eightequal/AstralRinth
1
0
Fork 0
forked from didirus/AstralRinth
Code Pull Requests Activity

Project gallery, webhook fixes, remove cache, re-enable donation URLs (#222)

Browse Source
This commit is contained in:
Geometrically
2021-07-19 11:30:39 -07:00
committed by GitHub
parent 981bf1d56f
commit 9ee92fb9e9
15 changed files with 961 additions and 689 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
src/routes/project_creation.rs
View File

@@ -42,7 +42,7 @@ pub enum CreateError {
FileValidationError(#[from] crate::validate::ValidationError),
#[error("{}", .0)]
MissingValueError(String),
#[error("Invalid format for project icon: {0}")]
#[error("Invalid format for image: {0}")]
InvalidIconFormat(String),
#[error("Error with multipart data: {0}")]
InvalidInput(String),
@@ -150,7 +150,7 @@ struct ProjectCreateData {
/// The support range for the server project
pub server_side: SideType,
#[validate(length(max = 64))]
#[validate(length(max = 32))]
#[validate]
/// A list of initial versions to upload with the created project
pub initial_versions: Vec<InitialVersionData>,
@@ -182,6 +182,10 @@ struct ProjectCreateData {
/// The license id that the project follows
pub license_id: String,
#[validate(length(max = 64))]
/// The multipart names of the gallery items to upload
pub gallery_items: Vec<String>,
}
pub struct UploadedFile {
@@ -285,6 +289,7 @@ pub async fn project_create_inner(
let project_create_data;
let mut versions;
let mut versions_map = std::collections::HashMap::new();
let mut gallery_urls = Vec::new();
let all_game_versions = models::categories::GameVersion::list(&mut *transaction).await?;
let all_loaders = models::categories::Loader::list(&mut *transaction).await?;
@@ -421,6 +426,45 @@ pub async fn project_create_inner(
continue;
}
if project_create_data
.gallery_items
.iter()
.find(|x| *x == name)
.is_some()
{
let mut data = Vec::new();
while let Some(chunk) = field.next().await {
data.extend_from_slice(&chunk.map_err(CreateError::MultipartError)?);
}
const FILE_SIZE_CAP: usize = 5 * (1 << 20);
if data.len() >= FILE_SIZE_CAP {
return Err(CreateError::InvalidInput(String::from(
"Gallery image exceeds the maximum of 5MiB.",
)));
}
let hash = sha1::Sha1::from(&data).hexdigest();
let (_, file_extension) = super::version_creation::get_name_ext(&content_disposition)?;
let content_type = crate::util::ext::get_image_content_type(file_extension)
.ok_or_else(|| CreateError::InvalidIconFormat(file_extension.to_string()))?;
let url = format!("data/{}/images/{}.{}", project_id, hash, file_extension);
let upload_data = file_host
.upload_file(content_type, &url, data.to_vec())
.await?;
uploaded_files.push(UploadedFile {
file_id: upload_data.file_id,
file_name: upload_data.file_name.clone(),
});
gallery_urls.push(format!("{}/{}", cdn_url, url));
continue;
}
let index = if let Some(i) = versions_map.get(name) {
*i
} else {
@@ -578,6 +622,13 @@ pub async fn project_create_inner(
license: license_id,
slug: Some(project_create_data.slug),
donation_urls,
gallery_items: gallery_urls
.iter()
.map(|x| models::project_item::GalleryItem {
project_id: project_id.into(),
image_url: x.to_string(),
})
.collect(),
};
let now = chrono::Utc::now();
@@ -616,6 +667,7 @@ pub async fn project_create_inner(
wiki_url: project_builder.wiki_url.clone(),
discord_url: project_builder.discord_url.clone(),
donation_urls: project_create_data.donation_urls.clone(),
gallery: gallery_urls,
};
let _project_id = project_builder.insert(&mut *transaction).await?;
@@ -726,7 +778,7 @@ async fn process_icon_upload(
mut field: actix_multipart::Field,
cdn_url: &str,
) -> Result<String, CreateError> {
if let Some(content_type) = get_image_content_type(file_extension) {
if let Some(content_type) = crate::util::ext::get_image_content_type(file_extension) {
let mut data = Vec::new();
while let Some(chunk) = field.next().await {
data.extend_from_slice(&chunk.map_err(CreateError::MultipartError)?);
@@ -756,22 +808,3 @@ async fn process_icon_upload(
Err(CreateError::InvalidIconFormat(file_extension.to_string()))
}
}
pub fn get_image_content_type(extension: &str) -> Option<&'static str> {
let content_type = match &*extension {
"bmp" => "image/bmp",
"gif" => "image/gif",
"jpeg" | "jpg" | "jpe" => "image/jpeg",
"png" => "image/png",
"svg" | "svgz" => "image/svg+xml",
"webp" => "image/webp",
"rgb" => "image/x-rgb",
_ => "",
};
if !content_type.is_empty() {
Some(content_type)
} else {
None
}
}

