+32 -32

appview/issues/issues.go

··· 81 81 82 82 func (rp *Issues) RepoSingleIssue(w http.ResponseWriter, r *http.Request) { 83 83 l := rp.logger.With("handler", "RepoSingleIssue") 84 84 - user := rp.oauth.GetMultiAccountUser(r) 84 84 + user := rp.oauth.GetUser(r) 85 85 f, err := rp.repoResolver.Resolve(r) 86 86 if err != nil { 87 87 l.Error("failed to get repo and knot", "err", err) ··· 102 102 103 103 userReactions := map[models.ReactionKind]bool{} 104 104 if user != nil { 105 105 - userReactions = db.GetReactionStatusMap(rp.db, user.Active.Did, issue.AtUri()) 105 105 + userReactions = db.GetReactionStatusMap(rp.db, user.Did, issue.AtUri()) 106 106 } 107 107 108 108 backlinks, err := db.GetBacklinks(rp.db, issue.AtUri()) ··· 143 143 144 144 func (rp *Issues) EditIssue(w http.ResponseWriter, r *http.Request) { 145 145 l := rp.logger.With("handler", "EditIssue") 146 146 - user := rp.oauth.GetMultiAccountUser(r) 146 146 + user := rp.oauth.GetUser(r) 147 147 148 148 issue, ok := r.Context().Value("issue").(*models.Issue) 149 149 if !ok { ··· 182 182 return 183 183 } 184 184 185 185 - ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueNSID, user.Active.Did, newIssue.Rkey) 185 185 + ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueNSID, user.Did, newIssue.Rkey) 186 186 if err != nil { 187 187 l.Error("failed to get record", "err", err) 188 188 rp.pages.Notice(w, noticeId, "Failed to edit issue, no record found on PDS.") ··· 191 191 192 192 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 193 193 Collection: tangled.RepoIssueNSID, 194 194 - Repo: user.Active.Did, 194 194 + Repo: user.Did, 195 195 Rkey: newIssue.Rkey, 196 196 SwapRecord: ex.Cid, 197 197 Record: &lexutil.LexiconTypeDecoder{ ··· 292 292 293 293 func (rp *Issues) CloseIssue(w http.ResponseWriter, r *http.Request) { 294 294 l := rp.logger.With("handler", "CloseIssue") 295 295 - user := rp.oauth.GetMultiAccountUser(r) 295 295 + user := rp.oauth.GetUser(r) 296 296 f, err := rp.repoResolver.Resolve(r) 297 297 if err != nil { 298 298 l.Error("failed to get repo and knot", "err", err) ··· 306 306 return 307 307 } 308 308 309 309 - roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 309 309 + roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 310 310 isRepoOwner := roles.IsOwner() 311 311 isCollaborator := roles.IsCollaborator() 312 312 - isIssueOwner := user.Active.Did == issue.Did 312 312 + isIssueOwner := user.Did == issue.Did 313 313 314 314 // TODO: make this more granular 315 315 if isIssueOwner || isRepoOwner || isCollaborator { ··· 326 326 issue.Open = false 327 327 328 328 // notify about the issue closure 329 329 - rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Active.Did), issue) 329 329 + rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Did), issue) 330 330 331 331 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) 332 332 rp.pages.HxLocation(w, fmt.Sprintf("/%s/issues/%d", ownerSlashRepo, issue.IssueId)) ··· 340 340 341 341 func (rp *Issues) ReopenIssue(w http.ResponseWriter, r *http.Request) { 342 342 l := rp.logger.With("handler", "ReopenIssue") 343 343 - user := rp.oauth.GetMultiAccountUser(r) 343 343 + user := rp.oauth.GetUser(r) 344 344 f, err := rp.repoResolver.Resolve(r) 345 345 if err != nil { 346 346 l.Error("failed to get repo and knot", "err", err) ··· 354 354 return 355 355 } 356 356 357 357 - roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 357 357 + roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 358 358 isRepoOwner := roles.IsOwner() 359 359 isCollaborator := roles.IsCollaborator() 360 360 - isIssueOwner := user.Active.Did == issue.Did 360 360 + isIssueOwner := user.Did == issue.Did 361 361 362 362 if isCollaborator || isRepoOwner || isIssueOwner { 363 363 err := db.ReopenIssues( ··· 373 373 issue.Open = true 374 374 375 375 // notify about the issue reopen 376 376 - rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Active.Did), issue) 376 376 + rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Did), issue) 377 377 378 378 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) 379 379 rp.pages.HxLocation(w, fmt.Sprintf("/%s/issues/%d", ownerSlashRepo, issue.IssueId)) ··· 387 387 388 388 func (rp *Issues) NewIssueComment(w http.ResponseWriter, r *http.Request) { 389 389 l := rp.logger.With("handler", "NewIssueComment") 390 390 - user := rp.oauth.GetMultiAccountUser(r) 390 390 + user := rp.oauth.GetUser(r) 391 391 f, err := rp.repoResolver.Resolve(r) 392 392 if err != nil { 393 393 l.Error("failed to get repo and knot", "err", err) ··· 416 416 mentions, references := rp.mentionsResolver.Resolve(r.Context(), body) 417 417 418 418 comment := models.IssueComment{ 419 419 - Did: user.Active.Did, 419 419 + Did: user.Did, 420 420 Rkey: tid.TID(), 421 421 IssueAt: issue.AtUri().String(), 422 422 ReplyTo: replyTo, ··· 495 495 496 496 func (rp *Issues) IssueComment(w http.ResponseWriter, r *http.Request) { 497 497 l := rp.logger.With("handler", "IssueComment") 498 498 - user := rp.oauth.GetMultiAccountUser(r) 498 498 + user := rp.oauth.GetUser(r) 499 499 500 500 issue, ok := r.Context().Value("issue").(*models.Issue) 501 501 if !ok { ··· 531 531 532 532 func (rp *Issues) EditIssueComment(w http.ResponseWriter, r *http.Request) { 533 533 l := rp.logger.With("handler", "EditIssueComment") 534 534 - user := rp.oauth.GetMultiAccountUser(r) 534 534 + user := rp.oauth.GetUser(r) 535 535 536 536 issue, ok := r.Context().Value("issue").(*models.Issue) 537 537 if !ok { ··· 557 557 } 558 558 comment := comments[0] 559 559 560 560 - if comment.Did != user.Active.Did { 561 561 - l.Error("unauthorized comment edit", "expectedDid", comment.Did, "gotDid", user.Active.Did) 560 560 + if comment.Did != user.Did { 561 561 + l.Error("unauthorized comment edit", "expectedDid", comment.Did, "gotDid", user.Did) 562 562 http.Error(w, "you are not the author of this comment", http.StatusUnauthorized) 563 563 return 564 564 } ··· 608 608 // rkey is optional, it was introduced later 609 609 if newComment.Rkey != "" { 610 610 // update the record on pds 611 611 - ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueCommentNSID, user.Active.Did, comment.Rkey) 611 611 + ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueCommentNSID, user.Did, comment.Rkey) 612 612 if err != nil { 613 613 l.Error("failed to get record", "err", err, "did", newComment.Did, "rkey", newComment.Rkey) 614 614 rp.pages.Notice(w, fmt.Sprintf("comment-%s-status", commentId), "Failed to update description, no record found on PDS.") ··· 617 617 618 618 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 619 619 Collection: tangled.RepoIssueCommentNSID, 620 620 - Repo: user.Active.Did, 620 620 + Repo: user.Did, 621 621 Rkey: newComment.Rkey, 622 622 SwapRecord: ex.Cid, 623 623 Record: &lexutil.LexiconTypeDecoder{ ··· 641 641 642 642 func (rp *Issues) ReplyIssueCommentPlaceholder(w http.ResponseWriter, r *http.Request) { 643 643 l := rp.logger.With("handler", "ReplyIssueCommentPlaceholder") 644 644 - user := rp.oauth.GetMultiAccountUser(r) 644 644 + user := rp.oauth.GetUser(r) 645 645 646 646 issue, ok := r.Context().Value("issue").(*models.Issue) 647 647 if !ok { ··· 677 677 678 678 func (rp *Issues) ReplyIssueComment(w http.ResponseWriter, r *http.Request) { 679 679 l := rp.logger.With("handler", "ReplyIssueComment") 680 680 - user := rp.oauth.GetMultiAccountUser(r) 680 680 + user := rp.oauth.GetUser(r) 681 681 682 682 issue, ok := r.Context().Value("issue").(*models.Issue) 683 683 if !ok { ··· 713 713 714 714 func (rp *Issues) DeleteIssueComment(w http.ResponseWriter, r *http.Request) { 715 715 l := rp.logger.With("handler", "DeleteIssueComment") 716 716 - user := rp.oauth.GetMultiAccountUser(r) 716 716 + user := rp.oauth.GetUser(r) 717 717 718 718 issue, ok := r.Context().Value("issue").(*models.Issue) 719 719 if !ok { ··· 739 739 } 740 740 comment := comments[0] 741 741 742 742 - if comment.Did != user.Active.Did { 743 743 - l.Error("unauthorized action", "expectedDid", comment.Did, "gotDid", user.Active.Did) 742 742 + if comment.Did != user.Did { 743 743 + l.Error("unauthorized action", "expectedDid", comment.Did, "gotDid", user.Did) 744 744 http.Error(w, "you are not the author of this comment", http.StatusUnauthorized) 745 745 return 746 746 } ··· 769 769 } 770 770 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 771 771 Collection: tangled.RepoIssueCommentNSID, 772 772 - Repo: user.Active.Did, 772 772 + Repo: user.Did, 773 773 Rkey: comment.Rkey, 774 774 }) 775 775 if err != nil { ··· 807 807 808 808 page := pagination.FromContext(r.Context()) 809 809 810 810 - user := rp.oauth.GetMultiAccountUser(r) 810 810 + user := rp.oauth.GetUser(r) 811 811 f, err := rp.repoResolver.Resolve(r) 812 812 if err != nil { 813 813 l.Error("failed to get repo and knot", "err", err) ··· 884 884 } 885 885 886 886 rp.pages.RepoIssues(w, pages.RepoIssuesParams{ 887 887 - LoggedInUser: rp.oauth.GetMultiAccountUser(r), 887 887 + LoggedInUser: rp.oauth.GetUser(r), 888 888 RepoInfo: rp.repoResolver.GetRepoInfo(r, user), 889 889 Issues: issues, 890 890 IssueCount: totalIssues, ··· 897 897 898 898 func (rp *Issues) NewIssue(w http.ResponseWriter, r *http.Request) { 899 899 l := rp.logger.With("handler", "NewIssue") 900 900 - user := rp.oauth.GetMultiAccountUser(r) 900 900 + user := rp.oauth.GetUser(r) 901 901 902 902 f, err := rp.repoResolver.Resolve(r) 903 903 if err != nil { ··· 921 921 Title: r.FormValue("title"), 922 922 Body: body, 923 923 Open: true, 924 924 - Did: user.Active.Did, 924 924 + Did: user.Did, 925 925 Created: time.Now(), 926 926 Mentions: mentions, 927 927 References: references, ··· 945 945 } 946 946 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 947 947 Collection: tangled.RepoIssueNSID, 948 948 - Repo: user.Active.Did, 948 948 + Repo: user.Did, 949 949 Rkey: issue.Rkey, 950 950 Record: &lexutil.LexiconTypeDecoder{ 951 951 Val: &record,

+31 -31

appview/knots/knots.go

··· 70 70 } 71 71 72 72 func (k *Knots) knots(w http.ResponseWriter, r *http.Request) { 73 73 - user := k.OAuth.GetMultiAccountUser(r) 73 73 + user := k.OAuth.GetUser(r) 74 74 registrations, err := db.GetRegistrations( 75 75 k.Db, 76 76 - orm.FilterEq("did", user.Active.Did), 76 76 + orm.FilterEq("did", user.Did), 77 77 ) 78 78 if err != nil { 79 79 k.Logger.Error("failed to fetch knot registrations", "err", err) ··· 92 92 func (k *Knots) dashboard(w http.ResponseWriter, r *http.Request) { 93 93 l := k.Logger.With("handler", "dashboard") 94 94 95 95 - user := k.OAuth.GetMultiAccountUser(r) 96 96 - l = l.With("user", user.Active.Did) 95 95 + user := k.OAuth.GetUser(r) 96 96 + l = l.With("user", user.Did) 97 97 98 98 domain := chi.URLParam(r, "domain") 99 99 if domain == "" { ··· 103 103 104 104 registrations, err := db.GetRegistrations( 105 105 k.Db, 106 106 - orm.FilterEq("did", user.Active.Did), 106 106 + orm.FilterEq("did", user.Did), 107 107 orm.FilterEq("domain", domain), 108 108 ) 109 109 if err != nil { ··· 154 154 } 155 155 156 156 func (k *Knots) register(w http.ResponseWriter, r *http.Request) { 157 157 - user := k.OAuth.GetMultiAccountUser(r) 157 157 + user := k.OAuth.GetUser(r) 158 158 l := k.Logger.With("handler", "register") 159 159 160 160 noticeId := "register-error" ··· 175 175 return 176 176 } 177 177 l = l.With("domain", domain) 178 178 - l = l.With("user", user.Active.Did) 178 178 + l = l.With("user", user.Did) 179 179 180 180 tx, err := k.Db.Begin() 181 181 if err != nil { ··· 188 188 k.Enforcer.E.LoadPolicy() 189 189 }() 190 190 191 191 - err = db.AddKnot(tx, domain, user.Active.Did) 191 191 + err = db.AddKnot(tx, domain, user.Did) 192 192 if err != nil { 193 193 l.Error("failed to insert", "err", err) 194 194 fail() ··· 210 210 return 211 211 } 212 212 213 213 - ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Active.Did, domain) 213 213 + ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Did, domain) 214 214 var exCid *string 215 215 if ex != nil { 216 216 exCid = ex.Cid ··· 219 219 // re-announce by registering under same rkey 220 220 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 221 221 Collection: tangled.KnotNSID, 222 222 - Repo: user.Active.Did, 222 222 + Repo: user.Did, 223 223 Rkey: domain, 224 224 Record: &lexutil.LexiconTypeDecoder{ 225 225 Val: &tangled.Knot{ ··· 250 250 } 251 251 252 252 // begin verification 253 253 - err = serververify.RunVerification(r.Context(), domain, user.Active.Did, k.Config.Core.Dev) 253 253 + err = serververify.RunVerification(r.Context(), domain, user.Did, k.Config.Core.Dev) 254 254 if err != nil { 255 255 l.Error("verification failed", "err", err) 256 256 k.Pages.HxRefresh(w) 257 257 return 258 258 } 259 259 260 260 - err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Active.Did) 260 260 + err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Did) 261 261 if err != nil { 262 262 l.Error("failed to mark verified", "err", err) 263 263 k.Pages.HxRefresh(w) ··· 275 275 } 276 276 277 277 func (k *Knots) delete(w http.ResponseWriter, r *http.Request) { 278 278 - user := k.OAuth.GetMultiAccountUser(r) 278 278 + user := k.OAuth.GetUser(r) 279 279 l := k.Logger.With("handler", "delete") 280 280 281 281 noticeId := "operation-error" ··· 294 294 // get record from db first 295 295 registrations, err := db.GetRegistrations( 296 296 k.Db, 297 297 - orm.FilterEq("did", user.Active.Did), 297 297 + orm.FilterEq("did", user.Did), 298 298 orm.FilterEq("domain", domain), 299 299 ) 300 300 if err != nil { ··· 322 322 323 323 err = db.DeleteKnot( 324 324 tx, 325 325 - orm.FilterEq("did", user.Active.Did), 325 325 + orm.FilterEq("did", user.Did), 326 326 orm.FilterEq("domain", domain), 327 327 ) 328 328 if err != nil { ··· 350 350 351 351 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 352 352 Collection: tangled.KnotNSID, 353 353 - Repo: user.Active.Did, 353 353 + Repo: user.Did, 354 354 Rkey: domain, 355 355 }) 356 356 if err != nil { ··· 382 382 } 383 383 384 384 func (k *Knots) retry(w http.ResponseWriter, r *http.Request) { 385 385 - user := k.OAuth.GetMultiAccountUser(r) 385 385 + user := k.OAuth.GetUser(r) 386 386 l := k.Logger.With("handler", "retry") 387 387 388 388 noticeId := "operation-error" ··· 398 398 return 399 399 } 400 400 l = l.With("domain", domain) 401 401 - l = l.With("user", user.Active.Did) 401 401 + l = l.With("user", user.Did) 402 402 403 403 // get record from db first 404 404 registrations, err := db.GetRegistrations( 405 405 k.Db, 406 406 - orm.FilterEq("did", user.Active.Did), 406 406 + orm.FilterEq("did", user.Did), 407 407 orm.FilterEq("domain", domain), 408 408 ) 409 409 if err != nil { ··· 419 419 registration := registrations[0] 420 420 421 421 // begin verification 422 422 - err = serververify.RunVerification(r.Context(), domain, user.Active.Did, k.Config.Core.Dev) 422 422 + err = serververify.RunVerification(r.Context(), domain, user.Did, k.Config.Core.Dev) 423 423 if err != nil { 424 424 l.Error("verification failed", "err", err) 425 425 ··· 437 437 return 438 438 } 439 439 440 440 - err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Active.Did) 440 440 + err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Did) 441 441 if err != nil { 442 442 l.Error("failed to mark verified", "err", err) 443 443 k.Pages.Notice(w, noticeId, err.Error()) ··· 456 456 return 457 457 } 458 458 459 459 - ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Active.Did, domain) 459 459 + ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Did, domain) 460 460 var exCid *string 461 461 if ex != nil { 462 462 exCid = ex.Cid ··· 465 465 // ignore the error here 466 466 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 467 467 Collection: tangled.KnotNSID, 468 468 - Repo: user.Active.Did, 468 468 + Repo: user.Did, 469 469 Rkey: domain, 470 470 Record: &lexutil.LexiconTypeDecoder{ 471 471 Val: &tangled.Knot{ ··· 494 494 // Get updated registration to show 495 495 registrations, err = db.GetRegistrations( 496 496 k.Db, 497 497 - orm.FilterEq("did", user.Active.Did), 497 497 + orm.FilterEq("did", user.Did), 498 498 orm.FilterEq("domain", domain), 499 499 ) 500 500 if err != nil { ··· 516 516 } 517 517 518 518 func (k *Knots) addMember(w http.ResponseWriter, r *http.Request) { 519 519 - user := k.OAuth.GetMultiAccountUser(r) 519 519 + user := k.OAuth.GetUser(r) 520 520 l := k.Logger.With("handler", "addMember") 521 521 522 522 domain := chi.URLParam(r, "domain") ··· 526 526 return 527 527 } 528 528 l = l.With("domain", domain) 529 529 - l = l.With("user", user.Active.Did) 529 529 + l = l.With("user", user.Did) 530 530 531 531 registrations, err := db.GetRegistrations( 532 532 k.Db, 533 533 - orm.FilterEq("did", user.Active.Did), 533 533 + orm.FilterEq("did", user.Did), 534 534 orm.FilterEq("domain", domain), 535 535 orm.FilterIsNot("registered", "null"), 536 536 ) ··· 583 583 584 584 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 585 585 Collection: tangled.KnotMemberNSID, 586 586 - Repo: user.Active.Did, 586 586 + Repo: user.Did, 587 587 Rkey: rkey, 588 588 Record: &lexutil.LexiconTypeDecoder{ 589 589 Val: &tangled.KnotMember{ ··· 618 618 } 619 619 620 620 func (k *Knots) removeMember(w http.ResponseWriter, r *http.Request) { 621 621 - user := k.OAuth.GetMultiAccountUser(r) 621 621 + user := k.OAuth.GetUser(r) 622 622 l := k.Logger.With("handler", "removeMember") 623 623 624 624 noticeId := "operation-error" ··· 634 634 return 635 635 } 636 636 l = l.With("domain", domain) 637 637 - l = l.With("user", user.Active.Did) 637 637 + l = l.With("user", user.Did) 638 638 639 639 registrations, err := db.GetRegistrations( 640 640 k.Db, 641 641 - orm.FilterEq("did", user.Active.Did), 641 641 + orm.FilterEq("did", user.Did), 642 642 orm.FilterEq("domain", domain), 643 643 orm.FilterIsNot("registered", "null"), 644 644 )

+2 -2

appview/labels/labels.go

··· 68 68 // - this handler should calculate the diff in order to create the labelop record 69 69 // - we need the diff in order to maintain a "history" of operations performed by users 70 70 func (l *Labels) PerformLabelOp(w http.ResponseWriter, r *http.Request) { 71 71 - user := l.oauth.GetMultiAccountUser(r) 71 71 + user := l.oauth.GetUser(r) 72 72 73 73 noticeId := "add-label-error" 74 74 ··· 82 82 return 83 83 } 84 84 85 85 - did := user.Active.Did 85 85 + did := user.Did 86 86 rkey := tid.TID() 87 87 performedAt := time.Now() 88 88 indexedAt := time.Now()

+8 -6

appview/middleware/middleware.go

··· 115 115 return func(next http.Handler) http.Handler { 116 116 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 117 117 // requires auth also 118 118 - actor := mw.oauth.GetMultiAccountUser(r) 118 118 + actor := mw.oauth.GetUser(r) 119 119 if actor == nil { 120 120 // we need a logged in user 121 121 log.Printf("not logged in, redirecting") ··· 128 128 return 129 129 } 130 130 131 131 - ok, err := mw.enforcer.E.HasGroupingPolicy(actor.Active.Did, group, domain) 131 131 + ok, err := mw.enforcer.E.HasGroupingPolicy(actor.Did, group, domain) 132 132 if err != nil || !ok { 133 133 - log.Printf("%s does not have perms of a %s in domain %s", actor.Active.Did, group, domain) 133 133 + // we need a logged in user 134 134 + log.Printf("%s does not have perms of a %s in domain %s", actor.Did, group, domain) 134 135 http.Error(w, "Forbiden", http.StatusUnauthorized) 135 136 return 136 137 } ··· 148 149 return func(next http.Handler) http.Handler { 149 150 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 150 151 // requires auth also 151 151 - actor := mw.oauth.GetMultiAccountUser(r) 152 152 + actor := mw.oauth.GetUser(r) 152 153 if actor == nil { 153 154 // we need a logged in user 154 155 log.Printf("not logged in, redirecting") ··· 161 162 return 162 163 } 163 164 164 164 - ok, err := mw.enforcer.E.Enforce(actor.Active.Did, f.Knot, f.DidSlashRepo(), requiredPerm) 165 165 + ok, err := mw.enforcer.E.Enforce(actor.Did, f.Knot, f.DidSlashRepo(), requiredPerm) 165 166 if err != nil || !ok { 166 166 - log.Printf("%s does not have perms of a %s in repo %s", actor.Active.Did, requiredPerm, f.DidSlashRepo()) 167 167 + // we need a logged in user 168 168 + log.Printf("%s does not have perms of a %s in repo %s", actor.Did, requiredPerm, f.DidSlashRepo()) 167 169 http.Error(w, "Forbiden", http.StatusUnauthorized) 168 170 return 169 171 }

