gractwo/mnemosyne
4
0
Fork 0
Code Pull Requests Actions Packages Activity

Compare commits

base: gractwo:665915f61bc536afa5674caa1debc08c41962804
Branches Tags
gractwo:master
...
compare: gractwo:021489c7402f03fa2c8182e6c87d283974a069a1
Branches Tags
gractwo:master

21 Commits
665915f61b ... 021489c740

Author SHA1 Message Date
jmanczak
021489c740 merge upstream
All checks were successful
mnemo-build-and-publish / gractwo-mnemo-build (push) Successful in 3m21s
Details
2026-04-27 21:52:00 +00:00
jmanczak
f119b87965 fix 'page 1 of 0' on empty log lists 2026-04-27 22:41:07 +02:00
jmanczak
6f334f3825 logs page filtering UI 2026-04-27 19:06:57 +02:00
jmanczak
f83d34a50b jaskier's contribution 2026-04-27 16:29:35 +02:00
jmanczak
a282e4f445 logs filtering functionality 2026-04-27 16:23:21 +02:00
jmanczak
f239de1ca0 also require login for /dashboard 2026-04-27 14:01:35 +02:00
jmanczak
914d8a48c1 show accurate page counts and buttons for quote search results 2026-04-26 23:58:19 +02:00
jmanczak
efb6226421 fix 'Page 1 of 0' on empty quote lists 2026-04-26 23:43:47 +02:00
jmanczak
7d418c91e4 block empty passwords in the web handler 2026-04-26 16:08:31 +02:00
jmanczak
fac1959193 Merge branch 'fts' 2026-04-26 11:48:06 +02:00
jmanczak
a80a64ceec swap quote search to trigram ilike, search ui stub, more 2026-04-26 11:44:53 +02:00
jmanczak
41711dd7fb move config things to config.rs 2026-04-25 17:10:44 +02:00
jmanczak
84e2ad3918 fts wip: trigger, Quote::get_by_search_query, expose to API 2026-04-25 01:00:18 +02:00
jmanczak
983e1ae88f catch model up to multi-author lines 
now the only thing missing is the quote adding UI support - multiauthor
lines can already be added via API
 2026-04-23 22:48:51 +02:00
jmanczak
48e14a5830 decrement postgres version because the docker image did an oopsie 2026-04-23 18:29:32 +02:00
jmanczak
26576ec31a don't do like count views for now 2026-04-22 00:28:37 +02:00
jmanczak
d20387c2c1 page ui misc 2026-04-22 00:09:52 +02:00
jmanczak
93b3083d2b kill some fully qualified paths 2026-04-21 20:51:55 +02:00
jmanczak
d14a587794 don't acquire useless transasctions, misc 2026-04-20 22:07:49 +02:00
jmanczak
aab9d87df2 make previous button in quote pagination actually subtract page instead 
of resetting to page1
 2026-04-20 19:16:04 +02:00
jmanczak
879c5ee3d3 postgres via sqlx - workable? 2026-04-20 01:17:30 +02:00
48 changed files with 2860 additions and 1263 deletions
Expand all files Collapse all files

1191
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

2
Cargo.toml
View File

@@ -17,10 +17,10 @@ log = "0.4.29"
maud = { version = "0.27.0", features = ["axum"] }
rand = "0.10.0"
rand08 = { version = "0.8.5", package = "rand" }
rusqlite = { version = "0.38.0", features = ["bundled", "chrono", "uuid"] }
serde = { version = "1.0.228", features = ["derive"] }
serde_json = "1.0.149"
sha2 = "0.10.9"
sqlx = { version = "0.8.6", features = ["postgres", "uuid", "chrono", "json", "runtime-tokio", "tls-rustls", "migrate"] }
strum = { version = "0.27.0", features = ["derive"] }
thiserror = "2.0.18"
tokio = { version = "1.49.0", features = ["full"] }

1
build.rs
View File

@@ -6,6 +6,7 @@ use std::process::Command;
fn main() -> Result<(), Box<dyn std::error::Error>> {
println!("cargo:rerun-if-changed=build.rs");
println!("cargo:rerun-if-changed=src/web");
println!("cargo:rerun-if-changed=src/database/migrations");
let os = env::var("CARGO_CFG_TARGET_OS").unwrap_or_else(|_| String::from("unknown"));
let arch = env::var("CARGO_CFG_TARGET_ARCH").unwrap_or_else(|_| String::from("unknown"));

43
compose.yaml
View File

@@ -1,6 +1,5 @@
services:
mnemosyne:
container_name: mnemosyne
core:
build:
context: .
target: final
@@ -8,19 +7,33 @@ services:
- 39321:39321
restart: unless-stopped
volumes:
# Mnemosyne would greatly enjoy not having an ephemeral database.
# If you're okay with storing it side by side with the compose file,
# a bind mount like this is one way to do it. Remember to mkdir!
- ./mnemodata:/app/data
# Another way is to use a docker volume.
# - mnemodata:/app/data
environment:
# DATABASE_URL is crucial for Mnemosyne to work; it will fail without it.
# Point it at where you'd like your database to be.
- DATABASE_URL=/app/data/db.db
# Mnemosyne uses port 39321 for HTTP by default;
# - PORT=39321
# - PORT=39321 # Mnemosyne uses port 39321 for HTTP by default;
- DATABASE_URL=postgres://mnemo:syne@postgres:5432/mnemosyne
networks:
- mnemosyne
depends_on:
- postgres
postgres:
image: postgres:18.2-alpine3.23
restart: unless-stopped
ports:
- 5432:5432
volumes:
- pg_volume:/var/lib/postgresql/data:rw
stop_grace_period: 120s
environment:
POSTGRES_USER: mnemo
POSTGRES_PASSWORD: syne
POSTGRES_DB: mnemosyne
networks:
- mnemosyne
# Declaring a volume for the docker volume example.
# volumes:
# mnemodata:
networks:
mnemosyne:
driver: bridge
volumes:
pg_volume:
driver: local

63
src/api/auth.rs
View File

@@ -1,12 +1,14 @@
use axum::{
Form, Json,
extract::State,
http::{HeaderMap, header},
response::{IntoResponse, Redirect, Response},
};
use serde::Deserialize;
use sqlx::PgPool;
use crate::{
database,
MnemoState,
users::{
User,
auth::{
@@ -23,10 +25,14 @@ pub struct LoginForm {
password: String,
}
fn login_common(creds: LoginForm) -> Result<(String, String), AuthError> {
let u = authenticate_via_credentials(&creds.handle, &creds.password)?.required()?;
let conn = database::conn()?;
let (_, token) = Session::new_for_user(&conn, &u)?;
async fn login_common(pool: &PgPool, creds: LoginForm) -> Result<(String, String), AuthError> {
let mut conn = pool.acquire().await?;
let u = authenticate_via_credentials(&mut conn, &creds.handle, &creds.password)
.await?
.required()?;
let (_, token) = Session::new_for_user(&mut conn, &u).await?;
let secure = match cfg!(debug_assertions) {
false => "; Secure",
true => "",
@@ -38,12 +44,20 @@ fn login_common(creds: LoginForm) -> Result<(String, String), AuthError> {
);
Ok((token, cookie))
}
pub async fn login(Json(creds): Json<LoginForm>) -> Result<Response, AuthError> {
let (token, cookie) = login_common(creds)?;
pub async fn login(
State(state): State<MnemoState>,
Json(creds): Json<LoginForm>,
) -> Result<Response, AuthError> {
let (token, cookie) = login_common(&state.pool, creds).await?;
Ok(([(header::SET_COOKIE, cookie)], token).into_response())
}
pub async fn login_form(Form(creds): Form<LoginForm>) -> Result<Response, AuthError> {
match login_common(creds) {
pub async fn login_form(
State(state): State<MnemoState>,
Form(creds): Form<LoginForm>,
) -> Result<Response, AuthError> {
match login_common(&state.pool, creds).await {
Ok((_, cookie)) => {
Ok(([(header::SET_COOKIE, cookie)], Redirect::to("/dashboard")).into_response())
}
@@ -51,17 +65,32 @@ pub async fn login_form(Form(creds): Form<LoginForm>) -> Result<Response, AuthEr
}
}
pub async fn logout(headers: HeaderMap) -> Result<Response, AuthError> {
let mut s = Session::authenticate(&headers)?.required()?;
let conn = database::conn()?;
s.revoke(&conn, Some(&User::get_by_id(&conn, s.user_id)?))?;
pub async fn logout(
State(state): State<MnemoState>,
headers: HeaderMap,
) -> Result<Response, AuthError> {
let mut conn = state.pool.acquire().await?;
let mut s = Session::authenticate(&mut conn, &headers)
.await?
.required()?;
let user = User::get_by_id(&mut conn, s.user_id).await?;
s.revoke(&mut conn, Some(&user)).await?;
let cookie = format!("{COOKIE_NAME}=revoking; Path=/; HttpOnly; Max-Age=0");
Ok(([(header::SET_COOKIE, cookie)], "Logged out!").into_response())
}
pub async fn logout_form(headers: HeaderMap) -> Result<Response, AuthError> {
let mut s = Session::authenticate(&headers)?.required()?;
let conn = database::conn()?;
s.revoke(&conn, Some(&User::get_by_id(&conn, s.user_id)?))?;
pub async fn logout_form(
State(state): State<MnemoState>,
headers: HeaderMap,
) -> Result<Response, AuthError> {
let mut conn = state.pool.acquire().await?;
let mut s = Session::authenticate(&mut conn, &headers)
.await?
.required()?;
let user = User::get_by_id(&mut conn, s.user_id).await?;
s.revoke(&mut conn, Some(&user)).await?;
let cookie = format!("{COOKIE_NAME}=revoking; Path=/; HttpOnly; Max-Age=0");
Ok(([(header::SET_COOKIE, cookie)], Redirect::to("/")).into_response())
}

5
src/api/mod.rs
View File

@@ -3,6 +3,8 @@ use axum::{
routing::{delete, get, patch, post},
};
use crate::MnemoState;
mod auth;
mod persons;
mod quotes;
@@ -10,7 +12,7 @@ mod sessions;
mod tags;
mod users;
pub fn api_router() -> Router {
pub fn api_router() -> Router<MnemoState> {
Router::new()
.route("/api/live", get(async || "Mnemosyne lives"))
// auth
@@ -48,4 +50,5 @@ pub fn api_router() -> Router {
// quotes
.route("/api/quotes", post(quotes::create))
.route("/api/quotes/{id}", get(quotes::get_by_id))
.route("/api/quotes/search", get(quotes::get_by_query))
}

123
src/api/persons.rs
View File

@@ -1,6 +1,6 @@
use axum::{
Json,
extract::Path,
extract::{Path, State},
http::{HeaderMap, StatusCode},
response::{IntoResponse, Response},
};
@@ -8,7 +8,7 @@ use serde::Deserialize;
use uuid::Uuid;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
persons::{Name, Person},
@@ -21,26 +21,34 @@ use crate::{
pub const CANT_SET_PRIMARYNAME: &str = "You don't have permission to swap primary names.";
pub async fn get_all(headers: HeaderMap) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(Person::get_all(&conn)?).into_response())
pub async fn get_all(
State(state): State<MnemoState>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(Person::get_all(&mut conn).await?).into_response())
}
pub async fn get_by_id(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(Person::get_by_id(&conn, id)?).into_response())
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(Person::get_by_id(&mut conn, id).await?).into_response())
}
pub async fn pid_names(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(Person::get_by_id(&conn, id)?.get_all_names(&conn)?).into_response())
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
let person = Person::get_by_id(&mut conn, id).await?;
Ok(Json(person.get_all_names(&mut conn).await?).into_response())
}
#[derive(Deserialize)]
@@ -49,38 +57,41 @@ pub struct PersonNameForm {
}
pub async fn create(
State(state): State<MnemoState>,
headers: HeaderMap,
Json(form): Json<PersonNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
let p = Person::create(&tx, form.name, u.id)?;
let p = Person::create(&mut tx, form.name, u.id).await?;
LogEntry::new(
&tx,
&mut tx,
u,
LogAction::CreatePerson {
id: p.id,
pname: p.primary_name.as_str().to_string(),
pname: p.primary_name.clone(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok((StatusCode::CREATED, Json(p)).into_response())
}
pub async fn add_name(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
Json(form): Json<PersonNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
let p = Person::get_by_id(&tx, id)?;
let n = p.add_name(&tx, form.name, u.id)?;
let p = Person::get_by_id(&mut tx, id).await?;
let n = p.add_name(&mut tx, form.name, u.id).await?;
LogEntry::new(
&tx,
&mut tx,
u,
LogAction::AddPersonName {
pid: p.id,
@@ -88,39 +99,54 @@ pub async fn add_name(
pn: p.primary_name,
nn: n.name.clone(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok((StatusCode::CREATED, Json(n)).into_response())
}
pub async fn n_all(headers: HeaderMap) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(Name::get_all(&conn)?).into_response())
pub async fn n_all(
State(state): State<MnemoState>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(Name::get_all(&mut conn).await?).into_response())
}
pub async fn n_by_id(Path(id): Path<Uuid>, headers: HeaderMap) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(Name::get_by_id(&conn, id)?).into_response())
}
pub async fn n_setprimary(
pub async fn n_by_id(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(Name::get_by_id(&mut conn, id).await?).into_response())
}
if !u.has_permission(&tx, Permission::ChangePersonPrimaryName)? {
pub async fn n_setprimary(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
if !u
.has_permission(&mut tx, Permission::ChangePersonPrimaryName)
.await?
{
return Ok((StatusCode::FORBIDDEN, CANT_SET_PRIMARYNAME).into_response());
}
let mut n = Name::get_by_id(&tx, id)?;
let p = Person::get_by_id(&tx, n.person_id)?;
n.set_primary(&tx)?;
let mut n = Name::get_by_id(&mut tx, id).await?;
let p = Person::get_by_id(&mut tx, n.person_id).await?;
n.set_primary(&mut tx).await?;
n.is_primary = true;
LogEntry::new(
&tx,
&mut tx,
u,
LogAction::SetPersonPrimaryName {
pid: p.id,
@@ -128,8 +154,9 @@ pub async fn n_setprimary(
on: p.primary_name,
nn: n.name.clone(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Json(n).into_response())
}

55
src/api/quotes.rs
View File

@@ -1,15 +1,15 @@
use axum::{
Json,
extract::Path,
extract::{Path, State},
http::{HeaderMap, StatusCode},
response::{IntoResponse, Response},
};
use chrono::{DateTime, FixedOffset};
use chrono::NaiveDateTime;
use serde::Deserialize;
use uuid::Uuid;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
persons::Name,
@@ -21,54 +21,69 @@ use crate::{
};
pub async fn get_by_id(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(Quote::get_by_id(&conn, id)?).into_response())
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(Quote::get_by_id(&mut conn, id).await?).into_response())
}
pub async fn get_by_query(
State(state): State<MnemoState>,
headers: HeaderMap,
Json(q): Json<String>,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(Quote::get_by_search_query(&mut conn, &q, 20, 0).await?).into_response())
}
#[derive(Deserialize)]
pub struct QuoteLineForm {
pub content: String,
pub name_id: Uuid,
pub name_ids: Vec<Uuid>,
}
#[derive(Deserialize)]
pub struct QuoteCreateForm {
pub lines: Vec<QuoteLineForm>,
pub timestamp: DateTime<FixedOffset>,
pub timestamp: NaiveDateTime,
pub context: Option<String>,
pub location: Option<String>,
pub public: bool,
}
pub async fn create(
State(state): State<MnemoState>,
headers: HeaderMap,
Json(form): Json<QuoteCreateForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
let lines = form
.lines
.into_iter()
.map(|l| Ok((l.content, Name::get_by_id(&tx, l.name_id)?)))
.collect::<Result<Vec<(String, Name)>, CompositeError>>()?;
let mut lines = Vec::with_capacity(form.lines.len());
for l in form.lines {
let mut names = Vec::with_capacity(l.name_ids.len());
for id in l.name_ids {
names.push(Name::get_by_id(&mut tx, id).await?);
}
lines.push((l.content, names));
}
let q = Quote::create(
&tx,
&mut tx,
lines,
form.timestamp,
form.context,
form.location,
u.id,
form.public,
)?;
)
.await?;
LogEntry::new(&tx, u, LogAction::CreateQuote { id: q.id })?;
tx.commit()?;
LogEntry::new(&mut tx, u, LogAction::CreateQuote { id: q.id }).await?;
tx.commit().await?;
Ok((StatusCode::CREATED, Json(q)).into_response())
}

36
src/api/sessions.rs
View File

@@ -1,13 +1,13 @@
use axum::{
Json,
extract::Path,
extract::{Path, State},
http::{HeaderMap, StatusCode},
response::{IntoResponse, Response},
};
use uuid::Uuid;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
users::{
@@ -21,15 +21,17 @@ use crate::{
const CANT_REVOKE: &str = "You don't have permission to revoke this user's sessions.";
pub async fn get_by_id(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
let s = Session::get_by_id(&conn, id)?;
let mut conn = state.pool.acquire().await?;
let u = User::authenticate(&mut conn, &headers).await?.required()?;
let s = Session::get_by_id(&mut conn, id).await?;
match s.user_id == u.id
|| u.has_permission(&conn, Permission::ListOthersSessions)
|| u.has_permission(&mut conn, Permission::ListOthersSessions)
.await
.is_ok_and(|v| v)
{
true => Ok(Json(s).into_response()),
@@ -38,25 +40,29 @@ pub async fn get_by_id(
}
pub async fn revoke_by_id(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
let mut s = Session::get_by_id(&tx, id)?;
let mut s = Session::get_by_id(&mut tx, id).await?;
match s.user_id == u.id
|| u.has_permission(&tx, Permission::RevokeOthersSessions)
|| u.has_permission(&mut tx, Permission::RevokeOthersSessions)
.await
.is_ok_and(|v| v)
{
true => {
s.revoke(&tx, Some(&u))?;
LogEntry::new(&tx, u, LogAction::ManuallyRevokeSession { id })?;
tx.commit()?;
s.revoke(&mut tx, Some(&u)).await?;
LogEntry::new(&mut tx, u, LogAction::ManuallyRevokeSession { id }).await?;
tx.commit().await?;
Ok(Json(s).into_response())
}
false => match u.has_permission(&tx, Permission::ListOthersSessions)? {
false => match u
.has_permission(&mut tx, Permission::ListOthersSessions)
.await?
{
true => Ok((StatusCode::FORBIDDEN, CANT_REVOKE).into_response()),
false => Err(SessionError::NoSessionWithId(id))?,
},

