Compare commits

..

1 commit

Author SHA1 Message Date
Izalia Mae a5d3021f16 Merge branch 'public-api' into 'master'
Draft: Add API endpoints for relay management

See merge request pleroma/relay!55
2024-02-11 21:03:52 +00:00
8 changed files with 185 additions and 200 deletions

View file

@ -76,7 +76,7 @@ WHERE code = :code;
-- name: del-token-user
DELETE FROM tokens
WHERE user = :username;
WHERE user = :username
-- name: get-software-ban
@ -91,37 +91,37 @@ RETURNING *;
-- name: del-software-ban
DELETE FROM software_bans
WHERE name = :name;
WHERE name = :name
-- name: get-domain-ban
SELECT * FROM domain_bans WHERE domain = :domain;
SELECT * FROM domain_bans WHERE domain = :domain
-- name: put-domain-ban
INSERT INTO domain_bans (domain, reason, note, created)
VALUES (:domain, :reason, :note, :created)
RETURNING *;
RETURNING *
-- name: del-domain-ban
DELETE FROM domain_bans
WHERE domain = :domain;
WHERE domain = :domain
-- name: get-domain-whitelist
SELECT * FROM whitelist WHERE domain = :domain;
SELECT * FROM whitelist WHERE domain = :domain
-- name: put-domain-whitelist
INSERT INTO whitelist (domain, created)
VALUES (:domain, :created)
RETURNING *;
RETURNING *
-- name: del-domain-whitelist
DELETE FROM whitelist
WHERE domain = :domain;
WHERE domain = :domain
-- cache functions --
@ -135,7 +135,7 @@ CREATE TABLE IF NOT EXISTS cache (
type TEXT DEFAULT 'str',
updated TIMESTAMP NOT NULL,
UNIQUE(namespace, key)
);
)
-- name: create-cache-table-postgres
CREATE TABLE IF NOT EXISTS cache (
@ -146,21 +146,21 @@ CREATE TABLE IF NOT EXISTS cache (
type TEXT DEFAULT 'str',
updated TIMESTAMP NOT NULL,
UNIQUE(namespace, key)
);
)
-- name: get-cache-item
SELECT * FROM cache
WHERE namespace = :namespace and key = :key;
WHERE namespace = :namespace and key = :key
-- name: get-cache-keys
SELECT key FROM cache
WHERE namespace = :namespace;
WHERE namespace = :namespace
-- name: get-cache-namespaces
SELECT DISTINCT namespace FROM cache;
SELECT DISTINCT namespace FROM cache
-- name: set-cache-item
@ -168,18 +168,18 @@ INSERT INTO cache (namespace, key, value, type, updated)
VALUES (:namespace, :key, :value, :type, :date)
ON CONFLICT (namespace, key) DO
UPDATE SET value = :value, type = :type, updated = :date
RETURNING *;
RETURNING *
-- name: del-cache-item
DELETE FROM cache
WHERE namespace = :namespace and key = :key;
WHERE namespace = :namespace and key = :key
-- name: del-cache-namespace
DELETE FROM cache
WHERE namespace = :namespace;
WHERE namespace = :namespace
-- name: del-cache-all
DELETE FROM cache;
DELETE FROM cache

View file

@ -400,11 +400,15 @@ def cli_user_create(ctx: click.Context, username: str, handle: str) -> None:
return
while True:
if not (password := click.prompt('New password', hide_input = True)):
password = click.prompt('New password', hide_input = True)
if not password:
click.echo('No password provided')
continue
if password != click.prompt('New password again', hide_input = True):
password2 = click.prompt('New password again', hide_input = True)
if password != password2:
click.echo('Passwords do not match')
continue
@ -467,7 +471,7 @@ def cli_user_delete_token(ctx: click.Context, code: str) -> None:
'Delete an API token'
with ctx.obj.database.connection() as conn:
if not conn.get_token(code):
if not (conn.get_token(code)):
click.echo('Token does not exist')
return

View file

@ -170,7 +170,7 @@ processors = {
}
async def run_processor(view: ActorView) -> None:
async def run_processor(view: ActorView, conn: Connection) -> None:
if view.message.type not in processors:
logging.verbose(
'Message type "%s" from actor cannot be handled: %s',
@ -180,8 +180,8 @@ async def run_processor(view: ActorView) -> None:
return
with view.database.connection(False) as conn:
if view.instance:
with conn.transaction():
if not view.instance['software']:
if (nodeinfo := await view.client.fetch_nodeinfo(view.instance['domain'])):
view.instance = conn.update_inbox(

