allow edits of boatreservations, Fixes #417

2024-04-23 22:23:24 +02:00
parent 8f44fdadf2
commit 61261c9816
4 changed files with 96 additions and 13 deletions
--- a/src/model/boatreservation.rs
+++ b/src/model/boatreservation.rs
@ -1,4 +1,5 @@
 use crate::model::{boat::Boat, user::User};
+use crate::tera::boatreservation::ReservationEditForm;
 use chrono::NaiveDate;
 use chrono::NaiveDateTime;
 use rocket::serde::{Deserialize, Serialize};
@ -177,6 +178,20 @@ AND start_date <= ? AND end_date >= ?;",
            > 0
    }

+    pub async fn update(&self, db: &SqlitePool, data: ReservationEditForm) {
+        let time_desc = data.time_desc.trim();
+        let usage = data.usage.trim();
+        sqlx::query!(
+            "UPDATE boat_reservation SET time_desc = ?, usage = ? where id = ?",
+            time_desc,
+            usage,
+            self.id
+        )
+        .execute(db)
+        .await
+        .unwrap(); //Okay, because we can only create a User of a valid id
+    }
+
    pub async fn delete(&self, db: &SqlitePool) {
        sqlx::query!("DELETE FROM boat_reservation WHERE id=?", self.id)
            .execute(db)
--- a/src/tera/boatreservation.rs
+++ b/src/tera/boatreservation.rs
@ -14,6 +14,7 @@ use crate::{
    model::{
        boat::Boat,
        boatreservation::{BoatReservation, BoatReservationToAdd},
+        log::Log,
        user::{DonauLinzUser, User, UserWithRoles},
    },
    tera::log::KioskCookie,
@ -90,7 +91,7 @@ pub struct FormBoatReservationToAdd<'r> {
    pub user_id_applicant: Option<i64>,
 }

-#[post("/", data = "<data>", rank = 2)]
+#[post("/new", data = "<data>", rank = 2)]
 async fn create<'r>(
    db: &State<SqlitePool>,
    data: Form<FormBoatReservationToAdd<'r>>,
@ -115,7 +116,7 @@ async fn create<'r>(
    }
 }

-#[post("/", data = "<data>")]
+#[post("/new", data = "<data>")]
 async fn create_from_kiosk<'r>(
    db: &State<SqlitePool>,
    data: Form<FormBoatReservationToAdd<'r>>,
@ -142,6 +143,50 @@ async fn create_from_kiosk<'r>(
    }
 }

+#[derive(FromForm, Debug)]
+pub struct ReservationEditForm {
+    pub(crate) id: i32,
+    pub(crate) time_desc: String,
+    pub(crate) usage: String,
+}
+
+#[post("/", data = "<data>")]
+async fn update(
+    db: &State<SqlitePool>,
+    data: Form<ReservationEditForm>,
+    user: User,
+) -> Flash<Redirect> {
+    let Some(reservation) = BoatReservation::find_by_id(db, data.id).await else {
+        return Flash::error(
+            Redirect::to("/boatreservation"),
+            format!("Reservation with ID {} does not exist!", data.id),
+        );
+    };
+
+    if user.id != reservation.user_id_applicant && !user.has_role(db, "admin").await {
+        return Flash::error(
+            Redirect::to("/boatreservation"),
+            format!("Not allowed to update reservation (only admins + creator do so)."),
+        );
+    }
+
+    Log::create(
+        db,
+        format!(
+            "{} updated reservation from {reservation:?} to {data:?}",
+            user.name
+        ),
+    )
+    .await;
+
+    reservation.update(db, data.into_inner()).await;
+
+    Flash::success(
+        Redirect::to("/boatreservation"),
+        "Reservierung erfolgreich bearbeitet",
+    )
+}
+
 #[get("/<reservation_id>/delete")]
 async fn delete<'r>(
    db: &State<SqlitePool>,
@ -167,5 +212,12 @@ async fn delete<'r>(
 }

 pub fn routes() -> Vec<Route> {
-    routes![index, index_kiosk, create, create_from_kiosk, delete]
+    routes![
+        index,
+        index_kiosk,
+        create,
+        create_from_kiosk,
+        delete,
+        update
+    ]
 }
--- a/src/tera/mod.rs
+++ b/src/tera/mod.rs
@ -30,7 +30,7 @@ pub(crate) mod admin;
 mod auth;
 pub(crate) mod board;
 mod boatdamage;
-mod boatreservation;
+pub(crate) mod boatreservation;
 mod cox;
 mod ergo;
 mod log;