87
src/api/tags.rs
View File

@@ -1,6 +1,6 @@
use axum::{
Json,
extract::Path,
extract::{Path, State},
http::{HeaderMap, StatusCode},
response::{IntoResponse, Response},
};
@@ -8,7 +8,7 @@ use serde::Deserialize;
use uuid::Uuid;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
tags::{Tag, TagName},
@@ -24,101 +24,112 @@ const CANT_DEL_TAGS: &str = "You don't have permission to delete tags.";
const CANT_RENAME_TAGS: &str = "You don't have permission to rename tags.";
const TAG_DELETED: &str = "Tag deleted successfully.";
pub async fn get_all(headers: HeaderMap) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(Tag::get_all(&conn)?).into_response())
pub async fn get_all(
State(state): State<MnemoState>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(Tag::get_all(&mut conn).await?).into_response())
}
pub async fn get_by_id(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(Tag::get_by_id(&conn, id)?).into_response())
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(Tag::get_by_id(&mut conn, id).await?).into_response())
}
pub async fn get_by_name(
State(state): State<MnemoState>,
Path(name): Path<TagName>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(Tag::get_by_name(&conn, name)?).into_response())
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(Tag::get_by_name(&mut conn, name).await?).into_response())
}
#[derive(Deserialize)]
pub struct TagNameForm {
name: TagName,
}
pub async fn create(
State(state): State<MnemoState>,
headers: HeaderMap,
Json(form): Json<TagNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
if !u.has_permission(&tx, Permission::CreateTags)? {
if !u.has_permission(&mut tx, Permission::CreateTags).await? {
return Ok((StatusCode::FORBIDDEN, CANT_MAKE_TAGS).into_response());
}
let t = Tag::create(&tx, form.name)?;
let t = Tag::create(&mut tx, form.name).await?;
LogEntry::new(
&tx,
&mut tx,
u,
LogAction::CreateTag {
id: t.id,
name: t.name.as_str().to_string(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Json(t).into_response())
}
pub async fn rename(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
Json(form): Json<TagNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
if !u.has_permission(&tx, Permission::RenameTags)? {
if !u.has_permission(&mut tx, Permission::RenameTags).await? {
return Ok((StatusCode::FORBIDDEN, CANT_RENAME_TAGS).into_response());
}
let mut tag = Tag::get_by_id(&tx, id)?;
let mut tag = Tag::get_by_id(&mut tx, id).await?;
let on = tag.name.as_str().to_string();
tag.rename(&tx, form.name)?;
tag.rename(&mut tx, form.name).await?;
LogEntry::new(
&tx,
&mut tx,
u,
LogAction::RenameTag {
id,
on,
nn: tag.name.as_str().to_string(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Json(tag).into_response())
}
pub async fn delete(Path(id): Path<Uuid>, headers: HeaderMap) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
pub async fn delete(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
if !u.has_permission(&tx, Permission::DeleteTags)? {
if !u.has_permission(&mut tx, Permission::DeleteTags).await? {
return Ok((StatusCode::FORBIDDEN, CANT_DEL_TAGS).into_response());
}
let t = Tag::get_by_id(&tx, id)?;
let t = Tag::get_by_id(&mut tx, id).await?;
let name = t.name.as_str().to_string();
t.delete(&tx)?;
LogEntry::new(&tx, u, LogAction::DeleteTag { id, name })?;
tx.commit()?;
t.delete(&mut tx).await?;
LogEntry::new(&mut tx, u, LogAction::DeleteTag { id, name }).await?;
tx.commit().await?;
Ok((StatusCode::OK, TAG_DELETED).into_response())
}

102
src/api/users.rs
View File

@@ -1,6 +1,6 @@
use axum::{
Json,
extract::Path,
extract::{Path, State},
http::{HeaderMap, StatusCode},
response::{IntoResponse, Response},
};
@@ -8,7 +8,7 @@ use serde::Deserialize;
use uuid::Uuid;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
users::{
@@ -25,32 +25,41 @@ const CANT_MANUALLY_MAKE_USERS: &str = "You don't have permission to manually cr
const HANDLE_CHANGED_SUCCESS: &str = "Handle changed successfully.";
const PASSW_CHANGED_SUCCESS: &str = "Password changed successfully.";
pub async fn get_me(headers: HeaderMap) -> Result<Response, CompositeError> {
Ok(Json(User::authenticate(&headers)?.required()?).into_response())
pub async fn get_me(
State(state): State<MnemoState>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
Ok(Json(User::authenticate(&mut conn, &headers).await?.required()?).into_response())
}
pub async fn get_by_id(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(User::get_by_id(&conn, id)?).into_response())
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(User::get_by_id(&mut conn, id).await?).into_response())
}
pub async fn get_by_handle(
State(state): State<MnemoState>,
Path(handle): Path<UserHandle>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(User::get_by_handle(&conn, handle)?).into_response())
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(User::get_by_handle(&mut conn, handle).await?).into_response())
}
pub async fn get_all(headers: HeaderMap) -> Result<Response, CompositeError> {
User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
Ok(Json(User::get_all(&conn)?).into_response())
pub async fn get_all(
State(state): State<MnemoState>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
User::authenticate(&mut conn, &headers).await?.required()?;
Ok(Json(User::get_all(&mut conn).await?).into_response())
}
#[derive(Deserialize)]
@@ -58,60 +67,69 @@ pub struct HandleForm {
handle: UserHandle,
}
pub async fn create(
State(state): State<MnemoState>,
headers: HeaderMap,
Json(form): Json<HandleForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
if !u.has_permission(&tx, Permission::ManuallyCreateUsers)? {
if !u
.has_permission(&mut tx, Permission::ManuallyCreateUsers)
.await?
{
return Ok((StatusCode::FORBIDDEN, CANT_MANUALLY_MAKE_USERS).into_response());
}
let nu = User::create(&tx, form.handle)?;
let nu = User::create(&mut tx, form.handle).await?;
LogEntry::new(
&tx,
&mut tx,
u,
LogAction::CreateUser {
id: nu.id,
handle: nu.handle.as_str().to_string(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Json(nu).into_response())
}
pub async fn change_handle(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
Json(form): Json<HandleForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
let mut target = if u.id == id {
u.clone()
} else {
if !u.has_permission(&tx, Permission::ChangeOthersHandles)? {
if !u
.has_permission(&mut tx, Permission::ChangeOthersHandles)
.await?
{
return Ok((StatusCode::FORBIDDEN, CANT_CHANGE_OTHERS_HANDLE).into_response());
}
User::get_by_id(&tx, id)?
User::get_by_id(&mut tx, id).await?
};
let old_handle = target.handle.as_str().to_string();
target.set_handle(&tx, form.handle)?;
target.set_handle(&mut tx, form.handle).await?;
LogEntry::new(
&tx,
&mut tx,
u,
LogAction::ChangeUserHandle {
id: target.id,
old: old_handle,
new: target.handle.as_str().to_string(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(HANDLE_CHANGED_SUCCESS.into_response())
}
@@ -121,30 +139,34 @@ pub struct ChangePasswordForm {
password: String,
}
pub async fn change_password(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
Json(form): Json<ChangePasswordForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut tx, &headers).await?.required()?;
let mut target = if u.id == id {
u.clone()
} else {
if !u.has_permission(&tx, Permission::ChangeOthersPasswords)? {
if !u
.has_permission(&mut tx, Permission::ChangeOthersPasswords)
.await?
{
return Ok((StatusCode::FORBIDDEN, CANT_CHANGE_OTHERS_PASSW).into_response());
}
User::get_by_id(&tx, id)?
User::get_by_id(&mut tx, id).await?
};
target.set_password(&tx, Some(&form.password))?;
target.set_password(&mut tx, Some(&form.password)).await?;
LogEntry::new(
&tx,
&mut tx,
u,
LogAction::ManuallyChangeUsersPassword { id: target.id },
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(PASSW_CHANGED_SUCCESS.into_response())
}

51
src/config.rs
View File

@@ -1,7 +1,16 @@
use std::io::{self, Write};
use std::{
env::var,
error::Error,
io::{self, Write},
time::Duration,
};
use env_logger::fmt::Formatter;
use log::Record;
use log::{LevelFilter, Record};
use sqlx::PgPool;
/// Mnemosyne, the mother of the nine muses
pub const DEFAULT_PORT: u16 = 0x9999; // 39321
pub const REFERENCE_SPLASHES: &[&str] = &[
"quote engine",
@@ -17,6 +26,44 @@ pub const REFERENCE_SPLASHES: &[&str] = &[
"over 100 lines of git history!",
];
pub async fn init_pool() -> Result<PgPool, Box<dyn Error>> {
Ok(sqlx::postgres::PgPoolOptions::new()
.max_connections(20)
.acquire_timeout(Duration::from_secs(3))
.idle_timeout(Duration::from_secs(60))
.connect(var("DATABASE_URL")?.as_str())
.await?)
}
pub fn port() -> Result<u16, Box<dyn Error>> {
Ok(match std::env::var("PORT") {
Ok(p) => p.parse::<u16>()?,
Err(e) => match e {
std::env::VarError::NotPresent => DEFAULT_PORT,
_ => return Err(e)?,
},
})
}
pub fn dotenv() -> Result<(), Box<dyn Error>> {
if let Err(e) = dotenvy::dotenv()
&& !e.not_found()
{
return Err(e.into());
}
Ok(())
}
pub fn env_logger() -> Result<(), Box<dyn Error>> {
env_logger::builder()
.filter_level(LevelFilter::Info)
.filter_module("sqlx", LevelFilter::Warn)
.parse_default_env()
.format(envlogger_write_format)
.init();
Ok(())
}
pub fn envlogger_write_format(buf: &mut Formatter, rec: &Record) -> io::Result<()> {
let level_string = format!("{}", rec.level());
let level_style = buf.default_level_style(rec.level());

134
src/database/migrations/0001_init.sql Normal file
View File

@@ -0,0 +1,134 @@
CREATE EXTENSION citext;
CREATE EXTENSION pg_trgm;
CREATE TABLE users(
id UUID NOT NULL PRIMARY KEY,
handle CITEXT NOT NULL UNIQUE,
password TEXT,
profpic TEXT
);
CREATE TABLE sessions (
id UUID NOT NULL PRIMARY KEY,
token BYTEA NOT NULL UNIQUE,
user_id UUID NOT NULL REFERENCES users(id),
expiry TIMESTAMPTZ NOT NULL,
revoked BOOLEAN NOT NULL DEFAULT FALSE,
revoked_at TIMESTAMPTZ DEFAULT NULL,
revoked_by UUID DEFAULT NULL REFERENCES users(id),
CHECK(
(revoked = FALSE AND revoked_at IS NULL AND revoked_by IS NULL) OR
(revoked = TRUE AND revoked_at IS NOT NULL AND revoked_by IS NOT NULL)
)
);
CREATE INDEX sessions_by_userid ON sessions(user_id);
CREATE TABLE user_permissions (
user_id UUID NOT NULL REFERENCES users(id),
permission TEXT NOT NULL,
state BOOLEAN NOT NULL,
PRIMARY KEY (user_id, permission)
);
CREATE TABLE quotes (
id UUID NOT NULL PRIMARY KEY,
timestamp TIMESTAMP NOT NULL,
location TEXT DEFAULT NULL,
context TEXT DEFAULT NULL,
created_by UUID REFERENCES users(id),
public BOOLEAN DEFAULT FALSE,
fts TEXT NOT NULL DEFAULT ''
);
CREATE INDEX quotes_by_creation_user ON quotes(created_by);
CREATE INDEX quotes_fts_trgm_idx ON quotes USING gin (fts gin_trgm_ops);
CREATE TABLE persons (
id UUID NOT NULL PRIMARY KEY,
bio TEXT DEFAULT NULL,
profpic TEXT DEFAULT NULL
);
CREATE TABLE names (
id UUID NOT NULL PRIMARY KEY,
name CITEXT NOT NULL,
is_primary BOOLEAN NOT NULL DEFAULT FALSE,
person_id UUID NOT NULL REFERENCES persons(id)
);
CREATE INDEX names_by_personid ON names(person_id);
CREATE UNIQUE INDEX no_name_duplicate_for_same_person ON names(person_id, name);
CREATE UNIQUE INDEX primary_name_uniqueness ON names(person_id) WHERE is_primary = TRUE;
CREATE TABLE lines (
id UUID NOT NULL PRIMARY KEY,
quote_id UUID NOT NULL REFERENCES quotes(id),
ordering SMALLINT NOT NULL,
content TEXT NOT NULL
);
CREATE INDEX lines_by_quoteid ON lines(quote_id);
CREATE UNIQUE INDEX lines_unique_ordering ON lines(quote_id, ordering);
CREATE TABLE line_authors (
line_id UUID REFERENCES lines(id),
name_id UUID REFERENCES names(id),
PRIMARY KEY (line_id, name_id)
);
CREATE TABLE tags (
id UUID NOT NULL PRIMARY KEY,
name CITEXT NOT NULL UNIQUE
);
CREATE TABLE user_quote_likes (
quote_id UUID NOT NULL REFERENCES quotes(id),
user_id UUID NOT NULL REFERENCES users(id),
PRIMARY KEY (quote_id, user_id)
);
CREATE INDEX quote_likes_by_user ON user_quote_likes(user_id);
CREATE INDEX quote_likes_by_quote ON user_quote_likes(quote_id);
CREATE TABLE quote_tags (
quote_id UUID NOT NULL REFERENCES quotes(id),
tag_id UUID NOT NULL REFERENCES tags(id),
PRIMARY KEY (quote_id, tag_id)
);
CREATE INDEX quote_tags_by_quote ON quote_tags(quote_id);
CREATE INDEX quote_tags_by_tag ON quote_tags(tag_id);
CREATE TABLE logs (
id UUID NOT NULL PRIMARY KEY,
actor UUID NOT NULL REFERENCES users(id),
target UUID,
actiontype TEXT NOT NULL,
payload JSONB
);
CREATE INDEX logs_by_actor ON logs(actor);
CREATE INDEX logs_by_target ON logs(target);
CREATE OR REPLACE FUNCTION update_quote_fts_from_lines()
RETURNS TRIGGER AS $$
DECLARE
affected_quote_id UUID;
quote_lines_content TEXT;
BEGIN
IF TG_OP = 'DELETE' THEN
affected_quote_id := OLD.quote_id;
ELSE
affected_quote_id := NEW.quote_id;
END IF;
SELECT string_agg(content, ' ' ORDER BY ordering)
INTO quote_lines_content
FROM lines
WHERE quote_id = affected_quote_id;
UPDATE quotes
SET fts =
COALESCE(quote_lines_content, '') || ' ' ||
COALESCE(context, '') || ' ' ||
COALESCE(location, '')
WHERE id = affected_quote_id;
RETURN COALESCE(NEW, OLD);
END;
$$ LANGUAGE plpgsql;
CREATE TRIGGER trigger_lines_update_quote_fts
AFTER INSERT OR UPDATE OR DELETE ON lines
FOR EACH ROW
EXECUTE FUNCTION update_quote_fts_from_lines();

100
src/database/migrations/2026-04-04--01.sql
View File

@@ -1,100 +0,0 @@
CREATE TABLE users (
id BLOB NOT NULL UNIQUE PRIMARY KEY, -- UUIDv7 as bytes
handle TEXT NOT NULL UNIQUE COLLATE NOCASE,
password TEXT, -- hashed, nullable in case of OAuth2-only login
prof_pic TEXT -- serialized ProfilePic
);
CREATE TABLE sessions (
id BLOB NOT NULL UNIQUE PRIMARY KEY, -- UUIDv7 as bytes
token BLOB NOT NULL UNIQUE,
user_id BLOB NOT NULL REFERENCES users(id), -- UUIDv7 bytes (userID)
expiry TEXT NOT NULL, -- RFC3339 into DateTime<Utc>
revoked INTEGER NOT NULL DEFAULT 0, -- bool (int 0 or int 1)
revoked_at TEXT DEFAULT NULL, -- RFC3339 into DateTime<Utc>
revoked_by BLOB DEFAULT NULL REFERENCES users(id) -- UUIDv7 bytes (userID)
CHECK(
(revoked = 0 AND revoked_at IS NULL AND revoked_by IS NULL) OR
(revoked = 1 AND revoked_at IS NOT NULL AND revoked_by IS NOT NULL)
)
);
CREATE INDEX sessions_by_userid ON sessions(user_id);
CREATE TABLE user_permissions (
user_id BLOB NOT NULL REFERENCES users(id), -- UUIDv7 as bytes
permission TEXT NOT NULL, -- serialized name
PRIMARY KEY (user_id, permission)
) WITHOUT ROWID;
CREATE TABLE quotes (
id BLOB NOT NULL UNIQUE PRIMARY KEY, -- UUIDv7 as bytes
timestamp TEXT NOT NULL, -- RFC3339 into DateTime<FixedOffset>
location TEXT,
context TEXT,
created_by BLOB NOT NULL REFERENCES users(id), -- UUIDv7 as bytes
public INTEGER NOT NULL DEFAULT 0 -- bool (int 0 or int 1)
-- this is to be followed by a bigger role-based viewership scoping mechanism
);
CREATE INDEX quotes_by_creation_user ON quotes(created_by);
CREATE TABLE persons (
id BLOB NOT NULL UNIQUE PRIMARY KEY, -- UUIDv7 as bytes
created_by BLOB NOT NULL REFERENCES users(id), -- UUIDv7 as bytes
bio TEXT,
prof_pic TEXT -- link probably
);
CREATE TABLE names (
id BLOB NOT NULL UNIQUE PRIMARY KEY, -- UUIDv7 as bytes
is_primary INTEGER NOT NULL DEFAULT 0,
person_id BLOB NOT NULL REFERENCES persons(id),
created_by BLOB NOT NULL REFERENCES users(id),
name TEXT NOT NULL
);
CREATE INDEX names_by_personid ON names(person_id);
CREATE UNIQUE INDEX no_name_duplicate_for_same_person ON names(person_id, name);
CREATE UNIQUE INDEX primary_name_uniqueness ON names(person_id) WHERE is_primary = 1;
CREATE TABLE lines (
id BLOB NOT NULL UNIQUE PRIMARY KEY, -- UUIDv7 as bytes
quote_id BLOB NOT NULL REFERENCES quotes(id), -- UUIDv7 as bytes
name_id BLOB NOT NULL REFERENCES names(id), -- UUIDv7 as bytes
ordering INTEGER NOT NULL,
content TEXT NOT NULL
);
CREATE INDEX lines_by_quoteid ON lines(quote_id);
CREATE INDEX lines_by_nameid ON lines(name_id);
CREATE UNIQUE INDEX lines_unique_ordering ON lines(quote_id, ordering);
CREATE TABLE tags (
id BLOB NOT NULL UNIQUE PRIMARY KEY, -- UUIDv7 as bytes
tagname TEXT NOT NULL UNIQUE COLLATE NOCASE
);
CREATE TABLE user_quote_likes (
quote_id BLOB NOT NULL REFERENCES quotes(id), -- UUIDv7 as bytes
user_id BLOB NOT NULL REFERENCES users(id), -- UUIDv7 as bytes
PRIMARY KEY (quote_id, user_id)
) WITHOUT ROWID;
CREATE INDEX likes_by_reverse_index ON user_quote_likes(user_id, quote_id);
CREATE TABLE quote_tags (
quote_id BLOB NOT NULL REFERENCES quotes(id), -- UUIDv7 as bytes
tag_id BLOB NOT NULL REFERENCES tags(id), -- UUIDv7 as bytes
PRIMARY KEY (quote_id, tag_id)
) WITHOUT ROWID;
CREATE INDEX quote_tags_reverse_index ON quote_tags(tag_id, quote_id);
CREATE TABLE logs (
id BLOB NOT NULL UNIQUE PRIMARY KEY, -- UUIDv7 as bytes
actor BLOB NOT NULL REFERENCES users(id), -- UUIDv7 as bytes
-- (userID with special cases: UUID::nil if system, UUID::max if infradmin)
-- ((infradmin & system shall both be users))
target BLOB, -- Option<UUIDv7 as bytes (userID)>
actiontype TEXT NOT NULL,
payload TEXT
);
CREATE INDEX logs_by_actor ON logs(actor);
CREATE INDEX logs_by_target ON logs(target);
-- all this to be followed by:
-- - a better access scoping mechanism (role-based like discord)
-- - photos just like quotes
-- - OAuth2 login via Steam/GitHub/Discord/Google/Potato/Whatever
-- - comments

