mirror of
https://github.com/danbulant/Portfolio
synced 2026-06-17 13:31:12 +00:00
541 lines
20 KiB
Rust
541 lines
20 KiB
Rust
use chrono::NaiveDate;
|
|
|
|
use entity::{candidate, parent};
|
|
use futures::future;
|
|
|
|
use crate::{crypto, models::candidate::{Row, ApplicationDetails}, error::ServiceError};
|
|
|
|
use super::candidate::{CandidateDetails, ParentDetails};
|
|
|
|
pub const NAIVE_DATE_FMT: &str = "%Y-%m-%d";
|
|
|
|
#[derive(Debug, Clone)]
|
|
pub struct EncryptedString(String);
|
|
|
|
#[derive(Debug, Clone)]
|
|
pub struct EncryptedCandidateDetails {
|
|
pub name: Option<EncryptedString>,
|
|
pub surname: Option<EncryptedString>,
|
|
pub birthplace: Option<EncryptedString>,
|
|
pub birthdate: Option<EncryptedString>,
|
|
pub address: Option<EncryptedString>,
|
|
pub telephone: Option<EncryptedString>,
|
|
pub citizenship: Option<EncryptedString>,
|
|
pub email: Option<EncryptedString>,
|
|
pub sex: Option<EncryptedString>,
|
|
pub personal_id_number: Option<EncryptedString>,
|
|
pub school_name: Option<EncryptedString>,
|
|
pub health_insurance: Option<EncryptedString>,
|
|
}
|
|
|
|
#[derive(Debug, Clone)]
|
|
pub struct EncryptedParentDetails {
|
|
pub name: Option<EncryptedString>,
|
|
pub surname: Option<EncryptedString>,
|
|
pub telephone: Option<EncryptedString>,
|
|
pub email: Option<EncryptedString>,
|
|
}
|
|
#[derive(Debug, Clone)]
|
|
pub struct EncryptedApplicationDetails {
|
|
pub candidate: EncryptedCandidateDetails,
|
|
pub parents: Vec<EncryptedParentDetails>,
|
|
}
|
|
|
|
impl EncryptedString {
|
|
pub async fn new(s: &str, recipients: &Vec<String>) -> Result<Self, ServiceError> {
|
|
let recipients = recipients.iter().map(|s| &**s).collect();
|
|
let encrypted_string = crypto::encrypt_password_with_recipients(&s, &recipients).await?;
|
|
Ok(Self(encrypted_string))
|
|
}
|
|
|
|
pub async fn new_option(s: &str, recipients: &Vec<String>) -> Result<Option<Self>, ServiceError> {
|
|
match s.is_empty() {
|
|
true => Ok(None),
|
|
false => {
|
|
let recipients = recipients.iter().map(|s| &**s).collect();
|
|
let encrypted_s = crypto::encrypt_password_with_recipients(&s, &recipients).await?;
|
|
Ok(Some(Self(encrypted_s)))
|
|
},
|
|
}
|
|
}
|
|
|
|
pub async fn decrypt(&self, private_key: &String) -> Result<String, ServiceError> {
|
|
crypto::decrypt_password_with_private_key(&self.0, private_key).await
|
|
}
|
|
|
|
pub async fn decrypt_option(
|
|
s: &Option<EncryptedString>,
|
|
private_key: &String,
|
|
) -> Result<Option<String>, ServiceError> {
|
|
match s {
|
|
Some(s) => Ok(Some(s.decrypt(private_key).await?)),
|
|
None => Ok(None),
|
|
}
|
|
}
|
|
|
|
pub fn to_string(self) -> String {
|
|
self.0
|
|
}
|
|
}
|
|
|
|
impl Into<String> for EncryptedString {
|
|
fn into(self) -> String {
|
|
self.0
|
|
}
|
|
}
|
|
|
|
impl TryFrom<&Option<String>> for EncryptedString {
|
|
type Error = ServiceError;
|
|
|
|
fn try_from(s: &Option<String>) -> Result<Self, Self::Error> {
|
|
match s {
|
|
Some(s) => Ok(Self(s.to_owned())),
|
|
None => Err(ServiceError::CandidateDetailsNotSet),
