versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-06 16:38:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor(api): ♻️ Group note/account fetching code in some routes

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-12-30 21:30:10 +01:00
parent 16f302c2dc
commit 82da70bcac
No known key found for this signature in database
32 changed files with 210 additions and 553 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
api/api/v1/accounts/:id/block.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "post", method: "post",
@ -20,6 +18,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
responses: { responses: {
200: { 200: {
@ -30,14 +29,6 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
request: { request: {
params: z.object({ params: z.object({
@ -48,14 +39,8 @@ const route = createRoute({
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const foundRelationship = await Relationship.fromOwnerAndSubject( const foundRelationship = await Relationship.fromOwnerAndSubject(
user, user,

23
api/api/v1/accounts/:id/follow.ts
View file

@ -1,11 +1,9 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import ISO6391 from "iso-639-1"; import ISO6391 from "iso-639-1";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const schemas = { const schemas = {
param: z.object({ param: z.object({
@ -37,6 +35,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
responses: { responses: {
200: { 200: {
@ -47,14 +46,6 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
request: { request: {
params: schemas.param, params: schemas.param,
@ -70,15 +61,9 @@ const route = createRoute({
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const { reblogs, notify, languages } = context.req.valid("json"); const { reblogs, notify, languages } = context.req.valid("json");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
let relationship = await Relationship.fromOwnerAndSubject( let relationship = await Relationship.fromOwnerAndSubject(
user, user,

22
api/api/v1/accounts/:id/followers.ts
View file

@ -1,11 +1,9 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Timeline, User } from "@versia/kit/db"; import { Timeline, User } from "@versia/kit/db";
import { RolePermissions, Users } from "@versia/kit/tables"; import { RolePermissions, Users } from "@versia/kit/tables";
import { and, gt, gte, lt, sql } from "drizzle-orm"; import { and, gt, gte, lt, sql } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const schemas = { const schemas = {
query: z.object({ query: z.object({
@ -34,6 +32,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -53,30 +52,15 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "The specified account was not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { max_id, since_id, min_id, limit } = context.req.valid("query"); const { max_id, since_id, min_id, limit } = context.req.valid("query");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
// TODO: Add follower/following privacy settings // TODO: Add follower/following privacy settings
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const { objects, link } = await Timeline.getUserTimeline( const { objects, link } = await Timeline.getUserTimeline(
and( and(
max_id ? lt(Users.id, max_id) : undefined, max_id ? lt(Users.id, max_id) : undefined,

21
api/api/v1/accounts/:id/following.ts
View file

@ -1,11 +1,9 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Timeline, User } from "@versia/kit/db"; import { Timeline, User } from "@versia/kit/db";
import { RolePermissions, Users } from "@versia/kit/tables"; import { RolePermissions, Users } from "@versia/kit/tables";
import { and, gt, gte, lt, sql } from "drizzle-orm"; import { and, gt, gte, lt, sql } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const schemas = { const schemas = {
query: z.object({ query: z.object({
@ -34,6 +32,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -54,27 +53,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { max_id, since_id, min_id } = context.req.valid("query"); const { max_id, since_id, min_id } = context.req.valid("query");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
// TODO: Add follower/following privacy settings // TODO: Add follower/following privacy settings

25
api/api/v1/accounts/:id/index.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { User } from "@versia/kit/db"; import { User } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "get", method: "get",
@ -16,6 +14,7 @@ const route = createRoute({
auth: false, auth: false,
permissions: [RolePermissions.ViewAccounts], permissions: [RolePermissions.ViewAccounts],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -31,28 +30,14 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const otherUser = context.get("user");
const foundUser = await User.fromId(id); return context.json(otherUser.toApi(user?.id === otherUser.id), 200);
if (!foundUser) {
throw new ApiError(404, "User not found");
}
return context.json(foundUser.toApi(user?.id === foundUser.id), 200);
}), }),
); );

23
api/api/v1/accounts/:id/mute.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const schemas = { const schemas = {
param: z.object({ param: z.object({
@ -35,6 +33,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -55,29 +54,15 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
// TODO: Add duration support // TODO: Add duration support
const { notifications } = context.req.valid("json"); const { notifications } = context.req.valid("json");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const foundRelationship = await Relationship.fromOwnerAndSubject( const foundRelationship = await Relationship.fromOwnerAndSubject(
user, user,

