appview/state/profile.go at 5e5769e21b87facd005a994eb749f238bafcd47b

lewis.moe / tangled-core
fork atom
Monorepo for Tangled
fork atom
tangled-core / appview / state / profile.go
at 5e5769e21b87facd005a994eb749f238bafcd47b 916 lines 26 kB view raw
wrap content
oppiliappan appview/state: handle empty vanity stat kinds 1 month ago
5e5769e2
  1package state
  2
  3import (
  4	"context"
  5	"fmt"
  6	"log"
  7	"net/http"
  8	"slices"
  9	"strings"
 10	"time"
 11
 12	comatproto "github.com/bluesky-social/indigo/api/atproto"
 13	"github.com/bluesky-social/indigo/atproto/identity"
 14	"github.com/bluesky-social/indigo/atproto/syntax"
 15	lexutil "github.com/bluesky-social/indigo/lex/util"
 16	"github.com/go-chi/chi/v5"
 17	"github.com/gorilla/feeds"
 18	"tangled.org/core/api/tangled"
 19	"tangled.org/core/appview/db"
 20	"tangled.org/core/appview/models"
 21	"tangled.org/core/appview/pages"
 22	"tangled.org/core/orm"
 23	"tangled.org/core/xrpc"
 24)
 25
 26func (s *State) Profile(w http.ResponseWriter, r *http.Request) {
 27	tabVal := r.URL.Query().Get("tab")
 28	switch tabVal {
 29	case "repos":
 30		s.reposPage(w, r)
 31	case "followers":
 32		s.followersPage(w, r)
 33	case "following":
 34		s.followingPage(w, r)
 35	case "starred":
 36		s.starredPage(w, r)
 37	case "strings":
 38		s.stringsPage(w, r)
 39	default:
 40		s.profileOverview(w, r)
 41	}
 42}
 43
 44func (s *State) profile(r *http.Request) (*pages.ProfileCard, error) {
 45	didOrHandle := chi.URLParam(r, "user")
 46	if didOrHandle == "" {
 47		return nil, fmt.Errorf("empty DID or handle")
 48	}
 49
 50	ident, ok := r.Context().Value("resolvedId").(identity.Identity)
 51	if !ok {
 52		return nil, fmt.Errorf("failed to resolve ID")
 53	}
 54	did := ident.DID.String()
 55
 56	profile, err := db.GetProfile(s.db, did)
 57	if err != nil {
 58		return nil, fmt.Errorf("failed to get profile: %w", err)
 59	}
 60
 61	repoCount, err := db.CountRepos(s.db, orm.FilterEq("did", did))
 62	if err != nil {
 63		return nil, fmt.Errorf("failed to get repo count: %w", err)
 64	}
 65
 66	stringCount, err := db.CountStrings(s.db, orm.FilterEq("did", did))
 67	if err != nil {
 68		return nil, fmt.Errorf("failed to get string count: %w", err)
 69	}
 70
 71	starredCount, err := db.CountStars(s.db, orm.FilterEq("did", did))
 72	if err != nil {
 73		return nil, fmt.Errorf("failed to get starred repo count: %w", err)
 74	}
 75
 76	followStats, err := db.GetFollowerFollowingCount(s.db, did)
 77	if err != nil {
 78		return nil, fmt.Errorf("failed to get follower stats: %w", err)
 79	}
 80
 81	loggedInUser := s.oauth.GetMultiAccountUser(r)
 82	followStatus := models.IsNotFollowing
 83	if loggedInUser != nil {
 84		followStatus = db.GetFollowStatus(s.db, loggedInUser.Active.Did, did)
 85	}
 86
 87	now := time.Now()
 88	startOfYear := time.Date(now.Year(), 1, 1, 0, 0, 0, 0, time.UTC)
 89	punchcard, err := db.MakePunchcard(
 90		s.db,
 91		orm.FilterEq("did", did),
 92		orm.FilterGte("date", startOfYear.Format(time.DateOnly)),
 93		orm.FilterLte("date", now.Format(time.DateOnly)),
 94	)
 95	if err != nil {
 96		return nil, fmt.Errorf("failed to get punchcard for %s: %w", did, err)
 97	}
 98
 99	return &pages.ProfileCard{
100		UserDid:      did,
101		Profile:      profile,
102		FollowStatus: followStatus,
103		Stats: pages.ProfileStats{
104			RepoCount:      repoCount,
105			StringCount:    stringCount,
106			StarredCount:   starredCount,
107			FollowersCount: followStats.Followers,
108			FollowingCount: followStats.Following,
109		},
110		Punchcard: punchcard,
111	}, nil
112}
113
