grishka
diff --git a/‎src/main/java/smithereen/Config.java
Lines changed: 52 additions & 0 deletions b/‎src/main/java/smithereen/Config.java
Lines changed: 52 additions & 0 deletions
diff --git a/‎src/main/java/smithereen/SmithereenApplication.java
Lines changed: 14 additions & 0 deletions b/‎src/main/java/smithereen/SmithereenApplication.java
Lines changed: 14 additions & 0 deletions
diff --git a/‎src/main/java/smithereen/routes/SettingsAdminRoutes.java
Lines changed: 102 additions & 2 deletions b/‎src/main/java/smithereen/routes/SettingsAdminRoutes.java
Lines changed: 102 additions & 2 deletions
diff --git a/‎src/main/java/smithereen/templates/Templates.java
Lines changed: 7 additions & 2 deletions b/‎src/main/java/smithereen/templates/Templates.java
Lines changed: 7 additions & 2 deletions
diff --git a/‎src/main/java/smithereen/util/CryptoUtils.java
Lines changed: 8 additions & 0 deletions b/‎src/main/java/smithereen/util/CryptoUtils.java
Lines changed: 8 additions & 0 deletions
diff --git a/‎src/main/resources/langs/en/admin.json
Lines changed: 9 additions & 1 deletion b/‎src/main/resources/langs/en/admin.json
Lines changed: 9 additions & 1 deletion
diff --git a/‎src/main/resources/langs/ru/admin.json
Lines changed: 9 additions & 1 deletion b/‎src/main/resources/langs/ru/admin.json
Lines changed: 9 additions & 1 deletion
diff --git a/‎src/main/resources/templates/common/admin_tabbar.twig
Lines changed: 1 addition & 0 deletions b/‎src/main/resources/templates/common/admin_tabbar.twig
Lines changed: 1 addition & 0 deletions
@@ -35,11 +35,13 @@
 import java.util.function.Function;
 import java.util.stream.Collectors;
 
+import smithereen.exceptions.InternalServerErrorException;
 import smithereen.model.ObfuscatedObjectIDType;
 import smithereen.model.admin.UserRole;
 import smithereen.storage.sql.SQLQueryBuilder;
 import smithereen.storage.sql.DatabaseConnection;
 import smithereen.storage.sql.DatabaseConnectionManager;
+import smithereen.util.CryptoUtils;
 import smithereen.util.PublicSuffixList;
 import smithereen.util.TopLevelDomainList;
 import spark.utils.StringUtils;
@@ -88,6 +90,8 @@ public class Config{
 	public static SignupMode signupMode=SignupMode.CLOSED;
 	public static boolean signupConfirmEmail;
 	public static boolean signupFormUseCaptcha;
+	public static String commonCSS, desktopCSS, mobileCSS;
+	public static String combinedDesktopCSS, combinedMobileCSS, desktopCSSCacheHash, mobileCSSCacheHash;
 
 	public static String mailFrom;
 	public static String smtpServerAddress;
@@ -271,6 +275,11 @@ public static void loadFromDatabase() throws SQLException{
 			if(PublicSuffixList.lastUpdatedTime>0){
 				PublicSuffixList.update(Arrays.asList(dbValues.get("PSList_Data").split("\n")));
 			}
+
+			commonCSS=dbValues.get("CommonCSS");
+			desktopCSS=dbValues.get("DesktopCSS");
+			mobileCSS=dbValues.get("MobileCSS");
+			applyCSS(commonCSS, desktopCSS, mobileCSS);
 		}
 	}
 
@@ -327,6 +336,49 @@ private static String requireProperty(Properties props, String name){
 		return value;
 	}
 