+6 -6

appview/notifications/notifications.go

··· 48 48 49 49 func (n *Notifications) notificationsPage(w http.ResponseWriter, r *http.Request) { 50 50 l := n.logger.With("handler", "notificationsPage") 51 51 - user := n.oauth.GetMultiAccountUser(r) 51 51 + user := n.oauth.GetUser(r) 52 52 53 53 page := pagination.FromContext(r.Context()) 54 54 55 55 total, err := db.CountNotifications( 56 56 n.db, 57 57 - orm.FilterEq("recipient_did", user.Active.Did), 57 57 + orm.FilterEq("recipient_did", user.Did), 58 58 ) 59 59 if err != nil { 60 60 l.Error("failed to get total notifications", "err", err) ··· 65 65 notifications, err := db.GetNotificationsWithEntities( 66 66 n.db, 67 67 page, 68 68 - orm.FilterEq("recipient_did", user.Active.Did), 68 68 + orm.FilterEq("recipient_did", user.Did), 69 69 ) 70 70 if err != nil { 71 71 l.Error("failed to get notifications", "err", err) ··· 73 73 return 74 74 } 75 75 76 76 - err = db.MarkAllNotificationsRead(n.db, user.Active.Did) 76 76 + err = db.MarkAllNotificationsRead(n.db, user.Did) 77 77 if err != nil { 78 78 l.Error("failed to mark notifications as read", "err", err) 79 79 } ··· 90 90 } 91 91 92 92 func (n *Notifications) getUnreadCount(w http.ResponseWriter, r *http.Request) { 93 93 - user := n.oauth.GetMultiAccountUser(r) 93 93 + user := n.oauth.GetUser(r) 94 94 if user == nil { 95 95 return 96 96 } 97 97 98 98 count, err := db.CountNotifications( 99 99 n.db, 100 100 - orm.FilterEq("recipient_did", user.Active.Did), 100 100 + orm.FilterEq("recipient_did", user.Did), 101 101 orm.FilterEq("read", 0), 102 102 ) 103 103 if err != nil {

-191

appview/oauth/accounts.go

··· 1 1 - package oauth 2 2 - 3 3 - import ( 4 4 - "encoding/json" 5 5 - "errors" 6 6 - "net/http" 7 7 - "time" 8 8 - ) 9 9 - 10 10 - const MaxAccounts = 20 11 11 - 12 12 - var ErrMaxAccountsReached = errors.New("maximum number of linked accounts reached") 13 13 - 14 14 - type AccountInfo struct { 15 15 - Did string `json:"did"` 16 16 - Handle string `json:"handle"` 17 17 - SessionId string `json:"session_id"` 18 18 - AddedAt int64 `json:"added_at"` 19 19 - } 20 20 - 21 21 - type AccountRegistry struct { 22 22 - Accounts []AccountInfo `json:"accounts"` 23 23 - } 24 24 - 25 25 - type MultiAccountUser struct { 26 26 - Active *User 27 27 - Accounts []AccountInfo 28 28 - } 29 29 - 30 30 - func (m *MultiAccountUser) Did() string { 31 31 - if m.Active == nil { 32 32 - return "" 33 33 - } 34 34 - return m.Active.Did 35 35 - } 36 36 - 37 37 - func (m *MultiAccountUser) Pds() string { 38 38 - if m.Active == nil { 39 39 - return "" 40 40 - } 41 41 - return m.Active.Pds 42 42 - } 43 43 - 44 44 - func (o *OAuth) GetAccounts(r *http.Request) *AccountRegistry { 45 45 - session, err := o.SessStore.Get(r, AccountsName) 46 46 - if err != nil || session.IsNew { 47 47 - return &AccountRegistry{Accounts: []AccountInfo{}} 48 48 - } 49 49 - 50 50 - data, ok := session.Values["accounts"].(string) 51 51 - if !ok { 52 52 - return &AccountRegistry{Accounts: []AccountInfo{}} 53 53 - } 54 54 - 55 55 - var registry AccountRegistry 56 56 - if err := json.Unmarshal([]byte(data), &registry); err != nil { 57 57 - return &AccountRegistry{Accounts: []AccountInfo{}} 58 58 - } 59 59 - 60 60 - return &registry 61 61 - } 62 62 - 63 63 - func (o *OAuth) SaveAccounts(w http.ResponseWriter, r *http.Request, registry *AccountRegistry) error { 64 64 - session, err := o.SessStore.Get(r, AccountsName) 65 65 - if err != nil { 66 66 - return err 67 67 - } 68 68 - 69 69 - data, err := json.Marshal(registry) 70 70 - if err != nil { 71 71 - return err 72 72 - } 73 73 - 74 74 - session.Values["accounts"] = string(data) 75 75 - session.Options.MaxAge = 60 * 60 * 24 * 365 76 76 - session.Options.HttpOnly = true 77 77 - session.Options.Secure = !o.Config.Core.Dev 78 78 - session.Options.SameSite = http.SameSiteLaxMode 79 79 - 80 80 - return session.Save(r, w) 81 81 - } 82 82 - 83 83 - func (r *AccountRegistry) AddAccount(did, handle, sessionId string) error { 84 84 - for i, acc := range r.Accounts { 85 85 - if acc.Did == did { 86 86 - r.Accounts[i].SessionId = sessionId 87 87 - r.Accounts[i].Handle = handle 88 88 - return nil 89 89 - } 90 90 - } 91 91 - 92 92 - if len(r.Accounts) >= MaxAccounts { 93 93 - return ErrMaxAccountsReached 94 94 - } 95 95 - 96 96 - r.Accounts = append(r.Accounts, AccountInfo{ 97 97 - Did: did, 98 98 - Handle: handle, 99 99 - SessionId: sessionId, 100 100 - AddedAt: time.Now().Unix(), 101 101 - }) 102 102 - return nil 103 103 - } 104 104 - 105 105 - func (r *AccountRegistry) RemoveAccount(did string) { 106 106 - filtered := make([]AccountInfo, 0, len(r.Accounts)) 107 107 - for _, acc := range r.Accounts { 108 108 - if acc.Did != did { 109 109 - filtered = append(filtered, acc) 110 110 - } 111 111 - } 112 112 - r.Accounts = filtered 113 113 - } 114 114 - 115 115 - func (r *AccountRegistry) FindAccount(did string) *AccountInfo { 116 116 - for i := range r.Accounts { 117 117 - if r.Accounts[i].Did == did { 118 118 - return &r.Accounts[i] 119 119 - } 120 120 - } 121 121 - return nil 122 122 - } 123 123 - 124 124 - func (r *AccountRegistry) OtherAccounts(activeDid string) []AccountInfo { 125 125 - result := make([]AccountInfo, 0, len(r.Accounts)) 126 126 - for _, acc := range r.Accounts { 127 127 - if acc.Did != activeDid { 128 128 - result = append(result, acc) 129 129 - } 130 130 - } 131 131 - return result 132 132 - } 133 133 - 134 134 - func (o *OAuth) GetMultiAccountUser(r *http.Request) *MultiAccountUser { 135 135 - user := o.GetUser(r) 136 136 - if user == nil { 137 137 - return nil 138 138 - } 139 139 - 140 140 - registry := o.GetAccounts(r) 141 141 - return &MultiAccountUser{ 142 142 - Active: user, 143 143 - Accounts: registry.Accounts, 144 144 - } 145 145 - } 146 146 - 147 147 - type AuthReturnInfo struct { 148 148 - ReturnURL string 149 149 - AddAccount bool 150 150 - } 151 151 - 152 152 - func (o *OAuth) SetAuthReturn(w http.ResponseWriter, r *http.Request, returnURL string, addAccount bool) error { 153 153 - session, err := o.SessStore.Get(r, AuthReturnName) 154 154 - if err != nil { 155 155 - return err 156 156 - } 157 157 - 158 158 - session.Values[AuthReturnURL] = returnURL 159 159 - session.Values[AuthAddAccount] = addAccount 160 160 - session.Options.MaxAge = 60 * 30 161 161 - session.Options.HttpOnly = true 162 162 - session.Options.Secure = !o.Config.Core.Dev 163 163 - session.Options.SameSite = http.SameSiteLaxMode 164 164 - 165 165 - return session.Save(r, w) 166 166 - } 167 167 - 168 168 - func (o *OAuth) GetAuthReturn(r *http.Request) *AuthReturnInfo { 169 169 - session, err := o.SessStore.Get(r, AuthReturnName) 170 170 - if err != nil || session.IsNew { 171 171 - return &AuthReturnInfo{} 172 172 - } 173 173 - 174 174 - returnURL, _ := session.Values[AuthReturnURL].(string) 175 175 - addAccount, _ := session.Values[AuthAddAccount].(bool) 176 176 - 177 177 - return &AuthReturnInfo{ 178 178 - ReturnURL: returnURL, 179 179 - AddAccount: addAccount, 180 180 - } 181 181 - } 182 182 - 183 183 - func (o *OAuth) ClearAuthReturn(w http.ResponseWriter, r *http.Request) error { 184 184 - session, err := o.SessStore.Get(r, AuthReturnName) 185 185 - if err != nil { 186 186 - return err 187 187 - } 188 188 - 189 189 - session.Options.MaxAge = -1 190 190 - return session.Save(r, w) 191 191 - }

-265

appview/oauth/accounts_test.go

··· 1 1 - package oauth 2 2 - 3 3 - import ( 4 4 - "testing" 5 5 - ) 6 6 - 7 7 - func TestAccountRegistry_AddAccount(t *testing.T) { 8 8 - tests := []struct { 9 9 - name string 10 10 - initial []AccountInfo 11 11 - addDid string 12 12 - addHandle string 13 13 - addSessionId string 14 14 - wantErr error 15 15 - wantLen int 16 16 - wantSessionId string 17 17 - }{ 18 18 - { 19 19 - name: "add first account", 20 20 - initial: []AccountInfo{}, 21 21 - addDid: "did:plc:abc123", 22 22 - addHandle: "alice.bsky.social", 23 23 - addSessionId: "session-1", 24 24 - wantErr: nil, 25 25 - wantLen: 1, 26 26 - wantSessionId: "session-1", 27 27 - }, 28 28 - { 29 29 - name: "add second account", 30 30 - initial: []AccountInfo{ 31 31 - {Did: "did:plc:abc123", Handle: "alice.bsky.social", SessionId: "session-1", AddedAt: 1000}, 32 32 - }, 33 33 - addDid: "did:plc:def456", 34 34 - addHandle: "bob.bsky.social", 35 35 - addSessionId: "session-2", 36 36 - wantErr: nil, 37 37 - wantLen: 2, 38 38 - wantSessionId: "session-2", 39 39 - }, 40 40 - { 41 41 - name: "update existing account session", 42 42 - initial: []AccountInfo{ 43 43 - {Did: "did:plc:abc123", Handle: "alice.bsky.social", SessionId: "old-session", AddedAt: 1000}, 44 44 - }, 45 45 - addDid: "did:plc:abc123", 46 46 - addHandle: "alice.bsky.social", 47 47 - addSessionId: "new-session", 48 48 - wantErr: nil, 49 49 - wantLen: 1, 50 50 - wantSessionId: "new-session", 51 51 - }, 52 52 - } 53 53 - 54 54 - for _, tt := range tests { 55 55 - t.Run(tt.name, func(t *testing.T) { 56 56 - registry := &AccountRegistry{Accounts: tt.initial} 57 57 - err := registry.AddAccount(tt.addDid, tt.addHandle, tt.addSessionId) 58 58 - 59 59 - if err != tt.wantErr { 60 60 - t.Errorf("AddAccount() error = %v, want %v", err, tt.wantErr) 61 61 - } 62 62 - 63 63 - if len(registry.Accounts) != tt.wantLen { 64 64 - t.Errorf("AddAccount() len = %d, want %d", len(registry.Accounts), tt.wantLen) 65 65 - } 66 66 - 67 67 - found := registry.FindAccount(tt.addDid) 68 68 - if found == nil { 69 69 - t.Errorf("AddAccount() account not found after add") 70 70 - return 71 71 - } 72 72 - 73 73 - if found.SessionId != tt.wantSessionId { 74 74 - t.Errorf("AddAccount() sessionId = %s, want %s", found.SessionId, tt.wantSessionId) 75 75 - } 76 76 - }) 77 77 - } 78 78 - } 79 79 - 80 80 - func TestAccountRegistry_AddAccount_MaxLimit(t *testing.T) { 81 81 - registry := &AccountRegistry{Accounts: make([]AccountInfo, 0, MaxAccounts)} 82 82 - 83 83 - for i := range MaxAccounts { 84 84 - err := registry.AddAccount("did:plc:user"+string(rune('a'+i)), "handle", "session") 85 85 - if err != nil { 86 86 - t.Fatalf("AddAccount() unexpected error on account %d: %v", i, err) 87 87 - } 88 88 - } 89 89 - 90 90 - if len(registry.Accounts) != MaxAccounts { 91 91 - t.Errorf("expected %d accounts, got %d", MaxAccounts, len(registry.Accounts)) 92 92 - } 93 93 - 94 94 - err := registry.AddAccount("did:plc:overflow", "overflow", "session-overflow") 95 95 - if err != ErrMaxAccountsReached { 96 96 - t.Errorf("AddAccount() error = %v, want %v", err, ErrMaxAccountsReached) 97 97 - } 98 98 - 99 99 - if len(registry.Accounts) != MaxAccounts { 100 100 - t.Errorf("account added despite max limit, got %d", len(registry.Accounts)) 101 101 - } 102 102 - } 103 103 - 104 104 - func TestAccountRegistry_RemoveAccount(t *testing.T) { 105 105 - tests := []struct { 106 106 - name string 107 107 - initial []AccountInfo 108 108 - removeDid string 109 109 - wantLen int 110 110 - wantDids []string 111 111 - }{ 112 112 - { 113 113 - name: "remove existing account", 114 114 - initial: []AccountInfo{ 115 115 - {Did: "did:plc:abc123", Handle: "alice", SessionId: "s1"}, 116 116 - {Did: "did:plc:def456", Handle: "bob", SessionId: "s2"}, 117 117 - }, 118 118 - removeDid: "did:plc:abc123", 119 119 - wantLen: 1, 120 120 - wantDids: []string{"did:plc:def456"}, 121 121 - }, 122 122 - { 123 123 - name: "remove non-existing account", 124 124 - initial: []AccountInfo{ 125 125 - {Did: "did:plc:abc123", Handle: "alice", SessionId: "s1"}, 126 126 - }, 127 127 - removeDid: "did:plc:notfound", 128 128 - wantLen: 1, 129 129 - wantDids: []string{"did:plc:abc123"}, 130 130 - }, 131 131 - { 132 132 - name: "remove last account", 133 133 - initial: []AccountInfo{ 134 134 - {Did: "did:plc:abc123", Handle: "alice", SessionId: "s1"}, 135 135 - }, 136 136 - removeDid: "did:plc:abc123", 137 137 - wantLen: 0, 138 138 - wantDids: []string{}, 139 139 - }, 140 140 - { 141 141 - name: "remove from empty registry", 142 142 - initial: []AccountInfo{}, 143 143 - removeDid: "did:plc:abc123", 144 144 - wantLen: 0, 145 145 - wantDids: []string{}, 146 146 - }, 147 147 - } 148 148 - 149 149 - for _, tt := range tests { 150 150 - t.Run(tt.name, func(t *testing.T) { 151 151 - registry := &AccountRegistry{Accounts: tt.initial} 152 152 - registry.RemoveAccount(tt.removeDid) 153 153 - 154 154 - if len(registry.Accounts) != tt.wantLen { 155 155 - t.Errorf("RemoveAccount() len = %d, want %d", len(registry.Accounts), tt.wantLen) 156 156 - } 157 157 - 158 158 - for _, wantDid := range tt.wantDids { 159 159 - if registry.FindAccount(wantDid) == nil { 160 160 - t.Errorf("RemoveAccount() expected %s to remain", wantDid) 161 161 - } 162 162 - } 163 163 - 164 164 - if registry.FindAccount(tt.removeDid) != nil && tt.wantLen < len(tt.initial) { 165 165 - t.Errorf("RemoveAccount() %s should have been removed", tt.removeDid) 166 166 - } 167 167 - }) 168 168 - } 169 169 - } 170 170 - 171 171 - func TestAccountRegistry_FindAccount(t *testing.T) { 172 172 - registry := &AccountRegistry{ 173 173 - Accounts: []AccountInfo{ 174 174 - {Did: "did:plc:first", Handle: "first", SessionId: "s1", AddedAt: 1000}, 175 175 - {Did: "did:plc:second", Handle: "second", SessionId: "s2", AddedAt: 2000}, 176 176 - {Did: "did:plc:third", Handle: "third", SessionId: "s3", AddedAt: 3000}, 177 177 - }, 178 178 - } 179 179 - 180 180 - t.Run("find existing account", func(t *testing.T) { 181 181 - found := registry.FindAccount("did:plc:second") 182 182 - if found == nil { 183 183 - t.Fatal("FindAccount() returned nil for existing account") 184 184 - } 185 185 - if found.Handle != "second" { 186 186 - t.Errorf("FindAccount() handle = %s, want second", found.Handle) 187 187 - } 188 188 - if found.SessionId != "s2" { 189 189 - t.Errorf("FindAccount() sessionId = %s, want s2", found.SessionId) 190 190 - } 191 191 - }) 192 192 - 193 193 - t.Run("find non-existing account", func(t *testing.T) { 194 194 - found := registry.FindAccount("did:plc:notfound") 195 195 - if found != nil { 196 196 - t.Errorf("FindAccount() = %v, want nil", found) 197 197 - } 198 198 - }) 199 199 - 200 200 - t.Run("returned pointer is mutable", func(t *testing.T) { 201 201 - found := registry.FindAccount("did:plc:first") 202 202 - if found == nil { 203 203 - t.Fatal("FindAccount() returned nil") 204 204 - } 205 205 - found.SessionId = "modified" 206 206 - 207 207 - refetch := registry.FindAccount("did:plc:first") 208 208 - if refetch.SessionId != "modified" { 209 209 - t.Errorf("FindAccount() pointer not referencing original, got %s", refetch.SessionId) 210 210 - } 211 211 - }) 212 212 - } 213 213 - 214 214 - func TestAccountRegistry_OtherAccounts(t *testing.T) { 215 215 - registry := &AccountRegistry{ 216 216 - Accounts: []AccountInfo{ 217 217 - {Did: "did:plc:active", Handle: "active", SessionId: "s1"}, 218 218 - {Did: "did:plc:other1", Handle: "other1", SessionId: "s2"}, 219 219 - {Did: "did:plc:other2", Handle: "other2", SessionId: "s3"}, 220 220 - }, 221 221 - } 222 222 - 223 223 - others := registry.OtherAccounts("did:plc:active") 224 224 - 225 225 - if len(others) != 2 { 226 226 - t.Errorf("OtherAccounts() len = %d, want 2", len(others)) 227 227 - } 228 228 - 229 229 - for _, acc := range others { 230 230 - if acc.Did == "did:plc:active" { 231 231 - t.Errorf("OtherAccounts() should not include active account") 232 232 - } 233 233 - } 234 234 - 235 235 - hasDid := func(did string) bool { 236 236 - for _, acc := range others { 237 237 - if acc.Did == did { 238 238 - return true 239 239 - } 240 240 - } 241 241 - return false 242 242 - } 243 243 - 244 244 - if !hasDid("did:plc:other1") || !hasDid("did:plc:other2") { 245 245 - t.Errorf("OtherAccounts() missing expected accounts") 246 246 - } 247 247 - } 248 248 - 249 249 - func TestMultiAccountUser_Did(t *testing.T) { 250 250 - t.Run("with active user", func(t *testing.T) { 251 251 - user := &MultiAccountUser{ 252 252 - Active: &User{Did: "did:plc:test", Pds: "https://bsky.social"}, 253 253 - } 254 254 - if user.Did() != "did:plc:test" { 255 255 - t.Errorf("Did() = %s, want did:plc:test", user.Did()) 256 256 - } 257 257 - }) 258 258 - 259 259 - t.Run("with nil active", func(t *testing.T) { 260 260 - user := &MultiAccountUser{Active: nil} 261 261 - if user.Did() != "" { 262 262 - t.Errorf("Did() = %s, want empty string", user.Did()) 263 263 - } 264 264 - }) 265 265 - }

+1 -5

appview/oauth/consts.go

··· 1 1 package oauth 2 2 3 3 const ( 4 4 - SessionName = "appview-session-v2" 5 5 - AccountsName = "appview-accounts-v2" 6 6 - AuthReturnName = "appview-auth-return" 7 7 - AuthReturnURL = "return_url" 8 8 - AuthAddAccount = "add_account" 4 4 + SessionName = "appview-session-v2" 9 5 SessionHandle = "handle" 10 6 SessionDid = "did" 11 7 SessionId = "id"

+2 -14

appview/oauth/handler.go

··· 55 55 ctx := r.Context() 56 56 l := o.Logger.With("query", r.URL.Query()) 57 57 58 58 - authReturn := o.GetAuthReturn(r) 59 59 - _ = o.ClearAuthReturn(w, r) 60 60 - 61 58 sessData, err := o.ClientApp.ProcessCallback(ctx, r.URL.Query()) 62 59 if err != nil { 63 60 var callbackErr *oauth.AuthRequestCallbackError ··· 73 70 74 71 if err := o.SaveSession(w, r, sessData); err != nil { 75 72 l.Error("failed to save session", "data", sessData, "err", err) 76 76 - errorCode := "session" 77 77 - if errors.Is(err, ErrMaxAccountsReached) { 78 78 - errorCode = "max_accounts" 79 79 - } 80 80 - http.Redirect(w, r, fmt.Sprintf("/login?error=%s", errorCode), http.StatusFound) 73 73 + http.Redirect(w, r, "/login?error=session", http.StatusFound) 81 74 return 82 75 } 83 76 ··· 95 88 } 96 89 } 97 90 98 98 - redirectURL := "/" 99 99 - if authReturn.ReturnURL != "" { 100 100 - redirectURL = authReturn.ReturnURL 101 101 - } 102 102 - 103 103 - http.Redirect(w, r, redirectURL, http.StatusFound) 91 91 + http.Redirect(w, r, "/", http.StatusFound) 104 92 } 105 93 106 94 func (o *OAuth) addToDefaultSpindle(did string) {

