1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
use actix_web::HttpResponse;
use actix_web::{get, web, HttpRequest, Responder};

use super::base;
use askama::Template;

use crate::db::{self, AppData, FullPaste, Paste, PasteMetadata};
use crate::pages::paste_view;

#[derive(Template)]
#[template(path = "paste/settings.html")]
struct PasteSettingsTemplate {
    paste: Paste<PasteMetadata>,
    metadata: String,
    // required fields (super::base)
    info: String,
    auth_state: bool,
    guppy: String,
    site_name: String,
    body_embed: String,
}

#[derive(Template)]
#[template(path = "user/settings.html")]
struct UserSettingsTemplate {
    // required fields (super::base)
    info: String,
    auth_state: bool,
    guppy: String,
    site_name: String,
    body_embed: String,
}

#[get("/dashboard/settings")]
/// Available at "/dashboard/settings"
pub async fn user_settings_request(req: HttpRequest, data: web::Data<AppData>) -> impl Responder {
    // verify auth status
    let (set_cookie, _, token_user) = base::check_auth_status(req.clone(), data.clone()).await;

    // ...
    let base = base::get_base_values(token_user.is_some());
    return HttpResponse::Ok()
        .append_header(("Set-Cookie", set_cookie))
        .append_header(("Content-Type", "text/html"))
        .body(
            UserSettingsTemplate {
                // required fields
                info: base.info,
                auth_state: base.auth_state,
                guppy: base.guppy,
                site_name: base.site_name,
                body_embed: base.body_embed,
            }
            .render()
            .unwrap(),
        );
}

#[get("/dashboard/settings/paste/{url:.*}")]
/// Available at "/dashboard/settings/paste/{custom_url}"
pub async fn paste_settings_request(
    req: HttpRequest,
    data: web::Data<AppData>,
    info: web::Query<paste_view::PasteViewProps>,
) -> impl Responder {
    // get paste
    let url: String = req.match_info().get("url").unwrap().to_string();

    let paste: db::DefaultReturn<Option<FullPaste<PasteMetadata, String>>> =
        data.db.get_paste_by_url(url).await;

    if paste.success == false {
        return HttpResponse::NotFound().body(paste.message);
    }

    // verify auth status
    let (set_cookie, _, token_user) = base::check_auth_status(req.clone(), data.clone()).await;

    // ...
    let unwrap = paste.payload.clone().unwrap();
    let metadata = &unwrap.paste.metadata;

    // handle view password
    match metadata.view_password {
        Some(ref view_password) => {
            // show password prompt
            if info.view.is_none() && view_password != "off" {
                if view_password.starts_with("LOCKED(USER_BANNED)-") {
                    return HttpResponse::NotFound()
                        .body("Failed to view paste (LOCKED: OWNER BANNED)");
                }

                let base = base::get_base_values(token_user.is_some());
                return HttpResponse::Ok()
                    .append_header(("Set-Cookie", ""))
                    .append_header(("Content-Type", "text/html"))
                    .body(
                        super::paste_view::PasswordAskTemplate {
                            custom_url: unwrap.clone().paste.custom_url,
                            // required fields
                            info: base.info,
                            auth_state: base.auth_state,
                            guppy: base.guppy,
                            // deducktive: base.deducktive,
                            site_name: base.site_name,
                            body_embed: base.body_embed,
                        }
                        .render()
                        .unwrap(),
                    );
            }
            // check given password
            else if info.view.is_some()
                && (&info.view.as_ref().unwrap() != &metadata.view_password.as_ref().unwrap())
            {
                return HttpResponse::NotFound()
                    .body("You do not have permission to view this paste's contents.");
            }
        }
        None => (),
    }

    // ...
    let base = base::get_base_values(token_user.is_some());
    return HttpResponse::Ok()
        .append_header(("Set-Cookie", set_cookie))
        .append_header(("Content-Type", "text/html"))
        .body(
            PasteSettingsTemplate {
                paste: paste.payload.clone().unwrap().paste,
                metadata: serde_json::to_string::<PasteMetadata>(metadata)
                    .unwrap()
                    .replace("/", "\\/"),
                // required fields
                info: base.info,
                auth_state: base.auth_state,
                guppy: base.guppy,
                site_name: base.site_name,
                body_embed: base.body_embed,
            }
            .render()
            .unwrap(),
        );
}