2022-06-23 16:54:54 +02:00
/ *
GoToSocial
2023-01-05 12:43:00 +01:00
Copyright ( C ) 2021 - 2023 GoToSocial Authors admin @ gotosocial . org
2022-06-23 16:54:54 +02:00
This program is free software : you can redistribute it and / or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation , either version 3 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU Affero General Public License for more details .
You should have received a copy of the GNU Affero General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
* /
2021-06-23 16:35:57 +02:00
package instance
import (
2022-06-08 20:38:03 +02:00
"errors"
2022-11-08 18:11:06 +01:00
"fmt"
2021-06-23 16:35:57 +02:00
"net/http"
"github.com/gin-gonic/gin"
2023-01-02 13:10:50 +01:00
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
2022-11-08 18:11:06 +01:00
"github.com/superseriousbusiness/gotosocial/internal/config"
2022-06-08 20:38:03 +02:00
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
2021-06-23 16:35:57 +02:00
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
2021-08-02 19:06:44 +02:00
// InstanceUpdatePATCHHandler swagger:operation PATCH /api/v1/instance instanceUpdate
//
// Update your instance information and/or upload a new avatar/header for the instance.
//
// This requires admin permissions on the instance.
//
2022-09-28 19:30:40 +02:00
// ---
// tags:
// - instance
2021-08-02 19:06:44 +02:00
//
2022-09-28 19:30:40 +02:00
// consumes:
// - multipart/form-data
2021-08-02 19:06:44 +02:00
//
2022-09-28 19:30:40 +02:00
// produces:
// - application/json
2021-08-02 19:06:44 +02:00
//
2022-09-28 19:30:40 +02:00
// parameters:
// -
// name: title
// in: formData
// description: Title to use for the instance.
// type: string
// maximum: 40
// allowEmptyValue: true
// -
// name: contact_username
// in: formData
// description: >-
// Username of the contact account.
// This must be the username of an instance admin.
// type: string
// allowEmptyValue: true
// -
// name: contact_email
// in: formData
// description: Email address to use as the instance contact.
// type: string
// allowEmptyValue: true
// -
// name: short_description
// in: formData
// description: Short description of the instance.
// type: string
// maximum: 500
// allowEmptyValue: true
// -
// name: description
// in: formData
// description: Longer description of the instance.
// type: string
// maximum: 5000
// allowEmptyValue: true
// -
// name: terms
// in: formData
// description: Terms and conditions of the instance.
// type: string
// maximum: 5000
// allowEmptyValue: true
// -
2022-11-08 18:11:06 +01:00
// name: thumbnail
2022-09-28 19:30:40 +02:00
// in: formData
2022-11-08 18:11:06 +01:00
// description: Thumbnail image to use for the instance.
2022-09-28 19:30:40 +02:00
// type: file
// -
2022-11-08 18:11:06 +01:00
// name: thumbnail_description
// in: formData
// description: Image description of the submitted instance thumbnail.
// type: string
// -
2022-09-28 19:30:40 +02:00
// name: header
// in: formData
2022-11-08 18:11:06 +01:00
// description: Header image to use for the instance.
2022-09-28 19:30:40 +02:00
// type: file
2021-08-02 19:06:44 +02:00
//
2022-09-28 19:30:40 +02:00
// security:
// - OAuth2 Bearer:
// - admin
2021-08-02 19:06:44 +02:00
//
2022-09-28 19:30:40 +02:00
// responses:
// '200':
// description: "The newly updated instance."
// schema:
// "$ref": "#/definitions/instance"
// '400':
// description: bad request
// '401':
// description: unauthorized
// '403':
// description: forbidden
// '404':
// description: not found
// '406':
// description: not acceptable
// '500':
// description: internal server error
2021-06-23 16:35:57 +02:00
func ( m * Module ) InstanceUpdatePATCHHandler ( c * gin . Context ) {
authed , err := oauth . Authed ( c , true , true , true , true )
if err != nil {
2023-01-02 13:10:50 +01:00
apiutil . ErrorHandler ( c , gtserror . NewErrorUnauthorized ( err , err . Error ( ) ) , m . processor . InstanceGet )
2021-06-23 16:35:57 +02:00
return
}
2023-01-02 13:10:50 +01:00
if _ , err := apiutil . NegotiateAccept ( c , apiutil . JSONAcceptHeaders ... ) ; err != nil {
apiutil . ErrorHandler ( c , gtserror . NewErrorNotAcceptable ( err , err . Error ( ) ) , m . processor . InstanceGet )
2021-12-11 17:50:00 +01:00
return
}
2022-08-15 12:35:05 +02:00
if ! * authed . User . Admin {
2022-06-08 20:38:03 +02:00
err := errors . New ( "user is not an admin so cannot update instance settings" )
2023-01-02 13:10:50 +01:00
apiutil . ErrorHandler ( c , gtserror . NewErrorForbidden ( err , err . Error ( ) ) , m . processor . InstanceGet )
2021-06-23 16:35:57 +02:00
return
}
2023-01-02 13:10:50 +01:00
form := & apimodel . InstanceSettingsUpdateRequest { }
2022-06-08 20:38:03 +02:00
if err := c . ShouldBind ( & form ) ; err != nil {
2023-01-02 13:10:50 +01:00
apiutil . ErrorHandler ( c , gtserror . NewErrorBadRequest ( err , err . Error ( ) ) , m . processor . InstanceGet )
2021-06-23 16:35:57 +02:00
return
}
2022-11-08 18:11:06 +01:00
if err := validateInstanceUpdate ( form ) ; err != nil {
2023-01-02 13:10:50 +01:00
apiutil . ErrorHandler ( c , gtserror . NewErrorBadRequest ( err , err . Error ( ) ) , m . processor . InstanceGet )
2021-06-23 16:35:57 +02:00
return
}
2021-08-25 15:34:33 +02:00
i , errWithCode := m . processor . InstancePatch ( c . Request . Context ( ) , form )
2021-06-23 16:35:57 +02:00
if errWithCode != nil {
2023-01-02 13:10:50 +01:00
apiutil . ErrorHandler ( c , errWithCode , m . processor . InstanceGet )
2021-06-23 16:35:57 +02:00
return
}
c . JSON ( http . StatusOK , i )
}
2022-11-08 18:11:06 +01:00
2023-01-02 13:10:50 +01:00
func validateInstanceUpdate ( form * apimodel . InstanceSettingsUpdateRequest ) error {
2022-11-08 18:11:06 +01:00
if form . Title == nil &&
form . ContactUsername == nil &&
form . ContactEmail == nil &&
form . ShortDescription == nil &&
form . Description == nil &&
form . Terms == nil &&
form . Avatar == nil &&
form . AvatarDescription == nil &&
form . Header == nil {
return errors . New ( "empty form submitted" )
}
maxImageSize := config . GetMediaImageMaxSize ( )
maxDescriptionChars := config . GetMediaDescriptionMaxChars ( )
// validate avatar if present
if form . Avatar != nil {
if size := form . Avatar . Size ; size > int64 ( maxImageSize ) {
return fmt . Errorf ( "file size limit exceeded: limit is %d bytes but desired instance avatar was %d bytes" , maxImageSize , size )
}
if form . AvatarDescription != nil {
if length := len ( [ ] rune ( * form . AvatarDescription ) ) ; length > maxDescriptionChars {
return fmt . Errorf ( "avatar description length must be less than %d characters (inclusive), but provided avatar description was %d chars" , maxDescriptionChars , length )
}
}
}
return nil
}