forked from Ruderverein-Donau-Linz/rowt
Merge pull request 'allow-admin-to-delete-logbook-entries' (#665) from allow-admin-to-delete-logbook-entries into staging
Reviewed-on: Ruderverein-Donau-Linz/rowt#665
This commit is contained in:
commit
0bf7094770
2
fd
2
fd
@ -1,5 +1,5 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
scp read@128.140.64.118:/home/rowing/db.sqlite db.sqlite
|
scp root@128.140.64.118:/home/rowing/db.sqlite db.sqlite
|
||||||
#sqlite3 db.sqlite < seeds.sql
|
#sqlite3 db.sqlite < seeds.sql
|
||||||
|
|
||||||
|
@ -699,6 +699,7 @@ ORDER BY departure DESC
|
|||||||
pub async fn delete(&self, db: &SqlitePool, user: &User) -> Result<(), LogbookDeleteError> {
|
pub async fn delete(&self, db: &SqlitePool, user: &User) -> Result<(), LogbookDeleteError> {
|
||||||
Log::create(db, format!("{} deleted trip: {self:?}", user.name)).await;
|
Log::create(db, format!("{} deleted trip: {self:?}", user.name)).await;
|
||||||
|
|
||||||
|
if self.arrival.is_none() {
|
||||||
if user.has_role(db, "admin").await
|
if user.has_role(db, "admin").await
|
||||||
|| user.has_role(db, "Vorstand").await
|
|| user.has_role(db, "Vorstand").await
|
||||||
|| user.id == self.shipmaster
|
|| user.id == self.shipmaster
|
||||||
@ -740,6 +741,16 @@ ORDER BY departure DESC
|
|||||||
.unwrap(); //Okay, because we can only create a Logbook of a valid id
|
.unwrap(); //Okay, because we can only create a Logbook of a valid id
|
||||||
return Ok(());
|
return Ok(());
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
// Only admins can delete completed logbook entries
|
||||||
|
if user.has_role(db, "admin").await {
|
||||||
|
sqlx::query!("DELETE FROM logbook WHERE id=?", self.id)
|
||||||
|
.execute(db)
|
||||||
|
.await
|
||||||
|
.unwrap(); //Okay, because we can only create a Logbook of a valid id
|
||||||
|
return Ok(());
|
||||||
|
}
|
||||||
|
}
|
||||||
Err(LogbookDeleteError::NotYourEntry)
|
Err(LogbookDeleteError::NotYourEntry)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -400,6 +400,11 @@ async fn home(
|
|||||||
async fn delete(db: &State<SqlitePool>, logbook_id: i64, user: DonauLinzUser) -> Flash<Redirect> {
|
async fn delete(db: &State<SqlitePool>, logbook_id: i64, user: DonauLinzUser) -> Flash<Redirect> {
|
||||||
let logbook = Logbook::find_by_id(db, logbook_id).await;
|
let logbook = Logbook::find_by_id(db, logbook_id).await;
|
||||||
if let Some(logbook) = logbook {
|
if let Some(logbook) = logbook {
|
||||||
|
let redirect = if logbook.arrival.is_some() {
|
||||||
|
"/log/show"
|
||||||
|
} else {
|
||||||
|
"/log"
|
||||||
|
};
|
||||||
Log::create(
|
Log::create(
|
||||||
db,
|
db,
|
||||||
format!("User {} tries to delete log entry {logbook_id}", &user.name),
|
format!("User {} tries to delete log entry {logbook_id}", &user.name),
|
||||||
@ -407,11 +412,11 @@ async fn delete(db: &State<SqlitePool>, logbook_id: i64, user: DonauLinzUser) ->
|
|||||||
.await;
|
.await;
|
||||||
match logbook.delete(db, &user).await {
|
match logbook.delete(db, &user).await {
|
||||||
Ok(_) => Flash::success(
|
Ok(_) => Flash::success(
|
||||||
Redirect::to("/log"),
|
Redirect::to(redirect),
|
||||||
format!("Eintrag {} gelöscht!", logbook_id),
|
format!("Eintrag {} von {} gelöscht!", logbook_id, user.name),
|
||||||
),
|
),
|
||||||
Err(LogbookDeleteError::NotYourEntry) => Flash::error(
|
Err(LogbookDeleteError::NotYourEntry) => Flash::error(
|
||||||
Redirect::to("/log"),
|
Redirect::to(redirect),
|
||||||
"Du hast nicht die Berechtigung, den Eintrag zu löschen!",
|
"Du hast nicht die Berechtigung, den Eintrag zu löschen!",
|
||||||
),
|
),
|
||||||
}
|
}
|
||||||
|
@ -262,6 +262,12 @@
|
|||||||
<input type="hidden" name="logtype" value="{{ log.logtype }}" />
|
<input type="hidden" name="logtype" value="{{ log.logtype }}" />
|
||||||
<input type="submit" value="Updaten" />
|
<input type="submit" value="Updaten" />
|
||||||
</form>
|
</form>
|
||||||
|
<a href="/log/{{ log.id }}/delete"
|
||||||
|
class="w-28 btn btn-alert"
|
||||||
|
onclick="return confirm('Willst du diesen Logbucheintrag wirklich löschen?');">
|
||||||
|
{% include "includes/delete-icon" %}
|
||||||
|
Löschen
|
||||||
|
</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</details>
|
</details>
|
||||||
</div>
|
</div>
|
||||||
|
Loading…
x
Reference in New Issue
Block a user