Add file mime type check & switch usercard errors to modal

This commit is contained in:
Marco Realacci 2022-12-12 22:53:34 +01:00
parent 4cad313aaa
commit 6840c34d7b
3 changed files with 56 additions and 13 deletions

View file

@ -4,10 +4,11 @@ package main
import ( import (
"fmt" "fmt"
"github.com/notherealmarco/WASAPhoto/webui"
"io/fs" "io/fs"
"net/http" "net/http"
"strings" "strings"
"github.com/notherealmarco/WASAPhoto/webui"
) )
func registerWebUI(hdl http.Handler) (http.Handler, error) { func registerWebUI(hdl http.Handler) (http.Handler, error) {
@ -20,6 +21,10 @@ func registerWebUI(hdl http.Handler) (http.Handler, error) {
if strings.HasPrefix(r.RequestURI, "/dashboard/") { if strings.HasPrefix(r.RequestURI, "/dashboard/") {
http.StripPrefix("/dashboard/", http.FileServer(http.FS(distDirectory))).ServeHTTP(w, r) http.StripPrefix("/dashboard/", http.FileServer(http.FS(distDirectory))).ServeHTTP(w, r)
return return
} else if r.RequestURI == "/" {
// Redirect to dashboard
http.Redirect(w, r, "/dashboard/", http.StatusTemporaryRedirect)
return
} }
hdl.ServeHTTP(w, r) hdl.ServeHTTP(w, r)
}), nil }), nil

View file

@ -6,6 +6,7 @@ import (
"os" "os"
"path/filepath" "path/filepath"
"strconv" "strconv"
"strings"
"github.com/julienschmidt/httprouter" "github.com/julienschmidt/httprouter"
"github.com/notherealmarco/WASAPhoto/service/api/authorization" "github.com/notherealmarco/WASAPhoto/service/api/authorization"
@ -39,23 +40,39 @@ func (rt *_router) PostPhoto(w http.ResponseWriter, r *http.Request, ps httprout
return return
} }
file, err := os.Create(path) /*file, err := os.Create(path)
if err != nil { if err != nil {
helpers.SendInternalError(err, "Error creating file", w, rt.baseLogger) helpers.SendInternalError(err, "Error creating file", w, rt.baseLogger)
helpers.RollbackOrLogError(transaction, rt.baseLogger) helpers.RollbackOrLogError(transaction, rt.baseLogger)
return return
}*/
bytes, err := io.ReadAll(r.Body)
if err != nil {
helpers.SendInternalError(err, "Error checking the file", w, rt.baseLogger)
helpers.RollbackOrLogError(transaction, rt.baseLogger)
return
} }
if _, err = io.Copy(file, r.Body); err != nil { mimeType := http.DetectContentType(bytes)
if !strings.HasPrefix(mimeType, "image/") {
helpers.SendStatus(http.StatusBadRequest, w, mimeType+" file is not a valid image", rt.baseLogger)
helpers.RollbackOrLogError(transaction, rt.baseLogger)
return
}
if err = os.WriteFile(path, bytes, 0644); err != nil {
helpers.SendInternalError(err, "Error writing the file", w, rt.baseLogger) helpers.SendInternalError(err, "Error writing the file", w, rt.baseLogger)
helpers.RollbackOrLogError(transaction, rt.baseLogger) helpers.RollbackOrLogError(transaction, rt.baseLogger)
return return
} }
if err = file.Close(); err != nil { /*if err = file.Close(); err != nil {
helpers.SendInternalError(err, "Error closing file", w, rt.baseLogger) helpers.SendInternalError(err, "Error closing file", w, rt.baseLogger)
helpers.RollbackOrLogError(transaction, rt.baseLogger) helpers.RollbackOrLogError(transaction, rt.baseLogger)
} }*/
err = transaction.Commit() err = transaction.Commit()

