Skip to content
This repository has been archived by the owner on Oct 19, 2024. It is now read-only.

Commit

Permalink
Fix comp err
Browse files Browse the repository at this point in the history
  • Loading branch information
@Geometrically
Geometrically committed Nov 24, 2023
1 parent 2302b63 commit 84e4209
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 176 deletions.
175 changes: 0 additions & 175 deletions src/routes/v3/admin.rs
View file
Original file line number Diff line number Diff line change
@@ -1,23 +1,17 @@
use crate::auth::validate::get_user_record_from_bearer_token;
use crate::database::models::User;
use crate::database::redis::RedisPool;
use crate::models::analytics::Download;
use crate::models::ids::ProjectId;
use crate::models::pats::Scopes;
use crate::models::users::{PayoutStatus, RecipientStatus};
use crate::queue::analytics::AnalyticsQueue;
use crate::queue::maxmind::MaxMindIndexer;
use crate::queue::session::AuthQueue;
use crate::routes::ApiError;
use crate::search::SearchConfig;
use crate::util::date::get_current_tenths_of_ms;
use crate::util::guards::admin_key_guard;
use crate::util::routes::read_from_payload;
use actix_web::{patch, post, web, HttpRequest, HttpResponse};
use hex::ToHex;
use hmac::{Hmac, Mac, NewMac};
use serde::Deserialize;
use sha2::Sha256;
use sqlx::PgPool;
use std::collections::HashMap;
use std::net::Ipv4Addr;
Expand All @@ -28,7 +22,6 @@ pub fn config(cfg: &mut web::ServiceConfig) {
cfg.service(
web::scope("admin")
.service(count_download)
.service(trolley_webhook)
.service(force_reindex),
);
}
Expand Down Expand Up @@ -143,174 +136,6 @@ pub async fn count_download(
Ok(HttpResponse::NoContent().body(""))
}

#[derive(Deserialize)]
pub struct TrolleyWebhook {
model: String,
action: String,
body: HashMap<String, serde_json::Value>,
}

#[post("/_trolley")]
#[allow(clippy::too_many_arguments)]
pub async fn trolley_webhook(
req: HttpRequest,
pool: web::Data<PgPool>,
redis: web::Data<RedisPool>,
mut payload: web::Payload,
) -> Result<HttpResponse, ApiError> {
if let Some(signature) = req.headers().get("X-PaymentRails-Signature") {
let payload = read_from_payload(
&mut payload,
1 << 20,
"Webhook payload exceeds the maximum of 1MiB.",
)
.await?;

let mut signature = signature.to_str().ok().unwrap_or_default().split(',');
let timestamp = signature
.next()
.and_then(|x| x.split('=').nth(1))
.unwrap_or_default();
let v1 = signature
.next()
.and_then(|x| x.split('=').nth(1))
.unwrap_or_default();

let mut mac: Hmac<Sha256> =
Hmac::new_from_slice(dotenvy::var("TROLLEY_WEBHOOK_SIGNATURE")?.as_bytes())
.map_err(|_| ApiError::Payments("error initializing HMAC".to_string()))?;
mac.update(timestamp.as_bytes());
mac.update(&payload);
let request_signature = mac.finalize().into_bytes().encode_hex::<String>();

if &*request_signature == v1 {
let webhook = serde_json::from_slice::<TrolleyWebhook>(&payload)?;

if webhook.model == "recipient" {
#[derive(Deserialize)]
struct Recipient {
pub id: String,
pub email: Option<String>,
pub status: Option<RecipientStatus>,
}

if let Some(body) = webhook.body.get("recipient") {
if let Ok(recipient) = serde_json::from_value::<Recipient>(body.clone()) {
let value = sqlx::query!(
"SELECT id FROM users WHERE trolley_id = $1",
recipient.id
)
.fetch_optional(&**pool)
.await?;

if let Some(user) = value {
let user = User::get_id(
crate::database::models::UserId(user.id),
&**pool,
&redis,
)
.await?;

if let Some(user) = user {
let mut transaction = pool.begin().await?;

if webhook.action == "deleted" {
sqlx::query!(
"
UPDATE users
SET trolley_account_status = NULL, trolley_id = NULL
WHERE id = $1
",
user.id.0
)
.execute(&mut *transaction)
.await?;
} else {
sqlx::query!(
"
UPDATE users
SET email = $1, email_verified = $2, trolley_account_status = $3
WHERE id = $4
",
recipient.email.clone(),
user.email_verified && recipient.email == user.email,
recipient.status.map(|x| x.as_str()),
user.id.0
)
.execute(&mut *transaction).await?;
}

transaction.commit().await?;
User::clear_caches(&[(user.id, None)], &redis).await?;
}
}
}
}
}

if webhook.model == "payment" {
#[derive(Deserialize)]
struct Payment {
pub id: String,
pub status: PayoutStatus,
}

if let Some(body) = webhook.body.get("payment") {
if let Ok(payment) = serde_json::from_value::<Payment>(body.clone()) {
let value = sqlx::query!(
"SELECT id, amount, user_id, status FROM historical_payouts WHERE payment_id = $1",
payment.id
)
.fetch_optional(&**pool)
.await?;

if let Some(payout) = value {
let mut transaction = pool.begin().await?;

if payment.status.is_failed()
&& !PayoutStatus::from_string(&payout.status).is_failed()
{
sqlx::query!(
"
UPDATE users
SET balance = balance + $1
WHERE id = $2
",
payout.amount,
payout.user_id,
)
.execute(&mut *transaction)
.await?;
}

sqlx::query!(
"
UPDATE historical_payouts
SET status = $1
WHERE payment_id = $2
",
payment.status.as_str(),
payment.id,
)
.execute(&mut *transaction)
.await?;

transaction.commit().await?;
User::clear_caches(
&[(crate::database::models::UserId(payout.user_id), None)],
&redis,
)
.await?;
}
}
}
}
}
}

Ok(HttpResponse::NoContent().finish())
}

#[post("/_force_reindex", guard = "admin_key_guard")]
pub async fn force_reindex(
pool: web::Data<PgPool>,
Expand Down
2 changes: 1 addition & 1 deletion src/routes/v3/users.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ pub fn config(cfg: &mut web::ServiceConfig) {
.route("{id}/icon", web::patch().to(user_icon_edit))
.route("{id}", web::delete().to(user_delete))
.route("{id}/follows", web::get().to(user_follows))
.route("{id}/notifications", web::get().to(user_notifications)),
.route("{id}/notifications", web::get().to(user_notifications))
.route("{id}/oauth_apps", web::get().to(get_user_clients)),
);
}
Expand Down

0 comments on commit 84e4209

Please sign in to comment.