1
0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2024-11-26 15:29:21 +00:00

Can update admin roles

This commit is contained in:
Pierre HUBERT 2021-05-15 09:10:39 +02:00
parent e619d71601
commit d933dadf62
5 changed files with 65 additions and 6 deletions

View File

@ -3,11 +3,13 @@
//! @author Pierre Hubert //! @author Pierre Hubert
use crate::api_data::admin::admin_role_api::AdminRoleDetailsAPI; use crate::api_data::admin::admin_role_api::AdminRoleDetailsAPI;
use crate::constants::admin::ADMIN_ROLES_LIST; use crate::constants::admin::{ADMIN_ROLES_LIST, AdminRole};
use crate::data::base_request_handler::BaseRequestHandler; use crate::data::base_request_handler::BaseRequestHandler;
use crate::data::http_request_handler::HttpRequestHandler; use crate::data::http_request_handler::HttpRequestHandler;
use crate::helpers::admin_roles_helper;
use crate::routes::RequestResult; use crate::routes::RequestResult;
/// Get the list of roles embedded in the code
pub fn get_list(r: &mut HttpRequestHandler) -> RequestResult { pub fn get_list(r: &mut HttpRequestHandler) -> RequestResult {
let res = ADMIN_ROLES_LIST.iter() let res = ADMIN_ROLES_LIST.iter()
.map(AdminRoleDetailsAPI::new) .map(AdminRoleDetailsAPI::new)
@ -15,3 +17,24 @@ pub fn get_list(r: &mut HttpRequestHandler) -> RequestResult {
r.set_response(res) r.set_response(res)
} }
/// Toggle the status of a role for an admin
pub fn toggle(r: &mut HttpRequestHandler) -> RequestResult {
r.check_admin_has_role(AdminRole::MANAGE_ADMINS)?;
let admin_id = r.post_admin_id("adminID")?;
let enable = r.post_bool("enable")?;
let role_str = r.post_string("role")?;
let role = r.some_or_bad_request(
AdminRole::from_id(&role_str),
"Specified role does not exists!",
)?;
if !enable {
admin_roles_helper::remove_role(admin_id, role)?;
} else if !admin_roles_helper::has_role(admin_id, role)? {
admin_roles_helper::add_role(admin_id, role)?;
}
r.ok()
}

View File

@ -12,6 +12,7 @@ use image::{GenericImageView, ImageFormat};
use serde::Serialize; use serde::Serialize;
use crate::api_data::http_error::HttpError; use crate::api_data::http_error::HttpError;
use crate::constants::admin::AdminRole;
use crate::constants::PASSWORD_MIN_LENGTH; use crate::constants::PASSWORD_MIN_LENGTH;
use crate::data::admin::AdminID; use crate::data::admin::AdminID;
use crate::data::comment::Comment; use crate::data::comment::Comment;
@ -24,7 +25,7 @@ use crate::data::group_id::GroupID;
use crate::data::post::{Post, PostAccessLevel}; use crate::data::post::{Post, PostAccessLevel};
use crate::data::user::UserID; use crate::data::user::UserID;
use crate::data::user_token::UserAccessToken; use crate::data::user_token::UserAccessToken;
use crate::helpers::{account_helper, admin_account_helper, comments_helper, conversations_helper, custom_emojies_helper, friends_helper, groups_helper, posts_helper, user_helper, virtual_directory_helper}; use crate::helpers::{account_helper, admin_account_helper, admin_roles_helper, comments_helper, conversations_helper, custom_emojies_helper, friends_helper, groups_helper, posts_helper, user_helper, virtual_directory_helper};
use crate::helpers::virtual_directory_helper::VirtualDirType; use crate::helpers::virtual_directory_helper::VirtualDirType;
use crate::routes::RequestResult; use crate::routes::RequestResult;
use crate::utils::mp3_utils::is_valid_mp3; use crate::utils::mp3_utils::is_valid_mp3;
@ -606,6 +607,15 @@ pub trait BaseRequestHandler {
Ok(admin_id) Ok(admin_id)
} }
/// Check if an admin has a given role or not
fn check_admin_has_role(&mut self, role: AdminRole) -> Res {
if !admin_roles_helper::has_role(self.admin_id()?, role)? {
self.forbidden("You have not the permission to do this!".to_string())?;
}
Ok(())
}
/// Get a list of users ID included in the request /// Get a list of users ID included in the request
fn post_users_id(&mut self, name: &str) -> ResultBoxError<HashSet<UserID>> { fn post_users_id(&mut self, name: &str) -> ResultBoxError<HashSet<UserID>> {
let users = self.post_numbers_list(name, 1)? let users = self.post_numbers_list(name, 1)?