+	private static void applyCSS(String common, String desktop, String mobile){
+		if(StringUtils.isNotEmpty(common)){
+			desktop=StringUtils.isEmpty(desktop) ? common : common+"\n"+desktop;
+			mobile=StringUtils.isEmpty(mobile) ? common : common+"\n"+mobile;
+		}
+		if(desktop!=null)
+			desktop=desktop.trim();
+		if(mobile!=null)
+			mobile=mobile.trim();
+
+		if(StringUtils.isEmpty(desktop)){
+			combinedDesktopCSS=null;
+			desktopCSSCacheHash=null;
+		}else{
+			combinedDesktopCSS=desktop;
+			desktopCSSCacheHash=Utils.byteArrayToHexString(CryptoUtils.sha1(desktop.getBytes(StandardCharsets.UTF_8)));
+		}
+
+		if(StringUtils.isEmpty(mobile)){
+			combinedMobileCSS=null;
+			mobileCSSCacheHash=null;
+		}else{
+			combinedMobileCSS=mobile;
+			mobileCSSCacheHash=Utils.byteArrayToHexString(CryptoUtils.sha1(mobile.getBytes(StandardCharsets.UTF_8)));
+		}
+	}
+
+	public static void updateCSS(String common, String desktop, String mobile){
+		common=common.trim();
+		desktop=desktop.trim();
+		mobile=mobile.trim();
+
+		commonCSS=common;
+		desktopCSS=desktop;
+		mobileCSS=mobile;
+		try{
+			updateInDatabase(Map.of("CommonCSS", common, "DesktopCSS", desktop, "MobileCSS", mobile));
+		}catch(SQLException x){
+			throw new InternalServerErrorException(x);
+		}
+		applyCSS(common, desktop, mobile);
+	}
+
 	public enum SignupMode{
 		OPEN,
 		CLOSED,
 
@@ -384,6 +384,10 @@ public static void main(String[] args){
 				postRequiringPermissionWithCSRF("/updateServerInfo", UserRole.Permission.MANAGE_SERVER_SETTINGS, SettingsAdminRoutes::updateServerInfo);
 				getRequiringPermission("/createReportForm", UserRole.Permission.MANAGE_USERS, SettingsAdminRoutes::createReportForm);
 				postRequiringPermissionWithCSRF("/createReport", UserRole.Permission.MANAGE_USERS, SettingsAdminRoutes::createReport);
+				getRequiringPermission("/css", UserRole.Permission.MANAGE_SERVER_SETTINGS, SettingsAdminRoutes::customCSS);
+				postRequiringPermissionWithCSRF("/saveCSS", UserRole.Permission.MANAGE_SERVER_SETTINGS, SettingsAdminRoutes::saveCustomCSS);
+				postRequiringPermissionWithCSRF("/uploadFileForCSS", UserRole.Permission.MANAGE_SERVER_SETTINGS, SettingsAdminRoutes::uploadFileForCSS);
+				getRequiringPermissionWithCSRF("/deleteCssFile", UserRole.Permission.MANAGE_SERVER_SETTINGS, SettingsAdminRoutes::deleteCssFile);
 
 				path("/users", ()->{
 					getRequiringPermission("", UserRole.Permission.MANAGE_USERS, SettingsAdminRoutes::users);
@@ -547,6 +551,16 @@ public static void main(String[] args){
 			getLoggedIn("/simpleUserCompletions", SystemRoutes::simpleUserCompletions);
 			get("/privacyPolicy", SystemRoutes::privacyPolicy);
 			get("/languageChooser", SystemRoutes::languageChooser);
+			get("/custom_desktop.css", (req, resp)->{
+				resp.type("text/css");
+				resp.header("cache-control", "private, max-age=604800");
+				return Config.combinedDesktopCSS;
+			});
+			get("/custom_mobile.css", (req, resp)->{
+				resp.type("text/css");
+				resp.header("cache-control", "private, max-age=604800");
+				return Config.combinedMobileCSS;
+			});
 
 			if(Config.DEBUG){
 				path("/debug", ()->{
 
@@ -3,6 +3,13 @@
 import com.google.gson.JsonElement;
 import com.google.gson.reflect.TypeToken;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
 import java.net.URI;
 import java.net.URLEncoder;
 import java.sql.SQLException;
@@ -15,7 +22,6 @@
 import java.util.EnumSet;
 import java.util.HashMap;
 import java.util.HashSet;
-import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
@@ -25,12 +31,14 @@
 import java.util.stream.Collectors;
 import java.util.stream.IntStream;
 
