Compare commits
No commits in common. "0a130709c7033b0b5fe2c0543856e6e722a17676" and "c847c3300f19092f554638035330b81e4081086c" have entirely different histories.
0a130709c7
...
c847c3300f
@ -1001,7 +1001,6 @@ special_user!(SchnupperBetreuerUser, +"schnupper-betreuer");
|
|||||||
special_user!(VorstandUser, +"Vorstand");
|
special_user!(VorstandUser, +"Vorstand");
|
||||||
special_user!(EventUser, +"manage_events");
|
special_user!(EventUser, +"manage_events");
|
||||||
special_user!(AllowedToEditPaymentStatusUser, +"kassier", +"admin");
|
special_user!(AllowedToEditPaymentStatusUser, +"kassier", +"admin");
|
||||||
special_user!(ManageUserUser, +"admin", +"schriftfuehrer");
|
|
||||||
|
|
||||||
#[derive(FromRow, Serialize, Deserialize, Clone, Debug)]
|
#[derive(FromRow, Serialize, Deserialize, Clone, Debug)]
|
||||||
pub struct UserWithRolesAndMembershipPdf {
|
pub struct UserWithRolesAndMembershipPdf {
|
||||||
|
@ -7,7 +7,7 @@ use crate::{
|
|||||||
logbook::Logbook,
|
logbook::Logbook,
|
||||||
role::Role,
|
role::Role,
|
||||||
user::{
|
user::{
|
||||||
AdminUser, AllowedToEditPaymentStatusUser, ManageUserUser, SchnupperBetreuerUser, User,
|
AdminUser, AllowedToEditPaymentStatusUser, SchnupperBetreuerUser, User,
|
||||||
UserWithDetails, UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser,
|
UserWithDetails, UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
@ -56,7 +56,7 @@ async fn index(
|
|||||||
.collect();
|
.collect();
|
||||||
|
|
||||||
let user: User = user.into_inner();
|
let user: User = user.into_inner();
|
||||||
let allowed_to_edit = ManageUserUser::new(db, user.clone()).await.is_some();
|
let allowed_to_edit = user.has_role(db, "admin").await;
|
||||||
|
|
||||||
let users: Vec<UserWithRolesAndMembershipPdf> = join_all(user_futures).await;
|
let users: Vec<UserWithRolesAndMembershipPdf> = join_all(user_futures).await;
|
||||||
|
|
||||||
@ -90,7 +90,7 @@ async fn index_admin(
|
|||||||
let users: Vec<UserWithRolesAndMembershipPdf> = join_all(user_futures).await;
|
let users: Vec<UserWithRolesAndMembershipPdf> = join_all(user_futures).await;
|
||||||
|
|
||||||
let user: User = user.user;
|
let user: User = user.user;
|
||||||
let allowed_to_edit = ManageUserUser::new(db, user.clone()).await.is_some();
|
let allowed_to_edit = user.has_role(db, "admin").await;
|
||||||
|
|
||||||
let roles = Role::all(db).await;
|
let roles = Role::all(db).await;
|
||||||
let families = Family::all_with_members(db).await;
|
let families = Family::all_with_members(db).await;
|
||||||
@ -215,7 +215,7 @@ async fn fees_paid(
|
|||||||
#[get("/user/<user>/send-welcome-mail")]
|
#[get("/user/<user>/send-welcome-mail")]
|
||||||
async fn send_welcome_mail(
|
async fn send_welcome_mail(
|
||||||
db: &State<SqlitePool>,
|
db: &State<SqlitePool>,
|
||||||
_admin: ManageUserUser,
|
_admin: AdminUser,
|
||||||
config: &State<Config>,
|
config: &State<Config>,
|
||||||
user: i32,
|
user: i32,
|
||||||
) -> Flash<Redirect> {
|
) -> Flash<Redirect> {
|
||||||
@ -233,7 +233,7 @@ async fn send_welcome_mail(
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[get("/user/<user>/reset-pw")]
|
#[get("/user/<user>/reset-pw")]
|
||||||
async fn resetpw(db: &State<SqlitePool>, admin: ManageUserUser, user: i32) -> Flash<Redirect> {
|
async fn resetpw(db: &State<SqlitePool>, admin: AdminUser, user: i32) -> Flash<Redirect> {
|
||||||
let user = User::find_by_id(db, user).await;
|
let user = User::find_by_id(db, user).await;
|
||||||
match user {
|
match user {
|
||||||
Some(user) => {
|
Some(user) => {
|
||||||
@ -253,7 +253,7 @@ async fn resetpw(db: &State<SqlitePool>, admin: ManageUserUser, user: i32) -> Fl
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[get("/user/<user>/delete")]
|
#[get("/user/<user>/delete")]
|
||||||
async fn delete(db: &State<SqlitePool>, admin: ManageUserUser, user: i32) -> Flash<Redirect> {
|
async fn delete(db: &State<SqlitePool>, admin: AdminUser, user: i32) -> Flash<Redirect> {
|
||||||
let user = User::find_by_id(db, user).await;
|
let user = User::find_by_id(db, user).await;
|
||||||
Log::create(db, format!("{} deleted user: {user:?}", admin.user.name)).await;
|
Log::create(db, format!("{} deleted user: {user:?}", admin.user.name)).await;
|
||||||
match user {
|
match user {
|
||||||
@ -290,7 +290,7 @@ pub struct UserEditForm<'a> {
|
|||||||
async fn update(
|
async fn update(
|
||||||
db: &State<SqlitePool>,
|
db: &State<SqlitePool>,
|
||||||
data: Form<UserEditForm<'_>>,
|
data: Form<UserEditForm<'_>>,
|
||||||
admin: ManageUserUser,
|
admin: AdminUser,
|
||||||
) -> Flash<Redirect> {
|
) -> Flash<Redirect> {
|
||||||
let user = User::find_by_id(db, data.id).await;
|
let user = User::find_by_id(db, data.id).await;
|
||||||
Log::create(
|
Log::create(
|
||||||
@ -313,7 +313,7 @@ async fn update(
|
|||||||
#[get("/user/<user>/membership")]
|
#[get("/user/<user>/membership")]
|
||||||
async fn download_membership_pdf(
|
async fn download_membership_pdf(
|
||||||
db: &State<SqlitePool>,
|
db: &State<SqlitePool>,
|
||||||
admin: ManageUserUser,
|
admin: AdminUser,
|
||||||
user: i32,
|
user: i32,
|
||||||
) -> (ContentType, Vec<u8>) {
|
) -> (ContentType, Vec<u8>) {
|
||||||
let user = User::find_by_id(db, user).await.unwrap();
|
let user = User::find_by_id(db, user).await.unwrap();
|
||||||
@ -339,7 +339,7 @@ struct UserAddForm<'r> {
|
|||||||
async fn create(
|
async fn create(
|
||||||
db: &State<SqlitePool>,
|
db: &State<SqlitePool>,
|
||||||
data: Form<UserAddForm<'_>>,
|
data: Form<UserAddForm<'_>>,
|
||||||
admin: ManageUserUser,
|
admin: AdminUser,
|
||||||
) -> Flash<Redirect> {
|
) -> Flash<Redirect> {
|
||||||
if User::create(db, data.name).await {
|
if User::create(db, data.name).await {
|
||||||
Log::create(
|
Log::create(
|
||||||
|
Loading…
Reference in New Issue
Block a user