lmao

server-rs/src/licensing.rs

@@ -0,0 +1,55 @@
+use axum::http::StatusCode;
+use axum::response::IntoResponse;
+use serde_json::json;
+
+use crate::auth::PocketBaseUser;
+use crate::consts::FREE_ZONE_BOUNDS;
+
+/// Check whether the user is allowed to query data at the given bounds.
+/// Licensed users and admins bypass the check entirely.
+/// Free/anonymous users get 403 if bounds exceed the free zone.
+pub fn check_license_bounds(
+    user: &Option<PocketBaseUser>,
+    bounds: (f64, f64, f64, f64),
+) -> Result<(), (StatusCode, axum::response::Response)> {
+    // Licensed users and admins can query anywhere
+    if let Some(u) = user {
+        if u.is_admin || u.subscription == "licensed" {
+            return Ok(());
+        }
+    }
+
+    let (south, west, north, east) = bounds;
+    let (fz_south, fz_west, fz_north, fz_east) = FREE_ZONE_BOUNDS;
+
+    // Check if requested bounds are fully within the free zone
+    if south >= fz_south && west >= fz_west && north <= fz_north && east <= fz_east {
+        return Ok(());
+    }
+
+    let body = json!({
+        "error": "license_required",
+        "message": "A license is required to view data outside inner London",
+        "free_zone": {
+            "south": fz_south,
+            "west": fz_west,
+            "north": fz_north,
+            "east": fz_east,
+        }
+    });
+
+    Err((
+        StatusCode::FORBIDDEN,
+        (StatusCode::FORBIDDEN, axum::Json(body)).into_response(),
+    ))
+}
+
+/// Convenience wrapper that takes a point (lat, lon) instead of bounds.
+/// Used for endpoints that operate on a single location (e.g. postcode stats).
+pub fn check_license_point(
+    user: &Option<PocketBaseUser>,
+    lat: f64,
+    lon: f64,
+) -> Result<(), (StatusCode, axum::response::Response)> {
+    check_license_bounds(user, (lat, lon, lat, lon))
+}