2018-04-14 16:40:56 +02:00
|
|
|
// Copyright (C) 2018 Vincent Ambo <mail@tazj.in>
|
|
|
|
//
|
|
|
|
// Converse is free software: you can redistribute it and/or modify it
|
|
|
|
// under the terms of the GNU General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
|
|
|
|
// This program is distributed in the hope that it will be useful, but
|
|
|
|
// WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
// General Public License for more details.
|
|
|
|
|
|
|
|
// You should have received a copy of the GNU General Public License
|
|
|
|
// along with this program. If not, see
|
|
|
|
// <http://www.gnu.org/licenses/>.
|
|
|
|
|
2018-04-08 18:48:50 +02:00
|
|
|
//! This module contains the implementation of converse's actix-web
|
|
|
|
//! HTTP handlers.
|
|
|
|
//!
|
|
|
|
//! Most handlers have an associated rendering function using one of
|
|
|
|
//! the tera templates stored in the `/templates` directory in the
|
|
|
|
//! project root.
|
|
|
|
|
2018-04-11 12:18:08 +02:00
|
|
|
use actix::prelude::*;
|
2018-04-09 09:10:48 +02:00
|
|
|
use actix_web;
|
2018-04-08 18:48:50 +02:00
|
|
|
use actix_web::*;
|
2018-04-09 09:10:48 +02:00
|
|
|
use actix_web::middleware::{Started, Middleware, RequestSession};
|
2018-04-08 18:48:50 +02:00
|
|
|
use db::*;
|
2018-04-11 16:35:26 +02:00
|
|
|
use errors::ConverseError;
|
2018-04-08 22:56:29 +02:00
|
|
|
use futures::Future;
|
|
|
|
use models::*;
|
2018-04-08 22:37:36 +02:00
|
|
|
use oidc::*;
|
2018-04-11 12:18:08 +02:00
|
|
|
use render::*;
|
2018-04-08 18:48:50 +02:00
|
|
|
|
|
|
|
type ConverseResponse = Box<Future<Item=HttpResponse, Error=ConverseError>>;
|
|
|
|
|
2018-04-11 12:18:08 +02:00
|
|
|
const HTML: &'static str = "text/html";
|
|
|
|
|
2018-04-08 18:48:50 +02:00
|
|
|
/// Represents the state carried by the web server actors.
|
|
|
|
pub struct AppState {
|
|
|
|
/// Address of the database actor
|
|
|
|
pub db: Addr<Syn, DbExecutor>,
|
|
|
|
|
2018-04-08 22:37:36 +02:00
|
|
|
/// Address of the OIDC actor
|
|
|
|
pub oidc: Addr<Syn, OidcExecutor>,
|
|
|
|
|
2018-04-11 12:18:08 +02:00
|
|
|
/// Address of the rendering actor
|
|
|
|
pub renderer: Addr<Syn, Renderer>,
|
2018-04-08 18:48:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
pub fn forum_index(state: State<AppState>) -> ConverseResponse {
|
|
|
|
state.db.send(ListThreads)
|
2018-04-12 00:04:37 +02:00
|
|
|
.flatten()
|
|
|
|
.and_then(move |res| state.renderer.send(IndexPage {
|
|
|
|
threads: res
|
|
|
|
}).from_err())
|
|
|
|
.flatten()
|
|
|
|
.map(|res| HttpResponse::Ok().content_type(HTML).body(res))
|
2018-04-08 18:48:50 +02:00
|
|
|
.responder()
|
|
|
|
}
|
|
|
|
|
|
|
|
/// This handler retrieves and displays a single forum thread.
|
2018-04-15 12:38:12 +02:00
|
|
|
pub fn forum_thread(state: State<AppState>,
|
|
|
|
mut req: HttpRequest<AppState>,
|
|
|
|
thread_id: Path<i32>) -> ConverseResponse {
|
2018-04-08 18:48:50 +02:00
|
|
|
let id = thread_id.into_inner();
|
2018-04-15 12:38:12 +02:00
|
|
|
let user = req.session().get(AUTHOR)
|
|
|
|
.unwrap_or_else(|_| None)
|
|
|
|
.map(|a: Author| a.email);
|
|
|
|
|
2018-04-08 18:48:50 +02:00
|
|
|
state.db.send(GetThread(id))
|
2018-04-12 00:04:37 +02:00
|
|
|
.flatten()
|
|
|
|
.and_then(move |res| state.renderer.send(ThreadPage {
|
2018-04-15 12:38:12 +02:00
|
|
|
current_user: user,
|
2018-04-12 00:04:37 +02:00
|
|
|
thread: res.0,
|
|
|
|
posts: res.1,
|
|
|
|
}).from_err())
|
|
|
|
.flatten()
|
|
|
|
.map(|res| HttpResponse::Ok().content_type(HTML).body(res))
|
2018-04-08 18:48:50 +02:00
|
|
|
.responder()
|
|
|
|
}
|
2018-04-08 20:01:32 +02:00
|
|
|
|
2018-04-09 23:37:41 +02:00
|
|
|
/// This handler presents the user with the "New Thread" form.
