1
0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2024-11-26 07:19:22 +00:00

Can create admin account from API

This commit is contained in:
Pierre HUBERT 2021-05-15 09:59:34 +02:00
parent cbf8d9b100
commit e0b953ba01
6 changed files with 63 additions and 5 deletions

View File

@ -0,0 +1,20 @@
//! # Administrator account creation result
//!
//! @author Pierre Hubert
use serde::Serialize;
use crate::data::admin::AdminID;
#[derive(Serialize)]
pub struct AdminResCreateAccount {
id: u64
}
impl AdminResCreateAccount {
pub fn new(id: AdminID) -> Self {
Self {
id: id.id()
}
}
}

View File

@ -8,4 +8,5 @@ pub mod admin_id_api;
pub mod admin_info_api; pub mod admin_info_api;
pub mod admin_keys_api; pub mod admin_keys_api;
pub mod admin_res_create_reset_token; pub mod admin_res_create_reset_token;
pub mod admin_role_api; pub mod admin_role_api;
pub mod admin_res_create_account;

View File

@ -7,14 +7,25 @@ use crate::api_data::admin::admin_auth_options::AdminAuthOptions;
use crate::api_data::admin::admin_auth_success::AdminAuthSuccess; use crate::api_data::admin::admin_auth_success::AdminAuthSuccess;
use crate::api_data::admin::admin_id_api::AdminIDAPI; use crate::api_data::admin::admin_id_api::AdminIDAPI;
use crate::api_data::admin::admin_info_api::AdminInfoAPI; use crate::api_data::admin::admin_info_api::AdminInfoAPI;
use crate::api_data::admin::admin_res_create_account::AdminResCreateAccount;
use crate::api_data::admin::admin_res_create_reset_token::AdminResCreateResetToken; use crate::api_data::admin::admin_res_create_reset_token::AdminResCreateResetToken;
use crate::data::admin::NewAdminGeneralSettings; use crate::data::admin::{NewAdmin, NewAdminGeneralSettings};
use crate::data::base_request_handler::BaseRequestHandler; use crate::data::base_request_handler::BaseRequestHandler;
use crate::data::http_request_handler::HttpRequestHandler; use crate::data::http_request_handler::HttpRequestHandler;
use crate::helpers::{admin_access_token_helper, admin_account_helper, admin_account_key_helper}; use crate::helpers::{admin_access_token_helper, admin_account_helper, admin_account_key_helper};
use crate::routes::RequestResult; use crate::routes::RequestResult;
use crate::utils::date_utils::time; use crate::utils::date_utils::time;
/// Create a new administrator account
pub fn create(r: &mut HttpRequestHandler) -> RequestResult {
let email = r.post_email("mail")?;
let name = r.post_string_opt("name", 3, true)?;
let admin_id = admin_account_helper::create(&NewAdmin { name, email })?;
r.set_response(AdminResCreateAccount::new(admin_id))
}
/// Get admin auth options /// Get admin auth options
pub fn get_auth_options(r: &mut HttpRequestHandler) -> RequestResult { pub fn get_auth_options(r: &mut HttpRequestHandler) -> RequestResult {
let mail = r.post_email("mail")?; let mail = r.post_email("mail")?;

View File

@ -20,8 +20,6 @@ pub fn get_list(r: &mut HttpRequestHandler) -> RequestResult {
/// Toggle the status of a role for an admin /// Toggle the status of a role for an admin
pub fn toggle(r: &mut HttpRequestHandler) -> RequestResult { pub fn toggle(r: &mut HttpRequestHandler) -> RequestResult {
r.check_admin_has_role(AdminRole::MANAGE_ADMINS)?;
let admin_id = r.post_admin_id("adminID")?; let admin_id = r.post_admin_id("adminID")?;
let enable = r.post_bool("enable")?; let enable = r.post_bool("enable")?;
let role_str = r.post_string("role")?; let role_str = r.post_string("role")?;

