Commit c5f3f921 authored by Robert Czechowski's avatar Robert Czechowski
Browse files

Rename functions -> core, put widely use functions in helpers.rs

parent 61f612f5
Pipeline #200 failed with stage
in 5 minutes and 56 seconds
extern crate bcrypt;
use webfw_iron::{json_val, to_json};
use time; use time;
use rand::{distributions::Alphanumeric, thread_rng, Rng};
use db_conn::MedalConnection; use db_conn::MedalConnection;
use db_objects::{Grade, Group, Submission, Taskgroup};
use db_objects::{Grade, Group, SessionUser, Submission, Taskgroup}; use helpers;
use oauth_provider::OauthProvider;
use self::bcrypt::hash; use webfw_iron::{json_val, to_json};
#[derive(Serialize, Deserialize)] #[derive(Serialize, Deserialize)]
pub struct SubTaskInfo { pub struct SubTaskInfo {
...@@ -53,8 +47,6 @@ type MedalValue = (String, json_val::Map<String, json_val::Value>); ...@@ -53,8 +47,6 @@ type MedalValue = (String, json_val::Map<String, json_val::Value>);
type MedalResult<T> = Result<T, MedalError>; type MedalResult<T> = Result<T, MedalError>;
type MedalValueResult = MedalResult<MedalValue>; type MedalValueResult = MedalResult<MedalValue>;
use oauth_provider::OauthProvider;
pub fn index<T: MedalConnection>(conn: &T, session_token: Option<String>, pub fn index<T: MedalConnection>(conn: &T, session_token: Option<String>,
(self_url, oauth_providers): (Option<String>, Option<Vec<OauthProvider>>)) (self_url, oauth_providers): (Option<String>, Option<Vec<OauthProvider>>))
-> (String, json_val::Map<String, json_val::Value>) -> (String, json_val::Map<String, json_val::Value>)
...@@ -551,14 +543,7 @@ pub fn add_group<T: MedalConnection>(conn: &T, session_token: &str, csrf_token: ...@@ -551,14 +543,7 @@ pub fn add_group<T: MedalConnection>(conn: &T, session_token: &str, csrf_token:
return Err(MedalError::CsrfCheckFailed); return Err(MedalError::CsrfCheckFailed);
} }
let group_code: String = Some('g').into_iter() let group_code = helpers::make_group_code();
.chain(thread_rng().sample_iter(&Alphanumeric))
.filter(|x| {
let x = *x;
!(x == 'l' || x == 'I' || x == '1' || x == 'O' || x == 'o' || x == '0')
})
.take(7)
.collect();
// TODO: check for collisions // TODO: check for collisions
let mut group = let mut group =
...@@ -654,14 +639,6 @@ pub fn show_profile<T: MedalConnection>(conn: &T, session_token: &str, user_id: ...@@ -654,14 +639,6 @@ pub fn show_profile<T: MedalConnection>(conn: &T, session_token: &str, user_id:
Ok(("profile".to_string(), data)) Ok(("profile".to_string(), data))
} }
fn hash_password(password: &str, salt: &str) -> Result<String, MedalError> {
let password_and_salt = [password, salt].concat().to_string();
match hash(password_and_salt, 5) {
Ok(result) => Ok(result),
Err(_) => Err(MedalError::PasswordHashingError),
}
}
#[derive(Debug)] #[derive(Debug)]
pub enum ProfileStatus { pub enum ProfileStatus {
NothingChanged, NothingChanged,
...@@ -705,8 +682,8 @@ pub fn edit_profile<T: MedalConnection>(conn: &T, session_token: &str, user_id: ...@@ -705,8 +682,8 @@ pub fn edit_profile<T: MedalConnection>(conn: &T, session_token: &str, user_id:
if let (Some(password), Some(password_repeat)) = (password, password_repeat) { if let (Some(password), Some(password_repeat)) = (password, password_repeat) {
if password != "" || password_repeat != "" { if password != "" || password_repeat != "" {
if password == password_repeat { if password == password_repeat {
let salt: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let salt = helpers::make_salt();
let hash = hash_password(&password, &salt)?; let hash = helpers::hash_password(&password, &salt)?;
password_and_salt = Some((hash, salt)); password_and_salt = Some((hash, salt));
result = ProfileStatus::PasswordChanged; result = ProfileStatus::PasswordChanged;
...@@ -800,7 +777,7 @@ pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData) ...@@ -800,7 +777,7 @@ pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData)
-> Result<String, (String, json_val::Map<String, json_val::Value>)> { -> Result<String, (String, json_val::Map<String, json_val::Value>)> {
match conn.login_foreign(None, match conn.login_foreign(None,
&user_data.foreign_id, &user_data.foreign_id,
user_data.foreign_type, user_data.foreign_type != UserType::User,
