From 93c83165439cb5b78f88d23df9fcb27c035131d5 Mon Sep 17 00:00:00 2001 From: philipp Date: Mon, 19 Aug 2024 13:23:08 +0200 Subject: [PATCH] allow to edit users; Fixes #688 --- src/model/user.rs | 1 + src/tera/admin/user.rs | 18 +++++++++--------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/src/model/user.rs b/src/model/user.rs index ca421b8..6f25d7c 100644 --- a/src/model/user.rs +++ b/src/model/user.rs @@ -1001,6 +1001,7 @@ special_user!(SchnupperBetreuerUser, +"schnupper-betreuer"); special_user!(VorstandUser, +"Vorstand"); special_user!(EventUser, +"manage_events"); special_user!(AllowedToEditPaymentStatusUser, +"kassier", +"admin"); +special_user!(ManageUserUser, +"admin", +"schriftfuehrer"); #[derive(FromRow, Serialize, Deserialize, Clone, Debug)] pub struct UserWithRolesAndMembershipPdf { diff --git a/src/tera/admin/user.rs b/src/tera/admin/user.rs index 3c5db86..3a98508 100644 --- a/src/tera/admin/user.rs +++ b/src/tera/admin/user.rs @@ -7,7 +7,7 @@ use crate::{ logbook::Logbook, role::Role, user::{ - AdminUser, AllowedToEditPaymentStatusUser, SchnupperBetreuerUser, User, + AdminUser, AllowedToEditPaymentStatusUser, ManageUserUser, SchnupperBetreuerUser, User, UserWithDetails, UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser, }, }, @@ -56,7 +56,7 @@ async fn index( .collect(); let user: User = user.into_inner(); - let allowed_to_edit = user.has_role(db, "admin").await; + let allowed_to_edit = ManageUserUser::new(db, user.clone()).await.is_some(); let users: Vec = join_all(user_futures).await; @@ -90,7 +90,7 @@ async fn index_admin( let users: Vec = join_all(user_futures).await; let user: User = user.user; - let allowed_to_edit = user.has_role(db, "admin").await; + let allowed_to_edit = ManageUserUser::new(db, user.clone()).await.is_some(); let roles = Role::all(db).await; let families = Family::all_with_members(db).await; @@ -215,7 +215,7 @@ async fn fees_paid( #[get("/user//send-welcome-mail")] async fn send_welcome_mail( db: &State, - _admin: AdminUser, + _admin: ManageUserUser, config: &State, user: i32, ) -> Flash { @@ -233,7 +233,7 @@ async fn send_welcome_mail( } #[get("/user//reset-pw")] -async fn resetpw(db: &State, admin: AdminUser, user: i32) -> Flash { +async fn resetpw(db: &State, admin: ManageUserUser, user: i32) -> Flash { let user = User::find_by_id(db, user).await; match user { Some(user) => { @@ -253,7 +253,7 @@ async fn resetpw(db: &State, admin: AdminUser, user: i32) -> Flash/delete")] -async fn delete(db: &State, admin: AdminUser, user: i32) -> Flash { +async fn delete(db: &State, admin: ManageUserUser, user: i32) -> Flash { let user = User::find_by_id(db, user).await; Log::create(db, format!("{} deleted user: {user:?}", admin.user.name)).await; match user { @@ -290,7 +290,7 @@ pub struct UserEditForm<'a> { async fn update( db: &State, data: Form>, - admin: AdminUser, + admin: ManageUserUser, ) -> Flash { let user = User::find_by_id(db, data.id).await; Log::create( @@ -313,7 +313,7 @@ async fn update( #[get("/user//membership")] async fn download_membership_pdf( db: &State, - admin: AdminUser, + admin: ManageUserUser, user: i32, ) -> (ContentType, Vec) { let user = User::find_by_id(db, user).await.unwrap(); @@ -339,7 +339,7 @@ struct UserAddForm<'r> { async fn create( db: &State, data: Form>, - admin: AdminUser, + admin: ManageUserUser, ) -> Flash { if User::create(db, data.name).await { Log::create(