be able to update data individually; Fixes #951
All checks were successful
CI/CD Pipeline / test (push) Successful in 14m36s
CI/CD Pipeline / deploy-staging (push) Has been skipped
CI/CD Pipeline / deploy-main (push) Has been skipped

This commit is contained in:
Philipp Hofer 2025-04-30 11:06:10 +02:00
parent 90087843ad
commit c8d5c633d7
8 changed files with 589 additions and 221 deletions

View File

@ -3,7 +3,7 @@ use std::{error::Error, fs};
use lettre::{
message::{header::ContentType, Attachment, MultiPart, SinglePart},
transport::smtp::authentication::Credentials,
Message, SmtpTransport, Transport,
Address, Message, SmtpTransport, Transport,
};
use sqlx::{Sqlite, SqlitePool, Transaction};
@ -374,3 +374,13 @@ Der Vorstand");
}
}
}
pub(crate) fn valid_mails(mails: &str) -> bool {
let splitted = mails.split(',');
for single_rec in splitted {
if single_rec.parse::<Address>().is_err() {
return false;
}
}
true
}

View File

@ -1,4 +1,4 @@
use std::ops::DerefMut;
use std::{fmt::Display, ops::DerefMut};
use serde::{Deserialize, Serialize};
use sqlx::{FromRow, Sqlite, SqlitePool, Transaction};
@ -10,6 +10,12 @@ pub struct Role {
pub(crate) cluster: Option<String>,
}
impl Display for Role {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{}", self.name)
}
}
impl Role {
pub async fn all(db: &SqlitePool) -> Vec<Role> {
sqlx::query_as!(Role, "SELECT id, name, cluster FROM role")