View File

@ -1,5 +1,6 @@
use std::error::Error; use std::error::Error;
use crate::constants::admin::AdminRole;
use crate::controllers::{account_controller, comments_controller, conversations_controller, forez_controller, friends_controller, groups_controller, likes_controller, notifications_controller, posts_controller, push_notifications_controller, search_controller, server_controller, settings_controller, surveys_controller, user_controller, user_ws_controller, virtual_directory_controller, web_app_controller}; use crate::controllers::{account_controller, comments_controller, conversations_controller, forez_controller, friends_controller, groups_controller, likes_controller, notifications_controller, posts_controller, push_notifications_controller, search_controller, server_controller, settings_controller, surveys_controller, user_controller, user_ws_controller, virtual_directory_controller, web_app_controller};
use crate::controllers::admin::*; use crate::controllers::admin::*;
use crate::data::http_request_handler::HttpRequestHandler; use crate::data::http_request_handler::HttpRequestHandler;
@ -81,6 +82,9 @@ pub struct Route {
/// Request rate policy /// Request rate policy
pub limit_policy: LimitPolicy, pub limit_policy: LimitPolicy,
/// Administrator role required to use the route
pub admin_role: Option<AdminRole>,
} }
impl Route { impl Route {
@ -92,6 +96,7 @@ impl Route {
uri, uri,
func, func,
limit_policy: LimitPolicy::NONE, limit_policy: LimitPolicy::NONE,
admin_role: None,
} }
} }
@ -103,6 +108,7 @@ impl Route {
uri, uri,
func, func,
limit_policy: LimitPolicy::NONE, limit_policy: LimitPolicy::NONE,
admin_role: None,
} }
} }
@ -114,6 +120,7 @@ impl Route {
uri, uri,
func, func,
limit_policy, limit_policy,
admin_role: None,
} }
} }
@ -125,6 +132,7 @@ impl Route {
uri, uri,
func, func,
limit_policy: LimitPolicy::NONE, limit_policy: LimitPolicy::NONE,
admin_role: None,
} }
} }
@ -136,6 +144,7 @@ impl Route {
uri, uri,
func, func,
limit_policy, limit_policy,
admin_role: None,
} }
} }
@ -147,6 +156,7 @@ impl Route {
uri, uri,
func, func,
limit_policy, limit_policy,
admin_role: None,
} }
} }
@ -158,6 +168,19 @@ impl Route {
uri, uri,
func, func,
limit_policy: LimitPolicy::NONE, limit_policy: LimitPolicy::NONE,
admin_role: None,
}
}
pub fn admin_post_restricted(uri: &'static str, func: RequestProcess, role: AdminRole) -> Route {
Route {
scope: RouteScope::ADMIN,
method: POST,
need_login: true,
uri,
func,
limit_policy: LimitPolicy::NONE,
admin_role: Some(role),
} }
} }
} }
@ -350,6 +373,7 @@ pub fn get_routes() -> Vec<Route> {
Route::limited_admin_post_without_login("/admin/accounts/auth_options", Box::new(admin_account_controller::get_auth_options), LimitPolicy::FAILURE(5)), Route::limited_admin_post_without_login("/admin/accounts/auth_options", Box::new(admin_account_controller::get_auth_options), LimitPolicy::FAILURE(5)),
Route::limited_admin_post_without_login("/admin/accounts/auth_with_reset_token", Box::new(admin_account_controller::auth_with_reset_token), LimitPolicy::FAILURE(5)), Route::limited_admin_post_without_login("/admin/accounts/auth_with_reset_token", Box::new(admin_account_controller::auth_with_reset_token), LimitPolicy::FAILURE(5)),
Route::admin_post("/admin/accounts/sign_out", Box::new(admin_account_controller::sign_out)), Route::admin_post("/admin/accounts/sign_out", Box::new(admin_account_controller::sign_out)),
Route::admin_post_restricted("/admin/accounts/create", Box::new(admin_account_controller::create), AdminRole::MANAGE_ADMINS),
Route::admin_post("/admin/accounts/id", Box::new(admin_account_controller::get_admin_id)), Route::admin_post("/admin/accounts/id", Box::new(admin_account_controller::get_admin_id)),
Route::admin_post("/admin/accounts/list", Box::new(admin_account_controller::get_list)), Route::admin_post("/admin/accounts/list", Box::new(admin_account_controller::get_list)),
Route::admin_post("/admin/accounts/info", Box::new(admin_account_controller::get_admin_info)), Route::admin_post("/admin/accounts/info", Box::new(admin_account_controller::get_admin_info)),
@ -366,6 +390,6 @@ pub fn get_routes() -> Vec<Route> {
// Admin roles controller // Admin roles controller
Route::admin_post("/admin/roles/list", Box::new(admin_roles_controller::get_list)), Route::admin_post("/admin/roles/list", Box::new(admin_roles_controller::get_list)),
Route::admin_post("/admin/roles/toggle", Box::new(admin_roles_controller::toggle)), Route::admin_post_restricted("/admin/roles/toggle", Box::new(admin_roles_controller::toggle), AdminRole::MANAGE_ADMINS),
] ]
} }

View File

@ -230,6 +230,10 @@ fn process_simple_route(route: &Route, req: &mut HttpRequestHandler) -> RequestR
if route.need_login { if route.need_login {
req.check_admin_access_token()?; req.check_admin_access_token()?;
} }
if let Some(role) = route.admin_role {
req.check_admin_has_role(role)?;
}
} }
} }