dietrich/Pslink
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases 1 Activity

Compare commits

base: dietrich:master
Branches Tags
dietrich:master
dietrich:add_demo_mode
dietrich:move-to-sqlx
dietrich:V0.2.0-BETA
..
compare: dietrich:move-to-sqlx
Branches Tags
dietrich:add_demo_mode
dietrich:master
dietrich:move-to-sqlx
dietrich:V0.2.0-BETA

No commits in common. "master" and "move-to-sqlx" have entirely different histories.
master ... move-to-sq

30 changed files with 791 additions and 2714 deletions
Show Stats Expand all files Collapse all files

22
.github/workflows/rust.yml vendored
View File

@ -1,22 +0,0 @@
name: Rust
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
env:
CARGO_TERM_COLOR: always
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Build
run: cargo build --verbose
- name: Run tests
run: cargo test --verbose

3
.gitignore vendored
View File

@ -1,7 +1,6 @@
/target
.env
links.db*
links.db
launch.json
settings.json
links.session.sql
sqltemplates

1460
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

98
Cargo.toml
View File

@ -1,73 +1,43 @@
[package]
authors = ["Dietrich <dietrich@teilgedanken.de>"]
build = "build.rs"
categories = ["web-programming", "network-programming", "web-programming::http-server", "command-line-utilities"]
description = "A simple webservice that allows registered users to create short links including qr-codes.\nAnyone can visit the shortened links. This is an ideal setup for small busines or for publishing papers."
edition = "2018"
keywords = ["url", "link", "webpage", "actix", "web"]
license = "MIT OR Apache-2.0"
name = "pslink"
version = "0.3.0"
description = "A simple webservice that allows registered users to create short links including qr-codes.\nAnyone can visit the shortened links. This is an ideal setup for small busines or for publishing papers."
authors = ["Dietrich <dietrich@teilgedanken.de>"]
edition = "2018"
license = "MIT OR Apache-2.0"
keywords = ["url", "link", "webpage", "actix", "web"]
categories = ["web-programming", "network-programming", "web-programming::http-server", "command-line-utilities"]
readme = "README.md"
repository = "https://github.com/enaut/pslink/"
version = "0.3.1"
repository = "https://git.teilgedanken.de/dietrich/Pslink"
build = "build.rs"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
actix-web = "3"
actix-web-static-files = "3.0"
actix-slog = "0.2"
tera = "1.6"
serde = "1.0"
sqlx={version="0.4", features = [ "sqlite", "macros", "runtime-actix-rustls", "chrono", "migrate" ]}
dotenv = "0.15.0"
actix-identity = "0.3"
chrono = { version = "0.4", features = ["serde"] }
argonautica = "0.2"
slog = "2"
slog-term = "2"
slog-async = "2"
qrcode = "0.12"
image = "0.23"
rand="0.8"
rpassword = "5.0"
clap = "2.33"
[build-dependencies]
actix-web-static-files = "3.0"
[dependencies]
actix-identity = "0.3"
actix-rt = "1.1"
actix-slog = "0.2"
actix-web = "3"
actix-web-static-files = "3.0"
anyhow = "1.0"
argonautica = "0.2"
clap = "2.33"
dotenv = "0.15.0"
fluent-langneg = "0.13"
image = "0.23"
opentelemetry = "0.13"
opentelemetry-jaeger = "0.12"
qrcode = "0.12"
rand = "0.8"
rpassword = "5.0"
serde = "1.0"
tera = "1.6"
thiserror = "1.0"
tracing-actix-web = "0.2.1"
tracing-bunyan-formatter = "0.2.0"
tracing-opentelemetry = "0.12"
[dependencies.chrono]
features = ["serde"]
version = "0.4"
[dependencies.fluent-templates]
features = ["tera"]
version = "0.6"
[dependencies.sqlx]
features = ["sqlite", "macros", "runtime-actix-rustls", "chrono", "migrate", "offline"]
version = "0.4"
[dependencies.tracing]
features = ["log"]
version = "0.1"
[dependencies.tracing-subscriber]
features = ["registry", "env-filter"]
version = "0.2.17"
[dev-dependencies]
actix-server = "1.0.4"
tempdir = "0.3"
test_bin = "0.3"
tokio = "0.2.25"
[dev-dependencies.reqwest]
features = ["cookies"]
version = "0.10.10"
[profile]
# optimize for size at cost of compilation speed.
[profile.release]
lto = true
#codegen-units = 1

82
README.md
View File

@ -2,91 +2,41 @@
The target audience of this tool are small entities that need a url shortener. The shortened urls can be publicly resolved but only registered users can create short urls. Every registered user can see all shorted urls but ownly modify its own. Admin users can invite other accounts and edit everything that can be edited (also urls created by other accounts).
So in general this is more a shared short url bookmark webpage than a shorturl service.
![Screenshot](./doc/img/pslinkscreenshot.png)
The Page comes with a basic commandline interface to setup the environment.
The Page comes with a basic commandline interface to setup the environment. If it is built with `cargo build release --target=x86_64-unknown-linux-musl` everything is embedded and it should be portable to any 64bit linux system.
Templates and migrations are embedded in the binary. So it should run standalone without anything extra.
## Usage
## usage
### install binary
The pslink binary can be downloaded from the latest release at: https://github.com/enaut/pslink/releases
These binaries are selfcontained and should run on any linux 64bit system. Just put them where you like them to be and make them executable. A sample install might be:
```bash
# mkdir -p /opt/pslink
# wget -o /opt/pslink/pslink https://github.com/enaut/pslink/releases/latest/download/pslink.linux.64bit
# chmod +x /opt/pslink/pslink
```
You could now adjust your `PATH` or setup an alias or just call the binary with the full path `/opt/pslink/pslink`
### Install with cargo
Pslink can be compiled and installed with cargo. Setup cargo as guided here: https://doc.rust-lang.org/cargo/getting-started/installation.html
After that install pslink using:
```bash
$ cargo install pslink
```
If that succeeds you should now be able to call pslink.
### Build from source
When building manually with cargo you have to have a sqlite database present or build it in offline mode. So on your first build you will most likely need to call:
```bash
SQLX_OFFLINE=1 cargo run
# or
$ export SQLX_OFFLINE=1
$ cargo run
```
If pslink is built with `cargo build release --target=x86_64-unknown-linux-musl` everything is embedded and it should be portable to any 64bit linux system.
Templates and migrations are embedded in the binary so it should run standalone without anything extra.
### Setup
### setup
To get Pslink up and running use the commands in the following order:
1. `pslink generate-env`
1. `pslink generate-env` this will generate a `.env` file in the curent directory with the default settings. Edit this file to your liking. You can however skip this step and provide all the parameters via commandline or environmentvariable. It is **not** recommended to provide PSLINK_SECRET with commandline parameters as they can be read by every user on the system.
2. `pslink migrate-database` will create a sqlite database in the location specified.
3. `pslink create-admin` create an initial admin user. As the page has no "register" function this is required to do anything usefull.
4. `pslink runserver` If everything is set up correctly this command will start the service.
this will generate a `.env` file in the curent directory with the default settings. Edit this file to your liking. You can however skip this step and provide all the parameters via commandline or environmentvariable. It is **not** recommended to provide PSLINK_SECRET with commandline parameters as they can be read by every user on the system.
2. `pslink migrate-database`
will create a sqlite database in the location specified.
3. `pslink create-admin`
create an initial admin user. As the page has no "register" function this is required to do anything usefull.
4. `pslink runserver`
If everything is set up correctly this command will start the service.
### Run the service
### run the service
If everything is correctly set up just do `pslink runserver`.
### Update
### update
To update to a newer version execute the commands in the following order
1. stop the service
2. download and install the new binary
3. run `pslink migrate-database`
4. run the server again `pslink runserver`
2. run `pslink migrate-database`
3. run the server again `pslink runserver`
### Help
### help
For a list of options use `pslink help`. If the help does not provide enough clues please file an issue at: https://github.com/enaut/pslink/issues/new
For a list of options use `pslink help`.
### Systemd service file
### systemd service file
If you want to automatically start this with systemd you can adjust the following template unit to your system. In this case a dedicated `pslink` user and group is used with the users home directory at `/var/pslink`. Some additional settings are in place to protect the system a little should anything go wrong.
If you want to automatically start this with systemd you can adjust the following template unit to your system. In this case a dedicated `pslink` user and group are used with the users home directory at `/var/pslink`. Some additional settings are in place to protect the system a little should anything go wrong.
```systemd
# /etc/systemd/system/pslink.service

19
Release.md
View File

@ -1,19 +0,0 @@
Guide to release:
- [ ] Verify everything is committed
- [ ] update the sqlx cache: cargo sqlx prepare
- [ ] commit the update
- [ ] push to github and teilgedanken
- [ ] create release draft tag: https://github.com/enaut/pslink/releases
- [ ] check `git log --pretty=format:'* %s' --abbrev-commit` for changes and selectively include into changelist.
- [ ] verify everything is ready for publishing using:
```
SQLX_OFFLINE=1 cargo publish --dry-run
```
- [ ] make draft a release
- [ ] publish
```SQLX_OFFLINE=1 cargo publish```

36
locales/de/main.ftl
View File

@ -1,36 +0,0 @@
list-links = Link Liste
add-link = Link hinzufügen
invite-user = Benutzer einladen
list-users = Liste der Benutzer
welcome-user = Herzlich willkommen {$username}
logout = Abmelden
login = Login
not-found = Dieser Link existiert nicht, oder wurde gelöscht.
edit-link-headline = Zu editierender Link: {$linktitle}
edit-link = Link Editieren
link-description = Beschreibung
link-target = Link Ziel
link-code = Link Code
shortlink = Shortlink
qr-code = QR-code
danger-zone = Achtung!
danger-zone-text = Verändern Sie den Code von bereits veröffentlichten Links nicht. Sollte es dennoch geschehen werden veröffentlichte links unbenutzbar. Wird das Linkziel verändert, so zeigen auch die bereits veröffentlichten Links auf das neue Ziel.
save-edits = Speichere die Veränderungen
delete-link = Diesen Link löschen
edit-user-headline = Benutzereinstellungen von: {$username}
username = Benutzername
email = Email
password = Passwort
password-placeholder = Leer lassen um das Passwort nicht zu ändern
save-user = Benutzer speichern
edit-user = Benutzer editieren
make-user-admin = Zum Administrator befördern
make-user-regular = Zurückstufen zum normalen Nutzer
userid = Benutzernummer
statistics = Statistik

