gractwo/mnemosyne
4
0
Fork 0
Code Pull Requests Actions Packages Activity

log everything

Browse Source
This commit is contained in:
jakubmanczak
2026-04-04 02:44:17 +02:00
parent 449136ce37
commit d8fb561bca
7 changed files with 246 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
src/api/persons.rs
View File

@@ -9,7 +9,8 @@ use uuid::Uuid;
use crate::{
api::CompositeError,
database,
database::{self, DatabaseError},
logs::{LogAction, LogEntry},
persons::{Name, Person},
users::{
User,
@@ -52,8 +53,19 @@ pub async fn create(
Json(form): Json<PersonNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
let p = Person::create(&conn, form.name, u.id)?;
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
let p = Person::create(&tx, form.name, u.id)?;
LogEntry::new(
&tx,
u,
LogAction::CreatePerson {
id: p.id,
pname: p.primary_name.as_str().to_string(),
},
)?;
tx.commit().map_err(DatabaseError::from)?;
Ok((StatusCode::CREATED, Json(p)).into_response())
}
pub async fn add_name(
@@ -62,10 +74,22 @@ pub async fn add_name(
Json(form): Json<PersonNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
let p = Person::get_by_id(&conn, id)?;
let n = p.add_name(&conn, form.name, u.id)?;
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
let p = Person::get_by_id(&tx, id)?;
let n = p.add_name(&tx, form.name, u.id)?;
LogEntry::new(
&tx,
u,
LogAction::AddPersonName {
pid: p.id,
nid: n.id,
pn: p.primary_name,
nn: n.name.clone(),
},
)?;
tx.commit().map_err(DatabaseError::from)?;
Ok((StatusCode::CREATED, Json(n)).into_response())
}
@@ -79,13 +103,28 @@ pub async fn n_setprimary(
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
if !u.has_permission(&conn, Permission::ChangePersonPrimaryName)? {
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
if !u.has_permission(&tx, Permission::ChangePersonPrimaryName)? {
return Ok((StatusCode::FORBIDDEN, CANT_SET_PRIMARYNAME).into_response());
}
let mut n = Name::get_by_id(&conn, id)?;
n.set_primary(&conn)?;
let mut n = Name::get_by_id(&tx, id)?;
let p = Person::get_by_id(&tx, n.person_id)?;
n.set_primary(&tx)?;
n.is_primary = true;
LogEntry::new(
&tx,
u,
LogAction::SetPersonPrimaryName {
pid: p.id,
nid: n.id,
on: p.primary_name,
nn: n.name.clone(),
},
)?;
tx.commit().map_err(DatabaseError::from)?;
Ok(Json(n).into_response())
}

12
src/api/quotes.rs
View File

@@ -10,7 +10,8 @@ use uuid::Uuid;
use crate::{
api::CompositeError,
database,
database::{self, DatabaseError},
logs::{LogAction, LogEntry},
persons::Name,
quotes::Quote,
users::{
@@ -48,16 +49,17 @@ pub async fn create(
Json(form): Json<QuoteCreateForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
let lines = form
.lines
.into_iter()
.map(|l| Ok((l.content, Name::get_by_id(&conn, l.name_id)?)))
.map(|l| Ok((l.content, Name::get_by_id(&tx, l.name_id)?)))
.collect::<Result<Vec<(String, Name)>, CompositeError>>()?;
let q = Quote::create(
&conn,
&tx,
lines,
form.timestamp,
form.context,
@@ -66,5 +68,7 @@ pub async fn create(
form.public,
)?;
LogEntry::new(&tx, u, LogAction::CreateQuote { id: q.id })?;
tx.commit().map_err(DatabaseError::from)?;
Ok((StatusCode::CREATED, Json(q)).into_response())
}

18
src/api/sessions.rs
View File

@@ -8,7 +8,8 @@ use uuid::Uuid;
use crate::{
api::CompositeError,
database,
database::{self, DatabaseError},
logs::{LogAction, LogEntry},
users::{
User,
auth::{UserAuthRequired, UserAuthenticate},
@@ -17,7 +18,7 @@ use crate::{
},
};
const CANT_REVOKE: &str = "You don't have permission to change this user's password.";
const CANT_REVOKE: &str = "You don't have permission to revoke this user's sessions.";
pub async fn get_by_id(
Path(id): Path<Uuid>,
@@ -41,18 +42,21 @@ pub async fn revoke_by_id(
headers: HeaderMap,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
let mut s = Session::get_by_id(&conn, id)?;
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
let mut s = Session::get_by_id(&tx, id)?;
match s.user_id == u.id
|| u.has_permission(&conn, Permission::RevokeOthersSessions)
|| u.has_permission(&tx, Permission::RevokeOthersSessions)
.is_ok_and(|v| v)
{
true => {
s.revoke(&conn, Some(&u))?;
s.revoke(&tx, Some(&u))?;
LogEntry::new(&tx, u, LogAction::ManuallyRevokeSession { id })?;
tx.commit().map_err(DatabaseError::from)?;
Ok(Json(s).into_response())
}
false => match u.has_permission(&conn, Permission::ListOthersSessions)? {
false => match u.has_permission(&tx, Permission::ListOthersSessions)? {
true => Ok((StatusCode::FORBIDDEN, CANT_REVOKE).into_response()),
false => Err(SessionError::NoSessionWithId(id))?,
},