114func (s *State) profileOverview(w http.ResponseWriter, r *http.Request) {
115	l := s.logger.With("handler", "profileHomePage")
116
117	profile, err := s.profile(r)
118	if err != nil {
119		l.Error("failed to build profile card", "err", err)
120		s.pages.Error500(w)
121		return
122	}
123	l = l.With("profileDid", profile.UserDid)
124
125	repos, err := db.GetRepos(
126		s.db,
127		0,
128		orm.FilterEq("did", profile.UserDid),
129	)
130	if err != nil {
131		l.Error("failed to fetch repos", "err", err)
132	}
133
134	// filter out ones that are pinned
135	pinnedRepos := []models.Repo{}
136	for i, r := range repos {
137		// if this is a pinned repo, add it
138		if slices.Contains(profile.Profile.PinnedRepos[:], r.RepoAt()) {
139			pinnedRepos = append(pinnedRepos, r)
140		}
141
142		// if there are no saved pins, add the first 4 repos
143		if profile.Profile.IsPinnedReposEmpty() && i < 4 {
144			pinnedRepos = append(pinnedRepos, r)
145		}
146	}
147
148	collaboratingRepos, err := db.CollaboratingIn(s.db, profile.UserDid)
149	if err != nil {
150		l.Error("failed to fetch collaborating repos", "err", err)
151	}
152
153	pinnedCollaboratingRepos := []models.Repo{}
154	for _, r := range collaboratingRepos {
155		// if this is a pinned repo, add it
156		if slices.Contains(profile.Profile.PinnedRepos[:], r.RepoAt()) {
157			pinnedCollaboratingRepos = append(pinnedCollaboratingRepos, r)
158		}
159	}
160
161	timeline, err := db.MakeProfileTimeline(s.db, profile.UserDid)
162	if err != nil {
163		l.Error("failed to create timeline", "err", err)
164	}
165
166	s.pages.ProfileOverview(w, pages.ProfileOverviewParams{
167		LoggedInUser:       s.oauth.GetMultiAccountUser(r),
168		Card:               profile,
169		Repos:              pinnedRepos,
170		CollaboratingRepos: pinnedCollaboratingRepos,
171		ProfileTimeline:    timeline,
172	})
173}
174
175func (s *State) reposPage(w http.ResponseWriter, r *http.Request) {
176	l := s.logger.With("handler", "reposPage")
177
178	profile, err := s.profile(r)
179	if err != nil {
180		l.Error("failed to build profile card", "err", err)
181		s.pages.Error500(w)
182		return
183	}
184	l = l.With("profileDid", profile.UserDid)
185
186	repos, err := db.GetRepos(
187		s.db,
188		0,
189		orm.FilterEq("did", profile.UserDid),
190	)
191	if err != nil {
192		l.Error("failed to get repos", "err", err)
193		s.pages.Error500(w)
194		return
195	}
196
197	err = s.pages.ProfileRepos(w, pages.ProfileReposParams{
198		LoggedInUser: s.oauth.GetMultiAccountUser(r),
199		Repos:        repos,
200		Card:         profile,
201	})
202}
203
204func (s *State) starredPage(w http.ResponseWriter, r *http.Request) {
205	l := s.logger.With("handler", "starredPage")
206
207	profile, err := s.profile(r)
208	if err != nil {
209		l.Error("failed to build profile card", "err", err)
210		s.pages.Error500(w)
211		return
212	}
213	l = l.With("profileDid", profile.UserDid)
214
215	stars, err := db.GetRepoStars(s.db, 0, orm.FilterEq("did", profile.UserDid))
216	if err != nil {
217		l.Error("failed to get stars", "err", err)
218		s.pages.Error500(w)
219		return
220	}
221	var repos []models.Repo
222	for _, s := range stars {
223		repos = append(repos, *s.Repo)
224	}
225
226	err = s.pages.ProfileStarred(w, pages.ProfileStarredParams{
227		LoggedInUser: s.oauth.GetMultiAccountUser(r),
228		Repos:        repos,
229		Card:         profile,
230	})
231}
232
233func (s *State) stringsPage(w http.ResponseWriter, r *http.Request) {
234	l := s.logger.With("handler", "stringsPage")
235
236	profile, err := s.profile(r)
237	if err != nil {
