feat: privacy page and misc templates

2026-01-19 00:06:56 +01:00 · 2025-01-16 09:14:30 +01:00
parent e58ead5cd7
commit 44ee9b6ce9
10 changed files with 134 additions and 63 deletions
--- a/assets/style.css
+++ b/assets/style.css
--- a/page_base.html
+++ b/page_base.html
@@ -0,0 +1,5 @@
+{% extends 'body_base.html' %}
+{% block main %}
+<main class="container justify-center flex-grow flex mx-auto mt-4 p-5">
+</main>
+{% endblock %}
--- a/src/bin/server.rs
+++ b/src/bin/server.rs
@@ -32,6 +32,7 @@ use zettle_db::{
                index::index_handler,
                ingress::{process_ingress_form, show_ingress_form},
                ingress_tasks::{delete_task, show_queue_tasks},
+                privacy_policy::show_privacy_policy,
                search_result::search_result_handler,
                signin::{authenticate_user, show_signin_form},
                signout::sign_out_user,
@@ -170,6 +171,7 @@ fn html_routes(
        .route("/", get(index_handler))
        .route("/gdpr/accept", post(accept_gdpr))
        .route("/gdpr/deny", post(deny_gdpr))
+        .route("/privacy-policy", get(show_privacy_policy))
        .route("/search", get(search_result_handler))
        .route("/signout", get(sign_out_user))
        .route("/signin", get(show_signin_form).post(authenticate_user))
--- a/src/ingress/types/ingress_object.rs
+++ b/src/ingress/types/ingress_object.rs
@@ -13,7 +13,6 @@ use scraper::{Html, Selector};
 use serde::{Deserialize, Serialize};
 use std::fmt::Write;
 use tiktoken_rs::{o200k_base, CoreBPE};
-use tracing::info;

 /// Knowledge object type, containing the content or reference to it, as well as metadata
 #[derive(Debug, Serialize, Deserialize, Clone)]
--- a/src/server/routes/html/mod.rs
+++ b/src/server/routes/html/mod.rs
@@ -9,6 +9,7 @@ pub mod gdpr;
 pub mod index;
 pub mod ingress;
 pub mod ingress_tasks;
+pub mod privacy_policy;
 pub mod search_result;
 pub mod signin;
 pub mod signout;
--- a/src/server/routes/html/privacy_policy.rs
+++ b/src/server/routes/html/privacy_policy.rs
@@ -0,0 +1,31 @@
+use axum::{extract::State, response::IntoResponse};
+use axum_session_auth::AuthSession;
+use axum_session_surreal::SessionSurrealPool;
+use surrealdb::{engine::any::Any, Surreal};
+
+use crate::{
+    error::HtmlError,
+    page_data,
+    server::{routes::html::render_template, AppState},
+    storage::types::user::User,
+};
+
+page_data!(PrivacyPolicyData, "privacy_policy.html", {
+    user: Option<User>
+});
+
+pub async fn show_privacy_policy(
+    State(state): State<AppState>,
+    auth: AuthSession<User, String, SessionSurrealPool<Any>, Surreal<Any>>,
+) -> Result<impl IntoResponse, HtmlError> {
+    let output = render_template(
+        PrivacyPolicyData::template_name(),
+        PrivacyPolicyData {
+            user: auth.current_user,
+        },
+        state.templates.clone(),
+    )
+    .map_err(|e| HtmlError::from_template_error(e, state.templates.clone()))?;
+
+    Ok(output.into_response())
+}
--- a/templates/auth/account.html
+++ b/templates/auth/account.html
@@ -5,52 +5,50 @@
    opacity: 0.5;
  }
 </style>
-<main class="flex-grow flex justify-center items-center">
-  <div class="max-w-lg p-5  w-full">
-    <h2 class="text-2xl font-bold text-center mb-8">Account Settings</h2>
-    <div class="form-control">
-      <label class="label">
-        <span class="label-text">Email</span>
-      </label>
-      <input type="email" name="email" value="{{ user.email }}" class="input !text-gray-100 input-bordered w-full"
-        disabled />
-    </div>
-    <div class="form-control">
-      <label class="label">
-        <span class="label-text">API key</span>
-      </label>
-      {% block api_key_section %}
-      {% if user.api_key %}
-      <input type="text" name="api-key" value="{{ user.api_key }}" class="input !text-gray-100 input-bordered w-full"
-        disabled />
-      <a href="https://www.icloud.com/shortcuts/66985f7b98a74aaeac6ba29c3f1f0960" class="btn btn-accent mt-4">Download
-        iOS
-        shortcut</a>
-      {% else %}
-      <button hx-post="/set-api-key" class="btn btn-secondary w-full" hx-swap="outerHTML">
-        Create API-Key
-      </button>
-      {% endif %}
-      {% endblock %}
-    </div>
-    <div class="form-control mt-4">
-      <button hx-post="/verify-email" class="btn btn-secondary w-full">
-        Verify Email
-      </button>
-    </div>
-    <div class="form-control mt-4">
-      <button hx-get="/change-password" class="btn btn-primary w-full">
-        Change Password
-      </button>
-    </div>
-    <div class="form-control mt-4">
-      <button hx-delete="/delete-account"
-        hx-confirm="This action will permanently delete your account and all data associated. Are you sure you want to continue?"
