From b758a966d3e11b82eb926936e9c6d4b02d71ef05 Mon Sep 17 00:00:00 2001 From: ayame-git Date: Tue, 9 May 2017 23:24:32 +0300 Subject: [PATCH] validator rewrite --- router/apiHandler.go | 11 ++-- service/api/api.go | 118 ++++++++++++++++++++++++------------------ service/api/errors.go | 12 +++++ 3 files changed, 85 insertions(+), 56 deletions(-) create mode 100644 service/api/errors.go diff --git a/router/apiHandler.go b/router/apiHandler.go index 88801ee0..ebc256de 100644 --- a/router/apiHandler.go +++ b/router/apiHandler.go @@ -101,7 +101,7 @@ func ApiUploadHandler(w http.ResponseWriter, r *http.Request) { user := model.User{} db.ORM.Where("api_token = ?", token).First(&user) //i don't like this if user.Id == 0 { - http.Error(w, "incorrect api key", http.StatusForbidden) + http.Error(w, apiService.ErrApiKey.Error(), http.StatusForbidden) return } @@ -149,7 +149,7 @@ func ApiUpdateHandler(w http.ResponseWriter, r *http.Request) { user := model.User{} db.ORM.Where("api_token = ?", token).First(&user) //i don't like this if user.Id == 0 { - http.Error(w, "incorrect api key", http.StatusForbidden) + http.Error(w, apiService.ErrApiKey.Error(), http.StatusForbidden) return } @@ -166,13 +166,14 @@ func ApiUpdateHandler(w http.ResponseWriter, r *http.Request) { torrent := model.Torrents{} db.ORM.Where("torrent_id = ?", id).First(&torrent) if torrent.Id == 0 { - http.Error(w, "incorrect id", http.StatusBadRequest) + http.Error(w, apiService.ErrTorrentId.Error(), http.StatusBadRequest) return } - if torrent.UploaderId != 0 && torrent.UploaderId != user.Id { //&& user is not mod - http.Error(w, "not enough rights to edit torrent", http.StatusForbidden) + if torrent.UploaderId != 0 && torrent.UploaderId != user.Id { //&& user.Status != mod + http.Error(w, apiService.ErrRights.Error(), http.StatusForbidden) return } + err, code := update.Update.ValidateUpdate() if err != nil { http.Error(w, err.Error(), code) diff --git a/service/api/api.go b/service/api/api.go index 82ee4cdc..482a96b3 100644 --- a/service/api/api.go +++ b/service/api/api.go @@ -1,7 +1,6 @@ package apiService import ( - "errors" "net/http" "net/url" "reflect" @@ -29,10 +28,10 @@ type TorrentsRequest struct { //accept torrent files? type TorrentRequest struct { Name string `json:"name"` - Hash string `json:"hash"` - Magnet string `json:"magnet"` Category int `json:"category"` SubCategory int `json:"sub_category"` + Magnet string `json:"magnet"` + Hash string `json:"hash"` Description string `json:"description"` } @@ -60,37 +59,42 @@ func (r *TorrentsRequest) ToParams() torrentService.WhereParams { return res } -var ErrShortName = errors.New("file name should be at least 100 characters long") -var ErrCategory = errors.New("this category doesn't exist") -var ErrSubCategory = errors.New("this sub category doesn't exist") -var ErrMagnet = errors.New("incorrect magnet") -var ErrHash = errors.New("incorrect hash") - -//rewrite validators!!! - -func (r *TorrentRequest) ValidateUpload() (error, int) { - if len(r.Name) < 100 { +func validateName(r *TorrentRequest) (error, int) { + if len(r.Name) < 100 { //isn't this too much? return ErrShortName, http.StatusNotAcceptable } + return nil, http.StatusOK +} + +func validateCategory(r *TorrentRequest) (error, int) { if r.Category == 0 { return ErrCategory, http.StatusNotAcceptable } + return nil, http.StatusOK +} + +func validateSubCategory(r *TorrentRequest) (error, int) { if r.SubCategory == 0 { return ErrSubCategory, http.StatusNotAcceptable } + return nil, http.StatusOK +} - if r.Hash == "" { - magnetUrl, err := url.Parse(string(r.Magnet)) //? - if err != nil { - return