From e0b953ba01e38ae86d5d143ca1175f5d9e06db63 Mon Sep 17 00:00:00 2001 From: Pierre HUBERT Date: Sat, 15 May 2021 09:59:34 +0200 Subject: [PATCH] Can create admin account from API --- .../admin/admin_res_create_account.rs | 20 ++++++++++++++ src/api_data/admin/mod.rs | 3 ++- .../admin/admin_account_controller.rs | 13 +++++++++- .../admin/admin_roles_controller.rs | 2 -- src/routes.rs | 26 ++++++++++++++++++- src/server.rs | 4 +++ 6 files changed, 63 insertions(+), 5 deletions(-) create mode 100644 src/api_data/admin/admin_res_create_account.rs diff --git a/src/api_data/admin/admin_res_create_account.rs b/src/api_data/admin/admin_res_create_account.rs new file mode 100644 index 0000000..446044c --- /dev/null +++ b/src/api_data/admin/admin_res_create_account.rs @@ -0,0 +1,20 @@ +//! # Administrator account creation result +//! +//! @author Pierre Hubert + +use serde::Serialize; + +use crate::data::admin::AdminID; + +#[derive(Serialize)] +pub struct AdminResCreateAccount { + id: u64 +} + +impl AdminResCreateAccount { + pub fn new(id: AdminID) -> Self { + Self { + id: id.id() + } + } +} \ No newline at end of file diff --git a/src/api_data/admin/mod.rs b/src/api_data/admin/mod.rs index cbb6dec..65b7801 100644 --- a/src/api_data/admin/mod.rs +++ b/src/api_data/admin/mod.rs @@ -8,4 +8,5 @@ pub mod admin_id_api; pub mod admin_info_api; pub mod admin_keys_api; pub mod admin_res_create_reset_token; -pub mod admin_role_api; \ No newline at end of file +pub mod admin_role_api; +pub mod admin_res_create_account; \ No newline at end of file diff --git a/src/controllers/admin/admin_account_controller.rs b/src/controllers/admin/admin_account_controller.rs index 153840f..b758ecd 100644 --- a/src/controllers/admin/admin_account_controller.rs +++ b/src/controllers/admin/admin_account_controller.rs @@ -7,14 +7,25 @@ use crate::api_data::admin::admin_auth_options::AdminAuthOptions; use crate::api_data::admin::admin_auth_success::AdminAuthSuccess; use crate::api_data::admin::admin_id_api::AdminIDAPI; use crate::api_data::admin::admin_info_api::AdminInfoAPI; +use crate::api_data::admin::admin_res_create_account::AdminResCreateAccount; use crate::api_data::admin::admin_res_create_reset_token::AdminResCreateResetToken; -use crate::data::admin::NewAdminGeneralSettings; +use crate::data::admin::{NewAdmin, NewAdminGeneralSettings}; use crate::data::base_request_handler::BaseRequestHandler; use crate::data::http_request_handler::HttpRequestHandler; use crate::helpers::{admin_access_token_helper, admin_account_helper, admin_account_key_helper}; use crate::routes::RequestResult; use crate::utils::date_utils::time; +/// Create a new administrator account +pub fn create(r: &mut HttpRequestHandler) -> RequestResult { + let email = r.post_email("mail")?; + let name = r.post_string_opt("name", 3, true)?; + + let admin_id = admin_account_helper::create(&NewAdmin { name, email })?; + + r.set_response(AdminResCreateAccount::new(admin_id)) +} + /// Get admin auth options pub fn get_auth_options(r: &mut HttpRequestHandler) -> RequestResult { let mail = r.post_email("mail")?; diff --git a/src/controllers/admin/admin_roles_controller.rs b/src/controllers/admin/admin_roles_controller.rs index a8c427f..040496f 100644 --- a/src/controllers/admin/admin_roles_controller.rs +++ b/src/controllers/admin/admin_roles_controller.rs @@ -20,8 +20,6 @@ pub fn get_list(r: &mut HttpRequestHandler) -> RequestResult { /// Toggle the status of a role for an admin pub fn toggle(r: &mut HttpRequestHandler) -> RequestResult { - r.check_admin_has_role(AdminRole::MANAGE_ADMINS)?; - let