smokesignal.events
The smokesignal.events web application
feature: private event content
+451
-88
+43
-58
Cargo.toml
+43
-58
Cargo.toml
···
34
atproto-record = { git = "https://tangled.org/@smokesignal.events/atproto-identity-rs" }
35
atproto-xrpcs = { git = "https://tangled.org/@smokesignal.events/atproto-identity-rs" }
36
37
anyhow = "1.0"
38
async-trait = "0.1"
39
-
axum-extra = { version = "0.10", features = ["cookie", "cookie-private", "form", "query", "cookie-key-expansion", "typed-header", "typed-routing"] }
40
axum = { version = "0.8", features = ["http2", "macros", "multipart"] }
41
axum-template = { version = "3.0", features = ["minijinja-autoreload", "minijinja"] }
42
base64 = "0.22"
43
chrono-tz = { version = "0.10", features = ["serde"] }
44
-
chrono = { version = "0.4", default-features = false, features = ["std", "alloc", "now", "serde"] }
45
-
futures-util = { version = "0.3", features = ["sink"] }
46
-
headers = "0.4"
47
http = "1.1"
48
serde_json = { version = "1.0", features = ["alloc"] }
49
-
serde = { version = "1.0", features = ["alloc", "derive"] }
50
thiserror = "2.0"
51
-
tokio-util = { version = "0.7", features = ["net", "rt", "tracing"] }
52
tokio = { version = "1.41", features = ["bytes", "macros", "net", "rt", "rt-multi-thread", "signal", "sync"] }
53
tower-http = { version = "0.6", features = ["cors", "fs", "timeout", "trace", "tracing"] }
54
-
tower = { version = "0.5", features = ["limit", "timeout", "tokio", "tracing"] }
55
-
tracing-subscriber = { version = "0.3", features = ["env-filter", "chrono", "json"] }
56
tracing = { version = "0.1", features = ["async-await", "log", "valuable"] }
57
-
reqwest = { version = "0.12", features = ["json", "zstd", "rustls-tls"] }
58
-
reqwest-chain = "1"
59
-
reqwest-middleware = { version = "0.4", features = ["http2", "json", "multipart"] }
60
-
reqwest-retry = "0.7"
61
-
regex = "1"
62
-
duration-str = "0.11"
63
-
minijinja = { version = "2.7", features = ["builtins", "json", "urlencode"] }
64
-
minijinja-autoreload = { version = "2.7", optional = true }
65
-
minijinja-embed = { version = "2.7", optional = true }
66
-
axum-htmx = { version = "0.7", features = ["auto-vary"] }
67
-
hickory-resolver = { version = "0.24", features = ["dns-over-https-rustls", "dns-over-rustls", "rustls", "tokio-rustls"] }
68
-
rand = "0.8"
69
-
async-stream = "0.3"
70
-
tokio-stream = "0.1"
71
url = "2.5"
72
-
cookie = "0.18"
73
-
ammonia = "4"
74
-
rust-embed = "8.5"
75
-
sqlx = { version = "0.8", default-features = false, features = ["derive", "macros", "migrate", "json", "runtime-tokio", "postgres", "chrono", "tls-rustls-ring-native-roots"] }
76
-
elliptic-curve = { version = "0.13.8", features = ["pem", "pkcs8", "sec1", "std", "alloc", "digest", "ecdh", "jwk", "bits"] }
77
-
p256 = { version = "0.13.2", features = ["ecdsa-core", "jwk", "serde", "ecdh"] }
78
-
ordermap = "0.5"
79
urlencoding = "2.1"
80
-
ulid = { version = "1.1", features = ["serde"] }
81
-
unic-langid = "0.9"
82
-
intl-memoizer = "0.5"
83
-
fluent = "0.16"
84
-
fluent-bundle = "0.15"
85
-
fluent-syntax = "0.11"
86
-
sha2 = "0.10.8"
87
-
redis = { version = "0.28", features = ["tokio-comp", "tokio-rustls-comp"] }
88
-
itertools = "0.14.0"
89
-
deadpool = "0.12.2"
90
-
deadpool-redis = {version = "0.20.0", features = ["connection-manager", "tokio-comp", "tokio-rustls-comp"] }
91
-
crockford = "1.2.1"
92
-
tokio-websockets = { version = "0.11.3", features = ["client", "rand", "ring", "rustls-native-roots"] }
93
-
zstd = "0.13.3"
94
-
once_cell = "1.19"
95
-
parking_lot = "0.12"
96
-
metrohash = "1.0.7"
97
-
minio = { version = "0.3", optional = true }
98
-
bytes = "1.10.1"
99
-
bloomfilter = "1.0.15"
100
-
image = "0.25"
101
-
opensearch = { version = "2.3.0", default-features = false, features = ["rustls-tls"] }
102
-
icalendar = "0.16"
103
-
lru = "0.16.0"
104
-
lettre = {version = "0.11.19", default-features = false, features = ["builder", "hostname", "pool", "smtp-transport", "rustls-tls", "tokio1-rustls-tls"]}
105
-
hmac = "0.12.1"
106
-
hex = "0.4.3"
107
-
css-inline = "0.18.0"
108
-
minify-html-onepass = "0.18.1"
109
110
[profile.release]