66
src/database/mod.rs
View File

@@ -1,68 +1,14 @@
use std::{env, error::Error, sync::LazyLock};
use axum::{http::StatusCode, response::IntoResponse};
use rusqlite::{Connection, OptionalExtension};
macro_rules! migration {
($name:literal) => {
($name, include_str!(concat!("./migrations/", $name, ".sql")))
};
}
const MIGRATIONS: &[(&str, &str)] = &[migration!("2026-04-04--01")];
pub static DB_URL: LazyLock<String> =
LazyLock::new(|| env::var("DATABASE_URL").expect("DATABASE_URL is not set"));
const PERSISTENT_PRAGMAS: &[&str] = &["PRAGMA journal_mode = WAL"];
const CONNECTION_PRAGMAS: &[&str] = &["PRAGMA foreign_keys = ON", "PRAGMA busy_timeout = 5000"];
const TABLE_MIGRATIONS: &str = r#"
CREATE TABLE IF NOT EXISTS migrations (
id TEXT PRIMARY KEY,
time INTEGER DEFAULT (unixepoch())
);
"#;
use axum::{
http::StatusCode,
response::{IntoResponse, Response},
};
#[derive(Debug, thiserror::Error)]
#[error("{0}")]
pub struct DatabaseError(#[from] rusqlite::Error);
pub struct DatabaseError(#[from] sqlx::Error);
impl IntoResponse for DatabaseError {
fn into_response(self) -> axum::response::Response {
fn into_response(self) -> Response {
log::error!("[DB ERROR] {}", self);
(StatusCode::INTERNAL_SERVER_ERROR, "Internal server error.").into_response()
}
}
pub fn conn() -> Result<Connection, DatabaseError> {
let conn = Connection::open(&*DB_URL)?;
for pragma in CONNECTION_PRAGMAS {
conn.query_row(pragma, (), |_| Ok(())).optional()?;
}
Ok(conn)
}
pub fn migrations() -> Result<(), Box<dyn Error>> {
let conn = Connection::open(&*DB_URL)?;
for pragma in PERSISTENT_PRAGMAS {
conn.query_row(pragma, (), |_| Ok(()))?;
}
conn.execute(TABLE_MIGRATIONS, ())?;
let mut changes = false;
for (key, sql) in MIGRATIONS {
let mut statement = conn.prepare("SELECT id, time FROM migrations WHERE id = ?1")?;
let query = statement.query_one([key], |_| Ok(())).optional()?;
if query.is_some() {
continue;
}
changes = true;
log::info!("Applying migration {key}...");
conn.execute_batch(sql)?;
conn.execute("INSERT INTO migrations(id) VALUES (?1)", [key])?;
}
if changes {
log::info!("Migrations applied.")
}
Ok(())
}

29
src/error.rs
View File

@@ -1,13 +1,6 @@
use axum::response::{IntoResponse, Response};
use crate::{
database::DatabaseError,
persons::PersonError,
quotes::QuoteError,
tags::TagError,
users::{UserError, auth::AuthError, sessions::SessionError},
web::RedirectViaError,
};
use crate::database::DatabaseError;
pub struct CompositeError(Response);
impl IntoResponse for CompositeError {
@@ -28,18 +21,18 @@ macro_rules! composite_from {
};
}
composite_from!(
AuthError,
UserError,
SessionError,
TagError,
PersonError,
QuoteError,
crate::users::auth::AuthError,
crate::users::UserError,
crate::users::sessions::SessionError,
crate::tags::TagError,
crate::persons::PersonError,
crate::quotes::QuoteError,
DatabaseError,
RedirectViaError,
// RedirectViaError,
);
impl From<rusqlite::Error> for CompositeError {
fn from(e: rusqlite::Error) -> Self {
CompositeError(DatabaseError::from(e).into_response())
impl From<sqlx::Error> for CompositeError {
fn from(value: sqlx::Error) -> Self {
CompositeError(DatabaseError::from(value).into_response())
}
}

149
src/logs.rs
View File

@@ -1,9 +1,9 @@
use rusqlite::Connection;
use serde::{Deserialize, Serialize};
use strum::IntoStaticStr;
use sqlx::{PgConnection, Row};
use strum::{EnumDiscriminants, EnumIter, IntoStaticStr, VariantNames};
use uuid::Uuid;
use crate::{database::DatabaseError, users::User};
use crate::{database::DatabaseError, users::User, web::icons};
#[derive(Debug)]
pub struct LogEntry {
@@ -13,52 +13,91 @@ pub struct LogEntry {
}
impl LogEntry {
pub fn new(conn: &Connection, actor: User, data: LogAction) -> Result<LogEntry, DatabaseError> {
pub async fn new(
conn: &mut PgConnection,
actor: User,
data: LogAction,
) -> Result<LogEntry, DatabaseError> {
let log = LogEntry {
id: Uuid::now_v7(),
actor,
data,
};
let actiontype: &'static str = (&log.data).into();
let payload = serde_json::to_string(&log.data).unwrap();
conn.prepare(
"INSERT INTO logs(id, actor, target, actiontype, payload) VALUES (?1,?2,?3,?4,?5)",
)?
.execute((
&log.id,
&log.actor.id,
log.data.get_target_id(),
actiontype,
payload,
))?;
let payload = serde_json::to_value(&log.data).unwrap();
sqlx::query(
"INSERT INTO logs(id, actor, target, actiontype, payload) VALUES ($1, $2, $3, $4, $5)",
)
.bind(log.id)
.bind(log.actor.id)
.bind(log.data.get_target_id())
.bind(actiontype)
.bind(payload)
.execute(&mut *conn)
.await?;
Ok(log)
}
pub fn total_count(conn: &Connection) -> Result<i64, DatabaseError> {
Ok(conn.query_row("SELECT COUNT(*) FROM logs", (), |r| r.get(0))?)
pub async fn count(
conn: &mut PgConnection,
action_type: Option<LogActionDiscriminant>,
) -> Result<i64, DatabaseError> {
let count = match action_type {
Some(at) => {
let atstr: &'static str = at.into();
sqlx::query_scalar("SELECT COUNT(*) FROM logs WHERE actiontype = $1")
.bind(atstr)
.fetch_one(&mut *conn)
.await?
}
None => {
sqlx::query_scalar("SELECT COUNT(*) FROM logs")
.fetch_one(&mut *conn)
.await?
}
};
Ok(count)
}
pub fn get_chronological_offset(
conn: &Connection,
pub async fn get_chronological_offset(
conn: &mut PgConnection,
action_type: Option<LogActionDiscriminant>,
offset: i64,
limit: i64,
) -> Result<Vec<LogEntry>, DatabaseError> {
Ok(conn
.prepare("SELECT id, actor, target, actiontype, payload FROM logs ORDER BY id DESC LIMIT ?1 OFFSET ?2")?
.query_map((limit, offset), |r| {
let payload: String = r.get(4)?;
Ok(LogEntry {
id: r.get(0)?,
actor: User::get_by_id(conn, r.get(1)?).unwrap(),
data: serde_json::from_str(&payload).unwrap(),
})
})?
.collect::<Result<Vec<LogEntry>, _>>()?)
let mut qstr = String::from("SELECT id, actor, payload FROM logs ");
if action_type.is_some() {
qstr += "WHERE actiontype = $3 "
}
qstr += "ORDER BY id DESC LIMIT $1 OFFSET $2";
let q = sqlx::query(&qstr).bind(limit).bind(offset);
let rows = match action_type {
Some(at) => {
let atstr: &'static str = at.into();
q.bind(atstr).fetch_all(&mut *conn).await?
}
None => q.fetch_all(&mut *conn).await?,
};
let mut entries = Vec::new();
for row in rows {
let payload: serde_json::Value = row.try_get("payload")?;
let actor_id: Uuid = row.try_get("actor")?;
entries.push(LogEntry {
id: row.try_get("id")?,
actor: User::get_by_id(&mut *conn, actor_id).await.unwrap(),
data: serde_json::from_value(payload).unwrap(),
});
}
Ok(entries)
}
}
// #[derive(Debug, thiserror::Error)]
// pub enum LogError {}
#[derive(Debug, IntoStaticStr, Serialize, Deserialize)]
#[derive(Debug, IntoStaticStr, Serialize, Deserialize, VariantNames, EnumDiscriminants)]
#[strum_discriminants(derive(EnumIter, IntoStaticStr, Serialize, Deserialize))]
#[strum_discriminants(name(LogActionDiscriminant))]
pub enum LogAction {
Initialize,
RegenInfradmin,
@@ -177,3 +216,45 @@ impl LogAction {
}
}
}
impl LogActionDiscriminant {
pub fn human_readable(&self) -> &'static str {
use LogActionDiscriminant as LAD;
match self {
LAD::Initialize => "Mnemosyne Initialization",
LAD::RegenInfradmin => "Infradmin Regeneration",
LAD::CreateUser => "User Creation",
LAD::ManuallyChangeUsersPassword => "Password Override",
LAD::CreateTag => "Tag Creation",
LAD::RenameTag => "Tag Rename",
LAD::DeleteTag => "Tag Deletion",
LAD::CreatePerson => "Person Creation",
LAD::ChangeUserHandle => "User Handle Change",
LAD::AddPersonName => "Person Name Addition",
LAD::DeletePersonName => "Person Name Deletion",
LAD::SetPersonPrimaryName => "Person Primary Name Set",
LAD::CreateQuote => "Quote Creation",
LAD::ManuallyRevokeSession => "Manual Session Revocation",
}
}
pub fn icon(&self) -> &'static str {
use LogActionDiscriminant as LAD;
match self {
LAD::Initialize => icons::LINE_DOT_RIGHT_HORIZONTAL,
// LAD::RegenInfradmin =>
// LAD::CreateUser =>
// LAD::ManuallyChangeUsersPassword =>
// LAD::CreateTag =>
// LAD::RenameTag =>
// LAD::DeleteTag =>
// LAD::CreatePerson =>
// LAD::ChangeUserHandle =>
// LAD::AddPersonName =>
// LAD::DeletePersonName =>
// LAD::SetPersonPrimaryName =>
// LAD::CreateQuote =>
// LAD::ManuallyRevokeSession =>
_ => icons::GIT_COMMIT_VERTICAL,
}
}
}

38
src/main.rs
View File

@@ -1,6 +1,7 @@
use std::error::Error;
use axum::Router;
use sqlx::PgPool;
use tokio::net::TcpListener;
mod api;
@@ -14,39 +15,30 @@ mod tags;
mod users;
mod web;
/// Mnemosyne, the mother of the nine muses
const DEFAULT_PORT: u16 = 0x9999; // 39321
/// The string to be returned alongside HTTP 500
const ISE_MSG: &str = "Internal server error";
#[derive(Debug, Clone)]
pub struct MnemoState {
pool: PgPool,
}
#[tokio::main]
async fn main() -> Result<(), Box<dyn Error>> {
if let Err(e) = dotenvy::dotenv()
&& !e.not_found()
{
return Err(e.into());
}
env_logger::builder()
.filter_level(log::LevelFilter::Info)
.parse_default_env()
.format(config::envlogger_write_format)
.init();
config::dotenv()?;
config::env_logger()?;
database::migrations()?;
let pool = config::init_pool().await?;
sqlx::migrate!("src/database/migrations").run(&pool).await?;
log::info!("Migrations applied successfully.");
users::auth::init_password_dummies();
users::setup::initialise_reserved_users_if_needed()?;
users::setup::initialise_reserved_users_if_needed(&pool).await?;
let port = match std::env::var("PORT") {
Ok(p) => p.parse::<u16>()?,
Err(e) => match e {
std::env::VarError::NotPresent => DEFAULT_PORT,
_ => return Err(e)?,
},
};
let port = config::port()?;
let r = Router::new()
.merge(api::api_router())
.merge(web::web_router());
.merge(web::web_router())
.with_state(MnemoState { pool });
let l = TcpListener::bind(format!("0.0.0.0:{port}")).await?;
log::info!("Listener bound to {}", l.local_addr()?);

