diff options
Diffstat (limited to 'server/src/ui/admin/user.rs')
| -rw-r--r-- | server/src/ui/admin/user.rs | 63 |
1 files changed, 8 insertions, 55 deletions
diff --git a/server/src/ui/admin/user.rs b/server/src/ui/admin/user.rs index 818e416..1af83d4 100644 --- a/server/src/ui/admin/user.rs +++ b/server/src/ui/admin/user.rs @@ -3,9 +3,10 @@ which is licensed under the GNU Affero General Public License (version 3); see /COPYING. Copyright (C) 2025 metamuffin <metamuffin.org> */ -use crate::{database::Database, logic::session::AdminSession, ui::error::MyResult, uri}; +use crate::{database::Database, ui::error::MyResult}; use anyhow::{anyhow, Context}; use jellycommon::user::UserPermission; +use jellylogic::session::AdminSession; use rocket::{form::Form, get, post, FromForm, FromFormField, State}; #[get("/admin/users")] @@ -61,62 +62,13 @@ fn manage_single_user<'a>( Ok(LayoutPage { title: "User management".to_string(), - content: markup::new! { - h1 { @format!("{:?}", user.display_name) " (" @user.name ")" } - a[href=uri!(r_admin_users())] "Back to the User List" - @FlashDisplay { flash: flash.clone() } - form[method="POST", action=uri!(r_admin_remove_user())] { - input[type="text", name="name", value=&user.name, hidden]; - input.danger[type="submit", value="Remove user(!)"]; - } - - h2 { "Permissions" } - @PermissionDisplay { perms: &user.permissions } - - form[method="POST", action=uri!(r_admin_user_permission())] { - input[type="text", name="name", value=&user.name, hidden]; - fieldset.perms { - legend { "Permission" } - @for p in UserPermission::ALL_ENUMERABLE { - label { - input[type="radio", name="permission", value=serde_json::to_string(p).unwrap()]; - @format!("{p}") - } br; - } - } - fieldset.perms { - legend { "Permission" } - label { input[type="radio", name="action", value="unset"]; "Unset" } br; - label { input[type="radio", name="action", value="grant"]; "Grant" } br; - label { input[type="radio", name="action", value="revoke"]; "Revoke" } br; - } - input[type="submit", value="Update"]; - } - - }, + content: markup::new! {}, ..Default::default() }) } -markup::define! { - PermissionDisplay<'a>(perms: &'a PermissionSet) { - ul { @for (perm,grant) in &perms.0 { - @if *grant { - li[class="perm-grant"] { @format!("Allow {}", perm) } - } else { - li[class="perm-revoke"] { @format!("Deny {}", perm) } - } - }} - } -} - -#[derive(FromForm)] -pub struct DeleteUser { - name: String, -} #[derive(FromForm)] pub struct UserPermissionForm { - name: String, permission: String, action: GrantState, } @@ -128,11 +80,12 @@ pub enum GrantState { Unset, } -#[post("/admin/update_user_permission", data = "<form>")] +#[post("/admin/user/<name>/update_permission", data = "<form>")] pub fn r_admin_user_permission( session: AdminSession, database: &State<Database>, form: Form<UserPermissionForm>, + name: &str, ) -> MyResult<DynLayoutPage<'static>> { drop(session); let perm = serde_json::from_str::<UserPermission>(&form.permission) @@ -154,14 +107,14 @@ pub fn r_admin_user_permission( ) } -#[post("/admin/remove_user", data = "<form>")] +#[post("/admin/<name>/remove")] pub fn r_admin_remove_user( session: AdminSession, database: &State<Database>, - form: Form<DeleteUser>, + name: &str, ) -> MyResult<DynLayoutPage<'static>> { drop(session); - if !database.delete_user(&form.name)? { + if !database.delete_user(&name)? { Err(anyhow!("user did not exist"))?; } user_management(database, Some(Ok("User removed".into()))) |