Ruderverein-Donau-Linz/rowt
1
1
Fork 1
Code Issues 50 Pull Requests Actions Packages Projects Wiki Activity

be able to update data individually; Fixes #951
All checks were successful
CI/CD Pipeline / test (push) Successful in 14m36s
Details
CI/CD Pipeline / deploy-staging (push) Has been skipped
Details
CI/CD Pipeline / deploy-main (push) Has been skipped
Details

Browse Source
This commit is contained in:
Philipp Hofer 2025-04-30 11:06:10 +02:00
parent 90087843ad
commit c8d5c633d7
8 changed files with 589 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/model/mail.rs
View File

@ -3,7 +3,7 @@ use std::{error::Error, fs};
use lettre::{ use lettre::{
message::{header::ContentType, Attachment, MultiPart, SinglePart}, message::{header::ContentType, Attachment, MultiPart, SinglePart},
transport::smtp::authentication::Credentials, transport::smtp::authentication::Credentials,
Message, SmtpTransport, Transport, Address, Message, SmtpTransport, Transport,
}; };
use sqlx::{Sqlite, SqlitePool, Transaction}; use sqlx::{Sqlite, SqlitePool, Transaction};
@ -374,3 +374,13 @@ Der Vorstand");
} }
} }
} }
pub(crate) fn valid_mails(mails: &str) -> bool {
let splitted = mails.split(',');
for single_rec in splitted {
if single_rec.parse::<Address>().is_err() {
return false;
}
}
true
}

8
src/model/role.rs
View File

@ -1,4 +1,4 @@
use std::ops::DerefMut; use std::{fmt::Display, ops::DerefMut};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use sqlx::{FromRow, Sqlite, SqlitePool, Transaction}; use sqlx::{FromRow, Sqlite, SqlitePool, Transaction};
@ -10,6 +10,12 @@ pub struct Role {
pub(crate) cluster: Option<String>, pub(crate) cluster: Option<String>,
} }
impl Display for Role {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{}", self.name)
}
}
impl Role { impl Role {
pub async fn all(db: &SqlitePool) -> Vec<Role> { pub async fn all(db: &SqlitePool) -> Vec<Role> {
sqlx::query_as!(Role, "SELECT id, name, cluster FROM role") sqlx::query_as!(Role, "SELECT id, name, cluster FROM role")

