forked from Ruderverein-Donau-Linz/rowt
push
This commit is contained in:
parent
c79a342ce8
commit
48c9a481cc
4
db.txt
Normal file
4
db.txt
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
CREATE TABLE IF NOT EXISTS "day" ( "day" text NOT NULL PRIMARY KEY, "planned_amount_cox" integer NOT NULL DEFAULT 0, "planned_starting_time" text, "open_registration" boolean NOT NULL DEFAULT TRUE );
|
||||||
|
CREATE TABLE IF NOT EXISTS "user" ( "id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "name" text NOT NULL UNIQUE, "pw" text, "is_cox" boolean NOT NULL DEFAULT FALSE, "is_admin" boolean NOT NULL DEFAULT FALSE );
|
||||||
|
CREATE TABLE IF NOT EXISTS "trip" ( "id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "day" text NOT NULL, "user_id" integer NOT NULL, "cox_id" integer, "begin" text, "created" text NOT NULL DEFAULT CURRENT_TIMESTAMP, FOREIGN KEY ("day") REFERENCES "day" ("day"), FOREIGN KEY ("user_id") REFERENCES "user" ("id"), FOREIGN KEY ("cox_id") REFERENCES "trip" ("id") );
|
||||||
|
create unique index UNIQ_trip on trip("day", "user_id", IFNULL(cox_id, ''), IFNULL(begin,''));
|
@ -6,9 +6,9 @@ use serde::{Deserialize, Serialize};
|
|||||||
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
|
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
|
||||||
#[sea_orm(table_name = "trip")]
|
#[sea_orm(table_name = "trip")]
|
||||||
pub struct Model {
|
pub struct Model {
|
||||||
#[sea_orm(primary_key, auto_increment = false)]
|
#[sea_orm(primary_key)]
|
||||||
|
pub id: i32,
|
||||||
pub day: String,
|
pub day: String,
|
||||||
#[sea_orm(primary_key, auto_increment = false)]
|
|
||||||
pub user_id: i32,
|
pub user_id: i32,
|
||||||
pub cox_id: Option<i32>,
|
pub cox_id: Option<i32>,
|
||||||
pub begin: Option<String>,
|
pub begin: Option<String>,
|
||||||
|
@ -67,10 +67,7 @@ async fn register(
|
|||||||
|
|
||||||
#[derive(FromForm)]
|
#[derive(FromForm)]
|
||||||
struct DeleteForm {
|
struct DeleteForm {
|
||||||
day: NaiveDateForm,
|
id: i32,
|
||||||
user: i32,
|
|
||||||
cox_id: Option<i32>,
|
|
||||||
begin: Option<String>,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[delete("/", data = "<delete>")]
|
#[delete("/", data = "<delete>")]
|
||||||
@ -79,40 +76,31 @@ async fn delete(
|
|||||||
delete: Form<DeleteForm>,
|
delete: Form<DeleteForm>,
|
||||||
user: user::Model,
|
user: user::Model,
|
||||||
) -> Flash<Redirect> {
|
) -> Flash<Redirect> {
|
||||||
let day = day::Entity::find_by_id(*delete.day)
|
let trip = trip::Entity::find_by_id(delete.id)
|
||||||
.one(db.inner())
|
|
||||||
.await
|
|
||||||
.unwrap()
|
|
||||||
.expect("There's no trip on this date (yet)");
|
|
||||||
|
|
||||||
if delete.user != user.id {
|
|
||||||
log::error!("{} tried to delete a registration from user_id {} on day {:?} (probably hand-crafted request)", user.name, delete.user, delete.day);
|
|
||||||
return Flash::error(
|
|
||||||
Redirect::to("/"),
|
|
||||||
"Du kannst nur deine eigenen Anmeldungen löschen!",
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
let trip = trip::Entity::find()
|
|
||||||
.filter(trip::Column::Day.eq(format!("{}", day.day.format("%Y-%m-%d"))))
|
|
||||||
.filter(trip::Column::UserId.eq(user.id))
|
|
||||||
.filter(trip::Column::CoxId.eq(delete.cox_id))
|
|
||||||
.filter(trip::Column::Begin.eq(delete.begin.clone()))
|
|
||||||
.one(db.inner())
|
.one(db.inner())
