tangled.org
Monorepo for Tangled
tangled.org
appview: remove `oauth.User` type
This is not required anymore. `MultiAccountUser` can just hold active
user DID.
Signed-off-by: Seongmin Lee <git@boltless.me>
boltless.me
+19
-19
appview/issues/issues.go
+19
-19
appview/issues/issues.go
···
103
104
userReactions := map[models.ReactionKind]bool{}
105
if user != nil {
106
-
userReactions = db.GetReactionStatusMap(rp.db, user.Active.Did, issue.AtUri())
107
}
108
109
backlinks, err := db.GetBacklinks(rp.db, issue.AtUri())
···
182
return
183
}
184
185
-
ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueNSID, user.Active.Did, newIssue.Rkey)
186
if err != nil {
187
l.Error("failed to get record", "err", err)
188
rp.pages.Notice(w, noticeId, "Failed to edit issue, no record found on PDS.")
···
191
192
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
193
Collection: tangled.RepoIssueNSID,
194
-
Repo: user.Active.Did,
195
Rkey: newIssue.Rkey,
196
SwapRecord: ex.Cid,
197
Record: &lexutil.LexiconTypeDecoder{
···
306
return
307
}
308
309
-
roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())}
310
isRepoOwner := roles.IsOwner()
311
isCollaborator := roles.IsCollaborator()
312
-
isIssueOwner := user.Active.Did == issue.Did
313
314
// TODO: make this more granular
315
if isIssueOwner || isRepoOwner || isCollaborator {
···
326
issue.Open = false
327
328
// notify about the issue closure
329
-
rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Active.Did), issue)
330
331
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
332
rp.pages.HxLocation(w, fmt.Sprintf("/%s/issues/%d", ownerSlashRepo, issue.IssueId))
···
354
return
355
}
356
357
-
roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())}
358
isRepoOwner := roles.IsOwner()
359
isCollaborator := roles.IsCollaborator()
360
-
isIssueOwner := user.Active.Did == issue.Did
361
362
if isCollaborator || isRepoOwner || isIssueOwner {
363
err := db.ReopenIssues(
···
373
issue.Open = true
374
375
// notify about the issue reopen
376
-
rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Active.Did), issue)
377
378
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
379
rp.pages.HxLocation(w, fmt.Sprintf("/%s/issues/%d", ownerSlashRepo, issue.IssueId))
···
416
mentions, references := rp.mentionsResolver.Resolve(r.Context(), body)
417
418
comment := models.IssueComment{
419
-
Did: user.Active.Did,
420
Rkey: tid.TID(),
421
IssueAt: issue.AtUri().String(),
422
ReplyTo: replyTo,
···
557
}
558
comment := comments[0]
559
560
-
if comment.Did != user.Active.Did {
561
-
l.Error("unauthorized comment edit", "expectedDid", comment.Did, "gotDid", user.Active.Did)
562
http.Error(w, "you are not the author of this comment", http.StatusUnauthorized)
563
return
564
}
···
608
// rkey is optional, it was introduced later
609
if newComment.Rkey != "" {
610
// update the record on pds
611
-
ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueCommentNSID, user.Active.Did, comment.Rkey)
612
if err != nil {
613
l.Error("failed to get record", "err", err, "did", newComment.Did, "rkey", newComment.Rkey)
614
rp.pages.Notice(w, fmt.Sprintf("comment-%s-status", commentId), "Failed to update description, no record found on PDS.")
···
617
618
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
619
Collection: tangled.RepoIssueCommentNSID,
620
-
Repo: user.Active.Did,
621
Rkey: newComment.Rkey,
622
SwapRecord: ex.Cid,
623
Record: &lexutil.LexiconTypeDecoder{
···
739
}
740
comment := comments[0]
741
742
-
if comment.Did != user.Active.Did {
743
-
l.Error("unauthorized action", "expectedDid", comment.Did, "gotDid", user.Active.Did)
744
http.Error(w, "you are not the author of this comment", http.StatusUnauthorized)
745
return
746
}
···
769
}
770
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
771
Collection: tangled.RepoIssueCommentNSID,
772
-
Repo: user.Active.Did,
773
Rkey: comment.Rkey,
774
})
775
if err != nil {
···
1015
Title: r.FormValue("title"),
1016
Body: body,
1017
Open: true,
1018
-
Did: user.Active.Did,
1019
Created: time.Now(),
1020
Mentions: mentions,
1021
References: references,
···
1039
}
1040
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
1041
Collection: tangled.RepoIssueNSID,
1042
-
Repo: user.Active.Did,
1043
Rkey: issue.Rkey,
1044
Record: &lexutil.LexiconTypeDecoder{
1045
Val: &record,
···
103
104
userReactions := map[models.ReactionKind]bool{}
105
if user != nil {
106
+
userReactions = db.GetReactionStatusMap(rp.db, user.Did, issue.AtUri())
107
}
108
109
backlinks, err := db.GetBacklinks(rp.db, issue.AtUri())
···
182
return
183
}
184
185
+
ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueNSID, user.Did, newIssue.Rkey)
186
if err != nil {
187
l.Error("failed to get record", "err", err)
188
rp.pages.Notice(w, noticeId, "Failed to edit issue, no record found on PDS.")
···
191
192
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
193
Collection: tangled.RepoIssueNSID,
194
+
Repo: user.Did,
195
Rkey: newIssue.Rkey,
196
SwapRecord: ex.Cid,
197
Record: &lexutil.LexiconTypeDecoder{
···
306
return
307
}
308
309
+
roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
310
isRepoOwner := roles.IsOwner()
311
isCollaborator := roles.IsCollaborator()
312
+
isIssueOwner := user.Did == issue.Did
313
314
// TODO: make this more granular
315
if isIssueOwner || isRepoOwner || isCollaborator {
···
326
issue.Open = false
327
328
// notify about the issue closure
329
+
rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Did), issue)
330
331
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
332
rp.pages.HxLocation(w, fmt.Sprintf("/%s/issues/%d", ownerSlashRepo, issue.IssueId))
···
354
return
355
}
356
357
+
roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
358
isRepoOwner := roles.IsOwner()
359
isCollaborator := roles.IsCollaborator()
360
+
isIssueOwner := user.Did == issue.Did
361
362
if isCollaborator || isRepoOwner || isIssueOwner {
363
err := db.ReopenIssues(
···
373
issue.Open = true
374
375
// notify about the issue reopen
376
+
rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Did), issue)
377
378
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
379
rp.pages.HxLocation(w, fmt.Sprintf("/%s/issues/%d", ownerSlashRepo, issue.IssueId))
···
416
mentions, references := rp.mentionsResolver.Resolve(r.Context(), body)
417
418
comment := models.IssueComment{
419
+
Did: user.Did,
420
Rkey: tid.TID(),
421
IssueAt: issue.AtUri().String(),
422
ReplyTo: replyTo,
···
557
}
558
comment := comments[0]
559
560
+
if comment.Did != user.Did {
561
+
l.Error("unauthorized comment edit", "expectedDid", comment.Did, "gotDid", user.Did)
562
http.Error(w, "you are not the author of this comment", http.StatusUnauthorized)
563
return
564
}
···
608
// rkey is optional, it was introduced later
609
if newComment.Rkey != "" {
610
// update the record on pds
611
+
ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueCommentNSID, user.Did, comment.Rkey)
612
if err != nil {
613
l.Error("failed to get record", "err", err, "did", newComment.Did, "rkey", newComment.Rkey)
614
rp.pages.Notice(w, fmt.Sprintf("comment-%s-status", commentId), "Failed to update description, no record found on PDS.")
···
617
618
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
619
Collection: tangled.RepoIssueCommentNSID,
620
+
Repo: user.Did,
621
Rkey: newComment.Rkey,
622
SwapRecord: ex.Cid,
623
Record: &lexutil.LexiconTypeDecoder{
···
739
}
740
comment := comments[0]
741
742
+
if comment.Did != user.Did {
743
+
l.Error("unauthorized action", "expectedDid", comment.Did, "gotDid", user.Did)
744
http.Error(w, "you are not the author of this comment", http.StatusUnauthorized)
745
return
746
}
···
769
}
770
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
771
Collection: tangled.RepoIssueCommentNSID,
772
+
Repo: user.Did,
773
Rkey: comment.Rkey,
774
})
775
if err != nil {
···
1015
Title: r.FormValue("title"),
1016
Body: body,
1017
Open: true,
1018
+
Did: user.Did,
1019
Created: time.Now(),
1020
Mentions: mentions,
1021
References: references,
···
1039
}
1040
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
1041
Collection: tangled.RepoIssueNSID,
1042
+
Repo: user.Did,
1043
Rkey: issue.Rkey,
1044
Record: &lexutil.LexiconTypeDecoder{
1045
Val: &record,
+24
-24
appview/knots/knots.go
+24
-24
appview/knots/knots.go
···
60
user := k.OAuth.GetMultiAccountUser(r)
61
registrations, err := db.GetRegistrations(
62
k.Db,
63
-
orm.FilterEq("did", user.Active.Did),
64
)
65
if err != nil {
66
k.Logger.Error("failed to fetch knot registrations", "err", err)
···
78
l := k.Logger.With("handler", "dashboard")
79
80
user := k.OAuth.GetMultiAccountUser(r)
81
-
l = l.With("user", user.Active.Did)
82
83
domain := chi.URLParam(r, "domain")
84
if domain == "" {
···
88
89
registrations, err := db.GetRegistrations(
90
k.Db,
91
-
orm.FilterEq("did", user.Active.Did),
92
orm.FilterEq("domain", domain),
93
)
94
if err != nil {
···
158
return
159
}
160
l = l.With("domain", domain)
161
-
l = l.With("user", user.Active.Did)
162
163
tx, err := k.Db.Begin()
164
if err != nil {
···
171
k.Enforcer.E.LoadPolicy()
172
}()
173
174
-
err = db.AddKnot(tx, domain, user.Active.Did)
175
if err != nil {
176
l.Error("failed to insert", "err", err)
177
fail()
···
193
return
194
}
195
196
-
ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Active.Did, domain)
197
var exCid *string
198
if ex != nil {
199
exCid = ex.Cid
···
202
// re-announce by registering under same rkey
203
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
204
Collection: tangled.KnotNSID,
205
-
Repo: user.Active.Did,
206
Rkey: domain,
207
Record: &lexutil.LexiconTypeDecoder{
208
Val: &tangled.Knot{
···
233
}
234
235
// begin verification
236
-
err = serververify.RunVerification(r.Context(), domain, user.Active.Did, k.Config.Core.Dev)
237
if err != nil {
238
l.Error("verification failed", "err", err)
239
k.Pages.HxRefresh(w)
240
return
241
}
242
243
-
err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Active.Did)
244
if err != nil {
245
l.Error("failed to mark verified", "err", err)
246
k.Pages.HxRefresh(w)
···
277
// get record from db first
278
registrations, err := db.GetRegistrations(
279
k.Db,
280
-
orm.FilterEq("did", user.Active.Did),
281
orm.FilterEq("domain", domain),
282
)
283
if err != nil {
···
305
306
err = db.DeleteKnot(
307
tx,
308
-
orm.FilterEq("did", user.Active.Did),
309
orm.FilterEq("domain", domain),
310
)
311
if err != nil {
···
333
334
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
335
Collection: tangled.KnotNSID,
336
-
Repo: user.Active.Did,
337
Rkey: domain,
338
})
339
if err != nil {
···
381
return
382
}
383
l = l.With("domain", domain)
384
-
l = l.With("user", user.Active.Did)
385
386
// get record from db first
387
registrations, err := db.GetRegistrations(
388
k.Db,
389
-
orm.FilterEq("did", user.Active.Did),
390
orm.FilterEq("domain", domain),
391
)
392
if err != nil {
···
402
registration := registrations[0]
403
404
// begin verification
405
-
err = serververify.RunVerification(r.Context(), domain, user.Active.Did, k.Config.Core.Dev)
406
if err != nil {
407
l.Error("verification failed", "err", err)
408
···
420
return
421
}
422
423
-
err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Active.Did)
424
if err != nil {
425
l.Error("failed to mark verified", "err", err)
426