199
src/model/user/basic.rs Normal file
View File

@ -0,0 +1,199 @@
// TODO: put back in `src/model/user/mod.rs` once that is cleaned up
use super::{AllowedToEditPaymentStatusUser, ManageUserUser, User};
use crate::model::{log::Log, mail::valid_mails, role::Role};
use sqlx::SqlitePool;
impl User {
pub(crate) async fn update_mail(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
new_mail: &str,
) -> Result<(), String> {
let new_mail = new_mail.trim();
if !valid_mails(new_mail) {
return Err(format!(
"{new_mail} ist kein gültiges Format für eine Mailadresse"
));
}
sqlx::query!("UPDATE user SET mail = ? where id = ?", new_mail, self.id)
.execute(db)
.await
.unwrap(); //Okay, because we can only create a User of a valid id
let msg = match &self.mail {
Some(old_mail) => format!(
"{updated_by} has changed the mail address of {self} from {old_mail} to {new_mail}"
),
None => format!("{updated_by} has added a mail address for {self}: {new_mail}"),
};
Log::create(db, msg).await;
Ok(())
}
pub(crate) async fn update_phone(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
new_phone: &str,
) -> Result<(), String> {
let new_phone = new_phone.trim();
let query = if new_phone.is_empty() {
sqlx::query!("UPDATE user SET phone = NULL where id = ?", self.id)
} else {
sqlx::query!("UPDATE user SET phone = ? where id = ?", new_phone, self.id)
};
query.execute(db).await.unwrap(); //Okay, because we can only create a User of a valid id
let msg = match &self.phone {
Some(old_phone) if new_phone.is_empty() => format!("{updated_by} has removed the phone number of {self} (old number: {old_phone})"),
Some(old_phone) => format!("{updated_by} has changed the phone number of {self} from {old_phone} to {new_phone}"),
None => format!("{updated_by} has added a phone number for {self}: {new_phone}")
};
Log::create(db, msg).await;
Ok(())
}
pub(crate) async fn update_nickname(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
new_nickname: &str,
) -> Result<(), String> {
let new_nickname = new_nickname.trim();
let query = if new_nickname.is_empty() {
sqlx::query!("UPDATE user SET nickname = NULL where id = ?", self.id)
} else {
sqlx::query!(
"UPDATE user SET nickname = ? where id = ?",
new_nickname,
self.id
)
};
query.execute(db).await.unwrap(); //Okay, because we can only create a User of a valid id
let msg = match &self.nickname {
Some(old_nickname) if new_nickname.is_empty() => format!("{updated_by} has removed the nickname of {self} (old nickname: {old_nickname})"),
Some(old_nickname) => format!("{updated_by} has changed the nickname of {self} from {old_nickname} to {new_nickname}"),
None => format!("{updated_by} has added a nickname for {self}: {new_nickname}")
};
Log::create(db, msg).await;
Ok(())
}
pub(crate) async fn remove_role(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
role: &Role,
) -> Result<(), String> {
if !self.has_role(db, &role.name).await {
return Err(format!("Kann Rolle {role} von User {self} nicht entfernen, da der User die Rolle gar nicht hat"));
}
sqlx::query!(
"DELETE FROM user_role WHERE user_id = ? and role_id = ?",
self.id,
role.id
)
.execute(db)
.await
.unwrap();
Log::create(
db,
format!("{updated_by} has removed role {role} from user {self}"),
)
.await;
Ok(())
}
pub(crate) async fn has_not_paid(
&self,
db: &SqlitePool,
updated_by: &AllowedToEditPaymentStatusUser,
) {
let paid = Role::find_by_name(db, "paid").await.unwrap();
sqlx::query!(
"DELETE FROM user_role WHERE user_id = ? and role_id = ?",
self.id,
paid.id
)
.execute(db)
.await
.unwrap();
Log::create(
db,
format!("{updated_by} has set that user {self} has NOT paid the fee (yet)"),
)
.await;
}
pub(crate) async fn has_paid(
&self,
db: &SqlitePool,
updated_by: &AllowedToEditPaymentStatusUser,
) {
let paid = Role::find_by_name(db, "paid").await.unwrap();
sqlx::query!(
"INSERT INTO user_role(user_id, role_id) VALUES (?, ?)",
self.id,
paid.id
)
.execute(db)
.await
.expect("paid role has no group");
Log::create(
db,
format!("{updated_by} has set that user {self} has paid the fee (yet)"),
)
.await;
}
pub(crate) async fn add_role(
&self,
db: &SqlitePool,
updated_by: &ManageUserUser,
role: &Role,
) -> Result<(), String> {
if self.has_role(db, &role.name).await {
return Err(format!("Kann Rolle {role} von User {self} nicht hinzufügen, da der User die Rolle schon hat"));
}
sqlx::query!(
"INSERT INTO user_role(user_id, role_id) VALUES (?, ?)",
self.id,
role.id
)
.execute(db)
.await
.map_err(|_| {
format!(
"User already has a role in the cluster '{}'",
role.cluster
.clone()
.expect("db trigger can't activate on empty string")
)
})?;
Log::create(
db,
format!("{updated_by} has added role {role} to user {self}"),
)
.await;
Ok(())
}
}