199
src/model/user/basic.rs Normal file
View File

@ -0,0 +1,199 @@
// TODO: put back in `src/model/user/mod.rs` once that is cleaned up
use super::{AllowedToEditPaymentStatusUser, ManageUserUser, User};
use crate::model::{log::Log, mail::valid_mails, role::Role};
use sqlx::SqlitePool;
impl User {
pub(crate) async fn update_mail(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
new_mail: &str,
) -> Result<(), String> {
let new_mail = new_mail.trim();
if !valid_mails(new_mail) {
return Err(format!(
"{new_mail} ist kein gültiges Format für eine Mailadresse"
));
}
sqlx::query!("UPDATE user SET mail = ? where id = ?", new_mail, self.id)
.execute(db)
.await
.unwrap(); //Okay, because we can only create a User of a valid id
let msg = match &self.mail {
Some(old_mail) => format!(
"{updated_by} has changed the mail address of {self} from {old_mail} to {new_mail}"
),
None => format!("{updated_by} has added a mail address for {self}: {new_mail}"),
};
Log::create(db, msg).await;
Ok(())
}
pub(crate) async fn update_phone(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
new_phone: &str,
) -> Result<(), String> {
let new_phone = new_phone.trim();
let query = if new_phone.is_empty() {
sqlx::query!("UPDATE user SET phone = NULL where id = ?", self.id)
} else {
sqlx::query!("UPDATE user SET phone = ? where id = ?", new_phone, self.id)
};
query.execute(db).await.unwrap(); //Okay, because we can only create a User of a valid id
let msg = match &self.phone {
Some(old_phone) if new_phone.is_empty() => format!("{updated_by} has removed the phone number of {self} (old number: {old_phone})"),
Some(old_phone) => format!("{updated_by} has changed the phone number of {self} from {old_phone} to {new_phone}"),
None => format!("{updated_by} has added a phone number for {self}: {new_phone}")
};
Log::create(db, msg).await;
Ok(())
}
pub(crate) async fn update_nickname(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
new_nickname: &str,
) -> Result<(), String> {
let new_nickname = new_nickname.trim();
let query = if new_nickname.is_empty() {
sqlx::query!("UPDATE user SET nickname = NULL where id = ?", self.id)
} else {
sqlx::query!(
"UPDATE user SET nickname = ? where id = ?",
new_nickname,
self.id
)
};
query.execute(db).await.unwrap(); //Okay, because we can only create a User of a valid id
let msg = match &self.nickname {
Some(old_nickname) if new_nickname.is_empty() => format!("{updated_by} has removed the nickname of {self} (old nickname: {old_nickname})"),
Some(old_nickname) => format!("{updated_by} has changed the nickname of {self} from {old_nickname} to {new_nickname}"),
None => format!("{updated_by} has added a nickname for {self}: {new_nickname}")
};
Log::create(db, msg).await;
Ok(())
}
pub(crate) async fn remove_role(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
role: &Role,
) -> Result<(), String> {
if !self.has_role(db, &role.name).await {
return Err(format!("Kann Rolle {role} von User {self} nicht entfernen, da der User die Rolle gar nicht hat"));
}
sqlx::query!(
"DELETE FROM user_role WHERE user_id = ? and role_id = ?",
self.id,
role.id
)
.execute(db)
.await
.unwrap();
Log::create(
db,
format!("{updated_by} has removed role {role} from user {self}"),
)
.await;
Ok(())
}
pub(crate) async fn has_not_paid(
&self,
db: &SqlitePool,
updated_by: &AllowedToEditPaymentStatusUser,
) {
let paid = Role::find_by_name(db, "paid").await.unwrap();
sqlx::query!(
"DELETE FROM user_role WHERE user_id = ? and role_id = ?",
self.id,
paid.id
)
.execute(db)
.await
.unwrap();
Log::create(
db,
format!("{updated_by} has set that user {self} has NOT paid the fee (yet)"),
)
.await;
}
pub(crate) async fn has_paid(
&self,
db: &SqlitePool,
updated_by: &AllowedToEditPaymentStatusUser,
) {
let paid = Role::find_by_name(db, "paid").await.unwrap();
sqlx::query!(
"INSERT INTO user_role(user_id, role_id) VALUES (?, ?)",
self.id,
paid.id
)
.execute(db)
.await
.expect("paid role has no group");
Log::create(
db,
format!("{updated_by} has set that user {self} has paid the fee (yet)"),
)
.await;
}
pub(crate) async fn add_role(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
role: &Role,
) -> Result<(), String> {
if self.has_role(db, &role.name).await {
return Err(format!("Kann Rolle {role} von User {self} nicht hinzufügen, da der User die Rolle schon hat"));
}
sqlx::query!(
"INSERT INTO user_role(user_id, role_id) VALUES (?, ?)",
self.id,
role.id
)
.execute(db)
.await
.map_err(|_| {
format!(
"User already has a role in the cluster '{}'",
role.cluster
.clone()
.expect("db trigger can't activate on empty string")
)
})?;
Log::create(
db,
format!("{updated_by} has added role {role} to user {self}"),
)
.await;
Ok(())
}
}

