Mirrors/writefreely
2
0
Fork 0
mirror of https://github.com/writefreely/writefreely synced 2024-11-10 11:24:13 +00:00
Code Issues Projects Releases Packages Wiki Activity
writefreely/database.go

2816 lines
86 KiB
Go
Raw Normal View History

Add copyright / license notices to .go files
2018-12-24 17:45:15 +00:00
/*
Change copyright notices to Musing Studio LLC A Bunch Tell is now Musing Studio.
2022-11-11 04:49:16 +00:00
* Copyright © 2018-2021 Musing Studio LLC.
Add copyright / license notices to .go files
2018-12-24 17:45:15 +00:00
*
* This file is part of WriteFreely.
*
* WriteFreely is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, included
* in the LICENSE file in this source code package.
*/
Fix spacing around copyright notices
2018-12-31 06:05:26 +00:00
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
package writefreely
import (
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
"context"
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
"database/sql"
"fmt"
Move fakeAPInstances to web-core/silobridge package This adds support for mentioning profiles on the following sites: - deviantart.com - facebook.com - flickr.com - github.com - instagram.com - reddit.com - wattpad.com - youtube.com
2020-08-13 16:33:35 +00:00
"github.com/writeas/web-core/silobridge"
Update repo URL to writefreely org From the writeas org on GitHub.
2021-04-06 21:24:07 +00:00
wf_db "github.com/writefreely/writefreely/db"
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
"net/http"
"strings"
"time"
"github.com/guregu/null"
"github.com/guregu/null/zero"
uuid "github.com/nu7hatch/gouuid"
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
"github.com/writeas/activityserve"
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
"github.com/writeas/impart"
"github.com/writeas/web-core/activitypub"
"github.com/writeas/web-core/auth"
"github.com/writeas/web-core/data"
"github.com/writeas/web-core/id"
"github.com/writeas/web-core/log"
"github.com/writeas/web-core/query"
Update repo URL to writefreely org From the writeas org on GitHub.
2021-04-06 21:24:07 +00:00
"github.com/writefreely/writefreely/author"
"github.com/writefreely/writefreely/config"
"github.com/writefreely/writefreely/key"
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
)
const (
mySQLErrDuplicateKey = 1062
Ignore "mix of collations" error on invite SELECT This adds the `isIgnorableError` method and calls it when error checking in `GetUserInvite()`, returning "not found" if the rror comes up.
2020-01-30 09:36:29 +00:00
mySQLErrCollationMix = 1267
Show 503 page on collections under high load This acknowledges "too many connections" and "max user connections" errors in MySQL and propagates the error up the chain so we can notify the user and return the correct HTTP code.
2020-03-18 20:14:05 +00:00
mySQLErrTooManyConns = 1040
mySQLErrMaxUserConns = 1203
Move NOW() calls to datastore.now() method Ref T529
2018-12-08 17:15:16 +00:00
driverMySQL = "mysql"
driverSQLite = "sqlite3"
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
)
Support building without SQLite support This adds a new `sqlite` build tag that you should include only if you want SQLite3 support built in. Both `make run` and `make release` create builds with SQLite included.
2019-01-03 22:57:06 +00:00
var (
SQLiteEnabled bool
)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
type writestore interface {
Support setting `description` on user registration
2021-06-07 18:53:22 +00:00
CreateUser(*config.Config, *User, string, string) error
Move key generation and Keychain to key pkg Ref T613
2019-06-13 14:14:35 +00:00
UpdateUserEmail(keys *key.Keychain, userID int64, email string) error
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
UpdateEncryptedUserEmail(int64, []byte) error
GetUserByID(int64) (*User, error)
GetUserForAuth(string) (*User, error)
GetUserForAuthByID(int64) (*User, error)
GetUserNameFromToken(string) (string, error)
GetUserDataFromToken(string) (int64, string, error)
GetAPIUser(header string) (*User, error)
GetUserID(accessToken string) int64
GetUserIDPrivilege(accessToken string) (userID int64, sudo bool)
DeleteToken(accessToken []byte) error
FetchLastAccessToken(userID int64) string
GetAccessToken(userID int64) (string, error)
GetTemporaryAccessToken(userID int64, validSecs int) (string, error)
GetTemporaryOneTimeAccessToken(userID int64, validSecs int, oneTime bool) (string, error)
CLI delete account by username and delete posts this changed the CLI flag to use the username instead of the userID leaving the underlying database function as is. also now posts are all deleted with no option to skip as this is likely never needed.
2019-11-05 17:14:20 +00:00
DeleteAccount(userID int64) error
Make App struct public
2019-05-12 20:55:30 +00:00
ChangeSettings(app *App, u *User, s *userSettings) error
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
ChangePassphrase(userID int64, sudo bool, curPass string, hashedPass []byte) error
fix missing collection hostname GetCollections and GetPublishableCollections now take a hostname parameter to allow setting the collecion hostname. All collections used in memory now have their hostname set.
2019-08-12 19:35:17 +00:00
GetCollections(u *User, hostName string) (*[]Collection, error)
GetPublishableCollections(u *User, hostName string) (*[]Collection, error)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
GetMeStats(u *User) userMeStats
Show instance stats on About page This also moves the stats database logic out of nodeinfo.go and into database.go.
2018-11-21 19:05:44 +00:00
GetTotalCollections() (int64, error)
GetTotalPosts() (int64, error)
Fix "Collection.hostName is empty!" log on Stats page Fixes #468
2021-06-25 16:39:59 +00:00
GetTopPosts(u *User, alias string, hostName string) (*[]PublicPost, error)
Limit initial draft post loading to 10 posts Ref T401
2020-07-30 20:28:21 +00:00
GetAnonymousPosts(u *User, page int) (*[]PublicPost, error)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
GetUserPosts(u *User) (*[]PublicPost, error)
Fix missing hostname when publishing via API This fixes a bug that occurred only when publishing via API and authenticating via token (rather than cookie). Previously, the instance's hostname wouldn't be added to the Collection that got passed around after retrieving the owned post, meaning an incomplete URL was returned in the API response, and federation failed due to the missing host.
2019-07-22 18:02:53 +00:00
CreateOwnedPost(post *SubmittedPost, accessToken, collAlias, hostName string) (*PublicPost, error)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
CreatePost(userID, collID int64, post *SubmittedPost) (*Post, error)
UpdateOwnedPost(post *AuthenticatedPost, userID int64) error
GetEditablePost(id, editToken string) (*PublicPost, error)
PostIDExists(id string) bool
GetPost(id string, collectionID int64) (*PublicPost, error)
GetOwnedPost(id string, ownerID int64) (*PublicPost, error)
GetPostProperty(id string, collectionID int64, property string) (interface{}, error)
Set default visibility in datastore.CreateCollection instead of updating it later. This is more correct behavior, prevents an additional query, and ensures that potential collection-creation when claiming posts also respects the default (which it didn't before). Ref T675
2019-08-07 20:20:32 +00:00
CreateCollectionFromToken(*config.Config, string, string, string) (*Collection, error)
CreateCollection(*config.Config, string, string, int64) (*Collection, error)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
GetCollectionBy(condition string, value interface{}) (*Collection, error)
GetCollection(alias string) (*Collection, error)
GetCollectionForPad(alias string) (*Collection, error)
Fill in remaining missing pieces - Database schema changes, removing obsolete custom domain-related code - Missing user structs - Setup verbiage changes - Missing routes - Missing error messages
2018-11-08 06:31:01 +00:00
GetCollectionByID(id int64) (*Collection, error)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
UpdateCollection(c *SubmittedCollection, alias string) error
DeleteCollection(alias string, userID int64) error
UpdatePostPinState(pinned bool, postID string, collID, ownerID, pos int64) error
GetLastPinnedPostPos(collID int64) int64
prevent future posts from showing in pins this changes GetPinnedPosts to accept an includeFutre bool, which returns future dated pinned posts when true.
2019-08-12 16:58:30 +00:00
GetPinnedPosts(coll *CollectionObj, includeFuture bool) (*[]PublicPost, error)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
RemoveCollectionRedirect(t *sql.Tx, alias string) error
GetCollectionRedirect(alias string) (new string)
IsCollectionAttributeOn(id int64, attr string) bool
CollectionHasAttribute(id int64, attr string) bool
CanCollect(cpr *ClaimPostRequest, userID int64) bool
AttemptClaim(p *ClaimPostRequest, query string, params []interface{}, slugIdx int) (sql.Result, error)
DispersePosts(userID int64, postIDs []string) (*[]ClaimPostResult, error)
Set default visibility in datastore.CreateCollection instead of updating it later. This is more correct behavior, prevents an additional query, and ensures that potential collection-creation when claiming posts also respects the default (which it didn't before). Ref T675
2019-08-07 20:20:32 +00:00
ClaimPosts(cfg *config.Config, userID int64, collAlias string, posts *[]ClaimPostRequest) (*[]ClaimPostResult, error)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
GetPostsCount(c *CollectionObj, includeFuture bool)
Link hashtags to Reader when Chorus mode enabled instead of linking to posts only on a user's blog. Ref T681
2019-08-07 13:26:07 +00:00
GetPosts(cfg *config.Config, c *Collection, page int, includeFuture, forceRecentFirst, includePinned bool) (*[]PublicPost, error)
GetPostsTagged(cfg *config.Config, c *Collection, tag string, page int, includeFuture bool) (*[]PublicPost, error)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
GetAPFollowers(c *Collection) (*[]RemoteUser, error)
GetAPActorKeys(collectionID int64) ([]byte, []byte)
Support user invites This includes: - A new `user_invites` config value that determines who can generate invite links - A new page for generating invite links, with new user navigation link - A new /invite/ path that allows anyone to sign up via unique invite link, even if registrations are closed - Tracking who (of registered users) has been invited by whom It requires an updated database with `writefreely --migrate` in order to work. This closes T556
2019-01-18 05:05:50 +00:00
CreateUserInvite(id string, userID int64, maxUses int, expires *time.Time) error
GetUserInvites(userID int64) (*[]Invite, error)
GetUserInvite(id string) (*Invite, error)
GetUsersInvitedCount(id string) int64
CreateInvitedUser(inviteID string, userID int64) error
Support editing About and Privacy pages from Admin panel This allows admin to edit these pages from the web, using Markdown. It also dynamically loads information on those pages now, and makes loading `pages` templates a little easier to find in the code / more explicit. It requires this new schema change: CREATE TABLE IF NOT EXISTS `appcontent` ( `id` varchar(36) NOT NULL, `content` mediumtext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `updated` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; This closes T533
2018-11-19 02:58:50 +00:00
Move instance page editing to dedicated section This adds a "Pages" section to the admin part of the site, and enables admins to edit the pre-defined About and Privacy pages there, instead of on the dashboard itself. It also restructures how these pages get sent around in the backend and lays the groundwork for dynamically adding static pages. The backend changes were made with more customization in mind, such as an instance-wide custom stylesheet (T563). Ref T566
2019-04-06 17:23:22 +00:00
GetDynamicContent(id string) (*instanceContent, error)
Support changing instance page titles Now admins can choose a title for their About and Privacy pages; now editable through the instance page editor. This adds `title` and `content_type` fields to the `appcontent` table, requiring a migration by running `writefreely --migrate` The content_type field specifies that items we're currently storing in this table are all "page"s; queries for fetching these have been updated to filter for this type. In the future, this field will be used to indicate when an item is a stylesheet (ref T563) or other supported type. Ref T566
2019-04-11 17:56:07 +00:00
UpdateDynamicContent(id, title, content, contentType string) error
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
GetAllUsers(page uint) (*[]User, error)
Add pager to admin user list This enables paging through the entire list of users. Ref T553
2019-01-05 14:37:53 +00:00
GetAllUsersCount() int64
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
GetUserLastPostTime(id int64) (*time.Time, error)
GetCollectionLastPostTime(id int64) (*time.Time, error)
Initialize db on single-user instance config This fixes the --config step so that when setting up a single-user instance for the first time (and creating the admin user as part of the process), the database is automatically initialized before creating that user. This removes the need for the --init-db command after --config when setting up single-user instances. It fixes #59: "no such table: users" error during the --config step on single-user instances that haven't previously run --init-db.
2019-01-13 14:08:47 +00:00
Code cleanup in prep for PR. T710
2019-12-30 18:32:06 +00:00
GetIDForRemoteUser(context.Context, string, string, string) (int64, error)
RecordRemoteUserID(context.Context, int64, string, string, string, string) error
Support OAuth registration with invite code This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered. It enables invite-only instances with OAuth-based registration.
2020-04-20 22:18:23 +00:00
ValidateOAuthState(context.Context, string) (string, string, int64, string, error)
GenerateOAuthState(context.Context, string, string, int64, string) (string, error)
Implemented oauth attach functionality, oauth detach functionality, and required data migration. T713
2020-01-15 18:16:59 +00:00
GetOauthAccounts(ctx context.Context, userID int64) ([]oauthAccountInfo, error)
RemoveOauth(ctx context.Context, userID int64, provider string, clientID string, remoteUserID string) error
Unit tests, integration testing, and code cleanup for oauth support. Part of T705.
2019-12-23 19:30:32 +00:00
Initialize db on single-user instance config This fixes the --config step so that when setting up a single-user instance for the first time (and creating the admin user as part of the process), the database is automatically initialized before creating that user. This removes the need for the --init-db command after --config when setting up single-user instances. It fixes #59: "no such table: users" error during the --config step on single-user instances that haven't previously run --init-db.
2019-01-13 14:08:47 +00:00
DatabaseInitialized() bool
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
type datastore struct {
*sql.DB
SQLite support added.
2018-12-01 18:07:25 +00:00
driverName string
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
Merging T705-oauth into T710-oauth-slack. T705,T710
2019-12-27 18:40:11 +00:00
var _ writestore = &datastore{}
Move NOW() calls to datastore.now() method Ref T529
2018-12-08 17:15:16 +00:00
func (db *datastore) now() string {
if db.driverName == driverSQLite {
Fix SQLite date format string The formatted string was invalid before, causing date parsing to fail. This fixes that. Ref T529
2018-12-08 17:28:52 +00:00
return "strftime('%Y-%m-%d %H:%M:%S','now')"
Move NOW() calls to datastore.now() method Ref T529
2018-12-08 17:15:16 +00:00
}
return "NOW()"
}
Fix pinned post content truncation with SQLite This extracts the LEFT/SUBSTR logic into its own datastore.clip() method that also works correctly with SQLite. Ref T529
2018-12-08 17:54:49 +00:00
func (db *datastore) clip(field string, l int) string {
if db.driverName == driverSQLite {
return fmt.Sprintf("SUBSTR(%s, 0, %d)", field, l)
}
return fmt.Sprintf("LEFT(%s, %d)", field, l)
}
Fix upsert queries on SQLite Ref T529
2018-12-08 17:58:45 +00:00
func (db *datastore) upsert(indexedCols ...string) string {
if db.driverName == driverSQLite {
// NOTE: SQLite UPSERT syntax only works in v3.24.0 (2018-06-04) or later
// Leaving this for whenever we can upgrade and include it in our binary
cc := strings.Join(indexedCols, ", ")
return "ON CONFLICT(" + cc + ") DO UPDATE SET"
}
return "ON DUPLICATE KEY UPDATE"
}
Add Reader section This adds a "Reader" section of the site for admins who want to enable it for their instance. That means visitors can go to /read and see who has publicly shared their writing. They can also follow all public posts via RSS by going to /read/feed/. Writers on an instance with this `local_timeline` setting enabled can publish to the timeline by going into their blog settings and choosing the "Public" visibility setting. The `local_timeline` feature is disabled by default, as is the Public setting on writer blogs. Enabling it adds a "Reader" navigation item and enables the reader endpoints. This feature will also consume more memory, as public posts are cached in memory for 10 minutes. These changes include code ported over from Read.Write.as, and thus include some experimental features like filtering public posts by tags and authors. These features aren't well-tested or complete. Closes T554
2018-12-10 21:02:42 +00:00
func (db *datastore) dateSub(l int, unit string) string {
if db.driverName == driverSQLite {
return fmt.Sprintf("DATETIME('now', '-%d %s')", l, unit)
}
return fmt.Sprintf("DATE_SUB(NOW(), INTERVAL %d %s)", l, unit)
}
Reduce db calls on normal invite-based signup This removes an unnecessary database call after creating a user, and documents `db.CreateUser()` to make it clear that extra calls are unnecessary.
2020-04-20 22:21:01 +00:00
// CreateUser creates a new user in the database from the given User, UPDATING it in the process with the user's ID.
Support setting `description` on user registration
2021-06-07 18:53:22 +00:00
func (db *datastore) CreateUser(cfg *config.Config, u *User, collectionTitle string, collectionDesc string) error {
Fix SQLite deadlock when creating user This avoids reading from the database after a transaction has been started in CreateUser(), fixing the deadlock that occurred before. Closes #53
2019-01-07 02:30:34 +00:00
if db.PostIDExists(u.Username) {
return impart.HTTPError{http.StatusConflict, "Invalid collection name."}
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// New users get a `users` and `collections` row.
t, err := db.Begin()
if err != nil {
return err
}
// 1. Add to `users` table
// NOTE: Assumes User's Password is already hashed!
SQLite support added.