36
locales/en/main.ftl
View File

@ -1,36 +0,0 @@
list-links = List of existing links
add-link = Add a new link
invite-user = Invite a new user
list-users = List of existing users
welcome-user = Welcome {$username}
logout = Logout
login = Login
not-found = This Link has not been found or has been deleted
edit-link-headline = Edit link: {$linktitle}
edit-link = Edit link
link-description = Description
link-target = Link target
link-code = Link code
shortlink = Shortlink
danger-zone = Danger Zone!
danger-zone-text = Do not change the code of links that are published. If you do so the published links will become invalid! If you change the target the published links will point to the new target.
save-edits = Save edits
delete-link = Delete this link
user-headline = User Settings of: {$username}
edit-user-headline = Change Settings of: {$username}
username = Username
email = Email
password = Password
password-placeholder = Leave this empty to keep the current password
save-user = Save this user
edit-user = Edit this user
make-user-admin = Promote to admin
make-user-regular = Demote to regular
userid = User ID
statistics = Statistics

0
migrations/20210318172317_initialmigration.sql → migrations/20210318172317_initialmigration.up.sql
View File

4
migrations/20210330103013_addinglanguage.sql
View File

@ -1,4 +0,0 @@
-- Add migration script here
ALTER TABLE users
ADD COLUMN language Text NOT NULL DEFAULT "en";

24
migrations/20210401070030_on_delete_cascade.sql
View File

@ -1,24 +0,0 @@
-- Add migration script here
PRAGMA foreign_keys = off;
CREATE TABLE new_clicks (
id INTEGER PRIMARY KEY NOT NULL,
link INT NOT NULL,
created_at TIMESTAMP NOT NULL,
FOREIGN KEY (link) REFERENCES links (id) ON DELETE CASCADE
);
INSERT INTO
new_clicks
SELECT
*
FROM
clicks;
DROP TABLE clicks;
ALTER TABLE
new_clicks RENAME TO clicks;
PRAGMA foreign_keys = on;

293
sqlx-data.json
View File

@ -1,293 +0,0 @@
{
"db": "SQLite",
"01e68928ea67ef301d8ea72a320fe747dafbfaa398a22731effb93d23ae16a77": {
"query": "UPDATE links SET\n title = ?,\n target = ?,\n code = ?,\n author = ?,\n created_at = ? where id = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 6
},
"nullable": []
}
},
"04640e79c590ae8b845b6281a786ebe72060d02ee98eaec4839d1525bde3b0b5": {
"query": "Select * from links where code = ? ",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Int64"
},
{
"name": "title",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "target",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "code",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "author",
"ordinal": 4,
"type_info": "Int64"
},
{
"name": "created_at",
"ordinal": 5,
"type_info": "Datetime"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
false
]
}
},
"0d5cc1ab073e15c4306ef2bfc89aeefd6daa409766741c21f9eb0115b0f24eb1": {
"query": "UPDATE users SET\n username = ?,\n email = ?,\n password = ?,\n role = ? where id = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 5
},
"nullable": []
}
},
"109ddc9fa55a36541ed1a866d362ff666bb39c3672f72000e786f86b514dc239": {
"query": "Select * from users where id = ? ",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 4,
"type_info": "Int64"
},
{
"name": "language",
"ordinal": 5,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
false
]
}
},
"193ebdfd8bdb96da45f5054f83a6a5e23eaa311e3e5c4139095a3455f4764c64": {
"query": "Select * from users",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 4,
"type_info": "Int64"
},
{
"name": "language",
"ordinal": 5,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
false
]
}
},
"3ad5584fcb0c2685339e471320e8d0c091b684ffe86912a1f2540eee1444889d": {
"query": "Insert into clicks (\n link,\n created_at) VALUES (?,?)",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
}
},
"5919b8824209c31a76178f30b3d52f385931ee0f3aa17e65f8647ad15a3595d8": {
"query": "Insert into links (\n title,\n target,\n code,\n author,\n created_at) VALUES (?,?,?,?,?)",
"describe": {
"columns": [],
"parameters": {
"Right": 5
},
"nullable": []
}
},
"5d892d21ed6b4ccc3ddedb3a7469385f001f6ff9f41b19faa67b754ad8f7fc4b": {
"query": "Insert into users (\n username,\n email,\n password,\n role) VALUES (?,?,?,1)",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
}
},
"77a21769284cb3df457d806d6e04088ae4f99d92c535fd15c79828e46ee3ae6f": {
"query": "UPDATE users SET role = ? where id = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
}
},
"7a52eae6cb72e4daac95a99d15113ab09571329733ea121fecc55d18dfdb1c45": {
"query": "DELETE from links where code = ? ",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
}
},
"8670a2dacd013de68831d0a45d927ea9f473d86100387fc85c9b9802668c3de4": {
"query": "Select * from users where username = ? ",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 4,
"type_info": "Int64"
},
{
"name": "language",
"ordinal": 5,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
false
]
}
},
"9cb2f491eab760ba60ede5b3e730b84d061fc09627579ff05bc63d3e27fe8fb7": {
"query": "select count(*) as number from users where role = 2",
"describe": {
"columns": [
{
"name": "number",
"ordinal": 0,
"type_info": "Int"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false
]
}
},
"ba18635aa20b30d92172fa60fa22c6dba7e5cb2f57106e9d13cdab556af80fd3": {
"query": "UPDATE users SET language = ? where id = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
}
}
}

70
src/bin/pslink/main.rs
View File

@ -1,70 +0,0 @@
extern crate sqlx;
mod cli;
use pslink::ServerConfig;
use tracing::instrument;
use tracing::{subscriber::set_global_default, Subscriber};
use tracing_opentelemetry::OpenTelemetryLayer;
use tracing_subscriber::{layer::SubscriberExt, EnvFilter, Registry};
/// Compose multiple layers into a `tracing`'s subscriber.
#[must_use]
pub fn get_subscriber(name: &str, env_filter: &str) -> impl Subscriber + Send + Sync {
let env_filter =
EnvFilter::try_from_default_env().unwrap_or_else(|_| EnvFilter::new(env_filter));
// Create a jaeger exporter pipeline for a `trace_demo` service.
let tracer = opentelemetry_jaeger::new_pipeline()
.with_service_name(name)
.install_simple()
.expect("Error initializing Jaeger exporter");
let formatting_layer = tracing_subscriber::fmt::layer().with_target(false);
// Create a layer with the configured tracer
let otel_layer = OpenTelemetryLayer::new(tracer);
// Use the tracing subscriber `Registry`, or any other subscriber
// that impls `LookupSpan`
Registry::default()
.with(otel_layer)
.with(env_filter)
.with(formatting_layer)
}
/// Register a subscriber as global default to process span data.
///
/// It should only be called once!
pub fn init_subscriber(subscriber: impl Subscriber + Send + Sync) {
set_global_default(subscriber).expect("Failed to set subscriber");
}
#[instrument]
#[actix_web::main]
async fn main() -> std::result::Result<(), std::io::Error> {
let subscriber = get_subscriber("fhs.li", "info");
init_subscriber(subscriber);
match cli::setup().await {
Ok(Some(server_config)) => {
pslink::webservice(server_config)
.await
.map_err(|e| {
println!("{:?}", e);
std::thread::sleep(std::time::Duration::from_millis(100));
std::process::exit(0);
})
.expect("Failed to launch the service")
.await
}
Ok(None) => {
std::thread::sleep(std::time::Duration::from_millis(100));
std::process::exit(0);
}
Err(e) => {
eprintln!("\nError: {}", e);
std::thread::sleep(std::time::Duration::from_millis(100));
std::process::exit(1);
}
}
}

