andras/perfect-postcode
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

seems alright

Browse source
This commit is contained in:
Andras Schmelczer 2026-05-17 13:52:11 +01:00
parent ebe7bbb51d
commit eac1bd0d13
58 changed files with 23125 additions and 153505 deletions
Download patch file Download diff file Expand all files Collapse all files

237
server-rs/src/routes/actual_listings.rs
View file

@ -1,80 +1,239 @@
use std::sync::Arc;
use axum::extract::{Query, State};
use axum::http::StatusCode;
use axum::response::Json;
use rustc_hash::FxHashSet;
use serde::{Deserialize, Serialize};
use tracing::info;
use crate::api_error::ApiError;
use crate::consts::{DEFAULT_ACTUAL_LISTINGS_LIMIT, MAX_ACTUAL_LISTINGS_LIMIT};
use crate::data::ActualListing;
use crate::parsing::require_bounds;
use crate::state::SharedState;
use crate::features::property_level_feature_names;
use crate::parsing::{
parse_filters_with_poi, require_bounds, row_passes_filters, row_passes_poi_filters,
};
use crate::state::{AppState, SharedState};
const MAX_RESULTS: usize = 5000;
use super::travel_time::{parse_optional_travel, row_passes_travel_filters, TravelEntry};
#[derive(Deserialize)]
pub struct ActualListingsParams {
bounds: Option<String>,
/// `;;`-separated filters: `name:min:max;;...`
filters: Option<String>,
/// Pipe-separated travel time entries: `mode:slug|mode:slug:min:max`
travel: Option<String>,
/// Page size — defaults to DEFAULT_ACTUAL_LISTINGS_LIMIT, capped at
/// MAX_ACTUAL_LISTINGS_LIMIT.
limit: Option<usize>,
/// Number of results to skip. Defaults to 0.
offset: Option<usize>,
}
#[derive(Serialize)]
pub struct ActualListingsResponse {
pub listings: Vec<ActualListing>,
pub total: usize,
pub limit: usize,
pub offset: usize,
pub truncated: bool,
}
pub async fn get_actual_listings(
State(shared): State<Arc<SharedState>>,
Query(params): Query<ActualListingsParams>,
) -> Result<Json<ActualListingsResponse>, (StatusCode, String)> {
) -> Result<Json<ActualListingsResponse>, ApiError> {
let state = shared.load_state();
let limit = params
.limit
.unwrap_or(DEFAULT_ACTUAL_LISTINGS_LIMIT)
.min(MAX_ACTUAL_LISTINGS_LIMIT);
let offset = params.offset.unwrap_or(0);
let Some(actual_listings) = state.actual_listings.clone() else {
return Ok(Json(ActualListingsResponse {
listings: Vec::new(),
total: 0,
limit,
offset,
truncated: false,
}));
};
let (south, west, north, east) = require_bounds(params.bounds)?;
let (south, west, north, east) = require_bounds(params.bounds).map_err(ApiError::from)?;
let response = tokio::task::spawn_blocking(move || {
let t0 = std::time::Instant::now();
let row_indices = actual_listings.grid.query(south, west, north, east);
let total = row_indices.len();
let truncated = total > MAX_RESULTS;
let quant = state.data.quant_ref();
let poi_quant = state.data.poi_metrics.quant_ref();
let (mut parsed_filters, mut parsed_enum_filters, parsed_poi_filters) = parse_filters_with_poi(
params.filters.as_deref(),
&state.feature_name_to_index,
&state.data.enum_values,
&quant,
&state.data.poi_metrics.name_to_index,
&poi_quant,
)
.map_err(ApiError::BadRequest)?;
let mut listings: Vec<ActualListing> = row_indices
.iter()
.take(MAX_RESULTS)
.map(|&row| actual_listings.listing_at(row as usize))
.collect();
// Drop property-level filters (price, sqm, build year, beds, type, etc.) so they
// don't hide live listings — those are individual-property concerns the user can
// judge from the pin itself. We only keep area/postcode-level filters here.
let property_level_idxs: FxHashSet<usize> = property_level_feature_names()
.into_iter()
.filter_map(|name| state.feature_name_to_index.get(name).copied())
.collect();
parsed_filters.retain(|f| !property_level_idxs.contains(&f.feat_idx));
parsed_enum_filters.retain(|f| !property_level_idxs.contains(&f.feat_idx));
// Sort newest first so the most relevant pins win when the viewport is busy.
listings.sort_by(|left, right| {
right
.listing_date_iso
.cmp(&left.listing_date_iso)
.then_with(|| right.asking_price.cmp(&left.asking_price))