2018-12-01 18:07:25 +00:00
res, err := t.Exec("INSERT INTO users (username, password, email) VALUES (?, ?, ?)", u.Username, u.HashedPass, u.Email)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
t.Rollback()
Fix duplicate key checks in SQLite Ref T529
2018-12-08 18:25:20 +00:00
if db.isDuplicateKeyErr(err) {
return impart.HTTPError{http.StatusConflict, "Username is already taken."}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
log.Error("Rolling back users INSERT: %v\n", err)
return err
}
u.ID, err = res.LastInsertId()
if err != nil {
t.Rollback()
log.Error("Rolling back after LastInsertId: %v\n", err)
return err
}
// 2. Create user's Collection
if collectionTitle == "" {
collectionTitle = u.Username
}
Support setting `description` on user registration
2021-06-07 18:53:22 +00:00
res, err = t.Exec("INSERT INTO collections (alias, title, description, privacy, owner_id, view_count) VALUES (?, ?, ?, ?, ?, ?)", u.Username, collectionTitle, collectionDesc, defaultVisibility(cfg), u.ID, 0)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
t.Rollback()
Fix duplicate key checks in SQLite Ref T529
2018-12-08 18:25:20 +00:00
if db.isDuplicateKeyErr(err) {
return impart.HTTPError{http.StatusConflict, "Username is already taken."}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
log.Error("Rolling back collections INSERT: %v\n", err)
return err
}
db.RemoveCollectionRedirect(t, u.Username)
err = t.Commit()
if err != nil {
t.Rollback()
log.Error("Rolling back after Commit(): %v\n", err)
return err
}
return nil
}
// FIXME: We're returning errors inconsistently in this file. Do we use Errorf
// for returned value, or impart?
Move key generation and Keychain to key pkg Ref T613
2019-06-13 14:14:35 +00:00
func (db *datastore) UpdateUserEmail(keys *key.Keychain, userID int64, email string) error {
encEmail, err := data.Encrypt(keys.EmailKey, email)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
return fmt.Errorf("Couldn't encrypt email %s: %s\n", email, err)
}
return db.UpdateEncryptedUserEmail(userID, encEmail)
}
func (db *datastore) UpdateEncryptedUserEmail(userID int64, encEmail []byte) error {
_, err := db.Exec("UPDATE users SET email = ? WHERE id = ?", encEmail, userID)
if err != nil {
return fmt.Errorf("Unable to update user email: %s", err)
}
return nil
}
Set default visibility in datastore.CreateCollection instead of updating it later. This is more correct behavior, prevents an additional query, and ensures that potential collection-creation when claiming posts also respects the default (which it didn't before). Ref T675
2019-08-07 20:20:32 +00:00
func (db *datastore) CreateCollectionFromToken(cfg *config.Config, alias, title, accessToken string) (*Collection, error) {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
userID := db.GetUserID(accessToken)
if userID == -1 {
return nil, ErrBadAccessToken
}
Set default visibility in datastore.CreateCollection instead of updating it later. This is more correct behavior, prevents an additional query, and ensures that potential collection-creation when claiming posts also respects the default (which it didn't before). Ref T675
2019-08-07 20:20:32 +00:00
return db.CreateCollection(cfg, alias, title, userID)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
func (db *datastore) GetUserCollectionCount(userID int64) (uint64, error) {
var collCount uint64
err := db.QueryRow("SELECT COUNT(*) FROM collections WHERE owner_id = ?", userID).Scan(&collCount)
switch {
case err == sql.ErrNoRows:
return 0, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve user from database."}
case err != nil:
log.Error("Couldn't get collections count for user %d: %v", userID, err)
return 0, err
}
return collCount, nil
}
Set default visibility in datastore.CreateCollection instead of updating it later. This is more correct behavior, prevents an additional query, and ensures that potential collection-creation when claiming posts also respects the default (which it didn't before). Ref T675
2019-08-07 20:20:32 +00:00
func (db *datastore) CreateCollection(cfg *config.Config, alias, title string, userID int64) (*Collection, error) {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if db.PostIDExists(alias) {
return nil, impart.HTTPError{http.StatusConflict, "Invalid collection name."}
}
// All good, so create new collection
Set default visibility in datastore.CreateCollection instead of updating it later. This is more correct behavior, prevents an additional query, and ensures that potential collection-creation when claiming posts also respects the default (which it didn't before). Ref T675
2019-08-07 20:20:32 +00:00
res, err := db.Exec("INSERT INTO collections (alias, title, description, privacy, owner_id, view_count) VALUES (?, ?, ?, ?, ?, ?)", alias, title, "", defaultVisibility(cfg), userID, 0)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
Fix duplicate key checks in SQLite Ref T529
2018-12-08 18:25:20 +00:00
if db.isDuplicateKeyErr(err) {
return nil, impart.HTTPError{http.StatusConflict, "Collection already exists."}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
log.Error("Couldn't add to collections: %v\n", err)
return nil, err
}
c := &Collection{
Alias: alias,
Title: title,
OwnerID: userID,
PublicOwner: false,
Return correct `public` state on collection creation (in returned JSON data) Ref T675
2019-08-07 20:22:35 +00:00
Public: defaultVisibility(cfg) == CollPublic,
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
c.ID, err = res.LastInsertId()
if err != nil {
log.Error("Couldn't get collection LastInsertId: %v\n", err)
}
return c, nil
}
func (db *datastore) GetUserByID(id int64) (*User, error) {
u := &User{ID: id}
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
err := db.QueryRow("SELECT username, password, email, created, status FROM users WHERE id = ?", id).Scan(&u.Username, &u.HashedPass, &u.Email, &u.Created, &u.Status)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
return nil, ErrUserNotFound
case err != nil:
log.Error("Couldn't SELECT user password: %v", err)
return nil, err
}
return u, nil
}
Rename Suspend status to Silence This changes all variables and functions from using Suspend{ed} to using Silence{d} as well as documentation, errors and logging.
2019-11-11 23:21:45 +00:00
// IsUserSilenced returns true if the user account associated with id is
// currently silenced.
func (db *datastore) IsUserSilenced(id int64) (bool, error) {
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
u := &User{ID: id}
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
err := db.QueryRow("SELECT status FROM users WHERE id = ?", id).Scan(&u.Status)
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
switch {
case err == sql.ErrNoRows:
Log user out when authenticated as deleted user Now when we check for the user at certain times and find that the user doesn't exist in the database, we log them out and send them back to the home page.
2021-06-27 21:57:07 +00:00
return false, ErrUserNotFound
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
case err != nil:
Rename Suspend status to Silence This changes all variables and functions from using Suspend{ed} to using Silence{d} as well as documentation, errors and logging.
2019-11-11 23:21:45 +00:00
log.Error("Couldn't SELECT user status: %v", err)
return false, fmt.Errorf("is user silenced: %v", err)
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
}
Rename UserSuspended to UserSilenced Some of the work needed to have the backend match user-facing wording. Ref T661
2019-11-11 15:40:16 +00:00
return u.IsSilenced(), nil
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// DoesUserNeedAuth returns true if the user hasn't provided any methods for
// authenticating with the account, such a passphrase or email address.
// Any errors are reported to admin and silently quashed, returning false as the
// result.
func (db *datastore) DoesUserNeedAuth(id int64) bool {
var pass, email []byte
// Find out if user has an email set first
Fill in remaining missing pieces - Database schema changes, removing obsolete custom domain-related code - Missing user structs - Setup verbiage changes - Missing routes - Missing error messages
2018-11-08 06:31:01 +00:00
err := db.QueryRow("SELECT password, email FROM users WHERE id = ?", id).Scan(&pass, &email)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
// ERROR. Don't give false positives on needing auth methods
return false
case err != nil:
// ERROR. Don't give false positives on needing auth methods
log.Error("Couldn't SELECT user %d from users: %v", id, err)
return false
}
// User doesn't need auth if there's an email
return len(email) == 0 && len(pass) == 0
}
func (db *datastore) IsUserPassSet(id int64) (bool, error) {
var pass []byte
Fill in remaining missing pieces - Database schema changes, removing obsolete custom domain-related code - Missing user structs - Setup verbiage changes - Missing routes - Missing error messages
2018-11-08 06:31:01 +00:00
err := db.QueryRow("SELECT password FROM users WHERE id = ?", id).Scan(&pass)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
return false, nil
case err != nil:
log.Error("Couldn't SELECT user %d from users: %v", id, err)
return false, err
}
return len(pass) > 0, nil
}
func (db *datastore) GetUserForAuth(username string) (*User, error) {
u := &User{Username: username}
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
err := db.QueryRow("SELECT id, password, email, created, status FROM users WHERE username = ?", username).Scan(&u.ID, &u.HashedPass, &u.Email, &u.Created, &u.Status)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
Support fuzzy username matching on login This allows logging in with a non-normalized username.
2018-11-10 02:55:35 +00:00
// Check if they've entered the wrong, unnormalized username
username = getSlug(username, "")
if username != u.Username {
err = db.QueryRow("SELECT id FROM users WHERE username = ? LIMIT 1", username).Scan(&u.ID)
if err == nil {
return db.GetUserForAuth(username)
}
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
return nil, ErrUserNotFound
case err != nil:
log.Error("Couldn't SELECT user password: %v", err)
return nil, err
}
return u, nil
}
func (db *datastore) GetUserForAuthByID(userID int64) (*User, error) {
u := &User{ID: userID}
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
err := db.QueryRow("SELECT id, password, email, created, status FROM users WHERE id = ?", u.ID).Scan(&u.ID, &u.HashedPass, &u.Email, &u.Created, &u.Status)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
return nil, ErrUserNotFound
case err != nil:
log.Error("Couldn't SELECT userForAuthByID: %v", err)
return nil, err
}
return u, nil
}
func (db *datastore) GetUserNameFromToken(accessToken string) (string, error) {
t := auth.GetToken(accessToken)
if len(t) == 0 {
return "", ErrNoAccessToken
}
var oneTime bool
var username string
Fix #96 This solves the error 500 on the /api/me endpoint. Replace token search query `=` with `LIKE` to fix sqlite complaining about no valid tokens. Also checked with MySQL and it still works after the change.
2019-06-09 21:43:19 +00:00
err := db.QueryRow("SELECT username, one_time FROM accesstokens LEFT JOIN users ON user_id = id WHERE token LIKE ? AND (expires IS NULL OR expires > "+db.now()+")", t).Scan(&username, &oneTime)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
return "", ErrBadAccessToken
case err != nil:
return "", ErrInternalGeneral
}
// Delete token if it was one-time
if oneTime {
db.DeleteToken(t[:])
}
return username, nil
}
func (db *datastore) GetUserDataFromToken(accessToken string) (int64, string, error) {
t := auth.GetToken(accessToken)
if len(t) == 0 {
return 0, "", ErrNoAccessToken
}
var userID int64
var oneTime bool
var username string
Fix #96 This solves the error 500 on the /api/me endpoint. Replace token search query `=` with `LIKE` to fix sqlite complaining about no valid tokens. Also checked with MySQL and it still works after the change.
2019-06-09 21:43:19 +00:00
err := db.QueryRow("SELECT user_id, username, one_time FROM accesstokens LEFT JOIN users ON user_id = id WHERE token LIKE ? AND (expires IS NULL OR expires > "+db.now()+")", t).Scan(&userID, &username, &oneTime)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
return 0, "", ErrBadAccessToken
case err != nil:
return 0, "", ErrInternalGeneral
}
// Delete token if it was one-time
if oneTime {
db.DeleteToken(t[:])
}
return userID, username, nil
}
func (db *datastore) GetAPIUser(header string) (*User, error) {
uID := db.GetUserID(header)
if uID == -1 {
return nil, fmt.Errorf(ErrUserNotFound.Error())
}
return db.GetUserByID(uID)
}
// GetUserID takes a hexadecimal accessToken, parses it into its binary
// representation, and gets any user ID associated with the token. If no user
// is associated, -1 is returned.
func (db *datastore) GetUserID(accessToken string) int64 {
i, _ := db.GetUserIDPrivilege(accessToken)
return i
}
func (db *datastore) GetUserIDPrivilege(accessToken string) (userID int64, sudo bool) {
t := auth.GetToken(accessToken)
if len(t) == 0 {
return -1, false
}
var oneTime bool
Fix #96 This solves the error 500 on the /api/me endpoint. Replace token search query `=` with `LIKE` to fix sqlite complaining about no valid tokens. Also checked with MySQL and it still works after the change.
2019-06-09 21:43:19 +00:00
err := db.QueryRow("SELECT user_id, sudo, one_time FROM accesstokens WHERE token LIKE ? AND (expires IS NULL OR expires > "+db.now()+")", t).Scan(&userID, &sudo, &oneTime)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
return -1, false
case err != nil:
return -1, false
}
// Delete token if it was one-time
if oneTime {
db.DeleteToken(t[:])
}
return
}
func (db *datastore) DeleteToken(accessToken []byte) error {
Fix #96 This solves the error 500 on the /api/me endpoint. Replace token search query `=` with `LIKE` to fix sqlite complaining about no valid tokens. Also checked with MySQL and it still works after the change.
2019-06-09 21:43:19 +00:00
res, err := db.Exec("DELETE FROM accesstokens WHERE token LIKE ?", accessToken)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
return err
}
rowsAffected, _ := res.RowsAffected()
if rowsAffected == 0 {
return impart.HTTPError{http.StatusNotFound, "Token is invalid or doesn't exist"}
}
return nil
}
// FetchLastAccessToken creates a new non-expiring, valid access token for the given
// userID.
func (db *datastore) FetchLastAccessToken(userID int64) string {
var t []byte
Fix #96 This solves the error 500 on the /api/me endpoint. Replace token search query `=` with `LIKE` to fix sqlite complaining about no valid tokens. Also checked with MySQL and it still works after the change.
2019-06-09 21:43:19 +00:00
err := db.QueryRow("SELECT token FROM accesstokens WHERE user_id = ? AND (expires IS NULL OR expires > "+db.now()+") ORDER BY created DESC LIMIT 1", userID).Scan(&t)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
return ""
case err != nil:
log.Error("Failed selecting from accesstoken: %v", err)
return ""
}
u, err := uuid.Parse(t)
if err != nil {
return ""
}
return u.String()
}
// GetAccessToken creates a new non-expiring, valid access token for the given
// userID.
func (db *datastore) GetAccessToken(userID int64) (string, error) {
return db.GetTemporaryOneTimeAccessToken(userID, 0, false)
}
// GetTemporaryAccessToken creates a new valid access token for the given
// userID that remains valid for the given time in seconds. If validSecs is 0,
// the access token doesn't automatically expire.
func (db *datastore) GetTemporaryAccessToken(userID int64, validSecs int) (string, error) {
return db.GetTemporaryOneTimeAccessToken(userID, validSecs, false)
}
// GetTemporaryOneTimeAccessToken creates a new valid access token for the given
// userID that remains valid for the given time in seconds and can only be used
// once if oneTime is true. If validSecs is 0, the access token doesn't
// automatically expire.
func (db *datastore) GetTemporaryOneTimeAccessToken(userID int64, validSecs int, oneTime bool) (string, error) {
u, err := uuid.NewV4()
if err != nil {
log.Error("Unable to generate token: %v", err)
return "", err
}
// Insert UUID to `accesstokens`
binTok := u[:]
expirationVal := "NULL"
if validSecs > 0 {
Fix #96 This solves the error 500 on the /api/me endpoint. Replace token search query `=` with `LIKE` to fix sqlite complaining about no valid tokens. Also checked with MySQL and it still works after the change.
2019-06-09 21:43:19 +00:00
expirationVal = fmt.Sprintf("DATE_ADD("+db.now()+", INTERVAL %d SECOND)", validSecs)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
SQLite support added.
2018-12-01 18:07:25 +00:00
_, err = db.Exec("INSERT INTO accesstokens (token, user_id, one_time, expires) VALUES (?, ?, ?, "+expirationVal+")", string(binTok), userID, oneTime)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Couldn't INSERT accesstoken: %v", err)
return "", err
}
return u.String(), nil
}
Fix missing hostname when publishing via API This fixes a bug that occurred only when publishing via API and authenticating via token (rather than cookie). Previously, the instance's hostname wouldn't be added to the Collection that got passed around after retrieving the owned post, meaning an incomplete URL was returned in the API response, and federation failed due to the missing host.
2019-07-22 18:02:53 +00:00
func (db *datastore) CreateOwnedPost(post *SubmittedPost, accessToken, collAlias, hostName string) (*PublicPost, error) {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
var userID, collID int64 = -1, -1
var coll *Collection
var err error
if accessToken != "" {
userID = db.GetUserID(accessToken)
if userID == -1 {
return nil, ErrBadAccessToken
}
if collAlias != "" {
coll, err = db.GetCollection(collAlias)
if err != nil {
return nil, err
}
Fix missing hostname when publishing via API This fixes a bug that occurred only when publishing via API and authenticating via token (rather than cookie). Previously, the instance's hostname wouldn't be added to the Collection that got passed around after retrieving the owned post, meaning an incomplete URL was returned in the API response, and federation failed due to the missing host.
