45 lines
1.6 KiB
Rust
45 lines
1.6 KiB
Rust
use rocket::State;
|
|
use crate::helper::settings::Settings;
|
|
use crate::helper::session_cookies::model::SessionCookie;
|
|
use rocket::serde::json::Json;
|
|
use crate::modules::api::model::api_outcome::{ApiErrorWrapper, ApiError};
|
|
use crate::modules::api::member_management::controller::parser::parse_member_cookie;
|
|
use crate::database::controller::members::check_access_to_resource;
|
|
use crate::helper::translate_diesel_error::translate_diesel;
|
|
use crate::database::controller::api_members::delete_entity_deprecated;
|
|
|
|
#[delete("/api/resources/vehicles", format = "json", data = "<vehicle_list>")]
|
|
pub fn delete_vehicles(
|
|
settings: &State<Settings>,
|
|
cookie: SessionCookie,
|
|
vehicle_list: Json<Vec<uuid::Uuid>>,
|
|
) -> Result<(), Json<ApiErrorWrapper>> {
|
|
let caller = parse_member_cookie(cookie.member)?;
|
|
|
|
let vehicle_list = vehicle_list.into_inner();
|
|
|
|
let mut permission_error = false;
|
|
|
|
for vehicle in vehicle_list {
|
|
if check_access_to_resource(
|
|
//Check if member has delete permission on specific vehicle
|
|
&settings,
|
|
caller.entity_id,
|
|
vehicle,
|
|
crate::permissions::modules::resource_management::vehicles::core::DELETE,
|
|
) {
|
|
match delete_entity_deprecated(settings, vehicle){
|
|
Ok(_) => {}
|
|
Err(e) => return Err(translate_diesel(e)),
|
|
}
|
|
} else {
|
|
permission_error = true;
|
|
}
|
|
}
|
|
|
|
if !permission_error {
|
|
Ok(())
|
|
} else {
|
|
Err(Json(ApiError::new(403,"Eine oder mehrere Fahrzeuge konnten aufgrund unzureichender Rechte nicht gelöscht werden!".to_string()).to_wrapper()))
|
|
}
|
|
} |