show alert messages in admin view

README.md

@@ -7,7 +7,6 @@
 - Wanderfahrt: ⛱
 
 # Notes / Bugfixes
-- [] delete flag user administration
 - [] max_people = 0 -> Rot hervorheben, dass Ausfahrt abgesagt wurde?
 - [] my trips for cox
 - [] add `trip_type` (id, name, desc, question, icon) with a FK to `trip_details`

migration.sql

@@ -4,7 +4,8 @@ CREATE TABLE IF NOT EXISTS "user" (
 	"pw" text, 
 	"is_cox" boolean NOT NULL DEFAULT FALSE,
 	"is_admin" boolean NOT NULL DEFAULT FALSE,
-	"is_guest" boolean NOT NULL DEFAULT TRUE
+	"is_guest" boolean NOT NULL DEFAULT TRUE,
+	"deleted" boolean NOT NULL DEFAULT FALSE
 );
 
 CREATE TABLE IF NOT EXISTS "trip_details" (

src/model/user.rs

@@ -18,6 +18,7 @@ pub struct User {
     pub is_cox: bool,
     is_admin: bool,
     is_guest: bool,
+    deleted: bool,
 }
 
 #[derive(Debug)]
@@ -34,7 +35,7 @@ impl User {
         sqlx::query_as!(
             User,
             "
-SELECT id, name, pw, is_cox, is_admin, is_guest
+SELECT id, name, pw, is_cox, is_admin, is_guest, deleted
 FROM user 
 WHERE id like ?
         ",
@@ -49,7 +50,7 @@ WHERE id like ?
         sqlx::query_as!(
             User,
             "
-SELECT id, name, pw, is_cox, is_admin, is_guest
+SELECT id, name, pw, is_cox, is_admin, is_guest, deleted
 FROM user 
 WHERE name like ?
         ",
@@ -64,8 +65,9 @@ WHERE name like ?
         sqlx::query_as!(
             User,
             "
-SELECT id, name, pw, is_cox, is_admin, is_guest
+SELECT id, name, pw, is_cox, is_admin, is_guest, deleted
 FROM user
+WHERE deleted = 0
 ORDER BY name
         "
         )
@@ -103,6 +105,11 @@ ORDER BY name
             return Err(LoginError::InvalidAuthenticationCombo); // Username not found
         };
 
+        if user.deleted {
+            return Err(LoginError::InvalidAuthenticationCombo); //User existed sometime ago; has
+                                                                //been deleted
+        }
+
         match user.pw.clone() {
             Some(user_pw) => {
                 let password_hash = Self::get_hashed_pw(&pw);
@@ -139,6 +146,13 @@ ORDER BY name
             .unwrap()
             .to_string()
     }
+
+    pub async fn delete(&self, db: &SqlitePool) {
+        sqlx::query!("UPDATE user SET deleted=1 WHERE id=?", self.id)
+            .execute(db)
+            .await
+            .unwrap(); //Okay, because we can only create a User of a valid id
+    }
 }
 
 #[async_trait]

src/rest/admin/user.rs

@@ -32,6 +32,21 @@ async fn resetpw(db: &State<SqlitePool>, _admin: AdminUser, user: i32) -> Flash<
     }
 }
 
+#[get("/user/<user>/delete")]
+async fn delete(db: &State<SqlitePool>, _admin: AdminUser, user: i32) -> Flash<Redirect> {
+    let user = User::find_by_id(db, user).await;
+    match user {
+        Some(user) => {
+            user.delete(db).await;
+            Flash::success(
+                Redirect::to("/admin/user"),
+                format!("Sucessfully deleted user {}", user.name),
+            )
+        }
+        None => Flash::error(Redirect::to("/admin/user"), "User does not exist"),
+    }
+}
+
 #[derive(FromForm)]
 struct UserEditForm {
     id: i32,
@@ -84,5 +99,5 @@ async fn create(
 }
 
 pub fn routes() -> Vec<Route> {
-    routes![index, resetpw, update, create]
+    routes![index, resetpw, update, create, delete]
 }

templates/admin/user/index.html.tera

@@ -50,6 +50,7 @@
        {% if user.pw %}
         <a class="inline-block mt-1 text-primary-600 hover:text-primary-900 underline" href="/admin/user/{{ user.id }}/reset-pw">Passwort zurücksetzen</a>
       {% endif %}
+        <a class="inline-block mt-1 text-primary-600 hover:text-primary-900 underline" href="/admin/user/{{ user.id }}/delete" onclick="return confirm('Really delete user?');">User löschen</a>
     </div>
 		<div>
       <input value="Ändern" type="submit" class="w-28 rounded-md bg-primary-600 px-3 py-2 text-sm font-semibold text-white hover:bg-primary-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary-600 cursor-pointer"/>