k.Pages.Notice(w, noticeId, err.Error())
···
439
return
440
}
441
442
-
ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Active.Did, domain)
443
var exCid *string
444
if ex != nil {
445
exCid = ex.Cid
···
448
// ignore the error here
449
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
450
Collection: tangled.KnotNSID,
451
-
Repo: user.Active.Did,
452
Rkey: domain,
453
Record: &lexutil.LexiconTypeDecoder{
454
Val: &tangled.Knot{
···
477
// Get updated registration to show
478
registrations, err = db.GetRegistrations(
479
k.Db,
480
-
orm.FilterEq("did", user.Active.Did),
481
orm.FilterEq("domain", domain),
482
)
483
if err != nil {
···
509
return
510
}
511
l = l.With("domain", domain)
512
-
l = l.With("user", user.Active.Did)
513
514
registrations, err := db.GetRegistrations(
515
k.Db,
516
-
orm.FilterEq("did", user.Active.Did),
517
orm.FilterEq("domain", domain),
518
orm.FilterIsNot("registered", "null"),
519
)
···
566
567
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
568
Collection: tangled.KnotMemberNSID,
569
-
Repo: user.Active.Did,
570
Rkey: rkey,
571
Record: &lexutil.LexiconTypeDecoder{
572
Val: &tangled.KnotMember{
···
617
return
618
}
619
l = l.With("domain", domain)
620
-
l = l.With("user", user.Active.Did)
621
622
registrations, err := db.GetRegistrations(
623
k.Db,
624
-
orm.FilterEq("did", user.Active.Did),
625
orm.FilterEq("domain", domain),
626
orm.FilterIsNot("registered", "null"),
627
)
···
60
user := k.OAuth.GetMultiAccountUser(r)
61
registrations, err := db.GetRegistrations(
62
k.Db,
63
+
orm.FilterEq("did", user.Did),
64
)
65
if err != nil {
66
k.Logger.Error("failed to fetch knot registrations", "err", err)
···
78
l := k.Logger.With("handler", "dashboard")
79
80
user := k.OAuth.GetMultiAccountUser(r)
81
+
l = l.With("user", user.Did)
82
83
domain := chi.URLParam(r, "domain")
84
if domain == "" {
···
88
89
registrations, err := db.GetRegistrations(
90
k.Db,
91
+
orm.FilterEq("did", user.Did),
92
orm.FilterEq("domain", domain),
93
)
94
if err != nil {
···
158
return
159
}
160
l = l.With("domain", domain)
161
+
l = l.With("user", user.Did)
162
163
tx, err := k.Db.Begin()
164
if err != nil {
···
171
k.Enforcer.E.LoadPolicy()
172
}()
173
174
+
err = db.AddKnot(tx, domain, user.Did)
175
if err != nil {
176
l.Error("failed to insert", "err", err)
177
fail()
···
193
return
194
}
195
196
+
ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Did, domain)
197
var exCid *string
198
if ex != nil {
199
exCid = ex.Cid
···
202
// re-announce by registering under same rkey
203
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
204
Collection: tangled.KnotNSID,
205
+
Repo: user.Did,
206
Rkey: domain,
207
Record: &lexutil.LexiconTypeDecoder{
208
Val: &tangled.Knot{
···
233
}
234
235
// begin verification
236
+
err = serververify.RunVerification(r.Context(), domain, user.Did, k.Config.Core.Dev)
237
if err != nil {
238
l.Error("verification failed", "err", err)
239
k.Pages.HxRefresh(w)
240
return
241
}
242
243
+
err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Did)
244
if err != nil {
245
l.Error("failed to mark verified", "err", err)
246
k.Pages.HxRefresh(w)
···
277
// get record from db first
278
registrations, err := db.GetRegistrations(
279
k.Db,
280
+
orm.FilterEq("did", user.Did),
281
orm.FilterEq("domain", domain),
282
)
283
if err != nil {
···
305
306
err = db.DeleteKnot(
307
tx,
308
+
orm.FilterEq("did", user.Did),
309
orm.FilterEq("domain", domain),
310
)
311
if err != nil {
···
333
334
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
335
Collection: tangled.KnotNSID,
336
+
Repo: user.Did,
337
Rkey: domain,
338
})
339
if err != nil {
···
381
return
382
}
383
l = l.With("domain", domain)
384
+
l = l.With("user", user.Did)
385
386
// get record from db first
387
registrations, err := db.GetRegistrations(
388
k.Db,
389
+
orm.FilterEq("did", user.Did),
390
orm.FilterEq("domain", domain),
391
)
392
if err != nil {
···
402
registration := registrations[0]
403
404
// begin verification
405
+
err = serververify.RunVerification(r.Context(), domain, user.Did, k.Config.Core.Dev)
406
if err != nil {
407
l.Error("verification failed", "err", err)
408
···
420
return
421
}
422
423
+
err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Did)
424
if err != nil {
425
l.Error("failed to mark verified", "err", err)
426
k.Pages.Notice(w, noticeId, err.Error())
···
439
return
440
}
441
442
+
ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Did, domain)
443
var exCid *string
444
if ex != nil {
445
exCid = ex.Cid
···
448
// ignore the error here
449
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
450
Collection: tangled.KnotNSID,
451
+
Repo: user.Did,
452
Rkey: domain,
453
Record: &lexutil.LexiconTypeDecoder{
454
Val: &tangled.Knot{
···
477
// Get updated registration to show
478
registrations, err = db.GetRegistrations(
479
k.Db,
480
+
orm.FilterEq("did", user.Did),
481
orm.FilterEq("domain", domain),
482
)
483
if err != nil {
···
509
return
510
}
511
l = l.With("domain", domain)
512
+
l = l.With("user", user.Did)
513
514
registrations, err := db.GetRegistrations(
515
k.Db,
516
+
orm.FilterEq("did", user.Did),
517
orm.FilterEq("domain", domain),
518
orm.FilterIsNot("registered", "null"),
519
)
···
566
567
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
568
Collection: tangled.KnotMemberNSID,
569
+
Repo: user.Did,
570
Rkey: rkey,
571
Record: &lexutil.LexiconTypeDecoder{
572
Val: &tangled.KnotMember{
···
617
return
618
}
619
l = l.With("domain", domain)
620
+
l = l.With("user", user.Did)
621
622
registrations, err := db.GetRegistrations(
623
k.Db,
624
+
orm.FilterEq("did", user.Did),
625
orm.FilterEq("domain", domain),
626
orm.FilterIsNot("registered", "null"),
627
)
+1
-1
appview/labels/labels.go
+1
-1
appview/labels/labels.go
+4
-4
appview/middleware/middleware.go
+4
-4
appview/middleware/middleware.go
···
128
return
129
}
130
131
-
ok, err := mw.enforcer.E.HasGroupingPolicy(actor.Active.Did, group, domain)
132
if err != nil || !ok {
133
-
log.Printf("%s does not have perms of a %s in domain %s", actor.Active.Did, group, domain)
134
http.Error(w, "Forbiden", http.StatusUnauthorized)
135
return
136
}
···
161
return
162
}
163
164
-
ok, err := mw.enforcer.E.Enforce(actor.Active.Did, f.Knot, f.DidSlashRepo(), requiredPerm)
165
if err != nil || !ok {
166
-
log.Printf("%s does not have perms of a %s in repo %s", actor.Active.Did, requiredPerm, f.DidSlashRepo())
167
http.Error(w, "Forbiden", http.StatusUnauthorized)
168
return
169
}
···
128
return
129
}
130
131
+
ok, err := mw.enforcer.E.HasGroupingPolicy(actor.Did, group, domain)
132
if err != nil || !ok {
133
+
log.Printf("%s does not have perms of a %s in domain %s", actor.Did, group, domain)
134
http.Error(w, "Forbiden", http.StatusUnauthorized)
135
return
136
}
···
161
return
162
}
163
164
+
ok, err := mw.enforcer.E.Enforce(actor.Did, f.Knot, f.DidSlashRepo(), requiredPerm)
165
if err != nil || !ok {
166
+
log.Printf("%s does not have perms of a %s in repo %s", actor.Did, requiredPerm, f.DidSlashRepo())
167
http.Error(w, "Forbiden", http.StatusUnauthorized)
168
return
169
}
+4
-4
appview/notifications/notifications.go
+4
-4
appview/notifications/notifications.go
···
54
55
total, err := db.CountNotifications(
56
n.db,
57
-
orm.FilterEq("recipient_did", user.Active.Did),
58
)
59
if err != nil {
60
l.Error("failed to get total notifications", "err", err)
···
65
notifications, err := db.GetNotificationsWithEntities(
66
n.db,
67
page,
68
-
orm.FilterEq("recipient_did", user.Active.Did),
69
)
70
if err != nil {
71
l.Error("failed to get notifications", "err", err)
···
73
return
74
}
75
76
-
err = db.MarkAllNotificationsRead(n.db, user.Active.Did)
77
if err != nil {
78
l.Error("failed to mark notifications as read", "err", err)
79
}
···
98
99
count, err := db.CountNotifications(
100
n.db,
101
-
orm.FilterEq("recipient_did", user.Active.Did),
102
orm.FilterEq("read", 0),
103
)
104
if err != nil {
···
54
55
total, err := db.CountNotifications(
56
n.db,
57
+
orm.FilterEq("recipient_did", user.Did),
58
)
59
if err != nil {
60
l.Error("failed to get total notifications", "err", err)
···
65
notifications, err := db.GetNotificationsWithEntities(
66
n.db,
67
page,
68
+
orm.FilterEq("recipient_did", user.Did),
69
)
70
if err != nil {
71
l.Error("failed to get notifications", "err", err)
···
73
return
74
}
75
76
+
err = db.MarkAllNotificationsRead(n.db, user.Did)
77
if err != nil {
78
l.Error("failed to mark notifications as read", "err", err)
79
}
···
98
99
count, err := db.CountNotifications(
100
n.db,
101
+
orm.FilterEq("recipient_did", user.Did),
102
orm.FilterEq("read", 0),
103
)
104
if err != nil {
+2
-8
appview/oauth/accounts.go
+2
-8
appview/oauth/accounts.go
···
22
}
23
24
type MultiAccountUser struct {
25
-
Active User
26
Accounts []AccountInfo
27
-
}
28
-
29
-
func (m *MultiAccountUser) Did() string {
30
-
return m.Active.Did
31
}
32
33
func (o *OAuth) GetAccounts(r *http.Request) *AccountRegistry {
···
116
117
registry := o.GetAccounts(r)
118
return &MultiAccountUser{
119
-
Active: User{
120
-
Did: sess.Data.AccountDID.String(),
121
-
},
122
Accounts: registry.Accounts,
123
}
124
}
···
22
}
23
24
type MultiAccountUser struct {
25
+
Did string
26
Accounts []AccountInfo
27
}
28
29
func (o *OAuth) GetAccounts(r *http.Request) *AccountRegistry {
···
112
113
registry := o.GetAccounts(r)
114
return &MultiAccountUser{
115
+
Did: sess.Data.AccountDID.String(),
116
Accounts: registry.Accounts,
117
}
118
}
+1
-5
appview/oauth/oauth.go
+1
-5
appview/oauth/oauth.go
+22
-22
appview/pulls/pulls.go
+22
-22
appview/pulls/pulls.go
···
132
mergeCheckResponse := s.mergeCheck(r, f, pull, stack)
133
branchDeleteStatus := s.branchDeleteStatus(r, f, pull)
134
resubmitResult := pages.Unknown
135
-
if user.Active.Did == pull.OwnerDid {
136
resubmitResult = s.resubmitCheck(r, f, pull, stack)
137
}
138
···
195
mergeCheckResponse := s.mergeCheck(r, f, pull, stack)
196
branchDeleteStatus := s.branchDeleteStatus(r, f, pull)
197
resubmitResult := pages.Unknown
198
-
if user != nil && user.Active.Did == pull.OwnerDid {
199
resubmitResult = s.resubmitCheck(r, f, pull, stack)
200
}
201
···
236
237
userReactions := map[models.ReactionKind]bool{}
238
if user != nil {
239
-
userReactions = db.GetReactionStatusMap(s.db, user.Active.Did, pull.AtUri())
240
}
241
242
labelDefs, err := db.GetLabelDefinitions(
···
406
}
407
408
// user can only delete branch if they are a collaborator in the repo that the branch belongs to
409
-
perms := s.enforcer.GetPermissionsInRepo(user.Active.Did, repo.Knot, repo.DidSlashRepo())
410
if !slices.Contains(perms, "repo:push") {
411
return nil
412
}
···
844
}
845
atResp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
846
Collection: tangled.RepoPullCommentNSID,
847
-
Repo: user.Active.Did,
848
Rkey: tid.TID(),
849
Record: &lexutil.LexiconTypeDecoder{
850
Val: &tangled.RepoPullComment{
···
861
}
862
863
comment := &models.PullComment{
864
-
OwnerDid: user.Active.Did,
865
RepoAt: f.RepoAt().String(),
866
PullId: pull.PullId,
867
Body: body,
···
956
fromFork := r.FormValue("fork")
957
sourceBranch := r.FormValue("sourceBranch")
958
patch := r.FormValue("patch")
959
-
userDid := syntax.DID(user.Active.Did)
960
961
if targetBranch == "" {
962
s.pages.Notice(w, "pull", "Target branch is required.")