View File

@ -12,11 +12,11 @@ use crate::utils::date_utils::time;
/// Get the list of roles of a given administrator /// Get the list of roles of a given administrator
pub fn get_roles(id: AdminID) -> Res<Vec<AdminRole>> { pub fn get_roles(id: AdminID) -> Res<Vec<AdminRole>> {
database::QueryInfo::new(ADMIN_ROLES_TABLE) database::QueryInfo::new(ADMIN_ROLES_TABLE)
.cond_admin_id("id", id) .cond_admin_id("admin_id", id)
.exec(db_to_role) .exec(db_to_role)
} }
/// Add a new role to a user /// Add a new role to an admin
pub fn add_role(id: AdminID, role: AdminRole) -> Res { pub fn add_role(id: AdminID, role: AdminRole) -> Res {
database::InsertQuery::new(ADMIN_ROLES_TABLE) database::InsertQuery::new(ADMIN_ROLES_TABLE)
.add_admin_id("admin_id", id) .add_admin_id("admin_id", id)
@ -25,6 +25,21 @@ pub fn add_role(id: AdminID, role: AdminRole) -> Res {
.insert_drop_result() .insert_drop_result()
} }
/// Remove a role to an admin
pub fn remove_role(id: AdminID, role: AdminRole) -> Res {
database::DeleteQuery::new(ADMIN_ROLES_TABLE)
.cond_admin_id("admin_id", id)
.cond_str("role_id", role.to_id())
.exec()
}
/// Check out whether an admin has a role or not
pub fn has_role(id: AdminID, role: AdminRole) -> Res<bool> {
database::QueryInfo::new(ADMIN_ROLES_TABLE)
.cond_admin_id("admin_id", id)
.cond("role_id", role.to_id())
.exec_count_has_at_least_one_result()
}
fn db_to_role(row: &database::RowResult) -> Res<AdminRole> { fn db_to_role(row: &database::RowResult) -> Res<AdminRole> {
let role_id = row.get_str("role_id")?; let role_id = row.get_str("role_id")?;

View File

@ -11,7 +11,7 @@ use mysql::prelude::Queryable;
use crate::data::admin::AdminID; use crate::data::admin::AdminID;
use crate::data::config::{conf, DatabaseConfig}; use crate::data::config::{conf, DatabaseConfig};
use crate::data::conversation::ConvID; use crate::data::conversation::ConvID;
use crate::data::error::{ExecError, ResultBoxError}; use crate::data::error::{ExecError, Res, ResultBoxError};
use crate::data::group_id::GroupID; use crate::data::group_id::GroupID;
use crate::data::user::UserID; use crate::data::user::UserID;
@ -272,6 +272,11 @@ impl QueryInfo {
pub fn exec_count(self) -> ResultBoxError<usize> { pub fn exec_count(self) -> ResultBoxError<usize> {
count(self) count(self)
} }
/// Execute count query, checking that there is at least one result
pub fn exec_count_has_at_least_one_result(self) -> Res<bool> {
self.exec_count().map(|r| r > 0)
}
} }
/// Struct used to read the result of a request /// Struct used to read the result of a request
@ -841,6 +846,11 @@ impl DeleteQuery {
self self
} }
pub fn cond_admin_id(mut self, key: &str, value: AdminID) -> DeleteQuery {
self.conditions.insert(key.to_string(), Value::from(value.id()));
self
}
pub fn cond_group_id(mut self, key: &str, value: &GroupID) -> DeleteQuery { pub fn cond_group_id(mut self, key: &str, value: &GroupID) -> DeleteQuery {
self.conditions.insert(key.to_string(), Value::from(value.id())); self.conditions.insert(key.to_string(), Value::from(value.id()));
self self

View File

@ -364,6 +364,7 @@ pub fn get_routes() -> Vec<Route> {
Route::limited_admin_post_without_login("/admin/keys/auth_with_key", Box::new(admin_keys_controller::auth_with_key), LimitPolicy::ANY(10)), Route::limited_admin_post_without_login("/admin/keys/auth_with_key", Box::new(admin_keys_controller::auth_with_key), LimitPolicy::ANY(10)),
// Admin roles controller // Admin roles controller
Route::admin_post("/admin/roles/list", Box::new(admin_roles_controller::get_list)) Route::admin_post("/admin/roles/list", Box::new(admin_roles_controller::get_list)),
Route::admin_post("/admin/roles/toggle", Box::new(admin_roles_controller::toggle)),
] ]
} }