shockrah/freechat
shockrah/freechat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Db::Messages::get_time_range now handles case where

Browse Source 
start_time >= end_time
	Which means we won't get weird requests from clients anymore(hopefully)

* Route handler for /message/time_range now handles db::Response::RestrictedInput
Responds with a simple 400 and nothing else
This commit is contained in:
shockrah 2021-01-19 19:43:21 -08:00
parent 5c4bc6f96f
commit 3b3fa14496
2 changed files with 40 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
server-api/db/src/messages.rs
View File

@ -156,29 +156,38 @@ impl Message {
} }
pub async fn get_time_range(p: &Pool, channel_id: UBigInt, start: BigInt, end: BigInt) -> Result<Response<Self>, SqlError> { pub async fn get_time_range(p: &Pool, channel_id: UBigInt, start: BigInt, end: BigInt) -> Result<Response<Self>, SqlError> {
let conn = p.get_conn().await?; //! @returns on success : Set(Vec<Messages>)
let q = "SELECT id, time, content, author_id FROM messages WHERE channel_id = :channel AND time >= :start AND time < :end"; //! @returns on userfail: RestrictedInput(message)
//! @returns on error : Err(SqlError)
let select_result = conn.prep_exec( if start >= end {
q, params!{ Ok(Response::RestrictedInput("Invalid start/end parameters".into()))
"start" => start, }
"end" => end, else {
"channel" => channel_id let conn = p.get_conn().await?;
let q = "SELECT id, time, content, author_id FROM messages WHERE channel_id = :channel AND time >= :start AND time < :end";
let select_result = conn.prep_exec(
q, params!{
"start" => start,
"end" => end,
"channel" => channel_id
}).await?;
let(_conn, messages) = select_result.map_and_drop(|row| {
type Tuple = (UBigInt, BigInt, String, UBigInt);
let (id, time, content, author_id): Tuple = mysql_async::from_row(row);
Self {
id,
time,
content,
author_id,
channel_id
}
}).await?; }).await?;
let(_conn, messages) = select_result.map_and_drop(|row| { Ok(Response::Set(messages))
type Tuple = (UBigInt, BigInt, String, UBigInt); }
let (id, time, content, author_id): Tuple = mysql_async::from_row(row);
Self {
id,
time,
content,
author_id,
channel_id
}
}).await?;
Ok(Response::Set(messages))
} }
} }

21
server-api/src/messages.rs
View File

@ -34,19 +34,20 @@ pub async fn get_by_time(pool: &Pool, response: &mut Response<Body>, params: Val
match (channel, start_time, end_time) { match (channel, start_time, end_time) {
(Some(channel), Some(start), Some(end)) => { (Some(channel), Some(start), Some(end)) => {
match Message::get_time_range(pool, channel, start, end).await { match Message::get_time_range(pool, channel, start, end).await {
Ok(data) => { Ok(db_response) => {
response.headers_mut().insert( match db_response {
"Content-Type", db::Response::Set(messages) => {
HeaderValue::from_static("application/json")); response.headers_mut().insert(
"Content-Type",
let msg_vec = match data { HeaderValue::from_static("application/json"));
db::Response::Set(data) => data, let payload = json!({"messages": messages});
_ => Vec::new() *response.body_mut() = Body::from(payload.to_string());
},
db::Response::RestrictedInput(_/*error message to log*/) => *response.status_mut() = StatusCode::BAD_REQUEST,
_ => *response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR
}; };
// this absolute lack of data streaming is prolly gonna suck like // this absolute lack of data streaming is prolly gonna suck like
// a whoe in hell week for performance but lets pretend servers don't get massive // a whoe in hell week for performance but lets pretend servers don't get massive
let payload = json!({"messages": msg_vec});
*response.body_mut() = Body::from(payload.to_string());
}, },
Err(e) => { Err(e) => {
eprintln!("{}", e); eprintln!("{}", e);