staging #178

Merged
philipp merged 5 commits from staging into main 2024-01-22 22:24:26 +01:00
5 changed files with 91 additions and 49 deletions
Showing only changes of commit a1a5e2ad89 - Show all commits

View File

@ -3,10 +3,12 @@ INSERT INTO "role" (name) VALUES ('cox');
INSERT INTO "role" (name) VALUES ('scheckbuch'); INSERT INTO "role" (name) VALUES ('scheckbuch');
INSERT INTO "role" (name) VALUES ('tech'); INSERT INTO "role" (name) VALUES ('tech');
INSERT INTO "role" (name) VALUES ('Donau Linz'); INSERT INTO "role" (name) VALUES ('Donau Linz');
INSERT INTO "role" (name) VALUES ('planned_event');
INSERT INTO "user" (name, pw) VALUES('admin', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$4P4NCw4Ukhv80/eQYTsarHhnw61JuL1KMx/L9dm82YM'); INSERT INTO "user" (name, pw) VALUES('admin', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$4P4NCw4Ukhv80/eQYTsarHhnw61JuL1KMx/L9dm82YM');
INSERT INTO "user_role" (user_id, role_id) VALUES(1,1); INSERT INTO "user_role" (user_id, role_id) VALUES(1,1);
INSERT INTO "user_role" (user_id, role_id) VALUES(1,2); INSERT INTO "user_role" (user_id, role_id) VALUES(1,2);
INSERT INTO "user_role" (user_id, role_id) VALUES(1,5); INSERT INTO "user_role" (user_id, role_id) VALUES(1,5);
INSERT INTO "user_role" (user_id, role_id) VALUES(1,6);
INSERT INTO "user" (name, pw) VALUES('rower', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$jWKzDmI0jqT2dqINFt6/1NjVF4Dx15n07PL1ZMBmFsY'); INSERT INTO "user" (name, pw) VALUES('rower', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$jWKzDmI0jqT2dqINFt6/1NjVF4Dx15n07PL1ZMBmFsY');
INSERT INTO "user_role" (user_id, role_id) VALUES(2,5); INSERT INTO "user_role" (user_id, role_id) VALUES(2,5);
INSERT INTO "user" (name, pw) VALUES('guest', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$GF6gizbI79Bh0zA9its8S0gram956v+YIV8w8VpwJnQ'); INSERT INTO "user" (name, pw) VALUES('guest', '$argon2id$v=19$m=19456,t=2,p=1$dS/X5/sPEKTj4Rzs/CuvzQ$GF6gizbI79Bh0zA9its8S0gram956v+YIV8w8VpwJnQ');

View File

@ -850,6 +850,43 @@ impl<'r> FromRequest<'r> for VorstandUser {
} }
} }
} }
#[derive(Debug, Serialize, Deserialize)]
pub struct PlannedEventUser(pub(crate) User);
impl Into<User> for PlannedEventUser {
fn into(self) -> User {
self.0
}
}
impl Deref for PlannedEventUser {
type Target = User;
fn deref(&self) -> &Self::Target {
&self.0
}
}
#[async_trait]
impl<'r> FromRequest<'r> for PlannedEventUser {
type Error = LoginError;
async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
let db = req.rocket().state::<SqlitePool>().unwrap();
match User::from_request(req).await {
Outcome::Success(user) => {
if user.has_role(db, "planned_event").await {
Outcome::Success(PlannedEventUser(user))
} else {
Outcome::Error((Status::Forbidden, LoginError::NotACox))
}
}
Outcome::Error(f) => Outcome::Error(f),
Outcome::Forward(f) => Outcome::Forward(f),
}
}
}
#[cfg(test)] #[cfg(test)]
mod test { mod test {
use std::collections::HashMap; use std::collections::HashMap;

