radical/backend-ci-testing
1
0
Fork 0
forked from gorb/backend
Code Pull requests Activity

Compare commits

merge into: radical:main
Branches Tags
radical:main
gorb:main
gorb:wip/federation-impl
gorb:wip/local-data-folder
gorb:wip/invite-deletion
...
pull from: gorb:main
Branches Tags
gorb:main
gorb:wip/federation-impl
gorb:wip/local-data-folder
gorb:wip/invite-deletion
radical:main
Sign in to create a new pull request.

16 commits
main ... main

Author SHA1 Message Date
Radical
36d3a18b08 build: update dependencies 2025-06-25 14:33:05 +02:00
Radical
407460d2aa style: use const generic for token length instead of multiple functions 
Simplifies codebase a bit and avoids having to add another function in future if we need another length of token
 2025-06-25 13:25:39 +02:00
Radical
f752cddd73 fix: add missing match statements 2025-06-06 18:19:40 +02:00
Radical
8dca22de3a fix: make channel deletion work 2025-06-06 18:16:25 +02:00
Radical
95c942eee4 feat: use permission system 2025-06-06 17:49:06 +02:00
Radical
0588541876 feat: move ownership to member column instead of table column 2025-06-06 17:20:02 +02:00
Radical
419f37b108 feat: move password reset tokens to valkey 
Also just as useless to keep in DB
 2025-06-03 11:03:52 +00:00
Radical
b223dff4ba feat: move email tokens to valkey 
No need to have them in permanent DB storage when they are temporary
 2025-06-03 11:01:33 +00:00
Radical
4cbe551061 fix: make custom id optional 2025-06-02 17:50:11 +02:00
Radical
c01570707d style: cargo clippy 2025-06-02 00:30:10 +02:00
Radical
7021c80f02 style: move structs to objects and split into several files for readability 2025-06-02 00:28:48 +02:00
Radical
08cb70ce18 fix: add patch request as a service in actix 
whoops forgot to add /channels/{uuid} patch request into actix
 2025-06-01 23:43:14 +02:00
Radical
c4fc23ec85 feat: add about to users 2025-06-01 22:20:29 +02:00
Radical
41defc4a25 feat: add patch request to channels! 2025-06-01 22:10:37 +02:00
Radical
15eb102784 build: try to make dev bearable 2025-06-01 22:10:23 +02:00
Radical
643f94b580 ci: add proper cross compiling! 2025-06-01 21:56:47 +02:00
48 changed files with 1863 additions and 1475 deletions
Download patch file Download diff file Expand all files Collapse all files

15
.woodpecker/build-and-publish.yml
View file

@ -3,6 +3,21 @@ when:
branch: main branch: main
steps: steps:
- name: build-x86_64
image: rust:bookworm
commands:
- cargo build --release
- name: build-arm64
image: rust:bookworm
commands:
- dpkg --add-architecture arm64
- apt-get update -y && apt-get install -y crossbuild-essential-arm64 libssl-dev:arm64
- rustup target add aarch64-unknown-linux-gnu
- cargo build --target aarch64-unknown-linux-gnu --release
environment:
CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER: aarch64-linux-gnu-gcc
PKG_CONFIG_ALLOW_CROSS: 1
PKG_CONFIG_PATH: /usr/aarch64-linux-gnu/lib/pkgconfig
- name: container-build-and-publish - name: container-build-and-publish
image: docker image: docker
commands: commands:

16
Cargo.toml
View file

@ -8,6 +8,12 @@ strip = true
lto = true lto = true
codegen-units = 1 codegen-units = 1
# Speed up compilation to make dev bearable
[profile.dev]
debug = 0
strip = "debuginfo"
codegen-units = 512
[dependencies] [dependencies]
actix-cors = "0.7.1" actix-cors = "0.7.1"
actix-web = "4.11" actix-web = "4.11"
@ -21,23 +27,23 @@ regex = "1.11"
serde = { version = "1.0", features = ["derive"] } serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0" serde_json = "1.0"
simple_logger = "5.0.0" simple_logger = "5.0.0"
redis = { version = "0.31.0", features= ["tokio-comp"] } redis = { version = "0.32", features= ["tokio-comp"] }
tokio-tungstenite = { version = "0.26", features = ["native-tls", "url"] } tokio-tungstenite = { version = "0.27", features = ["native-tls", "url"] }
toml = "0.8" toml = "0.8"
url = { version = "2.5", features = ["serde"] } url = { version = "2.5", features = ["serde"] }
uuid = { version = "1.17", features = ["serde", "v7"] } uuid = { version = "1.17", features = ["serde", "v7"] }
random-string = "1.1" random-string = "1.1"
actix-ws = "0.3.0" actix-ws = "0.3.0"
futures-util = "0.3.31" futures-util = "0.3.31"
bunny-api-tokio = "0.3.0" bunny-api-tokio = { version = "0.4", features = ["edge_storage"], default-features = false }
bindet = "0.3.2" bindet = "0.3.2"
deadpool = "0.12" deadpool = "0.12"
diesel = { version = "2.2", features = ["uuid", "chrono"] } diesel = { version = "2.2", features = ["uuid", "chrono"], default-features = false }
diesel-async = { version = "0.5", features = ["deadpool", "postgres", "async-connection-wrapper"] } diesel-async = { version = "0.5", features = ["deadpool", "postgres", "async-connection-wrapper"] }
diesel_migrations = { version = "2.2.0", features = ["postgres"] } diesel_migrations = { version = "2.2.0", features = ["postgres"] }
thiserror = "2.0.12" thiserror = "2.0.12"
actix-multipart = "0.7.2" actix-multipart = "0.7.2"
lettre = { version = "0.11.16", features = ["tokio1", "tokio1-native-tls"] } lettre = { version = "0.11", features = ["tokio1", "tokio1-native-tls"] }
chrono = { version = "0.4.41", features = ["serde"] } chrono = { version = "0.4.41", features = ["serde"] }
[dependencies.tokio] [dependencies.tokio]

11
Dockerfile
View file

@ -1,16 +1,17 @@
FROM rust:bookworm AS builder FROM --platform=linux/amd64 debian:12-slim AS prep
WORKDIR /src WORKDIR /src
COPY . . COPY target/release/backend backend-amd64
COPY target/aarch64-unknown-linux-gnu/release/backend backend-arm64
RUN cargo build --release
FROM debian:12-slim FROM debian:12-slim
ARG TARGETARCH
RUN apt update -y && apt install libssl3 ca-certificates -y && rm -rf /var/lib/apt/lists/* /var/cache/apt/* /tmp/* RUN apt update -y && apt install libssl3 ca-certificates -y && rm -rf /var/lib/apt/lists/* /var/cache/apt/* /tmp/*
COPY --from=builder /src/target/release/backend /usr/bin/gorb-backend COPY --from=prep /src/backend-${TARGETARCH} /usr/bin/gorb-backend
COPY entrypoint.sh /usr/bin/entrypoint.sh COPY entrypoint.sh /usr/bin/entrypoint.sh

2
migrations/2025-06-01-143713_add_about_to_users/down.sql Normal file
View file

@ -0,0 +1,2 @@
-- This file should undo anything in `up.sql`
ALTER TABLE users DROP COLUMN about;

2
migrations/2025-06-01-143713_add_about_to_users/up.sql Normal file
View file

@ -0,0 +1,2 @@
-- Your SQL goes here
ALTER TABLE users ADD COLUMN about VARCHAR(200) DEFAULT NULL;

7
migrations/2025-06-03-103311_remove_email_tokens/down.sql Normal file
View file

@ -0,0 +1,7 @@
-- This file should undo anything in `up.sql`
CREATE TABLE email_tokens (
token VARCHAR(64) NOT NULL,
user_uuid uuid UNIQUE NOT NULL REFERENCES users(uuid),
created_at TIMESTAMPTZ NOT NULL,
PRIMARY KEY (token, user_uuid)
);

2
migrations/2025-06-03-103311_remove_email_tokens/up.sql Normal file
View file

@ -0,0 +1,2 @@
-- Your SQL goes here
DROP TABLE email_tokens;

7
migrations/2025-06-03-110142_remove_password_reset_tokens/down.sql Normal file
View file

@ -0,0 +1,7 @@
-- This file should undo anything in `up.sql`
CREATE TABLE password_reset_tokens (
token VARCHAR(64) NOT NULL,
user_uuid uuid UNIQUE NOT NULL REFERENCES users(uuid),
created_at TIMESTAMPTZ NOT NULL,
PRIMARY KEY (token, user_uuid)
);

2
migrations/2025-06-03-110142_remove_password_reset_tokens/up.sql Normal file
View file

@ -0,0 +1,2 @@
-- Your SQL goes here
DROP TABLE password_reset_tokens;

14
migrations/2025-06-06-145916_guild_ownership_changes/down.sql Normal file
View file

@ -0,0 +1,14 @@
-- This file should undo anything in `up.sql`
ALTER TABLE guilds
ADD COLUMN owner_uuid UUID REFERENCES users(uuid);
UPDATE guilds g
SET owner_uuid = gm.user_uuid
FROM guild_members gm
WHERE gm.guild_uuid = g.uuid AND gm.is_owner = TRUE;
ALTER TABLE guilds
ALTER COLUMN owner_uuid SET NOT NULL;
ALTER TABLE guild_members
DROP COLUMN is_owner;

14
migrations/2025-06-06-145916_guild_ownership_changes/up.sql Normal file
View file

@ -0,0 +1,14 @@
-- Your SQL goes here
ALTER TABLE guild_members
ADD COLUMN is_owner BOOLEAN NOT NULL DEFAULT false;
UPDATE guild_members gm
SET is_owner = true
FROM guilds g
WHERE gm.guild_uuid = g.uuid AND gm.user_uuid = g.owner_uuid;
CREATE UNIQUE INDEX one_owner_per_guild ON guild_members (guild_uuid)
WHERE is_owner;
ALTER TABLE guilds
DROP COLUMN owner_uuid;

6
src/api/v1/auth/login.rs
View file

@ -11,7 +11,7 @@ use crate::{
error::Error, error::Error,
schema::*, schema::*,
utils::{ utils::{
PASSWORD_REGEX, generate_access_token, generate_refresh_token, new_refresh_token_cookie, PASSWORD_REGEX, generate_token, new_refresh_token_cookie,
user_uuid_from_identifier, user_uuid_from_identifier,
}, },
}; };
@ -59,8 +59,8 @@ pub async fn response(
)); ));
} }
let refresh_token = generate_refresh_token()?; let refresh_token = generate_token::<32>()?;
let access_token = generate_access_token()?; let access_token = generate_token::<16>()?;
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64; let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;

6
src/api/v1/auth/refresh.rs
View file

@ -11,7 +11,7 @@ use crate::{
access_tokens::{self, dsl}, access_tokens::{self, dsl},
refresh_tokens::{self, dsl as rdsl}, refresh_tokens::{self, dsl as rdsl},
}, },
utils::{generate_access_token, generate_refresh_token, new_refresh_token_cookie}, utils::{generate_token, new_refresh_token_cookie},
}; };
use super::Response; use super::Response;
@ -55,7 +55,7 @@ pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64; let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
if lifetime > 1987200 { if lifetime > 1987200 {
let new_refresh_token = generate_refresh_token()?; let new_refresh_token = generate_token::<32>()?;
match update(refresh_tokens::table) match update(refresh_tokens::table)
.filter(rdsl::token.eq(&refresh_token)) .filter(rdsl::token.eq(&refresh_token))
@ -75,7 +75,7 @@ pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse
} }
} }
let access_token = generate_access_token()?; let access_token = generate_token::<16>()?;
update(access_tokens::table) update(access_tokens::table)
.filter(dsl::refresh_token.eq(&refresh_token)) .filter(dsl::refresh_token.eq(&refresh_token))

