1 files changed, 43 insertions, 4 deletions

diff --git a/server/src/routes/ui/account/admin.rs b/server/src/routes/ui/account/admin.rs
index 8fe2a9a..ce388d4 100644
--- a/server/src/routes/ui/account/admin.rs
+++ b/server/src/routes/ui/account/admin.rs
@@ -27,6 +27,7 @@ pub fn r_account_admin_dashboard(
 
     // TODO this doesnt scale
     let users = database.users.iter().collect::<Result<Vec<_>, _>>()?;
+    let invites = database.invites.iter().collect::<Result<Vec<_>, _>>()?;
 
     Ok(LayoutPage {
         title: "Admin Dashboard".to_string(),
@@ -36,14 +37,23 @@ pub fn r_account_admin_dashboard(
             form[method="POST", action=uri!(r_account_admin_invite())] {
                 input[type="submit", value="Generate new invite code"];
             }
+            ul { @for t in &invites {
+                li {
+                    form[method="POST", action=uri!(r_account_admin_remove_invite())] {
+                        span { @t.0 }
+                        input[type="text", name="invite", value=&t.0, hidden];
+                        input[type="submit", value="Invalidate"];
+                    }
+                }
+            }}
             h2 { "Users" }
-            @for (_, u) in &users {
-                form[method="POST", action=uri!(r_account_admin_remove_user())] {
+            ul { @for (_, u) in &users {
+                li { form[method="POST", action=uri!(r_account_admin_remove_user())] {
                     span { @format!("{:?}", u.display_name) " (" @u.name ")" }
                     input[type="text", name="name", value=&u.name, hidden];
                     input[type="submit", value="Remove(!)"];
-                }
-            }
+                }}
+            }}
         },
     })
 }
@@ -91,6 +101,35 @@ pub fn r_account_admin_remove_user(
         title: "User removed".to_string(),
         content: markup::new! {
             p { "User removed" }
+            a[href=uri!(r_account_admin_dashboard())] {"Back"}
+        },
+    })
+}
+
+#[derive(FromForm)]
+pub struct DeleteInvite {
+    invite: String,
+}
+
+#[post("/account/admin/remove_invite", data = "<form>")]
+pub fn r_account_admin_remove_invite(
+    session: Session,
+    database: &State<Database>,
+    form: Form<DeleteInvite>,
+) -> MyResult<DynLayoutPage<'static>> {
+    if !session.user.admin {
+        Err(anyhow!("you not admin"))?
+    }
+    database
+        .invites
+        .remove(&form.invite)?
+        .ok_or(anyhow!("invite did not exist"))?;
+
+    Ok(LayoutPage {
+        title: "Invite invalidated".to_string(),
+        content: markup::new! {
+            p { "Invite invalidated" }
+            a[href=uri!(r_account_admin_dashboard())] {"Back"}
         },
     })
 }