Skip to content

GitLab

Commit 5691dc77 authored by Robert Czechowski's avatar Robert Czechowski
Browse files

First steps toward implementation of admin users search

parent 9d1c2191
Pipeline #591 failed with stage
in 4 minutes and 6 seconds
Hide whitespace changes
Inline Side-by-side
src/core.rs
View file @ 5691dc77
......@@ -1030,6 +1030,72 @@ pub fn edit_profile<T: MedalConnection>(conn: &T, session_token: &str, user_id:
Ok(result)
}
pub fn admin_search_users<T: MedalConnection>(conn: &T, session_token: &str,
s_data: (Option<i32>,
Option<String>,
Option<String>,
Option<String>,
Option<String>))
-> MedalValueResult
{
let mut session = conn.get_session(&session_token).ensure_logged_in().ok_or(MedalError::NotLoggedIn)?;
if session.id != 35 {
return Err(MedalError::AccessDenied);
}
let mut data = json_val::Map::new();
data.insert("results".to_string(), to_json(&conn.get_search_users(s_data)));
Ok(("admin_search_results".to_string(), data))
}
pub fn admin_show_user<T: MedalConnection>(conn: &T, user_id: i32, session_token: &str) -> MedalValueResult {
let mut session = conn.get_session(&session_token).ensure_logged_in().ok_or(MedalError::NotLoggedIn)?;
if session.id != 35 {
return Err(MedalError::AccessDenied);
}
let mut data = json_val::Map::new();
let (user, opt_group) = conn.get_user_and_group_by_id(user_id).ok_or(MedalError::AccessDenied)?;
data.insert("firstname".to_string(), to_json(&session.firstname));
data.insert("lastname".to_string(), to_json(&session.lastname));
if let Some(group) = opt_group {
data.insert("group_id".to_string(), to_json(&group.id));
data.insert("group_name".to_string(), to_json(&group.name));
}
Ok(("admin_user".to_string(), data))
}
pub fn admin_delete_user<T: MedalConnection>(conn: &T, user_id: i32, session_token: &str, csrf_token: &str)
-> MedalValueResult {
let mut data = json_val::Map::new();
Ok(("profile".to_string(), data))
}
pub fn admin_show_group<T: MedalConnection>(conn: &T, participation_id: i32, session_token: &str) -> MedalValueResult {
let mut data = json_val::Map::new();
Ok(("profile".to_string(), data))
}
pub fn admin_delete_group<T: MedalConnection>(conn: &T, participation_id: i32, session_token: &str, csrf_token: &str)
-> MedalValueResult {
let mut data = json_val::Map::new();
Ok(("profile".to_string(), data))
}
pub fn admin_show_participation<T: MedalConnection>(conn: &T, participation_id: i32, session_token: &str)
-> MedalValueResult {
let mut data = json_val::Map::new();
Ok(("profile".to_string(), data))
}
pub fn admin_delete_participation<T: MedalConnection>(conn: &T, participation_id: i32, session_token: &str,
csrf_token: &str)
-> MedalValueResult
{
let mut data = json_val::Map::new();
Ok(("profile".to_string(), data))
}
#[derive(PartialEq)]
pub enum UserType {
User,
......
src/db_conn.base.rs
View file @ 5691dc77
......@@ -1082,6 +1082,44 @@ impl MedalConnection for Connection {
Some(group)
}
fn get_search_users(&self,
(s_id, s_firstname, s_lastname, s_logincode, s_pms_id): (Option<i32>,
Option<String>,
Option<String>,
Option<String>,
Option<String>))
-> Vec<(i32, String, String)>
{
if let Some(id) = s_id {
let query = "SELECT id, firstname, lastname
FROM session
WHERE id = $1
LIMIT 30";
self.query_map_many(query, &[&id], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else if let Some(logincode) = s_logincode {
let query = "SELECT id, firstname, lastname
FROM session
WHERE logincode = $1
LIMIT 30";
self.query_map_many(query, &[&logincode], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else if let Some(pms_id) = s_pms_id {
let query = "SELECT id, firstname, lastname
FROM session
WHERE oauth_foreign_id = $1
LIMIT 30";
self.query_map_many(query, &[&pms_id], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else if let (Some(firstname), Some(lastname)) = (s_firstname, s_lastname) {
let query = "SELECT id, firstname, lastname
FROM session
WHERE firstname LIKE $1
AND lastname LIKE $2
LIMIT 30";
self.query_map_many(query, &[&firstname, &lastname], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else {
Vec::new()
}
}
fn get_debug_information(&self) -> String {
let duration = Duration::minutes(60);
let now = time::get_time();
......