6
src/api/v1/auth/register.rs
View file

@ -20,7 +20,7 @@ use crate::{
users::{self, dsl as udsl}, users::{self, dsl as udsl},
}, },
utils::{ utils::{
EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX, generate_access_token, generate_refresh_token, EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX, generate_token,
new_refresh_token_cookie, new_refresh_token_cookie,
}, },
}; };
@ -120,8 +120,8 @@ pub async fn res(
.execute(&mut conn) .execute(&mut conn)
.await?; .await?;
let refresh_token = generate_refresh_token()?; let refresh_token = generate_token::<32>()?;
let access_token = generate_access_token()?; let access_token = generate_token::<16>()?;
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64; let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;

17
src/api/v1/auth/reset_password.rs
View file

@ -4,7 +4,7 @@ use actix_web::{HttpResponse, get, post, web};
use chrono::{Duration, Utc}; use chrono::{Duration, Utc};
use serde::Deserialize; use serde::Deserialize;
use crate::{Data, error::Error, structs::PasswordResetToken}; use crate::{Data, error::Error, objects::PasswordResetToken};
#[derive(Deserialize)] #[derive(Deserialize)]
struct Query { struct Query {
@ -26,13 +26,11 @@ struct Query {
/// ///
#[get("/reset-password")] #[get("/reset-password")]
pub async fn get(query: web::Query<Query>, data: web::Data<Data>) -> Result<HttpResponse, Error> { pub async fn get(query: web::Query<Query>, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let mut conn = data.pool.get().await?;
if let Ok(password_reset_token) = if let Ok(password_reset_token) =
PasswordResetToken::get_with_identifier(&mut conn, query.identifier.clone()).await PasswordResetToken::get_with_identifier(&data, query.identifier.clone()).await
{ {
if Utc::now().signed_duration_since(password_reset_token.created_at) > Duration::hours(1) { if Utc::now().signed_duration_since(password_reset_token.created_at) > Duration::hours(1) {
password_reset_token.delete(&mut conn).await?; password_reset_token.delete(&data).await?;
} else { } else {
return Err(Error::TooManyRequests( return Err(Error::TooManyRequests(
"Please allow 1 hour before sending a new email".to_string(), "Please allow 1 hour before sending a new email".to_string(),
@ -74,15 +72,8 @@ pub async fn post(
reset_password: web::Json<ResetPassword>, reset_password: web::Json<ResetPassword>,
data: web::Data<Data>, data: web::Data<Data>,
) -> Result<HttpResponse, Error> { ) -> Result<HttpResponse, Error> {
let mut conn = data.pool.get().await?;
let password_reset_token = let password_reset_token =
PasswordResetToken::get(&mut conn, reset_password.token.clone()).await?; PasswordResetToken::get(&data, reset_password.token.clone()).await?;
if Utc::now().signed_duration_since(password_reset_token.created_at) > Duration::hours(24) {
password_reset_token.delete(&mut conn).await?;
return Ok(HttpResponse::Gone().finish());
}
password_reset_token password_reset_token
.set_password(&data, reset_password.password.clone()) .set_password(&data, reset_password.password.clone())

15
src/api/v1/auth/verify_email.rs
View file

@ -8,7 +8,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::{EmailToken, Me}, objects::{EmailToken, Me},
utils::get_auth_header, utils::get_auth_header,
}; };
@ -46,20 +46,15 @@ pub async fn get(
let me = Me::get(&mut conn, uuid).await?; let me = Me::get(&mut conn, uuid).await?;
let email_token = EmailToken::get(&mut conn, me.uuid).await?; let email_token = EmailToken::get(&data, me.uuid).await?;
if query.token != email_token.token { if query.token != email_token.token {
return Ok(HttpResponse::Unauthorized().finish()); return Ok(HttpResponse::Unauthorized().finish());
} }
if Utc::now().signed_duration_since(email_token.created_at) > Duration::hours(24) {
email_token.delete(&mut conn).await?;
return Ok(HttpResponse::Gone().finish());
}
me.verify_email(&mut conn).await?; me.verify_email(&mut conn).await?;
email_token.delete(&mut conn).await?; email_token.delete(&data).await?;
Ok(HttpResponse::Ok().finish()) Ok(HttpResponse::Ok().finish())
} }
@ -90,9 +85,9 @@ pub async fn post(req: HttpRequest, data: web::Data<Data>) -> Result<HttpRespons
return Ok(HttpResponse::NoContent().finish()); return Ok(HttpResponse::NoContent().finish());
} }
if let Ok(email_token) = EmailToken::get(&mut conn, me.uuid).await { if let Ok(email_token) = EmailToken::get(&data, me.uuid).await {
if Utc::now().signed_duration_since(email_token.created_at) > Duration::hours(1) { if Utc::now().signed_duration_since(email_token.created_at) > Duration::hours(1) {
email_token.delete(&mut conn).await?; email_token.delete(&data).await?;
} else { } else {
return Err(Error::TooManyRequests( return Err(Error::TooManyRequests(
"Please allow 1 hour before sending a new email".to_string(), "Please allow 1 hour before sending a new email".to_string(),

1
src/api/v1/channels/mod.rs
View file

@ -6,6 +6,7 @@ pub fn web() -> Scope {
web::scope("/channels") web::scope("/channels")
.service(uuid::get) .service(uuid::get)
.service(uuid::delete) .service(uuid::delete)
.service(uuid::patch)
.service(uuid::messages::get) .service(uuid::messages::get)
.service(uuid::socket::ws) .service(uuid::socket::ws)
} }

2
src/api/v1/channels/uuid/messages.rs
View file

@ -4,7 +4,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::{Channel, Member}, objects::{Channel, Member},
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };
use ::uuid::Uuid; use ::uuid::Uuid;

97
src/api/v1/channels/uuid/mod.rs
View file

@ -1,14 +1,13 @@
//! `/api/v1/channels/{uuid}` Channel specific endpoints
pub mod messages; pub mod messages;
pub mod socket; pub mod socket;
use crate::{ use crate::{
Data, api::v1::auth::check_access_token, error::Error, objects::{Channel, Member, Permissions}, utils::{get_auth_header, global_checks}, Data
api::v1::auth::check_access_token,
error::Error,
structs::{Channel, Member},
utils::{get_auth_header, global_checks},
}; };
use actix_web::{HttpRequest, HttpResponse, delete, get, web}; use actix_web::{HttpRequest, HttpResponse, delete, get, patch, web};
use serde::Deserialize;
use uuid::Uuid; use uuid::Uuid;
#[get("/{uuid}")] #[get("/{uuid}")]
@ -56,9 +55,93 @@ pub async fn delete(
let channel = Channel::fetch_one(&data, channel_uuid).await?; let channel = Channel::fetch_one(&data, channel_uuid).await?;
Member::check_membership(&mut conn, uuid, channel.guild_uuid).await?; let member = Member::check_membership(&mut conn, uuid, channel.guild_uuid).await?;
member.check_permission(&data, Permissions::DeleteChannel).await?;
channel.delete(&data).await?; channel.delete(&data).await?;
Ok(HttpResponse::Ok().finish()) Ok(HttpResponse::Ok().finish())
} }
#[derive(Deserialize)]
struct NewInfo {
name: Option<String>,
description: Option<String>,
is_above: Option<String>,
}
/// `PATCH /api/v1/channels/{uuid}` Returns user with the given UUID
///
/// requires auth: yes
///
/// requires relation: yes
///
/// ### Request Example
/// All fields are optional and can be nulled/dropped if only changing 1 value
/// ```
/// json!({
/// "name": "gaming-chat",
/// "description": "Gaming related topics.",
/// "is_above": "398f6d7b-752c-4348-9771-fe6024adbfb1"
/// });
/// ```
///
/// ### Response Example
/// ```
/// json!({
/// uuid: "cdcac171-5add-4f88-9559-3a247c8bba2c",
/// guild_uuid: "383d2afa-082f-4dd3-9050-ca6ed91487b6",
/// name: "gaming-chat",
/// description: "Gaming related topics.",
/// is_above: "398f6d7b-752c-4348-9771-fe6024adbfb1",
/// permissions: {
/// role_uuid: "79cc0806-0f37-4a06-a468-6639c4311a2d",
/// permissions: 0
/// }
/// });
/// ```
/// NOTE: UUIDs in this response are made using `uuidgen`, UUIDs made by the actual backend will be UUIDv7 and have extractable timestamps
#[patch("/{uuid}")]
pub async fn patch(
req: HttpRequest,
path: web::Path<(Uuid,)>,
new_info: web::Json<NewInfo>,
data: web::Data<Data>,
) -> Result<HttpResponse, Error> {
let headers = req.headers();
let auth_header = get_auth_header(headers)?;
let channel_uuid = path.into_inner().0;
let mut conn = data.pool.get().await?;
let uuid = check_access_token(auth_header, &mut conn).await?;
global_checks(&data, uuid).await?;
let mut channel = Channel::fetch_one(&data, channel_uuid).await?;
let member = Member::check_membership(&mut conn, uuid, channel.guild_uuid).await?;
member.check_permission(&data, Permissions::ManageChannel).await?;
if let Some(new_name) = &new_info.name {
channel.set_name(&data, new_name.to_string()).await?;
}
if let Some(new_description) = &new_info.description {
channel
.set_description(&data, new_description.to_string())
.await?;
}
if let Some(new_is_above) = &new_info.is_above {
channel
.set_description(&data, new_is_above.to_string())
.await?;
}
Ok(HttpResponse::Ok().json(channel))
}

2
src/api/v1/channels/uuid/socket.rs
View file

@ -10,7 +10,7 @@ use uuid::Uuid;
use crate::{ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
structs::{Channel, Member}, objects::{Channel, Member},
utils::{get_ws_protocol_header, global_checks}, utils::{get_ws_protocol_header, global_checks},
}; };

2
src/api/v1/guilds/mod.rs
View file

@ -9,7 +9,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::{Guild, StartAmountQuery}, objects::{Guild, StartAmountQuery},
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };

10
src/api/v1/guilds/uuid/channels.rs
View file

@ -1,9 +1,5 @@
use crate::{ use crate::{
Data, api::v1::auth::check_access_token, error::Error, objects::{Channel, Member, Permissions}, utils::{get_auth_header, global_checks, order_by_is_above}, Data
api::v1::auth::check_access_token,
error::Error,
structs::{Channel, Member},
utils::{get_auth_header, global_checks, order_by_is_above},
}; };
use ::uuid::Uuid; use ::uuid::Uuid;
use actix_web::{HttpRequest, HttpResponse, get, post, web}; use actix_web::{HttpRequest, HttpResponse, get, post, web};
@ -74,9 +70,9 @@ pub async fn create(
global_checks(&data, uuid).await?; global_checks(&data, uuid).await?;
Member::check_membership(&mut conn, uuid, guild_uuid).await?; let member = Member::check_membership(&mut conn, uuid, guild_uuid).await?;
// FIXME: Logic to check permissions, should probably be done in utils.rs member.check_permission(&data, Permissions::CreateChannel).await?;
let channel = Channel::new( let channel = Channel::new(
data.clone(), data.clone(),