admin_id = r.post_admin_id("adminID")?; let enable = r.post_bool("enable")?; let role_str = r.post_string("role")?; diff --git a/src/routes.rs b/src/routes.rs index 6b254f7..bd1267e 100644 --- a/src/routes.rs +++ b/src/routes.rs @@ -1,5 +1,6 @@ use std::error::Error; +use crate::constants::admin::AdminRole; use crate::controllers::{account_controller, comments_controller, conversations_controller, forez_controller, friends_controller, groups_controller, likes_controller, notifications_controller, posts_controller, push_notifications_controller, search_controller, server_controller, settings_controller, surveys_controller, user_controller, user_ws_controller, virtual_directory_controller, web_app_controller}; use crate::controllers::admin::*; use crate::data::http_request_handler::HttpRequestHandler; @@ -81,6 +82,9 @@ pub struct Route { /// Request rate policy pub limit_policy: LimitPolicy, + + /// Administrator role required to use the route + pub admin_role: Option, } impl Route { @@ -92,6 +96,7 @@ impl Route { uri, func, limit_policy: LimitPolicy::NONE, + admin_role: None, } } @@ -103,6 +108,7 @@ impl Route { uri, func, limit_policy: LimitPolicy::NONE, + admin_role: None, } } @@ -114,6 +120,7 @@ impl Route { uri, func, limit_policy, + admin_role: None, } } @@ -125,6 +132,7 @@ impl Route { uri, func, limit_policy: LimitPolicy::NONE, + admin_role: None, } } @@ -136,6 +144,7 @@ impl Route { uri, func, limit_policy, + admin_role: None, } } @@ -147,6 +156,7 @@ impl Route { uri, func, limit_policy, + admin_role: None, } } @@ -158,6 +168,19 @@ impl Route { uri, func, limit_policy: LimitPolicy::NONE, + admin_role: None, + } + } + + pub fn admin_post_restricted(uri: &'static str, func: RequestProcess, role: AdminRole) -> Route { + Route { + scope: RouteScope::ADMIN, + method: POST, + need_login: true, + uri, + func, + limit_policy: LimitPolicy::NONE, + admin_role: Some(role), } } } @@ -350,6 +373,7 @@ pub fn get_routes() -> Vec { Route::limited_admin_post_without_login("/admin/accounts/auth_options", Box::new(admin_account_controller::get_auth_options), LimitPolicy::FAILURE(5)), Route::limited_admin_post_without_login("/admin/accounts/auth_with_reset_token", Box::new(admin_account_controller::auth_with_reset_token), LimitPolicy::FAILURE(5)), Route::admin_post("/admin/accounts/sign_out", Box::new(admin_account_controller::sign_out)), + Route::admin_post_restricted("/admin/accounts/create", Box::new(admin_account_controller::create), AdminRole::MANAGE_ADMINS), Route::admin_post("/admin/accounts/id", Box::new(admin_account_controller::get_admin_id)), Route::admin_post("/admin/accounts/list", Box::new(admin_account_controller::get_list)), Route::admin_post("/admin/accounts/info", Box::new(admin_account_controller::get_admin_info)), @@ -366,6 +390,6 @@ pub fn get_routes() -> Vec { // Admin roles controller Route::admin_post("/admin/roles/list", Box::new(admin_roles_controller::get_list)), - Route::admin_post("/admin/roles/toggle", Box::new(admin_roles_controller::toggle)), + Route::admin_post_restricted("/admin/roles/toggle", Box::new(admin_roles_controller::toggle), AdminRole::MANAGE_ADMINS), ] } \ No newline at end of file diff --git a/src/server.rs b/src/server.rs index 790836c..805be1d 100644 --- a/src/server.rs +++ b/src/server.rs @@ -230,6 +230,10 @@ fn process_simple_route(route: &Route, req: &mut HttpRequestHandler) -> RequestR if route.need_login { req.check_admin_access_token()?; } + + if let Some(role) = route.admin_role { + req.check_admin_has_role(role)?; + } } }