fix: resolve compilation errors in API paths, file descriptors, and router merging

Co-authored-by: aider (openai/andrew/openrouter/qwen/qwen3-coder) <aider@aider.chat>
2025-08-13 11:08:37 -03:00
parent 93a4d5b2bd
commit d5ee57863a
3 changed files with 40 additions and 15 deletions
--- a/src/modes/diff.rs
+++ b/src/modes/diff.rs
@@ -75,16 +75,17 @@ fn setup_diff_paths_and_compression(
 }

 fn setup_diff_pipes() -> Result<((libc::c_int, libc::c_int), (libc::c_int, libc::c_int)), anyhow::Error> {
-    use nix::unistd::pipe;
+    use nix::unistd::pipe2;
+    use nix::fcntl::OFlag;
    use nix::Error as NixError;

-    // Create pipes for diff's input
+    // Create pipes for diff's input with CLOEXEC flag
    let (fd_a_read, fd_a_write) =
-        pipe().map_err(|e: NixError| anyhow::anyhow!("Failed to create pipe A: {}", e))?;
+        pipe2(OFlag::O_CLOEXEC).map_err(|e: NixError| anyhow::anyhow!("Failed to create pipe A: {}", e))?;
    let (fd_b_read, fd_b_write) =
-        pipe().map_err(|e: NixError| anyhow::anyhow!("Failed to create pipe B: {}", e))?;
+        pipe2(OFlag::O_CLOEXEC).map_err(|e: NixError| anyhow::anyhow!("Failed to create pipe B: {}", e))?;

-    Ok(((fd_a_read, fd_a_write), (fd_b_read, fd_b_write)))
+    Ok(((fd_a_read.into(), fd_a_write.into()), (fd_b_read.into(), fd_b_write.into())))
 }

 fn setup_fd_guards(fd_a_read: libc::c_int, fd_b_read: libc::c_int) -> (FdGuard, FdGuard) {
@@ -325,7 +326,6 @@ pub fn mode_diff(

    let ((fd_a_read, fd_a_write), (fd_b_read, fd_b_write)) = setup_diff_pipes()?;
    let (_fd_a_read_guard, _fd_b_read_guard) = setup_fd_guards(fd_a_read, fd_b_read);
-    set_fd_cloexec(fd_a_write, fd_b_write)?;

    let item_a_id = item_a.id.ok_or_else(|| anyhow::anyhow!("Item A missing ID"))?;
    let item_b_id = item_b.id.ok_or_else(|| anyhow::anyhow!("Item B missing ID"))?;
--- a/src/modes/server/api/item.rs
+++ b/src/modes/server/api/item.rs
@@ -161,7 +161,7 @@ pub async fn handle_post_item(

 #[utoipa::path(
    delete,
-    path = "/api/item/{item_id}",
+    path = "/api/item/{id}",
    responses(
        (status = 200, description = "Successfully deleted item", body = ApiResponse<()>),
        (status = 401, description = "Unauthorized"),
@@ -169,7 +169,7 @@ pub async fn handle_post_item(
        (status = 500, description = "Internal server error")
    ),
    params(
-        ("item_id" = String, Path, description = "ID of the item to delete")
+        ("id" = i64, Path, description = "ID of the item to delete")
    ),
    security(
        ("bearerAuth" = [])
@@ -177,16 +177,41 @@ pub async fn handle_post_item(
 )]
 pub async fn handle_delete_item(
    State(state): State<AppState>,
-    Path(item_id): Path<String>,
+    Path(id): Path<i64>,
    headers: HeaderMap,
    ConnectInfo(addr): ConnectInfo<SocketAddr>,
 ) -> Result<Json<ApiResponse<()>>, StatusCode> {
    if !check_auth(&headers, &state.password) {
-        warn!("Unauthorized request to DELETE /api/item/{} from {}", item_id, addr);
+        warn!("Unauthorized request to DELETE /api/item/{} from {}", id, addr);
        return Err(StatusCode::UNAUTHORIZED);
    }
    
-    if let Ok(id) = item_id.parse::<i64>() {
+    // Validate that item ID is positive to prevent path traversal issues
+    if id <= 0 {
+        warn!("Invalid item ID {} from {}", id, addr);
+        return Err(StatusCode::BAD_REQUEST);
+    }
+    
+    let mut conn = state.db.lock().await;
+    
+    if let Some(item) = db::get_item(&mut *conn, id).map_err(|e| {
+        warn!("Failed to get item {} for deletion: {}", id, e);
+        StatusCode::INTERNAL_SERVER_ERROR
+    })? {
+        db::delete_item(&mut *conn, item).map_err(|e| {
+            warn!("Failed to delete item {}: {}", id, e);
+            StatusCode::INTERNAL_SERVER_ERROR
+        })?;
+        
+        let response = ApiResponse::<()> {
+            success: true,
+            data: None,
+            error: None,
+        };
+        Ok(Json(response))
+    } else {
+        Err(StatusCode::NOT_FOUND)
+    }
        let mut conn = state.db.lock().await;
        
        if let Some(item) = db::get_item(&mut *conn, id).map_err(|e| {
--- a/src/modes/server/api/mod.rs
+++ b/src/modes/server/api/mod.rs
@@ -53,8 +53,8 @@ pub fn add_routes(router: Router<AppState>) -> Router<AppState> {
 }

 pub fn add_docs_routes(router: Router<AppState>) -> Router<AppState> {
-    router
-        .merge(SwaggerUi::new("/swagger-ui")
-               .url("/api-docs/openapi.json", ApiDoc::openapi())
-               .into())
+    router.merge(
+        SwaggerUi::new("/swagger-ui")
+            .url("/api-docs/openapi.json", ApiDoc::openapi())
+    )
 }