Switch to nuxt assets for emojis (#311)

* switch to nuxt assets for emojis * add auth to emoji endpoint * fix cache control header * fix type error
2026-01-31 15:37:09 +01:00 · 2026-01-13 22:49:58 -05:00
parent 63ac2b8ffc
commit 1eaec4c3e8
8 changed files with 67 additions and 119 deletions
--- a/server/api/v1/emoji/[codepoint]/index.get.ts
+++ b/server/api/v1/emoji/[codepoint]/index.get.ts
@@ -0,0 +1,39 @@
+import aclManager from "~/server/internal/acls";
+
+export default defineEventHandler(async (h3) => {
+  const allowed = await aclManager.hasACL(h3, [
+    "system:setup",
+    "user:emoji:read",
+  ]);
+  if (!allowed)
+    throw createError({
+      statusCode: 403,
+      statusMessage: "Requires authentication",
+    });
+
+  const codepoint = getRouterParam(h3, "codepoint");
+  if (!codepoint) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Missing codepoint parameter",
+    });
+  }
+
+  // Get the emoji SVG from server assets
+  const asset = await useStorage("assets:twemoji").getItemRaw(
+    `${codepoint}.svg`,
+  );
+
+  if (!asset) {
+    throw createError({
+      statusCode: 404,
+      statusMessage: "Emoji not found",
+    });
+  }
+
+  // Set proper content type for SVG
+  setResponseHeader(h3, "Content-Type", "image/svg+xml");
+  setResponseHeader(h3, "Cache-Control", "private, max-age=31536000");
+
+  return asset;
+});
--- a/server/internal/acls/descriptions.ts
+++ b/server/internal/acls/descriptions.ts
@@ -40,6 +40,8 @@ export const userACLDescriptions: ObjectFromList<typeof userACLs> = {

  "news:read": "Read the server's news articles.",

+  "emoji:read": "Read built in emojis",
+
  "settings:read": "Read system settings.",
 };

--- a/server/internal/acls/index.ts
+++ b/server/internal/acls/index.ts
@@ -32,6 +32,8 @@ export const userACLs = [
  "clients:read",
  "clients:revoke",

+  "emoji:read",
+
  "news:read",

  "settings:read",
@@ -220,7 +222,7 @@ class ACLManager {
    return false;
  }

-  async hasACL(request: MinimumRequestObject | undefined, acls: string[]) {
+  async hasACL(request: MinimumRequestObject | undefined, acls: GlobalACL[]) {
    for (const acl of acls) {
      if (acl.startsWith(userACLPrefix)) {
        const rawACL = acl.substring(userACLPrefix.length);
--- a/server/internal/tasks/index.ts
+++ b/server/internal/tasks/index.ts
@@ -284,7 +284,8 @@ class TaskHandler {
      return;
    }

-    const allowed = await aclManager.hasACL(request, task.acls);
+    // cast acls due to prisma types being less strict
+    const allowed = await aclManager.hasACL(request, task.acls as GlobalACL[]);
    if (!allowed) {
      // logger.warn("user does not have necessary ACLs");
      peer.send(