57
src/api/tags.rs
View File

@@ -9,7 +9,8 @@ use uuid::Uuid;
use crate::{
api::CompositeError,
database,
database::{self, DatabaseError},
logs::{LogAction, LogEntry},
tags::{Tag, TagName},
users::{
User,
@@ -56,11 +57,24 @@ pub async fn create(
Json(form): Json<TagNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
if !u.has_permission(&conn, Permission::CreateTags)? {
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
if !u.has_permission(&tx, Permission::CreateTags)? {
return Ok((StatusCode::FORBIDDEN, CANT_MAKE_TAGS).into_response());
}
Ok(Json(Tag::create(&conn, form.name)?).into_response())
let t = Tag::create(&tx, form.name)?;
LogEntry::new(
&tx,
u,
LogAction::CreateTag {
id: t.id,
name: t.name.as_str().to_string(),
},
)?;
tx.commit().map_err(DatabaseError::from)?;
Ok(Json(t).into_response())
}
pub async fn rename(
@@ -69,21 +83,42 @@ pub async fn rename(
Json(form): Json<TagNameForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
if !u.has_permission(&conn, Permission::RenameTags)? {
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
if !u.has_permission(&tx, Permission::RenameTags)? {
return Ok((StatusCode::FORBIDDEN, CANT_RENAME_TAGS).into_response());
}
let mut tag = Tag::get_by_id(&conn, id)?;
tag.rename(&conn, form.name)?;
let mut tag = Tag::get_by_id(&tx, id)?;
let on = tag.name.as_str().to_string();
tag.rename(&tx, form.name)?;
LogEntry::new(
&tx,
u,
LogAction::RenameTag {
id,
on,
nn: tag.name.as_str().to_string(),
},
)?;
tx.commit().map_err(DatabaseError::from)?;
Ok(Json(tag).into_response())
}
pub async fn delete(Path(id): Path<Uuid>, headers: HeaderMap) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
if !u.has_permission(&conn, Permission::DeleteTags)? {
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
if !u.has_permission(&tx, Permission::DeleteTags)? {
return Ok((StatusCode::FORBIDDEN, CANT_DEL_TAGS).into_response());
}
Tag::get_by_id(&conn, id)?.delete(&conn)?;
let t = Tag::get_by_id(&tx, id)?;
let name = t.name.as_str().to_string();
t.delete(&tx)?;
LogEntry::new(&tx, u, LogAction::DeleteTag { id, name })?;
tx.commit().map_err(DatabaseError::from)?;
Ok((StatusCode::OK, TAG_DELETED).into_response())
}

67
src/api/users.rs
View File

@@ -9,7 +9,8 @@ use uuid::Uuid;
use crate::{
api::CompositeError,
database,
database::{self, DatabaseError},
logs::{LogAction, LogEntry},
users::{
User,
auth::{UserAuthRequired, UserAuthenticate},
@@ -61,11 +62,25 @@ pub async fn create(
Json(form): Json<HandleForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
if !u.has_permission(&conn, Permission::ManuallyCreateUsers)? {
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
if !u.has_permission(&tx, Permission::ManuallyCreateUsers)? {
return Ok((StatusCode::FORBIDDEN, CANT_MANUALLY_MAKE_USERS).into_response());
}
Ok(Json(User::create(&conn, form.handle)?).into_response())
let nu = User::create(&tx, form.handle)?;
LogEntry::new(
&tx,
u,
LogAction::CreateUser {
id: nu.id,
handle: nu.handle.as_str().to_string(),
},
)?;
tx.commit().map_err(DatabaseError::from)?;
Ok(Json(nu).into_response())
}
pub async fn change_handle(
Path(id): Path<Uuid>,
@@ -73,17 +88,31 @@ pub async fn change_handle(
Json(form): Json<HandleForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
let mut target = if u.id == id {
u
u.clone()
} else {
if !u.has_permission(&conn, Permission::ChangeOthersHandles)? {
if !u.has_permission(&tx, Permission::ChangeOthersHandles)? {
return Ok((StatusCode::FORBIDDEN, CANT_CHANGE_OTHERS_HANDLE).into_response());
}
User::get_by_id(&conn, id)?
User::get_by_id(&tx, id)?
};
target.set_handle(&conn, form.handle)?;
let old_handle = target.handle.as_str().to_string();
target.set_handle(&tx, form.handle)?;
LogEntry::new(
&tx,
u,
LogAction::ChangeUserHandle {
id: target.id,
old: old_handle,
new: target.handle.as_str().to_string(),
},
)?;
tx.commit().map_err(DatabaseError::from)?;
Ok(HANDLE_CHANGED_SUCCESS.into_response())
}
@@ -97,15 +126,25 @@ pub async fn change_password(
Json(form): Json<ChangePasswordForm>,
) -> Result<Response, CompositeError> {
let u = User::authenticate(&headers)?.required()?;
let conn = database::conn()?;
let mut conn = database::conn()?;
let tx = conn.transaction().map_err(DatabaseError::from)?;
let mut target = if u.id == id {
u
u.clone()
} else {
if !u.has_permission(&conn, Permission::ChangeOthersPasswords)? {
if !u.has_permission(&tx, Permission::ChangeOthersPasswords)? {
return Ok((StatusCode::FORBIDDEN, CANT_CHANGE_OTHERS_PASSW).into_response());
}
User::get_by_id(&conn, id)?
User::get_by_id(&tx, id)?
};
target.set_password(&conn, Some(&form.password))?;
target.set_password(&tx, Some(&form.password))?;
LogEntry::new(
&tx,
u,
LogAction::ManuallyChangeUsersPassword { id: target.id },
)?;
tx.commit().map_err(DatabaseError::from)?;
Ok(PASSW_CHANGED_SUCCESS.into_response())
}