Various Fixes to API v1
All checks were successful
Run Tests on Code / run-tests (push) Successful in 0s

This commit is contained in:
Neshura 2023-12-12 22:11:32 +01:00
parent c0799484bb
commit 8373b278cc
Signed by: Neshura
GPG key ID: B6983AAA6B9A7A6C
2 changed files with 54 additions and 42 deletions

View file

@ -48,7 +48,9 @@ async fn verify_user_auth(data: &web::Data<AppState>, auth_token: &str, user_tok
// User Endpoints
#[utoipa::path(
request_body = schemas::GetUserParams,
params(
schemas::GetUserParams
),
responses(
(status = 200, description = "OK", body = User),
(status = 403, description = "Unauthorized"),
@ -59,7 +61,7 @@ async fn verify_user_auth(data: &web::Data<AppState>, auth_token: &str, user_tok
),
)]
#[get("/api/v1/user")]
async fn get_user(
pub(crate) async fn get_user(
data: web::Data<AppState>,
params: web::Json<schemas::GetUserParams>,
req: HttpRequest,
@ -195,10 +197,18 @@ pub(crate) async fn update_user(
None => return HttpResponse::Unauthorized().finish(),
};
let mut user_permissions: HashMap<String, bool> = HashMap::new();
match params.permissions {
Some(data) => {user_permissions = data.clone()},
None => {},
}
let mut elevated_auth = false;
if params.permissions["game_permissions"] || params.permissions["empire_permissions"] || params.permissions["data_permissions"] || params.permissions["user_permissions"] {
if user_permissions.len() != 0 {
if user_permissions["game_permissions"] || user_permissions["empire_permissions"] || user_permissions["data_permissions"] || user_permissions["user_permissions"] {
elevated_auth = true;
}
}
let auth = verify_user_auth(&data, &auth_token, &params.user_token, schemas::TablePermission::User, elevated_auth).await;
@ -225,7 +235,8 @@ pub(crate) async fn update_user(
any_param_present = true;
}
for (entry, value) in params.permissions.iter() {
if user_permissions.len() != 0 {
for (entry, value) in user_permissions.iter() {
match entry.deref() {
"game_permissions" => {
user_query_separated.push( " game_permissions = ");
@ -262,6 +273,7 @@ pub(crate) async fn update_user(
_ => {}
}
}
}
if any_param_present {
user_query_separated.push_unseparated(" WHERE token = ").push_bind_unseparated(params.user_token);

View file

@ -1,6 +1,6 @@
use std::collections::HashMap;
use serde::{Deserialize, Serialize};
use utoipa::{ToSchema};
use utoipa::{IntoParams, ToSchema};
// DB Permission Enums
@ -32,7 +32,7 @@ pub struct User {
pub permissions: HashMap<String, bool>,
}
#[derive(Serialize, Deserialize, ToSchema, Debug)]
#[derive(Serialize, Deserialize, ToSchema, Debug, IntoParams)]
pub struct GetUserParams {
#[schema(example = "abcdef")]
pub user_token: String,
@ -54,7 +54,7 @@ pub struct UpdateUserParams {
[\"user_permissions\"]: false,
}\
")]
pub permissions: HashMap<String, bool>,
pub permissions: Option<HashMap<String, bool>>,
}
#[derive(Serialize, Deserialize, ToSchema, Debug)]