2019-07-22 18:02:53 +00:00
coll.hostName = hostName
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if coll.OwnerID != userID {
return nil, ErrForbiddenCollection
}
collID = coll.ID
}
}
rp := &PublicPost{}
rp.Post, err = db.CreatePost(userID, collID, post)
if err != nil {
return rp, err
}
if coll != nil {
coll.ForPublic()
rp.Collection = &CollectionObj{Collection: *coll}
}
return rp, nil
}
func (db *datastore) CreatePost(userID, collID int64, post *SubmittedPost) (*Post, error) {
idLen := postIDLen
Remove writeas/nerds/store dependency
2021-03-30 16:49:12 +00:00
friendlyID := id.GenerateFriendlyRandomString(idLen)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// Handle appearance / font face
appearance := post.Font
if !post.isFontValid() {
appearance = "norm"
}
var err error
ownerID := sql.NullInt64{
Valid: false,
}
ownerCollID := sql.NullInt64{
Valid: false,
}
slug := sql.NullString{"", false}
// If an alias was supplied, we'll add this to the collection as well.
if userID > 0 {
ownerID.Int64 = userID
ownerID.Valid = true
if collID > 0 {
ownerCollID.Int64 = collID
ownerCollID.Valid = true
var slugVal string
Create coll post with the provided slug, if exists Closes T811
2021-02-22 19:25:18 +00:00
if post.Slug != nil && *post.Slug != "" {
slugVal = *post.Slug
} else {
if post.Title != nil && *post.Title != "" {
slugVal = getSlug(*post.Title, post.Language.String)
if slugVal == "" {
slugVal = getSlug(*post.Content, post.Language.String)
}
} else {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
slugVal = getSlug(*post.Content, post.Language.String)
}
}
if slugVal == "" {
slugVal = friendlyID
}
slug = sql.NullString{slugVal, true}
}
}
Accept different `created` time on post publish This helps with post importing and clients that want to support post scheduling. It also changes how Collection.ForPublic() works, no longer resetting the ID. Closes T532
2018-11-18 19:39:50 +00:00
created := time.Now()
Fix post `created` date in SQLite We store times in UTC in all other places, but the post.Created logic when creating a post meant that dates were being stored in a user's local timezone. This fixes that. Ref T529
2018-12-08 17:51:27 +00:00
if db.driverName == driverSQLite {
// SQLite stores datetimes in UTC, so convert time.Now() to it here
created = created.UTC()
}
Ignore post `created` date when empty on publish
2021-08-30 21:48:30 +00:00
if post.Created != nil && *post.Created != "" {
Accept different `created` time on post publish This helps with post importing and clients that want to support post scheduling. It also changes how Collection.ForPublic() works, no longer resetting the ID. Closes T532
2018-11-18 19:39:50 +00:00
created, err = time.Parse("2006-01-02T15:04:05Z", *post.Created)
if err != nil {
log.Error("Unable to parse Created time '%s': %v", *post.Created, err)
created = time.Now()
Fix post `created` date in SQLite We store times in UTC in all other places, but the post.Created logic when creating a post meant that dates were being stored in a user's local timezone. This fixes that. Ref T529
2018-12-08 17:51:27 +00:00
if db.driverName == driverSQLite {
// SQLite stores datetimes in UTC, so convert time.Now() to it here
created = created.UTC()
}
Accept different `created` time on post publish This helps with post importing and clients that want to support post scheduling. It also changes how Collection.ForPublic() works, no longer resetting the ID. Closes T532
2018-11-18 19:39:50 +00:00
}
}
Move NOW() calls to datastore.now() method Ref T529
2018-12-08 17:15:16 +00:00
stmt, err := db.Prepare("INSERT INTO posts (id, slug, title, content, text_appearance, language, rtl, privacy, owner_id, collection_id, created, updated, view_count) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, " + db.now() + ", ?)")
Reuse statement on post insert
2018-11-13 01:51:04 +00:00
if err != nil {
return nil, err
}
defer stmt.Close()
Accept different `created` time on post publish This helps with post importing and clients that want to support post scheduling. It also changes how Collection.ForPublic() works, no longer resetting the ID. Closes T532
2018-11-18 19:39:50 +00:00
_, err = stmt.Exec(friendlyID, slug, post.Title, post.Content, appearance, post.Language, post.IsRTL, 0, ownerID, ownerCollID, created, 0)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
Fix duplicate key checks in SQLite Ref T529
2018-12-08 18:25:20 +00:00
if db.isDuplicateKeyErr(err) {
// Duplicate entry error; try a new slug
// TODO: make this a little more robust
slug = sql.NullString{id.GenSafeUniqueSlug(slug.String), true}
_, err = stmt.Exec(friendlyID, slug, post.Title, post.Content, appearance, post.Language, post.IsRTL, 0, ownerID, ownerCollID, created, 0)
if err != nil {
return nil, handleFailedPostInsert(fmt.Errorf("Retried slug generation, still failed: %v", err))
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
} else {
return nil, handleFailedPostInsert(err)
}
}
// TODO: return Created field in proper format
return &Post{
ID: friendlyID,
Slug: null.NewString(slug.String, slug.Valid),
Font: appearance,
Language: zero.NewString(post.Language.String, post.Language.Valid),
RTL: zero.NewBool(post.IsRTL.Bool, post.IsRTL.Valid),
OwnerID: null.NewInt(userID, true),
CollectionID: null.NewInt(userID, true),
Accept different `created` time on post publish This helps with post importing and clients that want to support post scheduling. It also changes how Collection.ForPublic() works, no longer resetting the ID. Closes T532
2018-11-18 19:39:50 +00:00
Created: created.Truncate(time.Second).UTC(),
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
Updated: time.Now().Truncate(time.Second).UTC(),
Title: zero.NewString(*(post.Title), true),
Content: *(post.Content),
}, nil
}
// UpdateOwnedPost updates an existing post with only the given fields in the
// supplied AuthenticatedPost.
func (db *datastore) UpdateOwnedPost(post *AuthenticatedPost, userID int64) error {
params := []interface{}{}
var queryUpdates, sep, authCondition string
if post.Slug != nil && *post.Slug != "" {
queryUpdates += sep + "slug = ?"
sep = ", "
params = append(params, getSlug(*post.Slug, ""))
}
if post.Content != nil {
queryUpdates += sep + "content = ?"
sep = ", "
params = append(params, post.Content)
}
if post.Title != nil {
queryUpdates += sep + "title = ?"
sep = ", "
params = append(params, post.Title)
}
if post.Language.Valid {
queryUpdates += sep + "language = ?"
sep = ", "
params = append(params, post.Language.String)
}
if post.IsRTL.Valid {
queryUpdates += sep + "rtl = ?"
sep = ", "
params = append(params, post.IsRTL.Bool)
}
if post.Font != "" {
queryUpdates += sep + "text_appearance = ?"
sep = ", "
params = append(params, post.Font)
}
if post.Created != nil {
createTime, err := time.Parse(postMetaDateFormat, *post.Created)
if err != nil {
log.Error("Unable to parse Created date: %v", err)
return fmt.Errorf("That's the incorrect format for Created date.")
}
queryUpdates += sep + "created = ?"
sep = ", "
params = append(params, createTime)
}
// WHERE parameters...
// id = ?
params = append(params, post.ID)
// AND owner_id = ?
authCondition = "(owner_id = ?)"
params = append(params, userID)
if queryUpdates == "" {
return ErrPostNoUpdatableVals
}
Move NOW() calls to datastore.now() method Ref T529
2018-12-08 17:15:16 +00:00
queryUpdates += sep + "updated = " + db.now()
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
res, err := db.Exec("UPDATE posts SET "+queryUpdates+" WHERE id = ? AND "+authCondition, params...)
if err != nil {
log.Error("Unable to update owned post: %v", err)
return err
}
rowsAffected, _ := res.RowsAffected()
if rowsAffected == 0 {
// Show the correct error message if nothing was updated
var dummy int
err := db.QueryRow("SELECT 1 FROM posts WHERE id = ? AND "+authCondition, post.ID, params[len(params)-1]).Scan(&dummy)
switch {
case err == sql.ErrNoRows:
return ErrUnauthorizedEditPost
case err != nil:
log.Error("Failed selecting from posts: %v", err)
}
return nil
}
return nil
}
func (db *datastore) GetCollectionBy(condition string, value interface{}) (*Collection, error) {
c := &Collection{}
// FIXME: change Collection to reflect database values. Add helper functions to get actual values
Support post signatures This enables users to add a signature to all blog posts, and update it from a single location. Requires database migration with: writefreely db migrate Closes T582
2020-06-23 20:24:45 +00:00
var styleSheet, script, signature, format zero.String
row := db.QueryRow("SELECT id, alias, title, description, style_sheet, script, post_signature, format, owner_id, privacy, view_count FROM collections WHERE "+condition, value)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
Support post signatures This enables users to add a signature to all blog posts, and update it from a single location. Requires database migration with: writefreely db migrate Closes T582
2020-06-23 20:24:45 +00:00
err := row.Scan(&c.ID, &c.Alias, &c.Title, &c.Description, &styleSheet, &script, &signature, &format, &c.OwnerID, &c.Visibility, &c.Views)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
return nil, impart.HTTPError{http.StatusNotFound, "Collection doesn't exist."}
Show 503 page on collections under high load This acknowledges "too many connections" and "max user connections" errors in MySQL and propagates the error up the chain so we can notify the user and return the correct HTTP code.
2020-03-18 20:14:05 +00:00
case db.isHighLoadError(err):
return nil, ErrUnavailable
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
case err != nil:
log.Error("Failed selecting from collections: %v", err)
return nil, err
}
c.StyleSheet = styleSheet.String
c.Script = script.String
Support post signatures This enables users to add a signature to all blog posts, and update it from a single location. Requires database migration with: writefreely db migrate Closes T582
2020-06-23 20:24:45 +00:00
c.Signature = signature.String
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
c.Format = format.String
c.Public = c.IsPublic()
Support Web Monetized split content Ref T770
2021-06-07 19:52:24 +00:00
c.Monetization = db.GetCollectionAttribute(c.ID, "monetization_pointer")
Fill in remaining missing pieces - Database schema changes, removing obsolete custom domain-related code - Missing user structs - Setup verbiage changes - Missing routes - Missing error messages
2018-11-08 06:31:01 +00:00
c.db = db
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
return c, nil
}
func (db *datastore) GetCollection(alias string) (*Collection, error) {
return db.GetCollectionBy("alias = ?", alias)
}
func (db *datastore) GetCollectionForPad(alias string) (*Collection, error) {
c := &Collection{Alias: alias}
row := db.QueryRow("SELECT id, alias, title, description, privacy FROM collections WHERE alias = ?", alias)
err := row.Scan(&c.ID, &c.Alias, &c.Title, &c.Description, &c.Visibility)
switch {
case err == sql.ErrNoRows:
return c, impart.HTTPError{http.StatusNotFound, "Collection doesn't exist."}
case err != nil:
log.Error("Failed selecting from collections: %v", err)
return c, ErrInternalGeneral
}
c.Public = c.IsPublic()
return c, nil
}
Fill in remaining missing pieces - Database schema changes, removing obsolete custom domain-related code - Missing user structs - Setup verbiage changes - Missing routes - Missing error messages
2018-11-08 06:31:01 +00:00
func (db *datastore) GetCollectionByID(id int64) (*Collection, error) {
return db.GetCollectionBy("id = ?", id)
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
func (db *datastore) GetCollectionFromDomain(host string) (*Collection, error) {
return db.GetCollectionBy("host = ?", host)
}
func (db *datastore) UpdateCollection(c *SubmittedCollection, alias string) error {
q := query.NewUpdate().
SetStringPtr(c.Title, "title").
SetStringPtr(c.Description, "description").
SetNullString(c.StyleSheet, "style_sheet").
Support post signatures This enables users to add a signature to all blog posts, and update it from a single location. Requires database migration with: writefreely db migrate Closes T582
2020-06-23 20:24:45 +00:00
SetNullString(c.Script, "script").
SetNullString(c.Signature, "post_signature")
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if c.Format != nil {
cf := &CollectionFormat{Format: c.Format.String}
if cf.Valid() {
q.SetNullString(c.Format, "format")
}
}
var updatePass bool
if c.Visibility != nil && (collVisibility(*c.Visibility)&CollProtected == 0 || c.Pass != "") {
q.SetIntPtr(c.Visibility, "privacy")
if c.Pass != "" {
updatePass = true
}
}
// WHERE values
q.Where("alias = ? AND owner_id = ?", alias, c.OwnerID)
Support updating collection only with monetization_pointer
2021-05-25 20:58:09 +00:00
if q.Updates == "" && c.Monetization == nil {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
return ErrPostNoUpdatableVals
}
// Find any current domain
var collID int64
var rowsAffected int64
var changed bool
var res sql.Result
Fix MathJax value not sticking This closes #28
2018-11-16 17:19:56 +00:00
err := db.QueryRow("SELECT id FROM collections WHERE alias = ?", alias).Scan(&collID)
if err != nil {
log.Error("Failed selecting from collections: %v. Some things won't work.", err)
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// Update MathJax value
if c.MathJax {
Fix upsert queries on SQLite Ref T529
2018-12-08 17:58:45 +00:00
if db.driverName == driverSQLite {
_, err = db.Exec("INSERT OR REPLACE INTO collectionattributes (collection_id, attribute, value) VALUES (?, ?, ?)", collID, "render_mathjax", "1")
} else {
_, err = db.Exec("INSERT INTO collectionattributes (collection_id, attribute, value) VALUES (?, ?, ?) "+db.upsert("collection_id", "attribute")+" value = ?", collID, "render_mathjax", "1", "1")
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Unable to insert render_mathjax value: %v", err)
return err
}
} else {
_, err = db.Exec("DELETE FROM collectionattributes WHERE collection_id = ? AND attribute = ?", collID, "render_mathjax")
if err != nil {
log.Error("Unable to delete render_mathjax value: %v", err)
return err
}
}
Enable updating WM payment pointer via API and Customize page Ref T773
2020-09-30 18:40:13 +00:00
// Update Monetization value
if c.Monetization != nil {
Validate and trim spaces on WM pointer Ref T773
2020-09-30 18:42:11 +00:00
skipUpdate := false
if *c.Monetization != "" {
// Strip away any excess spaces
trimmed := strings.TrimSpace(*c.Monetization)
// Only update value when it starts with "$", per spec: https://paymentpointers.org
if strings.HasPrefix(trimmed, "$") {
c.Monetization = &trimmed
} else {
// Value appears invalid, so don't update
skipUpdate = true
}
}
if !skipUpdate {
Fix monetization_pointer upsert query for SQLite Fixes #495
2021-12-29 23:23:31 +00:00
_, err = db.Exec("INSERT INTO collectionattributes (collection_id, attribute, value) VALUES (?, ?, ?) "+db.upsert("collection_id", "attribute")+" value = ?", collID, "monetization_pointer", *c.Monetization, *c.Monetization)
Validate and trim spaces on WM pointer Ref T773
2020-09-30 18:42:11 +00:00
if err != nil {
log.Error("Unable to insert monetization_pointer value: %v", err)
return err
}
Enable updating WM payment pointer via API and Customize page Ref T773
2020-09-30 18:40:13 +00:00
}
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// Update rest of the collection data
Support updating collection only with monetization_pointer
2021-05-25 20:58:09 +00:00
if q.Updates != "" {
res, err = db.Exec("UPDATE collections SET "+q.Updates+" WHERE "+q.Conditions, q.Params...)
if err != nil {
log.Error("Unable to update collection: %v", err)
return err
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rowsAffected, _ = res.RowsAffected()
if !changed || rowsAffected == 0 {
// Show the correct error message if nothing was updated
var dummy int
err := db.QueryRow("SELECT 1 FROM collections WHERE alias = ? AND owner_id = ?", alias, c.OwnerID).Scan(&dummy)
switch {
case err == sql.ErrNoRows:
return ErrUnauthorizedEditPost
case err != nil:
log.Error("Failed selecting from collections: %v", err)
}
if !updatePass {
return nil
}
}
if updatePass {
hashedPass, err := auth.HashPass([]byte(c.Pass))
if err != nil {
log.Error("Unable to create hash: %s", err)
return impart.HTTPError{http.StatusInternalServerError, "Could not create password hash."}
}
Fix upsert queries on SQLite Ref T529
2018-12-08 17:58:45 +00:00
if db.driverName == driverSQLite {
_, err = db.Exec("INSERT OR REPLACE INTO collectionpasswords (collection_id, password) VALUES ((SELECT id FROM collections WHERE alias = ?), ?)", alias, hashedPass)
} else {
_, err = db.Exec("INSERT INTO collectionpasswords (collection_id, password) VALUES ((SELECT id FROM collections WHERE alias = ?), ?) "+db.upsert("collection_id")+" password = ?", alias, hashedPass, hashedPass)
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
return err
}
}
return nil
}
const postCols = "id, slug, text_appearance, language, rtl, privacy, owner_id, collection_id, pinned_position, created, updated, view_count, title, content"
// getEditablePost returns a PublicPost with the given ID only if the given
// edit token is valid for the post.
func (db *datastore) GetEditablePost(id, editToken string) (*PublicPost, error) {
// FIXME: code duplicated from getPost()
// TODO: add slight logic difference to getPost / one func
var ownerName sql.NullString
p := &Post{}
row := db.QueryRow("SELECT "+postCols+", (SELECT username FROM users WHERE users.id = posts.owner_id) AS username FROM posts WHERE id = ? LIMIT 1", id)
err := row.Scan(&p.ID, &p.Slug, &p.Font, &p.Language, &p.RTL, &p.Privacy, &p.OwnerID, &p.CollectionID, &p.PinnedPosition, &p.Created, &p.Updated, &p.ViewCount, &p.Title, &p.Content, &ownerName)
switch {
case err == sql.ErrNoRows:
return nil, ErrPostNotFound
case err != nil:
log.Error("Failed selecting from collections: %v", err)
return nil, err
}
Don't consider post unpublished when title exists Previously, you could create a post with a title but no body, e.g. by publishing via email. This would still show the post on a blog, but would give a 410 Gone page when trying to access the page. This issue originally reported on the forum: https://discuss.write.as/t/removing-post-unpublished-by-author-post/725
2019-07-14 16:59:33 +00:00
if p.Content == "" && p.Title.String == "" {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
return nil, ErrPostUnpublished
}
res := p.processPost()
if ownerName.Valid {
res.Owner = &PublicUser{Username: ownerName.String}
}
return &res, nil
}
func (db *datastore) PostIDExists(id string) bool {
var dummy bool
err := db.QueryRow("SELECT 1 FROM posts WHERE id = ?", id).Scan(&dummy)
return err == nil && dummy
}
// GetPost gets a public-facing post object from the database. If collectionID
// is > 0, the post will be retrieved by slug and collection ID, rather than
// post ID.
