Compare commits

..

No commits in common. "9a1117a7c8e3ca3cf003a2a7bd80b63bf50847ca" and "9d14dae4a78cf758bdb108c44b206ee6fb3f386e" have entirely different histories.

6 changed files with 23 additions and 75 deletions

View File

@ -16,8 +16,7 @@ CREATE TABLE IF NOT EXISTS "user" (
"notes" text, "notes" text,
"phone" text, "phone" text,
"address" text, "address" text,
"family_id" INTEGER REFERENCES family(id), "family_id" INTEGER REFERENCES family(id)
"membership_pdf" BLOB
); );
CREATE TABLE IF NOT EXISTS "family" ( CREATE TABLE IF NOT EXISTS "family" (

View File

@ -75,7 +75,7 @@ GROUP BY family.id;"
} }
pub async fn members(&self, db: &SqlitePool) -> Vec<User> { pub async fn members(&self, db: &SqlitePool) -> Vec<User> {
sqlx::query_as!(User, "SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf FROM user WHERE family_id = ?", self.id) sqlx::query_as!(User, "SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id FROM user WHERE family_id = ?", self.id)
.fetch_all(db) .fetch_all(db)
.await .await
.unwrap() .unwrap()

View File

@ -16,7 +16,7 @@ impl Rower {
sqlx::query_as!( sqlx::query_as!(
User, User,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
FROM user FROM user
WHERE id in (SELECT rower_id FROM rower WHERE logbook_id=?) WHERE id in (SELECT rower_id FROM rower WHERE logbook_id=?)
", ",

View File

@ -1,19 +1,13 @@
use std::{ use std::ops::{Deref, DerefMut};
fs::File,
io::Read,
ops::{Deref, DerefMut},
};
use argon2::{password_hash::SaltString, Argon2, PasswordHasher}; use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
use chrono::{Datelike, Local, NaiveDate}; use chrono::{Datelike, Local, NaiveDate};
use log::info; use log::info;
use rocket::{ use rocket::{
async_trait, async_trait,
data::ToByteUnit, http::{Cookie, Status},
http::{ext::IntoCollection, Cookie, Status},
request::{self, FromRequest, Outcome}, request::{self, FromRequest, Outcome},
time::{Duration, OffsetDateTime}, time::{Duration, OffsetDateTime},
tokio::io::AsyncReadExt,
Request, Request,
}; };
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
@ -49,7 +43,6 @@ pub struct User {
pub phone: Option<String>, pub phone: Option<String>,
pub address: Option<String>, pub address: Option<String>,
pub family_id: Option<i64>, pub family_id: Option<i64>,
pub membership_pdf: Option<Vec<u8>>,
} }
#[derive(Debug, Serialize, Deserialize)] #[derive(Debug, Serialize, Deserialize)]
@ -292,7 +285,7 @@ impl User {
sqlx::query_as!( sqlx::query_as!(
Self, Self,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
FROM user FROM user
WHERE id like ? WHERE id like ?
", ",
@ -307,7 +300,7 @@ WHERE id like ?
sqlx::query_as!( sqlx::query_as!(
Self, Self,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
FROM user FROM user
WHERE id like ? WHERE id like ?
", ",
@ -322,7 +315,7 @@ WHERE id like ?
sqlx::query_as!( sqlx::query_as!(
Self, Self,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
FROM user FROM user
WHERE name like ? WHERE name like ?
", ",
@ -364,7 +357,7 @@ WHERE name like ?
sqlx::query_as!( sqlx::query_as!(
Self, Self,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
FROM user FROM user
WHERE deleted = 0 WHERE deleted = 0
ORDER BY last_access DESC ORDER BY last_access DESC
@ -379,7 +372,7 @@ ORDER BY last_access DESC
sqlx::query_as!( sqlx::query_as!(
Self, Self,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
FROM user u FROM user u
JOIN user_role ur ON u.id = ur.user_id JOIN user_role ur ON u.id = ur.user_id
WHERE ur.role_id = ? AND deleted = 0 WHERE ur.role_id = ? AND deleted = 0
@ -395,14 +388,14 @@ ORDER BY name;
sqlx::query_as!( sqlx::query_as!(
Self, Self,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf FROM user SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id FROM user
WHERE family_id IS NOT NULL WHERE family_id IS NOT NULL
GROUP BY family_id GROUP BY family_id
UNION UNION
-- Select users with a null family_id, without grouping -- Select users with a null family_id, without grouping
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf FROM user SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id FROM user
WHERE family_id IS NULL; WHERE family_id IS NULL;
" "
) )
@ -415,7 +408,7 @@ WHERE family_id IS NULL;
sqlx::query_as!( sqlx::query_as!(
Self, Self,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
FROM user FROM user
WHERE deleted = 0 AND dob != '' and weight != '' and sex != '' WHERE deleted = 0 AND dob != '' and weight != '' and sex != ''
ORDER BY name ORDER BY name
@ -430,7 +423,7 @@ ORDER BY name
sqlx::query_as!( sqlx::query_as!(
Self, Self,
" "
SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id, membership_pdf SELECT id, name, pw, deleted, last_access, dob, weight, sex, member_since_date, birthdate, mail, nickname, notes, phone, address, family_id
FROM user FROM user
WHERE deleted = 0 AND (SELECT COUNT(*) FROM user_role WHERE user_id=user.id AND role_id = (SELECT id FROM role WHERE name = 'cox')) > 0 WHERE deleted = 0 AND (SELECT COUNT(*) FROM user_role WHERE user_id=user.id AND role_id = (SELECT id FROM role WHERE name = 'cox')) > 0
ORDER BY last_access DESC ORDER BY last_access DESC
@ -448,29 +441,13 @@ ORDER BY last_access DESC
.is_ok() .is_ok()
} }
pub async fn update(&self, db: &SqlitePool, data: UserEditForm<'_>) { pub async fn update(&self, db: &SqlitePool, data: UserEditForm) {
let mut family_id = data.family_id; let mut family_id = data.family_id;
if family_id.is_some_and(|x| x == -1) { if family_id.is_some_and(|x| x == -1) {
family_id = Some(Family::insert(db).await) family_id = Some(Family::insert(db).await)
} }
if self.membership_pdf.is_none() {
if let Some(membership_pdf) = data.membership_pdf {
let mut stream = membership_pdf.open().await.unwrap();
let mut buffer = Vec::new();
stream.read_to_end(&mut buffer).await.unwrap();
sqlx::query!(
"UPDATE user SET membership_pdf = ? where id = ?",
buffer,
self.id
)
.execute(db)
.await
.unwrap(); //Okay, because we can only create a User of a valid id
}
}
sqlx::query!( sqlx::query!(
"UPDATE user SET dob = ?, weight = ?, sex = ?, member_since_date=?, birthdate=?, mail=?, nickname=?, notes=?, phone=?, address=?, family_id = ? where id = ?", "UPDATE user SET dob = ?, weight = ?, sex = ?, member_since_date=?, birthdate=?, mail=?, nickname=?, notes=?, phone=?, address=?, family_id = ? where id = ?",
data.dob, data.dob,

