Check if a user is allow to create posts on another user's page

src/api_data/user_info.rs

@@ -4,7 +4,7 @@
 use serde::Serialize;
 
 use crate::data::user::{User, UserPageStatus, UserID};
-use crate::helpers::{friends_helper, custom_emojies_helper, background_image_helper, likes_helper};
+use crate::helpers::{friends_helper, custom_emojies_helper, background_image_helper, likes_helper, user_helper};
 use crate::data::error::ResultBoxError;
 use crate::utils::user_data_utils::user_data_url;
 use crate::data::user::AccountImageVisibility::{EVERYONE, COMUNIC_USERS};
@@ -40,6 +40,7 @@ struct APIAdvancedInfo {
     number_friends: usize,
     pageLikes: usize,
     user_page_like: bool,
+    can_post_texts: bool,
 }
 
 impl APIUserInfo {
@@ -65,15 +66,16 @@ impl APIUserInfo {
     /// Get advanced user information
     pub fn new_advanced_info(user_id: Option<UserID>, info: &User) -> ResultBoxError<APIUserInfo> {
         let mut user = APIUserInfo::new(user_id, info)?;
+        let curr_user_id = user_id.unwrap_or(0);
         let signed_in = user_id.is_some();
 
         // Check if we can return the number of friends of the user
-        let number_friends = if info.public_friends_list || user_id.unwrap_or(0) == info.id {
+        let number_friends = if info.public_friends_list || curr_user_id == info.id {
             friends_helper::count_friends(info.id)?
         } else { 0 };
 
         let likes_page = if signed_in {
-            likes_helper::is_liking(user_id.unwrap(), info.id as u64, LikeType::USER)?
+            likes_helper::is_liking(curr_user_id, info.id as u64, LikeType::USER)?
         } else { false };
 
         // Set advanced user information
@@ -88,6 +90,7 @@ impl APIUserInfo {
             number_friends,
             pageLikes: likes_helper::count(info.id as u64, LikeType::USER)?,
             user_page_like: likes_page,
+            can_post_texts: user_helper::can_create_posts(curr_user_id, info.id)?
         });
 
         Ok(user)

src/helpers/database.rs

@@ -10,6 +10,7 @@ use crate::data::config::DatabaseConfig;
 use crate::data::error::{ExecError, ResultBoxError};
 use std::collections::HashMap;
 use chrono::{Utc, TimeZone};
+use crate::data::user::UserID;
 
 /// Database access helper
 ///
@@ -97,6 +98,11 @@ impl QueryInfo {
         self
     }
 
+    pub fn cond_user_id(mut self, key: &str, val: UserID) -> QueryInfo {
+        self.conditions.insert(key.to_string(), val.to_string());
+        self
+    }
+
     /// Append a field to the list of selected fields
     pub fn add_field(mut self, key: &str) -> QueryInfo {
         self.fields.push(key.to_string());
@@ -109,6 +115,12 @@ impl QueryInfo {
         query(self, process_function)
     }
 
+    /// Query just a row
+    pub fn query_row<E, F: Fn(&RowResult) -> ProcessRowResult<E>>(self, process_function: F)
+                                                             -> Result<E, Box<dyn Error>> {
+        query_row(self, process_function)
+    }
+
     /// Execute count query
     pub fn exec_count(self) -> ResultBoxError<usize> {
         count(self)

src/helpers/friends_helper.rs

@@ -24,3 +24,13 @@ pub fn count_friends(user_id: UserID) -> ResultBoxError<usize> {
         .cond_u32("actif", 1)
         .exec_count()
 }
+
+/// Check if a user can create posts on another friend's page
+pub fn can_post_texts(user_id: UserID, target_user: UserID) -> ResultBoxError<bool> {
+    QueryInfo::new(FRIENDS_TABLE)
+        .cond_user_id("ID_personne", target_user)
+        .cond_user_id("ID_amis", user_id)
+        .add_field("autoriser_post_page")
+        .query_row(|res| res.get_legacy_bool("autoriser_post_page"))
+        .or(Ok(false))
+}

src/helpers/user_helper.rs

@@ -1,6 +1,6 @@
 use crate::data::error::ResultBoxError;
 use crate::data::user::{User, UserID, UserPageStatus, AccountImageVisibility};
-use crate::helpers::database;
+use crate::helpers::{database, friends_helper};
 use crate::constants::database_tables_names::USERS_TABLE;
 use crate::data::user::UserPageStatus::PUBLIC;
 use crate::helpers::friends_helper::are_friend;
@@ -99,3 +99,39 @@ pub fn can_see_user_page(user_id: UserID, target_user: UserID) -> ResultBoxError
 
     return Ok(true);
 }
+
+/// Check out whether a user allow posts on his page or not
+pub fn allow_posts_on_his_page(user_id: UserID) -> ResultBoxError<bool> {
+    Ok(find_user_by_id(user_id)?.allow_posts_from_friends)
+}
+
+/// Check out if a user can create posts on another user page
+pub fn can_create_posts(user_id: UserID, target_id: UserID) -> ResultBoxError<bool> {
+
+    // Login required
+    if user_id <= 0 {
+        return Ok(false);
+    }
+
+    // A user can always create posts on his page
+    if user_id == target_id {
+        return Ok(true);
+    }
+
+    // User must be able to see the page
+    if !can_see_user_page(user_id, target_id)? {
+        return Ok(false);
+    }
+
+    // Check if user allow posts on his page
+    if !allow_posts_on_his_page(target_id)? {
+        return Ok(false);
+    }
+
+    // Check if the friendship of the user allows him to create posts
+    if !friends_helper::can_post_texts(user_id, target_id)? {
+        return Ok(false);
+    }
+
+    Ok(true)
+}