1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
/*
This file is part of jellything (https://codeberg.org/metamuffin/jellything)
which is licensed under the GNU Affero General Public License (version 3); see /COPYING.
Copyright (C) 2025 metamuffin <metamuffin.org>
*/
use crate::{helper::RequestInfo, ui::error::MyResult};
use anyhow::Context;
use jellycommon::user::UserPermission;
use jellylogic::admin::user::{admin_users, delete_user, get_user, update_user_perms, GrantState};
use jellyui::{
admin::user::{AdminUserPage, AdminUsersPage},
render_page,
};
use rocket::{form::Form, get, post, response::content::RawHtml, FromForm, FromFormField};
#[get("/admin/users")]
pub fn r_admin_users(ri: RequestInfo) -> MyResult<RawHtml<String>> {
ri.session.assert_admin()?;
let r = admin_users(&ri.session)?;
Ok(RawHtml(render_page(
&AdminUsersPage {
flash: None,
lang: &ri.lang,
users: &r.users,
},
ri.render_info(),
)))
}
#[get("/admin/user/<name>")]
pub fn r_admin_user<'a>(ri: RequestInfo, name: &'a str) -> MyResult<RawHtml<String>> {
ri.session.assert_admin()?;
let user = get_user(&ri.session, name)?;
Ok(RawHtml(render_page(
&AdminUserPage {
flash: None,
lang: &ri.lang,
user: &user,
},
ri.render_info(),
)))
}
#[derive(FromForm)]
pub struct UserPermissionForm {
permission: String,
action: UrlGrantState,
}
#[derive(FromFormField)]
pub enum UrlGrantState {
Grant,
Revoke,
Unset,
}
#[post("/admin/user/<name>/update_permission", data = "<form>")]
pub fn r_admin_user_permission(
ri: RequestInfo,
form: Form<UserPermissionForm>,
name: &str,
) -> MyResult<RawHtml<String>> {
ri.session.assert_admin()?;
let perm = serde_json::from_str::<UserPermission>(&form.permission)
.context("parsing provided permission")?;
update_user_perms(
&ri.session,
name,
perm,
match form.action {
UrlGrantState::Grant => GrantState::Grant,
UrlGrantState::Revoke => GrantState::Revoke,
UrlGrantState::Unset => GrantState::Unset,
},
)?;
let user = get_user(&ri.session, name)?;
Ok(RawHtml(render_page(
&AdminUserPage {
flash: Some(Ok("Permissions updated".to_string())),
lang: &ri.lang,
user: &user,
},
ri.render_info(),
)))
}
#[post("/admin/<name>/remove")]
pub fn r_admin_remove_user(ri: RequestInfo, name: &str) -> MyResult<RawHtml<String>> {
ri.session.assert_admin()?;
delete_user(&ri.session, name)?;
let r = admin_users(&ri.session)?;
Ok(RawHtml(render_page(
&AdminUsersPage {
flash: Some(Ok("User removed".to_string())),
lang: &ri.lang,
users: &r.users,
},
ri.render_info(),
)))
}
|
