Added logged in user roles to API

2024-10-29 19:29:22 +00:00 · 2024-10-29 19:29:22 +00:00 · e723f6a053
parent 518e986632
commit e723f6a053
6 changed files with 99 additions and 46 deletions
--- a/backend/src/main.rs
+++ b/backend/src/main.rs
@ -54,7 +54,7 @@ async fn main() {
        .route("/useradmin", get(useradmin))
        .route("/users/:user_id", get(user_profile))
        .route("/roles/:user_id/:role_id/add", get(add_user_role))
-        .route("/roles/:user_role_id/delete", get(delete_user_role))
+        .route("/roles/:user_id/:user_role_id/delete", get(delete_user_role))
        .route("/wishlists", get(wishlists))
        .route("/userwishlist/:user_id", get(user_wishlist))
        .route("/userwishlist/add/:user_id", get(user_wishlist_add).post(user_wishlist_add_item))
--- a/backend/src/routes.rs
+++ b/backend/src/routes.rs
@ -19,6 +19,7 @@ struct ProfileTemplate {
    logged_in: bool,
    name: String,
    user: UserData,
    user_roles: Vec<crate::user::UserRolesDisplay>,
 }
 #[derive(Template)]
@ -26,9 +27,10 @@ struct ProfileTemplate {
 struct UserProfileTemplate {
    logged_in: bool,
    name: String,
    user: UserData,
    user_roles: Vec<crate::user::UserRolesDisplay>,
-    non_user_roles: Vec<crate::user::UserRolesDisplay>,
+    profile: UserData,
    profile_roles: Vec<crate::user::UserRolesDisplay>,
    non_profile_roles: Vec<crate::user::UserRolesDisplay>,
 }
 struct HtmlTemplate<T>(T);
@ -61,15 +63,15 @@ struct IndexTemplate {
 struct DashboardTemplate {
    logged_in: bool,
    name: String,
    user_roles: Vec<crate::user::UserRolesDisplay>,
 }
 pub async fn index(
    State(db_pool): State<SqlitePool>,
    Extension(user_data): Extension<Option<UserData>>,
 ) -> impl IntoResponse {
-    let user_name = user_data.as_ref().map(|s| s.name.clone());
+    let name = user_data.as_ref().map(|s| s.name.clone()).unwrap_or_default();
-    let logged_in = user_name.is_some();
+    let logged_in = user_data.is_some();
    let name = user_name.unwrap_or_default();
    if is_authorized("/dashboard", user_data, db_pool).await {
        Redirect::to("/dashboard").into_response()
@ -83,12 +85,15 @@ pub async fn dashboard(
    State(db_pool): State<SqlitePool>,
    Extension(user_data): Extension<Option<UserData>>,
 ) -> impl IntoResponse {
-    let user_name = user_data.as_ref().map(|s| s.name.clone());
+    let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
-    let logged_in = user_name.is_some();
+    let name = user_data.as_ref().map(|s| s.name.clone()).unwrap_or_default();
-    let name = user_name.unwrap_or_default();
+    let logged_in = user_data.is_some();
-    if is_authorized("/dashboard", user_data, db_pool).await {
+    if is_authorized("/dashboard", user_data, db_pool.clone()).await {
-        let template = DashboardTemplate { logged_in, name };
+        // Get user roles
        let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
        let template = DashboardTemplate { logged_in, name, user_roles };
        HtmlTemplate(template).into_response()
    } else {
        Redirect::to("/").into_response()
@ -101,20 +106,24 @@ pub async fn profile(
    Extension(user_data): Extension<Option<UserData>>,
 ) -> impl IntoResponse {
    // Extract the user's name from the user data.
-    let user_name = user_data.as_ref().map(|s| s.name.clone());
+    let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
-    let logged_in = user_name.is_some();
+    let name = user_data.as_ref().map(|s| s.name.clone()).unwrap_or_default();
-    let name = user_name.unwrap_or_default();
+    let logged_in = user_data.is_some();
    if logged_in {
        // Extract the user data.
        let user = user_data.as_ref().unwrap().clone();
-        if is_authorized("/profile", user_data, db_pool).await {
+        if is_authorized("/profile", user_data, db_pool.clone()).await {
-            // Create the profile template.
+        // Get user roles
        let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
        // Create the profile template.
            let template = ProfileTemplate {
                logged_in,
                name,
                user: user.clone(),
                user_roles,
            };
            return HtmlTemplate(template).into_response();
        } else {
@ -131,9 +140,9 @@ pub async fn user_profile(
    Extension(user_data): Extension<Option<UserData>>,
 ) -> impl IntoResponse {
    // Extract the user's name from the user data.
