be able to update data individually; Fixes #951
This commit is contained in:
parent
90087843ad
commit
c8d5c633d7
@ -3,7 +3,7 @@ use std::{error::Error, fs};
|
||||
use lettre::{
|
||||
message::{header::ContentType, Attachment, MultiPart, SinglePart},
|
||||
transport::smtp::authentication::Credentials,
|
||||
Message, SmtpTransport, Transport,
|
||||
Address, Message, SmtpTransport, Transport,
|
||||
};
|
||||
use sqlx::{Sqlite, SqlitePool, Transaction};
|
||||
|
||||
@ -374,3 +374,13 @@ Der Vorstand");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) fn valid_mails(mails: &str) -> bool {
|
||||
let splitted = mails.split(',');
|
||||
for single_rec in splitted {
|
||||
if single_rec.parse::<Address>().is_err() {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
true
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
use std::ops::DerefMut;
|
||||
use std::{fmt::Display, ops::DerefMut};
|
||||
|
||||
use serde::{Deserialize, Serialize};
|
||||
use sqlx::{FromRow, Sqlite, SqlitePool, Transaction};
|
||||
@ -10,6 +10,12 @@ pub struct Role {
|
||||
pub(crate) cluster: Option<String>,
|
||||
}
|
||||
|
||||
impl Display for Role {
|
||||
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
||||
write!(f, "{}", self.name)
|
||||
}
|
||||
}
|
||||
|
||||
impl Role {
|
||||
pub async fn all(db: &SqlitePool) -> Vec<Role> {
|
||||
sqlx::query_as!(Role, "SELECT id, name, cluster FROM role")
|
||||
|
199
src/model/user/basic.rs
Normal file
199
src/model/user/basic.rs
Normal file
@ -0,0 +1,199 @@
|
||||
// TODO: put back in `src/model/user/mod.rs` once that is cleaned up
|
||||
|
||||
use super::{AllowedToEditPaymentStatusUser, ManageUserUser, User};
|
||||
use crate::model::{log::Log, mail::valid_mails, role::Role};
|
||||
use sqlx::SqlitePool;
|
||||
|
||||
impl User {
|
||||
pub(crate) async fn update_mail(
|
||||
&self,
|
||||
db: &SqlitePool,
|
||||
updated_by: &ManageUserUser,
|
||||
new_mail: &str,
|
||||
) -> Result<(), String> {
|
||||
let new_mail = new_mail.trim();
|
||||
|
||||
if !valid_mails(new_mail) {
|
||||
return Err(format!(
|
||||
"{new_mail} ist kein gültiges Format für eine Mailadresse"
|
||||
));
|
||||
}
|
||||
|
||||
sqlx::query!("UPDATE user SET mail = ? where id = ?", new_mail, self.id)
|
||||
.execute(db)
|
||||
.await
|
||||
.unwrap(); //Okay, because we can only create a User of a valid id
|
||||
|
||||
let msg = match &self.mail {
|
||||
Some(old_mail) => format!(
|
||||
"{updated_by} has changed the mail address of {self} from {old_mail} to {new_mail}"
|
||||
),
|
||||
None => format!("{updated_by} has added a mail address for {self}: {new_mail}"),
|
||||
};
|
||||
Log::create(db, msg).await;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub(crate) async fn update_phone(
|
||||
&self,
|
||||
db: &SqlitePool,
|
||||
updated_by: &ManageUserUser,
|
||||
new_phone: &str,
|
||||
) -> Result<(), String> {
|
||||
let new_phone = new_phone.trim();
|
||||
|
||||
let query = if new_phone.is_empty() {
|
||||
sqlx::query!("UPDATE user SET phone = NULL where id = ?", self.id)
|
||||
} else {
|
||||
sqlx::query!("UPDATE user SET phone = ? where id = ?", new_phone, self.id)
|
||||
};
|
||||
query.execute(db).await.unwrap(); //Okay, because we can only create a User of a valid id
|
||||
|
||||
let msg = match &self.phone {
|
||||
Some(old_phone) if new_phone.is_empty() => format!("{updated_by} has removed the phone number of {self} (old number: {old_phone})"),
|
||||
Some(old_phone) => format!("{updated_by} has changed the phone number of {self} from {old_phone} to {new_phone}"),
|
||||
None => format!("{updated_by} has added a phone number for {self}: {new_phone}")
|
||||
};
|
||||
Log::create(db, msg).await;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub(crate) async fn update_nickname(
|
||||
&self,
|
||||
db: &SqlitePool,
|
||||