12
src/api/v1/guilds/uuid/icon.rs
View file

@ -5,11 +5,7 @@ use futures_util::StreamExt as _;
use uuid::Uuid; use uuid::Uuid;
use crate::{ use crate::{
Data, api::v1::auth::check_access_token, error::Error, objects::{Guild, Member, Permissions}, utils::{get_auth_header, global_checks}, Data
api::v1::auth::check_access_token,
error::Error,
structs::{Guild, Member},
utils::{get_auth_header, global_checks},
}; };
/// `PUT /api/v1/guilds/{uuid}/icon` Icon upload /// `PUT /api/v1/guilds/{uuid}/icon` Icon upload
@ -36,7 +32,9 @@ pub async fn upload(
global_checks(&data, uuid).await?; global_checks(&data, uuid).await?;
Member::check_membership(&mut conn, uuid, guild_uuid).await?; let member = Member::check_membership(&mut conn, uuid, guild_uuid).await?;
member.check_permission(&data, Permissions::ManageServer).await?;
let mut guild = Guild::fetch_one(&mut conn, guild_uuid).await?; let mut guild = Guild::fetch_one(&mut conn, guild_uuid).await?;
@ -47,7 +45,7 @@ pub async fn upload(
guild guild
.set_icon( .set_icon(
&data.bunny_cdn, &data.bunny_storage,
&mut conn, &mut conn,
data.config.bunny.cdn_url.clone(), data.config.bunny.cdn_url.clone(),
bytes, bytes,

18
src/api/v1/guilds/uuid/invites/mod.rs
View file

@ -3,16 +3,12 @@ use serde::Deserialize;
use uuid::Uuid; use uuid::Uuid;
use crate::{ use crate::{
Data, api::v1::auth::check_access_token, error::Error, objects::{Guild, Member, Permissions}, utils::{get_auth_header, global_checks}, Data
api::v1::auth::check_access_token,
error::Error,
structs::{Guild, Member},
utils::{get_auth_header, global_checks},
}; };
#[derive(Deserialize)] #[derive(Deserialize)]
struct InviteRequest { struct InviteRequest {
custom_id: String, custom_id: Option<String>,
} }
#[get("{uuid}/invites")] #[get("{uuid}/invites")]
@ -46,7 +42,7 @@ pub async fn get(
pub async fn create( pub async fn create(
req: HttpRequest, req: HttpRequest,
path: web::Path<(Uuid,)>, path: web::Path<(Uuid,)>,
invite_request: web::Json<Option<InviteRequest>>, invite_request: web::Json<InviteRequest>,
data: web::Data<Data>, data: web::Data<Data>,
) -> Result<HttpResponse, Error> { ) -> Result<HttpResponse, Error> {
let headers = req.headers(); let headers = req.headers();
@ -61,13 +57,13 @@ pub async fn create(
global_checks(&data, uuid).await?; global_checks(&data, uuid).await?;
Member::check_membership(&mut conn, uuid, guild_uuid).await?; let member = Member::check_membership(&mut conn, uuid, guild_uuid).await?;
member.check_permission(&data, Permissions::CreateInvite).await?;
let guild = Guild::fetch_one(&mut conn, guild_uuid).await?; let guild = Guild::fetch_one(&mut conn, guild_uuid).await?;
let custom_id = invite_request.as_ref().map(|ir| ir.custom_id.clone()); let invite = guild.create_invite(&mut conn, uuid, invite_request.custom_id.clone()).await?;
let invite = guild.create_invite(&mut conn, uuid, custom_id).await?;
Ok(HttpResponse::Ok().json(invite)) Ok(HttpResponse::Ok().json(invite))
} }

2
src/api/v1/guilds/uuid/members.rs
View file

@ -2,7 +2,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::Member, objects::Member,
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };
use ::uuid::Uuid; use ::uuid::Uuid;

2
src/api/v1/guilds/uuid/mod.rs
View file

@ -13,7 +13,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::{Guild, Member}, objects::{Guild, Member},
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };

10
src/api/v1/guilds/uuid/roles/mod.rs
View file

@ -3,11 +3,7 @@ use actix_web::{HttpRequest, HttpResponse, get, post, web};
use serde::Deserialize; use serde::Deserialize;
use crate::{ use crate::{
Data, api::v1::auth::check_access_token, error::Error, objects::{Member, Permissions, Role}, utils::{get_auth_header, global_checks, order_by_is_above}, Data
api::v1::auth::check_access_token,
error::Error,
structs::{Member, Role},
utils::{get_auth_header, global_checks, order_by_is_above},
}; };
pub mod uuid; pub mod uuid;
@ -70,9 +66,9 @@ pub async fn create(
global_checks(&data, uuid).await?; global_checks(&data, uuid).await?;
Member::check_membership(&mut conn, uuid, guild_uuid).await?; let member = Member::check_membership(&mut conn, uuid, guild_uuid).await?;
// FIXME: Logic to check permissions, should probably be done in utils.rs member.check_permission(&data, Permissions::CreateRole).await?;
let role = Role::new(&mut conn, guild_uuid, role_info.name.clone()).await?; let role = Role::new(&mut conn, guild_uuid, role_info.name.clone()).await?;

2
src/api/v1/guilds/uuid/roles/uuid.rs
View file

@ -2,7 +2,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::{Member, Role}, objects::{Member, Role},
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };
use ::uuid::Uuid; use ::uuid::Uuid;

2
src/api/v1/invites/id.rs
View file

@ -4,7 +4,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::{Guild, Invite, Member}, objects::{Guild, Invite, Member},
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };

2
src/api/v1/me/guilds.rs
View file

@ -6,7 +6,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::Me, objects::Me,
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };

18
src/api/v1/me/mod.rs
View file

@ -6,7 +6,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::Me, objects::Me,
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };
@ -41,6 +41,7 @@ struct NewInfo {
//password: Option<String>, will probably be handled through a reset password link //password: Option<String>, will probably be handled through a reset password link
email: Option<String>, email: Option<String>,
pronouns: Option<String>, pronouns: Option<String>,
about: Option<String>,
} }
#[derive(Debug, MultipartForm)] #[derive(Debug, MultipartForm)]
@ -64,10 +65,7 @@ pub async fn update(
let uuid = check_access_token(auth_header, &mut conn).await?; let uuid = check_access_token(auth_header, &mut conn).await?;
if form.avatar.is_some() if form.avatar.is_some() || form.json.username.is_some() || form.json.display_name.is_some() {
|| form.json.username.is_some()
|| form.json.display_name.is_some()
{
global_checks(&data, uuid).await?; global_checks(&data, uuid).await?;
} }
@ -78,11 +76,7 @@ pub async fn update(
let byte_slice: &[u8] = &bytes; let byte_slice: &[u8] = &bytes;
me.set_avatar( me.set_avatar(&data, data.config.bunny.cdn_url.clone(), byte_slice.into())
&data,
data.config.bunny.cdn_url.clone(),
byte_slice.into(),
)
.await?; .await?;
} }
@ -102,5 +96,9 @@ pub async fn update(
me.set_pronouns(&data, pronouns.clone()).await?; me.set_pronouns(&data, pronouns.clone()).await?;
} }
if let Some(about) = &form.json.about {
me.set_about(&data, about.clone()).await?;
}
Ok(HttpResponse::Ok().finish()) Ok(HttpResponse::Ok().finish())
} }

2
src/api/v1/users/mod.rs
View file

@ -6,7 +6,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::{StartAmountQuery, User}, objects::{StartAmountQuery, User},
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };

2
src/api/v1/users/uuid.rs
View file

@ -7,7 +7,7 @@ use crate::{
Data, Data,
api::v1::auth::check_access_token, api::v1::auth::check_access_token,
error::Error, error::Error,
structs::User, objects::User,
utils::{get_auth_header, global_checks}, utils::{get_auth_header, global_checks},
}; };

17
src/main.rs
View file

@ -5,9 +5,9 @@ use clap::Parser;
use diesel_async::pooled_connection::AsyncDieselConnectionManager; use diesel_async::pooled_connection::AsyncDieselConnectionManager;
use diesel_async::pooled_connection::deadpool::Pool; use diesel_async::pooled_connection::deadpool::Pool;
use error::Error; use error::Error;
use objects::MailClient;
use simple_logger::SimpleLogger; use simple_logger::SimpleLogger;
use std::time::SystemTime; use std::time::SystemTime;
use structs::MailClient;
mod config; mod config;
use config::{Config, ConfigBuilder}; use config::{Config, ConfigBuilder};
use diesel_migrations::{EmbeddedMigrations, MigrationHarness, embed_migrations}; use diesel_migrations::{EmbeddedMigrations, MigrationHarness, embed_migrations};
@ -19,8 +19,8 @@ type Conn =
mod api; mod api;
pub mod error; pub mod error;
pub mod objects;
pub mod schema; pub mod schema;
pub mod structs;
pub mod utils; pub mod utils;
#[derive(Parser, Debug)] #[derive(Parser, Debug)]
@ -40,7 +40,7 @@ pub struct Data {
pub config: Config, pub config: Config,
pub argon2: Argon2<'static>, pub argon2: Argon2<'static>,
pub start_time: SystemTime, pub start_time: SystemTime,
pub bunny_cdn: bunny_api_tokio::Client, pub bunny_storage: bunny_api_tokio::EdgeStorageClient,
pub mail_client: MailClient, pub mail_client: MailClient,
} }
@ -65,14 +65,9 @@ async fn main() -> Result<(), Error> {
let cache_pool = redis::Client::open(config.cache_database.url())?; let cache_pool = redis::Client::open(config.cache_database.url())?;
let mut bunny_cdn = bunny_api_tokio::Client::new("").await?;
let bunny = config.bunny.clone(); let bunny = config.bunny.clone();
bunny_cdn let bunny_storage = bunny_api_tokio::EdgeStorageClient::new(bunny.api_key, bunny.endpoint, bunny.storage_zone).await?;
.storage
.init(bunny.api_key, bunny.endpoint, bunny.storage_zone)
.await?;
let mail = config.mail.clone(); let mail = config.mail.clone();
@ -122,7 +117,7 @@ async fn main() -> Result<(), Error> {
// TODO: Possibly implement "pepper" into this (thinking it could generate one if it doesnt exist and store it on disk) // TODO: Possibly implement "pepper" into this (thinking it could generate one if it doesnt exist and store it on disk)
argon2: Argon2::default(), argon2: Argon2::default(),
start_time: SystemTime::now(), start_time: SystemTime::now(),
bunny_cdn, bunny_storage,
mail_client, mail_client,
}; };
@ -155,7 +150,7 @@ async fn main() -> Result<(), Error> {
App::new() App::new()
.app_data(web::Data::new(data.clone())) .app_data(web::Data::new(data.clone()))
.wrap(cors) .wrap(cors)
.service(api::web(&data.config.web.backend_url.path())) .service(api::web(data.config.web.backend_url.path()))
}) })
.bind((web.ip, web.port))? .bind((web.ip, web.port))?
.run() .run()