49
src/model/user/mod.rs
View File

@ -1,4 +1,7 @@
use std::ops::{Deref, DerefMut}; use std::{
fmt::Display,
ops::{Deref, DerefMut},
};
use argon2::{password_hash::SaltString, Argon2, PasswordHasher}; use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
use chrono::{Datelike, Local, NaiveDate}; use chrono::{Datelike, Local, NaiveDate};
@ -29,6 +32,7 @@ use super::{
use crate::{tera::admin::user::UserEditForm, AMOUNT_DAYS_TO_SHOW_TRIPS_AHEAD}; use crate::{tera::admin::user::UserEditForm, AMOUNT_DAYS_TO_SHOW_TRIPS_AHEAD};
use scheckbuch::ScheckbuchUser; use scheckbuch::ScheckbuchUser;
mod basic;
mod fee; mod fee;
mod scheckbuch; mod scheckbuch;
@ -53,6 +57,12 @@ pub struct User {
pub user_token: String, pub user_token: String,
} }
impl Display for User {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{}", self.name)
}
}
#[derive(Debug, Serialize, Deserialize)] #[derive(Debug, Serialize, Deserialize)]
pub struct UserWithDetails { pub struct UserWithDetails {
#[serde(flatten)] #[serde(flatten)]
@ -585,26 +595,6 @@ ORDER BY last_access DESC
Ok(()) Ok(())
} }
pub async fn add_role(&self, db: &SqlitePool, role: &Role) -> Result<(), String> {
sqlx::query!(
"INSERT INTO user_role(user_id, role_id) VALUES (?, ?)",
self.id,
role.id
)
.execute(db)
.await
.map_err(|_| {
format!(
"User already has a role in the cluster '{}'",
role.cluster
.clone()
.expect("db trigger can't activate on empty string")
)
})?;
Ok(())
}
async fn send_end_mail_scheckbuch( async fn send_end_mail_scheckbuch(
&self, &self,
db: &mut Transaction<'_, Sqlite>, db: &mut Transaction<'_, Sqlite>,
@ -658,17 +648,6 @@ ASKÖ Ruderverein Donau Linz", self.name),
Ok(()) Ok(())
} }
pub async fn remove_role(&self, db: &SqlitePool, role: &Role) {
sqlx::query!(
"DELETE FROM user_role WHERE user_id = ? and role_id = ?",
self.id,
role.id
)
.execute(db)
.await
.unwrap();
}
pub async fn login(db: &SqlitePool, name: &str, pw: &str) -> Result<Self, LoginError> { pub async fn login(db: &SqlitePool, name: &str, pw: &str) -> Result<Self, LoginError> {
let name = name.trim().to_lowercase(); // just to make sure... let name = name.trim().to_lowercase(); // just to make sure...
let Some(user) = User::find_by_name(db, &name).await else { let Some(user) = User::find_by_name(db, &name).await else {
@ -1000,6 +979,12 @@ macro_rules! special_user {
} }
} }
} }
impl std::fmt::Display for $name {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{}", self.name)
}
}
}; };
(@check_roles $user:ident, $db:ident, $(+$role:expr),* $(,-$neg_role:expr)*) => { (@check_roles $user:ident, $db:ident, $(+$role:expr),* $(,-$neg_role:expr)*) => {
{ {