+4 -66

appview/oauth/oauth.go

··· 98 98 } 99 99 100 100 func (o *OAuth) SaveSession(w http.ResponseWriter, r *http.Request, sessData *oauth.ClientSessionData) error { 101 101 + // first we save the did in the user session 101 102 userSession, err := o.SessStore.Get(r, SessionName) 102 103 if err != nil { 103 104 return err ··· 107 108 userSession.Values[SessionPds] = sessData.HostURL 108 109 userSession.Values[SessionId] = sessData.SessionID 109 110 userSession.Values[SessionAuthenticated] = true 110 110 - 111 111 - if err := userSession.Save(r, w); err != nil { 112 112 - return err 113 113 - } 114 114 - 115 115 - handle := "" 116 116 - resolved, err := o.IdResolver.ResolveIdent(r.Context(), sessData.AccountDID.String()) 117 117 - if err == nil && resolved.Handle.String() != "" { 118 118 - handle = resolved.Handle.String() 119 119 - } 120 120 - 121 121 - registry := o.GetAccounts(r) 122 122 - if err := registry.AddAccount(sessData.AccountDID.String(), handle, sessData.SessionID); err != nil { 123 123 - return err 124 124 - } 125 125 - return o.SaveAccounts(w, r, registry) 111 111 + return userSession.Save(r, w) 126 112 } 127 113 128 114 func (o *OAuth) ResumeSession(r *http.Request) (*oauth.ClientSession, error) { ··· 177 163 return errors.Join(err1, err2) 178 164 } 179 165 180 180 - func (o *OAuth) SwitchAccount(w http.ResponseWriter, r *http.Request, targetDid string) error { 181 181 - registry := o.GetAccounts(r) 182 182 - account := registry.FindAccount(targetDid) 183 183 - if account == nil { 184 184 - return fmt.Errorf("account not found in registry: %s", targetDid) 185 185 - } 186 186 - 187 187 - did, err := syntax.ParseDID(targetDid) 188 188 - if err != nil { 189 189 - return fmt.Errorf("invalid DID: %w", err) 190 190 - } 191 191 - 192 192 - sess, err := o.ClientApp.ResumeSession(r.Context(), did, account.SessionId) 193 193 - if err != nil { 194 194 - registry.RemoveAccount(targetDid) 195 195 - _ = o.SaveAccounts(w, r, registry) 196 196 - return fmt.Errorf("session expired for account: %w", err) 197 197 - } 198 198 - 199 199 - userSession, err := o.SessStore.Get(r, SessionName) 200 200 - if err != nil { 201 201 - return err 202 202 - } 203 203 - 204 204 - userSession.Values[SessionDid] = sess.Data.AccountDID.String() 205 205 - userSession.Values[SessionPds] = sess.Data.HostURL 206 206 - userSession.Values[SessionId] = sess.Data.SessionID 207 207 - userSession.Values[SessionAuthenticated] = true 208 208 - 209 209 - return userSession.Save(r, w) 210 210 - } 211 211 - 212 212 - func (o *OAuth) RemoveAccount(w http.ResponseWriter, r *http.Request, targetDid string) error { 213 213 - registry := o.GetAccounts(r) 214 214 - account := registry.FindAccount(targetDid) 215 215 - if account == nil { 216 216 - return nil 217 217 - } 218 218 - 219 219 - did, err := syntax.ParseDID(targetDid) 220 220 - if err == nil { 221 221 - _ = o.ClientApp.Logout(r.Context(), did, account.SessionId) 222 222 - } 223 223 - 224 224 - registry.RemoveAccount(targetDid) 225 225 - return o.SaveAccounts(w, r, registry) 226 226 - } 227 227 - 228 166 type User struct { 229 167 Did string 230 168 Pds string ··· 243 181 } 244 182 245 183 func (o *OAuth) GetDid(r *http.Request) string { 246 246 - if u := o.GetMultiAccountUser(r); u != nil { 247 247 - return u.Did() 184 184 + if u := o.GetUser(r); u != nil { 185 185 + return u.Did 248 186 } 249 187 250 188 return ""

+4 -4

appview/ogcard/card.go

··· 453 453 454 454 // Handle SVG separately 455 455 if contentType == "image/svg+xml" || strings.HasSuffix(url, ".svg") { 456 456 - return c.convertSVGToPNG(bodyBytes) 456 456 + return convertSVGToPNG(bodyBytes) 457 457 } 458 458 459 459 // Support content types are in-sync with the allowed custom avatar file types ··· 493 493 } 494 494 495 495 // convertSVGToPNG converts SVG data to a PNG image 496 496 - func (c *Card) convertSVGToPNG(svgData []byte) (image.Image, bool) { 496 496 + func convertSVGToPNG(svgData []byte) (image.Image, bool) { 497 497 // Parse the SVG 498 498 icon, err := oksvg.ReadIconStream(bytes.NewReader(svgData)) 499 499 if err != nil { ··· 547 547 draw.CatmullRom.Scale(scaledImg, scaledImg.Bounds(), img, srcBounds, draw.Src, nil) 548 548 549 549 // Draw the image with circular clipping 550 550 - for cy := 0; cy < size; cy++ { 551 551 - for cx := 0; cx < size; cx++ { 550 550 + for cy := range size { 551 551 + for cx := range size { 552 552 // Calculate distance from center 553 553 dx := float64(cx - center) 554 554 dy := float64(cy - center)

-10

appview/pages/funcmap.go

··· 28 28 emoji "github.com/yuin/goldmark-emoji" 29 29 "tangled.org/core/appview/filetree" 30 30 "tangled.org/core/appview/models" 31 31 - "tangled.org/core/appview/oauth" 32 31 "tangled.org/core/appview/pages/markup" 33 32 "tangled.org/core/crypto" 34 33 ) ··· 385 384 return "error" 386 385 } 387 386 return fp 388 388 - }, 389 389 - "otherAccounts": func(activeDid string, accounts []oauth.AccountInfo) []oauth.AccountInfo { 390 390 - result := make([]oauth.AccountInfo, 0, len(accounts)) 391 391 - for _, acc := range accounts { 392 392 - if acc.Did != activeDid { 393 393 - result = append(result, acc) 394 394 - } 395 395 - } 396 396 - return result 397 387 }, 398 388 } 399 389 }

+66 -68

appview/pages/pages.go

··· 215 215 } 216 216 217 217 type LoginParams struct { 218 218 - ReturnUrl string 219 219 - ErrorCode string 220 220 - AddAccount bool 221 221 - LoggedInUser *oauth.MultiAccountUser 218 218 + ReturnUrl string 219 219 + ErrorCode string 222 220 } 223 221 224 222 func (p *Pages) Login(w io.Writer, params LoginParams) error { ··· 238 236 } 239 237 240 238 type TermsOfServiceParams struct { 241 241 - LoggedInUser *oauth.MultiAccountUser 239 239 + LoggedInUser *oauth.User 242 240 Content template.HTML 243 241 } 244 242 ··· 266 264 } 267 265 268 266 type PrivacyPolicyParams struct { 269 269 - LoggedInUser *oauth.MultiAccountUser 267 267 + LoggedInUser *oauth.User 270 268 Content template.HTML 271 269 } 272 270 ··· 294 292 } 295 293 296 294 type BrandParams struct { 297 297 - LoggedInUser *oauth.MultiAccountUser 295 295 + LoggedInUser *oauth.User 298 296 } 299 297 300 298 func (p *Pages) Brand(w io.Writer, params BrandParams) error { ··· 302 300 } 303 301 304 302 type TimelineParams struct { 305 305 - LoggedInUser *oauth.MultiAccountUser 303 303 + LoggedInUser *oauth.User 306 304 Timeline []models.TimelineEvent 307 305 Repos []models.Repo 308 306 GfiLabel *models.LabelDefinition ··· 313 311 } 314 312 315 313 type GoodFirstIssuesParams struct { 316 316 - LoggedInUser *oauth.MultiAccountUser 314 314 + LoggedInUser *oauth.User 317 315 Issues []models.Issue 318 316 RepoGroups []*models.RepoGroup 319 317 LabelDefs map[string]*models.LabelDefinition ··· 326 324 } 327 325 328 326 type UserProfileSettingsParams struct { 329 329 - LoggedInUser *oauth.MultiAccountUser 327 327 + LoggedInUser *oauth.User 330 328 Tabs []map[string]any 331 329 Tab string 332 330 } ··· 336 334 } 337 335 338 336 type NotificationsParams struct { 339 339 - LoggedInUser *oauth.MultiAccountUser 337 337 + LoggedInUser *oauth.User 340 338 Notifications []*models.NotificationWithEntity 341 339 UnreadCount int 342 340 Page pagination.Page ··· 364 362 } 365 363 366 364 type UserKeysSettingsParams struct { 367 367 - LoggedInUser *oauth.MultiAccountUser 365 365 + LoggedInUser *oauth.User 368 366 PubKeys []models.PublicKey 369 367 Tabs []map[string]any 370 368 Tab string ··· 375 373 } 376 374 377 375 type UserEmailsSettingsParams struct { 378 378 - LoggedInUser *oauth.MultiAccountUser 376 376 + LoggedInUser *oauth.User 379 377 Emails []models.Email 380 378 Tabs []map[string]any 381 379 Tab string ··· 386 384 } 387 385 388 386 type UserNotificationSettingsParams struct { 389 389 - LoggedInUser *oauth.MultiAccountUser 387 387 + LoggedInUser *oauth.User 390 388 Preferences *models.NotificationPreferences 391 389 Tabs []map[string]any 392 390 Tab string ··· 406 404 } 407 405 408 406 type KnotsParams struct { 409 409 - LoggedInUser *oauth.MultiAccountUser 407 407 + LoggedInUser *oauth.User 410 408 Registrations []models.Registration 411 409 Tabs []map[string]any 412 410 Tab string ··· 417 415 } 418 416 419 417 type KnotParams struct { 420 420 - LoggedInUser *oauth.MultiAccountUser 418 418 + LoggedInUser *oauth.User 421 419 Registration *models.Registration 422 420 Members []string 423 421 Repos map[string][]models.Repo ··· 439 437 } 440 438 441 439 type SpindlesParams struct { 442 442 - LoggedInUser *oauth.MultiAccountUser 440 440 + LoggedInUser *oauth.User 443 441 Spindles []models.Spindle 444 442 Tabs []map[string]any 445 443 Tab string ··· 460 458 } 461 459 462 460 type SpindleDashboardParams struct { 463 463 - LoggedInUser *oauth.MultiAccountUser 461 461 + LoggedInUser *oauth.User 464 462 Spindle models.Spindle 465 463 Members []string 466 464 Repos map[string][]models.Repo ··· 473 471 } 474 472 475 473 type NewRepoParams struct { 476 476 - LoggedInUser *oauth.MultiAccountUser 474 474 + LoggedInUser *oauth.User 477 475 Knots []string 478 476 } 479 477 ··· 482 480 } 483 481 484 482 type ForkRepoParams struct { 485 485 - LoggedInUser *oauth.MultiAccountUser 483 483 + LoggedInUser *oauth.User 486 484 Knots []string 487 485 RepoInfo repoinfo.RepoInfo 488 486 } ··· 520 518 } 521 519 522 520 type ProfileOverviewParams struct { 523 523 - LoggedInUser *oauth.MultiAccountUser 521 521 + LoggedInUser *oauth.User 524 522 Repos []models.Repo 525 523 CollaboratingRepos []models.Repo 526 524 ProfileTimeline *models.ProfileTimeline ··· 534 532 } 535 533 536 534 type ProfileReposParams struct { 537 537 - LoggedInUser *oauth.MultiAccountUser 535 535 + LoggedInUser *oauth.User 538 536 Repos []models.Repo 539 537 Card *ProfileCard 540 538 Active string ··· 546 544 } 547 545 548 546 type ProfileStarredParams struct { 549 549 - LoggedInUser *oauth.MultiAccountUser 547 547 + LoggedInUser *oauth.User 550 548 Repos []models.Repo 551 549 Card *ProfileCard 552 550 Active string ··· 558 556 } 559 557 560 558 type ProfileStringsParams struct { 561 561 - LoggedInUser *oauth.MultiAccountUser 559 559 + LoggedInUser *oauth.User 562 560 Strings []models.String 563 561 Card *ProfileCard 564 562 Active string ··· 571 569 572 570 type FollowCard struct { 573 571 UserDid string 574 574 - LoggedInUser *oauth.MultiAccountUser 572 572 + LoggedInUser *oauth.User 575 573 FollowStatus models.FollowStatus 576 574 FollowersCount int64 577 575 FollowingCount int64 ··· 579 577 } 580 578 581 579 type ProfileFollowersParams struct { 582 582 - LoggedInUser *oauth.MultiAccountUser 580 580 + LoggedInUser *oauth.User 583 581 Followers []FollowCard 584 582 Card *ProfileCard 585 583 Active string ··· 591 589 } 592 590 593 591 type ProfileFollowingParams struct { 594 594 - LoggedInUser *oauth.MultiAccountUser 592 592 + LoggedInUser *oauth.User 595 593 Following []FollowCard 596 594 Card *ProfileCard 597 595 Active string ··· 612 610 } 613 611 614 612 type EditBioParams struct { 615 615 - LoggedInUser *oauth.MultiAccountUser 613 613 + LoggedInUser *oauth.User 616 614 Profile *models.Profile 617 615 } 618 616 ··· 621 619 } 622 620 623 621 type EditPinsParams struct { 624 624 - LoggedInUser *oauth.MultiAccountUser 622 622 + LoggedInUser *oauth.User 625 623 Profile *models.Profile 626 624 AllRepos []PinnedRepo 627 625 } ··· 646 644 } 647 645 648 646 type RepoIndexParams struct { 649 649 - LoggedInUser *oauth.MultiAccountUser 647 647 + LoggedInUser *oauth.User 650 648 RepoInfo repoinfo.RepoInfo 651 649 Active string 652 650 TagMap map[string][]string ··· 695 693 } 696 694 697 695 type RepoLogParams struct { 698 698 - LoggedInUser *oauth.MultiAccountUser 696 696 + LoggedInUser *oauth.User 699 697 RepoInfo repoinfo.RepoInfo 700 698 TagMap map[string][]string 701 699 Active string ··· 712 710 } 713 711 714 712 type RepoCommitParams struct { 715 715 - LoggedInUser *oauth.MultiAccountUser 713 713 + LoggedInUser *oauth.User 716 714 RepoInfo repoinfo.RepoInfo 717 715 Active string 718 716 EmailToDid map[string]string ··· 731 729 } 732 730 733 731 type RepoTreeParams struct { 734 734 - LoggedInUser *oauth.MultiAccountUser 732 732 + LoggedInUser *oauth.User 735 733 RepoInfo repoinfo.RepoInfo 736 734 Active string 737 735 BreadCrumbs [][]string ··· 786 784 } 787 785 788 786 type RepoBranchesParams struct { 789 789 - LoggedInUser *oauth.MultiAccountUser 787 787 + LoggedInUser *oauth.User 790 788 RepoInfo repoinfo.RepoInfo 791 789 Active string 792 790 types.RepoBranchesResponse ··· 798 796 } 799 797 800 798 type RepoTagsParams struct { 801 801 - LoggedInUser *oauth.MultiAccountUser 799 799 + LoggedInUser *oauth.User 802 800 RepoInfo repoinfo.RepoInfo 803 801 Active string 804 802 types.RepoTagsResponse ··· 812 810 } 813 811 814 812 type RepoArtifactParams struct { 815 815 - LoggedInUser *oauth.MultiAccountUser 813 813 + LoggedInUser *oauth.User 816 814 RepoInfo repoinfo.RepoInfo 817 815 Artifact models.Artifact 818 816 } ··· 822 820 } 823 821 824 822 type RepoBlobParams struct { 825 825 - LoggedInUser *oauth.MultiAccountUser 823 823 + LoggedInUser *oauth.User 826 824 RepoInfo repoinfo.RepoInfo 827 825 Active string 828 826 BreadCrumbs [][]string ··· 846 844 } 847 845 848 846 type RepoSettingsParams struct { 849 849 - LoggedInUser *oauth.MultiAccountUser 847 847 + LoggedInUser *oauth.User 850 848 RepoInfo repoinfo.RepoInfo 851 849 Collaborators []Collaborator 852 850 Active string ··· 865 863 } 866 864 867 865 type RepoGeneralSettingsParams struct { 868 868 - LoggedInUser *oauth.MultiAccountUser 866 866 + LoggedInUser *oauth.User 869 867 RepoInfo repoinfo.RepoInfo 870 868 Labels []models.LabelDefinition 871 869 DefaultLabels []models.LabelDefinition ··· 883 881 } 884 882 885 883 type RepoAccessSettingsParams struct { 886 886 - LoggedInUser *oauth.MultiAccountUser 884 884 + LoggedInUser *oauth.User 887 885 RepoInfo repoinfo.RepoInfo 888 886 Active string 889 887 Tabs []map[string]any ··· 897 895 } 898 896 899 897 type RepoPipelineSettingsParams struct { 900 900 - LoggedInUser *oauth.MultiAccountUser 898 898 + LoggedInUser *oauth.User 901 899 RepoInfo repoinfo.RepoInfo 902 900 Active string 903 901 Tabs []map[string]any ··· 913 911 } 914 912 915 913 type RepoIssuesParams struct { 916 916 - LoggedInUser *oauth.MultiAccountUser 914 914 + LoggedInUser *oauth.User 917 915 RepoInfo repoinfo.RepoInfo 918 916 Active string 919 917 Issues []models.Issue ··· 930 928 } 931 929 932 930 type RepoSingleIssueParams struct { 933 933 - LoggedInUser *oauth.MultiAccountUser 931 931 + LoggedInUser *oauth.User 934 932 RepoInfo repoinfo.RepoInfo 935 933 Active string 936 934 Issue *models.Issue ··· 949 947 } 950 948 951 949 type EditIssueParams struct { 952 952 - LoggedInUser *oauth.MultiAccountUser 950 950 + LoggedInUser *oauth.User 953 951 RepoInfo repoinfo.RepoInfo 954 952 Issue *models.Issue 955 953 Action string ··· 973 971 } 974 972 975 973 type RepoNewIssueParams struct { 976 976 - LoggedInUser *oauth.MultiAccountUser 974 974 + LoggedInUser *oauth.User 977 975 RepoInfo repoinfo.RepoInfo 978 976 Issue *models.Issue // existing issue if any -- passed when editing 979 977 Active string ··· 987 985 } 988 986 989 987 type EditIssueCommentParams struct { 990 990 - LoggedInUser *oauth.MultiAccountUser 988 988 + LoggedInUser *oauth.User 991 989 RepoInfo repoinfo.RepoInfo 992 990 Issue *models.Issue 993 991 Comment *models.IssueComment ··· 998 996 } 999 997 1000 998 type ReplyIssueCommentPlaceholderParams struct { 1001 1001 - LoggedInUser *oauth.MultiAccountUser 999 999 + LoggedInUser *oauth.User 1002 1000 RepoInfo repoinfo.RepoInfo 1003 1001 Issue *models.Issue 1004 1002 Comment *models.IssueComment ··· 1009 1007 } 1010 1008 1011 1009 type ReplyIssueCommentParams struct { 1012 1012 - LoggedInUser *oauth.MultiAccountUser 1010 1010 + LoggedInUser *oauth.User 1013 1011 RepoInfo repoinfo.RepoInfo 1014 1012 Issue *models.Issue 1015 1013 Comment *models.IssueComment ··· 1020 1018 } 1021 1019 1022 1020 type IssueCommentBodyParams struct { 1023 1023 - LoggedInUser *oauth.MultiAccountUser 1021 1021 + LoggedInUser *oauth.User 1024 1022 RepoInfo repoinfo.RepoInfo 1025 1023 Issue *models.Issue 1026 1024 Comment *models.IssueComment ··· 1031 1029 } 1032 1030 1033 1031 type RepoNewPullParams struct { 1034 1034 - LoggedInUser *oauth.MultiAccountUser 1032 1032 + LoggedInUser *oauth.User 1035 1033 RepoInfo repoinfo.RepoInfo 1036 1034 Branches []types.Branch 1037 1035 Strategy string ··· 1048 1046 } 1049 1047 1050 1048 type RepoPullsParams struct { 1051 1051 - LoggedInUser *oauth.MultiAccountUser 1049 1049 + LoggedInUser *oauth.User 1052 1050 RepoInfo repoinfo.RepoInfo 1053 1051 Pulls []*models.Pull 1054 1052 Active string ··· 1083 1081 } 1084 1082 1085 1083 type RepoSinglePullParams struct { 1086 1086 - LoggedInUser *oauth.MultiAccountUser 1084 1084 + LoggedInUser *oauth.User 1087 1085 RepoInfo repoinfo.RepoInfo 1088 1086 Active string 1089 1087 Pull *models.Pull ··· 1108 1106 } 1109 1107 1110 1108 type RepoPullPatchParams struct { 1111 1111 - LoggedInUser *oauth.MultiAccountUser 1109 1109 + LoggedInUser *oauth.User 1112 1110 RepoInfo repoinfo.RepoInfo 1113 1111 Pull *models.Pull 1114 1112 Stack models.Stack ··· 1125 1123 } 1126 1124 1127 1125 type RepoPullInterdiffParams struct { 1128 1128 - LoggedInUser *oauth.MultiAccountUser 1126 1126 + LoggedInUser *oauth.User 1129 1127 RepoInfo repoinfo.RepoInfo 1130 1128 Pull *models.Pull 1131 1129 Round int ··· 1178 1176 } 1179 1177 1180 1178 type PullResubmitParams struct { 1181 1181 - LoggedInUser *oauth.MultiAccountUser 1179 1179 + LoggedInUser *oauth.User 1182 1180 RepoInfo repoinfo.RepoInfo 1183 1181 Pull *models.Pull 1184 1182 SubmissionId int ··· 1189 1187 } 1190 1188 1191 1189 type PullActionsParams struct { 1192 1192 - LoggedInUser *oauth.MultiAccountUser 1190 1190 + LoggedInUser *oauth.User 1193 1191 RepoInfo repoinfo.RepoInfo 1194 1192 Pull *models.Pull 1195 1193 RoundNumber int ··· 1204 1202 } 1205 1203 1206 1204 type PullNewCommentParams struct { 1207 1207 - LoggedInUser *oauth.MultiAccountUser 1205 1205 + LoggedInUser *oauth.User 1208 1206 RepoInfo repoinfo.RepoInfo 1209 1207 Pull *models.Pull 1210 1208 RoundNumber int ··· 1215 1213 } 1216 1214 1217 1215 type RepoCompareParams struct { 1218 1218 - LoggedInUser *oauth.MultiAccountUser 1216 1216 + LoggedInUser *oauth.User 1219 1217 RepoInfo repoinfo.RepoInfo 1220 1218 Forks []models.Repo 1221 1219 Branches []types.Branch ··· 1234 1232 } 1235 1233 1236 1234 type RepoCompareNewParams struct { 1237 1237 - LoggedInUser *oauth.MultiAccountUser 1235 1235 + LoggedInUser *oauth.User 1238 1236 RepoInfo repoinfo.RepoInfo 1239 1237 Forks []models.Repo 1240 1238 Branches []types.Branch ··· 1251 1249 } 1252 1250 1253 1251 type RepoCompareAllowPullParams struct { 1254 1254 - LoggedInUser *oauth.MultiAccountUser 1252 1252 + LoggedInUser *oauth.User 1255 1253 RepoInfo repoinfo.RepoInfo 1256 1254 Base string 1257 1255 Head string ··· 1271 1269 } 1272 1270 1273 1271 type LabelPanelParams struct { 1274 1274 - LoggedInUser *oauth.MultiAccountUser 1272 1272 + LoggedInUser *oauth.User 1275 1273 RepoInfo repoinfo.RepoInfo 1276 1274 Defs map[string]*models.LabelDefinition 1277 1275 Subject string ··· 1283 1281 } 1284 1282 1285 1283 type EditLabelPanelParams struct { 1286 1286 - LoggedInUser *oauth.MultiAccountUser 1284 1284 + LoggedInUser *oauth.User 1287 1285 RepoInfo repoinfo.RepoInfo 1288 1286 Defs map[string]*models.LabelDefinition 1289 1287 Subject string ··· 1295 1293 } 1296 1294 1297 1295 type PipelinesParams struct { 1298 1298 - LoggedInUser *oauth.MultiAccountUser 1296 1296 + LoggedInUser *oauth.User 1299 1297 RepoInfo repoinfo.RepoInfo 1300 1298 Pipelines []models.Pipeline 1301 1299 Active string ··· 1338 1336 } 1339 1337 1340 1338 type WorkflowParams struct { 1341 1341 - LoggedInUser *oauth.MultiAccountUser 1339 1339 + LoggedInUser *oauth.User 1342 1340 RepoInfo repoinfo.RepoInfo 1343 1341 Pipeline models.Pipeline 1344 1342 Workflow string ··· 1352 1350 } 1353 1351 1354 1352 type PutStringParams struct { 1355 1355 - LoggedInUser *oauth.MultiAccountUser 1353 1353 + LoggedInUser *oauth.User 1356 1354 Action string 1357 1355 1358 1356 // this is supplied in the case of editing an existing string ··· 1364 1362 } 1365 1363 1366 1364 type StringsDashboardParams struct { 1367 1367 - LoggedInUser *oauth.MultiAccountUser 1365 1365 + LoggedInUser *oauth.User 1368 1366 Card ProfileCard 1369 1367 Strings []models.String 1370 1368 } ··· 1374 1372 } 1375 1373 1376 1374 type StringTimelineParams struct { 1377 1377 - LoggedInUser *oauth.MultiAccountUser 1375 1375 + LoggedInUser *oauth.User 1378 1376 Strings []models.String 1379 1377 } 1380 1378 ··· 1383 1381 } 1384 1382 1385 1383 type SingleStringParams struct { 1386 1386 - LoggedInUser *oauth.MultiAccountUser 1384 1384 + LoggedInUser *oauth.User 1387 1385 ShowRendered bool 1388 1386 RenderToggle bool 1389 1387 RenderedContents template.HTML