// TODO: break this into two functions:
// - GetPost(id string)
// - GetCollectionPost(slug string, collectionID int64)
func (db *datastore) GetPost(id string, collectionID int64) (*PublicPost, error) {
var ownerName sql.NullString
p := &Post{}
var row *sql.Row
var where string
params := []interface{}{id}
if collectionID > 0 {
where = "slug = ? AND collection_id = ?"
params = append(params, collectionID)
} else {
where = "id = ?"
}
row = db.QueryRow("SELECT "+postCols+", (SELECT username FROM users WHERE users.id = posts.owner_id) AS username FROM posts WHERE "+where+" LIMIT 1", params...)
err := row.Scan(&p.ID, &p.Slug, &p.Font, &p.Language, &p.RTL, &p.Privacy, &p.OwnerID, &p.CollectionID, &p.PinnedPosition, &p.Created, &p.Updated, &p.ViewCount, &p.Title, &p.Content, &ownerName)
switch {
case err == sql.ErrNoRows:
if collectionID > 0 {
return nil, ErrCollectionPageNotFound
}
return nil, ErrPostNotFound
case err != nil:
log.Error("Failed selecting from collections: %v", err)
return nil, err
}
Don't consider post unpublished when title exists Previously, you could create a post with a title but no body, e.g. by publishing via email. This would still show the post on a blog, but would give a 410 Gone page when trying to access the page. This issue originally reported on the forum: https://discuss.write.as/t/removing-post-unpublished-by-author-post/725
2019-07-14 16:59:33 +00:00
if p.Content == "" && p.Title.String == "" {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
return nil, ErrPostUnpublished
}
res := p.processPost()
if ownerName.Valid {
res.Owner = &PublicUser{Username: ownerName.String}
}
return &res, nil
}
// TODO: don't duplicate getPost() functionality
func (db *datastore) GetOwnedPost(id string, ownerID int64) (*PublicPost, error) {
p := &Post{}
var row *sql.Row
where := "id = ? AND owner_id = ?"
params := []interface{}{id, ownerID}
row = db.QueryRow("SELECT "+postCols+" FROM posts WHERE "+where+" LIMIT 1", params...)
err := row.Scan(&p.ID, &p.Slug, &p.Font, &p.Language, &p.RTL, &p.Privacy, &p.OwnerID, &p.CollectionID, &p.PinnedPosition, &p.Created, &p.Updated, &p.ViewCount, &p.Title, &p.Content)
switch {
case err == sql.ErrNoRows:
return nil, ErrPostNotFound
case err != nil:
log.Error("Failed selecting from collections: %v", err)
return nil, err
}
Don't consider post unpublished when title exists Previously, you could create a post with a title but no body, e.g. by publishing via email. This would still show the post on a blog, but would give a 410 Gone page when trying to access the page. This issue originally reported on the forum: https://discuss.write.as/t/removing-post-unpublished-by-author-post/725
2019-07-14 16:59:33 +00:00
if p.Content == "" && p.Title.String == "" {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
return nil, ErrPostUnpublished
}
res := p.processPost()
return &res, nil
}
func (db *datastore) GetPostProperty(id string, collectionID int64, property string) (interface{}, error) {
propSelects := map[string]string{
"views": "view_count AS views",
}
selectQuery, ok := propSelects[property]
if !ok {
return nil, impart.HTTPError{http.StatusBadRequest, fmt.Sprintf("Invalid property: %s.", property)}
}
var res interface{}
var row *sql.Row
if collectionID != 0 {
row = db.QueryRow("SELECT "+selectQuery+" FROM posts WHERE slug = ? AND collection_id = ? LIMIT 1", id, collectionID)
} else {
row = db.QueryRow("SELECT "+selectQuery+" FROM posts WHERE id = ? LIMIT 1", id)
}
err := row.Scan(&res)
switch {
case err == sql.ErrNoRows:
return nil, impart.HTTPError{http.StatusNotFound, "Post not found."}
case err != nil:
log.Error("Failed selecting post: %v", err)
return nil, err
}
return res, nil
}
// GetPostsCount modifies the CollectionObj to include the correct number of
// standard (non-pinned) posts. It will return future posts if `includeFuture`
// is true.
func (db *datastore) GetPostsCount(c *CollectionObj, includeFuture bool) {
var count int64
timeCondition := ""
if !includeFuture {
Move NOW() calls to datastore.now() method Ref T529
2018-12-08 17:15:16 +00:00
timeCondition = "AND created <= " + db.now()
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
err := db.QueryRow("SELECT COUNT(*) FROM posts WHERE collection_id = ? AND pinned_position IS NULL "+timeCondition, c.ID).Scan(&count)
switch {
case err == sql.ErrNoRows:
c.TotalPosts = 0
case err != nil:
log.Error("Failed selecting from collections: %v", err)
c.TotalPosts = 0
}
c.TotalPosts = int(count)
}
Update GetPosts() docstring
2019-05-29 16:03:01 +00:00
// GetPosts retrieves all posts for the given Collection.
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// It will return future posts if `includeFuture` is true.
Update GetPosts() docstring
2019-05-29 16:03:01 +00:00
// It will include only standard (non-pinned) posts unless `includePinned` is true.
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// TODO: change includeFuture to isOwner, since that's how it's used
Link hashtags to Reader when Chorus mode enabled instead of linking to posts only on a user's blog. Ref T681
2019-08-07 13:26:07 +00:00
func (db *datastore) GetPosts(cfg *config.Config, c *Collection, page int, includeFuture, forceRecentFirst, includePinned bool) (*[]PublicPost, error) {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
collID := c.ID
cf := c.NewFormat()
order := "DESC"
Fix Novel blog post order in feeds and outbox
2018-11-18 02:59:04 +00:00
if cf.Ascending() && !forceRecentFirst {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
order = "ASC"
}
pagePosts := cf.PostsPerPage()
start := page*pagePosts - pagePosts
if page == 0 {
start = 0
pagePosts = 1000
}
limitStr := ""
if page > 0 {
limitStr = fmt.Sprintf(" LIMIT %d, %d", start, pagePosts)
}
timeCondition := ""
if !includeFuture {
Move NOW() calls to datastore.now() method Ref T529
2018-12-08 17:15:16 +00:00
timeCondition = "AND created <= " + db.now()
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
Change GetPosts() to have includePinned parameter, change all calls to match
2019-05-28 18:54:56 +00:00
pinnedCondition := ""
if !includePinned {
pinnedCondition = "AND pinned_position IS NULL"
}
rows, err := db.Query("SELECT "+postCols+" FROM posts WHERE collection_id = ? "+pinnedCondition+" "+timeCondition+" ORDER BY created "+order+limitStr, collID)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Failed selecting from posts: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve collection posts."}
}
defer rows.Close()
// TODO: extract this common row scanning logic for queries using `postCols`
posts := []PublicPost{}
for rows.Next() {
p := &Post{}
err = rows.Scan(&p.ID, &p.Slug, &p.Font, &p.Language, &p.RTL, &p.Privacy, &p.OwnerID, &p.CollectionID, &p.PinnedPosition, &p.Created, &p.Updated, &p.ViewCount, &p.Title, &p.Content)
if err != nil {
log.Error("Failed scanning row: %v", err)
break
}
p.extractData()
Support post signatures This enables users to add a signature to all blog posts, and update it from a single location. Requires database migration with: writefreely db migrate Closes T582
2020-06-23 20:24:45 +00:00
p.augmentContent(c)
Support Web Monetized split content Ref T770
2021-06-07 19:52:24 +00:00
p.formatContent(cfg, c, includeFuture, false)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
posts = append(posts, p.processPost())
}
err = rows.Err()
if err != nil {
log.Error("Error after Next() on rows: %v", err)
}
return &posts, nil
}
// GetPostsTagged retrieves all posts on the given Collection that contain the
// given tag.
// It will return future posts if `includeFuture` is true.
// TODO: change includeFuture to isOwner, since that's how it's used
Link hashtags to Reader when Chorus mode enabled instead of linking to posts only on a user's blog. Ref T681
2019-08-07 13:26:07 +00:00
func (db *datastore) GetPostsTagged(cfg *config.Config, c *Collection, tag string, page int, includeFuture bool) (*[]PublicPost, error) {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
collID := c.ID
cf := c.NewFormat()
order := "DESC"
if cf.Ascending() {
order = "ASC"
}
pagePosts := cf.PostsPerPage()
start := page*pagePosts - pagePosts
if page == 0 {
start = 0
pagePosts = 1000
}
limitStr := ""
if page > 0 {
limitStr = fmt.Sprintf(" LIMIT %d, %d", start, pagePosts)
}
timeCondition := ""
if !includeFuture {
Move NOW() calls to datastore.now() method Ref T529
2018-12-08 17:15:16 +00:00
timeCondition = "AND created <= " + db.now()
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
Fix tagged posts SQLite query SQLite doesn't have an `RLIKE` function, so the query for hashtagged posts was failing before. This adds a `regexp` function to SQLite and correctly retrieves all posts on a blog with the requested hashtag. This closes #55
2019-01-07 16:55:23 +00:00
var rows *sql.Rows
var err error
if db.driverName == driverSQLite {
rows, err = db.Query("SELECT "+postCols+" FROM posts WHERE collection_id = ? AND LOWER(content) regexp ? "+timeCondition+" ORDER BY created "+order+limitStr, collID, `.*#`+strings.ToLower(tag)+`\b.*`)
} else {
rows, err = db.Query("SELECT "+postCols+" FROM posts WHERE collection_id = ? AND LOWER(content) RLIKE ? "+timeCondition+" ORDER BY created "+order+limitStr, collID, "#"+strings.ToLower(tag)+"[[:>:]]")
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Failed selecting from posts: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve collection posts."}
}
defer rows.Close()
// TODO: extract this common row scanning logic for queries using `postCols`
posts := []PublicPost{}
for rows.Next() {
p := &Post{}
err = rows.Scan(&p.ID, &p.Slug, &p.Font, &p.Language, &p.RTL, &p.Privacy, &p.OwnerID, &p.CollectionID, &p.PinnedPosition, &p.Created, &p.Updated, &p.ViewCount, &p.Title, &p.Content)
if err != nil {
log.Error("Failed scanning row: %v", err)
break
}
p.extractData()
Support post signatures This enables users to add a signature to all blog posts, and update it from a single location. Requires database migration with: writefreely db migrate Closes T582
2020-06-23 20:24:45 +00:00
p.augmentContent(c)
Support Web Monetized split content Ref T770
2021-06-07 19:52:24 +00:00
p.formatContent(cfg, c, includeFuture, false)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
posts = append(posts, p.processPost())
}
err = rows.Err()
if err != nil {
log.Error("Error after Next() on rows: %v", err)
}
return &posts, nil
}
func (db *datastore) GetAPFollowers(c *Collection) (*[]RemoteUser, error) {
rows, err := db.Query("SELECT actor_id, inbox, shared_inbox FROM remotefollows f INNER JOIN remoteusers u ON f.remote_user_id = u.id WHERE collection_id = ?", c.ID)
if err != nil {
log.Error("Failed selecting from followers: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve followers."}
}
defer rows.Close()
followers := []RemoteUser{}
for rows.Next() {
f := RemoteUser{}
err = rows.Scan(&f.ActorID, &f.Inbox, &f.SharedInbox)
followers = append(followers, f)
}
return &followers, nil
}
// CanCollect returns whether or not the given user can add the given post to a
// collection. This is true when a post is already owned by the user.
// NOTE: this is currently only used to potentially add owned posts to a
// collection. This has the SIDE EFFECT of also generating a slug for the post.
// FIXME: make this side effect more explicit (or extract it)
func (db *datastore) CanCollect(cpr *ClaimPostRequest, userID int64) bool {
var title, content string
var lang sql.NullString
err := db.QueryRow("SELECT title, content, language FROM posts WHERE id = ? AND owner_id = ?", cpr.ID, userID).Scan(&title, &content, &lang)
switch {
case err == sql.ErrNoRows:
return false
case err != nil:
log.Error("Failed on post CanCollect(%s, %d): %v", cpr.ID, userID, err)
return false
}
// Since we have the post content and the post is collectable, generate the
// post's slug now.
cpr.Slug = getSlugFromPost(title, content, lang.String)
return true
}
func (db *datastore) AttemptClaim(p *ClaimPostRequest, query string, params []interface{}, slugIdx int) (sql.Result, error) {
qRes, err := db.Exec(query, params...)
if err != nil {
Fix duplicate key checks in SQLite Ref T529
2018-12-08 18:25:20 +00:00
if db.isDuplicateKeyErr(err) && slugIdx > -1 {
s := id.GenSafeUniqueSlug(p.Slug)
if s == p.Slug {
// Sanity check to prevent infinite recursion
return qRes, fmt.Errorf("GenSafeUniqueSlug generated nothing unique: %s", s)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
Fix duplicate key checks in SQLite Ref T529
2018-12-08 18:25:20 +00:00
p.Slug = s
params[slugIdx] = p.Slug
return db.AttemptClaim(p, query, params, slugIdx)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
return qRes, fmt.Errorf("attemptClaim: %s", err)
}
return qRes, nil
}
func (db *datastore) DispersePosts(userID int64, postIDs []string) (*[]ClaimPostResult, error) {
postClaimReqs := map[string]bool{}
res := []ClaimPostResult{}
for i := range postIDs {
postID := postIDs[i]
r := ClaimPostResult{Code: 0, ErrorMessage: ""}
// Perform post validation
if postID == "" {
r.ErrorMessage = "Missing post ID. "
}
if _, ok := postClaimReqs[postID]; ok {
r.Code = 429
r.ErrorMessage = "You've already tried anonymizing this post."
r.ID = postID
res = append(res, r)
continue
}
postClaimReqs[postID] = true
var err error
// Get full post information to return
var fullPost *PublicPost
fullPost, err = db.GetPost(postID, 0)
if err != nil {
if err, ok := err.(impart.HTTPError); ok {
r.Code = err.Status
r.ErrorMessage = err.Message
r.ID = postID
res = append(res, r)
continue
} else {
log.Error("Error getting post in dispersePosts: %v", err)
}
}
if fullPost.OwnerID.Int64 != userID {
r.Code = http.StatusConflict
r.ErrorMessage = "Post is already owned by someone else."
r.ID = postID
res = append(res, r)
continue
}
var qRes sql.Result
var query string
var params []interface{}
// Do AND owner_id = ? for sanity.
// This should've been caught and returned with a good error message
// just above.
query = "UPDATE posts SET collection_id = NULL WHERE id = ? AND owner_id = ?"
params = []interface{}{postID, userID}
qRes, err = db.Exec(query, params...)
if err != nil {
r.Code = http.StatusInternalServerError
r.ErrorMessage = "A glitch happened on our end."
r.ID = postID
res = append(res, r)
log.Error("dispersePosts (post %s): %v", postID, err)
continue
}
// Post was successfully dispersed
r.Code = http.StatusOK
r.Post = fullPost
rowsAffected, _ := qRes.RowsAffected()
if rowsAffected == 0 {
// This was already claimed, but return 200
r.Code = http.StatusOK
}
res = append(res, r)
}
return &res, nil
}
Set default visibility in datastore.CreateCollection instead of updating it later. This is more correct behavior, prevents an additional query, and ensures that potential collection-creation when claiming posts also respects the default (which it didn't before). Ref T675
2019-08-07 20:20:32 +00:00
func (db *datastore) ClaimPosts(cfg *config.Config, userID int64, collAlias string, posts *[]ClaimPostRequest) (*[]ClaimPostResult, error) {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
postClaimReqs := map[string]bool{}
res := []ClaimPostResult{}
postCollAlias := collAlias
for i := range *posts {
p := (*posts)[i]
if &p == nil {
continue
}
r := ClaimPostResult{Code: 0, ErrorMessage: ""}
// Perform post validation
if p.ID == "" {
r.ErrorMessage = "Missing post ID `id`. "
}
if _, ok := postClaimReqs[p.ID]; ok {
r.Code = 429
r.ErrorMessage = "You've already tried claiming this post."
r.ID = p.ID
res = append(res, r)
continue
}
postClaimReqs[p.ID] = true
canCollect := db.CanCollect(&p, userID)
if !canCollect && p.Token == "" {
// TODO: ensure post isn't owned by anyone else when a valid modify
// token is given.
r.ErrorMessage += "Missing post Edit Token `token`."
