Merge branch 'wip/ban'

Reviewed-on: #38
Reviewed-by: Radical <radical@radical.fun>

migrations/2025-07-22-195121_add_ban/down.sql

@@ -0,0 +1,2 @@
+-- This file should undo anything in `up.sql`
+DROP TABLE guild_bans;

migrations/2025-07-22-195121_add_ban/up.sql

@@ -0,0 +1,8 @@
+-- Your SQL goes here
+CREATE TABLE guild_bans (
+	guild_uuid uuid NOT NULL REFERENCES guilds(uuid) ON DELETE CASCADE,
+	user_uuid uuid NOT NULL REFERENCES users(uuid),
+	reason VARCHAR(200) DEFAULT NULL,
+	banned_since TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+	PRIMARY KEY (user_uuid, guild_uuid)
+);

src/api/v1/guilds/uuid/bans.rs

@@ -0,0 +1,57 @@
+use std::sync::Arc;
+
+use axum::{
+    Extension, Json,
+    extract::{Path, State},
+    http::StatusCode,
+    response::IntoResponse,
+};
+use uuid::Uuid;
+
+use crate::{
+    AppState,
+    api::v1::auth::CurrentUser,
+    error::Error,
+    objects::{GuildBan, Member, Permissions},
+    utils::global_checks,
+};
+
+pub async fn get(
+    State(app_state): State<Arc<AppState>>,
+    Path(guild_uuid): Path<Uuid>,
+    Extension(CurrentUser(uuid)): Extension<CurrentUser<Uuid>>,
+) -> Result<impl IntoResponse, Error> {
+    global_checks(&app_state, uuid).await?;
+
+    let mut conn = app_state.pool.get().await?;
+
+    let caller = Member::check_membership(&mut conn, uuid, guild_uuid).await?;
+    caller
+        .check_permission(&app_state, Permissions::BanMember)
+        .await?;
+
+    let all_guild_bans = GuildBan::fetch_all(&mut conn, guild_uuid).await?;
+
+    Ok((StatusCode::OK, Json(all_guild_bans)))
+}
+
+pub async fn unban(
+    State(app_state): State<Arc<AppState>>,
+    Path((guild_uuid, user_uuid)): Path<(Uuid, Uuid)>,
+    Extension(CurrentUser(uuid)): Extension<CurrentUser<Uuid>>,
+) -> Result<impl IntoResponse, Error> {
+    global_checks(&app_state, uuid).await?;
+
+    let mut conn = app_state.pool.get().await?;
+
+    let caller = Member::check_membership(&mut conn, uuid, guild_uuid).await?;
+    caller
+        .check_permission(&app_state, Permissions::BanMember)
+        .await?;
+
+    let ban = GuildBan::fetch_one(&mut conn, guild_uuid, user_uuid).await?;
+
+    ban.unban(&mut conn).await?;
+
+    Ok(StatusCode::OK)
+}

src/api/v1/guilds/uuid/mod.rs

@@ -7,11 +7,12 @@ use axum::{
     extract::{Multipart, Path, State},
     http::StatusCode,
     response::IntoResponse,
-    routing::{get, patch, post},
+    routing::{delete, get, patch, post},
 };
 use bytes::Bytes;
 use uuid::Uuid;
 
+mod bans;
 mod channels;
 mod invites;
 mod members;
@@ -42,6 +43,9 @@ pub fn router() -> Router<Arc<AppState>> {
         .route("/invites", post(invites::create))
         // Members
         .route("/members", get(members::get))
+        // Bans
+        .route("/bans", get(bans::get))
+        .route("/bans/{uuid}", delete(bans::unban))
 }
 
 /// `GET /api/v1/guilds/{uuid}` DESCRIPTION

src/api/v1/members/mod.rs

@@ -2,7 +2,7 @@ use std::sync::Arc;
 
 use axum::{
     Router,
-    routing::{delete, get},
+    routing::{delete, get, post},
 };
 
 use crate::AppState;
@@ -13,4 +13,5 @@ pub fn router() -> Router<Arc<AppState>> {
     Router::new()
         .route("/{uuid}", get(uuid::get))
         .route("/{uuid}", delete(uuid::delete))
+        .route("/{uuid}/ban", post(uuid::ban::post))
 }

