src/routes/users/fetch_relationship.rs

+use crate::database::*;
+use crate::util::result::Result;
+
+use rocket_contrib::json::JsonValue;
+
+#[get("/<target>/relationship")]
+pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
+    Ok(json!({ "status": get_relationship(&user, &target.id) }))
+}

src/routes/users/fetch_relationships.rs

+use crate::database::*;
+use crate::util::result::Result;
+
+use rocket_contrib::json::JsonValue;
+
+#[get("/relationships")]
+pub async fn req(user: User) -> Result<JsonValue> {
+    Ok(if let Some(vec) = user.relations {
+        json!(vec)
+    } else {
+        json!([])
+    })
+}

src/routes/users/fetch_user.rs

+use crate::database::*;
+use crate::util::result::{Error, Result};
+
+use rocket_contrib::json::JsonValue;
+
+#[get("/<target>")]
+pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
+    let target = target.fetch_user().await?;
+
+    let perm = permissions::PermissionCalculator::new(&user)
+        .with_user(&target)
+        .for_user_given()
+        .await?;
+
+    if !perm.get_access() {
+        Err(Error::MissingPermission)?
+    }
+
+    Ok(json!(target.from(&user).with(perm)))
+}

src/routes/users/find_mutual.rs

+use crate::database::*;
+use crate::util::result::{Error, Result};
+
+use futures::StreamExt;
+use mongodb::bson::{doc, Document};
+use mongodb::options::FindOptions;
+use rocket_contrib::json::JsonValue;
+
+#[get("/<target>/mutual")]
+pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
+    let users = get_collection("users")
+        .find(
+            doc! {
+                "$and": [
+                    { "relations": { "$elemMatch": { "_id": &user.id, "status": "Friend" } } },
+                    { "relations": { "$elemMatch": { "_id": &target.id, "status": "Friend" } } }
+                ]
+            },
+            FindOptions::builder().projection(doc! { "_id": 1 }).build(),
+        )
+        .await
+        .map_err(|_| Error::DatabaseError {
+            operation: "find",
+            with: "users",
+        })?
+        .filter_map(async move |s| s.ok())
+        .collect::<Vec<Document>>()
+        .await
+        .into_iter()
+        .filter_map(|x| x.get_str("_id").ok().map(|x| x.to_string()))
+        .collect::<Vec<String>>();
+
+    Ok(json!({ "users": users }))
+}

src/routes/users/get_default_avatar.rs

+use rocket::{Request, Response};
+use rocket::response::{self, NamedFile, Responder};
+use std::path::Path;
+
+use crate::database::Ref;
+
+pub struct CachedFile(NamedFile);
+
+pub static CACHE_CONTROL: &'static str = "public, max-age=31536000, immutable";
+
+impl<'r> Responder<'r, 'static> for CachedFile {
+    fn respond_to(self, req: &'r Request<'_>) -> response::Result<'static> {
+        Response::build_from(self.0.respond_to(req)?)
+            .raw_header("Cache-control", CACHE_CONTROL)
+            .ok()
+    }
+}
+
+#[get("/<target>/default_avatar")]
+pub async fn req(target: Ref) -> Option<CachedFile> {
+    match target.id.chars().nth(25).unwrap() {
+        '0' | '1' | '2' | '3' | '4' | '5' | '6' | '7' => {
+            NamedFile::open(Path::new("assets/user_red.png")).await.ok().map(|n| CachedFile(n))
+        }
+        '8' | '9' | 'A' | 'C' | 'B' | 'D' | 'E' | 'F' => {
+            NamedFile::open(Path::new("assets/user_green.png"))
+                .await
+                .ok().map(|n| CachedFile(n))
+        }
+        'G' | 'H' | 'J' | 'K' | 'M' | 'N' | 'P' | 'Q' => {
+            NamedFile::open(Path::new("assets/user_blue.png"))
+                .await
+                .ok().map(|n| CachedFile(n))
+        }
+        'R' | 'S' | 'T' | 'V' | 'W' | 'X' | 'Y' | 'Z' => {
+            NamedFile::open(Path::new("assets/user_yellow.png"))
+                .await
+                .ok().map(|n| CachedFile(n))
+        }
+        _ => unreachable!(),
+    }
+}