err, http.StatusInternalServerError - } - exactTopic := magnetUrl.Query().Get("xt") - if !strings.HasPrefix(exactTopic, "urn:btih:") { - return ErrMagnet, http.StatusNotAcceptable - } - r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:")) +func validateMagnet(r *TorrentRequest) (error, int) { + magnetUrl, err := url.Parse(string(r.Magnet)) //? + if err != nil { + return err, http.StatusInternalServerError } + exactTopic := magnetUrl.Query().Get("xt") + if !strings.HasPrefix(exactTopic, "urn:btih:") { + return ErrMagnet, http.StatusNotAcceptable + } + r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:")) + return nil, http.StatusOK +} +func validateHash(r *TorrentRequest) (error, int) { + r.Hash = strings.ToUpper(r.Hash) matched, err := regexp.MatchString("^[0-9A-F]{40}$", r.Hash) if err != nil { return err, http.StatusInternalServerError @@ -98,44 +102,56 @@ func (r *TorrentRequest) ValidateUpload() (error, int) { if !matched { return ErrHash, http.StatusNotAcceptable } - return nil, http.StatusOK } -func (r *TorrentRequest) ValidateUpdate() (error, int) { - if len(r.Name) < 100 && len(r.Name) != 0 { - return ErrShortName, http.StatusNotAcceptable - } - /*if r.Category == 0 { - return ErrCategory, http.StatusNotAcceptable - } - if r.SubCategory == 0 { - return ErrSubCategory, http.StatusNotAcceptable - }*/ +//rewrite validators!!! - if r.Magnet != "" || r.Hash != "" { - if r.Hash == "" { - magnetUrl, err := url.Parse(string(r.Magnet)) //? - if err != nil { - return err, http.StatusInternalServerError - } - exactTopic := magnetUrl.Query().Get("xt") - if !strings.HasPrefix(exactTopic, "urn:btih:") { - return ErrMagnet, http.StatusNotAcceptable - } - r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:")) +func (r *TorrentRequest) ValidateUpload() (err error, code int) { + validators := []func(r *TorrentRequest) (error, int){ + validateName, + validateCategory, + validateSubCategory, + validateMagnet, + validateHash, + } + + for i, validator := range validators { + if r.Hash != "" && i == 3 { + continue } - - matched, err := regexp.MatchString("^[0-9A-F]{40}$", r.Hash) + err, code = validator(r) if err != nil { - return err, http.StatusInternalServerError + break } - if !matched { - return ErrHash, http.StatusNotAcceptable + } + return err, code +} + +func (r *TorrentRequest) ValidateUpdate() (err error, code int) { + validators := []func(r *TorrentRequest) (error, int){ + validateName, + validateCategory, + validateSubCategory, + validateMagnet, + validateHash, + } + + //don't update not requested values + //rewrite with reflect? + for i, validator := range validators { + if (r.Name == "" && i == 0) || (r.Category == 0 && i == 1) || + (r.SubCategory == 0 && i == 2) || + (r.Hash != "" || r.Magnet == "" && i == 3) || (r.Hash == "" && i == 4) { + continue + } + err, code = validator(r) + if err != nil { + break } } - return nil, http.StatusOK + return err, code } //rewrite with reflect ? diff --git a/service/api/errors.go b/service/api/errors.go new file mode 100644 index 00000000..52c6fa85 --- /dev/null +++ b/service/api/errors.go @@ -0,0 +1,12 @@ +package apiService + +import "errors" + +var ErrShortName = errors.New("file name should be at least 100 characters long") +var ErrCategory = errors.New("this category doesn't exist") +var ErrSubCategory = errors.New("this sub category doesn't exist") +var ErrMagnet = errors.New("incorrect magnet") +var ErrHash = errors.New("incorrect hash") +var ErrApiKey = errors.New("incorrect api key") +var ErrTorrentId = errors.New("torrent with requested id doesn't exist") +var ErrRights = errors.New("not enough rights for this request")