Adds an AdminPanel with currently active registration tokens.

2022-06-04 21:42:45 +02:00
parent 34737bfb6b
commit 65d2dece55
13 changed files with 490 additions and 48 deletions
--- a/backend/src/api.rs
+++ b/backend/src/api.rs
@@ -1,8 +1,11 @@
+use crate::schema;
+use crate::schema::admin::RegistrationToken;
 use crate::schema::gamenight::*;
 use crate::schema::users::*;
 use crate::schema::DatabaseError;
 use crate::schema::DbConn;
 use crate::AppConfig;
+use chrono::DateTime;
 use chrono::Utc;
 use futures::future::join_all;
 use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, Validation};
@@ -31,6 +34,8 @@ pub enum ApiData {
    Gamenight(GamenightOutput),
    #[serde(rename = "games")]
    Games(Vec<Game>),
+    #[serde(rename = "registration_tokens")]
+    RegistrationTokens(Vec<RegistrationToken>),
 }

 #[derive(Serialize, Deserialize, Debug)]
@@ -94,6 +99,14 @@ impl ApiResponse {
            data: Some(ApiData::Games(games)),
        }
    }
+
+    fn registration_tokens_response(tokens: Vec<RegistrationToken>) -> Self {
+        Self {
+            result: Self::SUCCES_RESULT,
+            message: None,
+            data: Some(ApiData::RegistrationTokens(tokens)),
+        }
+    }
 }

 #[derive(Debug)]
@@ -249,7 +262,7 @@ pub async fn gamenights_unauthorized() -> ApiResponseVariant {
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct GamenightInput {
    pub name: String,
-    pub datetime: String,
+    pub datetime: DateTime<Utc>,
    pub owner_id: Option<Uuid>,
    pub game_list: Vec<Game>,
 }
@@ -474,3 +487,87 @@ pub async fn delete_participants(
 pub async fn delete_participants_unauthorized() -> ApiResponseVariant {
    ApiResponseVariant::Status(Status::Unauthorized)
 }
+
+#[derive(Deserialize)]
+pub struct RegistrationTokenData {
+    single_use: bool,
+    expires: Option<DateTime<Utc>>,
+}
+
+impl Into<RegistrationToken> for RegistrationTokenData {
+    fn into(self) -> RegistrationToken {
+        use rand::Rng;
+        let random_bytes = rand::thread_rng().gen::<[u8; 24]>();
+        RegistrationToken {
+            id: Uuid::new_v4(),
+            token: base64::encode_config(random_bytes, base64::URL_SAFE),
+            single_use: self.single_use,
+            expires: self.expires,
+        }
+    }
+}
+
+#[post(
+    "/admin/registration_tokens",
+    format = "application/json",
+    data = "<token_json>"
+)]
+pub async fn add_registration_token(
+    conn: DbConn,
+    user: User,
+    token_json: Json<RegistrationTokenData>,
+) -> ApiResponseVariant {
+    if user.role != Role::Admin {
+        return ApiResponseVariant::Status(Status::Unauthorized);
+    }
+
+    match schema::admin::add_registration_token(&conn, token_json.into_inner().into()).await {
+        Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
+        Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
+    }
+}
+
+#[post("/admin/registration_tokens", rank = 2)]
+pub async fn add_registration_token_unauthorized() -> ApiResponseVariant {
+    ApiResponseVariant::Status(Status::Unauthorized)
+}
+
+#[get("/admin/registration_tokens")]
+pub async fn get_registration_tokens(conn: DbConn, user: User) -> ApiResponseVariant {
+    if user.role != Role::Admin {
+        return ApiResponseVariant::Status(Status::Unauthorized);
+    }
+
+    match schema::admin::get_all_registration_tokens(&conn).await {
+        Ok(results) => {
+            ApiResponseVariant::Value(json!(ApiResponse::registration_tokens_response(results)))
+        }
+        Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
+    }
+}
+
+#[get("/admin/registration_tokens", rank = 2)]
+pub async fn get_registration_tokens_unauthorized() -> ApiResponseVariant {
+    ApiResponseVariant::Status(Status::Unauthorized)
+}
+
+#[delete("/admin/registration_tokens/<gamenight_id>")]
+pub async fn delete_registration_tokens(
+    conn: DbConn,
+    user: User,
+    gamenight_id: String,
+) -> ApiResponseVariant {
+    if user.role != Role::Admin {
+        return ApiResponseVariant::Status(Status::Unauthorized);
+    }
+    
+    let uuid = Uuid::parse_str(&gamenight_id).unwrap();
+    match schema::admin::delete_registration_token(&conn, uuid).await {
+        Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
+        Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
+    }
+}
+#[delete("/admin/registration_tokens", rank = 2)]
+pub async fn delete_registration_tokens_unauthorized() -> ApiResponseVariant {
+    ApiResponseVariant::Status(Status::Unauthorized)
+}
--- a/backend/src/main.rs
+++ b/backend/src/main.rs
@@ -68,6 +68,12 @@ async fn rocket() -> _ {
                api::post_participants_unauthorized,
                api::delete_participants,
                api::delete_participants_unauthorized,
+                api::add_registration_token,
+                api::add_registration_token_unauthorized,
+                api::get_registration_tokens,
+                api::get_registration_tokens_unauthorized,
+                api::delete_registration_tokens,
+                api::delete_registration_tokens_unauthorized,
            ],
        );