View file

@ -34,7 +34,7 @@ class ActorView(View):
self.signer: Signer = None
async def get(self, request: Request) -> Response:
async def get(self, request: Request, conn: Connection) -> Response:
data = Message.new_actor(
host = self.config.domain,
pubkey = self.app.signer.pubkey
@ -43,11 +43,10 @@ class ActorView(View):
return Response.new(data, ctype='activity')
async def post(self, request: Request) -> Response:
async def post(self, request: Request, conn: Connection) -> Response:
if response := await self.get_post_data():
return response
with self.database.connection(False) as conn:
self.instance = conn.get_inbox(self.actor.shared_inbox)
config = conn.get_config_all()
@ -72,7 +71,7 @@ class ActorView(View):
logging.debug('>> payload %s', self.message.to_json(4))
await run_processor(self)
await run_processor(self, conn)
return Response.new(status = 202)
@ -163,7 +162,7 @@ class ActorView(View):
@register_route('/.well-known/webfinger')
class WebfingerView(View):
async def get(self, request: Request) -> Response:
async def get(self, request: Request, conn: Connection) -> Response:
try:
subject = request.query['resource']

View file

@ -67,17 +67,16 @@ async def handle_api_path(request: web.Request, handler: Coroutine) -> web.Respo
@register_route('/api/v1/token')
class Login(View):
async def get(self, request: Request) -> Response:
async def get(self, request: Request, conn: Connection) -> Response:
return Response.new({'message': 'Token valid :3'})
async def post(self, request: Request) -> Response:
async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['username', 'password'], [])
if isinstance(data, Response):
return data
with self.database.connction(True) as conn:
if not (user := conn.get_user(data['username'])):
return Response.new_error(401, 'User not found', 'json')
@ -87,13 +86,14 @@ class Login(View):
except VerifyMismatchError:
return Response.new_error(401, 'Invalid password', 'json')
with conn.transaction():
token = conn.put_token(data['username'])
return Response.new({'token': token['code']}, ctype = 'json')
async def delete(self, request: Request) -> Response:
with self.database.connection(True) as conn:
async def delete(self, request: Request, conn: Connection) -> Response:
with conn.transaction():
conn.del_token(request['token'])
return Response.new({'message': 'Token revoked'}, ctype = 'json')
@ -101,8 +101,7 @@ class Login(View):
@register_route('/api/v1/relay')
class RelayInfo(View):
async def get(self, request: Request) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection) -> Response:
config = conn.get_config_all()
inboxes = [row['domain'] for row in conn.execute('SELECT * FROM inboxes')]
@ -123,8 +122,7 @@ class RelayInfo(View):
@register_route('/api/v1/config')
class Config(View):
async def get(self, request: Request) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection) -> Response:
data = conn.get_config_all()
data['log-level'] = data['log-level'].name
@ -134,7 +132,7 @@ class Config(View):
return Response.new(data, ctype = 'json')
async def post(self, request: Request) -> Response:
async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['key', 'value'], [])
if isinstance(data, Response):
@ -143,13 +141,13 @@ class Config(View):
if data['key'] not in CONFIG_VALID:
return Response.new_error(400, 'Invalid key', 'json')
with self.database.connection(True) as conn:
with conn.transaction():
conn.put_config(data['key'], data['value'])
return Response.new({'message': 'Updated config'}, ctype = 'json')
async def delete(self, request: Request) -> Response:
async def delete(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['key'], [])
if isinstance(data, Response):
@ -158,7 +156,7 @@ class Config(View):
if data['key'] not in CONFIG_VALID:
return Response.new_error(400, 'Invalid key', 'json')
with self.database.connection(True) as conn:
with conn.transaction():
conn.put_config(data['key'], CONFIG_DEFAULTS[data['key']][1])
return Response.new({'message': 'Updated config'}, ctype = 'json')
@ -166,10 +164,9 @@ class Config(View):
@register_route('/api/v1/instance')
class Inbox(View):
async def get(self, request: Request) -> Response:
async def get(self, request: Request, conn: Connection) -> Response:
data = []
with self.database.connection(False) as conn:
for inbox in conn.execute('SELECT * FROM inboxes'):
try:
created = datetime.fromtimestamp(inbox['created'], tz = timezone.utc)
@ -183,7 +180,7 @@ class Inbox(View):
return Response.new(data, ctype = 'json')
async def post(self, request: Request) -> Response:
async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['actor'], ['inbox', 'software', 'followid'])
if isinstance(data, Response):
@ -191,7 +188,6 @@ class Inbox(View):
data['domain'] = urlparse(data["actor"]).netloc
with self.database.connection(True) as conn:
if conn.get_inbox(data['domain']):
return Response.new_error(404, 'Instance already in database', 'json')
@ -209,6 +205,7 @@ class Inbox(View):
logging.error('Failed to fetch actor: %s', str(e))
return Response.new_error(500, 'Failed to fetch actor', 'json')
with conn.transaction():
row = conn.put_inbox(**data)
return Response.new(row, ctype = 'json')
@ -216,8 +213,7 @@ class Inbox(View):
@register_route('/api/v1/instance/{domain}')
class InboxSingle(View):
async def get(self, request: Request, domain: str) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection, domain: str) -> Response:
if not (row := conn.get_inbox(domain)):
return Response.new_error(404, 'Instance with domain not found', 'json')
@ -225,8 +221,7 @@ class InboxSingle(View):
return Response.new(row, ctype = 'json')
async def patch(self, request: Request, domain: str) -> Response:
with self.database.connection(True) as conn:
async def patch(self, request: Request, conn: Connection, domain: str) -> Response:
if not conn.get_inbox(domain):
return Response.new_error(404, 'Instance with domain not found', 'json')
@ -238,16 +233,17 @@ class InboxSingle(View):
if not (instance := conn.get_inbox(domain)):
return Response.new_error(404, 'Instance with domain not found', 'json')
with conn.transaction():
instance = conn.update_inbox(instance['inbox'], **data)
return Response.new(instance, ctype = 'json')
async def delete(self, request: Request, domain: str) -> Response:
with self.database.connection(True) as conn:
