Ruderverein-Donau-Linz/rowt
1
1
Fork 0
Code Issues 30 Pull Requests Actions Packages Projects Wiki Activity

push

Browse Source
This commit is contained in:
philipp 2023-04-04 15:16:21 +02:00
parent 0bdd073d7f
commit cedaba5709
10 changed files with 453 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
README.md
View File

@ -14,20 +14,6 @@
- Link for specific trip
- Basic auth (with e.g. ekrv) to prevent spam bots? (Or on first login there are 2 input fields: name + e.g. name of "strom")
# DB
- trip
- id: i32
- cox_id: i32 (user.id)
- trip_details: Option<i32> (trip_details.id)
- planned_event_id: Option<i32> (planned_event.id)
- created: chrono::DateTime
- user_trip
- trip_details_id: i32 (trip_details.id)
- user_id: i32 (user.id)
- created: chrono::DateTime
# TODO
- [x] User login
- [x] Admin
@ -37,5 +23,5 @@
- [ ] Ausfahrten
- [x] CRUD planned_event
- [x] CRUD trip_details
- [ ] CRUD trip
- [x] CRUD trip
- [ ] CRUD user_trip

21
migration.sql
View File

@ -24,3 +24,24 @@ CREATE TABLE IF NOT EXISTS "planned_event" (
"created_at" text NOT NULL DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY(trip_details_id) REFERENCES trip_details(id) ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS "trip" (
"id" integer NOT NULL PRIMARY KEY AUTOINCREMENT,
"cox_id" INTEGER NOT NULL,
"trip_details_id" INTEGER,
"planned_event_id" INTEGER,
"created_at" text NOT NULL DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY(cox_id) REFERENCES user(id),
FOREIGN KEY(trip_details_id) REFERENCES trip_details(id) ON DELETE CASCADE,
FOREIGN KEY(planned_event_id) REFERENCES planned_event(id) ON DELETE CASCADE,
CONSTRAINT unq UNIQUE (cox_id, planned_event_id) -- allow cox to participate only once for each planned event
);
CREATE TABLE IF NOT EXISTS "user_trip" (
"user_id" INTEGER NOT NULL,
"trip_details_id" INTEGER NOT NULL,
"created_at" text NOT NULL DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY(user_id) REFERENCES user(id),
FOREIGN KEY(trip_details_id) REFERENCES trip_details(id),
CONSTRAINT unq UNIQUE (user_id, trip_details_id) -- allow user to participate only once for each trip
);

11
src/model/mod.rs
View File

@ -2,17 +2,23 @@ use chrono::NaiveDate;
use serde::Serialize;
use sqlx::SqlitePool;
use self::planned_event::PlannedEvent;
use self::{
planned_event::{PlannedEvent, PlannedEventWithUser},
trip::{Trip, TripWithUser},
};
pub mod planned_event;
pub mod trip;
pub mod tripdetails;
pub mod user;
pub mod usertrip;
//pub mod users;
#[derive(Serialize)]
pub struct Day {
day: NaiveDate,
planned_events: Vec<PlannedEvent>,
planned_events: Vec<PlannedEventWithUser>,
trips: Vec<TripWithUser>,
}
impl Day {
@ -20,6 +26,7 @@ impl Day {
Self {
day,
planned_events: PlannedEvent::get_for_day(db, day).await,
trips: Trip::get_for_day(db, day).await,
}
}
}