+1 -1

appview/pages/templates/fragments/dolly/silhouette.html

··· 62 62 transform="translate(-0.42924038,-0.87777209)"> 63 63 <path 64 64 class="dolly" 65 65 - fill="currentColor" 65 65 + fill="{{ or . "currentColor" }}" 66 66 style="stroke-width:0.111183" 67 67 d="m 16.775491,24.987061 c -0.78517,-0.0064 -1.384202,-0.234614 -2.033994,-0.631295 -0.931792,-0.490188 -1.643475,-1.31368 -2.152014,-2.221647 C 11.781409,23.136647 10.701392,23.744942 9.4922931,24.0886 8.9774725,24.238111 8.0757679,24.389777 6.5811304,23.84827 4.4270703,23.124679 2.8580086,20.883331 3.0363279,18.599583 3.0037061,17.652919 3.3488675,16.723769 3.8381157,15.925061 2.5329485,15.224503 1.4686756,14.048584 1.0611184,12.606459 0.81344502,11.816973 0.82385989,10.966486 0.91519098,10.154906 1.2422711,8.2387903 2.6795811,6.5725716 4.5299585,5.9732484 5.2685364,4.290122 6.8802592,3.0349975 8.706276,2.7794663 c 1.2124148,-0.1688264 2.46744,0.084987 3.52811,0.7011837 1.545426,-1.7139736 4.237779,-2.2205077 6.293579,-1.1676231 1.568222,0.7488935 2.689625,2.3113526 2.961888,4.0151464 1.492195,0.5977882 2.749007,1.8168898 3.242225,3.3644951 0.329805,0.9581836 0.340709,2.0135956 0.127128,2.9974286 -0.381606,1.535184 -1.465322,2.842146 -2.868035,3.556463 0.0034,0.273204 0.901506,2.243045 0.751284,3.729647 -0.03281,1.858525 -1.211631,3.619894 -2.846433,4.475452 -0.953967,0.556812 -2.084452,0.546309 -3.120531,0.535398 z m -4.470079,-5.349839 c 1.322246,-0.147248 2.189053,-1.300106 2.862307,-2.338363 0.318287,-0.472954 0.561404,-1.002348 0.803,-1.505815 0.313265,0.287151 0.578698,0.828085 1.074141,0.956909 0.521892,0.162542 1.133743,0.03052 1.45325,-0.443554 0.611414,-1.140449 0.31004,-2.516537 -0.04602,-3.698347 C 18.232844,11.92927 17.945151,11.232927 17.397785,10.751793 17.514522,9.9283111 17.026575,9.0919791 16.332883,8.6609491 15.741721,9.1323278 14.842258,9.1294949 14.271975,8.6252369 13.178927,9.7400102 12.177239,9.7029996 11.209704,8.8195135 10.992255,8.6209543 10.577326,10.031484 9.1211947,9.2324497 8.2846288,9.9333947 7.6359672,10.607693 7.0611981,11.578553 6.5026891,12.62523 5.9177873,13.554793 5.867393,14.69141 c -0.024234,0.66432 0.4948601,1.360337 1.1982269,1.306329 0.702996,0.06277 1.1815208,-0.629091 1.7138087,-0.916491 0.079382,0.927141 0.1688108,1.923227 0.4821259,2.828358 0.3596254,1.171275 1.6262605,1.915695 2.8251855,1.745211 0.08481,-0.0066 0.218672,-0.01769 0.218672,-0.0176 z" 68 68 id="path7"

+3

appview/pages/templates/layouts/base.html

··· 11 11 <script defer src="/static/htmx-ext-ws.min.js"></script> 12 12 <script defer src="/static/actor-typeahead.js" type="module"></script> 13 13 14 14 + <link rel="icon" href="/favicon.ico" sizes="48x48"/> 15 15 + <link rel="icon" href="/favicon.svg" sizes="any" type="image/svg+xml"/> 16 16 + 14 17 <!-- preconnect to image cdn --> 15 18 <link rel="preconnect" href="https://avatar.tangled.sh" /> 16 19 <link rel="preconnect" href="https://camo.tangled.sh" />

+11 -49

appview/pages/templates/layouts/fragments/topbar.html

··· 49 49 {{ define "profileDropdown" }} 50 50 <details class="relative inline-block text-left nav-dropdown"> 51 51 <summary class="cursor-pointer list-none flex items-center gap-1"> 52 52 - {{ $user := .Active.Did }} 52 52 + {{ $user := .Did }} 53 53 <img 54 54 src="{{ tinyAvatar $user }}" 55 55 alt="" ··· 57 57 /> 58 58 <span class="hidden md:inline">{{ $user | resolve | truncateAt30 }}</span> 59 59 </summary> 60 60 - <div class="absolute right-0 mt-4 p-4 rounded bg-white dark:bg-gray-800 dark:text-white border border-gray-200 dark:border-gray-700 shadow-lg z-50" style="width: 14rem;"> 61 61 - {{ $active := .Active.Did }} 62 62 - 63 63 - <div class="pb-2 mb-2 border-b border-gray-200 dark:border-gray-700"> 64 64 - <div class="flex items-center gap-2"> 65 65 - <img src="{{ tinyAvatar $active }}" alt="" class="rounded-full h-8 w-8 flex-shrink-0 border border-gray-300 dark:border-gray-700" /> 66 66 - <div class="flex-1 overflow-hidden"> 67 67 - <p class="font-medium text-sm truncate">{{ $active | resolve }}</p> 68 68 - <p class="text-xs text-green-600 dark:text-green-400">active</p> 69 69 - </div> 70 70 - </div> 71 71 - </div> 72 72 - 73 73 - {{ $others := .Accounts | otherAccounts $active }} 74 74 - {{ if $others }} 75 75 - <div class="pb-2 mb-2 border-b border-gray-200 dark:border-gray-700"> 76 76 - <p class="text-xs text-gray-500 dark:text-gray-400 uppercase tracking-wide mb-1">Switch Account</p> 77 77 - {{ range $others }} 78 78 - <button 79 79 - type="button" 80 80 - hx-post="/account/switch" 81 81 - hx-vals='{"did": "{{ .Did }}"}' 82 82 - hx-swap="none" 83 83 - class="flex items-center gap-2 w-full py-1.5 rounded hover:bg-gray-100 dark:hover:bg-gray-700 text-left" 84 84 - > 85 85 - <img src="{{ tinyAvatar .Did }}" alt="" class="rounded-full h-6 w-6 flex-shrink-0 border border-gray-300 dark:border-gray-700" /> 86 86 - <span class="text-sm truncate flex-1">{{ .Did | resolve }}</span> 87 87 - </button> 88 88 - {{ end }} 89 89 - </div> 90 90 - {{ end }} 91 91 - 92 92 - <a href="/login?mode=add_account" class="flex items-center gap-2 py-1 text-sm"> 93 93 - {{ i "plus" "w-4 h-4 flex-shrink-0" }} 94 94 - <span>Add another account</span> 60 60 + <div class="absolute flex flex-col right-0 mt-4 p-4 rounded w-48 bg-white dark:bg-gray-800 dark:text-white border border-gray-200 dark:border-gray-700"> 61 61 + <a href="/{{ $user }}">profile</a> 62 62 + <a href="/{{ $user }}?tab=repos">repositories</a> 63 63 + <a href="/{{ $user }}?tab=strings">strings</a> 64 64 + <a href="/settings">settings</a> 65 65 + <a href="#" 66 66 + hx-post="/logout" 67 67 + hx-swap="none" 68 68 + class="text-red-400 hover:text-red-700 dark:text-red-400 dark:hover:text-red-300"> 69 69 + logout 95 70 </a> 96 96 - 97 97 - <div class="pt-2 mt-2 border-t border-gray-200 dark:border-gray-700 space-y-1"> 98 98 - <a href="/{{ $active }}" class="block py-1 text-sm">profile</a> 99 99 - <a href="/{{ $active }}?tab=repos" class="block py-1 text-sm">repositories</a> 100 100 - <a href="/{{ $active }}?tab=strings" class="block py-1 text-sm">strings</a> 101 101 - <a href="/settings" class="block py-1 text-sm">settings</a> 102 102 - <a href="#" 103 103 - hx-post="/logout" 104 104 - hx-swap="none" 105 105 - class="block py-1 text-sm text-red-400 hover:text-red-700 dark:text-red-400 dark:hover:text-red-300"> 106 106 - logout 107 107 - </a> 108 108 - </div> 109 71 </div> 110 72 </details> 111 73

-53

appview/pages/templates/user/login.html

··· 20 20 <h2 class="text-center text-xl italic dark:text-white"> 21 21 tightly-knit social coding. 22 22 </h2> 23 23 - 24 24 - {{ if .AddAccount }} 25 25 - <div class="flex gap-2 my-4 bg-blue-50 dark:bg-blue-900/30 border border-blue-300 dark:border-sky-800 rounded px-3 py-2 text-blue-600 dark:text-blue-300"> 26 26 - <span class="py-1">{{ i "user-plus" "w-4 h-4" }}</span> 27 27 - <div> 28 28 - <h5 class="font-medium">Add another account</h5> 29 29 - <p class="text-sm">Sign in with a different account to add it to your account list.</p> 30 30 - </div> 31 31 - </div> 32 32 - {{ end }} 33 33 - 34 34 - {{ if and .LoggedInUser .LoggedInUser.Accounts }} 35 35 - {{ $accounts := .LoggedInUser.Accounts }} 36 36 - {{ if $accounts }} 37 37 - <div class="my-4 border border-gray-200 dark:border-gray-700 rounded overflow-hidden"> 38 38 - <div class="px-3 py-2 bg-gray-50 dark:bg-gray-800 border-b border-gray-200 dark:border-gray-700"> 39 39 - <span class="text-xs text-gray-500 dark:text-gray-400 uppercase tracking-wide font-medium">Saved accounts</span> 40 40 - </div> 41 41 - <div class="divide-y divide-gray-200 dark:divide-gray-700"> 42 42 - {{ range $accounts }} 43 43 - <div class="flex items-center justify-between px-3 py-2 hover:bg-gray-100 dark:hover:bg-gray-700"> 44 44 - <button 45 45 - type="button" 46 46 - hx-post="/account/switch" 47 47 - hx-vals='{"did": "{{ .Did }}"}' 48 48 - hx-swap="none" 49 49 - class="flex items-center gap-2 flex-1 text-left min-w-0" 50 50 - > 51 51 - <img src="{{ tinyAvatar .Did }}" alt="" class="rounded-full h-8 w-8 flex-shrink-0 border border-gray-300 dark:border-gray-700" /> 52 52 - <div class="flex flex-col min-w-0"> 53 53 - <span class="text-sm font-medium dark:text-white truncate">{{ .Did | resolve | truncateAt30 }}</span> 54 54 - <span class="text-xs text-gray-500 dark:text-gray-400">Click to switch</span> 55 55 - </div> 56 56 - </button> 57 57 - <button 58 58 - type="button" 59 59 - hx-delete="/account/{{ .Did }}" 60 60 - hx-swap="none" 61 61 - class="p-1 text-gray-400 hover:text-red-500 dark:hover:text-red-400 flex-shrink-0" 62 62 - title="Remove account" 63 63 - > 64 64 - {{ i "x" "w-4 h-4" }} 65 65 - </button> 66 66 - </div> 67 67 - {{ end }} 68 68 - </div> 69 69 - </div> 70 70 - {{ end }} 71 71 - {{ end }} 72 72 - 73 23 <form 74 24 class="mt-4" 75 25 hx-post="/login" ··· 96 46 </span> 97 47 </div> 98 48 <input type="hidden" name="return_url" value="{{ .ReturnUrl }}"> 99 99 - <input type="hidden" name="add_account" value="{{ if .AddAccount }}true{{ end }}"> 100 49 101 50 <button 102 51 class="btn w-full my-2 mt-6 text-base " ··· 117 66 You have not authorized the app. 118 67 {{ else if eq .ErrorCode "session" }} 119 68 Server failed to create user session. 120 120 - {{ else if eq .ErrorCode "max_accounts" }} 121 121 - You have reached the maximum of 20 linked accounts. Please remove an account before adding a new one. 122 69 {{ else }} 123 70 Internal Server error. 124 71 {{ end }}

+2 -2

appview/pipelines/pipelines.go

··· 70 70 } 71 71 72 72 func (p *Pipelines) Index(w http.ResponseWriter, r *http.Request) { 73 73 - user := p.oauth.GetMultiAccountUser(r) 73 73 + user := p.oauth.GetUser(r) 74 74 l := p.logger.With("handler", "Index") 75 75 76 76 f, err := p.repoResolver.Resolve(r) ··· 99 99 } 100 100 101 101 func (p *Pipelines) Workflow(w http.ResponseWriter, r *http.Request) { 102 102 - user := p.oauth.GetMultiAccountUser(r) 102 102 + user := p.oauth.GetUser(r) 103 103 l := p.logger.With("handler", "Workflow") 104 104 105 105 f, err := p.repoResolver.Resolve(r)

