diff --git a/.sqlx/query-5b090e1e68c28c448b51811b0f4d5160ac09ce56db5c7082865448411dc47cd0.json b/.sqlx/query-5b090e1e68c28c448b51811b0f4d5160ac09ce56db5c7082865448411dc47cd0.json deleted file mode 100644 index cfbb153..0000000 --- a/.sqlx/query-5b090e1e68c28c448b51811b0f4d5160ac09ce56db5c7082865448411dc47cd0.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "db_name": "SQLite", - "query": "UPDATE committee SET poll_count = poll_count + 1 WHERE name = $1", - "describe": { - "columns": [], - "parameters": { - "Right": 1 - }, - "nullable": [] - }, - "hash": "5b090e1e68c28c448b51811b0f4d5160ac09ce56db5c7082865448411dc47cd0" -} diff --git a/.sqlx/query-6f0ad1b206a91ecc03afc952e82abda876d7b70212da0fdf9d9331a621578f5a.json b/.sqlx/query-6f0ad1b206a91ecc03afc952e82abda876d7b70212da0fdf9d9331a621578f5a.json deleted file mode 100644 index 0b65b4b..0000000 --- a/.sqlx/query-6f0ad1b206a91ecc03afc952e82abda876d7b70212da0fdf9d9331a621578f5a.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "db_name": "SQLite", - "query": "SELECT name FROM committee", - "describe": { - "columns": [ - { - "name": "name", - "ordinal": 0, - "type_info": "Text" - } - ], - "parameters": { - "Right": 0 - }, - "nullable": [ - true - ] - }, - "hash": "6f0ad1b206a91ecc03afc952e82abda876d7b70212da0fdf9d9331a621578f5a" -} diff --git a/.sqlx/query-af4ddce9ab335303494ad6a0f7f9efbd66b1754ffd957a23610b1323dbaa6f0d.json b/.sqlx/query-af4ddce9ab335303494ad6a0f7f9efbd66b1754ffd957a23610b1323dbaa6f0d.json deleted file mode 100644 index f89ded7..0000000 --- a/.sqlx/query-af4ddce9ab335303494ad6a0f7f9efbd66b1754ffd957a23610b1323dbaa6f0d.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "db_name": "SQLite", - "query": "INSERT INTO committee(name) VALUES($1)", - "describe": { - "columns": [], - "parameters": { - "Right": 1 - }, - "nullable": [] - }, - "hash": "af4ddce9ab335303494ad6a0f7f9efbd66b1754ffd957a23610b1323dbaa6f0d" -} diff --git a/.sqlx/query-d0c6ad43c92be65d1c600aee4fecc30ce14f1ecfc988e92e837f778d0a67df03.json b/.sqlx/query-d0c6ad43c92be65d1c600aee4fecc30ce14f1ecfc988e92e837f778d0a67df03.json deleted file mode 100644 index afeb04e..0000000 --- a/.sqlx/query-d0c6ad43c92be65d1c600aee4fecc30ce14f1ecfc988e92e837f778d0a67df03.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "db_name": "SQLite", - "query": "SELECT * FROM committee", - "describe": { - "columns": [ - { - "name": "name", - "ordinal": 0, - "type_info": "Text" - }, - { - "name": "poll_count", - "ordinal": 1, - "type_info": "Int64" - } - ], - "parameters": { - "Right": 0 - }, - "nullable": [ - true, - false - ] - }, - "hash": "d0c6ad43c92be65d1c600aee4fecc30ce14f1ecfc988e92e837f778d0a67df03" -} diff --git a/.sqlx/query-d32dd5b9da3258a0f3d45565c7f6550b1fdbd9f32fb0e313964e5058dc1a10b8.json b/.sqlx/query-d32dd5b9da3258a0f3d45565c7f6550b1fdbd9f32fb0e313964e5058dc1a10b8.json deleted file mode 100644 index b0ed104..0000000 --- a/.sqlx/query-d32dd5b9da3258a0f3d45565c7f6550b1fdbd9f32fb0e313964e5058dc1a10b8.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "db_name": "SQLite", - "query": "DELETE FROM committee WHERE name = $1", - "describe": { - "columns": [], - "parameters": { - "Right": 1 - }, - "nullable": [] - }, - "hash": "d32dd5b9da3258a0f3d45565c7f6550b1fdbd9f32fb0e313964e5058dc1a10b8" -} diff --git a/src/cmd_authentication.rs b/src/cmd_authentication.rs index e675e7c..71fe7eb 100644 --- a/src/cmd_authentication.rs +++ b/src/cmd_authentication.rs @@ -1,11 +1,8 @@ -use std::sync::Arc; - +use crate::{commands::RESTRICTED_COMMANDS, config::config, HandlerResult}; use sqlx::SqlitePool; +use std::sync::Arc; use teloxide::{requests::Requester, types::Message, Bot}; -use crate::{config::config, HandlerResult}; - - pub async fn authenticate( bot: Bot, msg: Message, @@ -52,7 +49,12 @@ pub async fn admin_list(bot: Bot, msg: Message, db: Arc) -> HandlerR Ok(()) } -pub async fn admin_remove(bot: Bot, msg: Message, name: String, db: Arc) -> HandlerResult { +pub async fn admin_remove( + bot: Bot, + msg: Message, + name: String, + db: Arc, +) -> HandlerResult { let mut tx = db.begin().await?; if sqlx::query!("SELECT COUNT(*) AS count FROM admins WHERE name = $1", name) @@ -77,10 +79,22 @@ pub async fn admin_remove(bot: Bot, msg: Message, name: String, db: Arc) -> HandlerResult { +pub async fn authorize( + bot: Bot, + msg: Message, + command: String, + db: Arc, +) -> HandlerResult { let mut tx = db.begin().await?; let chat_id_str = msg.chat.id.to_string(); + + if !RESTRICTED_COMMANDS.iter().any(|c| c.shortand() == command) { + bot.send_message(msg.chat.id, "Cette commande n'existe pas") + .await?; + return Ok(()); + } + let already_authorized = sqlx::query!