Compare commits

..

2 Commits

Author SHA1 Message Date
2bc426be52 Merge pull request 'allow to edit users; Fixes #688' (#689) from allow-user-edit-role into main
Some checks are pending
CI/CD Pipeline / test (push) Waiting to run
CI/CD Pipeline / deploy-staging (push) Blocked by required conditions
CI/CD Pipeline / deploy-main (push) Blocked by required conditions
Reviewed-on: #689
2024-08-19 14:04:39 +02:00
93c8316543 allow to edit users; Fixes #688
All checks were successful
CI/CD Pipeline / test (push) Successful in 10m25s
CI/CD Pipeline / deploy-staging (push) Has been skipped
CI/CD Pipeline / deploy-main (push) Has been skipped
2024-08-19 13:23:08 +02:00
2 changed files with 10 additions and 9 deletions

View File

@ -1001,6 +1001,7 @@ special_user!(SchnupperBetreuerUser, +"schnupper-betreuer");
special_user!(VorstandUser, +"Vorstand"); special_user!(VorstandUser, +"Vorstand");
special_user!(EventUser, +"manage_events"); special_user!(EventUser, +"manage_events");
special_user!(AllowedToEditPaymentStatusUser, +"kassier", +"admin"); special_user!(AllowedToEditPaymentStatusUser, +"kassier", +"admin");
special_user!(ManageUserUser, +"admin", +"schriftfuehrer");
#[derive(FromRow, Serialize, Deserialize, Clone, Debug)] #[derive(FromRow, Serialize, Deserialize, Clone, Debug)]
pub struct UserWithRolesAndMembershipPdf { pub struct UserWithRolesAndMembershipPdf {

View File

@ -7,7 +7,7 @@ use crate::{
logbook::Logbook, logbook::Logbook,
role::Role, role::Role,
user::{ user::{
AdminUser, AllowedToEditPaymentStatusUser, SchnupperBetreuerUser, User, AdminUser, AllowedToEditPaymentStatusUser, ManageUserUser, SchnupperBetreuerUser, User,
UserWithDetails, UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser, UserWithDetails, UserWithMembershipPdf, UserWithRolesAndMembershipPdf, VorstandUser,
}, },
}, },
@ -56,7 +56,7 @@ async fn index(
.collect(); .collect();
let user: User = user.into_inner(); let user: User = user.into_inner();
let allowed_to_edit = user.has_role(db, "admin").await; let allowed_to_edit = ManageUserUser::new(db, user.clone()).await.is_some();
let users: Vec<UserWithRolesAndMembershipPdf> = join_all(user_futures).await; let users: Vec<UserWithRolesAndMembershipPdf> = join_all(user_futures).await;
@ -90,7 +90,7 @@ async fn index_admin(
let users: Vec<UserWithRolesAndMembershipPdf> = join_all(user_futures).await; let users: Vec<UserWithRolesAndMembershipPdf> = join_all(user_futures).await;
let user: User = user.user; let user: User = user.user;
let allowed_to_edit = user.has_role(db, "admin").await; let allowed_to_edit = ManageUserUser::new(db, user.clone()).await.is_some();
let roles = Role::all(db).await; let roles = Role::all(db).await;
let families = Family::all_with_members(db).await; let families = Family::all_with_members(db).await;
@ -215,7 +215,7 @@ async fn fees_paid(
#[get("/user/<user>/send-welcome-mail")] #[get("/user/<user>/send-welcome-mail")]
async fn send_welcome_mail( async fn send_welcome_mail(
db: &State<SqlitePool>, db: &State<SqlitePool>,
_admin: AdminUser, _admin: ManageUserUser,
config: &State<Config>, config: &State<Config>,
user: i32, user: i32,
) -> Flash<Redirect> { ) -> Flash<Redirect> {
@ -233,7 +233,7 @@ async fn send_welcome_mail(
} }
#[get("/user/<user>/reset-pw")] #[get("/user/<user>/reset-pw")]
async fn resetpw(db: &State<SqlitePool>, admin: AdminUser, user: i32) -> Flash<Redirect> { async fn resetpw(db: &State<SqlitePool>, admin: ManageUserUser, user: i32) -> Flash<Redirect> {
let user = User::find_by_id(db, user).await; let user = User::find_by_id(db, user).await;
match user { match user {
Some(user) => { Some(user) => {
@ -253,7 +253,7 @@ async fn resetpw(db: &State<SqlitePool>, admin: AdminUser, user: i32) -> Flash<R
} }
#[get("/user/<user>/delete")] #[get("/user/<user>/delete")]
async fn delete(db: &State<SqlitePool>, admin: AdminUser, user: i32) -> Flash<Redirect> { async fn delete(db: &State<SqlitePool>, admin: ManageUserUser, user: i32) -> Flash<Redirect> {
let user = User::find_by_id(db, user).await; let user = User::find_by_id(db, user).await;
Log::create(db, format!("{} deleted user: {user:?}", admin.user.name)).await; Log::create(db, format!("{} deleted user: {user:?}", admin.user.name)).await;
match user { match user {
@ -290,7 +290,7 @@ pub struct UserEditForm<'a> {
async fn update( async fn update(
db: &State<SqlitePool>, db: &State<SqlitePool>,
data: Form<UserEditForm<'_>>, data: Form<UserEditForm<'_>>,
admin: AdminUser, admin: ManageUserUser,
) -> Flash<Redirect> { ) -> Flash<Redirect> {
let user = User::find_by_id(db, data.id).await; let user = User::find_by_id(db, data.id).await;
Log::create( Log::create(
@ -313,7 +313,7 @@ async fn update(
#[get("/user/<user>/membership")] #[get("/user/<user>/membership")]
async fn download_membership_pdf( async fn download_membership_pdf(
db: &State<SqlitePool>, db: &State<SqlitePool>,
admin: AdminUser, admin: ManageUserUser,
user: i32, user: i32,
) -> (ContentType, Vec<u8>) { ) -> (ContentType, Vec<u8>) {
let user = User::find_by_id(db, user).await.unwrap(); let user = User::find_by_id(db, user).await.unwrap();
@ -339,7 +339,7 @@ struct UserAddForm<'r> {
async fn create( async fn create(
db: &State<SqlitePool>, db: &State<SqlitePool>,
data: Form<UserAddForm<'_>>, data: Form<UserAddForm<'_>>,
admin: AdminUser, admin: ManageUserUser,
) -> Flash<Redirect> { ) -> Flash<Redirect> {
if User::create(db, data.name).await { if User::create(db, data.name).await {
Log::create( Log::create(