|
|
}
|
|
}
|
|
}
|
|
|
|
impl From<String> for EncryptedString {
|
|
fn from(s: String) -> Self {
|
|
Self(s)
|
|
}
|
|
}
|
|
|
|
impl TryFrom<Option<NaiveDate>> for EncryptedString {
|
|
type Error = ServiceError;
|
|
|
|
fn try_from(d: Option<NaiveDate>) -> Result<Self, Self::Error> {
|
|
match d {
|
|
Some(d) => Ok(Self(d.to_string())),
|
|
None => Err(ServiceError::CandidateDetailsNotSet),
|
|
}
|
|
}
|
|
}
|
|
|
|
impl EncryptedCandidateDetails {
|
|
pub async fn new(
|
|
form: &CandidateDetails,
|
|
recipients: &Vec<String>,
|
|
) -> Result<EncryptedCandidateDetails, ServiceError> {
|
|
let birthdate_str = form.birthdate.format(NAIVE_DATE_FMT).to_string();
|
|
let d = tokio::try_join!(
|
|
EncryptedString::new_option(&form.name, recipients),
|
|
EncryptedString::new_option(&form.surname, recipients),
|
|
EncryptedString::new_option(&form.birthplace, recipients),
|
|
EncryptedString::new_option(&birthdate_str, recipients),
|
|
EncryptedString::new_option(&form.address, recipients),
|
|
EncryptedString::new_option(&form.telephone, recipients),
|
|
EncryptedString::new_option(&form.citizenship, recipients),
|
|
EncryptedString::new_option(&form.email, recipients),
|
|
EncryptedString::new_option(&form.sex, recipients),
|
|
EncryptedString::new_option(&form.personal_id_number, recipients),
|
|
EncryptedString::new_option(&form.school_name, recipients),
|
|
EncryptedString::new_option(&form.health_insurance, recipients),
|
|
)?;
|
|
|
|
Ok(
|
|
EncryptedCandidateDetails {
|
|
name: d.0,
|
|
surname: d.1,
|
|
birthplace: d.2,
|
|
birthdate: d.3,
|
|
address: d.4,
|
|
telephone: d.5,
|
|
citizenship: d.6,
|
|
email: d.7,
|
|
sex: d.8,
|
|
personal_id_number: d.9,
|
|
school_name: d.10,
|
|
health_insurance: d.11,
|
|
}
|
|
)
|
|
}
|
|
|
|
pub async fn decrypt(&self, priv_key: &String) -> Result<CandidateDetails, ServiceError> {
|
|
let d = tokio::try_join!(
|
|
EncryptedString::decrypt_option(&self.name, priv_key), // 0
|
|
EncryptedString::decrypt_option(&self.surname, priv_key), // 1
|
|
EncryptedString::decrypt_option(&self.birthplace, priv_key), // 2
|
|
EncryptedString::decrypt_option(&self.birthdate, priv_key), // 3
|
|
EncryptedString::decrypt_option(&self.address, priv_key), // 4
|
|
EncryptedString::decrypt_option(&self.telephone, priv_key), // 5
|
|
EncryptedString::decrypt_option(&self.citizenship, priv_key), // 6
|
|
EncryptedString::decrypt_option(&self.email, priv_key), // 7
|
|
EncryptedString::decrypt_option(&self.sex, priv_key), // 8
|
|
EncryptedString::decrypt_option(&self.personal_id_number, priv_key),// 9
|
|
EncryptedString::decrypt_option(&self.school_name, priv_key), // 10
|
|
EncryptedString::decrypt_option(&self.health_insurance, priv_key), // 11
|
|
)?;
|
|
|
|
Ok(CandidateDetails {
|
|
name: d.0.unwrap_or_default(),
|
|
surname: d.1.unwrap_or_default(),
|
|
birthplace: d.2.unwrap_or_default(),
|
|
birthdate: NaiveDate::parse_from_str(&d.3.unwrap_or_default(), NAIVE_DATE_FMT).unwrap_or(NaiveDate::from_ymd(1, 1, 1)),
|
|
address: d.4.unwrap_or_default(),
|
|
telephone: d.5.unwrap_or_default(),
