gractwo/mnemosyne
4
0
Fork 0
Code Pull Requests Actions Packages Activity

Compare commits

base: gractwo:05d4aca7411b29ecea34b3b6d7147b7dd9e4e62f
Branches Tags
gractwo:master
..
compare: gractwo:master
Branches Tags
gractwo:master

24 Commits
05d4aca741 ... master

Author SHA1 Message Date
jmanczak
256d12c9c8 Merge branch 'master' into gractwo
All checks were successful
mnemo-build-and-publish / gractwo-mnemo-build (push) Successful in 1m11s
Details
2026-05-12 00:55:10 +02:00
jmanczak
65edef47b2 user permission management over api 2026-05-12 00:54:52 +02:00
jmanczak
9b69a0a5ee actually use default permissions, misc 2026-05-12 00:08:20 +02:00
jmanczak
e2e9a3efb5 Admin permission, grant/revoke/reset permission helpers 2026-05-06 18:19:09 +02:00
jmanczak
1f07952973 proper permission checking 2026-05-06 03:07:03 +02:00
jmanczak
b1ccd21068 Merge branch 'master' into gractwo
All checks were successful
mnemo-build-and-publish / gractwo-mnemo-build (push) Successful in 1m14s
Details
2026-05-06 02:50:44 +02:00
jmanczak
7d284f0777 prioritize special uuids in user page display 2026-05-06 02:49:42 +02:00
jmanczak
84dde9cc4b require permission to delete quotes 2026-05-06 02:24:05 +02:00
jmanczak
e7c0523841 quotelink hover, also make dashboard quotes into links 2026-05-06 02:00:23 +02:00
jmanczak
7fe1b6f8be Merge branch 'master' into gractwo
All checks were successful
mnemo-build-and-publish / gractwo-mnemo-build (push) Successful in 1m13s
Details
2026-05-06 00:58:28 +02:00
jmanczak
ca726c8e8b quote deletion confirmation 2026-05-06 00:58:07 +02:00
jmanczak
a08ba568cb Merge branch 'master' into gractwo
All checks were successful
mnemo-build-and-publish / gractwo-mnemo-build (push) Successful in 1m13s
Details
2026-05-06 00:43:48 +02:00
jmanczak
dd75d89472 quote deletion 🎉😮 2026-05-06 00:43:20 +02:00
jmanczak
9eb3332576 forgot to make the 404 page return status 404 2026-05-06 00:13:38 +02:00
jmanczak
032d450af2 barebones quote-specific page 2026-05-05 23:52:09 +02:00
jmanczak
76ac36c4fb remove MnemoConf::new 2026-05-05 15:23:49 +02:00
jmanczak
29804e75e5 allow unused icons 2026-05-05 14:40:17 +02:00
jmanczak
0be4f11f66 Merge branch 'master' into gractwo
All checks were successful
mnemo-build-and-publish / gractwo-mnemo-build (push) Successful in 1m13s
Details
2026-05-05 11:01:29 +02:00
jmanczak
f876ff3f00 only show instance config link for permitted users, make nav markup 
component async
 2026-05-04 14:11:31 +02:00
jmanczak
47cd13f734 gitignore scripts for local work 2026-05-04 14:07:48 +02:00
jmanczak
cdd296ea84 Merge branch 'master' into gractwo
All checks were successful
mnemo-build-and-publish / gractwo-mnemo-build (push) Successful in 1m11s
Details
2026-05-01 16:33:03 +02:00
jmanczak
4d49a5c0b3 add options to choose if quote should be sent via discord webhook 2026-05-01 16:13:51 +02:00
jmanczak
4aa96dca01 merge upstream
All checks were successful
mnemo-build-and-publish / gractwo-mnemo-build (push) Successful in 1m7s
Details
2026-04-30 20:02:34 +00:00
jmanczak
be462dc662 actually do db readwrites this time 2026-04-30 22:01:28 +02:00
29 changed files with 576 additions and 52 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -2,6 +2,7 @@
.DS_Store
/database
/mnemodata
/scripts
*.db
*.db-shm
*.db-wal

4
src/api/mod.rs
View File

@@ -28,6 +28,10 @@ pub fn api_router() -> Router<MnemoState> {
.route("/api/users/@{handle}", get(users::get_by_handle))
.route("/api/users/{id}/setpassw", post(users::change_password))
.route("/api/users/{id}/sethandle", post(users::change_handle))
.route(
"/api/users/{id}/permissions/{perm}",
get(users::get_permission).put(users::put_permission),
)
// sessions
.route("/api/sessions/{id}", get(sessions::get_by_id))
.route("/api/sessions/{id}/revoke", post(sessions::revoke_by_id))