268
src/persons/mod.rs
View File

@@ -2,8 +2,8 @@ use axum::{
http::StatusCode,
response::{IntoResponse, Response},
};
use rusqlite::{Connection, OptionalExtension};
use serde::Serialize;
use sqlx::{PgConnection, Row};
use uuid::Uuid;
use crate::database::DatabaseError;
@@ -12,7 +12,6 @@ use crate::database::DatabaseError;
pub struct Person {
pub id: Uuid,
pub primary_name: String,
pub created_by: Uuid,
}
#[derive(Serialize)]
@@ -20,7 +19,6 @@ pub struct Name {
pub id: Uuid,
pub is_primary: bool,
pub person_id: Uuid,
pub created_by: Uuid,
pub name: String,
}
@@ -39,169 +37,213 @@ pub enum PersonError {
}
impl Person {
pub fn total_count(conn: &Connection) -> Result<i64, PersonError> {
Ok(conn.query_row("SELECT COUNT(*) FROM persons", (), |r| r.get(0))?)
}
pub fn get_all(conn: &Connection) -> Result<Vec<Person>, PersonError> {
Ok(conn
.prepare("SELECT p.id, p.created_by, n.name FROM persons p JOIN names n ON p.id = n.person_id AND n.is_primary = 1")?
.query_map((), |r| {
Ok(Person {
id: r.get(0)?,
created_by: r.get(1)?,
primary_name: r.get(2)?,
})
})?
.collect::<Result<Vec<Person>, _>>()?)
pub async fn total_count(conn: &mut PgConnection) -> Result<i64, PersonError> {
let count: i64 = sqlx::query_scalar("SELECT COUNT(*) FROM persons")
.fetch_one(conn)
.await?;
Ok(count)
}
pub fn get_by_id(conn: &Connection, id: Uuid) -> Result<Person, PersonError> {
let res = conn
.prepare("SELECT p.created_by, n.name FROM persons p JOIN names n ON p.id = n.person_id AND n.is_primary = 1 WHERE p.id = ?1")?
.query_one((&id,), |r| {
Ok(Person {
id,
created_by: r.get(0)?,
primary_name: r.get(1)?,
})
})
.optional()?;
match res {
Some(p) => Ok(p),
pub async fn get_all(conn: &mut PgConnection) -> Result<Vec<Person>, PersonError> {
let rows = sqlx::query(
"SELECT p.id, n.name FROM persons p JOIN names n ON p.id = n.person_id AND n.is_primary = true"
)
.fetch_all(conn)
.await?;
let mut persons = Vec::with_capacity(rows.len());
for r in rows {
persons.push(Person {
id: r.try_get("id")?,
primary_name: r.try_get("name")?,
});
}
Ok(persons)
}
pub async fn get_by_id(conn: &mut PgConnection, id: Uuid) -> Result<Person, PersonError> {
let row = sqlx::query(
"SELECT n.name FROM persons p JOIN names n ON p.id = n.person_id AND n.is_primary = true WHERE p.id = $1"
)
.bind(id)
.fetch_optional(conn)
.await?;
match row {
Some(r) => Ok(Person {
id,
primary_name: r.try_get("name")?,
}),
None => Err(PersonError::NoPersonWithId(id)),
}
}
pub fn get_in_quote_count(&self, conn: &Connection) -> Result<i64, PersonError> {
Ok(conn
.prepare(
r#"
SELECT COUNT(DISTINCT l.quote_id) AS quote_count
FROM lines l WHERE l.name_id IN (
SELECT id FROM names WHERE person_id = ?1
pub async fn get_in_quote_count(&self, conn: &mut PgConnection) -> Result<i64, PersonError> {
let count: i64 = sqlx::query_scalar(
r#"
SELECT COUNT(DISTINCT l.quote_id)
FROM lines l JOIN line_authors la ON l.id = la.line_id
WHERE la.name_id IN (
SELECT id FROM names WHERE person_id = $1
);"#,
)?
.query_one((self.id,), |r| Ok(r.get(0)?))?)
)
.bind(self.id)
.fetch_one(conn)
.await?;
Ok(count)
}
pub fn get_all_names(&self, conn: &Connection) -> Result<Vec<Name>, PersonError> {
Ok(conn
.prepare("SELECT id, is_primary, person_id, created_by, name FROM names WHERE person_id = ?1 ORDER BY id")?
.query_map((&self.id,), |r| {
Ok(Name {
id: r.get(0)?,
is_primary: r.get(1)?,
person_id: r.get(2)?,
created_by: r.get(3)?,
name: r.get(4)?,
})
})?
.collect::<Result<Vec<Name>, _>>()?)
pub async fn get_all_names(&self, conn: &mut PgConnection) -> Result<Vec<Name>, PersonError> {
let rows = sqlx::query(
"SELECT id, is_primary, person_id, name FROM names WHERE person_id = $1 ORDER BY id",
)
.bind(self.id)
.fetch_all(conn)
.await?;
let mut names = Vec::with_capacity(rows.len());
for r in rows {
names.push(Name {
id: r.try_get("id")?,
is_primary: r.try_get("is_primary")?,
person_id: r.try_get("person_id")?,
name: r.try_get("name")?,
});
}
Ok(names)
}
pub fn add_name(
pub async fn add_name(
&self,
conn: &Connection,
conn: &mut PgConnection,
name: String,
created_by: Uuid,
_created_by: Uuid,
) -> Result<Name, PersonError> {
let id = Uuid::now_v7();
conn.prepare("INSERT INTO names VALUES (?1, ?2, ?3, ?4, ?5)")?
.execute((id, 0, self.id, created_by, &name))?;
sqlx::query("INSERT INTO names (id, is_primary, person_id, name) VALUES ($1, $2, $3, $4)")
.bind(id)
.bind(false)
.bind(self.id)
.bind(&name)
.execute(conn)
.await?;
Ok(Name {
id,
is_primary: false,
person_id: self.id,
created_by,
name,
})
}
pub fn create(
conn: &Connection,
pub async fn create(
conn: &mut PgConnection,
primary_name: String,
created_by: Uuid,
_created_by: Uuid,
) -> Result<Person, PersonError> {
let person_id = Uuid::now_v7();
let name_id = Uuid::now_v7();
conn.prepare("INSERT INTO persons(id, created_by) VALUES (?1, ?2)")?
.execute((person_id, created_by))?;
conn.prepare("INSERT INTO names VALUES (?1, ?2, ?3, ?4, ?5)")?
.execute((name_id, 1, person_id, created_by, &primary_name))?;
sqlx::query("INSERT INTO persons(id) VALUES ($1)")
.bind(person_id)
.execute(&mut *conn)
.await?;
sqlx::query("INSERT INTO names (id, is_primary, person_id, name) VALUES ($1, $2, $3, $4)")
.bind(name_id)
.bind(true)
.bind(person_id)
.bind(&primary_name)
.execute(&mut *conn)
.await?;
Ok(Person {
id: person_id,
primary_name,
created_by,
})
}
}
impl Name {
pub fn get_by_id(conn: &Connection, id: Uuid) -> Result<Name, PersonError> {
let res = conn
.prepare("SELECT id, is_primary, person_id, created_by, name FROM names WHERE id = ?1")?
.query_one((&id,), |r| {
Ok(Name {
id: r.get(0)?,
is_primary: r.get(1)?,
person_id: r.get(2)?,
created_by: r.get(3)?,
name: r.get(4)?,
})
})
.optional()?;
match res {
Some(n) => Ok(n),
pub async fn get_by_id(conn: &mut PgConnection, id: Uuid) -> Result<Name, PersonError> {
let row = sqlx::query("SELECT id, is_primary, person_id, name FROM names WHERE id = $1")
.bind(id)
.fetch_optional(conn)
.await?;
match row {
Some(r) => Ok(Name {
id: r.try_get("id")?,
is_primary: r.try_get("is_primary")?,
person_id: r.try_get("person_id")?,
name: r.try_get("name")?,
}),
None => Err(PersonError::NoNameWithId(id)),
}
}
pub fn get_all(conn: &Connection) -> Result<Vec<Name>, PersonError> {
Ok(conn
.prepare("SELECT id, is_primary, person_id, created_by, name FROM names")?
.query_map((), |r| {
Ok(Name {
id: r.get(0)?,
is_primary: r.get(1)?,
person_id: r.get(2)?,
created_by: r.get(3)?,
name: r.get(4)?,
})
})?
.collect::<Result<Vec<Name>, _>>()?)
pub async fn get_all(conn: &mut PgConnection) -> Result<Vec<Name>, PersonError> {
let rows = sqlx::query("SELECT id, is_primary, person_id, name FROM names")
.fetch_all(conn)
.await?;
let mut names = Vec::with_capacity(rows.len());
for r in rows {
names.push(Name {
id: r.try_get("id")?,
is_primary: r.try_get("is_primary")?,
person_id: r.try_get("person_id")?,
name: r.try_get("name")?,
});
}
Ok(names)
}
pub fn times_attributed(&self, conn: &Connection) -> Result<i64, PersonError> {
Ok(conn
.prepare("SELECT COUNT(*) FROM lines WHERE name_id = ?1")?
.query_row((&self.id,), |r| r.get(0))?)
pub async fn times_attributed(&self, conn: &mut PgConnection) -> Result<i64, PersonError> {
let count: i64 = sqlx::query_scalar("SELECT COUNT(*) FROM line_authors WHERE name_id = $1")
.bind(self.id)
.fetch_one(conn)
.await?;
Ok(count)
}
pub fn delete(self, conn: &Connection) -> Result<(), PersonError> {
conn.prepare("DELETE FROM names WHERE id = ?1")?
.execute((&self.id,))?;
pub async fn delete(self, conn: &mut PgConnection) -> Result<(), PersonError> {
sqlx::query("DELETE FROM names WHERE id = $1")
.bind(self.id)
.execute(conn)
.await?;
Ok(())
}
pub fn set_primary(&mut self, conn: &Connection) -> Result<(), PersonError> {
pub async fn set_primary(&mut self, conn: &mut PgConnection) -> Result<(), PersonError> {
if self.is_primary {
return Err(PersonError::AlreadyPrimary);
}
conn.prepare("UPDATE names SET is_primary = 0 WHERE person_id = ?1 AND is_primary = 1")?
.execute((&self.person_id,))?;
conn.prepare("UPDATE names SET is_primary = 1 WHERE id = ?1")?
.execute((&self.id,))?;
sqlx::query(
"UPDATE names SET is_primary = false WHERE person_id = $1 AND is_primary = true",
)
.bind(self.person_id)
.execute(&mut *conn)
.await?;
sqlx::query("UPDATE names SET is_primary = true WHERE id = $1")
.bind(self.id)
.execute(&mut *conn)
.await?;
self.is_primary = true;
Ok(())
}
}
impl From<rusqlite::Error> for PersonError {
fn from(error: rusqlite::Error) -> Self {
if let rusqlite::Error::SqliteFailure(e, Some(msg)) = &error
&& e.extended_code == rusqlite::ffi::SQLITE_CONSTRAINT_UNIQUE
&& msg.contains("name")
{
return PersonError::NameAlreadyExists;
impl From<sqlx::Error> for PersonError {
fn from(error: sqlx::Error) -> Self {
if let sqlx::Error::Database(err) = &error {
if err.is_unique_violation() && err.message().contains("name") {
return PersonError::NameAlreadyExists;
}
}
PersonError::DatabaseError(DatabaseError::from(error))
}

279
src/quotes/mod.rs
View File

@@ -1,7 +1,10 @@
use axum::{http::StatusCode, response::IntoResponse};
use chrono::{DateTime, FixedOffset, Utc};
use rusqlite::{Connection, OptionalExtension};
use axum::{
http::StatusCode,
response::{IntoResponse, Response},
};
use chrono::{DateTime, NaiveDateTime, Utc};
use serde::Serialize;
use sqlx::{PgConnection, Row};
use uuid::Uuid;
use crate::{database::DatabaseError, persons::Name};
@@ -10,7 +13,7 @@ use crate::{database::DatabaseError, persons::Name};
pub struct Quote {
pub id: Uuid,
pub lines: Vec<QuoteLine>,
pub timestamp: DateTime<FixedOffset>,
pub timestamp: NaiveDateTime,
pub location: Option<String>,
pub context: Option<String>,
pub created_by: Uuid,
@@ -20,7 +23,7 @@ pub struct Quote {
#[derive(Serialize)]
pub struct QuoteLine {
pub id: Uuid,
pub attribution: Name,
pub attribution: Vec<Name>,
pub content: String,
}
@@ -44,52 +47,65 @@ impl Quote {
}
impl Quote {
pub fn total_count(conn: &Connection) -> Result<i64, QuoteError> {
Ok(conn.query_row("SELECT COUNT(*) FROM quotes", (), |r| r.get(0))?)
pub async fn total_count(conn: &mut PgConnection) -> Result<i64, QuoteError> {
let count: i64 = sqlx::query_scalar("SELECT COUNT(*) FROM quotes")
.fetch_one(conn)
.await?;
Ok(count)
}
pub fn get_by_id(conn: &Connection, id: Uuid) -> Result<Quote, QuoteError> {
let quotemain = conn
.prepare(
"SELECT timestamp, location, context, created_by, public FROM quotes WHERE id = ?1",
)?
.query_row((id,), |r| {
Ok((
r.get::<_, DateTime<FixedOffset>>(0)?,
r.get::<_, Option<String>>(1)?,
r.get::<_, Option<String>>(2)?,
r.get::<_, Uuid>(3)?,
r.get::<_, bool>(4)?,
))
})
.optional()?;
let (timestamp, location, context, created_by, public) = match quotemain {
Some(data) => data,
pub async fn get_by_id(conn: &mut PgConnection, id: Uuid) -> Result<Quote, QuoteError> {
let quotemain = sqlx::query(
"SELECT timestamp, location, context, created_by, public FROM quotes WHERE id = $1",
)
.bind(id)
.fetch_optional(&mut *conn)
.await?;
let row = match quotemain {
Some(row) => row,
None => return Err(QuoteError::NoQuoteWithId(id)),
};
let lines = conn
.prepare(
r#"
SELECT l.id, l.content, n.id, n.is_primary, n.person_id, n.created_by, n.name
FROM lines AS l JOIN names AS n ON l.name_id = n.id
WHERE l.quote_id = ?1 ORDER BY l.ordering
"#,
)?
.query_map((id,), |r| {
Ok(QuoteLine {
id: r.get(0)?,
content: r.get(1)?,
attribution: Name {
id: r.get(2)?,
is_primary: r.get(3)?,
person_id: r.get(4)?,
created_by: r.get(5)?,
name: r.get(6)?,
},
})
})?
.collect::<Result<Vec<QuoteLine>, _>>()?;
let timestamp: NaiveDateTime = row.try_get("timestamp")?;
let location: Option<String> = row.try_get("location")?;
let context: Option<String> = row.try_get("context")?;
let created_by: Uuid = row.try_get("created_by")?;
let public: bool = row.try_get("public")?;
let line_rows = sqlx::query(
r#"
SELECT l.id, l.content, n.id as name_id, n.is_primary, n.person_id, n.name
FROM lines AS l
JOIN line_authors AS la ON l.id = la.line_id
JOIN names AS n ON la.name_id = n.id
WHERE l.quote_id = $1 ORDER BY l.ordering
"#,
)
.bind(id)
.fetch_all(&mut *conn)
.await?;
let mut lines: Vec<QuoteLine> = Vec::new();
for r in line_rows {
let line_id: Uuid = r.try_get("id")?;
let name = Name {
id: r.try_get("name_id")?,
is_primary: r.try_get("is_primary")?,
person_id: r.try_get("person_id")?,
name: r.try_get("name")?,
};
if let Some(last) = lines.last_mut().filter(|l| l.id == line_id) {
last.attribution.push(name);
} else {
lines.push(QuoteLine {
id: line_id,
content: r.try_get("content")?,
attribution: vec![name],
});
}
}
Ok(Quote {
id,
@@ -101,60 +117,102 @@ impl Quote {
public,
})
}
pub fn get_newest(conn: &Connection) -> Result<Option<Quote>, QuoteError> {
let id: Option<Uuid> = conn
.query_row("SELECT id FROM quotes ORDER BY id DESC LIMIT 1", (), |r| {
r.get(0)
})
.optional()?;
match id {
Some(id) => Ok(Some(Self::get_by_id(conn, id)?)),
pub async fn get_newest(conn: &mut PgConnection) -> Result<Option<Quote>, QuoteError> {
let id_opt: Option<Uuid> =
sqlx::query_scalar("SELECT id FROM quotes ORDER BY id DESC LIMIT 1")
.fetch_optional(&mut *conn)
.await?;
match id_opt {
Some(id) => Ok(Some(Self::get_by_id(conn, id).await?)),
None => Ok(None),
}
}
pub fn get_newest_public(conn: &Connection) -> Result<Option<Quote>, QuoteError> {
let id: Option<Uuid> = conn
.query_row(
"SELECT id FROM quotes WHERE public = 1 ORDER BY id DESC LIMIT 1",
(),
|r| r.get(0),
)
.optional()?;
match id {
Some(id) => Ok(Some(Self::get_by_id(conn, id)?)),
pub async fn get_newest_public(conn: &mut PgConnection) -> Result<Option<Quote>, QuoteError> {
let id_opt: Option<Uuid> = sqlx::query_scalar(
"SELECT id FROM quotes WHERE public = true ORDER BY id DESC LIMIT 1",
)
.fetch_optional(&mut *conn)
.await?;
match id_opt {
Some(id) => Ok(Some(Self::get_by_id(conn, id).await?)),
None => Ok(None),
}
}
pub fn get_random(conn: &Connection) -> Result<Option<Quote>, QuoteError> {
let id: Option<Uuid> = conn
.query_row("SELECT id FROM quotes ORDER BY RANDOM() LIMIT 1", (), |r| {
r.get(0)
})
.optional()?;
match id {
Some(id) => Ok(Some(Self::get_by_id(conn, id)?)),
pub async fn get_random(conn: &mut PgConnection) -> Result<Option<Quote>, QuoteError> {
let id_opt: Option<Uuid> =
sqlx::query_scalar("SELECT id FROM quotes ORDER BY RANDOM() LIMIT 1")
.fetch_optional(&mut *conn)
.await?;
match id_opt {
Some(id) => Ok(Some(Self::get_by_id(conn, id).await?)),
None => Ok(None),
}
}
pub fn get_chronological_offset(
conn: &Connection,
pub async fn get_chronological_offset(
conn: &mut PgConnection,
offset: i64,
limit: i64,
) -> Result<Vec<Quote>, QuoteError> {
let ids = conn
.prepare("SELECT id FROM quotes ORDER BY timestamp DESC LIMIT ?1 OFFSET ?2")?
.query_map((limit, offset), |r| r.get(0))?
.collect::<Result<Vec<Uuid>, _>>()?;
let ids: Vec<Uuid> =
sqlx::query_scalar("SELECT id FROM quotes ORDER BY timestamp DESC LIMIT $1 OFFSET $2")
.bind(limit)
.bind(offset)
.fetch_all(&mut *conn)
.await?;
ids.iter().map(|id| Self::get_by_id(conn, *id)).collect()
let mut quotes = Vec::with_capacity(ids.len());
for id in ids {
quotes.push(Self::get_by_id(&mut *conn, id).await?);
}
Ok(quotes)
}
pub fn create(
conn: &Connection,
lines: Vec<(String, Name)>,
timestamp: DateTime<FixedOffset>,
pub async fn search_query_count(
conn: &mut PgConnection,
query: &str,
) -> Result<i64, QuoteError> {
let count: i64 =
sqlx::query_scalar("SELECT COUNT(*) FROM quotes WHERE fts ILIKE '%' || $1 || '%'")
.bind(query)
.fetch_one(&mut *conn)
.await?;
Ok(count)
}
pub async fn get_by_search_query(
conn: &mut PgConnection,
query: &str,
offset: i64,
limit: i64,
) -> Result<Vec<Quote>, QuoteError> {
let ids: Vec<Uuid> = sqlx::query_scalar(
"SELECT id FROM quotes WHERE fts ILIKE '%' || $1 || '%' LIMIT $2 OFFSET $3",
)
.bind(query)
.bind(limit)
.bind(offset)
.fetch_all(&mut *conn)
.await?;
let mut quotes = Vec::with_capacity(ids.len());
for id in ids {
quotes.push(Self::get_by_id(&mut *conn, id).await?);
}
Ok(quotes)
}
pub async fn create(
conn: &mut PgConnection,
lines: Vec<(String, Vec<Name>)>,
timestamp: NaiveDateTime,
context: Option<String>,
location: Option<String>,
created_by: Uuid,
@@ -165,27 +223,52 @@ impl Quote {
}
let quote_id = Uuid::now_v7();
let lines: Vec<(Uuid, String, Name)> = lines
let lines: Vec<(Uuid, String, Vec<Name>)> = lines
.into_iter()
.map(|(c, a)| (Uuid::now_v7(), c, a))
.collect();
let mut quote_stmt = conn.prepare(
sqlx::query(
r#"
INSERT INTO quotes (id, timestamp, location, context, created_by, public)
VALUES (?1, ?2, ?3, ?4, ?5, ?6)
VALUES ($1, $2, $3, $4, $5, $6)
"#,
)?;
quote_stmt.execute((quote_id, timestamp, &location, &context, created_by, public))?;
)
.bind(quote_id)
.bind(timestamp)
.bind(&location)
.bind(&context)
.bind(created_by)
.bind(public)
.execute(&mut *conn)
.await?;
let mut line_stmt = conn.prepare(
r#"
INSERT INTO lines (id, quote_id, content, name_id, ordering)
VALUES (?1, ?2, ?3, ?4, ?5)
"#,
)?;
for (ordering, (id, content, attr)) in lines.iter().enumerate() {
line_stmt.execute((id, quote_id, content, attr.id, ordering as i64))?;
sqlx::query(
r#"
INSERT INTO lines (id, quote_id, content, ordering)
VALUES ($1, $2, $3, $4)
"#,
)
.bind(id)
.bind(quote_id)
.bind(content)
.bind(ordering as i16)
.execute(&mut *conn)
.await?;
for a in attr {
sqlx::query(
r#"
INSERT INTO line_authors (line_id, name_id)
VALUES ($1, $2)
"#,
)
.bind(id)
.bind(a.id)
.execute(&mut *conn)
.await?;
}
}
Ok(Quote {
@@ -207,14 +290,14 @@ impl Quote {
}
}
impl From<rusqlite::Error> for QuoteError {
fn from(error: rusqlite::Error) -> Self {
impl From<sqlx::Error> for QuoteError {
fn from(error: sqlx::Error) -> Self {
QuoteError::DatabaseError(DatabaseError::from(error))
}
}
impl IntoResponse for QuoteError {
fn into_response(self) -> axum::response::Response {
fn into_response(self) -> Response {
match self {
Self::DatabaseError(e) => e.into_response(),
Self::NoQuoteWithId(_) => (StatusCode::BAD_REQUEST, self.to_string()).into_response(),

