Skip to content

Commit

Permalink
Merge pull request #20 from sentclose/customer_register_disable
Browse files Browse the repository at this point in the history
Customer register disable
  • Loading branch information
joernheinemann authored Jul 4, 2023
2 parents fb9ec0d + cff37c3 commit a392311
Show file tree
Hide file tree
Showing 7 changed files with 295 additions and 221 deletions.
2 changes: 2 additions & 0 deletions sentc.env.sample
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ LOCAL_STORAGE_PATH=storage

ROOT_KEY=Nfc8+1ANqSfHviWDwFWs6PdADxK0mU+XiJ8g9wbQRic=

#CUSTOMER_REGISTER=1

# token for test env
SENTC_APP_DEMO_ID=ecae27fb-d849-467d-9c58-49fca0d8430a

Expand Down
12 changes: 12 additions & 0 deletions server_crates/server_api/src/customer/customer_controller.rs
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
use std::env;

use rand::RngCore;
use rustgram::Request;
use rustgram_server_util::error::{ServerCoreError, ServerErrorConstructor};
Expand Down Expand Up @@ -59,6 +61,16 @@ pub async fn customer_captcha(req: Request) -> JRes<CaptchaCreateOutput>

pub async fn register(mut req: Request) -> JRes<CustomerRegisterOutput>
{
let register_enabled = env::var("CUSTOMER_REGISTER").unwrap_or_else(|_| "1".into());

if register_enabled.as_str() != "1" && register_enabled.as_str() != "true" {
return Err(ServerCoreError::new_msg(
400,
ApiErrorCodes::CustomerDisable,
"Register is disabled.",
));
}

let body = get_raw_body(&mut req).await?;

let register_data: CustomerRegisterData = bytes_to_json(&body)?;
Expand Down
2 changes: 2 additions & 0 deletions server_crates/server_api/src/util/api_res.rs
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ pub enum ApiErrorCodes
CustomerNotFound,
CustomerEmailTokenValid,
CustomerEmailSyntax,
CustomerDisable,

UserNotFound,
UserDeviceDelete,
Expand Down Expand Up @@ -147,6 +148,7 @@ impl ServerErrorCodes for ApiErrorCodes
ApiErrorCodes::CustomerNotFound => 62,
ApiErrorCodes::CustomerEmailTokenValid => 63,
ApiErrorCodes::CustomerEmailSyntax => 64,
ApiErrorCodes::CustomerDisable => 65,

ApiErrorCodes::UserNotFound => 100,
ApiErrorCodes::UserExists => 101,
Expand Down
46 changes: 0 additions & 46 deletions server_crates/server_api/tests/tests_1_customer.rs
Original file line number Diff line number Diff line change
Expand Up @@ -31,52 +31,6 @@ pub struct CustomerState

static CUSTOMER_TEST_STATE: OnceCell<RwLock<CustomerState>> = OnceCell::const_new();

#[ignore]
#[tokio::test]
async fn test_0_register_customer_with_email()
{
//Test here with real email send -> don't do it in regular test run!

let url = get_url("api/v1/customer/register".to_string());

dotenv::from_filename("sentc.env").ok();

let email = env::var("EMAIL_ADDRESS_TEST").unwrap();

let register_data = sentc_crypto::user::register(email.as_str(), "12345").unwrap();
let register_data = RegisterData::from_string(register_data.as_str()).unwrap();

let captcha_input = get_captcha().await;

let input = CustomerRegisterData {
customer_data: CustomerData {
name: "abc".to_string(),
first_name: "abc".to_string(),
company: None,
},
email,
register_data: register_data.device,
captcha_input,
};

let client = reqwest::Client::new();
let res = client
.post(url)
.body(serde_json::to_string(&input).unwrap())
.send()
.await
.unwrap();

let body = res.text().await.unwrap();

println!("result for registration = {}", body);

let out = ServerOutput::<CustomerRegisterOutput>::from_string(body.as_str()).unwrap();

assert!(out.status);
assert_eq!(out.err_code, None);
}

#[tokio::test]
async fn aaa_init_global()
{
Expand Down
175 changes: 0 additions & 175 deletions server_crates/server_api/tests/tests_6_file.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1278,178 +1278,3 @@ async fn zzz_test_worker_delete()

sentc_file_worker::start().await.unwrap();
}

#[ignore]
#[tokio::test]
async fn test_0_large_file()
{
dotenv::from_filename("sentc.env").ok();