···
1586
func (s *Pulls) CompareForksFragment(w http.ResponseWriter, r *http.Request) {
1587
user := s.oauth.GetMultiAccountUser(r)
1588
1589
-
forks, err := db.GetForksByDid(s.db, user.Active.Did)
1590
if err != nil {
1591
log.Println("failed to get forks", err)
1592
return
···
1733
return
1734
}
1735
1736
-
if user == nil || user.Active.Did != pull.OwnerDid {
1737
log.Println("unauthorized user")
1738
w.WriteHeader(http.StatusUnauthorized)
1739
return
···
1747
1748
patch := r.FormValue("patch")
1749
1750
-
s.resubmitPullHelper(w, r, f, syntax.DID(user.Active.Did), pull, patch, "", "")
1751
}
1752
1753
func (s *Pulls) resubmitBranch(w http.ResponseWriter, r *http.Request) {
···
1760
return
1761
}
1762
1763
-
if user == nil || user.Active.Did != pull.OwnerDid {
1764
log.Println("unauthorized user")
1765
w.WriteHeader(http.StatusUnauthorized)
1766
return
···
1772
return
1773
}
1774
1775
-
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())}
1776
if !roles.IsPushAllowed() {
1777
log.Println("unauthorized user")
1778
w.WriteHeader(http.StatusUnauthorized)
···
1812
patch := comparison.FormatPatchRaw
1813
combined := comparison.CombinedPatchRaw
1814
1815
-
s.resubmitPullHelper(w, r, f, syntax.DID(user.Active.Did), pull, patch, combined, sourceRev)
1816
}
1817
1818
func (s *Pulls) resubmitFork(w http.ResponseWriter, r *http.Request) {
···
1825
return
1826
}
1827
1828
-
if user == nil || user.Active.Did != pull.OwnerDid {
1829
log.Println("unauthorized user")
1830
w.WriteHeader(http.StatusUnauthorized)
1831
return
···
1909
patch := comparison.FormatPatchRaw
1910
combined := comparison.CombinedPatchRaw
1911
1912
-
s.resubmitPullHelper(w, r, f, syntax.DID(user.Active.Did), pull, patch, combined, sourceRev)
1913
}
1914
1915
func (s *Pulls) resubmitPullHelper(
···
2337
2338
// notify about the pull merge
2339
for _, p := range pullsToMerge {
2340
-
s.notifier.NewPullState(r.Context(), syntax.DID(user.Active.Did), p)
2341
}
2342
2343
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
···
2361
}
2362
2363
// auth filter: only owner or collaborators can close
2364
-
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())}
2365
isOwner := roles.IsOwner()
2366
isCollaborator := roles.IsCollaborator()
2367
-
isPullAuthor := user.Active.Did == pull.OwnerDid
2368
isCloseAllowed := isOwner || isCollaborator || isPullAuthor
2369
if !isCloseAllowed {
2370
log.Println("failed to close pull")
···
2410
}
2411
2412
for _, p := range pullsToClose {
2413
-
s.notifier.NewPullState(r.Context(), syntax.DID(user.Active.Did), p)
2414
}
2415
2416
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
···
2435
}
2436
2437
// auth filter: only owner or collaborators can close
2438
-
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())}
2439
isOwner := roles.IsOwner()
2440
isCollaborator := roles.IsCollaborator()
2441
-
isPullAuthor := user.Active.Did == pull.OwnerDid
2442
isCloseAllowed := isOwner || isCollaborator || isPullAuthor
2443
if !isCloseAllowed {
2444
log.Println("failed to close pull")
···
2484
}
2485
2486
for _, p := range pullsToReopen {
2487
-
s.notifier.NewPullState(r.Context(), syntax.DID(user.Active.Did), p)
2488
}
2489
2490
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
···
132
mergeCheckResponse := s.mergeCheck(r, f, pull, stack)
133
branchDeleteStatus := s.branchDeleteStatus(r, f, pull)
134
resubmitResult := pages.Unknown
135
+
if user.Did == pull.OwnerDid {
136
resubmitResult = s.resubmitCheck(r, f, pull, stack)
137
}
138
···
195
mergeCheckResponse := s.mergeCheck(r, f, pull, stack)
196
branchDeleteStatus := s.branchDeleteStatus(r, f, pull)
197
resubmitResult := pages.Unknown
198
+
if user != nil && user.Did == pull.OwnerDid {
199
resubmitResult = s.resubmitCheck(r, f, pull, stack)
200
}
201
···
236
237
userReactions := map[models.ReactionKind]bool{}
238
if user != nil {
239
+
userReactions = db.GetReactionStatusMap(s.db, user.Did, pull.AtUri())
240
}
241
242
labelDefs, err := db.GetLabelDefinitions(
···
406
}
407
408
// user can only delete branch if they are a collaborator in the repo that the branch belongs to
409
+
perms := s.enforcer.GetPermissionsInRepo(user.Did, repo.Knot, repo.DidSlashRepo())
410
if !slices.Contains(perms, "repo:push") {
411
return nil
412
}
···
844
}
845
atResp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
846
Collection: tangled.RepoPullCommentNSID,
847
+
Repo: user.Did,
848
Rkey: tid.TID(),
849
Record: &lexutil.LexiconTypeDecoder{
850
Val: &tangled.RepoPullComment{
···
861
}
862
863
comment := &models.PullComment{
864
+
OwnerDid: user.Did,
865
RepoAt: f.RepoAt().String(),
866
PullId: pull.PullId,
867
Body: body,
···
956
fromFork := r.FormValue("fork")
957
sourceBranch := r.FormValue("sourceBranch")
958
patch := r.FormValue("patch")
959
+
userDid := syntax.DID(user.Did)
960
961
if targetBranch == "" {
962
s.pages.Notice(w, "pull", "Target branch is required.")
···
1586
func (s *Pulls) CompareForksFragment(w http.ResponseWriter, r *http.Request) {
1587
user := s.oauth.GetMultiAccountUser(r)
1588
1589
+
forks, err := db.GetForksByDid(s.db, user.Did)
1590
if err != nil {
1591
log.Println("failed to get forks", err)
1592
return
···
1733
return
1734
}
1735
1736
+
if user == nil || user.Did != pull.OwnerDid {
1737
log.Println("unauthorized user")
1738
w.WriteHeader(http.StatusUnauthorized)
1739
return
···
1747
1748
patch := r.FormValue("patch")
1749
1750
+
s.resubmitPullHelper(w, r, f, syntax.DID(user.Did), pull, patch, "", "")
1751
}
1752
1753
func (s *Pulls) resubmitBranch(w http.ResponseWriter, r *http.Request) {
···
1760
return
1761
}
1762
1763
+
if user == nil || user.Did != pull.OwnerDid {
1764
log.Println("unauthorized user")
1765
w.WriteHeader(http.StatusUnauthorized)
1766
return
···
1772
return
1773
}
1774
1775
+
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
1776
if !roles.IsPushAllowed() {
1777
log.Println("unauthorized user")
1778
w.WriteHeader(http.StatusUnauthorized)
···
1812
patch := comparison.FormatPatchRaw
1813
combined := comparison.CombinedPatchRaw
1814
1815
+
s.resubmitPullHelper(w, r, f, syntax.DID(user.Did), pull, patch, combined, sourceRev)
1816
}
1817
1818
func (s *Pulls) resubmitFork(w http.ResponseWriter, r *http.Request) {
···
1825
return
1826
}
1827
1828
+
if user == nil || user.Did != pull.OwnerDid {
1829
log.Println("unauthorized user")
1830
w.WriteHeader(http.StatusUnauthorized)
1831
return
···
1909
patch := comparison.FormatPatchRaw
1910
combined := comparison.CombinedPatchRaw
1911
1912
+
s.resubmitPullHelper(w, r, f, syntax.DID(user.Did), pull, patch, combined, sourceRev)
1913
}
1914
1915
func (s *Pulls) resubmitPullHelper(
···
2337
2338
// notify about the pull merge
2339
for _, p := range pullsToMerge {
2340
+
s.notifier.NewPullState(r.Context(), syntax.DID(user.Did), p)
2341
}
2342
2343
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
···
2361
}
2362
2363
// auth filter: only owner or collaborators can close
2364
+
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
2365
isOwner := roles.IsOwner()
2366
isCollaborator := roles.IsCollaborator()
2367
+
isPullAuthor := user.Did == pull.OwnerDid
2368
isCloseAllowed := isOwner || isCollaborator || isPullAuthor
2369
if !isCloseAllowed {
2370
log.Println("failed to close pull")
···
2410
}
2411
2412
for _, p := range pullsToClose {
2413
+
s.notifier.NewPullState(r.Context(), syntax.DID(user.Did), p)
2414
}
2415
2416
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
···
2435
}
2436
2437
// auth filter: only owner or collaborators can close
2438
+
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
2439
isOwner := roles.IsOwner()
2440
isCollaborator := roles.IsCollaborator()
2441
+
isPullAuthor := user.Did == pull.OwnerDid
2442
isCloseAllowed := isOwner || isCollaborator || isPullAuthor
2443
if !isCloseAllowed {
2444
log.Println("failed to close pull")
···
2484
}
2485
2486
for _, p := range pullsToReopen {
2487
+
s.notifier.NewPullState(r.Context(), syntax.DID(user.Did), p)
2488
}
2489
2490
ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f)
+4
-4
appview/repo/artifact.go
+4
-4
appview/repo/artifact.go
···
77
78
putRecordResp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
79
Collection: tangled.RepoArtifactNSID,
80
-
Repo: user.Active.Did,
81
Rkey: rkey,
82
Record: &lexutil.LexiconTypeDecoder{
83
Val: &tangled.RepoArtifact{
···
106
defer tx.Rollback()
107
108
artifact := models.Artifact{
109
-
Did: user.Active.Did,
110
Rkey: rkey,
111
RepoAt: f.RepoAt(),
112
Tag: tag.Tag.Hash,
···
257
258
artifact := artifacts[0]
259
260
-
if user.Active.Did != artifact.Did {
261
l.Error("user not authorized to delete artifact", "err", err)
262
rp.pages.Notice(w, "remove", "Unauthorized deletion of artifact.")
