Add private instance site column, and back end checks.

invite_instances
Dessalines 2021-12-04 14:40:33 -05:00
parent e28977c987
commit 52b8e73390
14 changed files with 72 additions and 4 deletions

View File

@ -5,6 +5,7 @@ use diesel::NotFound;
use lemmy_api_common::{ use lemmy_api_common::{
blocking, blocking,
build_federated_instances, build_federated_instances,
check_private_instance,
get_local_user_view_from_jwt, get_local_user_view_from_jwt,
get_local_user_view_from_jwt_opt, get_local_user_view_from_jwt_opt,
is_admin, is_admin,
@ -163,6 +164,8 @@ impl Perform for Search {
let local_user_view = let local_user_view =
get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?; get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?;
check_private_instance(&local_user_view, context.pool()).await?;
let show_nsfw = local_user_view.as_ref().map(|t| t.local_user.show_nsfw); let show_nsfw = local_user_view.as_ref().map(|t| t.local_user.show_nsfw);
let show_bot_accounts = local_user_view let show_bot_accounts = local_user_view
.as_ref() .as_ref()
@ -400,6 +403,8 @@ impl Perform for ResolveObject {
) -> Result<ResolveObjectResponse, LemmyError> { ) -> Result<ResolveObjectResponse, LemmyError> {
let local_user_view = let local_user_view =
get_local_user_view_from_jwt_opt(&self.auth, context.pool(), context.secret()).await?; get_local_user_view_from_jwt_opt(&self.auth, context.pool(), context.secret()).await?;
check_private_instance(&local_user_view, context.pool()).await?;
let res = search_by_apub_id(&self.q, context) let res = search_by_apub_id(&self.q, context)
.await .await
.map_err(|e| ApiError::err("couldnt_find_object", e))?; .map_err(|e| ApiError::err("couldnt_find_object", e))?;

View File

@ -243,6 +243,19 @@ pub async fn check_downvotes_enabled(score: i16, pool: &DbPool) -> Result<(), Le
Ok(()) Ok(())
} }
pub async fn check_private_instance(
local_user_view: &Option<LocalUserView>,
pool: &DbPool,
) -> Result<(), LemmyError> {
if local_user_view.is_none() {
let site = blocking(pool, Site::read_simple).await??;
if site.private_instance {
return Err(ApiError::err_plain("instance_is_private").into());
}
}
Ok(())
}
pub async fn build_federated_instances( pub async fn build_federated_instances(
pool: &DbPool, pool: &DbPool,
federation_config: &FederationConfig, federation_config: &FederationConfig,

View File

@ -118,6 +118,7 @@ pub struct EditSite {
pub require_email_verification: Option<bool>, pub require_email_verification: Option<bool>,
pub require_application: Option<bool>, pub require_application: Option<bool>,
pub application_question: Option<String>, pub application_question: Option<String>,
pub private_instance: Option<bool>,
pub auth: String, pub auth: String,
} }

View File

@ -1,6 +1,11 @@
use crate::PerformCrud; use crate::PerformCrud;
use actix_web::web::Data; use actix_web::web::Data;
use lemmy_api_common::{blocking, comment::*, get_local_user_view_from_jwt_opt}; use lemmy_api_common::{
blocking,
check_private_instance,
comment::*,
get_local_user_view_from_jwt_opt,
};
use lemmy_apub::{ use lemmy_apub::{
fetcher::webfinger::webfinger_resolve, fetcher::webfinger::webfinger_resolve,
objects::community::ApubCommunity, objects::community::ApubCommunity,
@ -29,6 +34,8 @@ impl PerformCrud for GetComment {
let local_user_view = let local_user_view =
get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?; get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?;
check_private_instance(&local_user_view, context.pool()).await?;
let person_id = local_user_view.map(|u| u.person.id); let person_id = local_user_view.map(|u| u.person.id);
let id = data.id; let id = data.id;
let comment_view = blocking(context.pool(), move |conn| { let comment_view = blocking(context.pool(), move |conn| {
@ -58,6 +65,8 @@ impl PerformCrud for GetComments {
let local_user_view = let local_user_view =
get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?; get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?;
check_private_instance(&local_user_view, context.pool()).await?;
let show_bot_accounts = local_user_view let show_bot_accounts = local_user_view
.as_ref() .as_ref()
.map(|t| t.local_user.show_bot_accounts); .map(|t| t.local_user.show_bot_accounts);

View File

@ -1,6 +1,11 @@
use crate::PerformCrud; use crate::PerformCrud;
use actix_web::web::Data; use actix_web::web::Data;
use lemmy_api_common::{blocking, community::*, get_local_user_view_from_jwt_opt}; use lemmy_api_common::{
blocking,
check_private_instance,
community::*,
get_local_user_view_from_jwt_opt,
};
use lemmy_apub::{ use lemmy_apub::{
fetcher::webfinger::webfinger_resolve, fetcher::webfinger::webfinger_resolve,
objects::community::ApubCommunity, objects::community::ApubCommunity,
@ -32,6 +37,9 @@ impl PerformCrud for GetCommunity {
let data: &GetCommunity = self; let data: &GetCommunity = self;
let local_user_view = let local_user_view =
get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?; get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?;
check_private_instance(&local_user_view, context.pool()).await?;
let person_id = local_user_view.map(|u| u.person.id); let person_id = local_user_view.map(|u| u.person.id);
let community_id = match data.id { let community_id = match data.id {
@ -98,6 +106,8 @@ impl PerformCrud for ListCommunities {
let local_user_view = let local_user_view =
get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?; get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?;
check_private_instance(&local_user_view, context.pool()).await?;
let person_id = local_user_view.to_owned().map(|l| l.person.id); let person_id = local_user_view.to_owned().map(|l| l.person.id);
// Don't show NSFW by default // Don't show NSFW by default