}
if r.ErrorMessage != "" {
// Post validate failed
r.Code = http.StatusBadRequest
r.ID = p.ID
res = append(res, r)
continue
}
var err error
var qRes sql.Result
var query string
var params []interface{}
var slugIdx int = -1
Federate draft when published to a blog This now sends out a `Create` activity when a post is moved from a draft to a blog. This closes #9. Closes T526.
2018-11-16 17:42:21 +00:00
var coll *Collection
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if collAlias == "" {
// Posts are being claimed at /posts/claim, not
// /collections/{alias}/collect, so use given individual collection
// to associate post with.
postCollAlias = p.CollectionAlias
}
if postCollAlias != "" {
// Associate this post with a collection
if p.CreateCollection {
// This is a new collection
// TODO: consider removing this. This seriously complicates this
// method and adds another (unnecessary?) logic path.
Set default visibility in datastore.CreateCollection instead of updating it later. This is more correct behavior, prevents an additional query, and ensures that potential collection-creation when claiming posts also respects the default (which it didn't before). Ref T675
2019-08-07 20:20:32 +00:00
coll, err = db.CreateCollection(cfg, postCollAlias, "", userID)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
if err, ok := err.(impart.HTTPError); ok {
r.Code = err.Status
r.ErrorMessage = err.Message
} else {
r.Code = http.StatusInternalServerError
r.ErrorMessage = "Unknown error occurred creating collection"
}
r.ID = p.ID
res = append(res, r)
continue
}
} else {
// Attempt to add to existing collection
coll, err = db.GetCollection(postCollAlias)
if err != nil {
if err, ok := err.(impart.HTTPError); ok {
if err.Status == http.StatusNotFound {
// Show obfuscated "forbidden" response, as if attempting to add to an
// unowned blog.
r.Code = ErrForbiddenCollection.Status
r.ErrorMessage = ErrForbiddenCollection.Message
} else {
r.Code = err.Status
r.ErrorMessage = err.Message
}
} else {
r.Code = http.StatusInternalServerError
r.ErrorMessage = "Unknown error occurred claiming post with collection"
}
r.ID = p.ID
res = append(res, r)
continue
}
if coll.OwnerID != userID {
r.Code = ErrForbiddenCollection.Status
r.ErrorMessage = ErrForbiddenCollection.Message
r.ID = p.ID
res = append(res, r)
continue
}
}
if p.Slug == "" {
p.Slug = p.ID
}
if canCollect {
// User already owns this post, so just add it to the given
// collection.
query = "UPDATE posts SET collection_id = ?, slug = ? WHERE id = ? AND owner_id = ?"
params = []interface{}{coll.ID, p.Slug, p.ID, userID}
slugIdx = 1
} else {
query = "UPDATE posts SET owner_id = ?, collection_id = ?, slug = ? WHERE id = ? AND modify_token = ? AND owner_id IS NULL"
params = []interface{}{userID, coll.ID, p.Slug, p.ID, p.Token}
slugIdx = 2
}
} else {
query = "UPDATE posts SET owner_id = ? WHERE id = ? AND modify_token = ? AND owner_id IS NULL"
params = []interface{}{userID, p.ID, p.Token}
}
qRes, err = db.AttemptClaim(&p, query, params, slugIdx)
if err != nil {
r.Code = http.StatusInternalServerError
Fill in remaining missing pieces - Database schema changes, removing obsolete custom domain-related code - Missing user structs - Setup verbiage changes - Missing routes - Missing error messages
2018-11-08 06:31:01 +00:00
r.ErrorMessage = "An unknown error occurred."
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
r.ID = p.ID
res = append(res, r)
log.Error("claimPosts (post %s): %v", p.ID, err)
continue
}
// Get full post information to return
var fullPost *PublicPost
if p.Token != "" {
fullPost, err = db.GetEditablePost(p.ID, p.Token)
} else {
fullPost, err = db.GetPost(p.ID, 0)
}
if err != nil {
if err, ok := err.(impart.HTTPError); ok {
r.Code = err.Status
r.ErrorMessage = err.Message
r.ID = p.ID
res = append(res, r)
continue
}
}
if fullPost.OwnerID.Int64 != userID {
r.Code = http.StatusConflict
r.ErrorMessage = "Post is already owned by someone else."
r.ID = p.ID
res = append(res, r)
continue
}
// Post was successfully claimed
r.Code = http.StatusOK
r.Post = fullPost
Federate draft when published to a blog This now sends out a `Create` activity when a post is moved from a draft to a blog. This closes #9. Closes T526.
2018-11-16 17:42:21 +00:00
if coll != nil {
r.Post.Collection = &CollectionObj{Collection: *coll}
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
rowsAffected, _ := qRes.RowsAffected()
if rowsAffected == 0 {
// This was already claimed, but return 200
r.Code = http.StatusOK
}
res = append(res, r)
}
return &res, nil
}
func (db *datastore) UpdatePostPinState(pinned bool, postID string, collID, ownerID, pos int64) error {
if pos <= 0 || pos > 20 {
pos = db.GetLastPinnedPostPos(collID) + 1
if pos == -1 {
pos = 1
}
}
var err error
if pinned {
_, err = db.Exec("UPDATE posts SET pinned_position = ? WHERE id = ?", pos, postID)
} else {
_, err = db.Exec("UPDATE posts SET pinned_position = NULL WHERE id = ?", postID)
}
if err != nil {
log.Error("Unable to update pinned post: %v", err)
return err
}
return nil
}
func (db *datastore) GetLastPinnedPostPos(collID int64) int64 {
var lastPos sql.NullInt64
err := db.QueryRow("SELECT MAX(pinned_position) FROM posts WHERE collection_id = ? AND pinned_position IS NOT NULL", collID).Scan(&lastPos)
switch {
case err == sql.ErrNoRows:
return -1
case err != nil:
log.Error("Failed selecting from posts: %v", err)
return -1
}
if !lastPos.Valid {
return -1
}
return lastPos.Int64
}
prevent future posts from showing in pins this changes GetPinnedPosts to accept an includeFutre bool, which returns future dated pinned posts when true.
2019-08-12 16:58:30 +00:00
func (db *datastore) GetPinnedPosts(coll *CollectionObj, includeFuture bool) (*[]PublicPost, error) {
Fix pinned post content truncation with SQLite This extracts the LEFT/SUBSTR logic into its own datastore.clip() method that also works correctly with SQLite. Ref T529
2018-12-08 17:54:49 +00:00
// FIXME: sqlite-backed instances don't include ellipsis on truncated titles
use established future posts pattern
2019-08-12 21:13:02 +00:00
timeCondition := ""
if !includeFuture {
timeCondition = "AND created <= " + db.now()
prevent future posts from showing in pins this changes GetPinnedPosts to accept an includeFutre bool, which returns future dated pinned posts when true.
2019-08-12 16:58:30 +00:00
}
use established future posts pattern
2019-08-12 21:13:02 +00:00
rows, err := db.Query("SELECT id, slug, title, "+db.clip("content", 80)+", pinned_position FROM posts WHERE collection_id = ? AND pinned_position IS NOT NULL "+timeCondition+" ORDER BY pinned_position ASC", coll.ID)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Failed selecting pinned posts: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve pinned posts."}
}
defer rows.Close()
posts := []PublicPost{}
for rows.Next() {
p := &Post{}
err = rows.Scan(&p.ID, &p.Slug, &p.Title, &p.Content, &p.PinnedPosition)
if err != nil {
log.Error("Failed scanning row: %v", err)
break
}
p.extractData()
Support post signatures This enables users to add a signature to all blog posts, and update it from a single location. Requires database migration with: writefreely db migrate Closes T582
2020-06-23 20:24:45 +00:00
p.augmentContent(&coll.Collection)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
pp := p.processPost()
pp.Collection = coll
posts = append(posts, pp)
}
return &posts, nil
}
fix missing collection hostname GetCollections and GetPublishableCollections now take a hostname parameter to allow setting the collecion hostname. All collections used in memory now have their hostname set.
2019-08-12 19:35:17 +00:00
func (db *datastore) GetCollections(u *User, hostName string) (*[]Collection, error) {
Fetch collection description with user collections
2018-11-06 18:30:15 +00:00
rows, err := db.Query("SELECT id, alias, title, description, privacy, view_count FROM collections WHERE owner_id = ? ORDER BY id ASC", u.ID)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Failed selecting from collections: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve user collections."}
}
defer rows.Close()
colls := []Collection{}
for rows.Next() {
c := Collection{}
Fetch collection description with user collections
2018-11-06 18:30:15 +00:00
err = rows.Scan(&c.ID, &c.Alias, &c.Title, &c.Description, &c.Visibility, &c.Views)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Failed scanning row: %v", err)
break
}
fix missing collection hostname GetCollections and GetPublishableCollections now take a hostname parameter to allow setting the collecion hostname. All collections used in memory now have their hostname set.
2019-08-12 19:35:17 +00:00
c.hostName = hostName
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
c.URL = c.CanonicalURL()
c.Public = c.IsPublic()
Support Web Monetized split content Ref T770
2021-06-07 19:52:24 +00:00
/*
// NOTE: future functionality
if visibility != nil { // TODO: && visibility == CollPublic {
// Add Monetization info when retrieving all public collections
c.Monetization = db.GetCollectionAttribute(c.ID, "monetization_pointer")
}
*/
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
colls = append(colls, c)
}
err = rows.Err()
if err != nil {
log.Error("Error after Next() on rows: %v", err)
}
return &colls, nil
}
fix missing collection hostname GetCollections and GetPublishableCollections now take a hostname parameter to allow setting the collecion hostname. All collections used in memory now have their hostname set.
2019-08-12 19:35:17 +00:00
func (db *datastore) GetPublishableCollections(u *User, hostName string) (*[]Collection, error) {
c, err := db.GetCollections(u, hostName)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
return nil, err
}
if len(*c) == 0 {
return nil, impart.HTTPError{http.StatusInternalServerError, "You don't seem to have any blogs; they might've moved to another account. Try logging out and logging into your other account."}
}
return c, nil
}
Add Gopher support This adds gopher support to WriteFreely -- both single- and multi-user instances. It is off by default, but can be enabled with the new `gopher_port` config value in the `[server]` section. When enabled, multi-user instances will show all public blogs at gopher://[host]:[gopher_port]/ -- otherwise, blogs are accessible at gopher://[host]:[gopher_port]/[blog]/ This is just a proof of concept for now. We still need to handle some edge cases and different configurations, like private instances. Ref T559
2020-03-02 01:12:47 +00:00
func (db *datastore) GetPublicCollections(hostName string) (*[]Collection, error) {
rows, err := db.Query(`SELECT c.id, alias, title, description, privacy, view_count
FROM collections c
LEFT JOIN users u ON u.id = c.owner_id
WHERE c.privacy = 1 AND u.status = 0
Fix Gopher collections query
2021-08-05 14:53:20 +00:00
ORDER BY title ASC`)
Add Gopher support This adds gopher support to WriteFreely -- both single- and multi-user instances. It is off by default, but can be enabled with the new `gopher_port` config value in the `[server]` section. When enabled, multi-user instances will show all public blogs at gopher://[host]:[gopher_port]/ -- otherwise, blogs are accessible at gopher://[host]:[gopher_port]/[blog]/ This is just a proof of concept for now. We still need to handle some edge cases and different configurations, like private instances. Ref T559
2020-03-02 01:12:47 +00:00
if err != nil {
log.Error("Failed selecting public collections: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve public collections."}
}
defer rows.Close()
colls := []Collection{}
for rows.Next() {
c := Collection{}
err = rows.Scan(&c.ID, &c.Alias, &c.Title, &c.Description, &c.Visibility, &c.Views)
if err != nil {
log.Error("Failed scanning row: %v", err)
break
}
c.hostName = hostName
c.URL = c.CanonicalURL()
c.Public = c.IsPublic()
Support Web Monetized split content Ref T770
2021-06-07 19:52:24 +00:00
// Add Monetization information
c.Monetization = db.GetCollectionAttribute(c.ID, "monetization_pointer")
Add Gopher support This adds gopher support to WriteFreely -- both single- and multi-user instances. It is off by default, but can be enabled with the new `gopher_port` config value in the `[server]` section. When enabled, multi-user instances will show all public blogs at gopher://[host]:[gopher_port]/ -- otherwise, blogs are accessible at gopher://[host]:[gopher_port]/[blog]/ This is just a proof of concept for now. We still need to handle some edge cases and different configurations, like private instances. Ref T559
2020-03-02 01:12:47 +00:00
colls = append(colls, c)
}
err = rows.Err()
if err != nil {
log.Error("Error after Next() on rows: %v", err)
}
return &colls, nil
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
func (db *datastore) GetMeStats(u *User) userMeStats {
s := userMeStats{}
// User counts
colls, _ := db.GetUserCollectionCount(u.ID)
s.TotalCollections = colls
var articles, collPosts uint64
err := db.QueryRow("SELECT COUNT(*) FROM posts WHERE owner_id = ? AND collection_id IS NULL", u.ID).Scan(&articles)
if err != nil && err != sql.ErrNoRows {
log.Error("Couldn't get articles count for user %d: %v", u.ID, err)
}
s.TotalArticles = articles
err = db.QueryRow("SELECT COUNT(*) FROM posts WHERE owner_id = ? AND collection_id IS NOT NULL", u.ID).Scan(&collPosts)
if err != nil && err != sql.ErrNoRows {
log.Error("Couldn't get coll posts count for user %d: %v", u.ID, err)
}
s.CollectionPosts = collPosts
return s
}
Show instance stats on About page This also moves the stats database logic out of nodeinfo.go and into database.go.
2018-11-21 19:05:44 +00:00
func (db *datastore) GetTotalCollections() (collCount int64, err error) {
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
err = db.QueryRow(`
SELECT COUNT(*)
FROM collections c
LEFT JOIN users u ON u.id = c.owner_id
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
WHERE u.status = 0`).Scan(&collCount)
Show instance stats on About page This also moves the stats database logic out of nodeinfo.go and into database.go.
2018-11-21 19:05:44 +00:00
if err != nil {
log.Error("Unable to fetch collections count: %v", err)
}
return
}
func (db *datastore) GetTotalPosts() (postCount int64, err error) {
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
err = db.QueryRow(`
SELECT COUNT(*)
FROM posts p
LEFT JOIN users u ON u.id = p.owner_id
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
WHERE u.status = 0`).Scan(&postCount)
Show instance stats on About page This also moves the stats database logic out of nodeinfo.go and into database.go.