263
return
···
265
266
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
267
Collection: tangled.RepoArtifactNSID,
268
-
Repo: user.Active.Did,
269
Rkey: artifact.Rkey,
270
})
271
if err != nil {
···
77
78
putRecordResp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
79
Collection: tangled.RepoArtifactNSID,
80
+
Repo: user.Did,
81
Rkey: rkey,
82
Record: &lexutil.LexiconTypeDecoder{
83
Val: &tangled.RepoArtifact{
···
106
defer tx.Rollback()
107
108
artifact := models.Artifact{
109
+
Did: user.Did,
110
Rkey: rkey,
111
RepoAt: f.RepoAt(),
112
Tag: tag.Tag.Hash,
···
257
258
artifact := artifacts[0]
259
260
+
if user.Did != artifact.Did {
261
l.Error("user not authorized to delete artifact", "err", err)
262
rp.pages.Notice(w, "remove", "Unauthorized deletion of artifact.")
263
return
···
265
266
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
267
Collection: tangled.RepoArtifactNSID,
268
+
Repo: user.Did,
269
Rkey: artifact.Rkey,
270
})
271
if err != nil {
+21
-21
appview/repo/repo.go
+21
-21
appview/repo/repo.go
···
83
func (rp *Repo) EditSpindle(w http.ResponseWriter, r *http.Request) {
84
user := rp.oauth.GetMultiAccountUser(r)
85
l := rp.logger.With("handler", "EditSpindle")
86
-
l = l.With("did", user.Active.Did)
87
88
errorId := "operation-error"
89
fail := func(msg string, err error) {
···
107
108
if !removingSpindle {
109
// ensure that this is a valid spindle for this user
110
-
validSpindles, err := rp.enforcer.GetSpindlesForUser(user.Active.Did)
111
if err != nil {
112
fail("Failed to find spindles. Try again later.", err)
113
return
···
170
func (rp *Repo) AddLabelDef(w http.ResponseWriter, r *http.Request) {
171
user := rp.oauth.GetMultiAccountUser(r)
172
l := rp.logger.With("handler", "AddLabel")
173
-
l = l.With("did", user.Active.Did)
174
175
f, err := rp.repoResolver.Resolve(r)
176
if err != nil {
···
216
}
217
218
label := models.LabelDefinition{
219
-
Did: user.Active.Did,
220
Rkey: tid.TID(),
221
Name: name,
222
ValueType: valueType,
···
329
func (rp *Repo) DeleteLabelDef(w http.ResponseWriter, r *http.Request) {
330
user := rp.oauth.GetMultiAccountUser(r)
331
l := rp.logger.With("handler", "DeleteLabel")
332
-
l = l.With("did", user.Active.Did)
333
334
f, err := rp.repoResolver.Resolve(r)
335
if err != nil {
···
437
func (rp *Repo) SubscribeLabel(w http.ResponseWriter, r *http.Request) {
438
user := rp.oauth.GetMultiAccountUser(r)
439
l := rp.logger.With("handler", "SubscribeLabel")
440
-
l = l.With("did", user.Active.Did)
441
442
f, err := rp.repoResolver.Resolve(r)
443
if err != nil {
···
523
func (rp *Repo) UnsubscribeLabel(w http.ResponseWriter, r *http.Request) {
524
user := rp.oauth.GetMultiAccountUser(r)
525
l := rp.logger.With("handler", "UnsubscribeLabel")
526
-
l = l.With("did", user.Active.Did)
527
528
f, err := rp.repoResolver.Resolve(r)
529
if err != nil {
···
694
func (rp *Repo) AddCollaborator(w http.ResponseWriter, r *http.Request) {
695
user := rp.oauth.GetMultiAccountUser(r)
696
l := rp.logger.With("handler", "AddCollaborator")
697
-
l = l.With("did", user.Active.Did)
698
699
f, err := rp.repoResolver.Resolve(r)
700
if err != nil {
···
723
return
724
}
725
726
-
if collaboratorIdent.DID.String() == user.Active.Did {
727
fail("You seem to be adding yourself as a collaborator.", nil)
728
return
729
}
···
743
createdAt := time.Now()
744
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
745
Collection: tangled.RepoCollaboratorNSID,
746
-
Repo: currentUser.Active.Did,
747
Rkey: rkey,
748
Record: &lexutil.LexiconTypeDecoder{
749
Val: &tangled.RepoCollaborator{
···
792
}
793
794
err = db.AddCollaborator(tx, models.Collaborator{
795
-
Did: syntax.DID(currentUser.Active.Did),
796
Rkey: rkey,
797
SubjectDid: collaboratorIdent.DID,
798
RepoAt: f.RepoAt(),
···
840
}
841
_, err = comatproto.RepoDeleteRecord(r.Context(), atpClient, &comatproto.RepoDeleteRecord_Input{
842
Collection: tangled.RepoNSID,
843
-
Repo: user.Active.Did,
844
Rkey: f.Rkey,
845
})
846
if err != nil {
···
969
r.Context(),
970
client,
971
&tangled.RepoForkSync_Input{
972
-
Did: user.Active.Did,
973
Name: f.Name,
974
Source: f.Source,
975
Branch: ref,
···
998
switch r.Method {
999
case http.MethodGet:
1000
user := rp.oauth.GetMultiAccountUser(r)
1001
-
knots, err := rp.enforcer.GetKnotsForUser(user.Active.Did)
1002
if err != nil {
1003
rp.pages.Notice(w, "repo", "Invalid user account.")
1004
return
···
1020
}
1021
l = l.With("targetKnot", targetKnot)
1022
1023
-
ok, err := rp.enforcer.E.Enforce(user.Active.Did, targetKnot, targetKnot, "repo:create")
1024
if err != nil || !ok {
1025
rp.pages.Notice(w, "repo", "You do not have permission to create a repo in this knot.")
1026
return
···
1037
// in the user's account.
1038
existingRepo, err := db.GetRepo(
1039
rp.db,
1040
-
orm.FilterEq("did", user.Active.Did),
1041
orm.FilterEq("name", forkName),
1042
)
1043
if err != nil {
···
1066
// create an atproto record for this fork
1067
rkey := tid.TID()
1068
repo := &models.Repo{
1069
-
Did: user.Active.Did,
1070
Name: forkName,
1071
Knot: targetKnot,
1072
Rkey: rkey,
···
1086
1087
atresp, err := comatproto.RepoPutRecord(r.Context(), atpClient, &comatproto.RepoPutRecord_Input{
1088
Collection: tangled.RepoNSID,
1089
-
Repo: user.Active.Did,
1090
Rkey: rkey,
1091
Record: &lexutil.LexiconTypeDecoder{
1092
Val: &record,
···
1165
}
1166
1167
// acls
1168
-
p, _ := securejoin.SecureJoin(user.Active.Did, forkName)
1169
-
err = rp.enforcer.AddRepo(user.Active.Did, targetKnot, p)
1170
if err != nil {
1171
l.Error("failed to add ACLs", "err", err)
1172
rp.pages.Notice(w, "repo", "Failed to set up repository permissions.")
···
1191
aturi = ""
1192
1193
rp.notifier.NewRepo(r.Context(), repo)
1194
-
rp.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Active.Did, forkName))
1195
}
1196
}
1197
···
83
func (rp *Repo) EditSpindle(w http.ResponseWriter, r *http.Request) {
84
user := rp.oauth.GetMultiAccountUser(r)
85
l := rp.logger.With("handler", "EditSpindle")
86
+
l = l.With("did", user.Did)
87
88
errorId := "operation-error"
89
fail := func(msg string, err error) {
···
107
108
if !removingSpindle {
109
// ensure that this is a valid spindle for this user
110
+
validSpindles, err := rp.enforcer.GetSpindlesForUser(user.Did)
111
if err != nil {
112
fail("Failed to find spindles. Try again later.", err)
113
return
···
170
func (rp *Repo) AddLabelDef(w http.ResponseWriter, r *http.Request) {
171
user := rp.oauth.GetMultiAccountUser(r)
172
l := rp.logger.With("handler", "AddLabel")
173
+
l = l.With("did", user.Did)
174
175
f, err := rp.repoResolver.Resolve(r)
176
if err != nil {
···
216
}
217
218
label := models.LabelDefinition{
219
+
Did: user.Did,
220
Rkey: tid.TID(),
221
Name: name,
222
ValueType: valueType,
···
329
func (rp *Repo) DeleteLabelDef(w http.ResponseWriter, r *http.Request) {
330
user := rp.oauth.GetMultiAccountUser(r)
331
l := rp.logger.With("handler", "DeleteLabel")
332
+
l = l.With("did", user.Did)
333
334
f, err := rp.repoResolver.Resolve(r)
335
if err != nil {
···
437
func (rp *Repo) SubscribeLabel(w http.ResponseWriter, r *http.Request) {
438
user := rp.oauth.GetMultiAccountUser(r)
439
l := rp.logger.With("handler", "SubscribeLabel")
440
+
l = l.With("did", user.Did)
441
442
f, err := rp.repoResolver.Resolve(r)
443
if err != nil {
···
523
func (rp *Repo) UnsubscribeLabel(w http.ResponseWriter, r *http.Request) {
524
user := rp.oauth.GetMultiAccountUser(r)
525
l := rp.logger.With("handler", "UnsubscribeLabel")
526
+
l = l.With("did", user.Did)
527
528
f, err := rp.repoResolver.Resolve(r)
529
if err != nil {
···
694
func (rp *Repo) AddCollaborator(w http.ResponseWriter, r *http.Request) {
695
user := rp.oauth.GetMultiAccountUser(r)
696
l := rp.logger.With("handler", "AddCollaborator")
697
+
l = l.With("did", user.Did)
698
699
f, err := rp.repoResolver.Resolve(r)
700
if err != nil {
···
723
return
724
}
725
726
+
if collaboratorIdent.DID.String() == user.Did {
727
fail("You seem to be adding yourself as a collaborator.", nil)
728
return
729
}
···
743
createdAt := time.Now()
744
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
745
Collection: tangled.RepoCollaboratorNSID,
746
+
Repo: currentUser.Did,
747
Rkey: rkey,
748
Record: &lexutil.LexiconTypeDecoder{
749
Val: &tangled.RepoCollaborator{
···
792
}
793
794
err = db.AddCollaborator(tx, models.Collaborator{
795
+
Did: syntax.DID(currentUser.Did),
796
Rkey: rkey,
797
SubjectDid: collaboratorIdent.DID,
798
RepoAt: f.RepoAt(),
···
840
}
841
_, err = comatproto.RepoDeleteRecord(r.Context(), atpClient, &comatproto.RepoDeleteRecord_Input{
842
Collection: tangled.RepoNSID,
843
+
Repo: user.Did,
844
Rkey: f.Rkey,
845
})
846
if err != nil {
···
969
r.Context(),
970
client,
971
&tangled.RepoForkSync_Input{
972
+
Did: user.Did,
973
Name: f.Name,
974
Source: f.Source,
975
Branch: ref,
···
998
switch r.Method {
999
case http.MethodGet:
1000
user := rp.oauth.GetMultiAccountUser(r)
1001
+
knots, err := rp.enforcer.GetKnotsForUser(user.Did)
1002
if err != nil {
1003
rp.pages.Notice(w, "repo", "Invalid user account.")
1004
return
···
1020
}
1021
l = l.With("targetKnot", targetKnot)
1022
1023
+
ok, err := rp.enforcer.E.Enforce(user.Did, targetKnot, targetKnot, "repo:create")
1024
if err != nil || !ok {
1025
rp.pages.Notice(w, "repo", "You do not have permission to create a repo in this knot.")
1026
return
···
1037
// in the user's account.
1038
existingRepo, err := db.GetRepo(
1039
rp.db,
1040
+
orm.FilterEq("did", user.Did),
1041
orm.FilterEq("name", forkName),
1042
)
1043
if err != nil {
···
1066
// create an atproto record for this fork
1067
rkey := tid.TID()
1068
repo := &models.Repo{
1069
+
Did: user.Did,
1070
Name: forkName,
1071
Knot: targetKnot,
1072
Rkey: rkey,
···
1086
1087
atresp, err := comatproto.RepoPutRecord(r.Context(), atpClient, &comatproto.RepoPutRecord_Input{
1088
Collection: tangled.RepoNSID,
1089
+
Repo: user.Did,
1090
Rkey: rkey,
1091
Record: &lexutil.LexiconTypeDecoder{
1092
Val: &record,
···
1165
}
1166
1167
// acls
1168
+
p, _ := securejoin.SecureJoin(user.Did, forkName)
1169
+
err = rp.enforcer.AddRepo(user.Did, targetKnot, p)
1170
if err != nil {
1171
l.Error("failed to add ACLs", "err", err)
1172
rp.pages.Notice(w, "repo", "Failed to set up repository permissions.")