238		l.Error("failed to build profile card", "err", err)
239		s.pages.Error500(w)
240		return
241	}
242	l = l.With("profileDid", profile.UserDid)
243
244	strings, err := db.GetStrings(s.db, 0, orm.FilterEq("did", profile.UserDid))
245	if err != nil {
246		l.Error("failed to get strings", "err", err)
247		s.pages.Error500(w)
248		return
249	}
250
251	err = s.pages.ProfileStrings(w, pages.ProfileStringsParams{
252		LoggedInUser: s.oauth.GetMultiAccountUser(r),
253		Strings:      strings,
254		Card:         profile,
255	})
256}
257
258type FollowsPageParams struct {
259	Follows []pages.FollowCard
260	Card    *pages.ProfileCard
261}
262
263func (s *State) followPage(
264	r *http.Request,
265	fetchFollows func(db.Execer, string) ([]models.Follow, error),
266	extractDid func(models.Follow) string,
267) (*FollowsPageParams, error) {
268	l := s.logger.With("handler", "reposPage")
269
270	profile, err := s.profile(r)
271	if err != nil {
272		return nil, err
273	}
274	l = l.With("profileDid", profile.UserDid)
275
276	loggedInUser := s.oauth.GetMultiAccountUser(r)
277	params := FollowsPageParams{
278		Card: profile,
279	}
280
281	follows, err := fetchFollows(s.db, profile.UserDid)
282	if err != nil {
283		l.Error("failed to fetch follows", "err", err)
284		return &params, err
285	}
286
287	if len(follows) == 0 {
288		return &params, nil
289	}
290
291	followDids := make([]string, 0, len(follows))
292	for _, follow := range follows {
293		followDids = append(followDids, extractDid(follow))
294	}
295
296	profiles, err := db.GetProfiles(s.db, orm.FilterIn("did", followDids))
297	if err != nil {
298		l.Error("failed to get profiles", "followDids", followDids, "err", err)
299		return &params, err
300	}
301
302	followStatsMap, err := db.GetFollowerFollowingCounts(s.db, followDids)
303	if err != nil {
304		log.Printf("getting follow counts for %s: %s", followDids, err)
305	}
306
307	loggedInUserFollowing := make(map[string]struct{})
308	if loggedInUser != nil {
309		following, err := db.GetFollowing(s.db, loggedInUser.Active.Did)
310		if err != nil {
311			l.Error("failed to get follow list", "err", err, "loggedInUser", loggedInUser.Active.Did)
312			return &params, err
313		}
314		loggedInUserFollowing = make(map[string]struct{}, len(following))
315		for _, follow := range following {
316			loggedInUserFollowing[follow.SubjectDid] = struct{}{}
317		}
318	}
319
320	followCards := make([]pages.FollowCard, len(follows))
321	for i, did := range followDids {
322		followStats := followStatsMap[did]
323		followStatus := models.IsNotFollowing
324		if _, exists := loggedInUserFollowing[did]; exists {
325			followStatus = models.IsFollowing
326		} else if loggedInUser != nil && loggedInUser.Active.Did == did {
327			followStatus = models.IsSelf
328		}
329
330		var profile *models.Profile
331		if p, exists := profiles[did]; exists {
332			profile = p
333		} else {
334			profile = &models.Profile{}
335			profile.Did = did
336		}
337		followCards[i] = pages.FollowCard{
338			LoggedInUser:   loggedInUser,
339			UserDid:        did,
340			FollowStatus:   followStatus,
341			FollowersCount: followStats.Followers,
342			FollowingCount: followStats.Following,
343			Profile:        profile,
344		}
345	}
346
347	params.Follows = followCards
348
349	return &params, nil
350}
351
352func (s *State) followersPage(w http.ResponseWriter, r *http.Request) {
353	followPage, err := s.followPage(r, db.GetFollowers, func(f models.Follow) string { return f.UserDid })
354	if err != nil {
355		s.pages.Notice(w, "all-followers", "Failed to load followers")
