chris
/
jean-marie
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added logged in user roles to API

This commit is contained in:
Chris Jean-Marie 2024-10-29 19:29:22 +00:00
parent 518e986632
commit e723f6a053
6 changed files with 99 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
backend/src/main.rs
View File

@ -54,7 +54,7 @@ async fn main() {
.route("/useradmin", get(useradmin))
.route("/users/:user_id", get(user_profile))
.route("/roles/:user_id/:role_id/add", get(add_user_role))
.route("/roles/:user_role_id/delete", get(delete_user_role))
.route("/roles/:user_id/:user_role_id/delete", get(delete_user_role))
.route("/wishlists", get(wishlists))
.route("/userwishlist/:user_id", get(user_wishlist))
.route("/userwishlist/add/:user_id", get(user_wishlist_add).post(user_wishlist_add_item))

74
backend/src/routes.rs
View File

@ -19,6 +19,7 @@ struct ProfileTemplate {
logged_in: bool,
name: String,
user: UserData,
user_roles: Vec<crate::user::UserRolesDisplay>,
}
#[derive(Template)]
@ -26,9 +27,10 @@ struct ProfileTemplate {
struct UserProfileTemplate {
logged_in: bool,
name: String,
user: UserData,
user_roles: Vec<crate::user::UserRolesDisplay>,
non_user_roles: Vec<crate::user::UserRolesDisplay>,
profile: UserData,
profile_roles: Vec<crate::user::UserRolesDisplay>,
non_profile_roles: Vec<crate::user::UserRolesDisplay>,
}
struct HtmlTemplate<T>(T);
@ -61,15 +63,15 @@ struct IndexTemplate {
struct DashboardTemplate {
logged_in: bool,
name: String,
user_roles: Vec<crate::user::UserRolesDisplay>,
}
pub async fn index(
State(db_pool): State<SqlitePool>,
Extension(user_data): Extension<Option<UserData>>,
) -> impl IntoResponse {
let user_name = user_data.as_ref().map(|s| s.name.clone());
let logged_in = user_name.is_some();
let name = user_name.unwrap_or_default();
let name = user_data.as_ref().map(|s| s.name.clone()).unwrap_or_default();
let logged_in = user_data.is_some();
if is_authorized("/dashboard", user_data, db_pool).await {
Redirect::to("/dashboard").into_response()
@ -83,12 +85,15 @@ pub async fn dashboard(
State(db_pool): State<SqlitePool>,
Extension(user_data): Extension<Option<UserData>>,
) -> impl IntoResponse {
let user_name = user_data.as_ref().map(|s| s.name.clone());
let logged_in = user_name.is_some();
let name = user_name.unwrap_or_default();
let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
let name = user_data.as_ref().map(|s| s.name.clone()).unwrap_or_default();
let logged_in = user_data.is_some();
if is_authorized("/dashboard", user_data, db_pool).await {
let template = DashboardTemplate { logged_in, name };
if is_authorized("/dashboard", user_data, db_pool.clone()).await {
// Get user roles
let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
let template = DashboardTemplate { logged_in, name, user_roles };
HtmlTemplate(template).into_response()
} else {
Redirect::to("/").into_response()
@ -101,20 +106,24 @@ pub async fn profile(
Extension(user_data): Extension<Option<UserData>>,
) -> impl IntoResponse {
// Extract the user's name from the user data.
let user_name = user_data.as_ref().map(|s| s.name.clone());
let logged_in = user_name.is_some();
let name = user_name.unwrap_or_default();
let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
let name = user_data.as_ref().map(|s| s.name.clone()).unwrap_or_default();
let logged_in = user_data.is_some();
if logged_in {
// Extract the user data.
let user = user_data.as_ref().unwrap().clone();
if is_authorized("/profile", user_data, db_pool).await {
// Create the profile template.
if is_authorized("/profile", user_data, db_pool.clone()).await {
// Get user roles
let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
// Create the profile template.
let template = ProfileTemplate {
logged_in,
name,
user: user.clone(),
user_roles,
};
return HtmlTemplate(template).into_response();
} else {
@ -131,9 +140,9 @@ pub async fn user_profile(
Extension(user_data): Extension<Option<UserData>>,
) -> impl IntoResponse {
// Extract the user's name from the user data.
let user_name = user_data.as_ref().map(|s| s.name.clone());
let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
let name = user_data.as_ref().map(|s| s.name.clone()).unwrap_or_default();
let logged_in = user_data.is_some();
let name = user_name.unwrap_or_default();
// Extract the user data.
let user = sqlx::query_as!(UserData, "SELECT * FROM users WHERE id = ?", user_id)
@ -142,19 +151,23 @@ pub async fn user_profile(
.unwrap();
if is_authorized("/users", user_data, db_pool.clone()).await {
// Get logged in user roles
let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
// Get user roles
let user_roles = get_user_roles_display(user_id, &db_pool.clone()).await;
let profile_roles = get_user_roles_display(user_id, &db_pool.clone()).await;
// Get roles user does not have
let non_user_roles = get_other_roles_display(user_id, &db_pool.clone()).await;
let non_profile_roles = get_other_roles_display(user_id, &db_pool.clone()).await;
// Create the profile template.
let template = UserProfileTemplate {
logged_in,
name,
user: user,
user_roles,
non_user_roles,
profile: user,
profile_roles,
non_profile_roles,
};
return HtmlTemplate(template).into_response();
} else {
@ -168,6 +181,7 @@ struct UserAdminTemplate {
logged_in: bool,
name: String,
users: Vec<UserData>,
user_roles: Vec<crate::user::UserRolesDisplay>,
}
pub async fn useradmin(
@ -183,11 +197,17 @@ pub async fn useradmin(
.await
.unwrap();
if is_authorized("/useradmin", user_data, db_pool).await {
let user_id = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
if is_authorized("/useradmin", user_data, db_pool.clone()).await {
// Get user roles
let user_roles = get_user_roles_display(user_id, &db_pool.clone()).await;
let template = UserAdminTemplate {
logged_in,
name,
users,
user_roles,
};
HtmlTemplate(template).into_response()
} else {
@ -232,6 +252,7 @@ pub async fn contact(Extension(user_data): Extension<Option<UserData>>) -> impl
struct CottageCalendarTemplate {
logged_in: bool,
name: String,
user_roles: Vec<crate::user::UserRolesDisplay>,
}
pub async fn cottagecalendar(
@ -242,8 +263,13 @@ pub async fn cottagecalendar(
let logged_in = user_name.is_some();
let name = user_name.unwrap_or_default();
if is_authorized("/cottagecalendar", user_data, db_pool).await {
let template = CottageCalendarTemplate { logged_in, name };
let user_id = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
if is_authorized("/cottagecalendar", user_data, db_pool.clone()).await {
// Get user roles
let user_roles = get_user_roles_display(user_id, &db_pool.clone()).await;
let template = CottageCalendarTemplate { logged_in, name, user_roles };
HtmlTemplate(template).into_response()
} else {
Redirect::to("/").into_response()