···
1191
aturi = ""
1192
1193
rp.notifier.NewRepo(r.Context(), repo)
1194
+
rp.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Did, forkName))
1195
}
1196
}
1197
+1
-1
appview/repo/settings.go
+1
-1
appview/repo/settings.go
+2
-2
appview/reporesolver/resolver.go
+2
-2
appview/reporesolver/resolver.go
+3
-3
appview/settings/settings.go
+3
-3
appview/settings/settings.go
···
70
func (s *Settings) profileSettings(w http.ResponseWriter, r *http.Request) {
71
user := s.OAuth.GetMultiAccountUser(r)
72
73
-
punchcardPreferences, err := db.GetPunchcardPreference(s.Db, user.Did())
74
if err != nil {
75
log.Printf("failed to get users punchcard preferences: %s", err)
76
}
···
127
128
func (s *Settings) keysSettings(w http.ResponseWriter, r *http.Request) {
129
user := s.OAuth.GetMultiAccountUser(r)
130
-
pubKeys, err := db.GetPublicKeysForDid(s.Db, user.Active.Did)
131
if err != nil {
132
log.Println(err)
133
}
···
140
141
func (s *Settings) emailsSettings(w http.ResponseWriter, r *http.Request) {
142
user := s.OAuth.GetMultiAccountUser(r)
143
-
emails, err := db.GetAllEmails(s.Db, user.Active.Did)
144
if err != nil {
145
log.Println(err)
146
}
···
70
func (s *Settings) profileSettings(w http.ResponseWriter, r *http.Request) {
71
user := s.OAuth.GetMultiAccountUser(r)
72
73
+
punchcardPreferences, err := db.GetPunchcardPreference(s.Db, user.Did)
74
if err != nil {
75
log.Printf("failed to get users punchcard preferences: %s", err)
76
}
···
127
128
func (s *Settings) keysSettings(w http.ResponseWriter, r *http.Request) {
129
user := s.OAuth.GetMultiAccountUser(r)
130
+
pubKeys, err := db.GetPublicKeysForDid(s.Db, user.Did)
131
if err != nil {
132
log.Println(err)
133
}
···
140
141
func (s *Settings) emailsSettings(w http.ResponseWriter, r *http.Request) {
142
user := s.OAuth.GetMultiAccountUser(r)
143
+
emails, err := db.GetAllEmails(s.Db, user.Did)
144
if err != nil {
145
log.Println(err)
146
}
+34
-34
appview/spindles/spindles.go
+34
-34
appview/spindles/spindles.go
···
59
user := s.OAuth.GetMultiAccountUser(r)
60
all, err := db.GetSpindles(
61
s.Db,
62
-
orm.FilterEq("owner", user.Active.Did),
63
)
64
if err != nil {
65
s.Logger.Error("failed to fetch spindles", "err", err)
···
78
l := s.Logger.With("handler", "dashboard")
79
80
user := s.OAuth.GetMultiAccountUser(r)
81
-
l = l.With("user", user.Active.Did)
82
83
instance := chi.URLParam(r, "instance")
84
if instance == "" {
···
89
spindles, err := db.GetSpindles(
90
s.Db,
91
orm.FilterEq("instance", instance),
92
-
orm.FilterEq("owner", user.Active.Did),
93
orm.FilterIsNot("verified", "null"),
94
)
95
if err != nil || len(spindles) != 1 {
···
161
return
162
}
163
l = l.With("instance", instance)
164
-
l = l.With("user", user.Active.Did)
165
166
tx, err := s.Db.Begin()
167
if err != nil {
···
175
}()
176
177
err = db.AddSpindle(tx, models.Spindle{
178
-
Owner: syntax.DID(user.Active.Did),
179
Instance: instance,
180
})
181
if err != nil {
···
199
return
200
}
201
202
-
ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.SpindleNSID, user.Active.Did, instance)
203
var exCid *string
204
if ex != nil {
205
exCid = ex.Cid
···
208
// re-announce by registering under same rkey
209
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
210
Collection: tangled.SpindleNSID,
211
-
Repo: user.Active.Did,
212
Rkey: instance,
213
Record: &lexutil.LexiconTypeDecoder{
214
Val: &tangled.Spindle{
···
239
}
240
241
// begin verification
242
-
err = serververify.RunVerification(r.Context(), instance, user.Active.Did, s.Config.Core.Dev)
243
if err != nil {
244
l.Error("verification failed", "err", err)
245
s.Pages.HxRefresh(w)
246
return
247
}
248
249
-
_, err = serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Active.Did)
250
if err != nil {
251
l.Error("failed to mark verified", "err", err)
252
s.Pages.HxRefresh(w)
···
276
277
spindles, err := db.GetSpindles(
278
s.Db,
279
-
orm.FilterEq("owner", user.Active.Did),
280
orm.FilterEq("instance", instance),
281
)
282
if err != nil || len(spindles) != 1 {
···
285
return
286
}
287
288
-
if string(spindles[0].Owner) != user.Active.Did {
289
-
l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner)
290
s.Pages.Notice(w, noticeId, "Failed to delete spindle, unauthorized deletion attempt.")
291
return
292
}
···
305
// remove spindle members first
306
err = db.RemoveSpindleMember(
307
tx,
308
-
orm.FilterEq("did", user.Active.Did),
309
orm.FilterEq("instance", instance),
310
)
311
if err != nil {
···
316
317
err = db.DeleteSpindle(
318
tx,
319
-
orm.FilterEq("owner", user.Active.Did),
320
orm.FilterEq("instance", instance),
321
)
322
if err != nil {
···
344
345
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
346
Collection: tangled.SpindleNSID,
347
-
Repo: user.Active.Did,
348
Rkey: instance,
349
})
350
if err != nil {
···
392
return
393
}
394
l = l.With("instance", instance)
395
-
l = l.With("user", user.Active.Did)
396
397
spindles, err := db.GetSpindles(
398
s.Db,
399
-
orm.FilterEq("owner", user.Active.Did),
400
orm.FilterEq("instance", instance),
401
)
402
if err != nil || len(spindles) != 1 {
···
405
return
406
}
407
408
-
if string(spindles[0].Owner) != user.Active.Did {
409
-
l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner)
410
s.Pages.Notice(w, noticeId, "Failed to verify spindle, unauthorized verification attempt.")
411
return
412
}
413
414
// begin verification
415
-
err = serververify.RunVerification(r.Context(), instance, user.Active.Did, s.Config.Core.Dev)
416
if err != nil {
417
l.Error("verification failed", "err", err)
418
···
430
return
431
}
432
433
-
rowId, err := serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Active.Did)
434
if err != nil {
435
l.Error("failed to mark verified", "err", err)
436
s.Pages.Notice(w, noticeId, err.Error())
···
468
return
469
}
470
l = l.With("instance", instance)
471
-
l = l.With("user", user.Active.Did)
472
473
spindles, err := db.GetSpindles(
474
s.Db,
475
-
orm.FilterEq("owner", user.Active.Did),
476
orm.FilterEq("instance", instance),
477
)
478
if err != nil || len(spindles) != 1 {
···
487
s.Pages.Notice(w, noticeId, defaultErr)
488
}
489
490
-
if string(spindles[0].Owner) != user.Active.Did {
491
-
l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner)
492
s.Pages.Notice(w, noticeId, "Failed to add member, unauthorized attempt.")
493
return
494
}
···
537
538
// add member to db
539
if err = db.AddSpindleMember(tx, models.SpindleMember{
540
-
Did: syntax.DID(user.Active.Did),
541
Rkey: rkey,
542
Instance: instance,
543
Subject: memberId.DID,
···
555
556
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
557
Collection: tangled.SpindleMemberNSID,
558
-
Repo: user.Active.Did,
559
Rkey: rkey,
560
Record: &lexutil.LexiconTypeDecoder{
561
Val: &tangled.SpindleMember{
···
604
return
605
}
606
l = l.With("instance", instance)
607
-
l = l.With("user", user.Active.Did)
608
609
spindles, err := db.GetSpindles(
610
s.Db,
611
-
orm.FilterEq("owner", user.Active.Did),
612
orm.FilterEq("instance", instance),
613
)
614
if err != nil || len(spindles) != 1 {
···
617
return
618
}
619
620
-
if string(spindles[0].Owner) != user.Active.Did {
621
-
l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner)
622
s.Pages.Notice(w, noticeId, "Failed to remove member, unauthorized attempt.")
623
return
624
}
···
653
// get the record from the DB first:
654
members, err := db.GetSpindleMembers(
655
s.Db,
656
-
orm.FilterEq("did", user.Active.Did),
657
orm.FilterEq("instance", instance),
658
orm.FilterEq("subject", memberId.DID),
659
)
···
666
// remove from db
667
if err = db.RemoveSpindleMember(
668
tx,
669
-
orm.FilterEq("did", user.Active.Did),
670
orm.FilterEq("instance", instance),
671
orm.FilterEq("subject", memberId.DID),
672
); err != nil {
···
692
// remove from pds
693
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
694
Collection: tangled.SpindleMemberNSID,
695
-
Repo: user.Active.Did,
696
Rkey: members[0].Rkey,
697
})
698
if err != nil {
···
59
user := s.OAuth.GetMultiAccountUser(r)
60
all, err := db.GetSpindles(
61
s.Db,
62
+
orm.FilterEq("owner", user.Did),
63
)
64
if err != nil {
65
s.Logger.Error("failed to fetch spindles", "err", err)
···
78
l := s.Logger.With("handler", "dashboard")
79
80
user := s.OAuth.GetMultiAccountUser(r)
81
+
l = l.With("user", user.Did)
82
83
instance := chi.URLParam(r, "instance")
84
if instance == "" {
···
89
spindles, err := db.GetSpindles(
90
s.Db,
91
orm.FilterEq("instance", instance),
92
+
orm.FilterEq("owner", user.Did),
93
orm.FilterIsNot("verified", "null"),
94
)
95
if err != nil || len(spindles) != 1 {
···
161
return
162
}
163
l = l.With("instance", instance)
164
+
l = l.With("user", user.Did)
165
166
tx, err := s.Db.Begin()
167
if err != nil {
···
175
}()
176
177
err = db.AddSpindle(tx, models.Spindle{
178
+
Owner: syntax.DID(user.Did),
179
Instance: instance,
180
})
181
if err != nil {
···
199
return
200
}
201
202
+
ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.SpindleNSID, user.Did, instance)
203
var exCid *string
204
if ex != nil {
205
exCid = ex.Cid
···
208
// re-announce by registering under same rkey
209
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
210
Collection: tangled.SpindleNSID,
211
+
Repo: user.Did,
212
Rkey: instance,
213
Record: &lexutil.LexiconTypeDecoder{
214
Val: &tangled.Spindle{
···
239
}
240
241
// begin verification
242
+
err = serververify.RunVerification(r.Context(), instance, user.Did, s.Config.Core.Dev)
243
if err != nil {
244
l.Error("verification failed", "err", err)
245
s.Pages.HxRefresh(w)
246
return
247
}
248
249
+
_, err = serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Did)
250
if err != nil {
251
l.Error("failed to mark verified", "err", err)
252
s.Pages.HxRefresh(w)
···
276
277
spindles, err := db.GetSpindles(
278
s.Db,
279
+
orm.FilterEq("owner", user.Did),
280
orm.FilterEq("instance", instance),
281
)
282
if err != nil || len(spindles) != 1 {
···
285
return
286
}
287
288
+
if string(spindles[0].Owner) != user.Did {
289
+
l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner)
290
s.Pages.Notice(w, noticeId, "Failed to delete spindle, unauthorized deletion attempt.")