View File

@ -1,6 +1,12 @@
use crate::PerformCrud; use crate::PerformCrud;
use actix_web::web::Data; use actix_web::web::Data;
use lemmy_api_common::{blocking, get_local_user_view_from_jwt_opt, mark_post_as_read, post::*}; use lemmy_api_common::{
blocking,
check_private_instance,
get_local_user_view_from_jwt_opt,
mark_post_as_read,
post::*,
};
use lemmy_apub::{ use lemmy_apub::{
fetcher::webfinger::webfinger_resolve, fetcher::webfinger::webfinger_resolve,
objects::community::ApubCommunity, objects::community::ApubCommunity,
@ -36,6 +42,8 @@ impl PerformCrud for GetPost {
let local_user_view = let local_user_view =
get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?; get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?;
check_private_instance(&local_user_view, context.pool()).await?;
let show_bot_accounts = local_user_view let show_bot_accounts = local_user_view
.as_ref() .as_ref()
.map(|t| t.local_user.show_bot_accounts); .map(|t| t.local_user.show_bot_accounts);
@ -124,6 +132,8 @@ impl PerformCrud for GetPosts {
let local_user_view = let local_user_view =
get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?; get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?;
check_private_instance(&local_user_view, context.pool()).await?;
let person_id = local_user_view.to_owned().map(|l| l.person.id); let person_id = local_user_view.to_owned().map(|l| l.person.id);
let show_nsfw = local_user_view.as_ref().map(|t| t.local_user.show_nsfw); let show_nsfw = local_user_view.as_ref().map(|t| t.local_user.show_nsfw);

View File

@ -138,6 +138,12 @@ impl PerformCrud for GetSite {
person_blocks, person_blocks,
}) })
} else { } else {
// If the site is setup, private, and there is no auth, return an error
if let Some(site_view) = site_view.to_owned() {
if site_view.site.private_instance {
return Err(ApiError::err_plain("instance_is_private").into());
}
}
None None
}; };

View File

@ -63,6 +63,7 @@ impl PerformCrud for EditSite {
require_email_verification: data.require_email_verification, require_email_verification: data.require_email_verification,
require_application: data.require_application, require_application: data.require_application,
application_question, application_question,
private_instance: data.private_instance,
}; };
let update_site = move |conn: &'_ _| Site::update(conn, 1, &site_form); let update_site = move |conn: &'_ _| Site::update(conn, 1, &site_form);

View File

@ -1,6 +1,11 @@
use crate::PerformCrud; use crate::PerformCrud;
use actix_web::web::Data; use actix_web::web::Data;
use lemmy_api_common::{blocking, get_local_user_view_from_jwt_opt, person::*}; use lemmy_api_common::{
blocking,
check_private_instance,
get_local_user_view_from_jwt_opt,
person::*,
};
use lemmy_apub::{ use lemmy_apub::{
fetcher::webfinger::webfinger_resolve, fetcher::webfinger::webfinger_resolve,
objects::person::ApubPerson, objects::person::ApubPerson,
@ -29,6 +34,8 @@ impl PerformCrud for GetPersonDetails {
let local_user_view = let local_user_view =
get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?; get_local_user_view_from_jwt_opt(&data.auth, context.pool(), context.secret()).await?;
check_private_instance(&local_user_view, context.pool()).await?;
let show_nsfw = local_user_view.as_ref().map(|t| t.local_user.show_nsfw); let show_nsfw = local_user_view.as_ref().map(|t| t.local_user.show_nsfw);
let show_bot_accounts = local_user_view let show_bot_accounts = local_user_view
.as_ref() .as_ref()

View File

@ -68,6 +68,7 @@ mod tests {
require_email_verification: None, require_email_verification: None,
require_application: None, require_application: None,
application_question: None, application_question: None,
private_instance: None,
}; };
Site::create(&conn, &site_form).unwrap(); Site::create(&conn, &site_form).unwrap();

View File

@ -452,6 +452,7 @@ table! {
require_email_verification -> Bool, require_email_verification -> Bool,
require_application -> Bool, require_application -> Bool,
application_question -> Nullable<Text>, application_question -> Nullable<Text>,
private_instance -> Bool,
} }
} }

View File

@ -23,6 +23,7 @@ pub struct Site {
pub require_email_verification: bool, pub require_email_verification: bool,
pub require_application: bool, pub require_application: bool,
pub application_question: Option<String>, pub application_question: Option<String>,
pub private_instance: bool,
} }
#[derive(Insertable, AsChangeset, Default)] #[derive(Insertable, AsChangeset, Default)]
@ -43,4 +44,5 @@ pub struct SiteForm {
pub require_email_verification: Option<bool>, pub require_email_verification: Option<bool>,
pub require_application: Option<bool>, pub require_application: Option<bool>,
pub application_question: Option<Option<String>>, pub application_question: Option<Option<String>>,
pub private_instance: Option<bool>,
} }

View File

@ -1,6 +1,7 @@
-- Add columns to site table -- Add columns to site table
alter table site drop column require_application; alter table site drop column require_application;
alter table site drop column application_question; alter table site drop column application_question;
alter table site drop column private_instance;
-- Add pending to local_user -- Add pending to local_user
alter table local_user drop column accepted_application; alter table local_user drop column accepted_application;

View File

@ -1,6 +1,7 @@
-- Add columns to site table -- Add columns to site table
alter table site add column require_application boolean not null default false; alter table site add column require_application boolean not null default false;
alter table site add column application_question text; alter table site add column application_question text;
alter table site add column private_instance boolean not null default false;
-- Add pending to local_user -- Add pending to local_user
alter table local_user add column accepted_application boolean not null default false; alter table local_user add column accepted_application boolean not null default false;