feat: add user approval after registration

basically credentials are disabled until approved by admin
feat: add indexes on followers/following fields
2024-06-28 05:13:02 +02:00 · 2024-06-28 05:11:41 +02:00
8 changed files with 94 additions and 0 deletions
--- a/upub/core/src/config.rs
+++ b/upub/core/src/config.rs
@ -65,6 +65,9 @@ pub struct SecurityConfig {
 	#[serde(default)]
 	pub allow_registration: bool,

+	#[serde(default)] // TODO i don't like the name of this
+	pub require_user_approval: bool,
+
 	#[serde(default)]
 	pub allow_public_debugger: bool,

--- a/upub/core/src/model/credential.rs
+++ b/upub/core/src/model/credential.rs
@ -9,6 +9,7 @@ pub struct Model {
 	pub actor: String,
 	pub login: String,
 	pub password: String,
+	pub active: bool,
 }

 #[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
--- a/upub/core/src/traits/admin.rs
+++ b/upub/core/src/traits/admin.rs
@ -75,6 +75,7 @@ impl Administrable for crate::Context {
 			actor: Set(ap_id),
 			login: Set(username),
 			password: Set(sha256::digest(password)),
+			active: Set(!self.cfg().security.require_user_approval),
 		};

 		crate::model::credential::Entity::insert(credentials_model)
--- a/upub/migrations/src/lib.rs
+++ b/upub/migrations/src/lib.rs
@ -12,6 +12,8 @@ mod m20240607_000001_activity_ref_is_optional;
 mod m20240609_000001_add_instance_field_to_relations;
 mod m20240623_000001_add_dislikes_table;
 mod m20240626_000001_add_notifications_table;
+mod m20240628_000001_add_followers_following_indexes;
+mod m20240628_000002_add_credentials_activated;

 pub struct Migrator;

@ -31,6 +33,8 @@ impl MigratorTrait for Migrator {
 			Box::new(m20240609_000001_add_instance_field_to_relations::Migration),
 			Box::new(m20240623_000001_add_dislikes_table::Migration),
 			Box::new(m20240626_000001_add_notifications_table::Migration),
+			Box::new(m20240628_000001_add_followers_following_indexes::Migration),
+			Box::new(m20240628_000002_add_credentials_activated::Migration),
 		]
 	}
 }
--- a/upub/migrations/src/m20240524_000003_create_users_auth_and_config.rs
+++ b/upub/migrations/src/m20240524_000003_create_users_auth_and_config.rs
@ -21,6 +21,7 @@ pub enum Credentials {
 	Actor,
 	Login,
 	Password,
+	Active, // ADDED
 }

 #[derive(DeriveIden)]
--- a/upub/migrations/src/m20240628_000001_add_followers_following_indexes.rs
+++ b/upub/migrations/src/m20240628_000001_add_followers_following_indexes.rs
@ -0,0 +1,45 @@
+use sea_orm_migration::prelude::*;
+
+use crate::m20240524_000001_create_actor_activity_object_tables::Actors;
+
+#[derive(DeriveMigrationName)]
+pub struct Migration;
+
+#[async_trait::async_trait]
+impl MigrationTrait for Migration {
+	async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
+		manager
+			.create_index(
+				Index::create()
+					.name("index-actors-followers")
+					.table(Actors::Table)
+					.col(Actors::Followers)
+					.to_owned()
+				)
+			.await?;
+
+		manager
+			.create_index(
+				Index::create()
+					.name("index-actors-following")
+					.table(Actors::Table)
+					.col(Actors::Following)
+					.to_owned()
+				)
+			.await?;
+
+		Ok(())
+	}
+
+	async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
+		manager
+			.drop_index(Index::drop().name("index-actors-followers").table(Actors::Table).to_owned())
+			.await?;
+
+		manager
+			.drop_index(Index::drop().name("index-actors-following").table(Actors::Table).to_owned())
+			.await?;
+
+		Ok(())
+	}
+}
--- a/upub/migrations/src/m20240628_000002_add_credentials_activated.rs
+++ b/upub/migrations/src/m20240628_000002_add_credentials_activated.rs
@ -0,0 +1,38 @@
+use sea_orm_migration::prelude::*;
+
+use crate::m20240524_000003_create_users_auth_and_config::Credentials;
+
+#[derive(DeriveMigrationName)]
+pub struct Migration;
+
+#[async_trait::async_trait]
+impl MigrationTrait for Migration {
+	async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
+
+		manager
+			.alter_table(
+				Table::alter()
+					.table(Credentials::Table)
+					.add_column(ColumnDef::new(Credentials::Active).boolean().not_null().default(false))
+					.to_owned()
+			)
+			.await?;
+
+		Ok(())
+	}
+
+	async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
+
+		manager
+			.alter_table(
+				Table::alter()
+					.table(Credentials::Table)
+					.drop_column(Credentials::Active)
+					.to_owned()
+			)
+			.await?;
+
+		Ok(())
+	}
+}
+
--- a/upub/routes/src/activitypub/auth.rs
+++ b/upub/routes/src/activitypub/auth.rs
@ -35,6 +35,7 @@ pub async fn login(
 		.filter(Condition::all()
 			.add(upub::model::credential::Column::Login.eq(login.email))
 			.add(upub::model::credential::Column::Password.eq(sha256::digest(login.password)))
+			.add(upub::model::credential::Column::Active.eq(true))
 		)
 		.one(ctx.db())
 		.await?
Author	SHA1	Message	Date
alemi	9011dc0ab2	feat: add user approval after registration basically credentials are disabled until approved by admin	2024-06-28 05:13:02 +02:00
alemi	1ee7eb1498	feat: add indexes on followers/following fields will use them for proper address expansion soon™️	2024-06-28 05:11:41 +02:00