1
0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2024-11-26 15:29:21 +00:00

Start to implement data export

This commit is contained in:
Pierre HUBERT 2020-07-13 18:56:36 +02:00
parent ded88474d5
commit f21636aa4e
5 changed files with 35 additions and 1 deletions

View File

@ -88,4 +88,7 @@ pub const MAXIMUM_NUMBER_SURVEY_CHOICES: usize = 20;
pub const PASSWORD_RESET_TOKEN_LENGTH: usize = 255;
/// Duration of the validity of a password reset token (6 hours)
pub const PASSWORD_RESET_TOKEN_LIFETIME: u64 = 60 * 60 * 6;
pub const PASSWORD_RESET_TOKEN_LIFETIME: u64 = 60 * 60 * 6;
/// Minimum password length
pub const PASSWORD_MIN_LENGTH: usize = 3;

View File

@ -178,4 +178,11 @@ pub fn reset_user_password(r: &mut HttpRequestHandler) -> RequestResult {
account_helper::destroy_password_reset_token_for_user(&user_id)?;
r.success("Password changed!")
}
/// Export account's data
pub fn export_data(r: &mut HttpRequestHandler) -> RequestResult {
r.need_user_password("password")?;
r.success("Go on")
}

View File

@ -81,6 +81,7 @@ pub fn get_routes() -> Vec<Route> {
Route::post_without_login("/account/check_security_answers", Box::new(account_controller::check_security_answers)),
Route::post_without_login("/account/check_password_reset_token", Box::new(account_controller::check_password_reset_token)),
Route::post_without_login("/account/reset_user_passwd", Box::new(account_controller::reset_user_password)),
Route::post("/account/export_data", Box::new(account_controller::export_data)),
// User controller
Route::post_without_login("/user/getInfo", Box::new(user_controller::get_single)),

View File

@ -25,6 +25,7 @@ use crate::utils::pdf_utils::is_valid_pdf;
use crate::utils::string_utils::{check_string_before_insert, check_url, remove_html_nodes};
use crate::utils::user_data_utils::{generate_new_user_data_file_name, prepare_file_creation, user_data_path};
use crate::utils::virtual_directories_utils::check_virtual_directory;
use crate::constants::PASSWORD_MIN_LENGTH;
/// Http request handler
///
@ -659,4 +660,15 @@ impl HttpRequestHandler {
Ok(remove_html_nodes(&content))
}
/// Check the password of the current user
pub fn need_user_password(&mut self, field: &str) ->ResultBoxError {
let password = self.post_string_opt(field, PASSWORD_MIN_LENGTH, true)?;
if !account_helper::check_user_password(self.user_id_ref()?, &password)? {
self.forbidden("Invalid password!".to_string())?;
}
Ok(())
}
}

View File

@ -146,6 +146,17 @@ pub fn get_user_id_from_password_reset_token(token: &str) -> ResultBoxError<User
.query_row(|r| r.get_user_id("ID"))
}
/// Check current user's password
pub fn check_user_password(user_id: &UserID, password: &str) -> ResultBoxError<bool> {
let crypt_pass = crypt_pass(password)?;
database::QueryInfo::new(USERS_TABLE)
.cond_user_id("ID", user_id)
.cond("password", &crypt_pass)
.exec_count()
.map(|r| r > 0)
}
/// Change the password of a user
pub fn change_password(user_id: &UserID, new_password: &String) -> ResultBoxError {
database::UpdateInfo::new(USERS_TABLE)