86
src/model/planned_event.rs
View File

@ -2,7 +2,7 @@ use chrono::NaiveDate;
use serde::Serialize;
use sqlx::SqlitePool;
#[derive(Serialize)]
#[derive(Serialize, Clone)]
pub struct PlannedEvent {
id: i64,
name: String,
@ -15,10 +15,18 @@ pub struct PlannedEvent {
notes: Option<String>,
}
#[derive(Serialize)]
pub struct PlannedEventWithUser {
#[serde(flatten)]
planned_event: PlannedEvent,
cox: Vec<String>,
rower: Vec<String>,
}
impl PlannedEvent {
pub async fn get_for_day(db: &SqlitePool, day: NaiveDate) -> Vec<Self> {
pub async fn get_for_day(db: &SqlitePool, day: NaiveDate) -> Vec<PlannedEventWithUser> {
let day = format!("{}", day);
sqlx::query_as!(
let events = sqlx::query_as!(
PlannedEvent,
"
SELECT planned_event.id, name, planned_amount_cox, allow_guests, trip_details_id, planned_starting_time, max_people, day, notes
@ -30,7 +38,77 @@ WHERE day=?
)
.fetch_all(db)
.await
.unwrap() //TODO: fixme
.unwrap(); //TODO: fixme
let mut ret = Vec::new();
for event in events {
ret.push(PlannedEventWithUser {
planned_event: event.clone(),
cox: Self::get_all_cox_for_id(db, event.id).await,
rower: Self::get_all_rower_for_id(db, event.id).await,
})
}
ret
}
pub async fn rower_can_register(db: &SqlitePool, trip_details_id: i64) -> bool {
let amount_currently_registered = sqlx::query!(
"
SELECT COUNT(*) as count FROM user_trip WHERE trip_details_id = ?
",
trip_details_id
)
.fetch_one(db)
.await
.unwrap(); //TODO: fixme
let amount_currently_registered = amount_currently_registered.count as i64;
let amount_allowed_to_register = sqlx::query!(
"
SELECT max_people FROM trip_details WHERE id = ?
",
trip_details_id
)
.fetch_one(db)
.await
.unwrap(); //TODO: fixme
let amount_allowed_to_register = amount_allowed_to_register.max_people;
amount_currently_registered < amount_allowed_to_register
}
async fn get_all_cox_for_id(db: &SqlitePool, id: i64) -> Vec<String> {
let res = sqlx::query!(
"
SELECT (SELECT name FROM user WHERE cox_id = id) as name FROM trip WHERE planned_event_id = ?
",
id
)
.fetch_all(db)
.await
.unwrap(); //TODO: fixme
let mut ret = Vec::new();
for r in res {
ret.push(r.name);
}
ret
}
async fn get_all_rower_for_id(db: &SqlitePool, id: i64) -> Vec<String> {
let res = sqlx::query!(
"
SELECT (SELECT name FROM user WHERE user_trip.user_id = user.id) as name FROM user_trip WHERE trip_details_id = (SELECT trip_details_id FROM planned_event WHERE id = ?)
",
id
)
.fetch_all(db)
.await
.unwrap(); //TODO: fixme
let mut ret = Vec::new();
for r in res {
ret.push(r.name);
}
ret
}
pub async fn new(

