plume-models: convert admin & api-tokens to async

n.b.: I do *not* like the error handling in api_tokens 😒
This commit is contained in:
Igor Galić 2020-01-23 19:41:46 +01:00
parent fd9764ff17
commit 909f677bdd
No known key found for this signature in database
GPG Key ID: ACFEFF7F6A123A86
2 changed files with 50 additions and 43 deletions

View File

@ -1,38 +1,42 @@
use crate::users::User; use crate::users::User;
use rocket::{ use rocket::{
http::Status, http::Status,
request::{self, FromRequest, Request}, request::{self, FromRequestAsync, Request},
Outcome, Outcome,
}; };
/// Wrapper around User to use as a request guard on pages reserved to admins. /// Wrapper around User to use as a request guard on pages reserved to admins.
pub struct Admin(pub User); pub struct Admin(pub User);
impl<'a, 'r> FromRequest<'a, 'r> for Admin { impl<'a, 'r> FromRequestAsync<'a, 'r> for Admin {
type Error = (); type Error = ();
fn from_request(request: &'a Request<'r>) -> request::Outcome<Admin, ()> { fn from_request(request: &'a Request<'r>) -> request::FromRequestFuture<'a, Self, Self::Error> {
let user = request.guard::<User>()?; Box::pin(async move {
if user.is_admin() { let user = try_outcome!(request.guard::<User>());
Outcome::Success(Admin(user)) if user.is_admin() {
} else { Outcome::Success(Admin(user))
Outcome::Failure((Status::Unauthorized, ())) } else {
} Outcome::Failure((Status::Unauthorized, ()))
}
})
} }
} }
/// Same as `Admin` but for moderators. /// Same as `Admin` but for moderators.
pub struct Moderator(pub User); pub struct Moderator(pub User);
impl<'a, 'r> FromRequest<'a, 'r> for Moderator { impl<'a, 'r> FromRequestAsync<'a, 'r> for Moderator {
type Error = (); type Error = ();
fn from_request(request: &'a Request<'r>) -> request::Outcome<Moderator, ()> { fn from_request(request: &'a Request<'r>) -> request::FromRequestFuture<'a, Self, Self::Error> {
let user = request.guard::<User>()?; Box::pin(async move {
if user.is_moderator() { let user = try_outcome!(request.guard::<User>());
Outcome::Success(Moderator(user)) if user.is_moderator() {
} else { Outcome::Success(Moderator(user))
Outcome::Failure((Status::Unauthorized, ())) } else {
} Outcome::Failure((Status::Unauthorized, ()))
}
})
} }
} }

View File

@ -3,7 +3,7 @@ use chrono::NaiveDateTime;
use diesel::{self, ExpressionMethods, QueryDsl, RunQueryDsl}; use diesel::{self, ExpressionMethods, QueryDsl, RunQueryDsl};
use rocket::{ use rocket::{
http::Status, http::Status,
request::{self, FromRequest, Request}, request::{self, FromRequestAsync, Request},
Outcome, Outcome,
}; };
@ -76,34 +76,37 @@ pub enum TokenError {
DbError, DbError,
} }
impl<'a, 'r> FromRequest<'a, 'r> for ApiToken { impl<'a, 'r> FromRequestAsync<'a, 'r> for ApiToken {
type Error = TokenError; type Error = TokenError;
fn from_request(request: &'a Request<'r>) -> request::Outcome<ApiToken, TokenError> { fn from_request(request: &'a Request<'r>) -> request::FromRequestFuture<'a, Self, Self::Error> {
let headers: Vec<_> = request.headers().get("Authorization").collect(); Box::pin(async move {
if headers.len() != 1 { let headers: Vec<_> = request.headers().get("Authorization").collect();
return Outcome::Failure((Status::BadRequest, TokenError::NoHeader)); if headers.len() != 1 {
} return Outcome::Failure((Status::BadRequest, TokenError::NoHeader));
let mut parsed_header = headers[0].split(' ');
let auth_type = parsed_header.next().map_or_else(
|| Outcome::Failure((Status::BadRequest, TokenError::NoType)),
Outcome::Success,
)?;
let val = parsed_header.next().map_or_else(
|| Outcome::Failure((Status::BadRequest, TokenError::NoValue)),
Outcome::Success,
)?;
if auth_type == "Bearer" {
let conn = request
.guard::<DbConn>()
.map_failure(|_| (Status::InternalServerError, TokenError::DbError))?;
if let Ok(token) = ApiToken::find_by_value(&*conn, val) {
return Outcome::Success(token);
} }
}
Outcome::Forward(()) let mut parsed_header = headers[0].split(' ');
if let Some(auth_type) = parsed_header.next() {
if let Some(val) = parsed_header.next() {
if auth_type == "Bearer" {
if let Outcome::Success(conn) = request.guard::<DbConn>() {
if let Ok(token) = ApiToken::find_by_value(&*conn, val) {
return Outcome::Success(token);
}
} else {
return Outcome::Failure((Status::InternalServerError, TokenError::DbError));
}
}
} else {
return Outcome::Failure((Status::BadRequest, TokenError::NoValue));
}
} else {
return Outcome::Failure((Status::BadRequest, TokenError::NoType));
}
Outcome::Forward(())
})
} }
} }