Start to implement data export

2025-10-31 07:34:45 +00:00 · 2020-07-13 18:56:36 +02:00
parent ded88474d5
commit f21636aa4e
5 changed files with 35 additions and 1 deletions
--- a/src/constants.rs
+++ b/src/constants.rs
@@ -88,4 +88,7 @@ pub const MAXIMUM_NUMBER_SURVEY_CHOICES: usize = 20;
 pub const PASSWORD_RESET_TOKEN_LENGTH: usize = 255;

 /// Duration of the validity of a password reset token (6 hours)
-pub const PASSWORD_RESET_TOKEN_LIFETIME: u64 = 60 * 60 * 6;
+pub const PASSWORD_RESET_TOKEN_LIFETIME: u64 = 60 * 60 * 6;
+
+/// Minimum password length
+pub const PASSWORD_MIN_LENGTH: usize = 3;
--- a/src/controllers/account_controller.rs
+++ b/src/controllers/account_controller.rs
@@ -178,4 +178,11 @@ pub fn reset_user_password(r: &mut HttpRequestHandler) -> RequestResult {
    account_helper::destroy_password_reset_token_for_user(&user_id)?;

    r.success("Password changed!")
+}
+
+/// Export account's data
+pub fn export_data(r: &mut HttpRequestHandler) -> RequestResult {
+    r.need_user_password("password")?;
+
+    r.success("Go on")
 }
--- a/src/controllers/routes.rs
+++ b/src/controllers/routes.rs
@@ -81,6 +81,7 @@ pub fn get_routes() -> Vec<Route> {
        Route::post_without_login("/account/check_security_answers", Box::new(account_controller::check_security_answers)),
        Route::post_without_login("/account/check_password_reset_token", Box::new(account_controller::check_password_reset_token)),
        Route::post_without_login("/account/reset_user_passwd", Box::new(account_controller::reset_user_password)),
+        Route::post("/account/export_data", Box::new(account_controller::export_data)),

        // User controller
        Route::post_without_login("/user/getInfo", Box::new(user_controller::get_single)),
--- a/src/data/http_request_handler.rs
+++ b/src/data/http_request_handler.rs
@@ -25,6 +25,7 @@ use crate::utils::pdf_utils::is_valid_pdf;
 use crate::utils::string_utils::{check_string_before_insert, check_url, remove_html_nodes};
 use crate::utils::user_data_utils::{generate_new_user_data_file_name, prepare_file_creation, user_data_path};
 use crate::utils::virtual_directories_utils::check_virtual_directory;
+use crate::constants::PASSWORD_MIN_LENGTH;

 /// Http request handler
 ///
@@ -659,4 +660,15 @@ impl HttpRequestHandler {

        Ok(remove_html_nodes(&content))
    }
+
+    /// Check the password of the current user
+    pub fn need_user_password(&mut self, field: &str) ->ResultBoxError {
+        let password = self.post_string_opt(field, PASSWORD_MIN_LENGTH, true)?;
+
+        if !account_helper::check_user_password(self.user_id_ref()?, &password)? {
+            self.forbidden("Invalid password!".to_string())?;
+        }
+
+        Ok(())
+    }
 }
--- a/src/helpers/account_helper.rs
+++ b/src/helpers/account_helper.rs
@@ -146,6 +146,17 @@ pub fn get_user_id_from_password_reset_token(token: &str) -> ResultBoxError<User
        .query_row(|r| r.get_user_id("ID"))
 }

+/// Check current user's password
+pub fn check_user_password(user_id: &UserID, password: &str) -> ResultBoxError<bool> {
+    let crypt_pass = crypt_pass(password)?;
+
+    database::QueryInfo::new(USERS_TABLE)
+        .cond_user_id("ID", user_id)
+        .cond("password", &crypt_pass)
+        .exec_count()
+        .map(|r| r > 0)
+}
+
 /// Change the password of a user
 pub fn change_password(user_id: &UserID, new_password: &String) -> ResultBoxError {
    database::UpdateInfo::new(USERS_TABLE)