Instance rules

Signed-off-by: marcin mikołajczak <git@mkljczk.pl>

lib/pleroma/rule.ex

@@ -0,0 +1,56 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Rule do
+  use Ecto.Schema
+
+  import Ecto.Changeset
+  import Ecto.Query
+
+  alias Pleroma.Repo
+  alias Pleroma.Rule
+
+  schema "rules" do
+    field(:priority, :integer, default: 0)
+    field(:text, :string)
+
+    timestamps()
+  end
+
+  def changeset(%Rule{} = rule, params \\ %{}) do
+    rule
+    |> cast(params, [:priority, :text])
+    |> validate_required([:text])
+  end
+
+  def query do
+    Rule
+    |> order_by(asc: :priority)
+  end
+
+  def get(id), do: Repo.get(__MODULE__, id)
+
+  def create(params) do
+    {:ok, rule} =
+      %Rule{}
+      |> changeset(params)
+      |> Repo.insert()
+
+    rule
+  end
+
+  def update(params, id) do
+    {:ok, rule} =
+      get(id)
+      |> changeset(params)
+      |> Repo.update()
+
+    rule
+  end
+
+  def delete(id) do
+    get(id)
+    |> Repo.delete()
+  end
+end

lib/pleroma/web/admin_api/controllers/rule_controller.ex

@@ -0,0 +1,64 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.AdminAPI.RuleController do
+  use Pleroma.Web, :controller
+
+  alias Pleroma.Repo
+  alias Pleroma.Rule
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
+
+  import Pleroma.Web.ControllerHelper,
+    only: [
+      json_response: 3
+    ]
+
+  require Logger
+
+  plug(Pleroma.Web.ApiSpec.CastAndValidate)
+
+  plug(
+    OAuthScopesPlug,
+    %{scopes: ["admin:write"]}
+    when action in [:create, :update, :delete]
+  )
+
+  plug(OAuthScopesPlug, %{scopes: ["admin:read"]} when action == :index)
+
+  action_fallback(AdminAPI.FallbackController)
+
+  defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.Admin.RuleOperation
+
+  def index(conn, _) do
+    rules =
+      Rule.query()
+      |> Repo.all()
+
+    render(conn, "index.json", rules: rules)
+  end
+
+  def create(%{body_params: params} = conn, _) do
+    rule =
+      params
+      |> Rule.create()
+
+    render(conn, "show.json", rule: rule)
+  end
+
+  def update(%{body_params: params} = conn, %{id: id}) do
+    rule =
+      params
+      |> Rule.update(id)
+
+    render(conn, "show.json", rule: rule)
+  end
+
+  def delete(conn, %{id: id}) do
+    with {:ok, _} <- Rule.delete(id) do
+      json(conn, %{})
+    else
+      _ -> json_response(conn, :bad_request, "")
+    end
+  end
+end

lib/pleroma/web/admin_api/views/rule_view.ex

@@ -0,0 +1,21 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.AdminAPI.RuleView do
+  use Pleroma.Web, :view
+
+  require Pleroma.Constants
+
+  def render("index.json", %{rules: rules} = _opts) do
+    render_many(rules, __MODULE__, "show.json")
+  end
+
+  def render("show.json", %{rule: rule} = _opts) do
+    %{
+      id: rule.id,
+      priority: rule.priority,
+      text: rule.text
+    }
+  end
+end

