diff --git a/server/apiLinstrom.go b/server/apiLinstrom.go index 353b264..80771ab 100644 --- a/server/apiLinstrom.go +++ b/server/apiLinstrom.go @@ -40,8 +40,18 @@ func setupLinstromApiV1Router() http.Handler { // Accounts // Creating a new account happens either during fetch of a remote one or during registration with a passkey router.HandleFunc("GET /accounts/{accountId}", linstromGetAccount) - router.HandleFunc("PATCH /accounts/{accountId}", linstromUpdateAccount) - router.HandleFunc("DELETE /accounts/{accountId}", linstromDeleteAccount) + // Technically also requires authenticated account to also be owner or correct admin perms, + // but that's annoying to handle in a general sense. So leaving that to the function + router.HandleFunc( + "PATCH /accounts/{accountId}", + requireValidSessionMiddleware(linstromUpdateAccount), + ) + // Technically also requires authenticated account to also be owner or correct admin perms, + // but that's annoying to handle in a general sense. So leaving that to the function + router.HandleFunc( + "DELETE /accounts/{accountId}", + requireValidSessionMiddleware(linstromDeleteAccount), + ) // Follow router.HandleFunc("GET /accounts/{accountId}/follow", linstromIsFollowingAccount) router.HandleFunc("POST /accounts/{accountId}/follow", linstromFollowAccount) diff --git a/server/apiLinstromAccounts.go b/server/apiLinstromAccounts.go index 429a92f..9852b16 100644 --- a/server/apiLinstromAccounts.go +++ b/server/apiLinstromAccounts.go @@ -6,6 +6,7 @@ import ( "github.com/google/jsonapi" "github.com/rs/zerolog/hlog" "gitlab.com/mstarongitlab/goutils/other" + "gitlab.com/mstarongitlab/goutils/sliceutils" "gitlab.com/mstarongitlab/linstrom/storage" ) @@ -14,6 +15,7 @@ import ( func linstromGetAccount(w http.ResponseWriter, r *http.Request) { store := StorageFromRequest(r) log := hlog.FromRequest(r) + accId := AccountIdFromRequest(r) acc, err := store.FindAccountById(accId) switch err { @@ -32,7 +34,30 @@ func linstromGetAccount(w http.ResponseWriter, r *http.Request) { ) return } - // TODO: Check if caller is actually allowed to view the account requested. + actorId, ok := r.Context().Value(ContextKeyActorId).(string) + if ok { + // Logged in user is accessing account, check if target account has them blocked + roles, err := store.FindRolesByNames(acc.Roles) + if err != nil { + log.Error(). + Err(err). + Strs("role-names", acc.Roles). + Msg("Failed to get roles from storage") + other.HttpErr( + w, + HttpErrIdDbFailure, + "Failed to get roles of target account", + http.StatusInternalServerError, + ) + return + } + collapsedRole := storage.CollapseRolesIntoOne(roles...) + if sliceutils.Contains(collapsedRole.BlockedUsers, actorId) { + // Actor account is in list of blocked accounts, deny access + other.HttpErr(w, HttpErrIdNotAuthenticated, "Access forbidden", http.StatusForbidden) + return + } + } outAccount, err := convertAccountStorageToLinstrom(acc, store) if err != nil { @@ -53,7 +78,10 @@ func linstromGetAccount(w http.ResponseWriter, r *http.Request) { } } -func linstromUpdateAccount(w http.ResponseWriter, r *http.Request) {} +func linstromUpdateAccount(w http.ResponseWriter, r *http.Request) { + store := StorageFromRequest(r) + log := hlog.FromRequest(r) +} func linstromDeleteAccount(w http.ResponseWriter, r *http.Request) {} func linstromIsFollowingAccount(w http.ResponseWriter, r *http.Request) {} diff --git a/server/middlewares.go b/server/middlewares.go index d40f26d..5e594b7 100644 --- a/server/middlewares.go +++ b/server/middlewares.go @@ -11,6 +11,7 @@ import ( "github.com/rs/zerolog/log" "gitlab.com/mstarongitlab/goutils/other" "gitlab.com/mstarongitlab/linstrom/config" + "gitlab.com/mstarongitlab/linstrom/storage" ) type HandlerBuilder func(http.Handler) http.Handler @@ -152,3 +153,78 @@ func checkSessionMiddleware(handler http.Handler) http.Handler { ) }) } + +func requireValidSessionMiddleware( + h func(http.ResponseWriter, *http.Request), +) func(http.ResponseWriter, *http.Request) { + return func(w http.ResponseWriter, r *http.Request) { + _, ok := r.Context().Value(ContextKeyActorId).(string) + if !ok { + other.HttpErr( + w, + HttpErrIdNotAuthenticated, + "Not authenticated", + http.StatusUnauthorized, + ) + return + } + h(w, r) + } +} + +func buildRequirePermissionsMiddleware(permissionRole *storage.Role) HandlerBuilder { + return func(h http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + accId, ok := r.Context().Value(ContextKeyActorId).(string) + if !ok { + other.HttpErr( + w, + HttpErrIdNotAuthenticated, + "Not authenticated", + http.StatusUnauthorized, + ) + return + } + store := StorageFromRequest(r) + log := hlog.FromRequest(r) + acc, err := store.FindAccountById(accId) + // Assumption: If this handler is hit, the middleware for checking if a session exists at all has already passed + // and thus a valid account id must exist in the context + if err != nil { + log.Error(). + Err(err). + Str("account-id", accId). + Msg("Error while getting account from session") + other.HttpErr( + w, + HttpErrIdDbFailure, + "Error while getting account from session", + http.StatusInternalServerError, + ) + return + } + roles, err := store.FindRolesByNames(acc.Roles) + // Assumption: There will always be at least two roles per user, default user and user-specific one + if err != nil { + other.HttpErr( + w, + HttpErrIdDbFailure, + "Failed to get roles for account", + http.StatusInternalServerError, + ) + return + } + collapsedRole := storage.CollapseRolesIntoOne(roles...) + if !storage.CompareRoles(&collapsedRole, permissionRole) { + other.HttpErr( + w, + HttpErrIdNotAuthenticated, + "Insufficient permisions", + http.StatusForbidden, + ) + return + } + h.ServeHTTP(w, r) + }) + } +} diff --git a/server/server.go b/server/server.go index 5811a5e..58151c1 100644 --- a/server/server.go +++ b/server/server.go @@ -38,7 +38,7 @@ func buildRootHandler(pkey *passkey.Passkey, reactiveFS, staticFS fs.FS) http.Ha mux.Handle("/", setupFrontendRouter(reactiveFS, staticFS)) mux.Handle("/pk/", http.StripPrefix("/pk", http.FileServer(http.Dir("pk-auth")))) mux.HandleFunc("/alive", isAliveHandler) - mux.Handle("/api/", http.StripPrefix("/api", setupApiRouter())) + mux.Handle("/api/", http.StripPrefix("/api", checkSessionMiddleware(setupApiRouter()))) mux.Handle( "/profiling/", diff --git a/storage/remoteServerInfo.go b/storage/remoteServerInfo.go index 8379f2e..18b10e7 100644 --- a/storage/remoteServerInfo.go +++ b/storage/remoteServerInfo.go @@ -87,7 +87,7 @@ func (s *Storage) UpdateRemoteServer(url string, displayName, icon *string) (*Re if displayName == nil && icon == nil { return nil, ErrNothingToChange } - server, err := s.FindRemoteServer(url) + server, err := s.FindRemoteServerByDomain(url) if err != nil { return nil, err } diff --git a/storage/roles.go b/storage/roles.go index 4458a07..172c45d 100644 --- a/storage/roles.go +++ b/storage/roles.go @@ -39,30 +39,31 @@ type Role struct { IsBuiltIn bool // --- User permissions --- - CanSendMedia *bool - CanSendCustomEmotes *bool - CanSendCustomReactions *bool - CanSendPublicNotes *bool - CanSendLocalNotes *bool - CanSendFollowerOnlyNotes *bool - CanSendPrivateNotes *bool - CanSendReplies *bool - CanQuote *bool - CanBoost *bool - CanIncludeLinks *bool - CanIncludeSurvey *bool - CanFederateFedi *bool - CanFederateBsky *bool + CanSendMedia *bool // Local & remote + CanSendCustomEmotes *bool // Local & remote + CanSendCustomReactions *bool // Local & remote + CanSendPublicNotes *bool // Local & remote + CanSendLocalNotes *bool // Local & remote + CanSendFollowerOnlyNotes *bool // Local & remote + CanSendPrivateNotes *bool // Local & remote + CanSendReplies *bool // Local & remote + CanQuote *bool // Local only + CanBoost *bool // Local only + CanIncludeLinks *bool // Local & remote + CanIncludeSurvey *bool // Local + CanFederateFedi *bool // Local & remote + CanFederateBsky *bool // Local - CanChangeDisplayName *bool + CanChangeDisplayName *bool // Local - BlockedUsers []string `gorm:"type:bytes;serializer:gob"` - CanSubmitReports *bool - CanLogin *bool + // Internal ids of accounts blocked by this role + BlockedUsers []string `gorm:"type:bytes;serializer:gob"` // Local + CanSubmitReports *bool // Local & remote + CanLogin *bool // Local - CanMentionOthers *bool - HasMentionCountLimit *bool - MentionLimit *uint32 + CanMentionOthers *bool // Local & remote + HasMentionCountLimit *bool // Local & remote + MentionLimit *uint32 // Local & remote // CanViewBoosts *bool // CanViewQuotes *bool @@ -70,39 +71,39 @@ type Role struct { // CanViewCustomEmotes *bool // --- Automod --- - AutoNsfwMedia *bool - AutoCwPosts *bool - AutoCwPostsText *string - ScanCreatedPublicNotes *bool - ScanCreatedLocalNotes *bool - ScanCreatedFollowerOnlyNotes *bool - ScanCreatedPrivateNotes *bool + AutoNsfwMedia *bool // Local & remote + AutoCwPosts *bool // Local & remote + AutoCwPostsText *string // Local & remote + ScanCreatedPublicNotes *bool // Local & remote + ScanCreatedLocalNotes *bool // Local & remote + ScanCreatedFollowerOnlyNotes *bool // Local & remote + ScanCreatedPrivateNotes *bool // Local & remote // Blocks all interactions and federation between users with the role and all included ids/handles // TODO: Decide whether this is a list of handles or of account ids // Handles would increase the load due to having to search for them first // while ids would require to store every single account mentioned // which could cause escalating storage costs - DisallowInteractionsWith []string `gorm:"type:bytes;serializer:gob"` + DisallowInteractionsWith []string `gorm:"type:bytes;serializer:gob"` // Local & remote - WithholdNotesForManualApproval *bool - WithholdNotesBasedOnRegex *bool - WithholdNotesRegexes []string `gorm:"type:bytes;serializer:gob"` + WithholdNotesForManualApproval *bool // Local & remote + WithholdNotesBasedOnRegex *bool // Local & remote + WithholdNotesRegexes []string `gorm:"type:bytes;serializer:gob"` // Local & remote // --- Admin perms --- // If set, counts as all permissions being set as given and all restrictions being disabled - FullAdmin *bool - CanAffectOtherAdmins *bool - CanDeleteNotes *bool - CanConfirmWithheldNotes *bool - CanAssignRoles *bool - CanSupressInteractionsBetweenUsers *bool - CanOverwriteDisplayNames *bool - CanManageCustomEmotes *bool - CanViewDeletedNotes *bool - CanRecoverDeletedNotes *bool - CanManageAvatarDecorations *bool - CanManageAds *bool - CanSendAnnouncements *bool + FullAdmin *bool // Local + CanAffectOtherAdmins *bool // Local + CanDeleteNotes *bool // Local + CanConfirmWithheldNotes *bool // Local + CanAssignRoles *bool // Local + CanSupressInteractionsBetweenUsers *bool // Local + CanOverwriteDisplayNames *bool // Local + CanManageCustomEmotes *bool // Local + CanViewDeletedNotes *bool // Local + CanRecoverDeletedNotes *bool // Local + CanManageAvatarDecorations *bool // Local + CanManageAds *bool // Local + CanSendAnnouncements *bool // Local } /* @@ -169,7 +170,8 @@ func (s *Storage) NewEmptyRole(name string) (*Role, error) { return nil, err } - newRole := Role{Name: name} + // New roles have a priority of 1 by default + newRole := Role{Name: name, Priority: 1} err = s.db.Create(&newRole).Error if err != nil { return nil, err @@ -189,3 +191,16 @@ func (s *Storage) FindRoleByName(name string) (*Role, error) { return nil, err } } + +func (s *Storage) FindRolesByNames(names []string) ([]Role, error) { + roles := []Role{} + err := s.db.Where("name IN ?", names).Find(&roles).Error + switch err { + case nil: + return roles, nil + case gorm.ErrRecordNotFound: + return nil, ErrEntryNotFound + default: + return nil, err + } +} diff --git a/storage/rolesUtil_generated.go b/storage/rolesUtil_generated.go index 7d20868..f73708b 100644 --- a/storage/rolesUtil_generated.go +++ b/storage/rolesUtil_generated.go @@ -4,215 +4,274 @@ package storage import ( "slices" - "gitlab.com/mstarongitlab/goutils/sliceutils") + "gitlab.com/mstarongitlab/goutils/sliceutils" +) -func CollapseRolesIntoOne(roles ...*Role) Role { - startingRole := RoleDeepCopy(&DefaultUserRole) - slices.SortFunc(roles, func(a, b *Role) int { return int(int64(a.Priority)-int64(b.Priority)) }) +func CollapseRolesIntoOne(roles ...Role) Role { + startingRole := RoleDeepCopy(DefaultUserRole) + slices.SortFunc(roles, func(a, b Role) int { return int(int64(a.Priority)-int64(b.Priority)) }) for _, role := range roles { - if role.CanManageAvatarDecorations != nil { - *startingRole.CanManageAvatarDecorations = *role.CanManageAvatarDecorations - } - if role.BlockedUsers != nil { - startingRole.BlockedUsers = append(startingRole.BlockedUsers, role.BlockedUsers...) - } - if role.FullAdmin != nil { - *startingRole.FullAdmin = *role.FullAdmin - } - if role.CanAssignRoles != nil { - *startingRole.CanAssignRoles = *role.CanAssignRoles - } - if role.CanManageCustomEmotes != nil { - *startingRole.CanManageCustomEmotes = *role.CanManageCustomEmotes - } if role.CanViewDeletedNotes != nil { *startingRole.CanViewDeletedNotes = *role.CanViewDeletedNotes } - if role.CanSendPublicNotes != nil { - *startingRole.CanSendPublicNotes = *role.CanSendPublicNotes - } - if role.CanMentionOthers != nil { - *startingRole.CanMentionOthers = *role.CanMentionOthers - } - if role.ScanCreatedPublicNotes != nil { - *startingRole.ScanCreatedPublicNotes = *role.ScanCreatedPublicNotes - } - if role.CanRecoverDeletedNotes != nil { - *startingRole.CanRecoverDeletedNotes = *role.CanRecoverDeletedNotes - } - if role.CanSendAnnouncements != nil { - *startingRole.CanSendAnnouncements = *role.CanSendAnnouncements - } - if role.AutoCwPostsText != nil { - *startingRole.AutoCwPostsText = *role.AutoCwPostsText - } - if role.WithholdNotesRegexes != nil { - startingRole.WithholdNotesRegexes = append(startingRole.WithholdNotesRegexes, role.WithholdNotesRegexes...) - } - if role.CanSendFollowerOnlyNotes != nil { - *startingRole.CanSendFollowerOnlyNotes = *role.CanSendFollowerOnlyNotes - } if role.CanSendPrivateNotes != nil { *startingRole.CanSendPrivateNotes = *role.CanSendPrivateNotes } if role.CanBoost != nil { *startingRole.CanBoost = *role.CanBoost } - if role.CanFederateFedi != nil { - *startingRole.CanFederateFedi = *role.CanFederateFedi + if role.BlockedUsers != nil { + startingRole.BlockedUsers = append(startingRole.BlockedUsers, role.BlockedUsers...) } - if role.CanLogin != nil { - *startingRole.CanLogin = *role.CanLogin - } - if role.AutoNsfwMedia != nil { - *startingRole.AutoNsfwMedia = *role.AutoNsfwMedia - } - if role.WithholdNotesBasedOnRegex != nil { - *startingRole.WithholdNotesBasedOnRegex = *role.WithholdNotesBasedOnRegex - } - if role.CanAffectOtherAdmins != nil { - *startingRole.CanAffectOtherAdmins = *role.CanAffectOtherAdmins - } - if role.CanSendCustomReactions != nil { - *startingRole.CanSendCustomReactions = *role.CanSendCustomReactions - } - if role.CanIncludeLinks != nil { - *startingRole.CanIncludeLinks = *role.CanIncludeLinks - } - if role.CanIncludeSurvey != nil { - *startingRole.CanIncludeSurvey = *role.CanIncludeSurvey - } - if role.CanFederateBsky != nil { - *startingRole.CanFederateBsky = *role.CanFederateBsky - } - if role.CanChangeDisplayName != nil { - *startingRole.CanChangeDisplayName = *role.CanChangeDisplayName - } - if role.CanConfirmWithheldNotes != nil { - *startingRole.CanConfirmWithheldNotes = *role.CanConfirmWithheldNotes - } - if role.CanOverwriteDisplayNames != nil { - *startingRole.CanOverwriteDisplayNames = *role.CanOverwriteDisplayNames - } - if role.CanDeleteNotes != nil { - *startingRole.CanDeleteNotes = *role.CanDeleteNotes - } - if role.CanManageAds != nil { - *startingRole.CanManageAds = *role.CanManageAds - } - if role.CanSendMedia != nil { - *startingRole.CanSendMedia = *role.CanSendMedia - } - if role.CanSendReplies != nil { - *startingRole.CanSendReplies = *role.CanSendReplies - } - if role.HasMentionCountLimit != nil { - *startingRole.HasMentionCountLimit = *role.HasMentionCountLimit - } - if role.DisallowInteractionsWith != nil { - startingRole.DisallowInteractionsWith = append(startingRole.DisallowInteractionsWith, role.DisallowInteractionsWith...) - } - if role.WithholdNotesForManualApproval != nil { - *startingRole.WithholdNotesForManualApproval = *role.WithholdNotesForManualApproval - } - if role.CanSendLocalNotes != nil { - *startingRole.CanSendLocalNotes = *role.CanSendLocalNotes - } - if