109
src/model/trip.rs Normal file
View File

@ -0,0 +1,109 @@
use chrono::NaiveDate;
use serde::Serialize;
use sqlx::SqlitePool;
#[derive(Serialize, Clone)]
pub struct Trip {
id: i64,
cox_id: i64,
cox_name: String,
trip_details_id: Option<i64>,
planned_starting_time: String,
max_people: i64,
day: String,
notes: Option<String>,
}
#[derive(Serialize)]
pub struct TripWithUser {
#[serde(flatten)]
trip: Trip,
rower: Vec<String>,
}
impl Trip {
pub async fn get_for_day(db: &SqlitePool, day: NaiveDate) -> Vec<TripWithUser> {
let day = format!("{}", day);
let trips = sqlx::query_as!(
Trip,
"
SELECT trip.id, cox_id, user.name as cox_name, trip_details_id, planned_starting_time, max_people, day, notes
FROM trip
INNER JOIN trip_details ON trip.trip_details_id = trip_details.id
INNER JOIN user ON trip.cox_id = user.id
WHERE day=?
",
day
)
.fetch_all(db)
.await
.unwrap(); //TODO: fixme
let mut ret = Vec::new();
for trip in trips {
ret.push(TripWithUser {
trip: trip.clone(),
rower: Self::get_all_rower_for_id(db, trip.id).await,
})
}
ret
}
async fn get_all_rower_for_id(db: &SqlitePool, id: i64) -> Vec<String> {
let res = sqlx::query!(
"
SELECT (SELECT name FROM user WHERE user_trip.user_id = user.id) as name FROM user_trip WHERE trip_details_id = (SELECT trip_details_id FROM trip WHERE id = ?)
",
id
)
.fetch_all(db)
.await
.unwrap(); //TODO: fixme
let mut ret = Vec::new();
for r in res {
ret.push(r.name);
}
ret
}
pub async fn new_own(db: &SqlitePool, cox_id: i64, trip_details_id: i64) {
sqlx::query!(
"INSERT INTO trip (cox_id, trip_details_id) VALUES(?, ?)",
cox_id,
trip_details_id
)
.execute(db)
.await
.unwrap(); //TODO: fixme
}
/// Returns true if successfully inserted; false if not (e.g. because user is already
/// participant
pub async fn new_join(db: &SqlitePool, cox_id: i64, planned_event_id: i64) -> bool {
sqlx::query!(
"INSERT INTO trip (cox_id, planned_event_id) VALUES(?, ?)",
cox_id,
planned_event_id
)
.execute(db)
.await
.is_ok()
}
pub async fn delete(db: &SqlitePool, user_id: i64, planned_event_id: i64) {
let _ = sqlx::query!(
"DELETE FROM trip WHERE cox_id = ? AND planned_event_id = ?",
user_id,
planned_event_id
)
.execute(db)
.await
.is_ok();
}
//pub async fn delete(db: &SqlitePool, id: i64) {
// sqlx::query!("DELETE FROM planned_event WHERE id = ?", id)
// .execute(db)
// .await
// .unwrap(); //TODO: fixme
//}
}

45
src/model/user.rs
View File

@ -1,3 +1,5 @@
use std::ops::Deref;
use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
use rocket::{
async_trait,
@ -34,12 +36,37 @@ impl TryFrom<User> for AdminUser {
}
}
pub struct CoxUser {
user: User,
}
impl Deref for CoxUser {
type Target = User;
fn deref(&self) -> &Self::Target {
&self.user
}
}
impl TryFrom<User> for CoxUser {
type Error = LoginError;
fn try_from(user: User) -> Result<Self, Self::Error> {
if user.is_cox {
Ok(CoxUser { user })
} else {
Err(LoginError::NotACox)
}
}
}
#[derive(Debug)]
pub enum LoginError {
SqlxError(sqlx::Error),
InvalidAuthenticationCombo,
NotLoggedIn,
NotAnAdmin,
NotACox,
NoPasswordSet(User),
}
@ -181,6 +208,24 @@ impl<'r> FromRequest<'r> for AdminUser {
}
}
#[async_trait]
impl<'r> FromRequest<'r> for CoxUser {
type Error = LoginError;
async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
match req.cookies().get_private("loggedin_user") {
Some(user) => {
let user: User = serde_json::from_str(&user.value()).unwrap(); //TODO: fixme
match user.try_into() {
Ok(user) => Outcome::Success(user),
Err(_) => Outcome::Failure((Status::Unauthorized, LoginError::NotAnAdmin)),
}
}
None => Outcome::Failure((Status::Unauthorized, LoginError::NotLoggedIn)),
}
}
}
#[cfg(test)]
mod test {
use crate::testdb;

27
src/model/usertrip.rs Normal file
View File

@ -0,0 +1,27 @@
use sqlx::SqlitePool;
pub struct UserTrip {}
impl UserTrip {
pub async fn new(db: &SqlitePool, user_id: i64, trip_details_id: i64) -> bool {
sqlx::query!(
"INSERT INTO user_trip (user_id, trip_details_id) VALUES(?, ?)",
user_id,
trip_details_id
)
.execute(db)
.await
.is_ok()
}
pub async fn delete(db: &SqlitePool, user_id: i64, trip_details_id: i64) {
let _ = sqlx::query!(
"DELETE FROM user_trip WHERE user_id = ? AND trip_details_id = ?",
user_id,
trip_details_id
)
.execute(db)
.await
.is_ok();
}
}