View File

@ -10,12 +10,11 @@ use crate::model::{
use futures::future::join_all; use futures::future::join_all;
use rocket::{ use rocket::{
form::Form, form::Form,
fs::TempFile,
get, get,
http::{ContentType, Status}, http::Status,
post, post,
request::{FlashMessage, FromRequest, Outcome}, request::{FlashMessage, FromRequest, Outcome},
response::{content, Flash, Redirect}, response::{Flash, Redirect},
routes, FromForm, Request, Route, State, routes, FromForm, Request, Route, State,
}; };
use rocket_dyn_templates::{tera::Context, Template}; use rocket_dyn_templates::{tera::Context, Template};
@ -232,7 +231,7 @@ async fn delete(db: &State<SqlitePool>, admin: AdminUser, user: i32) -> Flash<Re
} }
#[derive(FromForm, Debug)] #[derive(FromForm, Debug)]
pub struct UserEditForm<'a> { pub struct UserEditForm {
pub(crate) id: i32, pub(crate) id: i32,
pub(crate) dob: Option<String>, pub(crate) dob: Option<String>,
pub(crate) weight: Option<String>, pub(crate) weight: Option<String>,
@ -246,13 +245,12 @@ pub struct UserEditForm<'a> {
pub(crate) phone: Option<String>, pub(crate) phone: Option<String>,
pub(crate) address: Option<String>, pub(crate) address: Option<String>,
pub(crate) family_id: Option<i64>, pub(crate) family_id: Option<i64>,
pub(crate) membership_pdf: Option<TempFile<'a>>,
} }
#[post("/user", data = "<data>", format = "multipart/form-data")] #[post("/user", data = "<data>")]
async fn update( async fn update(
db: &State<SqlitePool>, db: &State<SqlitePool>,
data: Form<UserEditForm<'_>>, data: Form<UserEditForm>,
admin: AdminUser, admin: AdminUser,
) -> Flash<Redirect> { ) -> Flash<Redirect> {
let user = User::find_by_id(db, data.id).await; let user = User::find_by_id(db, data.id).await;
@ -273,25 +271,6 @@ async fn update(
Flash::success(Redirect::to("/admin/user"), "Successfully updated user") Flash::success(Redirect::to("/admin/user"), "Successfully updated user")
} }
#[get("/user/<user>/membership")]
async fn download_membership_pdf(
db: &State<SqlitePool>,
admin: AdminUser,
user: i32,
) -> (ContentType, Vec<u8>) {
let user = User::find_by_id(db, user).await.unwrap();
Log::create(
db,
format!(
"{} downloaded membership application for user: {user:?}",
admin.user.name
),
)
.await;
(ContentType::PDF, user.membership_pdf.unwrap())
}
#[derive(FromForm, Debug)] #[derive(FromForm, Debug)]
struct UserAddForm<'r> { struct UserAddForm<'r> {
name: &'r str, name: &'r str,
@ -328,7 +307,6 @@ pub fn routes() -> Vec<Route> {
delete, delete,
fees, fees,
fees_paid, fees_paid,
scheckbuch, scheckbuch
download_membership_pdf
] ]
} }

