2 files changed, 48 insertions, 5 deletions

diff --git a/server/src/routes/mod.rs b/server/src/routes/mod.rs
index 54d4ae0..8819cf8 100644
--- a/server/src/routes/mod.rs
+++ b/server/src/routes/mod.rs
@@ -14,7 +14,10 @@ use std::fs::File;
 use stream::r_stream;
 use ui::{
     account::{
-        admin::{r_account_admin_dashboard, r_account_admin_invite, r_account_admin_remove_user},
+        admin::{
+            r_account_admin_dashboard, r_account_admin_invite, r_account_admin_remove_invite,
+            r_account_admin_remove_user,
+        },
         r_account_login, r_account_login_post, r_account_logout, r_account_logout_post,
         r_account_register, r_account_register_post,
         settings::{r_account_settings, r_account_settings_post},
@@ -79,6 +82,7 @@ pub fn build_rocket(
                 r_account_admin_dashboard,
                 r_account_admin_invite,
                 r_account_admin_remove_user,
+                r_account_admin_remove_invite,
                 r_account_settings,
                 r_account_settings_post,
                 r_api_version,
diff --git a/server/src/routes/ui/account/admin.rs b/server/src/routes/ui/account/admin.rs
index 8fe2a9a..ce388d4 100644
--- a/server/src/routes/ui/account/admin.rs
+++ b/server/src/routes/ui/account/admin.rs
@@ -27,6 +27,7 @@ pub fn r_account_admin_dashboard(
 
     // TODO this doesnt scale
     let users = database.users.iter().collect::<Result<Vec<_>, _>>()?;
+    let invites = database.invites.iter().collect::<Result<Vec<_>, _>>()?;
 
     Ok(LayoutPage {
         title: "Admin Dashboard".to_string(),
@@ -36,14 +37,23 @@ pub fn r_account_admin_dashboard(
             form[method="POST", action=uri!(r_account_admin_invite())] {
                 input[type="submit", value="Generate new invite code"];
             }
+            ul { @for t in &invites {
+                li {
+                    form[method="POST", action=uri!(r_account_admin_remove_invite())] {
+                        span { @t.0 }
+                        input[type="text", name="invite", value=&t.0, hidden];
+                        input[type="submit", value="Invalidate"];
+                    }
+                }
+            }}
             h2 { "Users" }
-            @for (_, u) in &users {
-                form[method="POST", action=uri!(r_account_admin_remove_user())] {
+            ul { @for (_, u) in &users {
+                li { form[method="POST", action=uri!(r_account_admin_remove_user())] {
                     span { @format!("{:?}", u.display_name) " (" @u.name ")" }
                     input[type="text", name="name", value=&u.name, hidden];
                     input[type="submit", value="Remove(!)"];
-                }
-            }
+                }}
+            }}
         },
     })
 }
@@ -91,6 +101,35 @@ pub fn r_account_admin_remove_user(
         title: "User removed".to_string(),
         content: markup::new! {
             p { "User removed" }
+            a[href=uri!(r_account_admin_dashboard())] {"Back"}
+        },
+    })
+}
+
+#[derive(FromForm)]
+pub struct DeleteInvite {
+    invite: String,
+}
+
+#[post("/account/admin/remove_invite", data = "<form>")]
+pub fn r_account_admin_remove_invite(
+    session: Session,
+    database: &State<Database>,
+    form: Form<DeleteInvite>,
+) -> MyResult<DynLayoutPage<'static>> {
+    if !session.user.admin {
+        Err(anyhow!("you not admin"))?
+    }
+    database
+        .invites
+        .remove(&form.invite)?
+        .ok_or(anyhow!("invite did not exist"))?;
+
+    Ok(LayoutPage {
+        title: "Invite invalidated".to_string(),
+        content: markup::new! {
+            p { "Invite invalidated" }
+            a[href=uri!(r_account_admin_dashboard())] {"Back"}
         },
     })
 }