bleh

More API stuff. Lots of bleh. Really boring Also need to figure out a somewhat generic way for "requires ownership" permission and then a combinator for permissions
2024-11-04 16:25:39 +01:00 · 2024-11-04 16:25:39 +01:00 · 1bb6cd8a70
commit 1bb6cd8a70
parent ffe3cf32ae
8 changed files with 438 additions and 300 deletions
--- a/storage/remoteServerInfo.go
+++ b/storage/remoteServerInfo.go
@ -87,7 +87,7 @@ func (s *Storage) UpdateRemoteServer(url string, displayName, icon *string) (*Re
 	if displayName == nil && icon == nil {
 		return nil, ErrNothingToChange
 	}
-	server, err := s.FindRemoteServer(url)
+	server, err := s.FindRemoteServerByDomain(url)
 	if err != nil {
 		return nil, err
 	}
--- a/storage/roles.go
+++ b/storage/roles.go
@ -39,30 +39,31 @@ type Role struct {
 	IsBuiltIn bool

 	// --- User permissions ---
-	CanSendMedia             *bool
-	CanSendCustomEmotes      *bool
-	CanSendCustomReactions   *bool
-	CanSendPublicNotes       *bool
-	CanSendLocalNotes        *bool
-	CanSendFollowerOnlyNotes *bool
-	CanSendPrivateNotes      *bool
-	CanSendReplies           *bool
-	CanQuote                 *bool
-	CanBoost                 *bool
-	CanIncludeLinks          *bool
-	CanIncludeSurvey         *bool
-	CanFederateFedi          *bool
-	CanFederateBsky          *bool
+	CanSendMedia             *bool // Local & remote
+	CanSendCustomEmotes      *bool // Local & remote
+	CanSendCustomReactions   *bool // Local & remote
+	CanSendPublicNotes       *bool // Local & remote
+	CanSendLocalNotes        *bool // Local & remote
+	CanSendFollowerOnlyNotes *bool // Local & remote
+	CanSendPrivateNotes      *bool // Local & remote
+	CanSendReplies           *bool // Local & remote
+	CanQuote                 *bool // Local only
+	CanBoost                 *bool // Local only
+	CanIncludeLinks          *bool // Local & remote
+	CanIncludeSurvey         *bool // Local
+	CanFederateFedi          *bool // Local & remote
+	CanFederateBsky          *bool // Local

-	CanChangeDisplayName *bool
+	CanChangeDisplayName *bool // Local

-	BlockedUsers     []string `gorm:"type:bytes;serializer:gob"`
-	CanSubmitReports *bool
-	CanLogin         *bool
+	// Internal ids of accounts blocked by this role
+	BlockedUsers     []string `gorm:"type:bytes;serializer:gob"` // Local
+	CanSubmitReports *bool    // Local & remote
+	CanLogin         *bool    // Local

-	CanMentionOthers     *bool
-	HasMentionCountLimit *bool
-	MentionLimit         *uint32
+	CanMentionOthers     *bool   // Local & remote
+	HasMentionCountLimit *bool   // Local & remote
+	MentionLimit         *uint32 // Local & remote

 	// CanViewBoosts *bool
 	// CanViewQuotes *bool
@ -70,39 +71,39 @@ type Role struct {
 	// CanViewCustomEmotes *bool

 	// --- Automod ---
-	AutoNsfwMedia                *bool
-	AutoCwPosts                  *bool
-	AutoCwPostsText              *string
-	ScanCreatedPublicNotes       *bool
-	ScanCreatedLocalNotes        *bool
-	ScanCreatedFollowerOnlyNotes *bool
-	ScanCreatedPrivateNotes      *bool
+	AutoNsfwMedia                *bool   // Local & remote
+	AutoCwPosts                  *bool   // Local & remote
+	AutoCwPostsText              *string // Local & remote
+	ScanCreatedPublicNotes       *bool   // Local & remote
+	ScanCreatedLocalNotes        *bool   // Local & remote
+	ScanCreatedFollowerOnlyNotes *bool   // Local & remote
+	ScanCreatedPrivateNotes      *bool   // Local & remote
 	// Blocks all interactions and federation between users with the role and all included ids/handles
 	// TODO: Decide whether this is a list of handles or of account ids
 	// Handles would increase the load due to having to search for them first
 	// while ids would require to store every single account mentioned
 	// which could cause escalating storage costs
-	DisallowInteractionsWith []string `gorm:"type:bytes;serializer:gob"`
+	DisallowInteractionsWith []string `gorm:"type:bytes;serializer:gob"` // Local & remote