|
|
citizenship: d.6.unwrap_or_default(),
|
|
email: d.7.unwrap_or_default(),
|
|
sex: d.8.unwrap_or_default(),
|
|
personal_id_number: d.9.unwrap_or_default(),
|
|
school_name: d.10.unwrap_or_default(),
|
|
health_insurance: d.11.unwrap_or_default(),
|
|
}
|
|
)
|
|
}
|
|
|
|
pub fn is_filled(&self) -> bool {
|
|
self.name.is_some() &&
|
|
self.surname.is_some() &&
|
|
self.birthplace.is_some() &&
|
|
self.birthdate.is_some() &&
|
|
self.address.is_some() &&
|
|
self.telephone.is_some() &&
|
|
self.citizenship.is_some() &&
|
|
self.email.is_some() &&
|
|
// self.sex.is_some() &&
|
|
self.personal_id_number.is_some()
|
|
}
|
|
}
|
|
impl From<&candidate::Model> for EncryptedCandidateDetails {
|
|
fn from(
|
|
candidate: &candidate::Model,
|
|
) -> Self {
|
|
EncryptedCandidateDetails {
|
|
name: EncryptedString::try_from(&candidate.name).ok(),
|
|
surname: EncryptedString::try_from(&candidate.surname).ok(),
|
|
birthplace: EncryptedString::try_from(&candidate.birthplace).ok(),
|
|
birthdate: EncryptedString::try_from(&candidate.birthdate).ok(),
|
|
address: EncryptedString::try_from(&candidate.address).ok(),
|
|
telephone: EncryptedString::try_from(&candidate.telephone).ok(),
|
|
citizenship: EncryptedString::try_from(&candidate.citizenship).ok(),
|
|
email: EncryptedString::try_from(&candidate.email).ok(),
|
|
sex: EncryptedString::try_from(&candidate.sex).ok(),
|
|
personal_id_number: Some(EncryptedString::from(candidate.personal_identification_number.to_owned())),
|
|
school_name: EncryptedString::try_from(&candidate.school_name).ok(),
|
|
health_insurance: EncryptedString::try_from(&candidate.health_insurance).ok(),
|
|
}
|
|
}
|
|
}
|
|
|
|
impl EncryptedParentDetails {
|
|
pub async fn new(
|
|
form: &ParentDetails,
|
|
recipients: &Vec<String>,
|
|
) -> Result<EncryptedParentDetails, ServiceError> {
|
|
let d = tokio::try_join!(
|
|
EncryptedString::new_option(&form.name, recipients),
|
|
EncryptedString::new_option(&form.surname, recipients),
|
|
EncryptedString::new_option(&form.telephone, recipients),
|
|
EncryptedString::new_option(&form.email, recipients),
|
|
)?;
|
|
|
|
Ok(
|
|
EncryptedParentDetails {
|
|
name: d.0,
|
|
surname: d.1,
|
|
telephone: d.2,
|
|
email: d.3,
|
|
}
|
|
)
|
|
}
|
|
|
|
pub async fn decrypt(&self, priv_key: &String) -> Result<ParentDetails, ServiceError> {
|
|
let d = tokio::try_join!(
|
|
EncryptedString::decrypt_option(&self.name, &priv_key),
|
|
EncryptedString::decrypt_option(&self.surname, &priv_key),
|
|
EncryptedString::decrypt_option(&self.telephone, &priv_key),
|
|
EncryptedString::decrypt_option(&self.email, &priv_key),
|
|
)?;
|
|
|
|
Ok(ParentDetails {
|
|
name: d.0.unwrap_or_default(),
|
|
surname: d.1.unwrap_or_default(),
|
|
telephone: d.2.unwrap_or_default(),
|
|
email: d.3.unwrap_or_default(),
|
|
}
|
|
)
|
|
}
|
|
|
|
pub fn is_filled(&self) -> bool {
|
|
self.name.is_some() &&
|
|
self.surname.is_some() &&
|
|
self.telephone.is_some() &&
|
|
self.email.is_some()
|
|
}
|
|
}
|
|
impl From<&parent::Model> for EncryptedParentDetails {
|
|
fn from(