//prepare
let file_size = 1024 * 1024 * 104; //104 mb

let (_, customer_data) = create_test_customer("[email protected]", "12345").await;
let customer_jwt = &customer_data.user_keys.jwt;
let app_data = create_app(customer_jwt).await;
let secret_token = app_data.secret_token.to_string();
let public_token = app_data.public_token.to_string();
let user_pw = "12345";
let username = "hello6";
let (_user_id, key_data) = create_test_user(secret_token.as_str(), public_token.as_str(), username, user_pw).await;

let group_id = create_group(
secret_token.as_str(),
&key_data.user_keys[0].public_key,
None,
key_data.jwt.as_str(),
)
.await;

let group_keys = get_group(
secret_token.as_str(),
key_data.jwt.as_str(),
group_id.as_str(),
&key_data.user_keys[0].private_key,
false,
)
.await
.1;

let mut rng = rand::thread_rng();

//______________________________________________________________________________________________
//create "files"
let mut file = vec![0u8; file_size];
rng.try_fill_bytes(&mut file).unwrap();

//______________________________________________________________________________________________
//upload the file
let url = get_url("api/v1/file".to_string());

let (file_key, encrypted_key) = sentc_crypto::crypto::generate_non_register_sym_key(&group_keys[0].group_key).unwrap();
let encrypted_key_str = encrypted_key.to_string().unwrap();

let (input, _) = sentc_crypto::file::prepare_register_file(
encrypted_key.master_key_id,
&file_key,
encrypted_key_str,
None,
sentc_crypto::sdk_common::file::BelongsToType::None,
None,
)
.unwrap();

let client = reqwest::Client::new();
let res = client
.post(url)
.header(AUTHORIZATION, auth_header(key_data.jwt.as_str()))
.header("x-sentc-app-token", public_token.as_str())
.body(input)
.send()
.await
.unwrap();

let body = res.text().await.unwrap();

//session id
let (file_id, session_id) = sentc_crypto::file::done_register_file(body.as_str()).unwrap();

//______________________________________________________________________________________________
//chunk the file
let chunk_size = 1024 * 1024 * 4;

let mut start = 0;
let mut end = chunk_size;
let mut current_chunk = 0;

let mut next_key = sentc_crypto::sdk_core::SymKey::Aes(Default::default());

while start < file.len() {
current_chunk += 1;

//vec slice fill panic if the end is bigger than the length
let used_end = if end > file.len() { file.len() } else { end };

let part = &file[start..used_end];

start = end;
end = start + chunk_size;
let is_end = start >= file.len();

let encrypted_res = if current_chunk == 1 {
sentc_crypto::file::encrypt_file_part_start(&file_key, part, None).unwrap()
} else {
sentc_crypto::file::encrypt_file_part(&next_key, part, None).unwrap()
};

let encrypted_part = encrypted_res.0;
next_key = encrypted_res.1;

let url = get_url(
"api/v1/file/part/".to_string() + session_id.as_str() + "/" + current_chunk.to_string().as_str() + "/" + is_end.to_string().as_str(),
);

let client = reqwest::Client::new();
let res = client
.post(url)
.header("x-sentc-app-token", public_token.as_str())
.header(AUTHORIZATION, auth_header(key_data.jwt.as_str()))
.body(encrypted_part)
.send()
.await
.unwrap();

let body = res.text().await.unwrap();

handle_general_server_response(body.as_str()).unwrap();
}

//______________________________________________________________________________________________
//test download the large file
let file_data = get_file(&file_id, key_data.jwt.as_str(), public_token.as_str(), None).await;

let parts = &file_data.part_list;

let mut downloaded_file: Vec<u8> = Vec::new();

let mut next_key = sentc_crypto::sdk_core::SymKey::Aes(Default::default());

for (i, part) in parts.iter().enumerate() {
let part_id = &part.part_id;

