datatrash/src/main.rs

mod deleter;
mod file_kind;
mod multipart;

use actix_files::{Files, NamedFile};
use actix_multipart::Multipart;
use actix_web::{
    error,
    http::header::{ContentDisposition, DispositionParam, DispositionType},
    middleware,
    web::{self, Bytes},
    App, Error, FromRequest, HttpRequest, HttpResponse, HttpServer,
};
use async_std::{
    fs,
    path::PathBuf,
    sync::{channel, Sender},
    task,
};
use file_kind::FileKind;
use sqlx::{
    postgres::{PgPool, PgRow},
    Cursor, Row,
};
use std::env;

const UPLOAD_HTML: &str = include_str!("../template/upload.html");
const VIEW_HTML: &str = include_str!("../template/view.html");

async fn index() -> Result<NamedFile, Error> {
    Ok(NamedFile::open("./static/index.html")
        .map_err(|_| error::ErrorNotFound(""))?
        .disable_content_disposition())
}

async fn upload(
    payload: Multipart,
    db: web::Data<PgPool>,
    sender: web::Data<Sender<()>>,
    config: web::Data<Config>,
) -> Result<HttpResponse, Error> {
    let file_id = format!("{:x?}", rand::random::<u32>());
    let mut filename = config.files_dir.clone();
    filename.push(&file_id);

    let (original_name, valid_till, kind) =
        match multipart::parse_multipart(payload, &file_id, &filename).await {
            Ok(data) => data,
            Err(err) => {
                if filename.exists().await {
                    fs::remove_file(filename)
                        .await
                        .map_err(|_| error::ErrorInternalServerError("could not remove file"))?;
                }
                return Err(err);
            }
        };

    sqlx::query("INSERT INTO Files (file_id, file_name, valid_till, kind) VALUES ($1, $2, $3, $4)")
        .bind(&file_id)
        .bind(original_name.unwrap_or_else(|| file_id.clone()))
        .bind(valid_till.naive_local())
        .bind(kind.to_string())
        .execute(db.as_ref())
        .await
        .map_err(|_| error::ErrorInternalServerError("could not insert file into database"))?;

    log::info!(
        "create new file {} (valid_till: {}, kind: {})",
        file_id,
        valid_till,
        kind
    );

    sender.send(()).await;

    Ok(HttpResponse::SeeOther()
        .header("location", format!("/upload/{}", file_id))
        .finish())
}

async fn uploaded(id: web::Path<String>, req: web::HttpRequest) -> Result<HttpResponse, Error> {
    let url = req.url_for("file", &[id.as_str()])?;
    let upload_html = UPLOAD_HTML.replace("{url}", url.as_str());
    Ok(HttpResponse::Ok()
        .content_type("text/html")
        .body(upload_html))
}

async fn download(
    req: HttpRequest,
    id: web::Path<String>,
    db: web::Data<PgPool>,
    config: web::Data<Config>,
) -> Result<HttpResponse, Error> {
    let mut cursor = sqlx::query("SELECT file_id, file_name, kind from files WHERE file_id = $1")
        .bind(id.as_ref())
        .fetch(db.as_ref());
    let row: PgRow = cursor
        .next()
        .await
        .map_err(|_| error::ErrorInternalServerError("could not run select statement"))?
        .ok_or_else(|| error::ErrorNotFound("file does not exist or has expired"))?;

    let file_id: String = row.get("file_id");
    let file_name: String = row.get("file_name");
    let kind: String = row.get("kind");
    let mut path = config.files_dir.clone();
    path.push(&file_id);

    if kind == FileKind::TEXT.to_string() && !req.query_string().contains("raw") {
        let content = fs::read_to_string(path).await.map_err(|_| {
            error::ErrorInternalServerError("this file should be here but could not be found")
        })?;
        let encoded = htmlescape::encode_minimal(&content);
        let view_html = VIEW_HTML.replace("{text}", &encoded);
        let response = HttpResponse::Ok().content_type("text/html").body(view_html);
        Ok(response)
    } else {
        let file = NamedFile::open(path)
            .map_err(|_| {
                error::ErrorInternalServerError("this file should be here but could not be found")
            })?
            .set_content_disposition(ContentDisposition {
                disposition: DispositionType::Attachment,
                parameters: vec![DispositionParam::Filename(file_name)],
            });
        file.into_response(&req)
    }
}