async def delete(self, request: Request, conn: Connection, domain: str) -> Response:
if not conn.get_inbox(domain):
return Response.new_error(404, 'Instance with domain not found', 'json')
with conn.transaction():
conn.del_inbox(domain)
return Response.new({'message': 'Deleted instance'}, ctype = 'json')
@ -255,23 +251,21 @@ class InboxSingle(View):
@register_route('/api/v1/domain_ban')
class DomainBan(View):
async def get(self, request: Request) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection) -> Response:
bans = conn.execute('SELECT * FROM domain_bans').all()
return Response.new(bans, ctype = 'json')
async def post(self, request: Request) -> Response:
async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['domain'], ['note', 'reason'])
if isinstance(data, Response):
return data
with self.database.connection(True) as conn:
if conn.get_domain_ban(data['domain']):
return Response.new_error(400, 'Domain already banned', 'json')
with conn.transaction():
ban = conn.put_domain_ban(**data)
return Response.new(ban, ctype = 'json')
@ -279,16 +273,14 @@ class DomainBan(View):
@register_route('/api/v1/domain_ban/{domain}')
class DomainBanSingle(View):
async def get(self, request: Request, domain: str) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection, domain: str) -> Response:
if not (ban := conn.get_domain_ban(domain)):
return Response.new_error(404, 'Domain ban not found', 'json')
return Response.new(ban, ctype = 'json')
async def patch(self, request: Request, domain: str) -> Response:
with self.database.connection(True) as conn:
async def patch(self, request: Request, conn: Connection, domain: str) -> Response:
if not conn.get_domain_ban(domain):
return Response.new_error(404, 'Domain not banned', 'json')
@ -300,16 +292,17 @@ class DomainBanSingle(View):
if not any([data.get('note'), data.get('reason')]):
return Response.new_error(400, 'Must include note and/or reason parameters', 'json')
with conn.transaction():
ban = conn.update_domain_ban(domain, **data)
return Response.new(ban, ctype = 'json')
async def delete(self, request: Request, domain: str) -> Response:
with self.database.connection(True) as conn:
async def delete(self, request: Request, conn: Connection, domain: str) -> Response:
if not conn.get_domain_ban(domain):
return Response.new_error(404, 'Domain not banned', 'json')
with conn.transaction():
conn.del_domain_ban(domain)
return Response.new({'message': 'Unbanned domain'}, ctype = 'json')
@ -317,23 +310,21 @@ class DomainBanSingle(View):
@register_route('/api/v1/software_ban')
class SoftwareBan(View):
async def get(self, request: Request) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection) -> Response:
bans = conn.execute('SELECT * FROM software_bans').all()
return Response.new(bans, ctype = 'json')
async def post(self, request: Request) -> Response:
async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['name'], ['note', 'reason'])
if isinstance(data, Response):
return data
with self.database.connection(True) as conn:
if conn.get_software_ban(data['name']):
return Response.new_error(400, 'Domain already banned', 'json')
with conn.transaction():
ban = conn.put_software_ban(**data)
return Response.new(ban, ctype = 'json')
@ -341,16 +332,14 @@ class SoftwareBan(View):
@register_route('/api/v1/software_ban/{name}')
class SoftwareBanSingle(View):
async def get(self, request: Request, name: str) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection, name: str) -> Response:
if not (ban := conn.get_software_ban(name)):
return Response.new_error(404, 'Software ban not found', 'json')
return Response.new(ban, ctype = 'json')
async def patch(self, request: Request, name: str) -> Response:
with self.database.connection(True) as conn:
async def patch(self, request: Request, conn: Connection, name: str) -> Response:
if not conn.get_software_ban(name):
return Response.new_error(404, 'Software not banned', 'json')
@ -362,16 +351,17 @@ class SoftwareBanSingle(View):
if not any([data.get('note'), data.get('reason')]):
return Response.new_error(400, 'Must include note and/or reason parameters', 'json')
with conn.transaction():
ban = conn.update_software_ban(name, **data)
return Response.new(ban, ctype = 'json')
async def delete(self, request: Request, name: str) -> Response:
with self.database.connection(True) as conn:
async def delete(self, request: Request, conn: Connection, name: str) -> Response:
if not conn.get_software_ban(name):
return Response.new_error(404, 'Software not banned', 'json')
with conn.transaction():
conn.del_software_ban(name)
return Response.new({'message': 'Unbanned software'}, ctype = 'json')
@ -379,23 +369,21 @@ class SoftwareBanSingle(View):
@register_route('/api/v1/whitelist')
class Whitelist(View):
async def get(self, request: Request) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection) -> Response:
items = conn.execute('SELECT * FROM whitelist').all()
return Response.new(items, ctype = 'json')
async def post(self, request: Request) -> Response:
data = await self.get_api_data(['domain'], [])
async def post(self, request: Request, conn: Connection) -> Response:
data = await self.get_api_data(['domain'])
if isinstance(data, Response):
return data
with self.database.connection(True) as conn:
if conn.get_domain_whitelist(data['domain']):
return Response.new_error(400, 'Domain already added to whitelist', 'json')
with conn.transaction():
item = conn.put_domain_whitelist(**data)
return Response.new(item, ctype = 'json')
@ -403,19 +391,18 @@ class Whitelist(View):
@register_route('/api/v1/domain/{domain}')
class WhitelistSingle(View):
async def get(self, request: Request, domain: str) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection, domain: str) -> Response:
if not (item := conn.get_domain_whitelist(domain)):
return Response.new_error(404, 'Domain not in whitelist', 'json')
return Response.new(item, ctype = 'json')
async def delete(self, request: Request, domain: str) -> Response:
with self.database.connection(False) as conn:
async def delete(self, request: Request, conn: Connection, domain: str) -> Response:
if not conn.get_domain_whitelist(domain):
return Response.new_error(404, 'Domain not in whitelist', 'json')
with conn.transaction():
conn.del_domain_whitelist(domain)
return Response.new({'message': 'Removed domain from whitelist'}, ctype = 'json')

