Compare commits

..

1 commit

Author SHA1 Message Date
Izalia Mae a5d3021f16 Merge branch 'public-api' into 'master'
Draft: Add API endpoints for relay management

See merge request pleroma/relay!55
2024-02-11 21:03:52 +00:00
8 changed files with 185 additions and 200 deletions

View file

@ -76,7 +76,7 @@ WHERE code = :code;
-- name: del-token-user -- name: del-token-user
DELETE FROM tokens DELETE FROM tokens
WHERE user = :username; WHERE user = :username
-- name: get-software-ban -- name: get-software-ban
@ -91,37 +91,37 @@ RETURNING *;
-- name: del-software-ban -- name: del-software-ban
DELETE FROM software_bans DELETE FROM software_bans
WHERE name = :name; WHERE name = :name
-- name: get-domain-ban -- name: get-domain-ban
SELECT * FROM domain_bans WHERE domain = :domain; SELECT * FROM domain_bans WHERE domain = :domain
-- name: put-domain-ban -- name: put-domain-ban
INSERT INTO domain_bans (domain, reason, note, created) INSERT INTO domain_bans (domain, reason, note, created)
VALUES (:domain, :reason, :note, :created) VALUES (:domain, :reason, :note, :created)
RETURNING *; RETURNING *
-- name: del-domain-ban -- name: del-domain-ban
DELETE FROM domain_bans DELETE FROM domain_bans
WHERE domain = :domain; WHERE domain = :domain
-- name: get-domain-whitelist -- name: get-domain-whitelist
SELECT * FROM whitelist WHERE domain = :domain; SELECT * FROM whitelist WHERE domain = :domain
-- name: put-domain-whitelist -- name: put-domain-whitelist
INSERT INTO whitelist (domain, created) INSERT INTO whitelist (domain, created)
VALUES (:domain, :created) VALUES (:domain, :created)
RETURNING *; RETURNING *
-- name: del-domain-whitelist -- name: del-domain-whitelist
DELETE FROM whitelist DELETE FROM whitelist
WHERE domain = :domain; WHERE domain = :domain
-- cache functions -- -- cache functions --
@ -135,7 +135,7 @@ CREATE TABLE IF NOT EXISTS cache (
type TEXT DEFAULT 'str', type TEXT DEFAULT 'str',
updated TIMESTAMP NOT NULL, updated TIMESTAMP NOT NULL,
UNIQUE(namespace, key) UNIQUE(namespace, key)
); )
-- name: create-cache-table-postgres -- name: create-cache-table-postgres
CREATE TABLE IF NOT EXISTS cache ( CREATE TABLE IF NOT EXISTS cache (
@ -146,21 +146,21 @@ CREATE TABLE IF NOT EXISTS cache (
type TEXT DEFAULT 'str', type TEXT DEFAULT 'str',
updated TIMESTAMP NOT NULL, updated TIMESTAMP NOT NULL,
UNIQUE(namespace, key) UNIQUE(namespace, key)
); )
-- name: get-cache-item -- name: get-cache-item
SELECT * FROM cache SELECT * FROM cache
WHERE namespace = :namespace and key = :key; WHERE namespace = :namespace and key = :key
-- name: get-cache-keys -- name: get-cache-keys
SELECT key FROM cache SELECT key FROM cache
WHERE namespace = :namespace; WHERE namespace = :namespace
-- name: get-cache-namespaces -- name: get-cache-namespaces
SELECT DISTINCT namespace FROM cache; SELECT DISTINCT namespace FROM cache
-- name: set-cache-item -- name: set-cache-item
@ -168,18 +168,18 @@ INSERT INTO cache (namespace, key, value, type, updated)
VALUES (:namespace, :key, :value, :type, :date) VALUES (:namespace, :key, :value, :type, :date)
ON CONFLICT (namespace, key) DO ON CONFLICT (namespace, key) DO
UPDATE SET value = :value, type = :type, updated = :date UPDATE SET value = :value, type = :type, updated = :date
RETURNING *; RETURNING *
-- name: del-cache-item -- name: del-cache-item
DELETE FROM cache DELETE FROM cache
WHERE namespace = :namespace and key = :key; WHERE namespace = :namespace and key = :key
-- name: del-cache-namespace -- name: del-cache-namespace
DELETE FROM cache DELETE FROM cache
WHERE namespace = :namespace; WHERE namespace = :namespace
-- name: del-cache-all -- name: del-cache-all
DELETE FROM cache; DELETE FROM cache