356		return
357	}
358
359	s.pages.ProfileFollowers(w, pages.ProfileFollowersParams{
360		LoggedInUser: s.oauth.GetMultiAccountUser(r),
361		Followers:    followPage.Follows,
362		Card:         followPage.Card,
363	})
364}
365
366func (s *State) followingPage(w http.ResponseWriter, r *http.Request) {
367	followPage, err := s.followPage(r, db.GetFollowing, func(f models.Follow) string { return f.SubjectDid })
368	if err != nil {
369		s.pages.Notice(w, "all-following", "Failed to load following")
370		return
371	}
372
373	s.pages.ProfileFollowing(w, pages.ProfileFollowingParams{
374		LoggedInUser: s.oauth.GetMultiAccountUser(r),
375		Following:    followPage.Follows,
376		Card:         followPage.Card,
377	})
378}
379
380func (s *State) AtomFeedPage(w http.ResponseWriter, r *http.Request) {
381	ident, ok := r.Context().Value("resolvedId").(identity.Identity)
382	if !ok {
383		s.pages.Error404(w)
384		return
385	}
386
387	feed, err := s.getProfileFeed(r.Context(), &ident)
388	if err != nil {
389		s.pages.Error500(w)
390		return
391	}
392
393	if feed == nil {
394		return
395	}
396
397	atom, err := feed.ToAtom()
398	if err != nil {
399		s.pages.Error500(w)
400		return
401	}
402
403	w.Header().Set("content-type", "application/atom+xml")
404	w.Write([]byte(atom))
405}
406
407func (s *State) getProfileFeed(ctx context.Context, id *identity.Identity) (*feeds.Feed, error) {
408	timeline, err := db.MakeProfileTimeline(s.db, id.DID.String())
409	if err != nil {
410		return nil, err
411	}
412
413	author := &feeds.Author{
414		Name: fmt.Sprintf("@%s", id.Handle),
415	}
416
417	feed := feeds.Feed{
418		Title:   fmt.Sprintf("%s's timeline", author.Name),
419		Link:    &feeds.Link{Href: fmt.Sprintf("%s/@%s", s.config.Core.BaseUrl(), id.Handle), Type: "text/html", Rel: "alternate"},
420		Items:   make([]*feeds.Item, 0),
421		Updated: time.UnixMilli(0),
422		Author:  author,
423	}
424
425	for _, byMonth := range timeline.ByMonth {
426		if err := s.addPullRequestItems(ctx, &feed, byMonth.PullEvents.Items, author); err != nil {
427			return nil, err
428		}
429		if err := s.addIssueItems(ctx, &feed, byMonth.IssueEvents.Items, author); err != nil {
430			return nil, err
431		}
432		if err := s.addRepoItems(ctx, &feed, byMonth.RepoEvents, author); err != nil {
433			return nil, err
434		}
435	}
436
437	slices.SortFunc(feed.Items, func(a *feeds.Item, b *feeds.Item) int {
438		return int(b.Created.UnixMilli()) - int(a.Created.UnixMilli())
439	})
440
441	if len(feed.Items) > 0 {
442		feed.Updated = feed.Items[0].Created
443	}
444
445	return &feed, nil
446}
447
448func (s *State) addPullRequestItems(ctx context.Context, feed *feeds.Feed, pulls []*models.Pull, author *feeds.Author) error {
449	for _, pull := range pulls {
450		owner, err := s.idResolver.ResolveIdent(ctx, pull.Repo.Did)
451		if err != nil {
452			return err
453		}
454
455		// Add pull request creation item
456		feed.Items = append(feed.Items, s.createPullRequestItem(pull, owner, author))
457	}
458	return nil
459}
460
461func (s *State) addIssueItems(ctx context.Context, feed *feeds.Feed, issues []*models.Issue, author *feeds.Author) error {
462	for _, issue := range issues {
463		owner, err := s.idResolver.ResolveIdent(ctx, issue.Repo.Did)
464		if err != nil {
465			return err
466		}
467
468		feed.Items = append(feed.Items, s.createIssueItem(issue, owner, author))
469	}
470	return nil
471}
472
473func (s *State) addRepoItems(ctx context.Context, feed *feeds.Feed, repos []models.RepoEvent, author *feeds.Author) error {
474	for _, repo := range repos {
