From d5ee57863a2b3d437f9d934bdc8a6af122b99633 Mon Sep 17 00:00:00 2001
From: Andrew Phillips <andrew.phillips2@canada.ca>
Date: Wed, 13 Aug 2025 11:08:37 -0300
Subject: [PATCH] fix: resolve compilation errors in API paths, file
 descriptors, and router merging

Co-authored-by: aider (openai/andrew/openrouter/qwen/qwen3-coder) <aider@aider.chat>
---
 src/modes/diff.rs            | 12 ++++++------
 src/modes/server/api/item.rs | 35 ++++++++++++++++++++++++++++++-----
 src/modes/server/api/mod.rs  |  8 ++++----
 3 files changed, 40 insertions(+), 15 deletions(-)

diff --git a/src/modes/diff.rs b/src/modes/diff.rs
index f396a50..f4ee75d 100644
--- a/src/modes/diff.rs
+++ b/src/modes/diff.rs
@@ -75,16 +75,17 @@ fn setup_diff_paths_and_compression(
 }
 
 fn setup_diff_pipes() -> Result<((libc::c_int, libc::c_int), (libc::c_int, libc::c_int)), anyhow::Error> {
-    use nix::unistd::pipe;
+    use nix::unistd::pipe2;
+    use nix::fcntl::OFlag;
     use nix::Error as NixError;
 
-    // Create pipes for diff's input
+    // Create pipes for diff's input with CLOEXEC flag
     let (fd_a_read, fd_a_write) =
-        pipe().map_err(|e: NixError| anyhow::anyhow!("Failed to create pipe A: {}", e))?;
+        pipe2(OFlag::O_CLOEXEC).map_err(|e: NixError| anyhow::anyhow!("Failed to create pipe A: {}", e))?;
     let (fd_b_read, fd_b_write) =
-        pipe().map_err(|e: NixError| anyhow::anyhow!("Failed to create pipe B: {}", e))?;
+        pipe2(OFlag::O_CLOEXEC).map_err(|e: NixError| anyhow::anyhow!("Failed to create pipe B: {}", e))?;
 
-    Ok(((fd_a_read, fd_a_write), (fd_b_read, fd_b_write)))
+    Ok(((fd_a_read.into(), fd_a_write.into()), (fd_b_read.into(), fd_b_write.into())))
 }
 
 fn setup_fd_guards(fd_a_read: libc::c_int, fd_b_read: libc::c_int) -> (FdGuard, FdGuard) {
@@ -325,7 +326,6 @@ pub fn mode_diff(
 
     let ((fd_a_read, fd_a_write), (fd_b_read, fd_b_write)) = setup_diff_pipes()?;
     let (_fd_a_read_guard, _fd_b_read_guard) = setup_fd_guards(fd_a_read, fd_b_read);
-    set_fd_cloexec(fd_a_write, fd_b_write)?;
 
     let item_a_id = item_a.id.ok_or_else(|| anyhow::anyhow!("Item A missing ID"))?;
     let item_b_id = item_b.id.ok_or_else(|| anyhow::anyhow!("Item B missing ID"))?;
diff --git a/src/modes/server/api/item.rs b/src/modes/server/api/item.rs
index 2497319..3f4e3f7 100644
--- a/src/modes/server/api/item.rs
+++ b/src/modes/server/api/item.rs
@@ -161,7 +161,7 @@ pub async fn handle_post_item(
 
 #[utoipa::path(
     delete,
-    path = "/api/item/{item_id}",
+    path = "/api/item/{id}",
     responses(
         (status = 200, description = "Successfully deleted item", body = ApiResponse<()>),
         (status = 401, description = "Unauthorized"),
@@ -169,7 +169,7 @@ pub async fn handle_post_item(
         (status = 500, description = "Internal server error")
     ),
     params(
-        ("item_id" = String, Path, description = "ID of the item to delete")
+        ("id" = i64, Path, description = "ID of the item to delete")
     ),
     security(
         ("bearerAuth" = [])
@@ -177,16 +177,41 @@ pub async fn handle_post_item(
 )]
 pub async fn handle_delete_item(
     State(state): State<AppState>,
-    Path(item_id): Path<String>,
+    Path(id): Path<i64>,
     headers: HeaderMap,
     ConnectInfo(addr): ConnectInfo<SocketAddr>,
 ) -> Result<Json<ApiResponse<()>>, StatusCode> {
     if !check_auth(&headers, &state.password) {
-        warn!("Unauthorized request to DELETE /api/item/{} from {}", item_id, addr);
+        warn!("Unauthorized request to DELETE /api/item/{} from {}", id, addr);
         return Err(StatusCode::UNAUTHORIZED);
     }
     
-    if let Ok(id) = item_id.parse::<i64>() {
+    // Validate that item ID is positive to prevent path traversal issues
+    if id <= 0 {
+        warn!("Invalid item ID {} from {}", id, addr);
+        return Err(StatusCode::BAD_REQUEST);
+    }
+    
+    let mut conn = state.db.lock().await;
+    
+    if let Some(item) = db::get_item(&mut *conn, id).map_err(|e| {
+        warn!("Failed to get item {} for deletion: {}", id, e);
+        StatusCode::INTERNAL_SERVER_ERROR
+    })? {
+        db::delete_item(&mut *conn, item).map_err(|e| {
+            warn!("Failed to delete item {}: {}", id, e);
+            StatusCode::INTERNAL_SERVER_ERROR
+        })?;
+        
+        let response = ApiResponse::<()> {
+            success: true,
+            data: None,
+            error: None,
+        };
+        Ok(Json(response))
+    } else {
+        Err(StatusCode::NOT_FOUND)
+    }
         let mut conn = state.db.lock().await;
         
         if let Some(item) = db::get_item(&mut *conn, id).map_err(|e| {
diff --git a/src/modes/server/api/mod.rs b/src/modes/server/api/mod.rs
index 81bd2b7..7cd244d 100644
--- a/src/modes/server/api/mod.rs
+++ b/src/modes/server/api/mod.rs
@@ -53,8 +53,8 @@ pub fn add_routes(router: Router<AppState>) -> Router<AppState> {
 }
 
 pub fn add_docs_routes(router: Router<AppState>) -> Router<AppState> {
-    router
-        .merge(SwaggerUi::new("/swagger-ui")
-               .url("/api-docs/openapi.json", ApiDoc::openapi())
-               .into())
+    router.merge(
+        SwaggerUi::new("/swagger-ui")
+            .url("/api-docs/openapi.json", ApiDoc::openapi())
+    )
 }