111
opt-level = 3
···
34
atproto-record = { git = "https://tangled.org/@smokesignal.events/atproto-identity-rs" }
35
atproto-xrpcs = { git = "https://tangled.org/@smokesignal.events/atproto-identity-rs" }
36
37
+
ammonia = "4"
38
anyhow = "1.0"
39
async-trait = "0.1"
40
axum = { version = "0.8", features = ["http2", "macros", "multipart"] }
41
+
axum-extra = { version = "0.12", features = ["cookie", "cookie-private", "form", "query", "cookie-key-expansion", "typed-header", "typed-routing", "cached"] }
42
+
axum-htmx = { version = "0.8", features = ["auto-vary"] }
43
axum-template = { version = "3.0", features = ["minijinja-autoreload", "minijinja"] }
44
base64 = "0.22"
45
+
bloomfilter = "3"
46
+
bytes = "1.10"
47
+
chrono = { version = "0.4", default-features = false, features = ["std", "alloc", "now", "serde"] }
48
chrono-tz = { version = "0.10", features = ["serde"] }
49
+
cookie = "0.18"
50
+
crockford = "1.2"
51
+
css-inline = "0.18"
52
+
deadpool-redis = {version = "0.22", features = ["connection-manager", "tokio-comp", "tokio-rustls-comp"] }
53
+
elliptic-curve = { version = "0.13", features = ["pem", "pkcs8", "sec1", "std", "alloc", "digest", "ecdh", "jwk", "bits"] }
54
+
fluent = "0.17"
55
+
fluent-bundle = "0.16"
56
+
fluent-syntax = "0.12"
57
+
hex = "0.4.3"
58
+
hmac = "0.12"
59
http = "1.1"
60
+
icalendar = "0.17"
61
+
image = "0.25"
62
+
intl-memoizer = "0.5"
63
+
itertools = "0.14"
64
+
lettre = {version = "0.11", default-features = false, features = ["builder", "hostname", "pool", "smtp-transport", "rustls-tls", "tokio1-rustls-tls"]}
65
+
lru = "0.16"
66
+
metrohash = "1.0"
67
+
minify-html-onepass = "0.18"
68
+
minijinja = { version = "2.7", features = ["builtins", "json", "urlencode"] }
69
+
minijinja-autoreload = { version = "2.7", optional = true }
70
+
minijinja-embed = { version = "2.7", optional = true }
71
+
minio = { version = "0.3", optional = true }
72
+
once_cell = "1.19"
73
+
opensearch = { version = "2.3", default-features = false, features = ["rustls-tls"] }
74
+
ordermap = "1"
75
+
p256 = { version = "0.13", features = ["ecdsa-core", "jwk", "serde", "ecdh"] }
76
+
rand = "0.9"
77
+
regex = "1"
78
+
reqwest = { version = "0.12", features = ["json", "zstd", "rustls-tls"] }
79
+
rust-embed = "8.5"
80
+
serde = { version = "1.0", features = ["alloc", "derive"] }
81
serde_json = { version = "1.0", features = ["alloc"] }
82
+
sha2 = "0.10"
83
+
sqlx = { version = "0.8", default-features = false, features = ["derive", "macros", "migrate", "json", "runtime-tokio", "postgres", "chrono", "tls-rustls-ring-native-roots"] }
84
thiserror = "2.0"
85
tokio = { version = "1.41", features = ["bytes", "macros", "net", "rt", "rt-multi-thread", "signal", "sync"] }
86
+
tokio-util = { version = "0.7", features = ["net", "rt", "tracing"] }
87
tower-http = { version = "0.6", features = ["cors", "fs", "timeout", "trace", "tracing"] }
88
tracing = { version = "0.1", features = ["async-await", "log", "valuable"] }
89
+
tracing-subscriber = { version = "0.3", features = ["env-filter", "chrono", "json"] }
90
+
ulid = { version = "1.1", features = ["serde"] }
91
+
unic-langid = "0.9"
92
url = "2.5"
93
urlencoding = "2.1"
94
95
[profile.release]
96
opt-level = 3
+11
migrations/20251105000002_private_event_content.sql
+11
migrations/20251105000002_private_event_content.sql
···
···
1
+
-- Create private_event_content table for conditional event content
2
+
CREATE TABLE private_event_content (
3
+
aturi TEXT PRIMARY KEY,
4
+
display_criteria JSONB NOT NULL DEFAULT '[]',
5
+
content TEXT NOT NULL DEFAULT '',
6
+
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
7
+
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
8
+
);
9
+
10
+
-- Create index for faster lookups
11
+
CREATE INDEX idx_private_event_content_aturi ON private_event_content(aturi);
+1
-1
src/bin/crypto.rs
+1
-1
src/bin/crypto.rs
+3
-1
src/http/errors/create_rsvp_errors.rs
+3
-1
src/http/errors/create_rsvp_errors.rs
···
17
///
18
/// This error occurs when a user attempts to RSVP to an event that requires
19
/// confirmed email addresses, but the user has not confirmed their email address.