updated_by: &ManageUserUser,
|
||||
new_nickname: &str,
|
||||
) -> Result<(), String> {
|
||||
let new_nickname = new_nickname.trim();
|
||||
|
||||
let query = if new_nickname.is_empty() {
|
||||
sqlx::query!("UPDATE user SET nickname = NULL where id = ?", self.id)
|
||||
} else {
|
||||
sqlx::query!(
|
||||
"UPDATE user SET nickname = ? where id = ?",
|
||||
new_nickname,
|
||||
self.id
|
||||
)
|
||||
};
|
||||
query.execute(db).await.unwrap(); //Okay, because we can only create a User of a valid id
|
||||
|
||||
let msg = match &self.nickname {
|
||||
Some(old_nickname) if new_nickname.is_empty() => format!("{updated_by} has removed the nickname of {self} (old nickname: {old_nickname})"),
|
||||
Some(old_nickname) => format!("{updated_by} has changed the nickname of {self} from {old_nickname} to {new_nickname}"),
|
||||
None => format!("{updated_by} has added a nickname for {self}: {new_nickname}")
|
||||
};
|
||||
Log::create(db, msg).await;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub(crate) async fn remove_role(
|
||||
&self,
|
||||
db: &SqlitePool,
|
||||
updated_by: &ManageUserUser,
|
||||
role: &Role,
|
||||
) -> Result<(), String> {
|
||||
if !self.has_role(db, &role.name).await {
|
||||
return Err(format!("Kann Rolle {role} von User {self} nicht entfernen, da der User die Rolle gar nicht hat"));
|
||||
}
|
||||
|
||||
sqlx::query!(
|
||||
"DELETE FROM user_role WHERE user_id = ? and role_id = ?",
|
||||
self.id,
|
||||
role.id
|
||||
)
|
||||
.execute(db)
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
Log::create(
|
||||
db,
|
||||
format!("{updated_by} has removed role {role} from user {self}"),
|
||||
)
|
||||
.await;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub(crate) async fn has_not_paid(
|
||||
&self,
|
||||
db: &SqlitePool,
|
||||
updated_by: &AllowedToEditPaymentStatusUser,
|
||||
) {
|
||||
let paid = Role::find_by_name(db, "paid").await.unwrap();
|
||||
|
||||
sqlx::query!(
|
||||
"DELETE FROM user_role WHERE user_id = ? and role_id = ?",
|
||||
self.id,
|
||||
paid.id
|
||||
)
|
||||
.execute(db)
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
Log::create(
|
||||
db,
|
||||
format!("{updated_by} has set that user {self} has NOT paid the fee (yet)"),
|
||||
)
|
||||
.await;
|
||||
}
|
||||
pub(crate) async fn has_paid(
|
||||
&self,
|
||||
db: &SqlitePool,
|
||||
updated_by: &AllowedToEditPaymentStatusUser,
|
||||
) {
|
||||
let paid = Role::find_by_name(db, "paid").await.unwrap();
|
||||
|
||||
sqlx::query!(
|
||||
"INSERT INTO user_role(user_id, role_id) VALUES (?, ?)",
|
||||
self.id,
|
||||
paid.id
|
||||
)
|
||||
.execute(db)
|
||||
.await
|
||||
.expect("paid role has no group");
|
||||
|
||||
Log::create(
|
||||
db,
|
||||
format!("{updated_by} has set that user {self} has paid the fee (yet)"),
|
||||
)
|
||||
.await;
|
||||
}
|
||||
|
||||
pub(crate) async fn add_role(
|
||||
&self,
|
||||
db: &SqlitePool,
|
||||
updated_by: &ManageUserUser,
|
||||
role: &Role,
|
||||
) -> Result<(), String> {
|
||||
if self.has_role(db, &role.name).await {
|
||||
return Err(format!("Kann Rolle {role} von User {self} nicht hinzufügen, da der User die Rolle schon hat"));
|
||||
}
|
||||
|
||||
sqlx::query!(
|
||||
"INSERT INTO user_role(user_id, role_id) VALUES (?, ?)",
|
||||
self.id,
|
||||
role.id
|
||||
)
|
||||
.execute(db)
|
||||
.await
|
||||
.map_err(|_| {
|
||||
format!(
|
||||
"User already has a role in the cluster '{}'",
|
||||
role.cluster
|
||||
.clone()
|
||||
.expect("db trigger can't activate on empty string")
|
||||
)
|
||||
})?;
|
||||
|
||||
Log::create(
|
||||
db,
|
||||
format!("{updated_by} has added role {role} to user {self}"),
|
||||
)
|
||||
.await;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
@ -1,4 +1,7 @@
|
||||
use std::ops::{Deref, DerefMut};
|
||||
use std::{
|
||||
fmt::Display,
|
||||
ops::{Deref, DerefMut},