475		item, err := s.createRepoItem(ctx, repo, author)
476		if err != nil {
477			return err
478		}
479		feed.Items = append(feed.Items, item)
480	}
481	return nil
482}
483
484func (s *State) createPullRequestItem(pull *models.Pull, owner *identity.Identity, author *feeds.Author) *feeds.Item {
485	return &feeds.Item{
486		Title:   fmt.Sprintf("%s created pull request '%s' in @%s/%s", author.Name, pull.Title, owner.Handle, pull.Repo.Name),
487		Link:    &feeds.Link{Href: fmt.Sprintf("%s/@%s/%s/pulls/%d", s.config.Core.BaseUrl(), owner.Handle, pull.Repo.Name, pull.PullId), Type: "text/html", Rel: "alternate"},
488		Created: pull.Created,
489		Author:  author,
490	}
491}
492
493func (s *State) createIssueItem(issue *models.Issue, owner *identity.Identity, author *feeds.Author) *feeds.Item {
494	return &feeds.Item{
495		Title:   fmt.Sprintf("%s created issue '%s' in @%s/%s", author.Name, issue.Title, owner.Handle, issue.Repo.Name),
496		Link:    &feeds.Link{Href: fmt.Sprintf("%s/@%s/%s/issues/%d", s.config.Core.BaseUrl(), owner.Handle, issue.Repo.Name, issue.IssueId), Type: "text/html", Rel: "alternate"},
497		Created: issue.Created,
498		Author:  author,
499	}
500}
501
502func (s *State) createRepoItem(ctx context.Context, repo models.RepoEvent, author *feeds.Author) (*feeds.Item, error) {
503	var title string
504	if repo.Source != nil {
505		sourceOwner, err := s.idResolver.ResolveIdent(ctx, repo.Source.Did)
506		if err != nil {
507			return nil, err
508		}
509		title = fmt.Sprintf("%s forked repository @%s/%s to '%s'", author.Name, sourceOwner.Handle, repo.Source.Name, repo.Repo.Name)
510	} else {
511		title = fmt.Sprintf("%s created repository '%s'", author.Name, repo.Repo.Name)
512	}
513
514	return &feeds.Item{
515		Title:   title,
516		Link:    &feeds.Link{Href: fmt.Sprintf("%s/@%s/%s", s.config.Core.BaseUrl(), author.Name[1:], repo.Repo.Name), Type: "text/html", Rel: "alternate"}, // Remove @ prefix
517		Created: repo.Repo.Created,
518		Author:  author,
519	}, nil
520}
521
522func (s *State) UpdateProfileBio(w http.ResponseWriter, r *http.Request) {
523	user := s.oauth.GetMultiAccountUser(r)
524
525	err := r.ParseForm()
526	if err != nil {
527		log.Println("invalid profile update form", err)
528		s.pages.Notice(w, "update-profile", "Invalid form.")
529		return
530	}
531
532	profile, err := db.GetProfile(s.db, user.Active.Did)
533	if err != nil {
534		log.Printf("getting profile data for %s: %s", user.Active.Did, err)
535	}
536
537	profile.Description = r.FormValue("description")
538	profile.IncludeBluesky = r.FormValue("includeBluesky") == "on"
539	profile.Location = r.FormValue("location")
540	profile.Pronouns = r.FormValue("pronouns")
541
542	var links [5]string
543	for i := range 5 {
544		iLink := r.FormValue(fmt.Sprintf("link%d", i))
545		links[i] = iLink
546	}
547	profile.Links = links
548
549	// Parse stats (exactly 2)
550	stat0 := r.FormValue("stat0")
551	stat1 := r.FormValue("stat1")
552
553	profile.Stats[0].Kind = models.ParseVanityStatKind(stat0)
554	profile.Stats[1].Kind = models.ParseVanityStatKind(stat1)
555
556	if err := db.ValidateProfile(s.db, profile); err != nil {
557		log.Println("invalid profile", err)
558		s.pages.Notice(w, "update-profile", err.Error())
559		return
560	}
561
562	s.updateProfile(profile, w, r)
563}
564
565func (s *State) UpdateProfilePins(w http.ResponseWriter, r *http.Request) {
566	user := s.oauth.GetMultiAccountUser(r)
567
568	err := r.ParseForm()
569	if err != nil {
570		log.Println("invalid profile update form", err)
571		s.pages.Notice(w, "update-profile", "Invalid form.")
