diff options
author | Dessalines <tyhou13@gmx.com> | 2020-02-02 22:51:54 -0500 |
---|---|---|
committer | Dessalines <tyhou13@gmx.com> | 2020-02-02 22:51:54 -0500 |
commit | ee2038a75a137ad53632d76b42588605b52ac422 (patch) | |
tree | 7b53f8a9a447cdc5781b07742db7d9590971af96 /server/src/api | |
parent | a2267aa0560731ba090091cd946922cdaac72354 (diff) |
Returning specific slurs from slur filter on failure. Fixes #463
Diffstat (limited to 'server/src/api')
-rw-r--r-- | server/src/api/community.rs | 31 | ||||
-rw-r--r-- | server/src/api/mod.rs | 4 | ||||
-rw-r--r-- | server/src/api/post.rs | 21 | ||||
-rw-r--r-- | server/src/api/site.rs | 24 | ||||
-rw-r--r-- | server/src/api/user.rs | 4 |
5 files changed, 62 insertions, 22 deletions
diff --git a/server/src/api/community.rs b/server/src/api/community.rs index 80cc2b65..936e54cd 100644 --- a/server/src/api/community.rs +++ b/server/src/api/community.rs @@ -176,11 +176,18 @@ impl Perform<CommunityResponse> for Oper<CreateCommunity> { Err(_e) => return Err(APIError::err("not_logged_in").into()), }; - if has_slurs(&data.name) - || has_slurs(&data.title) - || (data.description.is_some() && has_slurs(&data.description.to_owned().unwrap())) - { - return Err(APIError::err("no_slurs").into()); + if let Err(slurs) = slur_check(&data.name) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } + + if let Err(slurs) = slur_check(&data.title) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } + + if let Some(description) = &data.description { + if let Err(slurs) = slur_check(description) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } } let user_id = claims.id; @@ -242,8 +249,18 @@ impl Perform<CommunityResponse> for Oper<EditCommunity> { fn perform(&self, conn: &PgConnection) -> Result<CommunityResponse, Error> { let data: &EditCommunity = &self.data; - if has_slurs(&data.name) || has_slurs(&data.title) { - return Err(APIError::err("no_slurs").into()); + if let Err(slurs) = slur_check(&data.name) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } + + if let Err(slurs) = slur_check(&data.title) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } + + if let Some(description) = &data.description { + if let Err(slurs) = slur_check(description) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } } let claims = match Claims::decode(&data.auth) { diff --git a/server/src/api/mod.rs b/server/src/api/mod.rs index cb09d7fa..155c706a 100644 --- a/server/src/api/mod.rs +++ b/server/src/api/mod.rs @@ -17,7 +17,9 @@ use crate::db::user_mention::*; use crate::db::user_mention_view::*; use crate::db::user_view::*; use crate::db::*; -use crate::{extract_usernames, has_slurs, naive_from_unix, naive_now, remove_slurs}; +use crate::{ + extract_usernames, naive_from_unix, naive_now, remove_slurs, slur_check, slurs_vec_to_str, +}; use diesel::PgConnection; use failure::Error; use serde::{Deserialize, Serialize}; diff --git a/server/src/api/post.rs b/server/src/api/post.rs index 086705bc..bd276be5 100644 --- a/server/src/api/post.rs +++ b/server/src/api/post.rs @@ -88,8 +88,14 @@ impl Perform<PostResponse> for Oper<CreatePost> { Err(_e) => return Err(APIError::err("not_logged_in").into()), }; - if has_slurs(&data.name) || (data.body.is_some() && has_slurs(&data.body.to_owned().unwrap())) { - return Err(APIError::err("no_slurs").into()); + if let Err(slurs) = slur_check(&data.name) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } + + if let Some(body) = &data.body { + if let Err(slurs) = slur_check(body) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } } let user_id = claims.id; @@ -298,8 +304,15 @@ impl Perform<PostResponse> for Oper<CreatePostLike> { impl Perform<PostResponse> for Oper<EditPost> { fn perform(&self, conn: &PgConnection) -> Result<PostResponse, Error> { let data: &EditPost = &self.data; - if has_slurs(&data.name) || (data.body.is_some() && has_slurs(&data.body.to_owned().unwrap())) { - return Err(APIError::err("no_slurs").into()); + + if let Err(slurs) = slur_check(&data.name) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } + + if let Some(body) = &data.body { + if let Err(slurs) = slur_check(body) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } } let claims = match Claims::decode(&data.auth) { diff --git a/server/src/api/site.rs b/server/src/api/site.rs index dfbd5ff0..ef1a2828 100644 --- a/server/src/api/site.rs +++ b/server/src/api/site.rs @@ -186,10 +186,14 @@ impl Perform<SiteResponse> for Oper<CreateSite> { Err(_e) => return Err(APIError::err("not_logged_in").into()), }; - if has_slurs(&data.name) - || (data.description.is_some() && has_slurs(&data.description.to_owned().unwrap())) - { - return Err(APIError::err("no_slurs").into()); + if let Err(slurs) = slur_check(&data.name) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } + + if let Some(description) = &data.description { + if let Err(slurs) = slur_check(description) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } } let user_id = claims.id; @@ -229,10 +233,14 @@ impl Perform<SiteResponse> for Oper<EditSite> { Err(_e) => return Err(APIError::err("not_logged_in").into()), }; - if has_slurs(&data.name) - || (data.description.is_some() && has_slurs(&data.description.to_owned().unwrap())) - { - return Err(APIError::err("no_slurs").into()); + if let Err(slurs) = slur_check(&data.name) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } + + if let Some(description) = &data.description { + if let Err(slurs) = slur_check(description) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); + } } let user_id = claims.id; diff --git a/server/src/api/user.rs b/server/src/api/user.rs index 0b1abb68..99072a74 100644 --- a/server/src/api/user.rs +++ b/server/src/api/user.rs @@ -240,8 +240,8 @@ impl Perform<LoginResponse> for Oper<Register> { return Err(APIError::err("passwords_dont_match").into()); } - if has_slurs(&data.username) { - return Err(APIError::err("no_slurs").into()); + if let Err(slurs) = slur_check(&data.username) { + return Err(APIError::err(&slurs_vec_to_str(slurs)).into()); } // Make sure there are no admins |