-	WithholdNotesForManualApproval *bool
-	WithholdNotesBasedOnRegex      *bool
-	WithholdNotesRegexes           []string `gorm:"type:bytes;serializer:gob"`
+	WithholdNotesForManualApproval *bool    // Local & remote
+	WithholdNotesBasedOnRegex      *bool    // Local & remote
+	WithholdNotesRegexes           []string `gorm:"type:bytes;serializer:gob"` // Local & remote

 	// --- Admin perms ---
 	// If set, counts as all permissions being set as given and all restrictions being disabled
-	FullAdmin                          *bool
-	CanAffectOtherAdmins               *bool
-	CanDeleteNotes                     *bool
-	CanConfirmWithheldNotes            *bool
-	CanAssignRoles                     *bool
-	CanSupressInteractionsBetweenUsers *bool
-	CanOverwriteDisplayNames           *bool
-	CanManageCustomEmotes              *bool
-	CanViewDeletedNotes                *bool
-	CanRecoverDeletedNotes             *bool
-	CanManageAvatarDecorations         *bool
-	CanManageAds                       *bool
-	CanSendAnnouncements               *bool
+	FullAdmin                          *bool // Local
+	CanAffectOtherAdmins               *bool // Local
+	CanDeleteNotes                     *bool // Local
+	CanConfirmWithheldNotes            *bool // Local
+	CanAssignRoles                     *bool // Local
+	CanSupressInteractionsBetweenUsers *bool // Local
+	CanOverwriteDisplayNames           *bool // Local
+	CanManageCustomEmotes              *bool // Local
+	CanViewDeletedNotes                *bool // Local
+	CanRecoverDeletedNotes             *bool // Local
+	CanManageAvatarDecorations         *bool // Local
+	CanManageAds                       *bool // Local
+	CanSendAnnouncements               *bool // Local
 }

 /*
@ -169,7 +170,8 @@ func (s *Storage) NewEmptyRole(name string) (*Role, error) {
 		return nil, err
 	}

-	newRole := Role{Name: name}
+	// New roles have a priority of 1 by default
+	newRole := Role{Name: name, Priority: 1}
 	err = s.db.Create(&newRole).Error
 	if err != nil {
 		return nil, err
@ -189,3 +191,16 @@ func (s *Storage) FindRoleByName(name string) (*Role, error) {
 		return nil, err
 	}
 }
+
+func (s *Storage) FindRolesByNames(names []string) ([]Role, error) {
+	roles := []Role{}
+	err := s.db.Where("name IN ?", names).Find(&roles).Error
+	switch err {
+	case nil:
+		return roles, nil
+	case gorm.ErrRecordNotFound:
+		return nil, ErrEntryNotFound
+	default:
+		return nil, err
+	}
+}
--- a/storage/rolesUtil_generated.go
+++ b/storage/rolesUtil_generated.go
--- a/storage/user.go
+++ b/storage/user.go
@ -4,6 +4,7 @@ import (
 	"crypto/ed25519"
 	"crypto/rand"
 	"errors"
+	"fmt"
 	"strings"
 	"time"

@ -57,7 +58,7 @@ type Account struct {
 	// An unordered list since the owner can freely set it
 	// Examples: [she her], [it they its them] or, if you want to go fancy, [this is super serious]
 	Gender []string `gorm:"serializer:json"`
-	// The roles assocciated with an account
+	// The roles assocciated with an account. Values are the names of the roles
 	Roles []string `gorm:"serializer:json"`

 	// --- And internal account stuff ---
@ -320,6 +321,12 @@ func (s *Storage) NewEmptyAccount() (*Account, error) {
 	}
 	log.Debug().Msg("Random webauthn id for new account created")
 	acc.ID = uuid.NewString()
+
+	accountRole, err := s.NewEmptyRole(acc.ID)
+	if err != nil {
+		return nil, fmt.Errorf("failed to generate account role for new account: %w", err)
+	}
+
 	acc.WebAuthnId = data
 	acc.Followers = []string{}
 	acc.Tags = []string{}
@ -328,6 +335,7 @@ func (s *Storage) NewEmptyAccount() (*Account, error) {
 	acc.CustomFields = []uint{}
 	acc.IdentifiesAs = []Being{}
 	acc.PasskeyCredentials = []webauthn.Credential{}
+	acc.Roles = []string{DefaultUserRole.Name, accountRole.Name}
 	log.Debug().Any("account", &acc).Msg("Saving new account in db")
 	res := s.db.Save(&acc)
 	if res.Error != nil {