131
src/bin/pslink/cli.rs → src/cli.rs
View File

@ -10,9 +10,9 @@ use std::{
path::PathBuf,
};
use pslink::{models::NewUser, models::User, ServerConfig, ServerError};
use crate::{models::NewUser, models::User, ServerConfig, ServerError};
use tracing::{error, info, trace, warn};
use slog::{Drain, Logger};
static MIGRATOR: Migrator = sqlx::migrate!();
@ -122,7 +122,7 @@ fn generate_cli() -> App<'static, 'static> {
)
}
async fn parse_args_to_config(config: ArgMatches<'_>) -> ServerConfig {
async fn parse_args_to_config(config: ArgMatches<'_>, log: Logger) -> ServerConfig {
let secret = config
.value_of("secret")
.expect("Failed to read the secret")
@ -132,11 +132,20 @@ async fn parse_args_to_config(config: ArgMatches<'_>) -> ServerConfig {
use rand::{thread_rng, Rng};
if secret.is_empty() {
warn!("No secret was found! Use the environment variable PSLINK_SECRET to set one.");
warn!("If you change the secret all passwords will be invalid");
warn!("Using an auto generated one for this run.");
slog_warn!(
log,
"No secret was found! Use the environment variable PSLINK_SECRET to set one."
);
slog_warn!(
log,
"If you change the secret all passwords will be invalid"
);
slog_warn!(log, "Using an auto generated one for this run.");
} else {
warn!("The provided secret was too short. Using an autogenerated one.")
slog_warn!(
log,
"The provided secret was too short. Using an autogenerated one."
)
}
thread_rng()
@ -147,7 +156,6 @@ async fn parse_args_to_config(config: ArgMatches<'_>) -> ServerConfig {
} else {
secret
};
let secret = pslink::Secret::new(secret);
let db = config
.value_of("database")
.expect(concat!(
@ -184,9 +192,11 @@ async fn parse_args_to_config(config: ArgMatches<'_>) -> ServerConfig {
let protocol = config
.value_of("protocol")
.expect("Failed to read the protocol value")
.parse::<pslink::Protocol>()
.parse::<crate::Protocol>()
.expect("Failed to parse the protocol");
let log = log.new(slog_o!("host" => public_url.clone()));
crate::ServerConfig {
secret,
db,
@ -195,6 +205,7 @@ async fn parse_args_to_config(config: ArgMatches<'_>) -> ServerConfig {
internal_ip,
port,
protocol,
log,
empty_forward_url,
brand_name,
}
@ -203,9 +214,16 @@ async fn parse_args_to_config(config: ArgMatches<'_>) -> ServerConfig {
pub(crate) async fn setup() -> Result<Option<crate::ServerConfig>, ServerError> {
dotenv().ok();
// initiallize the logger
let decorator = slog_term::TermDecorator::new().build();
let drain = slog_term::FullFormat::new(decorator).build().fuse();
let drain = slog_async::Async::new(drain).build().fuse();
let log = slog::Logger::root(drain, slog_o!("name" => "Pslink"));
// Print launch info
info!("Launching Pslink a 'Private short link generator'");
trace!("logging initialized");
slog_info!(log, "Launching Pslink a 'Private short link generator'");
slog_info!(log, "logging initialized");
let app = generate_cli();
@ -220,12 +238,8 @@ pub(crate) async fn setup() -> Result<Option<crate::ServerConfig>, ServerError>
))
.parse::<PathBuf>()
.expect("Failed to parse Database path.");
if !db.exists() {
trace!("No database file found {}", db.display());
if !(config.subcommand_matches("migrate-database").is_none()
| config.subcommand_matches("generate-env").is_none())
{
if config.subcommand_matches("migrate-database").is_none() {
let msg = format!(
concat!(
"Database not found at {}!",
@ -234,16 +248,16 @@ pub(crate) async fn setup() -> Result<Option<crate::ServerConfig>, ServerError>
),
db.display()
);
error!("{}", msg);
slog_error!(log, "{}", msg);
eprintln!("{}", msg);
return Ok(None);
}
trace!("Creating database: {}", db.display());
// create an empty database file. The if above makes sure that this file does not exist.
// create an empty database file the if above makes sure that this file does not exist.
File::create(db)?;
};
let server_config: crate::ServerConfig = parse_args_to_config(config.clone()).await;
let server_config: crate::ServerConfig = parse_args_to_config(config.clone(), log).await;
if let Some(_migrate_config) = config.subcommand_matches("generate-env") {
return match generate_env_file(&server_config) {
@ -268,15 +282,19 @@ pub(crate) async fn setup() -> Result<Option<crate::ServerConfig>, ServerError>
let num_users = User::count_admins(&server_config).await?;
if num_users.number < 1 {
warn!(concat!(
"No admin user created you will not be",
" able to do anything as the service is invite only.",
" Create a user with `pslink create-admin`"
));
} else {
trace!("At least one admin user is found.");
slog_warn!(
&server_config.log,
concat!(
"No admin user created you will not be",
" able to do anything as the service is invite only.",
" Create a user with `pslink create-admin`"
)
);
}
trace!("Initialization finished starting the service.");
slog_info!(
&server_config.log,
"Initialization finished starting the service."
);
Ok(Some(server_config))
} else {
println!("{}", config.usage());
@ -286,7 +304,7 @@ pub(crate) async fn setup() -> Result<Option<crate::ServerConfig>, ServerError>
/// Interactively create a new admin user.
async fn create_admin(config: &ServerConfig) -> Result<(), ServerError> {
info!("Creating an admin user.");
slog_info!(&config.log, "Creating an admin user.");
let sin = io::stdin();
// wait for logging:
@ -303,9 +321,11 @@ async fn create_admin(config: &ServerConfig) -> Result<(), ServerError> {
print!("Please enter the password for {}: ", new_username);
io::stdout().flush().unwrap();
let password = rpassword::read_password().unwrap();
info!(
slog_info!(
&config.log,
"Creating {} ({}) with given password ",
&new_username, &new_email
&new_username,
&new_email
);
let new_admin = NewUser::new(new_username.clone(), new_email.clone(), &password, config)?;
@ -314,13 +334,14 @@ async fn create_admin(config: &ServerConfig) -> Result<(), ServerError> {
let created_user = User::get_user_by_name(&new_username, config).await?;
created_user.toggle_admin(config).await?;
info!("Admin user created: {}", new_username);
slog_info!(&config.log, "Admin user created: {}", new_username);
Ok(())
}
async fn apply_migrations(config: &ServerConfig) -> Result<(), ServerError> {
info!(
slog_info!(
config.log,
"Creating a database file and running the migrations in the file {}:",
&config.db.display()
);
@ -330,25 +351,31 @@ async fn apply_migrations(config: &ServerConfig) -> Result<(), ServerError> {
fn generate_env_file(server_config: &ServerConfig) -> Result<(), ServerError> {
if std::path::Path::new(".env").exists() {
return Err(ServerError::User(
"ERROR: There already is a .env file - ABORT!".to_string(),
));
slog_error!(
server_config.log,
"ERROR: There already is a .env file - ABORT!"
)
} else {
slog_info!(
server_config.log,
"Creating a .env file with default options"
);
slog_info!(
server_config.log,
concat!(
"The SECRET_KEY variable is used for password encryption.",
"If it is changed all existing passwords are invalid."
)
);
let mut file = std::fs::File::create(".env")?;
let conf_file_content = server_config.to_env_strings();
conf_file_content.iter().for_each(|l| {
file.write_all(l.as_bytes())
.expect("failed to write .env file")
});
slog_info!(server_config.log, "Successfully created the env file!")
}
info!(
r#"Creating a .env file with default options
The SECRET_KEY variable is used for password encryption.
If it is changed all existing passwords are invalid."#
);
let mut file = std::fs::File::create(".env")?;
let conf_file_content = server_config.to_env_strings();
for line in &conf_file_content {
file.write_all(line.as_bytes())
.expect("failed to write .env file")
}
info!("Successfully created the env file!");
Ok(())
}