12
backend/src/user.rs
View File

@ -74,7 +74,7 @@ pub struct UserWishlistItem {
pub received_at: i64,
}
/*
/*
pub async fn get_user_roles(user_id: i64, db_pool: &SqlitePool) -> Vec<UserRoles> {
// Get user roles
let user_roles = sqlx::query_as(
@ -142,7 +142,7 @@ pub async fn add_user_role(
}
pub async fn delete_user_role(
Path(user_role_id): Path<i64>,
Path((user_id, user_role_id)): Path<(i64, i64)>,
State(db_pool): State<SqlitePool>,
Extension(user_data): Extension<Option<UserData>>,
) -> impl IntoResponse {
@ -152,8 +152,12 @@ pub async fn delete_user_role(
.execute(&db_pool)
.await
.unwrap();
let redirect_url = format!("/users/{user_id}");
Redirect::to(&redirect_url).into_response()
} else {
Redirect::to("/").into_response()
}
Redirect::to("/").into_response()
}
pub async fn get_user_wishlist_items(user_id: i64, db_pool: &SqlitePool) -> Vec<UserWishlistItem> {
@ -167,4 +171,4 @@ pub async fn get_user_wishlist_items(user_id: i64, db_pool: &SqlitePool) -> Vec<
.unwrap();
user_wishlist_items
}
}

