71 lines
2.5 KiB
Rust
71 lines
2.5 KiB
Rust
use crate::database::controller::groups::insert_group;
|
|
use crate::database::controller::groups_permissions::add_group_role_permissions;
|
|
|
|
use crate::database::model::groups::RawGroup;
|
|
use crate::helper::session_cookies::model::SessionCookie;
|
|
use crate::helper::settings::Settings;
|
|
use crate::helper::translate_diesel_error::translate_diesel;
|
|
use crate::modules::api::member_management::controller::parser::parse_member_cookie;
|
|
use crate::modules::api::model::api_outcome::{ApiError, ApiErrorWrapper};
|
|
use crate::modules::member_management::model::groups::GroupData;
|
|
|
|
|
|
use rocket::State;
|
|
use rocket::serde::json::Json;
|
|
|
|
#[derive(Queryable, Clone, Deserialize, Serialize)]
|
|
pub struct GroupRolePermission {
|
|
pub(crate) role_id: String,
|
|
pub(crate) permission_groups_core_edit: bool,
|
|
pub(crate) permission_groups_delete: bool,
|
|
pub(crate) permission_groups_members_view: bool,
|
|
pub(crate) permission_groups_members_edit: bool,
|
|
pub(crate) permission_groups_permissions_view: bool,
|
|
pub(crate) permission_groups_permissions_edit: bool,
|
|
}
|
|
|
|
#[derive(Queryable, Clone, Deserialize, Serialize)]
|
|
pub struct CreateGroupData {
|
|
pub(crate) group_data: GroupData,
|
|
pub(crate) role_permissions: Vec<GroupRolePermission>,
|
|
}
|
|
|
|
#[post("/api/groups", format = "json", data = "<create_group_data>")]
|
|
pub fn create_group(
|
|
settings: &State<Settings>,
|
|
cookie: SessionCookie,
|
|
create_group_data: Json<CreateGroupData>,
|
|
) -> Result<Json<RawGroup>, Json<ApiErrorWrapper>> {
|
|
let caller = parse_member_cookie(cookie.member)?;
|
|
if !caller.has_permission("modules.member_management.groups.create".to_string()) {
|
|
return Err(Json(
|
|
ApiError::new(403, "Keine Berechtigung, Gruppen anzulegen!".to_string()).to_wrapper(),
|
|
));
|
|
}
|
|
|
|
let create_group_data = create_group_data.into_inner();
|
|
|
|
if !create_group_data.group_data.group_name.is_some() {
|
|
return Err(Json(
|
|
ApiError::new(400, "Es wurde kein Gruppenname angegeben!".to_string()).to_wrapper(),
|
|
));
|
|
}
|
|
|
|
let group = match insert_group(settings, create_group_data.group_data) {
|
|
Ok(group) => {
|
|
match add_group_role_permissions(
|
|
settings,
|
|
group.group_id,
|
|
create_group_data.role_permissions,
|
|
) {
|
|
Ok(()) => Ok(Json(group)),
|
|
Err(e) => {
|
|
return Err(translate_diesel(e))
|
|
}
|
|
}
|
|
}
|
|
Err(error) => return Err(translate_diesel(error)),
|
|
};
|
|
group
|
|
}
|