Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
frontend: allow admins to change a users role
- Loading branch information
Showing
17 changed files
with
388 additions
and
111 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,14 @@ | ||
use crate::core::prelude::*; | ||
|
||
pub fn archive_comments<D: Db>(db: &D, ids: &[&str]) -> Result<()> { | ||
pub fn archive_comments<D: Db>(db: &D, user_email: &str, ids: &[&str]) -> Result<()> { | ||
info!("Archiving {} comments", ids.len()); | ||
let archived = Timestamp::now(); | ||
db.archive_comments(ids, archived)?; | ||
Ok(()) | ||
let users = db.get_users_by_email(user_email)?; | ||
if let Some(user) = users.first() { | ||
if user.role >= Role::Scout { | ||
let archived = Timestamp::now(); | ||
db.archive_comments(ids, archived)?; | ||
return Ok(()); | ||
} | ||
} | ||
Err(ParameterError::Forbidden.into()) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,15 @@ | ||
use crate::core::prelude::*; | ||
|
||
pub fn archive_ratings<D: Db>(db: &D, ids: &[&str]) -> Result<()> { | ||
pub fn archive_ratings<D: Db>(db: &D, user_email: &str, ids: &[&str]) -> Result<()> { | ||
debug!("Archiving ratings {:?}", ids); | ||
let archived = Timestamp::now(); | ||
db.archive_comments_of_ratings(ids, archived)?; | ||
db.archive_ratings(ids, archived)?; | ||
Ok(()) | ||
let users = db.get_users_by_email(user_email)?; | ||
if let Some(user) = users.first() { | ||
if user.role >= Role::Scout { | ||
let archived = Timestamp::now(); | ||
db.archive_comments_of_ratings(ids, archived)?; | ||
db.archive_ratings(ids, archived)?; | ||
return Ok(()); | ||
} | ||
} | ||
Err(ParameterError::Forbidden.into()) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
use crate::core::prelude::*; | ||
|
||
pub fn change_user_role<D: Db>( | ||
db: &D, | ||
account_email: &str, | ||
user_email: &str, | ||
role: Role, | ||
) -> Result<()> { | ||
info!("Changing role to {:?} for {}", role, user_email); | ||
let accounts = db.get_users_by_email(account_email)?; | ||
let users = db.get_users_by_email(user_email)?; | ||
let account = accounts | ||
.first() | ||
.ok_or_else(|| ParameterError::UserDoesNotExist)?; | ||
let mut user = users | ||
.first() | ||
.ok_or_else(|| ParameterError::UserDoesNotExist)? | ||
.to_owned(); | ||
if account.role > user.role && role < account.role { | ||
user.role = role; | ||
db.update_user(&user)?; | ||
Ok(()) | ||
} else { | ||
Err(ParameterError::Forbidden.into()) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
use super::*; | ||
use diesel::connection::Connection; | ||
|
||
pub fn change_user_role( | ||
connections: &sqlite::Connections, | ||
account_email: &str, | ||
user_email: &str, | ||
role: Role, | ||
) -> Result<()> { | ||
let mut repo_err = None; | ||
let connection = connections.exclusive()?; | ||
Ok(connection | ||
.transaction::<_, diesel::result::Error, _>(|| { | ||
usecases::change_user_role(&*connection, account_email, user_email, role).map_err( | ||
|err| { | ||
warn!("Failed to chage role for email {}: {}", user_email, err); | ||
repo_err = Some(err); | ||
diesel::result::Error::RollbackTransaction | ||
}, | ||
) | ||
}) | ||
.map_err(|err| { | ||
if let Some(repo_err) = repo_err { | ||
repo_err | ||
} else { | ||
RepoError::from(err).into() | ||
} | ||
})?) | ||
} | ||
|
||
#[cfg(test)] | ||
mod tests { | ||
use super::super::tests::prelude::*; | ||
|
||
fn change_user_role( | ||
fixture: &EnvFixture, | ||
account_email: &str, | ||
user_email: &str, | ||
role: Role, | ||
) -> super::Result<()> { | ||
super::change_user_role(&fixture.db_connections, account_email, user_email, role) | ||
} | ||
|
||
#[test] | ||
fn should_change_the_role_to_scout_if_its_done_by_an_admin() { | ||
let fixture = EnvFixture::new(); | ||
fixture.create_user( | ||
usecases::NewUser { | ||
email: "user@bar.tld".into(), | ||
password: "123456".into(), | ||
username: "user".into(), | ||
}, | ||
None, | ||
); | ||
fixture.create_user( | ||
usecases::NewUser { | ||
email: "admin@foo.tld".into(), | ||
password: "123456".into(), | ||
username: "admin".into(), | ||
}, | ||
Some(Role::Admin), | ||
); | ||
assert_eq!( | ||
fixture.try_get_user("user@bar.tld").unwrap().role, | ||
Role::Guest | ||
); | ||
assert!(change_user_role(&fixture, "admin@foo.tld", "user@bar.tld", Role::Scout).is_ok()); | ||
assert_eq!( | ||
fixture.try_get_user("user@bar.tld").unwrap().role, | ||
Role::Scout | ||
); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.