Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0

validator rewrite

Cette révision appartient à :
ayame-git 2017-05-09 23:24:32 +03:00
Parent 59ed2ec4c6
révision b758a966d3
3 fichiers modifiés avec 85 ajouts et 56 suppressions

Voir le fichier

@ -101,7 +101,7 @@ func ApiUploadHandler(w http.ResponseWriter, r *http.Request) {
user := model.User{}
db.ORM.Where("api_token = ?", token).First(&user) //i don't like this
if user.Id == 0 {
http.Error(w, "incorrect api key", http.StatusForbidden)
http.Error(w, apiService.ErrApiKey.Error(), http.StatusForbidden)
return
}
@ -149,7 +149,7 @@ func ApiUpdateHandler(w http.ResponseWriter, r *http.Request) {
user := model.User{}
db.ORM.Where("api_token = ?", token).First(&user) //i don't like this
if user.Id == 0 {
http.Error(w, "incorrect api key", http.StatusForbidden)
http.Error(w, apiService.ErrApiKey.Error(), http.StatusForbidden)
return
}
@ -166,13 +166,14 @@ func ApiUpdateHandler(w http.ResponseWriter, r *http.Request) {
torrent := model.Torrents{}
db.ORM.Where("torrent_id = ?", id).First(&torrent)
if torrent.Id == 0 {
http.Error(w, "incorrect id", http.StatusBadRequest)
http.Error(w, apiService.ErrTorrentId.Error(), http.StatusBadRequest)
return
}
if torrent.UploaderId != 0 && torrent.UploaderId != user.Id { //&& user is not mod
http.Error(w, "not enough rights to edit torrent", http.StatusForbidden)
if torrent.UploaderId != 0 && torrent.UploaderId != user.Id { //&& user.Status != mod
http.Error(w, apiService.ErrRights.Error(), http.StatusForbidden)
return
}
err, code := update.Update.ValidateUpdate()
if err != nil {
http.Error(w, err.Error(), code)

Voir le fichier

@ -1,7 +1,6 @@
package apiService
import (
"errors"
"net/http"
"net/url"
"reflect"
@ -29,10 +28,10 @@ type TorrentsRequest struct {
//accept torrent files?
type TorrentRequest struct {
Name string `json:"name"`
Hash string `json:"hash"`
Magnet string `json:"magnet"`
Category int `json:"category"`
SubCategory int `json:"sub_category"`
Magnet string `json:"magnet"`
Hash string `json:"hash"`
Description string `json:"description"`
}
@ -60,37 +59,42 @@ func (r *TorrentsRequest) ToParams() torrentService.WhereParams {
return res
}
var ErrShortName = errors.New("file name should be at least 100 characters long")
var ErrCategory = errors.New("this category doesn't exist")
var ErrSubCategory = errors.New("this sub category doesn't exist")
var ErrMagnet = errors.New("incorrect magnet")
var ErrHash = errors.New("incorrect hash")
//rewrite validators!!!
func (r *TorrentRequest) ValidateUpload() (error, int) {
if len(r.Name) < 100 {
func validateName(r *TorrentRequest) (error, int) {
if len(r.Name) < 100 { //isn't this too much?
return ErrShortName, http.StatusNotAcceptable
}
return nil, http.StatusOK
}
func validateCategory(r *TorrentRequest) (error, int) {
if r.Category == 0 {
return ErrCategory, http.StatusNotAcceptable
}
return nil, http.StatusOK
}
func validateSubCategory(r *TorrentRequest) (error, int) {
if r.SubCategory == 0 {
return ErrSubCategory, http.StatusNotAcceptable
}
return nil, http.StatusOK
}
if r.Hash == "" {
magnetUrl, err := url.Parse(string(r.Magnet)) //?
if err != nil {
return err, http.StatusInternalServerError
}
exactTopic := magnetUrl.Query().Get("xt")
if !strings.HasPrefix(exactTopic, "urn:btih:") {
return ErrMagnet, http.StatusNotAcceptable
}
r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:"))
func validateMagnet(r *TorrentRequest) (error, int) {
magnetUrl, err := url.Parse(string(r.Magnet)) //?
if err != nil {
return err, http.StatusInternalServerError
}
exactTopic := magnetUrl.Query().Get("xt")
if !strings.HasPrefix(exactTopic, "urn:btih:") {
return ErrMagnet, http.StatusNotAcceptable
}
r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:"))
return nil, http.StatusOK
}
func validateHash(r *TorrentRequest) (error, int) {
r.Hash = strings.ToUpper(r.Hash)
matched, err := regexp.MatchString("^[0-9A-F]{40}$", r.Hash)
if err != nil {
return err, http.StatusInternalServerError
@ -98,44 +102,56 @@ func (r *TorrentRequest) ValidateUpload() (error, int) {
if !matched {
return ErrHash, http.StatusNotAcceptable
}
return nil, http.StatusOK
}
func (r *TorrentRequest) ValidateUpdate() (error, int) {
if len(r.Name) < 100 && len(r.Name) != 0 {
return ErrShortName, http.StatusNotAcceptable
}
/*if r.Category == 0 {
return ErrCategory, http.StatusNotAcceptable
}
if r.SubCategory == 0 {
return ErrSubCategory, http.StatusNotAcceptable
}*/
//rewrite validators!!!
if r.Magnet != "" || r.Hash != "" {
if r.Hash == "" {
magnetUrl, err := url.Parse(string(r.Magnet)) //?
if err != nil {
return err, http.StatusInternalServerError
}
exactTopic := magnetUrl.Query().Get("xt")
if !strings.HasPrefix(exactTopic, "urn:btih:") {
return ErrMagnet, http.StatusNotAcceptable
}
r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:"))
func (r *TorrentRequest) ValidateUpload() (err error, code int) {
validators := []func(r *TorrentRequest) (error, int){
validateName,
validateCategory,
validateSubCategory,
validateMagnet,
validateHash,
}
for i, validator := range validators {
if r.Hash != "" && i == 3 {
continue
}
matched, err := regexp.MatchString("^[0-9A-F]{40}$", r.Hash)
err, code = validator(r)
if err != nil {
return err, http.StatusInternalServerError
break
}
if !matched {
return ErrHash, http.StatusNotAcceptable
}
return err, code
}
func (r *TorrentRequest) ValidateUpdate() (err error, code int) {
validators := []func(r *TorrentRequest) (error, int){
validateName,
validateCategory,
validateSubCategory,
validateMagnet,
validateHash,
}
//don't update not requested values
//rewrite with reflect?
for i, validator := range validators {
if (r.Name == "" && i == 0) || (r.Category == 0 && i == 1) ||
(r.SubCategory == 0 && i == 2) ||
(r.Hash != "" || r.Magnet == "" && i == 3) || (r.Hash == "" && i == 4) {
continue
}
err, code = validator(r)
if err != nil {
break
}
}
return nil, http.StatusOK
return err, code
}
//rewrite with reflect ?

12
service/api/errors.go Fichier normal
Voir le fichier

@ -0,0 +1,12 @@
package apiService
import "errors"
var ErrShortName = errors.New("file name should be at least 100 characters long")
var ErrCategory = errors.New("this category doesn't exist")
var ErrSubCategory = errors.New("this sub category doesn't exist")
var ErrMagnet = errors.New("incorrect magnet")
var ErrHash = errors.New("incorrect hash")
var ErrApiKey = errors.New("incorrect api key")
var ErrTorrentId = errors.New("torrent with requested id doesn't exist")
var ErrRights = errors.New("not enough rights for this request")