MirrorHub/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2024-11-12 05:21:05 +01:00
Code Issues Releases Activity

Cleanup and fix validation in report.rs, lower max report length, better html

Browse source
This commit is contained in:
Nyaaori 2021-10-20 11:12:06 +00:00
parent 1541b93f45
commit 50f931a2fd
No known key found for this signature in database
GPG key ID: 50C66D0980648414
1 changed files with 18 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

53
src/client_server/report.rs
View file

@ -1,5 +1,3 @@
use std::sync::Arc;
use crate::{database::admin::AdminCommand, database::DatabaseGuard, ConduitResult, Error, Ruma}; use crate::{database::admin::AdminCommand, database::DatabaseGuard, ConduitResult, Error, Ruma};
use ruma::{ use ruma::{
api::client::{error::ErrorKind, r0::room::report_content}, api::client::{error::ErrorKind, r0::room::report_content},
@ -25,62 +23,49 @@ pub async fn report_event_route(
) -> ConduitResult<report_content::Response> { ) -> ConduitResult<report_content::Response> {
let sender_user = body.sender_user.as_ref().expect("user is authenticated"); let sender_user = body.sender_user.as_ref().expect("user is authenticated");
let pdu = match db.rooms.get_pdu(&body.event_id) { let pdu = match db.rooms.get_pdu(&body.event_id)? {
Ok(pdu) if !pdu.is_none() => pdu, Some(pdu) => pdu,
_ => { _ => {
return Err(Error::BadRequest( return Err(Error::BadRequest(
ErrorKind::InvalidParam, ErrorKind::InvalidParam,
"Invalid Event ID", "Invalid Event ID",
)) ))
} }
} };
.unwrap();
if body.score >= Int::from(0) && body.score <= Int::from(-100) { if body.score > Int::from(0) || body.score < Int::from(-100) {
return Err(Error::BadRequest( return Err(Error::BadRequest(
ErrorKind::InvalidParam, ErrorKind::InvalidParam,
"Invalid score, must be within 0 to -100", "Invalid score, must be within 0 to -100",
)); ));
}; };
if body.reason.chars().count() > 1000 { if body.reason.chars().count() > 250 {
return Err(Error::BadRequest( return Err(Error::BadRequest(
ErrorKind::InvalidParam, ErrorKind::InvalidParam,
"Reason too long, should be 1000 characters or fewer", "Reason too long, should be 250 characters or fewer",
)); ));
}; };
let mutex_state = Arc::clone(
db.globals
.roomid_mutex_state
.write()
.unwrap()
.entry(body.room_id.clone())
.or_default(),
);
let state_lock = mutex_state.lock().await;
db.admin.send(AdminCommand::SendMessage( db.admin.send(AdminCommand::SendMessage(
message::RoomMessageEventContent::text_html( message::RoomMessageEventContent::text_html(
format!( format!(
concat!( "Report received from: {}\n\n\
"Report received from: {}\r\n\r\n", Event ID: {}\n\
"Event ID: {}\r\n", Room ID: {}\n\
"Room ID: {}\r\n", Sent By: {}\n\n\
"Sent By: {}\r\n\r\n", Report Score: {}\n\
"Report Score: {}\r\n", Report Reason: {}",
"Report Reason: {}"
),
sender_user, pdu.event_id, pdu.room_id, pdu.sender, body.score, body.reason sender_user, pdu.event_id, pdu.room_id, pdu.sender, body.score, body.reason
) )
.to_owned(), .to_owned(),
format!( format!(
concat!( "<details><summary>Report received from: <a href=\"https://matrix.to/#/{0}\">{0}\
"<details><summary>Report received from: {}</summary><details>", </a></summary><ul><li>Event Info<ul><li>Event ID: <code>{1}</code>\
"<summary>Event Info</summary><p>Event ID: {}<br>Room ID: {}<br>Sent By: {}", <a href=\"https://matrix.to/#/{2}/{1}\">🔗</a></li><li>Room ID: <code>{2}</code>\
"</p></details><details><summary>Report Info</summary><p>Report Score: {}", </li><li>Sent By: <a href=\"https://matrix.to/#/{3}\">{3}</a></li></ul></li><li>\
"</br>Report Reason: {}</p></details></details>" Report Info<ul><li>Report Score: {4}</li><li>Report Reason: {5}</li></ul></li>\
), </ul></details>",
sender_user, sender_user,
pdu.event_id, pdu.event_id,
pdu.room_id, pdu.room_id,
@ -92,8 +77,6 @@ pub async fn report_event_route(
), ),
)); ));
drop(state_lock);
db.flush()?; db.flush()?;
Ok(report_content::Response {}.into()) Ok(report_content::Response {}.into())