23
api/api/v1/accounts/:id/note.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const schemas = { const schemas = {
param: z.object({ param: z.object({
@ -29,6 +27,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -49,28 +48,14 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const { comment } = context.req.valid("json"); const { comment } = context.req.valid("json");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const foundRelationship = await Relationship.fromOwnerAndSubject( const foundRelationship = await Relationship.fromOwnerAndSubject(
user, user,

23
api/api/v1/accounts/:id/pin.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "post", method: "post",
@ -20,6 +18,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -35,27 +34,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const foundRelationship = await Relationship.fromOwnerAndSubject( const foundRelationship = await Relationship.fromOwnerAndSubject(
user, user,

19
api/api/v1/accounts/:id/refetch.ts
View file

@ -1,4 +1,4 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { User } from "@versia/kit/db"; import { User } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
@ -17,6 +17,7 @@ const route = createRoute({
scopes: ["write:accounts"], scopes: ["write:accounts"],
permissions: [RolePermissions.ViewAccounts], permissions: [RolePermissions.ViewAccounts],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -32,14 +33,6 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
400: { 400: {
description: "User is local", description: "User is local",
content: { content: {
@ -53,13 +46,7 @@ const route = createRoute({
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param"); const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
if (otherUser.isLocal()) { if (otherUser.isLocal()) {
throw new ApiError(400, "Cannot refetch a local user"); throw new ApiError(400, "Cannot refetch a local user");

23
api/api/v1/accounts/:id/remove_from_followers.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "post", method: "post",
@ -20,6 +18,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -35,27 +34,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const oppositeRelationship = await Relationship.fromOwnerAndSubject( const oppositeRelationship = await Relationship.fromOwnerAndSubject(
otherUser, otherUser,

29
api/api/v1/accounts/:id/roles/:role_id/index.ts
View file

@ -1,6 +1,6 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Role, User } from "@versia/kit/db"; import { Role } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error"; import { ApiError } from "~/classes/errors/api-error";
@ -22,6 +22,7 @@ const routePost = createRoute({
auth: true, auth: true,
permissions: [RolePermissions.ManageRoles], permissions: [RolePermissions.ManageRoles],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -30,9 +31,8 @@ const routePost = createRoute({
204: { 204: {
description: "Role assigned", description: "Role assigned",
}, },
404: { 404: {
description: "User or role not found", description: "Role not found",
content: { content: {
"application/json": { "application/json": {
schema: ErrorSchema, schema: ErrorSchema,
@ -59,6 +59,7 @@ const routeDelete = createRoute({
auth: true, auth: true,
permissions: [RolePermissions.ManageRoles], permissions: [RolePermissions.ManageRoles],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -67,9 +68,8 @@ const routeDelete = createRoute({
204: { 204: {
description: "Role removed", description: "Role removed",
}, },
404: { 404: {
description: "User or role not found", description: "Role not found",
content: { content: {
"application/json": { "application/json": {
schema: ErrorSchema, schema: ErrorSchema,
@ -90,19 +90,14 @@ const routeDelete = createRoute({
export default apiRoute((app) => { export default apiRoute((app) => {
app.openapi(routePost, async (context) => { app.openapi(routePost, async (context) => {
const { user } = context.get("auth"); const { user } = context.get("auth");
const { id, role_id } = context.req.valid("param"); const { role_id } = context.req.valid("param");
const targetUser = context.get("user");
const targetUser = await User.fromId(id);
const role = await Role.fromId(role_id); const role = await Role.fromId(role_id);
if (!role) { if (!role) {
throw new ApiError(404, "Role not found"); throw new ApiError(404, "Role not found");
} }
if (!targetUser) {
throw new ApiError(404, "User not found");
}
// Priority check // Priority check
const userRoles = await Role.getUserRoles(user.id, user.data.isAdmin); const userRoles = await Role.getUserRoles(user.id, user.data.isAdmin);
@ -125,19 +120,15 @@ export default apiRoute((app) => {
app.openapi(routeDelete, async (context) => { app.openapi(routeDelete, async (context) => {
const { user } = context.get("auth"); const { user } = context.get("auth");
const { id, role_id } = context.req.valid("param"); const { role_id } = context.req.valid("param");
const targetUser = context.get("user");
const targetUser = await User.fromId(id);
const role = await Role.fromId(role_id); const role = await Role.fromId(role_id);
if (!role) { if (!role) {
throw new ApiError(404, "Role not found"); throw new ApiError(404, "Role not found");
} }
if (!targetUser) {
throw new ApiError(404, "User not found");
}
// Priority check // Priority check
const userRoles = await Role.getUserRoles(user.id, user.data.isAdmin); const userRoles = await Role.getUserRoles(user.id, user.data.isAdmin);