384
src/objects/channel.rs Normal file
View file

@ -0,0 +1,384 @@
use diesel::{
ExpressionMethods, Insertable, QueryDsl, Queryable, Selectable, SelectableHelper, delete,
insert_into, update,
};
use diesel_async::{RunQueryDsl, pooled_connection::AsyncDieselConnectionManager};
use serde::{Deserialize, Serialize};
use uuid::Uuid;
use crate::{
Conn, Data,
error::Error,
schema::{channel_permissions, channels, messages},
utils::{CHANNEL_REGEX, order_by_is_above},
};
use super::{HasIsAbove, HasUuid, Message, load_or_empty, message::MessageBuilder};
#[derive(Queryable, Selectable, Insertable, Clone, Debug)]
#[diesel(table_name = channels)]
#[diesel(check_for_backend(diesel::pg::Pg))]
struct ChannelBuilder {
uuid: Uuid,
guild_uuid: Uuid,
name: String,
description: Option<String>,
is_above: Option<Uuid>,
}
impl ChannelBuilder {
async fn build(self, conn: &mut Conn) -> Result<Channel, Error> {
use self::channel_permissions::dsl::*;
let channel_permission: Vec<ChannelPermission> = load_or_empty(
channel_permissions
.filter(channel_uuid.eq(self.uuid))
.select(ChannelPermission::as_select())
.load(conn)
.await,
)?;
Ok(Channel {
uuid: self.uuid,
guild_uuid: self.guild_uuid,
name: self.name,
description: self.description,
is_above: self.is_above,
permissions: channel_permission,
})
}
}
#[derive(Serialize, Deserialize, Clone, Debug)]
pub struct Channel {
pub uuid: Uuid,
pub guild_uuid: Uuid,
name: String,
description: Option<String>,
pub is_above: Option<Uuid>,
pub permissions: Vec<ChannelPermission>,
}
#[derive(Serialize, Deserialize, Clone, Queryable, Selectable, Debug)]
#[diesel(table_name = channel_permissions)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct ChannelPermission {
pub role_uuid: Uuid,
pub permissions: i64,
}
impl HasUuid for Channel {
fn uuid(&self) -> &Uuid {
self.uuid.as_ref()
}
}
impl HasIsAbove for Channel {
fn is_above(&self) -> Option<&Uuid> {
self.is_above.as_ref()
}
}
impl Channel {
pub async fn fetch_all(
pool: &deadpool::managed::Pool<
AsyncDieselConnectionManager<diesel_async::AsyncPgConnection>,
Conn,
>,
guild_uuid: Uuid,
) -> Result<Vec<Self>, Error> {
let mut conn = pool.get().await?;
use channels::dsl;
let channel_builders: Vec<ChannelBuilder> = load_or_empty(
dsl::channels
.filter(dsl::guild_uuid.eq(guild_uuid))
.select(ChannelBuilder::as_select())
.load(&mut conn)
.await,
)?;
let channel_futures = channel_builders.iter().map(async move |c| {
let mut conn = pool.get().await?;
c.clone().build(&mut conn).await
});
futures::future::try_join_all(channel_futures).await
}
pub async fn fetch_one(data: &Data, channel_uuid: Uuid) -> Result<Self, Error> {
if let Ok(cache_hit) = data.get_cache_key(channel_uuid.to_string()).await {
return Ok(serde_json::from_str(&cache_hit)?);
}
let mut conn = data.pool.get().await?;
use channels::dsl;
let channel_builder: ChannelBuilder = dsl::channels
.filter(dsl::uuid.eq(channel_uuid))
.select(ChannelBuilder::as_select())
.get_result(&mut conn)
.await?;
let channel = channel_builder.build(&mut conn).await?;
data.set_cache_key(channel_uuid.to_string(), channel.clone(), 60)
.await?;
Ok(channel)
}
pub async fn new(
data: actix_web::web::Data<Data>,
guild_uuid: Uuid,
name: String,
description: Option<String>,
) -> Result<Self, Error> {
if !CHANNEL_REGEX.is_match(&name) {
return Err(Error::BadRequest("Channel name is invalid".to_string()));
}
let mut conn = data.pool.get().await?;
let channel_uuid = Uuid::now_v7();
let channels = Self::fetch_all(&data.pool, guild_uuid).await?;
let channels_ordered = order_by_is_above(channels).await?;
let last_channel = channels_ordered.last();
let new_channel = ChannelBuilder {
uuid: channel_uuid,
guild_uuid,
name: name.clone(),
description: description.clone(),
is_above: None,
};
insert_into(channels::table)
.values(new_channel.clone())
.execute(&mut conn)
.await?;
if let Some(old_last_channel) = last_channel {
use channels::dsl;
update(channels::table)
.filter(dsl::uuid.eq(old_last_channel.uuid))
.set(dsl::is_above.eq(new_channel.uuid))
.execute(&mut conn)
.await?;
}
// returns different object because there's no reason to build the channelbuilder (wastes 1 database request)
let channel = Self {
uuid: channel_uuid,
guild_uuid,
name,
description,
is_above: None,
permissions: vec![],
};
data.set_cache_key(channel_uuid.to_string(), channel.clone(), 1800)
.await?;
if data
.get_cache_key(format!("{}_channels", guild_uuid))
.await
.is_ok()
{
data.del_cache_key(format!("{}_channels", guild_uuid))
.await?;
}
Ok(channel)
}
pub async fn delete(self, data: &Data) -> Result<(), Error> {
let mut conn = data.pool.get().await?;
use channels::dsl;
match update(channels::table)
.filter(dsl::is_above.eq(self.uuid))
.set(dsl::is_above.eq(None::<Uuid>))
.execute(&mut conn)
.await
{
Ok(r) => Ok(r),
Err(diesel::result::Error::NotFound) => Ok(0),
Err(e) => Err(e),
}?;
delete(channels::table)
.filter(dsl::uuid.eq(self.uuid))
.execute(&mut conn)
.await?;
match update(channels::table)
.filter(dsl::is_above.eq(self.uuid))
.set(dsl::is_above.eq(self.is_above))
.execute(&mut conn)
.await
{
Ok(r) => Ok(r),
Err(diesel::result::Error::NotFound) => Ok(0),
Err(e) => Err(e),
}?;
if data.get_cache_key(self.uuid.to_string()).await.is_ok() {
data.del_cache_key(self.uuid.to_string()).await?;
}
if data
.get_cache_key(format!("{}_channels", self.guild_uuid))
.await
.is_ok()
{
data.del_cache_key(format!("{}_channels", self.guild_uuid))
.await?;
}
Ok(())
}
pub async fn fetch_messages(
&self,
data: &Data,
amount: i64,
offset: i64,
) -> Result<Vec<Message>, Error> {
let mut conn = data.pool.get().await?;
use messages::dsl;
let messages: Vec<MessageBuilder> = load_or_empty(
dsl::messages
.filter(dsl::channel_uuid.eq(self.uuid))
.select(MessageBuilder::as_select())
.order(dsl::uuid.desc())
.limit(amount)
.offset(offset)
.load(&mut conn)
.await,
)?;
let message_futures = messages.iter().map(async move |b| b.build(data).await);
futures::future::try_join_all(message_futures).await
}
pub async fn new_message(
&self,
data: &Data,
user_uuid: Uuid,
message: String,
) -> Result<Message, Error> {
let message_uuid = Uuid::now_v7();
let message = MessageBuilder {
uuid: message_uuid,
channel_uuid: self.uuid,
user_uuid,
message,
};
let mut conn = data.pool.get().await?;
insert_into(messages::table)
.values(message.clone())
.execute(&mut conn)
.await?;
message.build(data).await
}
pub async fn set_name(&mut self, data: &Data, new_name: String) -> Result<(), Error> {
if !CHANNEL_REGEX.is_match(&new_name) {
return Err(Error::BadRequest("Channel name is invalid".to_string()));
}
let mut conn = data.pool.get().await?;
use channels::dsl;
update(channels::table)
.filter(dsl::uuid.eq(self.uuid))
.set(dsl::name.eq(&new_name))
.execute(&mut conn)
.await?;
self.name = new_name;
Ok(())
}
pub async fn set_description(
&mut self,
data: &Data,
new_description: String,
) -> Result<(), Error> {
let mut conn = data.pool.get().await?;
use channels::dsl;
update(channels::table)
.filter(dsl::uuid.eq(self.uuid))
.set(dsl::description.eq(&new_description))
.execute(&mut conn)
.await?;
self.description = Some(new_description);
Ok(())
}
pub async fn move_channel(&mut self, data: &Data, new_is_above: Uuid) -> Result<(), Error> {
let mut conn = data.pool.get().await?;
use channels::dsl;
let old_above_uuid: Option<Uuid> = match dsl::channels
.filter(dsl::is_above.eq(self.uuid))
.select(dsl::uuid)
.get_result(&mut conn)
.await
{
Ok(r) => Ok(Some(r)),
Err(diesel::result::Error::NotFound) => Ok(None),
Err(e) => Err(e),
}?;
if let Some(uuid) = old_above_uuid {
update(channels::table)
.filter(dsl::uuid.eq(uuid))
.set(dsl::is_above.eq(None::<Uuid>))
.execute(&mut conn)
.await?;
}
match update(channels::table)
.filter(dsl::is_above.eq(new_is_above))
.set(dsl::is_above.eq(self.uuid))
.execute(&mut conn)
.await
{
Ok(r) => Ok(r),
Err(diesel::result::Error::NotFound) => Ok(0),
Err(e) => Err(e),
}?;
update(channels::table)
.filter(dsl::uuid.eq(self.uuid))
.set(dsl::is_above.eq(new_is_above))
.execute(&mut conn)
.await?;
if let Some(uuid) = old_above_uuid {
update(channels::table)
.filter(dsl::uuid.eq(uuid))
.set(dsl::is_above.eq(self.is_above))
.execute(&mut conn)
.await?;
}
self.is_above = Some(new_is_above);
Ok(())
}
}