|
|
parent: &parent::Model,
|
|
) -> Self {
|
|
EncryptedParentDetails {
|
|
name: EncryptedString::try_from(&parent.name).ok(),
|
|
surname: EncryptedString::try_from(&parent.surname).ok(),
|
|
telephone: EncryptedString::try_from(&parent.telephone).ok(),
|
|
email: EncryptedString::try_from(&parent.email).ok(),
|
|
}
|
|
}
|
|
}
|
|
|
|
impl EncryptedApplicationDetails {
|
|
pub async fn new(
|
|
form: &ApplicationDetails,
|
|
recipients: Vec<String>,
|
|
) -> Result<EncryptedApplicationDetails, ServiceError> {
|
|
let candidate = EncryptedCandidateDetails::new(&form.candidate, &recipients).await?;
|
|
let enc_parents = future::try_join_all(
|
|
form.parents.iter()
|
|
.map(|d| EncryptedParentDetails::new(d, &recipients))
|
|
).await?;
|
|
Ok(
|
|
EncryptedApplicationDetails {
|
|
candidate,
|
|
parents: enc_parents,
|
|
}
|
|
)
|
|
}
|
|
|
|
pub async fn decrypt(self, priv_key: String) -> Result<ApplicationDetails, ServiceError> {
|
|
let decrypted_candidate = self.candidate.decrypt(&priv_key).await?;
|
|
|
|
let decrypted_parents = future::try_join_all(
|
|
self.parents
|
|
.iter()
|
|
.map(|d| d.decrypt(&priv_key))
|
|
).await?;
|
|
|
|
Ok(ApplicationDetails {
|
|
candidate: decrypted_candidate,
|
|
parents: decrypted_parents,
|
|
})
|
|
}
|
|
|
|
pub fn is_filled(&self) -> bool {
|
|
self.candidate.is_filled() &&
|
|
self.parents.iter().all(|p| p.is_filled())
|
|
}
|
|
}
|
|
|
|
impl From<(&candidate::Model, Vec<parent::Model>)> for EncryptedApplicationDetails {
|
|
fn from(
|
|
(candidate, parents): (&candidate::Model, Vec<parent::Model>),
|
|
) -> Self {
|
|
let enc_parents = parents.iter()
|
|
.map(|m| EncryptedParentDetails::from(m))
|
|
.collect::<Vec<EncryptedParentDetails>>();
|
|
|
|
EncryptedApplicationDetails {
|
|
candidate: EncryptedCandidateDetails::from(candidate),
|
|
parents: enc_parents,
|
|
}
|
|
}
|
|
}
|
|
|
|
impl TryFrom<Row> for EncryptedApplicationDetails {
|
|
type Error = ServiceError;
|
|
|
|
fn try_from(
|
|
cp: Row,
|
|
) -> Result<Self, Self::Error> {
|
|
Ok(EncryptedApplicationDetails {
|
|
candidate: EncryptedCandidateDetails {
|
|
name: EncryptedString::try_from(&cp.name).ok(),
|
|
surname: EncryptedString::try_from(&cp.surname).ok(),
|
|
birthplace: EncryptedString::try_from(&cp.birthplace).ok(),
|
|
birthdate: EncryptedString::try_from(&cp.birthdate).ok(),
|
|
address: EncryptedString::try_from(&cp.address).ok(),
|
|
telephone: EncryptedString::try_from(&cp.telephone).ok(),
|
|
citizenship: EncryptedString::try_from(&cp.citizenship).ok(),
|
|
email: EncryptedString::try_from(&cp.email).ok(),
|
|
sex: EncryptedString::try_from(&cp.sex).ok(),
|
|
personal_id_number: EncryptedString::try_from(&cp.personal_identification_number).ok(),
|
|
school_name: EncryptedString::try_from(&cp.school_name).ok(),
|
|
health_insurance: EncryptedString::try_from(&cp.health_insurance).ok(),
|
|
},
|
|
parents: vec![EncryptedParentDetails {
|
|
name: EncryptedString::try_from(&cp.parent_name).ok(),
|
|
surname: EncryptedString::try_from(&cp.parent_surname).ok(),
|
|
