allow users to delete trips

src/model/logbook.rs

@@ -68,6 +68,11 @@ pub enum LogbookUpdateError {
     ArrivalNotAfterDeparture,
 }
 
+#[derive(Debug, PartialEq)]
+pub enum LogbookDeleteError {
+    NotYourEntry,
+}
+
 #[derive(Debug, PartialEq)]
 pub enum LogbookCreateError {
     BoatAlreadyOnWater,
@@ -327,11 +332,15 @@ ORDER BY departure DESC
         Ok(())
     }
 
-    pub async fn delete(&self, db: &SqlitePool) {
+    pub async fn delete(&self, db: &SqlitePool, user: &User) -> Result<(), LogbookDeleteError> {
+        if user.is_admin || user.id == self.shipmaster {
             sqlx::query!("DELETE FROM logbook WHERE id=?", self.id)
                 .execute(db)
                 .await
                 .unwrap(); //Okay, because we can only create a Logbook of a valid id
+            return Ok(());
+        }
+        Err(LogbookDeleteError::NotYourEntry)
     }
 }
 

src/tera/log.rs

@@ -15,7 +15,10 @@ use tera::Context;
 
 use crate::model::{
     boat::Boat,
-    logbook::{LogToAdd, LogToFinalize, Logbook, LogbookCreateError, LogbookUpdateError},
+    logbook::{
+        LogToAdd, LogToFinalize, Logbook, LogbookCreateError, LogbookDeleteError,
+        LogbookUpdateError,
+    },
     logtype::LogType,
     user::{AdminUser, User, UserWithWaterStatus},
 };
@@ -224,14 +227,19 @@ async fn home(
 }
 
 #[get("/<logbook_id>/delete")]
-async fn delete(db: &State<SqlitePool>, logbook_id: i32, _adminuser: AdminUser) -> Flash<Redirect> {
+async fn delete(db: &State<SqlitePool>, logbook_id: i32, user: User) -> Flash<Redirect> {
     let logbook = Logbook::find_by_id(db, logbook_id).await;
     if let Some(logbook) = logbook {
-        logbook.delete(db).await;
-        Flash::success(
+        match logbook.delete(db, &user).await {
+            Ok(_) => Flash::success(
                 Redirect::to("/log"),
                 format!("Logbook with ID {} successfully deleted!", logbook_id),
-        )
+            ),
+            Err(LogbookDeleteError::NotYourEntry) => Flash::error(
+                Redirect::to("/log"),
+                "Du hast nicht die Berechtigung, den Eintrag zu löschen!",
+            ),
+        }
     } else {
         Flash::error(
             Redirect::to("/log"),