Avatar:
-
-
- 
-
+
+ {{ template "image_selector.html" imageselectordata "avatar" .User.AvatarUrl false }}
+
(Allowed image types: PNG, JPEG and GIF. Avatars may weigh up to 1MB and will be resized if larger than 400x400 pixels)
Short bio:
@@ -198,4 +206,4 @@
}
-{{ end }}
\ No newline at end of file
+{{ end }}
diff --git a/src/website/admin.go b/src/website/admin.go
index 2557ce0..9a77f49 100644
--- a/src/website/admin.go
+++ b/src/website/admin.go
@@ -162,9 +162,15 @@ func AdminApprovalQueueSubmit(c *RequestContext) ResponseData {
return RejectRequest(c, "User id can't be parsed")
}
- u, err := db.QueryOne(c.Context(), c.Conn, models.User{},
+ type userQuery struct {
+ User models.User `db:"auth_user"`
+ }
+ u, err := db.QueryOne(c.Context(), c.Conn, userQuery{},
`
- SELECT $columns FROM auth_user WHERE id = $1
+ SELECT $columns
+ FROM auth_user
+ LEFT JOIN handmade_asset AS auth_user_avatar ON auth_user_avatar.id = auth_user.avatar_asset_id
+ WHERE auth_user.id = $1
`,
userId,
)
@@ -175,7 +181,7 @@ func AdminApprovalQueueSubmit(c *RequestContext) ResponseData {
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to fetch user"))
}
}
- user := u.(*models.User)
+ user := u.(*userQuery).User
whatHappened := ""
if action == ApprovalQueueActionApprove {
@@ -241,6 +247,7 @@ func fetchUnapprovedPosts(c *RequestContext) ([]*UnapprovedPost, error) {
JOIN handmade_thread AS thread ON post.thread_id = thread.id
JOIN handmade_postversion AS ver ON ver.id = post.current_id
JOIN auth_user AS author ON author.id = post.author_id
+ LEFT JOIN handmade_asset AS author_avatar ON author_avatar.id = author.avatar_asset_id
WHERE
NOT thread.deleted
AND NOT post.deleted
diff --git a/src/website/api.go b/src/website/api.go
index 7257737..f1c5b33 100644
--- a/src/website/api.go
+++ b/src/website/api.go
@@ -19,11 +19,15 @@ func APICheckUsername(c *RequestContext) ResponseData {
requestedUsername := usernameArgs[0]
found = true
c.Perf.StartBlock("SQL", "Fetch user")
- userResult, err := db.QueryOne(c.Context(), c.Conn, models.User{},
+ type userQuery struct {
+ User models.User `db:"auth_user"`
+ }
+ userResult, err := db.QueryOne(c.Context(), c.Conn, userQuery{},
`
SELECT $columns
FROM
auth_user
+ LEFT JOIN handmade_asset AS auth_user_avatar ON auth_user_avatar.id = auth_user.avatar_asset_id
WHERE
LOWER(auth_user.username) = LOWER($1)
AND status = ANY ($2)
@@ -39,7 +43,7 @@ func APICheckUsername(c *RequestContext) ResponseData {
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to fetch user: %s", requestedUsername))
}
} else {
- canonicalUsername = userResult.(*models.User).Username
+ canonicalUsername = userResult.(*userQuery).User.Username
}
}
diff --git a/src/website/auth.go b/src/website/auth.go
index 5b208fd..991f403 100644
--- a/src/website/auth.go
+++ b/src/website/auth.go