9
src/api/quotes.rs
View File

@@ -53,6 +53,8 @@ pub struct QuoteCreateForm {
pub context: Option<String>,
pub location: Option<String>,
pub public: bool,
#[serde(default)]
pub discord_webhook: bool,
}
pub async fn create(
@@ -85,5 +87,12 @@ pub async fn create(
LogEntry::new(&mut tx, u, LogAction::CreateQuote { id: q.id }).await?;
tx.commit().await?;
if form.discord_webhook {
if let Some(ref url) = state.conf.read().await.discord_webhook {
q.post_msg_webhook(url.clone());
}
}
Ok((StatusCode::CREATED, Json(q)).into_response())
}

82
src/api/users.rs
View File

@@ -15,13 +15,14 @@ use crate::{
User,
auth::{UserAuthRequired, UserAuthenticate},
handle::UserHandle,
permissions::Permission,
permissions::{Permission, PermissionState},
},
};
const CANT_CHANGE_OTHERS_HANDLE: &str = "You don't have permission to change this user's handle.";
const CANT_CHANGE_OTHERS_PASSW: &str = "You don't have permission to change this user's password.";
const CANT_MANUALLY_MAKE_USERS: &str = "You don't have permission to manually create new users.";
const GO_AWAY: &str = "You don't have permission to look into permissions!";
const HANDLE_CHANGED_SUCCESS: &str = "Handle changed successfully.";
const PASSW_CHANGED_SUCCESS: &str = "Password changed successfully.";
@@ -170,3 +171,82 @@ pub async fn change_password(
Ok(PASSW_CHANGED_SUCCESS.into_response())
}
pub async fn get_permission(
State(state): State<MnemoState>,
Path((uid, perm)): Path<(Uuid, Permission)>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = User::authenticate(&mut conn, &headers).await?.required()?;
if !u.has_permission(&mut conn, Permission::Admin).await? {
return Ok((StatusCode::FORBIDDEN, GO_AWAY).into_response());
}
let target = User::get_by_id(&mut conn, uid).await?;
let has: PermissionState = target.permission_dbstate(&mut conn, perm).await?.into();
Ok((StatusCode::OK, Json(has)).into_response())
}
pub async fn put_permission(
State(state): State<MnemoState>,
Path((uid, perm)): Path<(Uuid, Permission)>,
headers: HeaderMap,
Json(newstate): Json<PermissionState>,
) -> Result<Response, CompositeError> {
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
if !u.has_permission(&mut tx, Permission::Admin).await? {
return Ok((StatusCode::FORBIDDEN, GO_AWAY).into_response());
}
let target = User::get_by_id(&mut tx, uid).await?;
let os: PermissionState = target.permission_dbstate(&mut tx, perm).await?.into();
match newstate {
PermissionState::ExplicitlyGranted => {
target.grant_permission(&mut tx, perm).await?;
LogEntry::new(
&mut tx,
u,
LogAction::UpdatePermission {
id: target.id,
os,
ns: newstate,
p: perm,
},
)
.await?;
}
PermissionState::ExplicitlyRevoked => {
target.revoke_permission(&mut tx, perm).await?;
LogEntry::new(
&mut tx,
u,
LogAction::UpdatePermission {
id: target.id,
os,
ns: newstate,
p: perm,
},
)
.await?;
}
PermissionState::Implicit => {
target.reset_permission(&mut tx, perm).await?;
LogEntry::new(
&mut tx,
u,
LogAction::UpdatePermission {
id: target.id,
os,
ns: newstate,
p: perm,
},
)
.await?;
}
};
tx.commit().await?;
Ok((StatusCode::OK, Json(newstate)).into_response())
}

28
src/config.rs
View File

@@ -20,8 +20,32 @@ pub struct MnemoConf {
}
impl MnemoConf {
pub fn new() -> Self {
MnemoConf::default()
pub async fn load(conn: &mut sqlx::PgConnection) -> Result<Self, sqlx::Error> {
let row: Option<serde_json::Value> =
sqlx::query_scalar("SELECT config FROM mnemoconf LIMIT 1")
.fetch_optional(&mut *conn)
.await?;
Ok(match row {
Some(val) => serde_json::from_value(val).unwrap_or_default(),
None => {
let conf = MnemoConf::default();
conf.save(conn).await?;
conf
}
})
}
pub async fn save(&self, conn: &mut sqlx::PgConnection) -> Result<(), sqlx::Error> {
let val = serde_json::to_value(self).unwrap();
sqlx::query("DELETE FROM mnemoconf")
.execute(&mut *conn)
.await?;
sqlx::query("INSERT INTO mnemoconf (config) VALUES ($1)")
.bind(val)
.execute(&mut *conn)
.await?;
Ok(())
}
}
impl Default for MnemoConf {

