philipp/hacky-ruadat
1
0
Fork 0
forked from Ruderverein-Donau-Linz/rowt
Code Issues Pull Requests Actions Activity

Merge branch 'delete-user' into 'main'

Browse Source 
allow 'deletion' of user

See merge request PhilippHofer/rot!2
This commit is contained in:
PhilippHofer
2023-04-28 17:39:09 +00:00
parent 071f88c9a7 055c330a3e
commit ce8ea22190
5 changed files with 36 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -7,7 +7,6 @@
- Wanderfahrt: ⛱
# Notes / Bugfixes
- [] delete flag user administration
- [] max_people = 0 -> Rot hervorheben, dass Ausfahrt abgesagt wurde?
- [] my trips for cox
- [] add `trip_type` (id, name, desc, question, icon) with a FK to `trip_details`

3
migration.sql
View File

@@ -4,7 +4,8 @@ CREATE TABLE IF NOT EXISTS "user" (
"pw" text,
"is_cox" boolean NOT NULL DEFAULT FALSE,
"is_admin" boolean NOT NULL DEFAULT FALSE,
"is_guest" boolean NOT NULL DEFAULT TRUE
"is_guest" boolean NOT NULL DEFAULT TRUE,
"deleted" boolean NOT NULL DEFAULT FALSE
);
CREATE TABLE IF NOT EXISTS "trip_details" (

20
src/model/user.rs
View File

@@ -18,6 +18,7 @@ pub struct User {
pub is_cox: bool,
is_admin: bool,
is_guest: bool,
deleted: bool,
}
#[derive(Debug)]
@@ -34,7 +35,7 @@ impl User {
sqlx::query_as!(
User,
"
SELECT id, name, pw, is_cox, is_admin, is_guest
SELECT id, name, pw, is_cox, is_admin, is_guest, deleted
FROM user
WHERE id like ?
",
@@ -49,7 +50,7 @@ WHERE id like ?
sqlx::query_as!(
User,
"
SELECT id, name, pw, is_cox, is_admin, is_guest
SELECT id, name, pw, is_cox, is_admin, is_guest, deleted
FROM user
WHERE name like ?
",
@@ -64,8 +65,9 @@ WHERE name like ?
sqlx::query_as!(
User,
"
SELECT id, name, pw, is_cox, is_admin, is_guest
SELECT id, name, pw, is_cox, is_admin, is_guest, deleted
FROM user
WHERE deleted = 0
ORDER BY name
"
)
@@ -103,6 +105,11 @@ ORDER BY name
return Err(LoginError::InvalidAuthenticationCombo); // Username not found
};
if user.deleted {
return Err(LoginError::InvalidAuthenticationCombo); //User existed sometime ago; has
//been deleted
}
match user.pw.clone() {
Some(user_pw) => {
let password_hash = Self::get_hashed_pw(&pw);
@@ -139,6 +146,13 @@ ORDER BY name
.unwrap()
.to_string()
}
pub async fn delete(&self, db: &SqlitePool) {
sqlx::query!("UPDATE user SET deleted=1 WHERE id=?", self.id)
.execute(db)
.await
.unwrap(); //Okay, because we can only create a User of a valid id
}
}
#[async_trait]

17
src/rest/admin/user.rs
View File

@@ -32,6 +32,21 @@ async fn resetpw(db: &State<SqlitePool>, _admin: AdminUser, user: i32) -> Flash<
}
}
#[get("/user/<user>/delete")]
async fn delete(db: &State<SqlitePool>, _admin: AdminUser, user: i32) -> Flash<Redirect> {
let user = User::find_by_id(db, user).await;
match user {
Some(user) => {
user.delete(db).await;
Flash::success(
Redirect::to("/admin/user"),
format!("Sucessfully deleted user {}", user.name),
)
}
None => Flash::error(Redirect::to("/admin/user"), "User does not exist"),
}
}
#[derive(FromForm)]
struct UserEditForm {
id: i32,
@@ -84,5 +99,5 @@ async fn create(
}
pub fn routes() -> Vec<Route> {
routes![index, resetpw, update, create]
routes![index, resetpw, update, create, delete]
}

1
templates/admin/user/index.html.tera
View File

@@ -46,6 +46,7 @@
{% if user.pw %}
<a class="inline-block mt-1 text-primary-600 hover:text-primary-900 underline" href="/admin/user/{{ user.id }}/reset-pw">Passwort zurücksetzen</a>
{% endif %}
<a class="inline-block mt-1 text-primary-600 hover:text-primary-900 underline" href="/admin/user/{{ user.id }}/delete" onclick="return confirm('Really delete user?');">User löschen</a>
</div>
<div>
<input value="Ändern" type="submit" class="w-28 rounded-md bg-primary-600 px-3 py-2 text-sm font-semibold text-white hover:bg-primary-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary-600 cursor-pointer"/>