View File

@ -10,7 +10,7 @@ use sqlx::SqlitePool;
use crate::model::{ use crate::model::{
planned_event::PlannedEvent, planned_event::PlannedEvent,
tripdetails::{TripDetails, TripDetailsToAdd}, tripdetails::{TripDetails, TripDetailsToAdd},
user::AdminUser, user::PlannedEventUser,
}; };
//TODO: add constraints (e.g. planned_amount_cox > 0) //TODO: add constraints (e.g. planned_amount_cox > 0)
@ -25,7 +25,7 @@ struct AddPlannedEventForm<'r> {
async fn create( async fn create(
db: &State<SqlitePool>, db: &State<SqlitePool>,
data: Form<AddPlannedEventForm<'_>>, data: Form<AddPlannedEventForm<'_>>,
_admin: AdminUser, _admin: PlannedEventUser,
) -> Flash<Redirect> { ) -> Flash<Redirect> {
let data = data.into_inner(); let data = data.into_inner();
@ -36,7 +36,7 @@ async fn create(
PlannedEvent::create(db, data.name, data.planned_amount_cox, trip_details).await; PlannedEvent::create(db, data.name, data.planned_amount_cox, trip_details).await;
Flash::success(Redirect::to("/"), "Event hinzugefügt") Flash::success(Redirect::to("/planned"), "Event hinzugefügt")
} }
//TODO: add constraints (e.g. planned_amount_cox > 0) //TODO: add constraints (e.g. planned_amount_cox > 0)
@ -54,7 +54,7 @@ struct UpdatePlannedEventForm<'r> {
async fn update( async fn update(
db: &State<SqlitePool>, db: &State<SqlitePool>,
data: Form<UpdatePlannedEventForm<'_>>, data: Form<UpdatePlannedEventForm<'_>>,
_admin: AdminUser, _admin: PlannedEventUser,
) -> Flash<Redirect> { ) -> Flash<Redirect> {
match PlannedEvent::find_by_id(db, data.id).await { match PlannedEvent::find_by_id(db, data.id).await {
Some(planned_event) => { Some(planned_event) => {
@ -68,20 +68,20 @@ async fn update(
data.is_locked, data.is_locked,
) )
.await; .await;
Flash::success(Redirect::to("/"), "Successfully edited the event") Flash::success(Redirect::to("/planned"), "Event erfolgreich bearbeitet")
} }
None => Flash::error(Redirect::to("/"), "Planned event id not found"), None => Flash::error(Redirect::to("/planned"), "Planned event id not found"),
} }
} }
#[get("/planned-event/<id>/delete")] #[get("/planned-event/<id>/delete")]
async fn delete(db: &State<SqlitePool>, id: i64, _admin: AdminUser) -> Flash<Redirect> { async fn delete(db: &State<SqlitePool>, id: i64, _admin: PlannedEventUser) -> Flash<Redirect> {
match PlannedEvent::find_by_id(db, id).await { match PlannedEvent::find_by_id(db, id).await {
Some(planned_event) => { Some(planned_event) => {
planned_event.delete(db).await; planned_event.delete(db).await;
Flash::success(Redirect::to("/"), "Event gelöscht") Flash::success(Redirect::to("/planned"), "Event gelöscht")
} }
None => Flash::error(Redirect::to("/"), "PlannedEvent does not exist"), None => Flash::error(Redirect::to("/planned"), "PlannedEvent does not exist"),
} }
} }
@ -120,7 +120,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -151,7 +151,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -187,7 +187,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -196,7 +196,7 @@ mod test {
assert_eq!( assert_eq!(
flash_cookie.value(), flash_cookie.value(),
"7:successSuccessfully edited the event" "7:successEvent erfolgreich bearbeitet"
); );
let event = PlannedEvent::find_by_id(&db, 1).await.unwrap(); let event = PlannedEvent::find_by_id(&db, 1).await.unwrap();
@ -224,7 +224,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -255,7 +255,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()

