+72 -39

atproto-notifications/src/components/setup/Chrome.tsx

··· 1 1 + import { useCallback, useEffect, useState } from 'react'; 1 2 import { Link } from 'react-router'; 2 3 import { Handle } from '../User'; 4 4 + import { GetJson, postJson } from '../Fetch'; 3 5 import './Chrome.css'; 4 6 7 7 + function Header({ user, onLogout }) { 8 8 + return ( 9 9 + <header id="app-header"> 10 10 + <h1> 11 11 + <Link to="/" className="inherit-font"> 12 12 + spacedust notifications&nbsp;<span className="demo">demo!</span> 13 13 + </Link> 14 14 + </h1> 15 15 + {user && ( 16 16 + <div className="current-user"> 17 17 + <p> 18 18 + <span className="handle"> 19 19 + <Handle did={user.did} /> 20 20 + {user.role !== 'public' && ( 21 21 + <span className="chrome-role-tag"> 22 22 + {user.role === 'admin' ? ( 23 23 + <Link to="/admin" className="inherit-font">{user.role}</Link> 24 24 + ) : user.role === 'early' ? ( 25 25 + <Link to="/early" className="inherit-font">{user.role}</Link> 26 26 + ) : ( 27 27 + <>{user.role}</> 28 28 + )} 29 29 + </span> 30 30 + )} 31 31 + </span> 32 32 + <button className="subtle bad" onClick={onLogout}>&times;</button> 33 33 + </p> 34 34 + </div> 35 35 + )} 36 36 + </header> 37 37 + ); 38 38 + } 39 39 + 5 40 export function Chrome({ user, onLogout, children }) { 6 6 - const content = children; 7 7 - const logout = () => null; 41 41 + const [secretDevCounter, setSecretDevCounter] = useState(0); 42 42 + const [secretDevStatus, setSecretDevStatus] = useState(null); 43 43 + 44 44 + // ~~is this the best way~~ does it work? yeh 45 45 + const setSelfNotify = useCallback(async enabled => { 46 46 + setSecretDevStatus('pending'); 47 47 + const host = import.meta.env.VITE_NOTIFICATIONS_HOST; 48 48 + const url = new URL('/global-notify', host); 49 49 + try { 50 50 + await postJson(url, JSON.stringify({ notify_self: enabled }), true) 51 51 + setSecretDevStatus(null); 52 52 + } catch (err) { 53 53 + console.error('failed to set self-notify setting', err); 54 54 + setSecretDevStatus('failed'); 55 55 + } 56 56 + setSecretDevCounter(n => n + 1); 57 57 + }); 58 58 + 8 59 return ( 9 60 <> 10 10 - <header id="app-header"> 11 11 - <h1> 12 12 - <Link to="/" className="inherit-font"> 13 13 - spacedust notifications&nbsp;<span className="demo">demo!</span> 14 14 - </Link> 15 15 - </h1> 16 16 - {user && ( 17 17 - <div className="current-user"> 18 18 - <p> 19 19 - <span className="handle"> 20 20 - <Handle did={user.did} /> 21 21 - {user.role !== 'public' && ( 22 22 - <span className="chrome-role-tag"> 23 23 - {user.role === 'admin' ? ( 24 24 - <Link to="/admin" className="inherit-font">{user.role}</Link> 25 25 - ) : user.role === 'early' ? ( 26 26 - <Link to="/early" className="inherit-font">{user.role}</Link> 27 27 - ) : ( 28 28 - <>{user.role}</> 29 29 - )} 30 30 - </span> 31 31 - )} 32 32 - </span> 33 33 - <button className="subtle bad" onClick={onLogout}>&times;</button> 34 34 - </p> 35 35 - </div> 36 36 - )} 37 37 - </header> 61 61 + <Header user={user} onLogout={onLogout} /> 38 62 39 63 <div id="app-content"> 40 40 - {content} 64 64 + {children} 41 65 </div> 42 66 43 67 <div className="footer"> ··· 72 96 <p className="secret-dev"> 73 97 secret dev setting: 74 98 {' '} 75 75 - <label> 76 76 - <input 77 77 - type="checkbox" 78 78 - onChange={e => setDev(e.target.checked)} 79 79 - checked={true /*isDev(ufosHost)*/} 80 80 - /> 81 81 - localhost 82 82 - </label> 99 99 + <GetJson 100 100 + key={secretDevCounter} 101 101 + endpoint="/global-notify" 102 102 + credentials 103 103 + loading={() => <>&hellip;</>} 104 104 + ok={({ notify_self }) => ( 105 105 + <label> 106 106 + <input 107 107 + type="checkbox" 108 108 + onChange={e => setSelfNotify(e.target.checked)} 109 109 + checked={notify_self ^ (secretDevStatus === 'pending')} 110 110 + disabled={secretDevStatus === 'pending'} 111 111 + /> 112 112 + self-notify 113 113 + </label> 114 114 + )} 115 115 + /> 83 116 </p> 84 117 </div> 85 118 </>