-        class="btn btn-error w-full">
-        Delete Account
-      </button>
-    </div>
-    <div id="account-result" class="mt-4"></div>
+<main class="flex-grow flex flex-col prose container mx-auto p-5">
+  <h1 class="text-center">Account Settings</h1>
+  <div class="form-control">
+    <label class="label">
+      <span class="label-text">Email</span>
+    </label>
+    <input type="email" name="email" value="{{ user.email }}" class="input !text-gray-100 input-bordered w-full"
+      disabled />
  </div>
+  <div class="form-control">
+    <label class="label">
+      <span class="label-text">API key</span>
+    </label>
+    {% block api_key_section %}
+    {% if user.api_key %}
+    <input type="text" name="api-key" value="{{ user.api_key }}" class="input !text-gray-100 input-bordered w-full"
+      disabled />
+    <a href="https://www.icloud.com/shortcuts/66985f7b98a74aaeac6ba29c3f1f0960" class="btn btn-accent mt-4">Download
+      iOS
+      shortcut</a>
+    {% else %}
+    <button hx-post="/set-api-key" class="btn btn-secondary w-full" hx-swap="outerHTML">
+      Create API-Key
+    </button>
+    {% endif %}
+    {% endblock %}
+  </div>
+  <div class="form-control mt-4">
+    <button hx-post="/verify-email" class="btn btn-secondary w-full">
+      Verify Email
+    </button>
+  </div>
+  <div class="form-control mt-4">
+    <button hx-get="/change-password" class="btn btn-primary w-full">
+      Change Password
+    </button>
+  </div>
+  <div class="form-control mt-4">
+    <button hx-delete="/delete-account"
+      hx-confirm="This action will permanently delete your account and all data associated. Are you sure you want to continue?"
+      class="btn btn-error w-full">
+      Delete Account
+    </button>
+  </div>
+  <div id="account-result" class="mt-4"></div>
 </main>
 {% endblock %}
--- a/templates/body_base.html
+++ b/templates/body_base.html
@@ -12,6 +12,7 @@
        <div>
          <ul class="menu menu-horizontal px-1">
            <li><a hx-boost="true" class="" href="/documentation">Docs</a></li>
+            <li><a hx-boost="true" class="" href="/privacy-policy">Privacy</a></li>
            {% if user %}
            <li><a hx-boost="true" class="" href="/account">Account</a></li>
            <li><a hx-boost="true" href="/signout">Sign out</a></li>
--- a/templates/privacy_policy.html
+++ b/templates/privacy_policy.html
@@ -0,0 +1,35 @@
+{% extends 'body_base.html' %}
+{% block main %}
+<main class="container justify-center flex-grow flex mx-auto mt-4 p-5">
+  <article class="prose">
+    <h1>Privacy Policy</h1>
+
+    <p>We value your privacy and are committed to protecting your personal information. This policy
+      outlines how we handle your data and ensures transparency in our practices.</p>
+
+    <h2>Data Collection</h2>
+    <p>We only collect data that is necessary for the functionality of our services. Any data you upload to
+      our site remains your property and will not be shared with third parties unless required by law.</p>
+
+    <h2>Cookies</h2>
+    <p>We do not use cookies for tracking or analytics. The cookies we employ are strictly for session
+      management, ensuring a smooth and secure user experience.</p>
+
+    <h2>No Unnecessary Data Extraction</h2>
+    <p>We believe that unnecessary data extraction is unethical and a poor practice. We only collect the
+      minimum amount of data required to provide our services effectively, ensuring your privacy is respected at all
+      times.</p>
+
+    <h2>Your Rights</h2>
+    <p>You have the right to access, modify, or delete your data at any time. If you have any concerns
+      about how your data is handled, please contact us.</p>
+
+    <h2>Changes to This Policy</h2>
+    <p>We may update this privacy policy from time to time. Any changes will be posted on this page, and we
+      encourage you to review it periodically.</p>
+
+    <p>Thank you for trusting us with your information. We are committed to treating it with the care and
+      respect it deserves.</p>
+  </article>
+</main>
+{% endblock %}
--- a/todo.md
+++ b/todo.md
@@ -1,19 +1,18 @@
-\[x\] add user_id to ingress objects
-\[x\] restrict retrieval to users own objects
-\[x\] templating
-\[x\] redirects
-\[x\] hx-redirect
-\[x\] macro for pagedata?
-\[\] add more config structs for clarity
+\[\] admin controls re registration
+\[\] archive ingressed webpage
 \[\] configs primarily get envs
-\[x\] user id to fileinfo and data path?
+\[\] html ingression
+\[\] view content
+\[\] view graph map
+\[\] view latest
+\[x\] add user_id to ingress objects
 \[x\] gdpr
+\[x\] hx-redirect
 \[x\] ios shortcut generation
 \[x\] job queue
-\[\] html ingression
-\[\] view latest
-\[\] view graph map
-\[\] admin controls re registration
-\[\] smoothie_dom test
-\[\] archive ingressed webpage
-\[\] view content
+\[x\] macro for pagedata?
+\[x\] redirects
+\[x\] restrict retrieval to users own objects
+\[x\] smoothie_dom test
+\[x\] templating
+\[x\] user id to fileinfo and data path?