&user_data.firstname, &user_data.firstname,
&user_data.lastname) &user_data.lastname)
{ {
...@@ -812,17 +789,3 @@ pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData) ...@@ -812,17 +789,3 @@ pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData)
} }
} }
} }
pub trait SetPassword {
fn set_password(&mut self, &str) -> Option<()>;
}
impl SetPassword for SessionUser {
fn set_password(&mut self, password: &str) -> Option<()> {
let salt: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect();
let hash = hash_password(password, &salt).ok()?;
self.password = Some(hash);
self.salt = Some(salt);
Some(())
}
}
use db_objects::*; use db_objects::*;
use functions;
pub trait MedalConnection { pub trait MedalConnection {
fn dbtype(&self) -> &'static str; fn dbtype(&self) -> &'static str;
...@@ -19,8 +18,8 @@ pub trait MedalConnection { ...@@ -19,8 +18,8 @@ pub trait MedalConnection {
fn login(&self, session: Option<&str>, username: &str, password: &str) -> Result<String, ()>; fn login(&self, session: Option<&str>, username: &str, password: &str) -> Result<String, ()>;
fn login_with_code(&self, session: Option<&str>, logincode: &str) -> Result<String, ()>; fn login_with_code(&self, session: Option<&str>, logincode: &str) -> Result<String, ()>;
fn login_foreign(&self, session: Option<&str>, foreign_id: &str, foreign_type: functions::UserType, fn login_foreign(&self, session: Option<&str>, foreign_id: &str, is_teacher: bool, firstname: &str,
firstname: &str, lastname: &str) lastname: &str)
-> Result<String, ()>; -> Result<String, ()>;
fn create_user_with_groupcode(&self, session: Option<&str>, groupcode: &str) -> Result<String, ()>; fn create_user_with_groupcode(&self, session: Option<&str>, groupcode: &str) -> Result<String, ()>;
fn logout(&self, session: &str); fn logout(&self, session: &str);
......
#![cfg(feature = "postgres")] #![cfg(feature = "postgres")]
extern crate bcrypt;
extern crate postgres; extern crate postgres;
use self::postgres::Connection; use postgres::Connection;
use time;
use time::Duration;
use db_conn::{MedalConnection, MedalObject}; use db_conn::{MedalConnection, MedalObject};
use db_objects::*; use db_objects::*;
use helpers;
use rand::{distributions::Alphanumeric, thread_rng, Rng};
use self::time::Duration;
use time;
use self::bcrypt::verify;
use functions; // todo: remove (usertype in db)
fn verify_password(password: &str, salt: &str, password_hash: &str) -> bool {
let password_and_salt = [password, salt].concat().to_string();
match verify(password_and_salt, password_hash) {
Ok(result) => result,
_ => false,
}
}
trait Queryable { trait Queryable {
fn query_map_one<T, F>(&self, sql: &str, params: &[&postgres::types::ToSql], f: F) -> postgres::Result<Option<T>> fn query_map_one<T, F>(&self, sql: &str, params: &[&postgres::types::ToSql], f: F) -> postgres::Result<Option<T>>
...@@ -146,7 +131,7 @@ impl MedalConnection for Connection { ...@@ -146,7 +131,7 @@ impl MedalConnection for Connection {
.unwrap(); .unwrap();
} }
fn new_session(&self, session_token: &str) -> SessionUser { fn new_session(&self, session_token: &str) -> SessionUser {
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_csrf_token();
let now = time::get_time(); let now = time::get_time();
self.execute("INSERT INTO session (session_token, csrf_token, last_activity, permanent_login, grade, is_teacher) self.execute("INSERT INTO session (session_token, csrf_token, last_activity, permanent_login, grade, is_teacher)
...@@ -239,15 +224,15 @@ impl MedalConnection for Connection { ...@@ -239,15 +224,15 @@ impl MedalConnection for Connection {
(row.get(0), row.get(1), row.get(2)); (row.get(0), row.get(1), row.get(2));
//password_hash ist das, was in der Datenbank steht //password_hash ist das, was in der Datenbank steht
if verify_password(&password, if helpers::verify_password(&password,
&salt.expect("salt from database empty"), &salt.expect("salt from database empty"),
&password_hash.expect("password from database empty")) &password_hash.expect("password from database empty"))
{ {
// TODO: fail more pleasantly // TODO: fail more pleasantly
// Login okay, update session now! // Login okay, update session now!