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
|
|
||||||
match trip {
|
match trip {
|
||||||
None => {
|
None => {
|
||||||
log::error!("Tried to register w/o being authenticated (prob. hand crafted request (user.name = {})", user.name);
|
log::error!("Tried to delete registration of non-existing trip (prob. hand crafted request (user.name = {})", user.name);
|
||||||
return Flash::error(Redirect::to("/"), "Du bist gar nicht angemeldet!");
|
return Flash::error(Redirect::to("/"), "Du bist gar nicht angemeldet!");
|
||||||
}
|
}
|
||||||
Some(trip) => {
|
Some(trip) => {
|
||||||
|
if trip.user_id != user.id {
|
||||||
|
log::error!(
|
||||||
|
"{} tried to delete a registration from user_id {} (probably hand-crafted request)",
|
||||||
|
user.name,
|
||||||
|
delete.id
|
||||||
|
);
|
||||||
|
return Flash::error(
|
||||||
|
Redirect::to("/"),
|
||||||
|
"Du kannst nur deine eigenen Anmeldungen löschen!",
|
||||||
|
);
|
||||||
|
}
|
||||||
log::info!("User {} deleted the registration for {:?}", user.name, trip);
|
log::info!("User {} deleted the registration for {:?}", user.name, trip);
|
||||||
trip::Entity::delete(trip::ActiveModel {
|
trip::Entity::delete(trip::ActiveModel {
|
||||||
day: Set(trip.day),
|
id: Set(trip.id),
|
||||||
user_id: Set(trip.user_id),
|
|
||||||
//cox_id: Set(delete.cox_id),
|
|
||||||
begin: Set(delete.begin.clone()),
|
|
||||||
..Default::default()
|
..Default::default()
|
||||||
})
|
})
|
||||||
.exec(db.inner())
|
.exec(db.inner())
|
||||||
|
@ -84,10 +84,7 @@
|
|||||||
<div style="max-width: 75%">{{ default_trips | length }} angemeldete Person{{ default_trips | length | pluralize(plural="en") }}: {{ cox | length }} Steuerperson{{ cox | length | pluralize(plural="en") }} ({% for c in cox %}{{ c.user.name }} {% if c.user.name == user.name %}
|
<div style="max-width: 75%">{{ default_trips | length }} angemeldete Person{{ default_trips | length | pluralize(plural="en") }}: {{ cox | length }} Steuerperson{{ cox | length | pluralize(plural="en") }} ({% for c in cox %}{{ c.user.name }} {% if c.user.name == user.name %}
|
||||||
<form method="post" action="/register">
|
<form method="post" action="/register">
|
||||||
<input type="hidden" name="_method" value="delete" />
|
<input type="hidden" name="_method" value="delete" />
|
||||||
<input type="hidden" name="day" value="{{ day.day}}" />
|
<input type="hidden" name="id" value="{{ c.trip.id }}" />
|
||||||
<input type="hidden" name="user" value="{{ c.user.id}}" />
|
|
||||||
<input type="hidden" name="cox_id" value="{{ c.trip.cox_id}}" />
|
|
||||||
<input type="hidden" name="begin" value="{{ c.trip.begin}}" />
|
|
||||||
<input type="submit" value="Abmelden" style="float: left;" />
|
<input type="submit" value="Abmelden" style="float: left;" />
|
||||||
</form>
|
</form>
|
||||||
{% endif %} {% endfor %}), {{ rowers | length }} Ruderer:</div>
|
{% endif %} {% endfor %}), {{ rowers | length }} Ruderer:</div>
|
||||||
@ -99,11 +96,7 @@
|
|||||||
{% if r.user.name == user.name %}
|
{% if r.user.name == user.name %}
|
||||||
<form method="post" action="/register">
|
<form method="post" action="/register">
|
||||||
<input type="hidden" name="_method" value="delete" />
|
<input type="hidden" name="_method" value="delete" />
|
||||||
<input type="hidden" name="day" value="{{ day.day}}" />
|
