BasicOIDC/src/controllers/admin_api.rs

use crate::actors::users_actor;
use actix::Addr;
use actix_web::{web, HttpResponse, Responder};

use crate::actors::users_actor::{DeleteUserRequest, FindUserByUsername, UsersActor};
use crate::data::action_logger::{Action, ActionLogger};
use crate::data::critical_route::CriticalRoute;
use crate::data::current_user::CurrentUser;
use crate::data::user::UserID;
use crate::utils::string_utils;

#[derive(serde::Deserialize)]
pub struct FindUserNameReq {
    username: String,
}

#[derive(serde::Serialize)]
struct FindUserResult {
    user_id: Option<String>,
}

pub async fn find_username(
    _critical: CriticalRoute,
    req: web::Form<FindUserNameReq>,
    users: web::Data<Addr<UsersActor>>,
) -> impl Responder {
    if !string_utils::is_acceptable_login(&req.username) {
        return HttpResponse::BadRequest().json("Invalid login!");
    }

    let res = users
        .send(FindUserByUsername(req.0.username))
        .await
        .unwrap();
    HttpResponse::Ok().json(FindUserResult {
        user_id: res.0.map(|r| r.uid.0),
    })
}

#[derive(serde::Deserialize)]
pub struct DeleteUserReq {
    user_id: UserID,
}

pub async fn delete_user(
    _critical: CriticalRoute,
    user: CurrentUser,
    req: web::Form<DeleteUserReq>,
    users: web::Data<Addr<UsersActor>>,
    action_logger: ActionLogger,
) -> impl Responder {
    if user.uid == req.user_id {
        return HttpResponse::BadRequest().body("You can not remove your own account!");
    }

    let user = match users
        .send(users_actor::GetUserRequest(req.user_id.clone()))
        .await
        .unwrap()
        .0
    {
        None => return HttpResponse::NotFound().body("Could not find a user to remove!"),
        Some(u) => u,
    };

    let res = users.send(DeleteUserRequest(req.0.user_id)).await.unwrap();
    if res {
        action_logger.log(Action::AdminDeleteUser(&user));
        HttpResponse::Ok().finish()
    } else {
        HttpResponse::InternalServerError().finish()
    }
}