20
-
#[error("error-smokesignal-create-rsvp-2 Email confirmation required: This event requires a confirmed email address to RSVP. Please confirm your email address in your settings.")]
21
EmailConfirmationRequired,
22
}
···
17
///
18
/// This error occurs when a user attempts to RSVP to an event that requires
19
/// confirmed email addresses, but the user has not confirmed their email address.
20
+
#[error(
21
+
"error-smokesignal-create-rsvp-2 Email confirmation required: This event requires a confirmed email address to RSVP. Please confirm your email address in your settings."
22
+
)]
23
EmailConfirmationRequired,
24
}
+5
src/http/event_form.rs
+5
src/http/event_form.rs
···
158
pub send_notifications: Option<bool>,
159
160
pub require_confirmed_email: Option<bool>,
161
+
162
+
pub private_content: Option<String>,
163
+
pub private_content_criteria_going_confirmed: Option<bool>,
164
+
pub private_content_criteria_going: Option<bool>,
165
+
pub private_content_criteria_interested: Option<bool>,
166
}
167
168
impl From<BuildEventForm> for BuildLocationForm {
+2
-1
src/http/handle_create_rsvp.rs
+2
-1
src/http/handle_create_rsvp.rs
···
118
if !found_errors {
119
// Check if the event requires confirmed email
120
let event_aturi = build_rsvp_form.subject_aturi.as_ref().unwrap();
121
-
let event = crate::storage::event::event_get(&web_context.pool, event_aturi).await?;
122
123
if event.require_confirmed_email {
124
// Check if user has confirmed email
···
118
if !found_errors {
119
// Check if the event requires confirmed email
120
let event_aturi = build_rsvp_form.subject_aturi.as_ref().unwrap();
121
+
let event =
122
+
crate::storage::event::event_get(&web_context.pool, event_aturi).await?;
123
124
if event.require_confirmed_email {
125
// Check if user has confirmed email
+76
-1
src/http/handle_edit_event.rs
+76
-1
src/http/handle_edit_event.rs
···
198
build_event_form.description = Some(description.clone());
199
build_event_form.require_confirmed_email = Some(event.require_confirmed_email);
200
201
// If we have a single address location, populate the form fields with its data
202
if let LocationEditStatus::Editable(Address {
203
country,
···
650
error_template,
651
default_context,
652
err,
653
-
StatusCode::OK
654
);
655
}
656
657
// Send email notifications to RSVP holders if checkbox is checked and emailer is enabled
···
198
build_event_form.description = Some(description.clone());
199
build_event_form.require_confirmed_email = Some(event.require_confirmed_email);
200
201
+
// Load private event content if it exists
202
+
if let Ok(Some(private_content)) =
203
+
crate::storage::private_event_content::private_event_content_get(
204
+
&ctx.web_context.pool,
205
+
&lookup_aturi,
206
+
)
207
+
.await
208
+
{
209
+
build_event_form.private_content = Some(private_content.content);
210
+
211
+
// Set checkboxes based on criteria
212
+
for criterion in private_content.display_criteria.0.iter() {
213
+
match criterion.as_str() {
214
+
"going_confirmed" => {
215
+
build_event_form.private_content_criteria_going_confirmed = Some(true)
216
+
}
217
+
"going" => build_event_form.private_content_criteria_going = Some(true),
218
+
"interested" => {
219
+
build_event_form.private_content_criteria_interested = Some(true)
220
+
}
221
+
_ => {}
222
+
}
223
+
}
224
+
}
225
+
226
// If we have a single address location, populate the form fields with its data
227
if let LocationEditStatus::Editable(Address {
228
country,
···
675
error_template,
676
default_context,
677
err,
678
+
StatusCode::INTERNAL_SERVER_ERROR
679
);
680
+
}
681
+
682
+
// Save private event content if provided
683
+
let private_content = build_event_form.private_content.as_deref().unwrap_or("");
684
+
685
+
// Build display criteria array from checkboxes
686
+
let mut display_criteria = Vec::new();
687
+
if build_event_form
688
+
.private_content_criteria_going_confirmed
689
+
.unwrap_or(false)
690
+
{
691
+