+import jakarta.servlet.MultipartConfigElement;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.Part;
 import smithereen.ApplicationContext;
 import smithereen.Config;
 import smithereen.Mailer;
 import smithereen.SmithereenApplication;
 import smithereen.Utils;
-import smithereen.activitypub.objects.ActivityPubObject;
 import smithereen.activitypub.objects.Actor;
 import smithereen.exceptions.BadRequestException;
 import smithereen.exceptions.InternalServerErrorException;
@@ -92,6 +100,8 @@
 import static smithereen.Utils.*;
 
 public class SettingsAdminRoutes{
+	private static final Logger LOG=LoggerFactory.getLogger(SettingsAdminRoutes.class);
+
 	public static Object index(Request req, Response resp, Account self, ApplicationContext ctx){
 		RenderedTemplateResponse model=new RenderedTemplateResponse("admin_server_info", req);
 		Lang l=lang(req);
@@ -2113,4 +2123,94 @@ public static Object addLinksToReport(Request req, Response resp, Account self,
 		}
 		return ajaxAwareRedirect(req, resp, "/settings/admin/reports/"+report.id);
 	}
+
+	public static Object customCSS(Request req, Response resp, Account self, ApplicationContext ctx){
+		if(isMobile(req)){
+			resp.redirect("/settings/admin");
+			return "";
+		}
+		Lang l=lang(req);
+		File dir=new File(Config.uploadPath, "css");
+		String[] files=dir.exists() ? dir.list() : new String[0];
+		return new RenderedTemplateResponse("admin_css", req)
+				.with("commonCSS", Config.commonCSS)
+				.with("desktopCSS", Config.desktopCSS)
+				.with("mobileCSS", Config.mobileCSS)
+				.with("files", files)
+				.with("filesUrlPath", Config.uploadUrlPath+"/css")
+				.pageTitle(l.get("admin_custom_css")+" | "+l.get("menu_admin"));
+	}
+
+	public static Object saveCustomCSS(Request req, Response resp, Account self, ApplicationContext ctx){
+		Config.updateCSS(req.queryParams("common"), req.queryParams("desktop"), req.queryParams("mobile"));
+
+		if(isAjax(req))
+			return new WebDeltaResponse(resp).refresh();
+		resp.redirect(back(req));
+		return "";
+	}
+
+	public static Object uploadFileForCSS(Request req, Response resp, Account self, ApplicationContext ctx){
+		if(!isAjax(req))
+			throw new BadRequestException();
+
+		Lang l=lang(req);
+
+		File dir=new File(Config.uploadPath, "css");
+		try{
+			req.attribute("org.eclipse.jetty.multipartConfig", new MultipartConfigElement(null, 10*1024*1024, -1L, 0));
+			Part part=req.raw().getPart("file");
+			if(part==null)
+				throw new BadRequestException();
+			if(part.getSize()>10*1024*1024){
+				throw new UserErrorException("err_file_upload_too_large", Map.of("maxSize", l.formatFileSize(10*1024*1024)));
+			}
+
+			String mime=part.getContentType();
+			String fileName=part.getSubmittedFileName();
+			int index=fileName.lastIndexOf('.');
+			if(!mime.startsWith("image/") || index==-1)
+				throw new UserErrorException("err_file_upload_image_format");
+
+			String extension=fileName.substring(index+1).toLowerCase();
+			if(!Set.of("jpg", "jpeg", "png", "webp", "gif", "svg", "avif").contains(extension))
+				throw new UserErrorException("err_file_upload_image_format");
+
+			String sanitizedName=fileName.substring(0, index).replaceAll("[^a-zA-Z0-9_-]", "_")+"."+extension;