View File

@ -1,4 +1,7 @@
use std::ops::{Deref, DerefMut};
use std::{
fmt::Display,
ops::{Deref, DerefMut},
};
use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
use chrono::{Datelike, Local, NaiveDate};
@ -29,6 +32,7 @@ use super::{
use crate::{tera::admin::user::UserEditForm, AMOUNT_DAYS_TO_SHOW_TRIPS_AHEAD};
use scheckbuch::ScheckbuchUser;
mod basic;
mod fee;
mod scheckbuch;
@ -53,6 +57,12 @@ pub struct User {
pub user_token: String,
}
impl Display for User {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{}", self.name)
}
}
#[derive(Debug, Serialize, Deserialize)]
pub struct UserWithDetails {
#[serde(flatten)]
@ -585,26 +595,6 @@ ORDER BY last_access DESC
Ok(())
}
pub async fn add_role(&self, db: &SqlitePool, role: &Role) -> Result<(), String> {
sqlx::query!(
"INSERT INTO user_role(user_id, role_id) VALUES (?, ?)",
self.id,
role.id
)
.execute(db)
.await
.map_err(|_| {
format!(
"User already has a role in the cluster '{}'",
role.cluster
.clone()
.expect("db trigger can't activate on empty string")
)
})?;
Ok(())
}
async fn send_end_mail_scheckbuch(
&self,
db: &mut Transaction<'_, Sqlite>,
@ -658,17 +648,6 @@ ASKÖ Ruderverein Donau Linz", self.name),
Ok(())
}
pub async fn remove_role(&self, db: &SqlitePool, role: &Role) {
sqlx::query!(
"DELETE FROM user_role WHERE user_id = ? and role_id = ?",
self.id,
role.id
)
.execute(db)
.await
.unwrap();
}
pub async fn login(db: &SqlitePool, name: &str, pw: &str) -> Result<Self, LoginError> {
let name = name.trim().to_lowercase(); // just to make sure...
let Some(user) = User::find_by_name(db, &name).await else {
@ -1000,6 +979,12 @@ macro_rules! special_user {
}
}
}
impl std::fmt::Display for $name {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{}", self.name)
}
}
};
(@check_roles $user:ident, $db:ident, $(+$role:expr),* $(,-$neg_role:expr)*) => {
{

View File

@ -1,7 +1,7 @@
use super::User;
use crate::model::user::LoginError;
use crate::{
model::{mail::Mail, notification::Notification, role::Role},
model::{mail::Mail, notification::Notification},
special_user, SCHECKBUCH,
};
use rocket::async_trait;
@ -16,24 +16,24 @@ use std::ops::Deref;
special_user!(ScheckbuchUser, +"scheckbuch");
impl ScheckbuchUser {
async fn from(user: User, db: &SqlitePool, mail: &str, smtp_pw: &str) -> Result<(), String> {
// TODO: see when/how to invoke this function (explicit `Neue Person hinzufügen` button?
// Button to transition existing users to scheckbuch? Automatically called when
// `scheckbuch` is newly selected as role?
if user.has_role(db, "scheckbuch").await {
return Err("User is already a scheckbuch".into());
}
//async fn from(user: User, db: &SqlitePool, mail: &str, smtp_pw: &str) -> Result<(), String> {
// // TODO: see when/how to invoke this function (explicit `Neue Person hinzufügen` button?
// // Button to transition existing users to scheckbuch? Automatically called when
// // `scheckbuch` is newly selected as role?
// if user.has_role(db, "scheckbuch").await {
// return Err("User is already a scheckbuch".into());
// }
// TODO: do we allow e.g. DonauLinz to scheckbuch?
// // TODO: do we allow e.g. DonauLinz to scheckbuch?
let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
user.add_role(db, &scheckbuch).await.unwrap();
// let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
// user.add_role(db, &scheckbuch).await.unwrap();
// TODO: remove all other `membership_type` roles
let new_user = Self::new(db, &user).await.unwrap();
// // TODO: remove all other `membership_type` roles
// let new_user = Self::new(db, &user).await.unwrap();
new_user.notify(db, mail, smtp_pw).await
}
// new_user.notify(db, mail, smtp_pw).await
//}
pub(crate) async fn notify(
&self,