30
src/logs.rs
View File

@@ -4,7 +4,15 @@ use strum::{EnumDiscriminants, EnumIter, IntoStaticStr, VariantNames};
use url::Url;
use uuid::Uuid;
use crate::{database::DatabaseError, users::User, web::icons};
use crate::{
database::DatabaseError,
quotes::Quote,
users::{
User,
permissions::{Permission, PermissionState},
},
web::icons,
};
#[derive(Debug)]
pub struct LogEntry {
@@ -106,6 +114,12 @@ pub enum LogAction {
id: Uuid,
handle: String,
},
UpdatePermission {
id: Uuid,
os: PermissionState,
ns: PermissionState,
p: Permission,
},
ManuallyChangeUsersPassword {
id: Uuid,
},
@@ -152,6 +166,9 @@ pub enum LogAction {
CreateQuote {
id: Uuid,
},
DeleteQuote {
quote: Quote,
},
ManuallyRevokeSession {
id: Uuid,
},
@@ -177,8 +194,11 @@ impl LogAction {
| Self::ManuallyRevokeSession { id }
| Self::RenameTag { id, .. }
| Self::DeleteTag { id, .. }
| Self::UpdatePermission { id, .. }
| Self::ManuallyChangeUsersPassword { id } => Some(*id),
Self::DeleteQuote { quote } => Some(quote.id),
Self::AddPersonName { pid, .. }
| Self::DeletePersonName { pid, .. }
| Self::SetPersonPrimaryName { pid, .. } => Some(*pid),
@@ -195,6 +215,9 @@ impl LogAction {
LogAction::CreateUser { id, handle } => {
format!("Created user @{handle} (uid: {id})")
}
LogAction::UpdatePermission { id, os, ns, p } => {
format!("Updated permission {p} of user with id {id} from {os} to {ns}")
}
LogAction::ManuallyChangeUsersPassword { id } => {
format!("Manually changed password of user with id: {id}")
}
@@ -225,6 +248,9 @@ impl LogAction {
LogAction::CreateQuote { id } => {
format!("Created quote of ID {id}")
}
LogAction::DeleteQuote { quote } => {
format!("Deleted quote of ID {}", quote.id)
}
LogAction::ManuallyRevokeSession { id } => {
format!("Revoked session of ID {id}")
}
@@ -243,6 +269,7 @@ impl LogActionDiscriminant {
LAD::Initialize => "Mnemosyne Initialization",
LAD::RegenInfradmin => "Infradmin Regeneration",
LAD::CreateUser => "User Creation",
LAD::UpdatePermission => "Permission Update",
LAD::ManuallyChangeUsersPassword => "Password Override",
LAD::CreateTag => "Tag Creation",
LAD::RenameTag => "Tag Rename",
@@ -253,6 +280,7 @@ impl LogActionDiscriminant {
LAD::DeletePersonName => "Person Name Deletion",
LAD::SetPersonPrimaryName => "Person Primary Name Set",
LAD::CreateQuote => "Quote Creation",
LAD::DeleteQuote => "Quote Deletion",
LAD::ManuallyRevokeSession => "Manual Session Revocation",
LAD::ChangeInstanceName => "Instance Name Change",
LAD::ChangeDiscordWebhookUrl => "Discord Webhook URL Change",

4
src/main.rs
View File

@@ -34,7 +34,9 @@ async fn main() -> Result<(), Box<dyn Error>> {
let pool = config::init_pool().await?;
sqlx::migrate!("src/database/migrations").run(&pool).await?;
log::info!("Migrations applied successfully.");
let conf = Arc::new(RwLock::new(MnemoConf::new()));
let conf = Arc::new(RwLock::new(
MnemoConf::load(&mut *pool.acquire().await?).await?,
));
users::auth::init_password_dummies();
users::setup::initialise_reserved_users_if_needed(&pool).await?;

4
src/persons/mod.rs
View File

@@ -2,7 +2,7 @@ use axum::{
http::StatusCode,
response::{IntoResponse, Response},
};
use serde::Serialize;
use serde::{Deserialize, Serialize};
use sqlx::{PgConnection, Row};
use uuid::Uuid;
@@ -14,7 +14,7 @@ pub struct Person {
pub primary_name: String,
}
#[derive(Serialize)]
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct Name {
pub id: Uuid,
pub is_primary: bool,

40
src/quotes/mod.rs
View File

@@ -3,7 +3,7 @@ use axum::{
response::{IntoResponse, Response},
};
use chrono::{DateTime, NaiveDateTime, Utc};
use serde::Serialize;
use serde::{Deserialize, Serialize};
use sqlx::{PgConnection, Row};
use uuid::Uuid;
@@ -11,7 +11,7 @@ use crate::{database::DatabaseError, persons::Name};
mod webhook;
#[derive(Serialize)]
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct Quote {
pub id: Uuid,
pub lines: Vec<QuoteLine>,
@@ -22,7 +22,7 @@ pub struct Quote {
pub public: bool,
}
#[derive(Serialize)]
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct QuoteLine {
pub id: Uuid,
pub attribution: Vec<Name>,
@@ -290,6 +290,40 @@ impl Quote {
public,
})
}
pub async fn delete(self, conn: &mut PgConnection) -> Result<(), QuoteError> {
sqlx::query(
r#"
DELETE FROM line_authors
WHERE line_id IN (SELECT id FROM lines WHERE quote_id = $1)
"#,
)
.bind(self.id)
.execute(&mut *conn)
.await?;
sqlx::query("DELETE FROM lines WHERE quote_id = $1")
.bind(self.id)
.execute(&mut *conn)
.await?;
sqlx::query("DELETE FROM quote_tags WHERE quote_id = $1")
.bind(self.id)
.execute(&mut *conn)
.await?;
sqlx::query("DELETE FROM user_quote_likes WHERE quote_id = $1")
.bind(self.id)
.execute(&mut *conn)
.await?;
sqlx::query("DELETE FROM quotes WHERE id = $1")
.bind(self.id)
.execute(&mut *conn)
.await?;
Ok(())
}
}
impl From<sqlx::Error> for QuoteError {

