allow users to delete trips

This commit is contained in:
philipp 2023-09-24 09:55:51 +02:00
parent 0558b0458c
commit 3c040fc979
2 changed files with 29 additions and 12 deletions

View File

@ -68,6 +68,11 @@ pub enum LogbookUpdateError {
ArrivalNotAfterDeparture,
}
#[derive(Debug, PartialEq)]
pub enum LogbookDeleteError {
NotYourEntry,
}
#[derive(Debug, PartialEq)]
pub enum LogbookCreateError {
BoatAlreadyOnWater,
@ -327,11 +332,15 @@ ORDER BY departure DESC
Ok(())
}
pub async fn delete(&self, db: &SqlitePool) {
sqlx::query!("DELETE FROM logbook WHERE id=?", self.id)
.execute(db)
.await
.unwrap(); //Okay, because we can only create a Logbook of a valid id
pub async fn delete(&self, db: &SqlitePool, user: &User) -> Result<(), LogbookDeleteError> {
if user.is_admin || user.id == self.shipmaster {
sqlx::query!("DELETE FROM logbook WHERE id=?", self.id)
.execute(db)
.await
.unwrap(); //Okay, because we can only create a Logbook of a valid id
return Ok(());
}
Err(LogbookDeleteError::NotYourEntry)
}
}

View File

@ -15,7 +15,10 @@ use tera::Context;
use crate::model::{
boat::Boat,
logbook::{LogToAdd, LogToFinalize, Logbook, LogbookCreateError, LogbookUpdateError},
logbook::{
LogToAdd, LogToFinalize, Logbook, LogbookCreateError, LogbookDeleteError,
LogbookUpdateError,
},
logtype::LogType,
user::{AdminUser, User, UserWithWaterStatus},
};
@ -224,14 +227,19 @@ async fn home(
}
#[get("/<logbook_id>/delete")]
async fn delete(db: &State<SqlitePool>, logbook_id: i32, _adminuser: AdminUser) -> Flash<Redirect> {
async fn delete(db: &State<SqlitePool>, logbook_id: i32, user: User) -> Flash<Redirect> {
let logbook = Logbook::find_by_id(db, logbook_id).await;
if let Some(logbook) = logbook {
logbook.delete(db).await;
Flash::success(
Redirect::to("/log"),
format!("Logbook with ID {} successfully deleted!", logbook_id),
)
match logbook.delete(db, &user).await {
Ok(_) => Flash::success(
Redirect::to("/log"),
format!("Logbook with ID {} successfully deleted!", logbook_id),
),
Err(LogbookDeleteError::NotYourEntry) => Flash::error(
Redirect::to("/log"),
"Du hast nicht die Berechtigung, den Eintrag zu löschen!",
),
}
} else {
Flash::error(
Redirect::to("/log"),