display_criteria.push("going_confirmed".to_string());
692
+
}
693
+
if build_event_form
694
+
.private_content_criteria_going
695
+
.unwrap_or(false)
696
+
{
697
+
display_criteria.push("going".to_string());
698
+
}
699
+
if build_event_form
700
+
.private_content_criteria_interested
701
+
.unwrap_or(false)
702
+
{
703
+
display_criteria.push("interested".to_string());
704
+
}
705
+
706
+
// Only save if there's content or criteria, otherwise delete
707
+
if !private_content.is_empty() || !display_criteria.is_empty() {
708
+
if let Err(err) =
709
+
crate::storage::private_event_content::private_event_content_upsert(
710
+
&ctx.web_context.pool,
711
+
&lookup_aturi,
712
+
&display_criteria,
713
+
private_content,
714
+
)
715
+
.await
716
+
{
717
+
tracing::error!("Failed to save private event content: {:?}", err);
718
+
}
719
+
} else {
720
+
// Delete private content if both content and criteria are empty
721
+
if let Err(err) =
722
+
crate::storage::private_event_content::private_event_content_delete(
723
+
&ctx.web_context.pool,
724
+
&lookup_aturi,
725
+
)
726
+
.await
727
+
{
728
+
tracing::error!("Failed to delete private event content: {:?}", err);
729
+
}
730
}
731
732
// Send email notifications to RSVP holders if checkbox is checked and emailer is enabled
+6
-4
src/http/handle_oauth_aip_login.rs
+6
-4
src/http/handle_oauth_aip_login.rs
···
12
use axum_template::RenderHtml;
13
use http::StatusCode;
14
use minijinja::context as template_context;
15
-
use rand::{Rng, distributions::Alphanumeric};
16
use serde::Deserialize;
17
18
use crate::{
···
86
87
if let Some(subject) = validated_subject {
88
// Generate OAuth parameters
89
-
let state: String = rand::thread_rng()
90
.sample_iter(&Alphanumeric)
91
.take(30)
92
.map(char::from)
93
.collect();
94
-
let nonce: String = rand::thread_rng()
95
.sample_iter(&Alphanumeric)
96
.take(30)
97
.map(char::from)
···
218
stringify(oauth_args)
219
);
220
221
-
if hx_request && let Ok(hx_redirect) = HxRedirect::try_from(destination.as_str()) {
222
return Ok((StatusCode::OK, hx_redirect, "").into_response());
223
}
224
···
12
use axum_template::RenderHtml;
13
use http::StatusCode;
14
use minijinja::context as template_context;
15
+
use rand::{Rng, distr::Alphanumeric};
16
use serde::Deserialize;
17
18
use crate::{
···
86
87
if let Some(subject) = validated_subject {
88
// Generate OAuth parameters
89
+
let state: String = rand::rng()
90
.sample_iter(&Alphanumeric)
91
.take(30)
92
.map(char::from)
93
.collect();
94
+
let nonce: String = rand::rng()
95
.sample_iter(&Alphanumeric)
96
.take(30)
97
.map(char::from)
···
218
stringify(oauth_args)
219
);
220
221
+
if hx_request {
222
+
let hx_redirect = HxRedirect::try_from(destination.as_str())
223
+
.expect("HxRedirect construction should not fail");
224
return Ok((StatusCode::OK, hx_redirect, "").into_response());
225
}
226
+3
-3
src/http/handle_oauth_login.rs
+3
-3
src/http/handle_oauth_login.rs
···
16
use axum_template::RenderHtml;
17
use http::StatusCode;
18
use minijinja::context as template_context;
19
-
use rand::{Rng, distributions::Alphanumeric};
20
use serde::Deserialize;
21
22
use crate::{
···
180
return contextual_error!(web_context, language, error_template, default_context, err);
181
}
182
183
-
let state: String = rand::thread_rng()
184
.sample_iter(&Alphanumeric)
185
.take(30)
186
.map(char::from)
187
.collect();
188
-
let nonce: String = rand::thread_rng()
189
.sample_iter(&Alphanumeric)
190
.take(30)
191
.map(char::from)
···
16
use axum_template::RenderHtml;
17
use http::StatusCode;
18
use minijinja::context as template_context;
19
+
use rand::{Rng, distr::Alphanumeric};
20
use serde::Deserialize;
21
22
use crate::{
···
180
return contextual_error!(web_context, language, error_template, default_context, err);
181
}
182
183
+
let state: String = rand::rng()
184
.sample_iter(&Alphanumeric)
185
.take(30)
186
.map(char::from)
187
.collect();
188
+
let nonce: String = rand::rng()