src/routes/users/mod.rs

+use rocket::Route;
+
+mod add_friend;
+mod block_user;
+mod change_username;
+mod edit_user;
+mod fetch_dms;
+mod fetch_profile;
+mod fetch_relationship;
+mod fetch_relationships;
+mod fetch_user;
+mod find_mutual;
+mod get_default_avatar;
+mod open_dm;
+mod remove_friend;
+mod unblock_user;
+
+pub fn routes() -> Vec<Route> {
+    routes![
+        // User Information
+        fetch_user::req,
+        edit_user::req,
+        change_username::req,
+        get_default_avatar::req,
+        fetch_profile::req,
+        // Direct Messaging
+        fetch_dms::req,
+        open_dm::req,
+        // Relationships
+        find_mutual::req,
+        fetch_relationships::req,
+        fetch_relationship::req,
+        add_friend::req,
+        remove_friend::req,
+        block_user::req,
+        unblock_user::req,
+    ]
+}

src/routes/users/open_dm.rs

+use crate::database::*;
+use crate::util::result::{Error, Result};
+
+use mongodb::bson::doc;
+use rocket_contrib::json::JsonValue;
+use ulid::Ulid;
+
+#[get("/<target>/dm")]
+pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
+    let query = if user.id == target.id {
+        doc! {
+            "channel_type": "SavedMessages",
+            "user": &user.id
+        }
+    } else {
+        doc! {
+            "channel_type": "DirectMessage",
+            "recipients": {
+                "$all": [ &user.id, &target.id ]
+            }
+        }
+    };
+
+    let existing_channel = get_collection("channels")
+        .find_one(query, None)
+        .await
+        .map_err(|_| Error::DatabaseError {
+            operation: "find_one",
+            with: "channel",
+        })?;
+
+    if let Some(doc) = existing_channel {
+        Ok(json!(doc))
+    } else {
+        let id = Ulid::new().to_string();
+        let channel = if user.id == target.id {
+            Channel::SavedMessages { id, user: user.id }
+        } else {
+            Channel::DirectMessage {
+                id,
+                active: false,
+                recipients: vec![user.id, target.id],
+                last_message: None,
+            }
+        };
+
+        channel.clone().publish().await?;
+        Ok(json!(channel))
+    }
+}

src/routes/users/remove_friend.rs

+use crate::database::*;
+use crate::notifications::events::ClientboundNotification;
+use crate::util::result::{Error, Result};
+
+use futures::try_join;
+use mongodb::bson::doc;
+use rocket_contrib::json::JsonValue;
+
+#[delete("/<target>/friend")]
+pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
+    let col = get_collection("users");
+
+    let target = target.fetch_user().await?;
+
+    match get_relationship(&user, &target.id) {
+        RelationshipStatus::Friend
+        | RelationshipStatus::Outgoing
+        | RelationshipStatus::Incoming => {
+            match try_join!(
+                col.update_one(
+                    doc! {
+                        "_id": &user.id
+                    },
+                    doc! {
+                        "$pull": {
+                            "relations": {
+                                "_id": &target.id
+                            }
+                        }
+                    },
+                    None
+                ),
+                col.update_one(
+                    doc! {
+                        "_id": &target.id
+                    },
+                    doc! {
+                        "$pull": {
+                            "relations": {
+                                "_id": &user.id
+                            }
+                        }
+                    },
+                    None
+                )
+            ) {
+                Ok(_) => {
+                    let target = target
+                        .from_override(&user, RelationshipStatus::None)
+                        .await?;
+                    let user = user
+                        .from_override(&target, RelationshipStatus::None)
+                        .await?;
+                    let target_id = target.id.clone();
+
+                    ClientboundNotification::UserRelationship {
+                        id: user.id.clone(),
+                        user: target,
+                        status: RelationshipStatus::None,
+                    }
+                    .publish(user.id.clone());
+
+                    ClientboundNotification::UserRelationship {
+                        id: target_id.clone(),
+                        user,
+                        status: RelationshipStatus::None,
+                    }
+                    .publish(target_id);
+
+                    Ok(json!({ "status": "None" }))
+                }
+                Err(_) => Err(Error::DatabaseError {
+                    operation: "update_one",
+                    with: "user",
+                }),
+            }
+        }
+        _ => Err(Error::NoEffect),
+    }
+}

src/routes/users/unblock_user.rs

+use crate::database::*;
+use crate::notifications::events::ClientboundNotification;
+use crate::util::result::{Error, Result};
+
+use futures::try_join;
+use mongodb::bson::doc;
+use rocket_contrib::json::JsonValue;
+
+#[delete("/<target>/block")]
+pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
+    let col = get_collection("users");
+    let target = target.fetch_user().await?;
+
+    match get_relationship(&user, &target.id) {
+        RelationshipStatus::Blocked => match get_relationship(&target, &user.id) {
+            RelationshipStatus::Blocked => {
+                col.update_one(
+                    doc! {
+                        "_id": &user.id,
+                        "relations._id": &target.id
+                    },
+                    doc! {
+                        "$set": {
+                            "relations.$.status": "BlockedOther"
+                        }
+                    },
+                    None,
+                )
+                .await
+                .map_err(|_| Error::DatabaseError {
+                    operation: "update_one",
+                    with: "user",
+                })?;
+
+                let target = target
+                    .from_override(&user, RelationshipStatus::BlockedOther)
+                    .await?;
+                ClientboundNotification::UserRelationship {
+                    id: user.id.clone(),
+                    user: target,
+                    status: RelationshipStatus::BlockedOther,
+                }
+                .publish(user.id.clone());
+
+                Ok(json!({ "status": "BlockedOther" }))
+            }
+            RelationshipStatus::BlockedOther => {
+                match try_join!(
+                    col.update_one(
+                        doc! {
+                            "_id": &user.id
+                        },
+                        doc! {
+                            "$pull": {
+                                "relations": {
+                                    "_id": &target.id
+                                }
+                            }
+                        },
+                        None
+                    ),
+                    col.update_one(
+                        doc! {
+                            "_id": &target.id
+                        },
+                        doc! {
+                            "$pull": {
+                                "relations": {
+                                    "_id": &user.id
+                                }
+                            }
+                        },
+                        None
+                    )
+                ) {
+                    Ok(_) => {
+                        let target = target
+                            .from_override(&user, RelationshipStatus::None)
+                            .await?;
+                        let user = user
+                            .from_override(&target, RelationshipStatus::None)
+                            .await?;
+                        let target_id = target.id.clone();
+
+                        ClientboundNotification::UserRelationship {
+                            id: user.id.clone(),
+                            user: target,
+                            status: RelationshipStatus::None,
+                        }
+                        .publish(user.id.clone());
+
+                        ClientboundNotification::UserRelationship {
+                            id: target_id.clone(),
+                            user: user,
+                            status: RelationshipStatus::None,
+                        }
+                        .publish(target_id);
+
+                        Ok(json!({ "status": "None" }))
+                    }
+                    Err(_) => Err(Error::DatabaseError {
+                        operation: "update_one",
+                        with: "user",
+                    }),
+                }
+            }
+            _ => Err(Error::InternalError),
+        },
+        _ => Err(Error::NoEffect),
+    }
+}

src/util/mod.rs

+pub mod result;
+pub mod variables;