View file

@ -20,9 +20,17 @@ export default {
show_username_form: false, show_username_form: false,
newUsername: "", newUsername: "",
upload_file: null, upload_file: null,
modalTitle: "",
modalMsg: "",
} }
}, },
methods: { methods: {
playModal(title, msg) {
this.modalTitle = title
this.modalMsg = msg
this.$refs.openModal.click()
},
logout() { logout() {
localStorage.removeItem("token"); localStorage.removeItem("token");
sessionStorage.removeItem("token"); sessionStorage.removeItem("token");
@ -37,7 +45,7 @@ export default {
this.user_followed = true this.user_followed = true
this.$emit('updateInfo') this.$emit('updateInfo')
}) })
.catch(error => alert(error.toString())); .catch(error => this.playModal("Error", error.toString()));
}, },
unfollow() { unfollow() {
this.$axios.delete("/users/" + this.user_id + "/followers/" + getCurrentSession()) this.$axios.delete("/users/" + this.user_id + "/followers/" + getCurrentSession())
@ -45,7 +53,7 @@ export default {
this.user_followed = false this.user_followed = false
this.$emit('updateInfo') this.$emit('updateInfo')
}) })
.catch(error => alert(error.toString())); .catch(error => this.playModal("Error", error.toString()));
}, },
ban() { ban() {
this.$axios.put("/users/" + getCurrentSession() + "/bans/" + this.user_id) this.$axios.put("/users/" + getCurrentSession() + "/bans/" + this.user_id)
@ -53,7 +61,7 @@ export default {
this.user_banned = true this.user_banned = true
this.$emit('updateInfo') this.$emit('updateInfo')
}) })
.catch(error => alert(error.toString())); .catch(error => this.playModal("Error", error.toString()));
}, },
unban() { unban() {
this.$axios.delete("/users/" + getCurrentSession() + "/bans/" + this.user_id) this.$axios.delete("/users/" + getCurrentSession() + "/bans/" + this.user_id)
@ -61,7 +69,7 @@ export default {
this.user_banned = false this.user_banned = false
this.$emit('updateInfo') this.$emit('updateInfo')
}) })
.catch(error => alert(error.toString())); .catch(error => this.playModal("Error", error.toString()));
}, },
load_file(e) { load_file(e) {
let files = e.target.files || e.dataTransfer.files; let files = e.target.files || e.dataTransfer.files;
@ -74,7 +82,16 @@ export default {
this.show_post_form = false this.show_post_form = false
this.$emit('updatePosts') this.$emit('updatePosts')
}) })
.catch(error => alert(error.toString())); .catch(error => {
if (error.response.status != null && error.response.data != null) {
this.modalTitle = "Error"
this.modalMsg = error.response.data
this.$refs.openModal.click()
} else {
this.playModal("Error", error.toString())
}
this.playModal("Error", error.toString())
});
}, },
updateUsername() { updateUsername() {
this.$axios.put("/users/" + getCurrentSession() + "/username", {name: this.newUsername}) this.$axios.put("/users/" + getCurrentSession() + "/username", {name: this.newUsername})
@ -85,9 +102,11 @@ export default {
}) })
.catch(error => { .catch(error => {
if (error.response.status == 409) { if (error.response.status == 409) {
this.modalTitle = "Error"
this.modalMsg = "The chosen username is already taken."
this.$refs.openModal.click() this.$refs.openModal.click()
} else { } else {
alert(error.toString()) this.playModal("Error", error.toString())
} }
}); });
}, },
@ -97,6 +116,10 @@ export default {
} }
</script> </script>
<template> <template>
<button ref="openModal" type="button" class="btn btn-primary" style="display: none" data-bs-toggle="modal" data-bs-target="#modal" />
<Modal :title="modalTitle" :message="modalMsg" />
<div class="card mb-3"> <div class="card mb-3">
<div class="container"> <div class="container">
<div class="row"> <div class="row">
@ -143,8 +166,6 @@ export default {
</div> </div>
</div> </div>
<div class="row" v-if="show_username_form"> <div class="row" v-if="show_username_form">
<button ref="openModal" type="button" class="btn btn-primary" style="display: none" data-bs-toggle="modal" data-bs-target="#modal" />
<Modal title="Error" message="The chosen username is already taken" />
<div class="col-10"> <div class="col-10">
<div class="card-body h-100 d-flex align-items-center"> <div class="card-body h-100 d-flex align-items-center">
<input v-model="newUsername" class="form-control form-control-lg" id="formUsername" placeholder="Your new fantastic username! 😜" /> <input v-model="newUsername" class="form-control form-control-lg" id="formUsername" placeholder="Your new fantastic username! 😜" />