Skip to content

Commit

Permalink
Some refactoring and optimizations (dani-garcia#5291)
Browse files Browse the repository at this point in the history
- Refactored several code to use more modern syntax
- Made some checks a bit more strict
- Updated crates

Signed-off-by: BlackDex <black.dex@gmail.com>
  • Loading branch information
BlackDex authored Dec 13, 2024
1 parent fd51230 commit 9cd400d
Show file tree
Hide file tree
Showing 23 changed files with 414 additions and 594 deletions.
36 changes: 18 additions & 18 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 7 additions & 8 deletions src/api/admin.rs
Original file line number Diff line number Diff line change
Expand Up @@ -495,11 +495,11 @@ struct UserOrgTypeData {
async fn update_user_org_type(data: Json<UserOrgTypeData>, token: AdminToken, mut conn: DbConn) -> EmptyResult {
let data: UserOrgTypeData = data.into_inner();

let mut user_to_edit =
match UserOrganization::find_by_user_and_org(&data.user_uuid, &data.org_uuid, &mut conn).await {
Some(user) => user,
None => err!("The specified user isn't member of the organization"),
};
let Some(mut user_to_edit) =
UserOrganization::find_by_user_and_org(&data.user_uuid, &data.org_uuid, &mut conn).await
else {
err!("The specified user isn't member of the organization")
};

let new_type = match UserOrgType::from_str(&data.user_type.into_string()) {
Some(new_type) => new_type as i32,
Expand Down Expand Up @@ -602,9 +602,8 @@ async fn get_json_api<T: DeserializeOwned>(url: &str) -> Result<T, Error> {
}

async fn has_http_access() -> bool {
let req = match make_http_request(Method::HEAD, "https://github.com/dani-garcia/vaultwarden") {
Ok(r) => r,
Err(_) => return false,
let Ok(req) = make_http_request(Method::HEAD, "https://github.com/dani-garcia/vaultwarden") else {
return false;
};
match req.send().await {
Ok(r) => r.status().is_success(),
Expand Down
96 changes: 38 additions & 58 deletions src/api/core/accounts.rs
Original file line number Diff line number Diff line change
Expand Up @@ -574,9 +574,8 @@ async fn post_rotatekey(data: Json<KeyData>, headers: Headers, mut conn: DbConn,
// Skip `null` folder id entries.
// See: https://github.com/bitwarden/clients/issues/8453
if let Some(folder_id) = folder_data.id {
let saved_folder = match existing_folders.iter_mut().find(|f| f.uuid == folder_id) {
Some(folder) => folder,
None => err!("Folder doesn't exist"),
let Some(saved_folder) = existing_folders.iter_mut().find(|f| f.uuid == folder_id) else {
err!("Folder doesn't exist")
};

saved_folder.name = folder_data.name;
Expand All @@ -586,22 +585,22 @@ async fn post_rotatekey(data: Json<KeyData>, headers: Headers, mut conn: DbConn,

// Update emergency access data
for emergency_access_data in data.emergency_access_keys {
let saved_emergency_access =
match existing_emergency_access.iter_mut().find(|ea| ea.uuid == emergency_access_data.id) {
Some(emergency_access) => emergency_access,
None => err!("Emergency access doesn't exist or is not owned by the user"),
};
let Some(saved_emergency_access) =
existing_emergency_access.iter_mut().find(|ea| ea.uuid == emergency_access_data.id)
else {
err!("Emergency access doesn't exist or is not owned by the user")
};

saved_emergency_access.key_encrypted = Some(emergency_access_data.key_encrypted);
saved_emergency_access.save(&mut conn).await?
}