View File

@ -7,14 +7,13 @@ use crate::{
logbook::Logbook,
role::Role,
user::{
AdminUser, AllowedToEditPaymentStatusUser, ManageUserUser, SchnupperBetreuerUser, User,
UserWithDetails, UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser,
AdminUser, AllowedToEditPaymentStatusUser, ManageUserUser, User, UserWithDetails,
UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser,
},
},
tera::Config,
};
use futures::future::join_all;
use lettre::Address;
use rocket::{
form::Form,
fs::TempFile,
@ -221,28 +220,9 @@ async fn fees_paid(
let user = User::find_by_id(db, user_id).await.unwrap();
res.push_str(&format!("{} + ", user.name));
if user.has_role(db, "paid").await {
Log::create(
db,
format!(
"{} set fees NOT paid for '{}'",
calling_user.user.name, user.name
),
)
.await;
user.remove_role(db, &Role::find_by_name(db, "paid").await.unwrap())
.await;
user.has_not_paid(db, &calling_user).await;
} else {
Log::create(
db,
format!(
"{} set fees paid for '{}'",
calling_user.user.name, user.name
),
)
.await;
user.add_role(db, &Role::find_by_name(db, "paid").await.unwrap())
.await
.expect("paid role has no group");
user.has_paid(db, &calling_user).await;
}
}
@ -353,6 +333,153 @@ async fn update(
}
}
#[derive(FromForm, Debug)]
pub struct MailUpdateForm {
mail: String,
}
#[post("/user/<id>/change-mail", data = "<data>")]
async fn update_mail(
db: &State<SqlitePool>,
data: Form<MailUpdateForm>,
admin: ManageUserUser,
id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", id),
);
};
match user.update_mail(db, &admin, &data.mail).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Mailadresse erfolgreich geändert",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[derive(FromForm, Debug)]
pub struct PhoneUpdateForm {
phone: String,
}
#[post("/user/<id>/change-phone", data = "<data>")]
async fn update_phone(
db: &State<SqlitePool>,
data: Form<PhoneUpdateForm>,
admin: ManageUserUser,
id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", id),
);
};
match user.update_phone(db, &admin, &data.phone).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Telefonnummer erfolgreich geändert",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[derive(FromForm, Debug)]
pub struct NicknameUpdateForm {
nickname: String,
}
#[post("/user/<id>/change-nickname", data = "<data>")]
async fn update_nickname(
db: &State<SqlitePool>,
data: Form<NicknameUpdateForm>,
admin: ManageUserUser,
id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", id),
);
};
match user.update_nickname(db, &admin, &data.nickname).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Spitzname erfolgreich geändert",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[derive(FromForm, Debug)]
pub struct AddRoleForm {
role_id: i32,
}
#[post("/user/<id>/add-role", data = "<data>")]
async fn add_role(
db: &State<SqlitePool>,
data: Form<AddRoleForm>,
admin: ManageUserUser,
id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", id),
);
};
let Some(role) = Role::find_by_id(db, data.role_id).await else {
return Flash::error(
Redirect::to("/admin/user/{user_id}"),
format!("Role with ID {} does not exist!", data.role_id),
);
};
match user.add_role(db, &admin, &role).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Rolle erfolgreich hinzugefügt",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[get("/user/<user_id>/remove-role/<role_id>")]
async fn remove_role(
db: &State<SqlitePool>,
admin: ManageUserUser,
user_id: i32,
role_id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, user_id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", user_id),
);
};
let Some(role) = Role::find_by_id(db, role_id).await else {
return Flash::error(
Redirect::to("/admin/user/{user_id}"),
format!("Role with ID {} does not exist!", role_id),
);
};
match user.remove_role(db, &admin, &role).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Rolle erfolgreich gelöscht",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[get("/user/<user>/membership")]
async fn download_membership_pdf(
db: &State<SqlitePool>,
@ -405,102 +532,102 @@ struct UserAddScheckbuchForm<'r> {
mail: &'r str,
}
#[post("/user/new/scheckbuch", data = "<data>")]
async fn create_scheckbuch(
db: &State<SqlitePool>,
data: Form<UserAddScheckbuchForm<'_>>,
admin: VorstandUser,
config: &State<Config>,
) -> Flash<Redirect> {
// 1. Check mail adress
let mail = data.mail.trim();
if mail.parse::<Address>().is_err() {
return Flash::error(
Redirect::to("/admin/user/scheckbuch"),
"Keine gültige Mailadresse".to_string(),
);
}
//#[post("/user/new/scheckbuch", data = "<data>")]
//async fn create_scheckbuch(
// db: &State<SqlitePool>,
// data: Form<UserAddScheckbuchForm<'_>>,
// admin: VorstandUser,
// config: &State<Config>,
//) -> Flash<Redirect> {
// // 1. Check mail adress
// let mail = data.mail.trim();
// if mail.parse::<Address>().is_err() {
// return Flash::error(
// Redirect::to("/admin/user/scheckbuch"),
// "Keine gültige Mailadresse".to_string(),
// );
// }
//
// // 2. Check name
// let name = data.name.trim();