339
src/lib.rs → src/main.rs
View File

@ -1,135 +1,133 @@
extern crate sqlx;
#[allow(unused_imports)]
#[macro_use(
slog_o,
slog_info,
slog_warn,
slog_error,
slog_log,
slog_record,
slog_record_static,
slog_b,
slog_kv
)]
extern crate slog;
extern crate slog_async;
pub mod forms;
mod cli;
mod forms;
pub mod models;
pub mod queries;
mod queries;
mod views;
use std::{fmt::Display, path::PathBuf, str::FromStr};
use actix_identity::{CookieIdentityPolicy, IdentityService};
use actix_web::HttpResponse;
use actix_web::{web, App, HttpServer};
use fluent_templates::{static_loader, FluentLoader};
use actix_web::{web, App, HttpResponse, HttpServer};
use qrcode::types::QrError;
use sqlx::{Pool, Sqlite};
use std::{fmt::Display, path::PathBuf, str::FromStr};
use tera::Tera;
use thiserror::Error;
use tracing::instrument;
use tracing::{error, info, trace};
use tracing_actix_web::TracingLogger;
#[derive(Error, Debug)]
#[derive(Debug)]
pub enum ServerError {
#[error("Failed to encrypt the password {0} - aborting!")]
Argonautica(argonautica::Error),
#[error("The database could not be used: {0}")]
Database(#[from] sqlx::Error),
#[error("The database could not be migrated: {0}")]
DatabaseMigration(#[from] sqlx::migrate::MigrateError),
#[error("The environment file could not be read")]
Environment(#[from] std::env::VarError),
#[error("The templates could not be rendered correctly: {0}")]
Template(#[from] tera::Error),
#[error("The qr-code could not be generated: {0}")]
Qr(#[from] QrError),
#[error("Some error happened during input and output: {0}")]
Io(#[from] std::io::Error),
#[error("Error: {0}")]
Argonautic,
Database(sqlx::Error),
DatabaseMigration(sqlx::migrate::MigrateError),
Environment,
Template(tera::Error),
Qr(QrError),
Io(std::io::Error),
User(String),
}
impl From<argonautica::Error> for ServerError {
fn from(e: argonautica::Error) -> Self {
Self::Argonautica(e)
}
}
impl ServerError {
fn render_error(title: &str, content: &str) -> String {
format!(
"<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"utf-8\">
<title>{0}</title>
<meta name=\"author\" content=\"Franz Dietrich\">
<meta http-equiv=\"robots\" content=\"[noindex|nofollow]\">
<link rel=\"stylesheet\" href=\"/static/style.css\">
</head>
<body>
<section class=\"centered\">
<h1>{0}</h1>
<div class=\"container\">
{1}
</div>
</section>
</body>
</html>",
title, content
)
impl std::fmt::Display for ServerError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Argonautic => write!(f, "Argonautica Error"),
Self::Database(e) => write!(f, "Database Error: {}", e),
Self::DatabaseMigration(e) => {
write!(f, "Migration Error: {}", e)
}
Self::Environment => write!(f, "Environment Error"),
Self::Template(e) => write!(f, "Template Error: {:?}", e),
Self::Qr(e) => write!(f, "Qr Code Error: {:?}", e),
Self::Io(e) => write!(f, "IO Error: {:?}", e),
Self::User(data) => write!(f, "{}", data),
}
}
}
impl actix_web::error::ResponseError for ServerError {
fn error_response(&self) -> HttpResponse {
match self {
Self::Argonautica(e) => {
eprintln!("Argonautica Error happened: {:?}", e);
HttpResponse::InternalServerError()
.body("Failed to encrypt the password - Aborting!")
}
Self::Argonautic => HttpResponse::InternalServerError().json("Argonautica Error"),
Self::Database(e) => {
eprintln!("Database Error happened: {:?}", e);
HttpResponse::InternalServerError().body(&Self::render_error(
"Server Error",
"Database could not be accessed! - It could be that this value already was in the database! If you are the admin look into the logs for a more detailed error.",
))
HttpResponse::InternalServerError().json(format!("Diesel Error: {:?}", e))
}
Self::DatabaseMigration(e) => {
eprintln!("Migration Error happened: {:?}", e);
Self::DatabaseMigration(_) => {
unimplemented!("A migration error should never be rendered")
}
Self::Environment(e) => {
eprintln!("Environment Error happened: {:?}", e);
HttpResponse::InternalServerError().body(&Self::render_error(
"Server Error",
"This Server is not properly configured, if you are the admin look into the installation- or update instructions!",
))
}
Self::Environment => HttpResponse::InternalServerError().json("Environment Error"),
Self::Template(e) => {
eprintln!("Template Error happened: {:?}", e);
HttpResponse::InternalServerError().body(&Self::render_error(
"Server Error",
"The templates could not be rendered.",
))
HttpResponse::InternalServerError().json(format!("Template Error: {:?}", e))
}
Self::Qr(e) => {
eprintln!("QR Error happened: {:?}", e);
HttpResponse::InternalServerError().body(&Self::render_error(
"Server Error",
"Could not generate the QR-code!",
))
}
Self::Io(e) => {
eprintln!("Io Error happened: {:?}", e);
HttpResponse::InternalServerError().body(&Self::render_error(
"Server Error",
"Some Files could not be read or written. If you are the admin look into the logfiles for more details.",
))
}
Self::User(data) => {
eprintln!("User Error happened: {:?}", data);
HttpResponse::InternalServerError().body(&Self::render_error(
"Server Error",
&format!("An error happened: {}", data),
))
HttpResponse::InternalServerError().json(format!("Qr Code Error: {:?}", e))
}
Self::Io(e) => HttpResponse::InternalServerError().json(format!("IO Error: {:?}", e)),
Self::User(data) => HttpResponse::InternalServerError().json(data),
}
}
}
impl From<std::env::VarError> for ServerError {
fn from(e: std::env::VarError) -> Self {
eprintln!("Environment error {:?}", e);
Self::Environment
}
}
impl From<sqlx::Error> for ServerError {
fn from(err: sqlx::Error) -> Self {
eprintln!("Database error {:?}", err);
Self::Database(err)
}
}
impl From<sqlx::migrate::MigrateError> for ServerError {
fn from(err: sqlx::migrate::MigrateError) -> Self {
eprintln!("Database error {:?}", err);
Self::DatabaseMigration(err)
}
}
impl From<argonautica::Error> for ServerError {
fn from(e: argonautica::Error) -> Self {
eprintln!("Authentication error {:?}", e);
Self::Argonautic
}
}
impl From<tera::Error> for ServerError {
fn from(e: tera::Error) -> Self {
eprintln!("Template error {:?}", e);
Self::Template(e)
}
}
impl From<QrError> for ServerError {
fn from(e: QrError) -> Self {
eprintln!("Template error {:?}", e);
Self::Qr(e)
}
}
impl From<std::io::Error> for ServerError {
fn from(e: std::io::Error) -> Self {
eprintln!("IO error {:?}", e);
Self::Io(e)
}
}
#[derive(Debug, Clone)]
pub enum Protocol {
enum Protocol {
Http,
Https,
}
@ -155,45 +153,21 @@ impl FromStr for Protocol {
}
}
#[derive(Clone)]
pub struct Secret {
secret: String,
}
impl Secret {
#[must_use]
pub const fn new(secret: String) -> Self {
Self { secret }
}
}
impl std::fmt::Debug for Secret {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
f.write_str("*****SECRET*****")
}
}
impl std::fmt::Display for Secret {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
f.write_str("*****SECRET*****")
}
}
#[derive(Debug, Clone)]
pub struct ServerConfig {
pub secret: Secret,
pub db: PathBuf,
pub db_pool: Pool<Sqlite>,
pub public_url: String,
pub internal_ip: String,
pub port: u32,
pub protocol: Protocol,
pub empty_forward_url: String,
pub brand_name: String,
pub(crate) struct ServerConfig {
secret: String,
db: PathBuf,
db_pool: Pool<Sqlite>,
public_url: String,
internal_ip: String,
port: u32,
protocol: Protocol,
log: slog::Logger,
empty_forward_url: String,
brand_name: String,
}
impl ServerConfig {
#[must_use]
pub fn to_env_strings(&self) -> Vec<String> {
vec![
format!("PSLINK_DATABASE=\"{}\"\n", self.db.display()),
@ -208,27 +182,15 @@ impl ServerConfig {
"# If it is changed all existing passwords are invalid.\n"
)
.to_owned(),
format!("PSLINK_SECRET=\"{}\"\n", self.secret.secret),
format!("PSLINK_SECRET=\"{}\"\n", self.secret),
]
}
}
include!(concat!(env!("OUT_DIR"), "/generated.rs"));
static_loader! {
static LOCALES = {
locales: "./locales",
fallback_language: "en",
};
}
#[instrument]
fn build_tera() -> Result<Tera, ServerError> {
fn build_tera() -> Tera {
let mut tera = Tera::default();
// Add translation support
tera.register_function("fluent", FluentLoader::new(&*LOCALES));
tera.add_raw_templates(vec![
("admin.html", include_str!("../templates/admin.html")),
("base.html", include_str!("../templates/base.html")),
@ -263,43 +225,42 @@ fn build_tera() -> Result<Tera, ServerError> {
"view_profile.html",
include_str!("../templates/view_profile.html"),
),
])?;
Ok(tera)
])
.expect("failed to parse templates");
tera
}
/// Launch the pslink-webservice
///
/// # Errors
/// This produces a [`ServerError`] if:
/// * Tera failed to build its templates
/// * The server failed to bind to the designated port.
#[allow(clippy::future_not_send, clippy::too_many_lines)]
pub async fn webservice(
server_config: ServerConfig,
) -> Result<actix_web::dev::Server, std::io::Error> {
#[allow(clippy::future_not_send)]
async fn webservice(server_config: ServerConfig) -> std::io::Result<()> {
let host_port = format!("{}:{}", &server_config.internal_ip, &server_config.port);
info!(
"Running on: {}://{}/admin/login/",
&server_config.protocol, host_port
);
info!(
"If the public url is set up correctly it should be accessible via: {}://{}/admin/login/",
&server_config.protocol, &server_config.public_url
);
let tera = build_tera().expect("Failed to build Templates");
trace!("The tera templates are ready");
let server = HttpServer::new(move || {
slog_info!(
server_config.log,
"Running on: {}://{}/admin/login/",
&server_config.protocol,
host_port
);
slog_info!(
server_config.log,
"If the public url is set up correctly it should be accessible via: {}://{}/admin/login/",
&server_config.protocol,
&server_config.public_url
);
HttpServer::new(move || {
let tera = build_tera(); //Tera::new("templates/**/*").expect("failed to initialize the templates");
let generated = generate();
App::new()
.data(server_config.clone())
.wrap(TracingLogger)
.wrap(actix_slog::StructuredLogger::new(
server_config.log.new(slog_o!("log_type" => "access")),
))
.wrap(IdentityService::new(
CookieIdentityPolicy::new(&[0; 32])
.name("auth-cookie")
.secure(false),
))
.data(tera.clone())
.data(tera)
.service(actix_web_static_files::ResourceFiles::new(
"/static", generated,
))
@ -350,11 +311,7 @@ pub async fn webservice(
web::post().to(views::process_edit_profile),
),
)
.route("/set_admin/{user_id}", web::get().to(views::toggle_admin))
.route(
"/set_language/{language}",
web::get().to(views::set_language),
),
.route("/set_admin/{user_id}", web::get().to(views::toggle_admin)),
)
.service(
web::scope("/delete").service(
@ -373,11 +330,23 @@ pub async fn webservice(
// redirect to the url hidden behind the code
.route("/{redirect_id}", web::get().to(views::redirect))
})
.bind(host_port)
.map_err(|e| {
error!("Failed to bind to port!");
e
})?
.run();
Ok(server)
.bind(host_port)?
.run()
.await
}
#[actix_web::main]
async fn main() -> Result<(), std::io::Error> {
match cli::setup().await {
Ok(Some(server_config)) => webservice(server_config).await,
Ok(None) => {
std::thread::sleep(std::time::Duration::from_millis(100));
std::process::exit(0);
}
Err(e) => {
eprintln!("\nError: {}", e);
std::thread::sleep(std::time::Duration::from_millis(100));
std::process::exit(1);
}
}
}

60
src/models.rs
View File

@ -11,7 +11,6 @@ pub struct User {
pub email: String,
pub password: String,
pub role: i64,
pub language: String,
}
impl User {
@ -24,12 +23,7 @@ impl User {
.await;
user.map_err(ServerError::Database)
}
/// get a user by its username
///
/// # Errors
/// fails with [`ServerError`] if the user does not exist or the database cannot be acessed.
pub async fn get_user_by_name(
pub(crate) async fn get_user_by_name(
name: &str,
server_config: &ServerConfig,
) -> Result<Self, ServerError> {
@ -68,11 +62,10 @@ impl User {
.await?;
Ok(())
}
/// Change an admin user to normal user and a normal user to admin
///
/// # Errors
/// fails with [`ServerError`] if the database cannot be acessed. (the user should exist)
pub async fn toggle_admin(self, server_config: &ServerConfig) -> Result<(), ServerError> {
pub(crate) async fn toggle_admin(
self,
server_config: &ServerConfig,
) -> Result<(), ServerError> {
let new_role = 2 - (self.role + 1) % 2;
sqlx::query!("UPDATE users SET role = ? where id = ?", new_role, self.id)
.execute(&server_config.db_pool)
@ -80,28 +73,7 @@ impl User {
Ok(())
}
pub(crate) async fn set_language(
self,
server_config: &ServerConfig,
new_language: &str,
) -> Result<(), ServerError> {
sqlx::query!(
"UPDATE users SET language = ? where id = ?",
new_language,
self.id
)
.execute(&server_config.db_pool)
.await?;
Ok(())
}
/// Count the admin accounts
///
/// this is usefull for determining if any admins exist at all.
///
/// # Errors
/// fails with [`ServerError`] if the database cannot be acessed.
pub async fn count_admins(server_config: &ServerConfig) -> Result<Count, ServerError> {
pub(crate) async fn count_admins(server_config: &ServerConfig) -> Result<Count, ServerError> {
let num = sqlx::query_as!(Count, "select count(*) as number from users where role = 2")
.fetch_one(&server_config.db_pool)
.await?;
@ -117,11 +89,7 @@ pub struct NewUser {
}
impl NewUser {
/// Create a new user that can then be inserted in the database
///
/// # Errors
/// fails with [`ServerError`] if the password could not be encrypted.
pub fn new(
pub(crate) fn new(
username: String,
email: String,
password: &str,
@ -146,17 +114,15 @@ impl NewUser {
let hash = Hasher::default()
.with_password(password)
.with_secret_key(&secret.secret)
.with_secret_key(secret)
.hash()?;
Ok(hash)
}
/// Insert this user into the database
///
/// # Errors
/// fails with [`ServerError`] if the database cannot be acessed.
pub async fn insert_user(&self, server_config: &ServerConfig) -> Result<(), ServerError> {
pub(crate) async fn insert_user(
&self,
server_config: &ServerConfig,
) -> Result<(), ServerError> {
sqlx::query!(
"Insert into users (
username,
@ -197,7 +163,7 @@ impl Link {
let link = sqlx::query_as!(Self, "Select * from links where code = ? ", code)
.fetch_one(&server_config.db_pool)
.await;
tracing::info!("Found link: {:?}", &link);
slog_info!(server_config.log, "Found link: {:?}", &link);
link.map_err(ServerError::Database)
}