23
api/api/v1/accounts/:id/roles/index.ts
View file

@ -1,9 +1,7 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Role, User } from "@versia/kit/db"; import { Role } from "@versia/kit/db";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "get", method: "get",
@ -13,6 +11,7 @@ const route = createRoute({
auth({ auth({
auth: false, auth: false,
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -28,26 +27,12 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => { export default apiRoute((app) => {
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param"); const targetUser = context.get("user");
const targetUser = await User.fromId(id);
if (!targetUser) {
throw new ApiError(404, "User not found");
}
const roles = await Role.getUserRoles( const roles = await Role.getUserRoles(
targetUser.id, targetUser.id,

25
api/api/v1/accounts/:id/statuses.ts
View file

@ -1,11 +1,9 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note, Timeline, User } from "@versia/kit/db"; import { Note, Timeline } from "@versia/kit/db";
import { Notes, RolePermissions } from "@versia/kit/tables"; import { Notes, RolePermissions } from "@versia/kit/tables";
import { and, eq, gt, gte, inArray, isNull, lt, or, sql } from "drizzle-orm"; import { and, eq, gt, gte, inArray, isNull, lt, or, sql } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const schemas = { const schemas = {
param: z.object({ param: z.object({
@ -53,6 +51,7 @@ const route = createRoute({
], ],
scopes: ["read:statuses"], scopes: ["read:statuses"],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -72,27 +71,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const { const {
max_id, max_id,
@ -110,7 +95,7 @@ export default apiRoute((app) =>
max_id ? lt(Notes.id, max_id) : undefined, max_id ? lt(Notes.id, max_id) : undefined,
since_id ? gte(Notes.id, since_id) : undefined, since_id ? gte(Notes.id, since_id) : undefined,
min_id ? gt(Notes.id, min_id) : undefined, min_id ? gt(Notes.id, min_id) : undefined,
eq(Notes.authorId, id), eq(Notes.authorId, otherUser.id),
only_media only_media
? sql`EXISTS (SELECT 1 FROM "Attachments" WHERE "Attachments"."noteId" = ${Notes.id})` ? sql`EXISTS (SELECT 1 FROM "Attachments" WHERE "Attachments"."noteId" = ${Notes.id})`
: undefined, : undefined,

23
api/api/v1/accounts/:id/unblock.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "post", method: "post",
@ -20,6 +18,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -35,27 +34,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const foundRelationship = await Relationship.fromOwnerAndSubject( const foundRelationship = await Relationship.fromOwnerAndSubject(
user, user,

23
api/api/v1/accounts/:id/unfollow.ts
View file

@ -1,9 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api"; import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
@ -20,6 +19,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -35,15 +35,6 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
500: { 500: {
description: "Failed to unfollow user during federation", description: "Failed to unfollow user during federation",
content: { content: {
@ -57,14 +48,8 @@ const route = createRoute({
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const foundRelationship = await Relationship.fromOwnerAndSubject( const foundRelationship = await Relationship.fromOwnerAndSubject(
user, user,

24
api/api/v1/accounts/:id/unmute.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "post", method: "post",
@ -20,6 +18,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -35,28 +34,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const foundRelationship = await Relationship.fromOwnerAndSubject( const foundRelationship = await Relationship.fromOwnerAndSubject(
user, user,

24
api/api/v1/accounts/:id/unpin.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withUserParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Relationship, User } from "@versia/kit/db"; import { Relationship } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "post", method: "post",
@ -20,6 +18,7 @@ const route = createRoute({
RolePermissions.ViewAccounts, RolePermissions.ViewAccounts,
], ],
}), }),
withUserParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -35,28 +34,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "User not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const otherUser = context.get("user");
const otherUser = await User.fromId(id);
if (!otherUser) {
throw new ApiError(404, "User not found");
}
const foundRelationship = await Relationship.fromOwnerAndSubject( const foundRelationship = await Relationship.fromOwnerAndSubject(
user, user,