role.CanQuote != nil { - *startingRole.CanQuote = *role.CanQuote - } - if role.MentionLimit != nil { - *startingRole.MentionLimit = *role.MentionLimit - } - if role.CanSubmitReports != nil { - *startingRole.CanSubmitReports = *role.CanSubmitReports - } - if role.AutoCwPosts != nil { - *startingRole.AutoCwPosts = *role.AutoCwPosts + if role.WithholdNotesRegexes != nil { + startingRole.WithholdNotesRegexes = append(startingRole.WithholdNotesRegexes, role.WithholdNotesRegexes...) } if role.CanSupressInteractionsBetweenUsers != nil { *startingRole.CanSupressInteractionsBetweenUsers = *role.CanSupressInteractionsBetweenUsers } + if role.CanManageCustomEmotes != nil { + *startingRole.CanManageCustomEmotes = *role.CanManageCustomEmotes + } + if role.CanQuote != nil { + *startingRole.CanQuote = *role.CanQuote + } + if role.CanFederateFedi != nil { + *startingRole.CanFederateFedi = *role.CanFederateFedi + } + if role.CanFederateBsky != nil { + *startingRole.CanFederateBsky = *role.CanFederateBsky + } + if role.CanSendLocalNotes != nil { + *startingRole.CanSendLocalNotes = *role.CanSendLocalNotes + } + if role.AutoCwPosts != nil { + *startingRole.AutoCwPosts = *role.AutoCwPosts + } + if role.DisallowInteractionsWith != nil { + startingRole.DisallowInteractionsWith = append(startingRole.DisallowInteractionsWith, role.DisallowInteractionsWith...) + } + if role.CanSendMedia != nil { + *startingRole.CanSendMedia = *role.CanSendMedia + } if role.CanSendCustomEmotes != nil { *startingRole.CanSendCustomEmotes = *role.CanSendCustomEmotes } + if role.CanSendCustomReactions != nil { + *startingRole.CanSendCustomReactions = *role.CanSendCustomReactions + } + if role.MentionLimit != nil { + *startingRole.MentionLimit = *role.MentionLimit + } + if role.AutoNsfwMedia != nil { + *startingRole.AutoNsfwMedia = *role.AutoNsfwMedia + } if role.ScanCreatedLocalNotes != nil { *startingRole.ScanCreatedLocalNotes = *role.ScanCreatedLocalNotes } - if role.ScanCreatedFollowerOnlyNotes != nil { - *startingRole.ScanCreatedFollowerOnlyNotes = *role.ScanCreatedFollowerOnlyNotes + if role.CanAffectOtherAdmins != nil { + *startingRole.CanAffectOtherAdmins = *role.CanAffectOtherAdmins + } + if role.CanRecoverDeletedNotes != nil { + *startingRole.CanRecoverDeletedNotes = *role.CanRecoverDeletedNotes + } + if role.CanSendPublicNotes != nil { + *startingRole.CanSendPublicNotes = *role.CanSendPublicNotes + } + if role.CanIncludeLinks != nil { + *startingRole.CanIncludeLinks = *role.CanIncludeLinks + } + if role.CanLogin != nil { + *startingRole.CanLogin = *role.CanLogin + } + if role.CanManageAvatarDecorations != nil { + *startingRole.CanManageAvatarDecorations = *role.CanManageAvatarDecorations } if role.ScanCreatedPrivateNotes != nil { *startingRole.ScanCreatedPrivateNotes = *role.ScanCreatedPrivateNotes } + if role.FullAdmin != nil { + *startingRole.FullAdmin = *role.FullAdmin + } + if role.CanOverwriteDisplayNames != nil { + *startingRole.CanOverwriteDisplayNames = *role.CanOverwriteDisplayNames + } + if role.CanSendFollowerOnlyNotes != nil { + *startingRole.CanSendFollowerOnlyNotes = *role.CanSendFollowerOnlyNotes + } + if role.CanChangeDisplayName != nil { + *startingRole.CanChangeDisplayName = *role.CanChangeDisplayName + } + if role.AutoCwPostsText != nil { + *startingRole.AutoCwPostsText = *role.AutoCwPostsText + } + if role.WithholdNotesForManualApproval != nil { + *startingRole.WithholdNotesForManualApproval = *role.WithholdNotesForManualApproval + } + if role.CanDeleteNotes != nil { + *startingRole.CanDeleteNotes = *role.CanDeleteNotes + } + if role.CanSubmitReports != nil { + *startingRole.CanSubmitReports = *role.CanSubmitReports + } + if role.HasMentionCountLimit != nil { + *startingRole.HasMentionCountLimit = *role.HasMentionCountLimit + } + if role.ScanCreatedFollowerOnlyNotes != nil { + *startingRole.ScanCreatedFollowerOnlyNotes = *role.ScanCreatedFollowerOnlyNotes + } + if role.CanSendAnnouncements != nil { + *startingRole.CanSendAnnouncements = *role.CanSendAnnouncements + } + if role.CanIncludeSurvey != nil { + *startingRole.CanIncludeSurvey = *role.CanIncludeSurvey + } + if role.ScanCreatedPublicNotes != nil { + *startingRole.ScanCreatedPublicNotes = *role.ScanCreatedPublicNotes + } + if role.WithholdNotesBasedOnRegex != nil { + *startingRole.WithholdNotesBasedOnRegex = *role.WithholdNotesBasedOnRegex + } + if role.CanAssignRoles != nil { + *startingRole.CanAssignRoles = *role.CanAssignRoles + } + if role.CanManageAds != nil { + *startingRole.CanManageAds = *role.CanManageAds + } + if role.CanSendReplies != nil { + *startingRole.CanSendReplies = *role.CanSendReplies + } + if role.CanMentionOthers != nil { + *startingRole.CanMentionOthers = *role.CanMentionOthers + } + if role.CanConfirmWithheldNotes != nil { + *startingRole.CanConfirmWithheldNotes = *role.CanConfirmWithheldNotes + } } return startingRole } -func RoleDeepCopy(o *Role) Role { +func RoleDeepCopy(o Role) Role { n := Role{} n.Model = o.Model n.Name = o.Name n.Priority = o.Priority n.IsUserRole = o.IsUserRole n.IsBuiltIn = o.IsBuiltIn - if o.CanManageCustomEmotes == nil { n.CanManageCustomEmotes = nil } else { - t := *o.CanManageCustomEmotes - n.CanManageCustomEmotes = &t + if o.AutoNsfwMedia == nil { n.AutoNsfwMedia = nil } else { + t := *o.AutoNsfwMedia + n.AutoNsfwMedia = &t } - if o.CanViewDeletedNotes == nil { n.CanViewDeletedNotes = nil } else { - t := *o.CanViewDeletedNotes - n.CanViewDeletedNotes = &t + if