src/db_conn.rs
View file @ 5691dc77
......@@ -50,6 +50,9 @@ pub trait MedalConnection {
fn get_groups_complete(&self, session_id: i32) -> Vec<Group>;
fn get_group_complete(&self, group_id: i32) -> Option<Group>;
fn get_search_users(&self, _: (Option<i32>, Option<String>, Option<String>, Option<String>, Option<String>))
-> Vec<(i32, String, String)>;
fn get_debug_information(&self) -> String;
fn reset_all_contest_visibilities(&self);
......
src/db_conn_postgres.rs
View file @ 5691dc77
......@@ -1178,6 +1178,44 @@ impl MedalConnection for Connection {
Some(group)
}
fn get_search_users(&self,
(s_id, s_firstname, s_lastname, s_logincode, s_pms_id): (Option<i32>,
Option<String>,
Option<String>,
Option<String>,
Option<String>))
-> Vec<(i32, String, String)>
{
if let Some(id) = s_id {
let query = "SELECT id, firstname, lastname
FROM session
WHERE id = $1
LIMIT 30";
self.query_map_many(query, &[&id], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else if let Some(logincode) = s_logincode {
let query = "SELECT id, firstname, lastname
FROM session
WHERE logincode = $1
LIMIT 30";
self.query_map_many(query, &[&logincode], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else if let Some(pms_id) = s_pms_id {
let query = "SELECT id, firstname, lastname
FROM session
WHERE oauth_foreign_id = $1
LIMIT 30";
self.query_map_many(query, &[&pms_id], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else if let (Some(firstname), Some(lastname)) = (s_firstname, s_lastname) {
let query = "SELECT id, firstname, lastname
FROM session
WHERE firstname LIKE $1
AND lastname LIKE $2
LIMIT 30";
self.query_map_many(query, &[&firstname, &lastname], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else {
Vec::new()
}
}
fn get_debug_information(&self) -> String {
let duration = Duration::minutes(60);
let now = time::get_time();
......
src/db_conn_sqlite_new.rs
View file @ 5691dc77
......@@ -1178,6 +1178,44 @@ impl MedalConnection for Connection {
Some(group)
}
fn get_search_users(&self,
(s_id, s_firstname, s_lastname, s_logincode, s_pms_id): (Option<i32>,
Option<String>,
Option<String>,
Option<String>,
Option<String>))
-> Vec<(i32, String, String)>
{
if let Some(id) = s_id {
let query = "SELECT id, firstname, lastname
FROM session
WHERE id = ?1
LIMIT 30";
self.query_map_many(query, &[&id], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else if let Some(logincode) = s_logincode {
let query = "SELECT id, firstname, lastname
FROM session
WHERE logincode = ?1
LIMIT 30";
self.query_map_many(query, &[&logincode], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else if let Some(pms_id) = s_pms_id {
let query = "SELECT id, firstname, lastname
FROM session
WHERE oauth_foreign_id = ?1
LIMIT 30";
self.query_map_many(query, &[&pms_id], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else if let (Some(firstname), Some(lastname)) = (s_firstname, s_lastname) {
let query = "SELECT id, firstname, lastname
FROM session
WHERE firstname LIKE ?1
AND lastname LIKE ?2
LIMIT 30";
self.query_map_many(query, &[&firstname, &lastname], |row| (row.get(0), row.get(1), row.get(2))).unwrap()
} else {
Vec::new()
}
}
fn get_debug_information(&self) -> String {
let duration = Duration::minutes(60);
let now = time::get_time();
......