2018-11-21 19:05:44 +00:00
if err != nil {
log.Error("Unable to fetch posts count: %v", err)
}
return
}
Fix "Collection.hostName is empty!" log on Stats page Fixes #468
2021-06-25 16:39:59 +00:00
func (db *datastore) GetTopPosts(u *User, alias string, hostName string) (*[]PublicPost, error) {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
params := []interface{}{u.ID}
where := ""
if alias != "" {
where = " AND alias = ?"
params = append(params, alias)
}
Show post excerpt in stats list when no post title Originally requested on the forum: https://discuss.write.as/t/use-non-random-ids-for-untitled-posts-in-blog-stats/5046
2022-03-29 17:23:20 +00:00
rows, err := db.Query("SELECT p.id, p.slug, p.view_count, p.title, p.content, c.alias, c.title, c.description, c.view_count FROM posts p LEFT JOIN collections c ON p.collection_id = c.id WHERE p.owner_id = ?"+where+" ORDER BY p.view_count DESC, created DESC LIMIT 25", params...)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Failed selecting from posts: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve user top posts."}
}
defer rows.Close()
posts := []PublicPost{}
var gotErr bool
for rows.Next() {
p := Post{}
c := Collection{}
var alias, title, description sql.NullString
var views sql.NullInt64
Show post excerpt in stats list when no post title Originally requested on the forum: https://discuss.write.as/t/use-non-random-ids-for-untitled-posts-in-blog-stats/5046
2022-03-29 17:23:20 +00:00
err = rows.Scan(&p.ID, &p.Slug, &p.ViewCount, &p.Title, &p.Content, &alias, &title, &description, &views)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Failed scanning User.getPosts() row: %v", err)
gotErr = true
break
}
p.extractData()
pubPost := p.processPost()
if alias.Valid && alias.String != "" {
c.Alias = alias.String
c.Title = title.String
c.Description = description.String
c.Views = views.Int64
Fix "Collection.hostName is empty!" log on Stats page Fixes #468
2021-06-25 16:39:59 +00:00
c.hostName = hostName
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
pubPost.Collection = &CollectionObj{Collection: c}
}
posts = append(posts, pubPost)
}
err = rows.Err()
if err != nil {
log.Error("Error after Next() on rows: %v", err)
}
if gotErr && len(posts) == 0 {
// There were a lot of errors
return nil, impart.HTTPError{http.StatusInternalServerError, "Unable to get data."}
}
return &posts, nil
}
Limit initial draft post loading to 10 posts Ref T401
2020-07-30 20:28:21 +00:00
func (db *datastore) GetAnonymousPosts(u *User, page int) (*[]PublicPost, error) {
pagePosts := 10
start := page*pagePosts - pagePosts
if page == 0 {
start = 0
pagePosts = 1000
}
limitStr := ""
if page > 0 {
limitStr = fmt.Sprintf(" LIMIT %d, %d", start, pagePosts)
}
Fix date format in anonymous posts
2021-08-12 18:23:44 +00:00
rows, err := db.Query("SELECT id, view_count, title, language, created, updated, content FROM posts WHERE owner_id = ? AND collection_id IS NULL ORDER BY created DESC"+limitStr, u.ID)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Failed selecting from posts: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve user anonymous posts."}
}
defer rows.Close()
posts := []PublicPost{}
for rows.Next() {
p := Post{}
Fix date format in anonymous posts
2021-08-12 18:23:44 +00:00
err = rows.Scan(&p.ID, &p.ViewCount, &p.Title, &p.Language, &p.Created, &p.Updated, &p.Content)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Failed scanning row: %v", err)
break
}
p.extractData()
posts = append(posts, p.processPost())
}
err = rows.Err()
if err != nil {
log.Error("Error after Next() on rows: %v", err)
}
return &posts, nil
}
func (db *datastore) GetUserPosts(u *User) (*[]PublicPost, error) {
rows, err := db.Query("SELECT p.id, p.slug, p.view_count, p.title, p.created, p.updated, p.content, p.text_appearance, p.language, p.rtl, c.alias, c.title, c.description, c.view_count FROM posts p LEFT JOIN collections c ON collection_id = c.id WHERE p.owner_id = ? ORDER BY created ASC", u.ID)
if err != nil {
log.Error("Failed selecting from posts: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve user posts."}
}
defer rows.Close()
posts := []PublicPost{}
var gotErr bool
for rows.Next() {
p := Post{}
c := Collection{}
var alias, title, description sql.NullString
var views sql.NullInt64
err = rows.Scan(&p.ID, &p.Slug, &p.ViewCount, &p.Title, &p.Created, &p.Updated, &p.Content, &p.Font, &p.Language, &p.RTL, &alias, &title, &description, &views)
if err != nil {
log.Error("Failed scanning User.getPosts() row: %v", err)
gotErr = true
break
}
p.extractData()
pubPost := p.processPost()
if alias.Valid && alias.String != "" {
c.Alias = alias.String
c.Title = title.String
c.Description = description.String
c.Views = views.Int64
pubPost.Collection = &CollectionObj{Collection: c}
}
posts = append(posts, pubPost)
}
err = rows.Err()
if err != nil {
log.Error("Error after Next() on rows: %v", err)
}
if gotErr && len(posts) == 0 {
// There were a lot of errors
return nil, impart.HTTPError{http.StatusInternalServerError, "Unable to get data."}
}
return &posts, nil
}
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
func (db *datastore) GetUserPostsCount(userID int64) int64 {
var count int64
err := db.QueryRow("SELECT COUNT(*) FROM posts WHERE owner_id = ?", userID).Scan(&count)
switch {
case err == sql.ErrNoRows:
return 0
case err != nil:
log.Error("Failed selecting posts count for user %d: %v", userID, err)
return 0
}
return count
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// ChangeSettings takes a User and applies the changes in the given
// userSettings, MODIFYING THE USER with successful changes.
Make App struct public
2019-05-12 20:55:30 +00:00
func (db *datastore) ChangeSettings(app *App, u *User, s *userSettings) error {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
var errPass error
q := query.NewUpdate()
// Update email if given
if s.Email != "" {
Move key generation and Keychain to key pkg Ref T613
2019-06-13 14:14:35 +00:00
encEmail, err := data.Encrypt(app.keys.EmailKey, s.Email)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Couldn't encrypt email %s: %s\n", s.Email, err)
return impart.HTTPError{http.StatusInternalServerError, "Unable to encrypt email address."}
}
q.SetBytes(encEmail, "email")
// Update the email if something goes awry updating the password
defer func() {
if errPass != nil {
db.UpdateEncryptedUserEmail(u.ID, encEmail)
}
}()
u.Email = zero.StringFrom(s.Email)
}
// Update username if given
var newUsername string
if s.Username != "" {
var ie *impart.HTTPError
newUsername, ie = getValidUsername(app, s.Username, u.Username)
if ie != nil {
// Username is invalid
return *ie
}
if !author.IsValidUsername(app.cfg, newUsername) {
// Ensure the username is syntactically correct.
return impart.HTTPError{http.StatusPreconditionFailed, "Username isn't valid."}
}
t, err := db.Begin()
if err != nil {
log.Error("Couldn't start username change transaction: %v", err)
return err
}
_, err = t.Exec("UPDATE users SET username = ? WHERE id = ?", newUsername, u.ID)
if err != nil {
t.Rollback()
Fix duplicate key checks in SQLite Ref T529
2018-12-08 18:25:20 +00:00
if db.isDuplicateKeyErr(err) {
return impart.HTTPError{http.StatusConflict, "Username is already taken."}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
log.Error("Unable to update users table: %v", err)
return ErrInternalGeneral
}
_, err = t.Exec("UPDATE collections SET alias = ? WHERE alias = ? AND owner_id = ?", newUsername, u.Username, u.ID)
if err != nil {
t.Rollback()
Fix duplicate key checks in SQLite Ref T529
2018-12-08 18:25:20 +00:00
if db.isDuplicateKeyErr(err) {
return impart.HTTPError{http.StatusConflict, "Username is already taken."}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
log.Error("Unable to update collection: %v", err)
return ErrInternalGeneral
}
// Keep track of name changes for redirection
db.RemoveCollectionRedirect(t, newUsername)
_, err = t.Exec("UPDATE collectionredirects SET new_alias = ? WHERE new_alias = ?", newUsername, u.Username)
if err != nil {
log.Error("Unable to update collectionredirects: %v", err)
}
_, err = t.Exec("INSERT INTO collectionredirects (prev_alias, new_alias) VALUES (?, ?)", u.Username, newUsername)
if err != nil {
log.Error("Unable to add new collectionredirect: %v", err)
}
err = t.Commit()
if err != nil {
t.Rollback()
log.Error("Rolling back after Commit(): %v\n", err)
return err
}
u.Username = newUsername
}
// Update passphrase if given
if s.NewPass != "" {
// Check if user has already set a password
var err error
u.HasPass, err = db.IsUserPassSet(u.ID)
if err != nil {
errPass = impart.HTTPError{http.StatusInternalServerError, "Unable to retrieve user data."}
return errPass
}
if u.HasPass {
// Check if currently-set password is correct
hashedPass := u.HashedPass
if len(hashedPass) == 0 {
authUser, err := db.GetUserForAuthByID(u.ID)
if err != nil {
errPass = err
return errPass
}
hashedPass = authUser.HashedPass
}
if !auth.Authenticated(hashedPass, []byte(s.OldPass)) {
errPass = impart.HTTPError{http.StatusUnauthorized, "Incorrect password."}
return errPass
}
}
hashedPass, err := auth.HashPass([]byte(s.NewPass))
if err != nil {
errPass = impart.HTTPError{http.StatusInternalServerError, "Could not create password hash."}
return errPass
}
q.SetBytes(hashedPass, "password")
}
// WHERE values
q.Append(u.ID)
if q.Updates == "" {
if s.Username == "" {
return ErrPostNoUpdatableVals
}
// Nothing to update except username. That was successful, so return now.
return nil
}
res, err := db.Exec("UPDATE users SET "+q.Updates+" WHERE id = ?", q.Params...)
if err != nil {
log.Error("Unable to update collection: %v", err)
return err
}
rowsAffected, _ := res.RowsAffected()
if rowsAffected == 0 {
// Show the correct error message if nothing was updated
var dummy int
err := db.QueryRow("SELECT 1 FROM users WHERE id = ?", u.ID).Scan(&dummy)
switch {
case err == sql.ErrNoRows:
return ErrUnauthorizedGeneral
case err != nil:
log.Error("Failed selecting from users: %v", err)
}
return nil
}
if s.NewPass != "" && !u.HasPass {
u.HasPass = true
}
return nil
}
func (db *datastore) ChangePassphrase(userID int64, sudo bool, curPass string, hashedPass []byte) error {
var dbPass []byte
err := db.QueryRow("SELECT password FROM users WHERE id = ?", userID).Scan(&dbPass)
switch {
case err == sql.ErrNoRows:
return ErrUserNotFound
case err != nil:
log.Error("Couldn't SELECT user password for change: %v", err)
return err
}
if !sudo && !auth.Authenticated(dbPass, []byte(curPass)) {
return impart.HTTPError{http.StatusUnauthorized, "Incorrect password."}
}
_, err = db.Exec("UPDATE users SET password = ? WHERE id = ?", hashedPass, userID)
if err != nil {
log.Error("Could not update passphrase: %v", err)
return err
}
return nil
}
func (db *datastore) RemoveCollectionRedirect(t *sql.Tx, alias string) error {
_, err := t.Exec("DELETE FROM collectionredirects WHERE prev_alias = ?", alias)
if err != nil {
log.Error("Unable to delete from collectionredirects: %v", err)
return err
}
return nil
}
func (db *datastore) GetCollectionRedirect(alias string) (new string) {
row := db.QueryRow("SELECT new_alias FROM collectionredirects WHERE prev_alias = ?", alias)
err := row.Scan(&new)
Ignore "collation mix" errors in GetCollectionRedirect()
2020-06-08 17:37:02 +00:00
if err != nil && err != sql.ErrNoRows && !db.isIgnorableError(err) {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
log.Error("Failed selecting from collectionredirects: %v", err)
}
return
}
func (db *datastore) DeleteCollection(alias string, userID int64) error {
c := &Collection{Alias: alias}
var username string
row := db.QueryRow("SELECT username FROM users WHERE id = ?", userID)
err := row.Scan(&username)
if err != nil {
return err
}
// Ensure user isn't deleting their main blog
if alias == username {
return impart.HTTPError{http.StatusForbidden, "You cannot currently delete your primary blog."}
}
row = db.QueryRow("SELECT id FROM collections WHERE alias = ? AND owner_id = ?", alias, userID)
err = row.Scan(&c.ID)
switch {
case err == sql.ErrNoRows:
return impart.HTTPError{http.StatusNotFound, "Collection doesn't exist or you're not allowed to delete it."}
case err != nil:
log.Error("Failed selecting from collections: %v", err)
return ErrInternalGeneral
}
t, err := db.Begin()
if err != nil {
return err
}
// Float all collection's posts
_, err = t.Exec("UPDATE posts SET collection_id = NULL WHERE collection_id = ? AND owner_id = ?", c.ID, userID)
if err != nil {
t.Rollback()
return err
}
// Remove redirects to or from this collection
_, err = t.Exec("DELETE FROM collectionredirects WHERE prev_alias = ? OR new_alias = ?", alias, alias)
if err != nil {
t.Rollback()
return err
}
// Remove any optional collection password
_, err = t.Exec("DELETE FROM collectionpasswords WHERE collection_id = ?", c.ID)
if err != nil {
t.Rollback()
return err
}
// Finally, delete collection itself
_, err = t.Exec("DELETE FROM collections WHERE id = ?", c.ID)
if err != nil {
t.Rollback()
return err
}
err = t.Commit()
if err != nil {
t.Rollback()
return err
}
return nil
}
func (db *datastore) IsCollectionAttributeOn(id int64, attr string) bool {
var v string
err := db.QueryRow("SELECT value FROM collectionattributes WHERE collection_id = ? AND attribute = ?", id, attr).Scan(&v)
switch {
case err == sql.ErrNoRows:
return false
case err != nil:
log.Error("Couldn't SELECT value in isCollectionAttributeOn for attribute '%s': %v", attr, err)
return false
}
return v == "1"
}
func (db *datastore) CollectionHasAttribute(id int64, attr string) bool {
var dummy string
err := db.QueryRow("SELECT value FROM collectionattributes WHERE collection_id = ? AND attribute = ?", id, attr).Scan(&dummy)
switch {
case err == sql.ErrNoRows:
return false
case err != nil:
log.Error("Couldn't SELECT value in collectionHasAttribute for attribute '%s': %v", attr, err)
return false
}
return true
}
Support Web Monetization via backend attribute This supports a new `monetization_pointer` collection attribute. When present, we include the `monetization` meta tag on all collection pages.
2020-08-19 13:28:44 +00:00
func (db *datastore) GetCollectionAttribute(id int64, attr string) string {
var v string
err := db.QueryRow("SELECT value FROM collectionattributes WHERE collection_id = ? AND attribute = ?", id, attr).Scan(&v)
switch {
case err == sql.ErrNoRows:
return ""
case err != nil:
log.Error("Couldn't SELECT value in getCollectionAttribute for attribute '%s': %v", attr, err)
return ""
}
return v
}
func (db *datastore) SetCollectionAttribute(id int64, attr, v string) error {
_, err := db.Exec("INSERT INTO collectionattributes (collection_id, attribute, value) VALUES (?, ?, ?)", id, attr, v)
if err != nil {
log.Error("Unable to INSERT into collectionattributes: %v", err)
return err
}
return nil
}
CLI delete account by username and delete posts this changed the CLI flag to use the username instead of the userID leaving the underlying database function as is. also now posts are all deleted with no option to skip as this is likely never needed.
2019-11-05 17:14:20 +00:00
// DeleteAccount will delete the entire account for userID
func (db *datastore) DeleteAccount(userID int64) error {
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// Get all collections
rows, err := db.Query("SELECT id, alias FROM collections WHERE owner_id = ?", userID)
if err != nil {
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to get collections: %v", err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
defer rows.Close()
colls := []Collection{}
var c Collection
for rows.Next() {
err = rows.Scan(&c.ID, &c.Alias)
if err != nil {
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to scan collection cols: %v", err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
colls = append(colls, c)
}
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
// Start transaction
t, err := db.Begin()
if err != nil {
log.Error("Unable to begin: %v", err)
return err
}
// Clean up all collection related information
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
var res sql.Result
for _, c := range colls {
// Delete tokens
res, err = t.Exec("DELETE FROM collectionattributes WHERE collection_id = ?", c.ID)
if err != nil {
t.Rollback()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to delete attributes on %s: %v", c.Alias, err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ := res.RowsAffected()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Info("Deleted %d for %s from collectionattributes", rs, c.Alias)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// Remove any optional collection password
res, err = t.Exec("DELETE FROM collectionpasswords WHERE collection_id = ?", c.ID)
if err != nil {
t.Rollback()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to delete passwords on %s: %v", c.Alias, err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ = res.RowsAffected()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Info("Deleted %d for %s from collectionpasswords", rs, c.Alias)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// Remove redirects to this collection
res, err = t.Exec("DELETE FROM collectionredirects WHERE new_alias = ?", c.Alias)
if err != nil {
t.Rollback()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to delete redirects on %s: %v", c.Alias, err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ = res.RowsAffected()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Info("Deleted %d for %s from collectionredirects", rs, c.Alias)
// Remove any collection keys
res, err = t.Exec("DELETE FROM collectionkeys WHERE collection_id = ?", c.ID)
if err != nil {
t.Rollback()
log.Error("Unable to delete keys on %s: %v", c.Alias, err)
return err
}
rs, _ = res.RowsAffected()
log.Info("Deleted %d for %s from collectionkeys", rs, c.Alias)
// TODO: federate delete collection
// Remove remote follows
res, err = t.Exec("DELETE FROM remotefollows WHERE collection_id = ?", c.ID)
if err != nil {
t.Rollback()
log.Error("Unable to delete remote follows on %s: %v", c.Alias, err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ = res.RowsAffected()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Info("Deleted %d for %s from remotefollows", rs, c.Alias)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
// Delete collections
res, err = t.Exec("DELETE FROM collections WHERE owner_id = ?", userID)
if err != nil {
t.Rollback()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to delete collections: %v", err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ := res.RowsAffected()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Info("Deleted %d from collections", rs)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// Delete tokens
res, err = t.Exec("DELETE FROM accesstokens WHERE user_id = ?", userID)
if err != nil {
t.Rollback()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to delete access tokens: %v", err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ = res.RowsAffected()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Info("Deleted %d from accesstokens", rs)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
Clean up oauth_users table on account deletion Ref T319
2020-02-08 18:51:38 +00:00
// Delete user attributes
res, err = t.Exec("DELETE FROM oauth_users WHERE user_id = ?", userID)
if err != nil {
t.Rollback()
log.Error("Unable to delete oauth_users: %v", err)
return err
}
rs, _ = res.RowsAffected()
log.Info("Deleted %d from oauth_users", rs)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
// Delete posts
CLI delete account by username and delete posts this changed the CLI flag to use the username instead of the userID leaving the underlying database function as is. also now posts are all deleted with no option to skip as this is likely never needed.
2019-11-05 17:14:20 +00:00
// TODO: should maybe get each row so we can federate a delete
// if so needs to be outside of transaction like collections
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
res, err = t.Exec("DELETE FROM posts WHERE owner_id = ?", userID)
if err != nil {
t.Rollback()
CLI delete account by username and delete posts this changed the CLI flag to use the username instead of the userID leaving the underlying database function as is. also now posts are all deleted with no option to skip as this is likely never needed.