View file

@ -400,11 +400,15 @@ def cli_user_create(ctx: click.Context, username: str, handle: str) -> None:
return return
while True: while True:
if not (password := click.prompt('New password', hide_input = True)): password = click.prompt('New password', hide_input = True)
if not password:
click.echo('No password provided') click.echo('No password provided')
continue continue
if password != click.prompt('New password again', hide_input = True): password2 = click.prompt('New password again', hide_input = True)
if password != password2:
click.echo('Passwords do not match') click.echo('Passwords do not match')
continue continue
@ -467,7 +471,7 @@ def cli_user_delete_token(ctx: click.Context, code: str) -> None:
'Delete an API token' 'Delete an API token'
with ctx.obj.database.connection() as conn: with ctx.obj.database.connection() as conn:
if not conn.get_token(code): if not (conn.get_token(code)):
click.echo('Token does not exist') click.echo('Token does not exist')
return return

View file

@ -170,7 +170,7 @@ processors = {
} }
async def run_processor(view: ActorView) -> None: async def run_processor(view: ActorView, conn: Connection) -> None:
if view.message.type not in processors: if view.message.type not in processors:
logging.verbose( logging.verbose(
'Message type "%s" from actor cannot be handled: %s', 'Message type "%s" from actor cannot be handled: %s',
@ -180,8 +180,8 @@ async def run_processor(view: ActorView) -> None:
return return
with view.database.connection(False) as conn: if view.instance:
if view.instance: with conn.transaction():
if not view.instance['software']: if not view.instance['software']:
if (nodeinfo := await view.client.fetch_nodeinfo(view.instance['domain'])): if (nodeinfo := await view.client.fetch_nodeinfo(view.instance['domain'])):
view.instance = conn.update_inbox( view.instance = conn.update_inbox(
@ -195,5 +195,5 @@ async def run_processor(view: ActorView) -> None:
actor = view.actor.id actor = view.actor.id
) )
logging.verbose('New "%s" from actor: %s', view.message.type, view.actor.id) logging.verbose('New "%s" from actor: %s', view.message.type, view.actor.id)
await processors[view.message.type](view, conn) await processors[view.message.type](view, conn)