151
src/tags.rs
View File

@@ -4,12 +4,8 @@ use axum::{
http::StatusCode,
response::{IntoResponse, Response},
};
use rusqlite::{
Connection, OptionalExtension, Result as RusqliteResult, ToSql,
ffi::SQLITE_CONSTRAINT_UNIQUE,
types::{FromSql, FromSqlError, FromSqlResult, ToSqlOutput, ValueRef},
};
use serde::{Deserialize, Serialize};
use sqlx::{PgConnection, Row};
use uuid::Uuid;
use crate::database::DatabaseError;
@@ -21,70 +17,95 @@ pub struct Tag {
}
impl Tag {
pub fn total_count(conn: &Connection) -> Result<i64, TagError> {
Ok(conn.query_row("SELECT COUNT(*) FROM tags", (), |r| r.get(0))?)
pub async fn total_count(conn: &mut PgConnection) -> Result<i64, TagError> {
let count: i64 = sqlx::query_scalar("SELECT COUNT(*) FROM tags")
.fetch_one(conn)
.await?;
Ok(count)
}
pub fn get_all(conn: &Connection) -> Result<Vec<Tag>, TagError> {
Ok(conn
.prepare("SELECT id, tagname FROM tags")?
.query_map((), |r| {
Ok(Tag {
id: r.get(0)?,
name: r.get(1)?,
})
})?
.collect::<Result<Vec<Tag>, _>>()?)
pub async fn get_all(conn: &mut PgConnection) -> Result<Vec<Tag>, TagError> {
let rows = sqlx::query("SELECT id, name FROM tags")
.fetch_all(conn)
.await?;
let mut tags = Vec::with_capacity(rows.len());
for r in rows {
let name_str: String = r.try_get("name")?;
tags.push(Tag {
id: r.try_get("id")?,
name: TagName::new(name_str)?,
});
}
Ok(tags)
}
pub fn get_by_id(conn: &Connection, id: Uuid) -> Result<Tag, TagError> {
let res = conn
.prepare("SELECT tagname FROM tags WHERE id = ?1")?
.query_one((&id,), |r| {
pub async fn get_by_id(conn: &mut PgConnection, id: Uuid) -> Result<Tag, TagError> {
let res = sqlx::query("SELECT name FROM tags WHERE id = $1")
.bind(id)
.fetch_optional(conn)
.await?;
match res {
Some(r) => {
let name_str: String = r.try_get("name")?;
Ok(Tag {
id,
name: r.get(0)?,
name: TagName::new(name_str)?,
})
})
.optional()?;
match res {
Some(t) => Ok(t),
}
None => Err(TagError::NoTagWithId(id)),
}
}
pub fn get_tagged_quotes_count(&self, conn: &Connection) -> Result<i64, TagError> {
Ok(conn
.prepare("SELECT COUNT(*) FROM quote_tags WHERE tag_id = ?1")?
.query_one((self.id,), |r| Ok(r.get(0)?))?)
pub async fn get_tagged_quotes_count(&self, conn: &mut PgConnection) -> Result<i64, TagError> {
let count: i64 = sqlx::query_scalar("SELECT COUNT(*) FROM quote_tags WHERE tag_id = $1")
.bind(self.id)
.fetch_one(conn)
.await?;
Ok(count)
}
pub fn get_by_name(conn: &Connection, name: TagName) -> Result<Tag, TagError> {
let res = conn
.prepare("SELECT id, tagname FROM tags WHERE tagname = ?1")?
.query_one((&name,), |r| {
Ok(Tag {
id: r.get(0)?,
name: r.get(1)?,
})
})
.optional()?;
pub async fn get_by_name(conn: &mut PgConnection, name: TagName) -> Result<Tag, TagError> {
let res = sqlx::query("SELECT id FROM tags WHERE name = $1")
.bind(name.as_str())
.fetch_optional(conn)
.await?;
match res {
Some(u) => Ok(u),
Some(r) => Ok(Tag {
id: r.try_get("id")?,
name,
}),
None => Err(TagError::NoTagWithName(name)),
}
}
pub fn create(conn: &Connection, name: TagName) -> Result<Tag, TagError> {
pub async fn create(conn: &mut PgConnection, name: TagName) -> Result<Tag, TagError> {
let id = Uuid::now_v7();
conn.prepare("INSERT INTO tags(id, tagname) VALUES (?1, ?2)")?
.execute((id, &name))?;
sqlx::query("INSERT INTO tags(id, name) VALUES ($1, $2)")
.bind(id)
.bind(name.as_str())
.execute(conn)
.await?;
Ok(Tag { id, name })
}
pub fn rename(&mut self, conn: &Connection, name: TagName) -> Result<(), TagError> {
conn.prepare("UPDATE tags SET tagname = ?1 WHERE id = ?2")?
.execute((&name, self.id))?;
pub async fn rename(&mut self, conn: &mut PgConnection, name: TagName) -> Result<(), TagError> {
sqlx::query("UPDATE tags SET name = $1 WHERE id = $2")
.bind(name.as_str())
.bind(self.id)
.execute(conn)
.await?;
self.name = name;
Ok(())
}
pub fn delete(self, conn: &Connection) -> Result<(), TagError> {
conn.prepare("DELETE FROM tags WHERE id = ?1")?
.execute((self.id,))?;
pub async fn delete(self, conn: &mut PgConnection) -> Result<(), TagError> {
sqlx::query("DELETE FROM tags WHERE id = $1")
.bind(self.id)
.execute(conn)
.await?;
Ok(())
}
}
@@ -102,17 +123,18 @@ pub enum TagError {
#[error("Database error: {0}")]
DatabaseError(#[from] DatabaseError),
}
impl From<rusqlite::Error> for TagError {
fn from(error: rusqlite::Error) -> Self {
if let rusqlite::Error::SqliteFailure(e, Some(msg)) = &error
&& e.extended_code == SQLITE_CONSTRAINT_UNIQUE
&& msg.contains("tagname")
{
return TagError::TagAlreadyExists;
impl From<sqlx::Error> for TagError {
fn from(error: sqlx::Error) -> Self {
if let sqlx::Error::Database(err) = &error {
if err.is_unique_violation() && err.message().contains("tagname") {
return TagError::TagAlreadyExists;
}
}
TagError::DatabaseError(DatabaseError::from(error))
}
}
impl IntoResponse for TagError {
fn into_response(self) -> Response {
match self {
@@ -125,7 +147,8 @@ impl IntoResponse for TagError {
}
}
#[derive(Debug, Clone, Serialize, Deserialize)]
#[derive(Debug, Clone, Serialize, Deserialize, sqlx::Type)]
#[sqlx(transparent)]
#[serde(into = "String")]
#[serde(try_from = "String")]
pub struct TagName(String);
@@ -224,18 +247,6 @@ impl From<TagName> for String {
}
}
impl ToSql for TagName {
fn to_sql(&self) -> RusqliteResult<ToSqlOutput<'_>> {
self.0.to_sql()
}
}
impl FromSql for TagName {
fn column_result(value: ValueRef<'_>) -> FromSqlResult<Self> {
TagName::from_str(value.as_str()?).map_err(|e| FromSqlError::Other(Box::new(e)))
}
}
#[test]
#[should_panic]
fn tagname_leading_dash_fail() {

89
src/users/auth/implementation.rs
View File

@@ -7,12 +7,12 @@ use axum::{
response::{IntoResponse, Response},
};
use base64::{Engine, prelude::BASE64_STANDARD};
use rusqlite::OptionalExtension;
use sqlx::{PgConnection, Row};
use uuid::Uuid;
use crate::{
ISE_MSG,
database::{self, DatabaseError},
database::DatabaseError,
users::{
User,
auth::{
@@ -53,8 +53,8 @@ impl IntoResponse for AuthError {
}
}
}
impl From<rusqlite::Error> for AuthError {
fn from(value: rusqlite::Error) -> Self {
impl From<sqlx::Error> for AuthError {
fn from(value: sqlx::Error) -> Self {
AuthError::DatabaseError(DatabaseError::from(value))
}
}
@@ -122,21 +122,27 @@ impl<'a> AuthScheme<'a> {
}
impl UserAuthenticate for User {
fn authenticate(headers: &HeaderMap) -> Result<Option<User>, AuthError> {
async fn authenticate(
conn: &mut PgConnection,
headers: &HeaderMap,
) -> Result<Option<User>, AuthError> {
let (basic_auth, bearer_auth) = auth_common(headers);
match (basic_auth, bearer_auth) {
(Some(creds), _) => authenticate_basic(&creds),
(None, Some(token)) => authenticate_bearer(&token),
(Some(creds), _) => authenticate_basic(conn, &creds).await,
(None, Some(token)) => authenticate_bearer(conn, &token).await,
_ => Ok(None),
}
}
}
impl SessionAuthenticate for Session {
fn authenticate(headers: &HeaderMap) -> Result<Option<Session>, AuthError> {
async fn authenticate(
conn: &mut PgConnection,
headers: &HeaderMap,
) -> Result<Option<Session>, AuthError> {
let (_, bearer_auth) = auth_common(headers);
if let Some(token) = bearer_auth {
authenticate_bearer_with_session(&token)
authenticate_bearer_with_session(conn, &token).await
} else {
Ok(None)
}
@@ -181,52 +187,71 @@ fn auth_common(headers: &HeaderMap) -> (Option<String>, Option<String>) {
(basic_auth, bearer_auth)
}
fn authenticate_basic(credentials: &str) -> Result<Option<User>, AuthError> {
async fn authenticate_basic(
conn: &mut PgConnection,
credentials: &str,
) -> Result<Option<User>, AuthError> {
let decoded = BASE64_STANDARD.decode(credentials)?;
let credentials_str = String::from_utf8(decoded)?;
let Some((handle, password)) = credentials_str.split_once(':') else {
return Err(AuthError::InvalidFormat);
};
authenticate_via_credentials(handle, password)
authenticate_via_credentials(conn, handle, password).await
}
pub fn authenticate_via_credentials(
pub async fn authenticate_via_credentials(
conn: &mut PgConnection,
handle: &str,
password: &str,
) -> Result<Option<User>, AuthError> {
let conn = database::conn()?;
let user: Option<(Uuid, Option<String>)> = conn
.prepare("SELECT id, password FROM users WHERE handle = ?1")?
.query_row([handle], |r| Ok((r.get(0)?, r.get(1)?)))
.optional()?;
let row = sqlx::query("SELECT id, password FROM users WHERE handle = $1")
.bind(handle)
.fetch_optional(&mut *conn)
.await?;
match user {
Some((id, Some(passhash))) => match User::match_hash_password(password, &passhash)? {
true => Ok(Some(User::get_by_id(&conn, id)?)),
false => Err(AuthError::InvalidCredentials),
},
_ => {
match row {
Some(r) => {
let id: Uuid = r.try_get("id")?;
let passhash: Option<String> = r.try_get("password")?;
match passhash {
Some(p) => match User::match_hash_password(password, &p)? {
true => Ok(Some(User::get_by_id(conn, id).await?)),
false => Err(AuthError::InvalidCredentials),
},
None => {
let _ = User::match_hash_password(DUMMY_PASSWORD, &DUMMY_PASSWORD_PHC)?;
Err(AuthError::InvalidCredentials)
}
}
}
None => {
let _ = User::match_hash_password(DUMMY_PASSWORD, &DUMMY_PASSWORD_PHC)?;
Err(AuthError::InvalidCredentials)
}
}
}
fn authenticate_bearer(token: &str) -> Result<Option<User>, AuthError> {
let conn = database::conn().map_err(|e| DatabaseError::from(e))?;
let mut s = Session::get_by_token(&conn, token)?;
async fn authenticate_bearer(
conn: &mut PgConnection,
token: &str,
) -> Result<Option<User>, AuthError> {
let mut s = Session::get_by_token(&mut *conn, token).await?;
if s.is_expired_or_revoked() {
return Err(AuthError::InvalidCredentials);
}
s.prolong(&conn)?;
Ok(Some(User::get_by_id(&conn, s.user_id)?))
s.prolong(&mut *conn).await?;
Ok(Some(User::get_by_id(conn, s.user_id).await?))
}
fn authenticate_bearer_with_session(token: &str) -> Result<Option<Session>, AuthError> {
let conn = database::conn().map_err(|e| DatabaseError::from(e))?;
let mut s = Session::get_by_token(&conn, token)?;
async fn authenticate_bearer_with_session(
conn: &mut PgConnection,
token: &str,
) -> Result<Option<Session>, AuthError> {
let mut s = Session::get_by_token(&mut *conn, token).await?;
if s.is_expired_or_revoked() {
return Err(AuthError::InvalidCredentials);
}
s.prolong(&conn)?;
s.prolong(conn).await?;
Ok(Some(s))
}

12
src/users/auth/mod.rs
View File

@@ -16,14 +16,22 @@ pub mod implementation;
pub const COOKIE_NAME: &str = "mnemohash";
use sqlx::PgConnection;
pub trait UserAuthenticate {
fn authenticate(headers: &HeaderMap) -> Result<Option<User>, AuthError>;
async fn authenticate(
conn: &mut PgConnection,
headers: &HeaderMap,
) -> Result<Option<User>, AuthError>;
}
pub trait UserAuthRequired {
fn required(self) -> Result<User, AuthError>;
}
pub trait SessionAuthenticate {
fn authenticate(headers: &HeaderMap) -> Result<Option<Session>, AuthError>;
async fn authenticate(
conn: &mut PgConnection,
headers: &HeaderMap,
) -> Result<Option<Session>, AuthError>;
}
pub trait SessionAuthRequired {
fn required(self) -> Result<Session, AuthError>;

19
src/users/handle.rs
View File

@@ -1,12 +1,9 @@
use std::{fmt::Display, hash::Hash, ops::Deref, str::FromStr};
use rusqlite::{
Result as RusqliteResult,
types::{FromSql, FromSqlError, FromSqlResult, ToSql, ToSqlOutput, ValueRef},
};
use serde::{Deserialize, Serialize};
#[derive(Debug, Clone, Serialize, Deserialize)]
#[derive(Debug, Clone, Serialize, Deserialize, sqlx::Type)]
#[sqlx(transparent)]
#[serde(into = "String")]
#[serde(try_from = "String")]
pub struct UserHandle(String);
@@ -90,15 +87,3 @@ impl From<UserHandle> for String {
value.0
}
}
impl ToSql for UserHandle {
fn to_sql(&self) -> RusqliteResult<ToSqlOutput<'_>> {
self.0.to_sql()
}
}
impl FromSql for UserHandle {
fn column_result(value: ValueRef<'_>) -> FromSqlResult<Self> {
UserHandle::from_str(value.as_str()?).map_err(|e| FromSqlError::Other(Box::new(e)))
}
}

163
src/users/mod.rs
View File

@@ -3,8 +3,8 @@ use axum::{
response::{IntoResponse, Response},
};
use chrono::{DateTime, NaiveDate};
use rusqlite::{Connection, OptionalExtension, ffi::SQLITE_CONSTRAINT_UNIQUE};
use serde::{Deserialize, Serialize};
use sqlx::{PgConnection, Row};
use uuid::Uuid;
use crate::{
@@ -45,65 +45,87 @@ pub enum UserError {
}
impl User {
pub fn total_count(conn: &Connection) -> Result<i64, UserError> {
Ok(conn.query_row("SELECT COUNT(*) FROM users", (), |r| r.get(0))?)
pub async fn total_count(conn: &mut PgConnection) -> Result<i64, UserError> {
Ok(sqlx::query_scalar("SELECT COUNT(*) FROM users")
.fetch_one(conn)
.await?)
}
pub fn get_by_id(conn: &Connection, id: Uuid) -> Result<User, UserError> {
let res = conn
.prepare("SELECT handle FROM users WHERE id = ?1")?
.query_one((&id,), |r| {
pub async fn get_by_id(conn: &mut PgConnection, id: Uuid) -> Result<User, UserError> {
let res = sqlx::query("SELECT handle FROM users WHERE id = $1")
.bind(id)
.fetch_optional(conn)
.await?;
match res {
Some(r) => {
let handle_str: String = r.try_get("handle")?;
Ok(User {
id,
handle: r.get(0)?,
handle: UserHandle::new(&handle_str)?,
})
})
.optional()?;
match res {
Some(u) => Ok(u),
}
None => Err(UserError::NoUserWithId(id)),
}
}
pub fn get_by_handle(conn: &Connection, handle: UserHandle) -> Result<User, UserError> {
let res = conn
.prepare("SELECT id, handle FROM users WHERE handle = ?1")?
.query_one((&handle,), |r| {
Ok(User {
id: r.get(0)?,
handle: r.get(1)?,
})
})
.optional()?;
pub async fn get_by_handle(
conn: &mut PgConnection,
handle: UserHandle,
) -> Result<User, UserError> {
let res = sqlx::query("SELECT id FROM users WHERE handle = $1")
.bind(handle.as_str())
.fetch_optional(conn)
.await?;
match res {
Some(u) => Ok(u),
Some(r) => Ok(User {
id: r.try_get("id")?,
handle,
}),
None => Err(UserError::NoUserWithHandle(handle)),
}
}
pub fn get_all(conn: &Connection) -> Result<Vec<User>, UserError> {
Ok(conn
.prepare("SELECT id, handle FROM users")?
.query_map((), |r| {
Ok(User {
id: r.get(0)?,
handle: r.get(1)?,
})
})?
.collect::<Result<Vec<User>, _>>()?)
pub async fn get_all(conn: &mut PgConnection) -> Result<Vec<User>, UserError> {
let rows = sqlx::query("SELECT id, handle FROM users")
.fetch_all(conn)
.await?;
let mut users = Vec::with_capacity(rows.len());
for r in rows {
let handle_str: String = r.try_get("handle")?;
users.push(User {
id: r.try_get("id")?,
handle: UserHandle::new(&handle_str)?,
});
}
Ok(users)
}
pub fn create(conn: &Connection, handle: UserHandle) -> Result<User, UserError> {
pub async fn create(conn: &mut PgConnection, handle: UserHandle) -> Result<User, UserError> {
let id = Uuid::now_v7();
conn.prepare("INSERT INTO users(id, handle) VALUES (?1, ?2)")?
.execute((&id, &handle))?;
sqlx::query("INSERT INTO users(id, handle) VALUES ($1, $2)")
.bind(id)
.bind(handle.as_str())
.execute(conn)
.await?;
Ok(User { id, handle })
}
pub fn set_handle(
pub async fn set_handle(
&mut self,
conn: &Connection,
conn: &mut PgConnection,
new_handle: UserHandle,
) -> Result<(), UserError> {
conn.prepare("UPDATE users SET handle = ?1 WHERE id = ?2")?
.execute((&new_handle, self.id))?;
sqlx::query("UPDATE users SET handle = $1 WHERE id = $2")
.bind(new_handle.as_str())
.bind(self.id)
.execute(conn)
.await?;
self.handle = new_handle;
Ok(())
}
@@ -118,21 +140,26 @@ impl User {
// DANGEROUS: AUTH
impl User {
pub fn set_password(
pub async fn set_password(
&mut self,
conn: &Connection,
conn: &mut PgConnection,
passw: Option<&str>,
) -> Result<(), UserError> {
match passw {
None => {
conn.prepare("UPDATE users SET password = NULL WHERE id = ?1")?
.execute((self.id,))?;
sqlx::query("UPDATE users SET password = NULL WHERE id = $1")
.bind(self.id)
.execute(conn)
.await?;
Ok(())
}
Some(passw) => {
let hashed = User::hash_password(passw)?;
conn.prepare("UPDATE users SET password = ?1 WHERE id = ?2")?
.execute((hashed, self.id))?;
sqlx::query("UPDATE users SET password = $1 WHERE id = $2")
.bind(hashed)
.bind(self.id)
.execute(conn)
.await?;
Ok(())
}
}
@@ -148,14 +175,18 @@ impl User {
/// to do everything and probably should not be used as a regular account
/// due to the ramifications of compromise. But it could be used for that,
/// and have its name changed.
pub fn create_infradmin(conn: &Connection) -> Result<User, UserError> {
pub async fn create_infradmin(conn: &mut PgConnection) -> Result<User, UserError> {
let mut u = User {
id: Uuid::max(),
handle: UserHandle::new("Infradmin")?,
};
conn.prepare("INSERT INTO users(id, handle) VALUES (?1, ?2)")?
.execute((&u.id, &u.handle))?;
u.regenerate_infradmin_password(conn)?;
sqlx::query("INSERT INTO users(id, handle) VALUES ($1, $2)")
.bind(u.id)
.bind(u.handle.as_str())
.execute(&mut *conn)
.await?;
u.regenerate_infradmin_password(conn).await?;
Ok(u)
}
@@ -178,9 +209,12 @@ impl User {
/// to do everything and probably should not be used as a regular account
/// due to the ramifications of compromise. But it could be used for that,
/// and have its name changed.
pub fn regenerate_infradmin_password(&mut self, conn: &Connection) -> Result<(), UserError> {
pub async fn regenerate_infradmin_password(
&mut self,
conn: &mut PgConnection,
) -> Result<(), UserError> {
let passw = auth::generate_token(auth::TokenSize::Char16);
self.set_password(conn, Some(&passw))?;
self.set_password(conn, Some(&passw)).await?;
log::info!("[USERS] The infradmin account password has been (re)generated.");
log::info!("[USERS] Handle: {}", self.handle.as_str());
log::info!("[USERS] Password: {}", passw);
@@ -194,13 +228,16 @@ impl User {
/// for actions performed by Mnemosyne internally.
/// It shall not be available for log-in.
/// It should not have its name changed, and should be protected from that.
pub fn create_systemuser(conn: &Connection) -> Result<User, UserError> {
pub async fn create_systemuser(conn: &mut PgConnection) -> Result<User, UserError> {
let u = User {
id: Uuid::nil(),
handle: UserHandle::new("Mnemosyne")?,
};
conn.prepare("INSERT INTO users(id, handle) VALUES (?1, ?2)")?
.execute((&u.id, &u.handle))?;
sqlx::query("INSERT INTO users(id, handle) VALUES ($1, $2)")
.bind(u.id)
.bind(u.handle.as_str())
.execute(conn)
.await?;
Ok(u)
}
@@ -216,22 +253,24 @@ impl User {
}
}
impl From<rusqlite::Error> for UserError {
fn from(error: rusqlite::Error) -> Self {
if let rusqlite::Error::SqliteFailure(err, Some(msg)) = &error
&& err.extended_code == SQLITE_CONSTRAINT_UNIQUE
&& msg.contains("handle")
{
return UserError::HandleAlreadyExists;
impl From<sqlx::Error> for UserError {
fn from(error: sqlx::Error) -> Self {
if let sqlx::Error::Database(err) = &error {
// Check for Postgres unique constraint violation (code 23505)
if err.is_unique_violation() && err.message().contains("handle") {
return UserError::HandleAlreadyExists;
}
}
UserError::DatabaseError(DatabaseError::from(error))
}
}
impl From<argon2::password_hash::Error> for UserError {
fn from(err: argon2::password_hash::Error) -> Self {
UserError::PassHashError(err)
}
}
impl IntoResponse for UserError {
fn into_response(self) -> Response {
match self {