572		return
573	}
574
575	profile, err := db.GetProfile(s.db, user.Active.Did)
576	if err != nil {
577		log.Printf("getting profile data for %s: %s", user.Active.Did, err)
578	}
579
580	i := 0
581	var pinnedRepos [6]syntax.ATURI
582	for key, values := range r.Form {
583		if i >= 6 {
584			log.Println("invalid pin update form", err)
585			s.pages.Notice(w, "update-profile", "Only 6 repositories can be pinned at a time.")
586			return
587		}
588		if strings.HasPrefix(key, "pinnedRepo") && len(values) > 0 && values[0] != "" && i < 6 {
589			aturi, err := syntax.ParseATURI(values[0])
590			if err != nil {
591				log.Println("invalid profile update form", err)
592				s.pages.Notice(w, "update-profile", "Invalid form.")
593				return
594			}
595			pinnedRepos[i] = aturi
596			i++
597		}
598	}
599	profile.PinnedRepos = pinnedRepos
600
601	s.updateProfile(profile, w, r)
602}
603
604func (s *State) updateProfile(profile *models.Profile, w http.ResponseWriter, r *http.Request) {
605	user := s.oauth.GetMultiAccountUser(r)
606	tx, err := s.db.BeginTx(r.Context(), nil)
607	if err != nil {
608		log.Println("failed to start transaction", err)
609		s.pages.Notice(w, "update-profile", "Failed to update profile, try again later.")
610		return
611	}
612
613	client, err := s.oauth.AuthorizedClient(r)
614	if err != nil {
615		log.Println("failed to get authorized client", err)
616		s.pages.Notice(w, "update-profile", "Failed to update profile, try again later.")
617		return
618	}
619
620	// yeah... lexgen dose not support syntax.ATURI in the record for some reason,
621	// nor does it support exact size arrays
622	var pinnedRepoStrings []string
623	for _, r := range profile.PinnedRepos {
624		pinnedRepoStrings = append(pinnedRepoStrings, r.String())
625	}
626
627	var vanityStats []string
628	for _, v := range profile.Stats {
629		vanityStats = append(vanityStats, string(v.Kind))
630	}
631
632	ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Active.Did, "self")
633	var cid *string
634	if ex != nil {
635		cid = ex.Cid
636	}
637
638	_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
639		Collection: tangled.ActorProfileNSID,
640		Repo:       user.Active.Did,
641		Rkey:       "self",
642		Record: &lexutil.LexiconTypeDecoder{
643			Val: &tangled.ActorProfile{
644				Bluesky:            profile.IncludeBluesky,
645				Description:        &profile.Description,
646				Links:              profile.Links[:],
647				Location:           &profile.Location,
648				PinnedRepositories: pinnedRepoStrings,
649				Stats:              vanityStats[:],
650				Pronouns:           &profile.Pronouns,
651			}},
652		SwapRecord: cid,
653	})
654	if err != nil {
655		log.Println("failed to update profile", err)
656		s.pages.Notice(w, "update-profile", "Failed to update PDS, try again later.")
657		return
658	}
659
660	err = db.UpsertProfile(tx, profile)
661	if err != nil {
662		log.Println("failed to update profile", err)
663		s.pages.Notice(w, "update-profile", "Failed to update profile, try again later.")
