From 2cd4cf784edfb51ca240059bf2d6fc365b46040d Mon Sep 17 00:00:00 2001
From: SadlyNotSappho <you don't get this>
Date: Tue, 19 Mar 2024 13:46:43 -0700
Subject: [PATCH] update POST /upload error messages, fix a few other things

---
 src/main.rs   | 90 ++++++++++++++++++++++++++-------------------------
 src/tables.rs |  4 +--
 2 files changed, 48 insertions(+), 46 deletions(-)

diff --git a/src/main.rs b/src/main.rs
index 66cf136..72bf074 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -227,7 +227,10 @@ async fn api_perms(
                     ),
                     None => status::Custom(Status::NotFound, Json(Err("User doesn't exist"))),
                 },
-                false => status::Custom(Status::Unauthorized, Json(Err("You don't have the permission to do this"))),
+                false => status::Custom(
+                    Status::Unauthorized,
+                    Json(Err("You don't have the permission to do this")),
+                ),
             },
             None => status::Custom(Status::Unauthorized, Json(Err("Invalid token"))),
         },
@@ -248,59 +251,58 @@ async fn toggleperms(
     mut db: Connection<Db>,
     info: Json<TogglePerms>,
     cookies: &CookieJar<'_>,
-) -> String {
+) -> status::Custom<String> {
     match cookies.get_private("token") {
-        Some(t) => {
-            match User::get_by_token(&mut db, t).await {
-                Some(user) => {
-                    match user.admin {
-                        true => {
-                            match User::get_by_username(&mut db, &info.username).await {
-                                Some(toggled_user) => {
-                                    if toggled_user.username == user.username
-                                        && info.perm == "admin".to_string()
-                                    {
-                                        "You can't change your own admin status".to_string()
-                                    } else {
-                                        let admin_username = std::env::var("ADMIN_USERNAME")
-                                            .expect("set ADMIN_USERNAME env var");
-                                        if toggled_user.username == admin_username {
-                                            "You can't change the system admin's perms.".to_string()
-                                        } else {
-                                            if info.perm == "admin"
-                                                && user.username != admin_username
-                                            {
+        Some(t) => match User::get_by_token(&mut db, t).await {
+            Some(user) => match user.admin {
+                true => match User::get_by_username(&mut db, &info.username).await {
+                    Some(toggled_user) => {
+                        match toggled_user.username == user.username && info.perm == "admin" {
+                            true => status::Custom(
+                                Status::Forbidden,
+                                "You can't change your own admin status".to_string(),
+                            ),
+                            false => {
+                                let admin_username = std::env::var("ADMIN_USERNAME")
+                                    .expect("set ADMIN_USERNAME env var");
+                                match toggled_user.username == admin_username {
+                                    true => status::Custom(
+                                        Status::Forbidden,
+                                        "You can't change the system admin's perms.".to_string(),
+                                    ),
+                                    false => {
+                                        match info.perm == "admin"
+                                            && user.username != admin_username
+                                        {
+                                            true => status::Custom(
+                                                Status::Forbidden,
                                                 "You can't change other people's admin status."
-                                                    .to_string()
-                                            } else {
-                                                // how deep is this shit
-                                                // i counted. 12.
-                                                // NOW we can actually do the thing :D
-                                                let res = match toggled_user
-                                                    .set_role(&mut db, &info.perm, &info.value)
-                                                    .await
-                                                {
-                                                    Ok(_) => "Done".to_string(),
-                                                    Err(why) => format!(
+                                                    .to_string(),
+                                            ),
+                                            false => {
+                                                match toggled_user.set_role(&mut db,&info.perm,&info.value).await {
+                                                    Ok(_) => status::Custom(Status::Ok, "Done".to_string()),
+                                                    Err(why) => status::Custom(Status::InternalServerError, format!(
                                                         "Couldn't update the user's role: {why}"
-                                                    ),
-                                                };
-                                                res
+                                                    )),
+                                                }
                                             }
                                         }
                                     }
                                 }
-                                None => "The user you're trying to toggle perms for doesn't exist."
-                                    .to_string(),
                             }
                         }
-                        false => "You aren't an admin.".to_string(),
                     }
-                }
-                None => "Invalid user".to_string(),
-            }
-        }
-        None => "Not logged in".to_string(),
+                    None => status::Custom(
+                        Status::NotFound,
+                        "The user you're trying to toggle perms for doesn't exist.".to_string(),
+                    ),
+                },
+                false => status::Custom(Status::Unauthorized, "You aren't an admin.".to_string()),
+            },
+            None => status::Custom(Status::Unauthorized, "Invalid login token".to_string()),
+        },
+        None => status::Custom(Status::Unauthorized, "Not logged in".to_string()),
     }
 }
 
diff --git a/src/tables.rs b/src/tables.rs
index 900c866..4eaf8d9 100644
--- a/src/tables.rs
+++ b/src/tables.rs
@@ -235,7 +235,7 @@ impl Image {
                         VALUES              ($1,        $2);    
                     "#,
                 )
-                .bind(&uuid)
+                .bind(uuid)
                 .bind(user.username),
             )
             .await
@@ -263,7 +263,7 @@ impl Image {
         }
     }
     pub async fn is_owned_by(db: &mut Connection<Db>, uuid: &String, username: &String) -> Result<bool, String> {
-        match Image::get_by_uuid(db, &uuid).await {
+        match Image::get_by_uuid(db, uuid).await {
             Ok(img) => {
                 Ok(&img.owner_name == username)
             },