61
src/objects/email_token.rs Normal file
View file

@ -0,0 +1,61 @@
use chrono::Utc;
use lettre::message::MultiPart;
use serde::{Deserialize, Serialize};
use uuid::Uuid;
use crate::{Data, error::Error, utils::generate_token};
use super::Me;
#[derive(Serialize, Deserialize)]
pub struct EmailToken {
user_uuid: Uuid,
pub token: String,
pub created_at: chrono::DateTime<Utc>,
}
impl EmailToken {
pub async fn get(data: &Data, user_uuid: Uuid) -> Result<EmailToken, Error> {
let email_token = serde_json::from_str(&data.get_cache_key(format!("{}_email_verify", user_uuid)).await?)?;
Ok(email_token)
}
#[allow(clippy::new_ret_no_self)]
pub async fn new(data: &Data, me: Me) -> Result<(), Error> {
let token = generate_token::<32>()?;
let email_token = EmailToken {
user_uuid: me.uuid,
token: token.clone(),
// TODO: Check if this can be replaced with something built into valkey
created_at: Utc::now()
};
data.set_cache_key(format!("{}_email_verify", me.uuid), email_token, 86400).await?;
let mut verify_endpoint = data.config.web.frontend_url.join("verify-email")?;
verify_endpoint.set_query(Some(&format!("token={}", token)));
let email = data
.mail_client
.message_builder()
.to(me.email.parse()?)
.subject(format!("{} E-mail Verification", data.config.instance.name))
.multipart(MultiPart::alternative_plain_html(
format!("Verify your {} account\n\nHello, {}!\nThanks for creating a new account on Gorb.\nThe final step to create your account is to verify your email address by visiting the page, within 24 hours.\n\n{}\n\nIf you didn't ask to verify this address, you can safely ignore this email\n\nThanks, The gorb team.", data.config.instance.name, me.username, verify_endpoint),
format!(r#"<html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><style>:root{{--header-text-colour: #ffffff;--footer-text-colour: #7f7f7f;--button-text-colour: #170e08;--text-colour: #170e08;--background-colour: #fbf6f2;--primary-colour: #df5f0b;--secondary-colour: #e8ac84;--accent-colour: #e68b4e;}}@media (prefers-color-scheme: dark){{:root{{--header-text-colour: #ffffff;--footer-text-colour: #585858;--button-text-colour: #ffffff;--text-colour: #f7eee8;--background-colour: #0c0704;--primary-colour: #f4741f;--secondary-colour: #7c4018;--accent-colour: #b35719;}}}}@media (max-width: 600px){{.container{{width: 100%;}}}}body{{font-family: Arial, sans-serif;align-content: center;text-align: center;margin: 0;padding: 0;background-color: var(--background-colour);color: var(--text-colour);width: 100%;max-width: 600px;margin: 0 auto;border-radius: 5px;}}.header{{background-color: var(--primary-colour);color: var(--header-text-colour);padding: 20px;}}.verify-button{{background-color: var(--accent-colour);color: var(--button-text-colour);padding: 12px 30px;margin: 16px;font-size: 20px;transition: background-color 0.3s;cursor: pointer;border: none;border-radius: 14px;text-decoration: none;display: inline-block;}}.verify-button:hover{{background-color: var(--secondary-colour);}}.content{{padding: 20px 30px;}}.footer{{padding: 10px;font-size: 12px;color: var(--footer-text-colour);}}</style></head><body><div class="container"><div class="header"><h1>Verify your {} Account</h1></div><div class="content"><h2>Hello, {}!</h2><p>Thanks for creating a new account on Gorb.</p><p>The final step to create your account is to verify your email address by clicking the button below, within 24 hours.</p><a href="{}" class="verify-button">VERIFY ACCOUNT</a><p>If you didn't ask to verify this address, you can safely ignore this email.</p><div class="footer"><p>Thanks<br>The gorb team.</p></div></div></div></body></html>"#, data.config.instance.name, me.username, verify_endpoint)
))?;
data.mail_client.send_mail(email).await?;
Ok(())
}
pub async fn delete(&self, data: &Data) -> Result<(), Error> {
data.del_cache_key(format!("{}_email_verify", self.user_uuid)).await?;
Ok(())
}
}

222
src/objects/guild.rs Normal file
View file

@ -0,0 +1,222 @@
use actix_web::web::BytesMut;
use diesel::{
ExpressionMethods, Insertable, QueryDsl, Queryable, Selectable, SelectableHelper, insert_into,
update,
};
use diesel_async::{RunQueryDsl, pooled_connection::AsyncDieselConnectionManager};
use serde::Serialize;
use tokio::task;
use url::Url;
use uuid::Uuid;
use crate::{
Conn,
error::Error,
schema::{guild_members, guilds, invites},
utils::image_check,
};
use super::{Invite, Member, Role, load_or_empty, member::MemberBuilder};
#[derive(Serialize, Queryable, Selectable, Insertable, Clone)]
#[diesel(table_name = guilds)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct GuildBuilder {
uuid: Uuid,
name: String,
description: Option<String>,
icon: Option<String>,
}
impl GuildBuilder {
pub async fn build(self, conn: &mut Conn) -> Result<Guild, Error> {
let member_count = Member::count(conn, self.uuid).await?;
let roles = Role::fetch_all(conn, self.uuid).await?;
Ok(Guild {
uuid: self.uuid,
name: self.name,
description: self.description,
icon: self.icon.and_then(|i| i.parse().ok()),
roles,
member_count,
})
}
}
#[derive(Serialize)]
pub struct Guild {
pub uuid: Uuid,
name: String,
description: Option<String>,
icon: Option<Url>,
pub roles: Vec<Role>,
member_count: i64,
}
impl Guild {
pub async fn fetch_one(conn: &mut Conn, guild_uuid: Uuid) -> Result<Self, Error> {
use guilds::dsl;
let guild_builder: GuildBuilder = dsl::guilds
.filter(dsl::uuid.eq(guild_uuid))
.select(GuildBuilder::as_select())
.get_result(conn)
.await?;
guild_builder.build(conn).await
}
pub async fn fetch_amount(
pool: &deadpool::managed::Pool<
AsyncDieselConnectionManager<diesel_async::AsyncPgConnection>,
Conn,
>,
offset: i64,
amount: i64,
) -> Result<Vec<Self>, Error> {
// Fetch guild data from database
let mut conn = pool.get().await?;
use guilds::dsl;
let guild_builders: Vec<GuildBuilder> = load_or_empty(
dsl::guilds
.select(GuildBuilder::as_select())
.order_by(dsl::uuid)
.offset(offset)
.limit(amount)
.load(&mut conn)
.await,
)?;
// Process each guild concurrently
let guild_futures = guild_builders.iter().map(async move |g| {
let mut conn = pool.get().await?;
g.clone().build(&mut conn).await
});
// Execute all futures concurrently and collect results
futures::future::try_join_all(guild_futures).await
}
pub async fn new(conn: &mut Conn, name: String, owner_uuid: Uuid) -> Result<Self, Error> {
let guild_uuid = Uuid::now_v7();
let guild_builder = GuildBuilder {
uuid: guild_uuid,
name: name.clone(),
description: None,
icon: None,
};
insert_into(guilds::table)
.values(guild_builder)
.execute(conn)
.await?;
let member_uuid = Uuid::now_v7();
let member = MemberBuilder {
uuid: member_uuid,
nickname: None,
user_uuid: owner_uuid,
guild_uuid,
is_owner: true,
};
insert_into(guild_members::table)
.values(member)
.execute(conn)
.await?;
Ok(Guild {
uuid: guild_uuid,
name,
description: None,
icon: None,
roles: vec![],
member_count: 1,
})
}
pub async fn get_invites(&self, conn: &mut Conn) -> Result<Vec<Invite>, Error> {
use invites::dsl;
let invites = load_or_empty(
dsl::invites
.filter(dsl::guild_uuid.eq(self.uuid))
.select(Invite::as_select())
.load(conn)
.await,
)?;
Ok(invites)
}
pub async fn create_invite(
&self,
conn: &mut Conn,
user_uuid: Uuid,
custom_id: Option<String>,
) -> Result<Invite, Error> {
let invite_id;
if let Some(id) = custom_id {
invite_id = id;
if invite_id.len() > 32 {
return Err(Error::BadRequest("MAX LENGTH".to_string()));
}
} else {
let charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
invite_id = random_string::generate(8, charset);
}
let invite = Invite {
id: invite_id,
user_uuid,
guild_uuid: self.uuid,
};
insert_into(invites::table)
.values(invite.clone())
.execute(conn)
.await?;
Ok(invite)
}
// FIXME: Horrible security
pub async fn set_icon(
&mut self,
bunny_storage: &bunny_api_tokio::EdgeStorageClient,
conn: &mut Conn,
cdn_url: Url,
icon: BytesMut,
) -> Result<(), Error> {
let icon_clone = icon.clone();
let image_type = task::spawn_blocking(move || image_check(icon_clone)).await??;
if let Some(icon) = &self.icon {
let relative_url = icon.path().trim_start_matches('/');
bunny_storage.delete(relative_url).await?;
}
let path = format!("icons/{}/icon.{}", self.uuid, image_type);
bunny_storage.upload(path.clone(), icon.into()).await?;
let icon_url = cdn_url.join(&path)?;
use guilds::dsl;
update(guilds::table)
.filter(dsl::uuid.eq(self.uuid))
.set(dsl::icon.eq(icon_url.as_str()))
.execute(conn)
.await?;
self.icon = Some(icon_url);
Ok(())
}
}

30
src/objects/invite.rs Normal file
View file

@ -0,0 +1,30 @@
use diesel::{ExpressionMethods, Insertable, QueryDsl, Queryable, Selectable, SelectableHelper};
use diesel_async::RunQueryDsl;
use serde::Serialize;
use uuid::Uuid;
use crate::{Conn, error::Error, schema::invites};
/// Server invite struct
#[derive(Clone, Serialize, Queryable, Selectable, Insertable)]
pub struct Invite {
/// case-sensitive alphanumeric string with a fixed length of 8 characters, can be up to 32 characters for custom invites
pub id: String,
/// User that created the invite
pub user_uuid: Uuid,
/// UUID of the guild that the invite belongs to
pub guild_uuid: Uuid,
}
impl Invite {
pub async fn fetch_one(conn: &mut Conn, invite_id: String) -> Result<Self, Error> {
use invites::dsl;
let invite: Invite = dsl::invites
.filter(dsl::id.eq(invite_id))
.select(Invite::as_select())
.get_result(conn)
.await?;
Ok(invite)
}
}