// if User::find_by_name(db, name).await.is_some() {
// return Flash::error(
// Redirect::to("/admin/user/scheckbuch"),
// "Kann kein Scheckbuch erstellen, der Name wird bereits von einem User verwendet"
// .to_string(),
// );
// }
//
// // 3. Create user
// User::create_with_mail(db, name, mail).await;
// let user = User::find_by_name(db, name).await.unwrap();
//
// // 4. Add 'scheckbuch' role
// let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
// user.add_role(db, &scheckbuch)
// .await
// .expect("new user has no roles yet");
//
// // 4. Send welcome mail (+ notification)
// user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
//
// Log::create(
// db,
// format!("{} created new scheckbuch: {data:?}", admin.name),
// )
// .await;
// Flash::success(Redirect::to("/admin/user/scheckbuch"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {mail} verschickt."))
//}
// 2. Check name
let name = data.name.trim();
if User::find_by_name(db, name).await.is_some() {
return Flash::error(
Redirect::to("/admin/user/scheckbuch"),
"Kann kein Scheckbuch erstellen, der Name wird bereits von einem User verwendet"
.to_string(),
);
}
// 3. Create user
User::create_with_mail(db, name, mail).await;
let user = User::find_by_name(db, name).await.unwrap();
// 4. Add 'scheckbuch' role
let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
user.add_role(db, &scheckbuch)
.await
.expect("new user has no roles yet");
// 4. Send welcome mail (+ notification)
user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
Log::create(
db,
format!("{} created new scheckbuch: {data:?}", admin.name),
)
.await;
Flash::success(Redirect::to("/admin/user/scheckbuch"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {mail} verschickt."))
}
#[get("/user/move/schnupperant/<id>/to/scheckbuch")]
async fn schnupper_to_scheckbuch(
db: &State<SqlitePool>,
id: i32,
admin: SchnupperBetreuerUser,
config: &State<Config>,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, id).await else {
return Flash::error(
Redirect::to("/admin/schnupper"),
"user id not found".to_string(),
);
};
if !user.has_role(db, "schnupperant").await {
return Flash::error(
Redirect::to("/admin/schnupper"),
"kein schnupperant...".to_string(),
);
}
let schnupperant = Role::find_by_name(db, "schnupperant").await.unwrap();
let paid = Role::find_by_name(db, "paid").await.unwrap();
user.remove_role(db, &schnupperant).await;
user.remove_role(db, &paid).await;
let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
user.add_role(db, &scheckbuch)
.await
.expect("just removed 'schnupperant' thus can't have a role with that group");
if let Some(no_einschreibgebuehr) = Role::find_by_name(db, "no-einschreibgebuehr").await {
user.add_role(db, &no_einschreibgebuehr)
.await
.expect("role doesn't have a group");
}
user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
Log::create(
db,
format!(
"{} created new scheckbuch (from schnupperant): {}",
admin.name, user.name
),
)
.await;
Flash::success(Redirect::to("/admin/schnupper"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {} verschickt.", user.mail.unwrap()))
}
//#[get("/user/move/schnupperant/<id>/to/scheckbuch")]
//async fn schnupper_to_scheckbuch(
// db: &State<SqlitePool>,
// id: i32,
// admin: SchnupperBetreuerUser,
// config: &State<Config>,
//) -> Flash<Redirect> {
// let Some(user) = User::find_by_id(db, id).await else {
// return Flash::error(
// Redirect::to("/admin/schnupper"),
// "user id not found".to_string(),
// );
// };
//
// if !user.has_role(db, "schnupperant").await {
// return Flash::error(
// Redirect::to("/admin/schnupper"),
// "kein schnupperant...".to_string(),
// );
// }
//
// let schnupperant = Role::find_by_name(db, "schnupperant").await.unwrap();
// let paid = Role::find_by_name(db, "paid").await.unwrap();
// user.remove_role(db, &schnupperant).await;
// user.remove_role(db, &paid).await;
//
// let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
// user.add_role(db, &scheckbuch)
// .await
// .expect("just removed 'schnupperant' thus can't have a role with that group");
//
// if let Some(no_einschreibgebuehr) = Role::find_by_name(db, "no-einschreibgebuehr").await {
// user.add_role(db, &no_einschreibgebuehr)
// .await
// .expect("role doesn't have a group");
// }
//
// user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
//
// Log::create(
// db,
// format!(
// "{} created new scheckbuch (from schnupperant): {}",
// admin.name, user.name
// ),
// )
// .await;
// Flash::success(Redirect::to("/admin/schnupper"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {} verschickt.", user.mail.unwrap()))
//}
pub fn routes() -> Vec<Route> {
routes![
@ -510,13 +637,19 @@ pub fn routes() -> Vec<Route> {
resetpw,
update,
create,
create_scheckbuch,
schnupper_to_scheckbuch,
//create_scheckbuch,
//schnupper_to_scheckbuch,
delete,
fees,
fees_paid,
scheckbuch,
download_membership_pdf,
send_welcome_mail
send_welcome_mail,
//
update_mail,
update_phone,
update_nickname,
add_role,
remove_role,
]
}