30
src/model/user/scheckbuch.rs
View File

@ -1,7 +1,7 @@
use super::User; use super::User;
use crate::model::user::LoginError; use crate::model::user::LoginError;
use crate::{ use crate::{
model::{mail::Mail, notification::Notification, role::Role}, model::{mail::Mail, notification::Notification},
special_user, SCHECKBUCH, special_user, SCHECKBUCH,
}; };
use rocket::async_trait; use rocket::async_trait;
@ -16,24 +16,24 @@ use std::ops::Deref;
special_user!(ScheckbuchUser, +"scheckbuch"); special_user!(ScheckbuchUser, +"scheckbuch");
impl ScheckbuchUser { impl ScheckbuchUser {
async fn from(user: User, db: &SqlitePool, mail: &str, smtp_pw: &str) -> Result<(), String> { //async fn from(user: User, db: &SqlitePool, mail: &str, smtp_pw: &str) -> Result<(), String> {
// TODO: see when/how to invoke this function (explicit `Neue Person hinzufügen` button? // // TODO: see when/how to invoke this function (explicit `Neue Person hinzufügen` button?
// Button to transition existing users to scheckbuch? Automatically called when // // Button to transition existing users to scheckbuch? Automatically called when
// `scheckbuch` is newly selected as role? // // `scheckbuch` is newly selected as role?
if user.has_role(db, "scheckbuch").await { // if user.has_role(db, "scheckbuch").await {
return Err("User is already a scheckbuch".into()); // return Err("User is already a scheckbuch".into());
} // }
// TODO: do we allow e.g. DonauLinz to scheckbuch? // // TODO: do we allow e.g. DonauLinz to scheckbuch?
let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap(); // let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
user.add_role(db, &scheckbuch).await.unwrap(); // user.add_role(db, &scheckbuch).await.unwrap();
// TODO: remove all other `membership_type` roles // // TODO: remove all other `membership_type` roles
let new_user = Self::new(db, &user).await.unwrap(); // let new_user = Self::new(db, &user).await.unwrap();
new_user.notify(db, mail, smtp_pw).await // new_user.notify(db, mail, smtp_pw).await
} //}
pub(crate) async fn notify( pub(crate) async fn notify(
&self, &self,