src/webfw_iron.rs
View file @ 5691dc77
......@@ -871,6 +871,107 @@ fn user_post<C>(req: &mut Request) -> IronResult<Response>
//old: Ok(Response::with((status::Found, Redirect(url_for!(req, "user", "userid" => format!("{}",user_id))))))
}
fn admin<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let session_token = req.expect_session_token()?;
let mut data = json_val::Map::new();
let mut resp = Response::new();
resp.set_mut(Template::new("admin", data)).set_mut(status::Ok);
Ok(resp)
}
fn admin_users<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let session_token = req.expect_session_token()?;
let (s_id, s_firstname, s_lastname, s_logincode, s_pms_id) = {
let formdata = itry!(req.get_ref::<UrlEncodedBody>());
(formdata.get("id").map(|x| x[0].parse::<i32>().unwrap_or(0)),
formdata.get("firstname").map(|x| x[0].to_owned()),
formdata.get("lastname").map(|x| x[0].to_owned()),
formdata.get("logincode").map(|x| x[0].to_owned()),
formdata.get("pmsid").map(|x| x[0].to_owned()))
};
let (template, data) = with_conn![core::admin_search_users,
C,
req,
&session_token,
(s_id, s_firstname, s_lastname, s_logincode, s_pms_id)].aug(req)?;
let mut resp = Response::new();
resp.set_mut(Template::new(&template, data)).set_mut(status::Ok);
Ok(resp)
}
fn admin_user<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let user_id = req.expect_int::<i32>("userid")?;
let session_token = req.expect_session_token()?;
let csrf_token = if let Ok(formdata) = req.get_ref::<UrlEncodedBody>() {
// or iexpect!(formdata.get("csrf_token"))[0].to_owned(), ?
formdata.get("csrf_token").map(|x| x[0].to_owned())
} else {
None
};
let (template, data) = if let Some(csrf_token) = csrf_token {
with_conn![core::admin_delete_user, C, req, user_id, &session_token, &csrf_token].aug(req)?
} else {
with_conn![core::admin_show_user, C, req, user_id, &session_token].aug(req)?
};
let mut resp = Response::new();
resp.set_mut(Template::new(&template, data)).set_mut(status::Ok);
Ok(resp)
}
fn admin_group<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let group_id = req.expect_int::<i32>("userid")?;
let session_token = req.expect_session_token()?;
let csrf_token = if let Ok(formdata) = req.get_ref::<UrlEncodedBody>() {
formdata.get("csrf_token").map(|x| x[0].to_owned())
} else {
None
};
let (template, data) = if let Some(csrf_token) = csrf_token {
with_conn![core::admin_delete_group, C, req, group_id, &session_token, &csrf_token].aug(req)?
} else {
with_conn![core::admin_show_group, C, req, group_id, &session_token].aug(req)?
};
let mut resp = Response::new();
resp.set_mut(Template::new(&template, data)).set_mut(status::Ok);
Ok(resp)
}
fn admin_participation<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
let group_id = req.expect_int::<i32>("userid")?;
let session_token = req.expect_session_token()?;
let csrf_token = if let Ok(formdata) = req.get_ref::<UrlEncodedBody>() {
formdata.get("csrf_token").map(|x| x[0].to_owned())
} else {
None
};
let (template, data) = if let Some(csrf_token) = csrf_token {
with_conn![core::admin_delete_participation, C, req, group_id, &session_token, &csrf_token].aug(req)?
} else {
with_conn![core::admin_show_participation, C, req, group_id, &session_token].aug(req)?
};
let mut resp = Response::new();
resp.set_mut(Template::new(&template, data)).set_mut(status::Ok);
Ok(resp)
}
#[derive(Deserialize, Debug)]
struct OAuthAccess {
access_token: String,
......@@ -1097,6 +1198,14 @@ pub fn start_server<C>(conn: C, config: Config) -> iron::error::HttpResult<iron:
user: get "/user/:userid" => user::<C>,
user_post: post "/user/:userid" => user_post::<C>,
task: get "/task/:taskid" => task::<C>,
admin: get "/admin" => admin::<C>,
admin_users: post "/admin/user/" => admin_users::<C>,
admin_user: get "/admin/user/:userid" => admin_user::<C>,
admin_user_post: post "/admin/user/:userid" => admin_user::<C>,
admin_group: get "/admin/group/:groupid" => admin_group::<C>,
admin_group_post: post "/admin/group/:groupid" => admin_group::<C>,
admin_participation: get "/admin/participation/:participationid" => admin_participation::<C>,
admin_participation_post: post "/admin/participation/:participationid" => admin_participation::<C>,
oauth: get "/oauth/:oauthid" => oauth::<C>,
check_cookie: get "/cookie" => cookie_warning,
dbstatus: get "/dbstatus" => dbstatus::<C>,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment