src/routes/channels/fetch_channel.rs → src/routes/channels/channel_fetch.rs

@@ -11,6 +11,7 @@ pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
         .with_channel(&target)
         .for_channel()
         .await?;
+
     if !perm.get_view() {
         Err(Error::MissingPermission)?
     }

src/routes/channels/edit_channel.rs

-use crate::database::*;
-use crate::util::result::{Error, Result};
-use crate::notifications::events::ClientboundNotification;
-
-use validator::Validate;
-use rocket_contrib::json::Json;
-use serde::{Serialize, Deserialize};
-use mongodb::bson::{doc, to_document};
-
-#[derive(Validate, Serialize, Deserialize)]
-pub struct Data {
-    #[validate(length(min = 1, max = 32))]
-    name: Option<String>,
-    #[validate(length(min = 0, max = 1024))]
-    description: Option<String>,
-}
-
-#[patch("/<target>", data = "<info>")]
-pub async fn req(user: User, target: Ref, info: Json<Data>) -> Result<()> {
-    info.validate()
-        .map_err(|error| Error::FailedValidation { error })?;
-    
-    if info.name.is_none() && info.description.is_none() {
-        return Ok(())
-    }
-
-    let target = target.fetch_channel().await?;
-    let perm = permissions::PermissionCalculator::new(&user)
-        .with_channel(&target)
-        .for_channel()
-        .await?;
-    
-    if !perm.get_manage_channel() {
-        Err(Error::MissingPermission)?
-    }
-
-    match &target {
-        Channel::Group { id, .. } => {
-            let col = get_collection("channels");
-            let mut set = doc! {};
-            if let Some(name) = &info.name {
-                set.insert("name", name.clone());
-            }
-
-            if let Some(description) = &info.description {
-                set.insert("description", description.clone());
-            }
-
-            col.update_one(
-                doc! { "_id": &id },
-                doc! { "$set": set },
-                None
-            )
-            .await
-            .map_err(|_| Error::DatabaseError { operation: "update_one", with: "channel" })?;
-
-            ClientboundNotification::ChannelUpdate {
-                id: id.clone(),
-                data: json!(info.0)
-            }
-            .publish(id.clone())
-            .await
-            .ok();
-
-            if let Some(name) = &info.name {
-                Message::create(
-                    "00000000000000000000000000".to_string(),
-                    id.clone(),
-                    Content::SystemMessage(SystemMessage::ChannelRenamed { name: name.clone(), by: user.id })
-                )
-                .publish(&target)
-                .await
-                .ok();
-            }
-
-            Ok(())
-        }
-        _ => Err(Error::InvalidOperation)
-    }
-}

src/routes/channels/group_add_member.rs

@@ -15,7 +15,8 @@ pub async fn req(user: User, target: Ref, member: Ref) -> Result<()> {
         .with_channel(&channel)
         .for_channel()
         .await?;
-    if !perm.get_view() {
+
+    if !perm.get_invite_others() {
         Err(Error::MissingPermission)?
     }
 
@@ -52,16 +53,13 @@ pub async fn req(user: User, target: Ref, member: Ref) -> Result<()> {
             id: id.clone(),
             user: member.id.clone(),
         }
-        .publish(id.clone())
-        .await
-        .ok();
+        .publish(id.clone());
 
-        Message::create(
-            "00000000000000000000000000".to_string(),
-            id.clone(),
-            Content::SystemMessage(SystemMessage::UserAdded { id: member.id, by: user.id })
-        )
-        .publish(&channel)
+        Content::SystemMessage(SystemMessage::UserAdded {
+            id: member.id,
+            by: user.id,
+        })
+        .send_as_system(&channel)
         .await
         .ok();
 

src/routes/channels/group_create.rs

@@ -24,6 +24,7 @@ pub struct Data {
 
 #[post("/create", data = "<info>")]
 pub async fn req(user: User, info: Json<Data>) -> Result<JsonValue> {
+    let info = info.into_inner();
     info.validate()
         .map_err(|error| Error::FailedValidation { error })?;
 
@@ -37,8 +38,11 @@ pub async fn req(user: User, info: Json<Data>) -> Result<JsonValue> {
     }
 
     for target in &set {
-        if get_relationship(&user, target) != RelationshipStatus::Friend {
-            Err(Error::NotFriends)?
+        match get_relationship(&user, target) {
+            RelationshipStatus::Friend | RelationshipStatus::User => {}
+            _ => {
+                return Err(Error::NotFriends);
+            }
         }
     }
 
@@ -62,15 +66,14 @@ pub async fn req(user: User, info: Json<Data>) -> Result<JsonValue> {
     let id = Ulid::new().to_string();
     let channel = Channel::Group {
         id,
-        nonce: Some(info.nonce.clone()),
-        name: info.name.clone(),
-        description: info
-            .description
-            .clone()
-            .unwrap_or_else(|| "A group.".to_string()),
+        nonce: Some(info.nonce),
+        name: info.name,
+        description: info.description,
         owner: user.id,
         recipients: set.into_iter().collect::<Vec<String>>(),
+        icon: None,
         last_message: None,
+        permissions: None
     };
 
     channel.clone().publish().await?;

src/routes/channels/group_remove_member.rs

@@ -49,16 +49,13 @@ pub async fn req(user: User, target: Ref, member: Ref) -> Result<()> {
             id: id.clone(),
             user: member.id.clone(),
         }
-        .publish(id.clone())
-        .await
-        .ok();
+        .publish(id.clone());
 
