Rever move of Session into the token match arm and separate Session from Auth

elpiel · elpiel · commit 8226164b8943 · 2020-04-03T16:32:04.000+03:00
diff --git a/sentry/src/access.rs b/sentry/src/access.rs
@@ -2,7 +2,7 @@ use chrono::Utc;
 use futures::future::try_join_all;
 use redis::aio::MultiplexedConnection;
 
-use crate::Session;
+use crate::{Auth, Session};
 use primitives::event_submission::{RateLimit, Rule};
 use primitives::sentry::Event;
 use primitives::Channel;
@@ -39,6 +39,7 @@ impl fmt::Display for Error {
 pub async fn check_access(
     redis: &MultiplexedConnection,
     session: &Session,
+    auth: Option<&Auth>,
     rate_limit: &RateLimit,
     channel: &Channel,
     events: &[Event],
@@ -60,7 +61,7 @@ pub async fn check_access(
         return Err(Error::ChannelIsExpired);
     }
 
-    let (is_creator, auth_uid) = match &session.auth {
+    let (is_creator, auth_uid) = match auth {
         Some(auth) => (auth.uid == channel.creator, auth.uid.to_string()),
         None => (false, Default::default()),
     };
@@ -263,7 +264,6 @@ mod test {
         };
 
         let session = Session {
-            auth: Some(auth),
             ip: Default::default(),
             referrer_header: None,
             country: None,
@@ -280,12 +280,26 @@ mod test {
         let events = get_impression_events(2);
         let channel = get_channel(rule);
 
-        let response =
-            check_access(&redis, &session, &config.ip_rate_limit, &channel, &events).await;
+        let response = check_access(
+            &redis,
+            &session,
+            Some(&auth),
+            &config.ip_rate_limit,
+            &channel,
+            &events,
+        )
+        .await;
         assert_eq!(Ok(()), response);
 
-        let err_response =
-            check_access(&&redis, &session, &config.ip_rate_limit, &channel, &events).await;
+        let err_response = check_access(
+            &&redis,
+            &session,
+            Some(&auth),
+            &config.ip_rate_limit,
+            &channel,
+            &events,
+        )
+        .await;
         assert_eq!(
             Err(Error::RulesError(
                 "rateLimit: too many requests".to_string()
@@ -308,7 +322,6 @@ mod test {
             referrer_header: None,
             country: None,
             os: None,
-            auth: Some(auth),
         };
 
         let rule = Rule {
@@ -323,6 +336,7 @@ mod test {
         let err_response = check_access(
             &redis,
             &session,
+            Some(&auth),
             &config.ip_rate_limit,
             &channel,
             &get_impression_events(2),
@@ -339,6 +353,7 @@ mod test {
         let response = check_access(
             &redis,
             &session,
+            Some(&auth),
             &config.ip_rate_limit,
             &channel,
             &get_impression_events(1),
diff --git a/sentry/src/event_aggregator.rs b/sentry/src/event_aggregator.rs
@@ -1,13 +1,13 @@
 use crate::access::check_access;
 use crate::access::Error as AccessError;
-use crate::analytics_recorder;
 use crate::db::event_aggregate::insert_event_aggregate;
 use crate::db::get_channel_by_id;
 use crate::db::DbPool;
 use crate::event_reducer;
 use crate::Application;
 use crate::ResponseError;
 use crate::Session;
+use crate::{analytics_recorder, Auth};
 use async_std::sync::RwLock;
 use chrono::Utc;
 use lazy_static::lazy_static;
@@ -69,6 +69,7 @@ impl EventAggregator {
         app: &'a Application<A>,
         channel_id: &ChannelId,
         session: &Session,
+        auth: Option<&Auth>,
         events: &'a [Event],
     ) -> Result<(), ResponseError> {
         let recorder = self.recorder.clone();
@@ -127,6 +128,7 @@ impl EventAggregator {
         check_access(
             &app.redis,
             session,
+            auth,
             &app.config.ip_rate_limit,
             &record.channel,
             events,
diff --git a/sentry/src/lib.rs b/sentry/src/lib.rs
@@ -446,7 +446,6 @@ pub fn epoch() -> f64 {
 // @TODO: Make pub(crate)
 #[derive(Debug, Clone)]
 pub struct Session {
-    pub auth: Option<Auth>,
     pub ip: Option<String>,
     pub country: Option<String>,
     pub referrer_header: Option<String>,
diff --git a/sentry/src/middleware/auth.rs b/sentry/src/middleware/auth.rs
@@ -21,6 +21,14 @@ pub(crate) async fn for_request(
         .map(|hv| hv.to_str().ok().map(ToString::to_string))
         .flatten();
 
