mirror of
https://git.42l.fr/neil/sncf.git
synced 2024-05-03 14:33:10 +02:00
updating isAnonymous interception process with new OCS API
This commit is contained in:
parent
31bf380e12
commit
255cf8ba9e
30
src/sniff.rs
30
src/sniff.rs
|
@ -42,6 +42,7 @@ fn rq_form_update(body: &web::Bytes) -> bool {
|
|||
// this part may need code quality improvements
|
||||
// the body MUST come from the "create new form" route
|
||||
// (this is checked upstream)
|
||||
// returns the form UID and the request body
|
||||
pub fn check_new_form(body: &web::Bytes) -> u64 {
|
||||
let req = String::from_utf8_lossy(body);
|
||||
|
||||
|
@ -51,13 +52,22 @@ pub fn check_new_form(body: &web::Bytes) -> u64 {
|
|||
Value::Null
|
||||
});
|
||||
|
||||
if v != Value::Null && v["id"] != Value::Null && v["isAnonymous"] == Value::Null {
|
||||
v["id"].as_u64().unwrap_or_else(|| {
|
||||
eprintln!("check_new_form: failed to parse formid: {}", v);
|
||||
0
|
||||
})
|
||||
} else {
|
||||
0
|
||||
if v != Value::Null
|
||||
&& v["ocs"].is_object()
|
||||
&& v["ocs"]["data"].is_object()
|
||||
&& v["ocs"]["data"]["id"] != Value::Null
|
||||
&& v["ocs"]["data"]["isAnonymous"] == Value::Null {
|
||||
|
||||
//getting form id
|
||||
let new_v_id = v["ocs"]["data"]["id"].as_u64().unwrap_or_else(|| {
|
||||
eprintln!("check_new_form: failed to parse formid: {}", v);
|
||||
0
|
||||
});
|
||||
new_v_id
|
||||
|
||||
} else {
|
||||
eprintln!("error: check_new_form: can't find formid: {}", v);
|
||||
0
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -69,10 +79,14 @@ const BLOCKED_ROUTES: &[&str] = &[
|
|||
"/ocs/v",
|
||||
"/remote.php",
|
||||
"/apps/files",
|
||||
"/core/templates/filepicker.html",
|
||||
];
|
||||
|
||||
// ...except if they are in this list
|
||||
const ALLOWED_ROUTES: &[&str] = &["/ocs/v2.php/apps/forms/"];
|
||||
const ALLOWED_ROUTES: &[&str] = &[
|
||||
"/ocs/v2.php/apps/forms/",
|
||||
"/status.php"
|
||||
];
|
||||
|
||||
// checks if the accessed route is allowed for the user.
|
||||
// if it returns true, redirects elsewhere
|
||||
|
|
Loading…
Reference in a new issue