesel::joinable!(instance_permissions -> users (uuid)); diesel::joinable!(instance_permissions -> users (uuid));
diesel::joinable!(invites -> guilds (guild_uuid)); diesel::joinable!(invites -> guilds (guild_uuid));
diesel::joinable!(invites -> users (user_uuid)); diesel::joinable!(invites -> users (user_uuid));