});
let travel_entries =
parse_optional_travel(params.travel.as_deref()).map_err(ApiError::BadRequest)?;
let elapsed = t0.elapsed();
info!(
results = listings.len(),
total,
truncated,
ms = format_args!("{:.1}", elapsed.as_secs_f64() * 1000.0),
"GET /api/actual-listings"
);
let has_area_filters = !parsed_filters.is_empty()
|| !parsed_enum_filters.is_empty()
|| !parsed_poi_filters.is_empty()
|| !travel_entries.is_empty();
ActualListingsResponse {
listings,
total,
truncated,
}
})
.await
.map_err(|error| (StatusCode::INTERNAL_SERVER_ERROR, error.to_string()))?;
let state_clone = state.clone();
let response =
tokio::task::spawn_blocking(move || -> Result<ActualListingsResponse, String> {
let t0 = std::time::Instant::now();
let passing_postcodes = if has_area_filters {
Some(compute_passing_postcodes(
&state_clone,
south,
west,
north,
east,
&parsed_filters,
&parsed_enum_filters,
&parsed_poi_filters,
&travel_entries,
)?)
} else {
None
};
let row_indices = actual_listings.grid.query(south, west, north, east);
let total_in_bounds = row_indices.len();
// Build (row, sort_key) pairs so we can sort by index without
// materializing the full ActualListing for every matching row.
let mut matching_rows: Vec<usize> = row_indices
.iter()
.filter_map(|&row_idx| {
let row = row_idx as usize;
if let Some(allowed) = passing_postcodes.as_ref() {
if !allowed.contains(actual_listings.postcode[row].as_str()) {
return None;
}
}
Some(row)
})
.collect();
let total_matching = matching_rows.len();
matching_rows.sort_by(|&left, &right| {
actual_listings.listing_date_iso[right]
.cmp(&actual_listings.listing_date_iso[left])
.then_with(|| {
actual_listings.asking_price[right].cmp(&actual_listings.asking_price[left])
})
});
let truncated = total_matching > offset.saturating_add(limit);
let listings: Vec<ActualListing> = matching_rows
.iter()
.skip(offset)
.take(limit)
.map(|&row| actual_listings.listing_at(row))
.collect();
let elapsed = t0.elapsed();
info!(
results = listings.len(),
total = total_matching,
total_in_bounds,
offset,
filtered = passing_postcodes.is_some(),
ms = format_args!("{:.1}", elapsed.as_secs_f64() * 1000.0),
"GET /api/actual-listings"
);
Ok(ActualListingsResponse {
listings,
total: total_matching,
limit,
offset,
truncated,
})
})
.await
.map_err(|error| ApiError::Internal(error.to_string()))?
.map_err(ApiError::Internal)?;
Ok(Json(response))
}
#[allow(clippy::too_many_arguments)]
fn compute_passing_postcodes(
state: &AppState,
south: f64,
west: f64,
north: f64,
east: f64,
parsed_filters: &[crate::parsing::ParsedFilter],
parsed_enum_filters: &[crate::parsing::ParsedEnumFilter],
parsed_poi_filters: &[crate::parsing::ParsedPoiFilter],
travel_entries: &[TravelEntry],
) -> Result<FxHashSet<String>, String> {
let num_features = state.data.num_features;
let feature_data = &state.data.feature_data;
let poi_metrics = &state.data.poi_metrics;
let has_poi_filters = !parsed_poi_filters.is_empty();
let travel_data = if travel_entries.is_empty() {
Vec::new()
} else {
let store = &state.travel_time_store;
travel_entries
.iter()
.map(|entry| {
store
.get(&entry.mode, &entry.slug)
.map_err(|err| format!("Failed to load travel data: {}", err))
})
.collect::<Result<Vec<_>, _>>()?
};
let has_travel = !travel_entries.is_empty();
let mut passing: FxHashSet<String> = FxHashSet::default();
state
.grid
.for_each_in_bounds(south, west, north, east, |row_idx| {
let row = row_idx as usize;
if !row_passes_filters(
row,
parsed_filters,
parsed_enum_filters,
feature_data,
num_features,
) {
return;
}
if has_poi_filters && !row_passes_poi_filters(row, parsed_poi_filters, poi_metrics) {
return;
}
let postcode = state.data.postcode(row);
if has_travel && !row_passes_travel_filters(postcode, travel_entries, &travel_data) {
return;
}
// Property postcodes share the same canonical "OUT IN" format used by
// ActualListingData::load (normalize_postcode), so we can match by string.
if !passing.contains(postcode) {
passing.insert(postcode.to_string());
}
});
Ok(passing)
}