664		return
665	}
666
667	s.notifier.UpdateProfile(r.Context(), profile)
668
669	s.pages.HxRedirect(w, "/"+user.Active.Did)
670}
671
672func (s *State) EditBioFragment(w http.ResponseWriter, r *http.Request) {
673	user := s.oauth.GetMultiAccountUser(r)
674
675	profile, err := db.GetProfile(s.db, user.Active.Did)
676	if err != nil {
677		log.Printf("getting profile data for %s: %s", user.Active.Did, err)
678	}
679
680	s.pages.EditBioFragment(w, pages.EditBioParams{
681		LoggedInUser: user,
682		Profile:      profile,
683	})
684}
685
686func (s *State) EditPinsFragment(w http.ResponseWriter, r *http.Request) {
687	user := s.oauth.GetMultiAccountUser(r)
688
689	profile, err := db.GetProfile(s.db, user.Active.Did)
690	if err != nil {
691		log.Printf("getting profile data for %s: %s", user.Active.Did, err)
692	}
693
694	repos, err := db.GetRepos(s.db, 0, orm.FilterEq("did", user.Active.Did))
695	if err != nil {
696		log.Printf("getting repos for %s: %s", user.Active.Did, err)
697	}
698
699	collaboratingRepos, err := db.CollaboratingIn(s.db, user.Active.Did)
700	if err != nil {
701		log.Printf("getting collaborating repos for %s: %s", user.Active.Did, err)
702	}
703
704	allRepos := []pages.PinnedRepo{}
705
706	for _, r := range repos {
707		isPinned := slices.Contains(profile.PinnedRepos[:], r.RepoAt())
708		allRepos = append(allRepos, pages.PinnedRepo{
709			IsPinned: isPinned,
710			Repo:     r,
711		})
712	}
713	for _, r := range collaboratingRepos {
714		isPinned := slices.Contains(profile.PinnedRepos[:], r.RepoAt())
715		allRepos = append(allRepos, pages.PinnedRepo{
716			IsPinned: isPinned,
717			Repo:     r,
718		})
719	}
720
721	s.pages.EditPinsFragment(w, pages.EditPinsParams{
722		LoggedInUser: user,
723		Profile:      profile,
724		AllRepos:     allRepos,
725	})
726}
727
728func (s *State) UploadProfileAvatar(w http.ResponseWriter, r *http.Request) {
729	l := s.logger.With("handler", "UploadProfileAvatar")
730	user := s.oauth.GetUser(r)
731	l = l.With("did", user.Did)
732
733	// Parse multipart form (10MB max)
734	if err := r.ParseMultipartForm(10 << 20); err != nil {
735		l.Error("failed to parse form", "err", err)
736		s.pages.Notice(w, "avatar-error", "Failed to parse form")
737		return
738	}
739
740	file, header, err := r.FormFile("avatar")
741	if err != nil {
742		l.Error("failed to read avatar file", "err", err)
743		s.pages.Notice(w, "avatar-error", "Failed to read avatar file")
744		return
745	}
746	defer file.Close()
747
748	if header.Size > 1000000 {
749		l.Warn("avatar file too large", "size", header.Size)
750		s.pages.Notice(w, "avatar-error", "Avatar file too large (max 1MB)")
751		return
752	}
753
754	contentType := header.Header.Get("Content-Type")
755	if contentType != "image/png" && contentType != "image/jpeg" {
756		l.Warn("invalid image type", "contentType", contentType)
757		s.pages.Notice(w, "avatar-error", "Invalid image type (only PNG and JPEG allowed)")
758		return
759	}
760
761	client, err := s.oauth.AuthorizedClient(r)
762	if err != nil {
763		l.Error("failed to get PDS client", "err", err)
764		s.pages.Notice(w, "avatar-error", "Failed to connect to your PDS")
765		return
766	}
767
768	uploadBlobResp, err := xrpc.RepoUploadBlob(r.Context(), client, file, header.Header.Get("Content-Type"))
769	if err != nil {
770		l.Error("failed to upload avatar blob", "err", err)
771		s.pages.Notice(w, "avatar-error", "Failed to upload avatar to your PDS")
772		return
773	}
774
775	l.Info("uploaded avatar blob", "cid", uploadBlobResp.Blob.Ref.String())
776
777	// get current profile record from PDS to get its CID for swap
778	getRecordResp, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Did, "self")
779	if err != nil {
780		l.Error("failed to get current profile record", "err", err)
781		s.pages.Notice(w, "avatar-error", "Failed to get current profile from your PDS")
782		return
783	}
784
785	var profileRecord *tangled.ActorProfile
786	if getRecordResp.Value != nil {