View file

@ -34,7 +34,7 @@ class ActorView(View):
self.signer: Signer = None self.signer: Signer = None
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
data = Message.new_actor( data = Message.new_actor(
host = self.config.domain, host = self.config.domain,
pubkey = self.app.signer.pubkey pubkey = self.app.signer.pubkey
@ -43,36 +43,35 @@ class ActorView(View):
return Response.new(data, ctype='activity') return Response.new(data, ctype='activity')
async def post(self, request: Request) -> Response: async def post(self, request: Request, conn: Connection) -> Response:
if response := await self.get_post_data(): if response := await self.get_post_data():
return response return response
with self.database.connection(False) as conn: self.instance = conn.get_inbox(self.actor.shared_inbox)
self.instance = conn.get_inbox(self.actor.shared_inbox) config = conn.get_config_all()
config = conn.get_config_all()
## reject if the actor isn't whitelisted while the whiltelist is enabled ## reject if the actor isn't whitelisted while the whiltelist is enabled
if config['whitelist-enabled'] and not conn.get_domain_whitelist(self.actor.domain): if config['whitelist-enabled'] and not conn.get_domain_whitelist(self.actor.domain):
logging.verbose('Rejected actor for not being in the whitelist: %s', self.actor.id) logging.verbose('Rejected actor for not being in the whitelist: %s', self.actor.id)
return Response.new_error(403, 'access denied', 'json') return Response.new_error(403, 'access denied', 'json')
## reject if actor is banned ## reject if actor is banned
if conn.get_domain_ban(self.actor.domain): if conn.get_domain_ban(self.actor.domain):
logging.verbose('Ignored request from banned actor: %s', self.actor.id) logging.verbose('Ignored request from banned actor: %s', self.actor.id)
return Response.new_error(403, 'access denied', 'json') return Response.new_error(403, 'access denied', 'json')
## reject if activity type isn't 'Follow' and the actor isn't following ## reject if activity type isn't 'Follow' and the actor isn't following
if self.message.type != 'Follow' and not self.instance: if self.message.type != 'Follow' and not self.instance:
logging.verbose( logging.verbose(
'Rejected actor for trying to post while not following: %s', 'Rejected actor for trying to post while not following: %s',
self.actor.id self.actor.id
) )
return Response.new_error(401, 'access denied', 'json') return Response.new_error(401, 'access denied', 'json')
logging.debug('>> payload %s', self.message.to_json(4)) logging.debug('>> payload %s', self.message.to_json(4))
await run_processor(self) await run_processor(self, conn)
return Response.new(status = 202) return Response.new(status = 202)
@ -163,7 +162,7 @@ class ActorView(View):
@register_route('/.well-known/webfinger') @register_route('/.well-known/webfinger')
class WebfingerView(View): class WebfingerView(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
try: try:
subject = request.query['resource'] subject = request.query['resource']

