Yehowshua/ZIm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Finish adding API routes

Browse source 
We haven't tested them yet.

Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com>
This commit is contained in:
Nathan Sobo 2022-04-25 17:51:13 -06:00
parent cb9d608e53
commit 35bec69fa4
3 changed files with 156 additions and 161 deletions
Download patch file Download diff file Expand all files Collapse all files

195
crates/collab/src/api.rs
View file

@ -1,59 +1,62 @@
use crate::{
db::{Db, User, UserId},
AppState, Result,
auth,
db::{User, UserId},
AppState, Error, Result,
};
use anyhow::anyhow;
use axum::{
body::Body,
extract::Path,
http::{Request, StatusCode},
response::{IntoResponse, Response},
routing::{get, put},
extract::{Path, Query},
http::StatusCode,
routing::{delete, get, post, put},
Json, Router,
};
use serde::Deserialize;
use serde::{Deserialize, Serialize};
use std::sync::Arc;
pub fn add_routes(router: Router<Body>, app: Arc<AppState>) -> Router<Body> {
router
.route("/users", {
let app = app.clone();
get(move |req| get_users(req, app))
get(move || get_users(app))
})
.route("/users", {
let app = app.clone();
get(move |params| create_user(params, app))
post(move |params| create_user(params, app))
})
.route("/users/:id", {
let app = app.clone();
put(move |user_id, params| update_user(user_id, params, app))
})
.route("/users/:id", {
let app = app.clone();
delete(move |user_id| destroy_user(user_id, app))
})
.route("/users/:github_login", {
let app = app.clone();
get(move |github_login| get_user(github_login, app))
})
.route("/users/:github_login/access_tokens", {
let app = app.clone();
post(move |github_login, params| create_access_token(github_login, params, app))
})
}
// pub fn add_routes(app: &mut tide::Server<Arc<AppState>>) {
// app.at("/users").get(get_users);
// app.at("/users").post(create_user);
// app.at("/users/:id").put(update_user);
// app.at("/users/:id").delete(destroy_user);
// app.at("/users/:github_login").get(get_user);
// app.at("/users/:github_login/access_tokens")
// .post(create_access_token);
// }
async fn get_users(request: Request<Body>, app: Arc<AppState>) -> Result<Json<Vec<User>>> {
// request.require_token().await?;
async fn get_users(app: Arc<AppState>) -> Result<Json<Vec<User>>> {
let users = app.db.get_all_users().await?;
Ok(Json(users))
}
#[derive(Deserialize)]
struct CreateUser {
struct CreateUserParams {
github_login: String,
admin: bool,
}
async fn create_user(Json(params): Json<CreateUser>, app: Arc<AppState>) -> Result<Json<User>> {
async fn create_user(
Json(params): Json<CreateUserParams>,
app: Arc<AppState>,
) -> Result<Json<User>> {
let user_id = app
.db
.create_user(&params.github_login, params.admin)
@ -69,102 +72,88 @@ async fn create_user(Json(params): Json<CreateUser>, app: Arc<AppState>) -> Resu
}
#[derive(Deserialize)]
struct UpdateUser {
struct UpdateUserParams {
admin: bool,
}
async fn update_user(
Path(user_id): Path<i32>,
Json(params): Json<UpdateUser>,
Json(params): Json<UpdateUserParams>,
app: Arc<AppState>,
) -> Result<impl IntoResponse> {
let user_id = UserId(user_id);
app.db.set_user_is_admin(user_id, params.admin).await?;
) -> Result<()> {
app.db
.set_user_is_admin(UserId(user_id), params.admin)
.await?;
Ok(())
}
// async fn update_user(mut request: Request) -> tide::Result {
// request.require_token().await?;
async fn destroy_user(Path(user_id): Path<i32>, app: Arc<AppState>) -> Result<()> {
app.db.destroy_user(UserId(user_id)).await?;
Ok(())
}
// #[derive(Deserialize)]
// struct Params {
// admin: bool,
// }
