From d49a4737e477332c5c4db6915cfac48182a1f510 Mon Sep 17 00:00:00 2001
From: Pierre HUBERT <pierre.git@communiquons.org>
Date: Mon, 6 Jul 2020 11:00:59 +0200
Subject: [PATCH] Can get information about a single post

---
 src/controllers/posts_controller.rs |  8 ++++++++
 src/controllers/routes.rs           |  2 ++
 src/data/http_request_handler.rs    | 18 +++++++++++++++++-
 src/data/post.rs                    | 13 +++++++++++++
 src/helpers/posts_helper.rs         |  7 +++++++
 5 files changed, 47 insertions(+), 1 deletion(-)

diff --git a/src/controllers/posts_controller.rs b/src/controllers/posts_controller.rs
index 8028dbc..a3c524f 100644
--- a/src/controllers/posts_controller.rs
+++ b/src/controllers/posts_controller.rs
@@ -6,6 +6,7 @@ use crate::api_data::post_api::PostAPI;
 use crate::controllers::routes::RequestResult;
 use crate::data::group::GroupAccessLevel;
 use crate::data::http_request_handler::HttpRequestHandler;
+use crate::data::post::PostAccessLevel;
 use crate::helpers::{posts_helper, user_helper};
 
 /// Get the list of posts of a user
@@ -46,4 +47,11 @@ pub fn get_latest(r: &mut HttpRequestHandler) -> RequestResult {
         .get_latest(include_groups)?;
 
     r.set_response(PostAPI::for_list(&posts, r.user_id_opt())?)
+}
+
+/// Get information about a single post
+pub fn get_single(r: &mut HttpRequestHandler) -> RequestResult {
+    let post = r.post_post_with_access("postID", PostAccessLevel::BASIC_ACCESS)?;
+
+    r.set_response(PostAPI::new(&post, &r.user_id_opt())?)
 }
\ No newline at end of file
diff --git a/src/controllers/routes.rs b/src/controllers/routes.rs
index 885b755..e4ef4f4 100644
--- a/src/controllers/routes.rs
+++ b/src/controllers/routes.rs
@@ -204,6 +204,8 @@ pub fn get_routes() -> Vec<Route> {
 
         Route::post("/posts/get_latest", Box::new(posts_controller::get_latest)),
 
+        Route::post("/posts/get_single", Box::new(posts_controller::get_single)),
+
 
         // Virtual directory controller
         Route::post("/user/findbyfolder", Box::new(virtual_directory_controller::find_user)),
diff --git a/src/data/http_request_handler.rs b/src/data/http_request_handler.rs
index 7468fa1..6d5f35a 100644
--- a/src/data/http_request_handler.rs
+++ b/src/data/http_request_handler.rs
@@ -16,8 +16,9 @@ use crate::data::config::conf;
 use crate::data::error::{ExecError, ResultBoxError};
 use crate::data::group::GroupAccessLevel;
 use crate::data::group_id::GroupID;
+use crate::data::post::{Post, PostAccessLevel};
 use crate::data::user::UserID;
-use crate::helpers::{account_helper, api_helper, conversations_helper, friends_helper, groups_helper, user_helper, virtual_directory_helper};
+use crate::helpers::{account_helper, api_helper, conversations_helper, friends_helper, groups_helper, posts_helper, user_helper, virtual_directory_helper};
 use crate::helpers::virtual_directory_helper::VirtualDirType;
 use crate::utils::string_utils::{check_url, remove_html_nodes};
 use crate::utils::user_data_utils::{generate_new_user_data_file_name, prepare_file_creation, user_data_path};
@@ -545,4 +546,19 @@ impl HttpRequestHandler {
 
         Ok(Some(dir))
     }
+
+    /// Get information about a post whose ID was specified in the request
+    pub fn post_post_with_access(&mut self, name: &str, min_level: PostAccessLevel) -> ResultBoxError<Post> {
+        let post_id = self.post_u64(name)?;
+        let post = self.ok_or_not_found(
+            posts_helper::get_single(post_id),
+            "Requested post not found!",
+        )?;
+
+        if posts_helper::get_access_level(&post, &self.user_id_opt())? < min_level {
+            self.forbidden("You are not allowed to access this post information!".to_string())?;
+        }
+
+        Ok(post)
+    }
 }
\ No newline at end of file
diff --git a/src/data/post.rs b/src/data/post.rs
index aee6bbb..a56f9bd 100644
--- a/src/data/post.rs
+++ b/src/data/post.rs
@@ -34,6 +34,7 @@ impl PostVisibilityLevel {
 
 /// Post access level (for a given user)
 #[allow(non_camel_case_types)]
+#[derive(PartialEq, PartialOrd)]
 pub enum PostAccessLevel {
     //When a user can't access to a post
     NO_ACCESS = 0,
@@ -141,4 +142,16 @@ impl Post {
             _ => false,
         }
     }
+}
+
+#[cfg(test)]
+mod tests {
+    use crate::data::post::PostAccessLevel;
+
+    #[test]
+    fn access_level_coherence() {
+        assert!(PostAccessLevel::NO_ACCESS < PostAccessLevel::BASIC_ACCESS);
+        assert!(PostAccessLevel::BASIC_ACCESS < PostAccessLevel::INTERMEDIATE_ACCESS);
+        assert!(PostAccessLevel::INTERMEDIATE_ACCESS < PostAccessLevel::FULL_ACCESS);
+    }
 }
\ No newline at end of file
diff --git a/src/helpers/posts_helper.rs b/src/helpers/posts_helper.rs
index 249ba93..6d95a54 100644
--- a/src/helpers/posts_helper.rs
+++ b/src/helpers/posts_helper.rs
@@ -230,6 +230,13 @@ pub fn get_latest(query: &PostsQuery, include_group_posts: bool) -> ResultBoxErr
         .exec(db_to_post)
 }
 
+/// Get information about a single post
+pub fn get_single(post_id: u64) -> ResultBoxError<Post> {
+    database::QueryInfo::new(POSTS_TABLE)
+        .cond_u64("ID", post_id)
+        .query_row(db_to_post)
+}
+
 /// Get the access level of a user over a post
 pub fn get_access_level(p: &Post, user_id: &Option<UserID>) -> ResultBoxError<PostAccessLevel> {
     if user_id == &p.user_id.as_option() {