From 058998d73d9a69f7875f07b91baa690ab2ee67e5 Mon Sep 17 00:00:00 2001 From: jb-alvarado Date: Sat, 2 Dec 2023 21:52:34 +0100 Subject: [PATCH] fix route protection --- ffplayout-api/src/api/routes.rs | 56 ++++++++++++++++----------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/ffplayout-api/src/api/routes.rs b/ffplayout-api/src/api/routes.rs index 58c89ee2..4c575d4e 100644 --- a/ffplayout-api/src/api/routes.rs +++ b/ffplayout-api/src/api/routes.rs @@ -218,7 +218,7 @@ pub async fn login(pool: web::Data>, credentials: web::Json) /// -H 'Authorization: Bearer ' /// ``` #[get("/user")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn get_user( pool: web::Data>, user: web::ReqData, @@ -278,7 +278,7 @@ async fn get_users(pool: web::Data>) -> Result", "password": ""}' -H 'Authorization: Bearer ' /// ``` #[put("/user/{id}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn update_user( pool: web::Data>, id: web::Path, @@ -388,7 +388,7 @@ async fn remove_user( /// } /// ``` #[get("/channel/{id}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn get_channel( pool: web::Data>, id: web::Path, @@ -406,7 +406,7 @@ async fn get_channel( /// curl -X GET http://127.0.0.1:8787/api/channels -H "Authorization: Bearer " /// ``` #[get("/channels")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn get_all_channels(pool: web::Data>) -> Result { if let Ok(channel) = handles::select_all_channels(&pool.into_inner()).await { return Ok(web::Json(channel)); @@ -486,7 +486,7 @@ async fn remove_channel( /// /// Response is a JSON object from the ffplayout.yml #[get("/playout/config/{id}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn get_playout_config( pool: web::Data>, id: web::Path, @@ -542,7 +542,7 @@ async fn update_playout_config( /// -H 'Authorization: Bearer ' /// ``` #[get("/presets/{id}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn get_presets( pool: web::Data>, id: web::Path, @@ -562,7 +562,7 @@ async fn get_presets( /// -H 'Authorization: Bearer ' /// ``` #[put("/presets/{id}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn update_preset( pool: web::Data>, id: web::Path, @@ -586,7 +586,7 @@ async fn update_preset( /// -H 'Authorization: Bearer ' /// ``` #[post("/presets/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn add_preset( pool: web::Data>, data: web::Json, @@ -608,7 +608,7 @@ async fn add_preset( /// -H 'Authorization: Bearer ' /// ``` #[delete("/presets/{id}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn delete_preset( pool: web::Data>, id: web::Path, @@ -639,7 +639,7 @@ async fn delete_preset( /// -d '{"text": "Hello from ffplayout", "x": "(w-text_w)/2", "y": "(h-text_h)/2", fontsize": "24", "line_spacing": "4", "fontcolor": "#ffffff", "box": "1", "boxcolor": "#000000", "boxborderw": "4", "alpha": "1.0"}' /// ``` #[post("/control/{id}/text/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn send_text_message( pool: web::Data>, id: web::Path, @@ -662,7 +662,7 @@ pub async fn send_text_message( /// -d '{ "command": "reset" }' -H 'Authorization: Bearer ' /// ``` #[post("/control/{id}/playout/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn control_playout( pool: web::Data>, id: web::Path, @@ -705,7 +705,7 @@ pub async fn control_playout( /// } /// ``` #[get("/control/{id}/media/current")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn media_current( pool: web::Data>, id: web::Path, @@ -722,7 +722,7 @@ pub async fn media_current( /// curl -X GET http://127.0.0.1:8787/api/control/1/media/next/ -H 'Authorization: Bearer ' /// ``` #[get("/control/{id}/media/next")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn media_next( pool: web::Data>, id: web::Path, @@ -740,7 +740,7 @@ pub async fn media_next( /// -H 'Content-Type: application/json' -H 'Authorization: Bearer ' /// ``` #[get("/control/{id}/media/last")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn media_last( pool: web::Data>, id: web::Path, @@ -765,7 +765,7 @@ pub async fn media_last( /// -d '{"command": "start"}' /// ``` #[post("/control/{id}/process/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn process_control( pool: web::Data>, id: web::Path, @@ -784,7 +784,7 @@ pub async fn process_control( /// -H 'Content-Type: application/json' -H 'Authorization: Bearer ' /// ``` #[get("/playlist/{id}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn get_playlist( pool: web::Data>, id: web::Path, @@ -804,7 +804,7 @@ pub async fn get_playlist( /// --data "{}" /// ``` #[post("/playlist/{id}/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn save_playlist( pool: web::Data>, id: web::Path, @@ -835,7 +835,7 @@ pub async fn save_playlist( /// {"start": "10:00:00", "duration": "14:00:00", "shuffle": false, "paths": ["path/3", "path/4"]}]}}' /// ``` #[post("/playlist/{id}/generate/{date}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn gen_playlist( pool: web::Data>, params: web::Path<(i32, String)>, @@ -873,7 +873,7 @@ pub async fn gen_playlist( /// -H 'Content-Type: application/json' -H 'Authorization: Bearer ' /// ``` #[delete("/playlist/{id}/{date}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn del_playlist( pool: web::Data>, params: web::Path<(i32, String)>, @@ -893,7 +893,7 @@ pub async fn del_playlist( /// -H 'Content-Type: application/json' -H 'Authorization: Bearer ' /// ``` #[get("/log/{id}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn get_log( pool: web::Data>, id: web::Path, @@ -911,7 +911,7 @@ pub async fn get_log( /// -d '{ "source": "/" }' -H 'Authorization: Bearer ' /// ``` #[post("/file/{id}/browse/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn file_browser( pool: web::Data>, id: web::Path, @@ -930,7 +930,7 @@ pub async fn file_browser( /// -d '{"source": ""}' -H 'Authorization: Bearer ' /// ``` #[post("/file/{id}/create-folder/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn add_dir( pool: web::Data>, id: web::Path, @@ -946,7 +946,7 @@ pub async fn add_dir( /// -d '{"source": "", "target": ""}' -H 'Authorization: Bearer ' /// ``` #[post("/file/{id}/rename/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn move_rename( pool: web::Data>, id: web::Path, @@ -965,7 +965,7 @@ pub async fn move_rename( /// -d '{"source": ""}' -H 'Authorization: Bearer ' /// ``` #[post("/file/{id}/remove/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn remove( pool: web::Data>, id: web::Path, @@ -984,7 +984,7 @@ pub async fn remove( /// -F "file=@file.mp4" /// ``` #[put("/file/{id}/upload/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn save_file( pool: web::Data>, id: web::Path, @@ -1060,7 +1060,7 @@ async fn get_public(public: web::Path) -> Result>, id: web::Path, @@ -1103,7 +1103,7 @@ async fn import_playlist( /// -H 'Authorization: Bearer ' /// ``` #[get("/program/{id}/")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] async fn get_program( pool: web::Data>, id: web::Path, @@ -1189,7 +1189,7 @@ async fn get_program( /// -H 'Content-Type: application/json' -H 'Authorization: Bearer ' /// ``` #[get("/system/{id}")] -#[protect("Role::Admin", "Role::User", ty = "Role")] +#[protect(any("Role::Admin", "Role::User"), ty = "Role")] pub async fn get_system_stat( pool: web::Data>, id: web::Path,