291
return
292
}
···
305
// remove spindle members first
306
err = db.RemoveSpindleMember(
307
tx,
308
+
orm.FilterEq("did", user.Did),
309
orm.FilterEq("instance", instance),
310
)
311
if err != nil {
···
316
317
err = db.DeleteSpindle(
318
tx,
319
+
orm.FilterEq("owner", user.Did),
320
orm.FilterEq("instance", instance),
321
)
322
if err != nil {
···
344
345
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
346
Collection: tangled.SpindleNSID,
347
+
Repo: user.Did,
348
Rkey: instance,
349
})
350
if err != nil {
···
392
return
393
}
394
l = l.With("instance", instance)
395
+
l = l.With("user", user.Did)
396
397
spindles, err := db.GetSpindles(
398
s.Db,
399
+
orm.FilterEq("owner", user.Did),
400
orm.FilterEq("instance", instance),
401
)
402
if err != nil || len(spindles) != 1 {
···
405
return
406
}
407
408
+
if string(spindles[0].Owner) != user.Did {
409
+
l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner)
410
s.Pages.Notice(w, noticeId, "Failed to verify spindle, unauthorized verification attempt.")
411
return
412
}
413
414
// begin verification
415
+
err = serververify.RunVerification(r.Context(), instance, user.Did, s.Config.Core.Dev)
416
if err != nil {
417
l.Error("verification failed", "err", err)
418
···
430
return
431
}
432
433
+
rowId, err := serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Did)
434
if err != nil {
435
l.Error("failed to mark verified", "err", err)
436
s.Pages.Notice(w, noticeId, err.Error())
···
468
return
469
}
470
l = l.With("instance", instance)
471
+
l = l.With("user", user.Did)
472
473
spindles, err := db.GetSpindles(
474
s.Db,
475
+
orm.FilterEq("owner", user.Did),
476
orm.FilterEq("instance", instance),
477
)
478
if err != nil || len(spindles) != 1 {
···
487
s.Pages.Notice(w, noticeId, defaultErr)
488
}
489
490
+
if string(spindles[0].Owner) != user.Did {
491
+
l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner)
492
s.Pages.Notice(w, noticeId, "Failed to add member, unauthorized attempt.")
493
return
494
}
···
537
538
// add member to db
539
if err = db.AddSpindleMember(tx, models.SpindleMember{
540
+
Did: syntax.DID(user.Did),
541
Rkey: rkey,
542
Instance: instance,
543
Subject: memberId.DID,
···
555
556
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
557
Collection: tangled.SpindleMemberNSID,
558
+
Repo: user.Did,
559
Rkey: rkey,
560
Record: &lexutil.LexiconTypeDecoder{
561
Val: &tangled.SpindleMember{
···
604
return
605
}
606
l = l.With("instance", instance)
607
+
l = l.With("user", user.Did)
608
609
spindles, err := db.GetSpindles(
610
s.Db,
611
+
orm.FilterEq("owner", user.Did),
612
orm.FilterEq("instance", instance),
613
)
614
if err != nil || len(spindles) != 1 {
···
617
return
618
}
619
620
+
if string(spindles[0].Owner) != user.Did {
621
+
l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner)
622
s.Pages.Notice(w, noticeId, "Failed to remove member, unauthorized attempt.")
623
return
624
}
···
653
// get the record from the DB first:
654
members, err := db.GetSpindleMembers(
655
s.Db,
656
+
orm.FilterEq("did", user.Did),
657
orm.FilterEq("instance", instance),
658
orm.FilterEq("subject", memberId.DID),
659
)
···
666
// remove from db
667
if err = db.RemoveSpindleMember(
668
tx,
669
+
orm.FilterEq("did", user.Did),
670
orm.FilterEq("instance", instance),
671
orm.FilterEq("subject", memberId.DID),
672
); err != nil {
···
692
// remove from pds
693
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
694
Collection: tangled.SpindleMemberNSID,
695
+
Repo: user.Did,
696
Rkey: members[0].Rkey,
697
})
698
if err != nil {
+1
-1
appview/state/accounts.go
+1
-1
appview/state/accounts.go
+6
-6
appview/state/follow.go
+6
-6
appview/state/follow.go
···
29
return
30
}
31
32
-
if currentUser.Active.Did == subjectIdent.DID.String() {
33
log.Println("cant follow or unfollow yourself")
34
return
35
}
···
46
rkey := tid.TID()
47
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
48
Collection: tangled.GraphFollowNSID,
49
-
Repo: currentUser.Active.Did,
50
Rkey: rkey,
51
Record: &lexutil.LexiconTypeDecoder{
52
Val: &tangled.GraphFollow{
···
62
log.Println("created atproto record: ", resp.Uri)
63
64
follow := &models.Follow{
65
-
UserDid: currentUser.Active.Did,
66
SubjectDid: subjectIdent.DID.String(),
67
Rkey: rkey,
68
}
···
89
return
90
case http.MethodDelete:
91
// find the record in the db
92
-
follow, err := db.GetFollow(s.db, currentUser.Active.Did, subjectIdent.DID.String())
93
if err != nil {
94
log.Println("failed to get follow relationship")
95
return
···
97
98
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
99
Collection: tangled.GraphFollowNSID,
100
-
Repo: currentUser.Active.Did,
101
Rkey: follow.Rkey,
102
})
103
···
106
return
107
}
108
109
-
err = db.DeleteFollowByRkey(s.db, currentUser.Active.Did, follow.Rkey)
110
if err != nil {
111
log.Println("failed to delete follow from DB")
112
// this is not an issue, the firehose event might have already done this
···
29
return
30
}
31
32
+
if currentUser.Did == subjectIdent.DID.String() {
33
log.Println("cant follow or unfollow yourself")
34
return
35
}
···
46
rkey := tid.TID()
47
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
48
Collection: tangled.GraphFollowNSID,
49
+
Repo: currentUser.Did,
50
Rkey: rkey,
51
Record: &lexutil.LexiconTypeDecoder{
52
Val: &tangled.GraphFollow{
···
62
log.Println("created atproto record: ", resp.Uri)
63
64
follow := &models.Follow{
65
+
UserDid: currentUser.Did,
66
SubjectDid: subjectIdent.DID.String(),
67
Rkey: rkey,
68
}
···
89
return
90
case http.MethodDelete:
91
// find the record in the db
92
+
follow, err := db.GetFollow(s.db, currentUser.Did, subjectIdent.DID.String())
93
if err != nil {
94
log.Println("failed to get follow relationship")
95
return
···
97
98
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
99
Collection: tangled.GraphFollowNSID,
100
+
Repo: currentUser.Did,
101
Rkey: follow.Rkey,
102
})
103
···
106
return
107
}
108
109
+
err = db.DeleteFollowByRkey(s.db, currentUser.Did, follow.Rkey)
110
if err != nil {
111
log.Println("failed to delete follow from DB")
112
// this is not an issue, the firehose event might have already done this
+1
-1
appview/state/login.go
+1
-1
appview/state/login.go
+35
-39
appview/state/profile.go
+35
-39
appview/state/profile.go
···
86
loggedInUser := s.oauth.GetMultiAccountUser(r)
87
followStatus := models.IsNotFollowing
88
if loggedInUser != nil {
89
-
followStatus = db.GetFollowStatus(s.db, loggedInUser.Active.Did, did)
90
}
91
92
-
var loggedInDid string
93
-
if loggedInUser != nil {
94
-
loggedInDid = loggedInUser.Did()
95
-
}
96
-
showPunchcard := s.shouldShowPunchcard(did, loggedInDid)
97
98
var punchcard *models.Punchcard
99
if showPunchcard {
···
352
353
loggedInUserFollowing := make(map[string]struct{})
354
if loggedInUser != nil {
355
-
following, err := db.GetFollowing(s.db, loggedInUser.Active.Did)
356
if err != nil {
357
-
l.Error("failed to get follow list", "err", err, "loggedInUser", loggedInUser.Active.Did)
358
return ¶ms, err
359
}
360
loggedInUserFollowing = make(map[string]struct{}, len(following))
···
369
followStatus := models.IsNotFollowing
370
if _, exists := loggedInUserFollowing[did]; exists {
371
followStatus = models.IsFollowing
372
-
} else if loggedInUser != nil && loggedInUser.Active.Did == did {
373
followStatus = models.IsSelf
374
}
375
···
575
return
576
}
577
578
-
profile, err := db.GetProfile(s.db, user.Active.Did)
579
if err != nil {
580
-
log.Printf("getting profile data for %s: %s", user.Active.Did, err)
581
}
582
if profile == nil {
583
-
profile = &models.Profile{Did: user.Active.Did}
584
}
585
586
profile.Description = r.FormValue("description")
···
621
return
622
}
623
624
-
profile, err := db.GetProfile(s.db, user.Active.Did)
625
if err != nil {
626
-
log.Printf("getting profile data for %s: %s", user.Active.Did, err)
627
}
628
if profile == nil {
629
-
profile = &models.Profile{Did: user.Active.Did}
630
}
631
632
i := 0
···
681
vanityStats = append(vanityStats, string(v.Kind))
682
}
683
684
-
ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Active.Did, "self")
685
var cid *string
686
if ex != nil {
687
cid = ex.Cid
···
689
690
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
691
Collection: tangled.ActorProfileNSID,
692
-
Repo: user.Active.Did,
693
Rkey: "self",
694
Record: &lexutil.LexiconTypeDecoder{
695
Val: &tangled.ActorProfile{
···
718
719
s.notifier.UpdateProfile(r.Context(), profile)
720
721
-
s.pages.HxRedirect(w, "/"+user.Active.Did)
722
}
723
724
func (s *State) EditBioFragment(w http.ResponseWriter, r *http.Request) {
725
user := s.oauth.GetMultiAccountUser(r)
726
727
-
profile, err := db.GetProfile(s.db, user.Active.Did)
728
if err != nil {
729
-
log.Printf("getting profile data for %s: %s", user.Active.Did, err)
730
}
731
if profile == nil {
732
-
profile = &models.Profile{Did: user.Active.Did}
733
}
734
735
s.pages.EditBioFragment(w, pages.EditBioParams{
···
741
func (s *State) EditPinsFragment(w http.ResponseWriter, r *http.Request) {
742
user := s.oauth.GetMultiAccountUser(r)
743
744
-
profile, err := db.GetProfile(s.db, user.Active.Did)
745
if err != nil {
746
-
log.Printf("getting profile data for %s: %s", user.Active.Did, err)
747
}
748
if profile == nil {
749
-
profile = &models.Profile{Did: user.Active.Did}
750
}
751
752
-
repos, err := db.GetRepos(s.db, 0, orm.FilterEq("did", user.Active.Did))
753
if err != nil {
754
-
log.Printf("getting repos for %s: %s", user.Active.Did, err)
755
}
756
757
-
collaboratingRepos, err := db.CollaboratingIn(s.db, user.Active.Did)
758
if err != nil {
759
-
log.Printf("getting collaborating repos for %s: %s", user.Active.Did, err)
760
}
761
762
allRepos := []pages.PinnedRepo{}
···
786
func (s *State) UploadProfileAvatar(w http.ResponseWriter, r *http.Request) {
787
l := s.logger.With("handler", "UploadProfileAvatar")
788
user := s.oauth.GetMultiAccountUser(r)
789
-
l = l.With("did", user.Active.Did)
790
791
// Parse multipart form (10MB max)
792
if err := r.ParseMultipartForm(10 << 20); err != nil {
···
833
l.Info("uploaded avatar blob", "cid", uploadBlobResp.Blob.Ref.String())
834
835
// get current profile record from PDS to get its CID for swap
836
-
getRecordResp, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Active.Did, "self")
837
if err != nil {
838
l.Error("failed to get current profile record", "err", err)
839
s.pages.Notice(w, "avatar-error", "Failed to get current profile from your PDS")
···
857
858
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
859
Collection: tangled.ActorProfileNSID,
860
-
Repo: user.Active.Did,
861
Rkey: "self",
862
Record: &lexutil.LexiconTypeDecoder{Val: profileRecord},
863
SwapRecord: getRecordResp.Cid,
···
871
872
l.Info("successfully updated profile with avatar")
873
874
-
profile, err := db.GetProfile(s.db, user.Active.Did)
875
if err != nil {
876
l.Warn("getting profile data from DB", "err", err)
877
}
878
if profile == nil {
879
-
profile = &models.Profile{Did: user.Active.Did}
880
}
881
profile.Avatar = uploadBlobResp.Blob.Ref.String()
882
···
902
func (s *State) RemoveProfileAvatar(w http.ResponseWriter, r *http.Request) {
903
l := s.logger.With("handler", "RemoveProfileAvatar")
904
user := s.oauth.GetMultiAccountUser(r)
905
-
l = l.With("did", user.Active.Did)
906
907
client, err := s.oauth.AuthorizedClient(r)
908
if err != nil {
···
911
return
912
}
913
914
-
getRecordResp, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Active.Did, "self")
915
if err != nil {
916
l.Error("failed to get current profile record", "err", err)
917
s.pages.Notice(w, "avatar-error", "Failed to get current profile from your PDS")
···
935
936