View file

@ -43,7 +43,8 @@ class View(AbstractView):
async def _run_handler(self, handler: Coroutine) -> Response:
return await handler(self.request, **self.request.match_info)
with self.database.connection(False) as conn:
return await handler(self.request, conn, **self.request.match_info)
@cached_property
@ -91,10 +92,7 @@ class View(AbstractView):
return self.app.database
async def get_api_data(self,
required: list[str],
optional: list[str]) -> dict[str, str] | Response:
async def get_api_data(self, required: list[str], optional: list[str]) -> dict[str, str] | Response:
if self.request.content_type in {'x-www-form-urlencoded', 'multipart/form-data'}:
post_data = await self.request.post()

View file

@ -48,8 +48,7 @@ HOME_TEMPLATE = """
@register_route('/')
class HomeView(View):
async def get(self, request: Request) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection) -> Response:
config = conn.get_config_all()
inboxes = conn.execute('SELECT * FROM inboxes').all()

View file

@ -33,8 +33,7 @@ if Path(__file__).parent.parent.joinpath('.git').exists():
@register_route('/nodeinfo/{niversion:\\d.\\d}.json', '/nodeinfo/{niversion:\\d.\\d}')
class NodeinfoView(View):
# pylint: disable=no-self-use
async def get(self, request: Request, niversion: str) -> Response:
with self.database.connection(False) as conn:
async def get(self, request: Request, conn: Connection, niversion: str) -> Response:
inboxes = conn.execute('SELECT * FROM inboxes').all()
data = {
@ -54,7 +53,6 @@ class NodeinfoView(View):
@register_route('/.well-known/nodeinfo')
class WellknownNodeinfoView(View):
async def get(self, request: Request) -> Response:
async def get(self, request: Request, conn: Connection) -> Response:
data = WellKnownNodeinfo.new_template(self.config.domain)
return Response.new(data, ctype = 'json')