787		if val, ok := getRecordResp.Value.Val.(*tangled.ActorProfile); ok {
788			profileRecord = val
789		} else {
790			l.Warn("profile record type assertion failed, creating new record")
791			profileRecord = &tangled.ActorProfile{}
792		}
793	} else {
794		l.Warn("no existing profile record, creating new record")
795		profileRecord = &tangled.ActorProfile{}
796	}
797
798	profileRecord.Avatar = uploadBlobResp.Blob
799
800	_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
801		Collection: tangled.ActorProfileNSID,
802		Repo:       user.Did,
803		Rkey:       "self",
804		Record:     &lexutil.LexiconTypeDecoder{Val: profileRecord},
805		SwapRecord: getRecordResp.Cid,
806	})
807
808	if err != nil {
809		l.Error("failed to update profile record", "err", err)
810		s.pages.Notice(w, "avatar-error", "Failed to update profile on your PDS")
811		return
812	}
813
814	l.Info("successfully updated profile with avatar")
815
816	profile, err := db.GetProfile(s.db, user.Did)
817	if err != nil {
818		l.Warn("getting profile data from DB", "err", err)
819		profile = &models.Profile{Did: user.Did}
820	}
821	profile.Avatar = uploadBlobResp.Blob.Ref.String()
822
823	tx, err := s.db.BeginTx(r.Context(), nil)
824	if err != nil {
825		l.Error("failed to start transaction", "err", err)
826		s.pages.HxRefresh(w)
827		w.WriteHeader(http.StatusOK)
828		return
829	}
830
831	err = db.UpsertProfile(tx, profile)
832	if err != nil {
833		l.Error("failed to update profile in DB", "err", err)
834		s.pages.HxRefresh(w)
835		w.WriteHeader(http.StatusOK)
836		return
837	}
838
839	s.pages.HxRedirect(w, r.Header.Get("Referer"))
840}
841
842func (s *State) RemoveProfileAvatar(w http.ResponseWriter, r *http.Request) {
843	l := s.logger.With("handler", "RemoveProfileAvatar")
844	user := s.oauth.GetUser(r)
845	l = l.With("did", user.Did)
846
847	client, err := s.oauth.AuthorizedClient(r)
848	if err != nil {
849		l.Error("failed to get PDS client", "err", err)
850		s.pages.Notice(w, "avatar-error", "Failed to connect to your PDS")
851		return
852	}
853
854	getRecordResp, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Did, "self")
855	if err != nil {
856		l.Error("failed to get current profile record", "err", err)
857		s.pages.Notice(w, "avatar-error", "Failed to get current profile from your PDS")
858		return
859	}
860
861	var profileRecord *tangled.ActorProfile
862	if getRecordResp.Value != nil {
863		if val, ok := getRecordResp.Value.Val.(*tangled.ActorProfile); ok {
864			profileRecord = val
865		} else {
866			l.Warn("profile record type assertion failed")
867			profileRecord = &tangled.ActorProfile{}
868		}
869	} else {
870		l.Warn("no existing profile record")
871		profileRecord = &tangled.ActorProfile{}
872	}
873
874	profileRecord.Avatar = nil
875
876	_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
877		Collection: tangled.ActorProfileNSID,
878		Repo:       user.Did,
879		Rkey:       "self",
880		Record:     &lexutil.LexiconTypeDecoder{Val: profileRecord},
881		SwapRecord: getRecordResp.Cid,
882	})
883
884	if err != nil {
885		l.Error("failed to update profile record", "err", err)
886		s.pages.Notice(w, "avatar-error", "Failed to remove avatar from your PDS")
887		return
888	}
889
890	l.Info("successfully removed avatar from PDS")
891
892	profile, err := db.GetProfile(s.db, user.Did)
893	if err != nil {
894		l.Warn("getting profile data from DB", "err", err)
895		profile = &models.Profile{Did: user.Did}
896	}
897	profile.Avatar = ""
898
899	tx, err := s.db.BeginTx(r.Context(), nil)
900	if err != nil {
901		l.Error("failed to start transaction", "err", err)
902		s.pages.HxRefresh(w)
903		w.WriteHeader(http.StatusOK)
904		return
905	}
906
907	err = db.UpsertProfile(tx, profile)
908	if err != nil {
909		l.Error("failed to update profile in DB", "err", err)
910		s.pages.HxRefresh(w)
911		w.WriteHeader(http.StatusOK)
912		return
913	}
914
915	s.pages.HxRedirect(w, r.Header.Get("Referer"))
916}