chore: refactoring routing

Author: ElaBosak233

crates/cluster/src/lib.rs

@@ -239,7 +239,7 @@ pub async fn create_challenge_env(
             ("cds/env_id".to_owned(), id.to_string()),
             ("cds/user_id".to_owned(), format!("{}", user.id)),
             (
-                "cds/team_id".to_owned(),
+                "cds/profile".to_owned(),
                 format!("{}", match &team {
                     Some(team) => team.id,
                     _ => 0,

crates/db/src/transfer/game_challenge.rs

@@ -19,6 +19,18 @@ pub struct GameChallenge {
     pub challenge: Option<Challenge>,
 }
 
+impl GameChallenge {
+    pub fn desensitize(&self) -> Self {
+        Self {
+            challenge: self
+                .to_owned()
+                .challenge
+                .map(|challenge| challenge.desensitize()),
+            ..self.to_owned()
+        }
+    }
+}
+
 impl From<entity::game_challenge::Model> for GameChallenge {
     fn from(entity: entity::game_challenge::Model) -> Self {
         Self {

crates/db/src/util/mod.rs

@@ -22,7 +22,7 @@ pub async fn is_user_in_team(user_id: i64, team_id: i64) -> Result<bool, DbErr>
 /// ```sql
 ///  SELECT u.id AS user_id, t.game_id, t.is_allowed
 ///  FROM teams t
-///     JOIN team_users tu ON t.id = tu.team_id
+///     JOIN team_users tu ON t.id = tu.profile
 ///  WHERE u.id = ? AND t.game_id = ? AND t.is_allowed = true;
 /// ```
 pub async fn is_user_in_game(

crates/web/src/lib.rs

@@ -4,6 +4,7 @@ pub mod model;
 pub mod router;
 pub mod traits;
 pub mod util;
+mod worker;
 
 use std::{sync::Arc, time::Duration};
 
@@ -49,6 +50,8 @@ pub async fn init() -> Result<(), anyhow::Error> {
     APP.set(router)
         .map_err(|_| anyhow::anyhow!("Failed to set router into OnceCell"))?;
 
+    worker::init().await?;
+
     Ok(())
 }
 

crates/web/src/middleware/auth.rs

@@ -0,0 +1,79 @@
+use axum::{
+    body::Body,
+    extract::Request,
+    http::header::COOKIE,
+    middleware::Next,
+    response::{IntoResponse, Response},
+};
+use cds_db::{entity::user::Group, get_db};
+use jsonwebtoken::{DecodingKey, Validation, decode};
+use sea_orm::{ColumnTrait, EntityTrait, QueryFilter};
+use serde_json::json;
+
+use crate::{
+    extract::Extension,
+    traits::{Ext, WebError},
+};
+
+pub async fn extract(mut req: Request<Body>, next: Next) -> Result<Response, WebError> {
+    let mut ext = req
+        .extensions()
+        .get::<Ext>()
+        .unwrap_or(&Ext::default())
+        .to_owned();
+
+    let cookies = req
+        .headers()
+        .get(COOKIE)
+        .and_then(|header| header.to_str().ok())
+        .unwrap_or("")
+        .to_string();
+
+    let mut jar = cookie::CookieJar::new();
+    let cookies: Vec<String> = cookies
+        .split(";")
+        .map(|cookie| cookie.trim().to_string())
+        .collect();
+    for cookie in cookies {
+        if let Ok(parsed_cookie) = cookie::Cookie::parse(cookie) {
+            jar.add(parsed_cookie);
+        }
+    }
+
+    let token = jar.get("token").map(|cookie| cookie.value()).unwrap_or("");
+
+    let decoding_key = DecodingKey::from_secret(cds_config::get_constant().jwt.secret.as_bytes());
+    let validation = Validation::default();
+
+    if let Ok(data) = decode::<crate::util::jwt::Claims>(token, &decoding_key, &validation) {
+        if let Some(user) = cds_db::entity::user::Entity::find()
+            .filter(cds_db::entity::user::Column::Id.eq(data.claims.id))
+            .filter(cds_db::entity::user::Column::DeletedAt.is_null())
+            .one(get_db())
+            .await?
+            .map(|user| cds_db::transfer::User::from(user))
+        {
+            if user.group == Group::Banned {
+                return Err(WebError::Forbidden(json!("forbidden")));
+            }
+
+            ext.operator = Some(user);
+        }
+    }
+
+    req.extensions_mut().insert(ext);
+
+    Ok(next.run(req).await)
+}
+
+pub async fn admin_only(
+    Extension(ext): Extension<Ext>, req: Request, next: Next,
+) -> Result<impl IntoResponse, WebError> {
+    let operator = ext.operator.ok_or(WebError::Unauthorized(json!("")))?;
+
+    if operator.group != Group::Admin {
+        return Err(WebError::Forbidden(json!("forbidden")));
+    }
+
+    Ok(next.run(req).await)
+}

