feat: report

src/api/attention.rs

@@ -1,11 +1,11 @@
 use crate::api::post::ps2outputs;
-use crate::api::{APIError, CurrentUser, PolicyError::*, API, UGC};
+use crate::api::{CurrentUser, JsonAPI, PolicyError::*, UGC};
 use crate::db_conn::Db;
 use crate::models::*;
 use crate::rds_conn::RdsConn;
 use crate::rds_models::*;
 use rocket::form::Form;
-use rocket::serde::json::{json, Value};
+use rocket::serde::json::json;
 
 #[derive(FromForm)]
 pub struct AttentionInput {
@@ -20,13 +20,15 @@ pub async fn attention_post(
     user: CurrentUser,
     db: Db,
     rconn: RdsConn,
-) -> API<Value> {
-    user.id.ok_or_else(|| APIError::PcError(NotAllowed))?;
+) -> JsonAPI {
+    // 临时用户不允许手动关注
+    user.id.ok_or_else(|| NotAllowed)?;
+
     let mut p = Post::get(&db, &rconn, ai.pid).await?;
     p.check_permission(&user, "r")?;
     let mut att = Attention::init(&user.namehash, &rconn);
     let switch_to = ai.switch == 1;
-    let mut delta: i32 = 0;
+    let delta: i32;
     if att.has(ai.pid).await? != switch_to {
         if switch_to {
             att.add(ai.pid).await?;
@@ -37,20 +39,23 @@ pub async fn attention_post(
         }
         p.change_n_attentions(&db, delta).await?;
         p.change_hot_score(&db, delta * 2).await?;
+        if switch_to && user.is_admin {
+            p.set_is_reported(&db, false).await?;
+        }
         p.refresh_cache(&rconn, false).await;
     }
 
     Ok(json!({
         "code": 0,
         "attention": ai.switch == 1,
-        "n_attentions": p.n_attentions + delta,
+        "n_attentions": p.n_attentions,
         // for old version frontend
-        "likenum": p.n_attentions + delta,
+        "likenum": p.n_attentions,
     }))
 }
 
 #[get("/getattention")]
-pub async fn get_attention(user: CurrentUser, db: Db, rconn: RdsConn) -> API<Value> {
+pub async fn get_attention(user: CurrentUser, db: Db, rconn: RdsConn) -> JsonAPI {
     let ids = Attention::init(&user.namehash, &rconn).all().await?;
     let ps = Post::get_multi(&db, &rconn, &ids).await?;
     let ps_data = ps2outputs(&ps, &user, &db, &rconn).await;

src/api/comment.rs

@@ -1,4 +1,4 @@
-use crate::api::{APIError, CurrentUser, PolicyError::*, API, UGC};
+use crate::api::{APIError, CurrentUser, JsonAPI, PolicyError::*, UGC};
 use crate::db_conn::Db;
 use crate::models::*;
 use crate::rds_conn::RdsConn;
@@ -6,10 +6,7 @@ use crate::rds_models::*;
 use chrono::{offset::Utc, DateTime};
 use rocket::form::Form;
 use rocket::futures::{future::TryFutureExt, join, try_join};
-use rocket::serde::{
-    json::{json, Value},
-    Serialize,
-};
+use rocket::serde::{json::json, Serialize};
 use std::collections::HashMap;
 
 #[derive(FromForm)]
@@ -66,7 +63,7 @@ pub fn c2output<'r>(p: &'r Post, cs: &Vec<Comment>, user: &CurrentUser) -> Vec<C
 }
 
 #[get("/getcomment?<pid>")]
-pub async fn get_comment(pid: i32, user: CurrentUser, db: Db, rconn: RdsConn) -> API<Value> {
+pub async fn get_comment(pid: i32, user: CurrentUser, db: Db, rconn: RdsConn) -> JsonAPI {
     let p = Post::get(&db, &rconn, pid).await?;
     if p.is_deleted {
         return Err(APIError::PcError(IsDeleted));
@@ -90,7 +87,7 @@ pub async fn add_comment(
     user: CurrentUser,
     db: Db,
     rconn: RdsConn,
-) -> API<Value> {
+) -> JsonAPI {
     let mut p = Post::get(&db, &rconn, ci.pid).await?;
     let c = Comment::create(
         &db,
@@ -104,7 +101,7 @@ pub async fn add_comment(
     )
     .await?;
     p.change_n_comments(&db, 1).await?;
-    p.update_comment_time(&db, c.create_time).await?;
+    p.set_last_comment_time(&db, c.create_time).await?;
     // auto attention after comment
     let mut att = Attention::init(&user.namehash, &rconn);
 

src/api/mod.rs

@@ -19,7 +19,6 @@ pub fn catch_403_error() -> &'static str {
     "可能被封禁了，等下次重置吧"
 }
 
-
 pub struct CurrentUser {
     id: Option<i32>, // tmp user has no id, only for block
     namehash: String,
@@ -123,6 +122,12 @@ impl From<redis::RedisError> for APIError {
     }
 }
 