View file

@ -67,33 +67,33 @@ async def handle_api_path(request: web.Request, handler: Coroutine) -> web.Respo
@register_route('/api/v1/token') @register_route('/api/v1/token')
class Login(View): class Login(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
return Response.new({'message': 'Token valid :3'}) return Response.new({'message': 'Token valid :3'})
async def post(self, request: Request) -> Response: async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['username', 'password'], []) data = await self.get_api_data(['username', 'password'], [])
if isinstance(data, Response): if isinstance(data, Response):
return data return data
with self.database.connction(True) as conn: if not (user := conn.get_user(data['username'])):
if not (user := conn.get_user(data['username'])): return Response.new_error(401, 'User not found', 'json')
return Response.new_error(401, 'User not found', 'json')
try: try:
conn.hasher.verify(user['hash'], data['password']) conn.hasher.verify(user['hash'], data['password'])
except VerifyMismatchError: except VerifyMismatchError:
return Response.new_error(401, 'Invalid password', 'json') return Response.new_error(401, 'Invalid password', 'json')
with conn.transaction():
token = conn.put_token(data['username']) token = conn.put_token(data['username'])
return Response.new({'token': token['code']}, ctype = 'json') return Response.new({'token': token['code']}, ctype = 'json')
async def delete(self, request: Request) -> Response: async def delete(self, request: Request, conn: Connection) -> Response:
with self.database.connection(True) as conn: with conn.transaction():
conn.del_token(request['token']) conn.del_token(request['token'])
return Response.new({'message': 'Token revoked'}, ctype = 'json') return Response.new({'message': 'Token revoked'}, ctype = 'json')
@ -101,10 +101,9 @@ class Login(View):
@register_route('/api/v1/relay') @register_route('/api/v1/relay')
class RelayInfo(View): class RelayInfo(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
with self.database.connection(False) as conn: config = conn.get_config_all()
config = conn.get_config_all() inboxes = [row['domain'] for row in conn.execute('SELECT * FROM inboxes')]
inboxes = [row['domain'] for row in conn.execute('SELECT * FROM inboxes')]
data = { data = {
'domain': self.config.domain, 'domain': self.config.domain,
@ -123,10 +122,9 @@ class RelayInfo(View):
@register_route('/api/v1/config') @register_route('/api/v1/config')
class Config(View): class Config(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
with self.database.connection(False) as conn: data = conn.get_config_all()
data = conn.get_config_all() data['log-level'] = data['log-level'].name
data['log-level'] = data['log-level'].name
for key in CONFIG_IGNORE: for key in CONFIG_IGNORE:
del data[key] del data[key]
@ -134,7 +132,7 @@ class Config(View):
return Response.new(data, ctype = 'json') return Response.new(data, ctype = 'json')
async def post(self, request: Request) -> Response: async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['key', 'value'], []) data = await self.get_api_data(['key', 'value'], [])
if isinstance(data, Response): if isinstance(data, Response):
@ -143,13 +141,13 @@ class Config(View):
if data['key'] not in CONFIG_VALID: if data['key'] not in CONFIG_VALID:
return Response.new_error(400, 'Invalid key', 'json') return Response.new_error(400, 'Invalid key', 'json')
with self.database.connection(True) as conn: with conn.transaction():
conn.put_config(data['key'], data['value']) conn.put_config(data['key'], data['value'])
return Response.new({'message': 'Updated config'}, ctype = 'json') return Response.new({'message': 'Updated config'}, ctype = 'json')
async def delete(self, request: Request) -> Response: async def delete(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['key'], []) data = await self.get_api_data(['key'], [])
if isinstance(data, Response): if isinstance(data, Response):
@ -158,7 +156,7 @@ class Config(View):
if data['key'] not in CONFIG_VALID: if data['key'] not in CONFIG_VALID:
return Response.new_error(400, 'Invalid key', 'json') return Response.new_error(400, 'Invalid key', 'json')
with self.database.connection(True) as conn: with conn.transaction():
conn.put_config(data['key'], CONFIG_DEFAULTS[data['key']][1]) conn.put_config(data['key'], CONFIG_DEFAULTS[data['key']][1])
return Response.new({'message': 'Updated config'}, ctype = 'json') return Response.new({'message': 'Updated config'}, ctype = 'json')
@ -166,24 +164,23 @@ class Config(View):
@register_route('/api/v1/instance') @register_route('/api/v1/instance')
class Inbox(View): class Inbox(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
data = [] data = []