crates/web/src/middleware/mod.rs

@@ -1,63 +1,3 @@
+pub mod auth;
 pub mod error;
 pub mod network;
-
-use axum::{
-    body::Body, extract::Request, http::header::COOKIE, middleware::Next, response::Response,
-};
-use cds_db::{entity::user::Group, get_db};
-use jsonwebtoken::{DecodingKey, Validation, decode};
-use sea_orm::{ColumnTrait, EntityTrait, QueryFilter};
-use serde_json::json;
-
-use crate::traits::{Ext, WebError};
-
-pub async fn auth(mut req: Request<Body>, next: Next) -> Result<Response, WebError> {
-    let mut ext = req
-        .extensions()
-        .get::<Ext>()
-        .unwrap_or(&Ext::default())
-        .to_owned();
-
-    let cookies = req
-        .headers()
-        .get(COOKIE)
-        .and_then(|header| header.to_str().ok())
-        .unwrap_or("")
-        .to_string();
-
-    let mut jar = cookie::CookieJar::new();
-    let cookies: Vec<String> = cookies
-        .split(";")
-        .map(|cookie| cookie.trim().to_string())
-        .collect();
-    for cookie in cookies {
-        if let Ok(parsed_cookie) = cookie::Cookie::parse(cookie) {
-            jar.add(parsed_cookie);
-        }
-    }
-
-    let token = jar.get("token").map(|cookie| cookie.value()).unwrap_or("");
-
-    let decoding_key = DecodingKey::from_secret(cds_config::get_constant().jwt.secret.as_bytes());
-    let validation = Validation::default();
-
-    if let Ok(data) = decode::<crate::util::jwt::Claims>(token, &decoding_key, &validation) {
-        if let Some(user) = cds_db::entity::user::Entity::find()
-            .filter(cds_db::entity::user::Column::Id.eq(data.claims.id))
-            .filter(cds_db::entity::user::Column::DeletedAt.is_null())
-            .one(get_db())
-            .await?
-            .map(|user| cds_db::transfer::User::from(user))
-        {
-            if user.group == Group::Banned {
-                return Err(WebError::Forbidden(json!("forbidden")));
-            }
-
-            ext.operator = Some(user);
-        }
-    }
-
-    req.extensions_mut().insert(ext);
-
-    Ok(next.run(req).await)
-}

crates/web/src/router/api/admin/challenge/challenge_id/attachment/mod.rs

@@ -0,0 +1,90 @@
+use axum::{
+    Router,
+    extract::{DefaultBodyLimit, Multipart},
+    http::StatusCode,
+};
+use cds_db::{entity::user::Group, get_db};
+use sea_orm::{ColumnTrait, EntityTrait, QueryFilter};
+use serde_json::json;
+
+use crate::{
+    extract::{Extension, Path},
+    traits::{Ext, WebError, WebResponse},
+};
+
+pub fn router() -> Router {
+    Router::new()
+        .route(
+            "/",
+            axum::routing::post(save_challenge_attachment)
+                .layer(DefaultBodyLimit::max(512 * 1024 * 1024 /* MB */)),
+        )
+        .route("/", axum::routing::delete(delete_challenge_attachment))
+}
+
+pub async fn save_challenge_attachment(
+    Extension(ext): Extension<Ext>, Path(challenge_id): Path<uuid::Uuid>, mut multipart: Multipart,
+) -> Result<WebResponse<()>, WebError> {
+    let operator = ext.operator.ok_or(WebError::Unauthorized(json!("")))?;
+    if operator.group != Group::Admin {
+        return Err(WebError::Forbidden(json!("")));
+    }
+
+    let challenge = cds_db::entity::challenge::Entity::find_by_id(challenge_id)
+        .filter(cds_db::entity::challenge::Column::DeletedAt.is_null())
+        .one(get_db())
+        .await?
+        .ok_or(WebError::BadRequest(json!("challenge_not_found")))?;
+
+    let path = format!("challenges/{}/attachment", challenge.id);
+    let mut filename = String::new();
+    let mut data = Vec::<u8>::new();
+    while let Some(field) = multipart.next_field().await.unwrap() {
+        if field.name() == Some("file") {
+            filename = field.file_name().unwrap().to_string();
+            data = match field.bytes().await {
+                Ok(bytes) => bytes.to_vec(),
+                Err(_err) => {
+                    return Err(WebError::BadRequest(json!("size_too_large")));
+                }
+            };
+        }
+    }
+
+    cds_media::delete_dir(path.clone()).await?;
+
+    cds_media::save(path, filename, data)
+        .await
+        .map_err(|_| WebError::InternalServerError(json!("")))?;
+
+    Ok(WebResponse {
+        code: StatusCode::OK,
+        ..Default::default()
+    })
+}
+
+pub async fn delete_challenge_attachment(
+    Extension(ext): Extension<Ext>, Path(challenge_id): Path<uuid::Uuid>,
+) -> Result<WebResponse<()>, WebError> {
+    let operator = ext.operator.ok_or(WebError::Unauthorized(json!("")))?;
+    if operator.group != Group::Admin {
+        return Err(WebError::Forbidden(json!("")));
+    }
+
+    let challenge = cds_db::entity::challenge::Entity::find_by_id(challenge_id)
+        .filter(cds_db::entity::challenge::Column::DeletedAt.is_null())
+        .one(get_db())
+        .await?
+        .ok_or(WebError::BadRequest(json!("challenge_not_found")))?;
+
+    let path = format!("challenges/{}/attachment", challenge.id);
+
+    cds_media::delete_dir(path)
+        .await
+        .map_err(|_| WebError::InternalServerError(json!("")))?;
+
+    Ok(WebResponse {
+        code: StatusCode::OK,
+        ..Default::default()
+    })
+}