Api edit separation. #997

dessalines · 2020-07-20T04:33:37Z

Fixes #686

dessalines · 2020-07-21T03:50:26Z

Okay this is finally ready to go, damn it took a lot of work.

Check #686 for everything this added, but it was new endpoints for:

Posts: delete, remove, lock, sticky.
Comments: delete, remove, read
Communities: delete, remove
UserMention: read
PrivateMessage: read, delete

As well as a lot of general API cleanup, which I updated the docs for too.

docs/src/contributing_websocket_http_api.md

server/lemmy_db/src/user.rs

server/lemmy_db/src/user_mention.rs

server/src/api/community.rs

server/src/api/post.rs

server/src/websocket/server.rs

Nutomic · 2020-07-21T13:00:57Z

There is a lot of copy pasted code in the API. A lot of that should be really easy to extract into helper functions. Please do that, cause otherwise this will be impossible to maintain.

The backend code looks generally fine otherwise, and this is definitely a better approach than before. Tests are also passing fine. Havent looked at the frontend (neither tested it).

- This adds a form_id to CreateComment, EditComment, and CommentResponse - This is so any front end clients can add a randomly generated string, and know which comment they submitted, is the one they're getting back. - This gets rid of all the weird complicated logic in handleFinished(), and should stop the comment forms getting cleared once and for all.

Nutomic · 2020-07-22T11:47:35Z

server/src/api/comment.rs

-    .await??;
-    if !mods_and_admins.contains(&user_id) {
+    .await?;
+    if !is_mod_or_admin {
      return Err(APIError::err("not_an_admin").into());
    }


This isnt what I meant, I was talking about a function that also handles the if condition. So all you would need to put here is is_mod_or_admin(user_id)?. If its a mod or admin, it does nothing, otherwise it returns an error.

I'm not sure what you mean. I can't use a ?, I have to match no matter what, so I can return the APIError

This is what I mean:

async fn is_mod_or_admin(pool: &DbPool, user_id: i32, community_id: i32) -> Result<(), LemmyError> { let is_mod_or_admin = blocking(pool, move |conn| { Community::is_mod_or_admin(conn, user_id, community_id) }) .await?; if !is_mod_or_admin { return Err(APIError::err("not_an_admin").into()); } return Ok(()) }

Then for the actual check in an API call, you just need to do is_mod_or_admin(pool, user_id, community_id).await?;.

Okay I added helpers like this for is_mod_or_admin, and another for is_admin

- Extracted methods for is_mod_or_admin, and is_admin. - Removed admins from GetPostResponse and GetCommunityResponse. - Some cleanup.

Nutomic · 2020-07-22T20:33:48Z

Great, thanks :)

dessalines added 8 commits July 19, 2020 17:03

Merge branch 'community_user_actor_id_dupes' into api_edit_separation

dca38d1

Private message delete and read extracted.

0a28ffb

EditUserMention changed to MarkUserMentionAsRead.

a67f46b

Added community delete and remove.

9bc6698

Merge branch 'main' into api_edit_separation

613b462

Some GetUserDetails cleanup.

ca7d2fe

Added comment delete, remove, read.

fd96dfd

Adding post delete, remove, lock, and sticky.

2eac037

dessalines marked this pull request as ready for review July 21, 2020 03:50