|
2018-04-11 12:18:08 +02:00
|
|
|
pub fn new_thread(state: State<AppState>) -> ConverseResponse {
|
2018-04-12 01:07:25 +02:00
|
|
|
state.renderer.send(NewThreadPage::default()).flatten()
|
2018-04-12 00:04:37 +02:00
|
|
|
.map(|res| HttpResponse::Ok().content_type(HTML).body(res))
|
2018-04-11 12:18:08 +02:00
|
|
|
.responder()
|
2018-04-09 23:37:41 +02:00
|
|
|
}
|
|
|
|
|
2018-04-12 01:28:37 +02:00
|
|
|
/// This function provides an anonymous "default" author if logins are
|
|
|
|
/// not required.
|
|
|
|
fn anonymous() -> Author {
|
|
|
|
Author {
|
|
|
|
name: "Anonymous".into(),
|
|
|
|
email: "anonymous@nothing.org".into(),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-04-09 09:20:27 +02:00
|
|
|
#[derive(Deserialize)]
|
|
|
|
pub struct NewThreadForm {
|
|
|
|
pub title: String,
|
2018-04-15 21:13:20 +02:00
|
|
|
pub post: String,
|
2018-04-09 09:20:27 +02:00
|
|
|
}
|
|
|
|
|
2018-04-12 01:07:25 +02:00
|
|
|
const NEW_THREAD_LENGTH_ERR: &'static str = "Title and body can not be empty!";
|
|
|
|
|
2018-04-08 20:01:32 +02:00
|
|
|
/// This handler receives a "New thread"-form and redirects the user
|
|
|
|
/// to the new thread after creation.
|
2018-04-09 09:20:27 +02:00
|
|
|
pub fn submit_thread(state: State<AppState>,
|
|
|
|
input: Form<NewThreadForm>,
|
|
|
|
mut req: HttpRequest<AppState>) -> ConverseResponse {
|
2018-04-15 12:59:43 +02:00
|
|
|
// Trim whitespace out of inputs:
|
|
|
|
let input = NewThreadForm {
|
|
|
|
title: input.title.trim().into(),
|
2018-04-15 21:13:20 +02:00
|
|
|
post: input.post.trim().into(),
|
2018-04-15 12:59:43 +02:00
|
|
|
};
|
|
|
|
|
2018-04-12 01:07:25 +02:00
|
|
|
// Perform simple validation and abort here if it fails:
|
2018-04-15 21:13:20 +02:00
|
|
|
if input.title.is_empty() || input.post.is_empty() {
|
2018-04-12 01:07:25 +02:00
|
|
|
return state.renderer
|
|
|
|
.send(NewThreadPage {
|
|
|
|
alerts: vec![NEW_THREAD_LENGTH_ERR],
|
2018-04-15 12:59:43 +02:00
|
|
|
title: Some(input.title),
|
2018-04-15 21:13:20 +02:00
|
|
|
post: Some(input.post),
|
2018-04-12 01:07:25 +02:00
|
|
|
})
|
|
|
|
.flatten()
|
|
|
|
.map(|res| HttpResponse::Ok().content_type(HTML).body(res))
|
|
|
|
.responder();
|
|
|
|
}
|
|
|
|
|
2018-04-12 01:28:37 +02:00
|
|
|
let author: Author = req.session().get(AUTHOR)
|
|
|
|
.unwrap_or_else(|_| Some(anonymous()))
|
|
|
|
.unwrap_or_else(anonymous);
|
|
|
|
|
2018-04-09 09:20:27 +02:00
|
|
|
let new_thread = NewThread {
|
2018-04-15 12:59:43 +02:00
|
|
|
title: input.title,
|
2018-04-09 09:20:27 +02:00
|
|
|