//should all internal storage
let decrypted_part = if i == 0 {
get_and_decrypt_file_part_start(part_id, &key_data.jwt, &public_token, &file_key).await
} else {
get_and_decrypt_file_part(part_id, &key_data.jwt, &public_token, &next_key).await
};

next_key = decrypted_part.1;
let mut decrypted_part = decrypted_part.0;

downloaded_file.append(&mut decrypted_part);
}

assert_eq!(file.len(), downloaded_file.len());

for i in 0..downloaded_file.len() {
let org = file[i];
let decrypted = file[i];

assert_eq!(org, decrypted);
}

//______________________________________________________________________________________________
//mark it as delete
customer_delete(customer_data.user_keys.jwt.as_str()).await;

//delete the file

//override the path for this process because test files are exec in sub dir
std::env::set_var("LOCAL_STORAGE_PATH", "../../storage");
std::env::set_var("DB_PATH", std::env::var("DB_PATH_TEST").unwrap());

server_api::start().await;

sentc_file_worker::start().await.unwrap();
}
99 changes: 99 additions & 0 deletions server_crates/server_api/tests/tests_9_customer_special.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
use std::env;

use rustgram_server_util::error::ServerErrorCodes;
use sentc_crypto_common::user::RegisterData;
use sentc_crypto_common::ServerOutput;
use server_api::util::api_res::ApiErrorCodes;
use server_api_common::customer::{CustomerData, CustomerRegisterData, CustomerRegisterOutput};

use crate::test_fn::{get_captcha, get_url};

mod test_fn;

#[ignore]
#[tokio::test]
async fn test_0_register_customer_with_email()
{
//Test here with real email send -> don't do it in regular test run!

let url = get_url("api/v1/customer/register".to_string());

dotenv::from_filename("sentc.env").ok();

let email = env::var("EMAIL_ADDRESS_TEST").unwrap();

let register_data = sentc_crypto::user::register(email.as_str(), "12345").unwrap();
let register_data = RegisterData::from_string(register_data.as_str()).unwrap();

let captcha_input = get_captcha().await;

let input = CustomerRegisterData {
customer_data: CustomerData {
name: "abc".to_string(),
first_name: "abc".to_string(),
company: None,
},
email,
register_data: register_data.device,
captcha_input,
};

let client = reqwest::Client::new();
let res = client
.post(url)
.body(serde_json::to_string(&input).unwrap())
.send()
.await
.unwrap();

let body = res.text().await.unwrap();

println!("result for registration = {}", body);

let out = ServerOutput::<CustomerRegisterOutput>::from_string(body.as_str()).unwrap();

assert!(out.status);
assert_eq!(out.err_code, None);
}

#[ignore]
#[tokio::test]
async fn test_10_1_not_register_when_register_is_disabled()
{
//only run with env CUSTOMER_REGISTER=0

let url = get_url("api/v1/customer/register".to_string());

let email = "[email protected]".to_string();

let register_data = sentc_crypto::user::register(email.as_str(), "12345").unwrap();
let register_data = RegisterData::from_string(register_data.as_str()).unwrap();

let captcha_input = get_captcha().await;

let input = CustomerRegisterData {
customer_data: CustomerData {
name: "abc".to_string(),
first_name: "abc".to_string(),
company: None,
},
email,
register_data: register_data.device,
captcha_input,
};

let client = reqwest::Client::new();
let res = client
.post(url)
.body(serde_json::to_string(&input).unwrap())
.send()
.await
.unwrap();

let body = res.text().await.unwrap();

let out = ServerOutput::<CustomerRegisterOutput>::from_string(body.as_str()).unwrap();

assert!(!out.status);
assert_eq!(out.err_code.unwrap(), ApiErrorCodes::CustomerDisable.get_int_code());
}
Loading

0 comments on commit a392311

Please sign in to comment.