Commit 27aa6971 authored by sebastian@vanwa.ch's avatar sebastian@vanwa.ch

test

parent a5ac4474
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="CargoProjects">
<cargoProject FILE="$PROJECT_DIR$/Cargo.toml" />
</component>
<component name="MacroExpansionManager">
<option name="directoryName" value="qoekAiha" />
</component>
<component name="ProjectRootManager">
<output url="file://$PROJECT_DIR$/out" />
</component>
<component name="RustProjectSettings">
<option name="macroExpansionEngine" value="NEW" />
<option name="runRustfmtOnSave" value="true" />
<option name="toolchainHomeDirectory" value="$USER_HOME$/.cargo/bin" />
<option name="version" value="2" />
</component>
</project>
\ No newline at end of file
......@@ -4,7 +4,6 @@
* * file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/
mod admin;
mod albums;
mod artists;
mod authenticated;
......@@ -16,6 +15,7 @@ mod scan;
mod stream;
mod tracks;
mod user;
mod with_role;
use crate::api::v1::albums::AlbumRoutes;
use crate::api::v1::artists::ArtistRoutes;
......
......@@ -4,9 +4,9 @@
* * file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/
use crate::api::v1::admin::Admin;
use crate::api::v1::authenticated::Authenticated;
use crate::api::v1::error::Error;
use crate::api::v1::with_role::UserWithRole;
use crate::api::v1::Routes;
use crate::config::{DbConn, MediaDir, UnknownCover};
use crate::ffmpeg::Ffmpeg;
......@@ -46,7 +46,7 @@ pub fn route_start(
media_dir: State<MediaDir>,
ffmpeg: State<Ffmpeg>,
unknown_cover: State<UnknownCover>,
_admin: Admin,
_admin: UserWithRole,
con: DbConn,
) -> Result<Custom<String>, Error> {
let ffmpeg = std::sync::Arc::new(ffmpeg.clone());
......
......@@ -4,9 +4,9 @@
* * file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/
use crate::api::v1::admin::Admin;
use crate::api::v1::authenticated::Authenticated;
use crate::api::v1::error::Error;
use crate::api::v1::with_role::UserWithRole;
use crate::api::v1::{RouteCreate, RouteDelete, RouteId, Routes};
use crate::auth::password;
use crate::auth::roles::Role;
......@@ -54,7 +54,7 @@ pub fn route_id(id: String, user: Authenticated, con: DbConn) -> Result<Content<
#[post("/users", data = "<user>")]
pub fn route_create(
user: Json<UserParam>,
_admin: Admin,
_admin: UserWithRole,
con: DbConn,
argon2_params: State<Argon2Params>,
) -> Result<Created<String>, Error> {
......@@ -82,6 +82,10 @@ pub fn route_create(
}
#[delete("/users/<id>")]
pub fn route_delete(id: String, _admin: Admin, con: DbConn) -> Result<Custom<String>, Error> {
pub fn route_delete(
id: String,
_admin: UserWithRole,
con: DbConn,
) -> Result<Custom<String>, Error> {
Ok(UserRoutes::delete(&con, &[&id])?)
}
......@@ -13,30 +13,30 @@ use rocket::Outcome;
#[derive(Debug)]
/// Ensures a user has the admin role
pub struct Admin {
pub admin: User,
pub struct UserWithRole {
pub user: User,
}
#[derive(Debug)]
pub enum AdminError {
pub enum RoleError {
Forbidden,
}
impl<'a, 'r> FromRequest<'a, 'r> for Admin {
type Error = AdminError;
impl<'a, 'r> FromRequest<'a, 'r> for UserWithRole {
type Error = RoleError;
fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, AdminError> {
fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, RoleError> {
let user = request
.guard::<Authenticated>()
.succeeded()
.ok_or_else(|| Err((Status::Forbidden, AdminError::Forbidden)))?;
.ok_or_else(|| Err((Status::Forbidden, RoleError::Forbidden)))?;
if user.userinfo.has_role(&Role::Admin) {
Outcome::Success(Admin {
admin: user.userinfo,
Outcome::Success(UserWithRole {
user: user.userinfo,
})
} else {
Outcome::Failure((Status::Unauthorized, AdminError::Forbidden))
Outcome::Failure((Status::Unauthorized, RoleError::Forbidden))
}
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment