Comunic/comunicapiv3
1
0
Fork 0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2025-04-04 11:52:36 +00:00
Code Issues Projects Releases Wiki Activity
comunicapiv3/src/controllers/admin/admin_account_controller.rs

138 lines
4.7 KiB
Rust
Raw Blame History

//! # Admin account controller
//!
//! @author Pierre Hubert
use crate::api_data::admin::admin_auth_options::AdminAuthOptions;
use crate::api_data::admin::admin_auth_success::AdminAuthSuccess;
use crate::api_data::admin::admin_id_api::AdminIDAPI;
use crate::api_data::admin::admin_info_api::AdminInfoAPI;
use crate::api_data::admin::admin_res_create_account::AdminResCreateAccount;
use crate::api_data::admin::admin_res_create_reset_token::AdminResCreateResetToken;
use crate::constants::admin::AdminRole;
use crate::data::admin::{NewAdmin, NewAdminGeneralSettings};
use crate::data::admin_action_log::AdminAction;
use crate::data::base_request_handler::BaseRequestHandler;
use crate::data::http_request_handler::HttpRequestHandler;
use crate::helpers::{admin_access_token_helper, admin_account_helper, admin_account_key_helper};
use crate::helpers::admin_log_helper::log_admin_action;
use crate::routes::RequestResult;
use crate::utils::date_utils::time;
/// Create a new administrator account
pub async fn create(r: &mut HttpRequestHandler) -> RequestResult {
let email = r.post_email("mail")?;
let name = r.post_string_opt("name", 3, true)?;
let new_admin = NewAdmin { name, email };
let admin_id = admin_account_helper::create(&new_admin)?;
log_admin_action(r.admin_id()?, &r.remote_ip(),
AdminAction::CreatedAdmin { id: admin_id, name: new_admin.name, email: new_admin.email })?;
r.set_response(AdminResCreateAccount::new(admin_id))
}
/// Get admin auth options
pub async fn get_auth_options(r: &mut HttpRequestHandler) -> RequestResult {
let mail = r.post_email("mail")?;
let admin = admin_account_helper::find_admin_by_email(&mail)?;
let keys = admin_account_key_helper::get_admin_keys(admin.id)?;
r.set_response(AdminAuthOptions::new(&admin, &keys))
}
/// Login admin using a reset token
pub async fn auth_with_reset_token(r: &mut HttpRequestHandler) -> RequestResult {
let reset_token = r.post_string("token")?;
let admin = admin_account_helper::find_admin_by_email(&r.post_email("mail")?)?;
let token = r.some_or_internal_error(
admin.reset_token,
"Specified user has not valid reset token for now!",
)?;
if !token.token.eq(&reset_token) || time() > token.expire {
return r.forbidden("Specified reset token is invalid!".to_string());
}
let token = admin_access_token_helper::create(admin.id)?;
log_admin_action(admin.id, &r.remote_ip(),
AdminAction::AuthWithResetToken)?;
r.set_response(AdminAuthSuccess::new(token))
}
/// Sign out current admin
pub async fn sign_out(r: &mut HttpRequestHandler) -> RequestResult {
admin_access_token_helper::destroy(r.admin_id()?)?;
r.ok()
}
/// Get current admin ID
pub async fn get_admin_id(r: &mut HttpRequestHandler) -> RequestResult {
r.set_response(AdminIDAPI::new(r.admin_id()?))
}
/// Get and return the list of administrators
pub async fn get_list(r: &mut HttpRequestHandler) -> RequestResult {
let list = admin_account_helper::get_list()?
.iter()
.map(AdminInfoAPI::new)
.collect::<Vec<AdminInfoAPI>>();
r.set_response(list)
}
/// Get current admin information
pub async fn get_admin_info(r: &mut HttpRequestHandler) -> RequestResult {
let admin = match r.has_post_parameter("id") {
false => admin_account_helper::find_admin_by_id(r.admin_id()?)?,
true => {
let admin_id = r.post_admin_id("id")?;
admin_account_helper::find_admin_by_id(admin_id)?
}
};
r.set_response(AdminInfoAPI::new(&admin))
}
/// Update general settings
pub async fn update_general_settings(r: &mut HttpRequestHandler) -> RequestResult {
let admin_id = r.post_admin_id("id")?;
let new_name = r.post_string("name")?;
let new_email = r.post_email("email")?;
if admin_id != r.admin_id()? {
r.check_admin_has_role(AdminRole::MANAGE_ADMINS)?;
}
admin_account_helper::set_general_settings(NewAdminGeneralSettings {
id: admin_id,
name: new_name.to_string(),
email: new_email.to_string(),
})?;
log_admin_action(r.admin_id()?, &r.remote_ip(),
AdminAction::UpdatedAdminGeneralSettings { target: admin_id, new_name, new_email })?;
r.ok()
}
/// Generate access reset token
pub async fn generate_reset_token(r: &mut HttpRequestHandler) -> RequestResult {
let admin_id = r.post_admin_id("id")?;
if admin_id != r.admin_id()? {
r.check_admin_has_role(AdminRole::MANAGE_ADMINS)?;
}
let token = admin_account_helper::create_new_reset_token(admin_id)?;
log_admin_action(r.admin_id()?, &r.remote_ip(),
AdminAction::GeneratedAdminResetToken { target: admin_id })?;
r.set_response(AdminResCreateResetToken::new(token))
}
Reference in New Issue View Git Blame Copy Permalink