Compare commits
2 Commits
e7168d308f
...
a269efedca
Author | SHA1 | Date | |
---|---|---|---|
a269efedca | |||
8edbf15235 |
@ -6,6 +6,7 @@ INSERT INTO "role" (name) VALUES ('Donau Linz');
|
|||||||
INSERT INTO "role" (name) VALUES ('planned_event');
|
INSERT INTO "role" (name) VALUES ('planned_event');
|
||||||
INSERT INTO "role" (name) VALUES ('Rennrudern');
|
INSERT INTO "role" (name) VALUES ('Rennrudern');
|
||||||
INSERT INTO "role" (name) VALUES ('paid');
|
INSERT INTO "role" (name) VALUES ('paid');
|
||||||
|
INSERT INTO "role" (name) VALUES ('Vorstand');
|
||||||
INSERT INTO "user" (name, pw) VALUES('admin', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$4P4NCw4Ukhv80/eQYTsarHhnw61JuL1KMx/L9dm82YM');
|
INSERT INTO "user" (name, pw) VALUES('admin', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$4P4NCw4Ukhv80/eQYTsarHhnw61JuL1KMx/L9dm82YM');
|
||||||
INSERT INTO "user_role" (user_id, role_id) VALUES(1,1);
|
INSERT INTO "user_role" (user_id, role_id) VALUES(1,1);
|
||||||
INSERT INTO "user_role" (user_id, role_id) VALUES(1,2);
|
INSERT INTO "user_role" (user_id, role_id) VALUES(1,2);
|
||||||
@ -30,6 +31,9 @@ INSERT INTO "user_role" (user_id, role_id) VALUES(7,5);
|
|||||||
INSERT INTO "user" (name, pw) VALUES('teen', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$jWKzDmI0jqT2dqINFt6/1NjVF4Dx15n07PL1ZMBmFsY');
|
INSERT INTO "user" (name, pw) VALUES('teen', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$jWKzDmI0jqT2dqINFt6/1NjVF4Dx15n07PL1ZMBmFsY');
|
||||||
INSERT INTO "user_role" (user_id, role_id) VALUES(8,5);
|
INSERT INTO "user_role" (user_id, role_id) VALUES(8,5);
|
||||||
INSERT INTO "user_role" (user_id, role_id) VALUES(8,7);
|
INSERT INTO "user_role" (user_id, role_id) VALUES(8,7);
|
||||||
|
INSERT INTO "user" (name, pw) VALUES('Vorstandsmitglied', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$jWKzDmI0jqT2dqINFt6/1NjVF4Dx15n07PL1ZMBmFsY');
|
||||||
|
INSERT INTO "user_role" (user_id, role_id) VALUES(9,5);
|
||||||
|
INSERT INTO "user_role" (user_id, role_id) VALUES(9,9);
|
||||||
|
|
||||||
INSERT INTO "trip_details" (planned_starting_time, max_people, day, notes) VALUES('10:00', 2, '1970-01-01', 'trip_details for a planned event');
|
INSERT INTO "trip_details" (planned_starting_time, max_people, day, notes) VALUES('10:00', 2, '1970-01-01', 'trip_details for a planned event');
|
||||||
INSERT INTO "planned_event" (name, planned_amount_cox, trip_details_id) VALUES('test-planned-event', 2, 1);
|
INSERT INTO "planned_event" (name, planned_amount_cox, trip_details_id) VALUES('test-planned-event', 2, 1);
|
||||||
|
@ -865,7 +865,7 @@ impl<'r> FromRequest<'r> for VorstandUser {
|
|||||||
if user.has_role(db, "Vorstand").await {
|
if user.has_role(db, "Vorstand").await {
|
||||||
Outcome::Success(VorstandUser(user))
|
Outcome::Success(VorstandUser(user))
|
||||||
} else {
|
} else {
|
||||||
Outcome::Error((Status::Forbidden, LoginError::NotACox))
|
Outcome::Forward(Status::Forbidden)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Outcome::Error(f) => Outcome::Error(f),
|
Outcome::Error(f) => Outcome::Error(f),
|
||||||
|
@ -49,6 +49,39 @@ async fn index(
|
|||||||
Template::render("admin/user/index", context.into_json())
|
Template::render("admin/user/index", context.into_json())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[get("/user", rank = 2)]
|
||||||
|
async fn index_admin(
|
||||||
|
db: &State<SqlitePool>,
|
||||||
|
user: AdminUser,
|
||||||
|
flash: Option<FlashMessage<'_>>,
|
||||||
|
) -> Template {
|
||||||
|
let user_futures: Vec<_> = User::all(db)
|
||||||
|
.await
|
||||||
|
.into_iter()
|
||||||
|
.map(|u| async move { UserWithRoles::from_user(u, db).await })
|
||||||
|
.collect();
|
||||||
|
|
||||||
|
let user: User = user.user;
|
||||||
|
let allowed_to_edit = user.has_role(db, "admin").await;
|
||||||
|
|
||||||
|
let users: Vec<UserWithRoles> = join_all(user_futures).await;
|
||||||
|
|
||||||
|
let roles = Role::all(db).await;
|
||||||
|
let families = Family::all_with_members(db).await;
|
||||||
|
|
||||||
|
let mut context = Context::new();
|
||||||
|
if let Some(msg) = flash {
|
||||||
|
context.insert("flash", &msg.into_inner());
|
||||||
|
}
|
||||||
|
context.insert("allowed_to_edit", &allowed_to_edit);
|
||||||
|
context.insert("users", &users);
|
||||||
|
context.insert("roles", &roles);
|
||||||
|
context.insert("families", &families);
|
||||||
|
context.insert("loggedin_user", &UserWithRoles::from_user(user, db).await);
|
||||||
|
|
||||||
|
Template::render("admin/user/index", context.into_json())
|
||||||
|
}
|
||||||
|
|
||||||
#[get("/user/fees")]
|
#[get("/user/fees")]
|
||||||
async fn fees(
|
async fn fees(
|
||||||
db: &State<SqlitePool>,
|
db: &State<SqlitePool>,
|
||||||
@ -193,5 +226,14 @@ async fn create(
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub fn routes() -> Vec<Route> {
|
pub fn routes() -> Vec<Route> {
|
||||||
routes![index, resetpw, update, create, delete, fees, fees_paid]
|
routes![
|
||||||
|
index,
|
||||||
|
index_admin,
|
||||||
|
resetpw,
|
||||||
|
update,
|
||||||
|
create,
|
||||||
|
delete,
|
||||||
|
fees,
|
||||||
|
fees_paid
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
@ -64,7 +64,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if "admin" in loggedin_user.roles %}
|
{% if "admin" in loggedin_user.roles or "Vorstand" in loggedin_user.roles %}
|
||||||
<a href="/admin/user"
|
<a href="/admin/user"
|
||||||
class="inline-flex justify-center rounded-md bg-primary-600 mx-1 px-3 py-2 text-sm font-semibold text-white hover:bg-primary-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary-600 cursor-pointer">
|
class="inline-flex justify-center rounded-md bg-primary-600 mx-1 px-3 py-2 text-sm font-semibold text-white hover:bg-primary-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary-600 cursor-pointer">
|
||||||
<svg class="inline h-4"
|
<svg class="inline h-4"
|
||||||
|
Loading…
Reference in New Issue
Block a user