telephone: EncryptedString::try_from(&cp.parent_telephone).ok(),
|
|
email: EncryptedString::try_from(&cp.parent_email).ok(),
|
|
}]
|
|
|
|
})
|
|
}
|
|
}
|
|
|
|
/* pub async fn decrypt_if_exists(
|
|
private_key: &String,
|
|
encrypted_string: Option<String>,
|
|
) -> Result<String, ServiceError> {
|
|
match EncryptedString::try_from(&encrypted_string) {
|
|
Ok(encrypted_string) => Ok(encrypted_string.decrypt(private_key).await?),
|
|
Err(_) => Ok(String::from("")),
|
|
}
|
|
} */
|
|
|
|
#[cfg(test)]
|
|
pub mod tests {
|
|
use std::sync::Mutex;
|
|
|
|
use chrono::Local;
|
|
use entity::admin;
|
|
use once_cell::sync::Lazy;
|
|
use sea_orm::{DbConn, Set, ActiveModelTrait};
|
|
|
|
use crate::{crypto, models::candidate::{CandidateDetails, ParentDetails}, utils::db::get_memory_sqlite_connection, services::candidate_service::tests::put_user_data};
|
|
|
|
use super::{ApplicationDetails, EncryptedApplicationDetails, EncryptedString};
|
|
|
|
const PUBLIC_KEY: &str = "age1u889gp407hsz309wn09kxx9anl6uns30m27lfwnctfyq9tq4qpus8tzmq5";
|
|
const PRIVATE_KEY: &str = "AGE-SECRET-KEY-14QG24502DMUUQDT2SPMX2YXPSES0X8UD6NT0PCTDAT6RH8V5Q3GQGSRXPS";
|
|
|
|
pub static APPLICATION_DETAILS: Lazy<Mutex<ApplicationDetails>> = Lazy::new(||
|
|
Mutex::new(ApplicationDetails {
|
|
candidate: CandidateDetails {
|
|
name: "name".to_string(),
|
|
surname: "surname".to_string(),
|
|
birthplace: "birthplace".to_string(),
|
|
birthdate: chrono::NaiveDate::from_ymd_opt(2000, 1, 1).unwrap(),
|
|
address: "address".to_string(),
|
|
telephone: "telephone".to_string(),
|
|
citizenship: "citizenship".to_string(),
|
|
email: "email".to_string(),
|
|
sex: "sex".to_string(),
|
|
personal_id_number: "personal_id_number".to_string(),
|
|
school_name: "school_name".to_string(),
|
|
health_insurance: "health_insurance".to_string(),
|
|
},
|
|
parents: vec![ParentDetails {
|
|
name: "parent_name".to_string(),
|
|
surname: "parent_surname".to_string(),
|
|
telephone: "parent_telephone".to_string(),
|
|
email: "parent_email".to_string(),
|
|
}]
|
|
})
|
|
);
|
|
|
|
pub fn assert_all_application_details(details: &ApplicationDetails) {
|
|
assert_eq!(details.candidate.name, "name");
|
|
assert_eq!(details.candidate.surname, "surname");
|
|
assert_eq!(details.candidate.birthplace, "birthplace");
|
|
assert_eq!(details.candidate.birthdate, chrono::NaiveDate::from_ymd_opt(2000, 1, 1).unwrap());
|
|
assert_eq!(details.candidate.address, "address");
|
|
assert_eq!(details.candidate.telephone, "telephone");
|
|
assert_eq!(details.candidate.citizenship, "citizenship");
|
|
assert_eq!(details.candidate.email, "email");
|
|
assert_eq!(details.candidate.sex, "sex");
|
|
for parent in &details.parents {
|
|
assert_eq!(parent.name, "parent_name");
|
|
assert_eq!(parent.surname, "parent_surname");
|
|
assert_eq!(parent.telephone, "parent_telephone");
|
|
assert_eq!(parent.email, "parent_email");
|
|
}
|
|
}
|
|
|
|
async fn insert_test_admin(db: &DbConn) -> admin::Model {
|
|
admin::ActiveModel {
|
|
id: Set(1),
|
|
name: Set("Admin".to_owned()),
|
|