377
src/tera/admin/user.rs
View File

@ -7,14 +7,13 @@ use crate::{
logbook::Logbook, logbook::Logbook,
role::Role, role::Role,
user::{ user::{
AdminUser, AllowedToEditPaymentStatusUser, ManageUserUser, SchnupperBetreuerUser, User, AdminUser, AllowedToEditPaymentStatusUser, ManageUserUser, User, UserWithDetails,
UserWithDetails, UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser, UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser,
}, },
}, },
tera::Config, tera::Config,
}; };
use futures::future::join_all; use futures::future::join_all;
use lettre::Address;
use rocket::{ use rocket::{
form::Form, form::Form,
fs::TempFile, fs::TempFile,
@ -221,28 +220,9 @@ async fn fees_paid(
let user = User::find_by_id(db, user_id).await.unwrap(); let user = User::find_by_id(db, user_id).await.unwrap();
res.push_str(&format!("{} + ", user.name)); res.push_str(&format!("{} + ", user.name));
if user.has_role(db, "paid").await { if user.has_role(db, "paid").await {
Log::create( user.has_not_paid(db, &calling_user).await;
db,
format!(
"{} set fees NOT paid for '{}'",
calling_user.user.name, user.name
),
)
.await;
user.remove_role(db, &Role::find_by_name(db, "paid").await.unwrap())
.await;
} else { } else {
Log::create( user.has_paid(db, &calling_user).await;
db,
format!(
"{} set fees paid for '{}'",
calling_user.user.name, user.name
),
)
.await;
user.add_role(db, &Role::find_by_name(db, "paid").await.unwrap())
.await
.expect("paid role has no group");
} }
} }
@ -353,6 +333,153 @@ async fn update(
} }
} }
#[derive(FromForm, Debug)]
pub struct MailUpdateForm {
mail: String,
}
#[post("/user/<id>/change-mail", data = "<data>")]
async fn update_mail(
db: &State<SqlitePool>,
data: Form<MailUpdateForm>,
admin: ManageUserUser,
id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", id),
);
};
match user.update_mail(db, &admin, &data.mail).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Mailadresse erfolgreich geändert",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[derive(FromForm, Debug)]
pub struct PhoneUpdateForm {
phone: String,
}
#[post("/user/<id>/change-phone", data = "<data>")]
async fn update_phone(
db: &State<SqlitePool>,
data: Form<PhoneUpdateForm>,
admin: ManageUserUser,
id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", id),
);
};
match user.update_phone(db, &admin, &data.phone).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Telefonnummer erfolgreich geändert",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[derive(FromForm, Debug)]
pub struct NicknameUpdateForm {
nickname: String,
}
#[post("/user/<id>/change-nickname", data = "<data>")]
async fn update_nickname(
db: &State<SqlitePool>,
data: Form<NicknameUpdateForm>,
admin: ManageUserUser,
id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", id),
);
};
match user.update_nickname(db, &admin, &data.nickname).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Spitzname erfolgreich geändert",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[derive(FromForm, Debug)]
pub struct AddRoleForm {
role_id: i32,
}
#[post("/user/<id>/add-role", data = "<data>")]
async fn add_role(
db: &State<SqlitePool>,
data: Form<AddRoleForm>,
admin: ManageUserUser,
id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", id),
);
};
let Some(role) = Role::find_by_id(db, data.role_id).await else {
return Flash::error(
Redirect::to("/admin/user/{user_id}"),
format!("Role with ID {} does not exist!", data.role_id),
);
};
match user.add_role(db, &admin, &role).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Rolle erfolgreich hinzugefügt",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[get("/user/<user_id>/remove-role/<role_id>")]
async fn remove_role(
db: &State<SqlitePool>,
admin: ManageUserUser,
user_id: i32,
role_id: i32,
) -> Flash<Redirect> {
let Some(user) = User::find_by_id(db, user_id).await else {
return Flash::error(
Redirect::to("/admin/user"),
format!("User with ID {} does not exist!", user_id),
);
};
let Some(role) = Role::find_by_id(db, role_id).await else {
return Flash::error(
Redirect::to("/admin/user/{user_id}"),
format!("Role with ID {} does not exist!", role_id),
);
};
match user.remove_role(db, &admin, &role).await {
Ok(_) => Flash::success(
Redirect::to(format!("/admin/user/{}", user.id)),
"Rolle erfolgreich gelöscht",
),
Err(e) => Flash::error(Redirect::to(format!("/admin/user/{}", user.id)), e),
}
}
#[get("/user/<user>/membership")] #[get("/user/<user>/membership")]
async fn download_membership_pdf( async fn download_membership_pdf(
db: &State<SqlitePool>, db: &State<SqlitePool>,
@ -405,102 +532,102 @@ struct UserAddScheckbuchForm<'r> {
mail: &'r str, mail: &'r str,
} }
#[post("/user/new/scheckbuch", data = "<data>")] //#[post("/user/new/scheckbuch", data = "<data>")]
async fn create_scheckbuch( //async fn create_scheckbuch(
db: &State<SqlitePool>, // db: &State<SqlitePool>,
data: Form<UserAddScheckbuchForm<'_>>, // data: Form<UserAddScheckbuchForm<'_>>,
admin: VorstandUser, // admin: VorstandUser,
config: &State<Config>, // config: &State<Config>,
) -> Flash<Redirect> { //) -> Flash<Redirect> {
// 1. Check mail adress // // 1. Check mail adress
let mail = data.mail.trim(); // let mail = data.mail.trim();
if mail.parse::<Address>().is_err() { // if mail.parse::<Address>().is_err() {
return Flash::error( // return Flash::error(
Redirect::to("/admin/user/scheckbuch"), // Redirect::to("/admin/user/scheckbuch"),
