about summary refs log tree commit diff
path: root/kittybox-rs/src
diff options
context:
space:
mode:
authorVika <vika@fireburn.ru>2022-07-10 14:54:47 +0300
committerVika <vika@fireburn.ru>2022-07-10 14:54:47 +0300
commit3caf10aa266db7d71dd52614915ae46a5f133fef (patch)
treefb9ce9a2b3f578cfe6935b0da672edbd6a66c43a /kittybox-rs/src
parent3a7af37527c7752b42d518ec719a479254d6ba96 (diff)
downloadkittybox-3caf10aa266db7d71dd52614915ae46a5f133fef.tar.zst
micropub: handle invalid/empty query properly
On query parsing error, this will return a MicropubError.
Diffstat (limited to 'kittybox-rs/src')
-rw-r--r--kittybox-rs/src/micropub/mod.rs22
1 files changed, 16 insertions, 6 deletions
diff --git a/kittybox-rs/src/micropub/mod.rs b/kittybox-rs/src/micropub/mod.rs
index 1d81505..3328597 100644
--- a/kittybox-rs/src/micropub/mod.rs
+++ b/kittybox-rs/src/micropub/mod.rs
@@ -225,8 +225,7 @@ pub(crate) async fn _post<D: 'static + Storage>(
     http: reqwest::Client,
 ) -> Result<Response, MicropubError> {
     // Here, we have the following guarantees:
-    // - The user is the same user for this host (guaranteed by ensure_same_user)
-    // - The MF2-JSON document is normalized (guaranteed by normalize_mf2)\
+    // - The MF2-JSON document is normalized (guaranteed by normalize_mf2)
     //   - The MF2-JSON document contains a UID
     //   - The MF2-JSON document's URL list contains its UID
     //   - The MF2-JSON document's "content" field contains an HTML blob, if present
@@ -300,7 +299,7 @@ pub(crate) async fn _post<D: 'static + Storage>(
     }
 
     let reply =
-        IntoResponse::into_response((StatusCode::ACCEPTED, [("Location", uid.as_str())], ()));
+        IntoResponse::into_response((StatusCode::ACCEPTED, [("Location", uid.as_str())]));
 
     tokio::task::spawn(background_processing(db, mf2, http));
 
@@ -492,11 +491,22 @@ pub async fn post<D: Storage + 'static>(
     }
 }
 
+#[tracing::instrument(skip(db))]
 pub async fn query<D: Storage>(
     Extension(db): Extension<D>,
-    Query(query): Query<MicropubQuery>,
+    query: Option<Query<MicropubQuery>>,
     user: User,
 ) -> axum::response::Response {
+    // We handle the invalid query case manually to return a
+    // MicropubError instead of HTTP 422
+    if query.is_none() {
+        return MicropubError::new(
+            ErrorType::InvalidRequest,
+            "Invalid query provided. Try ?q=config to see what you can do."
+        ).into_response();
+    }
+    let query: MicropubQuery = query.unwrap().0;
+
     let host = axum::http::Uri::try_from(user.me.as_str())
         .unwrap()
         .authority()
@@ -739,9 +749,9 @@ mod tests {
     async fn test_query_foreign_url() {
         let mut res = super::query(
             axum::Extension(crate::database::MemoryStorage::new()),
-            axum::extract::Query(super::MicropubQuery::source(
+            Some(axum::extract::Query(super::MicropubQuery::source(
                 "https://aaronparecki.com/feeds/main",
-            )),
+            ))),
             User::new(
                 "https://fireburn.ru/",
                 "https://quill.p3k.io/",