+			if(!dir.exists() && !dir.mkdirs())
+				throw new IOException("Failed to create "+dir);
+
+			File destination=new File(dir, sanitizedName);
+			LOG.debug("Saving to {}", destination);
+			try(InputStream in=part.getInputStream(); FileOutputStream out=new FileOutputStream(destination)){
+				copyBytes(in, out);
+			}
+		}catch(IOException | ServletException x){
+			throw new UserErrorException("err_file_upload", x);
+		}
+
+		RenderedTemplateResponse model=new RenderedTemplateResponse("admin_css", req)
+				.with("files", dir.list())
+				.with("filesUrlPath", Config.uploadUrlPath+"/css");
+		return new WebDeltaResponse(resp)
+				.setContent("cssFiles", model.renderBlock("files"))
+				.removeClass("cssFileButton", "loading");
+	}
+
+	public static Object deleteCssFile(Request req, Response resp, Account self, ApplicationContext ctx){
+		requireQueryParams(req, "file");
+		String name=req.queryParams("file");
+		int index=name.lastIndexOf('.');
+		if(index==-1)
+			throw new BadRequestException();
+
+		String extension=name.substring(index+1).toLowerCase();
+		String sanitizedName=name.substring(0, index).replaceAll("[^a-zA-Z0-9_-]", "_")+"."+extension;
+		File dir=new File(Config.uploadPath, "css");
+		File file=new File(dir, sanitizedName);
+		if(!file.exists() || !file.delete())
+			throw new ObjectNotFoundException();
+
+		return new WebDeltaResponse(resp).remove("cssFile_"+sanitizedName);
+	}
 }
@@ -149,20 +149,25 @@ public static void addGlobalParamsToTemplate(Request req, RenderedTemplateRespon
 				continue;
 			jsLang.add("\""+key+"\":"+lang.getAsJS(key));
 		}
-		if(req.attribute("mobile")!=null){
+		boolean mobile=req.attribute("mobile")!=null;
+		if(mobile){
 			for(String key:List.of("search", "qsearch_hint", "more_actions", "photo_open_original", "like", "add_comment",
 					"object_X_of_Y", "delete", "delete_photo", "delete_photo_confirm", "set_photo_as_album_cover", "open_on_server_X", "report", "photo_save_to_album")){
 				if(k!=null && k.contains(key))
 					continue;
 				jsLang.add("\""+key+"\":"+lang.getAsJS(key));
 			}
+			if(Config.mobileCSSCacheHash!=null && req.queryParams("_nocss")==null)
+				model.with("customCSSHash", Config.mobileCSSCacheHash);
 		}else{
 			for(String key:List.of("photo_tagging_info", "photo_tagging_done", "photo_tag_myself", "photo_tag_select_friend", "photo_tag_not_found", "photo_delete_tag",
 					"photo_add_tag_submit", "photo_tag_name_search")){
 				if(k!=null && k.contains(key))
 					continue;
 				jsLang.add("\""+key+"\":"+lang.getAsJS(key));
 			}
+			if(Config.desktopCSSCacheHash!=null && req.queryParams("_nocss")==null)
+				model.with("customCSSHash", Config.desktopCSSCacheHash);
 		}
 		model.with("timeZone", tz!=null ? tz : ZoneId.systemDefault()).with("jsConfig", jsConfig.toString())
 				.with("jsLangKeys", "{"+String.join(",", jsLang)+"}")
@@ -171,7 +176,7 @@ public static void addGlobalParamsToTemplate(Request req, RenderedTemplateRespon
 				.with("serverDomain", Config.domain)
 				.with("serverVersion", BuildInfo.VERSION)
 				.with("langName", lang.name)
-				.with("isMobile", req.attribute("mobile")!=null)
+				.with("isMobile", mobile)
 				.with("isAjax", Utils.isAjax(req))
 				.with("_request", req);
 	}
 