let session_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let session_token = helpers::make_session_token();
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_csrf_token();
let now = time::get_time(); let now = time::get_time();
self.execute("UPDATE session SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3 WHERE id = $4", &[&session_token, &csrf_token, &now, &id]).unwrap(); self.execute("UPDATE session SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3 WHERE id = $4", &[&session_token, &csrf_token, &now, &id]).unwrap();
...@@ -268,8 +253,8 @@ impl MedalConnection for Connection { ...@@ -268,8 +253,8 @@ impl MedalConnection for Connection {
// Login okay, update session now! // Login okay, update session now!
let id: i32 = row.get(0); let id: i32 = row.get(0);
let session_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let session_token = helpers::make_session_token();
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_csrf_token();
let now = time::get_time(); let now = time::get_time();
self.execute("UPDATE session SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3 WHERE id = $4", &[&session_token, &csrf_token, &now, &id]).unwrap(); self.execute("UPDATE session SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3 WHERE id = $4", &[&session_token, &csrf_token, &now, &id]).unwrap();
...@@ -281,12 +266,12 @@ impl MedalConnection for Connection { ...@@ -281,12 +266,12 @@ impl MedalConnection for Connection {
} }
//TODO: use session //TODO: use session
fn login_foreign(&self, _session: Option<&str>, foreign_id: &str, foreign_type: functions::UserType, fn login_foreign(&self, _session: Option<&str>, foreign_id: &str, is_teacher: bool, firstname: &str,
firstname: &str, lastname: &str) lastname: &str)
-> Result<String, ()> -> Result<String, ()>
{ {
let session_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let session_token = helpers::make_session_token();
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_csrf_token();
let now = time::get_time(); let now = time::get_time();
match self.query("SELECT id FROM session WHERE oauth_foreign_id = $1", &[&foreign_id]).unwrap().iter().next() { match self.query("SELECT id FROM session WHERE oauth_foreign_id = $1", &[&foreign_id]).unwrap().iter().next() {
...@@ -299,7 +284,7 @@ impl MedalConnection for Connection { ...@@ -299,7 +284,7 @@ impl MedalConnection for Connection {
} }
// Add! // Add!
_ => { _ => {
self.execute("INSERT INTO session (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, oauth_foreign_id, firstname, lastname) VALUES ($1, $2, $3, $3, $4, $5, $6, $7, $8, $9)", &[&session_token, &csrf_token, &now, &false, &0, &(foreign_type != functions::UserType::User), &foreign_id, &firstname, &lastname]).unwrap(); self.execute("INSERT INTO session (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, oauth_foreign_id, firstname, lastname) VALUES ($1, $2, $3, $3, $4, $5, $6, $7, $8, $9)", &[&session_token, &csrf_token, &now, &false, &0, &is_teacher, &foreign_id, &firstname, &lastname]).unwrap();
Ok(session_token) Ok(session_token)
} }
...@@ -313,17 +298,9 @@ impl MedalConnection for Connection { ...@@ -313,17 +298,9 @@ impl MedalConnection for Connection {
// Login okay, create session! // Login okay, create session!