View File

@ -1,6 +1,6 @@
use std::env;
use chrono::{Datelike, Utc};
use chrono::Utc;
use rocket::{
form::Form,
fs::TempFile,
@ -145,47 +145,47 @@ pub struct UserAdd {
sex: String,
}
#[post("/set-data", data = "<data>")]
async fn new_user(db: &State<SqlitePool>, data: Form<UserAdd>, user: User) -> Flash<Redirect> {
if user.has_role(db, "ergo").await {
return Flash::error(Redirect::to("/ergo"), "Du hast deine Daten schon eingegeben. Wenn du sie updaten willst, melde dich bitte bei it@rudernlinz.at");
}
// check data
if data.birthyear < 1900 || data.birthyear > chrono::Utc::now().year() - 5 {
return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geburtsjahr...");
}
if data.weight < 20 || data.weight > 200 {
return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Gewicht...");
}
if &data.sex != "f" && &data.sex != "m" {
return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geschlecht...");
}
// set data
user.update_ergo(db, data.birthyear, data.weight, &data.sex)
.await;
// inform all other `ergo` users
let ergo = Role::find_by_name(db, "ergo").await.unwrap();
Notification::create_for_role(
db,
&ergo,
&format!("{} nimmt heuer an der Ergochallenge teil 💪", user.name),
"Ergo Challenge",
None,
None,
)
.await;
// add to `ergo` group
user.add_role(db, &ergo).await.unwrap();
Flash::success(
Redirect::to("/ergo"),
"Du hast deine Daten erfolgreich eingegeben. Viel Spaß beim Schwitzen :-)",
)
}
//#[post("/set-data", data = "<data>")]
//async fn new_user(db: &State<SqlitePool>, data: Form<UserAdd>, user: User) -> Flash<Redirect> {
// if user.has_role(db, "ergo").await {
// return Flash::error(Redirect::to("/ergo"), "Du hast deine Daten schon eingegeben. Wenn du sie updaten willst, melde dich bitte bei it@rudernlinz.at");
// }
//
// // check data
// if data.birthyear < 1900 || data.birthyear > chrono::Utc::now().year() - 5 {
// return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geburtsjahr...");
// }
// if data.weight < 20 || data.weight > 200 {
// return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Gewicht...");
// }
// if &data.sex != "f" && &data.sex != "m" {
// return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geschlecht...");
// }
//
// // set data
// user.update_ergo(db, data.birthyear, data.weight, &data.sex)
// .await;
//
// // inform all other `ergo` users
// let ergo = Role::find_by_name(db, "ergo").await.unwrap();
// Notification::create_for_role(
// db,
// &ergo,
// &format!("{} nimmt heuer an der Ergochallenge teil 💪", user.name),
// "Ergo Challenge",
// None,
// None,
// )
// .await;
//
// // add to `ergo` group
// user.add_role(db, &ergo).await.unwrap();
//
// Flash::success(
// Redirect::to("/ergo"),
// "Du hast deine Daten erfolgreich eingegeben. Viel Spaß beim Schwitzen :-)",
// )
//}
#[derive(FromForm, Debug)]
pub struct ErgoToAdd<'a> {
@ -358,7 +358,10 @@ async fn new_dozen(
}
pub fn routes() -> Vec<Route> {
routes![index, new_thirty, new_dozen, send, reset, update, new_user]
routes![
index, new_thirty, new_dozen, send, reset, update,
// new_user
]
}
#[cfg(test)]