@@ -74,6 +74,14 @@ public static byte[] sha256(byte[] input){
 		}
 	}
 
+	public static byte[] sha1(byte[] input){
+		try{
+			return MessageDigest.getInstance("SHA1").digest(input);
+		}catch(NoSuchAlgorithmException x){
+			throw new RuntimeException(x);
+		}
+	}
+
 	public static byte[] aesGcmEncrypt(byte[] input, byte[] key){
 		try{
 			byte[] iv=new byte[12];
 
@@ -332,5 +332,13 @@
   "report_log_added_content": "<a id=\"adminUser\">{name}</a> added this to report:",
   "admin_report_add_links": "Content URLs",
   "admin_report_add_links_one_per_line": "One per line",
-  "admin_report_link_wrong_author": "This content was not added to this report because it was not created by the user this report is about."
+  "admin_report_link_wrong_author": "This content was not added to this report because it was not created by the user this report is about.",
+  "admin_custom_css": "Styles",
+  "admin_css_explanation": "You can customize the appearance of your server's web interface here.",
+  "admin_css_resources": "Resources",
+  "admin_css_resources_explanation": "Upload images to use in your stylesheets.",
+  "admin_css_add_file": "Upload a file",
+  "admin_css_common": "Common",
+  "admin_css_desktop": "Desktop",
+  "admin_css_mobile": "Mobile"
 }
@@ -332,5 +332,13 @@
   "report_log_added_content": "<a id=\"adminUser\">{name}</a> {gender, select, female {добавила} other {добавил}} к жалобе:",
   "admin_report_add_links": "Ссылки на контент",
   "admin_report_add_links_one_per_line": "По одной на строку",
-  "admin_report_link_wrong_author": "Этот объект не был добавлен в жалобу, так как он создан не тем пользователем, на которого эта жалоба."
+  "admin_report_link_wrong_author": "Этот объект не был добавлен в жалобу, так как он создан не тем пользователем, на которого эта жалоба.",
+  "admin_custom_css": "Стили",
+  "admin_css_explanation": "Здесь вы можете придать индивидуальности веб-интерфейсу вашего сервера.",
+  "admin_css_resources": "Ресурсы",
+  "admin_css_resources_explanation": "Загрузите изображения, чтобы использовать их в своих стилях.",
+  "admin_css_add_file": "Загрузить файл",
+  "admin_css_common": "Общий",
+  "admin_css_desktop": "Десктопный",
+  "admin_css_mobile": "Мобильный"
 }
@@ -2,6 +2,7 @@
 <div class="tabbar">
 	{% if userPermissions.hasPermission('MANAGE_SERVER_SETTINGS') %}
 	<a href="/settings/admin" class="{% if tab=='general' %}selected{% endif %}">{{L('admin_server_settings')}}</a>
+	{% if not isMobile %}<a href="/settings/admin/css" class="{% if tab=='css' %}selected{% endif %}">{{ L('admin_custom_css') }}</a>{% endif %}
 	{% endif %}
 	{% if userPermissions.hasPermission('MANAGE_SERVER_RULES') %}
 	<a href="/settings/admin/rules" class="{% if tab=='rules' %}selected{% endif %}">{{ L('admin_server_rules') }}</a>
Original file line number	Diff line number	Diff line change
`@@ -74,6 +74,14 @@ public static byte[] sha256(byte[] input){`
`74`	`74`	`}`
`75`	`75`	`}`
`76`	`76`
	`77`	`+ public static byte[] sha1(byte[] input){`
	`78`	`+ try{`
	`79`	`+ return MessageDigest.getInstance("SHA1").digest(input);`
	`80`	`+ }catch(NoSuchAlgorithmException x){`
	`81`	`+ throw new RuntimeException(x);`
	`82`	`+ }`
	`83`	`+ }`
	`84`	`+`
`77`	`85`	`public static byte[] aesGcmEncrypt(byte[] input, byte[] key){`
`78`	`86`	`try{`
`79`	`87`	`byte[] iv=new byte[12];`