// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see
tags. fieldFormatValueResult := p.formatter.FromPlainNoParagraph(ctx, p.parseMention, account.ID, "", fieldRaw.Value) field.Value = fieldFormatValueResult.HTML // Retrieve field emojis. for _, emoji := range fieldFormatValueResult.Emojis { emojis[emoji.ID] = emoji } // We're done, append the shiny new field. account.Fields = append(account.Fields, field) } emojisCount := len(emojis) account.Emojis = make([]*gtsmodel.Emoji, 0, emojisCount) account.EmojiIDs = make([]string, 0, emojisCount) for id, emoji := range emojis { account.Emojis = append(account.Emojis, emoji) account.EmojiIDs = append(account.EmojiIDs, id) } } if form.AvatarDescription != nil { desc := text.SanitizeToPlaintext(*form.AvatarDescription) form.AvatarDescription = util.Ptr(desc) } if form.Avatar != nil && form.Avatar.Size != 0 { avatarInfo, errWithCode := p.UpdateAvatar(ctx, account, form.Avatar, form.AvatarDescription, ) if errWithCode != nil { return nil, errWithCode } account.AvatarMediaAttachmentID = avatarInfo.ID account.AvatarMediaAttachment = avatarInfo log.Tracef(ctx, "new avatar info for account %s is %+v", account.ID, avatarInfo) } else if form.AvatarDescription != nil && account.AvatarMediaAttachment != nil { // Update just existing description if possible. account.AvatarMediaAttachment.Description = *form.AvatarDescription if err := p.state.DB.UpdateAttachment( ctx, account.AvatarMediaAttachment, "description", ); err != nil { err := gtserror.Newf("db error updating account avatar description: %w", err) return nil, gtserror.NewErrorInternalError(err) } } if form.HeaderDescription != nil { desc := text.SanitizeToPlaintext(*form.HeaderDescription) form.HeaderDescription = util.Ptr(desc) } if form.Header != nil && form.Header.Size != 0 { headerInfo, errWithCode := p.UpdateHeader(ctx, account, form.Header, form.HeaderDescription, ) if errWithCode != nil { return nil, errWithCode } account.HeaderMediaAttachmentID = headerInfo.ID account.HeaderMediaAttachment = headerInfo log.Tracef(ctx, "new header info for account %s is %+v", account.ID, headerInfo) } else if form.HeaderDescription != nil && account.HeaderMediaAttachment != nil { // Update just existing description if possible. account.HeaderMediaAttachment.Description = *form.HeaderDescription if err := p.state.DB.UpdateAttachment( ctx, account.HeaderMediaAttachment, "description", ); err != nil { err := gtserror.Newf("db error updating account avatar description: %w", err) return nil, gtserror.NewErrorInternalError(err) } } if form.Locked != nil { account.Locked = form.Locked } if form.Source != nil { if form.Source.Language != nil { language, err := validate.Language(*form.Source.Language) if err != nil { return nil, gtserror.NewErrorBadRequest(err) } account.Settings.Language = language } if form.Source.Sensitive != nil { account.Settings.Sensitive = form.Source.Sensitive } if form.Source.Privacy != nil { if err := validate.Privacy(*form.Source.Privacy); err != nil { return nil, gtserror.NewErrorBadRequest(err) } privacy := typeutils.APIVisToVis(apimodel.Visibility(*form.Source.Privacy)) account.Settings.Privacy = privacy } if form.Source.StatusContentType != nil { if err := validate.StatusContentType(*form.Source.StatusContentType); err != nil { return nil, gtserror.NewErrorBadRequest(err, err.Error()) } account.Settings.StatusContentType = *form.Source.StatusContentType } } if form.Theme != nil { theme := *form.Theme if theme == "" { // Empty is easy, just clear this. account.Settings.Theme = "" } else { // Theme was provided, check // against known available themes. if _, ok := p.themes.ByFileName[theme]; !ok { err := fmt.Errorf("theme %s not available on this instance, see /api/v1/accounts/themes for available themes", theme) return