feat(dashboard): add tos/privacy/about pages, add delete all data page + endpoint

2024-10-24 15:53:27 +02:00 · 2024-10-24 15:53:27 +02:00 · 31b6ac2cac
commit 31b6ac2cac
parent ac54b78a13
21 changed files with 527 additions and 28 deletions
--- a/Catalogger.Frontend/src/lib/components/Navbar.svelte
+++ b/Catalogger.Frontend/src/lib/components/Navbar.svelte
@ -30,7 +30,7 @@
 	};
 </script>

-<Navbar expand="lg">
+<Navbar expand="lg" color="dark" dark={true}>
 	<NavbarBrand href="/">Catalogger</NavbarBrand>
 	<NavbarToggler on:click={() => (isOpen = !isOpen)} />
 	<Collapse {isOpen} navbar expand="lg">
--- a/Catalogger.Frontend/src/routes/+layout.svelte
+++ b/Catalogger.Frontend/src/routes/+layout.svelte
@ -8,16 +8,30 @@
 	export let data: LayoutData;
 </script>

-<Navbar user={data.user} />
-
-<div class="container">
-	<slot />
-	<div class="position-absolute top-0 start-50 translate-middle-x">
-		{#each $toastStore as toast}
-			<Toast class="mt-2">
-				{#if toast.header}<ToastHeader>{toast.header}</ToastHeader>{/if}
-				<ToastBody>{toast.body}</ToastBody>
-			</Toast>
-		{/each}
+<div class="d-flex flex-column min-vh-100">
+	<Navbar user={data.user} />
+	<div class="container mt-2 flex-grow-1">
+		<slot />
+		<div class="position-absolute top-0 start-50 translate-middle-x">
+			{#each $toastStore as toast}
+				<Toast class="mt-2">
+					{#if toast.header}<ToastHeader>{toast.header}</ToastHeader>{/if}
+					<ToastBody>{toast.body}</ToastBody>
+				</Toast>
+			{/each}
+		</div>
 	</div>
+
+	<footer class="container pt-2 pb-4">
+		<hr />
+		<div class="flex flex-column flex-lg-row">
+			<a href="/about/contact">Contact</a>
+			·
+			<a href="/about/tos">Terms of service</a>
+			·
+			<a href="/about/privacy">Privacy</a>
+			·
+			<a href="https://codeberg.org/starshine/catalogger" target="_blank">Source code</a>
+		</div>
+	</footer>
 </div>
--- a/Catalogger.Frontend/src/routes/+page.svelte
+++ b/Catalogger.Frontend/src/routes/+page.svelte
@ -1,14 +1,20 @@
 <script lang="ts">
 	import apiFetch from "$lib/api";
 	import { onMount } from "svelte";
+	import type { PageData } from "./$types";
+	import { Button, ButtonGroup } from "@sveltestrap/sveltestrap";

-	let guildCount: number | null = 0;
+	export let data: PageData;

-	type MetaResponse = { guilds: number };
+	let guildCount: number | null = null;
+	let inviteUrl: string | null = null;
+
+	type MetaResponse = { guilds: number; invite_url: string };

 	onMount(async () => {
 		const meta = await apiFetch<MetaResponse>("GET", "/api/meta");
 		guildCount = meta.guilds;
+		inviteUrl = meta.invite_url;
 	});
 </script>

@ -16,11 +22,40 @@
 	<title>Catalogger</title>
 </svelte:head>

-<h1>Welcome to SvelteKit</h1>
+<h1>Catalogger</h1>
+
 <p>
-	Visit <a href="https://kit.svelte.dev">kit.svelte.dev</a> to read the documentation
+	Catalogger is a logging bot for Discord that integrates with <a
+		href="https://pluralkit.me"
+		target="_blank">PluralKit</a
+	>'s message proxying.
+</p>
+<p>
+	It adds extra information to edited and deleted messages: system ID, member
+	ID, and the linked account. It also ignores messages that trigger proxies, so
+	your deleted message logs will be free of duplicate messages.
+	<br />It also shows system information for new members joining your server,
+	and can notify you if an account linked to a banned system joins your server.
+	Which invite a member used is also logged.
 </p>