+22 -1

server/api.js

··· 158 158 }; 159 159 160 160 const handleTopSecret = async (db, user, req, res) => { 161 161 - console.log('ts'); 162 161 // TODO: succeed early if they're already in? 163 162 const body = await getRequesBody(req); 164 163 const { secret_password } = JSON.parse(body); ··· 171 170 return forbidden(res); 172 171 } 173 172 }; 173 173 + 174 174 + const handleGetGlobalNotifySettings = async (db, user, res) => { 175 175 + const settings = db.getNotifyAccountGlobals(user.did); 176 176 + return ok(res, settings); 177 177 + }; 178 178 + 179 179 + const handleSetGlobalNotifySettings = async (db, user, req, res) => { 180 180 + const body = await getRequesBody(req); 181 181 + const { notify_enabled, notify_self } = JSON.parse(body); 182 182 + db.setNotifyAccountGlobals(user.did, { notify_enabled, notify_self }); 183 183 + return gotIt(res); 184 184 + }; 185 185 + 186 186 + /// admin stuff 174 187 175 188 const handleListSecrets = async (db, res) => { 176 189 const secrets = db.getSecrets(); ··· 265 278 if (method === 'POST' && pathname === '/super-top-secret-access') { 266 279 if (!user) return unauthorized(res); 267 280 return handleTopSecret(db, user, req, res); 281 281 + } 282 282 + if (method === 'GET' && pathname === '/global-notify') { 283 283 + if (!user) return unauthorized(res); 284 284 + return handleGetGlobalNotifySettings(db, user, res); 285 285 + } 286 286 + if (method === 'POST' && pathname === '/global-notify') { 287 287 + if (!user) return unauthorized(res); 288 288 + return handleSetGlobalNotifySettings(db, user, req, res); 268 289 } 269 290 270 291 // non-public access required