fn get_db_url() -> String {
    if let Ok(database_url) = env::var("DATABASE_URL") {
        return database_url;
    }

    let auth = if let Ok(user) = env::var("DATABASE_USER") {
        if let Ok(pass) = env::var("DATABASE_PASS") {
            format!("{}:{}@", user, pass)
        } else {
            format!("{}@", user)
        }
    } else {
        String::new()
    };

    format!(
        "postgresql://{auth}{host}/{name}",
        auth = auth,
        host = env::var("DATABASE_HOST").unwrap_or_else(|_| "localhost".to_string()),
        name = env::var("DATABASE_NAME").unwrap_or_else(|_| "datatrash".to_string())
    )
}

async fn setup_db() -> PgPool {
    let conn_url = &get_db_url();
    log::info!("Using Connection string {}", conn_url);

    let pool = PgPool::builder()
        .max_size(5)
        .connect_timeout(std::time::Duration::from_secs(5))
        .build(conn_url)
        .await
        .expect("could not create db pool");

    sqlx::query(include_str!("../init-db.sql"))
        .execute(&pool)
        .await
        .expect("could not create table Files");

    pool
}

#[derive(Clone)]
struct Config {
    files_dir: PathBuf,
}

#[actix_rt::main]
async fn main() -> std::io::Result<()> {
    if env::var("RUST_LOG").is_err() {
        env::set_var("RUST_LOG", "info");
    }
    env_logger::init();

    let pool: PgPool = setup_db().await;
    let config = Config {
        files_dir: PathBuf::from(env::var("FILES_DIR").unwrap_or_else(|_| "./files".to_owned())),
    };
    fs::create_dir_all(&config.files_dir)
        .await
        .expect("could not create directory for storing files");
    let (sender, receiver) = channel(8);

    log::info!("omnomnom");

    task::spawn(deleter::delete_old_files(
        receiver,
        pool.clone(),
        config.files_dir.clone(),
    ));

    let db = web::Data::new(pool);
    let sender = web::Data::new(sender);
    let upload_max_bytes: usize = env::var("UPLOAD_MAX_BYTES")
        .ok()
        .and_then(|variable| variable.parse().ok())
        .unwrap_or(8_388_608);
    let bind_address = env::var("BIND_ADDRESS").unwrap_or_else(|_| "0.0.0.0:8000".to_owned());

    HttpServer::new({
        move || {
            App::new()
                .wrap(middleware::Logger::default())
                .app_data(db.clone())
                .app_data(sender.clone())
                .app_data(Bytes::configure(|cfg| cfg.limit(upload_max_bytes)))
                .data(config.clone())
                .service(web::resource("/").route(web::get().to(index)))
                .service(web::resource("/upload").route(web::post().to(upload)))
                .service(web::resource("/upload/{id}").route(web::get().to(uploaded)))
                .service(
                    web::resource("/file/{id}")
                        .name("file")
                        .route(web::get().to(download)),
                )
                .service(Files::new("/static", "static").disable_content_disposition())
        }
    })
    .bind(bind_address)?
    .run()
    .await
}
finish it i guess 2020-07-09 17:27:24 +00:00			`mod deleter;`
			`mod file_kind;`
Initial commit 2020-07-08 19:26:46 +00:00			`mod multipart;`

finish it i guess 2020-07-09 17:27:24 +00:00			`use actix_files::{Files, NamedFile};`
Initial commit 2020-07-08 19:26:46 +00:00			`use actix_multipart::Multipart;`
apply formatter 2020-08-02 23:12:42 +00:00			`use actix_web::{`
			`error,`
			`http::header::{ContentDisposition, DispositionParam, DispositionType},`
			`middleware,`
			`web::{self, Bytes},`
			`App, Error, FromRequest, HttpRequest, HttpResponse, HttpServer,`
			`};`
fix deletion race condition 2020-07-13 13:29:40 +00:00			`use async_std::{`
			`fs,`
			`path::PathBuf,`
			`sync::{channel, Sender},`
			`task,`
			`};`
finish it i guess 2020-07-09 17:27:24 +00:00			`use file_kind::FileKind;`
remove compile time postgres dependency, add docker build 2020-07-12 00:26:11 +00:00			`use sqlx::{`
			`postgres::{PgPool, PgRow},`
			`Cursor, Row,`
			`};`
Initial commit 2020-07-08 19:26:46 +00:00			`use std::env;`