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
937
Collection: tangled.ActorProfileNSID,
938
-
Repo: user.Active.Did,
939
Rkey: "self",
940
Record: &lexutil.LexiconTypeDecoder{Val: profileRecord},
941
SwapRecord: getRecordResp.Cid,
···
949
950
l.Info("successfully removed avatar from PDS")
951
952
-
profile, err := db.GetProfile(s.db, user.Active.Did)
953
if err != nil {
954
l.Warn("getting profile data from DB", "err", err)
955
}
956
if profile == nil {
957
-
profile = &models.Profile{Did: user.Active.Did}
958
}
959
profile.Avatar = ""
960
···
995
hideOthers = true
996
}
997
998
-
err = db.UpsertPunchcardPreference(s.db, user.Active.Did, hideMine, hideOthers)
999
if err != nil {
1000
log.Println("failed to update punchcard preferences", err)
1001
return
···
86
loggedInUser := s.oauth.GetMultiAccountUser(r)
87
followStatus := models.IsNotFollowing
88
if loggedInUser != nil {
89
+
followStatus = db.GetFollowStatus(s.db, loggedInUser.Did, did)
90
}
91
92
+
showPunchcard := s.shouldShowPunchcard(did, loggedInUser.Did)
93
94
var punchcard *models.Punchcard
95
if showPunchcard {
···
348
349
loggedInUserFollowing := make(map[string]struct{})
350
if loggedInUser != nil {
351
+
following, err := db.GetFollowing(s.db, loggedInUser.Did)
352
if err != nil {
353
+
l.Error("failed to get follow list", "err", err, "loggedInUser", loggedInUser.Did)
354
return ¶ms, err
355
}
356
loggedInUserFollowing = make(map[string]struct{}, len(following))
···
365
followStatus := models.IsNotFollowing
366
if _, exists := loggedInUserFollowing[did]; exists {
367
followStatus = models.IsFollowing
368
+
} else if loggedInUser != nil && loggedInUser.Did == did {
369
followStatus = models.IsSelf
370
}
371
···
571
return
572
}
573
574
+
profile, err := db.GetProfile(s.db, user.Did)
575
if err != nil {
576
+
log.Printf("getting profile data for %s: %s", user.Did, err)
577
}
578
if profile == nil {
579
+
profile = &models.Profile{Did: user.Did}
580
}
581
582
profile.Description = r.FormValue("description")
···
617
return
618
}
619
620
+
profile, err := db.GetProfile(s.db, user.Did)
621
if err != nil {
622
+
log.Printf("getting profile data for %s: %s", user.Did, err)
623
}
624
if profile == nil {
625
+
profile = &models.Profile{Did: user.Did}
626
}
627
628
i := 0
···
677
vanityStats = append(vanityStats, string(v.Kind))
678
}
679
680
+
ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Did, "self")
681
var cid *string
682
if ex != nil {
683
cid = ex.Cid
···
685
686
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
687
Collection: tangled.ActorProfileNSID,
688
+
Repo: user.Did,
689
Rkey: "self",
690
Record: &lexutil.LexiconTypeDecoder{
691
Val: &tangled.ActorProfile{
···
714
715
s.notifier.UpdateProfile(r.Context(), profile)
716
717
+
s.pages.HxRedirect(w, "/"+user.Did)
718
}
719
720
func (s *State) EditBioFragment(w http.ResponseWriter, r *http.Request) {
721
user := s.oauth.GetMultiAccountUser(r)
722
723
+
profile, err := db.GetProfile(s.db, user.Did)
724
if err != nil {
725
+
log.Printf("getting profile data for %s: %s", user.Did, err)
726
}
727
if profile == nil {
728
+
profile = &models.Profile{Did: user.Did}
729
}
730
731
s.pages.EditBioFragment(w, pages.EditBioParams{
···
737
func (s *State) EditPinsFragment(w http.ResponseWriter, r *http.Request) {
738
user := s.oauth.GetMultiAccountUser(r)
739
740
+
profile, err := db.GetProfile(s.db, user.Did)
741
if err != nil {
742
+
log.Printf("getting profile data for %s: %s", user.Did, err)
743
}
744
if profile == nil {
745
+
profile = &models.Profile{Did: user.Did}
746
}
747
748
+
repos, err := db.GetRepos(s.db, 0, orm.FilterEq("did", user.Did))
749
if err != nil {
750
+
log.Printf("getting repos for %s: %s", user.Did, err)
751
}
752
753
+
collaboratingRepos, err := db.CollaboratingIn(s.db, user.Did)
754
if err != nil {
755
+
log.Printf("getting collaborating repos for %s: %s", user.Did, err)
756
}
757
758
allRepos := []pages.PinnedRepo{}
···
782
func (s *State) UploadProfileAvatar(w http.ResponseWriter, r *http.Request) {
783
l := s.logger.With("handler", "UploadProfileAvatar")
784
user := s.oauth.GetMultiAccountUser(r)
785
+
l = l.With("did", user.Did)
786
787
// Parse multipart form (10MB max)
788
if err := r.ParseMultipartForm(10 << 20); err != nil {
···
829
l.Info("uploaded avatar blob", "cid", uploadBlobResp.Blob.Ref.String())
830
831
// get current profile record from PDS to get its CID for swap
832
+
getRecordResp, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Did, "self")
833
if err != nil {
834
l.Error("failed to get current profile record", "err", err)
835
s.pages.Notice(w, "avatar-error", "Failed to get current profile from your PDS")
···
853
854
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
855
Collection: tangled.ActorProfileNSID,
856
+
Repo: user.Did,
857
Rkey: "self",
858
Record: &lexutil.LexiconTypeDecoder{Val: profileRecord},
859
SwapRecord: getRecordResp.Cid,
···
867
868
l.Info("successfully updated profile with avatar")
869
870
+
profile, err := db.GetProfile(s.db, user.Did)
871
if err != nil {
872
l.Warn("getting profile data from DB", "err", err)
873
}
874
if profile == nil {
875
+
profile = &models.Profile{Did: user.Did}
876
}
877
profile.Avatar = uploadBlobResp.Blob.Ref.String()
878
···
898
func (s *State) RemoveProfileAvatar(w http.ResponseWriter, r *http.Request) {
899
l := s.logger.With("handler", "RemoveProfileAvatar")
900
user := s.oauth.GetMultiAccountUser(r)
901
+
l = l.With("did", user.Did)
902
903
client, err := s.oauth.AuthorizedClient(r)
904
if err != nil {
···
907
return
908
}
909
910
+
getRecordResp, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Did, "self")
911
if err != nil {
912
l.Error("failed to get current profile record", "err", err)
913
s.pages.Notice(w, "avatar-error", "Failed to get current profile from your PDS")
···
931
932
_, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
933
Collection: tangled.ActorProfileNSID,
934
+
Repo: user.Did,
935
Rkey: "self",
936
Record: &lexutil.LexiconTypeDecoder{Val: profileRecord},
937
SwapRecord: getRecordResp.Cid,
···
945
946
l.Info("successfully removed avatar from PDS")
947
948
+
profile, err := db.GetProfile(s.db, user.Did)
949
if err != nil {
950
l.Warn("getting profile data from DB", "err", err)
951
}
952
if profile == nil {
953
+
profile = &models.Profile{Did: user.Did}
954
}
955
profile.Avatar = ""
956
···
991
hideOthers = true
992
}
993
994
+
err = db.UpsertPunchcardPreference(s.db, user.Did, hideMine, hideOthers)
995
if err != nil {
996
log.Println("failed to update punchcard preferences", err)
997
return
+6
-6
appview/state/reaction.go
+6
-6
appview/state/reaction.go
···
49
rkey := tid.TID()
50
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
51
Collection: tangled.FeedReactionNSID,
52
-
Repo: currentUser.Active.Did,
53
Rkey: rkey,
54
Record: &lexutil.LexiconTypeDecoder{
55
Val: &tangled.FeedReaction{
···
64
return
65
}
66
67
-
err = db.AddReaction(s.db, currentUser.Active.Did, subjectUri, reactionKind, rkey)
68
if err != nil {
69
log.Println("failed to react", err)
70
return
···
87
88
return
89
case http.MethodDelete:
90
-
reaction, err := db.GetReaction(s.db, currentUser.Active.Did, subjectUri, reactionKind)
91
if err != nil {
92
-
log.Println("failed to get reaction relationship for", currentUser.Active.Did, subjectUri)
93
return
94
}
95
96
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
97
Collection: tangled.FeedReactionNSID,
98
-
Repo: currentUser.Active.Did,
99
Rkey: reaction.Rkey,
100
})
101
···
104
return
105
}
106
107
-
err = db.DeleteReactionByRkey(s.db, currentUser.Active.Did, reaction.Rkey)
108
if err != nil {
109
log.Println("failed to delete reaction from DB")
110
// this is not an issue, the firehose event might have already done this
···
49
rkey := tid.TID()
50
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
51
Collection: tangled.FeedReactionNSID,
52
+
Repo: currentUser.Did,
53
Rkey: rkey,
54
Record: &lexutil.LexiconTypeDecoder{
55
Val: &tangled.FeedReaction{
···
64
return
65
}
66
67
+
err = db.AddReaction(s.db, currentUser.Did, subjectUri, reactionKind, rkey)
68
if err != nil {
69
log.Println("failed to react", err)
70
return
···
87
88
return
89
case http.MethodDelete:
90
+
reaction, err := db.GetReaction(s.db, currentUser.Did, subjectUri, reactionKind)
91
if err != nil {
92
+
log.Println("failed to get reaction relationship for", currentUser.Did, subjectUri)
93
return
94
}
95
96
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
97
Collection: tangled.FeedReactionNSID,
98
+
Repo: currentUser.Did,
99
Rkey: reaction.Rkey,
100
})
101
···
104
return
105
}
106
107
+
err = db.DeleteReactionByRkey(s.db, currentUser.Did, reaction.Rkey)
108
if err != nil {
109
log.Println("failed to delete reaction from DB")
110
// this is not an issue, the firehose event might have already done this
+5
-5
appview/state/star.go
+5
-5
appview/state/star.go
···
42
rkey := tid.TID()
43
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
44
Collection: tangled.FeedStarNSID,
45
-
Repo: currentUser.Active.Did,
46
Rkey: rkey,
47
Record: &lexutil.LexiconTypeDecoder{
48
Val: &tangled.FeedStar{
···
57
log.Println("created atproto record: ", resp.Uri)
58
59
star := &models.Star{
60
-
Did: currentUser.Active.Did,
61
RepoAt: subjectUri,
62
Rkey: rkey,
63
}
···
84
return
85
case http.MethodDelete:
86
// find the record in the db
87
-
star, err := db.GetStar(s.db, currentUser.Active.Did, subjectUri)
88
if err != nil {
89
log.Println("failed to get star relationship")
90
return
···
92
93
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
94
Collection: tangled.FeedStarNSID,
95
-
Repo: currentUser.Active.Did,
96
Rkey: star.Rkey,
97
})
98
···
101
return
102
}
103
104
-
err = db.DeleteStarByRkey(s.db, currentUser.Active.Did, star.Rkey)
105
if err != nil {
106
log.Println("failed to delete star from DB")
107
// this is not an issue, the firehose event might have already done this
···
42
rkey := tid.TID()
43
resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{
44
Collection: tangled.FeedStarNSID,
45
+
Repo: currentUser.Did,
46
Rkey: rkey,
47
Record: &lexutil.LexiconTypeDecoder{
48
Val: &tangled.FeedStar{
···
57
log.Println("created atproto record: ", resp.Uri)
58
59
star := &models.Star{
60
+
Did: currentUser.Did,
61
RepoAt: subjectUri,
62
Rkey: rkey,
63
}
···
84
return
85
case http.MethodDelete:
86
// find the record in the db
87
+
star, err := db.GetStar(s.db, currentUser.Did, subjectUri)
88
if err != nil {
89
log.Println("failed to get star relationship")
90
return
···
92
93
_, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{
94
Collection: tangled.FeedStarNSID,
95
+
Repo: currentUser.Did,
96
Rkey: star.Rkey,
97
})
98
···
101
return
102
}
103
104
+
err = db.DeleteStarByRkey(s.db, currentUser.Did, star.Rkey)
105
if err != nil {
106
log.Println("failed to delete star from DB")
107
// this is not an issue, the firehose event might have already done this
+12
-12
appview/state/state.go
+12
-12
appview/state/state.go
···
259
}
260
261
l := s.logger.With("handler", "UpgradeBanner")
262
-
l = l.With("did", user.Active.Did)
263
264
regs, err := db.GetRegistrations(
265
s.db,
266
-
orm.FilterEq("did", user.Active.Did),
267
orm.FilterEq("needs_upgrade", 1),
268
)
269
if err != nil {
···
272
273
spindles, err := db.GetSpindles(
274
s.db,
275
-
orm.FilterEq("owner", user.Active.Did),
276
orm.FilterEq("needs_upgrade", 1),
277
)
278
if err != nil {
···
362
switch r.Method {
363
case http.MethodGet:
364
user := s.oauth.GetMultiAccountUser(r)
365
-
knots, err := s.enforcer.GetKnotsForUser(user.Active.Did)
366
if err != nil {
367
s.pages.Notice(w, "repo", "Invalid user account.")