132
src/users/permissions.rs
View File

@@ -1,9 +1,23 @@
use sqlx::PgConnection;
use strum::Display;
use crate::{database::DatabaseError, users::User};
/// Infradmin and systemuser have all permissions.
#[derive(
Debug,
Clone,
Copy,
PartialEq,
strum::IntoStaticStr,
Display,
serde::Deserialize,
serde::Serialize,
)]
pub enum Permission {
// Pass all the permission checks
// Additionally, only Admins can manage others' permissions.
Admin,
// All Users have the right to observe their own sessions
ListOthersSessions,
// All Users have the right to revoke their own sessions
@@ -16,24 +30,130 @@ pub enum Permission {
CreateTags,
RenameTags,
DeleteTags,
CreateQuotes,
DeleteQuotes,
ChangePersonPrimaryName,
#[allow(unused)]
BrowseServerLogs,
ConfigureInstance,
}
impl Permission {
pub fn is_default_permission(&self) -> bool {
match self {
Self::CreateTags | Self::CreateQuotes => true,
_ => false,
}
}
}
#[derive(
Debug,
Clone,
Copy,
PartialEq,
strum::IntoStaticStr,
Display,
serde::Deserialize,
serde::Serialize,
)]
pub enum PermissionState {
ExplicitlyGranted,
ExplicitlyRevoked,
Implicit,
}
impl From<Option<bool>> for PermissionState {
fn from(state: Option<bool>) -> Self {
match state {
Some(true) => Self::ExplicitlyGranted,
Some(false) => Self::ExplicitlyRevoked,
None => Self::Implicit,
}
}
}
impl User {
pub async fn permission_dbstate(
&self,
conn: &mut PgConnection,
permission: Permission,
) -> Result<Option<bool>, DatabaseError> {
let permission_key: &'static str = (&permission).into();
let state: Option<bool> = sqlx::query_scalar(
"SELECT state FROM user_permissions WHERE user_id = $1 AND permission = $2",
)
.bind(self.id)
.bind(permission_key)
.fetch_optional(&mut *conn)
.await?;
Ok(state)
}
pub async fn has_permission(
&self,
#[allow(unused)] conn: &mut PgConnection,
#[allow(unused)] permission: Permission,
conn: &mut PgConnection,
permission: Permission,
) -> Result<bool, DatabaseError> {
// Infradmin and systemuser have all permissions
if self.is_infradmin() || self.is_systemuser() {
return Ok(true);
}
if let Some(true) = self.permission_dbstate(conn, Permission::Admin).await? {
return Ok(true);
}
Ok(false)
// todo!("Do the permission checking here once permissions are modeled in the DB")
Ok(self
.permission_dbstate(conn, permission)
.await?
.unwrap_or(permission.is_default_permission()))
}
pub async fn grant_permission(
&self,
conn: &mut PgConnection,
permission: Permission,
) -> Result<(), DatabaseError> {
let permission_key: &'static str = (&permission).into();
sqlx::query(
"INSERT INTO user_permissions (user_id, permission, state) VALUES ($1, $2, TRUE) ON CONFLICT (user_id, permission) DO UPDATE SET state = EXCLUDED.state",
)
.bind(self.id)
.bind(permission_key)
.execute(&mut *conn)
.await?;
Ok(())
}
pub async fn revoke_permission(
&self,
conn: &mut PgConnection,
permission: Permission,
) -> Result<(), DatabaseError> {
let permission_key: &'static str = (&permission).into();
sqlx::query(
"INSERT INTO user_permissions (user_id, permission, state) VALUES ($1, $2, FALSE) ON CONFLICT (user_id, permission) DO UPDATE SET state = EXCLUDED.state",
)
.bind(self.id)
.bind(permission_key)
.execute(&mut *conn)
.await?;
Ok(())
}
pub async fn reset_permission(
&self,
conn: &mut PgConnection,
permission: Permission,
) -> Result<(), DatabaseError> {
let permission_key: &'static str = (&permission).into();
sqlx::query("DELETE FROM user_permissions WHERE user_id = $1 AND permission = $2")
.bind(self.id)
.bind(permission_key)
.execute(&mut *conn)
.await?;
Ok(())
}
}

