mirror/mCaptcha
1
0
Fork 1
mirror of https://github.com/mCaptcha/mCaptcha.git synced 2026-02-11 10:05:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

edit sitekey, router pattern matching, sitekey update optimization, rm level delete and level err handling

Browse Source
This commit is contained in:
realaravinth
2021-07-16 17:40:52 +05:30
parent 863d22f62c
commit ea8264054a
31 changed files with 746 additions and 526 deletions
Download Patch File Download Diff File Expand all files Collapse all files

149
src/api/v1/mcaptcha/levels.rs
View File

@@ -16,6 +16,7 @@
*/
use actix_identity::Identity;
use actix_web::{web, HttpResponse, Responder};
use futures::future::try_join_all;
use libmcaptcha::{defense::Level, DefenseBuilder};
use log::debug;
use serde::{Deserialize, Serialize};
@@ -29,7 +30,7 @@ pub mod routes {
pub struct Levels {
pub add: &'static str,
pub delete: &'static str,
// pub delete: &'static str,
pub get: &'static str,
pub update: &'static str,
}
@@ -38,11 +39,11 @@ pub mod routes {
pub const fn new() -> Levels {
let add = "/api/v1/mcaptcha/levels/add";
let update = "/api/v1/mcaptcha/levels/update";
let delete = "/api/v1/mcaptcha/levels/delete";
// let delete = "/api/v1/mcaptcha/levels/delete";
let get = "/api/v1/mcaptcha/levels/get";
Levels {
add,
delete,
// delete,
get,
update,
}
@@ -60,7 +61,6 @@ pub struct AddLevels {
pub fn services(cfg: &mut web::ServiceConfig) {
cfg.service(add_levels);
cfg.service(update_levels);
cfg.service(delete_levels);
cfg.service(get_levels);
}
@@ -87,10 +87,12 @@ async fn add_levels(
debug!("config created");
let mut futs = Vec::with_capacity(payload.levels.len());
for level in payload.levels.iter() {
let difficulty_factor = level.difficulty_factor as i32;
let visitor_threshold = level.visitor_threshold as i32;
sqlx::query!(
let fut = sqlx::query!(
"INSERT INTO mcaptcha_levels (
difficulty_factor,
visitor_threshold,
@@ -105,17 +107,20 @@ async fn add_levels(
&mcaptcha_config.key,
&username,
)
.execute(&data.db)
.await?;
.execute(&data.db);
futs.push(fut);
}
try_join_all(futs).await?;
Ok(HttpResponse::Ok().json(mcaptcha_config))
}
#[derive(Serialize, Deserialize)]
pub struct UpdateLevels {
pub levels: Vec<Level>,
/// name is config_name
pub duration: u32,
pub description: String,
pub key: String,
}
@@ -140,7 +145,8 @@ async fn update_levels(
// still, needs to be benchmarked
defense.build()?;
sqlx::query!(
let mut futs = Vec::with_capacity(payload.levels.len() + 2);
let del_fut = sqlx::query!(
"DELETE FROM mcaptcha_levels
WHERE config_id = (
SELECT config_id FROM mcaptcha_config where key = ($1)
@@ -151,13 +157,26 @@ async fn update_levels(
&payload.key,
&username
)
.execute(&data.db)
.await?;
.execute(&data.db); //.await?;
let update_fut = sqlx::query!(
"UPDATE mcaptcha_config SET name = $1, duration = $2
WHERE user_id = (SELECT ID FROM mcaptcha_users WHERE name = $3)
AND key = $4",
&payload.description,
payload.duration as i32,
&username,
&payload.key,
)
.execute(&data.db); //.await?;
futs.push(del_fut);
futs.push(update_fut);
for level in payload.levels.iter() {
let difficulty_factor = level.difficulty_factor as i32;
let visitor_threshold = level.visitor_threshold as i32;
sqlx::query!(
let fut = sqlx::query!(
"INSERT INTO mcaptcha_levels (
difficulty_factor,
visitor_threshold,
@@ -173,40 +192,11 @@ async fn update_levels(
&payload.key,
&username,
)
.execute(&data.db)
.await?;
}
Ok(HttpResponse::Ok())
}