231
src/objects/me.rs Normal file
View file

@ -0,0 +1,231 @@
use actix_web::web::BytesMut;
use diesel::{ExpressionMethods, QueryDsl, Queryable, Selectable, SelectableHelper, update};
use diesel_async::RunQueryDsl;
use serde::Serialize;
use tokio::task;
use url::Url;
use uuid::Uuid;
use crate::{
Conn, Data,
error::Error,
schema::{guild_members, guilds, users},
utils::{EMAIL_REGEX, USERNAME_REGEX, image_check},
};
use super::{Guild, guild::GuildBuilder, load_or_empty, member::MemberBuilder};
#[derive(Serialize, Queryable, Selectable)]
#[diesel(table_name = users)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct Me {
pub uuid: Uuid,
pub username: String,
pub display_name: Option<String>,
avatar: Option<String>,
pronouns: Option<String>,
about: Option<String>,
pub email: String,
pub email_verified: bool,
}
impl Me {
pub async fn get(conn: &mut Conn, user_uuid: Uuid) -> Result<Self, Error> {
use users::dsl;
let me: Me = dsl::users
.filter(dsl::uuid.eq(user_uuid))
.select(Me::as_select())
.get_result(conn)
.await?;
Ok(me)
}
pub async fn fetch_memberships(&self, conn: &mut Conn) -> Result<Vec<Guild>, Error> {
use guild_members::dsl;
let memberships: Vec<MemberBuilder> = load_or_empty(
dsl::guild_members
.filter(dsl::user_uuid.eq(self.uuid))
.select(MemberBuilder::as_select())
.load(conn)
.await,
)?;
let mut guilds: Vec<Guild> = vec![];
for membership in memberships {
use guilds::dsl;
guilds.push(
dsl::guilds
.filter(dsl::uuid.eq(membership.guild_uuid))
.select(GuildBuilder::as_select())
.get_result(conn)
.await?
.build(conn)
.await?,
)
}
Ok(guilds)
}
pub async fn set_avatar(
&mut self,
data: &Data,
cdn_url: Url,
avatar: BytesMut,
) -> Result<(), Error> {
let avatar_clone = avatar.clone();
let image_type = task::spawn_blocking(move || image_check(avatar_clone)).await??;
let mut conn = data.pool.get().await?;
if let Some(avatar) = &self.avatar {
let avatar_url: Url = avatar.parse()?;
let relative_url = avatar_url.path().trim_start_matches('/');
data.bunny_storage.delete(relative_url).await?;
}
let path = format!("avatar/{}/avatar.{}", self.uuid, image_type);
data.bunny_storage
.upload(path.clone(), avatar.into())
.await?;
let avatar_url = cdn_url.join(&path)?;
use users::dsl;
update(users::table)
.filter(dsl::uuid.eq(self.uuid))
.set(dsl::avatar.eq(avatar_url.as_str()))
.execute(&mut conn)
.await?;
if data.get_cache_key(self.uuid.to_string()).await.is_ok() {
data.del_cache_key(self.uuid.to_string()).await?
}
self.avatar = Some(avatar_url.to_string());
Ok(())
}
pub async fn verify_email(&self, conn: &mut Conn) -> Result<(), Error> {
use users::dsl;
update(users::table)
.filter(dsl::uuid.eq(self.uuid))
.set(dsl::email_verified.eq(true))
.execute(conn)
.await?;
Ok(())
}
pub async fn set_username(&mut self, data: &Data, new_username: String) -> Result<(), Error> {
if !USERNAME_REGEX.is_match(&new_username) {
return Err(Error::BadRequest("Invalid username".to_string()));
}
let mut conn = data.pool.get().await?;
use users::dsl;
update(users::table)
.filter(dsl::uuid.eq(self.uuid))
.set(dsl::username.eq(new_username.as_str()))
.execute(&mut conn)
.await?;
if data.get_cache_key(self.uuid.to_string()).await.is_ok() {
data.del_cache_key(self.uuid.to_string()).await?
}
self.username = new_username;
Ok(())
}
pub async fn set_display_name(
&mut self,
data: &Data,
new_display_name: String,
) -> Result<(), Error> {
let mut conn = data.pool.get().await?;
use users::dsl;
update(users::table)
.filter(dsl::uuid.eq(self.uuid))
.set(dsl::display_name.eq(new_display_name.as_str()))
.execute(&mut conn)
.await?;
if data.get_cache_key(self.uuid.to_string()).await.is_ok() {
data.del_cache_key(self.uuid.to_string()).await?
}
self.display_name = Some(new_display_name);
Ok(())
}
pub async fn set_email(&mut self, data: &Data, new_email: String) -> Result<(), Error> {
if !EMAIL_REGEX.is_match(&new_email) {
return Err(Error::BadRequest("Invalid username".to_string()));
}
let mut conn = data.pool.get().await?;
use users::dsl;
update(users::table)
.filter(dsl::uuid.eq(self.uuid))
.set((
dsl::email.eq(new_email.as_str()),
dsl::email_verified.eq(false),
))
.execute(&mut conn)
.await?;
if data.get_cache_key(self.uuid.to_string()).await.is_ok() {
data.del_cache_key(self.uuid.to_string()).await?
}
self.email = new_email;
Ok(())
}
pub async fn set_pronouns(&mut self, data: &Data, new_pronouns: String) -> Result<(), Error> {
let mut conn = data.pool.get().await?;
use users::dsl;
update(users::table)
.filter(dsl::uuid.eq(self.uuid))
.set((dsl::pronouns.eq(new_pronouns.as_str()),))
.execute(&mut conn)
.await?;
if data.get_cache_key(self.uuid.to_string()).await.is_ok() {
data.del_cache_key(self.uuid.to_string()).await?
}
Ok(())
}
pub async fn set_about(&mut self, data: &Data, new_about: String) -> Result<(), Error> {
let mut conn = data.pool.get().await?;
use users::dsl;
update(users::table)
.filter(dsl::uuid.eq(self.uuid))
.set((dsl::about.eq(new_about.as_str()),))
.execute(&mut conn)
.await?;
if data.get_cache_key(self.uuid.to_string()).await.is_ok() {
data.del_cache_key(self.uuid.to_string()).await?
}
Ok(())
}
}

141
src/objects/member.rs Normal file
View file

@ -0,0 +1,141 @@
use diesel::{
ExpressionMethods, Insertable, QueryDsl, Queryable, Selectable, SelectableHelper, insert_into,
};
use diesel_async::RunQueryDsl;
use serde::{Deserialize, Serialize};
use uuid::Uuid;
use crate::{error::Error, objects::{Permissions, Role}, schema::guild_members, Conn, Data};
use super::{User, load_or_empty};
#[derive(Serialize, Queryable, Selectable, Insertable)]
#[diesel(table_name = guild_members)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct MemberBuilder {
pub uuid: Uuid,
pub nickname: Option<String>,
pub user_uuid: Uuid,
pub guild_uuid: Uuid,
pub is_owner: bool,
}
impl MemberBuilder {
pub async fn build(&self, data: &Data) -> Result<Member, Error> {
let user = User::fetch_one(data, self.user_uuid).await?;
Ok(Member {
uuid: self.uuid,
nickname: self.nickname.clone(),
user_uuid: self.user_uuid,
guild_uuid: self.guild_uuid,
is_owner: self.is_owner,
user,
})
}
pub async fn check_permission(&self, data: &Data, permission: Permissions) -> Result<(), Error> {
if !self.is_owner {
let roles = Role::fetch_from_member(&data, self.uuid).await?;
let allowed = roles.iter().any(|r| r.permissions & permission as i64 != 0);
if !allowed {
return Err(Error::Forbidden("Not allowed".to_string()))
}
}
Ok(())
}
}
#[derive(Serialize, Deserialize)]
pub struct Member {
pub uuid: Uuid,
pub nickname: Option<String>,
pub user_uuid: Uuid,
pub guild_uuid: Uuid,
pub is_owner: bool,
user: User,
}
impl Member {
pub async fn count(conn: &mut Conn, guild_uuid: Uuid) -> Result<i64, Error> {
use guild_members::dsl;
let count: i64 = dsl::guild_members
.filter(dsl::guild_uuid.eq(guild_uuid))
.count()
.get_result(conn)
.await?;
Ok(count)
}
pub async fn check_membership(
conn: &mut Conn,
user_uuid: Uuid,
guild_uuid: Uuid,
) -> Result<MemberBuilder, Error> {
use guild_members::dsl;
let member_builder = dsl::guild_members
.filter(dsl::user_uuid.eq(user_uuid))
.filter(dsl::guild_uuid.eq(guild_uuid))
.select(MemberBuilder::as_select())
.get_result(conn)
.await?;
Ok(member_builder)
}
pub async fn fetch_one(data: &Data, user_uuid: Uuid, guild_uuid: Uuid) -> Result<Self, Error> {
let mut conn = data.pool.get().await?;
use guild_members::dsl;
let member: MemberBuilder = dsl::guild_members
.filter(dsl::user_uuid.eq(user_uuid))
.filter(dsl::guild_uuid.eq(guild_uuid))
.select(MemberBuilder::as_select())
.get_result(&mut conn)
.await?;
member.build(data).await
}
pub async fn fetch_all(data: &Data, guild_uuid: Uuid) -> Result<Vec<Self>, Error> {
let mut conn = data.pool.get().await?;
use guild_members::dsl;
let member_builders: Vec<MemberBuilder> = load_or_empty(
dsl::guild_members
.filter(dsl::guild_uuid.eq(guild_uuid))
.select(MemberBuilder::as_select())
.load(&mut conn)
.await,
)?;
let member_futures = member_builders
.iter()
.map(async move |m| m.build(data).await);
futures::future::try_join_all(member_futures).await
}
pub async fn new(data: &Data, user_uuid: Uuid, guild_uuid: Uuid) -> Result<Self, Error> {
let mut conn = data.pool.get().await?;
let member_uuid = Uuid::now_v7();
let member = MemberBuilder {
uuid: member_uuid,
guild_uuid,
user_uuid,
nickname: None,
is_owner: false,
};
insert_into(guild_members::table)
.values(&member)
.execute(&mut conn)
.await?;
member.build(data).await
}
}

40
src/objects/message.rs Normal file
View file

@ -0,0 +1,40 @@
use diesel::{Insertable, Queryable, Selectable};
use serde::Serialize;
use uuid::Uuid;
use crate::{Data, error::Error, schema::messages};
use super::User;
#[derive(Clone, Queryable, Selectable, Insertable)]
#[diesel(table_name = messages)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct MessageBuilder {
pub uuid: Uuid,
pub channel_uuid: Uuid,
pub user_uuid: Uuid,
pub message: String,
}
impl MessageBuilder {
pub async fn build(&self, data: &Data) -> Result<Message, Error> {
let user = User::fetch_one(data, self.user_uuid).await?;
Ok(Message {
uuid: self.uuid,
channel_uuid: self.channel_uuid,
user_uuid: self.user_uuid,
message: self.message.clone(),
user,
})
}
}
#[derive(Clone, Serialize)]
pub struct Message {
uuid: Uuid,
channel_uuid: Uuid,
user_uuid: Uuid,
message: String,
user: User,
}

119
src/objects/mod.rs Normal file
View file

@ -0,0 +1,119 @@
use lettre::{
AsyncSmtpTransport, AsyncTransport, Message as Email, Tokio1Executor,
message::{Mailbox, MessageBuilder as EmailBuilder},
transport::smtp::authentication::Credentials,
};
use log::debug;
use serde::Deserialize;
use uuid::Uuid;
mod channel;
mod email_token;
mod guild;
mod invite;
mod me;
mod member;
mod message;
mod password_reset_token;
mod role;
mod user;
pub use channel::Channel;
pub use email_token::EmailToken;
pub use guild::Guild;
pub use invite::Invite;
pub use me::Me;
pub use member::Member;
pub use message::Message;
pub use password_reset_token::PasswordResetToken;
pub use role::Role;
pub use role::Permissions;
pub use user::User;
use crate::error::Error;
pub trait HasUuid {
fn uuid(&self) -> &Uuid;
}
pub trait HasIsAbove {
fn is_above(&self) -> Option<&Uuid>;
}
fn load_or_empty<T>(
query_result: Result<Vec<T>, diesel::result::Error>,
) -> Result<Vec<T>, diesel::result::Error> {
match query_result {
Ok(vec) => Ok(vec),
Err(diesel::result::Error::NotFound) => Ok(Vec::new()),
Err(e) => Err(e),
}
}
#[derive(PartialEq, Eq, Clone)]
pub enum MailTls {
StartTls,
Tls,
}
impl From<String> for MailTls {
fn from(value: String) -> Self {
match &*value.to_lowercase() {
"starttls" => Self::StartTls,
_ => Self::Tls,
}
}
}
#[derive(Clone)]
pub struct MailClient {
creds: Credentials,
smtp_server: String,
mbox: Mailbox,
tls: MailTls,
}
impl MailClient {
pub fn new<T: Into<MailTls>>(
creds: Credentials,
smtp_server: String,
mbox: String,
tls: T,
) -> Result<Self, Error> {
Ok(Self {
creds,
smtp_server,
mbox: mbox.parse()?,
tls: tls.into(),
})
}
pub fn message_builder(&self) -> EmailBuilder {
Email::builder().from(self.mbox.clone())
}
pub async fn send_mail(&self, email: Email) -> Result<(), Error> {
let mailer: AsyncSmtpTransport<Tokio1Executor> = match self.tls {
MailTls::StartTls => {
AsyncSmtpTransport::<Tokio1Executor>::starttls_relay(&self.smtp_server)?
.credentials(self.creds.clone())
.build()
}
MailTls::Tls => AsyncSmtpTransport::<Tokio1Executor>::relay(&self.smtp_server)?
.credentials(self.creds.clone())
.build(),
};
let response = mailer.send(email).await?;
debug!("mail sending response: {:?}", response);
Ok(())
}
}
#[derive(Deserialize)]
pub struct StartAmountQuery {
pub start: Option<i64>,
pub amount: Option<i64>,
}