with self.database.connection(False) as conn: for inbox in conn.execute('SELECT * FROM inboxes'):
for inbox in conn.execute('SELECT * FROM inboxes'): try:
try: created = datetime.fromtimestamp(inbox['created'], tz = timezone.utc)
created = datetime.fromtimestamp(inbox['created'], tz = timezone.utc)
except TypeError: except TypeError:
created = datetime.fromisoformat(inbox['created']) created = datetime.fromisoformat(inbox['created'])
inbox['created'] = created.isoformat() inbox['created'] = created.isoformat()
data.append(inbox) data.append(inbox)
return Response.new(data, ctype = 'json') return Response.new(data, ctype = 'json')
async def post(self, request: Request) -> Response: async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['actor'], ['inbox', 'software', 'followid']) data = await self.get_api_data(['actor'], ['inbox', 'software', 'followid'])
if isinstance(data, Response): if isinstance(data, Response):
@ -191,24 +188,24 @@ class Inbox(View):
data['domain'] = urlparse(data["actor"]).netloc data['domain'] = urlparse(data["actor"]).netloc
with self.database.connection(True) as conn: if conn.get_inbox(data['domain']):
if conn.get_inbox(data['domain']): return Response.new_error(404, 'Instance already in database', 'json')
return Response.new_error(404, 'Instance already in database', 'json')
if not data.get('inbox'): if not data.get('inbox'):
try: try:
actor_data = await self.client.get( actor_data = await self.client.get(
data['actor'], data['actor'],
sign_headers = True, sign_headers = True,
loads = Message.parse loads = Message.parse
) )
data['inbox'] = actor_data.shared_inbox data['inbox'] = actor_data.shared_inbox
except Exception as e: except Exception as e:
logging.error('Failed to fetch actor: %s', str(e)) logging.error('Failed to fetch actor: %s', str(e))
return Response.new_error(500, 'Failed to fetch actor', 'json') return Response.new_error(500, 'Failed to fetch actor', 'json')
with conn.transaction():
row = conn.put_inbox(**data) row = conn.put_inbox(**data)
return Response.new(row, ctype = 'json') return Response.new(row, ctype = 'json')
@ -216,38 +213,37 @@ class Inbox(View):
@register_route('/api/v1/instance/{domain}') @register_route('/api/v1/instance/{domain}')
class InboxSingle(View): class InboxSingle(View):
async def get(self, request: Request, domain: str) -> Response: async def get(self, request: Request, conn: Connection, domain: str) -> Response:
with self.database.connection(False) as conn: if not (row := conn.get_inbox(domain)):
if not (row := conn.get_inbox(domain)): return Response.new_error(404, 'Instance with domain not found', 'json')
return Response.new_error(404, 'Instance with domain not found', 'json')
row['created'] = datetime.fromtimestamp(row['created'], tz = timezone.utc).isoformat() row['created'] = datetime.fromtimestamp(row['created'], tz = timezone.utc).isoformat()
return Response.new(row, ctype = 'json') return Response.new(row, ctype = 'json')
async def patch(self, request: Request, domain: str) -> Response: async def patch(self, request: Request, conn: Connection, domain: str) -> Response:
with self.database.connection(True) as conn: if not conn.get_inbox(domain):
if not conn.get_inbox(domain): return Response.new_error(404, 'Instance with domain not found', 'json')
return Response.new_error(404, 'Instance with domain not found', 'json')
data = await self.get_api_data([], ['actor', 'software', 'followid']) data = await self.get_api_data([], ['actor', 'software', 'followid'])
if isinstance(data, Response): if isinstance(data, Response):
return data return data
if not (instance := conn.get_inbox(domain)): if not (instance := conn.get_inbox(domain)):
return Response.new_error(404, 'Instance with domain not found', 'json') return Response.new_error(404, 'Instance with domain not found', 'json')
with conn.transaction():
instance = conn.update_inbox(instance['inbox'], **data) instance = conn.update_inbox(instance['inbox'], **data)
return Response.new(instance, ctype = 'json') return Response.new(instance, ctype = 'json')
async def delete(self, request: Request, domain: str) -> Response: async def delete(self, request: Request, conn: Connection, domain: str) -> Response:
with self.database.connection(True) as conn: if not conn.get_inbox(domain):
if not conn.get_inbox(domain): return Response.new_error(404, 'Instance with domain not found', 'json')
return Response.new_error(404, 'Instance with domain not found', 'json')
with conn.transaction():
conn.del_inbox(domain) conn.del_inbox(domain)
return Response.new({'message': 'Deleted instance'}, ctype = 'json') return Response.new({'message': 'Deleted instance'}, ctype = 'json')
@ -255,23 +251,21 @@ class InboxSingle(View):
@register_route('/api/v1/domain_ban') @register_route('/api/v1/domain_ban')