let group_id: i32 = row.get(0); let group_id: i32 = row.get(0);
let session_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let session_token = helpers::make_session_token();
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_csrf_token();
let login_code: String = let login_code = helpers::make_login_code();
Some('u').into_iter()
.chain(thread_rng().sample_iter(&Alphanumeric))
.filter(|x| {
let x = *x;
!(x == 'l' || x == 'I' || x == '1' || x == 'O' || x == 'o' || x == '0')
})
.take(9)
.collect();
// todo: check for collisions // todo: check for collisions
let now = time::get_time(); let now = time::get_time();
......
#![cfg(feature = "rusqlite")] #![cfg(feature = "rusqlite")]
extern crate bcrypt;
extern crate rusqlite; extern crate rusqlite;
use self::rusqlite::Connection; use rusqlite::Connection;
use time;
use time::Duration;
use db_conn::{MedalConnection, MedalObject}; use db_conn::{MedalConnection, MedalObject};
use db_objects::*; use db_objects::*;
use helpers;
use rand::{distributions::Alphanumeric, thread_rng, Rng};
use self::time::Duration;
use time;
use self::bcrypt::verify;
use functions; // todo: remove (usertype in db)
fn verify_password(password: &str, salt: &str, password_hash: &str) -> bool {
let password_and_salt = [password, salt].concat().to_string();
match verify(password_and_salt, password_hash) {
Ok(result) => result,
_ => false,
}
}
trait Queryable { trait Queryable {
fn query_map_one<T, F>(&self, sql: &str, params: &[&rusqlite::types::ToSql], f: F) -> rusqlite::Result<Option<T>> fn query_map_one<T, F>(&self, sql: &str, params: &[&rusqlite::types::ToSql], f: F) -> rusqlite::Result<Option<T>>
...@@ -146,7 +131,7 @@ impl MedalConnection for Connection { ...@@ -146,7 +131,7 @@ impl MedalConnection for Connection {
.unwrap(); .unwrap();
} }
fn new_session(&self, session_token: &str) -> SessionUser { fn new_session(&self, session_token: &str) -> SessionUser {
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_csrf_token();
let now = time::get_time(); let now = time::get_time();
self.execute("INSERT INTO session_user (session_token, csrf_token, last_activity, permanent_login, grade, is_teacher) self.execute("INSERT INTO session_user (session_token, csrf_token, last_activity, permanent_login, grade, is_teacher)
...@@ -227,15 +212,15 @@ impl MedalConnection for Connection { ...@@ -227,15 +212,15 @@ impl MedalConnection for Connection {
{ {
Ok((id, password_hash, salt)) => { Ok((id, password_hash, salt)) => {
//password_hash ist das, was in der Datenbank steht //password_hash ist das, was in der Datenbank steht
if verify_password(&password, if helpers::verify_password(&password,
&salt.expect("salt from database empty"), &salt.expect("salt from database empty"),
&password_hash.expect("password from database empty")) &password_hash.expect("password from database empty"))
{ {
// TODO: fail more pleasantly // TODO: fail more pleasantly
// Login okay, update session now! // Login okay, update session now!
let session_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let session_token = helpers::make_session_token();
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_session_token();
let now = time::get_time(); let now = time::get_time();
self.execute("UPDATE session_user SET session_token = ?1, csrf_token = ?2, last_login = ?3, last_activity = ?3 WHERE id = ?4", &[&session_token, &csrf_token, &now, &id]).unwrap(); self.execute("UPDATE session_user SET session_token = ?1, csrf_token = ?2, last_login = ?3, last_activity = ?3 WHERE id = ?4", &[&session_token, &csrf_token, &now, &id]).unwrap();
...@@ -257,8 +242,8 @@ impl MedalConnection for Connection { ...@@ -257,8 +242,8 @@ impl MedalConnection for Connection {
Ok(id) => { Ok(id) => {
// Login okay, update session now! // Login okay, update session now!