finish it i guess 2020-07-09 17:27:24 +00:00			`const UPLOAD_HTML: &str = include_str!("../template/upload.html");`
			`const VIEW_HTML: &str = include_str!("../template/view.html");`
Initial commit 2020-07-08 19:26:46 +00:00
no compression, better http caching, better css 2020-07-14 11:45:14 +00:00			`async fn index() -> Result<NamedFile, Error> {`
do some code cleanup 2020-07-14 15:53:43 +00:00			`Ok(NamedFile::open("./static/index.html")`
remove content disposition from index.html 2020-07-14 14:03:34 +00:00			`.map_err(\|_\| error::ErrorNotFound(""))?`
			`.disable_content_disposition())`
Initial commit 2020-07-08 19:26:46 +00:00			`}`

finish it i guess 2020-07-09 17:27:24 +00:00			`async fn upload(`
			`payload: Multipart,`
			`db: web::Data<PgPool>,`
			`sender: web::Data<Sender<()>>,`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`config: web::Data<Config>,`
finish it i guess 2020-07-09 17:27:24 +00:00			`) -> Result<HttpResponse, Error> {`
			`let file_id = format!("{:x?}", rand::random::<u32>());`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`let mut filename = config.files_dir.clone();`
			`filename.push(&file_id);`
finish it i guess 2020-07-09 17:27:24 +00:00
			`let (original_name, valid_till, kind) =`
			`match multipart::parse_multipart(payload, &file_id, &filename).await {`
			`Ok(data) => data,`
			`Err(err) => {`
			`if filename.exists().await {`
			`fs::remove_file(filename)`
			`.await`
			`.map_err(\|_\| error::ErrorInternalServerError("could not remove file"))?;`
Initial commit 2020-07-08 19:26:46 +00:00			`}`
finish it i guess 2020-07-09 17:27:24 +00:00			`return Err(err);`
Initial commit 2020-07-08 19:26:46 +00:00			`}`
			`};`

remove compile time postgres dependency, add docker build 2020-07-12 00:26:11 +00:00			`sqlx::query("INSERT INTO Files (file_id, file_name, valid_till, kind) VALUES ($1, $2, $3, $4)")`
			`.bind(&file_id)`
			`.bind(original_name.unwrap_or_else(\|\| file_id.clone()))`
			`.bind(valid_till.naive_local())`
			`.bind(kind.to_string())`
			`.execute(db.as_ref())`
			`.await`
			`.map_err(\|_\| error::ErrorInternalServerError("could not insert file into database"))?;`
Initial commit 2020-07-08 19:26:46 +00:00
finish it i guess 2020-07-09 17:27:24 +00:00			`log::info!(`
			`"create new file {} (valid_till: {}, kind: {})",`
			`file_id,`
			`valid_till,`
			`kind`
			`);`
Initial commit 2020-07-08 19:26:46 +00:00
finish it i guess 2020-07-09 17:27:24 +00:00			`sender.send(()).await;`
Initial commit 2020-07-08 19:26:46 +00:00
use correct http semantic on upload redirect 2020-07-13 14:08:55 +00:00			`Ok(HttpResponse::SeeOther()`
finish it i guess 2020-07-09 17:27:24 +00:00			`.header("location", format!("/upload/{}", file_id))`
Initial commit 2020-07-08 19:26:46 +00:00			`.finish())`
			`}`

Use actix url generator for the uploaded url 2020-08-02 22:07:16 +00:00			`async fn uploaded(id: web::Path<String>, req: web::HttpRequest) -> Result<HttpResponse, Error> {`
			`let url = req.url_for("file", &[id.as_str()])?;`
apply formatter 2020-08-02 23:12:42 +00:00			`let upload_html = UPLOAD_HTML.replace("{url}", url.as_str());`
Initial commit 2020-07-08 19:26:46 +00:00			`Ok(HttpResponse::Ok()`
			`.content_type("text/html")`
			`.body(upload_html))`
			`}`