23
src/web/components/nav.rs
View File

@@ -1,6 +1,10 @@
use maud::{Markup, PreEscaped, html};
use sqlx::PgConnection;
use crate::{users::User, web::icons};
use crate::{
users::{User, permissions::Permission},
web::icons,
};
// (SHOWTEXT, LINK, ICON, REQUIRES_LOG_IN)
const LINKS: &[(&str, &str, &str, bool)] = &[
@@ -13,7 +17,12 @@ const LINKS: &[(&str, &str, &str, bool)] = &[
("Logs", "/logs", icons::CLIPBOARD_CLOCK, true),
];
pub fn nav(user: Option<&User>, uri: &str) -> Markup {
pub async fn nav(conn: &mut PgConnection, user: Option<&User>, uri: &str) -> Markup {
#[rustfmt::skip]
let show_instance_conf = match user {
Some(u) if u.has_permission(conn, Permission::ConfigureInstance).await.is_ok_and(|r| r) => true,
_ => false,
};
html!(
div class="flex items-center text-sm gap-4 border-b border-neutral-200/25 bg-neutral-200/5 px-4 py-2" {
a href="/dashboard" class="font-lora font-semibold hidden xs:block md:text-xl sm:mr-2" {"Mnemosyne"}
@@ -56,10 +65,12 @@ pub fn nav(user: Option<&User>, uri: &str) -> Markup {
div class="scale-[.7]" {(PreEscaped(icons::SETTINGS))}
p {"User Settings"}
}
div class="h-px w-full bg-neutral-200/15" {}
a href="/instance-config" class="px-4 py-2 flex items-center gap-2 hover:bg-neutral-200/10 font-lexend text-sm text-neutral-200 transition-colors" {
div class="scale-[.7]" {(PreEscaped(icons::SERVER))}
p {"Instance Config"}
@if show_instance_conf {
div class="h-px w-full bg-neutral-200/15" {}
a href="/instance-config" class="px-4 py-2 flex items-center gap-2 hover:bg-neutral-200/10 font-lexend text-sm text-neutral-200 transition-colors" {
div class="scale-[.7]" {(PreEscaped(icons::SERVER))}
p {"Instance Config"}
}
}
div class="h-px w-full bg-neutral-200/15" {}
form action="/api/auth/logout-form" method="post" {

2
src/web/components/quote.rs
View File

@@ -4,7 +4,7 @@ use crate::{quotes::Quote, web::icons};
pub fn quote(quote: &Quote) -> Markup {
html!(
div class="border border-neutral-200/25 bg-neutral-200/5 p-3 pb-1 overflow-clip rounded-md relative flex flex-col" {
div class="border border-neutral-200/25 bg-neutral-200/5 p-3 pb-1 overflow-clip rounded-md relative flex flex-col transition-colors group-hover/a:border-neutral-200/35 group-hover/a:bg-neutral-200/10" {
div class="absolute top-4 right-6 -rotate-12 opacity-[.025] scale-x-[4.5] scale-y-[4]" {
(PreEscaped(icons::QUOTE))
}

2
src/web/icons/mod.rs
View File

@@ -1,3 +1,4 @@
#![allow(unused)]
// Below icons sourced from https://lucide.dev
pub const ARROW_RIGHT: &str = include_str!("arrow-right.svg");
pub const CALENDAR_1: &str = include_str!("calendar-1.svg");
@@ -25,6 +26,7 @@ pub const SERVER: &str = include_str!("server.svg");
pub const SETTINGS: &str = include_str!("settings.svg");
pub const SHIELD_USER: &str = include_str!("shield-user.svg");
pub const TAG: &str = include_str!("tag.svg");
pub const TRASH: &str = include_str!("trash.svg");
pub const TYPE: &str = include_str!("type.svg");
pub const USER: &str = include_str!("user.svg");
pub const USER_KEY: &str = include_str!("user-key.svg");

1
src/web/icons/trash.svg Normal file
View File

@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-trash-icon lucide-trash"><path d="M19 6v14a2 2 0 0 1-2 2H7a2 2 0 0 1-2-2V6"/><path d="M3 6h18"/><path d="M8 6V4a2 2 0 0 1 2-2h4a2 2 0 0 1 2 2v2"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 355 B