144
src/queries.rs
View File

@ -1,7 +1,6 @@
use actix_identity::Identity;
use actix_web::web;
use serde::Serialize;
use tracing::info;
use super::models::{Count, Link, NewUser, User};
use crate::{
@ -31,10 +30,7 @@ impl Role {
}
/// queries the user matching the given [`actix_identity::Identity`] and determins its authentication and permission level. Returns a [`Role`] containing the user if it is authenticated.
///
/// # Errors
/// Fails only if there are issues using the database.
pub async fn authenticate(
pub(crate) async fn authenticate(
id: &Identity,
server_config: &ServerConfig,
) -> Result<Role, ServerError> {
@ -66,10 +62,7 @@ pub struct FullLink {
}
/// Returns a List of `FullLink` meaning `Links` enriched by their author and statistics. This returns all links if the user is either Admin or Regular user.
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails.
pub async fn list_all_allowed(
pub(crate) async fn list_all_allowed(
id: &Identity,
server_config: &ServerConfig,
) -> Result<List<FullLink>, ServerError> {
@ -88,7 +81,6 @@ pub async fn list_all_allowed(
users.username as usern,
users.email as uemail,
users.role as urole,
users.language as ulang,
count(clicks.id) as counter
from
links
@ -115,7 +107,6 @@ pub async fn list_all_allowed(
email: v.get("uemail"),
password: "invalid".to_owned(),
role: v.get("urole"),
language: v.get("ulang"),
},
clicks: Count {
number: v.get("counter"), /* count is never None */
@ -133,10 +124,7 @@ pub async fn list_all_allowed(
}
/// Only admins can list all users
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails or this user does not have permissions.
pub async fn list_users(
pub(crate) async fn list_users(
id: &Identity,
server_config: &ServerConfig,
) -> Result<List<User>, ServerError> {
@ -161,18 +149,15 @@ pub struct Item<T> {
}
/// Get a user if permissions are accordingly
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails or this user does not have permissions.
#[allow(clippy::clippy::missing_panics_doc)]
pub async fn get_user(
pub(crate) async fn get_user(
id: &Identity,
user_id: &str,
server_config: &ServerConfig,
) -> Result<Item<User>, ServerError> {
if let Ok(uid) = user_id.parse::<i64>() {
info!("Getting user {}", uid);
slog_info!(server_config.log, "Getting user {}", uid);
let auth = authenticate(id, server_config).await?;
slog_info!(server_config.log, "{:?}", &auth);
if auth.admin_or_self(uid) {
match auth {
Role::Admin { user } | Role::Regular { user } => {
@ -195,10 +180,7 @@ pub async fn get_user(
}
/// Get a user **without permission checks** (needed for login)
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails.
pub async fn get_user_by_name(
pub(crate) async fn get_user_by_name(
username: &str,
server_config: &ServerConfig,
) -> Result<User, ServerError> {
@ -206,16 +188,12 @@ pub async fn get_user_by_name(
Ok(user)
}
/// Create a new user and save it to the database
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails, this user does not have permissions or the user already exists.
pub async fn create_user(
pub(crate) async fn create_user(
id: &Identity,
data: &web::Form<NewUser>,
server_config: &ServerConfig,
) -> Result<Item<User>, ServerError> {
info!("Creating a User: {:?}", &data);
slog_info!(server_config.log, "Creating a User: {:?}", &data);
let auth = authenticate(id, server_config).await?;
match auth {
Role::Admin { user } => {
@ -243,11 +221,7 @@ pub async fn create_user(
/// Take a [`actix_web::web::Form<NewUser>`] and update the corresponding entry in the database.
/// The password is only updated if a new password of at least 4 characters is provided.
/// The `user_id` is never changed.
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails, this user does not have permissions, or the given data is malformed.
#[allow(clippy::clippy::missing_panics_doc)]
pub async fn update_user(
pub(crate) async fn update_user(
id: &Identity,
user_id: &str,
server_config: &ServerConfig,
@ -259,7 +233,7 @@ pub async fn update_user(
if auth.admin_or_self(uid) {
match auth {
Role::Admin { .. } | Role::Regular { .. } => {
info!("Updating userinfo: ");
slog_info!(server_config.log, "Updating userinfo: ");
let password = if data.password.len() > 3 {
NewUser::hash_password(&data.password, server_config)?
} else {
@ -271,7 +245,6 @@ pub async fn update_user(
email: data.email.clone(),
password,
role: unmodified_user.role,
language: unmodified_user.language,
};
new_user.update_user(server_config).await?;
let changed_user = User::get_user(uid, server_config).await?;
@ -291,11 +264,8 @@ pub async fn update_user(
Err(ServerError::User("Permission denied".to_owned()))
}
}
/// Demote an admin user to a normal user or promote a normal user to admin privileges.
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails, this user does not have permissions or the user does not exist.
pub async fn toggle_admin(
pub(crate) async fn toggle_admin(
id: &Identity,
user_id: &str,
server_config: &ServerConfig,
@ -304,17 +274,21 @@ pub async fn toggle_admin(
let auth = authenticate(id, server_config).await?;
match auth {
Role::Admin { .. } => {
info!("Changing administrator priviledges: ");
slog_info!(server_config.log, "Changing administrator priviledges: ");
let unchanged_user = User::get_user(uid, server_config).await?;
let old = unchanged_user.role;
unchanged_user.toggle_admin(server_config).await?;
info!("Toggling role: old was {}", old);
slog_info!(server_config.log, "Toggling role: old was {}", old);
let changed_user = User::get_user(uid, server_config).await?;
info!("Toggled role: new is {}", changed_user.role);
slog_info!(
server_config.log,
"Toggled role: new is {}",
changed_user.role
);
Ok(Item {
user: changed_user.clone(),
item: changed_user,
@ -329,35 +303,8 @@ pub async fn toggle_admin(
}
}
/// Set the language of a given user
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails, this user does not have permissions or the language given is invalid.
pub async fn set_language(
id: &Identity,
lang_code: &str,
server_config: &ServerConfig,
) -> Result<(), ServerError> {
match lang_code {
"de" | "en" => match authenticate(id, server_config).await? {
Role::Admin { user } | Role::Regular { user } => {
user.set_language(server_config, lang_code).await
}
Role::Disabled | Role::NotAuthenticated => {
Err(ServerError::User("Not Allowed".to_owned()))
}
},
_ => Err(ServerError::User(
"This language is not supported!".to_owned(),
)),
}
}
/// Get one link if permissions are accordingly.
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails or this user does not have permissions.
pub async fn get_link(
pub(crate) async fn get_link(
id: &Identity,
link_code: &str,
server_config: &ServerConfig,
@ -372,36 +319,29 @@ pub async fn get_link(
}
/// Get link **without authentication**
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails.
pub async fn get_link_simple(
pub(crate) async fn get_link_simple(
link_code: &str,
server_config: &ServerConfig,
) -> Result<Link, ServerError> {
info!("Getting link for {:?}", link_code);
slog_info!(server_config.log, "Getting link for {:?}", link_code);
let link = Link::get_link_by_code(link_code, server_config).await?;
info!("Foun d link for {:?}", link);
slog_info!(server_config.log, "Foun d link for {:?}", link);
Ok(link)
}
/// Click on a link
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails.
pub async fn click_link(link_id: i64, server_config: &ServerConfig) -> Result<(), ServerError> {
info!("Clicking on {:?}", link_id);
pub(crate) async fn click_link(
link_id: i64,
server_config: &ServerConfig,
) -> Result<(), ServerError> {
slog_info!(server_config.log, "Clicking on {:?}", link_id);
let new_click = NewClick::new(link_id);
new_click.insert_click(server_config).await?;
Ok(())
}
/// Delete a link
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails or this user does not have permissions.
pub async fn delete_link(
/// Click on a link
pub(crate) async fn delete_link(
id: &Identity,
link_code: &str,
server_config: &ServerConfig,
@ -417,16 +357,18 @@ pub async fn delete_link(
}
/// Update a link if the user is admin or it is its own link.
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails or this user does not have permissions.
pub async fn update_link(
pub(crate) async fn update_link(
id: &Identity,
link_code: &str,
data: web::Form<LinkForm>,
server_config: &ServerConfig,
) -> Result<Item<Link>, ServerError> {
info!("Changing link to: {:?} {:?}", &data, &link_code);
slog_info!(
server_config.log,
"Changing link to: {:?} {:?}",
&data,
&link_code
);
let auth = authenticate(id, server_config).await?;
match auth {
Role::Admin { .. } | Role::Regular { .. } => {
@ -451,11 +393,7 @@ pub async fn update_link(
}
}
/// Create a new link
///
/// # Errors
/// Fails with [`ServerError`] if access to the database fails or this user does not have permissions.
pub async fn create_link(
pub(crate) async fn create_link(
id: &Identity,
data: web::Form<LinkForm>,
server_config: &ServerConfig,
@ -464,9 +402,9 @@ pub async fn create_link(
match auth {
Role::Admin { user } | Role::Regular { user } => {
let code = data.code.clone();
info!("Creating link for: {}", &code);
slog_info!(server_config.log, "Creating link for: {}", &code);
let new_link = NewLink::from_link_form(data.into_inner(), user.id);
info!("Creating link for: {:?}", &new_link);
slog_info!(server_config.log, "Creating link for: {:?}", &new_link);
new_link.insert(server_config).await?;
let new_link = get_link_simple(&code, server_config).await?;

