backend: fix deserialization of chunked request.

Author: ffreddow

backend/Cargo.lock

@@ -53,6 +53,7 @@ semver = "1.0.24"
 # This is a workaround until lettre and native-tls are updated
 openssl = "0.10.72"
 actix-ws = "0.3.0"
+serde_json = "1.0.140"
 
 [dev-dependencies]
 libsodium-sys-stable = "1.20.4"

backend/Cargo.toml

@@ -58,6 +58,8 @@ pub enum Error {
     ChargerCredentialsWrong,
     #[display("Charger does not exist")]
     ChargerDoesNotExist,
+    #[display("Invalid payload")]
+    InvalidPayload,
 }
 
 impl error::ResponseError for Error {
@@ -85,6 +87,7 @@ impl error::ResponseError for Error {
             Self::SessionDoesNotExist => StatusCode::UNAUTHORIZED,
             Self::ChargerCredentialsWrong => StatusCode::UNAUTHORIZED,
             Self::ChargerDoesNotExist => StatusCode::BAD_REQUEST,
+            Self::InvalidPayload => StatusCode::BAD_REQUEST,
         }
     }
 }

backend/src/error.rs

@@ -1,11 +1,12 @@
 use actix_web::{post, web, HttpRequest, HttpResponse, Responder};
+use futures_util::StreamExt;
 use serde::{Deserialize, Serialize};
 use utoipa::ToSchema;
 
 use crate::{
     error::Error,
     rate_limit::ChargerRateLimiter,
-    routes::charger::add::{get_charger_from_db, password_matches},
+    routes::{charger::add::{get_charger_from_db, password_matches}, user::get_user},
     utils::{parse_uuid, send_email_with_attachment},
     AppState,
 };
@@ -14,7 +15,7 @@ use crate::{
 pub struct SendChargelogSchema {
     pub charger_uuid: String,
     pub password: String,
-    pub user_email: String,
+    pub user_uuid: String,
     pub chargelog: Vec<u8>, // binary data
 }
 
@@ -31,8 +32,20 @@ pub async fn send_chargelog(
     req: HttpRequest,
     state: web::Data<AppState>,
     rate_limiter: web::Data<ChargerRateLimiter>,
-    payload: web::Json<SendChargelogSchema>,
+    mut payload: web::Payload,
 ) -> actix_web::Result<impl Responder> {
+    let mut bytes = web::BytesMut::new();
+    while let Some(chunk) = payload.next().await {
+        let chunk = chunk.map_err(|_| Error::InternalError)?;
+        let chunk = chunk.into_iter().filter(|b| *b != b'\r' && *b != b'\n').collect::<Vec<u8>>();
+        bytes.extend_from_slice(&chunk);
+    }
+    let payload: SendChargelogSchema = serde_json::from_slice(&bytes)
+        .map_err(|err| {
+            log::error!("Failed to parse payload: {}", err);
+            Error::InvalidPayload
+        })?;
+
     rate_limiter.check(payload.charger_uuid.clone(), &req)?;
 
     let charger_id = parse_uuid(&payload.charger_uuid)?;
@@ -41,14 +54,17 @@ pub async fn send_chargelog(
         return Err(Error::ChargerCredentialsWrong.into());
     }
 
+    let user = parse_uuid(&payload.user_uuid)?;
+    let user = get_user(&state, user).await?;
+
     let subject = "Your Charger Log";
     let body = "Attached is your requested chargelog.".to_string();
     send_email_with_attachment(
-        &payload.user_email,
+        &user.email,
         subject,
         body,
         payload.chargelog.clone(),
-        "chargelog.bin",
+        "chargelog.pdf",
         &state,
     );
 
@@ -73,7 +89,7 @@ mod tests {
         let payload = SendChargelogSchema {
             charger_uuid: charger.uuid.clone(),
             password: charger.password.clone(),
-            user_email: user.mail.clone(),
+            user_uuid: crate::routes::user::tests::get_test_uuid(&user.mail).unwrap().to_string(),
             chargelog: vec![1, 2, 3, 4, 5],
         };
 
@@ -98,7 +114,7 @@ mod tests {
         let payload = SendChargelogSchema {
             charger_uuid: charger.uuid.clone(),
             password: "wrongpassword".to_string(),
-            user_email: user.mail.clone(),
+            user_uuid: crate::routes::user::tests::get_test_uuid(&user.mail).unwrap().to_string(),
             chargelog: vec![1, 2, 3, 4, 5],
         };