31
src/web/pages/conf.rs
View File

@@ -27,10 +27,21 @@ pub async fn page(
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => Some(u),
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
if !u
.has_permission(&mut *conn, Permission::ConfigureInstance)
.await?
{
return Ok((
StatusCode::FORBIDDEN,
"You do not have permission to view this page.",
)
.into_response());
}
let (current_name, current_webhook) = {
let conf = state.conf.read().await;
let current_name = conf.instance_name.clone();
@@ -45,7 +56,7 @@ pub async fn page(
Ok(base(
"Instance Config | Mnemosyne",
html!(
(nav(u.as_ref(), req.uri().path()))
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="max-w-4xl mx-auto px-2" {
div class="mx-auto max-w-4xl my-4 mb-8" {
@@ -143,18 +154,25 @@ pub async fn change_name(
return Ok((StatusCode::BAD_REQUEST, "Instance name cannot be empty.").into_response());
}
let new_name = form.instance_name.trim().to_string();
LogEntry::new(
&mut tx,
u,
LogAction::ChangeInstanceName {
old: state.conf.read().await.instance_name.clone(),
new: form.instance_name.trim().to_string(),
new: new_name.clone(),
},
)
.await?;
let mut new_conf = state.conf.read().await.clone();
new_conf.instance_name = new_name.clone();
new_conf.save(&mut tx).await?;
tx.commit().await?;
state.conf.write().await.instance_name = form.instance_name.trim().to_string();
state.conf.write().await.instance_name = new_name;
Ok(Redirect::to("/instance-config").into_response())
}
@@ -203,7 +221,12 @@ pub async fn change_webhook(
)
.await?;
let mut new_conf = state.conf.read().await.clone();
new_conf.discord_webhook = new_webhook.clone();
new_conf.save(&mut tx).await?;
tx.commit().await?;
state.conf.write().await.discord_webhook = new_webhook;
Ok(Redirect::to("/instance-config").into_response())
}

10
src/web/pages/dashboard.rs
View File

@@ -51,7 +51,7 @@ pub async fn page(
Ok(base(
"Dashboard | Mnemosyne",
html!(
(nav(u.as_ref(), req.uri().path()))
(nav(&mut conn, u.as_ref(), req.uri().path()).await)
div class="mx-auto max-w-4xl px-2 mt-4 grid grid-cols-1 --sm:grid-cols-2 gap-4" {
div class="flex flex-col" {
@@ -61,7 +61,9 @@ pub async fn page(
"This just in! This quote was added "
(format_time_ago(q.get_creation_timestamp())) " ago."
}
div class="flex-1 [&>div]:h-full" {(quote(q))}
div class="flex-1 [&>div]:h-full" {
a href=(format!("/quotes/{}", q.id)) class="group/a" {(quote(q))}
}
} @else {
p class="text-neutral-500 font-light mb-4" {"No quotes yet."}
}
@@ -76,7 +78,9 @@ pub async fn page(
"This quote was added "
(format_time_ago(q.get_creation_timestamp())) " ago."
}
div class="flex-1 [&>div]:h-full" {(quote(&q))}
div class="flex-1 [&>div]:h-full" {
a href=(format!("/quotes/{}", q.id)) class="group/a" {(quote(&q))}
}
}
}
}

2
src/web/pages/logs.rs
View File

@@ -42,7 +42,7 @@ pub async fn page(
Ok(base(
"Logs | Mnemosyne",
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut tx, Some(&u), req.uri().path()).await)
@if true {//let Ok(true) = u.has_permission(&mut *tx, Permission::BrowseServerLogs) {
div class="max-w-4xl mx-auto px-2" {

5
src/web/pages/mod.rs
View File

@@ -50,6 +50,11 @@ pub fn pages() -> Router<MnemoState> {
.route("/logs", get(logs::page))
//
.route("/quotes", get(quotes::page))
.route("/quotes/{id}", get(quotes::id::page))
.route(
"/quotes/{id}/delete",
get(quotes::id::delete_confirm).post(quotes::id::delete),
)
.route("/quotes/add", get(quotes::add::page))
.route("/quotes/add-form", post(quotes::add::form))
//

19
src/web/pages/notfound.rs
View File

@@ -1,5 +1,9 @@
use axum::extract::{Request, State};
use maud::{Markup, html};
use axum::{
extract::{Request, State},
response::{IntoResponse, Response},
};
use http::StatusCode;
use maud::html;
use crate::{
MnemoState,
@@ -8,16 +12,19 @@ use crate::{
web::{components::nav::nav, pages::base},
};
pub async fn page(State(state): State<MnemoState>, req: Request) -> Result<Markup, CompositeError> {
pub async fn page(
State(state): State<MnemoState>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = User::authenticate(&mut *conn, req.headers())
.await
.ok()
.flatten();
Ok(base(
Ok((StatusCode::NOT_FOUND, base(
"Not Found | Mnemosyne",
html!(
(nav(u.as_ref(), req.uri().path()))
(nav(&mut conn, u.as_ref(), req.uri().path()).await)
div class="mx-auto max-w-4xl px-2 mt-8 mb-2" {
h1 class="text-4xl font-lora font-semibold mb-1" { "Not Found" }
@@ -27,5 +34,5 @@ pub async fn page(State(state): State<MnemoState>, req: Request) -> Result<Marku
}
}
),
))
)).into_response())
}

2
src/web/pages/persons.rs
View File

@@ -45,7 +45,7 @@ pub async fn page(
Ok(base(
"Persons | Mnemosyne",
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="mx-auto max-w-4xl px-2 my-4" {
p class="flex items-center gap-2" {