7
src/users/permissions.rs
View File

@@ -1,4 +1,4 @@
use rusqlite::Connection;
use sqlx::PgConnection;
use crate::{database::DatabaseError, users::User};
@@ -17,13 +17,14 @@ pub enum Permission {
RenameTags,
DeleteTags,
ChangePersonPrimaryName,
#[allow(unused)]
BrowseServerLogs,
}
impl User {
pub fn has_permission(
pub async fn has_permission(
&self,
#[allow(unused)] conn: &Connection,
#[allow(unused)] conn: &mut PgConnection,
#[allow(unused)] permission: Permission,
) -> Result<bool, DatabaseError> {
// Infradmin and systemuser have all permissions

152
src/users/sessions.rs
View File

@@ -3,9 +3,9 @@ use axum::{
response::{IntoResponse, Response},
};
use chrono::{DateTime, Duration, Utc};
use rusqlite::{Connection, OptionalExtension};
use serde::{Deserialize, Serialize};
use sha2::{Digest, Sha256};
use sqlx::{PgConnection, Row};
use uuid::Uuid;
use crate::{
@@ -46,11 +46,13 @@ pub enum SessionError {
#[error("No session found with provided token")]
NoSessionWithToken(String),
}
impl From<rusqlite::Error> for SessionError {
fn from(error: rusqlite::Error) -> Self {
impl From<sqlx::Error> for SessionError {
fn from(error: sqlx::Error) -> Self {
SessionError::DatabaseError(DatabaseError::from(error))
}
}
impl IntoResponse for SessionError {
fn into_response(self) -> Response {
match self {
@@ -70,55 +72,89 @@ impl IntoResponse for SessionError {
}
impl Session {
pub fn get_by_id(conn: &Connection, id: Uuid) -> Result<Session, SessionError> {
let res = conn
.prepare("SELECT user_id, expiry, revoked, revoked_at, revoked_by FROM sessions WHERE id = ?1")?
.query_one((&id,), |r| Ok(Session {
id,
user_id: r.get(0)?,
expiry: r.get(1)?,
status: match r.get::<_, bool>(2)? {
false => SessionStatus::Active,
true => {
SessionStatus::Revoked { revoked_at: r.get(3)?, revoked_by: r.get(4)? }
}
}
})).optional()?;
pub async fn get_by_id(conn: &mut PgConnection, id: Uuid) -> Result<Session, SessionError> {
let row = sqlx::query(
"SELECT user_id, expiry, revoked, revoked_at, revoked_by FROM sessions WHERE id = $1",
)
.bind(id)
.fetch_optional(conn)
.await?;
match res {
Some(s) => Ok(s),
match row {
Some(r) => {
let revoked: bool = r.try_get("revoked")?;
let status = if revoked {
SessionStatus::Revoked {
revoked_at: r.try_get("revoked_at")?,
revoked_by: r.try_get("revoked_by")?,
}
} else {
SessionStatus::Active
};
Ok(Session {
id,
user_id: r.try_get("user_id")?,
expiry: r.try_get("expiry")?,
status,
})
}
None => Err(SessionError::NoSessionWithId(id)),
}
}
pub fn get_by_token(conn: &Connection, token: &str) -> Result<Session, SessionError> {
let hashed = Sha256::digest(token.as_bytes()).to_vec();
let res = conn
.prepare("SELECT id, user_id, expiry, revoked, revoked_at, revoked_by FROM sessions WHERE token = ?1")?
.query_one((hashed,), |r| Ok(Session {
id: r.get(0)?,
user_id: r.get(1)?,
expiry: r.get(2)?,
status: match r.get::<_, bool>(3)? {
false => SessionStatus::Active,
true => {
SessionStatus::Revoked { revoked_at: r.get(4)?, revoked_by: r.get(5)? }
}
}
})).optional()?;
match res {
Some(s) => Ok(s),
pub async fn get_by_token(
conn: &mut PgConnection,
token: &str,
) -> Result<Session, SessionError> {
let hashed = Sha256::digest(token.as_bytes()).to_vec();
let row = sqlx::query(
"SELECT id, user_id, expiry, revoked, revoked_at, revoked_by FROM sessions WHERE token = $1",
)
.bind(&hashed)
.fetch_optional(conn)
.await?;
match row {
Some(r) => {
let revoked: bool = r.try_get("revoked")?;
let status = if revoked {
SessionStatus::Revoked {
revoked_at: r.try_get("revoked_at")?,
revoked_by: r.try_get("revoked_by")?,
}
} else {
SessionStatus::Active
};
Ok(Session {
id: r.try_get("id")?,
user_id: r.try_get("user_id")?,
expiry: r.try_get("expiry")?,
status,
})
}
None => Err(SessionError::NoSessionWithToken(token.to_string())),
}
}
pub fn new_for_user(conn: &Connection, user: &User) -> Result<(Session, String), SessionError> {
pub async fn new_for_user(
conn: &mut PgConnection,
user: &User,
) -> Result<(Session, String), SessionError> {
let id = Uuid::now_v7();
let token = auth::generate_token(auth::TokenSize::Char64);
let hashed = Sha256::digest(token.as_bytes()).to_vec();
let expiry = Utc::now() + Session::DEFAULT_PROLONGATION;
conn.prepare("INSERT INTO sessions(id, token, user_id, expiry) VALUES (?1, ?2, ?3, ?4)")?
.execute((&id, &hashed, user.id, expiry))?;
sqlx::query("INSERT INTO sessions(id, token, user_id, expiry) VALUES ($1, $2, $3, $4)")
.bind(id)
.bind(hashed)
.bind(user.id)
.bind(expiry)
.execute(conn)
.await?;
let s = Session {
id,
user_id: user.id,
@@ -130,7 +166,8 @@ impl Session {
pub const DEFAULT_PROLONGATION: Duration = Duration::days(14);
const PROLONGATION_THRESHOLD: Duration = Duration::hours(2);
pub fn prolong(&mut self, conn: &Connection) -> Result<(), SessionError> {
pub async fn prolong(&mut self, conn: &mut PgConnection) -> Result<(), SessionError> {
if self.expiry - Session::DEFAULT_PROLONGATION + Session::PROLONGATION_THRESHOLD
> Utc::now()
{
@@ -138,22 +175,37 @@ impl Session {
}
let expiry = Utc::now() + Session::DEFAULT_PROLONGATION;
conn.prepare("UPDATE sessions SET expiry = ?1 WHERE id = ?2")?
.execute((&expiry, &self.id))?;
sqlx::query("UPDATE sessions SET expiry = $1 WHERE id = $2")
.bind(expiry)
.bind(self.id)
.execute(conn)
.await?;
self.expiry = expiry;
Ok(())
}
pub fn revoke(&mut self, conn: &Connection, actor: Option<&User>) -> Result<(), SessionError> {
pub async fn revoke(
&mut self,
conn: &mut PgConnection,
actor: Option<&User>,
) -> Result<(), SessionError> {
let now = Utc::now();
let id = actor.map(|u| u.id).unwrap_or(Uuid::nil());
conn.prepare(
"UPDATE sessions SET revoked = ?1, revoked_at = ?2, revoked_by = ?3 WHERE id = ?4",
)?
.execute((&true, &now, &id, &self.id))?;
let actor_id = actor.map(|u| u.id).unwrap_or(Uuid::nil());
sqlx::query(
"UPDATE sessions SET revoked = $1, revoked_at = $2, revoked_by = $3 WHERE id = $4",
)
.bind(true)
.bind(now)
.bind(actor_id)
.bind(self.id)
.execute(conn)
.await?;
self.status = SessionStatus::Revoked {
revoked_at: now,
revoked_by: id,
revoked_by: actor_id,
};
Ok(())
}
@@ -165,9 +217,11 @@ impl Session {
let timestamp = self.id.get_timestamp().unwrap().to_unix();
DateTime::from_timestamp_secs(timestamp.0 as i64).unwrap()
}
pub fn is_expired_or_revoked(&self) -> bool {
self.is_expired() || self.status.is_revoked()
}
pub fn is_expired(&self) -> bool {
self.expiry <= Utc::now()
}

49
src/users/setup.rs
View File

@@ -1,40 +1,37 @@
use rusqlite::OptionalExtension;
use sqlx::PgPool;
use uuid::Uuid;
use crate::{
database,
logs::{LogAction, LogEntry},
users::{User, UserError},
};
pub fn initialise_reserved_users_if_needed() -> Result<(), UserError> {
let mut conn = database::conn()?;
let tx = conn.transaction()?;
pub async fn initialise_reserved_users_if_needed(pool: &PgPool) -> Result<(), UserError> {
let mut tx = pool.begin().await?;
if tx
.prepare("SELECT handle FROM users WHERE id = ?1")?
.query_one((&Uuid::nil(),), |_| Ok(()))
.optional()?
.is_none()
{
let u = User::create_systemuser(&tx)?;
LogEntry::new(&tx, u, LogAction::Initialize)?;
let systemuser_exists = sqlx::query("SELECT handle FROM users WHERE id = $1")
.bind(Uuid::nil())
.fetch_optional(&mut *tx)
.await?
.is_some();
if !systemuser_exists {
let u = User::create_systemuser(&mut *tx).await?;
LogEntry::new(&mut *tx, u, LogAction::Initialize).await?;
}
if tx
.prepare("SELECT handle FROM users WHERE id = ?1")?
.query_one((&Uuid::max(),), |_| Ok(()))
.optional()?
.is_none()
{
User::create_infradmin(&tx)?;
LogEntry::new(
&tx,
User::get_by_id(&tx, Uuid::nil())?,
LogAction::RegenInfradmin,
)?;
let infradmin_exists = sqlx::query("SELECT handle FROM users WHERE id = $1")
.bind(Uuid::max())
.fetch_optional(&mut *tx)
.await?
.is_some();
if !infradmin_exists {
User::create_infradmin(&mut *tx).await?;
let u = User::get_by_id(&mut *tx, Uuid::max()).await?;
LogEntry::new(&mut *tx, u, LogAction::RegenInfradmin).await?;
}
tx.commit()?;
tx.commit().await?;
Ok(())
}

6
src/web/components/quote.rs
View File

@@ -9,7 +9,9 @@ pub fn quote(quote: &Quote) -> Markup {
(PreEscaped(icons::QUOTE))
}
@for (i, line) in quote.lines.iter().enumerate() {
@let show_author = i == quote.lines.len()-1 || quote.lines[i+1].attribution.id != line.attribution.id;
@let is_last = i == quote.lines.len() - 1;
@let show_author = is_last || !line.attribution.iter().map(|a| a.id)
.eq(quote.lines[i + 1].attribution.iter().map(|a| a.id));
div class="mb-2" {
span class="flex flex-row gap-2 relative" {
span class="scale-x-[.65] scale-y-[.5] absolute opacity-[.3]"{
@@ -19,7 +21,7 @@ pub fn quote(quote: &Quote) -> Markup {
}
@if show_author {
p class="text-sm italic ml-3 flex flex-row gap-1.5 text-neutral-400" {
"" (line.attribution.name)
"" (line.attribution.iter().map(|a| a.name.clone()).collect::<Vec<_>>().join(", "))
}
}
}

1
src/web/icons/git-commit-vertical.svg Normal file
View File

@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-git-commit-vertical-icon lucide-git-commit-vertical"><path d="M12 3v6"/><circle cx="12" cy="12" r="3"/><path d="M12 15v6"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 332 B

1
src/web/icons/line-dot-right-horizontal.svg Normal file
View File

@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-line-dot-right-horizontal-icon lucide-line-dot-right-horizontal"><path d="M 3 12 L 15 12"/><circle cx="18" cy="12" r="3"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 331 B

2
src/web/icons/mod.rs
View File

@@ -8,8 +8,10 @@ pub const CLOCK: &str = include_str!("clock.svg");
pub const CONTACT: &str = include_str!("contact.svg");
pub const EYE: &str = include_str!("eye.svg");
pub const FILE_IMAGE: &str = include_str!("file-image.svg");
pub const GIT_COMMIT_VERTICAL: &str = include_str!("git-commit-vertical.svg");
pub const INFO: &str = include_str!("info.svg");
pub const LAYOUT_DASHBOARD: &str = include_str!("layout-dashboard.svg");
pub const LINE_DOT_RIGHT_HORIZONTAL: &str = include_str!("line-dot-right-horizontal.svg");
pub const LOG_OUT: &str = include_str!("log-out.svg");
pub const MAP_PIN: &str = include_str!("map-pin.svg");
pub const PEN: &str = include_str!("pen.svg");

20
src/web/mod.rs
View File

@@ -1,17 +1,14 @@
use axum::{
Router,
http::header,
response::{IntoResponse, Redirect, Response},
routing::get,
};
use axum::{Router, http::header, routing::get};
use crate::MnemoState;
mod components;
mod icons;
pub mod icons;
mod pages;
pub const CSS: &str = include_str!(concat!(env!("OUT_DIR"), "/styles.css"));
pub fn web_router() -> Router {
pub fn web_router() -> Router<MnemoState> {
Router::new()
.route(
"/styles.css",
@@ -19,10 +16,3 @@ pub fn web_router() -> Router {
)
.merge(pages::pages())
}
pub struct RedirectViaError(Redirect);
impl IntoResponse for RedirectViaError {
fn into_response(self) -> Response {
self.0.into_response()
}
}

42
src/web/pages/dashboard.rs
View File

@@ -1,9 +1,12 @@
use axum::extract::Request;
use axum::{
extract::{Request, State},
response::{IntoResponse, Redirect, Response},
};
use chrono::{DateTime, Utc};
use maud::{Markup, PreEscaped, html};
use maud::{PreEscaped, html};
use crate::{
database::{self},
MnemoState,
error::CompositeError,
persons::Person,
quotes::Quote,
@@ -21,19 +24,30 @@ const LINKS: &[(&str, &str, &str)] = &[
("Add Person", "/persons", icons::CONTACT),
];
pub async fn page(req: Request) -> Result<Markup, CompositeError> {
let u = User::authenticate(req.headers()).ok().flatten();
let conn = database::conn()?;
pub async fn page(
State(state): State<MnemoState>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => Some(u),
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let newest_quote = match u {
Some(_) => Quote::get_newest(&conn)?,
None => Quote::get_newest_public(&conn)?,
Some(_) => Quote::get_newest(&mut *conn).await?,
None => Quote::get_newest_public(&mut *conn).await?,
};
let random_quote = match u {
Some(_) => Quote::get_random(&conn)?,
Some(_) => Quote::get_random(&mut *conn).await?,
None => None,
};
let quote_count = Quote::total_count(&mut *conn).await;
let person_count = Person::total_count(&mut *conn).await;
let tag_count = Tag::total_count(&mut *conn).await;
let user_count = User::total_count(&mut *conn).await;
Ok(base(
"Dashboard | Mnemosyne",
html!(
@@ -79,25 +93,25 @@ pub async fn page(req: Request) -> Result<Markup, CompositeError> {
}
div class="mx-auto max-w-4xl px-2 mt-4 flex flex-row gap-2" {
(chip(html!({
@match Quote::total_count(&conn) {
@match quote_count {
Ok(count) => {(count) " QUOTES TOTAL"},
Err(_) => span class="text-red-400" {"QUOTE COUNT ERR"},
}
})))
(chip(html!({
@match Person::total_count(&conn) {
@match person_count {
Ok(count) => {(count) " PERSONS TOTAL"},
Err(_) => span class="text-red-400" {"PERSON COUNT ERR"},
}
})))
(chip(html!({
@match Tag::total_count(&conn) {
@match tag_count {
Ok(count) => {(count) " TAGS TOTAL"},
Err(_) => span class="text-red-400" {"TAG COUNT ERR"}
}
})))
(chip(html!({
@match User::total_count(&conn) {
@match user_count {
Ok(count) => {(count) " USERS TOTAL"},
Err(_) => span class="text-red-400" {"USER COUNT ERR"}
}
@@ -106,7 +120,7 @@ pub async fn page(req: Request) -> Result<Markup, CompositeError> {
div class="text-4xl xs:text-6xl sm:text-8xl text-neutral-800/25 mt-16 text-center font-semibold font-lora select-none" {"Mnemosyne"}
),
))
).into_response())
}
fn format_time_ago(dt: DateTime<Utc>) -> String {