2019-11-05 17:14:20 +00:00
log.Error("Unable to delete posts: %v", err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ = res.RowsAffected()
CLI delete account by username and delete posts this changed the CLI flag to use the username instead of the userID leaving the underlying database function as is. also now posts are all deleted with no option to skip as this is likely never needed.
2019-11-05 17:14:20 +00:00
log.Info("Deleted %d from posts", rs)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
// Delete user attributes
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
res, err = t.Exec("DELETE FROM userattributes WHERE user_id = ?", userID)
if err != nil {
t.Rollback()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to delete attributes: %v", err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ = res.RowsAffected()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Info("Deleted %d from userattributes", rs)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
// Delete user invites
res, err = t.Exec("DELETE FROM userinvites WHERE owner_id = ?", userID)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
t.Rollback()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to delete invites: %v", err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ = res.RowsAffected()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Info("Deleted %d from userinvites", rs)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
// Delete the user
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
res, err = t.Exec("DELETE FROM users WHERE id = ?", userID)
if err != nil {
t.Rollback()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to delete user: %v", err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
rs, _ = res.RowsAffected()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Info("Deleted %d from users", rs)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
// Commit all changes to the database
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
err = t.Commit()
if err != nil {
t.Rollback()
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
log.Error("Unable to commit: %v", err)
return err
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
add account deletion CLI only but backend supports calls from app.db.DeleteAccount already takes --delete-account user_id_number with optional --posts to also delete posts. if --posts is omitted all user posts will be updated to anonymous posts
2019-10-31 22:16:10 +00:00
// TODO: federate delete actor
return nil
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
}
func (db *datastore) GetAPActorKeys(collectionID int64) ([]byte, []byte) {
var pub, priv []byte
Fill in remaining missing pieces - Database schema changes, removing obsolete custom domain-related code - Missing user structs - Setup verbiage changes - Missing routes - Missing error messages
2018-11-08 06:31:01 +00:00
err := db.QueryRow("SELECT public_key, private_key FROM collectionkeys WHERE collection_id = ?", collectionID).Scan(&pub, &priv)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
switch {
case err == sql.ErrNoRows:
// Generate keys
pub, priv = activitypub.GenerateKeys()
Fill in remaining missing pieces - Database schema changes, removing obsolete custom domain-related code - Missing user structs - Setup verbiage changes - Missing routes - Missing error messages
2018-11-08 06:31:01 +00:00
_, err = db.Exec("INSERT INTO collectionkeys (collection_id, public_key, private_key) VALUES (?, ?, ?)", collectionID, pub, priv)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
if err != nil {
log.Error("Unable to INSERT new activitypub keypair: %v", err)
return nil, nil
}
case err != nil:
Fill in remaining missing pieces - Database schema changes, removing obsolete custom domain-related code - Missing user structs - Setup verbiage changes - Missing routes - Missing error messages
2018-11-08 06:31:01 +00:00
log.Error("Couldn't SELECT collectionkeys: %v", err)
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
return nil, nil
}
return pub, priv
}
Support user invites This includes: - A new `user_invites` config value that determines who can generate invite links - A new page for generating invite links, with new user navigation link - A new /invite/ path that allows anyone to sign up via unique invite link, even if registrations are closed - Tracking who (of registered users) has been invited by whom It requires an updated database with `writefreely --migrate` in order to work. This closes T556
2019-01-18 05:05:50 +00:00
func (db *datastore) CreateUserInvite(id string, userID int64, maxUses int, expires *time.Time) error {
_, err := db.Exec("INSERT INTO userinvites (id, owner_id, max_uses, created, expires, inactive) VALUES (?, ?, ?, "+db.now()+", ?, 0)", id, userID, maxUses, expires)
return err
}
func (db *datastore) GetUserInvites(userID int64) (*[]Invite, error) {
rows, err := db.Query("SELECT id, max_uses, created, expires, inactive FROM userinvites WHERE owner_id = ? ORDER BY created DESC", userID)
if err != nil {
log.Error("Failed selecting from userinvites: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve user invites."}
}
defer rows.Close()
is := []Invite{}
for rows.Next() {
i := Invite{}
err = rows.Scan(&i.ID, &i.MaxUses, &i.Created, &i.Expires, &i.Inactive)
is = append(is, i)
}
return &is, nil
}
func (db *datastore) GetUserInvite(id string) (*Invite, error) {
var i Invite
err := db.QueryRow("SELECT id, max_uses, created, expires, inactive FROM userinvites WHERE id = ?", id).Scan(&i.ID, &i.MaxUses, &i.Created, &i.Expires, &i.Inactive)
switch {
Ignore "mix of collations" error on invite SELECT This adds the `isIgnorableError` method and calls it when error checking in `GetUserInvite()`, returning "not found" if the rror comes up.
2020-01-30 09:36:29 +00:00
case err == sql.ErrNoRows, db.isIgnorableError(err):
Fix nil pointer when navigating to bad invite URL Previously when looking up an invite ID that doesn't exist, the database call wouldn't communicate its non-existence in a standard way -- returning a nil object and nil error. Now the database call returns a 404 error, so handlers can show the correct page.
2019-02-27 11:05:22 +00:00
return nil, impart.HTTPError{http.StatusNotFound, "Invite doesn't exist."}
Support user invites This includes: - A new `user_invites` config value that determines who can generate invite links - A new page for generating invite links, with new user navigation link - A new /invite/ path that allows anyone to sign up via unique invite link, even if registrations are closed - Tracking who (of registered users) has been invited by whom It requires an updated database with `writefreely --migrate` in order to work. This closes T556
2019-01-18 05:05:50 +00:00
case err != nil:
log.Error("Failed selecting invite: %v", err)
return nil, err
}
return &i, nil
}
add user invite instructions this adds a new page with instructions for sharing user invites if a user clicks the link for one of their own invite codes they are directed to a page with clear instructions for it's use. if a user clicks another users link they are redirectec to their account settings witha flash telling them they do not need to register.
2019-09-13 17:58:17 +00:00
// IsUsersInvite returns true if the user with ID created the invite with code
// and an error other than sql no rows, if any. Will return false in the event
// of an error.
func (db *datastore) IsUsersInvite(code string, userID int64) (bool, error) {
var id string
err := db.QueryRow("SELECT id FROM userinvites WHERE id = ? AND owner_id = ?", code, userID).Scan(&id)
if err != nil && err != sql.ErrNoRows {
log.Error("Failed selecting invite: %v", err)
return false, err
}
return id != "", nil
}
Support user invites This includes: - A new `user_invites` config value that determines who can generate invite links - A new page for generating invite links, with new user navigation link - A new /invite/ path that allows anyone to sign up via unique invite link, even if registrations are closed - Tracking who (of registered users) has been invited by whom It requires an updated database with `writefreely --migrate` in order to work. This closes T556
2019-01-18 05:05:50 +00:00
func (db *datastore) GetUsersInvitedCount(id string) int64 {
var count int64
err := db.QueryRow("SELECT COUNT(*) FROM usersinvited WHERE invite_id = ?", id).Scan(&count)
switch {
case err == sql.ErrNoRows:
return 0
case err != nil:
log.Error("Failed selecting users invited count: %v", err)
return 0
}
return count
}
func (db *datastore) CreateInvitedUser(inviteID string, userID int64) error {
_, err := db.Exec("INSERT INTO usersinvited (invite_id, user_id) VALUES (?, ?)", inviteID, userID)
return err
}
Move instance page editing to dedicated section This adds a "Pages" section to the admin part of the site, and enables admins to edit the pre-defined About and Privacy pages there, instead of on the dashboard itself. It also restructures how these pages get sent around in the backend and lays the groundwork for dynamically adding static pages. The backend changes were made with more customization in mind, such as an instance-wide custom stylesheet (T563). Ref T566
2019-04-06 17:23:22 +00:00
func (db *datastore) GetInstancePages() ([]*instanceContent, error) {
Support changing instance page titles Now admins can choose a title for their About and Privacy pages; now editable through the instance page editor. This adds `title` and `content_type` fields to the `appcontent` table, requiring a migration by running `writefreely --migrate` The content_type field specifies that items we're currently storing in this table are all "page"s; queries for fetching these have been updated to filter for this type. In the future, this field will be used to indicate when an item is a stylesheet (ref T563) or other supported type. Ref T566
2019-04-11 17:56:07 +00:00
return db.GetAllDynamicContent("page")
}
func (db *datastore) GetAllDynamicContent(t string) ([]*instanceContent, error) {
where := ""
params := []interface{}{}
if t != "" {
where = " WHERE content_type = ?"
params = append(params, t)
}
rows, err := db.Query("SELECT id, title, content, updated, content_type FROM appcontent"+where, params...)
Move instance page editing to dedicated section This adds a "Pages" section to the admin part of the site, and enables admins to edit the pre-defined About and Privacy pages there, instead of on the dashboard itself. It also restructures how these pages get sent around in the backend and lays the groundwork for dynamically adding static pages. The backend changes were made with more customization in mind, such as an instance-wide custom stylesheet (T563). Ref T566
2019-04-06 17:23:22 +00:00
if err != nil {
log.Error("Failed selecting from appcontent: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve instance pages."}
}
defer rows.Close()
pages := []*instanceContent{}
for rows.Next() {
c := &instanceContent{}
Support changing instance page titles Now admins can choose a title for their About and Privacy pages; now editable through the instance page editor. This adds `title` and `content_type` fields to the `appcontent` table, requiring a migration by running `writefreely --migrate` The content_type field specifies that items we're currently storing in this table are all "page"s; queries for fetching these have been updated to filter for this type. In the future, this field will be used to indicate when an item is a stylesheet (ref T563) or other supported type. Ref T566
2019-04-11 17:56:07 +00:00
err = rows.Scan(&c.ID, &c.Title, &c.Content, &c.Updated, &c.Type)
Move instance page editing to dedicated section This adds a "Pages" section to the admin part of the site, and enables admins to edit the pre-defined About and Privacy pages there, instead of on the dashboard itself. It also restructures how these pages get sent around in the backend and lays the groundwork for dynamically adding static pages. The backend changes were made with more customization in mind, such as an instance-wide custom stylesheet (T563). Ref T566
2019-04-06 17:23:22 +00:00
if err != nil {
log.Error("Failed scanning row: %v", err)
break
}
pages = append(pages, c)
}
err = rows.Err()
if err != nil {
log.Error("Error after Next() on rows: %v", err)
}
return pages, nil
}
func (db *datastore) GetDynamicContent(id string) (*instanceContent, error) {
c := &instanceContent{
ID: id,
}
Support changing instance page titles Now admins can choose a title for their About and Privacy pages; now editable through the instance page editor. This adds `title` and `content_type` fields to the `appcontent` table, requiring a migration by running `writefreely --migrate` The content_type field specifies that items we're currently storing in this table are all "page"s; queries for fetching these have been updated to filter for this type. In the future, this field will be used to indicate when an item is a stylesheet (ref T563) or other supported type. Ref T566
2019-04-11 17:56:07 +00:00
err := db.QueryRow("SELECT title, content, updated, content_type FROM appcontent WHERE id = ?", id).Scan(&c.Title, &c.Content, &c.Updated, &c.Type)
Support editing About and Privacy pages from Admin panel This allows admin to edit these pages from the web, using Markdown. It also dynamically loads information on those pages now, and makes loading `pages` templates a little easier to find in the code / more explicit. It requires this new schema change: CREATE TABLE IF NOT EXISTS `appcontent` ( `id` varchar(36) NOT NULL, `content` mediumtext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `updated` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; This closes T533
2018-11-19 02:58:50 +00:00
switch {
case err == sql.ErrNoRows:
Move instance page editing to dedicated section This adds a "Pages" section to the admin part of the site, and enables admins to edit the pre-defined About and Privacy pages there, instead of on the dashboard itself. It also restructures how these pages get sent around in the backend and lays the groundwork for dynamically adding static pages. The backend changes were made with more customization in mind, such as an instance-wide custom stylesheet (T563). Ref T566
2019-04-06 17:23:22 +00:00
return nil, nil
Support editing About and Privacy pages from Admin panel This allows admin to edit these pages from the web, using Markdown. It also dynamically loads information on those pages now, and makes loading `pages` templates a little easier to find in the code / more explicit. It requires this new schema change: CREATE TABLE IF NOT EXISTS `appcontent` ( `id` varchar(36) NOT NULL, `content` mediumtext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `updated` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; This closes T533
2018-11-19 02:58:50 +00:00
case err != nil:
log.Error("Couldn't SELECT FROM appcontent for id '%s': %v", id, err)
Move instance page editing to dedicated section This adds a "Pages" section to the admin part of the site, and enables admins to edit the pre-defined About and Privacy pages there, instead of on the dashboard itself. It also restructures how these pages get sent around in the backend and lays the groundwork for dynamically adding static pages. The backend changes were made with more customization in mind, such as an instance-wide custom stylesheet (T563). Ref T566
2019-04-06 17:23:22 +00:00
return nil, err
Support editing About and Privacy pages from Admin panel This allows admin to edit these pages from the web, using Markdown. It also dynamically loads information on those pages now, and makes loading `pages` templates a little easier to find in the code / more explicit. It requires this new schema change: CREATE TABLE IF NOT EXISTS `appcontent` ( `id` varchar(36) NOT NULL, `content` mediumtext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `updated` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; This closes T533
2018-11-19 02:58:50 +00:00
}
Move instance page editing to dedicated section This adds a "Pages" section to the admin part of the site, and enables admins to edit the pre-defined About and Privacy pages there, instead of on the dashboard itself. It also restructures how these pages get sent around in the backend and lays the groundwork for dynamically adding static pages. The backend changes were made with more customization in mind, such as an instance-wide custom stylesheet (T563). Ref T566
2019-04-06 17:23:22 +00:00
return c, nil
Support editing About and Privacy pages from Admin panel This allows admin to edit these pages from the web, using Markdown. It also dynamically loads information on those pages now, and makes loading `pages` templates a little easier to find in the code / more explicit. It requires this new schema change: CREATE TABLE IF NOT EXISTS `appcontent` ( `id` varchar(36) NOT NULL, `content` mediumtext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `updated` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; This closes T533
2018-11-19 02:58:50 +00:00
}
Support changing instance page titles Now admins can choose a title for their About and Privacy pages; now editable through the instance page editor. This adds `title` and `content_type` fields to the `appcontent` table, requiring a migration by running `writefreely --migrate` The content_type field specifies that items we're currently storing in this table are all "page"s; queries for fetching these have been updated to filter for this type. In the future, this field will be used to indicate when an item is a stylesheet (ref T563) or other supported type. Ref T566
2019-04-11 17:56:07 +00:00
func (db *datastore) UpdateDynamicContent(id, title, content, contentType string) error {
Fix upsert queries on SQLite Ref T529
2018-12-08 17:58:45 +00:00
var err error
if db.driverName == driverSQLite {
Support changing instance page titles Now admins can choose a title for their About and Privacy pages; now editable through the instance page editor. This adds `title` and `content_type` fields to the `appcontent` table, requiring a migration by running `writefreely --migrate` The content_type field specifies that items we're currently storing in this table are all "page"s; queries for fetching these have been updated to filter for this type. In the future, this field will be used to indicate when an item is a stylesheet (ref T563) or other supported type. Ref T566
2019-04-11 17:56:07 +00:00
_, err = db.Exec("INSERT OR REPLACE INTO appcontent (id, title, content, updated, content_type) VALUES (?, ?, ?, "+db.now()+", ?)", id, title, content, contentType)
Fix upsert queries on SQLite Ref T529
2018-12-08 17:58:45 +00:00
} else {
Support changing instance page titles Now admins can choose a title for their About and Privacy pages; now editable through the instance page editor. This adds `title` and `content_type` fields to the `appcontent` table, requiring a migration by running `writefreely --migrate` The content_type field specifies that items we're currently storing in this table are all "page"s; queries for fetching these have been updated to filter for this type. In the future, this field will be used to indicate when an item is a stylesheet (ref T563) or other supported type. Ref T566
2019-04-11 17:56:07 +00:00
_, err = db.Exec("INSERT INTO appcontent (id, title, content, updated, content_type) VALUES (?, ?, ?, "+db.now()+", ?) "+db.upsert("id")+" title = ?, content = ?, updated = "+db.now(), id, title, content, contentType, title, content)
Fix upsert queries on SQLite Ref T529
2018-12-08 17:58:45 +00:00
}
Support editing About and Privacy pages from Admin panel This allows admin to edit these pages from the web, using Markdown. It also dynamically loads information on those pages now, and makes loading `pages` templates a little easier to find in the code / more explicit. It requires this new schema change: CREATE TABLE IF NOT EXISTS `appcontent` ( `id` varchar(36) NOT NULL, `content` mediumtext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `updated` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; This closes T533
2018-11-19 02:58:50 +00:00
if err != nil {
log.Error("Unable to INSERT appcontent for '%s': %v", id, err)
}
return err
}
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
func (db *datastore) GetAllUsers(page uint) (*[]User, error) {
Add pager to admin user list This enables paging through the entire list of users. Ref T553
2019-01-05 14:37:53 +00:00
limitStr := fmt.Sprintf("0, %d", adminUsersPerPage)
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
if page > 1 {
Add pager to admin user list This enables paging through the entire list of users. Ref T553
2019-01-05 14:37:53 +00:00
limitStr = fmt.Sprintf("%d, %d", (page-1)*adminUsersPerPage, adminUsersPerPage)
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
}
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
rows, err := db.Query("SELECT id, username, created, status FROM users ORDER BY created DESC LIMIT " + limitStr)
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
if err != nil {
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
log.Error("Failed selecting from users: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve all users."}
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
}
defer rows.Close()
users := []User{}
for rows.Next() {
u := User{}
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
err = rows.Scan(&u.ID, &u.Username, &u.Created, &u.Status)
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
if err != nil {
log.Error("Failed scanning GetAllUsers() row: %v", err)
break
}
users = append(users, u)
}
return &users, nil
}
Add pager to admin user list This enables paging through the entire list of users. Ref T553
2019-01-05 14:37:53 +00:00
func (db *datastore) GetAllUsersCount() int64 {
var count int64
err := db.QueryRow("SELECT COUNT(*) FROM users").Scan(&count)
switch {
case err == sql.ErrNoRows:
return 0
case err != nil:
log.Error("Failed selecting all users count: %v", err)
return 0
}
return count
}
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
func (db *datastore) GetUserLastPostTime(id int64) (*time.Time, error) {
var t time.Time
err := db.QueryRow("SELECT created FROM posts WHERE owner_id = ? ORDER BY created DESC LIMIT 1", id).Scan(&t)
switch {
case err == sql.ErrNoRows:
return nil, nil
case err != nil:
log.Error("Failed selecting last post time from posts: %v", err)
return nil, err
}
return &t, nil
}
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
// SetUserStatus changes a user's status in the database. see Users.UserStatus
func (db *datastore) SetUserStatus(id int64, status UserStatus) error {
_, err := db.Exec("UPDATE users SET status = ? WHERE id = ?", status, id)
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
if err != nil {
address PR comments - update error messages to be correct - move suspended message into template and include for other pages - check suspended status on all relevant pages and show message if logged in user is suspended. - fix possible nil pointer error - remove changes to db schema files - add version comment to migration - add UserStatus type with UserActive and UserSuspended - change database table to use status column instead of suspended - update toggle suspended handler to be toggle status in prep for possible future inclusion of further user statuses
2019-10-25 19:04:24 +00:00
return fmt.Errorf("failed to update user status: %v", err)
Add account suspension features This renders all requests for that user's posts, collections and related ActivityPub endpoints with 404 responses. While suspended, users may not create or edit posts or collections. User status is listed in the admin user page Admin view of user details shows status and now has a button to activate or suspend a user.