async fn get_user(Path(login): Path<String>, app: Arc<AppState>) -> Result<Json<User>> {
let user = app
.db
.get_user_by_github_login(&login)
.await?
.ok_or_else(|| anyhow!("user not found"))?;
Ok(Json(user))
}
// request
// .db()
// .set_user_is_admin(user_id, params.admin)
// .await?;
#[derive(Deserialize)]
struct CreateAccessTokenQueryParams {
public_key: String,
impersonate: Option<String>,
}
// Ok(tide::Response::builder(StatusCode::Ok).build())
// }
#[derive(Serialize)]
struct CreateAccessTokenResponse {
user_id: UserId,
encrypted_access_token: String,
}
// async fn destroy_user(request: Request) -> tide::Result {
// request.require_token().await?;
// let user_id = UserId(
// request
// .param("id")?
// .parse::<i32>()
// .map_err(|error| surf::Error::from_str(StatusCode::BadRequest, error.to_string()))?,
// );
async fn create_access_token(
Path(login): Path<String>,
Query(params): Query<CreateAccessTokenQueryParams>,
app: Arc<AppState>,
) -> Result<Json<CreateAccessTokenResponse>> {
// request.require_token().await?;
// request.db().destroy_user(user_id).await?;
let user = app
.db
.get_user_by_github_login(&login)
.await?
.ok_or_else(|| anyhow!("user not found"))?;
// Ok(tide::Response::builder(StatusCode::Ok).build())
// }
let mut user_id = user.id;
if let Some(impersonate) = params.impersonate {
if user.admin {
if let Some(impersonated_user) = app.db.get_user_by_github_login(&impersonate).await? {
user_id = impersonated_user.id;
} else {
return Err(Error::Http(
StatusCode::UNPROCESSABLE_ENTITY,
format!("user {impersonate} does not exist"),
));
}
} else {
return Err(Error::Http(
StatusCode::UNAUTHORIZED,
format!("you do not have permission to impersonate other users"),
));
}
}
// async fn create_access_token(request: Request) -> tide::Result {
// request.require_token().await?;
let access_token = auth::create_access_token(app.db.as_ref(), user_id).await?;
let encrypted_access_token =
auth::encrypt_access_token(&access_token, params.public_key.clone())?;
// let user = request
// .db()
// .get_user_by_github_login(request.param("github_login")?)
// .await?
// .ok_or_else(|| surf::Error::from_str(StatusCode::NotFound, "user not found"))?;
// #[derive(Deserialize)]
// struct QueryParams {
// public_key: String,
// impersonate: Option<String>,
// }
// let query_params: QueryParams = request.query().map_err(|_| {
// surf::Error::from_str(StatusCode::UnprocessableEntity, "invalid query params")
// })?;
// let mut user_id = user.id;
// if let Some(impersonate) = query_params.impersonate {
// if user.admin {
// if let Some(impersonated_user) =
// request.db().get_user_by_github_login(&impersonate).await?
// {
// user_id = impersonated_user.id;
// } else {
// return Ok(tide::Response::builder(StatusCode::UnprocessableEntity)
// .body(format!(
// "Can't impersonate non-existent user {}",
// impersonate
// ))
// .build());
// }
// } else {
// return Ok(tide::Response::builder(StatusCode::Unauthorized)
// .body(format!(
// "Can't impersonate user {} because the real user isn't an admin",
// impersonate
// ))
// .build());
// }
// }
// let access_token = auth::create_access_token(request.db().as_ref(), user_id).await?;
// let encrypted_access_token =
// auth::encrypt_access_token(&access_token, query_params.public_key.clone())?;
// Ok(tide::Response::builder(StatusCode::Ok)
// .body(json!({"user_id": user_id, "encrypted_access_token": encrypted_access_token}))
// .build())
// }
Ok(Json(CreateAccessTokenResponse {
user_id,
encrypted_access_token,
}))
}
// #[async_trait]
// pub trait RequestExt {