t/fluffle
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add: modify codes

Browse source
This commit is contained in:
trisua 2025-07-26 01:01:45 -04:00
parent 6c9a4cbd77
commit c7bc6bb475
5 changed files with 131 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Cargo.lock generated
View file

@ -607,7 +607,7 @@ dependencies = [
[[package]] [[package]]
name = "fluffle" name = "fluffle"
version = "0.2.1" version = "0.3.0"
dependencies = [ dependencies = [
"axum", "axum",
"axum-extra", "axum-extra",

2
Cargo.toml
View file

@ -1,6 +1,6 @@
[package] [package]
name = "fluffle" name = "fluffle"
version = "0.2.1" version = "0.3.0"
edition = "2024" edition = "2024"
authors = ["trisuaso"] authors = ["trisuaso"]
repository = "https://trisua.com/t/fluffle" repository = "https://trisua.com/t/fluffle"

13
app/templates_src/edit.lisp
View file

@ -43,7 +43,7 @@
("style" "margin-top: var(--pad-2)") ("style" "margin-top: var(--pad-2)")
("onsubmit" "edit_entry(event)") ("onsubmit" "edit_entry(event)")
(div (div
("class" "flex gap-2") ("class" "w-full flex gap-2")
(input (input
("class" "w-full") ("class" "w-full")
("type" "text") ("type" "text")
@ -51,12 +51,22 @@
("name" "edit_code") ("name" "edit_code")
("required" "") ("required" "")
("placeholder" "Enter edit code")) ("placeholder" "Enter edit code"))
(input ("class" "w-full") ("style" "visibility: hidden") ("aria-hidden" "true") ("disabled" "true"))
(input ("class" "w-full") ("style" "visibility: hidden") ("aria-hidden" "true") ("disabled" "true")))
(div
("class" "flex gap-2")
(input (input
("class" "w-full") ("class" "w-full")
("type" "text") ("type" "text")
("minlength" "2") ("minlength" "2")
("name" "new_edit_code") ("name" "new_edit_code")
("placeholder" "New edit code")) ("placeholder" "New edit code"))
(input
("class" "w-full")
("type" "text")
("minlength" "2")
("name" "new_modify_code")
("placeholder" "New modify code"))
(input (input
("class" "w-full") ("class" "w-full")
("type" "text") ("type" "text")
@ -116,6 +126,7 @@
edit_code: e.target.edit_code.value, edit_code: e.target.edit_code.value,
new_slug: e.target.new_slug.value || undefined, new_slug: e.target.new_slug.value || undefined,
new_edit_code: e.target.new_edit_code.value || undefined, new_edit_code: e.target.new_edit_code.value || undefined,
new_modify_code: e.target.new_modify_code.value || undefined,
metadata: globalThis.metadata_editor.getValue(), metadata: globalThis.metadata_editor.getValue(),
\"delete\": rm, \"delete\": rm,
}), }),

3
src/model.rs
View file

@ -16,6 +16,9 @@ pub struct Entry {
/// The IP address of the last editor of the entry. /// The IP address of the last editor of the entry.
#[serde(default)] #[serde(default)]
pub last_edit_from: String, pub last_edit_from: String,
/// An edit code that can only be used to change the entry's content.
#[serde(default)]
pub modify_code: String,
} }
#[derive(Serialize, Deserialize, PartialEq, Eq)] #[derive(Serialize, Deserialize, PartialEq, Eq)]

27
src/routes.rs
View file

@ -492,6 +492,7 @@ async fn create_request(
content: req.content, content: req.content,
metadata: req.metadata, metadata: req.metadata,
last_edit_from: real_ip, last_edit_from: real_ip,
modify_code: String::new(),
}) })
.unwrap(), .unwrap(),
) )
@ -533,6 +534,8 @@ struct EditEntry {
#[serde(default)] #[serde(default)]
new_edit_code: Option<String>, new_edit_code: Option<String>,
#[serde(default)] #[serde(default)]
new_modify_code: Option<String>,
#[serde(default)]
metadata: String, metadata: String,
#[serde(default)] #[serde(default)]
delete: bool, delete: bool,
@ -601,11 +604,22 @@ async fn edit_request(
Err(e) => return Json(e.into()), Err(e) => return Json(e.into()),
}; };
let edit_code = hash(req.edit_code.clone() + &entry.salt);
let using_modify_code = edit_code == entry.modify_code;
// check edit code // check edit code
if hash(req.edit_code.clone() + &entry.salt) != entry.edit_code { if edit_code
!= *if using_modify_code {
&entry.modify_code
} else {
&entry.edit_code
}
{
return Json(Error::NotAllowed.into()); return Json(Error::NotAllowed.into());
} }
// ...
if !using_modify_code {
// handle delete // handle delete
if req.delete { if req.delete {
let views_id = match data let views_id = match data
@ -705,11 +719,20 @@ async fn edit_request(
entry.edit_code = hash(new_edit_code + &entry.salt); entry.edit_code = hash(new_edit_code + &entry.salt);
} }
// update modify code
if let Some(new_modify_code) = req.new_modify_code {
entry.modify_code = hash(new_modify_code + &entry.salt);
}
}
// update // update
entry.content = req.content; entry.content = req.content;
entry.edited = unix_epoch_timestamp();
if !using_modify_code {
entry.metadata = req.metadata; entry.metadata = req.metadata;
entry.last_edit_from = real_ip; entry.last_edit_from = real_ip;
entry.edited = unix_epoch_timestamp(); }
if let Err(e) = data if let Err(e) = data
.update(id, serde_json::to_string(&entry).unwrap()) .update(id, serde_json::to_string(&entry).unwrap())