class DomainBan(View): class DomainBan(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
with self.database.connection(False) as conn: bans = conn.execute('SELECT * FROM domain_bans').all()
bans = conn.execute('SELECT * FROM domain_bans').all()
return Response.new(bans, ctype = 'json') return Response.new(bans, ctype = 'json')
async def post(self, request: Request) -> Response: async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['domain'], ['note', 'reason']) data = await self.get_api_data(['domain'], ['note', 'reason'])
if isinstance(data, Response): if isinstance(data, Response):
return data return data
with self.database.connection(True) as conn: if conn.get_domain_ban(data['domain']):
if conn.get_domain_ban(data['domain']): return Response.new_error(400, 'Domain already banned', 'json')
return Response.new_error(400, 'Domain already banned', 'json')
with conn.transaction():
ban = conn.put_domain_ban(**data) ban = conn.put_domain_ban(**data)
return Response.new(ban, ctype = 'json') return Response.new(ban, ctype = 'json')
@ -279,37 +273,36 @@ class DomainBan(View):
@register_route('/api/v1/domain_ban/{domain}') @register_route('/api/v1/domain_ban/{domain}')
class DomainBanSingle(View): class DomainBanSingle(View):
async def get(self, request: Request, domain: str) -> Response: async def get(self, request: Request, conn: Connection, domain: str) -> Response:
with self.database.connection(False) as conn: if not (ban := conn.get_domain_ban(domain)):
if not (ban := conn.get_domain_ban(domain)): return Response.new_error(404, 'Domain ban not found', 'json')
return Response.new_error(404, 'Domain ban not found', 'json')
return Response.new(ban, ctype = 'json') return Response.new(ban, ctype = 'json')
async def patch(self, request: Request, domain: str) -> Response: async def patch(self, request: Request, conn: Connection, domain: str) -> Response:
with self.database.connection(True) as conn: if not conn.get_domain_ban(domain):
if not conn.get_domain_ban(domain): return Response.new_error(404, 'Domain not banned', 'json')
return Response.new_error(404, 'Domain not banned', 'json')
data = await self.get_api_data([], ['note', 'reason']) data = await self.get_api_data([], ['note', 'reason'])
if isinstance(data, Response): if isinstance(data, Response):
return data return data
if not any([data.get('note'), data.get('reason')]): if not any([data.get('note'), data.get('reason')]):
return Response.new_error(400, 'Must include note and/or reason parameters', 'json') return Response.new_error(400, 'Must include note and/or reason parameters', 'json')
with conn.transaction():
ban = conn.update_domain_ban(domain, **data) ban = conn.update_domain_ban(domain, **data)
return Response.new(ban, ctype = 'json') return Response.new(ban, ctype = 'json')
async def delete(self, request: Request, domain: str) -> Response: async def delete(self, request: Request, conn: Connection, domain: str) -> Response:
with self.database.connection(True) as conn: if not conn.get_domain_ban(domain):
if not conn.get_domain_ban(domain): return Response.new_error(404, 'Domain not banned', 'json')
return Response.new_error(404, 'Domain not banned', 'json')
with conn.transaction():
conn.del_domain_ban(domain) conn.del_domain_ban(domain)
return Response.new({'message': 'Unbanned domain'}, ctype = 'json') return Response.new({'message': 'Unbanned domain'}, ctype = 'json')
@ -317,23 +310,21 @@ class DomainBanSingle(View):
@register_route('/api/v1/software_ban') @register_route('/api/v1/software_ban')
class SoftwareBan(View): class SoftwareBan(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
with self.database.connection(False) as conn: bans = conn.execute('SELECT * FROM software_bans').all()
bans = conn.execute('SELECT * FROM software_bans').all()
return Response.new(bans, ctype = 'json') return Response.new(bans, ctype = 'json')
async def post(self, request: Request) -> Response: async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['name'], ['note', 'reason']) data = await self.get_api_data(['name'], ['note', 'reason'])
if isinstance(data, Response): if isinstance(data, Response):
return data return data
with self.database.connection(True) as conn: if conn.get_software_ban(data['name']):
if conn.get_software_ban(data['name']): return Response.new_error(400, 'Domain already banned', 'json')
return Response.new_error(400, 'Domain already banned', 'json')
with conn.transaction():
ban = conn.put_software_ban(**data) ban = conn.put_software_ban(**data)
return Response.new(ban, ctype = 'json') return Response.new(ban, ctype = 'json')
@ -341,37 +332,36 @@ class SoftwareBan(View):
@register_route('/api/v1/software_ban/{name}') @register_route('/api/v1/software_ban/{name}')
