restrict admin functions to /admin

2021-10-13 17:02:49 +05:30 · 2021-10-13 17:02:49 +05:30 · 115b096008
parent a8c6912c25
commit 115b096008
9 changed files with 27 additions and 25 deletions
--- a/2
+++ b/2
@ -1,5 +1,5 @@
 default: frontend ## Debug build
-	cargo build
+	cargo run

 clean: ## Clean all build artifacts and dependencies
 	@cargo clean
--- a/src/api/v1/admin/account/mod.rs
+++ b/src/api/v1/admin/account/mod.rs
@ -42,14 +42,14 @@ pub mod routes {

    impl Account {
        pub const fn new() -> Account {
-            let get_secret = "/api/v1/admin/account/secret/get";
-            let update_secret = "/api/v1/admin/account/secret/update";
-            let delete = "/api/v1/admin/account/delete";
-            let email_exists = "/api/v1/admin/account/email/exists";
-            let username_exists = "/api/v1/admin/account/username/exists";
-            let update_username = "/api/v1/admin/account/username/update";
-            let update_email = "/api/v1/admin/account/email/update";
-            let update_password = "/api/v1/admin/account/password/update";
+            let get_secret = "/admin/api/v1/account/secret/get";
+            let update_secret = "/admin/api/v1/account/secret/update";
+            let delete = "/admin/api/v1/account/delete";
+            let email_exists = "/admin/api/v1/account/email/exists";
+            let username_exists = "/admin/api/v1/account/username/exists";
+            let update_username = "/admin/api/v1/account/username/update";
+            let update_email = "/admin/api/v1/account/email/update";
+            let update_password = "/admin/api/v1/account/password/update";
            Account {
                delete,
                email_exists,
--- a/src/api/v1/admin/campaigns.rs
+++ b/src/api/v1/admin/campaigns.rs
@ -36,10 +36,10 @@ pub mod routes {

    impl Campaign {
        pub const fn new() -> Campaign {
-            let add = "/api/v1/admin/campaign/add";
-            let delete = "/api/v1/admin/campaign/{uuid}/delete";
+            let add = "/admin/api/v1/campaign/add";
+            let delete = "/admin/api/v1/campaign/{uuid}/delete";
            //            let get_feedback = "/api/v1/campaign/{uuid}/feedback";
-            let list = "/api/v1/admin/campaign/list";
+            let list = "/admin/api/v1/campaign/list";

            Campaign { add, delete, list }
        }
--- a/src/main.rs
+++ b/src/main.rs
@ -149,16 +149,16 @@ pub fn get_identity_service() -> IdentityService<CookieIdentityPolicy> {
    let cookie_secret = &SETTINGS.server.cookie_secret;
    IdentityService::new(
        CookieIdentityPolicy::new(cookie_secret.as_bytes())
-            .path("/api/v1/admin")
-            .name("survey-auth")
-            .max_age_secs(60 * 24)
+            .path("/admin/")
+            .name("survey-admin-auth")
+            .max_age_secs(60 * 60 * 24 * 365)
            .domain(&SETTINGS.server.domain)
            .secure(false),
    )
 }

 pub fn services(cfg: &mut actix_web::web::ServiceConfig) {
-    pages::services(cfg);
    api::v1::services(cfg);
+    pages::services(cfg);
    static_assets::services(cfg);
 }
--- a/src/pages/auth/mod.rs
+++ b/src/pages/auth/mod.rs
@ -52,8 +52,8 @@ pub mod routes {
    impl Auth {
        pub const fn new() -> Auth {
            Auth {
-                login: "/api/v1/admin/page/login",
-                join: "/api/v1/admin/page/join",
+                login: "/admin/login",
+                join: "/admin/join",
            }
        }

--- a/src/pages/mod.rs
+++ b/src/pages/mod.rs
@ -64,7 +64,7 @@ mod tests {
        let app = get_app!(data).await;

        let urls = vec![
-            //PAGES.home.into(),
+            PAGES.home.into(),
            PAGES.panel.campaigns.home.into(),
            PAGES.panel.campaigns.new.into(),
            //            PAGES.panel.campaigns.get_feedback_route(&campaign.uuid),
--- a/src/pages/panel/campaigns/mod.rs
+++ b/src/pages/panel/campaigns/mod.rs
@ -38,10 +38,10 @@ pub mod routes {
    impl Campaigns {
        pub const fn new() -> Campaigns {
            Campaigns {
-                home: "/api/v1/admin/page/campaigns",
-                new: "/api/v1/admin/page/campaigns/new",
-                get_feedback: "/api/v1/admin/page/campaigns/{uuid}/feedback",
-                delete: "/api/v1/admin/page/campaigns/{uuid}/delete",
+                home: "/admin/campaigns",
+                new: "/admin/campaigns/new",
+                get_feedback: "/admin/campaigns/{uuid}/feedback",
+                delete: "/admin/campaigns/{uuid}/delete",
            }
        }

--- a/src/pages/panel/mod.rs
+++ b/src/pages/panel/mod.rs
@ -29,9 +29,10 @@ pub mod routes {
    }
    impl Panel {
        pub const fn new() -> Panel {
+            let campaigns = Campaigns::new();
            Panel {
-                home: "/api/v1/admin/home/",
-                campaigns: Campaigns::new(),
+                home: "/admin/home",
+                campaigns,
            }
        }

--- a/src/tests.rs
+++ b/src/tests.rs
@ -88,6 +88,7 @@ macro_rules! get_app {
        actix_web::App::new()
            .app_data(crate::get_json_err())
            .wrap(crate::get_identity_service())
+            .wrap(get_survey_identity_service())
            .wrap(actix_web::middleware::NormalizePath::new(
                actix_web::middleware::TrailingSlash::Trim,
            ))