diff options
| -rw-r--r-- | README.md | 11 | ||||
| -rw-r--r-- | src/db.rs | 14 | ||||
| -rw-r--r-- | src/main.rs | 31 |
3 files changed, 53 insertions, 3 deletions
@@ -38,7 +38,7 @@ - JSON `{"id": "ID", "session": "SESSION_KEY"}` - Response - 200 Ok - - JSON `{"name": "NAME", "id": "ID", tokovec: [{"color": "COLOR", "amount": 2}, ..]}` + - JSON `{"name": "NAME", "id": "ID", is_admin: bool, tokovec: [{"color": "COLOR", "amount": 2}, ..]}` - 404 Not Found - JSON `"Not Found"` - JSON `"Not Authenticated"` @@ -103,4 +103,11 @@ - JSON `{"id": "ID", "session": "SESSION_KEY", "name": "USERNAME"}` - Response - 200 Ok - - 500 Internal Server Error`
\ No newline at end of file + - 500 Internal Server Error +- POST `/admin/regkey/new` + - Request + - JSON `{"id": "ID", "session": "SESSION_KEY", "key": "REGISTRATION_KEY"}` + - Response + - 200 Ok + - 500 Internal Server Error + - JSON `"Not an admin"`
\ No newline at end of file @@ -66,6 +66,10 @@ impl User { User { name, is_admin: admin, hashed_password, id, tokovec: base_tokens, sessions: HashMap::new() } } + pub fn is_admin(&self) -> bool { + self.is_admin + } + fn update_name(&mut self, new_name: String) { self.name = new_name; } @@ -298,6 +302,16 @@ impl DB { self.registration_keys.push(key.clone()) } + pub async fn new_registration_key(&mut self, id: UID, session: &String, key: &String) -> Result<(), String> { + let u = self.get_user_authenticated(id, session).await?; + if u.is_admin { + self.add_key(key); + self.save().await + } else { + Err("Not an admin".into()) + } + } + pub async fn new_user(&mut self, name: String, password: String, id: UID, key: &String) -> Result<User, String> { if self.use_key(key).await.is_ok() { let mut is_admin = false; diff --git a/src/main.rs b/src/main.rs index 63a497d..81b416c 100644 --- a/src/main.rs +++ b/src/main.rs @@ -22,11 +22,12 @@ async fn index() -> &'static str { struct AuthUserOut { name: String, id: UID, + is_admin: bool, tokovec: Vec<Token>, } impl Into<AuthUserOut> for User { fn into(self) -> AuthUserOut { - AuthUserOut { name: self.get_name(), id: self.get_id(), tokovec: self.get_tokovec() } + AuthUserOut { name: self.get_name(), id: self.get_id(), is_admin: self.is_admin(), tokovec: self.get_tokovec() } } } #[derive(Serialize)] @@ -222,6 +223,33 @@ async fn update_name(data: Json<UpdatePasswordForm>, db: &State<Mutex<DB>>) -> ( } } +#[derive(Deserialize)] +struct NewRegistrationKeyForm { + id: UID, + session: String, + key: String, +} + +#[post("/regkey/new", data="<data>", format="json")] +async fn new_registration_key(data: Json<NewRegistrationKeyForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), Json<String>>) { + let mut db = db.lock().await; + match db.new_registration_key(data.id, &data.session, &data.key).await { + Ok(_) => (Status::Ok, Ok(())), + Err(n) => (Status::InternalServerError, Err(n.into())) + } +} + +#[post("/regkey/list", data="<data>", format="json")] +async fn list_registration_keys(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), Json<String>>) { + (Status::NotFound, Err("NOT IMPLEMENTED".to_string().into())) +} + +#[post("/regkey/del", data="<data>", format="json")] +async fn del_registration_key(data: Json<NewRegistrationKeyForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), Json<String>>) { + (Status::NotFound, Err("NOT IMPLEMENTED".to_string().into())) +} + + #[derive(Deserialize, Debug)] struct TransferForm { id: UID, @@ -259,5 +287,6 @@ fn rocket() -> _ { .mount("/user", routes![login, get_users_by_name, get_user_authenticated, get_user, new_user, get_all_users, logout, logout_all, get_sessions, delete]) .mount("/user/update", routes![update_name, update_password]) .mount("/transfer", routes![transfer_out]) + .mount("/admin", routes![new_registration_key, list_registration_keys, del_registration_key]) .attach(cors) }
\ No newline at end of file |