2019-08-28 19:37:45 +00:00
}
return nil
}
Add admin user list This enables admins on multi-user instances to see all users registered, and view the details of each, including: - Username - Join date - Total posts - Last post date - All blogs - Public info - Views - Total posts - Last post date - Fediverse followers count This is the foundation for future user moderation features. Ref T553
2019-01-05 03:28:29 +00:00
func (db *datastore) GetCollectionLastPostTime(id int64) (*time.Time, error) {
var t time.Time
err := db.QueryRow("SELECT created FROM posts WHERE collection_id = ? ORDER BY created DESC LIMIT 1", id).Scan(&t)
switch {
case err == sql.ErrNoRows:
return nil, nil
case err != nil:
log.Error("Failed selecting last post time from posts: %v", err)
return nil, err
}
return &t, nil
}
Support OAuth registration with invite code This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered. It enables invite-only instances with OAuth-based registration.
2020-04-20 22:18:23 +00:00
func (db *datastore) GenerateOAuthState(ctx context.Context, provider string, clientID string, attachUser int64, inviteCode string) (string, error) {
Remove writeas/nerds/store dependency
2021-03-30 16:49:12 +00:00
state := id.Generate62RandomString(24)
Use NULL for new attach_user_id column Ref T713
2020-02-10 20:24:39 +00:00
attachUserVal := sql.NullInt64{Valid: attachUser > 0, Int64: attachUser}
Support OAuth registration with invite code This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered. It enables invite-only instances with OAuth-based registration.
2020-04-20 22:18:23 +00:00
inviteCodeVal := sql.NullString{Valid: inviteCode != "", String: inviteCode}
_, err := db.ExecContext(ctx, "INSERT INTO oauth_client_states (state, provider, client_id, used, created_at, attach_user_id, invite_code) VALUES (?, ?, ?, FALSE, "+db.now()+", ?, ?)", state, provider, clientID, attachUserVal, inviteCodeVal)
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
if err != nil {
return "", fmt.Errorf("unable to record oauth client state: %w", err)
}
return state, nil
}
Support OAuth registration with invite code This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered. It enables invite-only instances with OAuth-based registration.
2020-04-20 22:18:23 +00:00
func (db *datastore) ValidateOAuthState(ctx context.Context, state string) (string, string, int64, string, error) {
Feature complete on MVP slack auth integration. T710
2019-12-28 20:15:47 +00:00
var provider string
var clientID string
Use NULL for new attach_user_id column Ref T713
2020-02-10 20:24:39 +00:00
var attachUserID sql.NullInt64
Support OAuth registration with invite code This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered. It enables invite-only instances with OAuth-based registration.
2020-04-20 22:18:23 +00:00
var inviteCode sql.NullString
Feature complete on MVP slack auth integration. T710
2019-12-28 20:15:47 +00:00
err := wf_db.RunTransactionWithOptions(ctx, db.DB, &sql.TxOptions{}, func(ctx context.Context, tx *sql.Tx) error {
Implemented oauth attach functionality, oauth detach functionality, and required data migration. T713
2020-01-15 18:16:59 +00:00
err := tx.
Support OAuth registration with invite code This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered. It enables invite-only instances with OAuth-based registration.
2020-04-20 22:18:23 +00:00
QueryRowContext(ctx, "SELECT provider, client_id, attach_user_id, invite_code FROM oauth_client_states WHERE state = ? AND used = FALSE", state).
Scan(&provider, &clientID, &attachUserID, &inviteCode)
Feature complete on MVP slack auth integration. T710
2019-12-28 20:15:47 +00:00
if err != nil {
return err
}
Merged in final changes from PR 225 into T705-oauth-slack. T710
2019-12-31 16:48:08 +00:00
res, err := tx.ExecContext(ctx, "UPDATE oauth_client_states SET used = TRUE WHERE state = ?", state)
Feature complete on MVP slack auth integration. T710
2019-12-28 20:15:47 +00:00
if err != nil {
return err
}
rowsAffected, err := res.RowsAffected()
if err != nil {
return err
}
if rowsAffected != 1 {
return fmt.Errorf("state not found")
}
return nil
})
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
if err != nil {
Support OAuth registration with invite code This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered. It enables invite-only instances with OAuth-based registration.
2020-04-20 22:18:23 +00:00
return "", "", 0, "", nil
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
}
Support OAuth registration with invite code This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered. It enables invite-only instances with OAuth-based registration.
2020-04-20 22:18:23 +00:00
return provider, clientID, attachUserID.Int64, inviteCode.String, nil
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
}
Code cleanup in prep for PR. T710
2019-12-30 18:32:06 +00:00
func (db *datastore) RecordRemoteUserID(ctx context.Context, localUserID int64, remoteUserID, provider, clientID, accessToken string) error {
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
var err error
if db.driverName == driverSQLite {
Merged in final changes from PR 225 into T705-oauth-slack. T710
2019-12-31 16:48:08 +00:00
_, err = db.ExecContext(ctx, "INSERT OR REPLACE INTO oauth_users (user_id, remote_user_id, provider, client_id, access_token) VALUES (?, ?, ?, ?, ?)", localUserID, remoteUserID, provider, clientID, accessToken)
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
} else {
Merged in final changes from PR 225 into T705-oauth-slack. T710
2019-12-31 16:48:08 +00:00
_, err = db.ExecContext(ctx, "INSERT INTO oauth_users (user_id, remote_user_id, provider, client_id, access_token) VALUES (?, ?, ?, ?, ?) "+db.upsert("user")+" access_token = ?", localUserID, remoteUserID, provider, clientID, accessToken, accessToken)
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
}
if err != nil {
Changed oauth table names per PR feedback. T705
2019-12-31 16:28:05 +00:00
log.Error("Unable to INSERT oauth_users for '%d': %v", localUserID, err)
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
}
return err
}
// GetIDForRemoteUser returns a user ID associated with a remote user ID.
Code cleanup in prep for PR. T710
2019-12-30 18:32:06 +00:00
func (db *datastore) GetIDForRemoteUser(ctx context.Context, remoteUserID, provider, clientID string) (int64, error) {
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
var userID int64 = -1
err := db.
Merged in final changes from PR 225 into T705-oauth-slack. T710
2019-12-31 16:48:08 +00:00
QueryRowContext(ctx, "SELECT user_id FROM oauth_users WHERE remote_user_id = ? AND provider = ? AND client_id = ?", remoteUserID, provider, clientID).
Added oauth handlers and tests with mocks. Part of T705.
2019-12-19 16:48:04 +00:00
Scan(&userID)
// Not finding a record is OK.
if err != nil && err != sql.ErrNoRows {
return -1, err
}
return userID, nil
}
Implemented oauth attach functionality, oauth detach functionality, and required data migration. T713
2020-01-15 18:16:59 +00:00
type oauthAccountInfo struct {
Enable updating WM payment pointer via API and Customize page Ref T773
2020-09-30 18:40:13 +00:00
Provider string
ClientID string
RemoteUserID string
DisplayName string
AllowDisconnect bool
Implemented oauth attach functionality, oauth detach functionality, and required data migration. T713
2020-01-15 18:16:59 +00:00
}
func (db *datastore) GetOauthAccounts(ctx context.Context, userID int64) ([]oauthAccountInfo, error) {
rows, err := db.QueryContext(ctx, "SELECT provider, client_id, remote_user_id FROM oauth_users WHERE user_id = ? ", userID)
if err != nil {
log.Error("Failed selecting from oauth_users: %v", err)
return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve user oauth accounts."}
}
defer rows.Close()
var records []oauthAccountInfo
for rows.Next() {
info := oauthAccountInfo{}
err = rows.Scan(&info.Provider, &info.ClientID, &info.RemoteUserID)
if err != nil {
log.Error("Failed scanning GetAllUsers() row: %v", err)
break
}
records = append(records, info)
}
return records, nil
}
Initialize db on single-user instance config This fixes the --config step so that when setting up a single-user instance for the first time (and creating the admin user as part of the process), the database is automatically initialized before creating that user. This removes the need for the --init-db command after --config when setting up single-user instances. It fixes #59: "no such table: users" error during the --config step on single-user instances that haven't previously run --init-db.
2019-01-13 14:08:47 +00:00
// DatabaseInitialized returns whether or not the current datastore has been
// initialized with the correct schema.
// Currently, it checks to see if the `users` table exists.
func (db *datastore) DatabaseInitialized() bool {
var dummy string
var err error
if db.driverName == driverSQLite {
err = db.QueryRow("SELECT name FROM sqlite_master WHERE type = 'table' AND name = 'users'").Scan(&dummy)
} else {
err = db.QueryRow("SHOW TABLES LIKE 'users'").Scan(&dummy)
}
switch {
case err == sql.ErrNoRows:
return false
case err != nil:
log.Error("Couldn't SHOW TABLES: %v", err)
return false
}
return true
}
Implemented oauth attach functionality, oauth detach functionality, and required data migration. T713
2020-01-15 18:16:59 +00:00
func (db *datastore) RemoveOauth(ctx context.Context, userID int64, provider string, clientID string, remoteUserID string) error {
_, err := db.ExecContext(ctx, `DELETE FROM oauth_users WHERE user_id = ? AND provider = ? AND client_id = ? AND remote_user_id = ?`, userID, provider, clientID, remoteUserID)
return err
}
Add data layer This includes config changes, collections, posts, some post rendering funcs, and actual database connection when the server starts up.
2018-10-17 02:31:27 +00:00
func stringLogln(log *string, s string, v ...interface{}) {
*log += fmt.Sprintf(s+"\n", v...)
}
func handleFailedPostInsert(err error) error {
log.Error("Couldn't insert into posts: %v", err)
return err
}
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
Clean up getProfilePageFromHandle - Export the func - Remove commented-out code - Use log, not fmt for debug messages - Remove named return parameters - Use standard var naming schemes - Fix spacing in queries and remove unnecessary chars
2020-02-08 17:10:47 +00:00
func (db *datastore) GetProfilePageFromHandle(app *App, handle string) (string, error) {
Store AP handles consistently This ensures handles are always stored without leading @ symbol.
2020-03-17 17:42:09 +00:00
handle = strings.TrimLeft(handle, "@")
Clean up getProfilePageFromHandle - Export the func - Remove commented-out code - Use log, not fmt for debug messages - Remove named return parameters - Use standard var naming schemes - Fix spacing in queries and remove unnecessary chars
2020-02-08 17:10:47 +00:00
actorIRI := ""
Support AP-style mentions of centralized social media accounts This allows users to mention users on the following non-ActivityPub social media sites: - twitter.com - medium.com It also adds missing error handling in federatePost().
2020-06-08 17:50:43 +00:00
parts := strings.Split(handle, "@")
if len(parts) != 2 {
return "", fmt.Errorf("invalid handle format")
}
domain := parts[1]
// Check non-AP instances
Move fakeAPInstances to web-core/silobridge package This adds support for mentioning profiles on the following sites: - deviantart.com - facebook.com - flickr.com - github.com - instagram.com - reddit.com - wattpad.com - youtube.com
2020-08-13 16:33:35 +00:00
if siloProfileURL := silobridge.Profile(parts[0], domain); siloProfileURL != "" {
return siloProfileURL, nil
Support AP-style mentions of centralized social media accounts This allows users to mention users on the following non-ActivityPub social media sites: - twitter.com - medium.com It also adds missing error handling in federatePost().
2020-06-08 17:50:43 +00:00
}
Clean up getProfilePageFromHandle - Export the func - Remove commented-out code - Use log, not fmt for debug messages - Remove named return parameters - Use standard var naming schemes - Fix spacing in queries and remove unnecessary chars
2020-02-08 17:10:47 +00:00
remoteUser, err := getRemoteUserFromHandle(app, handle)
if err != nil {
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
// can't find using handle in the table but the table may already have this user without
// handle from a previous version
Add TODOs for improving GetProfilePageFromHandle()
2020-02-08 18:05:54 +00:00
// TODO: Make this determination. We should know whether a user exists without a handle, or doesn't exist at all
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
actorIRI = RemoteLookup(handle)
_, errRemoteUser := getRemoteUser(app, actorIRI)
// if it exists then we need to update the handle
if errRemoteUser == nil {
Clean up getProfilePageFromHandle - Export the func - Remove commented-out code - Use log, not fmt for debug messages - Remove named return parameters - Use standard var naming schemes - Fix spacing in queries and remove unnecessary chars
2020-02-08 17:10:47 +00:00
_, err := app.db.Exec("UPDATE remoteusers SET handle = ? WHERE actor_id = ?", handle, actorIRI)
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
if err != nil {
Fix error / info logging around AP mentions This fixes log formatting and makes verbiage consistent & concise.
2020-03-17 17:42:51 +00:00
log.Error("Couldn't update handle '%s' for user %s", handle, actorIRI)
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
}
} else {
// this probably means we don't have the user in the table so let's try to insert it
// here we need to ask the server for the inboxes
remoteActor, err := activityserve.NewRemoteActor(actorIRI)
if err != nil {
Fix error / info logging around AP mentions This fixes log formatting and makes verbiage consistent & concise.
2020-03-17 17:42:51 +00:00
log.Error("Couldn't fetch remote actor: %v", err)
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
}
Clean up getProfilePageFromHandle - Export the func - Remove commented-out code - Use log, not fmt for debug messages - Remove named return parameters - Use standard var naming schemes - Fix spacing in queries and remove unnecessary chars
2020-02-08 17:10:47 +00:00
if debugging {
log.Info("%s %s %s %s", actorIRI, remoteActor.GetInbox(), remoteActor.GetSharedInbox(), handle)
}
_, err = app.db.Exec("INSERT INTO remoteusers (actor_id, inbox, shared_inbox, handle) VALUES(?, ?, ?, ?)", actorIRI, remoteActor.GetInbox(), remoteActor.GetSharedInbox(), handle)
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
if err != nil {
Fix error / info logging around AP mentions This fixes log formatting and makes verbiage consistent & concise.
2020-03-17 17:42:51 +00:00
log.Error("Couldn't insert remote user: %v", err)
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
return "", err
}
}
} else {
Clean up getProfilePageFromHandle - Export the func - Remove commented-out code - Use log, not fmt for debug messages - Remove named return parameters - Use standard var naming schemes - Fix spacing in queries and remove unnecessary chars
2020-02-08 17:10:47 +00:00
actorIRI = remoteUser.ActorID
Redirects from the intermediate page work and if there's an old mention there it updates the table to include the handle. migrations WIP
2019-10-10 13:04:43 +00:00
}
return actorIRI, nil
}
Reference in a new issue Copy permalink