--- a/backend/src/schema/admin.rs
+++ b/backend/src/schema/admin.rs
@@ -0,0 +1,54 @@
+use crate::schema::{DatabaseError, DbConn};
+use chrono::DateTime;
+use chrono::Utc;
+use diesel::{QueryDsl, RunQueryDsl, ExpressionMethods};
+use serde::{Deserialize, Serialize};
+use uuid::Uuid;
+
+table! {
+    registration_tokens (id) {
+        id -> diesel::sql_types::Uuid,
+        token -> Char,
+        single_use -> Bool,
+        expires -> Nullable<Timestamptz>,
+    }
+}
+
+#[derive(Serialize, Deserialize, Debug, Insertable, Queryable)]
+#[table_name = "registration_tokens"]
+pub struct RegistrationToken {
+    pub id: Uuid,
+    pub token: String,
+    pub single_use: bool,
+    pub expires: Option<DateTime<Utc>>,
+}
+
+pub async fn get_all_registration_tokens(
+    conn: &DbConn,
+) -> Result<Vec<RegistrationToken>, DatabaseError> {
+    Ok(conn
+        .run(|c| registration_tokens::table.load::<RegistrationToken>(c))
+        .await?)
+}
+
+pub async fn add_registration_token(
+    conn: &DbConn,
+    token: RegistrationToken,
+) -> Result<usize, DatabaseError> {
+    Ok(conn
+        .run(|c| {
+            diesel::insert_into(registration_tokens::table)
+                .values(token)
+                .execute(c)
+        })
+        .await?)
+}
+
+pub async fn delete_registration_token(conn: &DbConn, id: Uuid) -> Result<usize, DatabaseError> {
+    Ok(conn
+        .run(move |c| {
+            diesel::delete(registration_tokens::table.filter(registration_tokens::id.eq(id)))
+                .execute(c)
+        })
+        .await?)
+}
--- a/backend/src/schema/gamenight.rs
+++ b/backend/src/schema/gamenight.rs
@@ -1,5 +1,6 @@
 use crate::schema::users::{users, User};
 use crate::schema::{DatabaseError, DbConn};
+use chrono::{DateTime, Utc};
 use diesel::{Connection, ExpressionMethods, QueryDsl, RunQueryDsl};
 use serde::{Deserialize, Serialize};
 use uuid::Uuid;
@@ -8,7 +9,7 @@ table! {
    gamenight (id) {
        id -> diesel::sql_types::Uuid,
        name -> VarChar,
-        datetime -> VarChar,
+        datetime -> Timestamptz,
        owner_id -> Uuid,
    }
 }
@@ -46,7 +47,7 @@ pub struct Game {
 pub struct Gamenight {
    pub id: Uuid,
    pub name: String,
-    pub datetime: String,
+    pub datetime: DateTime<Utc>,
    pub owner_id: Uuid,
 }

--- a/backend/src/schema/mod.rs
+++ b/backend/src/schema/mod.rs
@@ -1,3 +1,4 @@
+pub mod admin;
 pub mod gamenight;
 pub mod users;