@@ -75,7 +75,18 @@ func Login(c *RequestContext) ResponseData {
return res
}
- userRow, err := db.QueryOne(c.Context(), c.Conn, models.User{}, "SELECT $columns FROM auth_user WHERE LOWER(username) = LOWER($1)", username)
+ type userQuery struct {
+ User models.User `db:"auth_user"`
+ }
+ userRow, err := db.QueryOne(c.Context(), c.Conn, userQuery{},
+ `
+ SELECT $columns
+ FROM auth_user
+ LEFT JOIN handmade_asset AS auth_user_avatar ON auth_user_avatar.id = auth_user.avatar_asset_id
+ WHERE LOWER(username) = LOWER($1)
+ `,
+ username,
+ )
if err != nil {
if errors.Is(err, db.NotFound) {
return showLoginWithFailure(c, redirect)
@@ -83,7 +94,7 @@ func Login(c *RequestContext) ResponseData {
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to look up user by username"))
}
}
- user := userRow.(*models.User)
+ user := &userRow.(*userQuery).User
success, err := tryLogin(c, user, password)
@@ -446,10 +457,14 @@ func RequestPasswordResetSubmit(c *RequestContext) ResponseData {
var user *models.User
c.Perf.StartBlock("SQL", "Fetching user")
- userRow, err := db.QueryOne(c.Context(), c.Conn, models.User{},
+ type userQuery struct {
+ User models.User `db:"auth_user"`
+ }
+ userRow, err := db.QueryOne(c.Context(), c.Conn, userQuery{},
`
SELECT $columns
FROM auth_user
+ LEFT JOIN handmade_asset AS auth_user_avatar ON auth_user_avatar.id = auth_user.avatar_asset_id
WHERE
LOWER(username) = LOWER($1)
AND LOWER(email) = LOWER($2)
@@ -464,7 +479,7 @@ func RequestPasswordResetSubmit(c *RequestContext) ResponseData {
}
}
if userRow != nil {
- user = userRow.(*models.User)
+ user = &userRow.(*userQuery).User
}
if user != nil {
@@ -776,6 +791,7 @@ func validateUsernameAndToken(c *RequestContext, username string, token string,
`
SELECT $columns
FROM auth_user
+ LEFT JOIN handmade_asset AS auth_user_avatar ON auth_user_avatar.id = auth_user.avatar_asset_id
LEFT JOIN handmade_onetimetoken AS onetimetoken ON onetimetoken.owner_id = auth_user.id
WHERE
LOWER(auth_user.username) = LOWER($1)
diff --git a/src/website/projects.go b/src/website/projects.go
index b86d6d1..3488854 100644
--- a/src/website/projects.go
+++ b/src/website/projects.go
@@ -9,6 +9,7 @@ import (
"math"
"math/rand"
"net/http"
+ "path"
"sort"
"strings"
"time"
@@ -76,8 +77,7 @@ func ProjectIndex(c *RequestContext) ResponseData {
var restProjects []templates.Project
now := time.Now()
for _, p := range officialProjects {
- templateProject := templates.ProjectToTemplate(&p.Project, hmndata.UrlContextForProject(&p.Project).BuildHomepage())
- templateProject.AddLogo(p.LogoURL(c.Theme))
+ templateProject := templates.ProjectAndStuffToTemplate(&p, hmndata.UrlContextForProject(&p.Project).BuildHomepage(), c.Theme)
if p.Project.Slug == "hero" {
// NOTE(asaf): Handmade Hero gets special treatment. Must always be first in the list.