2
src/web/pages/persons/profile.rs
View File

@@ -51,7 +51,7 @@ pub async fn page(
Ok(base(
&title,
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="mx-auto max-w-4xl px-2 my-4" {
@if let Ok(p) = p {

5
src/web/pages/quotes.rs
View File

@@ -18,6 +18,7 @@ use crate::{
};
pub mod add;
pub mod id;
#[derive(Deserialize)]
pub struct PageQuery {
@@ -60,7 +61,7 @@ pub async fn page(
Ok(base(
"Quotes | Mnemosyne",
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="max-w-4xl mx-auto px-2" {
div class="my-4 flex justify-between" {
@@ -85,7 +86,7 @@ pub async fn page(
}
div class="flex flex-col gap-4 mb-8" {
@for q in &quotes {
(quote(q))
a href=(format!("/quotes/{}", q.id)) class="group/a" {(quote(q))}
}
div class="flex justify-between items-center mt-4 text-neutral-400" {

20
src/web/pages/quotes/add.rs
View File

@@ -35,11 +35,12 @@ pub async fn page(
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let names = Name::get_all(&mut *conn).await?;
let feature_webhooks = state.conf.read().await.discord_webhook.is_some();
Ok(base(
"Add Quote | Mnemosyne",
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="max-w-4xl mx-auto px-2" {
div class="my-4 flex justify-between" {
@@ -91,6 +92,15 @@ pub async fn page(
class="px-2 py-1 w-full mb-2 bg-neutral-950/50 rounded border border-neutral-200/25";
}
}
@if feature_webhooks {
div class="flex flex-col justify-center mt-5" {
label class="flex items-center gap-2 cursor-pointer" {
input type="checkbox" name="discord_webhook" value="true" checked
class="w-4 h-4 cursor-pointer";
span {"Send to Discord"}
}
}
}
button type="submit" class="border mt-auto mb-2 cursor-pointer rounded h-fit px-2 py-1 bg-neutral-200/5 border-neutral-200/25 hover:border-neutral-200/45 hover:bg-neutral-200/15" {
"Submit"
}
@@ -140,6 +150,7 @@ pub struct IncomingQuote {
location: String,
time: String,
context: String,
discord_webhook: Option<String>,
}
pub async fn form(
State(state): State<MnemoState>,
@@ -178,8 +189,11 @@ pub async fn form(
LogEntry::new(&mut *tx, u, LogAction::CreateQuote { id: q.id }).await?;
tx.commit().await?;
if let Some(ref url) = state.conf.read().await.discord_webhook {
q.post_msg_webhook(url.clone());
let should_send_webhook = form.discord_webhook.as_deref() == Some("true");
if should_send_webhook {
if let Some(ref url) = state.conf.read().await.discord_webhook {
q.post_msg_webhook(url.clone());
}
}
Ok(Redirect::to("/dashboard").into_response())

146
src/web/pages/quotes/id.rs Normal file
View File

@@ -0,0 +1,146 @@
use axum::{
extract::{Path, Request, State},
http::HeaderMap,
response::{IntoResponse, Redirect, Response},
};
use http::StatusCode;
use maud::{PreEscaped, html};
use uuid::Uuid;
use crate::{
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
quotes::Quote,
users::{
User,
auth::{UserAuthRequired, UserAuthenticate},
permissions::Permission,
},
web::{
components::{nav::nav, quote::quote},
icons,
pages::base,
},
};
pub async fn page(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let q = Quote::get_by_id(&mut conn, id).await;
let can_delete = u
.has_permission(&mut conn, Permission::DeleteQuotes)
.await?;
Ok(base(
"Add Quote | Mnemosyne",
html!(
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="max-w-4xl mx-auto px-2" {
div class="my-4 flex justify-between" {
p class="flex items-center gap-2 text-neutral-500" {
(PreEscaped(icons::SCROLL_TEXT))
span class="font-lora" {"Quote of ID " (id)}
}
}
@if let Ok(q) = q {
(quote(&q))
div class="flex flex-row w-full flex-wrap justify-end gap-2 mt-2" {
a href="#" disabled class="opacity-[.5] cursor-not-allowed px-2 py-1 border rounded flex flex-row gap-1 bg-neutral-200/5 border-neutral-200/25 hover:bg-neutral-200/15 hover:border-neutral-200/45" {
span class="scale-[.75]" {(PreEscaped(icons::PEN))}
"Edit"
}
@if can_delete {
a href=(format!("/quotes/{id}/delete")) class="px-2 py-1 cursor-pointer border rounded flex flex-row gap-1 bg-pink-400/10 border-pink-400/25 hover:bg-pink-400/20 hover:border-pink-400/45" {
span class="scale-[.75]" {(PreEscaped(icons::TRASH))}
"Delete"
}
}
}
} @else {
"Failed to fetch quote. Are you sure it exists?"
}
}
),
)
.into_response())
}
pub async fn delete_confirm(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let q = Quote::get_by_id(&mut conn, id).await;
Ok(base(
"Delete Quote | Mnemosyne",
html!(
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="max-w-4xl mx-auto px-2" {
div class="my-4 flex justify-between" {
p class="flex items-center gap-2 text-neutral-500" {
(PreEscaped(icons::TRASH))
span class="font-lora" {"Deleting quote of ID " (id)}
}
}
@if let Ok(q) = q {
div class="border border-pink-400/25 bg-pink-400/10 rounded-md p-3 mb-4" {
p class="flex flex-wrap items-center gap-2 text-pink-200" {
span class="font-semibold" {"Are you sure you want to delete this quote?"}
span class="text-pink-300/80" {"This cannot be undone."}
}
}
(quote(&q))
div class="flex flex-row w-full flex-wrap justify-start gap-2 mt-2" {
form method="post" action=(format!("/quotes/{id}/delete")) {
button type="submit" class="px-2 py-1 cursor-pointer border rounded flex flex-row gap-1 bg-pink-400/10 border-pink-400/25 hover:bg-pink-400/20 hover:border-pink-400/45" {
span class="scale-[.75]" {(PreEscaped(icons::TRASH))}
"Delete"
}
}
a href=(format!("/quotes/{id}")) class="px-2 py-1 border rounded flex flex-row gap-1 bg-neutral-200/5 border-neutral-200/25 hover:bg-neutral-200/15 hover:border-neutral-200/45" {
"Cancel"
}
}
} @else {
"Failed to fetch quote. Are you sure it exists?"
}
}
),
)
.into_response())
}
pub async fn delete(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut *tx, &headers).await?.required()?;
if !u.has_permission(&mut tx, Permission::DeleteQuotes).await? {
return Ok((StatusCode::FORBIDDEN, "No permission.").into_response());
}
let q = Quote::get_by_id(&mut *tx, id).await?;
LogEntry::new(&mut *tx, u, LogAction::DeleteQuote { quote: q.clone() }).await?;
q.delete(&mut tx).await?;
tx.commit().await?;
Ok(Redirect::to("/quotes").into_response())
}