( r#"SELECT COUNT(*) AS count FROM authorizations WHERE chat_id = $1 AND command = $2"#, chat_id_str, @@ -89,7 +103,7 @@ pub async fn authorize(bot: Bot, msg: Message, command: String, db: Arc 0 { sqlx::query!( r#"INSERT INTO authorizations(command, chat_id) VALUES($1, $2)"#, command, @@ -160,14 +174,18 @@ pub async fn authorizations(bot: Bot, msg: Message, db: Arc) -> Hand bot.send_message( msg.chat.id, - format!( - "Ce groupe peut utiliser les commandes suivantes:\n{}", - authorizations - .into_iter() - .map(|s| format!(" - {}", s.command)) - .collect::>() - .join("\n") - ), + if authorizations.is_empty() { + "Ce groupe ne peut utiliser aucune commande".to_owned() + } else { + format!( + "Ce groupe peut utiliser les commandes suivantes:\n{}", + authorizations + .into_iter() + .map(|s| format!(" - {}", s.command)) + .collect::>() + .join("\n") + ) + }, ) .await?; diff --git a/src/cmd_bureau.rs b/src/cmd_bureau.rs index ba2e7e4..f795561 100644 --- a/src/cmd_bureau.rs +++ b/src/cmd_bureau.rs @@ -18,4 +18,4 @@ pub async fn bureau(bot: Bot, msg: Message) -> HandlerResult { .is_anonymous(false) .await?; Ok(()) -} \ No newline at end of file +} diff --git a/src/cmd_poll.rs b/src/cmd_poll.rs index 4e4c238..53e4cfb 100644 --- a/src/cmd_poll.rs +++ b/src/cmd_poll.rs @@ -9,8 +9,7 @@ use teloxide::{ prelude::Dialogue, requests::Requester, types::{ - CallbackQuery, InlineKeyboardButton, InlineKeyboardMarkup, Message, MessageId, - ReplyMarkup, + CallbackQuery, InlineKeyboardButton, InlineKeyboardMarkup, Message, MessageId, ReplyMarkup, }, Bot, }; @@ -36,11 +35,7 @@ pub enum PollState { pub type PollDialogue = Dialogue>; /// Starts the /poll dialogue by sending a message with an inline keyboard to select the target of the /poll. -pub async fn start_poll_dialogue( - bot: Bot, - msg: Message, - dialogue: PollDialogue, -) -> HandlerResult { +pub async fn start_poll_dialogue(bot: Bot, msg: Message, dialogue: PollDialogue) -> HandlerResult { log::info!("Starting /poll dialogue"); log::debug!("Removing /poll message"); @@ -207,4 +202,4 @@ pub async fn stats(bot: Bot, msg: Message) -> HandlerResult { .await?; Ok(()) -} \ No newline at end of file +} diff --git a/src/commands.rs b/src/commands.rs index 953a02e..a3d1f53 100644 --- a/src/commands.rs +++ b/src/commands.rs @@ -2,11 +2,7 @@ use std::sync::Arc; use sqlx::SqlitePool; use teloxide::{ - dispatching::DpHandlerDescription, - prelude::*, - types::{Message, MessageCommon, MessageKind}, - utils::command::BotCommands, - Bot, + dispatching::DpHandlerDescription, prelude::*, types::Message, utils::command::BotCommands, Bot, }; use crate::{ @@ -68,7 +64,7 @@ fn require_authorization() -> Endpoint<'static, DependencyMap, HandlerResult, Dp |command: Command, msg: Message, pool: Arc| async move { let chat_id = msg.chat.id.to_string(); let shortand = command.shortand(); - match sqlx::query!( + let authorized = match sqlx::query!( r#"SELECT COUNT(*) AS count FROM authorizations WHERE chat_id = $1 AND command = $2"#, chat_id, shortand @@ -80,7 +76,13 @@ fn require_authorization() -> Endpoint<'static, DependencyMap, HandlerResult, Dp log::error!("Could not check authorization in database: {:?}", e); false }, + }; + + if !authorized { + log::warn!("Chat {} tried to use the commmand {}", msg.chat.id, command.shortand()) } + + authorized }, ) } @@ -141,6 +143,8 @@ pub enum Command { Stats, } +pub const RESTRICTED_COMMANDS: [Command; 3] = [Command::Bureau, Command::Poll, Command::Stats]; + impl Command { // Used as key for the access control map pub fn shortand(&self) -> &str { diff --git a/src/main.rs b/src/main.rs index b63db1b..747ac97 100644 --- a/src/main.rs +++ b/src/main.rs @@ -9,17 +9,17 @@ use teloxide::{ }; use crate::{ + cmd_poll::PollState, commands::{command_callback_query_handler, command_message_handler, Command}, directus::{update_committee, Committee}, - cmd_poll::PollState }; +mod cmd_authentication; +mod cmd_bureau; +mod cmd_poll; mod commands; mod config; mod directus; -mod cmd_poll; -mod cmd_bureau; -mod cmd_authentication; pub type HandlerResult = Result<(), Box>; @@ -47,7 +47,8 @@ async fn main() { id: 1, name: "".into(), poll_count: 15, - }]).await; + }]) + .await; log::info!("Loading config files"); config::config();