-    let user_name = user_data.as_ref().map(|s| s.name.clone());
+    let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
    let name = user_data.as_ref().map(|s| s.name.clone()).unwrap_or_default();
    let logged_in = user_data.is_some();
    let name = user_name.unwrap_or_default();
    // Extract the user data.
    let user = sqlx::query_as!(UserData, "SELECT * FROM users WHERE id = ?", user_id)
@ -142,19 +151,23 @@ pub async fn user_profile(
        .unwrap();
    if is_authorized("/users", user_data, db_pool.clone()).await {
        // Get logged in user roles
        let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
        // Get user roles
-        let user_roles = get_user_roles_display(user_id, &db_pool.clone()).await;
+        let profile_roles = get_user_roles_display(user_id, &db_pool.clone()).await;
        // Get roles user does not have
-        let non_user_roles = get_other_roles_display(user_id, &db_pool.clone()).await;
+        let non_profile_roles = get_other_roles_display(user_id, &db_pool.clone()).await;
        // Create the profile template.
        let template = UserProfileTemplate {
            logged_in,
            name,
            user: user,
            user_roles,
-            non_user_roles,
+            profile: user,
            profile_roles,
            non_profile_roles,
        };
        return HtmlTemplate(template).into_response();
    } else {
@ -168,6 +181,7 @@ struct UserAdminTemplate {
    logged_in: bool,
    name: String,
    users: Vec<UserData>,
    user_roles: Vec<crate::user::UserRolesDisplay>,
 }
 pub async fn useradmin(
@ -183,11 +197,17 @@ pub async fn useradmin(
        .await
        .unwrap();
-    if is_authorized("/useradmin", user_data, db_pool).await {
+    let user_id = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
    if is_authorized("/useradmin", user_data, db_pool.clone()).await {
        // Get user roles
        let user_roles = get_user_roles_display(user_id, &db_pool.clone()).await;
        let template = UserAdminTemplate {
            logged_in,
            name,
            users,
            user_roles,
        };
        HtmlTemplate(template).into_response()
    } else {
@ -232,6 +252,7 @@ pub async fn contact(Extension(user_data): Extension<Option<UserData>>) -> impl
 struct CottageCalendarTemplate {
    logged_in: bool,
    name: String,
    user_roles: Vec<crate::user::UserRolesDisplay>,
 }
 pub async fn cottagecalendar(
@ -242,8 +263,13 @@ pub async fn cottagecalendar(
    let logged_in = user_name.is_some();
    let name = user_name.unwrap_or_default();
-    if is_authorized("/cottagecalendar", user_data, db_pool).await {
+    let user_id = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
-        let template = CottageCalendarTemplate { logged_in, name };
+
    if is_authorized("/cottagecalendar", user_data, db_pool.clone()).await {
        // Get user roles
        let user_roles = get_user_roles_display(user_id, &db_pool.clone()).await;
        let template = CottageCalendarTemplate { logged_in, name, user_roles };
        HtmlTemplate(template).into_response()
    } else {
        Redirect::to("/").into_response()
--- a/backend/src/user.rs
+++ b/backend/src/user.rs
@ -142,7 +142,7 @@ pub async fn add_user_role(
 }
 pub async fn delete_user_role(
-    Path(user_role_id): Path<i64>,
+    Path((user_id, user_role_id)): Path<(i64, i64)>,
    State(db_pool): State<SqlitePool>,
    Extension(user_data): Extension<Option<UserData>>,
 ) -> impl IntoResponse {
@ -152,8 +152,12 @@ pub async fn delete_user_role(
            .execute(&db_pool)
            .await
            .unwrap();
        let redirect_url = format!("/users/{user_id}");
        Redirect::to(&redirect_url).into_response()
    } else {
        Redirect::to("/").into_response()
    }
    Redirect::to("/").into_response()
 }
 pub async fn get_user_wishlist_items(user_id: i64, db_pool: &SqlitePool) -> Vec<UserWishlistItem> {
--- a/backend/src/wishlist.rs
+++ b/backend/src/wishlist.rs
@ -6,7 +6,7 @@ use http::StatusCode;
 use serde::Deserialize;
 use sqlx::{SqlitePool, Row};
-use crate::{middlewares::is_authorized, user::{get_user_wishlist_items, UserData, UserWishlistItem}};
+use crate::{middlewares::is_authorized, user::{get_user_roles_display, get_user_wishlist_items, UserData, UserWishlistItem}};
 struct HtmlTemplate<T>(T);
@ -31,6 +31,7 @@ where
 struct WishListsTemplate {
    logged_in: bool,
    name: String,
    user_roles: Vec<crate::user::UserRolesDisplay>,
    users: Vec<UserData>,
 }
@ -47,11 +48,17 @@ pub async fn wishlists(
        .await
        .unwrap();
-    if is_authorized("/userwishlists", user_data, db_pool).await {
+        let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
-        let template = WishListsTemplate {
+
-            logged_in,
+        if is_authorized("/userwishlists", user_data, db_pool.clone()).await {
-            name,
+            // Get user roles
-            users,
+            let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
            let template = WishListsTemplate {
                logged_in,
                name,
                users,
                user_roles,
        };
        HtmlTemplate(template).into_response()
    } else {
@ -66,6 +73,7 @@ struct UserWishListTemplate {
    name: String,
    my_wishlist: bool,
    user: UserData,
    user_roles: Vec<crate::user::UserRolesDisplay>,
    user_wishlist_items: Vec<crate::user::UserWishlistItem>,
 }
@ -89,8 +97,11 @@ pub async fn user_wishlist(
        .await
        .unwrap();
-    if is_authorized("/wishlist", user_data, db_pool.clone()).await {
+        if is_authorized("/wishlist", user_data, db_pool.clone()).await {
-        // Get user wishlist
+            // Get user roles
            let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
            // Get user wishlist
        let user_wishlist_items = get_user_wishlist_items(user_id, &db_pool.clone()).await;
        // Is viewed and viewing user the same (my wishlist)?