View File

@ -16,10 +16,42 @@
</div>
<div class="py-3">
<ul>
<li>Mail: {{ user.mail }}</li>
<li>Notizen: {{ user.notes }}</li>
<li>Telefon: {{ user.phone }}</li>
<li>Spitzname: {{ user.nickname }}</li>
<li>
Mail: {{ user.mail }}
{% if allowed_to_edit %}
<details>
<summary>✏️</summary>
<form action="/admin/user/{{ user.id }}/change-mail" method="post">
{{ macros::input(label='Neue Mailadresse', name='mail', type="text", value=user.mail) }}
<input value="Ändern" type="submit" class="btn btn-primary ml-1" />
</form>
</details>
{% endif %}
</li>
<li>Notizen: to be replaced with activity :-)</li>
<li>
Telefon: {{ user.phone }}
{% if allowed_to_edit %}
<details>
<summary>✏️</summary>
<form action="/admin/user/{{ user.id }}/change-phone" method="post">
{{ macros::input(label='Neue Telefonnummer', name='phone', type="text", value=user.phone) }}
<input value="Ändern" type="submit" class="btn btn-primary ml-1" />
</form>
</details>
{% endif %}
</li>
<li>Spitzname: {{ user.nickname }}
{% if allowed_to_edit %}
<details>
<summary>✏️</summary>
<form action="/admin/user/{{ user.id }}/change-nickname" method="post">
{{ macros::input(label='Neuer Spitzname', name='nickname', type="text", value=user.nickname) }}
<input value="Ändern" type="submit" class="btn btn-primary ml-1" />
</form>
</details>
{% endif %}
</li>
</ul>
</div>
<div class="py-3">
@ -40,11 +72,11 @@
{% if allowed_to_edit %}
<details>
<summary>+ Rolle</summary>
<form action="/admin/user/{{ user.id }}/add-role">
<form action="/admin/user/{{ user.id }}/add-role" method="post">
<fieldset>
<select id="role_id">
<select name="role_id">
{% for role in roles %}
{% if not role.cluster %}<option value="{{ role.id }}">{{ role.name }}</option>{% endif %}
{% if not role.cluster and role not in user.proper_roles %}<option value="{{ role.id }}">{{ role.name }}</option>{% endif %}
{% endfor %}
</select>
<input value="Rolle hinzufügen" type="submit" class="btn btn-primary ml-1" />