74
server-rs/src/routes/hexagon_stats.rs
View file

@ -1,6 +1,8 @@
use std::collections::{HashMap, HashSet};
use std::str::FromStr;
use std::sync::Arc;
use std::sync::{Arc, Once};
static OUT_OF_RANGE_WARN: Once = Once::new();
use axum::extract::{Query, State};
use axum::http::StatusCode;
@ -260,6 +262,14 @@ pub(super) fn top_filter_exclusions(
continue;
};
let Some(category) = values.get(raw as usize) else {
OUT_OF_RANGE_WARN.call_once(|| {
warn!(
feature = %data.feature_names[filter.feat_idx],
raw,
max = values.len(),
"Enum value index out of range (logged once)"
);
});
continue;
};
@ -372,10 +382,10 @@ pub(super) fn top_filter_exclusions(
.unwrap_or(f32::INFINITY);
let replace = path_score < current_score
|| (path_score == current_score
|| (path_score.total_cmp(&current_score) == std::cmp::Ordering::Equal
&& best_path
.as_ref()
.map_or(true, |current| path.len() < current.len()));
.is_none_or(|current| path.len() < current.len()));
if replace {
best_path = Some(path);
}
@ -394,8 +404,7 @@ pub(super) fn top_filter_exclusions(
exclusions.sort_by(|a, b| {
a.relative_difference
.partial_cmp(&b.relative_difference)
.unwrap_or(std::cmp::Ordering::Equal)
.total_cmp(&b.relative_difference)
.then_with(|| b.rejected_count.cmp(&a.rejected_count))
.then_with(|| a.name.cmp(&b.name))
});
@ -524,6 +533,27 @@ pub async fn get_hexagon_stats(
// for the requested journey destination (so it has journey data). Fall back
// to geographic proximity to the hexagon center.
let central_postcode = if !matching_rows.is_empty() {
let center: h3o::LatLng = cell.into();
let center_lat = center.lat() as f32;
let center_lon = center.lng() as f32;
let lat = state.data.lat.as_slice();
let lon = state.data.lon.as_slice();
let distance_sq = |row: usize| -> Option<f32> {
match (lat.get(row), lon.get(row)) {
(Some(&la), Some(&lo)) if la.is_finite() && lo.is_finite() => {
Some((la - center_lat).powi(2) + (lo - center_lon).powi(2))
}
_ => {
OUT_OF_RANGE_WARN.call_once(|| {
warn!(
"matching_rows index out of range or non-finite lat/lon (logged once)"
);
});
None
}
}
};
if let Some(ref travel_data) = journey_travel_data {
// Find the row with the shortest travel time in the travel data
let best_row = matching_rows
@ -537,40 +567,24 @@ pub async fn get_hexagon_stats(
.map(|(row, _)| row);
// Fall back to geographic center if no row has travel data
let row = best_row.unwrap_or_else(|| {
let center: h3o::LatLng = cell.into();
let center_lat = center.lat() as f32;
let center_lon = center.lng() as f32;
let row = best_row.or_else(|| {
matching_rows
.iter()
.copied()
.min_by(|&a, &b| {
let da = (state.data.lat[a] - center_lat).powi(2)
+ (state.data.lon[a] - center_lon).powi(2);
let db = (state.data.lat[b] - center_lat).powi(2)
+ (state.data.lon[b] - center_lon).powi(2);
da.partial_cmp(&db).unwrap_or(std::cmp::Ordering::Equal)
})
.expect("matching_rows is non-empty")
.filter_map(|row| distance_sq(row).map(|d| (row, d)))
.min_by(|a, b| a.1.total_cmp(&b.1))
.map(|(row, _)| row)
});
Some(state.data.postcode(row).to_string())
row.map(|row| state.data.postcode(row).to_string())
} else {
// No journey destination requested — use geographic center
let center: h3o::LatLng = cell.into();
let center_lat = center.lat() as f32;
let center_lon = center.lng() as f32;
let closest_row = matching_rows
.iter()
.copied()
.min_by(|&a, &b| {
let da = (state.data.lat[a] - center_lat).powi(2)
+ (state.data.lon[a] - center_lon).powi(2);
let db = (state.data.lat[b] - center_lat).powi(2)
+ (state.data.lon[b] - center_lon).powi(2);
da.partial_cmp(&db).unwrap_or(std::cmp::Ordering::Equal)
})
.expect("matching_rows is non-empty");
Some(state.data.postcode(closest_row).to_string())
.filter_map(|row| distance_sq(row).map(|d| (row, d)))
.min_by(|a, b| a.1.total_cmp(&b.1))
.map(|(row, _)| row);
closest_row.map(|row| state.data.postcode(row).to_string())
}
} else {
None

