forked from Ruderverein-Donau-Linz/rowt
allow admins to delete logbook entries
This commit is contained in:
2
fd
2
fd
@@ -1,5 +1,5 @@
|
||||
#!/bin/bash
|
||||
|
||||
scp read@128.140.64.118:/home/rowing/db.sqlite db.sqlite
|
||||
scp root@128.140.64.118:/home/rowing/db.sqlite db.sqlite
|
||||
#sqlite3 db.sqlite < seeds.sql
|
||||
|
||||
|
||||
@@ -699,46 +699,57 @@ ORDER BY departure DESC
|
||||
pub async fn delete(&self, db: &SqlitePool, user: &User) -> Result<(), LogbookDeleteError> {
|
||||
Log::create(db, format!("{} deleted trip: {self:?}", user.name)).await;
|
||||
|
||||
if user.has_role(db, "admin").await
|
||||
|| user.has_role(db, "Vorstand").await
|
||||
|| user.id == self.shipmaster
|
||||
{
|
||||
let now = Local::now().naive_local();
|
||||
let difference = now - self.departure;
|
||||
if difference > Duration::hours(1) {
|
||||
let vorstand = Role::find_by_name(db, "Vorstand").await.unwrap();
|
||||
let logbook = LogbookWithBoatAndRowers::from(db, self.clone()).await;
|
||||
let mut msg = format!("{} hat folgenden Logbuch-Eintrag jetzt gelöscht, welcher bereits vor über einer Stunde begonnen wurde: Schiffsführer: {}, Steuerperson: {}, Abfahrt: {}", user.name, logbook.steering_user.name, logbook.steering_user.name, logbook.logbook.departure.format("%Y-%m-%d %H:%M"));
|
||||
if let Some(destination) = logbook.logbook.destination {
|
||||
msg.push_str(&format!(", Ziel: {}", destination));
|
||||
} else {
|
||||
msg.push_str(", kein Ziel eingegeben");
|
||||
}
|
||||
msg.push_str(", Ruderer: ");
|
||||
let mut it = logbook.rowers.clone().into_iter().peekable();
|
||||
while let Some(rower) = it.next() {
|
||||
msg.push_str(&rower.name);
|
||||
if it.peek().is_some() {
|
||||
msg.push_str(" + ");
|
||||
if self.arrival.is_none() {
|
||||
if user.has_role(db, "admin").await
|
||||
|| user.has_role(db, "Vorstand").await
|
||||
|| user.id == self.shipmaster
|
||||
{
|
||||
let now = Local::now().naive_local();
|
||||
let difference = now - self.departure;
|
||||
if difference > Duration::hours(1) {
|
||||
let vorstand = Role::find_by_name(db, "Vorstand").await.unwrap();
|
||||
let logbook = LogbookWithBoatAndRowers::from(db, self.clone()).await;
|
||||
let mut msg = format!("{} hat folgenden Logbuch-Eintrag jetzt gelöscht, welcher bereits vor über einer Stunde begonnen wurde: Schiffsführer: {}, Steuerperson: {}, Abfahrt: {}", user.name, logbook.steering_user.name, logbook.steering_user.name, logbook.logbook.departure.format("%Y-%m-%d %H:%M"));
|
||||
if let Some(destination) = logbook.logbook.destination {
|
||||
msg.push_str(&format!(", Ziel: {}", destination));
|
||||
} else {
|
||||
msg.push_str(", kein Ziel eingegeben");
|
||||
}
|
||||
msg.push_str(", Ruderer: ");
|
||||
let mut it = logbook.rowers.clone().into_iter().peekable();
|
||||
while let Some(rower) = it.next() {
|
||||
msg.push_str(&rower.name);
|
||||
if it.peek().is_some() {
|
||||
msg.push_str(" + ");
|
||||
}
|
||||
}
|
||||
|
||||
Notification::create_for_role(
|
||||
db,
|
||||
&vorstand,
|
||||
&msg,
|
||||
"Ungewöhnliches Verhalten",
|
||||
None,
|
||||
None,
|
||||
)
|
||||
.await;
|
||||
}
|
||||
|
||||
Notification::create_for_role(
|
||||
db,
|
||||
&vorstand,
|
||||
&msg,
|
||||
"Ungewöhnliches Verhalten",
|
||||
None,
|
||||
None,
|
||||
)
|
||||
.await;
|
||||
sqlx::query!("DELETE FROM logbook WHERE id=?", self.id)
|
||||
.execute(db)
|
||||
.await
|
||||
.unwrap(); //Okay, because we can only create a Logbook of a valid id
|
||||
return Ok(());
|
||||
}
|
||||
} else {
|
||||
// Only admins can delete completed logbook entries
|
||||
if user.has_role(db, "admin").await {
|
||||
sqlx::query!("DELETE FROM logbook WHERE id=?", self.id)
|
||||
.execute(db)
|
||||
.await
|
||||
.unwrap(); //Okay, because we can only create a Logbook of a valid id
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
sqlx::query!("DELETE FROM logbook WHERE id=?", self.id)
|
||||
.execute(db)
|
||||
.await
|
||||
.unwrap(); //Okay, because we can only create a Logbook of a valid id
|
||||
return Ok(());
|
||||
}
|
||||
Err(LogbookDeleteError::NotYourEntry)
|
||||
}
|
||||
|
||||
@@ -400,6 +400,11 @@ async fn home(
|
||||
async fn delete(db: &State<SqlitePool>, logbook_id: i64, user: DonauLinzUser) -> Flash<Redirect> {
|
||||
let logbook = Logbook::find_by_id(db, logbook_id).await;
|
||||
if let Some(logbook) = logbook {
|
||||
let redirect = if logbook.arrival.is_some() {
|
||||
"/log/show"
|
||||
} else {
|
||||
"/log"
|
||||
};
|
||||
Log::create(
|
||||
db,
|
||||
format!("User {} tries to delete log entry {logbook_id}", &user.name),
|
||||
@@ -407,11 +412,11 @@ async fn delete(db: &State<SqlitePool>, logbook_id: i64, user: DonauLinzUser) ->
|
||||
.await;
|
||||
match logbook.delete(db, &user).await {
|
||||
Ok(_) => Flash::success(
|
||||
Redirect::to("/log"),
|
||||
format!("Eintrag {} gelöscht!", logbook_id),
|
||||
Redirect::to(redirect),
|
||||
format!("Eintrag {} von {} gelöscht!", logbook_id, user.name),
|
||||
),
|
||||
Err(LogbookDeleteError::NotYourEntry) => Flash::error(
|
||||
Redirect::to("/log"),
|
||||
Redirect::to(redirect),
|
||||
"Du hast nicht die Berechtigung, den Eintrag zu löschen!",
|
||||
),
|
||||
}
|
||||
|
||||
@@ -262,6 +262,12 @@
|
||||
<input type="hidden" name="logtype" value="{{ log.logtype }}" />
|
||||
<input type="submit" value="Updaten" />
|
||||
</form>
|
||||
<a href="/log/{{ log.id }}/delete"
|
||||
class="w-28 btn btn-alert"
|
||||
onclick="return confirm('Willst du diesen Logbucheintrag wirklich löschen?');">
|
||||
{% include "includes/delete-icon" %}
|
||||
Löschen
|
||||
</a>
|
||||
{% endif %}
|
||||
</details>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user