368
return
···
377
l := s.logger.With("handler", "NewRepo")
378
379
user := s.oauth.GetMultiAccountUser(r)
380
-
l = l.With("did", user.Active.Did)
381
382
// form validation
383
domain := r.FormValue("domain")
···
413
}
414
415
// ACL validation
416
-
ok, err := s.enforcer.E.Enforce(user.Active.Did, domain, domain, "repo:create")
417
if err != nil || !ok {
418
l.Info("unauthorized")
419
s.pages.Notice(w, "repo", "You do not have permission to create a repo in this knot.")
···
423
// Check for existing repos
424
existingRepo, err := db.GetRepo(
425
s.db,
426
-
orm.FilterEq("did", user.Active.Did),
427
orm.FilterEq("name", repoName),
428
)
429
if err == nil && existingRepo != nil {
···
435
// create atproto record for this repo
436
rkey := tid.TID()
437
repo := &models.Repo{
438
-
Did: user.Active.Did,
439
Name: repoName,
440
Knot: domain,
441
Rkey: rkey,
···
454
455
atresp, err := comatproto.RepoPutRecord(r.Context(), atpClient, &comatproto.RepoPutRecord_Input{
456
Collection: tangled.RepoNSID,
457
-
Repo: user.Active.Did,
458
Rkey: rkey,
459
Record: &lexutil.LexiconTypeDecoder{
460
Val: &record,
···
531
}
532
533
// acls
534
-
p, _ := securejoin.SecureJoin(user.Active.Did, repoName)
535
-
err = s.enforcer.AddRepo(user.Active.Did, domain, p)
536
if err != nil {
537
l.Error("acl setup failed", "err", err)
538
s.pages.Notice(w, "repo", "Failed to set up repository permissions.")
···
557
aturi = ""
558
559
s.notifier.NewRepo(r.Context(), repo)
560
-
s.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Active.Did, repoName))
561
}
562
}
563
···
259
}
260
261
l := s.logger.With("handler", "UpgradeBanner")
262
+
l = l.With("did", user.Did)
263
264
regs, err := db.GetRegistrations(
265
s.db,
266
+
orm.FilterEq("did", user.Did),
267
orm.FilterEq("needs_upgrade", 1),
268
)
269
if err != nil {
···
272
273
spindles, err := db.GetSpindles(
274
s.db,
275
+
orm.FilterEq("owner", user.Did),
276
orm.FilterEq("needs_upgrade", 1),
277
)
278
if err != nil {
···
362
switch r.Method {
363
case http.MethodGet:
364
user := s.oauth.GetMultiAccountUser(r)
365
+
knots, err := s.enforcer.GetKnotsForUser(user.Did)
366
if err != nil {
367
s.pages.Notice(w, "repo", "Invalid user account.")
368
return
···
377
l := s.logger.With("handler", "NewRepo")
378
379
user := s.oauth.GetMultiAccountUser(r)
380
+
l = l.With("did", user.Did)
381
382
// form validation
383
domain := r.FormValue("domain")
···
413
}
414
415
// ACL validation
416
+
ok, err := s.enforcer.E.Enforce(user.Did, domain, domain, "repo:create")
417
if err != nil || !ok {
418
l.Info("unauthorized")
419
s.pages.Notice(w, "repo", "You do not have permission to create a repo in this knot.")
···
423
// Check for existing repos
424
existingRepo, err := db.GetRepo(
425
s.db,
426
+
orm.FilterEq("did", user.Did),
427
orm.FilterEq("name", repoName),
428
)
429
if err == nil && existingRepo != nil {
···
435
// create atproto record for this repo
436
rkey := tid.TID()
437
repo := &models.Repo{
438
+
Did: user.Did,
439
Name: repoName,
440
Knot: domain,
441
Rkey: rkey,
···
454
455
atresp, err := comatproto.RepoPutRecord(r.Context(), atpClient, &comatproto.RepoPutRecord_Input{
456
Collection: tangled.RepoNSID,
457
+
Repo: user.Did,
458
Rkey: rkey,
459
Record: &lexutil.LexiconTypeDecoder{
460
Val: &record,
···
531
}
532
533
// acls
534
+
p, _ := securejoin.SecureJoin(user.Did, repoName)
535
+
err = s.enforcer.AddRepo(user.Did, domain, p)
536
if err != nil {
537
l.Error("acl setup failed", "err", err)
538
s.pages.Notice(w, "repo", "Failed to set up repository permissions.")
···
557
aturi = ""
558
559
s.notifier.NewRepo(r.Context(), repo)
560
+
s.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Did, repoName))
561
}
562
}
563
+1
-1
appview/state/timeline.go
+1
-1
appview/state/timeline.go
+12
-12
appview/strings/strings.go
+12
-12
appview/strings/strings.go
···
156
user := s.OAuth.GetMultiAccountUser(r)
157
isStarred := false
158
if user != nil {
159
-
isStarred = db.GetStarStatus(s.Db, user.Active.Did, string.AtUri())
160
}
161
162
s.Pages.SingleString(w, pages.SingleStringParams{
···
216
first := all[0]
217
218
// verify that the logged in user owns this string
219
-
if user.Active.Did != id.DID.String() {
220
-
l.Error("unauthorized request", "expected", id.DID, "got", user.Active.Did)
221
w.WriteHeader(http.StatusUnauthorized)
222
return
223
}
···
299
s.Notifier.EditString(r.Context(), &entry)
300
301
// if that went okay, redir to the string
302
-
s.Pages.HxRedirect(w, "/strings/"+user.Active.Did+"/"+entry.Rkey)
303
}
304
305
}
···
335
description := r.FormValue("description")
336
337
string := models.String{
338
-
Did: syntax.DID(user.Active.Did),
339
Rkey: tid.TID(),
340
Filename: filename,
341
Description: description,
···
353
354
resp, err := comatproto.RepoPutRecord(r.Context(), client, &atproto.RepoPutRecord_Input{
355
Collection: tangled.StringNSID,
356
-
Repo: user.Active.Did,
357
Rkey: string.Rkey,
358
Record: &lexutil.LexiconTypeDecoder{
359
Val: &record,
···
375
s.Notifier.NewString(r.Context(), &string)
376
377
// successful
378
-
s.Pages.HxRedirect(w, "/strings/"+user.Active.Did+"/"+string.Rkey)
379
}
380
}
381
···
402
return
403
}
404
405
-
if user.Active.Did != id.DID.String() {
406
-
fail("You cannot delete this string", fmt.Errorf("unauthorized deletion, %s != %s", user.Active.Did, id.DID.String()))
407
return
408
}
409
410
if err := db.DeleteString(
411
s.Db,
412
-
orm.FilterEq("did", user.Active.Did),
413
orm.FilterEq("rkey", rkey),
414
); err != nil {
415
fail("Failed to delete string.", err)
416
return
417
}
418
419
-
s.Notifier.DeleteString(r.Context(), user.Active.Did, rkey)
420
421
-
s.Pages.HxRedirect(w, "/strings/"+user.Active.Did)
422
}
423
424
func (s *Strings) comment(w http.ResponseWriter, r *http.Request) {
···
156
user := s.OAuth.GetMultiAccountUser(r)
157
isStarred := false
158
if user != nil {
159
+
isStarred = db.GetStarStatus(s.Db, user.Did, string.AtUri())
160
}
161
162
s.Pages.SingleString(w, pages.SingleStringParams{
···
216
first := all[0]
217
218
// verify that the logged in user owns this string
219
+
if user.Did != id.DID.String() {
220
+
l.Error("unauthorized request", "expected", id.DID, "got", user.Did)
221
w.WriteHeader(http.StatusUnauthorized)
222
return
223
}
···
299
s.Notifier.EditString(r.Context(), &entry)
300
301
// if that went okay, redir to the string
302
+
s.Pages.HxRedirect(w, "/strings/"+user.Did+"/"+entry.Rkey)
303
}
304
305
}
···
335
description := r.FormValue("description")
336
337
string := models.String{
338
+
Did: syntax.DID(user.Did),
339
Rkey: tid.TID(),
340
Filename: filename,
341
Description: description,
···
353
354
resp, err := comatproto.RepoPutRecord(r.Context(), client, &atproto.RepoPutRecord_Input{
355
Collection: tangled.StringNSID,
356
+
Repo: user.Did,
357
Rkey: string.Rkey,
358
Record: &lexutil.LexiconTypeDecoder{
359
Val: &record,
···
375
s.Notifier.NewString(r.Context(), &string)
376
377
// successful
378
+
s.Pages.HxRedirect(w, "/strings/"+user.Did+"/"+string.Rkey)
379
}
380
}
381
···
402
return
403
}
404
405
+
if user.Did != id.DID.String() {
406
+
fail("You cannot delete this string", fmt.Errorf("unauthorized deletion, %s != %s", user.Did, id.DID.String()))
407
return
408
}
409
410
if err := db.DeleteString(
411
s.Db,
412
+
orm.FilterEq("did", user.Did),
413
orm.FilterEq("rkey", rkey),
414
); err != nil {
415
fail("Failed to delete string.", err)
416
return
417
}
418
419
+
s.Notifier.DeleteString(r.Context(), user.Did, rkey)
420
421
+
s.Pages.HxRedirect(w, "/strings/"+user.Did)
422
}
423
424
func (s *Strings) comment(w http.ResponseWriter, r *http.Request) {