EinsatzOnline/src/modules/api/members/member_communication.rs

use crate::database::controller::api_communication_targets::{update_communication_target, get_member_communication_types};
use crate::helper::session_cookies::model::SessionCookie;
use crate::helper::settings::Settings;
use crate::modules::api::member_management::controller::parser::{parse_member_cookie, parse_uuid_string};
use crate::modules::api::model::api_outcome::{ApiError, ApiErrorWrapper};
use crate::schema::communication_targets;


use rocket::State;
use rocket::serde::json::Json;
use crate::helper::check_access::check_access_to_member_and_group;
use crate::database::controller::groups::get_groups_for_member;
use crate::database::controller::member_communication::{get_communication_target, add_communication_target, remove_communication_target};
use crate::helper::translate_diesel_error::translate_diesel;
use crate::database::model::member_communication::CommunicationTargetCreate;

#[derive(Serialize, Deserialize, Queryable, Clone, AsChangeset)]
#[table_name = "communication_targets"]
pub struct CommunicationTarget {
    pub(crate) target_id: Option<uuid::Uuid>,
    pub(crate) entity_id: Option<uuid::Uuid>,
    pub(crate) com_type: Option<uuid::Uuid>,
    pub(crate) value: Option<String>,
    pub(crate) description: Option<String>,
}

#[get("/api/communication_types", format="json")]
pub fn api_communication_types_get(settings: &State<Settings>, cookie: SessionCookie) -> Result<Json<CommunicationTypeList>, Json<ApiErrorWrapper>>{
    let caller = parse_member_cookie(cookie.member)?;
    if !caller.has_permission(crate::permissions::modules::configuration::fields::communication_types::VIEW.to_string()) {
        return Err(Json(
            ApiError::new(
                401,
                "Keine Berechtigung, Kommunikationstypen abzurufen!".to_string(),
            )
                .to_wrapper(),
        ));
    }
    let type_list = get_member_communication_types(settings);
    match type_list{
        Ok(list) => Ok(Json(CommunicationTypeList{ types: list })),
        Err(e) => {
            Err(translate_diesel(e))
        }
    }
}

#[post(
"/api/communication_targets",
data = "<communication_target>",
format = "json"
)]
pub fn api_communication_targets_create(
    cookie: SessionCookie,
    settings: &State<Settings>,
    communication_target: Json<CommunicationTargetCreate>,
) -> Result<Json<CommunicationTargetId>, Json<ApiErrorWrapper>> {
    let caller = parse_member_cookie(cookie.member)?;
    let communication_target = communication_target.into_inner();

    let groups = get_groups_for_member(settings, communication_target.entity_id);
    if !check_access_to_member_and_group(settings, communication_target.entity_id, groups, caller.entity_id, crate::permissions::modules::member_management::profile::communication::EDIT.to_string()){
        return Err(Json(ApiError::new(401, "Keine Berechtigung, ein Kommunikationsziel hinzuzufügen.".to_string()).to_wrapper()))
    }

    match add_communication_target(settings, communication_target) {
        Ok(target_id) => Ok(Json(CommunicationTargetId { target_id })),
        Err(e) => Err(translate_diesel(e)
        ),
    }
}

#[put(
    "/api/communication_targets/<target_id>",
    format = "json",
    data = "<communication_target>"
)]
pub fn api_communication_targets_update(
    settings: &State<Settings>,
    cookie: SessionCookie,
    target_id: String,
    communication_target: Json<CommunicationTarget>,
) -> Result<(), Json<ApiErrorWrapper>> {
    let caller = parse_member_cookie(cookie.member)?;
    let target_id = parse_uuid_string(target_id)?;

    let old_target = match get_communication_target(settings, target_id){
        Ok(target) => target,
        Err(e) => return Err(translate_diesel(e))
    };

    let member_groups = get_groups_for_member(settings, old_target.entity_id);

    if old_target.entity_id != caller.entity_id{ //if Member edits own communication target, do not check permissions
     if !check_access_to_member_and_group(settings, old_target.entity_id, member_groups, caller.entity_id, "modules.member_management.profile.communication.edit".to_string()) {
         return Err(Json(
             ApiError::new(
                 403,
                 "Keine Berechtigung, Kommunikation dieses Mitglieds zu bearbeiten!".to_string(),
             )
                 .to_wrapper(),
         ));
     }
    }

    let communication_target = communication_target.into_inner();

    match communication_target.value.clone() {
        Some(value) => {
            if value.is_empty() {
                return Err(Json(
                    ApiError::new(
                        400,
                        "Es wurde kein Wert für das Kommunikationsziel angegeben!".to_string(),
                    )
                    .to_wrapper(),
                ));
            }
        }
        None => {}
    }

    match update_communication_target(settings, target_id, communication_target) {
        Ok(result) => {
            if result == 1 {
                Ok(())
            } else {
                Err(Json(
                    ApiError::new(500, "Es ist ein Datenbankfehler aufgetreten!".to_string())
                        .to_wrapper(),
                ))
            }
        }
        Err(e) => match e {
            diesel::result::Error::NotFound => Err(Json(
                ApiError::new(
                    404,
                    "Das angeforderte Kommunikationsziel konnte nicht gefunden werden!".to_string(),
                )
                .to_wrapper(),
            )),
            _ => Err(Json(
                ApiError::new(500, "Es ist ein Datenbankfehler aufgetreten!".to_string())
                    .to_wrapper(),
            )),
        },
    }
}

#[delete(
"/api/communication_targets/<target_id>",
format = "json"
)]
pub fn api_communication_targets_delete(
    cookie: SessionCookie,
    settings: &State<Settings>,
    target_id: String,
) -> Result<(), Json<ApiErrorWrapper>> {
    let member = parse_member_cookie(cookie.member)?;
    let target_id = parse_uuid_string(target_id)?;

    let target = match get_communication_target(settings, target_id){
        Ok(target) => target,
        Err(e) => {
            return Err(translate_diesel(e))
        }
    };

    let groups = get_groups_for_member(settings, target.entity_id);

    if !check_access_to_member_and_group(settings, target.entity_id, groups, member.entity_id, crate::permissions::modules::member_management::profile::communication::EDIT.to_string()){
        return Err(Json(ApiError::new(401, "Keine Berechtigung Kommunikationseintrag zu löschen!".to_string()).to_wrapper()))
    }

    match remove_communication_target(settings, target_id) {
        Ok(_) => Ok(()),
        Err(_) => Err(Json(
            ApiError::new(500, "Datenbankfehler aufgetreten".to_string()).to_wrapper(),
        )),
    }
}

#[derive(Serialize, Deserialize, Queryable, Clone)]
pub struct CommunicationType {
    pub(crate) type_id: uuid::Uuid,
    pub(crate) type_name: String,
}

#[derive(Serialize, Deserialize, Queryable, Clone)]
pub struct CommunicationTypeList {
    pub(crate) types: Vec<CommunicationType>,
}

#[derive(Serialize, Deserialize, Queryable, Clone)]
pub struct CommunicationTargetId {
    pub(crate) target_id: uuid::Uuid,
}