17
api/api/v1/statuses/:id/context.ts
View file

@ -1,9 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note } from "@versia/kit/db"; import { Note } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api"; import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
@ -14,6 +13,7 @@ const route = createRoute({
auth: false, auth: false,
permissions: [RolePermissions.ViewNotes], permissions: [RolePermissions.ViewNotes],
}), }),
withNoteParam,
] as const, ] as const,
summary: "Get status context", summary: "Get status context",
request: { request: {
@ -46,19 +46,12 @@ const route = createRoute({
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const foundStatus = await Note.fromId(id, user?.id); const ancestors = await note.getAncestors(user ?? null);
if (!foundStatus) { const descendants = await note.getDescendants(user ?? null);
throw new ApiError(404, "Note not found");
}
const ancestors = await foundStatus.getAncestors(user ?? null);
const descendants = await foundStatus.getDescendants(user ?? null);
return context.json( return context.json(
{ {

1
api/api/v1/statuses/:id/favourite.test.ts
View file

@ -32,7 +32,6 @@ describe("/api/v1/statuses/:id/favourite", () => {
}, },
}, },
); );
expect(response.status).toBe(200); expect(response.status).toBe(200);
const json = (await response.json()) as ApiStatus; const json = (await response.json()) as ApiStatus;

23
api/api/v1/statuses/:id/favourite.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note } from "@versia/kit/db"; import { Note } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "post", method: "post",
@ -18,6 +16,7 @@ const route = createRoute({
RolePermissions.ViewNotes, RolePermissions.ViewNotes,
], ],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -33,29 +32,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const note = await Note.fromId(id, user?.id);
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
await user.like(note); await user.like(note);

26
api/api/v1/statuses/:id/favourited_by.ts
View file

@ -1,11 +1,9 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note, Timeline, User } from "@versia/kit/db"; import { Timeline, User } from "@versia/kit/db";
import { RolePermissions, Users } from "@versia/kit/tables"; import { RolePermissions, Users } from "@versia/kit/tables";
import { and, gt, gte, lt, sql } from "drizzle-orm"; import { and, gt, gte, lt, sql } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const schemas = { const schemas = {
query: z.object({ query: z.object({
@ -31,6 +29,7 @@ const route = createRoute({
RolePermissions.ViewNoteLikes, RolePermissions.ViewNoteLikes,
], ],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -45,30 +44,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { max_id, since_id, min_id, limit } = context.req.valid("query"); const { max_id, since_id, min_id, limit } = context.req.valid("query");
const { id } = context.req.valid("param"); const note = context.get("note");
const { user } = context.get("auth");
const note = await Note.fromId(id, user?.id);
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
const { objects, link } = await Timeline.getUserTimeline( const { objects, link } = await Timeline.getUserTimeline(
and( and(

37
api/api/v1/statuses/:id/index.ts
View file

@ -1,4 +1,4 @@
import { apiRoute, auth, jsonOrForm } from "@/api"; import { apiRoute, auth, jsonOrForm, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Attachment, Note } from "@versia/kit/db"; import { Attachment, Note } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
@ -75,6 +75,7 @@ const routeGet = createRoute({
auth: false, auth: false,
permissions: [RolePermissions.ViewNotes], permissions: [RolePermissions.ViewNotes],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -111,6 +112,7 @@ const routeDelete = createRoute({
RolePermissions.ViewNotes, RolePermissions.ViewNotes,
], ],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -156,6 +158,7 @@ const routePut = createRoute({
], ],
}), }),
jsonOrForm(), jsonOrForm(),
withNoteParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -190,14 +193,6 @@ const routePut = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
422: { 422: {
description: "Invalid media IDs", description: "Invalid media IDs",
content: { content: {
@ -211,27 +206,15 @@ const routePut = createRoute({
export default apiRoute((app) => { export default apiRoute((app) => {
app.openapi(routeGet, async (context) => { app.openapi(routeGet, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const note = await Note.fromId(id, user?.id);
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
return context.json(await note.toApi(user), 200); return context.json(await note.toApi(user), 200);
}); });
app.openapi(routeDelete, async (context) => { app.openapi(routeDelete, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const note = await Note.fromId(id, user?.id);
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
if (note.author.id !== user.id) { if (note.author.id !== user.id) {
throw new ApiError(401, "Unauthorized"); throw new ApiError(401, "Unauthorized");
@ -246,14 +229,8 @@ export default apiRoute((app) => {
}); });
app.openapi(routePut, async (context) => { app.openapi(routePut, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const note = await Note.fromId(id, user?.id);
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
if (note.author.id !== user.id) { if (note.author.id !== user.id) {
throw new ApiError(401, "Unauthorized"); throw new ApiError(401, "Unauthorized");

