11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
..
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
...
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
...
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
|
terra http.actor_profile(co: &lib.srv.convo, actor: &lib.store.actor, meth: method.t)
var rel: lib.store.relationship
if co.aid ~= 0 then
rel = co.srv:actor_rel_calc(co.who.id, actor.id)
if meth == method.post then
var act = co:ppostv('act')
if act:cmp(lib.str.plit 'follow') and not rel.rel.follow() then
if rel.recip.block() then
co:complain(403,'blocked','you cannot follow a user you are blocked by') return
end
(rel.rel.follow << true)
co.srv:actor_rel_create([lib.store.relation.idvmap.follow], co.who.id, actor.id)
elseif act:cmp(lib.str.plit 'unfollow') and rel.rel.follow() then
(rel.rel.follow << false)
co.srv:actor_rel_destroy([lib.store.relation.idvmap.follow], co.who.id, actor.id)
end
end
else
rel.rel:clear()
rel.recip:clear()
end
................................................................................
if handle.ct == 0 then
handle.ct = uri.ct - 2
uri:advance(uri.ct)
elseif handle.ct + 2 < uri.ct then uri:advance(handle.ct + 2) end
lib.dbg('looking up user by xid "', {handle.ptr,handle.ct} ,'", path: ', {uri.ptr,uri.ct})
var path = lib.http.hier(uri) defer path:free()
for i=0,path.ct do
lib.dbg('got path component ', {path.ptr[i].ptr, path.ptr[i].ct})
end
var actor = co.srv:actor_fetch_xid(handle)
if actor.ptr == nil then
co:complain(404,'no such user','no such user known to this server')
................................................................................
credsec_for_uid(co: &lib.srv.convo, uid: uint64)
var act = co:ppostv('act')
lib.dbg('showing credentials')
if act:cmp(lib.str.plit 'invalidate') then
lib.dbg('setting user\'s cookie validation time to now')
co.who.source:auth_sigtime_user_alter(uid, lib.osclock.time(nil))
-- the current session has been invalidated as well, so we need to immediately install a new authentication cookie with the same aid so the user doesn't need to log back in all over again
co:installkey('/conf/sec',co.aid)
return
elseif act:cmp(lib.str.plit 'newcred') then
var cmt = co:ppostv('comment')
var pw = co:ppostv('newpw')
var aid: uint64 = 0
if pw:ref() then
var cpw = co:ppostv('rptpw')
................................................................................
end
elseif uri:cmp(lib.str.plit '/logout') then
if co.aid == 0
then goto notfound
else co:reroute_cookie('/','auth=; Path=/')
end
else -- hierarchical routes
var path = lib.http.hier(uri) defer path:free()
if path.ct > 1 and path(0):cmp(lib.str.lit('user')) then
http.actor_profile_uid(co, path, meth)
elseif path.ct > 1 and path(0):cmp(lib.str.lit('post')) then
http.tweet_page(co, path, meth)
elseif path(0):cmp(lib.str.lit('tl')) then
http.timeline(co, path)
elseif path(0):cmp(lib.str.lit('media')) then
|
<
|
>
>
>
>
>
>
>
>
>
>
>
>
|
|
|
|
|
>
>
>
>
>
|
|
|
|
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
..
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
...
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
...
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
|
terra http.actor_profile(co: &lib.srv.convo, actor: &lib.store.actor, meth: method.t)
var rel: lib.store.relationship
if co.aid ~= 0 then
rel = co.srv:actor_rel_calc(co.who.id, actor.id)
if meth == method.post then
var act = co:ppostv('act')
if rel.recip.block() then
if act:cmp(lib.str.plit 'follow') or act:cmp(lib.str.plit 'subscribe') then
co:complain(403,'blocked','you cannot follow a user you are blocked by') return
end
end
if act:cmp(lib.str.plit 'block') and not rel.rel.block() then
(rel.rel.block << true) ; (rel.recip.follow << false)
co.srv:actor_rel_create([lib.store.relation.idvmap.block], co.who.id, actor.id)
co.srv:actor_rel_destroy([lib.store.relation.idvmap.follow], actor.id, co.who.id)
else
[(function()
local tests = quote co:complain(400,'bad request','the action you have attempted on this user is not meaningful') return end
for i,v in ipairs(lib.store.relation.members) do
tests = quote
if [v ~= 'block'] and act:cmp(lib.str.plit([v])) and not rel.rel.[v]() then -- rely on dead code elimination :/
(rel.rel.[v] << true)
co.srv:actor_rel_create([lib.store.relation.idvmap[v]], co.who.id, actor.id)
elseif act:cmp(lib.str.plit(['un'..v])) and rel.rel.[v]() then
(rel.rel.[v] << false)
co.srv:actor_rel_destroy([lib.store.relation.idvmap[v]], co.who.id, actor.id)
else [tests] end
end
end
return tests
end)()]
end
end
else
rel.rel:clear()
rel.recip:clear()
end
................................................................................
if handle.ct == 0 then
handle.ct = uri.ct - 2
uri:advance(uri.ct)
elseif handle.ct + 2 < uri.ct then uri:advance(handle.ct + 2) end
lib.dbg('looking up user by xid "', {handle.ptr,handle.ct} ,'", path: ', {uri.ptr,uri.ct})
var path = lib.http.hier(&co.srv.pool, uri) --defer path:free()
for i=0,path.ct do
lib.dbg('got path component ', {path.ptr[i].ptr, path.ptr[i].ct})
end
var actor = co.srv:actor_fetch_xid(handle)
if actor.ptr == nil then
co:complain(404,'no such user','no such user known to this server')
................................................................................
credsec_for_uid(co: &lib.srv.convo, uid: uint64)
var act = co:ppostv('act')
lib.dbg('showing credentials')
if act:cmp(lib.str.plit 'invalidate') then
lib.dbg('setting user\'s cookie validation time to now')
co.who.source:auth_sigtime_user_alter(uid, lib.osclock.time(nil))
-- the current session has been invalidated as well, so we need to immediately install a new authentication cookie with the same aid so the user doesn't need to log back in all over again
co:installkey('?',co.aid)
return
elseif act:cmp(lib.str.plit 'newcred') then
var cmt = co:ppostv('comment')
var pw = co:ppostv('newpw')
var aid: uint64 = 0
if pw:ref() then
var cpw = co:ppostv('rptpw')
................................................................................
end
elseif uri:cmp(lib.str.plit '/logout') then
if co.aid == 0
then goto notfound
else co:reroute_cookie('/','auth=; Path=/')
end
else -- hierarchical routes
var path = lib.http.hier(&co.srv.pool, uri) --defer path:free()
if path.ct > 1 and path(0):cmp(lib.str.lit('user')) then
http.actor_profile_uid(co, path, meth)
elseif path.ct > 1 and path(0):cmp(lib.str.lit('post')) then
http.tweet_page(co, path, meth)
elseif path(0):cmp(lib.str.lit('tl')) then
http.timeline(co, path)
elseif path(0):cmp(lib.str.lit('media')) then
|