|
||||
};
|
||||
|
||||
use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
|
||||
use chrono::{Datelike, Local, NaiveDate};
|
||||
@ -29,6 +32,7 @@ use super::{
|
||||
use crate::{tera::admin::user::UserEditForm, AMOUNT_DAYS_TO_SHOW_TRIPS_AHEAD};
|
||||
use scheckbuch::ScheckbuchUser;
|
||||
|
||||
mod basic;
|
||||
mod fee;
|
||||
mod scheckbuch;
|
||||
|
||||
@ -53,6 +57,12 @@ pub struct User {
|
||||
pub user_token: String,
|
||||
}
|
||||
|
||||
impl Display for User {
|
||||
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
||||
write!(f, "{}", self.name)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
pub struct UserWithDetails {
|
||||
#[serde(flatten)]
|
||||
@ -585,26 +595,6 @@ ORDER BY last_access DESC
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub async fn add_role(&self, db: &SqlitePool, role: &Role) -> Result<(), String> {
|
||||
sqlx::query!(
|
||||
"INSERT INTO user_role(user_id, role_id) VALUES (?, ?)",
|
||||
self.id,
|
||||
role.id
|
||||
)
|
||||
.execute(db)
|
||||
.await
|
||||
.map_err(|_| {
|
||||
format!(
|
||||
"User already has a role in the cluster '{}'",
|
||||
role.cluster
|
||||
.clone()
|
||||
.expect("db trigger can't activate on empty string")
|
||||
)
|
||||
})?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn send_end_mail_scheckbuch(
|
||||
&self,
|
||||
db: &mut Transaction<'_, Sqlite>,
|
||||
@ -658,17 +648,6 @@ ASKÖ Ruderverein Donau Linz", self.name),
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub async fn remove_role(&self, db: &SqlitePool, role: &Role) {
|
||||
sqlx::query!(
|
||||
"DELETE FROM user_role WHERE user_id = ? and role_id = ?",
|
||||
self.id,
|
||||
role.id
|
||||
)
|
||||
.execute(db)
|
||||
.await
|
||||
.unwrap();
|
||||
}
|
||||
|
||||
pub async fn login(db: &SqlitePool, name: &str, pw: &str) -> Result<Self, LoginError> {
|
||||
let name = name.trim().to_lowercase(); // just to make sure...
|
||||
let Some(user) = User::find_by_name(db, &name).await else {
|
||||
@ -1000,6 +979,12 @@ macro_rules! special_user {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl std::fmt::Display for $name {
|
||||
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
||||
write!(f, "{}", self.name)
|
||||
}
|
||||
}
|
||||
};
|
||||
(@check_roles $user:ident, $db:ident, $(+$role:expr),* $(,-$neg_role:expr)*) => {
|
||||
{
|
||||
|
@ -1,7 +1,7 @@
|
||||
use super::User;
|
||||
use crate::model::user::LoginError;
|
||||
use crate::{
|
||||
model::{mail::Mail, notification::Notification, role::Role},
|
||||
model::{mail::Mail, notification::Notification},
|
||||
special_user, SCHECKBUCH,
|
||||
};
|
||||
use rocket::async_trait;
|
||||
@ -16,24 +16,24 @@ use std::ops::Deref;
|
||||
special_user!(ScheckbuchUser, +"scheckbuch");
|
||||
|
||||
impl ScheckbuchUser {
|
||||
async fn from(user: User, db: &SqlitePool, mail: &str, smtp_pw: &str) -> Result<(), String> {
|
||||
// TODO: see when/how to invoke this function (explicit `Neue Person hinzufügen` button?
|
||||
// Button to transition existing users to scheckbuch? Automatically called when
|
||||
// `scheckbuch` is newly selected as role?
|
||||
if user.has_role(db, "scheckbuch").await {
|
||||
return Err("User is already a scheckbuch".into());
|
||||
}
|
||||
//async fn from(user: User, db: &SqlitePool, mail: &str, smtp_pw: &str) -> Result<(), String> {
|
||||
// // TODO: see when/how to invoke this function (explicit `Neue Person hinzufügen` button?
|
||||
// // Button to transition existing users to scheckbuch? Automatically called when
|
||||
// // `scheckbuch` is newly selected as role?
|
||||
// if user.has_role(db, "scheckbuch").await {
|
||||
// return Err("User is already a scheckbuch".into());
|
||||
// }
|
||||
|
||||
// TODO: do we allow e.g. DonauLinz to scheckbuch?
|
||||
// // TODO: do we allow e.g. DonauLinz to scheckbuch?
