40 lines
1.8 KiB
Rust
40 lines
1.8 KiB
Rust
use crate::helper::settings::Settings;
|
|
use rocket::State;
|
|
use crate::helper::session_cookies::model::SessionCookie;
|
|
use crate::modules::member_management::model::login::Login;
|
|
use crate::modules::api::model::api_outcome::{ApiErrorWrapper, ApiError};
|
|
use rocket::serde::json::Json;
|
|
use crate::modules::api::member_management::controller::parser::parse_member_cookie;
|
|
use crate::helper::check_access::check_access_to_member_and_group;
|
|
use crate::database::controller::groups::get_groups_for_member;
|
|
use crate::database::controller::users::add_user_to_member;
|
|
use crate::helper::translate_diesel_error::translate_diesel;
|
|
|
|
#[derive(Queryable, Clone, Deserialize, Serialize)]
|
|
pub struct CreateUserData{
|
|
pub(crate) email: String,
|
|
pub(crate) member_id: uuid::Uuid,
|
|
}
|
|
|
|
#[post("/api/users", format = "json", data = "<create_user_data>")]
|
|
pub fn create_user(settings: &State<Settings>, cookie: SessionCookie, create_user_data: Json<CreateUserData>) -> Result<Json<Login>, Json<ApiErrorWrapper>>{
|
|
let caller = parse_member_cookie(cookie.member)?;
|
|
|
|
let data = create_user_data.into_inner();
|
|
let member_groups = get_groups_for_member(settings, data.member_id);
|
|
|
|
if caller.entity_id != data.member_id { //Skip permission check if user edits own login
|
|
if !check_access_to_member_and_group(settings, data.member_id, member_groups, caller.entity_id, "modules.member_management.profile.login.edit".to_string()) {
|
|
return Err(Json(ApiError::new(401, "Keine Rechte Login für dieses Mitglied anzulegen!".to_string()).to_wrapper()))
|
|
}
|
|
}
|
|
|
|
match add_user_to_member(settings, data.member_id, data.email){
|
|
Ok(user) => Ok(Json(Login{
|
|
user_id: Some(user.id),
|
|
email: Some(user.email.to_lowercase()),
|
|
login_allowed: true
|
|
})),
|
|
Err(e) => Err(translate_diesel(e))
|
|
}
|
|
} |