mCaptcha/survey
2
0
Fork 0
Code Issues 4 Pull requests 10 Projects Releases Packages Wiki Activity

restrict admin functions to /admin

Browse source
This commit is contained in:
Aravinth Manivannan 2021-10-13 17:02:49 +05:30
parent a8c6912c25
commit 115b096008
Signed by: realaravinth
GPG key ID: AD9F0F08E855ED88
9 changed files with 27 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Makefile
View file

@ -1,5 +1,5 @@
default: frontend ## Debug build default: frontend ## Debug build
cargo build cargo run
clean: ## Clean all build artifacts and dependencies clean: ## Clean all build artifacts and dependencies
@cargo clean @cargo clean

16
src/api/v1/admin/account/mod.rs
View file

@ -42,14 +42,14 @@ pub mod routes {
impl Account { impl Account {
pub const fn new() -> Account { pub const fn new() -> Account {
let get_secret = "/api/v1/admin/account/secret/get"; let get_secret = "/admin/api/v1/account/secret/get";
let update_secret = "/api/v1/admin/account/secret/update"; let update_secret = "/admin/api/v1/account/secret/update";
let delete = "/api/v1/admin/account/delete"; let delete = "/admin/api/v1/account/delete";
let email_exists = "/api/v1/admin/account/email/exists"; let email_exists = "/admin/api/v1/account/email/exists";
let username_exists = "/api/v1/admin/account/username/exists"; let username_exists = "/admin/api/v1/account/username/exists";
let update_username = "/api/v1/admin/account/username/update"; let update_username = "/admin/api/v1/account/username/update";
let update_email = "/api/v1/admin/account/email/update"; let update_email = "/admin/api/v1/account/email/update";
let update_password = "/api/v1/admin/account/password/update"; let update_password = "/admin/api/v1/account/password/update";
Account { Account {
delete, delete,
email_exists, email_exists,

6
src/api/v1/admin/campaigns.rs
View file

@ -36,10 +36,10 @@ pub mod routes {
impl Campaign { impl Campaign {
pub const fn new() -> Campaign { pub const fn new() -> Campaign {
let add = "/api/v1/admin/campaign/add"; let add = "/admin/api/v1/campaign/add";
let delete = "/api/v1/admin/campaign/{uuid}/delete"; let delete = "/admin/api/v1/campaign/{uuid}/delete";
// let get_feedback = "/api/v1/campaign/{uuid}/feedback"; // let get_feedback = "/api/v1/campaign/{uuid}/feedback";
let list = "/api/v1/admin/campaign/list"; let list = "/admin/api/v1/campaign/list";
Campaign { add, delete, list } Campaign { add, delete, list }
} }

8
src/main.rs
View file

@ -149,16 +149,16 @@ pub fn get_identity_service() -> IdentityService<CookieIdentityPolicy> {
let cookie_secret = &SETTINGS.server.cookie_secret; let cookie_secret = &SETTINGS.server.cookie_secret;
IdentityService::new( IdentityService::new(
CookieIdentityPolicy::new(cookie_secret.as_bytes()) CookieIdentityPolicy::new(cookie_secret.as_bytes())
.path("/api/v1/admin") .path("/admin/")
.name("survey-auth") .name("survey-admin-auth")
.max_age_secs(60 * 24) .max_age_secs(60 * 60 * 24 * 365)
.domain(&SETTINGS.server.domain) .domain(&SETTINGS.server.domain)
.secure(false), .secure(false),
) )
} }
pub fn services(cfg: &mut actix_web::web::ServiceConfig) { pub fn services(cfg: &mut actix_web::web::ServiceConfig) {
pages::services(cfg);
api::v1::services(cfg); api::v1::services(cfg);
pages::services(cfg);
static_assets::services(cfg); static_assets::services(cfg);
} }

4
src/pages/auth/mod.rs
View file

@ -52,8 +52,8 @@ pub mod routes {
impl Auth { impl Auth {
pub const fn new() -> Auth { pub const fn new() -> Auth {
Auth { Auth {
login: "/api/v1/admin/page/login", login: "/admin/login",
join: "/api/v1/admin/page/join", join: "/admin/join",
} }
} }

2
src/pages/mod.rs
View file

@ -64,7 +64,7 @@ mod tests {
let app = get_app!(data).await; let app = get_app!(data).await;
let urls = vec![ let urls = vec![
//PAGES.home.into(), PAGES.home.into(),
PAGES.panel.campaigns.home.into(), PAGES.panel.campaigns.home.into(),
PAGES.panel.campaigns.new.into(), PAGES.panel.campaigns.new.into(),
// PAGES.panel.campaigns.get_feedback_route(&campaign.uuid), // PAGES.panel.campaigns.get_feedback_route(&campaign.uuid),

8
src/pages/panel/campaigns/mod.rs
View file

@ -38,10 +38,10 @@ pub mod routes {
impl Campaigns { impl Campaigns {
pub const fn new() -> Campaigns { pub const fn new() -> Campaigns {
Campaigns { Campaigns {
home: "/api/v1/admin/page/campaigns", home: "/admin/campaigns",
new: "/api/v1/admin/page/campaigns/new", new: "/admin/campaigns/new",
get_feedback: "/api/v1/admin/page/campaigns/{uuid}/feedback", get_feedback: "/admin/campaigns/{uuid}/feedback",
delete: "/api/v1/admin/page/campaigns/{uuid}/delete", delete: "/admin/campaigns/{uuid}/delete",
} }
} }

5
src/pages/panel/mod.rs
View file

@ -29,9 +29,10 @@ pub mod routes {
} }
impl Panel { impl Panel {
pub const fn new() -> Panel { pub const fn new() -> Panel {
let campaigns = Campaigns::new();
Panel { Panel {
home: "/api/v1/admin/home/", home: "/admin/home",
campaigns: Campaigns::new(), campaigns,
} }
} }

1
src/tests.rs
View file

@ -88,6 +88,7 @@ macro_rules! get_app {
actix_web::App::new() actix_web::App::new()
.app_data(crate::get_json_err()) .app_data(crate::get_json_err())
.wrap(crate::get_identity_service()) .wrap(crate::get_identity_service())
.wrap(get_survey_identity_service())
.wrap(actix_web::middleware::NormalizePath::new( .wrap(actix_web::middleware::NormalizePath::new(
actix_web::middleware::TrailingSlash::Trim, actix_web::middleware::TrailingSlash::Trim,
)) ))