|
||||
|
||||
let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
|
||||
user.add_role(db, &scheckbuch).await.unwrap();
|
||||
// let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
|
||||
// user.add_role(db, &scheckbuch).await.unwrap();
|
||||
|
||||
// TODO: remove all other `membership_type` roles
|
||||
let new_user = Self::new(db, &user).await.unwrap();
|
||||
// // TODO: remove all other `membership_type` roles
|
||||
// let new_user = Self::new(db, &user).await.unwrap();
|
||||
|
||||
new_user.notify(db, mail, smtp_pw).await
|
||||
}
|
||||
// new_user.notify(db, mail, smtp_pw).await
|
||||
//}
|
||||
|
||||
pub(crate) async fn notify(
|
||||
&self,
|
||||
|
@ -7,14 +7,13 @@ use crate::{
|
||||
logbook::Logbook,
|
||||
role::Role,
|
||||
user::{
|
||||
AdminUser, AllowedToEditPaymentStatusUser, ManageUserUser, SchnupperBetreuerUser, User,
|
||||
UserWithDetails, UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser,
|
||||
AdminUser, AllowedToEditPaymentStatusUser, ManageUserUser, User, UserWithDetails,
|
||||
UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser,
|
||||
},
|
||||
},
|
||||
tera::Config,
|
||||
};
|
||||
use futures::future::join_all;
|
||||
use lettre::Address;
|
||||
use rocket::{
|
||||
form::Form,
|
||||
fs::TempFile,
|
||||
@ -221,28 +220,9 @@ async fn fees_paid(
|
||||
let user = User::find_by_id(db, user_id).await.unwrap();
|
||||
res.push_str(&format!("{} + ", user.name));
|
||||
if user.has_role(db, "paid").await {
|
||||
Log::create(
|
||||
db,
|
||||
format!(
|
||||
"{} set fees NOT paid for '{}'",
|
||||
calling_user.user.name, user.name
|
||||
),
|
||||
)
|
||||
.await;
|
||||
user.remove_role(db, &Role::find_by_name(db, "paid").await.unwrap())
|
||||
.await;
|
||||
user.has_not_paid(db, &calling_user).await;
|
||||
} else {
|
||||
Log::create(
|
||||
db,
|
||||
format!(
|
||||
"{} set fees paid for '{}'",
|
||||
calling_user.user.name, user.name
|
||||
),
|
||||
)
|
||||
.await;
|
||||
user.add_role(db, &Role::find_by_name(db, "paid").await.unwrap())
|
||||
.await
|
||||
.expect("paid role has no group");
|
||||
user.has_paid(db, &calling_user).await;
|
||||
}
|
||||
}
|
||||
|
||||
@ -353,6 +333,153 @@ async fn update(
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(FromForm, Debug)]
|
||||
pub struct MailUpdateForm {
|
||||
mail: String,
|
||||
}
|
||||
|
||||
#[post("/user/<id>/change-mail", data = "<data>")]
|
||||
async fn update_mail(
|
||||
db: &State<SqlitePool>,
|
||||
data: Form<MailUpdateForm>,
|
||||
admin: ManageUserUser,
|
||||
id: i32,
|
||||
) -> Flash<Redirect> {
|
||||
let Some(user) = User::find_by_id(db, id).await else {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/user"),
|
||||
format!("User with ID {} does not exist!", id),
|
||||
);
|
||||
};
|
||||
|
||||
match user.update_mail(db, &admin, &data.mail).await {
|
||||
Ok(_) => Flash::success(
|
||||
Redirect::to(format!("/admin/user/{}", user.id)),
|
||||
"Mailadresse erfolgreich geändert",
|
||||
),
|
||||
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(FromForm, Debug)]
|
||||
pub struct PhoneUpdateForm {
|
||||
phone: String,
|
||||
}
|
||||
|
||||
#[post("/user/<id>/change-phone", data = "<data>")]
|
||||
async fn update_phone(
|
||||
db: &State<SqlitePool>,
|
||||
data: Form<PhoneUpdateForm>,
|
||||
admin: ManageUserUser,
|
||||
id: i32,
|
||||
) -> Flash<Redirect> {
|
||||
let Some(user) = User::find_by_id(db, id).await else {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/user"),
|
||||
format!("User with ID {} does not exist!", id),
|
||||
);
|
||||
};
|
||||
|
||||
match user.update_phone(db, &admin, &data.phone).await {
|
||||
Ok(_) => Flash::success(
|
||||
Redirect::to(format!("/admin/user/{}", user.id)),
|
||||
"Telefonnummer erfolgreich geändert",
|
||||
),
|
||||
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(FromForm, Debug)]
|
||||
pub struct NicknameUpdateForm {
|
||||
nickname: String,
|
||||
}
|
||||
|
||||
#[post("/user/<id>/change-nickname", data = "<data>")]
|
||||
async fn update_nickname(
|
||||
db: &State<SqlitePool>,
|
||||
data: Form<NicknameUpdateForm>,
|
||||
admin: ManageUserUser,
|
||||
id: i32,
|
||||
) -> Flash<Redirect> {
|
||||
let Some(user) = User::find_by_id(db, id).await else {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/user"),
|
||||
format!("User with ID {} does not exist!", id),
|
||||
);
|
||||
};
|
||||
|
||||
match user.update_nickname(db, &admin, &data.nickname).await {
|
||||
Ok(_) => Flash::success(
|
||||