src/util/result.rs

+use json;
+use rocket::http::{ContentType, Status};
+use rocket::request::Request;
+use rocket::response::{self, Responder, Response};
+use serde::Serialize;
+use std::io::Cursor;
+use validator::ValidationErrors;
+
+#[derive(Serialize, Debug)]
+#[serde(tag = "type")]
+pub enum Error {
+    LabelMe,
+
+    // ? Onboarding related errors.
+    AlreadyOnboarded,
+
+    // ? User related errors.
+    UsernameTaken,
+    UnknownUser,
+    AlreadyFriends,
+    AlreadySentRequest,
+    Blocked,
+    BlockedByOther,
+    NotFriends,
+
+    // ? Channel related errors.
+    UnknownChannel,
+    UnknownAttachment,
+    UnknownMessage,
+    CannotEditMessage,
+    CannotJoinCall,
+    TooManyAttachments,
+    TooManyReplies,
+    EmptyMessage,
+    CannotRemoveYourself,
+    GroupTooLarge {
+        max: usize,
+    },
+    AlreadyInGroup,
+    NotInGroup,
+
+    // ? Server related errors.
+    UnknownServer,
+    InvalidRole,
+    Banned,
+
+    // ? General errors.
+    TooManyIds,
+    FailedValidation {
+        error: ValidationErrors,
+    },
+    DatabaseError {
+        operation: &'static str,
+        with: &'static str,
+    },
+    InternalError,
+    MissingPermission,
+    InvalidOperation,
+    InvalidCredentials,
+    DuplicateNonce,
+    VosoUnavailable,
+    NotFound,
+    NoEffect,
+}
+
+pub type Result<T, E = Error> = std::result::Result<T, E>;
+
+/// HTTP response builder for Error enum
+impl<'r> Responder<'r, 'static> for Error {
+    fn respond_to(self, _: &'r Request<'_>) -> response::Result<'static> {
+        let status = match self {
+            Error::LabelMe => Status::InternalServerError,
+
+            Error::AlreadyOnboarded => Status::Forbidden,
+
+            Error::UnknownUser => Status::NotFound,
+            Error::UsernameTaken => Status::Conflict,
+            Error::AlreadyFriends => Status::Conflict,
+            Error::AlreadySentRequest => Status::Conflict,
+            Error::Blocked => Status::Conflict,
+            Error::BlockedByOther => Status::Forbidden,
+            Error::NotFriends => Status::Forbidden,
+
+            Error::UnknownChannel => Status::NotFound,
+            Error::UnknownMessage => Status::NotFound,
+            Error::UnknownAttachment => Status::BadRequest,
+            Error::CannotEditMessage => Status::Forbidden,
+            Error::CannotJoinCall => Status::BadRequest,
+            Error::TooManyAttachments => Status::BadRequest,
+            Error::TooManyReplies => Status::BadRequest,
+            Error::EmptyMessage => Status::UnprocessableEntity,
+            Error::CannotRemoveYourself => Status::BadRequest,
+            Error::GroupTooLarge { .. } => Status::Forbidden,
+            Error::AlreadyInGroup => Status::Conflict,
+            Error::NotInGroup => Status::NotFound,
+
+            Error::UnknownServer => Status::NotFound,
+            Error::InvalidRole => Status::NotFound,
+            Error::Banned => Status::Forbidden,
+
+            Error::FailedValidation { .. } => Status::UnprocessableEntity,
+            Error::DatabaseError { .. } => Status::InternalServerError,
+            Error::InternalError => Status::InternalServerError,
+            Error::MissingPermission => Status::Forbidden,
+            Error::InvalidOperation => Status::BadRequest,
+            Error::TooManyIds => Status::BadRequest,
+            Error::InvalidCredentials => Status::Forbidden,
+            Error::DuplicateNonce => Status::Conflict,
+            Error::VosoUnavailable => Status::BadRequest,
+            Error::NotFound => Status::NotFound,
+            Error::NoEffect => Status::Ok,
+        };
+
+        // Serialize the error data structure into JSON.
+        let string = json!(self).to_string();
+
+        // Build and send the request.
+        Response::build()
+            .sized_body(string.len(), Cursor::new(string))
+            .header(ContentType::new("application", "json"))
+            .status(status)
+            .ok()
+    }
+}