let session_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let session_token = helpers::make_session_token();
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_csrf_token();
let now = time::get_time(); let now = time::get_time();
self.execute("UPDATE session_user SET session_token = ?1, csrf_token = ?2, last_login = ?3, last_activity = ?3 WHERE id = ?4", &[&session_token, &csrf_token, &now, &id]).unwrap(); self.execute("UPDATE session_user SET session_token = ?1, csrf_token = ?2, last_login = ?3, last_activity = ?3 WHERE id = ?4", &[&session_token, &csrf_token, &now, &id]).unwrap();
...@@ -270,12 +255,12 @@ impl MedalConnection for Connection { ...@@ -270,12 +255,12 @@ impl MedalConnection for Connection {
} }
//TODO: use session //TODO: use session
fn login_foreign(&self, _session: Option<&str>, foreign_id: &str, foreign_type: functions::UserType, fn login_foreign(&self, _session: Option<&str>, foreign_id: &str, is_teacher: bool, firstname: &str,
firstname: &str, lastname: &str) lastname: &str)
-> Result<String, ()> -> Result<String, ()>
{ {
let session_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let session_token = helpers::make_session_token();
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_csrf_token();
let now = time::get_time(); let now = time::get_time();
match self.query_row("SELECT id FROM session_user WHERE oauth_foreign_id = ?1", &[&foreign_id], |row| -> i32 { match self.query_row("SELECT id FROM session_user WHERE oauth_foreign_id = ?1", &[&foreign_id], |row| -> i32 {
...@@ -288,7 +273,7 @@ impl MedalConnection for Connection { ...@@ -288,7 +273,7 @@ impl MedalConnection for Connection {
} }
// Add! // Add!
_ => { _ => {
self.execute("INSERT INTO session_user (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, oauth_foreign_id, firstname, lastname) VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8, ?9)", &[&session_token, &csrf_token, &now, &false, &0, &(foreign_type != functions::UserType::User), &foreign_id, &firstname, &lastname]).unwrap(); self.execute("INSERT INTO session_user (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, oauth_foreign_id, firstname, lastname) VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8, ?9)", &[&session_token, &csrf_token, &now, &false, &0, &is_teacher, &foreign_id, &firstname, &lastname]).unwrap();
Ok(session_token) Ok(session_token)
} }
...@@ -303,18 +288,9 @@ impl MedalConnection for Connection { ...@@ -303,18 +288,9 @@ impl MedalConnection for Connection {
Ok(group_id) => { Ok(group_id) => {
// Login okay, create session_user! // Login okay, create session_user!
let session_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let session_token = helpers::make_session_token();
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect(); let csrf_token = helpers::make_csrf_token();
let login_code: String = let login_code = helpers::make_login_code(); // TODO: check for collisions
Some('u').into_iter()
.chain(thread_rng().sample_iter(&Alphanumeric))
.filter(|x| {
let x = *x;
!(x == 'l' || x == 'I' || x == '1' || x == 'O' || x == 'o' || x == '0')
})
.take(9)
.collect();
// todo: check for collisions
let now = time::get_time(); let now = time::get_time();
self.execute("INSERT INTO session_user (session_token, csrf_token, last_login, last_activity, permanent_login, logincode, grade, is_teacher, managed_by) VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8)", &[&session_token, &csrf_token, &now, &false, &login_code, &0, &false, &group_id]).unwrap(); self.execute("INSERT INTO session_user (session_token, csrf_token, last_login, last_activity, permanent_login, logincode, grade, is_teacher, managed_by) VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8)", &[&session_token, &csrf_token, &now, &false, &login_code, &0, &false, &group_id]).unwrap();
......