Redirect::to(format!("/admin/user/{}", user.id)),
|
||||
"Spitzname erfolgreich geändert",
|
||||
),
|
||||
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(FromForm, Debug)]
|
||||
pub struct AddRoleForm {
|
||||
role_id: i32,
|
||||
}
|
||||
|
||||
#[post("/user/<id>/add-role", data = "<data>")]
|
||||
async fn add_role(
|
||||
db: &State<SqlitePool>,
|
||||
data: Form<AddRoleForm>,
|
||||
admin: ManageUserUser,
|
||||
id: i32,
|
||||
) -> Flash<Redirect> {
|
||||
let Some(user) = User::find_by_id(db, id).await else {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/user"),
|
||||
format!("User with ID {} does not exist!", id),
|
||||
);
|
||||
};
|
||||
let Some(role) = Role::find_by_id(db, data.role_id).await else {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/user/{user_id}"),
|
||||
format!("Role with ID {} does not exist!", data.role_id),
|
||||
);
|
||||
};
|
||||
|
||||
match user.add_role(db, &admin, &role).await {
|
||||
Ok(_) => Flash::success(
|
||||
Redirect::to(format!("/admin/user/{}", user.id)),
|
||||
"Rolle erfolgreich hinzugefügt",
|
||||
),
|
||||
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
|
||||
}
|
||||
}
|
||||
|
||||
#[get("/user/<user_id>/remove-role/<role_id>")]
|
||||
async fn remove_role(
|
||||
db: &State<SqlitePool>,
|
||||
admin: ManageUserUser,
|
||||
user_id: i32,
|
||||
role_id: i32,
|
||||
) -> Flash<Redirect> {
|
||||
let Some(user) = User::find_by_id(db, user_id).await else {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/user"),
|
||||
format!("User with ID {} does not exist!", user_id),
|
||||
);
|
||||
};
|
||||
let Some(role) = Role::find_by_id(db, role_id).await else {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/user/{user_id}"),
|
||||
format!("Role with ID {} does not exist!", role_id),
|
||||
);
|
||||
};
|
||||
|
||||
match user.remove_role(db, &admin, &role).await {
|
||||
Ok(_) => Flash::success(
|
||||
Redirect::to(format!("/admin/user/{}", user.id)),
|
||||
"Rolle erfolgreich gelöscht",
|
||||
),
|
||||
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
|
||||
}
|
||||
}
|
||||
|
||||
#[get("/user/<user>/membership")]
|
||||
async fn download_membership_pdf(
|
||||
db: &State<SqlitePool>,
|
||||
@ -405,102 +532,102 @@ struct UserAddScheckbuchForm<'r> {
|
||||
mail: &'r str,
|
||||
}
|
||||
|
||||
#[post("/user/new/scheckbuch", data = "<data>")]
|
||||
async fn create_scheckbuch(
|
||||
db: &State<SqlitePool>,
|
||||
data: Form<UserAddScheckbuchForm<'_>>,
|
||||
admin: VorstandUser,
|
||||
config: &State<Config>,
|
||||
) -> Flash<Redirect> {
|
||||
// 1. Check mail adress
|
||||
let mail = data.mail.trim();
|
||||
if mail.parse::<Address>().is_err() {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/user/scheckbuch"),
|
||||
"Keine gültige Mailadresse".to_string(),
|
||||
);
|
||||
}
|
||||
//#[post("/user/new/scheckbuch", data = "<data>")]
|
||||
//async fn create_scheckbuch(
|
||||
// db: &State<SqlitePool>,
|
||||
// data: Form<UserAddScheckbuchForm<'_>>,
|
||||
// admin: VorstandUser,
|
||||
// config: &State<Config>,
|
||||
//) -> Flash<Redirect> {
|
||||
// // 1. Check mail adress
|
||||
// let mail = data.mail.trim();
|
||||
// if mail.parse::<Address>().is_err() {
|
||||
// return Flash::error(
|
||||
// Redirect::to("/admin/user/scheckbuch"),
|
||||
// "Keine gültige Mailadresse".to_string(),
|
||||
// );
|
||||
// }
|
||||
//
|
||||
// // 2. Check name
|
||||
// let name = data.name.trim();
|
||||
// if User::find_by_name(db, name).await.is_some() {
|
||||
// return Flash::error(
|
||||
// Redirect::to("/admin/user/scheckbuch"),
|
||||
// "Kann kein Scheckbuch erstellen, der Name wird bereits von einem User verwendet"
|
||||
// .to_string(),
|
||||
// );
|
||||
// }
|
||||
//
|
||||
// // 3. Create user
|
||||
// User::create_with_mail(db, name, mail).await;
|
||||
// let user = User::find_by_name(db, name).await.unwrap();
|
||||
//
|
||||
// // 4. Add 'scheckbuch' role
|
||||
// let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
|
||||
// user.add_role(db, &scheckbuch)
|
||||
// .await
|
||||
// .expect("new user has no roles yet");
|
||||
//
|
||||
// // 4. Send welcome mail (+ notification)
|
||||
// user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
|
||||
//
|
||||
// Log::create(
|
||||
// db,
|
||||
// format!("{} created new scheckbuch: {data:?}", admin.name),
|
||||
// )
|
||||
// .await;
|
||||
// Flash::success(Redirect::to("/admin/user/scheckbuch"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {mail} verschickt."))
