From 6bea3bf2ef31f978b98848a5f2a045dcab0cc2f0 Mon Sep 17 00:00:00 2001
From: Tyler Murphy <tylermurphy534@gmail.com>
Date: Thu, 26 Jan 2023 21:29:06 -0500
Subject: input length and range checking

---
 src/api/posts.rs | 34 +++++++++++++++++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)

(limited to 'src/api/posts.rs')

diff --git a/src/api/posts.rs b/src/api/posts.rs
index 405dfa6..85ff2b2 100644
--- a/src/api/posts.rs
+++ b/src/api/posts.rs
@@ -1,7 +1,7 @@
 use axum::{response::Response, Router, routing::{post, patch}};
 use serde::Deserialize;
 
-use crate::types::{extract::{AuthorizedUser, Json}, post::Post, response::ResponseCode};
+use crate::types::{extract::{AuthorizedUser, Json, Check, CheckResult}, post::Post, response::ResponseCode};
 
 
 #[derive(Deserialize)]
@@ -9,6 +9,13 @@ struct PostCreateRequest {
     content: String
 }
 
+impl Check for PostCreateRequest {
+    fn check(&self) -> CheckResult {
+        Self::assert_length(&self.content, 1, 500, "Comments must be between 1-500 characters long")?;
+        Ok(())
+    }
+}
+
 async fn create(AuthorizedUser(user): AuthorizedUser, Json(body): Json<PostCreateRequest>) -> Response {
 
     let Ok(_post) = Post::new(user.user_id, body.content) else {
@@ -23,6 +30,12 @@ struct PostPageRequest {
     page: u64
 }
 
+impl Check for PostPageRequest {
+    fn check(&self) -> CheckResult {
+        Ok(())
+    }
+}
+
 async fn page(AuthorizedUser(_user): AuthorizedUser, Json(body): Json<PostPageRequest>) -> Response {
     
     let Ok(posts) = Post::from_post_page(body.page) else {
@@ -41,6 +54,12 @@ struct UsersPostsRequest {
     user_id: u64
 }
 
+impl Check for UsersPostsRequest {
+    fn check(&self) -> CheckResult {
+        Ok(())
+    }
+}
+
 async fn user(AuthorizedUser(_user): AuthorizedUser, Json(body): Json<UsersPostsRequest>) -> Response {
     
     let Ok(posts) = Post::from_user_id(body.user_id) else {
@@ -60,6 +79,13 @@ struct PostCommentRequest {
     post_id: u64
 }
 
+impl Check for PostCommentRequest {
+    fn check(&self) -> CheckResult {
+        Self::assert_length(&self.content, 1, 255, "Comments must be between 1-255 characters long")?;
+        Ok(())
+    }
+}
+
 async fn comment(AuthorizedUser(user): AuthorizedUser, Json(body): Json<PostCommentRequest>) -> Response {
     
     let Ok(mut post) = Post::from_post_id(body.post_id) else {
@@ -79,6 +105,12 @@ struct PostLikeRequest {
     post_id: u64
 }
 
+impl Check for PostLikeRequest {
+    fn check(&self) -> CheckResult {
+        Ok(())
+    }
+}
+
 async fn like(AuthorizedUser(user): AuthorizedUser, Json(body): Json<PostLikeRequest>) -> Response {
     
     let Ok(mut post) = Post::from_post_id(body.post_id) else {
-- 
cgit v1.2.3-freya