src/api/v1/members/uuid/ban.rs

@@ -0,0 +1,47 @@
+use std::sync::Arc;
+
+use axum::{
+    Extension,
+    extract::{Json, Path, State},
+    http::StatusCode,
+    response::IntoResponse,
+};
+use serde::Deserialize;
+
+use crate::{
+    AppState,
+    api::v1::auth::CurrentUser,
+    error::Error,
+    objects::{Member, Permissions},
+    utils::global_checks,
+};
+
+use uuid::Uuid;
+
+#[derive(Deserialize)]
+pub struct RequstBody {
+    reason: String,
+}
+
+pub async fn post(
+    State(app_state): State<Arc<AppState>>,
+    Path(member_uuid): Path<Uuid>,
+    Extension(CurrentUser(uuid)): Extension<CurrentUser<Uuid>>,
+    Json(payload): Json<RequstBody>,
+) -> Result<impl IntoResponse, Error> {
+    global_checks(&app_state, uuid).await?;
+
+    let mut conn = app_state.pool.get().await?;
+
+    let member = Member::fetch_one_with_member(&app_state, None, member_uuid).await?;
+
+    let caller = Member::check_membership(&mut conn, uuid, member.guild_uuid).await?;
+
+    caller
+        .check_permission(&app_state, Permissions::BanMember)
+        .await?;
+
+    member.ban(&mut conn, &payload.reason).await?;
+
+    Ok(StatusCode::OK)
+}

src/api/v1/members/uuid/mod.rs

@@ -1,5 +1,7 @@
 //! `/api/v1/members/{uuid}` Member specific endpoints
 
+pub mod ban;
+
 use std::sync::Arc;
 
 use crate::{
@@ -29,7 +31,7 @@ pub async fn get(
 
     let me = Me::get(&mut conn, uuid).await?;
 
-    let member = Member::fetch_one_with_member(&app_state, &me, member_uuid).await?;
+    let member = Member::fetch_one_with_member(&app_state, Some(&me), member_uuid).await?;
     Member::check_membership(&mut conn, uuid, member.guild_uuid).await?;
 
     Ok((StatusCode::OK, Json(member)))
@@ -46,7 +48,7 @@ pub async fn delete(
 
     let me = Me::get(&mut conn, uuid).await?;
 
-    let member = Member::fetch_one_with_member(&app_state, &me, member_uuid).await?;
+    let member = Member::fetch_one_with_member(&app_state, Some(&me), member_uuid).await?;
 
     let deleter = Member::check_membership(&mut conn, uuid, member.guild_uuid).await?;
 

src/objects/bans.rs

@@ -0,0 +1,57 @@
+use diesel::{ExpressionMethods, QueryDsl, Queryable, Selectable, SelectableHelper};
+use serde::{Deserialize, Serialize};
+use uuid::Uuid;
+
+use diesel_async::RunQueryDsl;
+
+use crate::{Conn, error::Error, objects::load_or_empty, schema::guild_bans};
+
+#[derive(Selectable, Queryable, Serialize, Deserialize)]
+#[diesel(table_name = guild_bans)]
+#[diesel(check_for_backend(diesel::pg::Pg))]
+pub struct GuildBan {
+    pub guild_uuid: Uuid,
+    pub user_uuid: Uuid,
+    pub reason: Option<String>,
+    pub banned_since: chrono::DateTime<chrono::Utc>,
+}
+
+impl GuildBan {
+    pub async fn fetch_one(
+        conn: &mut Conn,
+        guild_uuid: Uuid,
+        user_uuid: Uuid,
+    ) -> Result<GuildBan, Error> {
+        use guild_bans::dsl;
+        let guild_ban = dsl::guild_bans
+            .filter(dsl::guild_uuid.eq(guild_uuid))
+            .filter(dsl::user_uuid.eq(user_uuid))
+            .select(GuildBan::as_select())
+            .get_result(conn)
+            .await?;
+
+        Ok(guild_ban)
+    }
+
+    pub async fn fetch_all(conn: &mut Conn, guild_uuid: Uuid) -> Result<Vec<Self>, Error> {
+        use guild_bans::dsl;
+        let all_guild_bans = load_or_empty(
+            dsl::guild_bans
+                .filter(dsl::guild_uuid.eq(guild_uuid))
+                .load(conn)
+                .await,
+        )?;
+
+        Ok(all_guild_bans)
+    }
+
+    pub async fn unban(self, conn: &mut Conn) -> Result<(), Error> {
+        use guild_bans::dsl;
+        diesel::delete(guild_bans::table)
+            .filter(dsl::guild_uuid.eq(self.guild_uuid))
+            .filter(dsl::user_uuid.eq(self.user_uuid))
+            .execute(conn)
+            .await?;
+        Ok(())
+    }
+}