#[my_codegen::post(
path = "crate::V1_API_ROUTES.levels.delete",
wrap = "crate::CheckLogin"
)]
async fn delete_levels(
payload: web::Json<UpdateLevels>,
data: AppData,
id: Identity,
) -> ServiceResult<impl Responder> {
let username = id.identity().unwrap();
for level in payload.levels.iter() {
let difficulty_factor = level.difficulty_factor as i32;
sqlx::query!(
"DELETE FROM mcaptcha_levels WHERE
config_id = (
SELECT config_id FROM mcaptcha_config WHERE key = $1 AND
user_id = (SELECT ID from mcaptcha_users WHERE name = $3)
) AND difficulty_factor = ($2);",
&payload.key,
difficulty_factor,
&username
)
.execute(&data.db)
.await?;
.execute(&data.db); //.await?;
futs.push(fut);
}
try_join_all(futs).await?;
Ok(HttpResponse::Ok())
}
@@ -245,7 +235,8 @@ async fn get_levels_util(
config_id = (
SELECT config_id FROM mcaptcha_config WHERE key = ($1)
AND user_id = (SELECT ID from mcaptcha_users WHERE name = $2)
);",
)
ORDER BY difficulty_factor ASC;",
key,
&username
)
@@ -266,6 +257,15 @@ mod tests {
use crate::tests::*;
use crate::*;
const L1: Level = Level {
difficulty_factor: 100,
visitor_threshold: 10,
};
const L2: Level = Level {
difficulty_factor: 1000,
visitor_threshold: 1000,
};
#[actix_rt::test]
async fn level_routes_work() {
const NAME: &str = "testuserlevelroutes";
@@ -284,8 +284,7 @@ mod tests {
// 2. get level
let levels = vec![L1, L2];
let add_level = get_level_data();
let get_level_resp = test::call_service(
&app,
post_request!(&key, ROUTES.levels.get)
@@ -295,31 +294,28 @@ mod tests {
.await;
assert_eq!(get_level_resp.status(), StatusCode::OK);
let res_levels: Vec<Level> = test::read_body_json(get_level_resp).await;
assert_eq!(res_levels, levels);
assert_eq!(res_levels, add_level.levels);
// 3. update level
let l1 = Level {
difficulty_factor: 10,
visitor_threshold: 10,
};
let l2 = Level {
difficulty_factor: 5000,
visitor_threshold: 5000,
};
let levels = vec![l1, l2];
let add_level = UpdateLevels {
levels: levels.clone(),
let levels = vec![L1, L2];
let update_level = UpdateLevels {
key: key.key.clone(),
levels: levels.clone(),
description: add_level.description,
duration: add_level.duration,
};
let add_token_resp = test::call_service(
&app,
post_request!(&add_level, ROUTES.levels.update)
post_request!(&update_level, &ROUTES.levels.update)
.cookie(cookies.clone())
.to_request(),
)
.await;
assert_eq!(add_token_resp.status(), StatusCode::OK);
let get_level_resp = test::call_service(
&app,
post_request!(&key, ROUTES.levels.get)
@@ -330,38 +326,5 @@ mod tests {
assert_eq!(get_level_resp.status(), StatusCode::OK);
let res_levels: Vec<Level> = test::read_body_json(get_level_resp).await;
assert_eq!(res_levels, levels);
// 4. delete level
let l1 = Level {
difficulty_factor: 10,
visitor_threshold: 10,
};
let l2 = Level {
difficulty_factor: 5000,
visitor_threshold: 5000,
};
let levels = vec![l1, l2];
let add_level = UpdateLevels {
levels: levels.clone(),
key: key.key.clone(),
};
let add_token_resp = test::call_service(
&app,
post_request!(&add_level, ROUTES.levels.delete)
.cookie(cookies.clone())
.to_request(),
)
.await;
assert_eq!(add_token_resp.status(), StatusCode::OK);
let get_level_resp = test::call_service(
&app,
post_request!(&key, ROUTES.levels.get)
.cookie(cookies.clone())
.to_request(),
)
.await;
assert_eq!(get_level_resp.status(), StatusCode::OK);
let res_levels: Vec<Level> = test::read_body_json(get_level_resp).await;
assert_eq!(res_levels, Vec::new());
}
}