189
.sample_iter(&Alphanumeric)
190
.take(30)
191
.map(char::from)
+80
-13
src/http/handle_view_event.rs
+80
-13
src/http/handle_view_event.rs
···
28
use crate::storage::event::event_exists;
29
use crate::storage::event::event_get;
30
use crate::storage::event::get_event_rsvps_with_validation;
31
-
use crate::storage::event::get_user_rsvp_with_email_shared;
32
use crate::storage::identity_profile::handle_for_did;
33
use crate::storage::identity_profile::handle_for_handle;
34
use crate::storage::identity_profile::handles_by_did;
···
285
.is_some_and(|current_entity| current_entity.did == profile.did);
286
287
// Get user's RSVP status if logged in
288
-
let user_rsvp_status = if let Some(current_entity) = &ctx.current_handle {
289
-
match get_user_rsvp_with_email_shared(&ctx.web_context.pool, &aturi, ¤t_entity.did)
290
.await
291
-
{
292
-
Ok(Some((status, _email_shared))) => Some(status),
293
-
Ok(None) => None,
294
-
Err(err) => {
295
-
tracing::error!("Error getting user RSVP status: {:?}", err);
296
-
None
297
}
298
-
}
299
-
} else {
300
-
None
301
-
};
302
303
// Check if there's a pending acceptance ticket for the current user's RSVP
304
let pending_acceptance = if let Some(current_entity) = &ctx.current_handle {
···
398
let interested_tab_url = format!("?tab=interested&collection={}", encoded_collection);
399
let notgoing_tab_url = format!("?tab=notgoing&collection={}", encoded_collection);
400
401
Ok((
402
StatusCode::OK,
403
RenderHtml(
···
424
notgoing_tab_url,
425
// Email confirmation status
426
user_has_confirmed_email,
427
},
428
),
429
)
···
28
use crate::storage::event::event_exists;
29
use crate::storage::event::event_get;
30
use crate::storage::event::get_event_rsvps_with_validation;
31
+
use crate::storage::event::get_user_rsvp_status_and_validation;
32
use crate::storage::identity_profile::handle_for_did;
33
use crate::storage::identity_profile::handle_for_handle;
34
use crate::storage::identity_profile::handles_by_did;
···
285
.is_some_and(|current_entity| current_entity.did == profile.did);
286
287
// Get user's RSVP status if logged in
288
+
let (user_rsvp_status, user_rsvp_is_validated) =
289
+
if let Some(current_entity) = &ctx.current_handle {
290
+
match get_user_rsvp_status_and_validation(
291
+
&ctx.web_context.pool,
292
+
&aturi,
293
+
¤t_entity.did,
294
+
)
295
.await
296
+
{
297
+
Ok(Some((status, is_validated))) => (Some(status), is_validated),
298
+
Ok(None) => (None, false),
299
+
Err(err) => {
300
+
tracing::error!("Error getting user RSVP status: {:?}", err);
301
+
(None, false)
302
+
}
303
}
304
+
} else {
305
+
(None, false)
306
+
};
307
308
// Check if there's a pending acceptance ticket for the current user's RSVP
309
let pending_acceptance = if let Some(current_entity) = &ctx.current_handle {
···
403
let interested_tab_url = format!("?tab=interested&collection={}", encoded_collection);
404
let notgoing_tab_url = format!("?tab=notgoing&collection={}", encoded_collection);
405
406
+
// Check if private content should be displayed
407
+
let private_content = if ctx.current_handle.is_some() {
408
+
// Load private event content
409
+
if let Ok(Some(private_event_content)) =
410
+
crate::storage::private_event_content::private_event_content_get(
411
+
&ctx.web_context.pool,
412
+
&aturi,
413
+
)
414
+
.await
415
+
{
416
+
// Check if viewer meets any of the display criteria
417
+
let mut meets_criteria = false;
418
+
419
+
// If display_criteria is empty, show to anyone who has RSVP'd
420
+
if private_event_content.display_criteria.0.is_empty() {
421
+
meets_criteria = user_rsvp_status.is_some();
422
+
} else {
423
+
// Check specific criteria
424
+
for criterion in private_event_content.display_criteria.0.iter() {
425
+
match criterion.as_str() {
426
+
"going_confirmed" => {
427
+
// Check if user has "going" status AND has a validated RSVP
428
+
if user_rsvp_status.as_deref() == Some("going")
429
+
