newthuhole/hole-backend-rust
2
1
Fork 0
Code Issues 7 Pull Requests Projects Releases 4 Wiki Activity

feat: ban user

Browse Source
This commit is contained in:
hole-thu
2022-03-26 16:44:28 +08:00
parent ce3379c5ae
commit fb9648456a
4 changed files with 81 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
src/api/mod.rs
View File

@@ -2,6 +2,7 @@ use crate::db_conn::Db;
use crate::models::*;
use crate::random_hasher::RandomHasher;
use crate::rds_conn::RdsConn;
use crate::rds_models::BannedUsers;
use rocket::http::Status;
use rocket::outcome::try_outcome;
use rocket::request::{FromRequest, Outcome, Request};
@@ -13,6 +14,12 @@ pub fn catch_401_error() -> &'static str {
"未登录或token过期"
}
#[catch(403)]
pub fn catch_403_error() -> &'static str {
"可能被封禁了,等下次重置吧"
}
pub struct CurrentUser {
id: Option<i32>, // tmp user has no id, only for block
namehash: String,
@@ -25,34 +32,40 @@ impl<'r> FromRequest<'r> for CurrentUser {
type Error = ();
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
let rh = request.rocket().state::<RandomHasher>().unwrap();
let mut cu: Option<CurrentUser> = None;
let rconn = try_outcome!(request.guard::<RdsConn>().await);
let mut id = None;
let mut namehash = None;
let mut is_admin = false;
if let Some(token) = request.headers().get_one("User-Token") {
let sp = token.split('_').collect::<Vec<&str>>();
if sp.len() == 2 && sp[0] == rh.get_tmp_token() {
let namehash = rh.hash_with_salt(sp[1]);
cu = Some(CurrentUser {
id: None,
custom_title: format!("TODO: {}", &namehash),
namehash: namehash,
is_admin: false,
});
namehash = Some(rh.hash_with_salt(sp[1]));
id = None;
is_admin = false;
} else {
let db = try_outcome!(request.guard::<Db>().await);
let rconn = try_outcome!(request.guard::<RdsConn>().await);
if let Some(user) = User::get_by_token(&db, &rconn, token).await {
let namehash = rh.hash_with_salt(&user.name);
cu = Some(CurrentUser {
id: Some(user.id),
custom_title: format!("TODO: {}", &namehash),
namehash: namehash,
is_admin: user.is_admin,
});
if let Some(u) = User::get_by_token(&db, &rconn, token).await {
id = Some(u.id);
namehash = Some(rh.hash_with_salt(&u.name));
is_admin = u.is_admin;
}
}
}
match cu {
Some(u) => Outcome::Success(u),
match namehash {
Some(nh) => {
if BannedUsers::has(&rconn, &nh).await.unwrap() {
Outcome::Failure((Status::Forbidden, ()))
} else {
Outcome::Success(CurrentUser {
id: id,
custom_title: format!("title todo: {}", &nh),
namehash: nh,
is_admin: is_admin,
})
}
}
None => Outcome::Failure((Status::Unauthorized, ())),
}
}

17
src/api/operation.rs
View File

@@ -49,9 +49,9 @@ pub async fn delete(
_ => return Err(APIError::PcError(NotAllowed)),
}
if user.is_admin && author_hash != user.namehash {
if user.is_admin && !user.namehash.eq(author_hash) {
Systemlog {
user_hash: user.namehash,
user_hash: user.namehash.clone(),
action_type: LogType::AdminDelete,
target: format!("#{}, {}={}", p.id, di.id_type, di.id),
detail: di.note.clone(),
@@ -59,6 +59,19 @@ pub async fn delete(
}
.create(&rconn)
.await?;
if di.note.starts_with("!ban ") {
Systemlog {
user_hash: user.namehash.clone(),
action_type: LogType::Ban,
target: look!(author_hash),
detail: di.note.clone(),
time: Local::now(),
}
.create(&rconn)
.await?;
BannedUsers::add(&rconn, author_hash).await?;
}
}
Ok(json!({

14
src/main.rs
View File

@@ -23,7 +23,7 @@ mod schema;
use db_conn::{establish_connection, Conn, Db};
use diesel::Connection;
use random_hasher::RandomHasher;
use rds_conn::init_rds_client;
use rds_conn::{init_rds_client, RdsConn};
use std::env;
use tokio::time::{interval, Duration};
@@ -38,7 +38,8 @@ async fn main() -> Result<(), rocket::Error> {
}
env_logger::init();
let rmc = init_rds_client().await;
let rconn = rds_conn::RdsConn(rmc.clone());
let rconn = RdsConn(rmc.clone());
clear_outdate_redis_data(&rconn.clone()).await;
tokio::spawn(async move {
let mut itv = interval(Duration::from_secs(4 * 60 * 60));
loop {
@@ -64,7 +65,10 @@ async fn main() -> Result<(), rocket::Error> {
api::operation::delete,
],
)
.register("/_api", catchers![api::catch_401_error])
.register(
"/_api",
catchers![api::catch_401_error, api::catch_403_error,],
)
.manage(RandomHasher::get_random_one())
.manage(rmc)
.attach(Db::fairing())
@@ -85,3 +89,7 @@ fn init_database() {
let conn = Conn::establish(&database_url).unwrap();
embedded_migrations::run(&conn).unwrap();
}
async fn clear_outdate_redis_data(rconn: &RdsConn) {
rds_models::BannedUsers::clear(&rconn).await.unwrap();
}

25
src/rds_models.rs
View File

@@ -5,6 +5,7 @@ use rocket::serde::json::serde_json;
use rocket::serde::{Deserialize, Serialize};
const KEY_SYSTEMLOG: &str = "hole_v2:systemlog_list";
const KEY_BANNED_USERS: &str = "hole_v2:banned_user_hash_list";
const SYSTEMLOG_MAX_LEN: isize = 1000;
pub struct Attention {
@@ -35,6 +36,8 @@ impl Attention {
pub async fn all(&mut self) -> RedisResult<Vec<i32>> {
self.rconn.smembers(&self.key).await
}
// TODO: clear all
}
#[derive(Serialize, Deserialize, Debug)]
@@ -42,10 +45,9 @@ impl Attention {
pub enum LogType {
AdminDelete,
Report,
Ban
Ban,
}
#[derive(Serialize, Deserialize, Debug)]
#[serde(crate = "rocket::serde")]
pub struct Systemlog {
@@ -78,3 +80,22 @@ impl Systemlog {
.collect())
}
}
pub struct BannedUsers;
impl BannedUsers {
pub async fn add(rconn: &RdsConn, namehash: &str) -> RedisResult<()> {
rconn
.clone()
.sadd::<&str, &str, ()>(KEY_BANNED_USERS, namehash)
.await
}
pub async fn has(rconn: &RdsConn, namehash: &str) -> RedisResult<bool> {
rconn.clone().sismember(KEY_BANNED_USERS, namehash).await
}
pub async fn clear(rconn: &RdsConn) -> RedisResult<()> {
rconn.clone().del(KEY_BANNED_USERS).await
}
}