@@ -139,8 +139,7 @@ func ProjectIndex(c *RequestContext) ResponseData {
if i >= maxPersonalProjects {
break
}
- templateProject := templates.ProjectToTemplate(&p.Project, hmndata.UrlContextForProject(&p.Project).BuildHomepage())
- templateProject.AddLogo(p.LogoURL(c.Theme))
+ templateProject := templates.ProjectAndStuffToTemplate(&p, hmndata.UrlContextForProject(&p.Project).BuildHomepage(), c.Theme)
personalProjects = append(personalProjects, templateProject)
}
}
@@ -244,6 +243,7 @@ func ProjectHomepage(c *RequestContext) ResponseData {
handmade_post AS post
INNER JOIN handmade_thread AS thread ON thread.id = post.thread_id
INNER JOIN auth_user AS author ON author.id = post.author_id
+ LEFT JOIN handmade_asset AS author_avatar ON author_avatar.id = author.avatar_asset_id
WHERE
post.project_id = $1
ORDER BY post.postdate DESC
@@ -272,8 +272,7 @@ func ProjectHomepage(c *RequestContext) ResponseData {
if err != nil {
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to fetch project details"))
}
- templateData.Project = templates.ProjectToTemplate(c.CurrentProject, c.UrlContext.BuildHomepage())
- templateData.Project.AddLogo(p.LogoURL(c.Theme))
+ templateData.Project = templates.ProjectAndStuffToTemplate(&p, c.UrlContext.BuildHomepage(), c.Theme)
for _, owner := range owners {
templateData.Owners = append(templateData.Owners, templates.UserToTemplate(owner, c.Theme))
}
@@ -514,11 +513,14 @@ func ProjectEdit(c *RequestContext) ResponseData {
}
c.Perf.EndBlock()
+ lightLogoUrl := templates.ProjectLogoUrl(&p.Project, p.LogoLightAsset, p.LogoDarkAsset, "light")
+ darkLogoUrl := templates.ProjectLogoUrl(&p.Project, p.LogoLightAsset, p.LogoDarkAsset, "dark")
+
projectSettings := templates.ProjectToProjectSettings(
&p.Project,
p.Owners,
p.TagText(),
- p.LogoURL("light"), p.LogoURL("dark"),
+ lightLogoUrl, darkLogoUrl,
c.Theme,
)
@@ -816,10 +818,14 @@ func updateProject(ctx context.Context, tx pgx.Tx, user *models.User, payload *P
}
}
- ownerRows, err := db.Query(ctx, tx, models.User{},
+ type userQuery struct {
+ User models.User `db:"auth_user"`
+ }
+ ownerRows, err := db.Query(ctx, tx, userQuery{},
`
SELECT $columns
FROM auth_user
+ LEFT JOIN handmade_asset AS auth_user_avatar ON auth_user_avatar.id = auth_user.avatar_asset_id
WHERE LOWER(username) = ANY ($1)
`,
payload.OwnerUsernames,
@@ -847,7 +853,7 @@ func updateProject(ctx context.Context, tx pgx.Tx, user *models.User, payload *P
VALUES
($1, $2)
`,
- ownerRow.(*models.User).ID,
+ ownerRow.(*userQuery).User.ID,
payload.ProjectID,
)
if err != nil {
@@ -914,13 +920,28 @@ func GetFormImage(c *RequestContext, fieldName string) (FormImage, error) {
img.Read(res.Content)
img.Seek(0, io.SeekStart)
- config, _, err := image.DecodeConfig(img)
- if err != nil {
- return FormImage{}, err
+ fileExtensionOverrides := []string{".svg"}
+ fileExt := strings.ToLower(path.Ext(res.Filename))
+ tryDecode := true
+ for _, ext := range fileExtensionOverrides {
+ if fileExt == ext {
+ tryDecode = false
+ }
+ }
+
+ if tryDecode {
+ config, _, err := image.DecodeConfig(img)
+ if err != nil {
+ return FormImage{}, err
+ }
+ res.Width = config.Width
+ res.Height = config.Height
+ res.Mime = http.DetectContentType(res.Content)
+ } else {
+ if fileExt == ".svg" {
+ res.Mime = "image/svg+xml"
+ }
}
- res.Width = config.Width
- res.Height = config.Height
- res.Mime = http.DetectContentType(res.Content)
}
return res, nil
diff --git a/src/website/routes.go b/src/website/routes.go
