finalize todo
This commit is contained in:
2
TODO.md
2
TODO.md
@@ -1,2 +0,0 @@
|
|||||||
- create new field in user table -> user\_token
|
|
||||||
- change in misc.rs personal calendar function on not require User, but user\_token
|
|
||||||
@@ -17,7 +17,8 @@ CREATE TABLE IF NOT EXISTS "user" (
|
|||||||
"phone" text,
|
"phone" text,
|
||||||
"address" text,
|
"address" text,
|
||||||
"family_id" INTEGER REFERENCES family(id),
|
"family_id" INTEGER REFERENCES family(id),
|
||||||
"membership_pdf" BLOB
|
"membership_pdf" BLOB,
|
||||||
|
"user_token" TEXT NOT NULL DEFAULT (lower(hex(randomblob(16))))
|
||||||
);
|
);
|
||||||
|
|
||||||
CREATE TABLE IF NOT EXISTS "family" (
|
CREATE TABLE IF NOT EXISTS "family" (
|
||||||
|
|||||||
@@ -75,7 +75,7 @@ GROUP BY family.id;"
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub async fn members(&self, db: &SqlitePool) -> Vec<User> {
|
pub async fn members(&self, db: &SqlitePool) -> Vec<User> {
|
||||||
sqlx::query_as!(User, "SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id FROM user WHERE family_id = ?", self.id)
|
sqlx::query_as!(User, "SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token FROM user WHERE family_id = ?", self.id)
|
||||||
.fetch_all(db)
|
.fetch_all(db)
|
||||||
.await
|
.await
|
||||||
.unwrap()
|
.unwrap()
|
||||||
|
|||||||
@@ -16,7 +16,7 @@ impl Rower {
|
|||||||
sqlx::query_as!(
|
sqlx::query_as!(
|
||||||
User,
|
User,
|
||||||
"
|
"
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token
|
||||||
FROM user
|
FROM user
|
||||||
WHERE id in (SELECT rower_id FROM rower WHERE logbook_id=?)
|
WHERE id in (SELECT rower_id FROM rower WHERE logbook_id=?)
|
||||||
",
|
",
|
||||||
|
|||||||
@@ -42,6 +42,7 @@ pub struct User {
|
|||||||
pub phone: Option<String>,
|
pub phone: Option<String>,
|
||||||
pub address: Option<String>,
|
pub address: Option<String>,
|
||||||
pub family_id: Option<i64>,
|
pub family_id: Option<i64>,
|
||||||
|
pub user_token: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Serialize, Deserialize)]
|
#[derive(Debug, Serialize, Deserialize)]
|
||||||
@@ -493,7 +494,7 @@ ASKÖ Ruderverein Donau Linz", self.name),
|
|||||||
sqlx::query_as!(
|
sqlx::query_as!(
|
||||||
Self,
|
Self,
|
||||||
"
|
"
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token
|
||||||
FROM user
|
FROM user
|
||||||
WHERE id like ?
|
WHERE id like ?
|
||||||
",
|
",
|
||||||
@@ -508,7 +509,7 @@ WHERE id like ?
|
|||||||
sqlx::query_as!(
|
sqlx::query_as!(
|
||||||
Self,
|
Self,
|
||||||
"
|
"
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token
|
||||||
FROM user
|
FROM user
|
||||||
WHERE id like ?
|
WHERE id like ?
|
||||||
",
|
",
|
||||||
@@ -525,7 +526,7 @@ WHERE id like ?
|
|||||||
sqlx::query_as!(
|
sqlx::query_as!(
|
||||||
Self,
|
Self,
|
||||||
"
|
"
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token
|
||||||
FROM user
|
FROM user
|
||||||
WHERE lower(name)=?
|
WHERE lower(name)=?
|
||||||
",
|
",
|
||||||
@@ -567,7 +568,7 @@ WHERE lower(name)=?
|
|||||||
sqlx::query_as!(
|
sqlx::query_as!(
|
||||||
Self,
|
Self,
|
||||||
"
|
"
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token
|
||||||
FROM user
|
FROM user
|
||||||
WHERE deleted = 0
|
WHERE deleted = 0
|
||||||
ORDER BY last_access DESC
|
ORDER BY last_access DESC
|
||||||
@@ -589,7 +590,7 @@ ORDER BY last_access DESC
|
|||||||
sqlx::query_as!(
|
sqlx::query_as!(
|
||||||
Self,
|
Self,
|
||||||
"
|
"
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token
|
||||||
FROM user u
|
FROM user u
|
||||||
JOIN user_role ur ON u.id = ur.user_id
|
JOIN user_role ur ON u.id = ur.user_id
|
||||||
WHERE ur.role_id = ? AND deleted = 0
|
WHERE ur.role_id = ? AND deleted = 0
|
||||||
@@ -605,14 +606,14 @@ ORDER BY name;
|
|||||||
sqlx::query_as!(
|
sqlx::query_as!(
|
||||||
Self,
|
Self,
|
||||||
"
|
"
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id FROM user
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token FROM user
|
||||||
WHERE family_id IS NOT NULL
|
WHERE family_id IS NOT NULL
|
||||||
GROUP BY family_id
|
GROUP BY family_id
|
||||||
|
|
||||||
UNION
|
UNION
|
||||||
|
|
||||||
-- Select users with a null family_id, without grouping
|
-- Select users with a null family_id, without grouping
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id FROM user
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token FROM user
|
||||||
WHERE family_id IS NULL;
|
WHERE family_id IS NULL;
|
||||||
"
|
"
|
||||||
)
|
)
|
||||||
@@ -625,7 +626,7 @@ WHERE family_id IS NULL;
|
|||||||
sqlx::query_as!(
|
sqlx::query_as!(
|
||||||
Self,
|
Self,
|
||||||
"
