feat(api): allow unauthed requests to /systems/:id/settings

2026-02-10 15:57:53 +00:00 · 2025-05-28 23:00:39 +00:00 · 2025-05-28 23:00:39 +00:00 · 0610701252
commit 0610701252
parent 0406c32f6b
14 changed files with 334 additions and 70 deletions
--- a/crates/api/src/endpoints/mod.rs
+++ b/crates/api/src/endpoints/mod.rs
@ -1 +1,2 @@
 pub mod private;
+pub mod system;
--- a/crates/api/src/endpoints/private.rs
+++ b/crates/api/src/endpoints/private.rs
@ -52,7 +52,7 @@ use axum::{
 };
 use hyper::StatusCode;
 use libpk::config;
-use pluralkit_models::{PKSystem, PKSystemConfig};
+use pluralkit_models::{PKSystem, PKSystemConfig, PrivacyLevel};
 use reqwest::ClientBuilder;

 #[derive(serde::Deserialize, Debug)]
@ -151,14 +151,12 @@ pub async fn discord_callback(
    .await
    .expect("failed to query");

-    if system.is_none() {
+    let Some(system) = system else {
        return json_err(
            StatusCode::BAD_REQUEST,
            "user does not have a system registered".to_string(),
        );
-    }
-
-    let system = system.unwrap();
+    };

    let system_config: Option<PKSystemConfig> = sqlx::query_as(
        r#"
@ -179,7 +177,7 @@ pub async fn discord_callback(
    (
        StatusCode::OK,
        serde_json::to_string(&serde_json::json!({
-            "system": system.to_json(),
+            "system": system.to_json(PrivacyLevel::Private),
            "config": system_config.to_json(),
            "user": user,
            "token": token,
--- a/crates/api/src/endpoints/system.rs
+++ b/crates/api/src/endpoints/system.rs
@ -0,0 +1,68 @@
+use axum::{
+    extract::State,
+    http::StatusCode,
+    response::{IntoResponse, Response},
+    Extension,
+};
+use serde_json::json;
+use sqlx::Postgres;
+use tracing::error;
+
+use pluralkit_models::{PKSystem, PKSystemConfig, PrivacyLevel};
+
+use crate::{auth::AuthState, util::json_err, ApiContext};
+
+pub async fn get_system_settings(
+    Extension(auth): Extension<AuthState>,
+    Extension(system): Extension<PKSystem>,
+    State(ctx): State<ApiContext>,
+) -> Response {
+    let access_level = auth.access_level_for(&system);
+
+    let config = match sqlx::query_as::<Postgres, PKSystemConfig>(
+        "select * from system_config where system = $1",
+    )
+    .bind(system.id)
+    .fetch_optional(&ctx.db)
+    .await
+    {
+        Ok(Some(config)) => config,
+        Ok(None) => {
+            error!(
+                system = system.id,
+                "failed to find system config for existing system"
+            );
+            return json_err(
+                StatusCode::INTERNAL_SERVER_ERROR,
+                r#"{"message": "500: Internal Server Error", "code": 0}"#.to_string(),
+            );
+        }
+        Err(err) => {
+            error!(?err, "failed to query system config");
+            return json_err(
+                StatusCode::INTERNAL_SERVER_ERROR,
+                r#"{"message": "500: Internal Server Error", "code": 0}"#.to_string(),
+            );
+        }
+    };
+
+    (
+        StatusCode::OK,
+        serde_json::to_string(&match access_level {
+            PrivacyLevel::Private => config.to_json(),
+            PrivacyLevel::Public => json!({
+                "pings_enabled": config.pings_enabled,
+                "latch_timeout": config.latch_timeout,
+                "case_sensitive_proxy_tags": config.case_sensitive_proxy_tags,
+                "proxy_error_message_enabled": config.proxy_error_message_enabled,
+                "hid_display_split": config.hid_display_split,
+                "hid_display_caps": config.hid_display_caps,
+                "hid_list_padding": config.hid_list_padding,
+                "proxy_switch": config.proxy_switch,
+                "name_format": config.name_format,
+            }),
+        })
+        .unwrap(),
+    )
+        .into_response()
+}