48 lines
1.7 KiB
Rust
48 lines
1.7 KiB
Rust
use rocket::State;
|
|
use crate::helper::settings::Settings;
|
|
use crate::helper::session_cookies::model::SessionCookie;
|
|
use rocket::serde::json::Json;
|
|
|
|
|
|
use crate::modules::api::model::api_outcome::{ApiErrorWrapper, ApiError};
|
|
use crate::modules::api::member_management::controller::parser::{parse_member_cookie, parse_uuid_string};
|
|
use crate::database::controller::members::check_access_to_resource;
|
|
use crate::helper::translate_diesel_error::translate_diesel;
|
|
use crate::database::controller::appointments::{remove_appointment, get_appointment_with_id};
|
|
|
|
/// Removes appointment
|
|
///
|
|
/// # Api Call
|
|
/// * DELETE
|
|
/// * /api/appointments/<appointment_id>
|
|
///
|
|
/// # Api Result
|
|
/// * Api returns nothing or ApiError in ApiErrorWrapper
|
|
///
|
|
/// # Permission required
|
|
/// * modules.scheduler.appointments.edit on specified entity
|
|
#[delete("/api/appointments/<appointment_id>", format = "json")]
|
|
pub fn delete_appointment(
|
|
settings: &State<Settings>,
|
|
cookie: SessionCookie,
|
|
appointment_id: String,
|
|
) -> Result<(), Json<ApiErrorWrapper>> {
|
|
let caller = parse_member_cookie(cookie.member)?;
|
|
let ap_id : uuid::Uuid = parse_uuid_string(appointment_id)?;
|
|
|
|
let ap = match get_appointment_with_id(settings, ap_id){
|
|
Ok(ap) => ap,
|
|
Err(e) => return Err(translate_diesel(e))
|
|
};
|
|
|
|
if !check_access_to_resource(settings, caller.entity_id, ap.entity_id, crate::permissions::modules::scheduler::appointments::EDIT){
|
|
return Err(Json(
|
|
ApiError::new(403, "Keine Berechtigung, Termine zu löschen!".to_string()).to_wrapper(),
|
|
));
|
|
}
|
|
|
|
match remove_appointment(settings, ap_id){
|
|
Ok(_) => Ok(()),
|
|
Err(e) => Err(translate_diesel(e))
|
|
}
|
|
} |