use rand::{thread_rng, Rng}; extern crate bcrypt;
fn make_session_key() -> String { use rand::{distributions::Alphanumeric, thread_rng, Rng};
thread_rng().gen_ascii_chars().take(10).collect()
use core::MedalError;
use db_objects::SessionUser;
pub fn make_session_token() -> String { thread_rng().sample_iter(&Alphanumeric).take(10).collect() }
pub fn make_csrf_token() -> String { thread_rng().sample_iter(&Alphanumeric).take(10).collect() }
pub fn make_salt() -> String { thread_rng().sample_iter(&Alphanumeric).take(10).collect() }
pub fn make_group_code() -> String {
Some('g').into_iter()
.chain(thread_rng().sample_iter(&Alphanumeric))
.filter(|x| {
let x = *x;
!(x == 'l' || x == 'I' || x == '1' || x == 'O' || x == 'o' || x == '0')
})
.take(7)
.collect()
}
pub fn make_login_code() -> String {
Some('u').into_iter()
.chain(thread_rng().sample_iter(&Alphanumeric))
.filter(|x| {
let x = *x;
!(x == 'l' || x == 'I' || x == '1' || x == 'O' || x == 'o' || x == '0')
})
.take(9)
.collect()
}
pub fn hash_password(password: &str, salt: &str) -> Result<String, MedalError> {
let password_and_salt = [password, salt].concat().to_string();
match bcrypt::hash(password_and_salt, 5) {
Ok(result) => Ok(result),
Err(_) => Err(MedalError::PasswordHashingError),
}
}
pub fn verify_password(password: &str, salt: &str, password_hash: &str) -> bool {
let password_and_salt = [password, salt].concat().to_string();
match bcrypt::verify(password_and_salt, password_hash) {
Ok(result) => result,
_ => false,
}
}
pub trait SetPassword {
fn set_password(&mut self, &str) -> Option<()>;
}
impl SetPassword for SessionUser {
fn set_password(&mut self, password: &str) -> Option<()> {
let salt: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect();
let hash = hash_password(password, &salt).ok()?;
self.password = Some(hash);
self.salt = Some(salt);
Some(())
}
} }
...@@ -29,8 +29,9 @@ extern crate webbrowser; ...@@ -29,8 +29,9 @@ extern crate webbrowser;
pub mod config; pub mod config;
pub mod contestreader_yaml; pub mod contestreader_yaml;
pub mod core;
pub mod db_conn; pub mod db_conn;
pub mod functions; pub mod helpers;
pub mod oauth_provider; pub mod oauth_provider;
mod db_apply_migrations; mod db_apply_migrations;
...@@ -41,7 +42,7 @@ mod webfw_iron; ...@@ -41,7 +42,7 @@ mod webfw_iron;
use db_conn::{MedalConnection, MedalObject}; use db_conn::{MedalConnection, MedalObject};
use db_objects::*; use db_objects::*;
use functions::SetPassword; // TODO: Refactor, so we don't need to take this from there! use helpers::SetPassword; // TODO: Refactor, so we don't need to take this from there!
use webfw_iron::start_server; use webfw_iron::start_server;
use config::Config; use config::Config;
...@@ -597,17 +598,17 @@ mod tests { ...@@ -597,17 +598,17 @@ mod tests {
let mut resp = client.get("http://localhost:8085/load/1").send().unwrap(); let mut resp = client.get("http://localhost:8085/load/1").send().unwrap();
assert_eq!(resp.status(), StatusCode::OK); assert_eq!(resp.status(), StatusCode::OK);
let content = resp.text().unwrap(); let content = resp.text().unwrap();
assert_eq!(content, "{}"); assert_eq!(content, "{}");
let params = [("data","WrongData"),("grade","1"),("csrf_token", "FNQU4QsEMY")]; let params = [("data", "WrongData"), ("grade", "1"), ("csrf_token", "FNQU4QsEMY")];
let resp = client.post("http://localhost:8085/save/1").form(&params).send().unwrap(); let resp = client.post("http://localhost:8085/save/1").form(&params).send().unwrap();
assert_eq!(resp.status(), StatusCode::FORBIDDEN); assert_eq!(resp.status(), StatusCode::FORBIDDEN);