Start to implement data export

src/constants.rs

@@ -88,4 +88,7 @@ pub const MAXIMUM_NUMBER_SURVEY_CHOICES: usize = 20;
 pub const PASSWORD_RESET_TOKEN_LENGTH: usize = 255;
 
 /// Duration of the validity of a password reset token (6 hours)
-pub const PASSWORD_RESET_TOKEN_LIFETIME: u64 = 60 * 60 * 6;
+pub const PASSWORD_RESET_TOKEN_LIFETIME: u64 = 60 * 60 * 6;
+
+/// Minimum password length
+pub const PASSWORD_MIN_LENGTH: usize = 3;

src/controllers/account_controller.rs

@@ -178,4 +178,11 @@ pub fn reset_user_password(r: &mut HttpRequestHandler) -> RequestResult {
     account_helper::destroy_password_reset_token_for_user(&user_id)?;
 
     r.success("Password changed!")
+}
+
+/// Export account's data
+pub fn export_data(r: &mut HttpRequestHandler) -> RequestResult {
+    r.need_user_password("password")?;
+
+    r.success("Go on")
 }

src/controllers/routes.rs

@@ -81,6 +81,7 @@ pub fn get_routes() -> Vec<Route> {
         Route::post_without_login("/account/check_security_answers", Box::new(account_controller::check_security_answers)),
         Route::post_without_login("/account/check_password_reset_token", Box::new(account_controller::check_password_reset_token)),
         Route::post_without_login("/account/reset_user_passwd", Box::new(account_controller::reset_user_password)),
+        Route::post("/account/export_data", Box::new(account_controller::export_data)),
 
         // User controller
         Route::post_without_login("/user/getInfo", Box::new(user_controller::get_single)),

src/data/http_request_handler.rs

@@ -25,6 +25,7 @@ use crate::utils::pdf_utils::is_valid_pdf;
 use crate::utils::string_utils::{check_string_before_insert, check_url, remove_html_nodes};
 use crate::utils::user_data_utils::{generate_new_user_data_file_name, prepare_file_creation, user_data_path};
 use crate::utils::virtual_directories_utils::check_virtual_directory;
+use crate::constants::PASSWORD_MIN_LENGTH;
 
 /// Http request handler
 ///
@@ -659,4 +660,15 @@ impl HttpRequestHandler {
 
         Ok(remove_html_nodes(&content))
     }
+
+    /// Check the password of the current user
+    pub fn need_user_password(&mut self, field: &str) ->ResultBoxError {
+        let password = self.post_string_opt(field, PASSWORD_MIN_LENGTH, true)?;
+
+        if !account_helper::check_user_password(self.user_id_ref()?, &password)? {
+            self.forbidden("Invalid password!".to_string())?;
+        }
+
+        Ok(())
+    }
 }

src/helpers/account_helper.rs

@@ -146,6 +146,17 @@ pub fn get_user_id_from_password_reset_token(token: &str) -> ResultBoxError<User
         .query_row(|r| r.get_user_id("ID"))
 }
 
+/// Check current user's password
+pub fn check_user_password(user_id: &UserID, password: &str) -> ResultBoxError<bool> {
+    let crypt_pass = crypt_pass(password)?;
+
+    database::QueryInfo::new(USERS_TABLE)
+        .cond_user_id("ID", user_id)
+        .cond("password", &crypt_pass)
+        .exec_count()
+        .map(|r| r > 0)
+}
+
 /// Change the password of a user
 pub fn change_password(user_id: &UserID, new_password: &String) -> ResultBoxError {
     database::UpdateInfo::new(USERS_TABLE)