// Update reset password data
for reset_password_data in data.reset_password_keys {
let user_org = match existing_user_orgs.iter_mut().find(|uo| uo.org_uuid == reset_password_data.organization_id)
{
Some(reset_password) => reset_password,
None => err!("Reset password doesn't exist"),
let Some(user_org) =
existing_user_orgs.iter_mut().find(|uo| uo.org_uuid == reset_password_data.organization_id)
else {
err!("Reset password doesn't exist")
};

user_org.reset_password_key = Some(reset_password_data.reset_password_key);
Expand All @@ -610,9 +609,8 @@ async fn post_rotatekey(data: Json<KeyData>, headers: Headers, mut conn: DbConn,

// Update send data
for send_data in data.sends {
let send = match existing_sends.iter_mut().find(|s| &s.uuid == send_data.id.as_ref().unwrap()) {
Some(send) => send,
None => err!("Send doesn't exist"),
let Some(send) = existing_sends.iter_mut().find(|s| &s.uuid == send_data.id.as_ref().unwrap()) else {
err!("Send doesn't exist")
};

update_send_from_data(send, send_data, &headers, &mut conn, &nt, UpdateType::None).await?;
Expand All @@ -623,9 +621,9 @@ async fn post_rotatekey(data: Json<KeyData>, headers: Headers, mut conn: DbConn,

for cipher_data in data.ciphers {
if cipher_data.organization_id.is_none() {
let saved_cipher = match existing_ciphers.iter_mut().find(|c| &c.uuid == cipher_data.id.as_ref().unwrap()) {
Some(cipher) => cipher,
None => err!("Cipher doesn't exist"),
let Some(saved_cipher) = existing_ciphers.iter_mut().find(|c| &c.uuid == cipher_data.id.as_ref().unwrap())
else {
err!("Cipher doesn't exist")
};

// Prevent triggering cipher updates via WebSockets by settings UpdateType::None
Expand Down Expand Up @@ -802,14 +800,12 @@ struct VerifyEmailTokenData {
async fn post_verify_email_token(data: Json<VerifyEmailTokenData>, mut conn: DbConn) -> EmptyResult {
let data: VerifyEmailTokenData = data.into_inner();

let mut user = match User::find_by_uuid(&data.user_id, &mut conn).await {
Some(user) => user,
None => err!("User doesn't exist"),
let Some(mut user) = User::find_by_uuid(&data.user_id, &mut conn).await else {
err!("User doesn't exist")
};

let claims = match decode_verify_email(&data.token) {
Ok(claims) => claims,
Err(_) => err!("Invalid claim"),
let Ok(claims) = decode_verify_email(&data.token) else {
err!("Invalid claim")
};
if claims.sub != user.uuid {
err!("Invalid claim");
Expand Down Expand Up @@ -861,15 +857,14 @@ struct DeleteRecoverTokenData {
async fn post_delete_recover_token(data: Json<DeleteRecoverTokenData>, mut conn: DbConn) -> EmptyResult {
let data: DeleteRecoverTokenData = data.into_inner();

let user = match User::find_by_uuid(&data.user_id, &mut conn).await {
Some(user) => user,
None => err!("User doesn't exist"),
let Ok(claims) = decode_delete(&data.token) else {
err!("Invalid claim")
};

let claims = match decode_delete(&data.token) {
Ok(claims) => claims,
Err(_) => err!("Invalid claim"),
let Some(user) = User::find_by_uuid(&data.user_id, &mut conn).await else {
err!("User doesn't exist")
};

if claims.sub != user.uuid {
err!("Invalid claim");
}
Expand Down Expand Up @@ -1041,11 +1036,8 @@ impl<'r> FromRequest<'r> for KnownDevice {