&& user_rsvp_is_validated
430
+
{
431
+
meets_criteria = true;
432
+
break;
433
+
}
434
+
}
435
+
"going" => {
436
+
// Check if user has "going" status
437
+
if user_rsvp_status.as_deref() == Some("going") {
438
+
meets_criteria = true;
439
+
break;
440
+
}
441
+
}
442
+
"interested" => {
443
+
// Check if user has "interested" status
444
+
if user_rsvp_status.as_deref() == Some("interested") {
445
+
meets_criteria = true;
446
+
break;
447
+
}
448
+
}
449
+
_ => {}
450
+
}
451
+
}
452
+
}
453
+
454
+
if meets_criteria {
455
+
Some(private_event_content.content)
456
+
} else {
457
+
None
458
+
}
459
+
} else {
460
+
None
461
+
}
462
+
} else {
463
+
None
464
+
};
465
+
466
Ok((
467
StatusCode::OK,
468
RenderHtml(
···
489
notgoing_tab_url,
490
// Email confirmation status
491
user_has_confirmed_email,
492
+
// Private event content
493
+
private_content,
494
},
495
),
496
)
+3
-2
src/storage/content.rs
+3
-2
src/storage/content.rs
···
319
bloom_filter_capacity: usize,
320
bloom_filter_error_rate: f64,
321
) -> Self {
322
-
let bloom_filter = Bloom::new_for_fp_rate(bloom_filter_capacity, bloom_filter_error_rate);
323
324
Self {
325
underlying_storage,
···
381
// This is a limitation of bloom filters - in production you might want
382
// to use a counting bloom filter or periodically reset the filter
383
let mut filter = self.not_found_filter.write().await;
384
-
*filter = Bloom::new_for_fp_rate(10000, 0.01);
385
}
386
}
387
···
319
bloom_filter_capacity: usize,
320
bloom_filter_error_rate: f64,
321
) -> Self {
322
+
let bloom_filter = Bloom::new_for_fp_rate(bloom_filter_capacity, bloom_filter_error_rate)
323
+
.expect("TODO fix this");
324
325
Self {
326
underlying_storage,
···
382
// This is a limitation of bloom filters - in production you might want
383
// to use a counting bloom filter or periodically reset the filter
384
let mut filter = self.not_found_filter.write().await;
385
+
*filter = Bloom::new_for_fp_rate(10000, 0.01).expect("TODO fix this");
386
}
387
}
388
+2
-2
src/storage/event.rs
+2
-2
src/storage/event.rs
···
589
Ok(status)
590
}
591
592
-
pub async fn get_user_rsvp_with_email_shared(
593
pool: &StoragePool,
594
event_aturi: &str,
595
did: &str,
···
614
.map_err(StorageError::CannotBeginDatabaseTransaction)?;
615
616
let result = sqlx::query_as::<_, (String, bool)>(
617
-
"SELECT status, email_shared FROM rsvps WHERE event_aturi = $1 AND did = $2",
618
)
619
.bind(event_aturi)
620
.bind(did)
···
589
Ok(status)
590
}
591
592
+
pub async fn get_user_rsvp_status_and_validation(
593
pool: &StoragePool,
594
event_aturi: &str,
595
did: &str,
···
614
.map_err(StorageError::CannotBeginDatabaseTransaction)?;
615
616
let result = sqlx::query_as::<_, (String, bool)>(
617
+
"SELECT status, validated_at IS NOT NULL FROM rsvps WHERE event_aturi = $1 AND did = $2",
618
)
619
.bind(event_aturi)
620
.bind(did)
+1
src/storage/mod.rs
+1
src/storage/mod.rs
+119
src/storage/private_event_content.rs
+119
src/storage/private_event_content.rs
···
···
1
+
use chrono::Utc;
2
+
use serde::{Deserialize, Serialize};
3
+
use serde_json::json;
4
+
use sqlx::FromRow;
5
+
6
+
use crate::storage::StoragePool;
7
+
use crate::storage::errors::StorageError;
8
+
9
+
#[derive(Clone, FromRow, Deserialize, Serialize, Debug)]
10
+
pub struct PrivateEventContent {
11
+
pub aturi: String,
12
+
pub display_criteria: sqlx::types::Json<Vec<String>>,
13
+
pub content: String,
14
+
pub created_at: chrono::DateTime<Utc>,
15
+
pub updated_at: chrono::DateTime<Utc>,
16
+
}
17
+
18
+
/// Upsert private event content for an event
19
+
pub async fn private_event_content_upsert(
20
+
pool: &StoragePool,
21
+
aturi: &str,
22
+
display_criteria: &[String],
23
+
content: &str,
24
+
) -> Result<(), StorageError> {
25
+
// Validate aturi is not empty
26
+
if aturi.trim().is_empty() {
27
+
return Err(StorageError::UnableToExecuteQuery(sqlx::Error::Protocol(
28
+
"Event URI cannot be empty".into(),
29
+
)));
30
+
}
31
+