index e9c948d..c5fc792 100644
--- a/src/website/routes.go
+++ b/src/website/routes.go
@@ -501,20 +501,7 @@ func LoadCommonWebsiteData(c *RequestContext) (bool, ResponseData) {
panic("failed to load project data")
}
- canEditProject := false
- if c.CurrentUser != nil {
- if c.CurrentUser.IsStaff {
- canEditProject = true
- } else {
- for _, o := range owners {
- if o.ID == c.CurrentUser.ID {
- canEditProject = true
- break
- }
- }
- }
- }
- c.CurrentUserCanEditCurrentProject = canEditProject
+ c.CurrentUserCanEditCurrentProject = CanEditProject(c.CurrentUser, owners)
c.UrlContext = hmndata.UrlContextForProject(c.CurrentProject)
}
@@ -557,7 +544,18 @@ func getCurrentUserAndSession(c *RequestContext, sessionId string) (*models.User
}
}
- userRow, err := db.QueryOne(c.Context(), c.Conn, models.User{}, "SELECT $columns FROM auth_user WHERE username = $1", session.Username)
+ type userQuery struct {
+ User models.User `db:"auth_user"`
+ }
+ userRow, err := db.QueryOne(c.Context(), c.Conn, userQuery{},
+ `
+ SELECT $columns
+ FROM auth_user
+ LEFT JOIN handmade_asset AS auth_user_avatar ON auth_user_avatar.id = auth_user.avatar_asset_id
+ WHERE username = $1
+ `,
+ session.Username,
+ )
if err != nil {
if errors.Is(err, db.NotFound) {
logging.Debug().Str("username", session.Username).Msg("returning no current user for this request because the user for the session couldn't be found")
@@ -566,7 +564,7 @@ func getCurrentUserAndSession(c *RequestContext, sessionId string) (*models.User
return nil, nil, oops.New(err, "failed to get user for session")
}
}
- user := userRow.(*models.User)
+ user := &userRow.(*userQuery).User
return user, session, nil
}
diff --git a/src/website/user.go b/src/website/user.go
index 61f6b92..defb9c1 100644
--- a/src/website/user.go
+++ b/src/website/user.go
@@ -2,13 +2,12 @@ package website
import (
"errors"
- "fmt"
"net/http"
"sort"
"strconv"
"strings"
- "time"
+ "git.handmade.network/hmn/hmn/src/assets"
"git.handmade.network/hmn/hmn/src/auth"
"git.handmade.network/hmn/hmn/src/config"
"git.handmade.network/hmn/hmn/src/db"
@@ -19,6 +18,7 @@ import (
"git.handmade.network/hmn/hmn/src/models"
"git.handmade.network/hmn/hmn/src/oops"
"git.handmade.network/hmn/hmn/src/templates"
+ "github.com/google/uuid"
"github.com/jackc/pgx/v4"
)
@@ -52,11 +52,15 @@ func UserProfile(c *RequestContext) ResponseData {
profileUser = c.CurrentUser
} else {
c.Perf.StartBlock("SQL", "Fetch user")
- userResult, err := db.QueryOne(c.Context(), c.Conn, models.User{},
+ type userQuery struct {
+ User models.User `db:"auth_user"`
+ }
+ userResult, err := db.QueryOne(c.Context(), c.Conn, userQuery{},
`
SELECT $columns
FROM
auth_user
+ LEFT JOIN handmade_asset AS auth_user_avatar ON auth_user_avatar.id = auth_user.avatar_asset_id
WHERE
LOWER(auth_user.username) = $1
`,
@@ -70,7 +74,7 @@ func UserProfile(c *RequestContext) ResponseData {
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to fetch user: %s", username))
}
}
- profileUser = userResult.(*models.User)
+ profileUser = &userResult.(*userQuery).User
}
{
@@ -114,8 +118,7 @@ func UserProfile(c *RequestContext) ResponseData {
templateProjects := make([]templates.Project, 0, len(projectsAndStuff))
numPersonalProjects := 0
for _, p := range projectsAndStuff {
- templateProject := templates.ProjectToTemplate(&p.Project, hmndata.UrlContextForProject(&p.Project).BuildHomepage())
- templateProject.AddLogo(p.LogoURL(c.Theme))