58
src/rest/cox.rs Normal file
View File

@ -0,0 +1,58 @@
use rocket::{
form::Form,
get, post,
response::{Flash, Redirect},
routes, FromForm, Route, State,
};
use sqlx::SqlitePool;
use crate::model::{trip::Trip, tripdetails::TripDetails, user::CoxUser};
//TODO: add constraints (e.g. planned_amount_cox > 0)
#[derive(FromForm)]
struct AddTripForm {
day: String,
planned_starting_time: String,
max_people: i32,
notes: Option<String>,
}
#[post("/trip", data = "<data>")]
async fn create(db: &State<SqlitePool>, data: Form<AddTripForm>, cox: CoxUser) -> Flash<Redirect> {
//TODO: fix clones()
let trip_details_id = TripDetails::new(
db,
data.planned_starting_time.clone(),
data.max_people,
data.day.clone(),
data.notes.clone(),
)
.await;
//TODO: fix clone()
Trip::new_own(db, cox.id, trip_details_id).await;
Flash::success(Redirect::to("/"), "Successfully planned the event")
}
#[get("/join/<planned_event_id>")]
async fn join(db: &State<SqlitePool>, planned_event_id: i64, cox: CoxUser) -> Flash<Redirect> {
if Trip::new_join(db, cox.id, planned_event_id).await {
Flash::success(Redirect::to("/"), "Danke für's helfen!")
} else {
Flash::error(Redirect::to("/"), "Du nimmst bereits teil!")
}
}
#[get("/remove/<planned_event_id>")]
async fn remove(db: &State<SqlitePool>, planned_event_id: i64, cox: CoxUser) -> Flash<Redirect> {
//TODO: Check if > 2 hrs to event
Trip::delete(db, cox.id, planned_event_id).await;
Flash::success(Redirect::to("/"), "Erfolgreich abgemeldet!")
}
pub fn routes() -> Vec<Route> {
routes![create, join, remove]
}

51
src/rest/mod.rs
View File

@ -1,21 +1,57 @@
use chrono::{Duration, Local, NaiveDate};
use rocket::{catch, catchers, get, response::Redirect, routes, Build, Rocket, State};
use rocket_dyn_templates::{context, Template};
use chrono::{Duration, Local};
use rocket::{
catch, catchers, get,
request::FlashMessage,
response::{Flash, Redirect},
routes, Build, Rocket, State,
};
use rocket_dyn_templates::{context, tera::Context, Template};
use sqlx::SqlitePool;
use crate::model::{user::User, Day};
use crate::model::{planned_event::PlannedEvent, user::User, usertrip::UserTrip, Day};
mod admin;
mod auth;
mod cox;
#[get("/")]
async fn index(db: &State<SqlitePool>, user: User) -> Template {
async fn index(db: &State<SqlitePool>, user: User, flash: Option<FlashMessage<'_>>) -> Template {
let mut days = Vec::new();
for i in 0..6 {
let date = (Local::now() + Duration::days(i)).date_naive();
days.push(Day::new(db, date).await);
}
Template::render("index", context! {loggedin_user: user, days})
let mut context = Context::new();
if let Some(msg) = flash {
context.insert("flash", &msg.into_inner());
}
context.insert("loggedin_user", &user);
context.insert("days", &days);
Template::render("index", context.into_json())
}
#[get("/join/<trip_details_id>")]
async fn join(db: &State<SqlitePool>, trip_details_id: i64, user: User) -> Flash<Redirect> {
if !PlannedEvent::rower_can_register(db, trip_details_id).await {
return Flash::error(Redirect::to("/"), "Bereits ausgebucht!");
}
if UserTrip::new(db, user.id, trip_details_id).await {
Flash::success(Redirect::to("/"), "Erfolgreich angemeldet!")
} else {
Flash::error(Redirect::to("/"), "Du nimmst bereits teil!")
}
}
#[get("/remove/<trip_details_id>")]
async fn remove(db: &State<SqlitePool>, trip_details_id: i64, user: User) -> Flash<Redirect> {
//TODO: Check if > 2 hrs to event
UserTrip::delete(db, user.id, trip_details_id).await;
Flash::success(Redirect::to("/"), "Erfolgreich abgemeldet!")
}
#[catch(401)] //unauthorized
@ -26,8 +62,9 @@ fn unauthorized_error() -> Redirect {
pub fn start(db: SqlitePool) -> Rocket<Build> {
rocket::build()
.manage(db)
.mount("/", routes![index])
.mount("/", routes![index, join, remove])
.mount("/auth", auth::routes())
.mount("/cox", cox::routes())
.mount("/admin", admin::routes())
.register("/", catchers![unauthorized_error])
.attach(Template::fairing())