@ -102,6 +113,7 @@ pub async fn user_wishlist(
            name,
            my_wishlist,
            user: user,
            user_roles,
            user_wishlist_items,
        };
        return HtmlTemplate(template).into_response();
@ -116,6 +128,7 @@ struct UserWishListAddTemplate {
    logged_in: bool,
    name: String,
    user: UserData,
    user_roles: Vec<crate::user::UserRolesDisplay>,
    user_wishlist_items: Vec<crate::user::UserWishlistItem>,
 }
@ -135,8 +148,13 @@ pub async fn user_wishlist_add(
        .await
        .unwrap();
    let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
    if is_authorized("/wishlist", user_data, db_pool.clone()).await {
-        // Get user roles
+            // Get user roles
            let user_roles = get_user_roles_display(userid, &db_pool.clone()).await;
            // Get user wishlist items
        let user_wishlist_items = get_user_wishlist_items(user_id, &db_pool.clone()).await;
        // Create the wishlist template.
@ -144,6 +162,7 @@ pub async fn user_wishlist_add(
            logged_in,
            name,
            user: user,
            user_roles,
            user_wishlist_items,
        };
        return HtmlTemplate(template).into_response();
--- a/backend/templates/authorized.html
+++ b/backend/templates/authorized.html
@ -7,10 +7,14 @@
            <h2>Menu</h2>
            <ul>
                <li><a href="/dashboard">Web links</a></li>
                <li><a href="/useradmin">User Administration</a></li>
                <li><a href="/cottagecalendar">Cottage Calendar</a></li>
                <li><a href="/wishlists">Wish lists</a></li>
            </ul>
            {% for user_role in user_roles %}
                {% if user_role.role_name == "admin" %}
                    <li><a href="/useradmin">User Administration</a></li>
                {% endif %}
            {% endfor %}
        </div>
        <div class="col-8">
            {% block center %}{% endblock center %}
--- a/backend/templates/user.html
+++ b/backend/templates/user.html
@ -2,10 +2,10 @@
 {% block title %}User Profile{% endblock %}
 {% block center %}
 <h1>User Profile</h1>
-Full name: {{ user.name }}<br/>
+Full name: {{ profile.name }}<br/>
-Given name: {{ user.given_name }}<br/>
+Given name: {{ profile.given_name }}<br/>
-Family name: {{ user.family_name }}<br/>
+Family name: {{ profile.family_name }}<br/>
-Your email address: {{ user.email }}<br/>
+Your email address: {{ profile.email }}<br/>
 <br/>
 <h2>User Roles</h2>
 <button type="button" class="btn btn-primary">Edit</button>
@ -18,13 +18,13 @@ Your email address: {{ user.email }}<br/>
        </tr>
    </thead>
    <tbody>
-        {% for user_role in user_roles %}
+        {% for user_role in profile_roles %}
        <tr>
            <td><a href="/roles/{{ user_role.role_id }}">{{ user_role.role_name }}</a></td>
-            <td><a href="/roles/{{ user_role.id }}/delete">Delete</a></td>
+            <td><a href="/roles/{{ user_role.user_id }}/{{ user_role.id }}/delete">Delete</a></td>
        </tr>
        {% endfor %}
-        {% for non_user_role in non_user_roles %}
+        {% for non_user_role in non_profile_roles %}
        <tr>
            <td><a href="/roles/{{ non_user_role.role_id }}">{{ non_user_role.role_name }}</a></td>
            <td><a href="/roles/{{ non_user_role.user_id }}/{{ non_user_role.role_id }}/add">Add</a></td>