lib/pleroma/web/api_spec/operations/admin/rule_operation.ex

@@ -0,0 +1,113 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ApiSpec.Admin.RuleOperation do
+  alias OpenApiSpex.Operation
+  alias OpenApiSpex.Schema
+  alias Pleroma.Web.ApiSpec.Schemas.ApiError
+
+  import Pleroma.Web.ApiSpec.Helpers
+
+  def open_api_operation(action) do
+    operation = String.to_existing_atom("#{action}_operation")
+    apply(__MODULE__, operation, [])
+  end
+
+  def index_operation do
+    %Operation{
+      tags: ["Instance rule managment"],
+      summary: "Retrieve a list of instance rules",
+      operationId: "AdminAPI.RuleController.index",
+      security: [%{"oAuth" => ["admin:read"]}],
+      responses: %{
+        200 =>
+          Operation.response("Response", "application/json", %Schema{
+            type: :array,
+            items: rule()
+          }),
+        403 => Operation.response("Forbidden", "application/json", ApiError)
+      }
+    }
+  end
+
+  def create_operation do
+    %Operation{
+      tags: ["Instance rule managment"],
+      summary: "Create new rule",
+      operationId: "AdminAPI.RuleController.create",
+      security: [%{"oAuth" => ["admin:write"]}],
+      parameters: admin_api_params(),
+      requestBody: request_body("Parameters", create_request(), required: true),
+      responses: %{
+        200 => Operation.response("Response", "application/json", rule()),
+        400 => Operation.response("Bad Request", "application/json", ApiError),
+        403 => Operation.response("Forbidden", "application/json", ApiError)
+      }
+    }
+  end
+
+  def update_operation do
+    %Operation{
+      tags: ["Instance rule managment"],
+      summary: "Modify existing rule",
+      operationId: "AdminAPI.RuleController.update",
+      security: [%{"oAuth" => ["admin:write"]}],
+      parameters: [Operation.parameter(:id, :path, :string, "Rule ID")],
+      requestBody: request_body("Parameters", update_request(), required: true),
+      responses: %{
+        200 => Operation.response("Response", "application/json", rule()),
+        400 => Operation.response("Bad Request", "application/json", ApiError),
+        403 => Operation.response("Forbidden", "application/json", ApiError)
+      }
+    }
+  end
+
+  def delete_operation do
+    %Operation{
+      tags: ["Instance rule managment"],
+      summary: "Delete rule",
+      operationId: "AdminAPI.RuleController.delete",
+      parameters: [Operation.parameter(:id, :path, :string, "Rule ID")],
+      security: [%{"oAuth" => ["admin:write"]}],
+      responses: %{
+        200 => empty_object_response(),
+        404 => Operation.response("Not Found", "application/json", ApiError),
+        403 => Operation.response("Forbidden", "application/json", ApiError)
+      }
+    }
+  end
+
+  defp create_request do
+    %Schema{
+      type: :object,
+      required: [:text],
+      properties: %{
+        priority: %Schema{type: :integer},
+        text: %Schema{type: :string}
+      }
+    }
+  end
+
+  defp update_request do
+    %Schema{
+      type: :object,
+      properties: %{
+        priority: %Schema{type: :integer},
+        text: %Schema{type: :string}
+      }
+    }
+  end
+
+  defp rule do
+    %Schema{
+      type: :object,
+      properties: %{
+        id: %Schema{type: :integer},
+        priority: %Schema{type: :integer},
+        text: %Schema{type: :string},
+        created_at: %Schema{type: :string, format: :"date-time"}
+      }
+    }
+  end
+end

lib/pleroma/web/mastodon_api/views/instance_view.ex

@@ -40,6 +40,7 @@ defmodule Pleroma.Web.MastodonAPI.InstanceView do
       background_image: Pleroma.Web.Endpoint.url() <> Keyword.get(instance, :background_image),
       shout_limit: Config.get([:shout, :limit]),
       description_limit: Keyword.get(instance, :description_limit),
+      rules: rules(),
       pleroma: %{
         metadata: %{
           account_activation_required: Keyword.get(instance, :account_activation_required),
@@ -137,4 +138,10 @@ defmodule Pleroma.Web.MastodonAPI.InstanceView do
       value_length: Config.get([:instance, :account_field_value_length])
     }
   end
+
+  def rules do
+    Pleroma.Rule.query()
+    |> Pleroma.Repo.all()
+    |> Enum.map(&%{id: &1.id, text: &1.text})
+  end
 end

lib/pleroma/web/router.ex

@@ -229,6 +229,11 @@ defmodule Pleroma.Web.Router do
     post("/frontends/install", FrontendController, :install)
 
     post("/backups", AdminAPIController, :create_backup)
+
+    get("/rules", RuleController, :index)
+    post("/rules", RuleController, :create)
+    patch("/rules/:id", RuleController, :update)
+    delete("/rules/:id", RuleController, :delete)
   end
 
   # AdminAPI: admins and mods (staff) can perform these actions (if enabled by config)