96
server-rs/src/routes/invites.rs
View file

@ -292,6 +292,47 @@ async fn mark_invite_used(
return Err(StatusCode::BAD_GATEWAY.into_response());
}
// Defense in depth: PocketBase has no atomic compare-and-swap for record
// updates, and our local + distributed locks could in principle fail (lock
// server timeout, server restart mid-redemption). Re-read the record and
// confirm WE actually own it — if a concurrent redemption beat us to the
// PATCH, both writes succeeded but the loser's user_id is overwritten and
// we must NOT grant a license.
let verify_url = format!("{pb_url}/api/collections/invites/records/{invite_id}");
let verify_resp = match state
.http_client
.get(&verify_url)
.header("Authorization", format!("Bearer {token}"))
.send()
.await
{
Ok(r) => r,
Err(err) => {
warn!("Failed to verify invite redemption: {err}");
return Err(StatusCode::BAD_GATEWAY.into_response());
}
};
if !verify_resp.status().is_success() {
return Err(StatusCode::BAD_GATEWAY.into_response());
}
let body: serde_json::Value = match verify_resp.json().await {
Ok(v) => v,
Err(err) => {
warn!("Failed to parse invite verify response: {err}");
return Err(StatusCode::BAD_GATEWAY.into_response());
}
};
let actual_user = body["used_by_id"].as_str().unwrap_or("");
if actual_user != user_id {
warn!(
invite_id,
expected = user_id,
actual = actual_user,
"Invite redemption race lost — invite already claimed by another user"
);
return Err((StatusCode::CONFLICT, "Invite was already redeemed").into_response());
}
Ok(())
}
@ -512,11 +553,16 @@ pub async fn get_invite(
.await
{
Ok(resp) if resp.status().is_success() => {
let user_body: serde_json::Value = resp.json().await.unwrap_or_default();
user_body["email"]
.as_str()
.and_then(|e| e.split('@').next())
.and_then(sanitize_invited_by)
match resp.json::<serde_json::Value>().await {
Ok(user_body) => user_body["email"]
.as_str()
.and_then(|e| e.split('@').next())
.and_then(sanitize_invited_by),
Err(err) => {
tracing::error!("Failed to parse inviter user record JSON: {err}");
return StatusCode::BAD_GATEWAY.into_response();
}
}
}
_ => None,
}
@ -689,26 +735,6 @@ pub async fn post_redeem_invite(
.into_response()
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn redeemable_invite_filter_allows_unused_or_same_user_invite() {
let filter = redeemable_invite_filter("abc123", "user123").unwrap();
assert_eq!(
filter,
