validator rewrite
Cette révision appartient à :
ayame-git
Parent
8b1c99fdad
révision
bf70f575d3
3 fichiers modifiés avec 85 ajouts et 56 suppressions
|
|
@ -101,7 +101,7 @@ func ApiUploadHandler(w http.ResponseWriter, r *http.Request) {
|
|||
user := model.User{}
|
||||
db.ORM.Where("api_token = ?", token).First(&user) //i don't like this
|
||||
if user.Id == 0 {
|
||||
http.Error(w, "incorrect api key", http.StatusForbidden)
|
||||
http.Error(w, apiService.ErrApiKey.Error(), http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -149,7 +149,7 @@ func ApiUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
|||
user := model.User{}
|
||||
db.ORM.Where("api_token = ?", token).First(&user) //i don't like this
|
||||
if user.Id == 0 {
|
||||
http.Error(w, "incorrect api key", http.StatusForbidden)
|
||||
http.Error(w, apiService.ErrApiKey.Error(), http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -166,13 +166,14 @@ func ApiUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
|||
torrent := model.Torrents{}
|
||||
db.ORM.Where("torrent_id = ?", id).First(&torrent)
|
||||
if torrent.Id == 0 {
|
||||
http.Error(w, "incorrect id", http.StatusBadRequest)
|
||||
http.Error(w, apiService.ErrTorrentId.Error(), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if torrent.UploaderId != 0 && torrent.UploaderId != user.Id { //&& user is not mod
|
||||
http.Error(w, "not enough rights to edit torrent", http.StatusForbidden)
|
||||
if torrent.UploaderId != 0 && torrent.UploaderId != user.Id { //&& user.Status != mod
|
||||
http.Error(w, apiService.ErrRights.Error(), http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
|
||||
err, code := update.Update.ValidateUpdate()
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), code)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
package apiService
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"reflect"
|
||||
|
|
@ -29,10 +28,10 @@ type TorrentsRequest struct {
|
|||
//accept torrent files?
|
||||
type TorrentRequest struct {
|
||||
Name string `json:"name"`
|
||||
Hash string `json:"hash"`
|
||||
Magnet string `json:"magnet"`
|
||||
Category int `json:"category"`
|
||||
SubCategory int `json:"sub_category"`
|
||||
Magnet string `json:"magnet"`
|
||||
Hash string `json:"hash"`
|
||||
Description string `json:"description"`
|
||||
}
|
||||
|
||||
|
|
@ -60,37 +59,42 @@ func (r *TorrentsRequest) ToParams() torrentService.WhereParams {
|
|||
return res
|
||||
}
|
||||
|
||||
var ErrShortName = errors.New("file name should be at least 100 characters long")
|
||||
var ErrCategory = errors.New("this category doesn't exist")
|
||||
var ErrSubCategory = errors.New("this sub category doesn't exist")
|
||||
var ErrMagnet = errors.New("incorrect magnet")
|
||||
var ErrHash = errors.New("incorrect hash")
|
||||
|
||||
//rewrite validators!!!
|
||||
|
||||
func (r *TorrentRequest) ValidateUpload() (error, int) {
|
||||
if len(r.Name) < 100 {
|
||||
func validateName(r *TorrentRequest) (error, int) {
|
||||
if len(r.Name) < 100 { //isn't this too much?
|
||||
return ErrShortName, http.StatusNotAcceptable
|
||||
}
|
||||
return nil, http.StatusOK
|
||||
}
|
||||
|
||||
func validateCategory(r *TorrentRequest) (error, int) {
|
||||
if r.Category == 0 {
|
||||
return ErrCategory, http.StatusNotAcceptable
|
||||
}
|
||||
return nil, http.StatusOK
|
||||
}
|
||||
|
||||
func validateSubCategory(r *TorrentRequest) (error, int) {
|
||||
if r.SubCategory == 0 {
|
||||
return ErrSubCategory, http.StatusNotAcceptable
|
||||
}
|
||||
return nil, http.StatusOK
|
||||
}
|
||||
|
||||
if r.Hash == "" {
|
||||
magnetUrl, err := url.Parse(string(r.Magnet)) //?
|
||||
if err != nil {
|
||||
return err, http.StatusInternalServerError
|
||||
}
|
||||
exactTopic := magnetUrl.Query().Get("xt")
|
||||
if !strings.HasPrefix(exactTopic, "urn:btih:") {
|
||||
return ErrMagnet, http.StatusNotAcceptable
|
||||
}
|
||||
r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:"))
|
||||
func validateMagnet(r *TorrentRequest) (error, int) {
|
||||
magnetUrl, err := url.Parse(string(r.Magnet)) //?