|
||||
//}
|
||||
|
||||
// 2. Check name
|
||||
let name = data.name.trim();
|
||||
if User::find_by_name(db, name).await.is_some() {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/user/scheckbuch"),
|
||||
"Kann kein Scheckbuch erstellen, der Name wird bereits von einem User verwendet"
|
||||
.to_string(),
|
||||
);
|
||||
}
|
||||
|
||||
// 3. Create user
|
||||
User::create_with_mail(db, name, mail).await;
|
||||
let user = User::find_by_name(db, name).await.unwrap();
|
||||
|
||||
// 4. Add 'scheckbuch' role
|
||||
let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
|
||||
user.add_role(db, &scheckbuch)
|
||||
.await
|
||||
.expect("new user has no roles yet");
|
||||
|
||||
// 4. Send welcome mail (+ notification)
|
||||
user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
|
||||
|
||||
Log::create(
|
||||
db,
|
||||
format!("{} created new scheckbuch: {data:?}", admin.name),
|
||||
)
|
||||
.await;
|
||||
Flash::success(Redirect::to("/admin/user/scheckbuch"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {mail} verschickt."))
|
||||
}
|
||||
|
||||
#[get("/user/move/schnupperant/<id>/to/scheckbuch")]
|
||||
async fn schnupper_to_scheckbuch(
|
||||
db: &State<SqlitePool>,
|
||||
id: i32,
|
||||
admin: SchnupperBetreuerUser,
|
||||
config: &State<Config>,
|
||||
) -> Flash<Redirect> {
|
||||
let Some(user) = User::find_by_id(db, id).await else {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/schnupper"),
|
||||
"user id not found".to_string(),
|
||||
);
|
||||
};
|
||||
|
||||
if !user.has_role(db, "schnupperant").await {
|
||||
return Flash::error(
|
||||
Redirect::to("/admin/schnupper"),
|
||||
"kein schnupperant...".to_string(),
|
||||
);
|
||||
}
|
||||
|
||||
let schnupperant = Role::find_by_name(db, "schnupperant").await.unwrap();
|
||||
let paid = Role::find_by_name(db, "paid").await.unwrap();
|
||||
user.remove_role(db, &schnupperant).await;
|
||||
user.remove_role(db, &paid).await;
|
||||
|
||||
let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
|
||||
user.add_role(db, &scheckbuch)
|
||||
.await
|
||||
.expect("just removed 'schnupperant' thus can't have a role with that group");
|
||||
|
||||
if let Some(no_einschreibgebuehr) = Role::find_by_name(db, "no-einschreibgebuehr").await {
|
||||
user.add_role(db, &no_einschreibgebuehr)
|
||||
.await
|
||||
.expect("role doesn't have a group");
|
||||
}
|
||||
|
||||
user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
|
||||
|
||||
Log::create(
|
||||
db,
|
||||
format!(
|
||||
"{} created new scheckbuch (from schnupperant): {}",
|
||||
admin.name, user.name
|
||||
),
|
||||
)
|
||||
.await;
|
||||
Flash::success(Redirect::to("/admin/schnupper"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {} verschickt.", user.mail.unwrap()))
|
||||
}
|
||||
//#[get("/user/move/schnupperant/<id>/to/scheckbuch")]
|
||||
//async fn schnupper_to_scheckbuch(
|
||||
// db: &State<SqlitePool>,
|
||||
// id: i32,
|
||||
// admin: SchnupperBetreuerUser,
|
||||
// config: &State<Config>,
|
||||
//) -> Flash<Redirect> {
|
||||
// let Some(user) = User::find_by_id(db, id).await else {
|
||||
// return Flash::error(
|
||||
// Redirect::to("/admin/schnupper"),
|
||||
// "user id not found".to_string(),
|
||||
// );
|
||||
// };
|
||||
//
|
||||
// if !user.has_role(db, "schnupperant").await {
|
||||
// return Flash::error(
|
||||
// Redirect::to("/admin/schnupper"),
|
||||
// "kein schnupperant...".to_string(),
|
||||
// );
|
||||
// }
|
||||
//
|
||||
// let schnupperant = Role::find_by_name(db, "schnupperant").await.unwrap();
|
||||
// let paid = Role::find_by_name(db, "paid").await.unwrap();
|
||||
// user.remove_role(db, &schnupperant).await;
|
||||
// user.remove_role(db, &paid).await;
|
||||
//
|
||||
// let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
|
||||
