use axum::{extract::{Path, Query, State}, http::StatusCode, Json}; use sea_orm::{ColumnTrait, Condition, Order, QueryFilter, QueryOrder, QuerySelect}; use crate::{errors::UpubError, model::{self, addressing::EmbeddedActivity}, routes::activitypub::{jsonld::LD, JsonLD, Pagination}, server::{auth::{AuthIdentity, Identity}, Context}, url}; pub async fn get( State(ctx): State, Path(id): Path, AuthIdentity(auth): AuthIdentity, ) -> Result, StatusCode> { match auth { Identity::Anonymous => Err(StatusCode::FORBIDDEN), Identity::Remote(_) => Err(StatusCode::FORBIDDEN), Identity::Local(user) => if ctx.uid(id.clone()) == user { Ok(JsonLD(ctx.ap_collection(&url!(ctx, "/users/{id}/inbox"), None).ld_context())) } else { Err(StatusCode::FORBIDDEN) }, } } pub async fn page( State(ctx): State, Path(id): Path, AuthIdentity(auth): AuthIdentity, Query(page): Query, ) -> crate::Result> { let Identity::Local(uid) = auth else { // local inbox is only for local users return Err(UpubError::forbidden()); }; if uid != ctx.uid(id.clone()) { return Err(UpubError::forbidden()); } let limit = page.batch.unwrap_or(20).min(50); let offset = page.offset.unwrap_or(0); let activities = model::addressing::Entity::find_activities() .filter(Condition::all().add(model::addressing::Column::Actor.eq(&uid))) .order_by(model::addressing::Column::Published, Order::Asc) .offset(offset) .limit(limit) .into_model::() .all(ctx.db()) .await?; Ok(JsonLD( ctx.ap_collection_page( &url!(ctx, "/users/{id}/inbox/page"), offset, limit, activities .into_iter() .map(|x| x.into()) .collect() ).ld_context() )) } pub async fn post( State(ctx): State, Path(_id): Path, AuthIdentity(_auth): AuthIdentity, Json(activity): Json, ) -> Result<(), UpubError> { // POSTing to user inboxes is effectively the same as POSTing to the main inbox super::super::inbox::post(State(ctx), AuthIdentity(_auth), Json(activity)).await }