320
src/routes/projects.rs
View File

@@ -1,6 +1,4 @@
use crate::database;
use crate::database::cache::project_cache::remove_cache_project;
use crate::database::cache::query_project_cache::remove_cache_query_project;
use crate::file_hosting::FileHost;
use crate::models;
use crate::models::projects::{
@@ -271,6 +269,11 @@ pub fn convert_project(
})
.collect(),
),
gallery: data
.gallery_items
.into_iter()
.map(|x| x.image_url)
.collect(),
}
}
@@ -452,33 +455,13 @@ pub async fn project_edit(
));
}
if status == &ProjectStatus::Processing && project_item.versions.is_empty() {
return Err(ApiError::InvalidInputError(String::from(
"Project submitted for review with no initial versions",
)));
}
if status == &ProjectStatus::Processing {
if project_item.versions.is_empty() {
return Err(ApiError::InvalidInputError(String::from(
"Project submitted for review with no initial versions",
)));
}
let status_id = database::models::StatusId::get_id(&status, &mut *transaction)
.await?
.ok_or_else(|| {
ApiError::InvalidInputError(
"No database entry for status provided.".to_string(),
)
})?;
sqlx::query!(
"
UPDATE mods
SET status = $1
WHERE (id = $2)
",
status_id as database::models::ids::StatusId,
id as database::models::ids::ProjectId,
)
.execute(&mut *transaction)
.await?;
if project_item.status == ProjectStatus::Processing {
sqlx::query!(
"
UPDATE mods
@@ -511,6 +494,26 @@ pub async fn project_edit(
}
}
let status_id = database::models::StatusId::get_id(&status, &mut *transaction)
.await?
.ok_or_else(|| {
ApiError::InvalidInputError(
"No database entry for status provided.".to_string(),
)
})?;
sqlx::query!(
"
UPDATE mods
SET status = $1
WHERE (id = $2)
",
status_id as database::models::ids::StatusId,
id as database::models::ids::ProjectId,
)
.execute(&mut *transaction)
.await?;
if project_item.status.is_searchable() && !status.is_searchable() {
delete_from_index(id.into(), config).await?;
} else if !project_item.status.is_searchable() && status.is_searchable() {
@@ -901,15 +904,6 @@ pub async fn project_edit(
.await?;
}
let id: ProjectId = project_item.inner.id.into();
remove_cache_project(id.to_string().clone()).await;
remove_cache_query_project(id.to_string()).await;
if let Some(slug) = project_item.inner.slug {
remove_cache_project(slug.clone()).await;
remove_cache_query_project(slug).await;
}
transaction.commit().await?;
Ok(HttpResponse::NoContent().body(""))
} else {
@@ -936,7 +930,7 @@ pub async fn project_icon_edit(
file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
mut payload: web::Payload,
) -> Result<HttpResponse, ApiError> {
if let Some(content_type) = super::project_creation::get_image_content_type(&*ext.ext) {
if let Some(content_type) = crate::util::ext::get_image_content_type(&*ext.ext) {
let cdn_url = dotenv::var("CDN_URL")?;
let user = get_user_from_headers(req.headers(), &**pool).await?;
let string = info.into_inner().0;
@@ -988,7 +982,7 @@ pub async fn project_icon_edit(
)));
}
let hash = sha1::Sha1::from(bytes.clone()).hexdigest();
let hash = sha1::Sha1::from(&bytes).hexdigest();
let project_id: ProjectId = project_item.id.into();
@@ -1000,6 +994,8 @@ pub async fn project_icon_edit(
)
.await?;
let mut transaction = pool.begin().await?;
sqlx::query!(
"
UPDATE mods
@@ -1009,17 +1005,10 @@ pub async fn project_icon_edit(
format!("{}/{}", cdn_url, upload_data.file_name),
project_item.id as database::models::ids::ProjectId,
)
.execute(&**pool)
.execute(&mut *transaction)
.await?;
let id: ProjectId = project_item.id.into();
remove_cache_project(id.to_string().clone()).await;
remove_cache_query_project(id.to_string()).await;
if let Some(slug) = project_item.slug {
remove_cache_project(slug.clone()).await;
remove_cache_query_project(slug).await;
}
transaction.commit().await?;
Ok(HttpResponse::NoContent().body(""))
} else {
@@ -1030,6 +1019,232 @@ pub async fn project_icon_edit(
}
}
#[delete("{id}/icon")]
pub async fn delete_project_icon(
req: HttpRequest,
info: web::Path<(String,)>,
pool: web::Data<PgPool>,
file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
) -> Result<HttpResponse, ApiError> {
let user = get_user_from_headers(req.headers(), &**pool).await?;
let string = info.into_inner().0;
let project_item =
database::models::Project::get_from_slug_or_project_id(string.clone(), &**pool)
.await?
.ok_or_else(|| {
ApiError::InvalidInputError("The specified project does not exist!".to_string())
})?;
if !user.role.is_mod() {
let team_member = database::models::TeamMember::get_from_user_id(
project_item.team_id,
user.id.into(),
&**pool,
)
.await
.map_err(ApiError::DatabaseError)?
.ok_or_else(|| {
ApiError::InvalidInputError("The specified project does not exist!".to_string())
})?;
if !team_member.permissions.contains(Permissions::EDIT_DETAILS) {
return Err(ApiError::CustomAuthenticationError(
"You don't have permission to edit this project's icon.".to_string(),
));
}
}
if let Some(icon) = project_item.icon_url {
