Form errors

2022-10-20 20:17:49 +02:00 · 2022-10-20 20:17:49 +02:00 · 096390d533
commit 096390d533
parent 2de26f5ffc
4 changed files with 176 additions and 93 deletions
--- a/src/server.rs
+++ b/src/server.rs
@ -21,7 +21,7 @@ pub async fn start_server(config: Config, dbs: Dbs, templates: Templates) {
 		let templates = templates.clone();
 		let dbs = dbs.clone();
 		move |req: tide::Request<()>| {
-			serve_comments(req, config.clone(), templates.clone(), dbs.clone())
+			serve_comments(req, config.clone(), templates.clone(), dbs.clone(), &[])
 		}
 	});
 	app.at(&format!("{}t/:topic", config.root_url)).post({
@ -59,6 +59,7 @@ async fn serve_comments<'a>(
 	config: Arc<Config>,
 	templates: Arc<Templates>,
 	dbs: Dbs,
+	errors: &[String],
 ) -> tide::Result<tide::Response> {
 	let Ok(topic) = req.param("topic") else {
 		return Err(tide::Error::from_str(404, "No topic"))
@ -73,6 +74,7 @@ async fn serve_comments<'a>(
 	let mut context = Context::new();
 	context.insert("config", &config);
 	context.insert("admin", &admin);
+	context.insert("new_comment_errors", errors);

 	if admin {
 		if let Ok(query) = req.query::<ApproveQuery>() {
@ -188,6 +190,8 @@ async fn handle_post_comments(
 	dbs: Dbs,
 	notify_send: Sender<()>,
 ) -> tide::Result<tide::Response> {
+	let mut errors = Vec::new();
+
 	match req.body_form::<CommentQuery>().await? {
 		CommentQuery::NewComment(query) => {
 			let Ok(topic) = req.param("topic") else {
@ -195,42 +199,56 @@ async fn handle_post_comments(
 			};

 			if query.author.len() > config.comment_author_max_len {
-				return Err(tide::Error::from_str(400, "Too long"));
+				errors.push(format!(
+					"Author name length is {} but maximum is {}.",
+					query.author.len(),
+					config.comment_author_max_len
+				));
 			}
 			if query.email.len() > config.comment_email_max_len {
-				return Err(tide::Error::from_str(400, "Too long"));
+				errors.push(format!(
+					"E-mail length is {} but maximum is {}.",
+					query.email.len(),
+					config.comment_email_max_len
+				));
 			}
 			if query.text.len() > config.comment_text_max_len {
-				return Err(tide::Error::from_str(400, "Too long"));
+				errors.push(format!(
+					"Comment length is {} but maximum is {}.",
+					query.text.len(),
+					config.comment_text_max_len
+				));
 			}

-			let topic_hash = TopicHash::from_topic(topic);
+			if errors.is_empty() {
+				let topic_hash = TopicHash::from_topic(topic);

-			let time = std::time::SystemTime::now()
-				.duration_since(std::time::UNIX_EPOCH)
-				.unwrap()
-				.as_secs();
+				let time = std::time::SystemTime::now()
+					.duration_since(std::time::UNIX_EPOCH)
+					.unwrap()
+					.as_secs();

-			let comment = Comment {
-				topic_hash,
-				author: query.author,
-				email: if query.email.is_empty() {
-					None
-				} else {
-					Some(query.email)
-				},
-				last_edit_time: None,
-				post_time: time,
-				text: query.text,
-			};
-			helpers::new_pending_comment(&comment, &dbs)
-				.map_err(|e| error!("Adding pending comment: {:?}", e))
-				.ok();
-			notify_send.send(()).ok();
+				let comment = Comment {
+					topic_hash,
+					author: query.author,
+					email: if query.email.is_empty() {
+						None
+					} else {
+						Some(query.email)
+					},
+					last_edit_time: None,
+					post_time: time,
+					text: query.text,
+				};
+				helpers::new_pending_comment(&comment, &dbs)
+					.map_err(|e| error!("Adding pending comment: {:?}", e))
+					.ok();
+				notify_send.send(()).ok();
+			}
 		}
-		_ => todo!(),
+		_ => {}
 	}
-	serve_comments(req, config, templates, dbs).await
+	serve_comments(req, config, templates, dbs, &errors).await
 }

 async fn handle_post_admin(