37
api/api/v1/statuses/:id/pin.ts
View file

@ -1,4 +1,4 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note, db } from "@versia/kit/db"; import { Note, db } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
@ -7,12 +7,6 @@ import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error"; import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api"; import { ErrorSchema } from "~/types/api";
const schemas = {
param: z.object({
id: z.string().uuid(),
}),
};
const route = createRoute({ const route = createRoute({
method: "post", method: "post",
path: "/api/v1/statuses/{id}/pin", path: "/api/v1/statuses/{id}/pin",
@ -25,9 +19,12 @@ const route = createRoute({
RolePermissions.ViewNotes, RolePermissions.ViewNotes,
], ],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: z.object({
id: z.string().uuid(),
}),
}, },
responses: { responses: {
200: { 200: {
@ -46,14 +43,6 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
422: { 422: {
description: "Already pinned", description: "Already pinned",
content: { content: {
@ -67,16 +56,10 @@ const route = createRoute({
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const foundStatus = await Note.fromId(id, user?.id); if (note.author.id !== user.id) {
if (!foundStatus) {
throw new ApiError(404, "Note not found");
}
if (foundStatus.author.id !== user.id) {
throw new ApiError(401, "Unauthorized"); throw new ApiError(401, "Unauthorized");
} }
@ -84,7 +67,7 @@ export default apiRoute((app) =>
await db.query.UserToPinnedNotes.findFirst({ await db.query.UserToPinnedNotes.findFirst({
where: (userPinnedNote, { and, eq }): SQL | undefined => where: (userPinnedNote, { and, eq }): SQL | undefined =>
and( and(
eq(userPinnedNote.noteId, foundStatus.data.id), eq(userPinnedNote.noteId, note.data.id),
eq(userPinnedNote.userId, user.id), eq(userPinnedNote.userId, user.id),
), ),
}) })
@ -92,8 +75,8 @@ export default apiRoute((app) =>
throw new ApiError(422, "Already pinned"); throw new ApiError(422, "Already pinned");
} }
await user.pin(foundStatus); await user.pin(note);
return context.json(await foundStatus.toApi(user), 200); return context.json(await note.toApi(user), 200);
}), }),
); );

20
api/api/v1/statuses/:id/reblog.ts
View file

@ -1,4 +1,4 @@
import { apiRoute, auth, jsonOrForm } from "@/api"; import { apiRoute, auth, jsonOrForm, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note } from "@versia/kit/db"; import { Note } from "@versia/kit/db";
import { Notes, RolePermissions } from "@versia/kit/tables"; import { Notes, RolePermissions } from "@versia/kit/tables";
@ -29,6 +29,7 @@ const route = createRoute({
], ],
}), }),
jsonOrForm(), jsonOrForm(),
withNoteParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -55,15 +56,6 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
422: { 422: {
description: "Already reblogged", description: "Already reblogged",
content: { content: {
@ -85,15 +77,9 @@ const route = createRoute({
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { visibility } = context.req.valid("json"); const { visibility } = context.req.valid("json");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const note = await Note.fromId(id, user.id);
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
const existingReblog = await Note.fromSql( const existingReblog = await Note.fromSql(
and(eq(Notes.authorId, user.id), eq(Notes.reblogId, note.data.id)), and(eq(Notes.authorId, user.id), eq(Notes.reblogId, note.data.id)),

25
api/api/v1/statuses/:id/reblogged_by.ts
View file

@ -1,11 +1,9 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note, Timeline, User } from "@versia/kit/db"; import { Timeline, User } from "@versia/kit/db";
import { RolePermissions, Users } from "@versia/kit/tables"; import { RolePermissions, Users } from "@versia/kit/tables";
import { and, gt, gte, lt, sql } from "drizzle-orm"; import { and, gt, gte, lt, sql } from "drizzle-orm";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const schemas = { const schemas = {
param: z.object({ param: z.object({
@ -31,6 +29,7 @@ const route = createRoute({
RolePermissions.ViewNoteBoosts, RolePermissions.ViewNoteBoosts,
], ],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: schemas.param, params: schemas.param,
@ -45,29 +44,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { max_id, min_id, since_id, limit } = context.req.valid("query"); const { max_id, min_id, since_id, limit } = context.req.valid("query");
const { user } = context.get("auth"); const note = context.get("note");
const note = await Note.fromId(id, user.id);
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
const { objects, link } = await Timeline.getUserTimeline( const { objects, link } = await Timeline.getUserTimeline(
and( and(

