Plume/src/routes/errors.rs

use rocket_contrib::Template;
use rocket::Request;
use rocket::request::FromRequest;
use plume_models::db_conn::DbConn;
use plume_models::users::User;

#[catch(404)]
fn not_found(req: &Request) -> Template {
    let conn = req.guard::<DbConn>().succeeded();
    let user = User::from_request(req).succeeded();
    Template::render("errors/404", json!({
        "error_message": "Page not found",
        "account": user.and_then(|u| conn.map(|conn| u.to_json(&*conn)))
    }))
}

#[catch(500)]
fn server_error(req: &Request) -> Template {
    let conn = req.guard::<DbConn>().succeeded();
    let user = User::from_request(req).succeeded();
    Template::render("errors/500", json!({
        "error_message": "Server error",
        "account": user.and_then(|u| conn.map(|conn| u.to_json(&*conn)))
    }))
}

#[derive(FromForm)]
pub struct Uri {
    target: String,
}

#[post("/csrf-violation?<uri>")]
fn csrf_violation(uri: Option<Uri>) -> Template {
    if let Some(uri) = uri {
        eprintln!("Csrf violation while acceding \"{}\"", uri.target)
    }
    Template::render("errors/csrf", json!({
        "error_message":""
    }))
}
Add generic error catchers 2018-06-18 17:59:49 +02:00			`use rocket_contrib::Template;`
partially solve #68 2018-06-21 11:58:54 +02:00			`use rocket::Request;`
			`use rocket::request::FromRequest;`
Redesign menu items 2018-09-03 15:59:02 +02:00			`use plume_models::db_conn::DbConn;`
Big repository reorganization The code is divided in three crates: - plume-common, for the ActivityPub module, and some common utils - plume-models, for the models and database-related code - plume, the app itself This new organization will allow to test it more easily, but also to create other tools that only reuse a little part of the code (for instance a Wordpress import tool, that would just use the plume-models crate) 2018-06-23 18:36:11 +02:00			`use plume_models::users::User;`
Add generic error catchers 2018-06-18 17:59:49 +02:00
			`#[catch(404)]`
partially solve #68 2018-06-21 11:58:54 +02:00			`fn not_found(req: &Request) -> Template {`
Normalize panic message and return 400 or 404 when suitable 2018-10-20 11:04:20 +02:00			`let conn = req.guard::<DbConn>().succeeded();`
partially solve #68 2018-06-21 11:58:54 +02:00			`let user = User::from_request(req).succeeded();`
Add generic error catchers 2018-06-18 17:59:49 +02:00			`Template::render("errors/404", json!({`
partially solve #68 2018-06-21 11:58:54 +02:00			`"error_message": "Page not found",`
Normalize panic message and return 400 or 404 when suitable 2018-10-20 11:04:20 +02:00			`"account": user.and_then(\|u\| conn.map(\|conn\| u.to_json(&*conn)))`
Add generic error catchers 2018-06-18 17:59:49 +02:00			`}))`
			`}`

			`#[catch(500)]`
partially solve #68 2018-06-21 11:58:54 +02:00			`fn server_error(req: &Request) -> Template {`
Normalize panic message and return 400 or 404 when suitable 2018-10-20 11:04:20 +02:00			`let conn = req.guard::<DbConn>().succeeded();`
partially solve #68 2018-06-21 11:58:54 +02:00			`let user = User::from_request(req).succeeded();`
Add generic error catchers 2018-06-18 17:59:49 +02:00			`Template::render("errors/500", json!({`
partially solve #68 2018-06-21 11:58:54 +02:00			`"error_message": "Server error",`
Normalize panic message and return 400 or 404 when suitable 2018-10-20 11:04:20 +02:00			`"account": user.and_then(\|u\| conn.map(\|conn\| u.to_json(&*conn)))`
Add generic error catchers 2018-06-18 17:59:49 +02:00			`}))`
			`}`
Add csrf protection 2018-06-24 18:58:57 +02:00
			`#[derive(FromForm)]`
			`pub struct Uri {`
			`target: String,`
			`}`

			`#[post("/csrf-violation?<uri>")]`
			`fn csrf_violation(uri: Option<Uri>) -> Template {`
			`if let Some(uri) = uri {`
			`eprintln!("Csrf violation while acceding \"{}\"", uri.target)`
			`}`
			`Template::render("errors/csrf", json!({`
			`"error_message":""`
			`}))`
			`}`