cox not allowed to set always_show; cargo clippy
This commit is contained in:
@ -575,10 +575,8 @@ ORDER BY departure DESC
|
||||
return Err(LogbookUpdateError::ArrivalNotAfterDeparture);
|
||||
}
|
||||
|
||||
if !boat.external {
|
||||
if boat.on_water_between(db, dep, arr).await {
|
||||
return Err(LogbookUpdateError::BoatAlreadyOnWater);
|
||||
};
|
||||
if !boat.external && boat.on_water_between(db, dep, arr).await {
|
||||
return Err(LogbookUpdateError::BoatAlreadyOnWater);
|
||||
}
|
||||
|
||||
let duration_in_mins = (arr.and_utc().timestamp() - dep.and_utc().timestamp()) / 60;
|
||||
@ -594,14 +592,13 @@ ORDER BY departure DESC
|
||||
let today = Local::now().date_naive();
|
||||
let day_diff = today - arr.date();
|
||||
let day_diff = day_diff.num_days();
|
||||
if day_diff >= 7 {
|
||||
if !user.has_role_tx(db, "admin").await
|
||||
&& !user
|
||||
.has_role_tx(db, "allow-retroactive-logbookentries")
|
||||
.await
|
||||
{
|
||||
return Err(LogbookUpdateError::OnlyAllowedToEndTripsEndingToday);
|
||||
}
|
||||
if day_diff >= 7
|
||||
&& !user.has_role_tx(db, "admin").await
|
||||
&& !user
|
||||
.has_role_tx(db, "allow-retroactive-logbookentries")
|
||||
.await
|
||||
{
|
||||
return Err(LogbookUpdateError::OnlyAllowedToEndTripsEndingToday);
|
||||
}
|
||||
if day_diff < 0 && !user.has_role_tx(db, "admin").await {
|
||||
return Err(LogbookUpdateError::OnlyAllowedToEndTripsEndingToday);
|
||||
|
||||
@ -40,7 +40,6 @@ pub struct TripUpdate<'a> {
|
||||
pub max_people: i32,
|
||||
pub notes: Option<&'a str>,
|
||||
pub trip_type: Option<i64>, //TODO: Move to `TripType`
|
||||
pub always_show: bool,
|
||||
pub is_locked: bool,
|
||||
}
|
||||
|
||||
@ -210,11 +209,10 @@ WHERE day=?
|
||||
let was_already_cancelled = tripdetails.max_people == 0;
|
||||
|
||||
sqlx::query!(
|
||||
"UPDATE trip_details SET max_people = ?, notes = ?, trip_type_id = ?, always_show = ?, is_locked = ? WHERE id = ?",
|
||||
"UPDATE trip_details SET max_people = ?, notes = ?, trip_type_id = ?, is_locked = ? WHERE id = ?",
|
||||
update.max_people,
|
||||
update.notes,
|
||||
update.trip_type,
|
||||
update.always_show,
|
||||
update.is_locked,
|
||||
trip_details_id
|
||||
)
|
||||
@ -338,6 +336,20 @@ WHERE day=?
|
||||
self.cox_id == user_id
|
||||
}
|
||||
|
||||
pub(crate) async fn toggle_always_show(&self, db: &SqlitePool) {
|
||||
if let Some(trip_details) = self.trip_details_id {
|
||||
let new_state = !self.always_show;
|
||||
sqlx::query!(
|
||||
"UPDATE trip_details SET always_show = ? WHERE id = ?",
|
||||
new_state,
|
||||
trip_details
|
||||
)
|
||||
.execute(db)
|
||||
.await
|
||||
.unwrap();
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) async fn get_pinned_for_day(
|
||||
db: &sqlx::Pool<sqlx::Sqlite>,
|
||||
day: NaiveDate,
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
use crate::model::user::User;
|
||||
use chrono::NaiveDate;
|
||||
use chrono::{Local, NaiveDate};
|
||||
use rocket::FromForm;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use sqlx::{FromRow, SqlitePool};
|
||||
@ -33,7 +33,6 @@ pub struct TripDetailsToAdd<'r> {
|
||||
pub notes: Option<&'r str>,
|
||||
pub trip_type: Option<i64>,
|
||||
pub allow_guests: bool,
|
||||
pub always_show: bool,
|
||||
}
|
||||
|
||||
impl TripDetails {
|
||||
@ -59,6 +58,24 @@ WHERE id like ?
|
||||
}
|
||||
}
|
||||
|
||||
pub fn date(&self) -> NaiveDate {
|
||||
NaiveDate::parse_from_str(&self.day, "%Y-%m-%d").unwrap()
|
||||
}
|
||||
|
||||
pub(crate) async fn user_sees_trip(&self, db: &SqlitePool, user: &User) -> bool {
|
||||
let today = Local::now().date_naive();
|
||||
let day_diff = self.date() - today;
|
||||
let day_diff = day_diff.num_days();
|
||||
if day_diff < 0 {
|
||||
// tripdetails is in past
|
||||
return false;
|
||||
}
|
||||
if day_diff <= user.amount_days_to_show(db).await {
|
||||
return true;
|
||||
}
|
||||
self.always_show
|
||||
}
|
||||
|
||||
pub async fn find_by_startingdatetime(
|
||||
db: &SqlitePool,
|
||||
day: String,
|
||||
@ -142,14 +159,13 @@ WHERE day = ? AND planned_starting_time = ?
|
||||
/// Creates a new entry in `trip_details` and returns its id.