+31

server/db.js

··· 16 16 #stmt_delete_push_sub; 17 17 #stmt_get_push_info; 18 18 #stmt_set_role; 19 19 + #stmt_get_notify_account_globals; 20 20 + #stmt_set_notify_account_globals; 21 21 + 19 22 #stmt_admin_add_secret; 20 23 #stmt_admin_expire_secret; 21 24 #stmt_admin_get_secrets; ··· 111 114 where did = :did 112 115 and :secret_password in (select password 113 116 from top_secret_passwords)`); 117 117 + 118 118 + this.#stmt_get_notify_account_globals = db.prepare( 119 119 + `select notify_enabled, 120 120 + notify_self 121 121 + from accounts 122 122 + where did = :did`); 123 123 + 124 124 + this.#stmt_set_notify_account_globals = db.prepare( 125 125 + `update accounts 126 126 + set notify_enabled = :notify_enabled, 127 127 + notify_self = :notify_self 128 128 + where did = :did`); 129 129 + 114 130 115 131 this.#stmt_admin_add_secret = db.prepare( 116 132 `insert into top_secret_passwords (password) ··· 204 220 let res = this.#stmt_set_role.run(params); 205 221 return res.changes > 0; 206 222 } 223 223 + 224 224 + getNotifyAccountGlobals(did) { 225 225 + return this.#stmt_get_notify_account_globals.get({ did }); 226 226 + } 227 227 + 228 228 + setNotifyAccountGlobals(did, globals) { 229 229 + this.#transactionally(() => { 230 230 + const update = this.getNotifyAccountGlobals(did); 231 231 + if (globals.notify_enabled !== undefined) update.notify_enabled = +globals.notify_enabled; 232 232 + if (globals.notify_self !== undefined) update.notify_self = +globals.notify_self; 233 233 + update.did = did; 234 234 + this.#stmt_set_notify_account_globals.run(update); 235 235 + }); 236 236 + } 237 237 + 207 238 208 239 addTopSecret(secretPassword) { 209 240 this.#stmt_admin_add_secret.run(secretPassword);

+38 -6

server/notifications.js

··· 84 84 } 85 85 }; 86 86 87 87 + const extractUriDid = at_uri => { 88 88 + if (!at_uri.startsWith('at://')) { 89 89 + console.warn(`ignoring non-at-uri: ${at_uri}`); 90 90 + return null; 91 91 + } 92 92 + const [id, ..._] = at_uri.slice('at://'.length).split('/'); 93 93 + if (!id) { 94 94 + console.warn(`ignoring at-uri with missing id segment: ${at_uri}`); 95 95 + return null; 96 96 + } 97 97 + if (id.startsWith('@')) { 98 98 + console.warn(`ignoring @handle at-uri: ${at_uri}`); 99 99 + return null; 100 100 + } 101 101 + if (!id.startsWith('did:')) { 102 102 + console.warn(`ignoring non-did at-uri: ${at_uri}`); 103 103 + return null; 104 104 + } 105 105 + return id; 106 106 + }; 107 107 + 87 108 const handleDust = db => async event => { 88 109 console.log('got', event.data); 89 110 let data; ··· 100 121 } 101 122 const timestamp = +new Date(); 102 123 103 103 - let did; 104 104 - if (subject.startsWith('did:')) did = subject; 105 105 - else if (subject.startsWith('at://')) { 106 106 - const [id, ..._] = subject.slice('at://'.length).split('/'); 107 107 - if (id.startsWith('did:')) did = id; 108 108 - } 124 124 + const did = subject.startsWith('did:') ? subject : extractUriDid(subject); 109 125 if (!did) { 110 126 console.warn(`ignoring link with non-DID subject: ${subject}`) 111 127 return; 128 128 + } 129 129 + 130 130 + // this works for now since only the account owner is assumed to be a notification target 131 131 + // but for "replies on post" etc that won't hold 132 132 + const { notify_enabled, notify_self } = db.getNotifyAccountGlobals(did); 133 133 + if (!notify_enabled) console.warn('would drop this since notifies are not enabled (ui todo)'); 134 134 + if (!notify_self) { 135 135 + const source_did = extractUriDid(source_record); 136 136 + if (!source_did) { 137 137 + console.warn(`ignoring link with non-DID source_record: ${source_record}`) 138 138 + return; 139 139 + } 140 140 + if (source_did === did) { 141 141 + console.warn(`ignoring self-notification`); 142 142 + return; 143 143 + } 112 144 } 113 145 114 146 const subs = db.getSubsByDid(did);

+2

server/schema.sql

··· 3 3 first_seen text not null default CURRENT_TIMESTAMP, 4 4 role text null, 5 5 secret_password text null, 6 6 + notify_enabled integer not null default false, 7 7 + notify_self integer not null default false, 6 8 7 9 check(did like 'did:%') 8 10 ) strict;