32
+
let mut tx = pool
33
+
.begin()
34
+
.await
35
+
.map_err(StorageError::CannotBeginDatabaseTransaction)?;
36
+
37
+
let now = Utc::now();
38
+
39
+
sqlx::query(
40
+
"INSERT INTO private_event_content (aturi, display_criteria, content, created_at, updated_at)
41
+
VALUES ($1, $2, $3, $4, $5)
42
+
ON CONFLICT (aturi) DO UPDATE SET
43
+
display_criteria = $2,
44
+
content = $3,
45
+
updated_at = $5",
46
+
)
47
+
.bind(aturi)
48
+
.bind(json!(display_criteria))
49
+
.bind(content)
50
+
.bind(now)
51
+
.bind(now)
52
+
.execute(tx.as_mut())
53
+
.await
54
+
.map_err(StorageError::UnableToExecuteQuery)?;
55
+
56
+
tx.commit()
57
+
.await
58
+
.map_err(StorageError::CannotCommitDatabaseTransaction)
59
+
}
60
+
61
+
/// Get private event content for an event by AT-URI
62
+
pub async fn private_event_content_get(
63
+
pool: &StoragePool,
64
+
aturi: &str,
65
+
) -> Result<Option<PrivateEventContent>, StorageError> {
66
+
// Validate aturi is not empty
67
+
if aturi.trim().is_empty() {
68
+
return Err(StorageError::UnableToExecuteQuery(sqlx::Error::Protocol(
69
+
"Event URI cannot be empty".into(),
70
+
)));
71
+
}
72
+
73
+
let mut tx = pool
74
+
.begin()
75
+
.await
76
+
.map_err(StorageError::CannotBeginDatabaseTransaction)?;
77
+
78
+
let content = sqlx::query_as::<_, PrivateEventContent>(
79
+
"SELECT * FROM private_event_content WHERE aturi = $1",
80
+
)
81
+
.bind(aturi)
82
+
.fetch_optional(tx.as_mut())
83
+
.await
84
+
.map_err(StorageError::UnableToExecuteQuery)?;
85
+
86
+
tx.commit()
87
+
.await
88
+
.map_err(StorageError::CannotCommitDatabaseTransaction)?;
89
+
90
+
Ok(content)
91
+
}
92
+
93
+
/// Delete private event content for an event
94
+
pub async fn private_event_content_delete(
95
+
pool: &StoragePool,
96
+
aturi: &str,
97
+
) -> Result<(), StorageError> {
98
+
// Validate aturi is not empty
99
+
if aturi.trim().is_empty() {
100
+
return Err(StorageError::UnableToExecuteQuery(sqlx::Error::Protocol(
101
+
"Event URI cannot be empty".into(),
102
+
)));
103
+
}
104
+
105
+
let mut tx = pool
106
+
.begin()
107
+
.await
108
+
.map_err(StorageError::CannotBeginDatabaseTransaction)?;
109
+
110
+
sqlx::query("DELETE FROM private_event_content WHERE aturi = $1")
111
+
.bind(aturi)
112
+
.execute(tx.as_mut())
113
+
.await
114
+
.map_err(StorageError::UnableToExecuteQuery)?;
115
+
116
+
tx.commit()
117
+
.await
118
+
.map_err(StorageError::CannotCommitDatabaseTransaction)
119
+
}
+2
-2
src/task_webhooks.rs
+2
-2
src/task_webhooks.rs
···
2
use atproto_identity::traits::DidDocumentStorage;
3
use atproto_oauth::jwt::{Claims, Header, mint};
4
use chrono::Utc;
5
-
use rand::distributions::{Alphanumeric, DistString};
6
use serde::{Deserialize, Serialize};
7
use serde_json::json;
8
use sqlx::PgPool;
···
197
let header: Header = self.service_key.0.clone().try_into()?;
198
199
let now = Utc::now();
200
-
let jti = Alphanumeric.sample_string(&mut rand::thread_rng(), 30);
201
202
// Create base claims
203
let mut claims = Claims::default();
···
2
use atproto_identity::traits::DidDocumentStorage;
3
use atproto_oauth::jwt::{Claims, Header, mint};
4
use chrono::Utc;
5
+
use rand::distr::{Alphanumeric, SampleString};
6
use serde::{Deserialize, Serialize};
7
use serde_json::json;
8
use sqlx::PgPool;
···
197
let header: Header = self.service_key.0.clone().try_into()?;
198
199
let now = Utc::now();
200
+
let jti = Alphanumeric.sample_string(&mut rand::rng(), 30);
201
202
// Create base claims
203
let mut claims = Claims::default();
+74
templates/en-us/edit_event.common.html
+74
templates/en-us/edit_event.common.html
···
68
</a>
69
</div>
70
71
+
<div class="box has-background-link-light">
72
+
<h2 class="title is-4">Private Event Content</h2>
73
+
<p class="mb-4">Add content that will only be visible to attendees who meet specific criteria. This content is stored off-protocol and not published to your PDS.</p>
74
+
75
+
<form hx-post="/{{ handle_slug }}/{{ event_rkey }}/edit" hx-target="body" hx-swap="outerHTML">