author_name: author.name,
|
|
|
|
author_email: author.email,
|
|
|
|
};
|
|
|
|
|
2018-04-14 16:33:45 +02:00
|
|
|
let msg = CreateThread {
|
|
|
|
new_thread,
|
2018-04-15 21:13:20 +02:00
|
|
|
post: input.post,
|
2018-04-14 16:33:45 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
state.db.send(msg)
|
2018-04-08 20:01:32 +02:00
|
|
|
.from_err()
|
|
|
|
.and_then(move |res| {
|
|
|
|
let thread = res?;
|
|
|
|
info!("Created new thread \"{}\" with ID {}", thread.title, thread.id);
|
2018-04-08 20:20:05 +02:00
|
|
|
Ok(HttpResponse::SeeOther()
|
2018-04-08 20:01:32 +02:00
|
|
|
.header("Location", format!("/thread/{}", thread.id))
|
|
|
|
.finish())
|
|
|
|
})
|
|
|
|
.responder()
|
|
|
|
}
|
2018-04-08 20:20:05 +02:00
|
|
|
|
2018-04-09 09:20:27 +02:00
|
|
|
#[derive(Deserialize)]
|
|
|
|
pub struct NewPostForm {
|
|
|
|
pub thread_id: i32,
|
2018-04-15 21:13:20 +02:00
|
|
|
pub post: String,
|
2018-04-09 09:20:27 +02:00
|
|
|
}
|
|
|
|
|
2018-04-08 20:20:05 +02:00
|
|
|
/// This handler receives a "Reply"-form and redirects the user to the
|
|
|
|
/// new post after creation.
|
2018-04-09 09:20:27 +02:00
|
|
|
pub fn reply_thread(state: State<AppState>,
|
|
|
|
input: Form<NewPostForm>,
|
|
|
|
mut req: HttpRequest<AppState>) -> ConverseResponse {
|
2018-04-12 01:28:37 +02:00
|
|
|
let author: Author = req.session().get(AUTHOR)
|
|
|
|
.unwrap_or_else(|_| Some(anonymous()))
|
|
|
|
.unwrap_or_else(anonymous);
|
|
|
|
|
2018-04-09 09:20:27 +02:00
|
|
|
let new_post = NewPost {
|
|
|
|
thread_id: input.thread_id,
|
2018-04-15 21:13:20 +02:00
|
|
|
body: input.post.trim().into(),
|
2018-04-09 09:20:27 +02:00
|
|
|
author_name: author.name,
|
|
|
|
author_email: author.email,
|
|
|
|
};
|
|
|
|
|
|
|
|
state.db.send(CreatePost(new_post))
|
2018-04-14 20:29:46 +02:00
|
|
|
.flatten()
|
2018-04-08 20:20:05 +02:00
|
|
|
.from_err()
|
2018-04-14 20:29:46 +02:00
|
|
|
.and_then(move |post| {
|
2018-04-08 20:20:05 +02:00
|
|
|
info!("Posted reply {} to thread {}", post.id, post.thread_id);
|
|
|
|
Ok(HttpResponse::SeeOther()
|
2018-04-11 16:35:40 +02:00
|
|
|
.header("Location", format!("/thread/{}#post-{}", post.thread_id, post.id))
|
2018-04-08 20:20:05 +02:00
|
|
|
.finish())
|
|
|
|
})
|
|
|
|
.responder()
|
|
|
|
}
|
2018-04-08 22:37:36 +02:00
|
|
|
|
2018-04-15 23:09:44 +02:00
|
|
|
/// This handler presents the user with the form to edit a post. If
|
|
|
|
/// the user attempts to edit a post that they do not have access to,
|
|
|
|
/// they are currently ungracefully redirected back to the post
|
|
|
|
/// itself.
