postgres via sqlx - workable?
This commit is contained in:
@@ -8,24 +8,29 @@ use maud::{PreEscaped, html};
|
||||
use serde::Deserialize;
|
||||
|
||||
use crate::{
|
||||
database::{self},
|
||||
error::CompositeError,
|
||||
logs::{LogAction, LogEntry},
|
||||
users::{
|
||||
User,
|
||||
auth::{AuthError, UserAuthRequired, UserAuthenticate},
|
||||
auth::{UserAuthRequired, UserAuthenticate},
|
||||
handle::UserHandle,
|
||||
permissions::Permission,
|
||||
},
|
||||
web::{components::nav::nav, icons, pages::base},
|
||||
};
|
||||
|
||||
pub async fn page(req: Request) -> Result<Response, AuthError> {
|
||||
let u = match User::authenticate(req.headers())? {
|
||||
pub async fn page(
|
||||
axum::extract::State(state): axum::extract::State<crate::MnemoState>,
|
||||
req: Request,
|
||||
) -> Result<Response, CompositeError> {
|
||||
let mut conn = state.pool.acquire().await?;
|
||||
let u = match User::authenticate(&mut *conn, req.headers()).await? {
|
||||
Some(u) => u,
|
||||
None => return Ok(Redirect::to(&format!("/login?r={}", req.uri().path())).into_response()),
|
||||
};
|
||||
let conn = database::conn()?;
|
||||
let can_create = u
|
||||
.has_permission(&mut *conn, Permission::ManuallyCreateUsers)
|
||||
.await;
|
||||
|
||||
Ok(base(
|
||||
"Create User | Mnemosyne",
|
||||
@@ -38,7 +43,7 @@ pub async fn page(req: Request) -> Result<Response, AuthError> {
|
||||
span class="text-2xl font-semibold font-lora" {"Create a new user"}
|
||||
}
|
||||
}
|
||||
@if let Ok(true) = u.has_permission(&conn, Permission::ManuallyCreateUsers) {
|
||||
@if let Ok(true) = can_create {
|
||||
div class="mx-auto max-w-4xl px-2 mt-4" {
|
||||
form action="/users/create-form" method="post" class="flex flex-col" {
|
||||
label for="handle" class="font-light text-neutral-500" {"Handle"}
|
||||
@@ -68,26 +73,30 @@ pub struct CreateUserWithPasswordForm {
|
||||
password: String,
|
||||
}
|
||||
pub async fn create_user(
|
||||
axum::extract::State(state): axum::extract::State<crate::MnemoState>,
|
||||
headers: HeaderMap,
|
||||
Form(form): Form<CreateUserWithPasswordForm>,
|
||||
) -> Result<Response, CompositeError> {
|
||||
let u = User::authenticate(&headers)?.required()?;
|
||||
let mut conn = database::conn()?;
|
||||
let tx = conn.transaction()?;
|
||||
let mut tx = state.pool.begin().await?;
|
||||
let u = User::authenticate(&mut *tx, &headers).await?.required()?;
|
||||
|
||||
if !u.has_permission(&tx, Permission::ManuallyCreateUsers)? {
|
||||
if !u
|
||||
.has_permission(&mut *tx, Permission::ManuallyCreateUsers)
|
||||
.await?
|
||||
{
|
||||
return Ok((StatusCode::FORBIDDEN).into_response());
|
||||
}
|
||||
let mut nu = User::create(&tx, form.handle)?;
|
||||
nu.set_password(&tx, Some(&form.password))?;
|
||||
let mut nu = User::create(&mut *tx, form.handle).await?;
|
||||
nu.set_password(&mut *tx, Some(&form.password)).await?;
|
||||
LogEntry::new(
|
||||
&tx,
|
||||
&mut *tx,
|
||||
u,
|
||||
LogAction::CreateUser {
|
||||
id: nu.id,
|
||||
handle: nu.handle.as_str().to_string(),
|
||||
},
|
||||
)?;
|
||||
tx.commit()?;
|
||||
)
|
||||
.await?;
|
||||
tx.commit().await?;
|
||||
Ok(Redirect::to("/users").into_response())
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user