// user.add_role(db, &scheckbuch)
|
||||
// .await
|
||||
// .expect("just removed 'schnupperant' thus can't have a role with that group");
|
||||
//
|
||||
// if let Some(no_einschreibgebuehr) = Role::find_by_name(db, "no-einschreibgebuehr").await {
|
||||
// user.add_role(db, &no_einschreibgebuehr)
|
||||
// .await
|
||||
// .expect("role doesn't have a group");
|
||||
// }
|
||||
//
|
||||
// user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
|
||||
//
|
||||
// Log::create(
|
||||
// db,
|
||||
// format!(
|
||||
// "{} created new scheckbuch (from schnupperant): {}",
|
||||
// admin.name, user.name
|
||||
// ),
|
||||
// )
|
||||
// .await;
|
||||
// Flash::success(Redirect::to("/admin/schnupper"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {} verschickt.", user.mail.unwrap()))
|
||||
//}
|
||||
|
||||
pub fn routes() -> Vec<Route> {
|
||||
routes![
|
||||
@ -510,13 +637,19 @@ pub fn routes() -> Vec<Route> {
|
||||
resetpw,
|
||||
update,
|
||||
create,
|
||||
create_scheckbuch,
|
||||
schnupper_to_scheckbuch,
|
||||
//create_scheckbuch,
|
||||
//schnupper_to_scheckbuch,
|
||||
delete,
|
||||
fees,
|
||||
fees_paid,
|
||||
scheckbuch,
|
||||
download_membership_pdf,
|
||||
send_welcome_mail
|
||||
send_welcome_mail,
|
||||
//
|
||||
update_mail,
|
||||
update_phone,
|
||||
update_nickname,
|
||||
add_role,
|
||||
remove_role,
|
||||
]
|
||||
}
|
||||
|
@ -1,6 +1,6 @@
|
||||
use std::env;
|
||||
|
||||
use chrono::{Datelike, Utc};
|
||||
use chrono::Utc;
|
||||
use rocket::{
|
||||
form::Form,
|
||||
fs::TempFile,
|
||||
@ -145,47 +145,47 @@ pub struct UserAdd {
|
||||
sex: String,
|
||||
}
|
||||
|
||||
#[post("/set-data", data = "<data>")]
|
||||
async fn new_user(db: &State<SqlitePool>, data: Form<UserAdd>, user: User) -> Flash<Redirect> {
|
||||
if user.has_role(db, "ergo").await {
|
||||
return Flash::error(Redirect::to("/ergo"), "Du hast deine Daten schon eingegeben. Wenn du sie updaten willst, melde dich bitte bei it@rudernlinz.at");
|
||||
}
|
||||
|
||||
// check data
|
||||
if data.birthyear < 1900 || data.birthyear > chrono::Utc::now().year() - 5 {
|
||||
return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geburtsjahr...");
|
||||
}
|
||||
if data.weight < 20 || data.weight > 200 {
|
||||
return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Gewicht...");
|
||||
}
|
||||
if &data.sex != "f" && &data.sex != "m" {
|
||||
return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geschlecht...");
|
||||
}
|
||||
|
||||
// set data
|
||||
user.update_ergo(db, data.birthyear, data.weight, &data.sex)
|
||||
.await;
|
||||
|
||||
// inform all other `ergo` users
|
||||
let ergo = Role::find_by_name(db, "ergo").await.unwrap();
|
||||
Notification::create_for_role(
|
||||
db,
|
||||
&ergo,
|
||||
&format!("{} nimmt heuer an der Ergochallenge teil 💪", user.name),
|
||||
"Ergo Challenge",
|
||||
None,
|
||||
None,
|
||||
)
|
||||
.await;
|
||||
|
||||
// add to `ergo` group
|
||||
user.add_role(db, &ergo).await.unwrap();
|
||||
|
||||
Flash::success(
|
||||
Redirect::to("/ergo"),
|
||||
"Du hast deine Daten erfolgreich eingegeben. Viel Spaß beim Schwitzen :-)",
|
||||
)
|
||||
}
|
||||
//#[post("/set-data", data = "<data>")]
|
||||
//async fn new_user(db: &State<SqlitePool>, data: Form<UserAdd>, user: User) -> Flash<Redirect> {
|
||||
// if user.has_role(db, "ergo").await {
|
||||
// return Flash::error(Redirect::to("/ergo"), "Du hast deine Daten schon eingegeben. Wenn du sie updaten willst, melde dich bitte bei it@rudernlinz.at");
|
||||
// }
|
||||
//
|
||||
// // check data
|
||||
// if data.birthyear < 1900 || data.birthyear > chrono::Utc::now().year() - 5 {
|
||||
// return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geburtsjahr...");
|
||||
// }
|
||||
// if data.weight < 20 || data.weight > 200 {
|
||||