 <p>
 	In {guildCount ?? "(loading)"} servers!
 </p>
+
+{#if data.user || inviteUrl}
+	<p>
+		<ButtonGroup>
+			{#if inviteUrl}
+				<Button color="primary" href={inviteUrl}
+					>Add Catalogger to your server</Button
+				>
+			{/if}
+			{#if data.user}
+				<Button color="secondary" href="/dash">Open the dashboard</Button>
+			{:else}
+				<Button color="secondary" href="/api/authorize">Log in</Button>
+			{/if}
+		</ButtonGroup>
+	</p>
+{/if}
--- a/Catalogger.Frontend/src/routes/about/+layout.svelte
+++ b/Catalogger.Frontend/src/routes/about/+layout.svelte
@ -0,0 +1 @@
+<slot />
--- a/Catalogger.Frontend/src/routes/about/+layout.ts
+++ b/Catalogger.Frontend/src/routes/about/+layout.ts
@ -0,0 +1 @@
+export const prerender = true;
--- a/Catalogger.Frontend/src/routes/about/contact.md
+++ b/Catalogger.Frontend/src/routes/about/contact.md
@ -0,0 +1,5 @@
+# Contact
+
+The best way to contact us is through [the support server](https://discord.gg/b5jjJ96Jbv).
+
+If you would rather use email, please send an email to `catalogger [at] starshines [dot] gay`.
--- a/Catalogger.Frontend/src/routes/about/contact/+page.svelte
+++ b/Catalogger.Frontend/src/routes/about/contact/+page.svelte
@ -0,0 +1,9 @@
+<script lang="ts">
+    import { html } from "../contact.md";
+</script>
+
+<svelte:head>
+    <title>Catalogger - Contact</title>
+</svelte:head>
+
+{@html html}
--- a/Catalogger.Frontend/src/routes/about/privacy.md
+++ b/Catalogger.Frontend/src/routes/about/privacy.md
@ -0,0 +1,34 @@
+# Privacy policy
+
+We're not lawyers and never will be, and we don't want to write a document no one can (or wants to) read.  
+That being said, this bot handles sensitive information, so here's a list of what the bot collects.
+
+By using Catalogger's commands, or by participating in a server where it's logging events,
+you consent to have your data processed by the bot.
+
+This is the data Catalogger collects:
+
+- Messages, in servers where edited and/or deleted message logging is enabled.
+- Server-specific settings: which channels to log to, and which channels to ignore.
+
+You can opt out of your messages being collected by leaving servers the bot is in.  
+Because this data is stored for moderation purposes, you cannot opt out while still staying in those servers.
+
+Messages are stored encrypted in the database, and automatically deleted after fifteen days.  
+This retention time may be lowered in the future.
+
+This is the data Catalogger fetches from Discord, and is stored while the bot is running:
+
+- User information: IDs, usernames, and avatars.
+- Member information: Nicknames and roles.
+- Server information: all channels and all roles in a server.
+- Webhooks used for logging.
+
+Additionally, the dashboard collects the following data:
+
+- The servers a logged-in user is in, to check their permissions and provide a list of all servers they can manage.
+
+To clear your server's data, use the "Delete all data" page on the dashboard.
+Catalogger will automatically leave your server after confirmation.
+
+Note that that command won't remove any data from database backups. [Contact us](/about/contact) if you want those wiped too.
--- a/Catalogger.Frontend/src/routes/about/privacy/+page.svelte
+++ b/Catalogger.Frontend/src/routes/about/privacy/+page.svelte
@ -0,0 +1,9 @@
+<script lang="ts">
+	import { html } from "../privacy.md";
+</script>
+
+<svelte:head>
+	<title>Privacy policy - Catalogger</title>
+</svelte:head>
+
+{@html html}
--- a/Catalogger.Frontend/src/routes/about/tos.md
+++ b/Catalogger.Frontend/src/routes/about/tos.md
@ -0,0 +1,22 @@
+# Terms of Service
+
+By using the Catalogger Discord bot (henceforth referred to as “the bot”) or the Catalogger dashboard (henceforth referred to as “the website”), you accept and agree to abide by the terms and provisions of this agreement.
+
+In addition, when using the bot’s services, or those of the website, you shall be subject to any posted guidelines or rules applicable to such services, which may be posted and modified from time to time.
+
+All such guidelines or rules are hereby incorporated by reference into the Terms Of Service (henceforth referred to as ‘the ToS’).
+
+ANY USE OF THE BOT OR THE WEBSITE CONSTITUTES AGREEMENT TO THESE TERMS OF SERVICE. IF YOU DO NOT AGREE TO THE TOS, DO NOT USE THE BOT OR THE WEBSITE.
+
+The service is offered in the hopes that it will be useful, but without any warranty. The developer shall not be responsible or liable for the accuracy, correctness, usefulness or availability of any information transmitted or made available via bot or the website or any other officially associated media, and shall not be responsible or liable for any error or omissions in that information. The developer is also not liable for any damage, data loss or harm caused by the use or misuse of the bot or the website, however unlikely that may be. By using the bot or the website, you agree to this and you understand that the developer is not liable for damage, data loss or other harm, caused by the use or misuse of the bot or the website, or association with the developer in any other way.
+
+The developer reserves the right to modify, remove or revoke access to the service, whether to discontinue it as a whole or bar specific persons or parties from accessing or using the bot, the website, or any other officially associated media for any reason, including but not limited to:
+deliberately interfering with the service’s operation, such as by attempting a denial of service attack;
+using the service to break the law;
+using the service to break other organizations’ Terms of Service, including Discord.
+
+The developer will take whatever steps are necessary to preserve the integrity of the software and hardware the service runs upon, and again reserves the right to bar and take any reasonable measure against parties or persons who attempt to prevent that. In the event of a data breach, the developer will handle it in accordance with the law.
+
+Catalogger is proud to have good privacy practices and is GDPR compliant. You can find the privacy policy [here](/about/privacy).
+
+If you believe your intellectual property rights have been infringed by the developer, please contact us [here](/about/contact).
--- a/Catalogger.Frontend/src/routes/about/tos/+page.svelte
+++ b/Catalogger.Frontend/src/routes/about/tos/+page.svelte
@ -0,0 +1,9 @@
+<script lang="ts">
+    import { html } from "../tos.md";
+</script>
+
+<svelte:head>
+    <title>Catalogger - Terms of Service</title>
+</svelte:head>
+
+{@html html}
--- a/Catalogger.Frontend/src/routes/dash/[guildId]/+layout.svelte
+++ b/Catalogger.Frontend/src/routes/dash/[guildId]/+layout.svelte
@ -69,6 +69,12 @@
 		>
 			Key roles
 		</NavLink>
+		<NavLink
+			href="/dash/{data.guild.id}/delete"
+			active={$page.url.pathname === `/dash/${data.guild.id}/delete`}
+		>
+			Delete all data
+		</NavLink>
 	</Nav>

