magmaus3/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

slightly cleanup and simplify client /report endpoint

Browse source 
Signed-off-by: strawberry <strawberry@puppygock.gay>
This commit is contained in:
strawberry 2024-08-31 12:51:24 -04:00
parent 5dbb868936
commit bfb10cda26
1 changed files with 23 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

48
src/api/client/report.rs
View file

@ -31,6 +31,8 @@ pub(crate) async fn report_event_route(
body.room_id, body.event_id body.room_id, body.event_id
); );
delay_response().await;
// check if we know about the reported event ID or if it's invalid // check if we know about the reported event ID or if it's invalid
let Some(pdu) = services.rooms.timeline.get_pdu(&body.event_id)? else { let Some(pdu) = services.rooms.timeline.get_pdu(&body.event_id)? else {
return Err(Error::BadRequest( return Err(Error::BadRequest(
@ -81,21 +83,19 @@ pub(crate) async fn report_event_route(
)) ))
.await; .await;
delay_response().await?;
Ok(report_content::v3::Response {}) Ok(report_content::v3::Response {})
} }
/// in the following order: /// in the following order:
/// ///
/// check if the room ID from the URI matches the PDU's room ID /// check if the room ID from the URI matches the PDU's room ID
/// check if reporting user is in the reporting room
/// check if score is in valid range /// check if score is in valid range
/// check if report reasoning is less than or equal to 750 characters /// check if report reasoning is less than or equal to 750 characters
/// check if reporting user is in the reporting room
fn is_report_valid( fn is_report_valid(
services: &Services, event_id: &EventId, room_id: &RoomId, sender_user: &UserId, reason: &Option<String>, services: &Services, event_id: &EventId, room_id: &RoomId, sender_user: &UserId, reason: &Option<String>,
score: Option<ruma::Int>, pdu: &std::sync::Arc<PduEvent>, score: Option<ruma::Int>, pdu: &std::sync::Arc<PduEvent>,
) -> Result<bool> { ) -> Result<()> {
debug_info!("Checking if report from user {sender_user} for event {event_id} in room {room_id} is valid"); debug_info!("Checking if report from user {sender_user} for event {event_id} in room {room_id} is valid");
if room_id != pdu.room_id { if room_id != pdu.room_id {
@ -105,10 +105,24 @@ fn is_report_valid(
)); ));
} }
if score.is_some_and(|s| s > int!(0) || s < int!(-100)) {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Invalid score, must be within 0 to -100",
));
};
if reason.as_ref().is_some_and(|s| s.len() > 750) {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Reason too long, should be 750 characters or fewer",
));
};
if !services if !services
.rooms .rooms
.state_cache .state_cache
.room_members(&pdu.room_id) .room_members(room_id)
.filter_map(Result::ok) .filter_map(Result::ok)
.any(|user_id| user_id == *sender_user) .any(|user_id| user_id == *sender_user)
{ {
@ -118,30 +132,14 @@ fn is_report_valid(
)); ));
} }
if score.map(|s| s > int!(0) || s < int!(-100)) == Some(true) { Ok(())
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Invalid score, must be within 0 to -100",
));
};
if reason.clone().map(|s| s.len() >= 750) == Some(true) {
return Err(Error::BadRequest(
ErrorKind::InvalidParam,
"Reason too long, should be 750 characters or fewer",
));
};
Ok(true)
} }
/// even though this is kinda security by obscurity, let's still make a small /// even though this is kinda security by obscurity, let's still make a small
/// random delay sending a successful response per spec suggestion regarding /// random delay sending a response per spec suggestion regarding
/// enumerating for potential events existing in our server. /// enumerating for potential events existing in our server.
async fn delay_response() -> Result<()> { async fn delay_response() {
let time_to_wait = rand::thread_rng().gen_range(8..21); let time_to_wait = rand::thread_rng().gen_range(3..10);
debug_info!("Got successful /report request, waiting {time_to_wait} seconds before sending successful response."); debug_info!("Got successful /report request, waiting {time_to_wait} seconds before sending successful response.");
sleep(Duration::from_secs(time_to_wait)).await; sleep(Duration::from_secs(time_to_wait)).await;
Ok(())
} }