2
src/web/pages/tags.rs
View File

@@ -46,7 +46,7 @@ pub async fn page(
Ok(base(
"Tags | Mnemosyne",
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="mx-auto max-w-4xl px-2 my-4" {
p class="flex items-center gap-2" {

12
src/web/pages/users.rs
View File

@@ -3,6 +3,7 @@ use axum::{
response::{IntoResponse, Redirect, Response},
};
use maud::{PreEscaped, html};
use uuid::Uuid;
use crate::{
MnemoState,
@@ -27,7 +28,14 @@ pub async fn page(
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let us = User::get_all(&mut *conn).await;
let us = User::get_all(&mut *conn).await.map(|mut v| {
v.sort_by_key(|p| match p.id {
id if id == Uuid::nil() => (0, p.id),
id if id == Uuid::max() => (1, p.id),
_ => (2, p.id),
});
v
});
let can_create_users = u
.has_permission(&mut *conn, Permission::ManuallyCreateUsers)
.await;
@@ -35,7 +43,7 @@ pub async fn page(
Ok(base(
"Users | Mnemosyne",
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="mx-auto max-w-4xl px-2 my-4" {
p class="flex items-center gap-2" {

2
src/web/pages/users/create.rs
View File

@@ -36,7 +36,7 @@ pub async fn page(
Ok(base(
"Create User | Mnemosyne",
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="mx-auto max-w-4xl px-2 my-4" {
p class="flex items-center gap-2" {

6
src/web/pages/users/profile.rs
View File

@@ -33,7 +33,7 @@ pub async fn page(
return Ok(base(
"No such user | Mnemosyne",
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut tx, Some(&u), req.uri().path()).await)
div class="mx-auto max-w-4xl mt-16 text-center" {
div class="text-6xl mb-4" { "?" }
p class="text-red-400 text-lg" { "No such user found." }
@@ -48,7 +48,7 @@ pub async fn page(
}
_ => {
return Ok(base("Error | Mnemosyne", html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut tx, Some(&u), req.uri().path()).await)
p class="text-red-400 text-center my-4" { "An error occurred while loading this profile." }
)).into_response());
}
@@ -70,7 +70,7 @@ pub async fn page(
Ok(base(
&format!("@{} | Mnemosyne", user.handle),
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut tx, Some(&u), req.uri().path()).await)
// banner
div class="relative w-full h-48 sm:h-56 md:h-64 bg-linear-to-b from-neutral-800 from-25% to-emerald-950 overflow-hidden" {

2
src/web/pages/usersettings.rs
View File

@@ -32,7 +32,7 @@ pub async fn page(
Ok(base(
"User Settings | Mnemosyne",
html!(
(nav(Some(&u), req.uri().path()))
(nav(&mut conn, Some(&u), req.uri().path()).await)
div class="max-w-4xl mx-auto px-2" {
div class="mx-auto max-w-4xl my-4" {