-        Message::create(
-            "00000000000000000000000000".to_string(),
-            id.clone(),
-            Content::SystemMessage(SystemMessage::UserRemove { id: member.id, by: user.id })
-        )
-        .publish(&channel)
+        Content::SystemMessage(SystemMessage::UserRemove {
+            id: member.id,
+            by: user.id,
+        })
+        .send_as_system(&channel)
         .await
         .ok();
 

src/routes/channels/invite_create.rs

+use crate::database::*;
+use crate::util::result::{Error, Result};
+
+use mongodb::bson::doc;
+use nanoid::nanoid;
+use rocket_contrib::json::JsonValue;
+
+lazy_static! {
+    static ref ALPHABET: [char; 54] = [
+        '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
+        'J', 'K', 'M', 'N', 'P', 'Q', 'R', 'S', 'T', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd',
+        'e', 'f', 'g', 'h', 'j', 'k', 'm', 'n', 'p', 'q', 'r', 's', 't', 'v', 'w', 'x', 'y', 'z'
+    ];
+}
+
+#[post("/<target>/invites")]
+pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
+    let target = target.fetch_channel().await?;
+    let perm = permissions::PermissionCalculator::new(&user)
+        .with_channel(&target)
+        .for_channel()
+        .await?;
+
+    if !perm.get_invite_others() {
+        return Err(Error::MissingPermission);
+    }
+
+    let code = nanoid!(8, &*ALPHABET);
+    match &target {
+        Channel::Group { .. } => {
+            unimplemented!()
+        }
+        Channel::TextChannel { id, server, .. }
+        | Channel::VoiceChannel { id, server, .. } => {
+            Invite::Server {
+                code: code.clone(),
+                creator: user.id,
+                server: server.clone(),
+                channel: id.clone(),
+            }
+            .save()
+            .await?;
+
+            Ok(json!({ "code": code }))
+        }
+        _ => Err(Error::InvalidOperation),
+    }
+}

src/routes/channels/members_fetch.rs

+use crate::database::*;
+use crate::util::result::{Error, Result};
+
+use rocket_contrib::json::JsonValue;
+
+#[get("/<target>/members")]
+pub async fn req(user: User, target: Ref) -> Result<JsonValue> {
+    let target = target.fetch_channel().await?;
+
+    let perm = permissions::PermissionCalculator::new(&user)
+        .with_channel(&target)
+        .for_channel()
+        .await?;
+    if !perm.get_view() {
+        Err(Error::MissingPermission)?
+    }
+
+    if let Channel::Group { recipients, .. } = target {
+        Ok(json!(user.fetch_multiple_users(recipients).await?))
+    } else {
+        Err(Error::InvalidOperation)
+    }
+}

src/routes/channels/message_delete.rs

@@ -6,6 +6,7 @@ use mongodb::bson::doc;
 #[delete("/<target>/messages/<msg>")]
 pub async fn req(user: User, target: Ref, msg: Ref) -> Result<()> {
     let channel = target.fetch_channel().await?;
+    channel.has_messaging()?;
 
     let perm = permissions::PermissionCalculator::new(&user)
         .with_channel(&channel)

src/routes/channels/message_fetch.rs

@@ -6,6 +6,7 @@ use rocket_contrib::json::JsonValue;
 #[get("/<target>/messages/<msg>")]
 pub async fn req(user: User, target: Ref, msg: Ref) -> Result<JsonValue> {
     let channel = target.fetch_channel().await?;
+    channel.has_messaging()?;
 
     let perm = permissions::PermissionCalculator::new(&user)
         .with_channel(&channel)

src/routes/channels/message_query_stale.rs

@@ -18,6 +18,7 @@ pub async fn req(user: User, target: Ref, data: Json<Options>) -> Result<JsonVal
     }
 
     let target = target.fetch_channel().await?;
+    target.has_messaging()?;
 
     let perm = permissions::PermissionCalculator::new(&user)
         .with_channel(&target)

src/routes/invites/invite_delete.rs

+use crate::database::*;
+use crate::util::result::{Error, Result};
+
+#[delete("/<target>")]
+pub async fn req(user: User, target: Ref) -> Result<()> {
+    let target = target.fetch_invite().await?;
+
+    if target.creator() == &user.id {
+        target.delete().await
+    } else {
+        match &target {
+            Invite::Server { server, .. } => {
+                let server = Ref::from_unchecked(server.clone()).fetch_server().await?;
+                let perm = permissions::PermissionCalculator::new(&user)
+                    .with_server(&server)
+                    .for_server()
+                    .await?;
+
+                if !perm.get_manage_server() {
+                    return Err(Error::MissingPermission);
+                }
+
+                target.delete().await
+            }
+            _ => unreachable!(),
+        }
+    }
+}