79 lines
3.5 KiB
Rust
79 lines
3.5 KiB
Rust
use crate::helper::settings::Settings;
|
|
use rocket::State;
|
|
use crate::helper::session_cookies::model::SessionCookie;
|
|
use rocket::serde::json::Json;
|
|
use crate::modules::api::model::api_outcome::{ApiErrorWrapper, ApiError};
|
|
use crate::modules::api::member_management::controller::parser::{parse_member_cookie, parse_uuid_string};
|
|
use crate::database::controller::events::change_position_instances;
|
|
use crate::helper::translate_diesel_error::translate_diesel;
|
|
use crate::modules::event_management::check_position_requirements::{check_position_requirements, RequirementParserError};
|
|
|
|
#[put("/api/events/instances/<instance_id>/positions/<position_id>/entities/<entity_id>", format = "json", rank = 1)]
|
|
pub fn put_entity_in_position(
|
|
settings: &State<Settings>,
|
|
cookie: SessionCookie,
|
|
instance_id: String,
|
|
position_id: String,
|
|
entity_id: String,
|
|
) -> Result<Json<usize>, Json<ApiErrorWrapper>> {
|
|
let caller = parse_member_cookie(cookie.member)?;
|
|
|
|
let position_id = parse_uuid_string(position_id)?;
|
|
let entity_id = parse_uuid_string(entity_id)?;
|
|
|
|
if caller.entity_id == entity_id {
|
|
match check_position_requirements(settings, position_id, entity_id){
|
|
Ok(res) => {
|
|
if !res{ //if member tries to add himself to a position, but don't fulfill the position requirements AND don't have the event edit permission (overwrite), abort
|
|
if !caller.has_permission(crate::permissions::modules::event_management::events::EDIT.to_string()) {
|
|
return Err(Json(
|
|
ApiError::new(403, "Keine Berechtigung Einsätze zu bearbeiten!".to_string()).to_wrapper(),
|
|
));
|
|
}
|
|
}
|
|
}
|
|
Err(e) => {
|
|
match e{
|
|
RequirementParserError::Database(e) => {
|
|
return Err(translate_diesel(e))
|
|
}
|
|
RequirementParserError::Parser(e) => {
|
|
error!("Couldn't parse requirements: {}", e.as_str());
|
|
return Err(Json(ApiError::new(400, "invalid json for requirements".to_string()).to_wrapper()))
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}else{
|
|
if !caller.has_permission(crate::permissions::modules::event_management::events::EDIT.to_string()) {
|
|
return Err(Json(
|
|
ApiError::new(403, "Keine Berechtigung Einsätze zu bearbeiten!".to_string()).to_wrapper(),
|
|
));
|
|
}
|
|
}
|
|
|
|
match change_position_instances(settings, parse_uuid_string(instance_id)?, position_id, Some(entity_id)){
|
|
Ok(pos) => Ok(Json(pos)),
|
|
Err(e) => return Err(translate_diesel(e))
|
|
}
|
|
}
|
|
|
|
#[delete("/api/events/instances/<instance_id>/positions/<position_id>/entities", format = "json", rank = 1)]
|
|
pub fn remove_entity_from_position(
|
|
settings: &State<Settings>,
|
|
cookie: SessionCookie,
|
|
instance_id: String,
|
|
position_id: String,
|
|
) -> Result<Json<usize>, Json<ApiErrorWrapper>> {
|
|
let caller = parse_member_cookie(cookie.member)?;
|
|
if !caller.has_permission(crate::permissions::modules::event_management::events::EDIT.to_string()) {
|
|
return Err(Json(
|
|
ApiError::new(403, "Keine Berechtigung Einsätze zu bearbeiten!".to_string()).to_wrapper(),
|
|
));
|
|
}
|
|
|
|
match change_position_instances(settings, parse_uuid_string(instance_id)?, parse_uuid_string(position_id)?, None){
|
|
Ok(pos) => Ok(Json(pos)),
|
|
Err(e) => return Err(translate_diesel(e))
|
|
}
|
|
} |