|
"
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token
|
||||||
FROM user
|
FROM user
|
||||||
WHERE deleted = 0 AND dob != '' and weight != '' and sex != ''
|
WHERE deleted = 0 AND dob != '' and weight != '' and sex != ''
|
||||||
ORDER BY name
|
ORDER BY name
|
||||||
@@ -640,7 +641,7 @@ ORDER BY name
|
|||||||
sqlx::query_as!(
|
sqlx::query_as!(
|
||||||
Self,
|
Self,
|
||||||
"
|
"
|
||||||
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
|
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, user_token
|
||||||
FROM user
|
FROM user
|
||||||
WHERE deleted = 0 AND (SELECT COUNT(*) FROM user_role WHERE user_id=user.id AND role_id = (SELECT id FROM role WHERE name = 'cox')) > 0
|
WHERE deleted = 0 AND (SELECT COUNT(*) FROM user_role WHERE user_id=user.id AND role_id = (SELECT id FROM role WHERE name = 'cox')) > 0
|
||||||
ORDER BY last_access DESC
|
ORDER BY last_access DESC
|
||||||
|
|||||||
@@ -9,10 +9,21 @@ async fn cal(db: &State<SqlitePool>) -> (ContentType, String) {
|
|||||||
(ContentType::Calendar, Event::get_ics_feed(db).await)
|
(ContentType::Calendar, Event::get_ics_feed(db).await)
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/cal/registered")]
|
#[get("/cal/personal/<user_id>/<uuid>")]
|
||||||
async fn cal_registered(db: &State<SqlitePool>, user: User) -> (ContentType, String) {
|
async fn cal_registered(
|
||||||
//TODO: add unit test once proper functionality is there
|
db: &State<SqlitePool>,
|
||||||
(ContentType::Calendar, get_personal_cal(db, &user).await)
|
user_id: i32,
|
||||||
|
uuid: &str,
|
||||||
|
) -> Result<(ContentType, String), String> {
|
||||||
|
let Some(user) = User::find_by_id(db, user_id).await else {
|
||||||
|
return Err("Invalid".into());
|
||||||
|
};
|
||||||
|
|
||||||
|
if &user.user_token != uuid {
|
||||||
|
return Err("Invalid".into());
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok((ContentType::Calendar, get_personal_cal(db, &user).await))
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn routes() -> Vec<Route> {
|
pub fn routes() -> Vec<Route> {
|
||||||
|
|||||||
@@ -220,9 +220,11 @@
|
|||||||
<p class="mt-3">
|
<p class="mt-3">
|
||||||
Du möchtest immer up-to-date mit den Events und Ausfahrten bleiben? Wir bieten 3 verschiedene Arten von Kalender an:</p>
|
Du möchtest immer up-to-date mit den Events und Ausfahrten bleiben? Wir bieten 3 verschiedene Arten von Kalender an:</p>
|
||||||
<ol class="list-decimal ml-5 my-3">
|
<ol class="list-decimal ml-5 my-3">
|
||||||
<li><strong>Alle Events und Ausfahrten</strong>, zu denen du dich angemeldet hast: <a class="underline" href="https://app.rudernlinz.at/cal/personal?my-secrect-key">https://app.rudernlinz.at/cal/personal?my-secrect-key</a></li>
|
<li><strong>Alle Events und Ausfahrten</strong>, zu denen du dich angemeldet hast: <a class="underline" href="https://app.rudernlinz.at/cal/personal/{{ loggedin_user.id }}/{{ loggedin_user.user_token }}">https://app.rudernlinz.at/cal/personal/{{ loggedin_user.id }}/{{ loggedin_user.user_token }}</a><br />
|
||||||
|
<small>Dieser Link enthält einen zufällig generierten Teil, damit nur du (und jene, denen du diesen Link weitergibst) Zugang zu diesen Daten hast.</small></li>
|
||||||
<li><strong>Allgemeiner Kalender</strong>, zB save-the-dates (Wanderfahrten, ...): <a href="https://rudernlinz.at/cal" class="underline">https://rudernlinz.at/cal</a></li>
|
<li><strong>Allgemeiner Kalender</strong>, zB save-the-dates (Wanderfahrten, ...): <a href="https://rudernlinz.at/cal" class="underline">https://rudernlinz.at/cal</a></li>
|
||||||
<li><strong>Alle Events</strong>: <a class="underline" href="https://app.rudernlinz.at/cal">https://app.rudernlinz.at/cal</a></li>
|
<li><strong>Alle Events</strong>: <a class="underline" href="https://app.rudernlinz.at/cal">https://app.rudernlinz.at/cal</a><br />
|
||||||
|
<small>Beachte, dass dieser Kalender keine Ausfahrten enthält, die von einzelnen Steuerpersonen augeschrieben werden. Dieser Kalender wird zB auf <a href="https://rudernlinz.at/termine" class="underline">https://rudernlinz.at/termine</a> verwendet und wir möchten keine persönlichen Daten (Namen etc.) leaken.</small></li>
|
||||||
</ol>
|
</ol>
|
||||||
Du kannst die Kalender einfach in deinen Kalender als "externen Kalender" synchronisieren. Die genauen Schritte hängen von deiner verwendeten Software ab.
|
Du kannst die Kalender einfach in deinen Kalender als "externen Kalender" synchronisieren. Die genauen Schritte hängen von deiner verwendeten Software ab.
|
||||||
</details>
|
</details>
|
||||||
|
|||||||
Reference in New Issue
Block a user