188
src/views.rs
View File

@ -3,26 +3,18 @@ use std::time::SystemTime;
use actix_identity::Identity;
use actix_web::{
http::header::{CacheControl, CacheDirective, ContentType, Expires},
web, HttpRequest, HttpResponse,
web, HttpResponse,
};
use argonautica::Verifier;
use fluent_langneg::{
convert_vec_str_to_langids_lossy, negotiate_languages, parse_accepted_languages,
NegotiationStrategy,
};
use fluent_templates::LanguageIdentifier;
use image::{DynamicImage, ImageOutputFormat, Luma};
use qrcode::{render::svg, QrCode};
use queries::{authenticate, Role};
use tera::{Context, Tera};
use tracing::{info, instrument, trace, warn};
use crate::forms::LinkForm;
use crate::models::{LoginUser, NewUser};
use super::forms::LinkForm;
use super::models::{LoginUser, NewUser};
use crate::queries;
use crate::ServerError;
#[instrument]
fn redirect_builder(target: &str) -> HttpResponse {
HttpResponse::SeeOther()
.set(CacheControl(vec![
@ -35,39 +27,8 @@ fn redirect_builder(target: &str) -> HttpResponse {
.body(format!("Redirect to {}", target))
}
#[instrument]
fn detect_language(request: &HttpRequest) -> Result<String, ServerError> {
let requested = parse_accepted_languages(
request
.headers()
.get(actix_web::http::header::ACCEPT_LANGUAGE)
.ok_or_else(|| ServerError::User("Failed to get Accept_Language".to_owned()))?
.to_str()
.map_err(|_| {
ServerError::User("Failed to convert Accept_language to str".to_owned())
})?,
);
let available = convert_vec_str_to_langids_lossy(&["de", "en"]);
let default: LanguageIdentifier = "en"
.parse()
.map_err(|_| ServerError::User("Failed to parse a langid.".to_owned()))?;
let supported = negotiate_languages(
&requested,
&available,
Some(&default),
NegotiationStrategy::Filtering,
);
let languagecode = supported
.get(0)
.map_or("en".to_string(), std::string::ToString::to_string);
Ok(languagecode)
}
/// Show the list of all available links if a user is authenticated
#[instrument(skip(id, tera))]
pub async fn index(
pub(crate) async fn index(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -85,8 +46,7 @@ pub async fn index(
}
/// Show the list of all available links if a user is authenticated
#[instrument(skip(id, tera))]
pub async fn index_users(
pub(crate) async fn index_users(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -103,9 +63,7 @@ pub async fn index_users(
Ok(redirect_builder("/admin/login"))
}
}
#[instrument(skip(id, tera))]
pub async fn view_link_empty(
pub(crate) async fn view_link_empty(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -113,8 +71,7 @@ pub async fn view_link_empty(
view_link(tera, config, id, web::Path::from("".to_owned())).await
}
#[instrument(skip(id, tera))]
pub async fn view_link(
pub(crate) async fn view_link(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -153,14 +110,13 @@ pub async fn view_link(
}
}
#[instrument(skip(id, tera))]
pub async fn view_profile(
pub(crate) async fn view_profile(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
id: Identity,
user_id: web::Path<String>,
) -> Result<HttpResponse, ServerError> {
info!("Viewing Profile!");
slog_info!(config.log, "Viewing Profile!");
if let Ok(query) = queries::get_user(&id, &user_id.0, &config).await {
let mut data = Context::new();
data.insert("user", &query.user);
@ -181,14 +137,13 @@ pub async fn view_profile(
}
}
#[instrument(skip(id, tera))]
pub async fn edit_profile(
pub(crate) async fn edit_profile(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
id: Identity,
user_id: web::Path<String>,
) -> Result<HttpResponse, ServerError> {
info!("Editing Profile!");
slog_info!(config.log, "Editing Profile!");
if let Ok(query) = queries::get_user(&id, &user_id.0, &config).await {
let mut data = Context::new();
data.insert("user", &query.user);
@ -208,22 +163,23 @@ pub async fn edit_profile(
}
}
#[instrument(skip(id))]
pub async fn process_edit_profile(
pub(crate) async fn process_edit_profile(
data: web::Form<NewUser>,
config: web::Data<crate::ServerConfig>,
id: Identity,
user_id: web::Path<String>,
) -> Result<HttpResponse, ServerError> {
let query = queries::update_user(&id, &user_id.0, &config, &data).await?;
Ok(redirect_builder(&format!(
"admin/view/profile/{}",
query.user.username
)))
if let Ok(query) = queries::update_user(&id, &user_id.0, &config, &data).await {
Ok(redirect_builder(&format!(
"admin/view/profile/{}",
query.user.username
)))
} else {
Ok(redirect_builder("/admin/index/"))
}
}
#[instrument(skip(id))]
pub async fn download_png(
pub(crate) async fn download_png(
id: Identity,
config: web::Data<crate::ServerConfig>,
link_code: web::Path<String>,
@ -247,8 +203,7 @@ pub async fn download_png(
}
}
#[instrument(skip(id, tera))]
pub async fn signup(
pub(crate) async fn signup(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -268,23 +223,20 @@ pub async fn signup(
}
}
#[instrument(skip(id))]
pub async fn process_signup(
pub(crate) async fn process_signup(
data: web::Form<NewUser>,
config: web::Data<crate::ServerConfig>,
id: Identity,
) -> Result<HttpResponse, ServerError> {
info!("Creating a User: {:?}", &data);
match queries::create_user(&id, &data, &config).await {
Ok(item) => {
Ok(HttpResponse::Ok().body(format!("Successfully saved user: {}", item.item.username)))
}
Err(e) => Err(e),
slog_info!(config.log, "Creating a User: {:?}", &data);
if let Ok(item) = queries::create_user(&id, &data, &config).await {
Ok(HttpResponse::Ok().body(format!("Successfully saved user: {}", item.item.username)))
} else {
Ok(redirect_builder("/admin/login/"))
}
}
#[instrument(skip(id))]
pub async fn toggle_admin(
pub(crate) async fn toggle_admin(
data: web::Path<String>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -296,52 +248,22 @@ pub async fn toggle_admin(
)))
}
#[instrument(skip(id))]
pub async fn set_language(
data: web::Path<String>,
config: web::Data<crate::ServerConfig>,
id: Identity,
) -> Result<HttpResponse, ServerError> {
queries::set_language(&id, &data.0, &config).await?;
Ok(redirect_builder("/admin/index/"))
}
#[instrument(skip(tera, id))]
pub async fn login(
pub(crate) async fn login(
tera: web::Data<Tera>,
id: Identity,
config: web::Data<crate::ServerConfig>,
req: HttpRequest,
) -> Result<HttpResponse, ServerError> {
let language_code = detect_language(&req).unwrap_or_else(|_| "en".to_string());
info!("Detected languagecode: {}", &language_code);
let mut data = Context::new();
data.insert("title", "Login");
data.insert("language", &language_code);
if id.identity().is_some() {
if let Ok(r) = authenticate(&id, &config).await {
match r {
Role::Admin { user } | Role::Regular { user } => {
trace!(
"This user ({}) is already logged in redirecting to /admin/index/",
user.username
);
return Ok(redirect_builder("/admin/index/"));
}
Role::Disabled | Role::NotAuthenticated => (),
}
}
warn!("Invalid user session. The user might be deleted or something tampered with the cookies.");
id.forget();
if let Some(_id) = id.identity() {
return Ok(redirect_builder("/admin/index/"));
}
let rendered = tera.render("login.html", &data)?;
Ok(HttpResponse::Ok().body(rendered))
}
#[instrument(skip(id))]
pub async fn process_login(
pub(crate) async fn process_login(
data: web::Form<LoginUser>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -354,11 +276,11 @@ pub async fn process_login(
let valid = Verifier::default()
.with_hash(&u.password)
.with_password(&data.password)
.with_secret_key(&secret.secret)
.with_secret_key(secret)
.verify()?;
if valid {
info!("Log-in of user: {}", &u.username);
slog_info!(config.log, "Log-in of user: {}", &u.username);
let session_token = u.username;
id.remember(session_token);
Ok(redirect_builder("/admin/index/"))
@ -367,43 +289,40 @@ pub async fn process_login(
}
}
Err(e) => {
info!("Failed to login: {}", e);
slog_info!(config.log, "Failed to login: {}", e);
Ok(redirect_builder("/admin/login/"))
}
}
}
#[instrument(skip(id))]
pub async fn logout(id: Identity) -> Result<HttpResponse, ServerError> {
info!("Logging out the user");
pub(crate) async fn logout(id: Identity) -> Result<HttpResponse, ServerError> {
id.forget();
Ok(redirect_builder("/admin/login/"))
}
#[instrument]
pub async fn redirect(
pub(crate) async fn redirect(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
data: web::Path<String>,
req: HttpRequest,
) -> Result<HttpResponse, ServerError> {
info!("Redirecting to {:?}", data);
slog_info!(config.log, "Redirecting to {:?}", data);
let link = queries::get_link_simple(&data.0, &config).await;
info!("link: {:?}", link);
slog_info!(config.log, "link: {:?}", link);
match link {
Ok(link) => {
queries::click_link(link.id, &config).await?;
Ok(redirect_builder(&link.target))
}
Err(ServerError::Database(e)) => {
info!(
slog_info!(
config.log,
"Link was not found: http://{}/{} \n {}",
&config.public_url, &data.0, e
&config.public_url,
&data.0,
e
);
let mut data = Context::new();
data.insert("title", "Wurde gel\u{f6}scht");
let language = detect_language(&req).unwrap_or_else(|_| "en".to_string());
data.insert("language", &language);
let rendered = tera.render("not_found.html", &data)?;
Ok(HttpResponse::NotFound().body(rendered))
}
@ -411,15 +330,13 @@ pub async fn redirect(
}
}
#[instrument]
pub async fn redirect_empty(
pub(crate) async fn redirect_empty(
config: web::Data<crate::ServerConfig>,
) -> Result<HttpResponse, ServerError> {
Ok(redirect_builder(&config.empty_forward_url))
}
#[instrument(skip(id))]
pub async fn create_link(
pub(crate) async fn create_link(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -439,8 +356,7 @@ pub async fn create_link(
}
}
#[instrument(skip(id))]
pub async fn process_link_creation(
pub(crate) async fn process_link_creation(
data: web::Form<LinkForm>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -452,8 +368,7 @@ pub async fn process_link_creation(
)))
}
#[instrument(skip(id))]
pub async fn edit_link(
pub(crate) async fn edit_link(
tera: web::Data<Tera>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -470,7 +385,7 @@ pub async fn edit_link(
}
Ok(redirect_builder("/admin/login/"))
}
pub async fn process_link_edit(
pub(crate) async fn process_link_edit(
data: web::Form<LinkForm>,
config: web::Data<crate::ServerConfig>,
id: Identity,
@ -485,8 +400,7 @@ pub async fn process_link_edit(
}
}
#[instrument(skip(id))]
pub async fn process_link_delete(
pub(crate) async fn process_link_delete(
id: Identity,
config: web::Data<crate::ServerConfig>,
link_code: web::Path<String>,