+55 -55

appview/pulls/pulls.go

··· 93 93 func (s *Pulls) PullActions(w http.ResponseWriter, r *http.Request) { 94 94 switch r.Method { 95 95 case http.MethodGet: 96 96 - user := s.oauth.GetMultiAccountUser(r) 96 96 + user := s.oauth.GetUser(r) 97 97 f, err := s.repoResolver.Resolve(r) 98 98 if err != nil { 99 99 log.Println("failed to get repo and knot", err) ··· 124 124 mergeCheckResponse := s.mergeCheck(r, f, pull, stack) 125 125 branchDeleteStatus := s.branchDeleteStatus(r, f, pull) 126 126 resubmitResult := pages.Unknown 127 127 - if user.Active.Did == pull.OwnerDid { 127 127 + if user.Did == pull.OwnerDid { 128 128 resubmitResult = s.resubmitCheck(r, f, pull, stack) 129 129 } 130 130 ··· 143 143 } 144 144 145 145 func (s *Pulls) RepoSinglePull(w http.ResponseWriter, r *http.Request) { 146 146 - user := s.oauth.GetMultiAccountUser(r) 146 146 + user := s.oauth.GetUser(r) 147 147 f, err := s.repoResolver.Resolve(r) 148 148 if err != nil { 149 149 log.Println("failed to get repo and knot", err) ··· 171 171 mergeCheckResponse := s.mergeCheck(r, f, pull, stack) 172 172 branchDeleteStatus := s.branchDeleteStatus(r, f, pull) 173 173 resubmitResult := pages.Unknown 174 174 - if user != nil && user.Active != nil && user.Active.Did == pull.OwnerDid { 174 174 + if user != nil && user.Did == pull.OwnerDid { 175 175 resubmitResult = s.resubmitCheck(r, f, pull, stack) 176 176 } 177 177 ··· 213 213 214 214 userReactions := map[models.ReactionKind]bool{} 215 215 if user != nil { 216 216 - userReactions = db.GetReactionStatusMap(s.db, user.Active.Did, pull.AtUri()) 216 216 + userReactions = db.GetReactionStatusMap(s.db, user.Did, pull.AtUri()) 217 217 } 218 218 219 219 labelDefs, err := db.GetLabelDefinitions( ··· 324 324 return nil 325 325 } 326 326 327 327 - user := s.oauth.GetMultiAccountUser(r) 327 327 + user := s.oauth.GetUser(r) 328 328 if user == nil { 329 329 return nil 330 330 } ··· 347 347 } 348 348 349 349 // user can only delete branch if they are a collaborator in the repo that the branch belongs to 350 350 - perms := s.enforcer.GetPermissionsInRepo(user.Active.Did, repo.Knot, repo.DidSlashRepo()) 350 350 + perms := s.enforcer.GetPermissionsInRepo(user.Did, repo.Knot, repo.DidSlashRepo()) 351 351 if !slices.Contains(perms, "repo:push") { 352 352 return nil 353 353 } ··· 434 434 } 435 435 436 436 func (s *Pulls) RepoPullPatch(w http.ResponseWriter, r *http.Request) { 437 437 - user := s.oauth.GetMultiAccountUser(r) 437 437 + user := s.oauth.GetUser(r) 438 438 439 439 var diffOpts types.DiffOpts 440 440 if d := r.URL.Query().Get("diff"); d == "split" { ··· 475 475 } 476 476 477 477 func (s *Pulls) RepoPullInterdiff(w http.ResponseWriter, r *http.Request) { 478 478 - user := s.oauth.GetMultiAccountUser(r) 478 478 + user := s.oauth.GetUser(r) 479 479 480 480 var diffOpts types.DiffOpts 481 481 if d := r.URL.Query().Get("diff"); d == "split" { ··· 520 520 interdiff := patchutil.Interdiff(previousPatch, currentPatch) 521 521 522 522 s.pages.RepoPullInterdiffPage(w, pages.RepoPullInterdiffParams{ 523 523 - LoggedInUser: s.oauth.GetMultiAccountUser(r), 523 523 + LoggedInUser: s.oauth.GetUser(r), 524 524 RepoInfo: s.repoResolver.GetRepoInfo(r, user), 525 525 Pull: pull, 526 526 Round: roundIdInt, ··· 552 552 func (s *Pulls) RepoPulls(w http.ResponseWriter, r *http.Request) { 553 553 l := s.logger.With("handler", "RepoPulls") 554 554 555 555 - user := s.oauth.GetMultiAccountUser(r) 555 555 + user := s.oauth.GetUser(r) 556 556 params := r.URL.Query() 557 557 558 558 state := models.PullOpen ··· 680 680 } 681 681 682 682 s.pages.RepoPulls(w, pages.RepoPullsParams{ 683 683 - LoggedInUser: s.oauth.GetMultiAccountUser(r), 683 683 + LoggedInUser: s.oauth.GetUser(r), 684 684 RepoInfo: s.repoResolver.GetRepoInfo(r, user), 685 685 Pulls: pulls, 686 686 LabelDefs: defs, ··· 692 692 } 693 693 694 694 func (s *Pulls) PullComment(w http.ResponseWriter, r *http.Request) { 695 695 - user := s.oauth.GetMultiAccountUser(r) 695 695 + user := s.oauth.GetUser(r) 696 696 f, err := s.repoResolver.Resolve(r) 697 697 if err != nil { 698 698 log.Println("failed to get repo and knot", err) ··· 751 751 } 752 752 atResp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 753 753 Collection: tangled.RepoPullCommentNSID, 754 754 - Repo: user.Active.Did, 754 754 + Repo: user.Did, 755 755 Rkey: tid.TID(), 756 756 Record: &lexutil.LexiconTypeDecoder{ 757 757 Val: &tangled.RepoPullComment{ ··· 768 768 } 769 769 770 770 comment := &models.PullComment{ 771 771 - OwnerDid: user.Active.Did, 771 771 + OwnerDid: user.Did, 772 772 RepoAt: f.RepoAt().String(), 773 773 PullId: pull.PullId, 774 774 Body: body, ··· 802 802 } 803 803 804 804 func (s *Pulls) NewPull(w http.ResponseWriter, r *http.Request) { 805 805 - user := s.oauth.GetMultiAccountUser(r) 805 805 + user := s.oauth.GetUser(r) 806 806 f, err := s.repoResolver.Resolve(r) 807 807 if err != nil { 808 808 log.Println("failed to get repo and knot", err) ··· 870 870 } 871 871 872 872 // Determine PR type based on input parameters 873 873 - roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 873 873 + roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 874 874 isPushAllowed := roles.IsPushAllowed() 875 875 isBranchBased := isPushAllowed && sourceBranch != "" && fromFork == "" 876 876 isForkBased := fromFork != "" && sourceBranch != "" ··· 970 970 w http.ResponseWriter, 971 971 r *http.Request, 972 972 repo *models.Repo, 973 973 - user *oauth.MultiAccountUser, 973 973 + user *oauth.User, 974 974 title, 975 975 body, 976 976 targetBranch, ··· 1027 1027 s.createPullRequest(w, r, repo, user, title, body, targetBranch, patch, combined, sourceRev, pullSource, recordPullSource, isStacked) 1028 1028 } 1029 1029 1030 1030 - func (s *Pulls) handlePatchBasedPull(w http.ResponseWriter, r *http.Request, repo *models.Repo, user *oauth.MultiAccountUser, title, body, targetBranch, patch string, isStacked bool) { 1030 1030 + func (s *Pulls) handlePatchBasedPull(w http.ResponseWriter, r *http.Request, repo *models.Repo, user *oauth.User, title, body, targetBranch, patch string, isStacked bool) { 1031 1031 if err := s.validator.ValidatePatch(&patch); err != nil { 1032 1032 s.logger.Error("patch validation failed", "err", err) 1033 1033 s.pages.Notice(w, "pull", "Invalid patch format. Please provide a valid diff.") ··· 1037 1037 s.createPullRequest(w, r, repo, user, title, body, targetBranch, patch, "", "", nil, nil, isStacked) 1038 1038 } 1039 1039 1040 1040 - func (s *Pulls) handleForkBasedPull(w http.ResponseWriter, r *http.Request, repo *models.Repo, user *oauth.MultiAccountUser, forkRepo string, title, body, targetBranch, sourceBranch string, isStacked bool) { 1040 1040 + func (s *Pulls) handleForkBasedPull(w http.ResponseWriter, r *http.Request, repo *models.Repo, user *oauth.User, forkRepo string, title, body, targetBranch, sourceBranch string, isStacked bool) { 1041 1041 repoString := strings.SplitN(forkRepo, "/", 2) 1042 1042 forkOwnerDid := repoString[0] 1043 1043 repoName := repoString[1] ··· 1146 1146 w http.ResponseWriter, 1147 1147 r *http.Request, 1148 1148 repo *models.Repo, 1149 1149 - user *oauth.MultiAccountUser, 1149 1149 + user *oauth.User, 1150 1150 title, body, targetBranch string, 1151 1151 patch string, 1152 1152 combined string, ··· 1218 1218 Title: title, 1219 1219 Body: body, 1220 1220 TargetBranch: targetBranch, 1221 1221 - OwnerDid: user.Active.Did, 1221 1221 + OwnerDid: user.Did, 1222 1222 RepoAt: repo.RepoAt(), 1223 1223 Rkey: rkey, 1224 1224 Mentions: mentions, ··· 1250 1250 1251 1251 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 1252 1252 Collection: tangled.RepoPullNSID, 1253 1253 - Repo: user.Active.Did, 1253 1253 + Repo: user.Did, 1254 1254 Rkey: rkey, 1255 1255 Record: &lexutil.LexiconTypeDecoder{ 1256 1256 Val: &tangled.RepoPull{ ··· 1287 1287 w http.ResponseWriter, 1288 1288 r *http.Request, 1289 1289 repo *models.Repo, 1290 1290 - user *oauth.MultiAccountUser, 1290 1290 + user *oauth.User, 1291 1291 targetBranch string, 1292 1292 patch string, 1293 1293 sourceRev string, ··· 1355 1355 }) 1356 1356 } 1357 1357 _, err = comatproto.RepoApplyWrites(r.Context(), client, &comatproto.RepoApplyWrites_Input{ 1358 1358 - Repo: user.Active.Did, 1358 1358 + Repo: user.Did, 1359 1359 Writes: writes, 1360 1360 }) 1361 1361 if err != nil { ··· 1427 1427 } 1428 1428 1429 1429 func (s *Pulls) PatchUploadFragment(w http.ResponseWriter, r *http.Request) { 1430 1430 - user := s.oauth.GetMultiAccountUser(r) 1430 1430 + user := s.oauth.GetUser(r) 1431 1431 1432 1432 s.pages.PullPatchUploadFragment(w, pages.PullPatchUploadParams{ 1433 1433 RepoInfo: s.repoResolver.GetRepoInfo(r, user), ··· 1435 1435 } 1436 1436 1437 1437 func (s *Pulls) CompareBranchesFragment(w http.ResponseWriter, r *http.Request) { 1438 1438 - user := s.oauth.GetMultiAccountUser(r) 1438 1438 + user := s.oauth.GetUser(r) 1439 1439 f, err := s.repoResolver.Resolve(r) 1440 1440 if err != nil { 1441 1441 log.Println("failed to get repo and knot", err) ··· 1490 1490 } 1491 1491 1492 1492 func (s *Pulls) CompareForksFragment(w http.ResponseWriter, r *http.Request) { 1493 1493 - user := s.oauth.GetMultiAccountUser(r) 1493 1493 + user := s.oauth.GetUser(r) 1494 1494 1495 1495 - forks, err := db.GetForksByDid(s.db, user.Active.Did) 1495 1495 + forks, err := db.GetForksByDid(s.db, user.Did) 1496 1496 if err != nil { 1497 1497 log.Println("failed to get forks", err) 1498 1498 return ··· 1506 1506 } 1507 1507 1508 1508 func (s *Pulls) CompareForksBranchesFragment(w http.ResponseWriter, r *http.Request) { 1509 1509 - user := s.oauth.GetMultiAccountUser(r) 1509 1509 + user := s.oauth.GetUser(r) 1510 1510 1511 1511 f, err := s.repoResolver.Resolve(r) 1512 1512 if err != nil { ··· 1599 1599 } 1600 1600 1601 1601 func (s *Pulls) ResubmitPull(w http.ResponseWriter, r *http.Request) { 1602 1602 - user := s.oauth.GetMultiAccountUser(r) 1602 1602 + user := s.oauth.GetUser(r) 1603 1603 1604 1604 pull, ok := r.Context().Value("pull").(*models.Pull) 1605 1605 if !ok { ··· 1630 1630 } 1631 1631 1632 1632 func (s *Pulls) resubmitPatch(w http.ResponseWriter, r *http.Request) { 1633 1633 - user := s.oauth.GetMultiAccountUser(r) 1633 1633 + user := s.oauth.GetUser(r) 1634 1634 1635 1635 pull, ok := r.Context().Value("pull").(*models.Pull) 1636 1636 if !ok { ··· 1645 1645 return 1646 1646 } 1647 1647 1648 1648 - if user.Active.Did != pull.OwnerDid { 1648 1648 + if user.Did != pull.OwnerDid { 1649 1649 log.Println("unauthorized user") 1650 1650 w.WriteHeader(http.StatusUnauthorized) 1651 1651 return ··· 1657 1657 } 1658 1658 1659 1659 func (s *Pulls) resubmitBranch(w http.ResponseWriter, r *http.Request) { 1660 1660 - user := s.oauth.GetMultiAccountUser(r) 1660 1660 + user := s.oauth.GetUser(r) 1661 1661 1662 1662 pull, ok := r.Context().Value("pull").(*models.Pull) 1663 1663 if !ok { ··· 1672 1672 return 1673 1673 } 1674 1674 1675 1675 - if user.Active.Did != pull.OwnerDid { 1675 1675 + if user.Did != pull.OwnerDid { 1676 1676 log.Println("unauthorized user") 1677 1677 w.WriteHeader(http.StatusUnauthorized) 1678 1678 return 1679 1679 } 1680 1680 1681 1681 - roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 1681 1681 + roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 1682 1682 if !roles.IsPushAllowed() { 1683 1683 log.Println("unauthorized user") 1684 1684 w.WriteHeader(http.StatusUnauthorized) ··· 1722 1722 } 1723 1723 1724 1724 func (s *Pulls) resubmitFork(w http.ResponseWriter, r *http.Request) { 1725 1725 - user := s.oauth.GetMultiAccountUser(r) 1725 1725 + user := s.oauth.GetUser(r) 1726 1726 1727 1727 pull, ok := r.Context().Value("pull").(*models.Pull) 1728 1728 if !ok { ··· 1737 1737 return 1738 1738 } 1739 1739 1740 1740 - if user.Active.Did != pull.OwnerDid { 1740 1740 + if user.Did != pull.OwnerDid { 1741 1741 log.Println("unauthorized user") 1742 1742 w.WriteHeader(http.StatusUnauthorized) 1743 1743 return ··· 1822 1822 w http.ResponseWriter, 1823 1823 r *http.Request, 1824 1824 repo *models.Repo, 1825 1825 - user *oauth.MultiAccountUser, 1825 1825 + user *oauth.User, 1826 1826 pull *models.Pull, 1827 1827 patch string, 1828 1828 combined string, ··· 1878 1878 return 1879 1879 } 1880 1880 1881 1881 - ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoPullNSID, user.Active.Did, pull.Rkey) 1881 1881 + ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoPullNSID, user.Did, pull.Rkey) 1882 1882 if err != nil { 1883 1883 // failed to get record 1884 1884 s.pages.Notice(w, "resubmit-error", "Failed to update pull, no record found on PDS.") ··· 1897 1897 1898 1898 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 1899 1899 Collection: tangled.RepoPullNSID, 1900 1900 - Repo: user.Active.Did, 1900 1900 + Repo: user.Did, 1901 1901 Rkey: pull.Rkey, 1902 1902 SwapRecord: ex.Cid, 1903 1903 Record: &lexutil.LexiconTypeDecoder{ ··· 1924 1924 w http.ResponseWriter, 1925 1925 r *http.Request, 1926 1926 repo *models.Repo, 1927 1927 - user *oauth.MultiAccountUser, 1927 1927 + user *oauth.User, 1928 1928 pull *models.Pull, 1929 1929 patch string, 1930 1930 stackId string, ··· 2114 2114 } 2115 2115 2116 2116 _, err = comatproto.RepoApplyWrites(r.Context(), client, &comatproto.RepoApplyWrites_Input{ 2117 2117 - Repo: user.Active.Did, 2117 2117 + Repo: user.Did, 2118 2118 Writes: writes, 2119 2119 }) 2120 2120 if err != nil { ··· 2128 2128 } 2129 2129 2130 2130 func (s *Pulls) MergePull(w http.ResponseWriter, r *http.Request) { 2131 2131 - user := s.oauth.GetMultiAccountUser(r) 2131 2131 + user := s.oauth.GetUser(r) 2132 2132 f, err := s.repoResolver.Resolve(r) 2133 2133 if err != nil { 2134 2134 log.Println("failed to resolve repo:", err) ··· 2239 2239 2240 2240 // notify about the pull merge 2241 2241 for _, p := range pullsToMerge { 2242 2242 - s.notifier.NewPullState(r.Context(), syntax.DID(user.Active.Did), p) 2242 2242 + s.notifier.NewPullState(r.Context(), syntax.DID(user.Did), p) 2243 2243 } 2244 2244 2245 2245 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) ··· 2247 2247 } 2248 2248 2249 2249 func (s *Pulls) ClosePull(w http.ResponseWriter, r *http.Request) { 2250 2250 - user := s.oauth.GetMultiAccountUser(r) 2250 2250 + user := s.oauth.GetUser(r) 2251 2251 2252 2252 f, err := s.repoResolver.Resolve(r) 2253 2253 if err != nil { ··· 2263 2263 } 2264 2264 2265 2265 // auth filter: only owner or collaborators can close 2266 2266 - roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 2266 2266 + roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 2267 2267 isOwner := roles.IsOwner() 2268 2268 isCollaborator := roles.IsCollaborator() 2269 2269 - isPullAuthor := user.Active.Did == pull.OwnerDid 2269 2269 + isPullAuthor := user.Did == pull.OwnerDid 2270 2270 isCloseAllowed := isOwner || isCollaborator || isPullAuthor 2271 2271 if !isCloseAllowed { 2272 2272 log.Println("failed to close pull") ··· 2312 2312 } 2313 2313 2314 2314 for _, p := range pullsToClose { 2315 2315 - s.notifier.NewPullState(r.Context(), syntax.DID(user.Active.Did), p) 2315 2315 + s.notifier.NewPullState(r.Context(), syntax.DID(user.Did), p) 2316 2316 } 2317 2317 2318 2318 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) ··· 2320 2320 } 2321 2321 2322 2322 func (s *Pulls) ReopenPull(w http.ResponseWriter, r *http.Request) { 2323 2323 - user := s.oauth.GetMultiAccountUser(r) 2323 2323 + user := s.oauth.GetUser(r) 2324 2324 2325 2325 f, err := s.repoResolver.Resolve(r) 2326 2326 if err != nil { ··· 2337 2337 } 2338 2338 2339 2339 // auth filter: only owner or collaborators can close 2340 2340 - roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 2340 2340 + roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 2341 2341 isOwner := roles.IsOwner() 2342 2342 isCollaborator := roles.IsCollaborator() 2343 2343 - isPullAuthor := user.Active.Did == pull.OwnerDid 2343 2343 + isPullAuthor := user.Did == pull.OwnerDid 2344 2344 isCloseAllowed := isOwner || isCollaborator || isPullAuthor 2345 2345 if !isCloseAllowed { 2346 2346 log.Println("failed to close pull") ··· 2386 2386 } 2387 2387 2388 2388 for _, p := range pullsToReopen { 2389 2389 - s.notifier.NewPullState(r.Context(), syntax.DID(user.Active.Did), p) 2389 2389 + s.notifier.NewPullState(r.Context(), syntax.DID(user.Did), p) 2390 2390 } 2391 2391 2392 2392 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) 2393 2393 s.pages.HxLocation(w, fmt.Sprintf("/%s/pulls/%d", ownerSlashRepo, pull.PullId)) 2394 2394 } 2395 2395 2396 2396 - func (s *Pulls) newStack(ctx context.Context, repo *models.Repo, user *oauth.MultiAccountUser, targetBranch, patch string, pullSource *models.PullSource, stackId string) (models.Stack, error) { 2396 2396 + func (s *Pulls) newStack(ctx context.Context, repo *models.Repo, user *oauth.User, targetBranch, patch string, pullSource *models.PullSource, stackId string) (models.Stack, error) { 2397 2397 formatPatches, err := patchutil.ExtractPatches(patch) 2398 2398 if err != nil { 2399 2399 return nil, fmt.Errorf("Failed to extract patches: %v", err) ··· 2429 2429 Title: title, 2430 2430 Body: body, 2431 2431 TargetBranch: targetBranch, 2432 2432 - OwnerDid: user.Active.Did, 2432 2432 + OwnerDid: user.Did, 2433 2433 RepoAt: repo.RepoAt(), 2434 2434 Rkey: rkey, 2435 2435 Mentions: mentions,

+6 -6

appview/repo/artifact.go

··· 30 30 31 31 // TODO: proper statuses here on early exit 32 32 func (rp *Repo) AttachArtifact(w http.ResponseWriter, r *http.Request) { 33 33 - user := rp.oauth.GetMultiAccountUser(r) 33 33 + user := rp.oauth.GetUser(r) 34 34 tagParam := chi.URLParam(r, "tag") 35 35 f, err := rp.repoResolver.Resolve(r) 36 36 if err != nil { ··· 75 75 76 76 putRecordResp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 77 77 Collection: tangled.RepoArtifactNSID, 78 78 - Repo: user.Active.Did, 78 78 + Repo: user.Did, 79 79 Rkey: rkey, 80 80 Record: &lexutil.LexiconTypeDecoder{ 81 81 Val: &tangled.RepoArtifact{ ··· 104 104 defer tx.Rollback() 105 105 106 106 artifact := models.Artifact{ 107 107 - Did: user.Active.Did, 107 107 + Did: user.Did, 108 108 Rkey: rkey, 109 109 RepoAt: f.RepoAt(), 110 110 Tag: tag.Tag.Hash, ··· 220 220 221 221 // TODO: proper statuses here on early exit 222 222 func (rp *Repo) DeleteArtifact(w http.ResponseWriter, r *http.Request) { 223 223 - user := rp.oauth.GetMultiAccountUser(r) 223 223 + user := rp.oauth.GetUser(r) 224 224 tagParam := chi.URLParam(r, "tag") 225 225 filename := chi.URLParam(r, "file") 226 226 f, err := rp.repoResolver.Resolve(r) ··· 251 251 252 252 artifact := artifacts[0] 253 253 254 254 - if user.Active.Did != artifact.Did { 254 254 + if user.Did != artifact.Did { 255 255 log.Println("user not authorized to delete artifact", err) 256 256 rp.pages.Notice(w, "remove", "Unauthorized deletion of artifact.") 257 257 return ··· 259 259 260 260 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 261 261 Collection: tangled.RepoArtifactNSID, 262 262 - Repo: user.Active.Did, 262 262 + Repo: user.Did, 263 263 Rkey: artifact.Rkey, 264 264 }) 265 265 if err != nil {

+1 -1

appview/repo/blob.go

··· 76 76 // Create the blob view 77 77 blobView := NewBlobView(resp, rp.config, f, ref, filePath, r.URL.Query()) 78 78 79 79 - user := rp.oauth.GetMultiAccountUser(r) 79 79 + user := rp.oauth.GetUser(r) 80 80 81 81 rp.pages.RepoBlob(w, pages.RepoBlobParams{ 82 82 LoggedInUser: user,

+1 -1

appview/repo/branches.go

··· 43 43 return 44 44 } 45 45 sortBranches(result.Branches) 46 46 - user := rp.oauth.GetMultiAccountUser(r) 46 46 + user := rp.oauth.GetUser(r) 47 47 rp.pages.RepoBranches(w, pages.RepoBranchesParams{ 48 48 LoggedInUser: user, 49 49 RepoInfo: rp.repoResolver.GetRepoInfo(r, user),

+2 -2

appview/repo/compare.go

··· 20 20 func (rp *Repo) CompareNew(w http.ResponseWriter, r *http.Request) { 21 21 l := rp.logger.With("handler", "RepoCompareNew") 22 22 23 23 - user := rp.oauth.GetMultiAccountUser(r) 23 23 + user := rp.oauth.GetUser(r) 24 24 f, err := rp.repoResolver.Resolve(r) 25 25 if err != nil { 26 26 l.Error("failed to get repo and knot", "err", err) ··· 101 101 func (rp *Repo) Compare(w http.ResponseWriter, r *http.Request) { 102 102 l := rp.logger.With("handler", "RepoCompare") 103 103 104 104 - user := rp.oauth.GetMultiAccountUser(r) 104 104 + user := rp.oauth.GetUser(r) 105 105 f, err := rp.repoResolver.Resolve(r) 106 106 if err != nil { 107 107 l.Error("failed to get repo and knot", "err", err)

+1 -1

appview/repo/index.go

··· 51 51 Host: host, 52 52 } 53 53 54 54 - user := rp.oauth.GetMultiAccountUser(r) 54 54 + user := rp.oauth.GetUser(r) 55 55 56 56 // Build index response from multiple XRPC calls 57 57 result, err := rp.buildIndexResponse(r.Context(), xrpcc, f, ref)

+2 -2

appview/repo/log.go

··· 109 109 } 110 110 } 111 111 112 112 - user := rp.oauth.GetMultiAccountUser(r) 112 112 + user := rp.oauth.GetUser(r) 113 113 114 114 emailToDidMap, err := db.GetEmailToDid(rp.db, uniqueEmails(xrpcResp.Commits), true) 115 115 if err != nil { ··· 197 197 l.Error("failed to GetVerifiedCommits", "err", err) 198 198 } 199 199 200 200 - user := rp.oauth.GetMultiAccountUser(r) 200 200 + user := rp.oauth.GetUser(r) 201 201 pipelines, err := getPipelineStatuses(rp.db, f, []string{result.Diff.Commit.This}) 202 202 if err != nil { 203 203 l.Error("failed to getPipelineStatuses", "err", err)

+34 -34

appview/repo/repo.go

··· 81 81 82 82 // modify the spindle configured for this repo 83 83 func (rp *Repo) EditSpindle(w http.ResponseWriter, r *http.Request) { 84 84 - user := rp.oauth.GetMultiAccountUser(r) 84 84 + user := rp.oauth.GetUser(r) 85 85 l := rp.logger.With("handler", "EditSpindle") 86 86 - l = l.With("did", user.Active.Did) 86 86 + l = l.With("did", user.Did) 87 87 88 88 errorId := "operation-error" 89 89 fail := func(msg string, err error) { ··· 107 107 108 108 if !removingSpindle { 109 109 // ensure that this is a valid spindle for this user 110 110 - validSpindles, err := rp.enforcer.GetSpindlesForUser(user.Active.Did) 110 110 + validSpindles, err := rp.enforcer.GetSpindlesForUser(user.Did) 111 111 if err != nil { 112 112 fail("Failed to find spindles. Try again later.", err) 113 113 return ··· 168 168 } 169 169 170 170 func (rp *Repo) AddLabelDef(w http.ResponseWriter, r *http.Request) { 171 171 - user := rp.oauth.GetMultiAccountUser(r) 171 171 + user := rp.oauth.GetUser(r) 172 172 l := rp.logger.With("handler", "AddLabel") 173 173 - l = l.With("did", user.Active.Did) 173 173 + l = l.With("did", user.Did) 174 174 175 175 f, err := rp.repoResolver.Resolve(r) 176 176 if err != nil { ··· 216 216 } 217 217 218 218 label := models.LabelDefinition{ 219 219 - Did: user.Active.Did, 219 219 + Did: user.Did, 220 220 Rkey: tid.TID(), 221 221 Name: name, 222 222 ValueType: valueType, ··· 327 327 } 328 328 329 329 func (rp *Repo) DeleteLabelDef(w http.ResponseWriter, r *http.Request) { 330 330 - user := rp.oauth.GetMultiAccountUser(r) 330 330 + user := rp.oauth.GetUser(r) 331 331 l := rp.logger.With("handler", "DeleteLabel") 332 332 - l = l.With("did", user.Active.Did) 332 332 + l = l.With("did", user.Did) 333 333 334 334 f, err := rp.repoResolver.Resolve(r) 335 335 if err != nil { ··· 435 435 } 436 436 437 437 func (rp *Repo) SubscribeLabel(w http.ResponseWriter, r *http.Request) { 438 438 - user := rp.oauth.GetMultiAccountUser(r) 438 438 + user := rp.oauth.GetUser(r) 439 439 l := rp.logger.With("handler", "SubscribeLabel") 440 440 - l = l.With("did", user.Active.Did) 440 440 + l = l.With("did", user.Did) 441 441 442 442 f, err := rp.repoResolver.Resolve(r) 443 443 if err != nil { ··· 521 521 } 522 522 523 523 func (rp *Repo) UnsubscribeLabel(w http.ResponseWriter, r *http.Request) { 524 524 - user := rp.oauth.GetMultiAccountUser(r) 524 524 + user := rp.oauth.GetUser(r) 525 525 l := rp.logger.With("handler", "UnsubscribeLabel") 526 526 - l = l.With("did", user.Active.Did) 526 526 + l = l.With("did", user.Did) 527 527 528 528 f, err := rp.repoResolver.Resolve(r) 529 529 if err != nil { ··· 633 633 } 634 634 state := states[subject] 635 635 636 636 - user := rp.oauth.GetMultiAccountUser(r) 636 636 + user := rp.oauth.GetUser(r) 637 637 rp.pages.LabelPanel(w, pages.LabelPanelParams{ 638 638 LoggedInUser: user, 639 639 RepoInfo: rp.repoResolver.GetRepoInfo(r, user), ··· 681 681 } 682 682 state := states[subject] 683 683 684 684 - user := rp.oauth.GetMultiAccountUser(r) 684 684 + user := rp.oauth.GetUser(r) 685 685 rp.pages.EditLabelPanel(w, pages.EditLabelPanelParams{ 686 686 LoggedInUser: user, 687 687 RepoInfo: rp.repoResolver.GetRepoInfo(r, user), ··· 692 692 } 693 693 694 694 func (rp *Repo) AddCollaborator(w http.ResponseWriter, r *http.Request) { 695 695 - user := rp.oauth.GetMultiAccountUser(r) 695 695 + user := rp.oauth.GetUser(r) 696 696 l := rp.logger.With("handler", "AddCollaborator") 697 697 - l = l.With("did", user.Active.Did) 697 697 + l = l.With("did", user.Did) 698 698 699 699 f, err := rp.repoResolver.Resolve(r) 700 700 if err != nil { ··· 723 723 return 724 724 } 725 725 726 726 - if collaboratorIdent.DID.String() == user.Active.Did { 726 726 + if collaboratorIdent.DID.String() == user.Did { 727 727 fail("You seem to be adding yourself as a collaborator.", nil) 728 728 return 729 729 } ··· 738 738 } 739 739 740 740 // emit a record 741 741 - currentUser := rp.oauth.GetMultiAccountUser(r) 741 741 + currentUser := rp.oauth.GetUser(r) 742 742 rkey := tid.TID() 743 743 createdAt := time.Now() 744 744 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 745 745 Collection: tangled.RepoCollaboratorNSID, 746 746 - Repo: currentUser.Active.Did, 746 746 + Repo: currentUser.Did, 747 747 Rkey: rkey, 748 748 Record: &lexutil.LexiconTypeDecoder{ 749 749 Val: &tangled.RepoCollaborator{ ··· 792 792 } 793 793 794 794 err = db.AddCollaborator(tx, models.Collaborator{ 795 795 - Did: syntax.DID(currentUser.Active.Did), 795 795 + Did: syntax.DID(currentUser.Did), 796 796 Rkey: rkey, 797 797 SubjectDid: collaboratorIdent.DID, 798 798 RepoAt: f.RepoAt(), ··· 822 822 } 823 823 824 824 func (rp *Repo) DeleteRepo(w http.ResponseWriter, r *http.Request) { 825 825 - user := rp.oauth.GetMultiAccountUser(r) 825 825 + user := rp.oauth.GetUser(r) 826 826 l := rp.logger.With("handler", "DeleteRepo") 827 827 828 828 noticeId := "operation-error" ··· 840 840 } 841 841 _, err = comatproto.RepoDeleteRecord(r.Context(), atpClient, &comatproto.RepoDeleteRecord_Input{ 842 842 Collection: tangled.RepoNSID, 843 843 - Repo: user.Active.Did, 843 843 + Repo: user.Did, 844 844 Rkey: f.Rkey, 845 845 }) 846 846 if err != nil { ··· 940 940 ref := chi.URLParam(r, "ref") 941 941 ref, _ = url.PathUnescape(ref) 942 942 943 943 - user := rp.oauth.GetMultiAccountUser(r) 943 943 + user := rp.oauth.GetUser(r) 944 944 f, err := rp.repoResolver.Resolve(r) 945 945 if err != nil { 946 946 l.Error("failed to resolve source repo", "err", err) ··· 969 969 r.Context(), 970 970 client, 971 971 &tangled.RepoForkSync_Input{ 972 972 - Did: user.Active.Did, 972 972 + Did: user.Did, 973 973 Name: f.Name, 974 974 Source: f.Source, 975 975 Branch: ref, ··· 988 988 func (rp *Repo) ForkRepo(w http.ResponseWriter, r *http.Request) { 989 989 l := rp.logger.With("handler", "ForkRepo") 990 990 991 991 - user := rp.oauth.GetMultiAccountUser(r) 991 991 + user := rp.oauth.GetUser(r) 992 992 f, err := rp.repoResolver.Resolve(r) 993 993 if err != nil { 994 994 l.Error("failed to resolve source repo", "err", err) ··· 997 997 998 998 switch r.Method { 999 999 case http.MethodGet: 1000 1000 - user := rp.oauth.GetMultiAccountUser(r) 1001 1001 - knots, err := rp.enforcer.GetKnotsForUser(user.Active.Did) 1000 1000 + user := rp.oauth.GetUser(r) 1001 1001 + knots, err := rp.enforcer.GetKnotsForUser(user.Did) 1002 1002 if err != nil { 1003 1003 rp.pages.Notice(w, "repo", "Invalid user account.") 1004 1004 return ··· 1020 1020 } 1021 1021 l = l.With("targetKnot", targetKnot) 1022 1022 1023 1023 - ok, err := rp.enforcer.E.Enforce(user.Active.Did, targetKnot, targetKnot, "repo:create") 1023 1023 + ok, err := rp.enforcer.E.Enforce(user.Did, targetKnot, targetKnot, "repo:create") 1024 1024 if err != nil || !ok { 1025 1025 rp.pages.Notice(w, "repo", "You do not have permission to create a repo in this knot.") 1026 1026 return ··· 1037 1037 // in the user's account. 1038 1038 existingRepo, err := db.GetRepo( 1039 1039 rp.db, 1040 1040 - orm.FilterEq("did", user.Active.Did), 1040 1040 + orm.FilterEq("did", user.Did), 1041 1041 orm.FilterEq("name", forkName), 1042 1042 ) 1043 1043 if err != nil { ··· 1066 1066 // create an atproto record for this fork 1067 1067 rkey := tid.TID() 1068 1068 repo := &models.Repo{ 1069 1069 - Did: user.Active.Did, 1069 1069 + Did: user.Did, 1070 1070 Name: forkName, 1071 1071 Knot: targetKnot, 1072 1072 Rkey: rkey, ··· 1086 1086 1087 1087 atresp, err := comatproto.RepoPutRecord(r.Context(), atpClient, &comatproto.RepoPutRecord_Input{ 1088 1088 Collection: tangled.RepoNSID, 1089 1089 - Repo: user.Active.Did, 1089 1089 + Repo: user.Did, 1090 1090 Rkey: rkey, 1091 1091 Record: &lexutil.LexiconTypeDecoder{ 1092 1092 Val: &record, ··· 1165 1165 } 1166 1166 1167 1167 // acls 1168 1168 - p, _ := securejoin.SecureJoin(user.Active.Did, forkName) 1169 1169 - err = rp.enforcer.AddRepo(user.Active.Did, targetKnot, p) 1168 1168 + p, _ := securejoin.SecureJoin(user.Did, forkName) 1169 1169 + err = rp.enforcer.AddRepo(user.Did, targetKnot, p) 1170 1170 if err != nil { 1171 1171 l.Error("failed to add ACLs", "err", err) 1172 1172 rp.pages.Notice(w, "repo", "Failed to set up repository permissions.") ··· 1191 1191 aturi = "" 1192 1192 1193 1193 rp.notifier.NewRepo(r.Context(), repo) 1194 1194 - rp.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Active.Did, forkName)) 1194 1194 + rp.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Did, forkName)) 1195 1195 } 1196 1196 } 1197 1197