class SoftwareBanSingle(View): class SoftwareBanSingle(View):
async def get(self, request: Request, name: str) -> Response: async def get(self, request: Request, conn: Connection, name: str) -> Response:
with self.database.connection(False) as conn: if not (ban := conn.get_software_ban(name)):
if not (ban := conn.get_software_ban(name)): return Response.new_error(404, 'Software ban not found', 'json')
return Response.new_error(404, 'Software ban not found', 'json')
return Response.new(ban, ctype = 'json') return Response.new(ban, ctype = 'json')
async def patch(self, request: Request, name: str) -> Response: async def patch(self, request: Request, conn: Connection, name: str) -> Response:
with self.database.connection(True) as conn: if not conn.get_software_ban(name):
if not conn.get_software_ban(name): return Response.new_error(404, 'Software not banned', 'json')
return Response.new_error(404, 'Software not banned', 'json')
data = await self.get_api_data([], ['note', 'reason']) data = await self.get_api_data([], ['note', 'reason'])
if isinstance(data, Response): if isinstance(data, Response):
return data return data
if not any([data.get('note'), data.get('reason')]): if not any([data.get('note'), data.get('reason')]):
return Response.new_error(400, 'Must include note and/or reason parameters', 'json') return Response.new_error(400, 'Must include note and/or reason parameters', 'json')
with conn.transaction():
ban = conn.update_software_ban(name, **data) ban = conn.update_software_ban(name, **data)
return Response.new(ban, ctype = 'json') return Response.new(ban, ctype = 'json')
async def delete(self, request: Request, name: str) -> Response: async def delete(self, request: Request, conn: Connection, name: str) -> Response:
with self.database.connection(True) as conn: if not conn.get_software_ban(name):
if not conn.get_software_ban(name): return Response.new_error(404, 'Software not banned', 'json')
return Response.new_error(404, 'Software not banned', 'json')
with conn.transaction():
conn.del_software_ban(name) conn.del_software_ban(name)
return Response.new({'message': 'Unbanned software'}, ctype = 'json') return Response.new({'message': 'Unbanned software'}, ctype = 'json')
@ -379,23 +369,21 @@ class SoftwareBanSingle(View):
@register_route('/api/v1/whitelist') @register_route('/api/v1/whitelist')
class Whitelist(View): class Whitelist(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
with self.database.connection(False) as conn: items = conn.execute('SELECT * FROM whitelist').all()
items = conn.execute('SELECT * FROM whitelist').all()
return Response.new(items, ctype = 'json') return Response.new(items, ctype = 'json')
async def post(self, request: Request) -> Response: async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['domain'], []) data = await self.get_api_data(['domain'])
if isinstance(data, Response): if isinstance(data, Response):
return data return data
with self.database.connection(True) as conn: if conn.get_domain_whitelist(data['domain']):
if conn.get_domain_whitelist(data['domain']): return Response.new_error(400, 'Domain already added to whitelist', 'json')
return Response.new_error(400, 'Domain already added to whitelist', 'json')
with conn.transaction():
item = conn.put_domain_whitelist(**data) item = conn.put_domain_whitelist(**data)
return Response.new(item, ctype = 'json') return Response.new(item, ctype = 'json')
@ -403,19 +391,18 @@ class Whitelist(View):
@register_route('/api/v1/domain/{domain}') @register_route('/api/v1/domain/{domain}')
class WhitelistSingle(View): class WhitelistSingle(View):
async def get(self, request: Request, domain: str) -> Response: async def get(self, request: Request, conn: Connection, domain: str) -> Response:
with self.database.connection(False) as conn: if not (item := conn.get_domain_whitelist(domain)):
if not (item := conn.get_domain_whitelist(domain)): return Response.new_error(404, 'Domain not in whitelist', 'json')
return Response.new_error(404, 'Domain not in whitelist', 'json')
return Response.new(item, ctype = 'json') return Response.new(item, ctype = 'json')
async def delete(self, request: Request, domain: str) -> Response: async def delete(self, request: Request, conn: Connection, domain: str) -> Response:
with self.database.connection(False) as conn: if not conn.get_domain_whitelist(domain):
if not conn.get_domain_whitelist(domain): return Response.new_error(404, 'Domain not in whitelist', 'json')
return Response.new_error(404, 'Domain not in whitelist', 'json')
with conn.transaction():
conn.del_domain_whitelist(domain) conn.del_domain_whitelist(domain)
return Response.new({'message': 'Removed domain from whitelist'}, ctype = 'json') return Response.new({'message': 'Removed domain from whitelist'}, ctype = 'json')