src/util/variables.rs

+use std::env;
+
+#[cfg(debug_assertions)]
+use log::warn;
+
+lazy_static! {
+    // Application Settings
+    pub static ref MONGO_URI: String =
+        env::var("REVOLT_MONGO_URI").expect("Missing REVOLT_MONGO_URI environment variable.");
+    pub static ref WS_HOST: String =
+        env::var("REVOLT_WS_HOST").unwrap_or_else(|_| "0.0.0.0:9000".to_string());
+    pub static ref PUBLIC_URL: String =
+        env::var("REVOLT_PUBLIC_URL").expect("Missing REVOLT_PUBLIC_URL environment variable.");
+    pub static ref APP_URL: String =
+        env::var("REVOLT_APP_URL").expect("Missing REVOLT_APP_URL environment variable.");
+    pub static ref EXTERNAL_WS_URL: String =
+        env::var("REVOLT_EXTERNAL_WS_URL").expect("Missing REVOLT_EXTERNAL_WS_URL environment variable.");
+
+    pub static ref AUTUMN_URL: String =
+        env::var("AUTUMN_PUBLIC_URL").unwrap_or_else(|_| "https://example.com".to_string());
+    pub static ref JANUARY_URL: String =
+        env::var("JANUARY_PUBLIC_URL").unwrap_or_else(|_| "https://example.com".to_string());
+    pub static ref VOSO_URL: String =
+        env::var("VOSO_PUBLIC_URL").unwrap_or_else(|_| "https://example.com".to_string());
+    pub static ref VOSO_WS_HOST: String =
+        env::var("VOSO_WS_HOST").unwrap_or_else(|_| "wss://example.com".to_string());
+    pub static ref VOSO_MANAGE_TOKEN: String =
+        env::var("VOSO_MANAGE_TOKEN").unwrap_or_else(|_| "0".to_string());
+
+    pub static ref HCAPTCHA_KEY: String =
+        env::var("REVOLT_HCAPTCHA_KEY").unwrap_or_else(|_| "0x0000000000000000000000000000000000000000".to_string());
+    pub static ref HCAPTCHA_SITEKEY: String =
+        env::var("REVOLT_HCAPTCHA_SITEKEY").unwrap_or_else(|_| "10000000-ffff-ffff-ffff-000000000001".to_string());
+    pub static ref VAPID_PRIVATE_KEY: String =
+        env::var("REVOLT_VAPID_PRIVATE_KEY").expect("Missing REVOLT_VAPID_PRIVATE_KEY environment variable.");
+    pub static ref VAPID_PUBLIC_KEY: String =
+        env::var("REVOLT_VAPID_PUBLIC_KEY").expect("Missing REVOLT_VAPID_PUBLIC_KEY environment variable.");
+
+    // Application Flags
+    pub static ref INVITE_ONLY: bool = env::var("REVOLT_INVITE_ONLY").map_or(false, |v| v == "1");
+    pub static ref USE_EMAIL: bool = env::var("REVOLT_USE_EMAIL_VERIFICATION").map_or(
+        env::var("REVOLT_SMTP_HOST").is_ok()
+            && env::var("REVOLT_SMTP_USERNAME").is_ok()
+            && env::var("REVOLT_SMTP_PASSWORD").is_ok()
+            && env::var("REVOLT_SMTP_FROM").is_ok(),
+        |v| v == *"1"
+    );
+    pub static ref USE_HCAPTCHA: bool = env::var("REVOLT_HCAPTCHA_KEY").is_ok();
+    pub static ref USE_PROMETHEUS: bool = env::var("REVOLT_ENABLE_PROMETHEUS").map_or(false, |v| v == "1");
+    pub static ref USE_AUTUMN: bool = env::var("AUTUMN_PUBLIC_URL").is_ok();
+    pub static ref USE_JANUARY: bool = env::var("JANUARY_PUBLIC_URL").is_ok();
+    pub static ref USE_VOSO: bool = env::var("VOSO_PUBLIC_URL").is_ok() && env::var("VOSO_MANAGE_TOKEN").is_ok();
+
+    // SMTP Settings
+    pub static ref SMTP_HOST: String =
+        env::var("REVOLT_SMTP_HOST").unwrap_or_else(|_| "".to_string());
+    pub static ref SMTP_USERNAME: String =
+        env::var("REVOLT_SMTP_USERNAME").unwrap_or_else(|_| "".to_string());
+    pub static ref SMTP_PASSWORD: String =
+        env::var("REVOLT_SMTP_PASSWORD").unwrap_or_else(|_| "".to_string());
+    pub static ref SMTP_FROM: String = env::var("REVOLT_SMTP_FROM").unwrap_or_else(|_| "".to_string());
+
+    // Application Logic Settings
+    pub static ref MAX_GROUP_SIZE: usize =
+        env::var("REVOLT_MAX_GROUP_SIZE").unwrap_or_else(|_| "50".to_string()).parse().unwrap();
+    pub static ref EARLY_ADOPTER_BADGE: i64 =
+        env::var("REVOLT_EARLY_ADOPTER_BADGE").unwrap_or_else(|_| "0".to_string()).parse().unwrap();
+}
+
+pub fn preflight_checks() {
+    format!("{}", *APP_URL);
+    format!("{}", *MONGO_URI);
+    format!("{}", *PUBLIC_URL);
+    format!("{}", *EXTERNAL_WS_URL);
+
+    format!("{}", *VAPID_PRIVATE_KEY);
+    format!("{}", *VAPID_PUBLIC_KEY);
+
+    if *USE_EMAIL == false {
+        #[cfg(not(debug_assertions))]
+        if !env::var("REVOLT_UNSAFE_NO_EMAIL").map_or(false, |v| v == *"1") {
+            panic!("Running in production without email is not recommended, set REVOLT_UNSAFE_NO_EMAIL=1 to override.");
+        }
+
+        #[cfg(debug_assertions)]
+        warn!("No SMTP settings specified! Remember to configure email.");
+    }
+
+    if *USE_HCAPTCHA == false {
+        #[cfg(not(debug_assertions))]
+        if !env::var("REVOLT_UNSAFE_NO_CAPTCHA").map_or(false, |v| v == *"1") {
+            panic!("Running in production without CAPTCHA is not recommended, set REVOLT_UNSAFE_NO_CAPTCHA=1 to override.");
+        }
+
+        #[cfg(debug_assertions)]
+        warn!("No Captcha key specified! Remember to add hCaptcha key.");
+    }
+}

src/version.rs

+pub const VERSION: &str = "0.5.1-alpha.21";