View File

@ -33,7 +33,7 @@
name="name" name="name"
id="filter-js" id="filter-js"
class="search-bar" class="search-bar"
placeholder="Suchen nach (Name, [yes|no]-role:<name>, has-[no-]membership-pdf)" /> placeholder="Suchen nach (Name, [yes|no]-role:<name>)" />
</div> </div>
<!-- END filterBar --> <!-- END filterBar -->
<div class="bg-primary-100 dark:bg-primary-950 p-3 rounded-b-md grid gap-4"> <div class="bg-primary-100 dark:bg-primary-950 p-3 rounded-b-md grid gap-4">
@ -41,10 +41,9 @@
class="text-primary-950 dark:text-white text-right"></div> class="text-primary-950 dark:text-white text-right"></div>
{% for user in users %} {% for user in users %}
<div data-filterable="true" <div data-filterable="true"
data-filter="{{ user.name }} {% for role in roles %} {% if role.name in user.roles %} yes-role:{{ role.name }} {% else %} no-role:{{ role.name }} {% endif %} role-{{ role }} {% endfor %} {% if user.membership_pdf %}has-membership-pdf{% else %}has-no-membership-pdf{% endif %} "> data-filter="{{ user.name }} {% for role in roles %} {% if role.name in user.roles %} yes-role:{{ role.name }} {% else %} no-role:{{ role.name }} {% endif %} role-{{ role }} {% endfor %} ">
<form action="/admin/user" <form action="/admin/user"
method="post" method="post"
enctype="multipart/form-data"
class="bg-white dark:bg-primary-900 p-3 rounded-md w-full"> class="bg-white dark:bg-primary-900 p-3 rounded-md w-full">
<div class="w-full grid gap-3"> <div class="w-full grid gap-3">
<input type="hidden" name="id" value="{{ user.id }}" /> <input type="hidden" name="id" value="{{ user.id }}" />
@ -63,11 +62,6 @@
{% for role in roles %} {% for role in roles %}
{{ macros::checkbox(label=role.name, name="roles[" ~ role.id ~ "]", id=loop.index , checked=role.name in user.roles, disabled=allowed_to_edit == false) }} {{ macros::checkbox(label=role.name, name="roles[" ~ role.id ~ "]", id=loop.index , checked=role.name in user.roles, disabled=allowed_to_edit == false) }}
{% endfor %} {% endfor %}
{% if user.membership_pdf %}
<a href="/admin/user/{{ user.id }}/membership"
class="text-black dark:text-white">Beitrittserklärung herunterladen</a>
{% endif %}
{{ macros::input(label='Beitrittserklärung', name='membership_pdf', id=loop.index, type="file", readonly=allowed_to_edit == false) }}
{{ macros::input(label='DOB', name='dob', id=loop.index, type="text", value=user.dob, readonly=allowed_to_edit == false) }} {{ macros::input(label='DOB', name='dob', id=loop.index, type="text", value=user.dob, readonly=allowed_to_edit == false) }}
{{ macros::input(label='Weight (kg)', name='weight', id=loop.index, type="text", value=user.weight, readonly=allowed_to_edit == false) }} {{ macros::input(label='Weight (kg)', name='weight', id=loop.index, type="text", value=user.weight, readonly=allowed_to_edit == false) }}
{{ macros::input(label='Sex', name='sex', id=loop.index, type="text", value=user.sex, readonly=allowed_to_edit == false) }} {{ macros::input(label='Sex', name='sex', id=loop.index, type="text", value=user.sex, readonly=allowed_to_edit == false) }}