public_key: Set("age1u889gp407hsz309wn09kxx9anl6uns30m27lfwnctfyq9tq4qpus8tzmq5".to_owned()),
|
|
// AGE-SECRET-KEY-14QG24502DMUUQDT2SPMX2YXPSES0X8UD6NT0PCTDAT6RH8V5Q3GQGSRXPS
|
|
private_key: Set("5KCEGk0ueWVGnu5Xo3rmpLoilcVZ2ZWmwIcdZEJ8rrBNW7jwzZU/XTcTXtk/xyy/zjF8s+YnuVpOklQvX3EC/Sn+ZwyPY3jokM2RNwnZZlnqdehOEV1SMm/Y".to_owned()),
|
|
// test
|
|
password: Set("$argon2i$v=19$m=6000,t=3,p=10$WE9xCQmmWdBK82R4SEjoqA$TZSc6PuLd4aWK2x2WAb+Lm9sLySqjK3KLbNyqyQmzPQ".to_owned()),
|
|
created_at: Set(Local::now().naive_local()),
|
|
updated_at: Set(Local::now().naive_local()),
|
|
..Default::default()
|
|
}
|
|
.insert(db)
|
|
.await
|
|
.unwrap()
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn test_encrypted_application_details_new() {
|
|
let encrypted_details = EncryptedApplicationDetails::new(
|
|
&APPLICATION_DETAILS.lock().unwrap().clone(),
|
|
vec![PUBLIC_KEY.to_string()],
|
|
)
|
|
.await
|
|
.unwrap();
|
|
|
|
assert_eq!(
|
|
crypto::decrypt_password_with_private_key(&encrypted_details.candidate.name.unwrap().0, PRIVATE_KEY)
|
|
.await
|
|
.unwrap(),
|
|
"name"
|
|
);
|
|
assert_eq!(
|
|
crypto::decrypt_password_with_private_key(&encrypted_details.candidate.email.unwrap().0, PRIVATE_KEY)
|
|
.await
|
|
.unwrap(),
|
|
"email"
|
|
);
|
|
assert_eq!(
|
|
crypto::decrypt_password_with_private_key(&encrypted_details.candidate.sex.unwrap().0, PRIVATE_KEY)
|
|
.await
|
|
.unwrap(),
|
|
"sex"
|
|
);
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn test_encrypted_application_details_decrypt() {
|
|
let encrypted_details = EncryptedApplicationDetails::new(
|
|
&APPLICATION_DETAILS.lock().unwrap().clone(),
|
|
vec![PUBLIC_KEY.to_string()],
|
|
)
|
|
.await
|
|
.unwrap();
|
|
|
|
let application_details = encrypted_details
|
|
.decrypt(PRIVATE_KEY.to_string())
|
|
.await
|
|
.unwrap();
|
|
|
|
assert_all_application_details(&application_details);
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn test_encrypted_application_details_from_candidate_parent() {
|
|
let db = get_memory_sqlite_connection().await;
|
|
let _admin = insert_test_admin(&db).await;
|
|
|
|
let (_, candidate, parents) = put_user_data(&db).await;
|
|
|
|
let encrypted_details = EncryptedApplicationDetails::try_from((&candidate, parents)).unwrap();
|
|
|
|
let application_details = encrypted_details
|
|
.decrypt(PRIVATE_KEY.to_string()) // decrypt with admin's private key
|
|
.await
|
|
.unwrap();
|
|
|
|
assert_all_application_details(&application_details);
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn test_encrypted_string_new() {
|
|
let encrypted = EncryptedString::new("test", &vec![PUBLIC_KEY.to_string()])
|
|
.await
|
|
.unwrap();
|
|
|
|
assert_eq!(
|
|
crypto::decrypt_password_with_private_key(&encrypted.0, PRIVATE_KEY)
|
|
.await
|
|
.unwrap(),
|
|
"test"
|
|
);
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn test_encrypted_string_decrypt() {
|
|
let encrypted = EncryptedString::new("test", &vec![PUBLIC_KEY.to_string()])
|
|
.await
|
|
.unwrap();
|
|
|
|
assert_eq!(
|
|
encrypted.decrypt(&PRIVATE_KEY.to_string()).await.unwrap(),
|
|
"test"
|
|
);
|
|
}
|
|
}
|