diff options
| author | Tyler Murphy <tylermurphy534@gmail.com> | 2023-01-26 21:29:06 -0500 |
|---|---|---|
| committer | Tyler Murphy <tylermurphy534@gmail.com> | 2023-01-26 21:29:06 -0500 |
| commit | 6bea3bf2ef31f978b98848a5f2a045dcab0cc2f0 (patch) | |
| tree | 76e6eda59aa43378f5744fd08962b9767147671f /src/api/posts.rs | |
| parent | i did things (diff) | |
| download | xssbook-6bea3bf2ef31f978b98848a5f2a045dcab0cc2f0.tar.gz xssbook-6bea3bf2ef31f978b98848a5f2a045dcab0cc2f0.tar.bz2 xssbook-6bea3bf2ef31f978b98848a5f2a045dcab0cc2f0.zip | |
input length and range checking
Diffstat (limited to 'src/api/posts.rs')
| -rw-r--r-- | src/api/posts.rs | 34 |
1 files changed, 33 insertions, 1 deletions
diff --git a/src/api/posts.rs b/src/api/posts.rs index 405dfa6..85ff2b2 100644 --- a/src/api/posts.rs +++ b/src/api/posts.rs @@ -1,7 +1,7 @@ use axum::{response::Response, Router, routing::{post, patch}}; use serde::Deserialize; -use crate::types::{extract::{AuthorizedUser, Json}, post::Post, response::ResponseCode}; +use crate::types::{extract::{AuthorizedUser, Json, Check, CheckResult}, post::Post, response::ResponseCode}; #[derive(Deserialize)] @@ -9,6 +9,13 @@ struct PostCreateRequest { content: String } +impl Check for PostCreateRequest { + fn check(&self) -> CheckResult { + Self::assert_length(&self.content, 1, 500, "Comments must be between 1-500 characters long")?; + Ok(()) + } +} + async fn create(AuthorizedUser(user): AuthorizedUser, Json(body): Json<PostCreateRequest>) -> Response { let Ok(_post) = Post::new(user.user_id, body.content) else { @@ -23,6 +30,12 @@ struct PostPageRequest { page: u64 } +impl Check for PostPageRequest { + fn check(&self) -> CheckResult { + Ok(()) + } +} + async fn page(AuthorizedUser(_user): AuthorizedUser, Json(body): Json<PostPageRequest>) -> Response { let Ok(posts) = Post::from_post_page(body.page) else { @@ -41,6 +54,12 @@ struct UsersPostsRequest { user_id: u64 } +impl Check for UsersPostsRequest { + fn check(&self) -> CheckResult { + Ok(()) + } +} + async fn user(AuthorizedUser(_user): AuthorizedUser, Json(body): Json<UsersPostsRequest>) -> Response { let Ok(posts) = Post::from_user_id(body.user_id) else { @@ -60,6 +79,13 @@ struct PostCommentRequest { post_id: u64 } +impl Check for PostCommentRequest { + fn check(&self) -> CheckResult { + Self::assert_length(&self.content, 1, 255, "Comments must be between 1-255 characters long")?; + Ok(()) + } +} + async fn comment(AuthorizedUser(user): AuthorizedUser, Json(body): Json<PostCommentRequest>) -> Response { let Ok(mut post) = Post::from_post_id(body.post_id) else { @@ -79,6 +105,12 @@ struct PostLikeRequest { post_id: u64 } +impl Check for PostLikeRequest { + fn check(&self) -> CheckResult { + Ok(()) + } +} + async fn like(AuthorizedUser(user): AuthorizedUser, Json(body): Json<PostLikeRequest>) -> Response { let Ok(mut post) = Post::from_post_id(body.post_id) else { |