2
src/api/v1/pow/get_config.rs
View File

@@ -96,7 +96,7 @@ async fn init_mcaptcha(data: &AppData, key: &str) -> ServiceResult<()> {
"SELECT difficulty_factor, visitor_threshold FROM mcaptcha_levels WHERE
config_id = (
SELECT config_id FROM mcaptcha_config WHERE key = ($1)
);",
) ORDER BY difficulty_factor ASC;",
&key,
)
.fetch_all(&data.db);

151
src/pages/panel/sitekey/edit.rs Normal file
View File

@@ -0,0 +1,151 @@
/*
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use actix_identity::Identity;
use actix_web::{web, HttpResponse, Responder};
use futures::{future::TryFutureExt, try_join};
use sailfish::TemplateOnce;
use crate::errors::*;
use crate::stats::fetch::Stats;
use crate::AppData;
const PAGE: &str = "SiteKeys";
#[derive(Clone)]
struct McaptchaConfig {
config_id: i32,
duration: i32,
name: String,
}
#[derive(Clone)]
struct Level {
difficulty_factor: i32,
visitor_threshold: i32,
}
#[derive(TemplateOnce, Clone)]
#[template(path = "panel/sitekey/edit/index.html")]
struct IndexPage {
duration: u32,
name: String,
key: String,
levels: Vec<Level>,
}
impl IndexPage {
fn new(config: McaptchaConfig, levels: Vec<Level>, key: String) -> Self {
IndexPage {
duration: config.duration as u32,
name: config.name,
levels,
key,
}
}
}
/// route handler that renders individual views for sitekeys
#[my_codegen::get(path = "crate::PAGES.panel.sitekey.edit", wrap = "crate::CheckLogin")]
pub async fn edit_sitekey(
path: web::Path<String>,
data: AppData,
id: Identity,
) -> PageResult<impl Responder> {
let username = id.identity().unwrap();
let key = path.into_inner();
let config = sqlx::query_as!(
McaptchaConfig,
"SELECT config_id, duration, name from mcaptcha_config WHERE
key = $1 AND
user_id = (SELECT ID FROM mcaptcha_users WHERE name = $2) ",
&key,
&username,
)
.fetch_one(&data.db)
.await?;
let levels_fut = sqlx::query_as!(
Level,
"SELECT
difficulty_factor, visitor_threshold
FROM
mcaptcha_levels
WHERE config_id = $1 ORDER BY difficulty_factor ASC",
&config.config_id
)
.fetch_all(&data.db)
.err_into();
let (_stats, levels) = try_join!(Stats::new(&key, &data.db), levels_fut)?;
let body = IndexPage::new(config, levels, key).render_once().unwrap();
Ok(HttpResponse::Ok()
.content_type("text/html; charset=utf-8")
.body(body))
}
#[cfg(test)]
mod test {
use actix_web::http::StatusCode;
use actix_web::test;
use actix_web::web::Bytes;
use crate::tests::*;
use crate::*;
#[actix_rt::test]
async fn view_sitekey_work() {
const NAME: &str = "editsitekeyuser";
const PASSWORD: &str = "longpassworddomain";
const EMAIL: &str = "editsitekeyuser@a.com";
{
let data = Data::new().await;
delete_user(NAME, &data).await;
}
register_and_signin(NAME, EMAIL, PASSWORD).await;
let (data, _, signin_resp, key) = add_levels_util(NAME, PASSWORD).await;
let cookies = get_cookie!(signin_resp);
let app = get_app!(data).await;
let url = format!("/sitekey/{}/edit", &key.key);
let list_sitekey_resp = test::call_service(
&app,
test::TestRequest::get()
.uri(&url)
.cookie(cookies.clone())
.to_request(),
)
.await;
assert_eq!(list_sitekey_resp.status(), StatusCode::OK);
let body: Bytes = test::read_body(list_sitekey_resp).await;
let body = String::from_utf8(body.to_vec()).unwrap();
assert!(body.contains(&key.name));
assert!(body.contains(&L1.visitor_threshold.to_string()));
assert!(body.contains(&L1.difficulty_factor.to_string()));
assert!(body.contains(&L2.difficulty_factor.to_string()));
assert!(body.contains(&L2.visitor_threshold.to_string()));
}
}

4
src/pages/panel/sitekey/mod.rs
View File

@@ -16,6 +16,7 @@
*/
mod add;
mod edit;
pub mod list;
mod view;
@@ -24,6 +25,7 @@ pub mod routes {
pub list: &'static str,
pub add: &'static str,
pub view: &'static str,
pub edit: &'static str,
}
impl Sitekey {
@@ -32,6 +34,7 @@ pub mod routes {
list: "/sitekeys",
add: "/sitekeys/add",
view: "/sitekey/{key}",
edit: "/sitekey/{key}/edit",
}
}
}
@@ -41,4 +44,5 @@ pub fn services(cfg: &mut actix_web::web::ServiceConfig) {
cfg.service(add::add_sitekey);
cfg.service(list::list_sitekeys);
cfg.service(view::view_sitekey);
cfg.service(edit::edit_sitekey);
}

32
src/pages/panel/sitekey/view.rs
View File

@@ -1,19 +1,19 @@
/*
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use actix_identity::Identity;
use actix_web::{web, HttpResponse, Responder};
@@ -85,7 +85,7 @@ pub async fn view_sitekey(
difficulty_factor, visitor_threshold
FROM
mcaptcha_levels
WHERE config_id = $1",
WHERE config_id = $1 ORDER BY difficulty_factor ASC",
&config.config_id
)
.fetch_all(&data.db)

18
src/tests/mod.rs
View File

@@ -171,6 +171,16 @@ pub const L2: Level = Level {
visitor_threshold: 500,
};
pub fn get_level_data() -> AddLevels {
let levels = vec![L1, L2];
AddLevels {
levels,
duration: 30,
description: "dummy".into(),
}
}
pub async fn add_levels_util(
name: &str,
password: &str,
@@ -179,13 +189,7 @@ pub async fn add_levels_util(
let cookies = get_cookie!(signin_resp);
let app = get_app!(data).await;
let levels = vec![L1, L2];
let add_level = AddLevels {
levels: levels.clone(),
duration: 30,
description: "dummy".into(),
};
let add_level = get_level_data();
// 1. add level
let add_token_resp = test::call_service(