"code=\"abc123\" && (used_by_id=\"\" || used_by_id=\"user123\")"
);
}
#[test]
fn redeemable_invite_filter_rejects_unsafe_values() {
assert!(redeemable_invite_filter("bad-code", "user123").is_err());
assert!(redeemable_invite_filter("abc123", "bad-user").is_err());
}
}
/// List invites. Users only see invites they created, including admins.
pub async fn get_invites(
State(shared): State<Arc<SharedState>>,
@ -787,3 +813,23 @@ pub async fn get_invites(
Json(InviteListResponse { invites }).into_response()
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn redeemable_invite_filter_allows_unused_or_same_user_invite() {
let filter = redeemable_invite_filter("abc123", "user123").unwrap();
assert_eq!(
filter,
"code=\"abc123\" && (used_by_id=\"\" || used_by_id=\"user123\")"
);
}
#[test]
fn redeemable_invite_filter_rejects_unsafe_values() {
assert!(redeemable_invite_filter("bad-code", "user123").is_err());
assert!(redeemable_invite_filter("abc123", "bad-user").is_err());
}
}

14
server-rs/src/routes/places.rs
View file

@ -1,11 +1,12 @@
use std::sync::Arc;
use axum::extract::{Query, State};
use axum::http::StatusCode;
use axum::response::Json;
use serde::{Deserialize, Serialize};
use tracing::info;
use crate::api_error::ApiError;
use crate::consts::{DEFAULT_PLACES_LIMIT, MAX_PLACES_LIMIT};
use crate::data::{normalize_search_text, slugify};
use crate::state::SharedState;
@ -96,15 +97,18 @@ fn postcode_starts_with_compact(postcode: &str, compact_query: &str) -> bool {
pub async fn get_places(
State(shared): State<Arc<SharedState>>,
Query(params): Query<PlacesParams>,
) -> Result<Json<PlacesResponse>, (StatusCode, String)> {
) -> Result<Json<PlacesResponse>, ApiError> {
let state = shared.load_state();
let query = if params.q.is_empty() {
return Err((StatusCode::BAD_REQUEST, "'q' must not be empty".into()));
return Err(ApiError::BadRequest("'q' must not be empty".into()));
} else {
params.q
};
let limit = params.limit.unwrap_or(7).min(20);
let limit = params
.limit
.unwrap_or(DEFAULT_PLACES_LIMIT)
.min(MAX_PLACES_LIMIT);
let mode_filter = params.mode;
let places = tokio::task::spawn_blocking(move || {
@ -264,7 +268,7 @@ pub async fn get_places(
(results, postcodes, addresses)
})
.await
.map_err(|error| (StatusCode::INTERNAL_SERVER_ERROR, error.to_string()))?;
.map_err(|error| ApiError::Internal(error.to_string()))?;
Ok(Json(PlacesResponse {
places: places.0,