+5 -5

appview/repo/settings.go

··· 79 79 } 80 80 81 81 func (rp *Repo) Secrets(w http.ResponseWriter, r *http.Request) { 82 82 - user := rp.oauth.GetMultiAccountUser(r) 82 82 + user := rp.oauth.GetUser(r) 83 83 l := rp.logger.With("handler", "Secrets") 84 84 - l = l.With("did", user.Active.Did) 84 84 + l = l.With("did", user.Did) 85 85 86 86 f, err := rp.repoResolver.Resolve(r) 87 87 if err != nil { ··· 185 185 l := rp.logger.With("handler", "generalSettings") 186 186 187 187 f, err := rp.repoResolver.Resolve(r) 188 188 - user := rp.oauth.GetMultiAccountUser(r) 188 188 + user := rp.oauth.GetUser(r) 189 189 190 190 scheme := "http" 191 191 if !rp.config.Core.Dev { ··· 271 271 l := rp.logger.With("handler", "accessSettings") 272 272 273 273 f, err := rp.repoResolver.Resolve(r) 274 274 - user := rp.oauth.GetMultiAccountUser(r) 274 274 + user := rp.oauth.GetUser(r) 275 275 276 276 collaborators, err := func(repo *models.Repo) ([]pages.Collaborator, error) { 277 277 repoCollaborators, err := rp.enforcer.E.GetImplicitUsersForResourceByDomain(repo.DidSlashRepo(), repo.Knot) ··· 318 318 l := rp.logger.With("handler", "pipelineSettings") 319 319 320 320 f, err := rp.repoResolver.Resolve(r) 321 321 - user := rp.oauth.GetMultiAccountUser(r) 321 321 + user := rp.oauth.GetUser(r) 322 322 323 323 // all spindles that the repo owner is a member of 324 324 spindles, err := rp.enforcer.GetSpindlesForUser(f.Did)

+1 -1

appview/repo/tags.go

··· 69 69 danglingArtifacts = append(danglingArtifacts, a) 70 70 } 71 71 } 72 72 - user := rp.oauth.GetMultiAccountUser(r) 72 72 + user := rp.oauth.GetUser(r) 73 73 rp.pages.RepoTags(w, pages.RepoTagsParams{ 74 74 LoggedInUser: user, 75 75 RepoInfo: rp.repoResolver.GetRepoInfo(r, user),

+1 -1

appview/repo/tree.go

··· 88 88 http.Redirect(w, r, redirectTo, http.StatusFound) 89 89 return 90 90 } 91 91 - user := rp.oauth.GetMultiAccountUser(r) 91 91 + user := rp.oauth.GetUser(r) 92 92 var breadcrumbs [][]string 93 93 breadcrumbs = append(breadcrumbs, []string{f.Name, fmt.Sprintf("/%s/tree/%s", ownerSlashRepo, url.PathEscape(ref))}) 94 94 if treePath != "" {

+5 -30

appview/reporesolver/resolver.go

··· 55 55 // 2. [x] remove `rr`, `CurrentDir`, `Ref` fields from `ResolvedRepo` 56 56 // 3. [x] remove `ResolvedRepo` 57 57 // 4. [ ] replace reporesolver to reposervice 58 58 - func (rr *RepoResolver) GetRepoInfo(r *http.Request, user *oauth.MultiAccountUser) repoinfo.RepoInfo { 58 58 + func (rr *RepoResolver) GetRepoInfo(r *http.Request, user *oauth.User) repoinfo.RepoInfo { 59 59 ownerId, ook := r.Context().Value("resolvedId").(identity.Identity) 60 60 repo, rok := r.Context().Value("repo").(*models.Repo) 61 61 if !ook || !rok { ··· 63 63 } 64 64 65 65 // get dir/ref 66 66 - currentDir := extractCurrentDir(r.URL.EscapedPath()) 66 66 + currentDir := path.Dir(extractPathAfterRef(r.URL.EscapedPath())) 67 67 ref := chi.URLParam(r, "ref") 68 68 69 69 repoAt := repo.RepoAt() 70 70 isStarred := false 71 71 roles := repoinfo.RolesInRepo{} 72 72 - if user != nil && user.Active != nil { 73 73 - isStarred = db.GetStarStatus(rr.execer, user.Active.Did, repoAt) 74 74 - roles.Roles = rr.enforcer.GetPermissionsInRepo(user.Active.Did, repo.Knot, repo.DidSlashRepo()) 72 72 + if user != nil { 73 73 + isStarred = db.GetStarStatus(rr.execer, user.Did, repoAt) 74 74 + roles.Roles = rr.enforcer.GetPermissionsInRepo(user.Did, repo.Knot, repo.DidSlashRepo()) 75 75 } 76 76 77 77 stats := repo.RepoStats ··· 130 130 } 131 131 132 132 return repoInfo 133 133 - } 134 134 - 135 135 - // extractCurrentDir gets the current directory for markdown link resolution. 136 136 - // for blob paths, returns the parent dir. for tree paths, returns the path itself. 137 137 - // 138 138 - // /@user/repo/blob/main/docs/README.md => docs 139 139 - // /@user/repo/tree/main/docs => docs 140 140 - func extractCurrentDir(fullPath string) string { 141 141 - fullPath = strings.TrimPrefix(fullPath, "/") 142 142 - 143 143 - blobPattern := regexp.MustCompile(`blob/[^/]+/(.*)$`) 144 144 - if matches := blobPattern.FindStringSubmatch(fullPath); len(matches) > 1 { 145 145 - return path.Dir(matches[1]) 146 146 - } 147 147 - 148 148 - treePattern := regexp.MustCompile(`tree/[^/]+/(.*)$`) 149 149 - if matches := treePattern.FindStringSubmatch(fullPath); len(matches) > 1 { 150 150 - dir := strings.TrimSuffix(matches[1], "/") 151 151 - if dir == "" { 152 152 - return "." 153 153 - } 154 154 - return dir 155 155 - } 156 156 - 157 157 - return "." 158 133 } 159 134 160 135 // extractPathAfterRef gets the actual repository path

-22

appview/reporesolver/resolver_test.go

··· 1 1 - package reporesolver 2 2 - 3 3 - import "testing" 4 4 - 5 5 - func TestExtractCurrentDir(t *testing.T) { 6 6 - tests := []struct { 7 7 - path string 8 8 - want string 9 9 - }{ 10 10 - {"/@user/repo/blob/main/docs/README.md", "docs"}, 11 11 - {"/@user/repo/blob/main/README.md", "."}, 12 12 - {"/@user/repo/tree/main/docs", "docs"}, 13 13 - {"/@user/repo/tree/main/docs/", "docs"}, 14 14 - {"/@user/repo/tree/main", "."}, 15 15 - } 16 16 - 17 17 - for _, tt := range tests { 18 18 - if got := extractCurrentDir(tt.path); got != tt.want { 19 19 - t.Errorf("extractCurrentDir(%q) = %q, want %q", tt.path, got, tt.want) 20 20 - } 21 21 - } 22 22 - }

+6 -6

appview/settings/settings.go

··· 81 81 } 82 82 83 83 func (s *Settings) profileSettings(w http.ResponseWriter, r *http.Request) { 84 84 - user := s.OAuth.GetMultiAccountUser(r) 84 84 + user := s.OAuth.GetUser(r) 85 85 86 86 s.Pages.UserProfileSettings(w, pages.UserProfileSettingsParams{ 87 87 LoggedInUser: user, ··· 91 91 } 92 92 93 93 func (s *Settings) notificationsSettings(w http.ResponseWriter, r *http.Request) { 94 94 - user := s.OAuth.GetMultiAccountUser(r) 94 94 + user := s.OAuth.GetUser(r) 95 95 did := s.OAuth.GetDid(r) 96 96 97 97 prefs, err := db.GetNotificationPreference(s.Db, did) ··· 137 137 } 138 138 139 139 func (s *Settings) keysSettings(w http.ResponseWriter, r *http.Request) { 140 140 - user := s.OAuth.GetMultiAccountUser(r) 141 141 - pubKeys, err := db.GetPublicKeysForDid(s.Db, user.Active.Did) 140 140 + user := s.OAuth.GetUser(r) 141 141 + pubKeys, err := db.GetPublicKeysForDid(s.Db, user.Did) 142 142 if err != nil { 143 143 log.Println(err) 144 144 } ··· 152 152 } 153 153 154 154 func (s *Settings) emailsSettings(w http.ResponseWriter, r *http.Request) { 155 155 - user := s.OAuth.GetMultiAccountUser(r) 156 156 - emails, err := db.GetAllEmails(s.Db, user.Active.Did) 155 155 + user := s.OAuth.GetUser(r) 156 156 + emails, err := db.GetAllEmails(s.Db, user.Did) 157 157 if err != nil { 158 158 log.Println(err) 159 159 }

+41 -41

appview/spindles/spindles.go

··· 69 69 } 70 70 71 71 func (s *Spindles) spindles(w http.ResponseWriter, r *http.Request) { 72 72 - user := s.OAuth.GetMultiAccountUser(r) 72 72 + user := s.OAuth.GetUser(r) 73 73 all, err := db.GetSpindles( 74 74 s.Db, 75 75 - orm.FilterEq("owner", user.Active.Did), 75 75 + orm.FilterEq("owner", user.Did), 76 76 ) 77 77 if err != nil { 78 78 s.Logger.Error("failed to fetch spindles", "err", err) ··· 91 91 func (s *Spindles) dashboard(w http.ResponseWriter, r *http.Request) { 92 92 l := s.Logger.With("handler", "dashboard") 93 93 94 94 - user := s.OAuth.GetMultiAccountUser(r) 95 95 - l = l.With("user", user.Active.Did) 94 94 + user := s.OAuth.GetUser(r) 95 95 + l = l.With("user", user.Did) 96 96 97 97 instance := chi.URLParam(r, "instance") 98 98 if instance == "" { ··· 103 103 spindles, err := db.GetSpindles( 104 104 s.Db, 105 105 orm.FilterEq("instance", instance), 106 106 - orm.FilterEq("owner", user.Active.Did), 106 106 + orm.FilterEq("owner", user.Did), 107 107 orm.FilterIsNot("verified", "null"), 108 108 ) 109 109 if err != nil || len(spindles) != 1 { ··· 155 155 // 156 156 // if the spindle is not up yet, the user is free to retry verification at a later point 157 157 func (s *Spindles) register(w http.ResponseWriter, r *http.Request) { 158 158 - user := s.OAuth.GetMultiAccountUser(r) 158 158 + user := s.OAuth.GetUser(r) 159 159 l := s.Logger.With("handler", "register") 160 160 161 161 noticeId := "register-error" ··· 176 176 return 177 177 } 178 178 l = l.With("instance", instance) 179 179 - l = l.With("user", user.Active.Did) 179 179 + l = l.With("user", user.Did) 180 180 181 181 tx, err := s.Db.Begin() 182 182 if err != nil { ··· 190 190 }() 191 191 192 192 err = db.AddSpindle(tx, models.Spindle{ 193 193 - Owner: syntax.DID(user.Active.Did), 193 193 + Owner: syntax.DID(user.Did), 194 194 Instance: instance, 195 195 }) 196 196 if err != nil { ··· 214 214 return 215 215 } 216 216 217 217 - ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.SpindleNSID, user.Active.Did, instance) 217 217 + ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.SpindleNSID, user.Did, instance) 218 218 var exCid *string 219 219 if ex != nil { 220 220 exCid = ex.Cid ··· 223 223 // re-announce by registering under same rkey 224 224 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 225 225 Collection: tangled.SpindleNSID, 226 226 - Repo: user.Active.Did, 226 226 + Repo: user.Did, 227 227 Rkey: instance, 228 228 Record: &lexutil.LexiconTypeDecoder{ 229 229 Val: &tangled.Spindle{ ··· 254 254 } 255 255 256 256 // begin verification 257 257 - err = serververify.RunVerification(r.Context(), instance, user.Active.Did, s.Config.Core.Dev) 257 257 + err = serververify.RunVerification(r.Context(), instance, user.Did, s.Config.Core.Dev) 258 258 if err != nil { 259 259 l.Error("verification failed", "err", err) 260 260 s.Pages.HxRefresh(w) 261 261 return 262 262 } 263 263 264 264 - _, err = serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Active.Did) 264 264 + _, err = serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Did) 265 265 if err != nil { 266 266 l.Error("failed to mark verified", "err", err) 267 267 s.Pages.HxRefresh(w) ··· 273 273 } 274 274 275 275 func (s *Spindles) delete(w http.ResponseWriter, r *http.Request) { 276 276 - user := s.OAuth.GetMultiAccountUser(r) 276 276 + user := s.OAuth.GetUser(r) 277 277 l := s.Logger.With("handler", "delete") 278 278 279 279 noticeId := "operation-error" ··· 291 291 292 292 spindles, err := db.GetSpindles( 293 293 s.Db, 294 294 - orm.FilterEq("owner", user.Active.Did), 294 294 + orm.FilterEq("owner", user.Did), 295 295 orm.FilterEq("instance", instance), 296 296 ) 297 297 if err != nil || len(spindles) != 1 { ··· 300 300 return 301 301 } 302 302 303 303 - if string(spindles[0].Owner) != user.Active.Did { 304 304 - l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner) 303 303 + if string(spindles[0].Owner) != user.Did { 304 304 + l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner) 305 305 s.Pages.Notice(w, noticeId, "Failed to delete spindle, unauthorized deletion attempt.") 306 306 return 307 307 } ··· 320 320 // remove spindle members first 321 321 err = db.RemoveSpindleMember( 322 322 tx, 323 323 - orm.FilterEq("did", user.Active.Did), 323 323 + orm.FilterEq("did", user.Did), 324 324 orm.FilterEq("instance", instance), 325 325 ) 326 326 if err != nil { ··· 331 331 332 332 err = db.DeleteSpindle( 333 333 tx, 334 334 - orm.FilterEq("owner", user.Active.Did), 334 334 + orm.FilterEq("owner", user.Did), 335 335 orm.FilterEq("instance", instance), 336 336 ) 337 337 if err != nil { ··· 359 359 360 360 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 361 361 Collection: tangled.SpindleNSID, 362 362 - Repo: user.Active.Did, 362 362 + Repo: user.Did, 363 363 Rkey: instance, 364 364 }) 365 365 if err != nil { ··· 391 391 } 392 392 393 393 func (s *Spindles) retry(w http.ResponseWriter, r *http.Request) { 394 394 - user := s.OAuth.GetMultiAccountUser(r) 394 394 + user := s.OAuth.GetUser(r) 395 395 l := s.Logger.With("handler", "retry") 396 396 397 397 noticeId := "operation-error" ··· 407 407 return 408 408 } 409 409 l = l.With("instance", instance) 410 410 - l = l.With("user", user.Active.Did) 410 410 + l = l.With("user", user.Did) 411 411 412 412 spindles, err := db.GetSpindles( 413 413 s.Db, 414 414 - orm.FilterEq("owner", user.Active.Did), 414 414 + orm.FilterEq("owner", user.Did), 415 415 orm.FilterEq("instance", instance), 416 416 ) 417 417 if err != nil || len(spindles) != 1 { ··· 420 420 return 421 421 } 422 422 423 423 - if string(spindles[0].Owner) != user.Active.Did { 424 424 - l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner) 423 423 + if string(spindles[0].Owner) != user.Did { 424 424 + l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner) 425 425 s.Pages.Notice(w, noticeId, "Failed to verify spindle, unauthorized verification attempt.") 426 426 return 427 427 } 428 428 429 429 // begin verification 430 430 - err = serververify.RunVerification(r.Context(), instance, user.Active.Did, s.Config.Core.Dev) 430 430 + err = serververify.RunVerification(r.Context(), instance, user.Did, s.Config.Core.Dev) 431 431 if err != nil { 432 432 l.Error("verification failed", "err", err) 433 433 ··· 445 445 return 446 446 } 447 447 448 448 - rowId, err := serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Active.Did) 448 448 + rowId, err := serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Did) 449 449 if err != nil { 450 450 l.Error("failed to mark verified", "err", err) 451 451 s.Pages.Notice(w, noticeId, err.Error()) ··· 473 473 } 474 474 475 475 func (s *Spindles) addMember(w http.ResponseWriter, r *http.Request) { 476 476 - user := s.OAuth.GetMultiAccountUser(r) 476 476 + user := s.OAuth.GetUser(r) 477 477 l := s.Logger.With("handler", "addMember") 478 478 479 479 instance := chi.URLParam(r, "instance") ··· 483 483 return 484 484 } 485 485 l = l.With("instance", instance) 486 486 - l = l.With("user", user.Active.Did) 486 486 + l = l.With("user", user.Did) 487 487 488 488 spindles, err := db.GetSpindles( 489 489 s.Db, 490 490 - orm.FilterEq("owner", user.Active.Did), 490 490 + orm.FilterEq("owner", user.Did), 491 491 orm.FilterEq("instance", instance), 492 492 ) 493 493 if err != nil || len(spindles) != 1 { ··· 502 502 s.Pages.Notice(w, noticeId, defaultErr) 503 503 } 504 504 505 505 - if string(spindles[0].Owner) != user.Active.Did { 506 506 - l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner) 505 505 + if string(spindles[0].Owner) != user.Did { 506 506 + l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner) 507 507 s.Pages.Notice(w, noticeId, "Failed to add member, unauthorized attempt.") 508 508 return 509 509 } ··· 552 552 553 553 // add member to db 554 554 if err = db.AddSpindleMember(tx, models.SpindleMember{ 555 555 - Did: syntax.DID(user.Active.Did), 555 555 + Did: syntax.DID(user.Did), 556 556 Rkey: rkey, 557 557 Instance: instance, 558 558 Subject: memberId.DID, ··· 570 570 571 571 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 572 572 Collection: tangled.SpindleMemberNSID, 573 573 - Repo: user.Active.Did, 573 573 + Repo: user.Did, 574 574 Rkey: rkey, 575 575 Record: &lexutil.LexiconTypeDecoder{ 576 576 Val: &tangled.SpindleMember{ ··· 603 603 } 604 604 605 605 func (s *Spindles) removeMember(w http.ResponseWriter, r *http.Request) { 606 606 - user := s.OAuth.GetMultiAccountUser(r) 606 606 + user := s.OAuth.GetUser(r) 607 607 l := s.Logger.With("handler", "removeMember") 608 608 609 609 noticeId := "operation-error" ··· 619 619 return 620 620 } 621 621 l = l.With("instance", instance) 622 622 - l = l.With("user", user.Active.Did) 622 622 + l = l.With("user", user.Did) 623 623 624 624 spindles, err := db.GetSpindles( 625 625 s.Db, 626 626 - orm.FilterEq("owner", user.Active.Did), 626 626 + orm.FilterEq("owner", user.Did), 627 627 orm.FilterEq("instance", instance), 628 628 ) 629 629 if err != nil || len(spindles) != 1 { ··· 632 632 return 633 633 } 634 634 635 635 - if string(spindles[0].Owner) != user.Active.Did { 636 636 - l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner) 635 635 + if string(spindles[0].Owner) != user.Did { 636 636 + l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner) 637 637 s.Pages.Notice(w, noticeId, "Failed to remove member, unauthorized attempt.") 638 638 return 639 639 } ··· 668 668 // get the record from the DB first: 669 669 members, err := db.GetSpindleMembers( 670 670 s.Db, 671 671 - orm.FilterEq("did", user.Active.Did), 671 671 + orm.FilterEq("did", user.Did), 672 672 orm.FilterEq("instance", instance), 673 673 orm.FilterEq("subject", memberId.DID), 674 674 ) ··· 681 681 // remove from db 682 682 if err = db.RemoveSpindleMember( 683 683 tx, 684 684 - orm.FilterEq("did", user.Active.Did), 684 684 + orm.FilterEq("did", user.Did), 685 685 orm.FilterEq("instance", instance), 686 686 orm.FilterEq("subject", memberId.DID), 687 687 ); err != nil { ··· 707 707 // remove from pds 708 708 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 709 709 Collection: tangled.SpindleMemberNSID, 710 710 - Repo: user.Active.Did, 710 710 + Repo: user.Did, 711 711 Rkey: members[0].Rkey, 712 712 }) 713 713 if err != nil {