|
|
|
|
pub fn edit_form(state: State<AppState>,
|
|
|
|
mut req: HttpRequest<AppState>,
|
|
|
|
query: Path<GetPost>) -> ConverseResponse {
|
|
|
|
let author: Option<Author> = req.session().get(AUTHOR)
|
|
|
|
.unwrap_or_else(|_| None);
|
|
|
|
|
|
|
|
state.db.send(query.into_inner())
|
|
|
|
.flatten()
|
|
|
|
.from_err()
|
|
|
|
.and_then(move |post| {
|
|
|
|
if let Some(author) = author {
|
|
|
|
if author.email.eq(&post.author_email) {
|
|
|
|
return Ok(post);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Err(ConverseError::PostEditForbidden { id: post.id })
|
|
|
|
})
|
|
|
|
.and_then(move |post| {
|
|
|
|
let edit_msg = EditPostPage {
|
|
|
|
id: post.id,
|
|
|
|
post: post.body,
|
|
|
|
};
|
|
|
|
|
|
|
|
state.renderer.send(edit_msg).from_err()
|
|
|
|
})
|
|
|
|
.flatten()
|
|
|
|
.map(|page| HttpResponse::Ok().content_type(HTML).body(page))
|
|
|
|
.responder()
|
|
|
|
}
|
|
|
|
|
2018-04-14 22:06:30 +02:00
|
|
|
/// This handler executes a full-text search on the forum database and
|
|
|
|
/// displays the results to the user.
|
|
|
|
pub fn search_forum(state: State<AppState>,
|
2018-04-14 23:28:34 +02:00
|
|
|
query: Query<SearchPosts>) -> ConverseResponse {
|
|
|
|
let query_string = query.query.clone();
|
|
|
|
state.db.send(query.into_inner())
|
2018-04-14 22:06:30 +02:00
|
|
|
.flatten()
|
|
|
|
.and_then(move |results| state.renderer.send(SearchResultPage {
|
|
|
|
results,
|
|
|
|
query: query_string,
|
|
|
|
}).from_err())
|
|
|
|
.flatten()
|
|
|
|
.map(|res| HttpResponse::Ok().content_type(HTML).body(res))
|
|
|
|
.responder()
|
|
|
|
}
|
|
|
|
|
2018-04-08 22:37:36 +02:00
|
|
|
/// This handler initiates an OIDC login.
|
|
|
|
pub fn login(state: State<AppState>) -> ConverseResponse {
|
|
|
|
state.oidc.send(GetLoginUrl)
|
|
|
|
.from_err()
|
|
|
|
.and_then(|url| Ok(HttpResponse::TemporaryRedirect()
|
|
|
|
.header("Location", url)
|
|
|
|
.finish()))
|
|
|
|
.responder()
|
|
|
|
}
|
|
|
|
|
2018-04-09 09:10:48 +02:00
|
|
|
const AUTHOR: &'static str = "author";
|
|
|
|
|
2018-04-08 22:56:29 +02:00
|
|
|
pub fn callback(state: State<AppState>,
|
|
|
|
data: Form<CodeResponse>,
|
|
|
|
mut req: HttpRequest<AppState>) -> ConverseResponse {
|
2018-04-08 22:37:36 +02:00
|
|
|
state.oidc.send(RetrieveToken(data.0))
|
|
|
|
.from_err()
|
2018-04-08 22:56:29 +02:00
|
|
|
.and_then(move |result| {
|
|
|
|
let author = result?;
|
|
|
|
info!("Setting cookie for {} after callback", author.name);
|
2018-04-09 09:10:48 +02:00
|
|
|
req.session().set(AUTHOR, author)?;
|
2018-04-08 22:56:29 +02:00
|
|
|
Ok(HttpResponse::SeeOther()
|
|
|
|
.header("Location", "/")
|
|
|
|
.finish())})
|
2018-04-08 22:37:36 +02:00
|
|
|
.responder()
|
|
|
|
}
|
2018-04-09 09:10:48 +02:00
|
|
|
|
|
|
|
|
2018-04-12 01:07:25 +02:00
|
|
|
/// Middleware used to enforce logins unceremoniously.
|
2018-04-09 09:10:48 +02:00
|
|
|
pub struct RequireLogin;
|
|
|
|
|
|
|
|
impl <S> Middleware<S> for RequireLogin {
|
|
|
|
fn start(&self, req: &mut HttpRequest<S>) -> actix_web::Result<Started> {
|
|
|
|
let has_author = req.session().get::<Author>(AUTHOR)?.is_some();
|
|
|
|
let is_oidc_req = req.path().starts_with("/oidc");
|
|
|
|
|
|
|
|
if !is_oidc_req && !has_author {
|
|
|
|
Ok(Started::Response(
|
|
|
|
HttpResponse::SeeOther()
|
|
|
|
.header("Location", "/oidc/login")
|
|
|
|
.finish()
|
|
|
|
))
|
|
|
|
} else {
|
|
|
|
Ok(Started::Done)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|