17
templates/admin.html
View File

@ -11,19 +11,14 @@
<div class="admin">
<nav>
<ol>
<li><a href="/admin/index/">{{ fluent(key="list-links", lang=user.language) }}</a>
</li>
<li><a href="/admin/submit/">{{ fluent(key="add-link", lang=user.language) }}</a></li>
{% if user.role == 2 %}<li><a href="/admin/signup/">{{ fluent(key="invite-user", lang=user.language) }}</a>
</li>
<li><a href="/admin/view/users/">{{ fluent(key="list-users", lang=user.language) }}</a></li>{% endif %}
<li style="float:right"><a href="/admin/logout/">{{ fluent(key="logout", lang=user.language) }}</a></li>
<li><a href="/admin/index/">Link Liste</a></li>
<li><a href="/admin/submit/">Link Hinzufügen</a></li>
{% if user.role == 2 %}<li><a href="/admin/signup/">Einladen</a></li>
<li><a href="/admin/view/users/">Benutzer</a></li>{% endif %}
<li style="float:right"><a href="/admin/logout/">Abmelden</a></li>
<li style="float:right">
<div class="willkommen">{{ fluent(key="welcome-user", lang=user.language, username=user.username) }}
</div>
<div class="willkommen">Herzlich willkommen {{ user.username }}</div>
</li>
<li style="float:right"><a href="/admin/edit/set_language/en">en</a></li>
<li style="float:right"><a href="/admin/edit/set_language/de">de</a></li>
</ol>
</nav>
{% block admin %}

18
templates/edit_link.html
View File

@ -2,26 +2,26 @@
{% block admin %}
<div class="center">
<h1>{{ fluent(key="edit-link-headline", lang=user.language, linktitle=link.title) }}</h1>
<h1>Link Editieren: {{ link.title }}</h1>
<form action="" method="POST">
<div>
<label for="title">{{ fluent(key="link-description", lang=user.language) }}:</label>
<label for="title">Beschreibung:</label>
<input type="text" name="title" value="{{ link.title }}">
</div>
<div>
<label for="target">{{ fluent(key="link-target", lang=user.language) }}:</label>
<label for="target">Ziel:</label>
<input type="text" name="target" value="{{link.target}}">
</div>
<div>
<label for="code">{{ fluent(key="link-code", lang=user.language) }}:</label>
<label for="code">Code:</label>
<input type="text" name="code" value="{{link.code}}">
</div>
<div class="actions danger">
<h2>{{ fluent(key="danger-zone", lang=user.language) }}</h2>
<h3>{{ fluent(key="danger-zone-text", lang=user.language) }}</h3>
<input type="submit" value='{{ fluent(key="save-edits", lang=user.language) }}'>
<a class="button" href="/admin/delete/link/{{link.code}}">{{ fluent(key="delete-link", lang=user.language)
}}</a>
<h2>Achtung!</h2>
<h3>Werden schon veröffentlichte Links gelöscht oder editiert sind die Links z.B. aus einem Buch
nicht mehr gültig! UNBEDINGT VERMEIDEN!</h3>
<input type="submit" value="Speichern">
<a class="button" href="/admin/delete/link/{{link.code}}">Delete</a>
</div>
</form>
</div>

18
templates/edit_profile.html
View File

@ -2,27 +2,21 @@
{% block admin %}
<div class="center">
<h1>{{ fluent(key="edit-user-headline", lang=user.language, username=user.username) }}
</h1>
<h1>Profil von {{user.username}}</h1>
<form action="" method="POST">
<div>
<label for="username">{{ fluent(key="username", lang=user.language)
}}:</label>
<label for="username">Benutzername:</label>
<input type="text" name="username" value="{{ user.username }}">
</div>
<div>
<label for="email">{{ fluent(key="email", lang=user.language)
}}:</label>
<label for="email">E-mail:</label>
<input type="email" name="email" value="{{ user.email }}">
</div>
<div>
<label for="password">{{ fluent(key="password", lang=user.language)
}}:</label>
<input type="password" name="password" placeholder='{{ fluent(key="password-placeholder", lang=user.language)
}}'>
<label for="password">Passwort:</label>
<input type="password" name="password" placeholder="Leer lassen um nichts zu ändern">
</div>
<input type="submit" value='{{ fluent(key="save-user", lang=user.language)
}}'>
<input type="submit" value="Speichern">
</form>
<h2>&nbsp;</h2>
</div>

12
templates/index.html
View File

@ -11,20 +11,16 @@
<tr>
<th>
{{ fluent(key="link-code", lang=user.language)
}}
Kürzel
</th>
<th>
{{ fluent(key="link-target", lang=user.language)
}}
Ziellink
</th>
<th>
{{ fluent(key="username", lang=user.language)
}}
Benutzername
</th>
<th>
{{ fluent(key="statistics", lang=user.language)
}}
Statistik
</th>
</tr>
{% for links_user in links_per_users %}

9
templates/index_users.html
View File

@ -11,16 +11,13 @@
<tr>
<th>
{{ fluent(key="userid", lang=user.language)
}}
Kürzel
</th>
<th>
{{ fluent(key="email", lang=user.language)
}}
Emailadresse
</th>
<th>
{{ fluent(key="username", lang=user.language)
}}
Benutzername
</th>
</tr>
{% for user in users %}

8
templates/login.html
View File

@ -4,16 +4,14 @@
<div class="center">
<form action="" method="POST">
<div>
<label for="username">{{ fluent(key="username", lang=language)
}}:</label>
<label for="username">Benutzername:</label>
<input type="text" name="username">
</div>
<div>
<label for="password">{{ fluent(key="password", lang=language)
}}:</label>
<label for="password">Passwort:</label>
<input type="password" name="password">
</div>
<input type="submit" value='{{ fluent(key="login", lang=language) }}'>
<input type="submit" value="Login">
</form>
<h2>&nbsp;</h2>
</div>

2
templates/not_found.html
View File

@ -2,7 +2,7 @@
{% block content %}
<div class="center">
<h3>{{ fluent(key="not-found", lang=language) }}</h3>
<h3>This Link has not been found or has been deleted</h3>
<h2>&nbsp;</h2>
</div>
{% endblock %}

12
templates/signup.html
View File

@ -4,22 +4,18 @@
<div class="center">
<form action="" method="POST">
<div>
<label for="username">{{ fluent(key="username", lang=user.language)
}}:</label>
<label for="username">Benutzername:</label>
<input type="text" name="username">
</div>
<div>
<label for="email">{{ fluent(key="email", lang=user.language)
}}:</label>
<label for="email">E-mail:</label>
<input type="email" name="email">
</div>
<div>
<label for="password">{{ fluent(key="password", lang=user.language)
}}:</label>
<label for="password">Passwort:</label>
<input type="password" name="password">
</div>
<input type="submit" value='{{ fluent(key="invite-user", lang=user.language)
}}'>
<input type="submit" value="Einladen">
</form>
<h2>&nbsp;</h2>
</div>

9
templates/submission.html
View File

@ -4,18 +4,15 @@
<div class="center">
<form action="" method="POST">
<div>
<label for="title">{{ fluent(key="link-description", lang=user.language)
}}:</label>
<label for="title">Beschreibung:</label>
<input type="text" name="title">
</div>
<div>
<label for="target">{{ fluent(key="link-target", lang=user.language)
}}:</label>
<label for="target">Ziel:</label>
<input type="text" name="target">
</div>
<div>
<label for="code">{{ fluent(key="link-code", lang=user.language)
}}:</label>
<label for="code">Code:</label>
<input type="text" name="code">
</div>
<input type="submit" value="Submit">

18
templates/view_link.html
View File

@ -5,29 +5,24 @@
<h1>{{ link.title }}</h1>
<table>
<tr>
<td>{{ fluent(key="link-description", lang=user.language)
}}:</td>
<td>Beschreibung:</td>
<td>{{ link.title }}</td>
</tr>
<tr>
<td>{{ fluent(key="link-code", lang=user.language)
}}:</td>
<td>Code:</td>
<td>{{ link.code }}</td>
</tr>
<tr>
<td>{{ fluent(key="shortlink", lang=user.language)
}}:</td>
<td>Kurzlink:</td>
<td><a href="{{ protocol }}://{{ host }}/{{ link.code }}">{{ protocol }}://{{ host }}/{{ link.code }}</a>
</td>
</tr>
<tr>
<td>{{ fluent(key="link-target", lang=user.language)
}}:</td>
<td>Ziel:</td>
<td>{{ link.target }}</td>
</tr>
<tr>
<td>{{ fluent(key="qr-code", lang=user.language)
}}</td>
<td>QR-Code</td>
<td><a href="/admin/download/png/{{ link.code }}" download="{{ link.title | slugify }}.png">
{{ qr | trim_start_matches(pat=
'.*?>')
@ -38,8 +33,7 @@
</table>
{% if user.role == 2 or user.id == link.author %}
<div class="actions">
<a class="button" href="/admin/edit/link/{{ link.code }}">{{ fluent(key="edit-link", lang=user.language)
}}</a>
<a class="button" href="/admin/edit/link/{{ link.code }}">Editieren</a>
</div>
{% endif %}
</div>

24
templates/view_profile.html
View File

@ -2,39 +2,31 @@
{% block admin %}
<div class="center">
<h1>{{ fluent(key="user-headline", lang=user.language, username=user.username) }}</h1>
<h1>Profil von {{viewed_user.username}}</h1>
<form action="" method="POST">
<div>
<label for="username">{{ fluent(key="username", lang=user.language)
}}:</label>
<label for="username">Benutzername:</label>
<input type="text" name="username" value="{{ viewed_user.username }}" readonly>
</div>
<div>
<label for="email">{{ fluent(key="email", lang=user.language)
}}:</label>
<label for="email">E-mail:</label>
<input type="email" name="email" value="{{ viewed_user.email }}" readonly>
</div>
{% if user.role == 2 or user.id == viewed_user.id %}
<div>
<label for="password">{{ fluent(key="password", lang=user.language)
}}:</label>
<label for="password">Passwort:</label>
<input type="password" name="password" value="verschlüsselt" readonly>
</div>
{% endif %}
</form>
{% if user.role == 2 or user.id == viewed_user.id %}
<div class="actions">
<a class="button" href="/admin/edit/profile/{{ viewed_user.id }}">{{ fluent(key="edit-user", lang=user.language)
}}</a>
<a class="button" href="/admin/edit/profile/{{ viewed_user.id }}">Editieren</a>
{% if user.role == 2 and viewed_user.role == 1 %}
<a class="button" href="/admin/edit/set_admin/{{ viewed_user.id }}">{{ fluent(key="make-user-admin",
lang=user.language)
}}</a>
<a class="button" href="/admin/edit/set_admin/{{ viewed_user.id }}">Zum Admin machen</a>
{% endif %}
{% if user.role == 2 and viewed_user.role == 2 and not user.id == viewed_user.id %}
<a class="button" href="/admin/edit/set_admin/{{ viewed_user.id }}">{{ fluent(key="make-user-regular",
lang=user.language)
}}</a>
{% if user.role == 2 and viewed_user.role == 2 %}
<a class="button" href="/admin/edit/set_admin/{{ viewed_user.id }}">Zum Normalo machen</a>
{% endif %}
</div>
{% endif %}