"Keine gültige Mailadresse".to_string(), // "Keine gültige Mailadresse".to_string(),
); // );
} // }
//
// // 2. Check name
// let name = data.name.trim();
// if User::find_by_name(db, name).await.is_some() {
// return Flash::error(
// Redirect::to("/admin/user/scheckbuch"),
// "Kann kein Scheckbuch erstellen, der Name wird bereits von einem User verwendet"
// .to_string(),
// );
// }
//
// // 3. Create user
// User::create_with_mail(db, name, mail).await;
// let user = User::find_by_name(db, name).await.unwrap();
//
// // 4. Add 'scheckbuch' role
// let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
// user.add_role(db, &scheckbuch)
// .await
// .expect("new user has no roles yet");
//
// // 4. Send welcome mail (+ notification)
// user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
//
// Log::create(
// db,
// format!("{} created new scheckbuch: {data:?}", admin.name),
// )
// .await;
// Flash::success(Redirect::to("/admin/user/scheckbuch"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {mail} verschickt."))
//}
// 2. Check name //#[get("/user/move/schnupperant/<id>/to/scheckbuch")]
let name = data.name.trim(); //async fn schnupper_to_scheckbuch(
if User::find_by_name(db, name).await.is_some() { // db: &State<SqlitePool>,
return Flash::error( // id: i32,
Redirect::to("/admin/user/scheckbuch"), // admin: SchnupperBetreuerUser,
"Kann kein Scheckbuch erstellen, der Name wird bereits von einem User verwendet" // config: &State<Config>,
.to_string(), //) -> Flash<Redirect> {
); // let Some(user) = User::find_by_id(db, id).await else {
} // return Flash::error(
// Redirect::to("/admin/schnupper"),
// 3. Create user // "user id not found".to_string(),
User::create_with_mail(db, name, mail).await; // );
let user = User::find_by_name(db, name).await.unwrap(); // };
//
// 4. Add 'scheckbuch' role // if !user.has_role(db, "schnupperant").await {
let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap(); // return Flash::error(
user.add_role(db, &scheckbuch) // Redirect::to("/admin/schnupper"),
.await // "kein schnupperant...".to_string(),
.expect("new user has no roles yet"); // );
// }
// 4. Send welcome mail (+ notification) //
user.send_welcome_email(db, &config.smtp_pw).await.unwrap(); // let schnupperant = Role::find_by_name(db, "schnupperant").await.unwrap();
// let paid = Role::find_by_name(db, "paid").await.unwrap();
Log::create( // user.remove_role(db, &schnupperant).await;
db, // user.remove_role(db, &paid).await;
format!("{} created new scheckbuch: {data:?}", admin.name), //
) // let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
.await; // user.add_role(db, &scheckbuch)
Flash::success(Redirect::to("/admin/user/scheckbuch"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {mail} verschickt.")) // .await
} // .expect("just removed 'schnupperant' thus can't have a role with that group");
//
#[get("/user/move/schnupperant/<id>/to/scheckbuch")] // if let Some(no_einschreibgebuehr) = Role::find_by_name(db, "no-einschreibgebuehr").await {
async fn schnupper_to_scheckbuch( // user.add_role(db, &no_einschreibgebuehr)
db: &State<SqlitePool>, // .await
id: i32, // .expect("role doesn't have a group");
admin: SchnupperBetreuerUser, // }
config: &State<Config>, //
) -> Flash<Redirect> { // user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
let Some(user) = User::find_by_id(db, id).await else { //
return Flash::error( // Log::create(
Redirect::to("/admin/schnupper"), // db,
"user id not found".to_string(), // format!(
); // "{} created new scheckbuch (from schnupperant): {}",
}; // admin.name, user.name
// ),
if !user.has_role(db, "schnupperant").await { // )
return Flash::error( // .await;
Redirect::to("/admin/schnupper"), // Flash::success(Redirect::to("/admin/schnupper"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {} verschickt.", user.mail.unwrap()))
"kein schnupperant...".to_string(), //}
);
}
let schnupperant = Role::find_by_name(db, "schnupperant").await.unwrap();
let paid = Role::find_by_name(db, "paid").await.unwrap();
user.remove_role(db, &schnupperant).await;
user.remove_role(db, &paid).await;
let scheckbuch = Role::find_by_name(db, "scheckbuch").await.unwrap();
user.add_role(db, &scheckbuch)
.await
.expect("just removed 'schnupperant' thus can't have a role with that group");
if let Some(no_einschreibgebuehr) = Role::find_by_name(db, "no-einschreibgebuehr").await {
user.add_role(db, &no_einschreibgebuehr)
.await
.expect("role doesn't have a group");
}
user.send_welcome_email(db, &config.smtp_pw).await.unwrap();
Log::create(
db,
format!(
"{} created new scheckbuch (from schnupperant): {}",
admin.name, user.name
),
)
.await;
Flash::success(Redirect::to("/admin/schnupper"), format!("Scheckbuch erfolgreich erstellt. Eine E-Mail in der alles erklärt wird, wurde an {} verschickt.", user.mail.unwrap()))
}
pub fn routes() -> Vec<Route> { pub fn routes() -> Vec<Route> {
routes![ routes![
@ -510,13 +637,19 @@ pub fn routes() -> Vec<Route> {
resetpw, resetpw,
update, update,
create, create,
create_scheckbuch, //create_scheckbuch,
schnupper_to_scheckbuch, //schnupper_to_scheckbuch,
delete, delete,
fees, fees,
fees_paid, fees_paid,
scheckbuch, scheckbuch,
download_membership_pdf, download_membership_pdf,
send_welcome_mail send_welcome_mail,
//
update_mail,
update_phone,
update_nickname,
add_role,
remove_role,
] ]
} }