o.ScanCreatedLocalNotes == nil { n.ScanCreatedLocalNotes = nil } else { + t := *o.ScanCreatedLocalNotes + n.ScanCreatedLocalNotes = &t } - if o.CanManageAvatarDecorations == nil { n.CanManageAvatarDecorations = nil } else { - t := *o.CanManageAvatarDecorations - n.CanManageAvatarDecorations = &t - } - n.BlockedUsers = slices.Clone(o.BlockedUsers) - if o.FullAdmin == nil { n.FullAdmin = nil } else { - t := *o.FullAdmin - n.FullAdmin = &t - } - if o.CanAssignRoles == nil { n.CanAssignRoles = nil } else { - t := *o.CanAssignRoles - n.CanAssignRoles = &t + if o.CanAffectOtherAdmins == nil { n.CanAffectOtherAdmins = nil } else { + t := *o.CanAffectOtherAdmins + n.CanAffectOtherAdmins = &t } if o.CanRecoverDeletedNotes == nil { n.CanRecoverDeletedNotes = nil } else { t := *o.CanRecoverDeletedNotes n.CanRecoverDeletedNotes = &t } - if o.CanSendAnnouncements == nil { n.CanSendAnnouncements = nil } else { - t := *o.CanSendAnnouncements - n.CanSendAnnouncements = &t - } if o.CanSendPublicNotes == nil { n.CanSendPublicNotes = nil } else { t := *o.CanSendPublicNotes n.CanSendPublicNotes = &t } - if o.CanMentionOthers == nil { n.CanMentionOthers = nil } else { - t := *o.CanMentionOthers - n.CanMentionOthers = &t - } - if o.ScanCreatedPublicNotes == nil { n.ScanCreatedPublicNotes = nil } else { - t := *o.ScanCreatedPublicNotes - n.ScanCreatedPublicNotes = &t - } - if o.CanFederateFedi == nil { n.CanFederateFedi = nil } else { - t := *o.CanFederateFedi - n.CanFederateFedi = &t + if o.CanIncludeLinks == nil { n.CanIncludeLinks = nil } else { + t := *o.CanIncludeLinks + n.CanIncludeLinks = &t } if o.CanLogin == nil { n.CanLogin = nil } else { t := *o.CanLogin n.CanLogin = &t } + if o.MentionLimit == nil { n.MentionLimit = nil } else { + t := *o.MentionLimit + n.MentionLimit = &t + } + if o.CanManageAvatarDecorations == nil { n.CanManageAvatarDecorations = nil } else { + t := *o.CanManageAvatarDecorations + n.CanManageAvatarDecorations = &t + } + if o.FullAdmin == nil { n.FullAdmin = nil } else { + t := *o.FullAdmin + n.FullAdmin = &t + } + if o.CanOverwriteDisplayNames == nil { n.CanOverwriteDisplayNames = nil } else { + t := *o.CanOverwriteDisplayNames + n.CanOverwriteDisplayNames = &t + } + if o.CanSendFollowerOnlyNotes == nil { n.CanSendFollowerOnlyNotes = nil } else { + t := *o.CanSendFollowerOnlyNotes + n.CanSendFollowerOnlyNotes = &t + } + if o.CanChangeDisplayName == nil { n.CanChangeDisplayName = nil } else { + t := *o.CanChangeDisplayName + n.CanChangeDisplayName = &t + } if o.AutoCwPostsText == nil { n.AutoCwPostsText = nil } else { t := *o.AutoCwPostsText n.AutoCwPostsText = &t } - n.WithholdNotesRegexes = slices.Clone(o.WithholdNotesRegexes) - if o.CanSendFollowerOnlyNotes == nil { n.CanSendFollowerOnlyNotes = nil } else { - t := *o.CanSendFollowerOnlyNotes - n.CanSendFollowerOnlyNotes = &t + if o.ScanCreatedPrivateNotes == nil { n.ScanCreatedPrivateNotes = nil } else { + t := *o.ScanCreatedPrivateNotes + n.ScanCreatedPrivateNotes = &t + } + if o.CanDeleteNotes == nil { n.CanDeleteNotes = nil } else { + t := *o.CanDeleteNotes + n.CanDeleteNotes = &t + } + if o.CanSubmitReports == nil { n.CanSubmitReports = nil } else { + t := *o.CanSubmitReports + n.CanSubmitReports = &t + } + if o.HasMentionCountLimit == nil { n.HasMentionCountLimit = nil } else { + t := *o.HasMentionCountLimit + n.HasMentionCountLimit = &t + } + if o.ScanCreatedFollowerOnlyNotes == nil { n.ScanCreatedFollowerOnlyNotes = nil } else { + t := *o.ScanCreatedFollowerOnlyNotes + n.ScanCreatedFollowerOnlyNotes = &t + } + if o.WithholdNotesForManualApproval == nil { n.WithholdNotesForManualApproval = nil } else { + t := *o.WithholdNotesForManualApproval + n.WithholdNotesForManualApproval = &t + } + if o.CanIncludeSurvey == nil { n.CanIncludeSurvey = nil } else { + t := *o.CanIncludeSurvey + n.CanIncludeSurvey = &t + } + if o.ScanCreatedPublicNotes == nil { n.ScanCreatedPublicNotes = nil } else { + t := *o.ScanCreatedPublicNotes + n.ScanCreatedPublicNotes = &t + } + if o.WithholdNotesBasedOnRegex == nil { n.WithholdNotesBasedOnRegex = nil } else { + t := *o.WithholdNotesBasedOnRegex + n.WithholdNotesBasedOnRegex = &t + } + if o.CanSendAnnouncements == nil { n.CanSendAnnouncements = nil } else { + t := *o.CanSendAnnouncements + n.CanSendAnnouncements = &t + } + if o.CanManageAds == nil { n.CanManageAds = nil } else { + t := *o.CanManageAds + n.CanManageAds = &t + } + if o.CanSendReplies == nil { n.CanSendReplies = nil } else { + t := *o.CanSendReplies + n.CanSendReplies = &t + } + if o.CanMentionOthers == nil { n.CanMentionOthers = nil } else { + t := *o.CanMentionOthers + n.CanMentionOthers = &t + } + if o.CanConfirmWithheldNotes == nil { n.CanConfirmWithheldNotes = nil } else { + t := *o.CanConfirmWithheldNotes + n.CanConfirmWithheldNotes = &t + } + if o.CanAssignRoles == nil { n.CanAssignRoles = nil } else { + t := *o.CanAssignRoles + n.CanAssignRoles = &t } if o.CanSendPrivateNotes == nil { n.CanSendPrivateNotes = nil } else { t := *o.CanSendPrivateNotes @@ -222,114 +281,56 @@ func RoleDeepCopy(o *Role) Role { t := *o.CanBoost n.CanBoost = &t } - if o.CanFederateBsky == nil { n.CanFederateBsky = nil } else { - t := *o.CanFederateBsky - n.CanFederateBsky = &t - } - if o.CanChangeDisplayName == nil { n.CanChangeDisplayName = nil } else { - t := *o.CanChangeDisplayName - n.CanChangeDisplayName = &t - } - if o.AutoNsfwMedia == nil { n.AutoNsfwMedia = nil } else { - t := *o.AutoNsfwMedia - n.AutoNsfwMedia = &t - } - if o.WithholdNotesBasedOnRegex == nil { n.WithholdNotesBasedOnRegex = nil } else { - t := *o.WithholdNotesBasedOnRegex - n.WithholdNotesBasedOnRegex = &t - } - if o.CanAffectOtherAdmins == nil { n.CanAffectOtherAdmins = nil } else { - t := *o.CanAffectOtherAdmins - n.CanAffectOtherAdmins = &t - } - if o.CanSendCustomReactions == nil { n.CanSendCustomReactions = nil } else { - t := *o.CanSendCustomReactions - n.CanSendCustomReactions = &t - } - if o.CanIncludeLinks == nil { n.CanIncludeLinks = nil } else { - t := *o.CanIncludeLinks - n.CanIncludeLinks = &t - } - if o.CanIncludeSurvey == nil { n.CanIncludeSurvey = nil } else { - t := *o.CanIncludeSurvey - n.CanIncludeSurvey = &t - } - if o.CanConfirmWithheldNotes == nil { n.CanConfirmWithheldNotes = nil } else { - t := *o.CanConfirmWithheldNotes - n.CanConfirmWithheldNotes = &t - } - if o.CanOverwriteDisplayNames == nil { n.CanOverwriteDisplayNames = nil } else { - t := *o.CanOverwriteDisplayNames - n.CanOverwriteDisplayNames = &t - } - n.DisallowInteractionsWith = slices.Clone(o.DisallowInteractionsWith) - if o.WithholdNotesForManualApproval == nil { n.WithholdNotesForManualApproval = nil } else { - t := *o.WithholdNotesForManualApproval - n.WithholdNotesForManualApproval = &t - } - if o.CanDeleteNotes == nil { n.CanDeleteNotes = nil } else { - t := *o.CanDeleteNotes - n.CanDeleteNotes = &t - } - if o.CanManageAds == nil { n.CanManageAds = nil } else { - t := *o.CanManageAds - n.CanManageAds = &t - } - if o.CanSendMedia == nil { n.CanSendMedia = nil } else { - t := *o.CanSendMedia - n.CanSendMedia = &t - } - if o.CanSendReplies == nil { n.CanSendReplies = nil } else { - t := *o.CanSendReplies - n.CanSendReplies = &t - } - if o.HasMentionCountLimit == nil { n.HasMentionCountLimit = nil } else { - t := *o.HasMentionCountLimit - n.HasMentionCountLimit = &t - } - if o.CanSendLocalNotes == nil { n.CanSendLocalNotes = nil } else { - t := *o.CanSendLocalNotes - n.CanSendLocalNotes = &t - } - if o.CanQuote == nil { n.CanQuote = nil } else { - t := *o.CanQuote - n.CanQuote = &t - } - if o.MentionLimit == nil { n.MentionLimit = nil } else { - t := *o.MentionLimit - n.MentionLimit = &t - } - if o.CanSubmitReports == nil { n.CanSubmitReports = nil } else { - t := *o.CanSubmitReports - n.CanSubmitReports = &t - } - if o.AutoCwPosts == nil { n.AutoCwPosts = nil } else { - t := *o.AutoCwPosts - n.AutoCwPosts = &t + n.BlockedUsers = slices.Clone(o.BlockedUsers) + if o.CanViewDeletedNotes == nil { n.CanViewDeletedNotes = nil } else { + t := *o.CanViewDeletedNotes + n.CanViewDeletedNotes = &t } if o.CanSupressInteractionsBetweenUsers == nil { n.CanSupressInteractionsBetweenUsers = nil } else { t := *o.CanSupressInteractionsBetweenUsers n.CanSupressInteractionsBetweenUsers = &t } - if o.ScanCreatedPrivateNotes == nil { n.ScanCreatedPrivateNotes = nil } else { - t := *o.ScanCreatedPrivateNotes - n.ScanCreatedPrivateNotes = &t + if o.CanManageCustomEmotes == nil { n.CanManageCustomEmotes = nil } else { + t := *o.CanManageCustomEmotes + n.CanManageCustomEmotes = &t + } + if o.CanQuote == nil { n.CanQuote = nil } else { + t := *o.CanQuote + n.CanQuote = &t + } + if o.CanFederateFedi == nil { n.CanFederateFedi = nil } else { + t := *o.CanFederateFedi + n.CanFederateFedi = &t + } + if o.CanFederateBsky == nil { n.CanFederateBsky = nil } else { + t := *o.CanFederateBsky + n.CanFederateBsky = &t + } + n.WithholdNotesRegexes = slices.Clone(o.WithholdNotesRegexes) + if o.AutoCwPosts == nil { n.AutoCwPosts = nil } else { + t := *o.AutoCwPosts + n.AutoCwPosts = &t + } + n.DisallowInteractionsWith = slices.Clone(o.DisallowInteractionsWith) + if o.CanSendMedia == nil { n.CanSendMedia = nil } else { + t := *o.CanSendMedia + n.CanSendMedia = &t } if o.CanSendCustomEmotes == nil { n.CanSendCustomEmotes = nil } else { t := *o.CanSendCustomEmotes n.CanSendCustomEmotes = &t } - if o.ScanCreatedLocalNotes == nil { n.ScanCreatedLocalNotes = nil } else { - t := *o.ScanCreatedLocalNotes - n.ScanCreatedLocalNotes = &t + if o.CanSendCustomReactions == nil { n.CanSendCustomReactions = nil } else { + t := *o.CanSendCustomReactions + n.CanSendCustomReactions = &t } - if o.ScanCreatedFollowerOnlyNotes == nil { n.ScanCreatedFollowerOnlyNotes = nil } else { - t := *o.ScanCreatedFollowerOnlyNotes - n.ScanCreatedFollowerOnlyNotes = &t + if o.CanSendLocalNotes == nil { n.CanSendLocalNotes = nil } else { + t := *o.CanSendLocalNotes + n.CanSendLocalNotes = &t } return n } func CompareRoles(a, b *Role) bool { - return (a.WithholdNotesForManualApproval == nil || b.WithholdNotesForManualApproval == nil || a.WithholdNotesForManualApproval == b.WithholdNotesForManualApproval) && (a.CanDeleteNotes == nil || b.CanDeleteNotes == nil || a.CanDeleteNotes == b.CanDeleteNotes) && (a.CanManageAds == nil || b.CanManageAds == nil || a.CanManageAds == b.CanManageAds) && (a.CanSendMedia == nil || b.CanSendMedia == nil || a.CanSendMedia == b.CanSendMedia) && (a.CanSendReplies == nil || b.CanSendReplies == nil || a.CanSendReplies == b.CanSendReplies) && (a.HasMentionCountLimit == nil || b.HasMentionCountLimit == nil || a.HasMentionCountLimit == b.HasMentionCountLimit) && (a.DisallowInteractionsWith == nil || b.DisallowInteractionsWith == nil || sliceutils.CompareUnordered(a.DisallowInteractionsWith,b.DisallowInteractionsWith)) && (a.CanSendLocalNotes == nil || b.CanSendLocalNotes == nil || a.CanSendLocalNotes == b.CanSendLocalNotes) && (a.CanQuote == nil || b.CanQuote == nil || a.CanQuote == b.CanQuote) && (a.MentionLimit == nil || b.MentionLimit == nil || a.MentionLimit == b.MentionLimit) && (a.CanSubmitReports == nil || b.CanSubmitReports == nil || a.CanSubmitReports == b.CanSubmitReports) && (a.AutoCwPosts == nil || b.AutoCwPosts == nil || a.AutoCwPosts == b.AutoCwPosts) && (a.CanSupressInteractionsBetweenUsers == nil || b.CanSupressInteractionsBetweenUsers == nil || a.CanSupressInteractionsBetweenUsers == b.CanSupressInteractionsBetweenUsers) && (a.CanSendCustomEmotes == nil || b.CanSendCustomEmotes == nil || a.CanSendCustomEmotes == b.CanSendCustomEmotes) && (a.ScanCreatedLocalNotes == nil || b.ScanCreatedLocalNotes == nil || a.ScanCreatedLocalNotes == b.ScanCreatedLocalNotes) && (a.ScanCreatedFollowerOnlyNotes == nil || b.ScanCreatedFollowerOnlyNotes == nil || a.ScanCreatedFollowerOnlyNotes == b.ScanCreatedFollowerOnlyNotes) && (a.ScanCreatedPrivateNotes == nil || b.ScanCreatedPrivateNotes == nil || a.ScanCreatedPrivateNotes == b.ScanCreatedPrivateNotes) && (a.CanViewDeletedNotes == nil || b.CanViewDeletedNotes == nil || a.CanViewDeletedNotes == b.CanViewDeletedNotes) && (a.CanManageAvatarDecorations == nil || b.CanManageAvatarDecorations == nil || a.CanManageAvatarDecorations == b.CanManageAvatarDecorations) && (a.BlockedUsers == nil || b.BlockedUsers == nil || sliceutils.CompareUnordered(a.BlockedUsers,b.BlockedUsers)) && (a.FullAdmin == nil || b.FullAdmin == nil || a.FullAdmin == b.FullAdmin) && (a.CanAssignRoles == nil || b.CanAssignRoles == nil || a.CanAssignRoles == b.CanAssignRoles) && (a.CanManageCustomEmotes == nil || b.CanManageCustomEmotes == nil || a.CanManageCustomEmotes == b.CanManageCustomEmotes) && (a.CanSendAnnouncements == nil || b.CanSendAnnouncements == nil || a.CanSendAnnouncements == b.CanSendAnnouncements) && (a.CanSendPublicNotes == nil || b.CanSendPublicNotes == nil || a.CanSendPublicNotes == b.CanSendPublicNotes) && (a.CanMentionOthers == nil || b.CanMentionOthers == nil || a.CanMentionOthers == b.CanMentionOthers) && (a.ScanCreatedPublicNotes == nil || b.ScanCreatedPublicNotes == nil || a.ScanCreatedPublicNotes == b.ScanCreatedPublicNotes) && (a.CanRecoverDeletedNotes == nil || b.CanRecoverDeletedNotes == nil || a.CanRecoverDeletedNotes == b.CanRecoverDeletedNotes) && (a.CanLogin == nil || b.CanLogin == nil || a.CanLogin == b.CanLogin) && (a.AutoCwPostsText == nil || b.AutoCwPostsText == nil || a.AutoCwPostsText == b.AutoCwPostsText) && (a.WithholdNotesRegexes == nil || b.WithholdNotesRegexes == nil || sliceutils.CompareUnordered(a.WithholdNotesRegexes,b.WithholdNotesRegexes)) && (a.CanSendFollowerOnlyNotes == nil || b.CanSendFollowerOnlyNotes == nil || a.CanSendFollowerOnlyNotes == b.CanSendFollowerOnlyNotes) && (a.CanSendPrivateNotes == nil || b.CanSendPrivateNotes == nil || a.CanSendPrivateNotes == b.CanSendPrivateNotes) && (a.CanBoost == nil || b.CanBoost == nil || a.CanBoost == b.CanBoost) && (a.CanFederateFedi == nil || b.CanFederateFedi == nil || a.CanFederateFedi == b.CanFederateFedi) && (a.CanChangeDisplayName == nil || b.CanChangeDisplayName == nil || a.CanChangeDisplayName == b.CanChangeDisplayName) && (a.AutoNsfwMedia == nil || b.AutoNsfwMedia == nil || a.AutoNsfwMedia == b.AutoNsfwMedia) && (a.WithholdNotesBasedOnRegex == nil || b.WithholdNotesBasedOnRegex == nil || a.WithholdNotesBasedOnRegex == b.WithholdNotesBasedOnRegex) && (a.CanAffectOtherAdmins == nil || b.CanAffectOtherAdmins == nil || a.CanAffectOtherAdmins == b.CanAffectOtherAdmins) && (a.CanSendCustomReactions == nil || b.CanSendCustomReactions == nil || a.CanSendCustomReactions == b.CanSendCustomReactions) && (a.CanIncludeLinks == nil || b.CanIncludeLinks == nil || a.CanIncludeLinks == b.CanIncludeLinks) && (a.CanIncludeSurvey == nil || b.CanIncludeSurvey == nil || a.CanIncludeSurvey == b.CanIncludeSurvey) && (a.CanFederateBsky == nil || b.CanFederateBsky == nil || a.CanFederateBsky == b.CanFederateBsky) && (a.CanConfirmWithheldNotes == nil || b.CanConfirmWithheldNotes == nil || a.CanConfirmWithheldNotes == b.CanConfirmWithheldNotes) && (a.CanOverwriteDisplayNames == nil || b.CanOverwriteDisplayNames == nil || a.CanOverwriteDisplayNames == b.CanOverwriteDisplayNames) && (a == nil || b == nil || a.CanOverwriteDisplayNames == b.CanOverwriteDisplayNames) + return (a.CanQuote == nil || b.CanQuote == nil || a.CanQuote == b.CanQuote) && (a.CanFederateFedi == nil || b.CanFederateFedi == nil || a.CanFederateFedi == b.CanFederateFedi) && (a.CanFederateBsky == nil || b.CanFederateBsky == nil || a.CanFederateBsky == b.CanFederateBsky) && (a.WithholdNotesRegexes == nil || b.WithholdNotesRegexes == nil || sliceutils.CompareUnordered(a.WithholdNotesRegexes,b.WithholdNotesRegexes)) && (a.CanSupressInteractionsBetweenUsers == nil || b.CanSupressInteractionsBetweenUsers == nil || a.CanSupressInteractionsBetweenUsers == b.CanSupressInteractionsBetweenUsers) && (a.CanManageCustomEmotes == nil || b.CanManageCustomEmotes == nil || a.CanManageCustomEmotes == b.CanManageCustomEmotes) && (a.CanSendMedia == nil || b.CanSendMedia == nil || a.CanSendMedia == b.CanSendMedia) && (a.CanSendCustomEmotes == nil || b.CanSendCustomEmotes == nil || a.CanSendCustomEmotes == b.CanSendCustomEmotes) && (a.CanSendCustomReactions == nil || b.CanSendCustomReactions == nil || a.CanSendCustomReactions == b.CanSendCustomReactions) && (a.CanSendLocalNotes == nil || b.CanSendLocalNotes == nil || a.CanSendLocalNotes == b.CanSendLocalNotes) && (a.AutoCwPosts == nil || b.AutoCwPosts == nil || a.AutoCwPosts == b.AutoCwPosts) && (a.DisallowInteractionsWith == nil || b.DisallowInteractionsWith == nil || sliceutils.CompareUnordered(a.DisallowInteractionsWith,b.DisallowInteractionsWith)) && (a.CanSendPublicNotes == nil || b.CanSendPublicNotes == nil || a.CanSendPublicNotes == b.CanSendPublicNotes) && (a.CanIncludeLinks == nil || b.CanIncludeLinks == nil || a.CanIncludeLinks == b.CanIncludeLinks) && (a.CanLogin == nil || b.CanLogin == nil || a.CanLogin == b.CanLogin) && (a.MentionLimit == nil || b.MentionLimit == nil || a.MentionLimit == b.MentionLimit) && (a.AutoNsfwMedia == nil || b.AutoNsfwMedia == nil || a.AutoNsfwMedia == b.AutoNsfwMedia) && (a.ScanCreatedLocalNotes == nil || b.ScanCreatedLocalNotes == nil || a.ScanCreatedLocalNotes == b.ScanCreatedLocalNotes) && (a.CanAffectOtherAdmins == nil || b.CanAffectOtherAdmins == nil || a.CanAffectOtherAdmins == b.CanAffectOtherAdmins) && (a.CanRecoverDeletedNotes == nil || b.CanRecoverDeletedNotes == nil || a.CanRecoverDeletedNotes == b.CanRecoverDeletedNotes) && (a.CanManageAvatarDecorations == nil || b.CanManageAvatarDecorations == nil || a.CanManageAvatarDecorations == b.CanManageAvatarDecorations) && (a.CanSendFollowerOnlyNotes == nil || b.CanSendFollowerOnlyNotes == nil || a.CanSendFollowerOnlyNotes == b.CanSendFollowerOnlyNotes) && (a.CanChangeDisplayName == nil || b.CanChangeDisplayName == nil || a.CanChangeDisplayName == b.CanChangeDisplayName) && (a.AutoCwPostsText == nil || b.AutoCwPostsText == nil || a.AutoCwPostsText == b.AutoCwPostsText) && (a.ScanCreatedPrivateNotes == nil || b.ScanCreatedPrivateNotes == nil || a.ScanCreatedPrivateNotes == b.ScanCreatedPrivateNotes) && (a.FullAdmin == nil || b.FullAdmin == nil || a.FullAdmin == b.FullAdmin) && (a.CanOverwriteDisplayNames == nil || b.CanOverwriteDisplayNames == nil || a.CanOverwriteDisplayNames == b.CanOverwriteDisplayNames) && (a.CanSubmitReports == nil || b.CanSubmitReports == nil || a.CanSubmitReports == b.CanSubmitReports) && (a.HasMentionCountLimit == nil || b.HasMentionCountLimit == nil || a.HasMentionCountLimit == b.HasMentionCountLimit) && (a.ScanCreatedFollowerOnlyNotes == nil || b.ScanCreatedFollowerOnlyNotes == nil || a.ScanCreatedFollowerOnlyNotes == b.ScanCreatedFollowerOnlyNotes) && (a.WithholdNotesForManualApproval == nil || b.WithholdNotesForManualApproval == nil || a.WithholdNotesForManualApproval == b.WithholdNotesForManualApproval) && (a.CanDeleteNotes == nil || b.CanDeleteNotes == nil || a.CanDeleteNotes == b.CanDeleteNotes) && (a.CanIncludeSurvey == nil || b.CanIncludeSurvey == nil || a.CanIncludeSurvey == b.CanIncludeSurvey) && (a.ScanCreatedPublicNotes == nil || b.ScanCreatedPublicNotes == nil || a.ScanCreatedPublicNotes == b.ScanCreatedPublicNotes) && (a.WithholdNotesBasedOnRegex == nil || b.WithholdNotesBasedOnRegex == nil || a.WithholdNotesBasedOnRegex == b.WithholdNotesBasedOnRegex) && (a.CanSendAnnouncements == nil || b.CanSendAnnouncements == nil || a.CanSendAnnouncements == b.CanSendAnnouncements) && (a.CanSendReplies == nil || b.CanSendReplies == nil || a.CanSendReplies == b.CanSendReplies) && (a.CanMentionOthers == nil || b.CanMentionOthers == nil || a.CanMentionOthers == b.CanMentionOthers) && (a.CanConfirmWithheldNotes == nil || b.CanConfirmWithheldNotes == nil || a.CanConfirmWithheldNotes == b.CanConfirmWithheldNotes) && (a.CanAssignRoles == nil || b.CanAssignRoles == nil || a.CanAssignRoles == b.CanAssignRoles) && (a.CanManageAds == nil || b.CanManageAds == nil || a.CanManageAds == b.CanManageAds) && (a.CanSendPrivateNotes == nil || b.CanSendPrivateNotes == nil || a.CanSendPrivateNotes == b.CanSendPrivateNotes) && (a.CanBoost == nil || b.CanBoost == nil || a.CanBoost == b.CanBoost) && (a.BlockedUsers == nil || b.BlockedUsers == nil || sliceutils.CompareUnordered(a.BlockedUsers,b.BlockedUsers)) && (a.CanViewDeletedNotes == nil || b.CanViewDeletedNotes == nil || a.CanViewDeletedNotes == b.CanViewDeletedNotes) && (a == nil || b == nil || a.CanViewDeletedNotes == b.CanViewDeletedNotes) } \ No newline at end of file diff --git a/storage/user.go b/storage/user.go index 6a89af8..509987b 100644 --- a/storage/user.go +++ b/storage/user.go @@ -4,6 +4,7 @@ import ( "crypto/ed25519" "crypto/rand" "errors" + "fmt" "strings" "time" @@ -57,7 +58,7 @@ type Account struct { // An unordered list since the owner can freely set it // Examples: [she her], [it they its them] or, if you want to go fancy, [this is super serious] Gender []string `gorm:"serializer:json"` - // The roles assocciated with an account + // The roles assocciated with an account. Values are the names of the roles Roles []string `gorm:"serializer:json"` // --- And internal account stuff --- @@ -320,6 +321,12 @@ func (s *Storage) NewEmptyAccount() (*Account, error) { } log.Debug().Msg("Random webauthn id for new account created") acc.ID = uuid.NewString() + + accountRole, err := s.NewEmptyRole(acc.ID) + if err != nil { + return nil, fmt.Errorf("failed to generate account role for new account: %w", err) + } + acc.WebAuthnId = data acc.Followers = []string{} acc.Tags = []string{} @@ -328,6 +335,7 @@ func (s *Storage) NewEmptyAccount() (*Account, error) { acc.CustomFields = []uint{} acc.IdentifiesAs = []Being{} acc.PasskeyCredentials = []webauthn.Credential{} + acc.Roles = []string{DefaultUserRole.Name, accountRole.Name} log.Debug().Any("account", &acc).Msg("Saving new account in db") res := s.db.Save(&acc) if res.Error != nil {