async fn from_request(req: &'r Request<'_>) -> Outcome<Self, Self::Error> {
let email = if let Some(email_b64) = req.headers().get_one("X-Request-Email") {
let email_bytes = match data_encoding::BASE64URL_NOPAD.decode(email_b64.as_bytes()) {
Ok(bytes) => bytes,
Err(_) => {
return Outcome::Error((Status::BadRequest, "X-Request-Email value failed to decode as base64url"));
}
let Ok(email_bytes) = data_encoding::BASE64URL_NOPAD.decode(email_b64.as_bytes()) else {
return Outcome::Error((Status::BadRequest, "X-Request-Email value failed to decode as base64url"));
};
match String::from_utf8(email_bytes) {
Ok(email) => email,
Expand Down Expand Up @@ -1086,9 +1078,9 @@ async fn put_device_token(uuid: &str, data: Json<PushToken>, headers: Headers, m
let data = data.into_inner();
let token = data.push_token;

let mut device = match Device::find_by_uuid_and_user(&headers.device.uuid, &headers.user.uuid, &mut conn).await {
Some(device) => device,
None => err!(format!("Error: device {uuid} should be present before a token can be assigned")),
let Some(mut device) = Device::find_by_uuid_and_user(&headers.device.uuid, &headers.user.uuid, &mut conn).await
else {
err!(format!("Error: device {uuid} should be present before a token can be assigned"))
};

// if the device already has been registered
Expand Down Expand Up @@ -1159,9 +1151,8 @@ async fn post_auth_request(
) -> JsonResult {
let data = data.into_inner();

let user = match User::find_by_mail(&data.email, &mut conn).await {
Some(user) => user,
None => err!("AuthRequest doesn't exist", "User not found"),
let Some(user) = User::find_by_mail(&data.email, &mut conn).await else {
err!("AuthRequest doesn't exist", "User not found")
};

// Validate device uuid and type
Expand Down Expand Up @@ -1199,15 +1190,10 @@ async fn post_auth_request(

#[get("/auth-requests/<uuid>")]
async fn get_auth_request(uuid: &str, headers: Headers, mut conn: DbConn) -> JsonResult {
let auth_request = match AuthRequest::find_by_uuid(uuid, &mut conn).await {
Some(auth_request) => auth_request,
None => err!("AuthRequest doesn't exist", "Record not found"),
let Some(auth_request) = AuthRequest::find_by_uuid_and_user(uuid, &headers.user.uuid, &mut conn).await else {
err!("AuthRequest doesn't exist", "Record not found or user uuid does not match")
};

if headers.user.uuid != auth_request.user_uuid {
err!("AuthRequest doesn't exist", "User uuid's do not match")
}

let response_date_utc = auth_request.response_date.map(|response_date| format_date(&response_date));

Ok(Json(json!({
Expand Down Expand Up @@ -1244,15 +1230,10 @@ async fn put_auth_request(
nt: Notify<'_>,
) -> JsonResult {
let data = data.into_inner();
let mut auth_request: AuthRequest = match AuthRequest::find_by_uuid(uuid, &mut conn).await {
Some(auth_request) => auth_request,
None => err!("AuthRequest doesn't exist", "Record not found"),
let Some(mut auth_request) = AuthRequest::find_by_uuid_and_user(uuid, &headers.user.uuid, &mut conn).await else {
err!("AuthRequest doesn't exist", "Record not found or user uuid does not match")
};

if headers.user.uuid != auth_request.user_uuid {
err!("AuthRequest doesn't exist", "User uuid's do not match")
}

if auth_request.approved.is_some() {
err!("An authentication request with the same device already exists")
}
Expand Down Expand Up @@ -1297,9 +1278,8 @@ async fn get_auth_request_response(
client_headers: ClientHeaders,
mut conn: DbConn,
) -> JsonResult {
let auth_request = match AuthRequest::find_by_uuid(uuid, &mut conn).await {
Some(auth_request) => auth_request,
None => err!("AuthRequest doesn't exist", "User not found"),
let Some(auth_request) = AuthRequest::find_by_uuid(uuid, &mut conn).await else {
err!("AuthRequest doesn't exist", "User not found")
};

if auth_request.device_type != client_headers.device_type
Expand Down
Loading

0 comments on commit 9cd400d

Please sign in to comment.