+    let session = Session {
+        ip: get_request_ip(&req),
+        country: None,
+        referrer_header: referrer,
+        os: None,
+    };
+    req.extensions_mut().insert(session);
+
     let authorization = req.headers().get(AUTHORIZATION);
 
     let prefix = "Bearer ";
@@ -69,15 +77,7 @@ pub(crate) async fn for_request(
             uid: adapter_session.uid,
         };
 
-        let session = Session {
-            ip: get_request_ip(&req),
-            country: None,
-            referrer_header: referrer,
-            os: None,
-            auth: Some(auth),
-        };
-
-        req.extensions_mut().insert(session);
+        req.extensions_mut().insert(auth);
     }
 
     Ok(req)
@@ -176,12 +176,18 @@ mod test {
         let altered_request = for_request(req, &dummy_adapter, redis)
             .await
             .expect("Valid requests should succeed");
+
         let auth = altered_request
             .extensions()
             .get::<Auth>()
             .expect("There should be a Session set inside the request");
 
         assert_eq!(IDS["leader"], auth.uid);
-        assert!(auth.session.ip.is_none());
+
+        let session = altered_request
+            .extensions()
+            .get::<Session>()
+            .expect("There should be a Session set inside the request");
+        assert!(session.ip.is_none());
     }
 }
diff --git a/sentry/src/payout.rs b/sentry/src/payout.rs
@@ -36,7 +36,7 @@ fn payout(
 ) -> BigNum {
     let fixed_amount_rule = rules.iter().find_map(|rule| {
         match (match_rule(rule, &event, &session, &publisher), &rule.amount) {
-            (true, Some(amount)) => rule.amount.clone(),
+            (true, Some(amount)) => Some(amount.clone()),
             _ => None,
         }
     });
@@ -45,7 +45,8 @@ fn payout(
         Some(amount) => amount,
         None => {
             let exponent: f64 = 10.0;
-            let multiplier = rules.iter().filter_map(|&rule| rule.multiplier).product();
+            // @TODO: Know-issue - `multiplier` and `value` can overflow, should return Error instead
+            let multiplier: f64 = rules.iter().filter_map(|rule| rule.multiplier).product();
             let value: u64 = (multiplier * exponent.powi(18)) as u64;
             let result = min_price * BigNum::from(value);
 
@@ -164,7 +165,6 @@ mod tests {
         cases.iter().for_each(|case| {
             let (event, expected_result, message) = case;
             let payout = get_payout(&channel, &event, &session);
-            // println!("payout {:?}", payout.to_f64());
             assert!(&payout == expected_result, message.clone());
         })
     }
@@ -218,8 +218,7 @@ mod tests {
             os: None,
         };
 
-        cases.iter().for_each(|case| {
-            let (event, expected_result, message) = case;
+        cases.iter().for_each(|(event, expected_result, message)| {
             let payout = get_payout(&channel, &event, &session);
             assert!(&payout == expected_result, message.clone());
         })
diff --git a/sentry/src/routes/analytics.rs b/sentry/src/routes/analytics.rs
@@ -1,11 +1,11 @@
 use crate::db::analytics::{
     advertiser_channel_ids, get_advanced_reports, get_analytics, AnalyticsType,
 };
+use crate::success_response;
 use crate::Application;
 use crate::Auth;
 use crate::ResponseError;
 use crate::RouteParams;
-use crate::{success_response, Session};
 use hyper::{Body, Request, Response};
 use primitives::adapter::Adapter;
 use primitives::analytics::{AnalyticsQuery, AnalyticsResponse};
@@ -17,11 +17,11 @@ pub async fn publisher_analytics<A: Adapter>(
     req: Request<Body>,
     app: &Application<A>,
 ) -> Result<Response<Body>, ResponseError> {
-    let session = req
+    let auth = req
         .extensions()
-        .get::<Session>()
-        .ok_or(ResponseError::Unauthorized)?;
-    let auth = session.auth.ok_or(ResponseError::Unauthorized)?;
+        .get::<Auth>()
+        .ok_or(ResponseError::Unauthorized)?
+        .clone();
 
     let analytics_type = AnalyticsType::Publisher { auth };
 
diff --git a/sentry/src/routes/channel.rs b/sentry/src/routes/channel.rs
@@ -184,7 +184,7 @@ pub async fn insert_events<A: Adapter + 'static>(
 ) -> Result<Response<Body>, ResponseError> {
     let (req_head, req_body) = req.into_parts();
 
-    let auth_session = req_head.extensions.get::<Auth>();
+    let auth = req_head.extensions.get::<Auth>();
     let session = req_head
         .extensions
         .get::<Session>()
@@ -205,7 +205,7 @@ pub async fn insert_events<A: Adapter + 'static>(
         .ok_or_else(|| ResponseError::BadRequest("invalid request".to_string()))?;
 
     app.event_aggregator
-        .record(app, &channel_id, session, &events)
+        .record(app, &channel_id, session, auth, &events)
         .await?;
 
     Ok(Response::builder()