|
||||
if err != nil {
|
||||
return err, http.StatusInternalServerError
|
||||
}
|
||||
exactTopic := magnetUrl.Query().Get("xt")
|
||||
if !strings.HasPrefix(exactTopic, "urn:btih:") {
|
||||
return ErrMagnet, http.StatusNotAcceptable
|
||||
}
|
||||
r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:"))
|
||||
return nil, http.StatusOK
|
||||
}
|
||||
|
||||
func validateHash(r *TorrentRequest) (error, int) {
|
||||
r.Hash = strings.ToUpper(r.Hash)
|
||||
matched, err := regexp.MatchString("^[0-9A-F]{40}$", r.Hash)
|
||||
if err != nil {
|
||||
return err, http.StatusInternalServerError
|
||||
|
|
@ -98,44 +102,56 @@ func (r *TorrentRequest) ValidateUpload() (error, int) {
|
|||
if !matched {
|
||||
return ErrHash, http.StatusNotAcceptable
|
||||
}
|
||||
|
||||
return nil, http.StatusOK
|
||||
}
|
||||
|
||||
func (r *TorrentRequest) ValidateUpdate() (error, int) {
|
||||
if len(r.Name) < 100 && len(r.Name) != 0 {
|
||||
return ErrShortName, http.StatusNotAcceptable
|
||||
}
|
||||
/*if r.Category == 0 {
|
||||
return ErrCategory, http.StatusNotAcceptable
|
||||
}
|
||||
if r.SubCategory == 0 {
|
||||
return ErrSubCategory, http.StatusNotAcceptable
|
||||
}*/
|
||||
//rewrite validators!!!
|
||||
|
||||
if r.Magnet != "" || r.Hash != "" {
|
||||
if r.Hash == "" {
|
||||
magnetUrl, err := url.Parse(string(r.Magnet)) //?
|
||||
if err != nil {
|
||||
return err, http.StatusInternalServerError
|
||||
}
|
||||
exactTopic := magnetUrl.Query().Get("xt")
|
||||
if !strings.HasPrefix(exactTopic, "urn:btih:") {
|
||||
return ErrMagnet, http.StatusNotAcceptable
|
||||
}
|
||||
r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:"))
|
||||
func (r *TorrentRequest) ValidateUpload() (err error, code int) {
|
||||
validators := []func(r *TorrentRequest) (error, int){
|
||||
validateName,
|
||||
validateCategory,
|
||||
validateSubCategory,
|
||||
validateMagnet,
|
||||
validateHash,
|
||||
}
|
||||
|
||||
for i, validator := range validators {
|
||||
if r.Hash != "" && i == 3 {
|
||||
continue
|
||||
}
|
||||
|
||||
matched, err := regexp.MatchString("^[0-9A-F]{40}$", r.Hash)
|
||||
err, code = validator(r)
|
||||
if err != nil {
|
||||
return err, http.StatusInternalServerError
|
||||
break
|
||||
}
|
||||
if !matched {
|
||||
return ErrHash, http.StatusNotAcceptable
|
||||
}
|
||||
return err, code
|
||||
}
|
||||
|
||||
func (r *TorrentRequest) ValidateUpdate() (err error, code int) {
|
||||
validators := []func(r *TorrentRequest) (error, int){
|
||||
validateName,
|
||||
validateCategory,
|
||||
validateSubCategory,
|
||||
validateMagnet,
|
||||
validateHash,
|
||||
}
|
||||
|
||||
//don't update not requested values
|
||||
//rewrite with reflect?
|
||||
for i, validator := range validators {
|
||||
if (r.Name == "" && i == 0) || (r.Category == 0 && i == 1) ||
|
||||
(r.SubCategory == 0 && i == 2) ||
|
||||
(r.Hash != "" || r.Magnet == "" && i == 3) || (r.Hash == "" && i == 4) {
|
||||
continue
|
||||
}
|
||||
err, code = validator(r)
|
||||
if err != nil {
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
return nil, http.StatusOK
|
||||
return err, code
|
||||
}
|
||||
|
||||
//rewrite with reflect ?
|
||||
|
|
|
|||
12
service/api/errors.go
Fichier normal
12
service/api/errors.go
Fichier normal
|
|
@ -0,0 +1,12 @@
|
|||
package apiService
|
||||
|
||||
import "errors"
|
||||
|
||||
var ErrShortName = errors.New("file name should be at least 100 characters long")
|
||||
var ErrCategory = errors.New("this category doesn't exist")
|
||||
var ErrSubCategory = errors.New("this sub category doesn't exist")
|
||||
var ErrMagnet = errors.New("incorrect magnet")
|
||||
var ErrHash = errors.New("incorrect hash")
|
||||
var ErrApiKey = errors.New("incorrect api key")
|
||||
var ErrTorrentId = errors.New("torrent with requested id doesn't exist")
|
||||
var ErrRights = errors.New("not enough rights for this request")
|
||||
Référencer dans un nouveau ticket