diff options
| author |  f0x52 <f0x@cthu.lu> | 2023-08-19 14:33:15 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2023-08-19 14:33:15 +0200 |
| commit | 92de8fb396265d057f18aab4de0bc8aff4b90188 (patch) | |
| tree | 46438b9ff550261f56aa58d038cdf2f1e15493e3 /internal/api/client/admin/rulecreate.go | |
| parent | [bugfix] fix double firing bun.DB query hooks (#2124) (diff) | |
| download | gotosocial-92de8fb396265d057f18aab4de0bc8aff4b90188.tar.xz | |
[feature] Instance rules (#2125)
* init instance rules database model, admin api
* expose instance rules in public instance api
* public /api/v1/instance/rules route
* GET ruleById
* createRule route
* createRule auth check
* updateRule
* deleteRule
* list rules on about page
* ruleGet auth
* add about page ids for anchors
* process and store adding violated rules to reports
* admin api models for instance rules
* instance rule edit frontend
* change rule inputs to textareas
* database fixes after rebase (#2124)
* remove unused imports
* fix db migration column name
* fix tests
* fix more tests
* fix postgres error with wrongly used Ident
* add some tests, fiddle with rule model a bit, fix postgres migration
* swagger docs
---------
Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
Diffstat (limited to 'internal/api/client/admin/rulecreate.go')
| -rw-r--r-- | internal/api/client/admin/rulecreate.go | 120 |
1 files changed, 120 insertions, 0 deletions
diff --git a/internal/api/client/admin/rulecreate.go b/internal/api/client/admin/rulecreate.go new file mode 100644 index 000000000..7792233f6 --- /dev/null +++ b/internal/api/client/admin/rulecreate.go @@ -0,0 +1,120 @@ +// GoToSocial +// Copyright (C) GoToSocial Authors admin@gotosocial.org +// SPDX-License-Identifier: AGPL-3.0-or-later +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +package admin + +import ( + "errors" + "fmt" + "net/http" + + "github.com/gin-gonic/gin" + apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" + apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util" + "github.com/superseriousbusiness/gotosocial/internal/gtserror" + "github.com/superseriousbusiness/gotosocial/internal/oauth" +) + +// RulePOSTHandler swagger:operation POST /api/v1/admin/instance/rules ruleCreate +// +// Create a new instance rule. +// +// --- +// tags: +// - admin +// +// consumes: +// - multipart/form-data +// +// produces: +// - application/json +// +// parameters: +// - +// name: text +// in: formData +// description: >- +// Text body for the instance rule, plaintext. +// type: string +// required: true +// +// security: +// - OAuth2 Bearer: +// - admin +// +// responses: +// '200': +// description: The newly-created instance rule. +// schema: +// "$ref": "#/definitions/instanceRule" +// '400': +// description: bad request +// '401': +// description: unauthorized +// '403': +// description: forbidden +// '404': +// description: not found +// '406': +// description: not acceptable +// '500': +// description: internal server error +func (m *Module) RulePOSTHandler(c *gin.Context) { + authed, err := oauth.Authed(c, true, true, true, true) + if err != nil { + apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1) + return + } + + if !*authed.User.Admin { + err := fmt.Errorf("user %s not an admin", authed.User.ID) + apiutil.ErrorHandler(c, gtserror.NewErrorForbidden(err, err.Error()), m.processor.InstanceGetV1) + return + } + + if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil { + apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1) + return + } + + form := &apimodel.InstanceRuleCreateRequest{} + if err := c.ShouldBind(form); err != nil { + apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1) + return + } + + if err := validateCreateRule(form); err != nil { + apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1) + return + } + + apiRule, errWithCode := m.processor.Admin().RuleCreate(c.Request.Context(), form) + if errWithCode != nil { + apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) + return + } + + c.JSON(http.StatusOK, apiRule) +} + +func validateCreateRule(form *apimodel.InstanceRuleCreateRequest) error { + if form.Text == "" { + return errors.New("Instance rule text is empty") + } + + return nil +} |