+impl From<PolicyError> for APIError {
+    fn from(err: PolicyError) -> APIError {
+        APIError::PcError(err)
+    }
+}
+
 pub type API<T> = Result<T, APIError>;
 pub type JsonAPI = API<Value>;
 
@@ -175,7 +180,7 @@ impl UGC for Post {
         self.n_comments == 0
     }
     async fn do_set_deleted(&mut self, db: &Db) -> API<()> {
-        self.set_deleted(db).await.map_err(From::from)
+        self.set_is_deleted(db, true).await.map_err(From::from)
     }
 }
 
@@ -194,7 +199,7 @@ impl UGC for Comment {
         true
     }
     async fn do_set_deleted(&mut self, db: &Db) -> API<()> {
-        self.set_deleted(db).await.map_err(From::from)
+        self.set_is_deleted(db, true).await.map_err(From::from)
     }
 }
 

src/api/operation.rs

@@ -1,11 +1,11 @@
-use crate::api::{APIError, CurrentUser, PolicyError::*, API, UGC};
+use crate::api::{APIError, CurrentUser, JsonAPI, PolicyError::*, UGC};
 use crate::db_conn::Db;
 use crate::models::*;
 use crate::rds_conn::RdsConn;
 use crate::rds_models::*;
 use chrono::offset::Local;
 use rocket::form::Form;
-use rocket::serde::json::{json, Value};
+use rocket::serde::json::json;
 
 #[derive(FromForm)]
 pub struct DeleteInput {
@@ -16,12 +16,7 @@ pub struct DeleteInput {
 }
 
 #[post("/delete", data = "<di>")]
-pub async fn delete(
-    di: Form<DeleteInput>,
-    user: CurrentUser,
-    db: Db,
-    rconn: RdsConn,
-) -> API<Value> {
+pub async fn delete(di: Form<DeleteInput>, user: CurrentUser, db: Db, rconn: RdsConn) -> JsonAPI {
     let mut p: Post;
     let mut c: Comment;
     let author_hash: &str;
@@ -78,3 +73,30 @@ pub async fn delete(
         "code": 0
     }))
 }
+
+#[derive(FromForm)]
+pub struct ReportInput {
+    pid: i32,
+    reason: String,
+}
+
+#[post("/report", data = "<ri>")]
+pub async fn report(ri: Form<ReportInput>, user: CurrentUser, db: Db, rconn: RdsConn) -> JsonAPI {
+    // 临时用户不允许举报
+    user.id.ok_or_else(|| NotAllowed)?;
+
+    let mut p = Post::get(&db, &rconn, ri.pid).await?;
+    p.set_is_reported(&db, true).await?;
+    p.refresh_cache(&rconn, false).await;
+    Systemlog {
+        user_hash: user.namehash,
+        action_type: LogType::Report,
+        target: format!("#{} {}", ri.pid, if ri.reason.starts_with("评论区") { "评论区" } else {""}),
+        detail: ri.reason.clone(),
+        time: Local::now(),
+    }.create(&rconn)
+    .await?;
+    Ok(json!({
+        "code": 0
+    }))
+}

src/api/post.rs

@@ -1,5 +1,5 @@
 use crate::api::comment::{c2output, CommentOutput};
-use crate::api::{APIError, CurrentUser, JsonAPI, PolicyError::*, UGC};
+use crate::api::{CurrentUser, JsonAPI, UGC};
 use crate::db_conn::Db;
 use crate::models::*;
 use crate::rds_conn::RdsConn;
@@ -158,11 +158,8 @@ pub async fn publish_post(
 #[post("/editcw", data = "<cwi>")]
 pub async fn edit_cw(cwi: Form<CwInput>, user: CurrentUser, db: Db, rconn: RdsConn) -> JsonAPI {
     let mut p = Post::get(&db, &rconn, cwi.pid).await?;
-    if !(user.is_admin || p.author_hash == user.namehash) {
-        return Err(APIError::PcError(NotAllowed));
-    }
     p.check_permission(&user, "w")?;
-    p.update_cw(&db, cwi.cw.to_string()).await?;
+    p.set_cw(&db, cwi.cw.to_string()).await?;
     p.refresh_cache(&rconn, false).await;
     Ok(json!({"code": 0}))
 }

src/api/systemlog.rs

@@ -1,7 +1,7 @@
 use crate::api::{CurrentUser, JsonAPI};
 use crate::random_hasher::RandomHasher;
 use crate::rds_conn::RdsConn;
-use crate::rds_models::Systemlog;
+use crate::rds_models::{Systemlog};
 use rocket::serde::json::{json, Value};
 use rocket::State;
 
@@ -19,7 +19,7 @@ pub async fn get_systemlog(user: CurrentUser, rh: &State<RandomHasher>, rconn: R
                 "type": log.action_type,
                 "user": look!(log.user_hash),
                 "timestamp": log.time.timestamp(),
-                "detail": format!("{}\n{}", &log.target, &log.detail)
+                "detail": format!("{}\n{}", &log.target, if user.is_admin || !log.action_type.contains_ugc()  { &log.detail } else { "" })
             })
         ).collect::<Vec<Value>>(),
     }))