146
src/objects/password_reset_token.rs Normal file
View file

@ -0,0 +1,146 @@
use argon2::{
PasswordHasher,
password_hash::{SaltString, rand_core::OsRng},
};
use chrono::Utc;
use diesel::{
ExpressionMethods, QueryDsl, update,
};
use diesel_async::RunQueryDsl;
use lettre::message::MultiPart;
use serde::{Deserialize, Serialize};
use uuid::Uuid;
use crate::{
error::Error,
schema::users,
utils::{generate_token, global_checks, user_uuid_from_identifier, PASSWORD_REGEX},
Data
};
#[derive(Serialize, Deserialize)]
pub struct PasswordResetToken {
user_uuid: Uuid,
pub token: String,
pub created_at: chrono::DateTime<Utc>,
}
impl PasswordResetToken {
pub async fn get(data: &Data, token: String) -> Result<PasswordResetToken, Error> {
let user_uuid: Uuid = serde_json::from_str(&data.get_cache_key(format!("{}", token)).await?)?;
let password_reset_token = serde_json::from_str(&data.get_cache_key(format!("{}_password_reset", user_uuid)).await?)?;
Ok(password_reset_token)
}
pub async fn get_with_identifier(
data: &Data,
identifier: String,
) -> Result<PasswordResetToken, Error> {
let mut conn = data.pool.get().await?;
let user_uuid = user_uuid_from_identifier(&mut conn, &identifier).await?;
let password_reset_token = serde_json::from_str(&data.get_cache_key(format!("{}_password_reset", user_uuid)).await?)?;
Ok(password_reset_token)
}
#[allow(clippy::new_ret_no_self)]
pub async fn new(data: &Data, identifier: String) -> Result<(), Error> {
let token = generate_token::<32>()?;
let mut conn = data.pool.get().await?;
let user_uuid = user_uuid_from_identifier(&mut conn, &identifier).await?;
global_checks(data, user_uuid).await?;
use users::dsl as udsl;
let (username, email_address): (String, String) = udsl::users
.filter(udsl::uuid.eq(user_uuid))
.select((udsl::username, udsl::email))
.get_result(&mut conn)
.await?;
let password_reset_token = PasswordResetToken {
user_uuid,
token: token.clone(),
created_at: Utc::now(),
};
data.set_cache_key(format!("{}_password_reset", user_uuid), password_reset_token, 86400).await?;
data.set_cache_key(token.clone(), user_uuid, 86400).await?;
let mut reset_endpoint = data.config.web.frontend_url.join("reset-password")?;
reset_endpoint.set_query(Some(&format!("token={}", token)));
let email = data
.mail_client
.message_builder()
.to(email_address.parse()?)
.subject(format!("{} Password Reset", data.config.instance.name))
.multipart(MultiPart::alternative_plain_html(
format!("{} Password Reset\n\nHello, {}!\nSomeone requested a password reset for your Gorb account.\nClick the button below within 24 hours to reset your password.\n\n{}\n\nIf you didn't request a password reset, don't worry, your account is safe and you can safely ignore this email.\n\nThanks, The gorb team.", data.config.instance.name, username, reset_endpoint),
format!(r#"<html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><style>:root {{--header-text-colour: #ffffff;--footer-text-colour: #7f7f7f;--button-text-colour: #170e08;--text-colour: #170e08;--background-colour: #fbf6f2;--primary-colour: #df5f0b;--secondary-colour: #e8ac84;--accent-colour: #e68b4e;}}@media (prefers-color-scheme: dark) {{:root {{--header-text-colour: #ffffff;--footer-text-colour: #585858;--button-text-colour: #ffffff;--text-colour: #f7eee8;--background-colour: #0c0704;--primary-colour: #f4741f;--secondary-colour: #7c4018;--accent-colour: #b35719;}}}}@media (max-width: 600px) {{.container {{width: 100%;}}}}body {{font-family: Arial, sans-serif;align-content: center;text-align: center;margin: 0;padding: 0;background-color: var(--background-colour);color: var(--text-colour);width: 100%;max-width: 600px;margin: 0 auto;border-radius: 5px;}}.header {{background-color: var(--primary-colour);color: var(--header-text-colour);padding: 20px;}}.verify-button {{background-color: var(--accent-colour);color: var(--button-text-colour);padding: 12px 30px;margin: 16px;font-size: 20px;transition: background-color 0.3s;cursor: pointer;border: none;border-radius: 14px;text-decoration: none;display: inline-block;}}.verify-button:hover {{background-color: var(--secondary-colour);}}.content {{padding: 20px 30px;}}.footer {{padding: 10px;font-size: 12px;color: var(--footer-text-colour);}}</style></head><body><div class="container"><div class="header"><h1>{} Password Reset</h1></div><div class="content"><h2>Hello, {}!</h2><p>Someone requested a password reset for your Gorb account.</p><p>Click the button below within 24 hours to reset your password.</p><a href="{}" class="verify-button">RESET PASSWORD</a><p>If you didn't request a password reset, don't worry, your account is safe and you can safely ignore this email.</p><div class="footer"><p>Thanks<br>The gorb team.</p></div></div></div></body></html>"#, data.config.instance.name, username, reset_endpoint)
))?;
data.mail_client.send_mail(email).await?;
Ok(())
}
pub async fn set_password(&self, data: &Data, password: String) -> Result<(), Error> {
if !PASSWORD_REGEX.is_match(&password) {
return Err(Error::BadRequest(
"Please provide a valid password".to_string(),
));
}
let salt = SaltString::generate(&mut OsRng);
let hashed_password = data
.argon2
.hash_password(password.as_bytes(), &salt)
.map_err(|e| Error::PasswordHashError(e.to_string()))?;
let mut conn = data.pool.get().await?;
use users::dsl;
update(users::table)
.filter(dsl::uuid.eq(self.user_uuid))
.set(dsl::password.eq(hashed_password.to_string()))
.execute(&mut conn)
.await?;
let (username, email_address): (String, String) = dsl::users
.filter(dsl::uuid.eq(self.user_uuid))
.select((dsl::username, dsl::email))
.get_result(&mut conn)
.await?;
let login_page = data.config.web.frontend_url.join("login")?;
let email = data
.mail_client
.message_builder()
.to(email_address.parse()?)
.subject(format!("Your {} Password has been Reset", data.config.instance.name))
.multipart(MultiPart::alternative_plain_html(
format!("{} Password Reset Confirmation\n\nHello, {}!\nYour password has been successfully reset for your Gorb account.\nIf you did not initiate this change, please click the link below to reset your password <strong>immediately</strong>.\n\n{}\n\nThanks, The gorb team.", data.config.instance.name, username, login_page),
format!(r#"<html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><style>:root {{--header-text-colour: #ffffff;--footer-text-colour: #7f7f7f;--button-text-colour: #170e08;--text-colour: #170e08;--background-colour: #fbf6f2;--primary-colour: #df5f0b;--secondary-colour: #e8ac84;--accent-colour: #e68b4e;}}@media (prefers-color-scheme: dark) {{:root {{--header-text-colour: #ffffff;--footer-text-colour: #585858;--button-text-colour: #ffffff;--text-colour: #f7eee8;--background-colour: #0c0704;--primary-colour: #f4741f;--secondary-colour: #7c4018;--accent-colour: #b35719;}}}}@media (max-width: 600px) {{.container {{width: 100%;}}}}body {{font-family: Arial, sans-serif;align-content: center;text-align: center;margin: 0;padding: 0;background-color: var(--background-colour);color: var(--text-colour);width: 100%;max-width: 600px;margin: 0 auto;border-radius: 5px;}}.header {{background-color: var(--primary-colour);color: var(--header-text-colour);padding: 20px;}}.verify-button {{background-color: var(--accent-colour);color: var(--button-text-colour);padding: 12px 30px;margin: 16px;font-size: 20px;transition: background-color 0.3s;cursor: pointer;border: none;border-radius: 14px;text-decoration: none;display: inline-block;}}.verify-button:hover {{background-color: var(--secondary-colour);}}.content {{padding: 20px 30px;}}.footer {{padding: 10px;font-size: 12px;color: var(--footer-text-colour);}}</style></head><body><div class="container"><div class="header"><h1>{} Password Reset Confirmation</h1></div><div class="content"><h2>Hello, {}!</h2><p>Your password has been successfully reset for your Gorb account.</p><p>If you did not initiate this change, please click the button below to reset your password <strong>immediately</strong>.</p><a href="{}" class="verify-button">RESET PASSWORD</a><div class="footer"><p>Thanks<br>The gorb team.</p></div></div></div></body></html>"#, data.config.instance.name, username, login_page)
))?;
data.mail_client.send_mail(email).await?;
self.delete(&data).await
}
pub async fn delete(&self, data: &Data) -> Result<(), Error> {
data.del_cache_key(format!("{}_password_reset", &self.user_uuid)).await?;
data.del_cache_key(format!("{}", &self.token)).await?;
Ok(())
}
}

