webcit-ng/user_functions.c

   1 // User functions
   2 //
   3 // Copyright (c) 1996-2022 by the citadel.org team
   4 //
   5 // This program is open source software.  It runs great on the
   6 // Linux operating system (and probably elsewhere).  You can use,
   7 // copy, and run it under the terms of the GNU General Public
   8 // License version 3.
   9 //
  10 // This program is distributed in the hope that it will be useful,
  11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13 // GNU General Public License for more details.
  14
  15 #include "webcit.h"
  16
  17
  18 // Fetch a user photo (avatar)
  19 void fetch_user_photo(struct http_transaction *h, struct ctdlsession *c, char *username) {
  20         char buf[1024];
  21         int content_length = 0;
  22         char content_type[1024];
  23         char *image = NULL;
  24         int actual_length = 0;
  25
  26         ctdl_printf(c, "DLUI %s", username);
  27         ctdl_readline(c, buf, sizeof(buf));
  28         if (buf[0] == '6') {
  29                 content_length = extract_int(&buf[4], 0);
  30                 extract_token(content_type, &buf[4], 3, '|', sizeof content_type);
  31
  32                 image = malloc(content_length);
  33                 if (image == NULL) {
  34                         do_502(h);
  35                         return;
  36                 }
  37                 actual_length = ctdl_read_binary(c, image, content_length);
  38
  39                 add_response_header(h, strdup("Content-type"), strdup(content_type));
  40                 h->response_code = 200;
  41                 h->response_string = strdup("OK");
  42                 h->response_body_length = actual_length;
  43                 h->response_body = image;
  44                 return;
  45         }
  46
  47         do_404(h);
  48 }
  49
  50
  51 // Fetch a user bio (profile)
  52 void fetch_user_bio(struct http_transaction *h, struct ctdlsession *c, char *username) {
  53         do_404(h);      // FIXME finish this
  54 }
  55
  56
  57 // Client requested an object related to a user.
  58 void object_in_user(struct http_transaction *h, struct ctdlsession *c, char *requested_username) {
  59         char object_name[1024];
  60
  61         extract_token(object_name, h->url, 4, '/', sizeof object_name);
  62
  63         if (!strcasecmp(object_name, "userpic")) {              // user photo (avatar)
  64                 fetch_user_photo(h, c, requested_username);
  65                 return;
  66         }
  67
  68         if (!strcasecmp(object_name, "bio")) {                  // user bio (profile)
  69                 fetch_user_bio(h, c, requested_username);
  70                 return;
  71         }
  72
  73         do_404(h);                                              // unknown object
  74         return;
  75 }
  76
  77
  78 // Handle REST/DAV requests for the user itself (such as /ctdl/u/username
  79 // or /ctdl/i/username/ but *not* specific properties of the user)
  80 void the_user_itself(struct http_transaction *h, struct ctdlsession *c, char *username) {
  81         do_404(h);
  82 }
  83
  84
  85 // Dispatcher for "/ctdl/u" and "/ctdl/u/" for the user list
  86 void user_list(struct http_transaction *h, struct ctdlsession *c) {
  87         do_404(h);
  88 }
  89
  90
  91 // Dispatcher for paths starting with /ctdl/u/
  92 void ctdl_u(struct http_transaction *h, struct ctdlsession *c) {
  93         char requested_username[128];
  94         char buf[1024];
  95
  96         // All user-related functions require accessing the user in question.
  97         extract_token(requested_username, h->url, 3, '/', sizeof requested_username);
  98         unescape_input(requested_username);
  99
 100         if (IsEmptyStr(requested_username)) {                           //      /ctdl/u/
 101                 user_list(h, c);
 102                 return;
 103         }
 104
 105         // At this point we have extracted the name of the user we're interested in.
 106         // FIXME should we validate it?
 107
 108         if (num_tokens(h->url, '/') == 4) {                             //      /ctdl/u/username
 109                 the_user_itself(h, c, requested_username);
 110                 return;
 111         }
 112
 113         extract_token(buf, h->url, 4, '/', sizeof buf);
 114         if (num_tokens(h->url, '/') == 5) {
 115                 if (IsEmptyStr(buf)) {
 116                         the_user_itself(h, c, requested_username);      //      /ctdl/u/username/ (same as /ctdl/u/username)
 117                 }
 118                 else {
 119                         object_in_user(h, c, requested_username);       //      /ctdl/u/username/object
 120                 }
 121                 return;
 122         }
 123
 124         if (num_tokens(h->url, '/') == 6) {
 125                 object_in_user(h, c, requested_username);               //      /ctdl/u/username/object/ or possibly /ctdl/u/username/object/component
 126                 return;
 127         }
 128
 129         // If we get to this point, the client requested an action we don't know how to perform.
 130         do_404(h);
 131 }