/* This file is part of jellything (https://codeberg.org/metamuffin/jellything) which is licensed under the GNU Affero General Public License (version 3); see /COPYING. Copyright (C) 2025 metamuffin */ use crate::{database::Database, helper::A, locale::AcceptLanguage, ui::error::MyResult}; use anyhow::{anyhow, Context}; use jellycommon::user::UserPermission; use jellyimport::is_importing; use jellylogic::{admin::user::admin_users, session::AdminSession}; use jellyui::{ admin::user::{AdminUserPage, AdminUsersPage}, render_page, scaffold::{RenderInfo, SessionInfo}, }; use rocket::{form::Form, get, post, response::content::RawHtml, FromForm, FromFormField, State}; #[get("/admin/users")] pub fn r_admin_users( session: A, database: &State, lang: AcceptLanguage, ) -> MyResult> { let AcceptLanguage(lang) = lang; let r = admin_users(database, &session.0)?; Ok(RawHtml(render_page( &AdminUsersPage { flash: None, lang: &lang, users: &r.users, }, RenderInfo { importing: is_importing(), session: Some(SessionInfo { user: session.0 .0.user, }), }, lang, ))) } #[get("/admin/user/")] pub fn r_admin_user<'a>( session: A, database: &State, name: &'a str, lang: AcceptLanguage, ) -> MyResult> { let AcceptLanguage(lang) = lang; let user = database .get_user(&name)? .ok_or(anyhow!("user does not exist"))?; Ok(RawHtml(render_page( &AdminUserPage { flash: None, lang: &lang, user: &user, }, RenderInfo { importing: is_importing(), session: Some(SessionInfo { user: session.0 .0.user, }), }, lang, ))) } #[derive(FromForm)] pub struct UserPermissionForm { permission: String, action: GrantState, } #[derive(FromFormField)] pub enum GrantState { Grant, Revoke, Unset, } #[post("/admin/user//update_permission", data = "
")] pub fn r_admin_user_permission( session: A, database: &State, form: Form, name: &str, lang: AcceptLanguage, ) -> MyResult> { let AcceptLanguage(lang) = lang; let perm = serde_json::from_str::(&form.permission) .context("parsing provided permission")?; database.update_user(name, |user| { match form.action { GrantState::Grant => drop(user.permissions.0.insert(perm.clone(), true)), GrantState::Revoke => drop(user.permissions.0.insert(perm.clone(), false)), GrantState::Unset => drop(user.permissions.0.remove(&perm)), } Ok(()) })?; let user = database .get_user(&name)? .ok_or(anyhow!("user does not exist"))?; Ok(RawHtml(render_page( &AdminUserPage { flash: Some(Ok("Permissions updated".to_string())), lang: &lang, user: &user, }, RenderInfo { importing: is_importing(), session: Some(SessionInfo { user: session.0 .0.user, }), }, lang, ))) } #[post("/admin//remove")] pub fn r_admin_remove_user( session: A, database: &State, name: &str, lang: AcceptLanguage, ) -> MyResult> { let AcceptLanguage(lang) = lang; if !database.delete_user(&name)? { Err(anyhow!("user did not exist"))?; } let r = admin_users(database, &session.0)?; Ok(RawHtml(render_page( &AdminUsersPage { flash: Some(Ok("User removed".to_string())), lang: &lang, users: &r.users, }, RenderInfo { importing: is_importing(), session: Some(SessionInfo { user: session.0 .0.user, }), }, lang, ))) }