186
src/objects/role.rs Normal file
View file

@ -0,0 +1,186 @@
use diesel::{
ExpressionMethods, Insertable, QueryDsl, Queryable, Selectable, SelectableHelper, insert_into,
update,
};
use diesel_async::RunQueryDsl;
use serde::{Deserialize, Serialize};
use uuid::Uuid;
use crate::{error::Error, schema::{role_members, roles}, utils::order_by_is_above, Conn, Data};
use super::{HasIsAbove, HasUuid, load_or_empty};
#[derive(Deserialize, Serialize, Clone, Queryable, Selectable, Insertable)]
#[diesel(table_name = roles)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct Role {
uuid: Uuid,
guild_uuid: Uuid,
name: String,
color: i32,
is_above: Option<Uuid>,
pub permissions: i64,
}
#[derive(Serialize, Clone, Queryable, Selectable, Insertable)]
#[diesel(table_name = role_members)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct RoleMember {
role_uuid: Uuid,
member_uuid: Uuid,
}
impl RoleMember {
async fn fetch_role(&self, conn: &mut Conn) -> Result<Role, Error> {
use roles::dsl;
let role: Role = dsl::roles
.filter(dsl::uuid.eq(self.role_uuid))
.select(Role::as_select())
.get_result(conn)
.await?;
Ok(role)
}
}
impl HasUuid for Role {
fn uuid(&self) -> &Uuid {
self.uuid.as_ref()
}
}
impl HasIsAbove for Role {
fn is_above(&self) -> Option<&Uuid> {
self.is_above.as_ref()
}
}
impl Role {
pub async fn fetch_all(conn: &mut Conn, guild_uuid: Uuid) -> Result<Vec<Self>, Error> {
use roles::dsl;
let roles: Vec<Role> = load_or_empty(
dsl::roles
.filter(dsl::guild_uuid.eq(guild_uuid))
.select(Role::as_select())
.load(conn)
.await,
)?;
Ok(roles)
}
pub async fn fetch_from_member(data: &Data, member_uuid: Uuid) -> Result<Vec<Self>, Error> {
if let Ok(roles) = data.get_cache_key(format!("{}_roles", member_uuid)).await {
return Ok(serde_json::from_str(&roles)?)
}
let mut conn = data.pool.get().await?;
use role_members::dsl;
let role_memberships: Vec<RoleMember> = load_or_empty(
dsl::role_members
.filter(dsl::member_uuid.eq(member_uuid))
.select(RoleMember::as_select())
.load(&mut conn)
.await,
)?;
let mut roles = vec![];
for membership in role_memberships {
roles.push(membership.fetch_role(&mut conn).await?);
}
data.set_cache_key(format!("{}_roles", member_uuid), roles.clone(), 300).await?;
Ok(roles)
}
pub async fn fetch_one(conn: &mut Conn, role_uuid: Uuid) -> Result<Self, Error> {
use roles::dsl;
let role: Role = dsl::roles
.filter(dsl::uuid.eq(role_uuid))
.select(Role::as_select())
.get_result(conn)
.await?;
Ok(role)
}
pub async fn fetch_permissions(&self) -> Vec<Permissions> {
Permissions::fetch_permissions(self.permissions.clone())
}
pub async fn new(conn: &mut Conn, guild_uuid: Uuid, name: String) -> Result<Self, Error> {
let role_uuid = Uuid::now_v7();
let roles = Self::fetch_all(conn, guild_uuid).await?;
let roles_ordered = order_by_is_above(roles).await?;
let last_role = roles_ordered.last();
let new_role = Role {
uuid: role_uuid,
guild_uuid,
name,
color: 16777215,
is_above: None,
permissions: 0,
};
insert_into(roles::table)
.values(new_role.clone())
.execute(conn)
.await?;
if let Some(old_last_role) = last_role {
use roles::dsl;
update(roles::table)
.filter(dsl::uuid.eq(old_last_role.uuid))
.set(dsl::is_above.eq(new_role.uuid))
.execute(conn)
.await?;
}
Ok(new_role)
}
}
#[derive(Clone, Copy, PartialEq, Eq)]
pub enum Permissions {
SendMessage = 1,
CreateChannel = 2,
DeleteChannel = 4,
ManageChannel = 8,
CreateRole = 16,
DeleteRole = 32,
ManageRole = 64,
CreateInvite = 128,
ManageInvite = 256,
ManageServer = 512,
ManageMember = 1024,
}
impl Permissions {
pub fn fetch_permissions(permissions: i64) -> Vec<Self> {
let all_perms = vec![
Self::SendMessage,
Self::CreateChannel,
Self::DeleteChannel,
Self::ManageChannel,
Self::CreateRole,
Self::DeleteRole,
Self::ManageRole,
Self::CreateInvite,
Self::ManageInvite,
Self::ManageServer,
Self::ManageMember,
];
all_perms
.into_iter()
.filter(|p| permissions & (*p as i64) != 0)
.collect()
}
}

60
src/objects/user.rs Normal file
View file

@ -0,0 +1,60 @@
use diesel::{ExpressionMethods, QueryDsl, Queryable, Selectable, SelectableHelper};
use diesel_async::RunQueryDsl;
use serde::{Deserialize, Serialize};
use uuid::Uuid;
use crate::{Conn, Data, error::Error, schema::users};
use super::load_or_empty;
#[derive(Deserialize, Serialize, Clone, Queryable, Selectable)]
#[diesel(table_name = users)]
#[diesel(check_for_backend(diesel::pg::Pg))]
pub struct User {
uuid: Uuid,
username: String,
display_name: Option<String>,
avatar: Option<String>,
pronouns: Option<String>,
about: Option<String>,
}
impl User {
pub async fn fetch_one(data: &Data, user_uuid: Uuid) -> Result<Self, Error> {
let mut conn = data.pool.get().await?;
if let Ok(cache_hit) = data.get_cache_key(user_uuid.to_string()).await {
return Ok(serde_json::from_str(&cache_hit)?);
}
use users::dsl;
let user: User = dsl::users
.filter(dsl::uuid.eq(user_uuid))
.select(User::as_select())
.get_result(&mut conn)
.await?;
data.set_cache_key(user_uuid.to_string(), user.clone(), 1800)
.await?;
Ok(user)
}
pub async fn fetch_amount(
conn: &mut Conn,
offset: i64,
amount: i64,
) -> Result<Vec<Self>, Error> {
use users::dsl;
let users: Vec<User> = load_or_empty(
dsl::users
.limit(amount)
.offset(offset)
.select(User::as_select())
.load(conn)
.await,
)?;
Ok(users)
}
}

27
src/schema.rs
View file

@ -31,15 +31,6 @@ diesel::table! {
} }
} }
diesel::table! {
email_tokens (token, user_uuid) {
#[max_length = 64]
token -> Varchar,
user_uuid -> Uuid,
created_at -> Timestamptz,
}
}
diesel::table! { diesel::table! {
guild_members (uuid) { guild_members (uuid) {
uuid -> Uuid, uuid -> Uuid,
@ -47,13 +38,13 @@ diesel::table! {
user_uuid -> Uuid, user_uuid -> Uuid,
#[max_length = 100] #[max_length = 100]
nickname -> Nullable<Varchar>, nickname -> Nullable<Varchar>,
is_owner -> Bool,
} }
} }
diesel::table! { diesel::table! {
guilds (uuid) { guilds (uuid) {
uuid -> Uuid, uuid -> Uuid,
owner_uuid -> Uuid,
#[max_length = 100] #[max_length = 100]
name -> Varchar, name -> Varchar,
#[max_length = 300] #[max_length = 300]
@ -89,15 +80,6 @@ diesel::table! {
} }
} }
diesel::table! {
password_reset_tokens (token, user_uuid) {
#[max_length = 64]
token -> Varchar,
user_uuid -> Uuid,
created_at -> Timestamptz,
}
}
diesel::table! { diesel::table! {
refresh_tokens (token) { refresh_tokens (token) {
#[max_length = 64] #[max_length = 64]
@ -146,6 +128,8 @@ diesel::table! {
avatar -> Nullable<Varchar>, avatar -> Nullable<Varchar>,
#[max_length = 32] #[max_length = 32]
pronouns -> Nullable<Varchar>, pronouns -> Nullable<Varchar>,
#[max_length = 200]
about -> Nullable<Varchar>,
} }
} }
@ -153,16 +137,13 @@ diesel::joinable!(access_tokens -> refresh_tokens (refresh_token));
diesel::joinable!(access_tokens -> users (uuid)); diesel::joinable!(access_tokens -> users (uuid));
diesel::joinable!(channel_permissions -> channels (channel_uuid)); diesel::joinable!(channel_permissions -> channels (channel_uuid));
diesel::joinable!(channels -> guilds (guild_uuid)); diesel::joinable!(channels -> guilds (guild_uuid));
diesel::joinable!(email_tokens -> users (user_uuid));
diesel::joinable!(guild_members -> guilds (guild_uuid)); diesel::joinable!(guild_members -> guilds (guild_uuid));
diesel::joinable!(guild_members -> users (user_uuid)); diesel::joinable!(guild_members -> users (user_uuid));
diesel::joinable!(guilds -> users (owner_uuid));
diesel::joinable!(instance_permissions -> users (uuid)); diesel::joinable!(instance_permissions -> users (uuid));
diesel::joinable!(invites -> guilds (guild_uuid)); diesel::joinable!(invites -> guilds (guild_uuid));
diesel::joinable!(invites -> users (user_uuid)); diesel::joinable!(invites -> users (user_uuid));
diesel::joinable!(messages -> channels (channel_uuid)); diesel::joinable!(messages -> channels (channel_uuid));
diesel::joinable!(messages -> users (user_uuid)); diesel::joinable!(messages -> users (user_uuid));
diesel::joinable!(password_reset_tokens -> users (user_uuid));
diesel::joinable!(refresh_tokens -> users (uuid)); diesel::joinable!(refresh_tokens -> users (uuid));
diesel::joinable!(role_members -> guild_members (member_uuid)); diesel::joinable!(role_members -> guild_members (member_uuid));
diesel::joinable!(roles -> guilds (guild_uuid)); diesel::joinable!(roles -> guilds (guild_uuid));
@ -171,13 +152,11 @@ diesel::allow_tables_to_appear_in_same_query!(
access_tokens, access_tokens,
channel_permissions, channel_permissions,
channels, channels,
email_tokens,
guild_members, guild_members,
guilds, guilds,
instance_permissions, instance_permissions,
invites, invites,
messages, messages,
password_reset_tokens,
refresh_tokens, refresh_tokens,
role_members, role_members,
roles, roles,

1329
src/structs.rs
View file

File diff suppressed because it is too large Load diff

15
src/utils.rs
View file

@ -19,8 +19,8 @@ use crate::{
Conn, Data, Conn, Data,
config::Config, config::Config,
error::Error, error::Error,
objects::{HasIsAbove, HasUuid},
schema::users, schema::users,
structs::{HasIsAbove, HasUuid},
}; };
pub static EMAIL_REGEX: LazyLock<Regex> = LazyLock::new(|| { pub static EMAIL_REGEX: LazyLock<Regex> = LazyLock::new(|| {
@ -30,6 +30,9 @@ pub static EMAIL_REGEX: LazyLock<Regex> = LazyLock::new(|| {
pub static USERNAME_REGEX: LazyLock<Regex> = pub static USERNAME_REGEX: LazyLock<Regex> =
LazyLock::new(|| Regex::new(r"^[a-z0-9_.-]+$").unwrap()); LazyLock::new(|| Regex::new(r"^[a-z0-9_.-]+$").unwrap());
pub static CHANNEL_REGEX: LazyLock<Regex> =
LazyLock::new(|| Regex::new(r"^[a-z0-9_.-]+$").unwrap());
// Password is expected to be hashed using SHA3-384 // Password is expected to be hashed using SHA3-384
pub static PASSWORD_REGEX: LazyLock<Regex> = LazyLock::new(|| Regex::new(r"[0-9a-f]{96}").unwrap()); pub static PASSWORD_REGEX: LazyLock<Regex> = LazyLock::new(|| Regex::new(r"[0-9a-f]{96}").unwrap());
@ -112,14 +115,8 @@ pub fn new_refresh_token_cookie(config: &Config, refresh_token: String) -> Cooki
.finish() .finish()
} }
pub fn generate_access_token() -> Result<String, getrandom::Error> { pub fn generate_token<const N: usize>() -> Result<String, getrandom::Error> {
let mut buf = [0u8; 16]; let mut buf = [0u8; N];
fill(&mut buf)?;
Ok(encode(buf))
}
pub fn generate_refresh_token() -> Result<String, getrandom::Error> {
let mut buf = [0u8; 32];
fill(&mut buf)?; fill(&mut buf)?;
Ok(encode(buf)) Ok(encode(buf))
} }