57
templates/index.html.tera
View File

@ -39,12 +39,56 @@
Planned starting time: {{ planned_event.planned_starting_time }}<br />
Max people: {{ planned_event.max_people }}<br />
Notes: {{ planned_event.notes }}<br />
Folgende Steuerpersonen haben sich schon angemeldet:
{% for cox in planned_event.cox %}
{{ cox }}
{% if cox == loggedin_user.name %}
<a href="/cox/remove/{{ planned_event.id }}">ABMELDEN</a>
{% endif %}
{% endfor %}
<br />
Folgende Ruderer haben sich schon angemeldet:
{% for rower in planned_event.rower%}
{{ rower }}
{% if rower == loggedin_user.name %}
<a href="/remove/{{ planned_event.trip_details_id }}">ABMELDEN</a>
{% endif %}
{% endfor %}
{% if planned_event.max_people > planned_event.rower | length %}
<a href="/join/{{ planned_event.trip_details_id }}">MITRUDERN</a>
{% endif %}
{% if loggedin_user.is_cox %}
<a href="/cox/join/{{ planned_event.id }}">STEUERN</a>
{% endif %}
{% if loggedin_user.is_admin %}
<a href="/admin/planned-event/{{ planned_event.id }}/delete">DELETE</a>
{% endif %}
{% endfor %}
{% for trip in day.trips %}
<h3>Ausfahrt von {{ trip.cox_name }}</h3>
Planned starting time: {{ trip.planned_starting_time }}<br />
Max people: {{ trip.max_people }}<br />
Notes: {{ trip.notes }}<br />
Folgende Ruderer haben sich schon angemeldet:
{% for rower in trip.rower %}
{{ rower }}
{% if rower == loggedin_user.name %}
<a href="/remove/{{ trip.trip_details_id }}">ABMELDEN</a>
{% endif %}
{% endfor %}
{% if trip.max_people > trip.rower | length and trip.cox_id != loggedin_user.id %}
<a href="/join/{{ trip.trip_details_id }}">MITRUDERN</a>
{% endif %}
{% endfor %}
{% if loggedin_user.is_admin %}
<h3>Add planned event</h3>
<form action="/admin/planned-event" method="post">
@ -60,6 +104,19 @@
</form>
{% endif %}
{% if loggedin_user.is_cox%}
<h3>Add trip</h3>
<form action="/cox/trip" method="post">
<input type="hidden" name="day" value="{{ day.day }}" />
<input type="text" name="planned_starting_time" placeholder="Startzeit" />
<input type="number" name="max_people" placeholder="Anzahl Ruderer" />
<input type="text" name="notes" placeholder="Anmerkungen" />
<input type="submit" />
</form>
{% endif %}
<hr/>
{% endfor %}