finish it i guess 2020-07-09 17:27:24 +00:00			`async fn download(`
			`req: HttpRequest,`
			`id: web::Path<String>,`
			`db: web::Data<PgPool>,`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`config: web::Data<Config>,`
finish it i guess 2020-07-09 17:27:24 +00:00			`) -> Result<HttpResponse, Error> {`
remove compile time postgres dependency, add docker build 2020-07-12 00:26:11 +00:00			`let mut cursor = sqlx::query("SELECT file_id, file_name, kind from files WHERE file_id = $1")`
			`.bind(id.as_ref())`
			`.fetch(db.as_ref());`
			`let row: PgRow = cursor`
			`.next()`
			`.await`
			`.map_err(\|_\| error::ErrorInternalServerError("could not run select statement"))?`
db timeout, dont leak inner workings, auto create files dir, fix script injection 2020-07-13 13:22:33 +00:00			`.ok_or_else(\|\| error::ErrorNotFound("file does not exist or has expired"))?;`

remove compile time postgres dependency, add docker build 2020-07-12 00:26:11 +00:00			`let file_id: String = row.get("file_id");`
			`let file_name: String = row.get("file_name");`
			`let kind: String = row.get("kind");`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`let mut path = config.files_dir.clone();`
remove compile time postgres dependency, add docker build 2020-07-12 00:26:11 +00:00			`path.push(&file_id);`
finish it i guess 2020-07-09 17:27:24 +00:00
add asciitrash copy and download button 2020-07-14 11:21:57 +00:00			`if kind == FileKind::TEXT.to_string() && !req.query_string().contains("raw") {`
db timeout, dont leak inner workings, auto create files dir, fix script injection 2020-07-13 13:22:33 +00:00			`let content = fs::read_to_string(path).await.map_err(\|_\| {`
			`error::ErrorInternalServerError("this file should be here but could not be found")`
			`})?;`
			`let encoded = htmlescape::encode_minimal(&content);`
			`let view_html = VIEW_HTML.replace("{text}", &encoded);`
finish it i guess 2020-07-09 17:27:24 +00:00			`let response = HttpResponse::Ok().content_type("text/html").body(view_html);`
			`Ok(response)`
			`} else {`
db timeout, dont leak inner workings, auto create files dir, fix script injection 2020-07-13 13:22:33 +00:00			`let file = NamedFile::open(path)`
			`.map_err(\|_\| {`
			`error::ErrorInternalServerError("this file should be here but could not be found")`
			`})?`
			`.set_content_disposition(ContentDisposition {`
			`disposition: DispositionType::Attachment,`
			`parameters: vec![DispositionParam::Filename(file_name)],`
			`});`
finish it i guess 2020-07-09 17:27:24 +00:00			`file.into_response(&req)`
			`}`
			`}`

Add Connection string builder 2020-08-02 01:08:07 +00:00			`fn get_db_url() -> String {`
rustify db url building 2020-08-02 23:28:42 +00:00			`if let Ok(database_url) = env::var("DATABASE_URL") {`
			`return database_url;`
			`}`
Add Connection string builder 2020-08-02 01:08:07 +00:00
rustify db url building 2020-08-02 23:28:42 +00:00			`let auth = if let Ok(user) = env::var("DATABASE_USER") {`
			`if let Ok(pass) = env::var("DATABASE_PASS") {`
			`format!("{}:{}@", user, pass)`
			`} else {`
			`format!("{}@", user)`
Add Connection string builder 2020-08-02 01:08:07 +00:00			`}`
rustify db url building 2020-08-02 23:28:42 +00:00			`} else {`
			`String::new()`
			`};`

			`format!(`
remove debug env var read 2020-08-02 23:30:45 +00:00			`"postgresql://{auth}{host}/{name}",`
			`auth = auth,`
			`host = env::var("DATABASE_HOST").unwrap_or_else(\|_\| "localhost".to_string()),`
			`name = env::var("DATABASE_NAME").unwrap_or_else(\|_\| "datatrash".to_string())`
rustify db url building 2020-08-02 23:28:42 +00:00			`)`
Add Connection string builder 2020-08-02 01:08:07 +00:00			`}`

finish it i guess 2020-07-09 17:27:24 +00:00			`async fn setup_db() -> PgPool {`
Add Connection string builder 2020-08-02 01:08:07 +00:00			`let conn_url = &get_db_url();`
			`log::info!("Using Connection string {}", conn_url);`