View file

@ -43,7 +43,8 @@ class View(AbstractView):
async def _run_handler(self, handler: Coroutine) -> Response: async def _run_handler(self, handler: Coroutine) -> Response:
return await handler(self.request, **self.request.match_info) with self.database.connection(False) as conn:
return await handler(self.request, conn, **self.request.match_info)
@cached_property @cached_property
@ -91,10 +92,7 @@ class View(AbstractView):
return self.app.database return self.app.database
async def get_api_data(self, async def get_api_data(self, required: list[str], optional: list[str]) -> dict[str, str] | Response:
required: list[str],
optional: list[str]) -> dict[str, str] | Response:
if self.request.content_type in {'x-www-form-urlencoded', 'multipart/form-data'}: if self.request.content_type in {'x-www-form-urlencoded', 'multipart/form-data'}:
post_data = await self.request.post() post_data = await self.request.post()

View file

@ -48,10 +48,9 @@ HOME_TEMPLATE = """
@register_route('/') @register_route('/')
class HomeView(View): class HomeView(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
with self.database.connection(False) as conn: config = conn.get_config_all()
config = conn.get_config_all() inboxes = conn.execute('SELECT * FROM inboxes').all()
inboxes = conn.execute('SELECT * FROM inboxes').all()
text = HOME_TEMPLATE.format( text = HOME_TEMPLATE.format(
host = self.config.domain, host = self.config.domain,

View file

@ -33,18 +33,17 @@ if Path(__file__).parent.parent.joinpath('.git').exists():
@register_route('/nodeinfo/{niversion:\\d.\\d}.json', '/nodeinfo/{niversion:\\d.\\d}') @register_route('/nodeinfo/{niversion:\\d.\\d}.json', '/nodeinfo/{niversion:\\d.\\d}')
class NodeinfoView(View): class NodeinfoView(View):
# pylint: disable=no-self-use # pylint: disable=no-self-use
async def get(self, request: Request, niversion: str) -> Response: async def get(self, request: Request, conn: Connection, niversion: str) -> Response:
with self.database.connection(False) as conn: inboxes = conn.execute('SELECT * FROM inboxes').all()
inboxes = conn.execute('SELECT * FROM inboxes').all()
data = { data = {
'name': 'activityrelay', 'name': 'activityrelay',
'version': VERSION, 'version': VERSION,
'protocols': ['activitypub'], 'protocols': ['activitypub'],
'open_regs': not conn.get_config('whitelist-enabled'), 'open_regs': not conn.get_config('whitelist-enabled'),
'users': 1, 'users': 1,
'metadata': {'peers': [inbox['domain'] for inbox in inboxes]} 'metadata': {'peers': [inbox['domain'] for inbox in inboxes]}
} }
if niversion == '2.1': if niversion == '2.1':
data['repo'] = 'https://git.pleroma.social/pleroma/relay' data['repo'] = 'https://git.pleroma.social/pleroma/relay'
@ -54,7 +53,6 @@ class NodeinfoView(View):
@register_route('/.well-known/nodeinfo') @register_route('/.well-known/nodeinfo')
class WellknownNodeinfoView(View): class WellknownNodeinfoView(View):
async def get(self, request: Request) -> Response: async def get(self, request: Request, conn: Connection) -> Response:
data = WellKnownNodeinfo.new_template(self.config.domain) data = WellKnownNodeinfo.new_template(self.config.domain)
return Response.new(data, ctype = 'json') return Response.new(data, ctype = 'json')