89
src/tera/ergo.rs
View File

@ -1,6 +1,6 @@
use std::env; use std::env;
use chrono::{Datelike, Utc}; use chrono::Utc;
use rocket::{ use rocket::{
form::Form, form::Form,
fs::TempFile, fs::TempFile,
@ -145,47 +145,47 @@ pub struct UserAdd {
sex: String, sex: String,
} }
#[post("/set-data", data = "<data>")] //#[post("/set-data", data = "<data>")]
async fn new_user(db: &State<SqlitePool>, data: Form<UserAdd>, user: User) -> Flash<Redirect> { //async fn new_user(db: &State<SqlitePool>, data: Form<UserAdd>, user: User) -> Flash<Redirect> {
if user.has_role(db, "ergo").await { // if user.has_role(db, "ergo").await {
return Flash::error(Redirect::to("/ergo"), "Du hast deine Daten schon eingegeben. Wenn du sie updaten willst, melde dich bitte bei it@rudernlinz.at"); // return Flash::error(Redirect::to("/ergo"), "Du hast deine Daten schon eingegeben. Wenn du sie updaten willst, melde dich bitte bei it@rudernlinz.at");
} // }
//
// check data // // check data
if data.birthyear < 1900 || data.birthyear > chrono::Utc::now().year() - 5 { // if data.birthyear < 1900 || data.birthyear > chrono::Utc::now().year() - 5 {
return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geburtsjahr..."); // return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geburtsjahr...");
} // }
if data.weight < 20 || data.weight > 200 { // if data.weight < 20 || data.weight > 200 {
return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Gewicht..."); // return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Gewicht...");
} // }
if &data.sex != "f" && &data.sex != "m" { // if &data.sex != "f" && &data.sex != "m" {
return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geschlecht..."); // return Flash::error(Redirect::to("/ergo"), "Bitte überprüfe dein Geschlecht...");
} // }
//
// set data // // set data
user.update_ergo(db, data.birthyear, data.weight, &data.sex) // user.update_ergo(db, data.birthyear, data.weight, &data.sex)
.await; // .await;
//
// inform all other `ergo` users // // inform all other `ergo` users
let ergo = Role::find_by_name(db, "ergo").await.unwrap(); // let ergo = Role::find_by_name(db, "ergo").await.unwrap();
Notification::create_for_role( // Notification::create_for_role(
db, // db,
&ergo, // &ergo,
&format!("{} nimmt heuer an der Ergochallenge teil 💪", user.name), // &format!("{} nimmt heuer an der Ergochallenge teil 💪", user.name),
"Ergo Challenge", // "Ergo Challenge",
None, // None,
None, // None,
) // )
.await; // .await;
//
// add to `ergo` group // // add to `ergo` group
user.add_role(db, &ergo).await.unwrap(); // user.add_role(db, &ergo).await.unwrap();
//
Flash::success( // Flash::success(
Redirect::to("/ergo"), // Redirect::to("/ergo"),
"Du hast deine Daten erfolgreich eingegeben. Viel Spaß beim Schwitzen :-)", // "Du hast deine Daten erfolgreich eingegeben. Viel Spaß beim Schwitzen :-)",
) // )
} //}
#[derive(FromForm, Debug)] #[derive(FromForm, Debug)]
pub struct ErgoToAdd<'a> { pub struct ErgoToAdd<'a> {
@ -358,7 +358,10 @@ async fn new_dozen(
} }
pub fn routes() -> Vec<Route> { pub fn routes() -> Vec<Route> {
routes![index, new_thirty, new_dozen, send, reset, update, new_user] routes![
index, new_thirty, new_dozen, send, reset, update,
// new_user
]
} }
#[cfg(test)] #[cfg(test)]