nil, gtserror.NewErrorBadRequest(err, err.Error()) } account.Settings.Theme = theme } } if form.CustomCSS != nil { customCSS := *form.CustomCSS if err := validate.CustomCSS(customCSS); err != nil { return nil, gtserror.NewErrorBadRequest(err, err.Error()) } account.Settings.CustomCSS = text.SanitizeToPlaintext(customCSS) } if form.EnableRSS != nil { account.Settings.EnableRSS = form.EnableRSS } if form.HideCollections != nil { account.Settings.HideCollections = form.HideCollections } if err := p.state.DB.UpdateAccount(ctx, account); err != nil { return nil, gtserror.NewErrorInternalError(fmt.Errorf("could not update account %s: %s", account.ID, err)) } if err := p.state.DB.UpdateAccountSettings(ctx, account.Settings); err != nil { return nil, gtserror.NewErrorInternalError(fmt.Errorf("could not update account settings %s: %s", account.ID, err)) } p.state.Workers.Client.Queue.Push(&messages.FromClientAPI{ APObjectType: ap.ActorPerson, APActivityType: ap.ActivityUpdate, GTSModel: account, Origin: account, }) acctSensitive, err := p.converter.AccountToAPIAccountSensitive(ctx, account) if err != nil { return nil, gtserror.NewErrorInternalError(fmt.Errorf("could not convert account into apisensitive account: %s", err)) } return acctSensitive, nil } // UpdateAvatar does the dirty work of checking the avatar // part of an account update form, parsing and checking the // media, and doing the necessary updates in the database // for this to become the account's new avatar. func (p *Processor) UpdateAvatar( ctx context.Context, account *gtsmodel.Account, avatar *multipart.FileHeader, description *string, ) ( *gtsmodel.MediaAttachment, gtserror.WithCode, ) { // Get maximum supported local media size. maxsz := int64(config.GetMediaLocalMaxSize()) // #nosec G115 -- Already validated. // Ensure media within size bounds. if avatar.Size > maxsz { text := fmt.Sprintf("media exceeds configured max size: %d", maxsz) return nil, gtserror.NewErrorBadRequest(errors.New(text), text) } // Open multipart file reader. mpfile, err := avatar.Open() if err != nil { err := gtserror.Newf("error opening multipart file: %w", err) return nil, gtserror.NewErrorInternalError(err) } // Wrap the multipart file reader to ensure is limited to max. rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxsz) // Write to instance storage. return p.c.StoreLocalMedia(ctx, account.ID, func(ctx context.Context) (reader io.ReadCloser, err error) { return rc, nil }, media.AdditionalMediaInfo{ Avatar: util.Ptr(true), Description: description, }, ) } // UpdateHeader does the dirty work of checking the header // part of an account update form, parsing and checking the // media, and doing the necessary updates in the database // for this to become the account's new header. func (p *Processor) UpdateHeader( ctx context.Context, account *gtsmodel.Account, header *multipart.FileHeader, description *string, ) ( *gtsmodel.MediaAttachment, gtserror.WithCode, ) { // Get maximum supported local media size. maxsz := int64(config.GetMediaLocalMaxSize()) // #nosec G115 -- Already validated. // Ensure media within size bounds. if header.Size > maxsz { text := fmt.Sprintf("media exceeds configured max size: %d", maxsz) return nil, gtserror.NewErrorBadRequest(errors.New(text), text) } // Open multipart file reader. mpfile, err := header.Open() if err != nil { err := gtserror.Newf("error opening multipart file: %w", err) return nil, gtserror.NewErrorInternalError(err) } // Wrap the multipart file reader to ensure is limited to max. rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxsz) // Write to instance storage. return p.c.StoreLocalMedia(ctx, account.ID, func(ctx context.Context) (reader io.ReadCloser, err error) { return rc, nil }, media.AdditionalMediaInfo{ Header: util.Ptr(true), Description: description, }, ) }