feat: safer portfolio submit

This commit is contained in:
Sebastian Pravda 2022-12-14 18:27:59 +01:00
parent efa4fbe40d
commit 96a93dad3a
No known key found for this signature in database
GPG key ID: F3BC84F08EFA3F57
3 changed files with 8 additions and 1 deletions

View file

@ -213,7 +213,6 @@ pub async fn submit_portfolio(
if submit.is_err() { if submit.is_err() {
let e = submit.err().unwrap(); let e = submit.err().unwrap();
// Delete on critical error // Delete on critical error
// TODO: Více kontrol?
if e.code() == 500 { if e.code() == 500 {
// Cleanup // Cleanup
PortfolioService::delete_portfolio(candidate.application) PortfolioService::delete_portfolio(candidate.application)

View file

@ -56,6 +56,8 @@ pub enum ServiceError {
AesError(#[from] aes_gcm_siv::Error), AesError(#[from] aes_gcm_siv::Error),
#[error("Portfolio is incomplete")] #[error("Portfolio is incomplete")]
IncompletePortfolio, IncompletePortfolio,
#[error("Portfolio write error")]
PortfolioWriteError,
#[error("Zip error")] #[error("Zip error")]
ZipError(#[from] async_zip::error::ZipError), ZipError(#[from] async_zip::error::ZipError),
#[error("Csv error")] #[error("Csv error")]
@ -95,6 +97,7 @@ impl ServiceError {
ServiceError::TokioJoinError(_) => 500, ServiceError::TokioJoinError(_) => 500,
ServiceError::AesError(_) => 500, ServiceError::AesError(_) => 500,
ServiceError::ArgonConfigError(_) => 500, ServiceError::ArgonConfigError(_) => 500,
ServiceError::PortfolioWriteError => 500,
ServiceError::ZipError(_) => 500, ServiceError::ZipError(_) => 500,
ServiceError::CsvError(_) => 500, ServiceError::CsvError(_) => 500,
ServiceError::CsvIntoInnerError => 500, ServiceError::CsvIntoInnerError => 500,

View file

@ -314,6 +314,11 @@ impl PortfolioService {
).await?; ).await?;
tokio::fs::remove_file(final_path).await?; tokio::fs::remove_file(final_path).await?;
if !Self::is_portfolio_submitted(candidate_id).await {
return Err(ServiceError::PortfolioWriteError)
}
Ok(()) Ok(())
} }