View File

@ -34,7 +34,7 @@ async fn create(
//) //)
//.await; //.await;
Flash::success(Redirect::to("/"), "Ausfahrt erfolgreich erstellt.") Flash::success(Redirect::to("/planned"), "Ausfahrt erfolgreich erstellt.")
} }
#[derive(FromForm)] #[derive(FromForm)]
@ -66,16 +66,19 @@ async fn update(
) )
.await .await
{ {
Ok(_) => Flash::success(Redirect::to("/"), "Ausfahrt erfolgreich aktualisiert."), Ok(_) => Flash::success(
Redirect::to("/planned"),
"Ausfahrt erfolgreich aktualisiert.",
),
Err(TripUpdateError::NotYourTrip) => { Err(TripUpdateError::NotYourTrip) => {
Flash::error(Redirect::to("/"), "Nicht deine Ausfahrt!") Flash::error(Redirect::to("/planned"), "Nicht deine Ausfahrt!")
} }
Err(TripUpdateError::TripDetailsDoesNotExist) => { Err(TripUpdateError::TripDetailsDoesNotExist) => {
Flash::error(Redirect::to("/"), "Ausfahrt gibt's nicht") Flash::error(Redirect::to("/planned"), "Ausfahrt gibt's nicht")
} }
} }
} else { } else {
Flash::error(Redirect::to("/"), "Ausfahrt gibt's nicht") Flash::error(Redirect::to("/planned"), "Ausfahrt gibt's nicht")
} }
} }
@ -92,21 +95,21 @@ async fn join(db: &State<SqlitePool>, planned_event_id: i64, cox: CoxUser) -> Fl
), ),
) )
.await; .await;
Flash::success(Redirect::to("/"), "Danke für's helfen!") Flash::success(Redirect::to("/planned"), "Danke für's helfen!")
} }
Err(CoxHelpError::AlreadyRegisteredAsCox) => { Err(CoxHelpError::AlreadyRegisteredAsCox) => {
Flash::error(Redirect::to("/"), "Du hilfst bereits aus!") Flash::error(Redirect::to("/planned"), "Du hilfst bereits aus!")
} }
Err(CoxHelpError::AlreadyRegisteredAsRower) => Flash::error( Err(CoxHelpError::AlreadyRegisteredAsRower) => Flash::error(
Redirect::to("/"), Redirect::to("/planned"),
"Du hast dich bereits als Ruderer angemeldet!", "Du hast dich bereits als Ruderer angemeldet!",
), ),
Err(CoxHelpError::DetailsLocked) => { Err(CoxHelpError::DetailsLocked) => {
Flash::error(Redirect::to("/"), "Boot ist bereits eingeteilt.") Flash::error(Redirect::to("/planned"), "Boot ist bereits eingeteilt.")
} }
} }
} else { } else {
Flash::error(Redirect::to("/"), "Event gibt's nicht") Flash::error(Redirect::to("/planned"), "Event gibt's nicht")
} }
} }
@ -114,18 +117,18 @@ async fn join(db: &State<SqlitePool>, planned_event_id: i64, cox: CoxUser) -> Fl
async fn remove_trip(db: &State<SqlitePool>, trip_id: i64, cox: CoxUser) -> Flash<Redirect> { async fn remove_trip(db: &State<SqlitePool>, trip_id: i64, cox: CoxUser) -> Flash<Redirect> {
let trip = Trip::find_by_id(db, trip_id).await; let trip = Trip::find_by_id(db, trip_id).await;
match trip { match trip {
None => Flash::error(Redirect::to("/"), "Trip gibt's nicht!"), None => Flash::error(Redirect::to("/planned"), "Trip gibt's nicht!"),
Some(trip) => match trip.delete(db, &cox).await { Some(trip) => match trip.delete(db, &cox).await {
Ok(_) => { Ok(_) => {
Log::create(db, format!("Cox {} deleted trip.id={}", cox.name, trip_id)).await; Log::create(db, format!("Cox {} deleted trip.id={}", cox.name, trip_id)).await;
Flash::success(Redirect::to("/"), "Erfolgreich gelöscht!") Flash::success(Redirect::to("/planned"), "Erfolgreich gelöscht!")
} }
Err(TripDeleteError::SomebodyAlreadyRegistered) => Flash::error( Err(TripDeleteError::SomebodyAlreadyRegistered) => Flash::error(
Redirect::to("/"), Redirect::to("/planned"),
"Ausfahrt kann nicht gelöscht werden, da bereits jemand registriert ist!", "Ausfahrt kann nicht gelöscht werden, da bereits jemand registriert ist!",
), ),
Err(TripDeleteError::NotYourTrip) => { Err(TripDeleteError::NotYourTrip) => {
Flash::error(Redirect::to("/"), "Nicht deine Ausfahrt!") Flash::error(Redirect::to("/planned"), "Nicht deine Ausfahrt!")
} }
}, },
} }
@ -145,17 +148,17 @@ async fn remove(db: &State<SqlitePool>, planned_event_id: i64, cox: CoxUser) ->
) )
.await; .await;
Flash::success(Redirect::to("/"), "Erfolgreich abgemeldet!") Flash::success(Redirect::to("/planned"), "Erfolgreich abgemeldet!")
} }
Err(TripHelpDeleteError::DetailsLocked) => { Err(TripHelpDeleteError::DetailsLocked) => {
Flash::error(Redirect::to("/"), "Boot bereits eingeteilt") Flash::error(Redirect::to("/planned"), "Boot bereits eingeteilt")
} }
Err(TripHelpDeleteError::CoxNotHelping) => { Err(TripHelpDeleteError::CoxNotHelping) => {
Flash::error(Redirect::to("/"), "Steuermann hilft nicht aus...") Flash::error(Redirect::to("/planned"), "Steuermann hilft nicht aus...")
} }
} }
} else { } else {
Flash::error(Redirect::to("/"), "Planned_event does not exist.") Flash::error(Redirect::to("/planned"), "Planned_event does not exist.")
} }
} }
@ -202,7 +205,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -250,7 +253,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -288,7 +291,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -326,7 +329,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -354,7 +357,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -367,7 +370,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -398,7 +401,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -429,7 +432,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -470,7 +473,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -498,7 +501,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()
@ -526,7 +529,7 @@ mod test {
let response = req.dispatch().await; let response = req.dispatch().await;
assert_eq!(response.status(), Status::SeeOther); assert_eq!(response.status(), Status::SeeOther);
assert_eq!(response.headers().get("Location").next(), Some("/")); assert_eq!(response.headers().get("Location").next(), Some("/planned"));
let flash_cookie = response let flash_cookie = response
.cookies() .cookies()

