feat: authorized fetch on activities and objects
This commit is contained in:
parent
4e34446894
commit
d3d5f98dfd
3 changed files with 40 additions and 17 deletions
|
@ -101,4 +101,18 @@ impl Entity {
|
||||||
|
|
||||||
select
|
select
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn find_objects() -> Select<Entity> {
|
||||||
|
let mut select = Entity::find()
|
||||||
|
.select_only()
|
||||||
|
.join(sea_orm::JoinType::InnerJoin, Relation::Object.def());
|
||||||
|
// INNERJOIN: filter out addressings for which we don't have an activity anymore
|
||||||
|
// TODO we could in theory return just the link or fetch them again, just ignoring them is mehh
|
||||||
|
|
||||||
|
for col in crate::model::object::Column::iter() {
|
||||||
|
select = select.select_column_as(col, format!("{}{}", crate::model::object::Entity.table_name(), col.to_string()));
|
||||||
|
}
|
||||||
|
|
||||||
|
select
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
use axum::{extract::{Path, State}, http::StatusCode};
|
use axum::{extract::{Path, State}, http::StatusCode};
|
||||||
use sea_orm::EntityTrait;
|
use sea_orm::{ColumnTrait, QueryFilter};
|
||||||
use crate::{model::{self, activity, object}, server::Context};
|
use crate::{model::{self, addressing::EmbeddedActivity}, server::{auth::AuthIdentity, Context}};
|
||||||
use apb::{ActivityMut, ObjectMut, BaseMut, Node};
|
use apb::{ActivityMut, ObjectMut, BaseMut, Node};
|
||||||
|
|
||||||
use super::{jsonld::LD, JsonLD};
|
use super::{jsonld::LD, JsonLD};
|
||||||
|
@ -20,20 +20,19 @@ pub fn ap_activity(activity: model::activity::Model) -> serde_json::Value {
|
||||||
.set_bcc(Node::Empty)
|
.set_bcc(Node::Empty)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn view(State(ctx) : State<Context>, Path(id): Path<String>) -> Result<JsonLD<serde_json::Value>, StatusCode> {
|
pub async fn view(
|
||||||
match activity::Entity::find_by_id(ctx.aid(id))
|
State(ctx): State<Context>,
|
||||||
.find_also_related(object::Entity)
|
Path(id): Path<String>,
|
||||||
|
AuthIdentity(auth): AuthIdentity,
|
||||||
|
) -> Result<JsonLD<serde_json::Value>, StatusCode> {
|
||||||
|
match model::addressing::Entity::find_activities()
|
||||||
|
.filter(model::activity::Column::Id.eq(ctx.aid(id)))
|
||||||
|
.filter(auth.filter_condition())
|
||||||
|
.into_model::<EmbeddedActivity>()
|
||||||
.one(ctx.db())
|
.one(ctx.db())
|
||||||
.await
|
.await
|
||||||
{
|
{
|
||||||
Ok(Some((activity, Some(object)))) => Ok(JsonLD(
|
Ok(Some(activity)) => Ok(JsonLD(serde_json::Value::from(activity).ld_context())),
|
||||||
ap_activity(activity)
|
|
||||||
.set_object(Node::object(super::object::ap_object(object)))
|
|
||||||
.ld_context()
|
|
||||||
)),
|
|
||||||
Ok(Some((activity, None))) => Ok(JsonLD(
|
|
||||||
ap_activity(activity).ld_context()
|
|
||||||
)),
|
|
||||||
Ok(None) => Err(StatusCode::NOT_FOUND),
|
Ok(None) => Err(StatusCode::NOT_FOUND),
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
tracing::error!("error querying for activity: {e}");
|
tracing::error!("error querying for activity: {e}");
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
use axum::{extract::{Path, State}, http::StatusCode};
|
use axum::{extract::{Path, State}, http::StatusCode};
|
||||||
use sea_orm::EntityTrait;
|
use sea_orm::{ColumnTrait, QueryFilter};
|
||||||
|
|
||||||
use apb::{ObjectMut, BaseMut, Node};
|
use apb::{ObjectMut, BaseMut, Node};
|
||||||
use crate::{model::{self, object}, server::Context};
|
use crate::{model, server::{auth::AuthIdentity, Context}};
|
||||||
|
|
||||||
use super::{jsonld::LD, JsonLD};
|
use super::{jsonld::LD, JsonLD};
|
||||||
|
|
||||||
|
@ -23,8 +23,18 @@ pub fn ap_object(object: model::object::Model) -> serde_json::Value {
|
||||||
.set_bcc(Node::Empty)
|
.set_bcc(Node::Empty)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn view(State(ctx) : State<Context>, Path(id): Path<String>) -> Result<JsonLD<serde_json::Value>, StatusCode> {
|
pub async fn view(
|
||||||
match object::Entity::find_by_id(ctx.oid(id)).one(ctx.db()).await {
|
State(ctx): State<Context>,
|
||||||
|
Path(id): Path<String>,
|
||||||
|
AuthIdentity(auth): AuthIdentity,
|
||||||
|
) -> Result<JsonLD<serde_json::Value>, StatusCode> {
|
||||||
|
match model::addressing::Entity::find_objects()
|
||||||
|
.filter(model::object::Column::Id.eq(ctx.oid(id)))
|
||||||
|
.filter(auth.filter_condition())
|
||||||
|
.into_model::<model::object::Model>()
|
||||||
|
.one(ctx.db())
|
||||||
|
.await
|
||||||
|
{
|
||||||
Ok(Some(object)) => Ok(JsonLD(ap_object(object).ld_context())),
|
Ok(Some(object)) => Ok(JsonLD(ap_object(object).ld_context())),
|
||||||
Ok(None) => Err(StatusCode::NOT_FOUND),
|
Ok(None) => Err(StatusCode::NOT_FOUND),
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
|
|
Loading…
Reference in a new issue