26
api/api/v1/statuses/:id/source.ts
View file

@ -1,11 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import type { StatusSource as ApiStatusSource } from "@versia/client/types"; import type { StatusSource as ApiStatusSource } from "@versia/client/types";
import { Note } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "get", method: "get",
@ -19,6 +16,7 @@ const route = createRoute({
RolePermissions.ViewNotes, RolePermissions.ViewNotes,
], ],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -38,28 +36,12 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, (context) => {
const { id } = context.req.valid("param"); const note = context.get("note");
const { user } = context.get("auth");
const note = await Note.fromId(id, user.id);
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
return context.json( return context.json(
{ {

22
api/api/v1/statuses/:id/unfavourite.ts
View file

@ -1,10 +1,8 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note } from "@versia/kit/db"; import { Note } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
import { z } from "zod"; import { z } from "zod";
import { ApiError } from "~/classes/errors/api-error";
import { ErrorSchema } from "~/types/api";
const route = createRoute({ const route = createRoute({
method: "post", method: "post",
@ -18,6 +16,7 @@ const route = createRoute({
RolePermissions.ViewNotes, RolePermissions.ViewNotes,
], ],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -33,28 +32,13 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const note = await Note.fromId(id, user.id);
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
await user.unlike(note); await user.unlike(note);

27
api/api/v1/statuses/:id/unpin.ts
View file

@ -1,4 +1,4 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note } from "@versia/kit/db"; import { Note } from "@versia/kit/db";
import { RolePermissions } from "@versia/kit/tables"; import { RolePermissions } from "@versia/kit/tables";
@ -18,6 +18,7 @@ const route = createRoute({
RolePermissions.ViewNotes, RolePermissions.ViewNotes,
], ],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -41,38 +42,24 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
}, },
}); });
export default apiRoute((app) => export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const status = await Note.fromId(id, user.id); if (note.author.id !== user.id) {
if (!status) {
throw new ApiError(404, "Note not found");
}
if (status.author.id !== user.id) {
throw new ApiError(401, "Unauthorized"); throw new ApiError(401, "Unauthorized");
} }
await user.unpin(status); await user.unpin(note);
if (!status) { if (!note) {
throw new ApiError(404, "Note not found"); throw new ApiError(404, "Note not found");
} }
return context.json(await status.toApi(user), 200); return context.json(await note.toApi(user), 200);
}), }),
); );

20
api/api/v1/statuses/:id/unreblog.ts
View file

@ -1,4 +1,4 @@
import { apiRoute, auth } from "@/api"; import { apiRoute, auth, withNoteParam } from "@/api";
import { createRoute } from "@hono/zod-openapi"; import { createRoute } from "@hono/zod-openapi";
import { Note } from "@versia/kit/db"; import { Note } from "@versia/kit/db";
import { Notes, RolePermissions } from "@versia/kit/tables"; import { Notes, RolePermissions } from "@versia/kit/tables";
@ -19,6 +19,7 @@ const route = createRoute({
RolePermissions.ViewNotes, RolePermissions.ViewNotes,
], ],
}), }),
withNoteParam,
] as const, ] as const,
request: { request: {
params: z.object({ params: z.object({
@ -34,15 +35,6 @@ const route = createRoute({
}, },
}, },
}, },
404: {
description: "Record not found",
content: {
"application/json": {
schema: ErrorSchema,
},
},
},
422: { 422: {
description: "Not already reblogged", description: "Not already reblogged",
content: { content: {
@ -58,13 +50,7 @@ export default apiRoute((app) =>
app.openapi(route, async (context) => { app.openapi(route, async (context) => {
const { id } = context.req.valid("param"); const { id } = context.req.valid("param");
const { user } = context.get("auth"); const { user } = context.get("auth");
const note = context.get("note");
const note = await Note.fromId(id, user.id);
// Check if user is authorized to view this status (if it's private)
if (!(note && (await note?.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
const existingReblog = await Note.fromSql( const existingReblog = await Note.fromSql(
and(eq(Notes.authorId, user.id), eq(Notes.reblogId, note.data.id)), and(eq(Notes.authorId, user.id), eq(Notes.reblogId, note.data.id)),

BIN
bun.lockb
View file

Binary file not shown.

