breeze/src/view.rs

use std::{
    path::{Component, PathBuf},
    sync::Arc,
};

use axum::{
    body::StreamBody,
    extract::{Path, State},
    response::{IntoResponse, Response},
};

use bytes::Bytes;
use hyper::StatusCode;
use tokio::fs::File;
use tokio_util::io::ReaderStream;

pub enum ViewSuccess {
    FromDisk(File),
    FromCache(Bytes),
}

pub enum ViewError {
    NotFound, // 404
    InternalServerError, // 500
}

impl IntoResponse for ViewSuccess {
    fn into_response(self) -> Response {
        match self {
            ViewSuccess::FromDisk(file) => {
                // create a streamed body response (we want to stream larger files)
                let reader = ReaderStream::new(file);
                let stream = StreamBody::new(reader);

                stream.into_response()
            }
            ViewSuccess::FromCache(data) => {
                // extract mutable headers from the response
                let mut res = data.into_response();
                let headers = res.headers_mut();

                // clear the headers, let the browser imply it
                headers.clear();

                res
            }
        }
    }
}

impl IntoResponse for ViewError {
    fn into_response(self) -> Response {
        match self {
            ViewError::NotFound => {
                // convert string into response, change status code
                let mut res = "not found!".into_response();
                *res.status_mut() = StatusCode::NOT_FOUND;

                res
            }
            ViewError::InternalServerError => {
                // convert string into response, change status code
                let mut res = "internal server error!".into_response();
                *res.status_mut() = StatusCode::NOT_FOUND;

                res
            }
        }
    }
}

#[axum::debug_handler]
pub async fn view(
    State(engine): State<Arc<crate::engine::Engine>>,
    Path(original_path): Path<PathBuf>,
) -> Result<ViewSuccess, ViewError> {
    // (hopefully) prevent path traversal, just check for any non-file components
    if original_path
        .components()
        .into_iter()
        .any(|x| !matches!(x, Component::Normal(_)))
    {
        warn!("a request attempted path traversal");
        return Err(ViewError::NotFound);
    }

    // get result from the engine!
    engine.get_upload(&original_path).await
}
release! 2023-01-30 17:11:30 -06:00			`use std::{`
			`path::{Component, PathBuf},`
			`sync::Arc,`
			`};`

			`use axum::{`
			`body::StreamBody,`
			`extract::{Path, State},`
			`response::{IntoResponse, Response},`
			`};`

			`use bytes::Bytes;`
			`use hyper::StatusCode;`
			`use tokio::fs::File;`
			`use tokio_util::io::ReaderStream;`

fix upload count and error responses 2023-01-30 18:14:25 -06:00			`pub enum ViewSuccess {`
release! 2023-01-30 17:11:30 -06:00			`FromDisk(File),`
			`FromCache(Bytes),`
			`}`

fix upload count and error responses 2023-01-30 18:14:25 -06:00			`pub enum ViewError {`
mostly just auth 2023-02-01 18:05:13 -06:00			`NotFound, // 404`
			`InternalServerError, // 500`
fix upload count and error responses 2023-01-30 18:14:25 -06:00			`}`

			`impl IntoResponse for ViewSuccess {`
release! 2023-01-30 17:11:30 -06:00			`fn into_response(self) -> Response {`
			`match self {`
fix upload count and error responses 2023-01-30 18:14:25 -06:00			`ViewSuccess::FromDisk(file) => {`
release! 2023-01-30 17:11:30 -06:00			`// create a streamed body response (we want to stream larger files)`
			`let reader = ReaderStream::new(file);`
			`let stream = StreamBody::new(reader);`

			`stream.into_response()`
			`}`
fix upload count and error responses 2023-01-30 18:14:25 -06:00			`ViewSuccess::FromCache(data) => {`
release! 2023-01-30 17:11:30 -06:00			`// extract mutable headers from the response`
			`let mut res = data.into_response();`
			`let headers = res.headers_mut();`

			`// clear the headers, let the browser imply it`
			`headers.clear();`

			`res`
			`}`
			`}`
			`}`
			`}`

fix upload count and error responses 2023-01-30 18:14:25 -06:00			`impl IntoResponse for ViewError {`
			`fn into_response(self) -> Response {`
			`match self {`
			`ViewError::NotFound => {`
			`// convert string into response, change status code`
			`let mut res = "not found!".into_response();`
			`*res.status_mut() = StatusCode::NOT_FOUND;`

			`res`
			`}`
			`ViewError::InternalServerError => {`
			`// convert string into response, change status code`
			`let mut res = "internal server error!".into_response();`
			`*res.status_mut() = StatusCode::NOT_FOUND;`

			`res`
			`}`
			`}`
			`}`
			`}`

release! 2023-01-30 17:11:30 -06:00			`#[axum::debug_handler]`
			`pub async fn view(`
			`State(engine): State<Arc<crate::engine::Engine>>,`
			`Path(original_path): Path<PathBuf>,`
fix upload count and error responses 2023-01-30 18:14:25 -06:00			`) -> Result<ViewSuccess, ViewError> {`
release! 2023-01-30 17:11:30 -06:00			`// (hopefully) prevent path traversal, just check for any non-file components`
			`if original_path`
			`.components()`
			`.into_iter()`
			`.any(\|x\| !matches!(x, Component::Normal(_)))`
			`{`
mostly just auth 2023-02-01 18:05:13 -06:00			`warn!("a request attempted path traversal");`
fix upload count and error responses 2023-01-30 18:14:25 -06:00			`return Err(ViewError::NotFound);`
release! 2023-01-30 17:11:30 -06:00			`}`

mostly just auth 2023-02-01 18:05:13 -06:00			`// get result from the engine!`
release! 2023-01-30 17:11:30 -06:00			`engine.get_upload(&original_path).await`
			`}`