111 lines
2.9 KiB
Go
111 lines
2.9 KiB
Go
|
package api
|
||
|
|
||
|
import (
|
||
|
"fmt"
|
||
|
"net/http"
|
||
|
|
||
|
"code.nonshy.com/nonshy/website/pkg/log"
|
||
|
"code.nonshy.com/nonshy/website/pkg/models"
|
||
|
"code.nonshy.com/nonshy/website/pkg/session"
|
||
|
"code.nonshy.com/nonshy/website/pkg/templates"
|
||
|
)
|
||
|
|
||
|
// User endpoint to flag other photos as explicit on their behalf.
|
||
|
func MarkPhotoExplicit() http.HandlerFunc {
|
||
|
// Request JSON schema.
|
||
|
type Request struct {
|
||
|
PhotoID uint64 `json:"photoID"`
|
||
|
Reason string `json:"reason"`
|
||
|
Other string `json:"other"`
|
||
|
}
|
||
|
|
||
|
// Response JSON schema.
|
||
|
type Response struct {
|
||
|
OK bool `json:"OK"`
|
||
|
Error string `json:"error,omitempty"`
|
||
|
}
|
||
|
|
||
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||
|
// Get current user.
|
||
|
currentUser, err := session.CurrentUser(r)
|
||
|
if err != nil {
|
||
|
session.FlashError(w, r, "Failed to get current user: %s", err)
|
||
|
templates.Redirect(w, "/")
|
||
|
return
|
||
|
}
|
||
|
|
||
|
// Parse request payload.
|
||
|
var req Request
|
||
|
if err := ParseJSON(r, &req); err != nil {
|
||
|
SendJSON(w, http.StatusBadRequest, Response{
|
||
|
Error: fmt.Sprintf("Error with request payload: %s", err),
|
||
|
})
|
||
|
return
|
||
|
}
|
||
|
|
||
|
// Form validation.
|
||
|
if req.Reason == "" {
|
||
|
SendJSON(w, http.StatusBadRequest, Response{
|
||
|
Error: "Please select one of the reasons why this photo should've been marked Explicit.",
|
||
|
})
|
||
|
return
|
||
|
}
|
||
|
|
||
|
// Get this photo.
|
||
|
photo, err := models.GetPhoto(req.PhotoID)
|
||
|
if err != nil {
|
||
|
SendJSON(w, http.StatusBadRequest, Response{
|
||
|
Error: "That photo was not found!",
|
||
|
})
|
||
|
return
|
||
|
}
|
||
|
|
||
|
if !photo.Explicit {
|
||
|
photo.Explicit = true
|
||
|
if err := photo.Save(); err != nil {
|
||
|
SendJSON(w, http.StatusBadRequest, Response{
|
||
|
Error: fmt.Sprintf("Couldn't save the photo: %s", err),
|
||
|
})
|
||
|
return
|
||
|
}
|
||
|
|
||
|
// If a non-admin user has hit this API, log an admin report for visibility and
|
||
|
// to keep a pulse on things (e.g. in case of abuse).
|
||
|
if !currentUser.IsAdmin {
|
||
|
fb := &models.Feedback{
|
||
|
Intent: "report",
|
||
|
Subject: "User flagged an explicit photo",
|
||
|
UserID: currentUser.ID,
|
||
|
TableName: "photos",
|
||
|
TableID: photo.ID,
|
||
|
Message: fmt.Sprintf(
|
||
|
"A user has flagged that a photo should have been marked as Explicit.\n\n"+
|
||
|
"* Reported by: %s (ID %d)\n"+
|
||
|
"* Reason given: %s\n"+
|
||
|
"* Elaboration (if other): %s\n\n"+
|
||
|
"The photo had been immediately marked as Explicit.",
|
||
|
currentUser.Username,
|
||
|
currentUser.ID,
|
||
|
req.Reason,
|
||
|
req.Other,
|
||
|
),
|
||
|
}
|
||
|
|
||
|
// Save the feedback.
|
||
|
if err := models.CreateFeedback(fb); err != nil {
|
||
|
log.Error("Couldn't save feedback from user updating their DOB: %s", err)
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// Log the change.
|
||
|
models.LogUpdated(&models.User{ID: photo.UserID}, currentUser, "photos", photo.ID, "Marked explicit by admin action.", []models.FieldDiff{
|
||
|
models.NewFieldDiff("Explicit", false, true),
|
||
|
})
|
||
|
|
||
|
SendJSON(w, http.StatusOK, Response{
|
||
|
OK: true,
|
||
|
})
|
||
|
})
|
||
|
}
|