<input type="hidden" name="id" value="{{ r.trip.id }}" />
|
||||||
<input type="hidden" name="user" value="{{ r.user.id}}" />
|
|
||||||
<input type="hidden" name="cox_id" value="{{ r.trip.cox_id}}" />
|
|
||||||
<input type="hidden" name="begin" value="{{ r.trip.begin}}" />
|
|
||||||
|
|
||||||
<input type="submit" value="Abmelden" />
|
<input type="submit" value="Abmelden" />
|
||||||
|
|
||||||
</form>
|
</form>
|
||||||
@ -136,14 +129,11 @@
|
|||||||
{% for trip in indep_trips %}
|
{% for trip in indep_trips %}
|
||||||
{% if trip.trip.begin %}
|
{% if trip.trip.begin %}
|
||||||
{{trip.user.name}} @ {{trip.trip.begin}}
|
{{trip.user.name}} @ {{trip.trip.begin}}
|
||||||
{% set rowers = indep_trips | filter(attribute="trip.cox_id", value=trip.user.id) %}
|
{% set rowers = indep_trips | filter(attribute="trip.cox_id", value=trip.trip.id) %}
|
||||||
{% if trip.user.name == user.name and rowers | length == 0 %}
|
{% if trip.user.name == user.name and rowers | length == 0 %}
|
||||||
<form method="post" action="/register">
|
<form method="post" action="/register">
|
||||||
<input type="hidden" name="_method" value="delete" />
|
<input type="hidden" name="_method" value="delete" />
|
||||||
<input type="hidden" name="day" value="{{ day.day}}" />
|
<input type="hidden" name="id" value="{{ trip.trip.id }}" />
|
||||||
<input type="hidden" name="user" value="{{ trip.user.id}}" />
|
|
||||||
<input type="hidden" name="cox_id" value="{{ trip.trip.cox_id}}" />
|
|
||||||
<input type="hidden" name="begin" value="{{ trip.trip.begin}}" />
|
|
||||||
<input type="submit" value="Abmelden" style="float: left;" />
|
<input type="submit" value="Abmelden" style="float: left;" />
|
||||||
</form>
|
</form>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
@ -155,11 +145,7 @@
|
|||||||
{% if r.user.name == user.name %}
|
{% if r.user.name == user.name %}
|
||||||
<form method="post" action="/register">
|
<form method="post" action="/register">
|
||||||
<input type="hidden" name="_method" value="delete" />
|
<input type="hidden" name="_method" value="delete" />
|
||||||
<input type="hidden" name="day" value="{{ day.day}}" />
|
<input type="hidden" name="id" value="{{ r.trip.id }}" />
|
||||||
<input type="hidden" name="user" value="{{ r.user.id}}" />
|
|
||||||
<input type="hidden" name="cox_id" value="{{ trip.cox_id}}" />
|
|
||||||
<input type="hidden" name="begin" value="{{ trip.begin}}" />
|
|
||||||
|
|
||||||
<input type="submit" value="Abmelden" />
|
<input type="submit" value="Abmelden" />
|
||||||
|
|
||||||
</form>
|
</form>
|
||||||
@ -172,7 +158,7 @@
|
|||||||
<form method="post" class="text-left" action="/register">
|
<form method="post" class="text-left" action="/register">
|
||||||
<input type="hidden" name="_method" value="put" />
|
<input type="hidden" name="_method" value="put" />
|
||||||
<input type="hidden" name="day" value="{{ day_string }}" />
|
<input type="hidden" name="day" value="{{ day_string }}" />
|
||||||
<input type="hidden" name="cox_id" value="{{ trip.user.id }}" />
|
<input type="hidden" name="cox_id" value="{{ trip.trip.id }}" />
|
||||||
<div class="row content-align-bottom">
|
<div class="row content-align-bottom">
|
||||||
<div class="six columns">
|
<div class="six columns">
|
||||||
<label for="name">Name</label>
|
<label for="name">Name</label>
|
||||||
|
Loading…
x
Reference in New Issue
Block a user