4
src/web/pages/index.rs
View File

@@ -1,7 +1,7 @@
use axum::response::{IntoResponse, Redirect, Response};
use crate::users::auth::AuthError;
use crate::error::CompositeError;
pub async fn page() -> Result<Response, AuthError> {
pub async fn page() -> Result<Response, CompositeError> {
Ok(Redirect::to("/dashboard").into_response())
}

18
src/web/pages/login.rs
View File

@@ -1,5 +1,5 @@
use axum::{
extract::{Query, Request},
extract::{Query, Request, State},
response::{IntoResponse, Redirect, Response},
};
use maud::{PreEscaped, html};
@@ -7,11 +7,10 @@ use rand::seq::IndexedRandom;
use serde::Deserialize;
use crate::{
MnemoState,
config::REFERENCE_SPLASHES,
users::{
User,
auth::{AuthError, UserAuthenticate},
},
error::CompositeError,
users::{User, auth::UserAuthenticate},
web::{components::marquee::marquee, icons, pages::base},
};
@@ -20,8 +19,13 @@ pub struct LoginMsg {
msg: Option<String>,
}
pub async fn page(Query(q): Query<LoginMsg>, req: Request) -> Result<Response, AuthError> {
let u = User::authenticate(req.headers())?;
pub async fn page(
State(state): State<MnemoState>,
Query(q): Query<LoginMsg>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = User::authenticate(&mut *conn, req.headers()).await?;
if u.is_some() {
return Ok(Redirect::to("/dashboard").into_response());
}

52
src/web/pages/logs.rs
View File

@@ -1,40 +1,42 @@
use axum::{
extract::{Query, Request},
extract::{Query, Request, State},
response::{IntoResponse, Redirect, Response},
};
use maud::{PreEscaped, html};
use serde::Deserialize;
use strum::IntoEnumIterator;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::LogEntry,
logs::{LogActionDiscriminant, LogEntry},
users::{User, auth::UserAuthenticate},
web::{components::nav::nav, icons, pages::base},
};
#[derive(Deserialize)]
pub struct PageQuery {
pub struct LogsPageQuery {
page: Option<i64>,
action: Option<LogActionDiscriminant>,
}
pub async fn page(
Query(query): Query<PageQuery>,
State(state): State<MnemoState>,
Query(query): Query<LogsPageQuery>,
req: Request,
) -> Result<Response, CompositeError> {
let u = match User::authenticate(req.headers())? {
let mut tx = state.pool.acquire().await?;
let u = match User::authenticate(&mut *tx, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let page = query.page.unwrap_or(1).max(1);
let per_page = 20;
let offset = (page - 1) * per_page;
let logs = LogEntry::get_chronological_offset(&tx, offset, per_page)?;
let total_logs = LogEntry::total_count(&tx)?;
let logs = LogEntry::get_chronological_offset(&mut *tx, query.action, offset, per_page).await?;
let total_logs = LogEntry::count(&mut *tx, query.action).await?;
let total_pages = (total_logs as f64 / per_page as f64).ceil() as i64;
Ok(base(
@@ -42,18 +44,31 @@ pub async fn page(
html!(
(nav(Some(&u), req.uri().path()))
@if true {//let Ok(true) = u.has_permission(&tx, Permission::BrowseServerLogs) {
@if true {//let Ok(true) = u.has_permission(&mut *tx, Permission::BrowseServerLogs) {
div class="max-w-4xl mx-auto px-2" {
div class="my-4" {
p class="flex items-center gap-2" {
span class="text-neutral-500" {(PreEscaped(icons::CLIPBOARD_CLOCK))}
span class="text-2xl font-semibold font-lora" {"Logs"}
}
p class="text-neutral-500 text-sm font-light" {
"Work in progress."
}
// abcdefghijklmnopqrstuvwxyz
div class="mb-4 flex flex-wrap gap-2 items-center justify-between" {
div class="text-sm text-neutral-400" {
"Showing " (total_logs) " logs"
}
select
class="bg-neutral-900 border border-neutral-200/25 rounded px-2 py-1 text-sm text-neutral-200"
onchange="window.location.search = this.value ? '?action=' + this.value : ''"
{
option value="" { "All Actions" }
@for action in LogActionDiscriminant::iter() {
@let act_str: &'static str = action.into();
option value=(act_str) selected[query.action == Some(action)] { (action.human_readable()) }
}
}
}
div class="w-full border border-neutral-200/25 rounded grid grid-cols-[auto_auto_1fr]" {
div class="w-full overflow-x-auto border border-neutral-200/25 rounded grid grid-cols-[auto_auto_1fr]" {
@for (txt, ico) in [("Timestamp", icons::CLOCK), ("Actor", icons::USER), ("Action", icons::PEN)] {
div class="p-2 flex gap-1 font-semibold border-b border-neutral-200/25" {
span class="text-neutral-500 scale-[.8]" {(PreEscaped(ico))}
@@ -76,9 +91,10 @@ pub async fn page(
div class="p-2 font-light" style=(s) {(log.data.get_humanreadable_payload())}
}
}
div class="flex justify-between items-center my-4 text-neutral-400" {
@let action_q = query.action.map(|a| { let s: &'static str = a.into(); format!("&action={s}") }).unwrap_or_default();
div class="flex flex-wrap gap-2 justify-between items-center my-4 text-neutral-400" {
@if page > 1 {
a href=(format!("/logs?page={}", (page - 1).max(1))) class="px-4 py-2 border border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-200/5 hover:bg-neutral-200/15 rounded" {
a href=(format!("/logs?page={}{}", (page - 1).max(1), action_q)) class="px-4 py-2 border border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-200/5 hover:bg-neutral-200/15 rounded" {
"Previous"
}
} @else {
@@ -86,11 +102,11 @@ pub async fn page(
}
span {
"Page " (page) " of " (total_pages)
"Page " (page) " of " (total_pages.max(1))
}
@if page < total_pages {
a href=(format!("/logs?page={}", page + 1)) class="px-4 py-2 border border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-200/5 hover:bg-neutral-200/15 rounded" {
a href=(format!("/logs?page={}{}", page + 1, action_q)) class="px-4 py-2 border border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-200/5 hover:bg-neutral-200/15 rounded" {
"Next"
}
} @else {

4
src/web/pages/mod.rs
View File

@@ -4,6 +4,8 @@ use axum::{
};
use maud::{DOCTYPE, Markup, html};
use crate::MnemoState;
pub mod dashboard;
pub mod index;
pub mod login;
@@ -15,7 +17,7 @@ pub mod tags;
pub mod users;
pub mod usersettings;
pub fn pages() -> Router {
pub fn pages() -> Router<MnemoState> {
Router::new()
.route("/", get(index::page))
.route("/login", get(login::page))

11
src/web/pages/notfound.rs
View File

@@ -1,14 +1,19 @@
use axum::extract::Request;
use axum::extract::{Request, State};
use maud::{Markup, html};
use crate::{
MnemoState,
error::CompositeError,
users::{User, auth::UserAuthenticate},
web::{components::nav::nav, pages::base},
};
pub async fn page(req: Request) -> Result<Markup, CompositeError> {
let u = User::authenticate(req.headers()).ok().flatten();
pub async fn page(State(state): State<MnemoState>, req: Request) -> Result<Markup, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = User::authenticate(&mut *conn, req.headers())
.await
.ok()
.flatten();
Ok(base(
"Not Found | Mnemosyne",
html!(

52
src/web/pages/persons.rs
View File

@@ -1,6 +1,7 @@
use axum::{
Form,
extract::Request,
extract::State,
http::HeaderMap,
response::{IntoResponse, Redirect, Response},
};
@@ -8,26 +9,38 @@ use maud::{PreEscaped, html};
use serde::Deserialize;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
persons::Person,
users::{
User,
auth::{AuthError, UserAuthRequired, UserAuthenticate},
auth::{UserAuthRequired, UserAuthenticate},
},
web::{components::nav::nav, icons, pages::base},
};
pub mod profile;
pub async fn page(req: Request) -> Result<Response, AuthError> {
let u = match User::authenticate(req.headers())? {
pub async fn page(
State(state): State<MnemoState>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let total_count = Person::total_count(&mut *conn).await;
let persons_res = Person::get_all(&mut *conn).await;
let mut person_counts = vec![];
if let Ok(ref persons) = persons_res {
for p in persons {
person_counts.push(p.get_in_quote_count(&mut *conn).await);
}
}
Ok(base(
"Persons | Mnemosyne",
@@ -40,30 +53,28 @@ pub async fn page(req: Request) -> Result<Response, AuthError> {
span class="text-2xl font-semibold font-lora" {"Persons"}
}
p class="text-neutral-500 text-sm font-light" {
@if let Ok(c) = Person::total_count(&tx) {
@if let Ok(c) = total_count {
(c) " persons in total."
} @else {
"Could not get total person count."
}
}
}
@if let Ok(persons) = Person::get_all(&tx) {
@if let Ok(persons) = persons_res {
div class="max-w-4xl mx-auto px-2 mt-4 flex flex-wrap gap-2" {
@for person in &persons {
@for (idx, person) in persons.iter().enumerate() {
a href={"/persons/"(person.id)} class="rounded px-4 py-2 bg-neutral-200/5 hover:bg-neutral-200/10 border border-neutral-200/25 hover:border-neutral-200/25 flex items-center" {
span class="text-neutral-400 mr-1 scale-125" {"~"}
span class="text-sm" {(person.primary_name)}
div class="w-px h-2/3 my-auto mx-2 bg-neutral-200/15" {}
div class="text-xs flex items-center" {
(
if let Ok(i) = person.get_in_quote_count(&tx) {
if let Ok(i) = person_counts[idx] {
i.to_string()
} else {
"?".to_string()
}
) span class="*:size-3 ml-1 text-neutral-400" {(PreEscaped(icons::SCROLL_TEXT))}
// div class="ml-2" {}
// "4" span class="*:size-3 ml-1 text-neutral-400" {(PreEscaped(icons::FILE_IMAGE))}
}
}
}
@@ -72,7 +83,7 @@ pub async fn page(req: Request) -> Result<Response, AuthError> {
p class="text-center p-2" {"No persons yet."}
}
div class="mx-auto max-w-4xl mt-4 px-2" {
h3 class="font-lora font-semibold text-xl" {"Add new person"}
h3 class="font-lora font-semibold text-xl mb-1" {"Add new person"}
form action="/persons/create" method="post" {
label for="primary_name" class="text-neutral-500 font-light mt-2" {"Primary Name"}
div class="flex gap-2" {
@@ -96,22 +107,23 @@ pub struct PersonNameForm {
primary_name: String,
}
pub async fn create(
State(state): State<MnemoState>,
headers: HeaderMap,
Form(form): Form<PersonNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut *tx, &headers).await?.required()?;
let p = Person::create(&tx, form.primary_name, u.id)?;
let p = Person::create(&mut *tx, form.primary_name, u.id).await?;
LogEntry::new(
&tx,
&mut *tx,
u,
LogAction::CreatePerson {
id: p.id,
pname: p.primary_name,
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Redirect::to("/persons").into_response())
}

72
src/web/pages/persons/profile.rs
View File

@@ -1,6 +1,6 @@
use axum::{
Form,
extract::{Path, Request},
extract::{Path, Request, State},
http::HeaderMap,
response::{IntoResponse, Redirect, Response},
};
@@ -9,29 +9,45 @@ use serde::Deserialize;
use uuid::Uuid;
use crate::{
database,
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
persons::{Name, Person},
users::{
User,
auth::{AuthError, UserAuthRequired, UserAuthenticate},
auth::{UserAuthRequired, UserAuthenticate},
},
web::{components::nav::nav, pages::base},
};
pub async fn page(Path(id): Path<Uuid>, req: Request) -> Result<Response, AuthError> {
let u = match User::authenticate(req.headers())? {
pub async fn page(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let conn = database::conn()?;
let p = Person::get_by_id(&conn, id);
let p = Person::get_by_id(&mut *conn, id).await;
let title = match &p {
Ok(p) => format!("~{} | Mnemosyne", p.primary_name),
Err(_) => "Error! | Mnemosyne".into(),
};
let mut names_with_attribution = Vec::new();
let mut names_ok = false;
if let Ok(ref person) = p {
if let Ok(names) = person.get_all_names(&mut *conn).await {
names_ok = true;
for name in names {
let attr = name.times_attributed(&mut *conn).await.unwrap_or(0);
names_with_attribution.push((name, attr));
}
}
}
Ok(base(
&title,
html!(
@@ -46,14 +62,14 @@ pub async fn page(Path(id): Path<Uuid>, req: Request) -> Result<Response, AuthEr
div {
h2 class="text-lg font-semibold font-lora mb-2 text-neutral-300" {"Names"}
div class="flex flex-wrap gap-2 mb-4" {
@if let Ok(names) = p.get_all_names(&conn) {
@for name in &names {
@if names_ok {
@for (name, attr) in names_with_attribution {
div class="rounded px-3 py-1 bg-neutral-200/5 border border-neutral-200/10 text-sm flex items-center gap-2" {
(name.name)
@if name.is_primary {
span class="text-xs text-neutral-500" {"(primary)"}
}
@if let Ok(0) = name.times_attributed(&conn) && !name.is_primary {
@if attr == 0 && !name.is_primary {
form action=(format!("/names/{}/delete", name.id)) method="post" class="flex items-center ml-1" {
button type="submit" class="text-neutral-500 hover:text-red-400 flex items-center justify-center cursor-pointer" title="Delete" {
""
@@ -91,19 +107,19 @@ pub struct AddNameForm {
}
pub async fn add_name(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
Form(form): Form<AddNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut *tx, &headers).await?.required()?;
let p = Person::get_by_id(&tx, id)?;
let n = p.add_name(&tx, form.name, u.id)?;
let p = Person::get_by_id(&mut *tx, id).await?;
let n = p.add_name(&mut *tx, form.name, u.id).await?;
LogEntry::new(
&tx,
&mut *tx,
u,
LogAction::AddPersonName {
pid: p.id,
@@ -111,28 +127,29 @@ pub async fn add_name(
pn: p.primary_name,
nn: n.name,
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Redirect::to(&format!("/persons/{}", p.id)).into_response())
}
pub async fn delete_name(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut *tx, &headers).await?.required()?;
let n = Name::get_by_id(&tx, id)?;
let p = Person::get_by_id(&tx, n.person_id)?;
let n = Name::get_by_id(&mut *tx, id).await?;
let p = Person::get_by_id(&mut *tx, n.person_id).await?;
let nn = n.name.clone();
n.delete(&tx)?;
n.delete(&mut *tx).await?;
LogEntry::new(
&tx,
&mut *tx,
u,
LogAction::DeletePersonName {
pid: p.id,
@@ -140,8 +157,9 @@ pub async fn delete_name(
pn: p.primary_name,
n: nn,
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Redirect::to(&format!("/persons/{}", p.id)).into_response())
}

39
src/web/pages/quotes.rs
View File

@@ -1,12 +1,12 @@
use axum::{
extract::{Query, Request},
extract::{Query, Request, State},
response::{IntoResponse, Redirect, Response},
};
use maud::{PreEscaped, html};
use serde::Deserialize;
use crate::{
database,
MnemoState,
error::CompositeError,
quotes::Quote,
users::{User, auth::UserAuthenticate},
@@ -22,26 +22,41 @@ pub mod add;
#[derive(Deserialize)]
pub struct PageQuery {
page: Option<i64>,
s: Option<String>,
}
pub async fn page(
State(state): State<MnemoState>,
Query(query): Query<PageQuery>,
req: Request,
) -> Result<Response, CompositeError> {
let u = match User::authenticate(req.headers())? {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let conn = database::conn()?;
let page = query.page.unwrap_or(1).max(1);
let per_page = 10;
let offset = (page - 1) * per_page;
let quotes = Quote::get_chronological_offset(&conn, offset, per_page)?;
let total_quotes = Quote::total_count(&conn)?;
let search = query.s.as_deref().unwrap_or("");
let quotes = match search {
"" => Quote::get_chronological_offset(&mut *conn, offset, per_page).await?,
_ => Quote::get_by_search_query(&mut *conn, search, offset, per_page).await?,
};
let total_quotes = match search {
"" => Quote::total_count(&mut *conn).await?,
_ => Quote::search_query_count(&mut *conn, search).await?,
};
let total_pages = (total_quotes as f64 / per_page as f64).ceil() as i64;
let s_qs = if search.is_empty() {
String::new()
} else {
format!("&s={}", search)
};
Ok(base(
"Quotes | Mnemosyne",
html!(
@@ -58,8 +73,10 @@ pub async fn page(
span class="text-neutral-300 group-hover:text-neutral-200" {"Add quote"}
}
}
input class="border w-full border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-950/50 p-2 rounded"
placeholder="Search not yet implemented.";
form method="get" action="/quotes" {
input type="text" name="s" class="border w-full border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-950/50 p-2 rounded"
placeholder="Search quotes..." value={(search)};
}
div class="my-2 w-full" {
p class="ml-auto w-fit text-neutral-500 text-sm flex items-center" {
span class="scale-[.6]" {(PreEscaped(icons::CALENDAR_ARROW_DOWN))}
@@ -73,7 +90,7 @@ pub async fn page(
div class="flex justify-between items-center mt-4 text-neutral-400" {
@if page > 1 {
a href=(format!("/quotes?page={}", (page - 1).min(1))) class="px-4 py-2 border border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-200/5 hover:bg-neutral-200/15 rounded" {
a href=(format!("/quotes?page={}{}", (page - 1).max(1), s_qs)) class="px-4 py-2 border border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-200/5 hover:bg-neutral-200/15 rounded" {
"Previous"
}
} @else {
@@ -81,11 +98,11 @@ pub async fn page(
}
span {
"Page " (page) " of " (total_pages)
"Page " (page) " of " (total_pages.max(1))
}
@if page < total_pages {
a href=(format!("/quotes?page={}", page + 1)) class="px-4 py-2 border border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-200/5 hover:bg-neutral-200/15 rounded" {
a href=(format!("/quotes?page={}{}", page + 1, s_qs)) class="px-4 py-2 border border-neutral-200/25 hover:border-neutral-200/45 bg-neutral-200/5 hover:bg-neutral-200/15 rounded" {
"Next"
}
} @else {