1
package.json
View file

@ -113,6 +113,7 @@
"@hono/prometheus": "^1.0.1", "@hono/prometheus": "^1.0.1",
"@hono/swagger-ui": "^0.5.0", "@hono/swagger-ui": "^0.5.0",
"@hono/zod-openapi": "0.18.3", "@hono/zod-openapi": "0.18.3",
"@hono/zod-validator": "^0.4.2",
"@inquirer/confirm": "^5.1.1", "@inquirer/confirm": "^5.1.1",
"@inquirer/input": "^4.1.1", "@inquirer/input": "^4.1.1",
"@json2csv/plainjs": "^7.0.6", "@json2csv/plainjs": "^7.0.6",

85
utils/api.ts
View file

@ -1,11 +1,13 @@
import type { OpenAPIHono } from "@hono/zod-openapi"; import type { OpenAPIHono } from "@hono/zod-openapi";
import { zValidator } from "@hono/zod-validator";
import { getLogger } from "@logtape/logtape"; import { getLogger } from "@logtape/logtape";
import { Application, Token, db } from "@versia/kit/db"; import { Application, Note, Token, User, db } from "@versia/kit/db";
import { Challenges, type RolePermissions } from "@versia/kit/tables"; import { Challenges, type RolePermissions } from "@versia/kit/tables";
import { extractParams, verifySolution } from "altcha-lib"; import { extractParams, verifySolution } from "altcha-lib";
import chalk from "chalk"; import chalk from "chalk";
import { type SQL, eq } from "drizzle-orm"; import { type SQL, eq } from "drizzle-orm";
import type { Context, MiddlewareHandler } from "hono"; import type { Context, MiddlewareHandler } from "hono";
import { every } from "hono/combine";
import { createMiddleware } from "hono/factory"; import { createMiddleware } from "hono/factory";
import { import {
anyOf, anyOf,
@ -22,7 +24,7 @@ import {
oneOrMore, oneOrMore,
} from "magic-regexp"; } from "magic-regexp";
import { type ParsedQs, parse } from "qs"; import { type ParsedQs, parse } from "qs";
import type { z } from "zod"; import { z } from "zod";
import { fromZodError } from "zod-validation-error"; import { fromZodError } from "zod-validation-error";
import { ApiError } from "~/classes/errors/api-error"; import { ApiError } from "~/classes/errors/api-error";
import type { AuthData } from "~/classes/functions/user"; import type { AuthData } from "~/classes/functions/user";
@ -292,6 +294,85 @@ export const auth = <AuthRequired extends boolean>(options: {
}); });
}; };
type WithIdParam = {
in: { param: { id: string } };
out: { param: { id: string } };
};
/**
* Middleware to check if a note exists and is viewable by the user.
*
* Useful in /api/v1/statuses/:id/* routes
* @returns MiddlewareHandler
*/
export const withNoteParam = every(
zValidator("param", z.object({ id: z.string().uuid() }), handleZodError),
createMiddleware<
HonoEnv & {
Variables: {
note: Note;
};
},
string,
WithIdParam
>(async (context, next) => {
const { id } = context.req.valid("param");
const { user } = context.get("auth");
const note = await Note.fromId(id, user?.id);
if (!(note && (await note.isViewableByUser(user)))) {
throw new ApiError(404, "Note not found");
}
context.set("note", note);
await next();
}),
) as MiddlewareHandler<
HonoEnv & {
Variables: {
note: Note;
};
}
>;
/**
* Middleware to check if a user exists
*
* Useful in /api/v1/accounts/:id/* routes
* @returns MiddlewareHandler
*/
export const withUserParam = every(
zValidator("param", z.object({ id: z.string().uuid() }), handleZodError),
createMiddleware<
HonoEnv & {
Variables: {
user: User;
};
},
string,
WithIdParam
>(async (context, next) => {
const { id } = context.req.valid("param");
const user = await User.fromId(id);
if (!user) {
throw new ApiError(404, "User not found");
}
context.set("user", user);
await next();
}),
) as MiddlewareHandler<
HonoEnv & {
Variables: {
user: User;
};
}
>;
// Helper function to parse form data // Helper function to parse form data
async function parseFormData(context: Context): Promise<{ async function parseFormData(context: Context): Promise<{
parsed: ParsedQs; parsed: ParsedQs;