Compare commits
No commits in common. "d627deed2de9cf2a11d05d0540415168350660ba" and "f4cfabea811c0777160fffdadd879f88f25d80d9" have entirely different histories.
d627deed2d
...
f4cfabea81
2 changed files with 1 additions and 57 deletions
|
|
@ -29,13 +29,6 @@ pub struct CreateUserDto {
|
||||||
password: String,
|
password: String,
|
||||||
admin: bool,
|
admin: bool,
|
||||||
}
|
}
|
||||||
#[derive(Deserialize)]
|
|
||||||
pub struct UpdateUserDto {
|
|
||||||
name: String,
|
|
||||||
email: String,
|
|
||||||
password: Option<String>,
|
|
||||||
admin: Option<bool>,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl From<entity::user::Model> for UserWithoutPassword {
|
impl From<entity::user::Model> for UserWithoutPassword {
|
||||||
fn from(value: entity::user::Model) -> Self {
|
fn from(value: entity::user::Model) -> Self {
|
||||||
|
|
@ -126,49 +119,4 @@ impl UserController {
|
||||||
.map_err(ErrorInternalServerError)?;
|
.map_err(ErrorInternalServerError)?;
|
||||||
Ok(HttpResponse::Ok().finish())
|
Ok(HttpResponse::Ok().finish())
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn update_user(
|
|
||||||
state: web::Data<AppState>,
|
|
||||||
path: web::Path<Uuid>,
|
|
||||||
executor: AuthedUser,
|
|
||||||
user: web::Json<UpdateUserDto>,
|
|
||||||
) -> actix_web::Result<impl Responder> {
|
|
||||||
let id = path.into_inner();
|
|
||||||
let db = &state.db;
|
|
||||||
let user = user.into_inner();
|
|
||||||
let is_current_user = executor.0.id == id;
|
|
||||||
if executor.0.admin || is_current_user {
|
|
||||||
let hash: ActiveValue<String> = if let Some(new_password) = user.password {
|
|
||||||
let salt = SaltString::generate(&mut OsRng);
|
|
||||||
let argon2 = Argon2::default();
|
|
||||||
|
|
||||||
let password_hash = argon2
|
|
||||||
.hash_password(new_password.as_bytes(), &salt)
|
|
||||||
.map_err(ErrorInternalServerError)?;
|
|
||||||
|
|
||||||
ActiveValue::Set(password_hash.to_string())
|
|
||||||
} else {
|
|
||||||
ActiveValue::NotSet
|
|
||||||
};
|
|
||||||
let user = entity::user::ActiveModel {
|
|
||||||
id: ActiveValue::Unchanged(id),
|
|
||||||
email: ActiveValue::Set(user.email),
|
|
||||||
name: ActiveValue::Set(user.name),
|
|
||||||
admin: if executor.0.admin {
|
|
||||||
if let Some(a) = user.admin {
|
|
||||||
ActiveValue::Set(a)
|
|
||||||
} else {
|
|
||||||
ActiveValue::NotSet
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
ActiveValue::NotSet
|
|
||||||
},
|
|
||||||
hash,
|
|
||||||
};
|
|
||||||
let res = user.update(db).await.map_err(ErrorInternalServerError)?;
|
|
||||||
Ok(web::Json(res))
|
|
||||||
} else {
|
|
||||||
Err(ErrorUnauthorized("Unauthorized"))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -10,11 +10,7 @@ pub fn config(cfg: &mut web::ServiceConfig) {
|
||||||
.post(UserController::create_user),
|
.post(UserController::create_user),
|
||||||
)
|
)
|
||||||
.route("/users/me", web::get().to(UserController::get_current_user))
|
.route("/users/me", web::get().to(UserController::get_current_user))
|
||||||
.service(
|
.service(web::resource("/users/{user_id}").delete(UserController::delete_user))
|
||||||
web::resource("/users/{user_id}")
|
|
||||||
.delete(UserController::delete_user)
|
|
||||||
.put(UserController::update_user),
|
|
||||||
)
|
|
||||||
.service(
|
.service(
|
||||||
web::resource("/licenses")
|
web::resource("/licenses")
|
||||||
.get(LicenseController::list_groups)
|
.get(LicenseController::list_groups)
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue