Merge pull request #43 from jagerman/posting

Add room posting/editing endpoints

Author: jagerman

api.yaml

@@ -135,9 +135,14 @@ paths:
         - $ref: "#/components/parameters/pathRoomToken"
       requestBody:
         description: >
-          JSON body containing the message details to be submitted to the room. Note that the
-          `session_id` field is not contained in the response (since it is simply the client's own
-          ID).
+          JSON body containing the message details to be submitted to the room.
+
+
+        data and signature are required; whisper_to and whisper_mods are permitted only for
+        moderators/admins.  The former sends a whisper within the room that will only be shown by
+        the given user; the latter sends a whisper in the room that will be seen by all moderators.
+        It is possible for a message to use both of these whisper modes at once, for example to
+        (privately) warn a user and have that warning visible by all other moderators.
         required: true
         content:
           application/json:
@@ -157,6 +162,12 @@ paths:
                     Base64-encoded message data XEd25519 signature, signed by the poster's X25519
                     key contained in the session ID.
                   example: NjgwYzFjOGI0YTljNTliNDk1MDRmMzY5YzFmMzRkYjM4ZTU3Mzk2YzA2ODYwODk3MzI1ZmFhMjNkYTZmNzE3YTk3MmY4MTJjZDU1MGFkMTQ2Yzk1MTdlOGM1NzMyZjgxZDE3NWViODg5OGQxZjQyMjg5ZWNkNjNjODJiMDZjNzM=
+                whisper_to:
+                  $ref: "#/components/schemas/SessionID"
+                whisper_mods:
+                  type: boolean
+                  description: >
+                    True if this message is a whisper that should be visible to all room moderators.
                 files:
                   type: array
                   description: >
@@ -257,11 +268,11 @@ paths:
         $ref: "#/paths/~1room~1%7BroomToken%7D~1message/post/requestBody"
       responses:
         200:
-          description: Message updated successfully
+          description: Message updated successfully; returns an empty dict as body.
           content:
             application/json:
               schema:
-                $ref: "#/components/schemas/Message"
+                type: object
         403:
           description: >
             Forbidden.  Returned if the user does not have permission to post messages to this room,

sogs/http.py

@@ -1,5 +1,6 @@
-# basic success:
+# success codes:
 OK = 200
+CREATED = 201
 
 # error status codes:
 BAD_REQUEST = 400

sogs/model/exc.py

@@ -64,6 +64,11 @@ def __init__(self, msg=None):
         super().__init__("Permission denied" if msg is None else msg)
 
 
+class InvalidData(RuntimeError):
+    """Thrown if something in model was fed invalid data, for example a signature of an invalid
+    size, or an unparseable entity."""
+
+
 class PostRejected(RuntimeError):
     """
     Thrown when a post is refused for some reason other than a permission error (e.g. the post
@@ -95,3 +100,8 @@ def abort_perm_denied(e):
 @app.errorhandler(PostRejected)
 def abort_post_rejected(e):
     flask.abort(http.TOO_MANY_REQUESTS)
+
+
+@app.errorhandler(InvalidData)
+def abort_invalid_data(e):
+    flask.abort(http.BAD_REQUEST)

sogs/model/room.py

@@ -12,6 +12,7 @@
     BadPermission,
     PostRejected,
     PostRateLimited,
+    InvalidData,
 )
 
 import os
@@ -464,6 +465,7 @@ def get_messages_for(
         self,
         user: Optional[User],
         *,
+        sequence: Optional[int] = None,
         after: Optional[int] = None,
         before: Optional[int] = None,
         recent: bool = False,
@@ -476,7 +478,12 @@ def get_messages_for(
         whispers meant to be displayed to moderators.
 
         Exactly one of `after`, `begin`, `recent` or `single` must be specified:
-        - `after=N` returns messages with ids greater than N in ascending order
+        - `sequence=N` returns messages that have been posted, edited, or deleted since the given
+          `seqno` (that is: the have seqno greater than N).  Messages are returned in sequence
+          order.
+        - `after=N` returns messages with ids greater than N in ascending order.  This is normally
+          *not* what you want for fetching messages as it omits edits and deletions; typically you
+          want to retrieve by seqno instead.
         - `before=N` returns messages with ids less than N in descending order
         - `recent=True` returns the most recent messages in descending order
         - `single=123` returns a singleton list containing the single message with the given message
@@ -490,11 +497,15 @@ def get_messages_for(
         mod = self.check_moderator(user)
         msgs = []
 
-        opt_count = sum((after is not None, before is not None, recent, single is not None))
+        opt_count = sum(arg is not None for arg in (sequence, after, before, single)) + bool(recent)
         if opt_count == 0:
-            raise RuntimeError("Exactly one of before=, after=, recent=, or single= is required")
+            raise RuntimeError(
+                "Exactly one of sequence=, before=, after=, recent=, or single= is required"
+            )
         if opt_count > 1:
-            raise RuntimeError("Cannot specify more than one of before=, after=, recent=, single=")
+            raise RuntimeError(
+                "Cannot specify more than one of sequence=, before=, after=, recent=, single="
+            )
 
         # Handle id mapping from an old database import in case the client is requesting
         # messages since some id from the old db.
@@ -503,28 +514,45 @@ def get_messages_for(
             if after <= max_old_id:
                 after += offset
 
+        whisper_clause = (
+            # For a mod we want to see:
+            # - all whisper_mods messsages
+            # - anything directed to us specifically
+            # - anything we sent (i.e. outbound whispers)
+            # - non-whispers
+            "whisper_mods OR whisper = :user OR user = :user OR whisper IS NULL"
+            if mod
+            # For a regular user we want to see:
+            # - anything with whisper_to sent to us
+            # - non-whispers
+            else "whisper = :user OR (whisper IS NULL AND NOT whisper_mods)"
+            if user
+            # Otherwise for public, non-user access we want to see:
+            # - non-whispers
+            else "whisper IS NULL AND NOT whisper_mods"
+        )
+
         for row in query(
             f"""
             SELECT * FROM message_details
-            WHERE room = :r AND data IS NOT NULL AND NOT filtered
+            WHERE room = :r AND NOT filtered {'AND data IS NOT NULL' if sequence is None else ''}
                 {
+                    'AND seqno > :sequence' if sequence is not None else
                     'AND id > :after' if after is not None else
                     'AND id < :before' if before is not None else
                     'AND id = :single' if single is not None else
                     ''
                 }
-                AND (
-                    whisper IS NULL
-                    {'OR whisper = :user' if user else ''}
-                    {'OR whisper_mods' if mod else ''}
-                )
+                AND ({whisper_clause})
             {
                 '' if single is not None else
+                'ORDER BY seqno ASC LIMIT :limit' if sequence is not None else
                 'ORDER BY id ASC LIMIT :limit' if after is not None else
                 'ORDER BY id DESC LIMIT :limit'
             }
             """,
             r=self.id,
+            sequence=sequence,
             after=after,
             before=before,
             single=single,
@@ -590,6 +618,9 @@ def add_post(
         if not self.check_write(user):
             raise BadPermission()
 
+        if data is None or sig is None or len(sig) != 32:
+            raise InvalidData()
+
         whisper_mods = bool(whisper_mods)
         if (whisper_to or whisper_mods) and not self.check_moderator(user):
             app.logger.warning(f"Cannot post a whisper to {self}: {user} is not a moderator")
@@ -655,6 +686,64 @@ def add_post(
         send_mule("message_posted", msg['id'])
         return msg
 
+    def edit_post(self, user: User, msg_id: int, data: bytes, sig: bytes):
+        """
+        Edits a post in the room.  The post must exist, must have been authored by the same user,
+        and must not be deleted.  The user must *currently* have write permission (i.e. if they lose
+        write permission they cannot edit existing posts made before they were restricted).
+
+        Edits cannot alter the whisper_to/whisper_mods properties.
+
+        Raises:
+        - BadPermission() if attempting to edit another user's message or not having write
+          permission in the room.
+        - A subclass of PostRejected() if the edit is unacceptable, for instance for triggering the
+          profanity filter.
+        - NoSuchPost() if the post is deleted.
+        """
+        if not self.check_write(user):
+            raise BadPermission()
+
+        if data is None or sig is None or len(sig) != 32:
+            raise InvalidData()
+
+        filtered = self.should_filter(user, data)
+        with db.transaction():
+            author = query(
+                '''
+                SELECT "user" FROM messages
+                WHERE id = :m AND room = :r AND data IS NOT NULL
+                ''',
+                m=msg_id,
+                r=self.id,
+            ).first()
+            if author is None:
+                raise NoSuchPost()
+            author = author[0]
+            if author != user.id:
+                raise BadPermission()
+
+            if filtered:
+                # Silent filtering is enabled and the edit failed the filter, so we want to drop the
+                # actual post update.
+                return
+
+            data_size = len(data)
+            unpadded_data = utils.remove_session_message_padding(data)
+
+            query(
+                """
+                UPDATE messages SET
+                    data = :data, data_size = :data_size, signature = :sig WHERE id = :m
+                """,
+                m=msg_id,
+                data=unpadded_data,
+                data_size=data_size,
+                sig=sig,
+            )
+
+        send_mule("message_edited", msg_id)
+
     def delete_posts(self, message_ids: List[int], deleter: User):
         """
         Deletes the messages with the given ids.  The given user performing the delete must be a

sogs/routes/rooms.py

@@ -1,7 +1,8 @@
 from .. import config, http, utils
 from ..model import room as mroom
+from . import auth
 
-from flask import abort, jsonify, g, Blueprint
+from flask import abort, jsonify, g, Blueprint, request
 
 # General purpose routes for things like capability retrieval and batching
 
@@ -91,7 +92,7 @@ def messages_since(room, seqno):
 
     limit = utils.get_int_param('limit', 100, min=1, max=256, truncate=True)
 
-    return utils.jsonify_with_base64(room.get_messages_for(g.user, limit=limit, after=seqno))
+    return utils.jsonify_with_base64(room.get_messages_for(g.user, limit=limit, sequence=seqno))
 
 
 @rooms.get("/room/<Room:room>/messages/before/<int:msg_id>")
@@ -126,6 +127,41 @@ def message_single(room, msg_id):
     return utils.jsonify_with_base64(msgs[0])
 
 
+@rooms.post("/room/<Room:room>/message")
+@auth.user_required
+def post_message(room):
+    req = request.json
+
+    # TODO: files tracking
+
+    msg = room.add_post(
+        g.user,
+        data=utils.decode_base64(req.get('data')),
+        sig=utils.decode_base64(req.get('signature')),
+        whisper_to=req.get('whisper_to'),
+        whisper_mods=bool(req.get('whisper_mods')),
+    )
+
+    return utils.jsonify_with_base64(msg), http.CREATED
+
+
+@rooms.put("/room/<Room:room>/message/<int:msg_id>")
+@auth.user_required
+def edit_message(room, msg_id):
+    req = request.json
+
+    # TODO: files tracking
+
+    room.edit_post(
+        g.user,
+        msg_id,
+        data=utils.decode_base64(req.get('data')),
+        sig=utils.decode_base64(req.get('signature')),
+    )
+
+    return jsonify({})
+
+
 @rooms.post("/room/<Room:room>/pin/<int:msg_id>")
 def message_pin(room, msg_id):
     room.pin(msg_id, g.user)