mirror of
https://git.42l.fr/neil/sncf.git
synced 2024-06-08 10:42:14 +02:00
updating isAnonymous interception process with new OCS API
This commit is contained in:
parent
31bf380e12
commit
255cf8ba9e
30
src/sniff.rs
30
src/sniff.rs
|
@ -42,6 +42,7 @@ fn rq_form_update(body: &web::Bytes) -> bool {
|
||||||
// this part may need code quality improvements
|
// this part may need code quality improvements
|
||||||
// the body MUST come from the "create new form" route
|
// the body MUST come from the "create new form" route
|
||||||
// (this is checked upstream)
|
// (this is checked upstream)
|
||||||
|
// returns the form UID and the request body
|
||||||
pub fn check_new_form(body: &web::Bytes) -> u64 {
|
pub fn check_new_form(body: &web::Bytes) -> u64 {
|
||||||
let req = String::from_utf8_lossy(body);
|
let req = String::from_utf8_lossy(body);
|
||||||
|
|
||||||
|
@ -51,13 +52,22 @@ pub fn check_new_form(body: &web::Bytes) -> u64 {
|
||||||
Value::Null
|
Value::Null
|
||||||
});
|
});
|
||||||
|
|
||||||
if v != Value::Null && v["id"] != Value::Null && v["isAnonymous"] == Value::Null {
|
if v != Value::Null
|
||||||
v["id"].as_u64().unwrap_or_else(|| {
|
&& v["ocs"].is_object()
|
||||||
eprintln!("check_new_form: failed to parse formid: {}", v);
|
&& v["ocs"]["data"].is_object()
|
||||||
0
|
&& v["ocs"]["data"]["id"] != Value::Null
|
||||||
})
|
&& v["ocs"]["data"]["isAnonymous"] == Value::Null {
|
||||||
} else {
|
|
||||||
0
|
//getting form id
|
||||||
|
let new_v_id = v["ocs"]["data"]["id"].as_u64().unwrap_or_else(|| {
|
||||||
|
eprintln!("check_new_form: failed to parse formid: {}", v);
|
||||||
|
0
|
||||||
|
});
|
||||||
|
new_v_id
|
||||||
|
|
||||||
|
} else {
|
||||||
|
eprintln!("error: check_new_form: can't find formid: {}", v);
|
||||||
|
0
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -69,10 +79,14 @@ const BLOCKED_ROUTES: &[&str] = &[
|
||||||
"/ocs/v",
|
"/ocs/v",
|
||||||
"/remote.php",
|
"/remote.php",
|
||||||
"/apps/files",
|
"/apps/files",
|
||||||
|
"/core/templates/filepicker.html",
|
||||||
];
|
];
|
||||||
|
|
||||||
// ...except if they are in this list
|
// ...except if they are in this list
|
||||||
const ALLOWED_ROUTES: &[&str] = &["/ocs/v2.php/apps/forms/"];
|
const ALLOWED_ROUTES: &[&str] = &[
|
||||||
|
"/ocs/v2.php/apps/forms/",
|
||||||
|
"/status.php"
|
||||||
|
];
|
||||||
|
|
||||||
// checks if the accessed route is allowed for the user.
|
// checks if the accessed route is allowed for the user.
|
||||||
// if it returns true, redirects elsewhere
|
// if it returns true, redirects elsewhere
|
||||||
|
|
Loading…
Reference in a new issue