|
||||
pub async fn create(db: &SqlitePool, tripdetails: TripDetailsToAdd<'_>) -> i64 {
|
||||
let query = sqlx::query!(
|
||||
"INSERT INTO trip_details(planned_starting_time, max_people, day, notes, allow_guests, trip_type_id, always_show) VALUES(?, ?, ?, ?, ?, ?, ?)" ,
|
||||
"INSERT INTO trip_details(planned_starting_time, max_people, day, notes, allow_guests, trip_type_id) VALUES(?, ?, ?, ?, ?, ?)" ,
|
||||
tripdetails.planned_starting_time,
|
||||
tripdetails.max_people,
|
||||
tripdetails.day,
|
||||
tripdetails.notes,
|
||||
tripdetails.allow_guests,
|
||||
tripdetails.trip_type,
|
||||
tripdetails.always_show
|
||||
)
|
||||
.execute(db)
|
||||
.await
|
||||
@ -305,7 +321,6 @@ mod test {
|
||||
notes: None,
|
||||
allow_guests: false,
|
||||
trip_type: None,
|
||||
always_show: false
|
||||
}
|
||||
)
|
||||
.await,
|
||||
@ -321,7 +336,6 @@ mod test {
|
||||
notes: None,
|
||||
allow_guests: false,
|
||||
trip_type: None,
|
||||
always_show: false
|
||||
}
|
||||
)
|
||||
.await,
|
||||
|
||||
@ -450,6 +450,12 @@ ASKÖ Ruderverein Donau Linz", self.name),
|
||||
false
|
||||
}
|
||||
|
||||
pub async fn allowed_to_update_always_show_trip(&self, db: &SqlitePool) -> bool {
|
||||
AllowedToUpdateTripToAlwaysBeShownUser::new(db, self.clone())
|
||||
.await
|
||||
.is_some()
|
||||
}
|
||||
|
||||
pub async fn has_membership_pdf(&self, db: &SqlitePool) -> bool {
|
||||
match sqlx::query_scalar!("SELECT membership_pdf FROM user WHERE id = ?", self.id)
|
||||
.fetch_one(db)
|
||||
@ -879,7 +885,7 @@ ORDER BY last_access DESC
|
||||
days
|
||||
}
|
||||
|
||||
async fn amount_days_to_show(&self, db: &SqlitePool) -> i64 {
|
||||
pub(crate) async fn amount_days_to_show(&self, db: &SqlitePool) -> i64 {
|
||||
if self.has_role(db, "cox").await {
|
||||
let end_of_year = NaiveDate::from_ymd_opt(Local::now().year(), 12, 31).unwrap(); //Ok,
|
||||
//december
|
||||
@ -890,7 +896,7 @@ ORDER BY last_access DESC
|
||||
.num_days()
|
||||
+ 1;
|
||||
|
||||
if days_left_in_year < 30 {
|
||||
if days_left_in_year <= 31 {
|
||||
let end_of_next_year =
|
||||
NaiveDate::from_ymd_opt(Local::now().year() + 1, 12, 31).unwrap(); //Ok,
|
||||
//december
|
||||
@ -1028,6 +1034,7 @@ special_user!(VorstandUser, +"Vorstand");
|
||||
special_user!(EventUser, +"manage_events");
|
||||
special_user!(AllowedToEditPaymentStatusUser, +"kassier", +"admin");
|
||||
special_user!(ManageUserUser, +"admin", +"schriftfuehrer");
|
||||
special_user!(AllowedToUpdateTripToAlwaysBeShownUser, +"admin");
|
||||
|
||||
#[derive(FromRow, Serialize, Deserialize, Clone, Debug)]
|
||||
pub struct UserWithRolesAndMembershipPdf {
|
||||
|
||||
@ -24,6 +24,10 @@ impl UserTrip {
|
||||
return Err(UserTripError::GuestNotAllowedForThisEvent);
|
||||
}
|
||||
|
||||
if !trip_details.user_sees_trip(db, user).await {
|
||||
return Err(UserTripError::NotVisibleToUser);
|
||||
}
|
||||
|
||||
//TODO: Check if user sees the event (otherwise she could forge trip_details_id)
|
||||
|
||||
let is_cox = trip_details.user_is_cox(db, user).await;
|
||||
@ -96,6 +100,10 @@ impl UserTrip {
|
||||
return Err(UserTripDeleteError::DetailsLocked);
|
||||
}
|
||||
|
||||
if !trip_details.user_sees_trip(db, user).await {
|
||||
return Err(UserTripDeleteError::NotVisibleToUser);
|
||||
}
|
||||
|
||||
if let Some(name) = name {
|
||||
if !trip_details.user_allowed_to_change(db, user).await {
|
||||
return Err(UserTripDeleteError::NotAllowedToDeleteGuest);
|
||||
@ -137,6 +145,7 @@ pub enum UserTripError {
|
||||
CantRegisterAtOwnEvent,
|
||||
GuestNotAllowedForThisEvent,
|
||||
NotAllowedToAddGuest,
|
||||
NotVisibleToUser,
|
||||
}
|
||||
|
||||
#[derive(Debug, PartialEq)]
|
||||
@ -144,6 +153,7 @@ pub enum UserTripDeleteError {
|
||||
DetailsLocked,
|
||||
GuestNotParticipating,
|
||||
NotAllowedToDeleteGuest,
|
||||
NotVisibleToUser,
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
|
||||
Reference in New Issue
Block a user