finish it i guess 2020-07-09 17:27:24 +00:00			`let pool = PgPool::builder()`
			`.max_size(5)`
db timeout, dont leak inner workings, auto create files dir, fix script injection 2020-07-13 13:22:33 +00:00			`.connect_timeout(std::time::Duration::from_secs(5))`
Add Connection string builder 2020-08-02 01:08:07 +00:00			`.build(conn_url)`
finish it i guess 2020-07-09 17:27:24 +00:00			`.await`
			`.expect("could not create db pool");`

remove compile time postgres dependency, add docker build 2020-07-12 00:26:11 +00:00			`sqlx::query(include_str!("../init-db.sql"))`
add readme, extract init-db script 2020-07-09 20:01:25 +00:00			`.execute(&pool)`
			`.await`
			`.expect("could not create table Files");`
finish it i guess 2020-07-09 17:27:24 +00:00
			`pool`
			`}`

add environment variable configuration 2020-07-11 21:27:15 +00:00			`#[derive(Clone)]`
			`struct Config {`
			`files_dir: PathBuf,`
			`}`

Initial commit 2020-07-08 19:26:46 +00:00			`#[actix_rt::main]`
			`async fn main() -> std::io::Result<()> {`
do some code cleanup 2020-07-14 15:53:43 +00:00			`if env::var("RUST_LOG").is_err() {`
			`env::set_var("RUST_LOG", "info");`
			`}`
Initial commit 2020-07-08 19:26:46 +00:00			`env_logger::init();`

finish it i guess 2020-07-09 17:27:24 +00:00			`let pool: PgPool = setup_db().await;`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`let config = Config {`
			`files_dir: PathBuf::from(env::var("FILES_DIR").unwrap_or_else(\|_\| "./files".to_owned())),`
			`};`
db timeout, dont leak inner workings, auto create files dir, fix script injection 2020-07-13 13:22:33 +00:00			`fs::create_dir_all(&config.files_dir)`
			`.await`
			`.expect("could not create directory for storing files");`
do some code cleanup 2020-07-14 15:53:43 +00:00			`let (sender, receiver) = channel(8);`
db timeout, dont leak inner workings, auto create files dir, fix script injection 2020-07-13 13:22:33 +00:00
fix deletion race condition 2020-07-13 13:29:40 +00:00			`log::info!("omnomnom");`

add environment variable configuration 2020-07-11 21:27:15 +00:00			`task::spawn(deleter::delete_old_files(`
do some code cleanup 2020-07-14 15:53:43 +00:00			`receiver,`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`pool.clone(),`
			`config.files_dir.clone(),`
			`));`
finish it i guess 2020-07-09 17:27:24 +00:00
Initial commit 2020-07-08 19:26:46 +00:00			`let db = web::Data::new(pool);`
do some code cleanup 2020-07-14 15:53:43 +00:00			`let sender = web::Data::new(sender);`
			`let upload_max_bytes: usize = env::var("UPLOAD_MAX_BYTES")`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`.ok()`
			`.and_then(\|variable\| variable.parse().ok())`
			`.unwrap_or(8_388_608);`
			`let bind_address = env::var("BIND_ADDRESS").unwrap_or_else(\|_\| "0.0.0.0:8000".to_owned());`

			`HttpServer::new({`
			`move \|\| {`
			`App::new()`
			`.wrap(middleware::Logger::default())`
			`.app_data(db.clone())`
do some code cleanup 2020-07-14 15:53:43 +00:00			`.app_data(sender.clone())`
			`.app_data(Bytes::configure(\|cfg\| cfg.limit(upload_max_bytes)))`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`.data(config.clone())`
			`.service(web::resource("/").route(web::get().to(index)))`
			`.service(web::resource("/upload").route(web::post().to(upload)))`
			`.service(web::resource("/upload/{id}").route(web::get().to(uploaded)))`
apply formatter 2020-08-02 23:12:42 +00:00			`.service(`
			`web::resource("/file/{id}")`
			`.name("file")`
			`.route(web::get().to(download)),`
			`)`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`.service(Files::new("/static", "static").disable_content_disposition())`
			`}`
Initial commit 2020-07-08 19:26:46 +00:00			`})`
add environment variable configuration 2020-07-11 21:27:15 +00:00			`.bind(bind_address)?`
Initial commit 2020-07-08 19:26:46 +00:00			`.run()`
			`.await`
			`}`