X-Git-Url: http://git.scottworley.com/voter/blobdiff_plain/fbcdf3ed7708b5b153a7f562f933d446ffc2d951..f4df2e05480763aed792991254dc4e740eef5e59:/src/main.rs diff --git a/src/main.rs b/src/main.rs index 700cce0..865fcb8 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,16 +1,24 @@ +// voter: A simple CGI vote recorder, approval-voting-style +// +// This program is free software: you can redistribute it and/or modify it +// under the terms of the GNU Affero General Public License as published +// by the Free Software Foundation, version 3. + +use rand::prelude::*; +use std::collections::{HashMap, HashSet}; use std::io::prelude::*; use std::path::{Path, PathBuf}; const DATA_PATH: &str = "/var/lib/voter"; const COOKIE_NAME: &[u8] = b"__Secure-id"; -const COOKIE_LENGTH: usize = 32; +const COOKIE_LENGTH: usize = 12; fn validate_path(path: &str) -> Result { let invalid_path = || cgi::text_response(404, "Invalid path"); if path == "/" { return Err(cgi::text_response(404, "(This is the voting place. You should have been given a more specific URL for the specific thing you've been invited to vote on.)")); } - if path.contains("..") || !path.starts_with("/") { + if path.contains("..") || !path.starts_with('/') { return Err(invalid_path()); } let dir = Path::new(&format!("{DATA_PATH}{path}")).to_path_buf(); @@ -32,7 +40,7 @@ fn get_voter(request: &cgi::Request) -> Result<&[u8], cgi::Response> { let cookie = request .headers() .get(cgi::http::header::COOKIE) - .map(|c| c.as_bytes()) + .map(cgi::http::HeaderValue::as_bytes) .and_then(|c| c.strip_prefix(COOKIE_NAME)) .and_then(|c| c.strip_prefix(b"=")) .ok_or_else(|| cgi::text_response(400, "Invalid cookie"))?; @@ -43,11 +51,195 @@ fn get_voter(request: &cgi::Request) -> Result<&[u8], cgi::Response> { } } -fn prompt_for_vote(dir: PathBuf, request: cgi::Request) -> Result { - Err(cgi::text_response(503, "Not Implemented")) +fn tally_votes(dir: &Path) -> std::io::Result>> { + let mut tally: HashMap> = HashMap::new(); + match std::fs::File::open(dir.to_owned().join("votes")) { + Err(e) if e.kind() == std::io::ErrorKind::NotFound => Ok(tally), + Err(e) => Err(e), + Ok(vfile) => { + for liner in std::io::BufReader::new(vfile).lines() { + let line = liner?; + if let Some((voter, datum)) = line.split_once(' ') { + if voter.len() == COOKIE_LENGTH { + if let Some((vote, candidate)) = datum.split_once(' ') { + if vote == "0" { + if let Some(entry) = tally.get_mut(candidate) { + entry.remove(voter); + } + } else if vote == "1" { + tally + .entry(candidate.to_owned()) + .or_default() + .insert(voter.to_owned()); + } + } + } + } + } + Ok(tally) + } + } +} + +fn valid_id_char(c: u8) -> bool { + (b'A'..=b'Z').contains(&c) || (b'a'..=b'z').contains(&c) || (b'0'..=b'9').contains(&c) +} + +fn make_random_id() -> [u8; COOKIE_LENGTH] { + let mut id = [0; COOKIE_LENGTH]; + for c in &mut id { + while !valid_id_char(*c) { + *c = random(); + } + } + id +} + +fn set_cookie(mut response: cgi::Response, path: &str) -> Result { + response.headers_mut().append( + cgi::http::header::SET_COOKIE, + cgi::http::header::HeaderValue::from_bytes( + &[ + COOKIE_NAME, + b"=", + &make_random_id(), + b"; Secure; HttpOnly; SameSite=Strict; Max-Age=30000000; Path=", + path.as_bytes(), + ] + .concat(), + ) + .map_err(|_| cgi::text_response(503, "Couldn't make cookie"))?, + ); + Ok(response) +} + +const HTML_HEADER: &str = " + + + + Vote! + + + + + + + + + + "; +const HTML_FOOTER: &str = " +
CountVoteCandidate
+ +"; + +fn supports(tally: &HashMap>, me: &str, candidate: &str) -> bool { + tally + .get(candidate) + .map_or(false, |supporters| supporters.contains(me)) +} + +fn prompt_for_vote(dir: &Path, request: &cgi::Request) -> Result { + let voter = get_voter(request); + let me = if let Ok(id) = voter { + std::str::from_utf8(id).ok() + } else { + None + }; + let tally = tally_votes(dir).map_err(|_| cgi::text_response(503, "Couldn't tally votes"))?; + let cfile = std::fs::File::open(dir.join("candidates")) + .map_err(|_| cgi::text_response(503, "No candidates"))?; + let mut response = cgi::html_response( + 200, + std::iter::once(Ok(HTML_HEADER.to_owned())) + .chain(std::io::BufReader::new(cfile).lines().map(|rc| { + rc.map(|c| { + let count = tally.get(&c).map_or(0, std::collections::HashSet::len); + let checked = if me.map_or(false, |me| supports(&tally, me, &c)) { + "checked" + } else { + "" + }; + format!( + " + {count} + + {c} + " + ) + }) + })) + .chain(std::iter::once(Ok(HTML_FOOTER.to_owned()))) + .collect::>() + .map_err(|_| cgi::text_response(503, "Missing candidates"))?, + ); + if voter.is_err() { + response = set_cookie(response, request.uri().path())?; + } + Ok(response) } -fn write_vote(dir: PathBuf, voter: &[u8], vote: &[u8]) -> std::io::Result<()> { +fn write_vote(dir: &Path, voter: &[u8], vote: &[u8]) -> std::io::Result<()> { let datum = [voter, b" ", vote, b"\n"].concat(); let vpath = dir.join("votes"); let vfile = std::fs::File::options() @@ -55,11 +247,11 @@ fn write_vote(dir: PathBuf, voter: &[u8], vote: &[u8]) -> std::io::Result<()> { .create(true) .open(vpath)?; let mut vlock = fd_lock::RwLock::new(vfile); - vlock.write()?.write(&datum)?; + vlock.write()?.write_all(&datum)?; Ok(()) } -fn record_vote(dir: PathBuf, request: cgi::Request) -> Result { +fn record_vote(dir: &Path, request: &cgi::Request) -> Result { let body = request.body(); // Valid votes look like "0 foo" or "1 bar" if body.len() < 3 @@ -69,7 +261,7 @@ fn record_vote(dir: PathBuf, request: cgi::Request) -> Result cgi::Response { response } -fn respond(request: cgi::Request) -> Result { +fn respond(request: &cgi::Request) -> Result { let dir = validate_path(request.uri().path())?; - match request.method() { - &cgi::http::Method::HEAD => prompt_for_vote(dir, request).map(strip_body), - &cgi::http::Method::GET => prompt_for_vote(dir, request), - &cgi::http::Method::PUT => record_vote(dir, request), + match *request.method() { + cgi::http::Method::HEAD => prompt_for_vote(&dir, request).map(strip_body), + cgi::http::Method::GET => prompt_for_vote(&dir, request), + cgi::http::Method::PUT => record_vote(&dir, request), _ => Err(cgi::text_response(405, "Huh?")), } } fn respond_or_report_error(request: cgi::Request) -> cgi::Response { - match respond(request) { + match respond(&request) { Ok(result) => result, Err(error) => error, }