8
server-rs/src/routes/pois.rs
View file

@ -1,11 +1,11 @@
use std::sync::Arc;
use axum::extract::{Query, State};
use axum::http::StatusCode;
use axum::response::Json;
use serde::{Deserialize, Serialize};
use tracing::info;
use crate::api_error::ApiError;
use crate::consts::MAX_POIS_PER_REQUEST;
use crate::data::{resolve_poi_category_filter, POICategoryGroup};
use crate::parsing::require_bounds;
@ -39,9 +39,9 @@ pub struct POIParams {
pub async fn get_pois(
State(shared): State<Arc<SharedState>>,
Query(params): Query<POIParams>,
) -> Result<Json<POIsResponse>, (StatusCode, String)> {
) -> Result<Json<POIsResponse>, ApiError> {
let state = shared.load_state();
let (south, west, north, east) = require_bounds(params.bounds)?;
let (south, west, north, east) = require_bounds(params.bounds).map_err(ApiError::from)?;
let category_filter: Option<rustc_hash::FxHashSet<u16>> = params
.categories
@ -109,7 +109,7 @@ pub async fn get_pois(
pois
})
.await
.map_err(|error| (StatusCode::INTERNAL_SERVER_ERROR, error.to_string()))?;
.map_err(|error| ApiError::Internal(error.to_string()))?;
Ok(Json(POIsResponse { pois }))
}

6
server-rs/src/routes/postcode_properties.rs
View file

@ -14,7 +14,7 @@ use crate::parsing::{parse_filters_with_poi, row_passes_filters, row_passes_poi_
use crate::state::SharedState;
use crate::utils::normalize_postcode;
use super::properties::{HexagonPropertiesResponse, Property};
use super::properties::{Property, PropertyListResponse};
use super::travel_time::{load_travel_data, parse_optional_travel, row_passes_travel_filters};
#[derive(Deserialize)]
@ -36,7 +36,7 @@ pub async fn get_postcode_properties(
State(shared): State<Arc<SharedState>>,
Extension(user): Extension<OptionalUser>,
Query(params): Query<PostcodePropertiesParams>,
) -> Result<Json<HexagonPropertiesResponse>, axum::response::Response> {
) -> Result<Json<PropertyListResponse>, axum::response::Response> {
let state = shared.load_state();
let normalized = normalize_postcode(&params.postcode);
@ -183,7 +183,7 @@ pub async fn get_postcode_properties(
"GET /api/postcode-properties"
);
Ok(HexagonPropertiesResponse {
Ok(PropertyListResponse {
properties,
total,
limit,

9
server-rs/src/routes/properties.rs
View file

@ -62,8 +62,11 @@ pub struct Property {
pub features: FxHashMap<String, f32>,
}
/// Shared paginated list of `Property` records. Used by both
/// `/api/hexagon-properties` (lookup by H3 cell) and `/api/postcode-properties`
/// (lookup by postcode) so the frontend can render either result the same way.
#[derive(Serialize)]
pub struct HexagonPropertiesResponse {
pub struct PropertyListResponse {
pub properties: Vec<Property>,
pub total: usize,
pub limit: usize,
@ -183,7 +186,7 @@ pub async fn get_hexagon_properties(
State(shared): State<Arc<SharedState>>,
Extension(user): Extension<OptionalUser>,
Query(params): Query<HexagonPropertiesParams>,
) -> Result<Json<HexagonPropertiesResponse>, axum::response::Response> {
) -> Result<Json<PropertyListResponse>, axum::response::Response> {
let state = shared.load_state();
let cell = h3o::CellIndex::from_str(&params.h3).map_err(|error| {
warn!(h3 = %params.h3, error = %error, "Invalid H3 cell index");
@ -306,7 +309,7 @@ pub async fn get_hexagon_properties(
"GET /api/hexagon-properties"
);
Ok(HexagonPropertiesResponse {
Ok(PropertyListResponse {
properties,
total,
limit,