From 055c330a3e4813b61bd93436cfd010bc9ea082b6 Mon Sep 17 00:00:00 2001 From: philipp Date: Fri, 28 Apr 2023 19:29:20 +0200 Subject: [PATCH] allow 'deletion' of user --- README.md | 1 - migration.sql | 3 ++- src/model/user.rs | 20 +++++++++++++++++--- src/rest/admin/user.rs | 17 ++++++++++++++++- templates/admin/user/index.html.tera | 1 + 5 files changed, 36 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 2de5be1..b079d5b 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,6 @@ - Wanderfahrt: ⛱ # Notes / Bugfixes -- [] delete flag user administration - [] max_people = 0 -> Rot hervorheben, dass Ausfahrt abgesagt wurde? - [] my trips for cox - [] add `trip_type` (id, name, desc, question, icon) with a FK to `trip_details` diff --git a/migration.sql b/migration.sql index 0459241..01a9b5e 100644 --- a/migration.sql +++ b/migration.sql @@ -4,7 +4,8 @@ CREATE TABLE IF NOT EXISTS "user" ( "pw" text, "is_cox" boolean NOT NULL DEFAULT FALSE, "is_admin" boolean NOT NULL DEFAULT FALSE, - "is_guest" boolean NOT NULL DEFAULT TRUE + "is_guest" boolean NOT NULL DEFAULT TRUE, + "deleted" boolean NOT NULL DEFAULT FALSE ); CREATE TABLE IF NOT EXISTS "trip_details" ( diff --git a/src/model/user.rs b/src/model/user.rs index 90253cb..edb79cb 100644 --- a/src/model/user.rs +++ b/src/model/user.rs @@ -18,6 +18,7 @@ pub struct User { pub is_cox: bool, is_admin: bool, is_guest: bool, + deleted: bool, } #[derive(Debug)] @@ -34,7 +35,7 @@ impl User { sqlx::query_as!( User, " -SELECT id, name, pw, is_cox, is_admin, is_guest +SELECT id, name, pw, is_cox, is_admin, is_guest, deleted FROM user WHERE id like ? ", @@ -49,7 +50,7 @@ WHERE id like ? sqlx::query_as!( User, " -SELECT id, name, pw, is_cox, is_admin, is_guest +SELECT id, name, pw, is_cox, is_admin, is_guest, deleted FROM user WHERE name like ? ", @@ -64,8 +65,9 @@ WHERE name like ? sqlx::query_as!( User, " -SELECT id, name, pw, is_cox, is_admin, is_guest +SELECT id, name, pw, is_cox, is_admin, is_guest, deleted FROM user +WHERE deleted = 0 ORDER BY name " ) @@ -103,6 +105,11 @@ ORDER BY name return Err(LoginError::InvalidAuthenticationCombo); // Username not found }; + if user.deleted { + return Err(LoginError::InvalidAuthenticationCombo); //User existed sometime ago; has + //been deleted + } + match user.pw.clone() { Some(user_pw) => { let password_hash = Self::get_hashed_pw(&pw); @@ -139,6 +146,13 @@ ORDER BY name .unwrap() .to_string() } + + pub async fn delete(&self, db: &SqlitePool) { + sqlx::query!("UPDATE user SET deleted=1 WHERE id=?", self.id) + .execute(db) + .await + .unwrap(); //Okay, because we can only create a User of a valid id + } } #[async_trait] diff --git a/src/rest/admin/user.rs b/src/rest/admin/user.rs index 93fe16a..2c4960e 100644 --- a/src/rest/admin/user.rs +++ b/src/rest/admin/user.rs @@ -32,6 +32,21 @@ async fn resetpw(db: &State, _admin: AdminUser, user: i32) -> Flash< } } +#[get("/user//delete")] +async fn delete(db: &State, _admin: AdminUser, user: i32) -> Flash { + let user = User::find_by_id(db, user).await; + match user { + Some(user) => { + user.delete(db).await; + Flash::success( + Redirect::to("/admin/user"), + format!("Sucessfully deleted user {}", user.name), + ) + } + None => Flash::error(Redirect::to("/admin/user"), "User does not exist"), + } +} + #[derive(FromForm)] struct UserEditForm { id: i32, @@ -84,5 +99,5 @@ async fn create( } pub fn routes() -> Vec { - routes![index, resetpw, update, create] + routes![index, resetpw, update, create, delete] } diff --git a/templates/admin/user/index.html.tera b/templates/admin/user/index.html.tera index b206925..1a617e4 100644 --- a/templates/admin/user/index.html.tera +++ b/templates/admin/user/index.html.tera @@ -46,6 +46,7 @@ {% if user.pw %} Passwort zurücksetzen {% endif %} + User löschen