let name = icon.split('/').next();
if let Some(icon_path) = name {
file_host.delete_file_version("", icon_path).await?;
}
}
let mut transaction = pool.begin().await?;
sqlx::query!(
"
UPDATE mods
SET icon_url = NULL
WHERE (id = $1)
",
project_item.id as database::models::ids::ProjectId,
)
.execute(&mut *transaction)
.await?;
transaction.commit().await?;
Ok(HttpResponse::NoContent().body(""))
}
#[post("{id}/gallery")]
pub async fn add_gallery_item(
web::Query(ext): web::Query<Extension>,
req: HttpRequest,
info: web::Path<(String,)>,
pool: web::Data<PgPool>,
file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
mut payload: web::Payload,
) -> Result<HttpResponse, ApiError> {
if let Some(content_type) = crate::util::ext::get_image_content_type(&*ext.ext) {
let cdn_url = dotenv::var("CDN_URL")?;
let user = get_user_from_headers(req.headers(), &**pool).await?;
let string = info.into_inner().0;
let project_item =
database::models::Project::get_from_slug_or_project_id(string.clone(), &**pool)
.await?
.ok_or_else(|| {
ApiError::InvalidInputError("The specified project does not exist!".to_string())
})?;
if !user.role.is_mod() {
let team_member = database::models::TeamMember::get_from_user_id(
project_item.team_id,
user.id.into(),
&**pool,
)
.await
.map_err(ApiError::DatabaseError)?
.ok_or_else(|| {
ApiError::InvalidInputError("The specified project does not exist!".to_string())
})?;
if !team_member.permissions.contains(Permissions::EDIT_DETAILS) {
return Err(ApiError::CustomAuthenticationError(
"You don't have permission to edit this project's gallery.".to_string(),
));
}
}
let mut bytes = web::BytesMut::new();
while let Some(item) = payload.next().await {
bytes.extend_from_slice(&item.map_err(|_| {
ApiError::InvalidInputError("Unable to parse bytes in payload sent!".to_string())
})?);
}
const FILE_SIZE_CAP: usize = 5 * (1 << 20);
if bytes.len() >= FILE_SIZE_CAP {
return Err(ApiError::InvalidInputError(String::from(
"Gallery image exceeds the maximum of 5MiB.",
)));
}
let hash = sha1::Sha1::from(&bytes).hexdigest();
let id: ProjectId = project_item.id.into();
let url = format!("data/{}/images/{}.{}", id, hash, &*ext.ext);
file_host
.upload_file(content_type, &url, bytes.to_vec())
.await?;
let mut transaction = pool.begin().await?;
database::models::project_item::GalleryItem {
project_id: project_item.id,
image_url: format!("{}/{}", cdn_url, url),
}
.insert(&mut transaction)
.await?;
Ok(HttpResponse::NoContent().body(""))
} else {
Err(ApiError::InvalidInputError(format!(
"Invalid format for gallery image: {}",
ext.ext
)))
}
}
#[derive(Serialize, Deserialize)]
pub struct GalleryItem {
pub item: String,
}
#[delete("{id}/gallery")]
pub async fn delete_gallery_item(
req: HttpRequest,
web::Query(item): web::Query<GalleryItem>,
info: web::Path<(String,)>,
pool: web::Data<PgPool>,
file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
) -> Result<HttpResponse, ApiError> {
let user = get_user_from_headers(req.headers(), &**pool).await?;
let string = info.into_inner().0;
let project_item =
database::models::Project::get_from_slug_or_project_id(string.clone(), &**pool)
.await?
.ok_or_else(|| {
ApiError::InvalidInputError("The specified project does not exist!".to_string())
})?;
if !user.role.is_mod() {
let team_member = database::models::TeamMember::get_from_user_id(
project_item.team_id,
user.id.into(),
&**pool,
)
.await
.map_err(ApiError::DatabaseError)?
.ok_or_else(|| {
ApiError::InvalidInputError("The specified project does not exist!".to_string())
})?;
if !team_member.permissions.contains(Permissions::EDIT_DETAILS) {
return Err(ApiError::CustomAuthenticationError(
"You don't have permission to edit this project's icon.".to_string(),
));
}
}
let mut transaction = pool.begin().await?;
let id = sqlx::query!(
"
SELECT id FROM mods_gallery
WHERE image_url = $1
",
item.item
)
.fetch_optional(&mut *transaction)
.await?
.ok_or_else(|| {
ApiError::InvalidInputError(format!(
"Gallery item at URL {} is not part of the project's gallery.",
item.item
))
})?
.id;
let name = item.item.split('/').next();
if let Some(item_path) = name {
file_host.delete_file_version("", item_path).await?;
}
let mut transaction = pool.begin().await?;
sqlx::query!(
"
DELETE FROM mods_gallery
WHERE id = $1
",
id
)
.execute(&mut *transaction)
.await?;
transaction.commit().await?;
Ok(HttpResponse::NoContent().body(""))
}
#[delete("{id}")]
pub async fn project_delete(
req: HttpRequest,
@@ -1072,15 +1287,6 @@ pub async fn project_delete(
let result = database::models::Project::remove_full(project.id, &mut transaction).await?;
let id: ProjectId = project.id.into();
remove_cache_project(id.to_string().clone()).await;
remove_cache_query_project(id.to_string()).await;
if let Some(slug) = project.slug {
remove_cache_project(slug.clone()).await;
remove_cache_query_project(slug).await;
}
transaction.commit().await?;
delete_from_index(project.id.into(), config).await?;