349
tests/integration-tests.rs
View File

@ -1,349 +0,0 @@
#[test]
fn test_help_of_command_for_breaking_changes() {
let output = test_bin::get_test_bin("pslink")
.output()
.expect("Failed to start pslink");
assert!(String::from_utf8_lossy(&output.stdout).contains("USAGE"));
let output = test_bin::get_test_bin("pslink")
.args(&["--help"])
.output()
.expect("Failed to start pslink");
let outstring = String::from_utf8_lossy(&output.stdout);
let args = &[
"USAGE",
"-h",
"--help",
"-b",
"-e",
"-i",
"-p",
"-t",
"-u",
"runserver",
"create-admin",
"generate-env",
"migrate-database",
"help",
];
for s in args {
assert!(
outstring.contains(s),
"{} was not found in the help - this is a breaking change",
s
);
}
}
#[test]
fn test_generate_env() {
use std::io::BufRead;
let tmp_dir = tempdir::TempDir::new("pslink_test_env").expect("create temp dir");
let output = test_bin::get_test_bin("pslink")
.args(&["generate-env", "--secret", "abcdefghijklmnopqrstuvw"])
.current_dir(&tmp_dir)
.output()
.expect("Failed to start pslink");
let envfile = tmp_dir.path().join(".env");
let dbfile = tmp_dir.path().join("links.db");
println!("{}", envfile.display());
println!("{}", dbfile.display());
println!("{}", String::from_utf8_lossy(&output.stdout));
assert!(envfile.exists(), "No .env-file was created!");
assert!(dbfile.exists(), "No database-file was created!");
let envfile = std::fs::File::open(envfile).unwrap();
let envcontent: Vec<Result<String, _>> = std::io::BufReader::new(envfile).lines().collect();
assert!(
envcontent
.iter()
.any(|s| s.as_ref().unwrap().starts_with("PSLINK_PORT=")),
"Failed to find PSLINK_PORT in the generated .env file."
);
assert!(
envcontent
.iter()
.any(|s| s.as_ref().unwrap().starts_with("PSLINK_SECRET=")),
"Failed to find PSLINK_SECRET in the generated .env file."
);
assert!(
!envcontent.iter().any(|s| {
let r = s.as_ref().unwrap().contains("***SECRET***");
r
}),
"It seems that a censored secret was used in the .env file."
);
assert!(
envcontent.iter().any(|s| {
let r = s.as_ref().unwrap().contains("abcdefghijklmnopqrstuvw");
r
}),
"The secret has not made it into the .env file!"
);
let output = test_bin::get_test_bin("pslink")
.args(&["generate-env"])
.current_dir(&tmp_dir)
.output()
.expect("Failed to start pslink");
let second_out = String::from_utf8_lossy(&output.stdout);
assert!(!second_out.contains("secret"));
}
#[actix_rt::test]
async fn test_migrate_database() {
use std::io::Write;
#[derive(serde::Serialize, Debug)]
pub struct Count {
pub number: i32,
}
let tmp_dir = tempdir::TempDir::new("pslink_test_env").expect("create temp dir");
// generate .env file
let _output = test_bin::get_test_bin("pslink")
.args(&["generate-env"])
.current_dir(&tmp_dir)
.output()
.expect("Failed generate .env");
// migrate the database
let output = test_bin::get_test_bin("pslink")
.args(&["migrate-database"])
.current_dir(&tmp_dir)
.output()
.expect("Failed to migrate the database");
println!("{}", String::from_utf8_lossy(&output.stdout));
// check if the users table exists by counting the number of admins.
let db_pool = sqlx::pool::Pool::<sqlx::sqlite::Sqlite>::connect(
&tmp_dir.path().join("links.db").display().to_string(),
)
.await
.expect("Error: Failed to connect to database!");
let num = sqlx::query_as!(Count, "select count(*) as number from users where role = 2")
.fetch_one(&db_pool)
.await
.unwrap();
// initially no admin is present
assert_eq!(num.number, 0, "Failed to create the database!");
// create a new admin
let mut input = test_bin::get_test_bin("pslink")
.args(&["create-admin"])
.current_dir(&tmp_dir)
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.spawn()
.expect("Failed to migrate the database");
let mut procin = input.stdin.take().unwrap();
procin.write_all(b"test\n").unwrap();
procin.write_all(b"test@mail.test\n").unwrap();
procin.write_all(b"testpw\n").unwrap();
let r = input.wait().unwrap();
println!("Exitstatus is: {}", r);
println!("{}", String::from_utf8_lossy(&output.stdout));
let num = sqlx::query_as!(Count, "select count(*) as number from users where role = 2")
.fetch_one(&db_pool)
.await
.unwrap();
// now 1 admin is there
assert_eq!(num.number, 1, "Failed to create an admin!");
}
async fn run_server() {
use std::io::Write;
#[derive(serde::Serialize, Debug)]
pub struct Count {
pub number: i32,
}
let tmp_dir = tempdir::TempDir::new("pslink_test_env").expect("create temp dir");
// generate .env file
let _output = test_bin::get_test_bin("pslink")
.args(&["generate-env", "--secret", "abcdefghijklmnopqrstuvw"])
.current_dir(&tmp_dir)
.output()
.expect("Failed generate .env");
// migrate the database
let output = test_bin::get_test_bin("pslink")
.args(&["migrate-database"])
.current_dir(&tmp_dir)
.output()
.expect("Failed to migrate the database");
// create a database connection.
let db_pool = sqlx::pool::Pool::<sqlx::sqlite::Sqlite>::connect(
&tmp_dir.path().join("links.db").display().to_string(),
)
.await
.expect("Error: Failed to connect to database!"); // create a new admin
let mut input = test_bin::get_test_bin("pslink")
.args(&["create-admin"])
.current_dir(&tmp_dir)
.stdin(std::process::Stdio::piped())
.stdout(std::process::Stdio::piped())
.spawn()
.expect("Failed to migrate the database");
let mut procin = input.stdin.take().unwrap();
procin.write_all(b"test\n").unwrap();
procin.write_all(b"test@mail.test\n").unwrap();
procin.write_all(b"testpw\n").unwrap();
let r = input.wait().unwrap();
println!("Exitstatus is: {}", r);
println!("{}", String::from_utf8_lossy(&output.stdout));
let num = sqlx::query_as!(Count, "select count(*) as number from users where role = 2")
.fetch_one(&db_pool)
.await
.unwrap();
// now 1 admin is there
assert_eq!(
num.number, 1,
"Failed to create an admin! See previous tests!"
);
let server_config = pslink::ServerConfig {
secret: pslink::Secret::new("abcdefghijklmnopqrstuvw".to_string()),
db: std::path::PathBuf::from("links.db"),
db_pool,
public_url: "localhost:8080".to_string(),
internal_ip: "localhost".to_string(),
port: 8080,
protocol: pslink::Protocol::Http,
empty_forward_url: "https://github.com/enaut/pslink".to_string(),
brand_name: "Pslink".to_string(),
};
let server = pslink::webservice(server_config);
let _neveruse = tokio::spawn(server);
}
#[actix_rt::test]
async fn test_web_paths() {
run_server().await;
// We need to bring in `reqwest`
// to perform HTTP requests against our application.
let client = reqwest::Client::builder()
.cookie_store(true)
.redirect(reqwest::redirect::Policy::none())
.build()
.unwrap();
// Act
let response = client
.get("http://localhost:8080/")
.send()
.await
.expect("Failed to execute request.");
// The basic redirection is working!
assert!(response.status().is_redirection());
let location = response.headers().get("location").unwrap();
assert!(location.to_str().unwrap().contains("github"));
// Act
let response = client
.get("http://localhost:8080/admin/login/")
.send()
.await
.expect("Failed to execute request.");
// The Loginpage is reachable and contains a password field!
assert!(response.status().is_success());
let content = response.text().await.unwrap();
assert!(
content.contains(r#"<input type="password"#),
"No password field was found!"
);
// Act
let formdata = &[("username", "test"), ("password", "testpw")];
let response = client
.post("http://localhost:8080/admin/login/")
.form(formdata)
.send()
.await
.expect("Failed to execute request.");
// It is possible to login
assert!(response.status().is_redirection());
let location = response.headers().get("location").unwrap();
assert_eq!("/admin/index/", location.to_str().unwrap());
assert!(
response.headers().get("set-cookie").is_some(),
"A auth cookie is not set even though authentication succeeds"
);
// After login this should return a redirect
let response = client
.get("http://localhost:8080/admin/login/")
.send()
.await
.expect("Failed to execute request.");
// The Loginpage redirects to link index when logged in
assert!(
response.status().is_redirection(),
"/admin/login/ is not redirecting correctly when logged in!"
);
let location = response.headers().get("location").unwrap();
assert_eq!("/admin/index/", location.to_str().unwrap());
// After login this should return a redirect
let response = client
.get("http://localhost:8080/admin/index/")
.send()
.await
.expect("Failed to execute request.");
// The Loginpage redirects to link index when logged in
assert!(
response.status().is_success(),
"Could not access /admin/index/"
);
let content = response.text().await.unwrap();
assert!(
content.contains(r#"<a href="/admin/logout/">"#),
"No Logout Button was found on /admin/index/!"
);
// Act title=haupt&target=http%3A%2F%2Fdas.geht%2Fjetzt%2F&code=tpuah
let formdata = &[
("title", "haupt"),
("target", "https://das.geht/jetzt/"),
("code", "tpuah"),
];
let response = client
.post("http://localhost:8080/admin/submit/")
.form(formdata)
.send()
.await
.expect("Failed to execute request.");
// It is possible to login
assert!(response.status().is_redirection());
let location = response.headers().get("location").unwrap();
assert_eq!("/admin/view/link/tpuah", location.to_str().unwrap());
// Act
let response = client
.get("http://localhost:8080/tpuah")
.send()
.await
.expect("Failed to execute request.");
// The basic redirection is working!
assert!(response.status().is_redirection());
let location = response.headers().get("location").unwrap();
assert!(location
.to_str()
.unwrap()
.contains("https://das.geht/jetzt/"));
}