-83

appview/state/accounts.go

··· 1 1 - package state 2 2 - 3 3 - import ( 4 4 - "net/http" 5 5 - 6 6 - "github.com/go-chi/chi/v5" 7 7 - ) 8 8 - 9 9 - func (s *State) SwitchAccount(w http.ResponseWriter, r *http.Request) { 10 10 - l := s.logger.With("handler", "SwitchAccount") 11 11 - 12 12 - if err := r.ParseForm(); err != nil { 13 13 - l.Error("failed to parse form", "err", err) 14 14 - http.Error(w, "invalid request", http.StatusBadRequest) 15 15 - return 16 16 - } 17 17 - 18 18 - did := r.FormValue("did") 19 19 - if did == "" { 20 20 - http.Error(w, "missing did", http.StatusBadRequest) 21 21 - return 22 22 - } 23 23 - 24 24 - if err := s.oauth.SwitchAccount(w, r, did); err != nil { 25 25 - l.Error("failed to switch account", "err", err) 26 26 - s.pages.HxRedirect(w, "/login?error=session") 27 27 - return 28 28 - } 29 29 - 30 30 - l.Info("switched account", "did", did) 31 31 - s.pages.HxRedirect(w, "/") 32 32 - } 33 33 - 34 34 - func (s *State) RemoveAccount(w http.ResponseWriter, r *http.Request) { 35 35 - l := s.logger.With("handler", "RemoveAccount") 36 36 - 37 37 - did := chi.URLParam(r, "did") 38 38 - if did == "" { 39 39 - http.Error(w, "missing did", http.StatusBadRequest) 40 40 - return 41 41 - } 42 42 - 43 43 - currentUser := s.oauth.GetMultiAccountUser(r) 44 44 - isCurrentAccount := currentUser != nil && currentUser.Active.Did == did 45 45 - 46 46 - var remainingAccounts []string 47 47 - if currentUser != nil { 48 48 - for _, acc := range currentUser.Accounts { 49 49 - if acc.Did != did { 50 50 - remainingAccounts = append(remainingAccounts, acc.Did) 51 51 - } 52 52 - } 53 53 - } 54 54 - 55 55 - if err := s.oauth.RemoveAccount(w, r, did); err != nil { 56 56 - l.Error("failed to remove account", "err", err) 57 57 - http.Error(w, "failed to remove account", http.StatusInternalServerError) 58 58 - return 59 59 - } 60 60 - 61 61 - l.Info("removed account", "did", did) 62 62 - 63 63 - if isCurrentAccount { 64 64 - if len(remainingAccounts) > 0 { 65 65 - nextDid := remainingAccounts[0] 66 66 - if err := s.oauth.SwitchAccount(w, r, nextDid); err != nil { 67 67 - l.Error("failed to switch to next account", "err", err) 68 68 - s.pages.HxRedirect(w, "/login") 69 69 - return 70 70 - } 71 71 - s.pages.HxRefresh(w) 72 72 - return 73 73 - } 74 74 - 75 75 - if err := s.oauth.DeleteSession(w, r); err != nil { 76 76 - l.Error("failed to delete session", "err", err) 77 77 - } 78 78 - s.pages.HxRedirect(w, "/login") 79 79 - return 80 80 - } 81 81 - 82 82 - s.pages.HxRefresh(w) 83 83 - }

+91

appview/state/favicon.go

··· 1 1 + package state 2 2 + 3 3 + import ( 4 4 + "bytes" 5 5 + "fmt" 6 6 + "html/template" 7 7 + "image" 8 8 + "image/color" 9 9 + "net/http" 10 10 + 11 11 + "github.com/srwiley/oksvg" 12 12 + "github.com/srwiley/rasterx" 13 13 + "golang.org/x/image/draw" 14 14 + "tangled.org/core/appview/pages" 15 15 + "tangled.org/core/ico" 16 16 + ) 17 17 + 18 18 + func (s *State) FaviconSvg(w http.ResponseWriter, r *http.Request) { 19 19 + w.Header().Set("Content-Type", "image/svg+xml") 20 20 + w.Header().Set("Cache-Control", "public, max-age=31536000") // one year 21 21 + w.Header().Set("ETag", `"favicon-svg-v1"`) 22 22 + 23 23 + if match := r.Header.Get("If-None-Match"); match == `"favicon-svg-v1"` { 24 24 + w.WriteHeader(http.StatusNotModified) 25 25 + return 26 26 + } 27 27 + 28 28 + s.pages.Favicon(w) 29 29 + } 30 30 + 31 31 + func (s *State) FaviconIco(w http.ResponseWriter, r *http.Request) { 32 32 + w.Header().Set("Content-Type", "image/x-icon") 33 33 + w.Header().Set("Cache-Control", "public, max-age=31536000") // one year 34 34 + w.Header().Set("ETag", `"favicon-ico-v1"`) 35 35 + 36 36 + if match := r.Header.Get("If-None-Match"); match == `"favicon-ico-v1"` { 37 37 + w.WriteHeader(http.StatusNotModified) 38 38 + return 39 39 + } 40 40 + 41 41 + ico, err := dollyIco() 42 42 + if err != nil { 43 43 + s.logger.Error("failed to render ico", "err", err) 44 44 + w.WriteHeader(http.StatusNotFound) 45 45 + return 46 46 + } 47 47 + 48 48 + w.Write(ico) 49 49 + } 50 50 + 51 51 + func dollyIco() ([]byte, error) { 52 52 + // first, get the bytes from the svg 53 53 + tpl, err := template.New("dolly"). 54 54 + ParseFS(pages.Files, "templates/fragments/dolly/silhouette.html") 55 55 + if err != nil { 56 56 + return nil, err 57 57 + } 58 58 + 59 59 + var svgData bytes.Buffer 60 60 + if err := tpl.ExecuteTemplate(&svgData, "fragments/dolly/silhouette", "#000000"); err != nil { 61 61 + return nil, err 62 62 + } 63 63 + 64 64 + img, err := svgToImage(svgData.Bytes(), 48, 48) 65 65 + if err != nil { 66 66 + return nil, err 67 67 + } 68 68 + 69 69 + ico, err := ico.ImageToIco(img) 70 70 + if err != nil { 71 71 + return nil, err 72 72 + } 73 73 + 74 74 + return ico, nil 75 75 + } 76 76 + 77 77 + func svgToImage(svgData []byte, w, h int) (image.Image, error) { 78 78 + icon, err := oksvg.ReadIconStream(bytes.NewReader(svgData)) 79 79 + if err != nil { 80 80 + return nil, fmt.Errorf("error parsing SVG: %v", err) 81 81 + } 82 82 + 83 83 + icon.SetTarget(0, 0, float64(w), float64(h)) 84 84 + rgba := image.NewRGBA(image.Rect(0, 0, w, h)) 85 85 + draw.Draw(rgba, rgba.Bounds(), &image.Uniform{color.Transparent}, image.Point{}, draw.Src) 86 86 + scanner := rasterx.NewScannerGV(w, h, rgba, rgba.Bounds()) 87 87 + raster := rasterx.NewDasher(w, h, scanner) 88 88 + icon.Draw(raster, 1.0) 89 89 + 90 90 + return rgba, nil 91 91 + }

+7 -7

appview/state/follow.go

··· 15 15 ) 16 16 17 17 func (s *State) Follow(w http.ResponseWriter, r *http.Request) { 18 18 - currentUser := s.oauth.GetMultiAccountUser(r) 18 18 + currentUser := s.oauth.GetUser(r) 19 19 20 20 subject := r.URL.Query().Get("subject") 21 21 if subject == "" { ··· 29 29 return 30 30 } 31 31 32 32 - if currentUser.Active.Did == subjectIdent.DID.String() { 32 32 + if currentUser.Did == subjectIdent.DID.String() { 33 33 log.Println("cant follow or unfollow yourself") 34 34 return 35 35 } ··· 46 46 rkey := tid.TID() 47 47 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 48 48 Collection: tangled.GraphFollowNSID, 49 49 - Repo: currentUser.Active.Did, 49 49 + Repo: currentUser.Did, 50 50 Rkey: rkey, 51 51 Record: &lexutil.LexiconTypeDecoder{ 52 52 Val: &tangled.GraphFollow{ ··· 62 62 log.Println("created atproto record: ", resp.Uri) 63 63 64 64 follow := &models.Follow{ 65 65 - UserDid: currentUser.Active.Did, 65 65 + UserDid: currentUser.Did, 66 66 SubjectDid: subjectIdent.DID.String(), 67 67 Rkey: rkey, 68 68 } ··· 83 83 return 84 84 case http.MethodDelete: 85 85 // find the record in the db 86 86 - follow, err := db.GetFollow(s.db, currentUser.Active.Did, subjectIdent.DID.String()) 86 86 + follow, err := db.GetFollow(s.db, currentUser.Did, subjectIdent.DID.String()) 87 87 if err != nil { 88 88 log.Println("failed to get follow relationship") 89 89 return ··· 91 91 92 92 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 93 93 Collection: tangled.GraphFollowNSID, 94 94 - Repo: currentUser.Active.Did, 94 94 + Repo: currentUser.Did, 95 95 Rkey: follow.Rkey, 96 96 }) 97 97 ··· 100 100 return 101 101 } 102 102 103 103 - err = db.DeleteFollowByRkey(s.db, currentUser.Active.Did, follow.Rkey) 103 103 + err = db.DeleteFollowByRkey(s.db, currentUser.Did, follow.Rkey) 104 104 if err != nil { 105 105 log.Println("failed to delete follow from DB") 106 106 // this is not an issue, the firehose event might have already done this

+1 -1

appview/state/gfi.go

··· 15 15 ) 16 16 17 17 func (s *State) GoodFirstIssues(w http.ResponseWriter, r *http.Request) { 18 18 - user := s.oauth.GetMultiAccountUser(r) 18 18 + user := s.oauth.GetUser(r) 19 19 20 20 page := pagination.FromContext(r.Context()) 21 21

+7 -57

appview/state/login.go

··· 5 5 "net/http" 6 6 "strings" 7 7 8 8 - "tangled.org/core/appview/oauth" 9 8 "tangled.org/core/appview/pages" 10 9 ) 11 10 ··· 16 15 case http.MethodGet: 17 16 returnURL := r.URL.Query().Get("return_url") 18 17 errorCode := r.URL.Query().Get("error") 19 19 - addAccount := r.URL.Query().Get("mode") == "add_account" 20 20 - 21 21 - user := s.oauth.GetMultiAccountUser(r) 22 22 - if user == nil { 23 23 - registry := s.oauth.GetAccounts(r) 24 24 - if len(registry.Accounts) > 0 { 25 25 - user = &oauth.MultiAccountUser{ 26 26 - Active: nil, 27 27 - Accounts: registry.Accounts, 28 28 - } 29 29 - } 30 30 - } 31 18 s.pages.Login(w, pages.LoginParams{ 32 32 - ReturnUrl: returnURL, 33 33 - ErrorCode: errorCode, 34 34 - AddAccount: addAccount, 35 35 - LoggedInUser: user, 19 19 + ReturnUrl: returnURL, 20 20 + ErrorCode: errorCode, 36 21 }) 37 22 case http.MethodPost: 38 23 handle := r.FormValue("handle") 39 39 - returnURL := r.FormValue("return_url") 40 40 - addAccount := r.FormValue("add_account") == "true" 41 24 42 25 // when users copy their handle from bsky.app, it tends to have these characters around it: 43 26 // ··· 61 44 return 62 45 } 63 46 64 64 - if err := s.oauth.SetAuthReturn(w, r, returnURL, addAccount); err != nil { 65 65 - l.Error("failed to set auth return", "err", err) 66 66 - } 67 67 - 68 47 redirectURL, err := s.oauth.ClientApp.StartAuthFlow(r.Context(), handle) 69 48 if err != nil { 70 49 l.Error("failed to start auth", "err", err) ··· 79 58 func (s *State) Logout(w http.ResponseWriter, r *http.Request) { 80 59 l := s.logger.With("handler", "Logout") 81 60 82 82 - currentUser := s.oauth.GetMultiAccountUser(r) 83 83 - if currentUser == nil || currentUser.Active == nil { 84 84 - s.pages.HxRedirect(w, "/login") 85 85 - return 86 86 - } 87 87 - 88 88 - currentDid := currentUser.Active.Did 89 89 - 90 90 - var remainingAccounts []string 91 91 - for _, acc := range currentUser.Accounts { 92 92 - if acc.Did != currentDid { 93 93 - remainingAccounts = append(remainingAccounts, acc.Did) 94 94 - } 95 95 - } 96 96 - 97 97 - if err := s.oauth.RemoveAccount(w, r, currentDid); err != nil { 98 98 - l.Error("failed to remove account from registry", "err", err) 99 99 - } 100 100 - 101 101 - if err := s.oauth.DeleteSession(w, r); err != nil { 102 102 - l.Error("failed to delete session", "err", err) 103 103 - } 104 104 - 105 105 - if len(remainingAccounts) > 0 { 106 106 - nextDid := remainingAccounts[0] 107 107 - if err := s.oauth.SwitchAccount(w, r, nextDid); err != nil { 108 108 - l.Error("failed to switch to next account", "err", err) 109 109 - s.pages.HxRedirect(w, "/login") 110 110 - return 111 111 - } 112 112 - l.Info("switched to next account after logout", "did", nextDid) 113 113 - s.pages.HxRefresh(w) 114 114 - return 61 61 + err := s.oauth.DeleteSession(w, r) 62 62 + if err != nil { 63 63 + l.Error("failed to logout", "err", err) 64 64 + } else { 65 65 + l.Info("logged out successfully") 115 66 } 116 67 117 117 - l.Info("logged out last account") 118 68 s.pages.HxRedirect(w, "/login") 119 69 }

+32 -32

appview/state/profile.go

··· 77 77 return nil, fmt.Errorf("failed to get follower stats: %w", err) 78 78 } 79 79 80 80 - loggedInUser := s.oauth.GetMultiAccountUser(r) 80 80 + loggedInUser := s.oauth.GetUser(r) 81 81 followStatus := models.IsNotFollowing 82 82 if loggedInUser != nil { 83 83 - followStatus = db.GetFollowStatus(s.db, loggedInUser.Active.Did, did) 83 83 + followStatus = db.GetFollowStatus(s.db, loggedInUser.Did, did) 84 84 } 85 85 86 86 now := time.Now() ··· 174 174 } 175 175 176 176 s.pages.ProfileOverview(w, pages.ProfileOverviewParams{ 177 177 - LoggedInUser: s.oauth.GetMultiAccountUser(r), 177 177 + LoggedInUser: s.oauth.GetUser(r), 178 178 Card: profile, 179 179 Repos: pinnedRepos, 180 180 CollaboratingRepos: pinnedCollaboratingRepos, ··· 205 205 } 206 206 207 207 err = s.pages.ProfileRepos(w, pages.ProfileReposParams{ 208 208 - LoggedInUser: s.oauth.GetMultiAccountUser(r), 208 208 + LoggedInUser: s.oauth.GetUser(r), 209 209 Repos: repos, 210 210 Card: profile, 211 211 }) ··· 234 234 } 235 235 236 236 err = s.pages.ProfileStarred(w, pages.ProfileStarredParams{ 237 237 - LoggedInUser: s.oauth.GetMultiAccountUser(r), 237 237 + LoggedInUser: s.oauth.GetUser(r), 238 238 Repos: repos, 239 239 Card: profile, 240 240 }) ··· 259 259 } 260 260 261 261 err = s.pages.ProfileStrings(w, pages.ProfileStringsParams{ 262 262 - LoggedInUser: s.oauth.GetMultiAccountUser(r), 262 262 + LoggedInUser: s.oauth.GetUser(r), 263 263 Strings: strings, 264 264 Card: profile, 265 265 }) ··· 283 283 } 284 284 l = l.With("profileDid", profile.UserDid) 285 285 286 286 - loggedInUser := s.oauth.GetMultiAccountUser(r) 286 286 + loggedInUser := s.oauth.GetUser(r) 287 287 params := FollowsPageParams{ 288 288 Card: profile, 289 289 } ··· 316 316 317 317 loggedInUserFollowing := make(map[string]struct{}) 318 318 if loggedInUser != nil { 319 319 - following, err := db.GetFollowing(s.db, loggedInUser.Active.Did) 319 319 + following, err := db.GetFollowing(s.db, loggedInUser.Did) 320 320 if err != nil { 321 321 - l.Error("failed to get follow list", "err", err, "loggedInUser", loggedInUser.Active.Did) 321 321 + l.Error("failed to get follow list", "err", err, "loggedInUser", loggedInUser.Did) 322 322 return &params, err 323 323 } 324 324 loggedInUserFollowing = make(map[string]struct{}, len(following)) ··· 333 333 followStatus := models.IsNotFollowing 334 334 if _, exists := loggedInUserFollowing[did]; exists { 335 335 followStatus = models.IsFollowing 336 336 - } else if loggedInUser != nil && loggedInUser.Active.Did == did { 336 336 + } else if loggedInUser != nil && loggedInUser.Did == did { 337 337 followStatus = models.IsSelf 338 338 } 339 339 ··· 367 367 } 368 368 369 369 s.pages.ProfileFollowers(w, pages.ProfileFollowersParams{ 370 370 - LoggedInUser: s.oauth.GetMultiAccountUser(r), 370 370 + LoggedInUser: s.oauth.GetUser(r), 371 371 Followers: followPage.Follows, 372 372 Card: followPage.Card, 373 373 }) ··· 381 381 } 382 382 383 383 s.pages.ProfileFollowing(w, pages.ProfileFollowingParams{ 384 384 - LoggedInUser: s.oauth.GetMultiAccountUser(r), 384 384 + LoggedInUser: s.oauth.GetUser(r), 385 385 Following: followPage.Follows, 386 386 Card: followPage.Card, 387 387 }) ··· 530 530 } 531 531 532 532 func (s *State) UpdateProfileBio(w http.ResponseWriter, r *http.Request) { 533 533 - user := s.oauth.GetMultiAccountUser(r) 533 533 + user := s.oauth.GetUser(r) 534 534 535 535 err := r.ParseForm() 536 536 if err != nil { ··· 539 539 return 540 540 } 541 541 542 542 - profile, err := db.GetProfile(s.db, user.Active.Did) 542 542 + profile, err := db.GetProfile(s.db, user.Did) 543 543 if err != nil { 544 544 - log.Printf("getting profile data for %s: %s", user.Active.Did, err) 544 544 + log.Printf("getting profile data for %s: %s", user.Did, err) 545 545 } 546 546 547 547 profile.Description = r.FormValue("description") ··· 578 578 } 579 579 580 580 func (s *State) UpdateProfilePins(w http.ResponseWriter, r *http.Request) { 581 581 - user := s.oauth.GetMultiAccountUser(r) 581 581 + user := s.oauth.GetUser(r) 582 582 583 583 err := r.ParseForm() 584 584 if err != nil { ··· 587 587 return 588 588 } 589 589 590 590 - profile, err := db.GetProfile(s.db, user.Active.Did) 590 590 + profile, err := db.GetProfile(s.db, user.Did) 591 591 if err != nil { 592 592 - log.Printf("getting profile data for %s: %s", user.Active.Did, err) 592 592 + log.Printf("getting profile data for %s: %s", user.Did, err) 593 593 } 594 594 595 595 i := 0 ··· 617 617 } 618 618 619 619 func (s *State) updateProfile(profile *models.Profile, w http.ResponseWriter, r *http.Request) { 620 620 - user := s.oauth.GetMultiAccountUser(r) 620 620 + user := s.oauth.GetUser(r) 621 621 tx, err := s.db.BeginTx(r.Context(), nil) 622 622 if err != nil { 623 623 log.Println("failed to start transaction", err) ··· 644 644 vanityStats = append(vanityStats, string(v.Kind)) 645 645 } 646 646 647 647 - ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Active.Did, "self") 647 647 + ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Did, "self") 648 648 var cid *string 649 649 if ex != nil { 650 650 cid = ex.Cid ··· 652 652 653 653 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 654 654 Collection: tangled.ActorProfileNSID, 655 655 - Repo: user.Active.Did, 655 655 + Repo: user.Did, 656 656 Rkey: "self", 657 657 Record: &lexutil.LexiconTypeDecoder{ 658 658 Val: &tangled.ActorProfile{ ··· 681 681 682 682 s.notifier.UpdateProfile(r.Context(), profile) 683 683 684 684 - s.pages.HxRedirect(w, "/"+user.Active.Did) 684 684 + s.pages.HxRedirect(w, "/"+user.Did) 685 685 } 686 686 687 687 func (s *State) EditBioFragment(w http.ResponseWriter, r *http.Request) { 688 688 - user := s.oauth.GetMultiAccountUser(r) 688 688 + user := s.oauth.GetUser(r) 689 689 690 690 - profile, err := db.GetProfile(s.db, user.Active.Did) 690 690 + profile, err := db.GetProfile(s.db, user.Did) 691 691 if err != nil { 692 692 - log.Printf("getting profile data for %s: %s", user.Active.Did, err) 692 692 + log.Printf("getting profile data for %s: %s", user.Did, err) 693 693 } 694 694 695 695 s.pages.EditBioFragment(w, pages.EditBioParams{ ··· 699 699 } 700 700 701 701 func (s *State) EditPinsFragment(w http.ResponseWriter, r *http.Request) { 702 702 - user := s.oauth.GetMultiAccountUser(r) 702 702 + user := s.oauth.GetUser(r) 703 703 704 704 - profile, err := db.GetProfile(s.db, user.Active.Did) 704 704 + profile, err := db.GetProfile(s.db, user.Did) 705 705 if err != nil { 706 706 - log.Printf("getting profile data for %s: %s", user.Active.Did, err) 706 706 + log.Printf("getting profile data for %s: %s", user.Did, err) 707 707 } 708 708 709 709 - repos, err := db.GetRepos(s.db, 0, orm.FilterEq("did", user.Active.Did)) 709 709 + repos, err := db.GetRepos(s.db, 0, orm.FilterEq("did", user.Did)) 710 710 if err != nil { 711 711 - log.Printf("getting repos for %s: %s", user.Active.Did, err) 711 711 + log.Printf("getting repos for %s: %s", user.Did, err) 712 712 } 713 713 714 714 - collaboratingRepos, err := db.CollaboratingIn(s.db, user.Active.Did) 714 714 + collaboratingRepos, err := db.CollaboratingIn(s.db, user.Did) 715 715 if err != nil { 716 716 - log.Printf("getting collaborating repos for %s: %s", user.Active.Did, err) 716 716 + log.Printf("getting collaborating repos for %s: %s", user.Did, err) 717 717 } 718 718 719 719 allRepos := []pages.PinnedRepo{}