37
backend/src/wishlist.rs
View File

@ -6,7 +6,7 @@ use http::StatusCode;
use serde::Deserialize;
use sqlx::{SqlitePool, Row};
use crate::{middlewares::is_authorized, user::{get_user_wishlist_items, UserData, UserWishlistItem}};
use crate::{middlewares::is_authorized, user::{get_user_roles_display, get_user_wishlist_items, UserData, UserWishlistItem}};
struct HtmlTemplate<T>(T);
@ -31,6 +31,7 @@ where
struct WishListsTemplate {
logged_in: bool,
name: String,
user_roles: Vec<crate::user::UserRolesDisplay>,
users: Vec<UserData>,
}
@ -47,11 +48,17 @@ pub async fn wishlists(
.await
.unwrap();
if is_authorized("/userwishlists", user_data, db_pool).await {
let template = WishListsTemplate {
logged_in,
name,
users,
let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
if is_authorized("/userwishlists", user_data, db_pool.clone()).await {
// Get user roles
let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
let template = WishListsTemplate {
logged_in,
name,
users,
user_roles,
};
HtmlTemplate(template).into_response()
} else {
@ -66,6 +73,7 @@ struct UserWishListTemplate {
name: String,
my_wishlist: bool,
user: UserData,
user_roles: Vec<crate::user::UserRolesDisplay>,
user_wishlist_items: Vec<crate::user::UserWishlistItem>,
}
@ -89,8 +97,11 @@ pub async fn user_wishlist(
.await
.unwrap();
if is_authorized("/wishlist", user_data, db_pool.clone()).await {
// Get user wishlist
if is_authorized("/wishlist", user_data, db_pool.clone()).await {
// Get user roles
let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
// Get user wishlist
let user_wishlist_items = get_user_wishlist_items(user_id, &db_pool.clone()).await;
// Is viewed and viewing user the same (my wishlist)?
@ -102,6 +113,7 @@ pub async fn user_wishlist(
name,
my_wishlist,
user: user,
user_roles,
user_wishlist_items,
};
return HtmlTemplate(template).into_response();
@ -116,6 +128,7 @@ struct UserWishListAddTemplate {
logged_in: bool,
name: String,
user: UserData,
user_roles: Vec<crate::user::UserRolesDisplay>,
user_wishlist_items: Vec<crate::user::UserWishlistItem>,
}
@ -135,8 +148,13 @@ pub async fn user_wishlist_add(
.await
.unwrap();
let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
if is_authorized("/wishlist", user_data, db_pool.clone()).await {
// Get user roles
// Get user roles
let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
// Get user wishlist items
let user_wishlist_items = get_user_wishlist_items(user_id, &db_pool.clone()).await;
// Create the wishlist template.
@ -144,6 +162,7 @@ pub async fn user_wishlist_add(
logged_in,
name,
user: user,
user_roles,
user_wishlist_items,
};
return HtmlTemplate(template).into_response();

6
backend/templates/authorized.html
View File

@ -7,10 +7,14 @@
<h2>Menu</h2>
<ul>
<li><a href="/dashboard">Web links</a></li>
<li><a href="/useradmin">User Administration</a></li>
<li><a href="/cottagecalendar">Cottage Calendar</a></li>
<li><a href="/wishlists">Wish lists</a></li>
</ul>
{% for user_role in user_roles %}
{% if user_role.role_name == "admin" %}
<li><a href="/useradmin">User Administration</a></li>
{% endif %}
{% endfor %}
</div>
<div class="col-8">
{% block center %}{% endblock center %}

14
backend/templates/user.html
View File

@ -2,10 +2,10 @@
{% block title %}User Profile{% endblock %}
{% block center %}
<h1>User Profile</h1>
Full name: {{ user.name }}<br/>
Given name: {{ user.given_name }}<br/>
Family name: {{ user.family_name }}<br/>
Your email address: {{ user.email }}<br/>
Full name: {{ profile.name }}<br/>
Given name: {{ profile.given_name }}<br/>
Family name: {{ profile.family_name }}<br/>
Your email address: {{ profile.email }}<br/>
<br/>
<h2>User Roles</h2>
<button type="button" class="btn btn-primary">Edit</button>
@ -18,13 +18,13 @@ Your email address: {{ user.email }}<br/>
</tr>
</thead>
<tbody>
{% for user_role in user_roles %}
{% for user_role in profile_roles %}
<tr>
<td><a href="/roles/{{ user_role.role_id }}">{{ user_role.role_name }}</a></td>
<td><a href="/roles/{{ user_role.id }}/delete">Delete</a></td>
<td><a href="/roles/{{ user_role.user_id }}/{{ user_role.id }}/delete">Delete</a></td>
</tr>
{% endfor %}
{% for non_user_role in non_user_roles %}
{% for non_user_role in non_profile_roles %}
<tr>
<td><a href="/roles/{{ non_user_role.role_id }}">{{ non_user_role.role_name }}</a></td>
<td><a href="/roles/{{ non_user_role.user_id }}/{{ non_user_role.role_id }}/add">Add</a></td>