// return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Gewicht...");
|
||||
// }
|
||||
// if &data.sex != "f" && &data.sex != "m" {
|
||||
// return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geschlecht...");
|
||||
// }
|
||||
//
|
||||
// // set data
|
||||
// user.update_ergo(db, data.birthyear, data.weight, &data.sex)
|
||||
// .await;
|
||||
//
|
||||
// // inform all other `ergo` users
|
||||
// let ergo = Role::find_by_name(db, "ergo").await.unwrap();
|
||||
// Notification::create_for_role(
|
||||
// db,
|
||||
// &ergo,
|
||||
// &format!("{} nimmt heuer an der Ergochallenge teil 💪", user.name),
|
||||
// "Ergo Challenge",
|
||||
// None,
|
||||
// None,
|
||||
// )
|
||||
// .await;
|
||||
//
|
||||
// // add to `ergo` group
|
||||
// user.add_role(db, &ergo).await.unwrap();
|
||||
//
|
||||
// Flash::success(
|
||||
// Redirect::to("/ergo"),
|
||||
// "Du hast deine Daten erfolgreich eingegeben. Viel Spaß beim Schwitzen :-)",
|
||||
// )
|
||||
//}
|
||||
|
||||
#[derive(FromForm, Debug)]
|
||||
pub struct ErgoToAdd<'a> {
|
||||
@ -358,7 +358,10 @@ async fn new_dozen(
|
||||
}
|
||||
|
||||
pub fn routes() -> Vec<Route> {
|
||||
routes![index, new_thirty, new_dozen, send, reset, update, new_user]
|
||||
routes![
|
||||
index, new_thirty, new_dozen, send, reset, update,
|
||||
// new_user
|
||||
]
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
|
@ -16,10 +16,42 @@
|
||||
</div>
|
||||
<div class="py-3">
|
||||
<ul>
|
||||
<li>Mail: {{ user.mail }}</li>
|
||||
<li>Notizen: {{ user.notes }}</li>
|
||||
<li>Telefon: {{ user.phone }}</li>
|
||||
<li>Spitzname: {{ user.nickname }}</li>
|
||||
<li>
|
||||
Mail: {{ user.mail }}
|
||||
{% if allowed_to_edit %}
|
||||
<details>
|
||||
<summary>✏️</summary>
|
||||
<form action="/admin/user/{{ user.id }}/change-mail" method="post">
|
||||
{{ macros::input(label='Neue Mailadresse', name='mail', type="text", value=user.mail) }}
|
||||
<input value="Ändern" type="submit" class="btn btn-primary ml-1" />
|
||||
</form>
|
||||
</details>
|
||||
{% endif %}
|
||||
</li>
|
||||
<li>Notizen: to be replaced with activity :-)</li>
|
||||
<li>
|
||||
Telefon: {{ user.phone }}
|
||||
{% if allowed_to_edit %}
|
||||
<details>
|
||||
<summary>✏️</summary>
|
||||
<form action="/admin/user/{{ user.id }}/change-phone" method="post">
|
||||
{{ macros::input(label='Neue Telefonnummer', name='phone', type="text", value=user.phone) }}
|
||||
<input value="Ändern" type="submit" class="btn btn-primary ml-1" />
|
||||
</form>
|
||||
</details>
|
||||
{% endif %}
|
||||
</li>
|
||||
<li>Spitzname: {{ user.nickname }}
|
||||
{% if allowed_to_edit %}
|
||||
<details>
|
||||
<summary>✏️</summary>
|
||||
<form action="/admin/user/{{ user.id }}/change-nickname" method="post">
|
||||
{{ macros::input(label='Neuer Spitzname', name='nickname', type="text", value=user.nickname) }}
|
||||
<input value="Ändern" type="submit" class="btn btn-primary ml-1" />
|
||||
</form>
|
||||
</details>
|
||||
{% endif %}
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
<div class="py-3">
|
||||
@ -40,11 +72,11 @@
|
||||
{% if allowed_to_edit %}
|
||||
<details>
|
||||
<summary>+ Rolle</summary>
|
||||
<form action="/admin/user/{{ user.id }}/add-role">
|
||||
<form action="/admin/user/{{ user.id }}/add-role" method="post">
|
||||
<fieldset>
|
||||
<select id="role_id">
|
||||
<select name="role_id">
|
||||
{% for role in roles %}
|
||||
{% if not role.cluster %}<option value="{{ role.id }}">{{ role.name }}</option>{% endif %}
|
||||
{% if not role.cluster and role not in user.proper_roles %}<option value="{{ role.id }}">{{ role.name }}</option>{% endif %}
|
||||
{% endfor %}
|
||||
</select>
|
||||
<input value="Rolle hinzufügen" type="submit" class="btn btn-primary ml-1" />
|
||||
|
Loading…
x
Reference in New Issue
Block a user