From a837e00384d92d3d41f5305a8eddc8ef140a6955 Mon Sep 17 00:00:00 2001 From: Dromader2137 Date: Sat, 1 Jun 2024 08:56:42 +0200 Subject: [PATCH] pfp remove --- README.md | 19 +++++++++++ scripts/remove-pfp.sh | 11 +++++++ scripts/test-pfp.sh | 12 +++++++ src/api_calls.rs | 68 ++++++++++++++++++++++++++++++--------- src/database_functions.rs | 17 ++++++++++ src/main.rs | 7 ++++ src/types.rs | 5 +++ 7 files changed, 123 insertions(+), 16 deletions(-) create mode 100755 scripts/remove-pfp.sh create mode 100755 scripts/test-pfp.sh diff --git a/README.md b/README.md index d015984..99c8618 100644 --- a/README.md +++ b/README.md @@ -265,3 +265,22 @@ AddImageToPostRequest { - Effect: Image is added to post - Return: 200 ("Image added to post") / 400 ("Image already added to this post") / 401 ("Wrong token" / "User not authorized") / 404 ("Image not found" / "Post not found") - Headers: 'Content-Type: application/json' 'Content-Type: text/plain' +#### /api/post/set-pfp + - Post: +``` +SetPFPRequest { + image_id: i64, + user_id: i64 +} +``` + - With cookies + - Effect: User's PFP is set to the image +#### /api/post/remove-pfp + - Post: +``` +RemovePFPRequest { + user_id: i64 +} +``` + - With cookies + - Effect: User's PFP is deleted diff --git a/scripts/remove-pfp.sh b/scripts/remove-pfp.sh new file mode 100755 index 0000000..4e24b4f --- /dev/null +++ b/scripts/remove-pfp.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +path="$1/api/post/remove-pfp" + +curl --location --request POST "$path" \ +--cookie "token=$3" \ +--header 'Content-Type: application/json' \ +--header 'Content-Type: text/plain' \ +--data-raw '{ + "user_id": '$2' +}' diff --git a/scripts/test-pfp.sh b/scripts/test-pfp.sh new file mode 100755 index 0000000..ea73382 --- /dev/null +++ b/scripts/test-pfp.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +ip=$1 + +tok_0=$(./scripts/login.sh $ip admin admin false) +tok_1=$(./scripts/signup.sh $ip dr 1234 false) +echo $tok_0 +echo $tok_1 +./scripts/create-post.sh $ip hello welcome yo $tok_1 +./scripts/upload-image.sh $ip "media/profile_pictures/default.png" $tok_0 +./scripts/set-pfp.sh $ip 0 0 $tok_0 +./scripts/remove-pfp.sh $ip 0 $tok_0 diff --git a/src/api_calls.rs b/src/api_calls.rs index 97ee787..ec41a4f 100644 --- a/src/api_calls.rs +++ b/src/api_calls.rs @@ -1254,7 +1254,7 @@ pub async fn delete_user( } } -pub async fn delete_post(token: String, request: PostDeleteRequest,) -> Result { +pub async fn delete_post(token: String, _request: PostDeleteRequest,) -> Result { info!("{}", token); let token = match verify_token(token) { Ok(val) => val, @@ -1267,23 +1267,9 @@ pub async fn delete_post(token: String, request: PostDeleteRequest,) -> Result Result { + let connection = tokio_rusqlite::Connection::open("projekt-db") + .await + .unwrap(); + + let token = match verify_token(token) { + Ok(val) => val, + Err(_) => { + let r = "Wrong token"; + return Ok(warp::reply::with_status( + warp::reply::json(&r), + warp::http::StatusCode::UNAUTHORIZED, + )); + } + }; + + if is_limited(&connection, token.claims.uid).await && token.claims.is_admin == 0 { + let r = "Ur too fast"; + return Ok(warp::reply::with_status( + warp::reply::json(&r), + warp::http::StatusCode::FORBIDDEN, + )); + } + + if !check_user_id(&connection, token.claims.uid).await { + let r = "User not found"; + return Ok(warp::reply::with_status( + warp::reply::json(&r), + warp::http::StatusCode::NOT_FOUND, + )); + } + + add_upload_db(&connection, token.claims.uid, 1).await; + remove_image_from_user(&connection, token.claims.uid).await; + + let r = "PFP deleted"; + Ok(warp::reply::with_status( + warp::reply::json(&r), + warp::http::StatusCode::OK, + )) +} + pub async fn add_image_to_post( token: String, request: AddImageToPostRequest, @@ -1994,3 +2025,8 @@ pub fn set_pfp_json( ) -> impl Filter + Clone { warp::body::content_length_limit(1024 * 16).and(warp::body::json()) } + +pub fn remove_pfp_json( +) -> impl Filter + Clone { + warp::body::content_length_limit(1024 * 16).and(warp::body::json()) +} diff --git a/src/database_functions.rs b/src/database_functions.rs index 12d9c18..aad977a 100644 --- a/src/database_functions.rs +++ b/src/database_functions.rs @@ -155,6 +155,13 @@ pub async fn purge_data(connection: &Connection, user_id: i64) { statement.execute(params![user_id]).unwrap(); Ok(0) }).await.unwrap(); + + let user_delete_query = "DELETE FROM users WHERE user_id = ?"; + connection.call(move |conn| { + let mut statement = conn.prepare(user_delete_query).unwrap(); + statement.execute(params![user_id]).unwrap(); + Ok(0) + }).await.unwrap(); } pub async fn get_next_post_id(connection: &Connection) -> Result { @@ -505,6 +512,16 @@ pub async fn assign_image_to_user(connection: &Connection, user_id: i64, image_i Ok(()) } +pub async fn remove_image_from_user(connection: &Connection, user_id: i64) { + let image_query = "UPDATE users SET pfp_id='' WHERE user_id=?"; + + connection.call(move |conn| { + let mut statement = conn.prepare(image_query).unwrap(); + statement.execute(params![user_id]).unwrap(); + Ok(0) + }).await.unwrap(); +} + pub async fn add_upload_db(connection: &Connection, user_id: i64, weight: i16) { let time_since_epoch: i64 = SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs() as i64; let add_query = "INSERT INTO uploads VALUES (?, ?, ?)"; diff --git a/src/main.rs b/src/main.rs index 9c8ab6d..5769647 100644 --- a/src/main.rs +++ b/src/main.rs @@ -182,6 +182,12 @@ pub fn routes() -> impl Filter("token")) .and(set_pfp_json()) .and_then(set_pfp); + + let remove_pfp = warp::post() + .and(warp::path!("api" / "post" / "remove-pfp")) + .and(warp::cookie::("token")) + .and(remove_pfp_json()) + .and_then(remove_pfp); get_posts_by_user .or(post) @@ -218,6 +224,7 @@ pub fn routes() -> impl Filter