2
src/routes/users.rs
View File

@@ -286,7 +286,7 @@ pub async fn user_icon_edit(
file_host: web::Data<Arc<dyn FileHost + Send + Sync>>,
mut payload: web::Payload,
) -> Result<HttpResponse, ApiError> {
if let Some(content_type) = super::project_creation::get_image_content_type(&*ext.ext) {
if let Some(content_type) = crate::util::ext::get_image_content_type(&*ext.ext) {
let cdn_url = dotenv::var("CDN_URL")?;
let user = get_user_from_headers(req.headers(), &**pool).await?;
let id_option =

16
src/routes/version_creation.rs
View File

@@ -580,7 +580,7 @@ pub async fn upload_file(
) -> Result<(), CreateError> {
let (file_name, file_extension) = get_name_ext(content_disposition)?;
let content_type = project_file_type(file_extension)
let content_type = crate::util::ext::project_file_type(file_extension)
.ok_or_else(|| CreateError::InvalidFileType(file_extension.to_string()))?;
let mut data = Vec::new();
@@ -588,13 +588,13 @@ pub async fn upload_file(
data.extend_from_slice(&chunk.map_err(CreateError::MultipartError)?);
}
// Project file size limit of 25MiB
const FILE_SIZE_CAP: usize = 25 * (2 << 30);
// Project file size limit of 100MiB
const FILE_SIZE_CAP: usize = 100 * (1 << 20);
// TODO: override file size cap for authorized users or projects
if data.len() >= FILE_SIZE_CAP {
return Err(CreateError::InvalidInput(
String::from("Project file exceeds the maximum of 25MiB. Contact a moderator or admin to request permission to upload larger files.")
String::from("Project file exceeds the maximum of 100MiB. Contact a moderator or admin to request permission to upload larger files.")
));
}
@@ -649,14 +649,6 @@ pub async fn upload_file(
Ok(())
}
// Currently we only support jar projects; this may change in the future (datapacks?)
fn project_file_type(ext: &str) -> Option<&str> {
match ext {
"jar" => Some("application/java-archive"),
_ => None,
}
}
pub fn get_name_ext(
content_disposition: &actix_web::http::header::ContentDisposition,
) -> Result<(&str, &str), CreateError> {