56
src/web/pages/quotes/add.rs
View File

@@ -1,17 +1,16 @@
use axum::{
extract::Request,
extract::{Request, State},
http::HeaderMap,
response::{IntoResponse, Redirect, Response},
};
use axum_extra::extract::Form;
use chrono::{TimeZone, Utc};
use chrono_tz::Europe::Warsaw;
use chrono::NaiveDateTime;
use maud::{Markup, PreEscaped, html};
use serde::Deserialize;
use uuid::Uuid;
use crate::{
database,
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
persons::Name,
@@ -26,13 +25,16 @@ use crate::{
const LINE_ADD_RM_SCRIPT: &str = include_str!("line-add-rm.js");
const PREFILL_TIME_SCRIPT: &str = include_str!("prefill-time.js");
pub async fn page(req: Request) -> Result<Response, CompositeError> {
let u = match User::authenticate(req.headers())? {
pub async fn page(
State(state): State<MnemoState>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let conn = database::conn()?;
let names = Name::get_all(&conn)?;
let names = Name::get_all(&mut *conn).await?;
Ok(base(
"Add Quote | Mnemosyne",
@@ -137,30 +139,32 @@ pub struct IncomingQuote {
authors: Vec<Uuid>,
location: String,
time: String,
tz_offset: Option<i32>,
context: String,
}
pub async fn form(
State(state): State<MnemoState>,
headers: HeaderMap,
Form(form): Form<IncomingQuote>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut *tx, &headers).await?.required()?;
let authors = form
.authors
let mut authors = Vec::new();
for nid in form.authors {
authors.push(Name::get_by_id(&mut *tx, nid).await.unwrap());
}
let lines = form
.lines
.into_iter()
.map(|nid| Name::get_by_id(&tx, nid).unwrap());
let lines = form.lines.into_iter().zip(authors).collect();
let offset = form
.tz_offset
.and_then(|mins| chrono::FixedOffset::west_opt(mins * 60))
.unwrap_or_else(|| chrono::FixedOffset::west_opt(0).unwrap());
.zip(authors)
.map(|(l, a)| (l, vec![a]))
.collect();
let timestamp = match NaiveDateTime::parse_from_str(&form.time, "%Y-%m-%dT%H:%M") {
Ok(ts) => ts,
Err(_) => return Ok("Time was formatted wrong.".into_response()),
};
let timestamp = chrono::NaiveDateTime::parse_from_str(&form.time, "%Y-%m-%dT%H:%M")
.map(|ndt| offset.from_local_datetime(&ndt).unwrap())
.unwrap_or_else(|_| Utc::now().with_timezone(&Warsaw).fixed_offset());
let context = match form.context.trim() {
"" => None,
s => Some(s.to_string()),
@@ -170,9 +174,9 @@ pub async fn form(
s => Some(s.to_string()),
};
let q = Quote::create(&tx, lines, timestamp, context, location, u.id, false)?;
LogEntry::new(&tx, u, LogAction::CreateQuote { id: q.id })?;
tx.commit()?;
let q = Quote::create(&mut *tx, lines, timestamp, context, location, u.id, false).await?;
LogEntry::new(&mut *tx, u, LogAction::CreateQuote { id: q.id }).await?;
tx.commit().await?;
Ok(Redirect::to("/dashboard").into_response())
}

71
src/web/pages/tags.rs
View File

@@ -1,6 +1,6 @@
use axum::{
Form,
extract::{Path, Request},
extract::{Path, Request, State},
http::HeaderMap,
response::{IntoResponse, Redirect, Response},
};
@@ -9,23 +9,39 @@ use serde::Deserialize;
use uuid::Uuid;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
tags::{Tag, TagName},
users::{
User,
auth::{AuthError, UserAuthRequired, UserAuthenticate},
auth::{UserAuthRequired, UserAuthenticate},
},
web::{components::nav::nav, icons, pages::base},
};
pub async fn page(req: Request) -> Result<Response, AuthError> {
let u = match User::authenticate(req.headers())? {
pub async fn page(
State(state): State<MnemoState>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let conn = database::conn()?;
let total_tags = Tag::total_count(&mut *conn).await;
let mut tags_with_counts = Vec::new();
let tags = Tag::get_all(&mut *conn).await;
let mut is_tags_ok = false;
let mut is_tags_empty = true;
if let Ok(ts) = tags {
is_tags_ok = true;
is_tags_empty = ts.is_empty();
for tag in ts {
let count = tag.get_tagged_quotes_count(&mut *conn).await;
tags_with_counts.push((tag, count));
}
}
Ok(base(
"Tags | Mnemosyne",
@@ -38,23 +54,23 @@ pub async fn page(req: Request) -> Result<Response, AuthError> {
span class="text-2xl font-semibold font-lora" {"Tags"}
}
p class="text-neutral-500 text-sm font-light" {
@if let Ok(c) = Tag::total_count(&conn) {
@if let Ok(c) = total_tags {
(c) " tags in total."
} @else {
"Could not get total tag count."
}
}
}
@if let Ok(tags) = Tag::get_all(&conn) {
@if is_tags_ok {
div class="max-w-4xl mx-auto px-2 mt-4 flex flex-wrap gap-2" {
@for tag in &tags {
@for (tag, count) in tags_with_counts {
div class="rounded-full px-3 py-1 bg-neutral-200/10 border border-neutral-200/15 flex" {
span class="text-neutral-400 text-sm" {"#"}
span class="text-sm" {(tag.name)}
div class="w-px h-2/3 my-auto mx-2 bg-neutral-200/15" {}
div class="text-xs flex items-center" {
(
if let Ok(i) = tag.get_tagged_quotes_count(&conn) {
if let Ok(i) = &count {
i.to_string()
} else {
"?".to_string()
@@ -63,7 +79,7 @@ pub async fn page(req: Request) -> Result<Response, AuthError> {
// div class="ml-2" {}
// "0" span class="*:size-3 ml-1 text-neutral-400" {(PreEscaped(icons::FILE_IMAGE))}
}
@if let Ok(0) = tag.get_tagged_quotes_count(&conn) {
@if let Ok(0) = count {
form action=(format!("/tags/{}/delete", tag.id)) method="post" class="flex items-center ml-1" {
button type="submit" class="text-neutral-500 hover:text-red-400 text-sm flex items-center justify-center cursor-pointer" title="Delete" {
""
@@ -73,11 +89,11 @@ pub async fn page(req: Request) -> Result<Response, AuthError> {
}
}
}
@if tags.is_empty() {
@if is_tags_empty {
p class="text-center p-2" {"No tags yet. How about making one?"}
}
div class="mx-auto max-w-4xl mt-4 px-2" {
h3 class="font-lora font-semibold text-xl" {"Add new tag"}
h3 class="font-lora font-semibold text-xl mb-1" {"Add new tag"}
form action="/tags/create" method="post" {
label for="tagname" class="text-neutral-500 font-light mt-2" {"Tag Name"}
div class="flex gap-2" {
@@ -101,40 +117,41 @@ pub struct TagForm {
tagname: TagName,
}
pub async fn create(
State(state): State<MnemoState>,
headers: HeaderMap,
Form(form): Form<TagForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut *tx, &headers).await?.required()?;
let t = Tag::create(&tx, form.tagname)?;
let t = Tag::create(&mut *tx, form.tagname).await?;
LogEntry::new(
&tx,
&mut *tx,
u,
LogAction::CreateTag {
id: t.id,
name: t.name.to_string(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Redirect::to("/tags").into_response())
}
pub async fn delete_tag(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut *tx, &headers).await?.required()?;
let t = Tag::get_by_id(&tx, id)?;
let t = Tag::get_by_id(&mut *tx, id).await?;
let name = t.name.as_str().to_string();
t.delete(&tx)?;
t.delete(&mut *tx).await?;
LogEntry::new(&tx, u, LogAction::DeleteTag { id, name })?;
tx.commit()?;
LogEntry::new(&mut *tx, u, LogAction::DeleteTag { id, name }).await?;
tx.commit().await?;
Ok(Redirect::to("/tags").into_response())
}

27
src/web/pages/users.rs
View File

@@ -1,16 +1,13 @@
use axum::{
extract::Request,
extract::{Request, State},
response::{IntoResponse, Redirect, Response},
};
use maud::{PreEscaped, html};
use crate::{
database,
users::{
User,
auth::{AuthError, UserAuthenticate},
permissions::Permission,
},
MnemoState,
error::CompositeError,
users::{User, auth::UserAuthenticate, permissions::Permission},
web::{
components::{nav::nav, user_miniprofile::user_miniprofile},
icons,
@@ -21,13 +18,19 @@ use crate::{
pub mod create;
pub mod profile;
pub async fn page(req: Request) -> Result<Response, AuthError> {
let u = match User::authenticate(req.headers())? {
pub async fn page(
State(state): State<MnemoState>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let conn = database::conn()?;
let us = User::get_all(&conn);
let us = User::get_all(&mut *conn).await;
let can_create_users = u
.has_permission(&mut *conn, Permission::ManuallyCreateUsers)
.await;
Ok(base(
"Users | Mnemosyne",
@@ -45,7 +48,7 @@ pub async fn page(req: Request) -> Result<Response, AuthError> {
} @else {
"Could not fetch user count."
}
@if let Ok(true) = u.has_permission(&conn, Permission::ManuallyCreateUsers) {
@if let Ok(true) = can_create_users {
" "
a href="/users/create" class="text-blue-500 hover:text-blue-400 hover:underline" {
"Create a new user"

42
src/web/pages/users/create.rs
View File

@@ -1,6 +1,6 @@
use axum::{
Form,
extract::Request,
extract::{Request, State},
http::{HeaderMap, StatusCode},
response::{IntoResponse, Redirect, Response},
};
@@ -8,24 +8,30 @@ use maud::{PreEscaped, html};
use serde::Deserialize;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
users::{
User,
auth::{AuthError, UserAuthRequired, UserAuthenticate},
auth::{UserAuthRequired, UserAuthenticate},
handle::UserHandle,
permissions::Permission,
},
web::{components::nav::nav, icons, pages::base},
};
pub async fn page(req: Request) -> Result<Response, AuthError> {
let u = match User::authenticate(req.headers())? {
pub async fn page(
State(state): State<MnemoState>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let conn = database::conn()?;
let can_create = u
.has_permission(&mut *conn, Permission::ManuallyCreateUsers)
.await;
Ok(base(
"Create User | Mnemosyne",
@@ -38,7 +44,7 @@ pub async fn page(req: Request) -> Result<Response, AuthError> {
span class="text-2xl font-semibold font-lora" {"Create a new user"}
}
}
@if let Ok(true) = u.has_permission(&conn, Permission::ManuallyCreateUsers) {
@if let Ok(true) = can_create {
div class="mx-auto max-w-4xl px-2 mt-4" {
form action="/users/create-form" method="post" class="flex flex-col" {
label for="handle" class="font-light text-neutral-500" {"Handle"}
@@ -68,26 +74,30 @@ pub struct CreateUserWithPasswordForm {
password: String,
}
pub async fn create_user(
State(state): State<MnemoState>,
headers: HeaderMap,
Form(form): Form<CreateUserWithPasswordForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let u = User::authenticate(&mut *tx, &headers).await?.required()?;
if !u.has_permission(&tx, Permission::ManuallyCreateUsers)? {
if !u
.has_permission(&mut *tx, Permission::ManuallyCreateUsers)
.await?
{
return Ok((StatusCode::FORBIDDEN).into_response());
}
let mut nu = User::create(&tx, form.handle)?;
nu.set_password(&tx, Some(&form.password))?;
let mut nu = User::create(&mut *tx, form.handle).await?;
nu.set_password(&mut *tx, Some(&form.password)).await?;
LogEntry::new(
&tx,
&mut *tx,
u,
LogAction::CreateUser {
id: nu.id,
handle: nu.handle.as_str().to_string(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Redirect::to("/users").into_response())
}

91
src/web/pages/users/profile.rs
View File

@@ -1,16 +1,13 @@
use axum::{
extract::{Path, Request},
extract::{Path, Request, State},
response::{IntoResponse, Redirect, Response},
};
use chrono::{DateTime, Utc};
use maud::{PreEscaped, html};
use uuid::Uuid;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
persons::Name,
quotes::{Quote, QuoteLine},
users::{User, UserError, auth::UserAuthenticate},
web::{
components::{nav::nav, quote::quote},
@@ -19,15 +16,18 @@ use crate::{
},
};
pub async fn page(Path(id): Path<Uuid>, req: Request) -> Result<Response, CompositeError> {
let u = match User::authenticate(req.headers())? {
pub async fn page(
State(state): State<MnemoState>,
Path(id): Path<Uuid>,
req: Request,
) -> Result<Response, CompositeError> {
let mut tx = state.pool.acquire().await?;
let u = match User::authenticate(&mut *tx, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let user = match User::get_by_id(&tx, id) {
let user = match User::get_by_id(&mut *tx, id).await {
Ok(u) => u,
Err(UserError::NoUserWithId(_)) => {
return Ok(base(
@@ -65,7 +65,7 @@ pub async fn page(Path(id): Path<Uuid>, req: Request) -> Result<Response, Compos
.to_uppercase()
.to_string();
let joined_str = user.created_at().map(|d| d.format("%Y-%m-%d").to_string());
let sample_quotes = sample_quotes_for_display();
let sample_quotes = vec![];
Ok(base(
&format!("@{} | Mnemosyne", user.handle),
@@ -199,72 +199,3 @@ pub async fn page(Path(id): Path<Uuid>, req: Request) -> Result<Response, Compos
)
.into_response())
}
fn sample_quotes_for_display() -> Vec<Quote> {
vec![
Quote {
id: Uuid::now_v7(),
public: true,
location: Some(String::from("Poznań")),
context: Some(String::from("Wykład z językoznawstwa")),
created_by: Uuid::max(),
timestamp: DateTime::from(Utc::now()),
lines: vec![
QuoteLine {
id: Uuid::now_v7(),
content: String::from("Nie wiem, czy są tutaj osoby fanowskie zipline-ów?"),
attribution: Name {
id: Uuid::nil(),
created_by: Uuid::max(),
person_id: Uuid::now_v7(),
is_primary: true,
name: String::from("dr. Barbara Konat"),
},
},
QuoteLine {
id: Uuid::now_v7(),
content: String::from("Taka uprząż co robi pziuuum!"),
attribution: Name {
id: Uuid::nil(),
created_by: Uuid::max(),
person_id: Uuid::now_v7(),
is_primary: true,
name: String::from("dr. Barbara Konat"),
},
},
],
},
Quote {
id: Uuid::now_v7(),
public: true,
location: Some(String::from("Discord VC")),
context: Some(String::from("O narysowanej dziewczynie")),
created_by: Uuid::max(),
timestamp: DateTime::from(Utc::now()),
lines: vec![
QuoteLine {
id: Uuid::now_v7(),
content: String::from("Czy tu proporcje są zachowane?"),
attribution: Name {
id: Uuid::now_v7(),
created_by: Uuid::max(),
person_id: Uuid::now_v7(),
is_primary: true,
name: String::from("Adam"),
},
},
QuoteLine {
id: Uuid::now_v7(),
content: String::from("Adam, ona nie ma kolan."),
attribution: Name {
id: Uuid::nil(),
created_by: Uuid::max(),
person_id: Uuid::now_v7(),
is_primary: true,
name: String::from("Mollin"),
},
},
],
},
]
}

48
src/web/pages/usersettings.rs
View File

@@ -1,6 +1,6 @@
use axum::{
Form,
extract::Request,
extract::{Request, State},
http::HeaderMap,
response::{IntoResponse, Redirect, Response},
};
@@ -8,19 +8,23 @@ use maud::{PreEscaped, html};
use serde::Deserialize;
use crate::{
database::{self},
MnemoState,
error::CompositeError,
logs::{LogAction, LogEntry},
users::{
User,
auth::{AuthError, UserAuthRequired, UserAuthenticate},
auth::{UserAuthRequired, UserAuthenticate},
handle::UserHandle,
},
web::{components::nav::nav, icons, pages::base},
};
pub async fn page(req: Request) -> Result<Response, AuthError> {
let u = match User::authenticate(req.headers())? {
pub async fn page(
State(state): State<MnemoState>,
req: Request,
) -> Result<Response, CompositeError> {
let mut conn = state.pool.acquire().await?;
let u = match User::authenticate(&mut *conn, req.headers()).await? {
Some(u) => u,
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
};
@@ -77,25 +81,26 @@ pub struct HandleForm {
handle: UserHandle,
}
pub async fn change_handle(
State(state): State<MnemoState>,
headers: HeaderMap,
Form(form): Form<HandleForm>,
) -> Result<Response, CompositeError> {
let mut u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
let mut tx = state.pool.begin().await?;
let mut u = User::authenticate(&mut *tx, &headers).await?.required()?;
let oldhandle = u.handle.as_str().to_string();
u.set_handle(&tx, form.handle)?;
u.set_handle(&mut *tx, form.handle).await?;
LogEntry::new(
&tx,
&mut *tx,
u.clone(),
LogAction::ChangeUserHandle {
id: u.id,
old: oldhandle,
new: u.handle.as_str().to_string(),
},
)?;
tx.commit()?;
)
.await?;
tx.commit().await?;
Ok(Redirect::to("/user-settings").into_response())
}
@@ -104,13 +109,22 @@ pub struct PasswordForm {
password: String,
}
pub async fn change_password(
State(state): State<MnemoState>,
headers: HeaderMap,
Form(form): Form<PasswordForm>,
) -> Result<Response, CompositeError> {
let mut u = User::authenticate(&headers)?.required()?;
let mut conn = database::conn()?;
let tx = conn.transaction()?;
u.set_password(&tx, Some(&form.password))?;
tx.commit()?;
if form.password.trim().is_empty() {
return Ok((
axum::http::StatusCode::BAD_REQUEST,
"Password cannot be empty or consist only of whitespace.",
)
.into_response());
}
let mut tx = state.pool.begin().await?;
let mut u = User::authenticate(&mut *tx, &headers).await?.required()?;
u.set_password(&mut *tx, Some(&form.password)).await?;
tx.commit().await?;
Ok(Redirect::to("/user-settings").into_response())
}