oxen-io
diff --git a/‎api.yaml‎
Lines changed: 16 additions & 5 deletions b/‎api.yaml‎
Lines changed: 16 additions & 5 deletions
diff --git a/‎sogs/http.py‎
Lines changed: 2 additions & 1 deletion b/‎sogs/http.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎sogs/model/exc.py‎
Lines changed: 10 additions & 0 deletions b/‎sogs/model/exc.py‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎sogs/model/room.py‎
Lines changed: 81 additions & 5 deletions b/‎sogs/model/room.py‎
Lines changed: 81 additions & 5 deletions
diff --git a/‎sogs/routes/rooms.py‎
Lines changed: 37 additions & 1 deletion b/‎sogs/routes/rooms.py‎
Lines changed: 37 additions & 1 deletion
@@ -135,9 +135,14 @@ paths:
         - $ref: "#/components/parameters/pathRoomToken"
       requestBody:
         description: >
-          JSON body containing the message details to be submitted to the room. Note that the
-          `session_id` field is not contained in the response (since it is simply the client's own
-          ID).
+          JSON body containing the message details to be submitted to the room.
+
+
+        data and signature are required; whisper_to and whisper_mods are permitted only for
+        moderators/admins.  The former sends a whisper within the room that will only be shown by
+        the given user; the latter sends a whisper in the room that will be seen by all moderators.
+        It is possible for a message to use both of these whisper modes at once, for example to
+        (privately) warn a user and have that warning visible by all other moderators.
         required: true
         content:
           application/json:
@@ -157,6 +162,12 @@ paths:
                     Base64-encoded message data XEd25519 signature, signed by the poster's X25519
                     key contained in the session ID.
                   example: NjgwYzFjOGI0YTljNTliNDk1MDRmMzY5YzFmMzRkYjM4ZTU3Mzk2YzA2ODYwODk3MzI1ZmFhMjNkYTZmNzE3YTk3MmY4MTJjZDU1MGFkMTQ2Yzk1MTdlOGM1NzMyZjgxZDE3NWViODg5OGQxZjQyMjg5ZWNkNjNjODJiMDZjNzM=
+                whisper_to:
+                  $ref: "#/components/schemas/SessionID"
+                whisper_mods:
+                  type: boolean
+                  description: >
+                    True if this message is a whisper that should be visible to all room moderators.
                 files:
                   type: array
                   description: >
@@ -257,11 +268,11 @@ paths:
         $ref: "#/paths/~1room~1%7BroomToken%7D~1message/post/requestBody"
       responses:
         200:
-          description: Message updated successfully
+          description: Message updated successfully; returns an empty dict as body.
           content:
             application/json:
               schema:
-                $ref: "#/components/schemas/Message"
+                type: object
         403:
           description: >
             Forbidden.  Returned if the user does not have permission to post messages to this room,
 
@@ -1,5 +1,6 @@
-# basic success:
+# success codes:
 OK = 200
+CREATED = 201
 
 # error status codes:
 BAD_REQUEST = 400
 
@@ -64,6 +64,11 @@ def __init__(self, msg=None):
         super().__init__("Permission denied" if msg is None else msg)
 
 
+class InvalidData(RuntimeError):
+    """Thrown if something in model was fed invalid data, for example a signature of an invalid
+    size, or an unparseable entity."""
+
+
 class PostRejected(RuntimeError):
     """
     Thrown when a post is refused for some reason other than a permission error (e.g. the post
@@ -95,3 +100,8 @@ def abort_perm_denied(e):
 @app.errorhandler(PostRejected)
 def abort_post_rejected(e):
     flask.abort(http.TOO_MANY_REQUESTS)
+
+
+@app.errorhandler(InvalidData)
+def abort_invalid_data(e):
+    flask.abort(http.BAD_REQUEST)
@@ -12,6 +12,7 @@
     BadPermission,
     PostRejected,
     PostRateLimited,
+    InvalidData,
 )
 
 import os
@@ -503,6 +504,24 @@ def get_messages_for(
             if after <= max_old_id:
                 after += offset
 
+        whisper_clause = (
+            # For a mod we want to see:
+            # - all whisper_mods messsages
+            # - anything directed to us specifically
+            # - anything we sent (i.e. outbound whispers)
+            # - non-whispers
+            "whisper_mods OR whisper = :user OR user = :user OR whisper IS NULL"
+            if mod
+            # For a regular user we want to see:
+            # - anything with whisper_to sent to us
+            # - non-whispers
+            else "whisper = :user OR (whisper IS NULL AND NOT whisper_mods)"
+            if user
+            # Otherwise for public, non-user access we want to see:
+            # - non-whispers
+            else "whisper IS NULL AND NOT whisper_mods"
+        )
+
         for row in query(
             f"""
             SELECT * FROM message_details
@@ -513,11 +532,7 @@ def get_messages_for(
                     'AND id = :single' if single is not None else
                     ''
                 }
-                AND (
-                    whisper IS NULL
-                    {'OR whisper = :user' if user else ''}
-                    {'OR whisper_mods' if mod else ''}
-                )
+                AND ({whisper_clause})
             {
                 '' if single is not None else
                 'ORDER BY id ASC LIMIT :limit' if after is not None else
@@ -590,6 +605,9 @@ def add_post(
         if not self.check_write(user):
             raise BadPermission()
 
+        if data is None or sig is None or len(sig) != 32:
+            raise InvalidData()
+
         whisper_mods = bool(whisper_mods)
         if (whisper_to or whisper_mods) and not self.check_moderator(user):
             app.logger.warning(f"Cannot post a whisper to {self}: {user} is not a moderator")
@@ -655,6 +673,64 @@ def add_post(
         send_mule("message_posted", msg['id'])
         return msg
 
+    def edit_post(self, user: User, msg_id: int, data: bytes, sig: bytes):
+        """
+        Edits a post in the room.  The post must exist, must have been authored by the same user,
+        and must not be deleted.  The user must *currently* have write permission (i.e. if they lose
+        write permission they cannot edit existing posts made before they were restricted).
+
+        Edits cannot alter the whisper_to/whisper_mods properties.
+
+        Raises:
+        - BadPermission() if attempting to edit another user's message or not having write
+          permission in the room.
+        - A subclass of PostRejected() if the edit is unacceptable, for instance for triggering the
+          profanity filter.
+        - NoSuchPost() if the post is deleted.
+        """
+        if not self.check_write(user):
+            raise BadPermission()
+
+        if data is None or sig is None or len(sig) != 32:
+            raise InvalidData()
+
+        filtered = self.should_filter(user, data)
+        with db.transaction():
+            author = query(
+                '''
+                SELECT "user" FROM messages
+                WHERE id = :m AND room = :r AND data IS NOT NULL
+                ''',
+                m=msg_id,
+                r=self.id,
+            ).first()
+            if author is None:
+                raise NoSuchPost()
+            author = author[0]
+            if author != user.id:
+                raise BadPermission()
+
+            if filtered:
+                # Silent filtering is enabled and the edit failed the filter, so we want to drop the
+                # actual post update.
+                return
+
+            data_size = len(data)
+            unpadded_data = utils.remove_session_message_padding(data)
+
+            query(
+                """
+                UPDATE messages SET
+                    data = :data, data_size = :data_size, signature = :sig WHERE id = :m
+                """,
+                m=msg_id,
+                data=unpadded_data,
+                data_size=data_size,
+                sig=sig,
+            )
+
+        send_mule("message_edited", msg_id)
+
     def delete_posts(self, message_ids: List[int], deleter: User):
         """
         Deletes the messages with the given ids.  The given user performing the delete must be a
 
@@ -1,7 +1,8 @@
 from .. import config, http, utils
 from ..model import room as mroom
+from . import auth
 
-from flask import abort, jsonify, g, Blueprint
+from flask import abort, jsonify, g, Blueprint, request
 
 # General purpose routes for things like capability retrieval and batching
 
@@ -126,6 +127,41 @@ def message_single(room, msg_id):
     return utils.jsonify_with_base64(msgs[0])
 
 
+@rooms.post("/room/<Room:room>/message")
+@auth.user_required
+def post_message(room):
+    req = request.json
+
+    # TODO: files tracking
+
+    msg = room.add_post(
+        g.user,
+        data=utils.decode_base64(req.get('data')),
+        sig=utils.decode_base64(req.get('signature')),
+        whisper_to=req.get('whisper_to'),
+        whisper_mods=bool(req.get('whisper_mods')),
+    )
+
+    return utils.jsonify_with_base64(msg), http.CREATED
+
+
+@rooms.put("/room/<Room:room>/message/<int:msg_id>")
+@auth.user_required
+def edit_message(room, msg_id):
+    req = request.json
+
+    # TODO: files tracking
+
+    room.edit_post(
+        g.user,
+        msg_id,
+        data=utils.decode_base64(req.get('data')),
+        sig=utils.decode_base64(req.get('signature')),
+    )
+
+    return jsonify({})
+
+
 @rooms.post("/room/<Room:room>/pin/<int:msg_id>")
 def message_pin(room, msg_id):
     room.pin(msg_id, g.user)