46
templates/admin/user/view.html.tera
View File

@ -16,10 +16,42 @@
</div> </div>
<div class="py-3"> <div class="py-3">
<ul> <ul>
<li>Mail: {{ user.mail }}</li> <li>
<li>Notizen: {{ user.notes }}</li> Mail: {{ user.mail }}
<li>Telefon: {{ user.phone }}</li> {% if allowed_to_edit %}
<li>Spitzname: {{ user.nickname }}</li> <details>
<summary>✏️</summary>
<form action="/admin/user/{{ user.id }}/change-mail" method="post">
{{ macros::input(label='Neue Mailadresse', name='mail', type="text", value=user.mail) }}
<input value="Ändern" type="submit" class="btn btn-primary ml-1" />
</form>
</details>
{% endif %}
</li>
<li>Notizen: to be replaced with activity :-)</li>
<li>
Telefon: {{ user.phone }}
{% if allowed_to_edit %}
<details>
<summary>✏️</summary>
<form action="/admin/user/{{ user.id }}/change-phone" method="post">
{{ macros::input(label='Neue Telefonnummer', name='phone', type="text", value=user.phone) }}
<input value="Ändern" type="submit" class="btn btn-primary ml-1" />
</form>
</details>
{% endif %}
</li>
<li>Spitzname: {{ user.nickname }}
{% if allowed_to_edit %}
<details>
<summary>✏️</summary>
<form action="/admin/user/{{ user.id }}/change-nickname" method="post">
{{ macros::input(label='Neuer Spitzname', name='nickname', type="text", value=user.nickname) }}
<input value="Ändern" type="submit" class="btn btn-primary ml-1" />
</form>
</details>
{% endif %}
</li>
</ul> </ul>
</div> </div>
<div class="py-3"> <div class="py-3">
@ -40,11 +72,11 @@
{% if allowed_to_edit %} {% if allowed_to_edit %}
<details> <details>
<summary>+ Rolle</summary> <summary>+ Rolle</summary>
<form action="/admin/user/{{ user.id }}/add-role"> <form action="/admin/user/{{ user.id }}/add-role" method="post">
<fieldset> <fieldset>
<select id="role_id"> <select name="role_id">
{% for role in roles %} {% for role in roles %}
{% if not role.cluster %}<option value="{{ role.id }}">{{ role.name }}</option>{% endif %} {% if not role.cluster and role not in user.proper_roles %}<option value="{{ role.id }}">{{ role.name }}</option>{% endif %}
{% endfor %} {% endfor %}
</select> </select>
<input value="Rolle hinzufügen" type="submit" class="btn btn-primary ml-1" /> <input value="Rolle hinzufügen" type="submit" class="btn btn-primary ml-1" />