+7 -7

appview/state/reaction.go

··· 17 17 ) 18 18 19 19 func (s *State) React(w http.ResponseWriter, r *http.Request) { 20 20 - currentUser := s.oauth.GetMultiAccountUser(r) 20 20 + currentUser := s.oauth.GetUser(r) 21 21 22 22 subject := r.URL.Query().Get("subject") 23 23 if subject == "" { ··· 49 49 rkey := tid.TID() 50 50 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 51 51 Collection: tangled.FeedReactionNSID, 52 52 - Repo: currentUser.Active.Did, 52 52 + Repo: currentUser.Did, 53 53 Rkey: rkey, 54 54 Record: &lexutil.LexiconTypeDecoder{ 55 55 Val: &tangled.FeedReaction{ ··· 64 64 return 65 65 } 66 66 67 67 - err = db.AddReaction(s.db, currentUser.Active.Did, subjectUri, reactionKind, rkey) 67 67 + err = db.AddReaction(s.db, currentUser.Did, subjectUri, reactionKind, rkey) 68 68 if err != nil { 69 69 log.Println("failed to react", err) 70 70 return ··· 87 87 88 88 return 89 89 case http.MethodDelete: 90 90 - reaction, err := db.GetReaction(s.db, currentUser.Active.Did, subjectUri, reactionKind) 90 90 + reaction, err := db.GetReaction(s.db, currentUser.Did, subjectUri, reactionKind) 91 91 if err != nil { 92 92 - log.Println("failed to get reaction relationship for", currentUser.Active.Did, subjectUri) 92 92 + log.Println("failed to get reaction relationship for", currentUser.Did, subjectUri) 93 93 return 94 94 } 95 95 96 96 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 97 97 Collection: tangled.FeedReactionNSID, 98 98 - Repo: currentUser.Active.Did, 98 98 + Repo: currentUser.Did, 99 99 Rkey: reaction.Rkey, 100 100 }) 101 101 ··· 104 104 return 105 105 } 106 106 107 107 - err = db.DeleteReactionByRkey(s.db, currentUser.Active.Did, reaction.Rkey) 107 107 + err = db.DeleteReactionByRkey(s.db, currentUser.Did, reaction.Rkey) 108 108 if err != nil { 109 109 log.Println("failed to delete reaction from DB") 110 110 // this is not an issue, the firehose event might have already done this

+2 -7

appview/state/router.go

··· 32 32 s.pages, 33 33 ) 34 34 35 35 - router.Get("/favicon.svg", s.Favicon) 36 36 - router.Get("/favicon.ico", s.Favicon) 35 35 + router.Get("/favicon.svg", s.FaviconSvg) 36 36 + router.Get("/favicon.ico", s.FaviconIco) 37 37 router.Get("/pwa-manifest.json", s.PWAManifest) 38 38 router.Get("/robots.txt", s.RobotsTxt) 39 39 ··· 131 131 r.Get("/login", s.Login) 132 132 r.Post("/login", s.Login) 133 133 r.Post("/logout", s.Logout) 134 134 - 135 135 - r.With(middleware.AuthMiddleware(s.oauth)).Route("/account", func(r chi.Router) { 136 136 - r.Post("/switch", s.SwitchAccount) 137 137 - r.Delete("/{did}", s.RemoveAccount) 138 138 - }) 139 134 140 135 r.Route("/repo", func(r chi.Router) { 141 136 r.Route("/new", func(r chi.Router) {

+6 -6

appview/state/star.go

··· 16 16 ) 17 17 18 18 func (s *State) Star(w http.ResponseWriter, r *http.Request) { 19 19 - currentUser := s.oauth.GetMultiAccountUser(r) 19 19 + currentUser := s.oauth.GetUser(r) 20 20 21 21 subject := r.URL.Query().Get("subject") 22 22 if subject == "" { ··· 42 42 rkey := tid.TID() 43 43 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 44 44 Collection: tangled.FeedStarNSID, 45 45 - Repo: currentUser.Active.Did, 45 45 + Repo: currentUser.Did, 46 46 Rkey: rkey, 47 47 Record: &lexutil.LexiconTypeDecoder{ 48 48 Val: &tangled.FeedStar{ ··· 57 57 log.Println("created atproto record: ", resp.Uri) 58 58 59 59 star := &models.Star{ 60 60 - Did: currentUser.Active.Did, 60 60 + Did: currentUser.Did, 61 61 RepoAt: subjectUri, 62 62 Rkey: rkey, 63 63 } ··· 84 84 return 85 85 case http.MethodDelete: 86 86 // find the record in the db 87 87 - star, err := db.GetStar(s.db, currentUser.Active.Did, subjectUri) 87 87 + star, err := db.GetStar(s.db, currentUser.Did, subjectUri) 88 88 if err != nil { 89 89 log.Println("failed to get star relationship") 90 90 return ··· 92 92 93 93 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 94 94 Collection: tangled.FeedStarNSID, 95 95 - Repo: currentUser.Active.Did, 95 95 + Repo: currentUser.Did, 96 96 Rkey: star.Rkey, 97 97 }) 98 98 ··· 101 101 return 102 102 } 103 103 104 104 - err = db.DeleteStarByRkey(s.db, currentUser.Active.Did, star.Rkey) 104 104 + err = db.DeleteStarByRkey(s.db, currentUser.Did, star.Rkey) 105 105 if err != nil { 106 106 log.Println("failed to delete star from DB") 107 107 // this is not an issue, the firehose event might have already done this

+22 -35

appview/state/state.go

··· 202 202 return s.db.Close() 203 203 } 204 204 205 205 - func (s *State) Favicon(w http.ResponseWriter, r *http.Request) { 206 206 - w.Header().Set("Content-Type", "image/svg+xml") 207 207 - w.Header().Set("Cache-Control", "public, max-age=31536000") // one year 208 208 - w.Header().Set("ETag", `"favicon-svg-v1"`) 209 209 - 210 210 - if match := r.Header.Get("If-None-Match"); match == `"favicon-svg-v1"` { 211 211 - w.WriteHeader(http.StatusNotModified) 212 212 - return 213 213 - } 214 214 - 215 215 - s.pages.Favicon(w) 216 216 - } 217 217 - 218 205 func (s *State) RobotsTxt(w http.ResponseWriter, r *http.Request) { 219 206 w.Header().Set("Content-Type", "text/plain") 220 207 w.Header().Set("Cache-Control", "public, max-age=86400") // one day ··· 249 236 } 250 237 251 238 func (s *State) TermsOfService(w http.ResponseWriter, r *http.Request) { 252 252 - user := s.oauth.GetMultiAccountUser(r) 239 239 + user := s.oauth.GetUser(r) 253 240 s.pages.TermsOfService(w, pages.TermsOfServiceParams{ 254 241 LoggedInUser: user, 255 242 }) 256 243 } 257 244 258 245 func (s *State) PrivacyPolicy(w http.ResponseWriter, r *http.Request) { 259 259 - user := s.oauth.GetMultiAccountUser(r) 246 246 + user := s.oauth.GetUser(r) 260 247 s.pages.PrivacyPolicy(w, pages.PrivacyPolicyParams{ 261 248 LoggedInUser: user, 262 249 }) 263 250 } 264 251 265 252 func (s *State) Brand(w http.ResponseWriter, r *http.Request) { 266 266 - user := s.oauth.GetMultiAccountUser(r) 253 253 + user := s.oauth.GetUser(r) 267 254 s.pages.Brand(w, pages.BrandParams{ 268 255 LoggedInUser: user, 269 256 }) 270 257 } 271 258 272 259 func (s *State) HomeOrTimeline(w http.ResponseWriter, r *http.Request) { 273 273 - if s.oauth.GetMultiAccountUser(r) != nil { 260 260 + if s.oauth.GetUser(r) != nil { 274 261 s.Timeline(w, r) 275 262 return 276 263 } ··· 278 265 } 279 266 280 267 func (s *State) Timeline(w http.ResponseWriter, r *http.Request) { 281 281 - user := s.oauth.GetMultiAccountUser(r) 268 268 + user := s.oauth.GetUser(r) 282 269 283 270 // TODO: set this flag based on the UI 284 271 filtered := false 285 272 286 273 var userDid string 287 287 - if user != nil && user.Active != nil { 288 288 - userDid = user.Active.Did 274 274 + if user != nil { 275 275 + userDid = user.Did 289 276 } 290 277 timeline, err := db.MakeTimeline(s.db, 50, userDid, filtered) 291 278 if err != nil { ··· 314 301 } 315 302 316 303 func (s *State) UpgradeBanner(w http.ResponseWriter, r *http.Request) { 317 317 - user := s.oauth.GetMultiAccountUser(r) 304 304 + user := s.oauth.GetUser(r) 318 305 if user == nil { 319 306 return 320 307 } 321 308 322 309 l := s.logger.With("handler", "UpgradeBanner") 323 323 - l = l.With("did", user.Active.Did) 310 310 + l = l.With("did", user.Did) 324 311 325 312 regs, err := db.GetRegistrations( 326 313 s.db, 327 327 - orm.FilterEq("did", user.Active.Did), 314 314 + orm.FilterEq("did", user.Did), 328 315 orm.FilterEq("needs_upgrade", 1), 329 316 ) 330 317 if err != nil { ··· 333 320 334 321 spindles, err := db.GetSpindles( 335 322 s.db, 336 336 - orm.FilterEq("owner", user.Active.Did), 323 323 + orm.FilterEq("owner", user.Did), 337 324 orm.FilterEq("needs_upgrade", 1), 338 325 ) 339 326 if err != nil { ··· 447 434 func (s *State) NewRepo(w http.ResponseWriter, r *http.Request) { 448 435 switch r.Method { 449 436 case http.MethodGet: 450 450 - user := s.oauth.GetMultiAccountUser(r) 451 451 - knots, err := s.enforcer.GetKnotsForUser(user.Active.Did) 437 437 + user := s.oauth.GetUser(r) 438 438 + knots, err := s.enforcer.GetKnotsForUser(user.Did) 452 439 if err != nil { 453 440 s.pages.Notice(w, "repo", "Invalid user account.") 454 441 return ··· 462 449 case http.MethodPost: 463 450 l := s.logger.With("handler", "NewRepo") 464 451 465 465 - user := s.oauth.GetMultiAccountUser(r) 466 466 - l = l.With("did", user.Active.Did) 452 452 + user := s.oauth.GetUser(r) 453 453 + l = l.With("did", user.Did) 467 454 468 455 // form validation 469 456 domain := r.FormValue("domain") ··· 495 482 description := r.FormValue("description") 496 483 497 484 // ACL validation 498 498 - ok, err := s.enforcer.E.Enforce(user.Active.Did, domain, domain, "repo:create") 485 485 + ok, err := s.enforcer.E.Enforce(user.Did, domain, domain, "repo:create") 499 486 if err != nil || !ok { 500 487 l.Info("unauthorized") 501 488 s.pages.Notice(w, "repo", "You do not have permission to create a repo in this knot.") ··· 505 492 // Check for existing repos 506 493 existingRepo, err := db.GetRepo( 507 494 s.db, 508 508 - orm.FilterEq("did", user.Active.Did), 495 495 + orm.FilterEq("did", user.Did), 509 496 orm.FilterEq("name", repoName), 510 497 ) 511 498 if err == nil && existingRepo != nil { ··· 517 504 // create atproto record for this repo 518 505 rkey := tid.TID() 519 506 repo := &models.Repo{ 520 520 - Did: user.Active.Did, 507 507 + Did: user.Did, 521 508 Name: repoName, 522 509 Knot: domain, 523 510 Rkey: rkey, ··· 536 523 537 524 atresp, err := comatproto.RepoPutRecord(r.Context(), atpClient, &comatproto.RepoPutRecord_Input{ 538 525 Collection: tangled.RepoNSID, 539 539 - Repo: user.Active.Did, 526 526 + Repo: user.Did, 540 527 Rkey: rkey, 541 528 Record: &lexutil.LexiconTypeDecoder{ 542 529 Val: &record, ··· 613 600 } 614 601 615 602 // acls 616 616 - p, _ := securejoin.SecureJoin(user.Active.Did, repoName) 617 617 - err = s.enforcer.AddRepo(user.Active.Did, domain, p) 603 603 + p, _ := securejoin.SecureJoin(user.Did, repoName) 604 604 + err = s.enforcer.AddRepo(user.Did, domain, p) 618 605 if err != nil { 619 606 l.Error("acl setup failed", "err", err) 620 607 s.pages.Notice(w, "repo", "Failed to set up repository permissions.") ··· 639 626 aturi = "" 640 627 641 628 s.notifier.NewRepo(r.Context(), repo) 642 642 - s.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Active.Did, repoName)) 629 629 + s.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Did, repoName)) 643 630 } 644 631 } 645 632

+19 -19

appview/strings/strings.go

··· 82 82 } 83 83 84 84 s.Pages.StringsTimeline(w, pages.StringTimelineParams{ 85 85 - LoggedInUser: s.OAuth.GetMultiAccountUser(r), 85 85 + LoggedInUser: s.OAuth.GetUser(r), 86 86 Strings: strings, 87 87 }) 88 88 } ··· 153 153 if err != nil { 154 154 l.Error("failed to get star count", "err", err) 155 155 } 156 156 - user := s.OAuth.GetMultiAccountUser(r) 156 156 + user := s.OAuth.GetUser(r) 157 157 isStarred := false 158 158 if user != nil { 159 159 - isStarred = db.GetStarStatus(s.Db, user.Active.Did, string.AtUri()) 159 159 + isStarred = db.GetStarStatus(s.Db, user.Did, string.AtUri()) 160 160 } 161 161 162 162 s.Pages.SingleString(w, pages.SingleStringParams{ ··· 178 178 func (s *Strings) edit(w http.ResponseWriter, r *http.Request) { 179 179 l := s.Logger.With("handler", "edit") 180 180 181 181 - user := s.OAuth.GetMultiAccountUser(r) 181 181 + user := s.OAuth.GetUser(r) 182 182 183 183 id, ok := r.Context().Value("resolvedId").(identity.Identity) 184 184 if !ok { ··· 216 216 first := all[0] 217 217 218 218 // verify that the logged in user owns this string 219 219 - if user.Active.Did != id.DID.String() { 220 220 - l.Error("unauthorized request", "expected", id.DID, "got", user.Active.Did) 219 219 + if user.Did != id.DID.String() { 220 220 + l.Error("unauthorized request", "expected", id.DID, "got", user.Did) 221 221 w.WriteHeader(http.StatusUnauthorized) 222 222 return 223 223 } ··· 226 226 case http.MethodGet: 227 227 // return the form with prefilled fields 228 228 s.Pages.PutString(w, pages.PutStringParams{ 229 229 - LoggedInUser: s.OAuth.GetMultiAccountUser(r), 229 229 + LoggedInUser: s.OAuth.GetUser(r), 230 230 Action: "edit", 231 231 String: first, 232 232 }) ··· 299 299 s.Notifier.EditString(r.Context(), &entry) 300 300 301 301 // if that went okay, redir to the string 302 302 - s.Pages.HxRedirect(w, "/strings/"+user.Active.Did+"/"+entry.Rkey) 302 302 + s.Pages.HxRedirect(w, "/strings/"+user.Did+"/"+entry.Rkey) 303 303 } 304 304 305 305 } 306 306 307 307 func (s *Strings) create(w http.ResponseWriter, r *http.Request) { 308 308 l := s.Logger.With("handler", "create") 309 309 - user := s.OAuth.GetMultiAccountUser(r) 309 309 + user := s.OAuth.GetUser(r) 310 310 311 311 switch r.Method { 312 312 case http.MethodGet: 313 313 s.Pages.PutString(w, pages.PutStringParams{ 314 314 - LoggedInUser: s.OAuth.GetMultiAccountUser(r), 314 314 + LoggedInUser: s.OAuth.GetUser(r), 315 315 Action: "new", 316 316 }) 317 317 case http.MethodPost: ··· 335 335 description := r.FormValue("description") 336 336 337 337 string := models.String{ 338 338 - Did: syntax.DID(user.Active.Did), 338 338 + Did: syntax.DID(user.Did), 339 339 Rkey: tid.TID(), 340 340 Filename: filename, 341 341 Description: description, ··· 353 353 354 354 resp, err := comatproto.RepoPutRecord(r.Context(), client, &atproto.RepoPutRecord_Input{ 355 355 Collection: tangled.StringNSID, 356 356 - Repo: user.Active.Did, 356 356 + Repo: user.Did, 357 357 Rkey: string.Rkey, 358 358 Record: &lexutil.LexiconTypeDecoder{ 359 359 Val: &record, ··· 375 375 s.Notifier.NewString(r.Context(), &string) 376 376 377 377 // successful 378 378 - s.Pages.HxRedirect(w, "/strings/"+user.Active.Did+"/"+string.Rkey) 378 378 + s.Pages.HxRedirect(w, "/strings/"+user.Did+"/"+string.Rkey) 379 379 } 380 380 } 381 381 382 382 func (s *Strings) delete(w http.ResponseWriter, r *http.Request) { 383 383 l := s.Logger.With("handler", "create") 384 384 - user := s.OAuth.GetMultiAccountUser(r) 384 384 + user := s.OAuth.GetUser(r) 385 385 fail := func(msg string, err error) { 386 386 l.Error(msg, "err", err) 387 387 s.Pages.Notice(w, "error", msg) ··· 402 402 return 403 403 } 404 404 405 405 - if user.Active.Did != id.DID.String() { 406 406 - fail("You cannot delete this string", fmt.Errorf("unauthorized deletion, %s != %s", user.Active.Did, id.DID.String())) 405 405 + if user.Did != id.DID.String() { 406 406 + fail("You cannot delete this string", fmt.Errorf("unauthorized deletion, %s != %s", user.Did, id.DID.String())) 407 407 return 408 408 } 409 409 410 410 if err := db.DeleteString( 411 411 s.Db, 412 412 - orm.FilterEq("did", user.Active.Did), 412 412 + orm.FilterEq("did", user.Did), 413 413 orm.FilterEq("rkey", rkey), 414 414 ); err != nil { 415 415 fail("Failed to delete string.", err) 416 416 return 417 417 } 418 418 419 419 - s.Notifier.DeleteString(r.Context(), user.Active.Did, rkey) 419 419 + s.Notifier.DeleteString(r.Context(), user.Did, rkey) 420 420 421 421 - s.Pages.HxRedirect(w, "/strings/"+user.Active.Did) 421 421 + s.Pages.HxRedirect(w, "/strings/"+user.Did) 422 422 } 423 423 424 424 func (s *Strings) comment(w http.ResponseWriter, r *http.Request) {

+88

ico/ico.go

··· 1 1 + package ico 2 2 + 3 3 + import ( 4 4 + "bytes" 5 5 + "encoding/binary" 6 6 + "fmt" 7 7 + "image" 8 8 + "image/png" 9 9 + ) 10 10 + 11 11 + type IconDir struct { 12 12 + Reserved uint16 // must be 0 13 13 + Type uint16 // 1 for ICO, 2 for CUR 14 14 + Count uint16 // number of images 15 15 + } 16 16 + 17 17 + type IconDirEntry struct { 18 18 + Width uint8 // 0 means 256 19 19 + Height uint8 // 0 means 256 20 20 + ColorCount uint8 21 21 + Reserved uint8 // must be 0 22 22 + ColorPlanes uint16 // 0 or 1 23 23 + BitsPerPixel uint16 24 24 + SizeInBytes uint32 25 25 + Offset uint32 26 26 + } 27 27 + 28 28 + func ImageToIco(img image.Image) ([]byte, error) { 29 29 + // encode image as png 30 30 + var pngBuf bytes.Buffer 31 31 + if err := png.Encode(&pngBuf, img); err != nil { 32 32 + return nil, fmt.Errorf("failed to encode PNG: %w", err) 33 33 + } 34 34 + pngData := pngBuf.Bytes() 35 35 + 36 36 + // get image dimensions 37 37 + bounds := img.Bounds() 38 38 + width := bounds.Dx() 39 39 + height := bounds.Dy() 40 40 + 41 41 + // prepare output buffer 42 42 + var icoBuf bytes.Buffer 43 43 + 44 44 + iconDir := IconDir{ 45 45 + Reserved: 0, 46 46 + Type: 1, // ICO format 47 47 + Count: 1, // One image 48 48 + } 49 49 + 50 50 + w := uint8(width) 51 51 + h := uint8(height) 52 52 + 53 53 + // width/height of 256 should be stored as 0 54 54 + if width == 256 { 55 55 + w = 0 56 56 + } 57 57 + if height == 256 { 58 58 + h = 0 59 59 + } 60 60 + 61 61 + iconDirEntry := IconDirEntry{ 62 62 + Width: w, 63 63 + Height: h, 64 64 + ColorCount: 0, // 0 for PNG (32-bit) 65 65 + Reserved: 0, 66 66 + ColorPlanes: 1, 67 67 + BitsPerPixel: 32, // PNG with alpha 68 68 + SizeInBytes: uint32(len(pngData)), 69 69 + Offset: 6 + 16, // Size of ICONDIR + ICONDIRENTRY 70 70 + } 71 71 + 72 72 + // write IconDir 73 73 + if err := binary.Write(&icoBuf, binary.LittleEndian, iconDir); err != nil { 74 74 + return nil, fmt.Errorf("failed to write ICONDIR: %w", err) 75 75 + } 76 76 + 77 77 + // write IconDirEntry 78 78 + if err := binary.Write(&icoBuf, binary.LittleEndian, iconDirEntry); err != nil { 79 79 + return nil, fmt.Errorf("failed to write ICONDIRENTRY: %w", err) 80 80 + } 81 81 + 82 82 + // write PNG data directly 83 83 + if _, err := icoBuf.Write(pngData); err != nil { 84 84 + return nil, fmt.Errorf("failed to write PNG data: %w", err) 85 85 + } 86 86 + 87 87 + return icoBuf.Bytes(), nil 88 88 + }

+1 -3

lexicons/pulls/pull.json

··· 32 32 }, 33 33 "patchBlob": { 34 34 "type": "blob", 35 35 - "accept": [ 36 36 - "text/x-patch" 37 37 - ], 35 35 + "accept": "text/x-patch", 38 36 "description": "patch content" 39 37 }, 40 38 "source": {