View File

@ -304,9 +304,9 @@
</div> </div>
{# --- START Add Buttons --- #} {# --- START Add Buttons --- #}
{% if "admin" in loggedin_user.roles or "cox" in loggedin_user.roles %} {% if "planned_event" in loggedin_user.roles or "cox" in loggedin_user.roles %}
<div class="grid {% if "admin" in loggedin_user.roles %} grid-cols-2 {% endif %} text-center"> <div class="grid {% if "planned_event" in loggedin_user.roles %} grid-cols-2 {% endif %} text-center">
{% if "admin" in loggedin_user.roles %} {% if "planned_event" in loggedin_user.roles %}
<a href="#" data-sidebar="true" data-trigger="sidebar" data-header="<strong>Event</strong> am {{ day.day| date(format='%d.%m.%Y') }} erstellen" data-day="{{ day.day }}" data-body="#addEventForm" class="relative inline-block w-full bg-primary-900 hover:bg-primary-950 focus:bg-primary-950 dark:bg-primary-950 text-white py-2 rounded-bl-md text-sm font-semibold"> <a href="#" data-sidebar="true" data-trigger="sidebar" data-header="<strong>Event</strong> am {{ day.day| date(format='%d.%m.%Y') }} erstellen" data-day="{{ day.day }}" data-body="#addEventForm" class="relative inline-block w-full bg-primary-900 hover:bg-primary-950 focus:bg-primary-950 dark:bg-primary-950 text-white py-2 rounded-bl-md text-sm font-semibold">
<span class="absolute inset-y-0 left-0 flex items-center pl-3"> <span class="absolute inset-y-0 left-0 flex items-center pl-3">
{% include "includes/plus-icon" %} {% include "includes/plus-icon" %}
@ -316,7 +316,7 @@
{% endif %} {% endif %}
{% if "cox" in loggedin_user.roles %} {% if "cox" in loggedin_user.roles %}
<a href="#" data-sidebar="true" data-trigger="sidebar" data-header="<strong>Ausfahrt</strong> am {{ day.day| date(format='%d.%m.%Y') }} erstellen" data-day="{{ day.day }}" data-body="#sidebarForm" class="relative inline-block w-full py-2 text-primary-900 hover:text-primary-950 dark:bg-primary-600 dark:text-white dark:hover:bg-primary-500 dark:hover:text-white focus:text-primary-950 text-sm font-semibold bg-gray-100 hover:bg-gray-200 focus:bg-gray-200 {% if "admin" in loggedin_user.roles %} rounded-br-md {% else %} rounded-b-md {% endif %}"> <a href="#" data-sidebar="true" data-trigger="sidebar" data-header="<strong>Ausfahrt</strong> am {{ day.day| date(format='%d.%m.%Y') }} erstellen" data-day="{{ day.day }}" data-body="#sidebarForm" class="relative inline-block w-full py-2 text-primary-900 hover:text-primary-950 dark:bg-primary-600 dark:text-white dark:hover:bg-primary-500 dark:hover:text-white focus:text-primary-950 text-sm font-semibold bg-gray-100 hover:bg-gray-200 focus:bg-gray-200 {% if "planned_event" in loggedin_user.roles %} rounded-br-md {% else %} rounded-b-md {% endif %}">
<span class="absolute inset-y-0 left-0 flex items-center pl-3"> <span class="absolute inset-y-0 left-0 flex items-center pl-3">
{% include "includes/plus-icon" %} {% include "includes/plus-icon" %}
</span> </span>
@ -335,6 +335,6 @@
{% include "forms/trip" %} {% include "forms/trip" %}
{% endif %} {% endif %}
{% if "admin" in loggedin_user.roles %} {% if "planned_event" in loggedin_user.roles %}
{% include "forms/event" %} {% include "forms/event" %}
{% endif %}{% endblock content %} {% endif %}{% endblock content %}