76
+
<!-- Include all other form fields as hidden to preserve state -->
77
+
<input type="hidden" name="build_state" value="Selected">
78
+
{% if build_event_form.name %}
79
+
<input type="hidden" name="name" value="{{ build_event_form.name }}">
80
+
{% endif %}
81
+
{% if build_event_form.description %}
82
+
<input type="hidden" name="description" value="{{ build_event_form.description }}">
83
+
{% endif %}
84
+
{% if build_event_form.status %}
85
+
<input type="hidden" name="status" value="{{ build_event_form.status }}">
86
+
{% endif %}
87
+
{% if build_event_form.mode %}
88
+
<input type="hidden" name="mode" value="{{ build_event_form.mode }}">
89
+
{% endif %}
90
+
{% if build_event_form.starts_at %}
91
+
<input type="hidden" name="starts_at" value="{{ build_event_form.starts_at }}">
92
+
{% endif %}
93
+
{% if build_event_form.ends_at %}
94
+
<input type="hidden" name="ends_at" value="{{ build_event_form.ends_at }}">
95
+
{% endif %}
96
+
{% if build_event_form.require_confirmed_email %}
97
+
<input type="hidden" name="require_confirmed_email" value="true">
98
+
{% endif %}
99
+
100
+
<div class="field">
101
+
<label class="label" for="privateContentTextarea">Private Content</label>
102
+
<div class="control">
103
+
<textarea class="textarea" id="privateContentTextarea" name="private_content"
104
+
maxlength="5000" rows="6"
105
+
placeholder="Information that only specific attendees can see...">{% if build_event_form.private_content %}{{ build_event_form.private_content }}{% endif %}</textarea>
106
+
</div>
107
+
<p class="help">This content will only be shown to attendees who meet the selected criteria below.</p>
108
+
</div>
109
+
110
+
<div class="field">
111
+
<label class="label">Show to:</label>
112
+
<div class="control">
113
+
<label class="checkbox is-block mb-2">
114
+
<input type="checkbox" name="private_content_criteria_going_confirmed" value="true"
115
+
{% if build_event_form.private_content_criteria_going_confirmed %}checked{% endif %}>
116
+
Attendees with "Going" status who have accepted their RSVP ticket
117
+
</label>
118
+
<label class="checkbox is-block mb-2">
119
+
<input type="checkbox" name="private_content_criteria_going" value="true"
120
+
{% if build_event_form.private_content_criteria_going %}checked{% endif %}>
121
+
All attendees with "Going" status
122
+
</label>
123
+
<label class="checkbox is-block">
124
+
<input type="checkbox" name="private_content_criteria_interested" value="true"
125
+
{% if build_event_form.private_content_criteria_interested %}checked{% endif %}>
126
+
Attendees with "Interested" status
127
+
</label>
128
+
</div>
129
+
<p class="help mt-2">Select one or more criteria. Content will be shown if the viewer matches any selected criterion.</p>
130
+
</div>
131
+
132
+
<div class="field">
133
+
<div class="control">
134
+
<button type="submit" class="button is-link">
135
+
<span class="icon">
136
+
<i class="fas fa-save"></i>
137
+
</span>
138
+
<span>Save Private Content</span>
139
+
</button>
140
+
</div>
141
+
</div>
142
+
</form>
143
+
</div>
144
+
145
{% if delete_event_url %}
146
{% include 'en-us/delete_event.partial.html' %}
147
{% endif %}
+20
templates/en-us/view_event.common.html
+20
templates/en-us/view_event.common.html
···
279
</div>
280
</section>
281
282
+
{% if private_content %}
283
+
<section class="section">
284
+
<div class="container">
285
+
<article class="message is-info">
286
+
<div class="message-header">
287
+
<p>
288
+
<span class="icon">
289
+
<i class="fas fa-lock"></i>
290
+
</span>
291
+
<span>Private Event Information</span>
292
+
</p>
293
+
</div>
294
+
<div class="message-body" style="word-break: break-word; white-space: pre-wrap;">
295
+
{{ private_content }}
296
+
</div>
297
+
</article>
298
+
</div>
299
+
</section>
300
+
{% endif %}
301
+
302
<section class="section" id="rsvps">
303
<div class="container">
304
<div class="tabs">