+ templateProject := templates.ProjectAndStuffToTemplate(&p, hmndata.UrlContextForProject(&p.Project).BuildHomepage(), c.Theme)
templateProjects = append(templateProjects, templateProject)
if p.Project.Personal {
@@ -201,12 +204,17 @@ func UserProfile(c *RequestContext) ResponseData {
return res
}
+var UserAvatarMaxFileSize = 1 * 1024 * 1024
+
func UserSettings(c *RequestContext) ResponseData {
var res ResponseData
type UserSettingsTemplateData struct {
templates.BaseData
+ AvatarMaxFileSize int
+ DefaultAvatarUrl string
+
User templates.User
Email string // these fields are handled specially on templates.User
ShowEmail bool
@@ -280,11 +288,13 @@ func UserSettings(c *RequestContext) ResponseData {
baseData := getBaseDataAutocrumb(c, templateUser.Name)
res.MustWriteTemplate("user_settings.html", UserSettingsTemplateData{
- BaseData: baseData,
- User: templateUser,
- Email: c.CurrentUser.Email,
- ShowEmail: c.CurrentUser.ShowEmail,
- LinksText: linksText,
+ BaseData: baseData,
+ AvatarMaxFileSize: UserAvatarMaxFileSize,
+ DefaultAvatarUrl: templates.UserAvatarDefaultUrl(c.Theme),
+ User: templateUser,
+ Email: c.CurrentUser.Email,
+ ShowEmail: c.CurrentUser.ShowEmail,
+ LinksText: linksText,
SubmitUrl: hmnurl.BuildUserSettings(""),
ContactUrl: hmnurl.BuildContactPage(),
@@ -299,6 +309,14 @@ func UserSettings(c *RequestContext) ResponseData {
}
func UserSettingsSave(c *RequestContext) ResponseData {
+ maxBodySize := int64(UserAvatarMaxFileSize + 2*1024*1024)
+ c.Req.Body = http.MaxBytesReader(c.Res, c.Req.Body, maxBodySize)
+ err := c.Req.ParseMultipartForm(maxBodySize)
+ if err != nil {
+ // NOTE(asaf): The error for exceeding the max filesize doesn't have a special type, so we can't easily detect it here.
+ return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to parse form"))
+ }
+
tx, err := c.Conn.Begin(c.Context())
if err != nil {
panic(err)
@@ -396,25 +414,39 @@ func UserSettingsSave(c *RequestContext) ResponseData {
}
// Update avatar
- imageSaveResult := SaveImageFile(c, tx, "avatar", 1*1024*1024, fmt.Sprintf("members/avatars/%s-%d", c.CurrentUser.Username, time.Now().UTC().Unix()))
- if imageSaveResult.ValidationError != "" {
- return RejectRequest(c, imageSaveResult.ValidationError)
- } else if imageSaveResult.FatalError != nil {
- return c.ErrorResponse(http.StatusInternalServerError, oops.New(imageSaveResult.FatalError, "failed to save new avatar"))
- } else if imageSaveResult.ImageFile != nil {
- _, err = tx.Exec(c.Context(),
+ newAvatar, err := GetFormImage(c, "avatar")
+ if err != nil {
+ return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to read image from form"))
+ }
+ var avatarUUID *uuid.UUID
+ if newAvatar.Exists {
+ avatarAsset, err := assets.Create(c.Context(), tx, assets.CreateInput{
+ Content: newAvatar.Content,
+ Filename: newAvatar.Filename,
+ ContentType: newAvatar.Mime,
+ UploaderID: &c.CurrentUser.ID,
+ Width: newAvatar.Width,
+ Height: newAvatar.Height,
+ })
+ if err != nil {
+ return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to upload avatar"))
+ }
+ avatarUUID = &avatarAsset.ID
+ }
+ if newAvatar.Exists || newAvatar.Remove {
+ _, err := tx.Exec(c.Context(),
`
UPDATE auth_user
SET
- avatar = $2
+ avatar_asset_id = $2
WHERE
id = $1
`,
c.CurrentUser.ID,
- imageSaveResult.ImageFile.File,
+ avatarUUID,
)
if err != nil {
- return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to update user"))
+ return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to update user's avatar"))
}
}