src/objects/member.rs

@@ -9,8 +9,8 @@ use uuid::Uuid;
 use crate::{
     AppState, Conn,
     error::Error,
-    objects::{Me, Permissions, Role},
+    objects::{GuildBan, Me, Permissions, Role},
-    schema::guild_members,
+    schema::{guild_bans, guild_members},
 };
 
 use super::{User, load_or_empty};
@@ -122,7 +122,7 @@ impl Member {
 
     pub async fn fetch_one_with_member(
         app_state: &AppState,
-        me: &Me,
+        me: Option<&Me>,
         uuid: Uuid,
     ) -> Result<Self, Error> {
         let mut conn = app_state.pool.get().await?;
@@ -134,7 +134,7 @@ impl Member {
             .get_result(&mut conn)
             .await?;
 
-        member.build(app_state, Some(me)).await
+        member.build(app_state, me).await
     }
 
     pub async fn fetch_all(
@@ -169,6 +169,13 @@ impl Member {
     ) -> Result<Self, Error> {
         let mut conn = app_state.pool.get().await?;
 
+        let banned = GuildBan::fetch_one(&mut conn, guild_uuid, user_uuid).await;
+        match banned {
+            Ok(_) => Err(Error::Forbidden("User banned".to_string())),
+            Err(Error::SqlError(diesel::result::Error::NotFound)) => Ok(()),
+            Err(e) => Err(e),
+        }?;
+
         let member_uuid = Uuid::now_v7();
 
         let member = MemberBuilder {
@@ -198,4 +205,24 @@ impl Member {
 
         Ok(())
     }
+
+    pub async fn ban(self, conn: &mut Conn, reason: &String) -> Result<(), Error> {
+        if self.is_owner {
+            return Err(Error::Forbidden("Can not ban owner".to_string()));
+        }
+
+        use guild_bans::dsl;
+        insert_into(guild_bans::table)
+            .values((
+                dsl::guild_uuid.eq(self.guild_uuid),
+                dsl::user_uuid.eq(self.user_uuid),
+                dsl::reason.eq(reason),
+            ))
+            .execute(conn)
+            .await?;
+
+        self.delete(conn).await?;
+
+        Ok(())
+    }
 }

src/objects/mod.rs

@@ -7,6 +7,7 @@ use log::debug;
 use serde::Deserialize;
 use uuid::Uuid;
 
+mod bans;
 mod channel;
 mod email_token;
 mod friends;
@@ -19,6 +20,7 @@ mod password_reset_token;
 mod role;
 mod user;
 
+pub use bans::GuildBan;
 pub use channel::Channel;
 pub use email_token::EmailToken;
 pub use friends::Friend;

src/objects/role.rs

@@ -176,6 +176,8 @@ pub enum Permissions {
     ManageGuild = 32,
     /// Lets users change member settings (nickname, etc)
     ManageMember = 64,
+    /// Lets users ban members
+    BanMember = 128,
     /// Lets users kick members
     KickMember = 256,
 }
@@ -190,6 +192,7 @@ impl Permissions {
             Self::ManageInvite,
             Self::ManageGuild,
             Self::ManageMember,
+            Self::BanMember,
             Self::KickMember,
         ];
 

src/schema.rs

@@ -47,6 +47,16 @@ diesel::table! {
     }
 }
 
+diesel::table! {
+    guild_bans (user_uuid, guild_uuid) {
+        guild_uuid -> Uuid,
+        user_uuid -> Uuid,
+        #[max_length = 200]
+        reason -> Nullable<Varchar>,
+        banned_since -> Timestamptz,
+    }
+}
+
 diesel::table! {
     guild_members (uuid) {
         uuid -> Uuid,
@@ -154,6 +164,8 @@ diesel::joinable!(access_tokens -> refresh_tokens (refresh_token));
 diesel::joinable!(access_tokens -> users (uuid));
 diesel::joinable!(channel_permissions -> channels (channel_uuid));
 diesel::joinable!(channels -> guilds (guild_uuid));
+diesel::joinable!(guild_bans -> guilds (guild_uuid));
+diesel::joinable!(guild_bans -> users (user_uuid));
 diesel::joinable!(guild_members -> guilds (guild_uuid));
 diesel::joinable!(guild_members -> users (user_uuid));
 diesel::joinable!(instance_permissions -> users (uuid));
@@ -171,6 +183,7 @@ diesel::allow_tables_to_appear_in_same_query!(
     channels,
     friend_requests,
     friends,
+    guild_bans,
     guild_members,
     guilds,
     instance_permissions,