 	{#if $page.url.pathname === `/dash/${data.guild.id}` || $page.url.pathname === `/dash/${data.guild.id}/ignored-channels`}
--- a/Catalogger.Frontend/src/routes/dash/[guildId]/delete/+page.svelte
+++ b/Catalogger.Frontend/src/routes/dash/[guildId]/delete/+page.svelte
@ -0,0 +1,64 @@
+<script lang="ts">
+	import { Alert, Button, Input, InputGroup } from "@sveltestrap/sveltestrap";
+	import type { PageData } from "./$types";
+	import { fastFetch, type ApiError } from "$lib/api";
+	import { addToast } from "$lib/toast";
+	import { goto } from "$app/navigation";
+
+	export let data: PageData;
+
+	let guildName: string = "";
+
+	const deleteData = async () => {
+		try {
+			await fastFetch("POST", `/api/guilds/${data.guild.id}/leave`, {
+				name: guildName,
+			});
+			addToast({
+				header: "Left server",
+				body: `Successfully left ${data.guild.name} and deleted all data related to it.`,
+			});
+
+			await goto("/dash");
+		} catch (e) {
+			addToast({
+				header: "Error leaving server",
+				body: (e as ApiError).message || "Unknown error",
+			});
+		}
+	};
+</script>
+
+<h3>Delete this server's data</h3>
+
+<p>
+	To make Catalogger leave your server and delete all data from your server,
+	fill its name in below and press "Delete".
+	<br />
+	<strong>
+		This is irreversible. If you change your mind later, your data cannot be
+		restored.
+	</strong>
+	<br />
+	If you just want to make Catalogger leave your server but not delete data, simply
+	kick it via Discord.
+</p>
+
+<Alert color="danger">
+	<h4 class="alert-heading">This is irreversible!</h4>
+
+	We <strong>cannot</strong> help you recover data deleted in this way.
+</Alert>
+
+<p>
+	<InputGroup>
+		<Input type="text" placeholder="Server name" bind:value={guildName} />
+		<Button
+			color="danger"
+			disabled={guildName !== data.guild.name}
+			on:click={deleteData}
+		>
+			Delete
+		</Button>
+	</InputGroup>
+</p>