get admin functions into admin scope
This commit is contained in:
parent
f5d9094149
commit
f1bc63d2c1
24 changed files with 163 additions and 180 deletions
|
@ -1,20 +0,0 @@
|
|||
--CREATE TYPE survey_bench AS (
|
||||
-- difficulty INTEGER,
|
||||
-- duration FLOAT(8)
|
||||
--);
|
||||
|
||||
CREATE EXTENSION IF NOT EXISTS hstore;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS survey_responses (
|
||||
user_id UUID NOT NULL references survey_users(ID) ON DELETE CASCADE,
|
||||
device_user_provided VARCHAR(400) NOT NULL,
|
||||
device_software_recognised VARCHAR(400) NOT NULL,
|
||||
ID SERIAL PRIMARY KEY NOT NULL,
|
||||
threads INTEGER
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS survey_benches (
|
||||
resp_id INTEGER NOT NULL references survey_responses(ID) ON DELETE CASCADE,
|
||||
difficulty INTEGER NOT NULL,
|
||||
duration FLOAT(8) NOT NULL
|
||||
);
|
|
@ -1,5 +0,0 @@
|
|||
CREATE TABLE IF NOT EXISTS survey_response_tokens (
|
||||
resp_id INTEGER NOT NULL references survey_responses(ID) ON DELETE CASCADE,
|
||||
user_id UUID NOT NULL references survey_users(ID) ON DELETE CASCADE,
|
||||
ID UUID PRIMARY KEY NOT NULL UNIQUE
|
||||
);
|
|
@ -8,10 +8,32 @@ CREATE TABLE IF NOT EXISTS survey_admins (
|
|||
ID SERIAL PRIMARY KEY NOT NULL
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS survey_challenges (
|
||||
CREATE TABLE IF NOT EXISTS survey_campaigns (
|
||||
ID UUID PRIMARY KEY NOT NULL UNIQUE,
|
||||
user_id INTEGER NOT NULL references survey_admins(ID) ON DELETE CASCADE,
|
||||
name VARCHAR(200) NOT NULL,
|
||||
difficulties INTEGER[] NOT NULL,
|
||||
created_at TIMESTAMPTZ NOT NULL
|
||||
)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS survey_responses (
|
||||
user_id UUID NOT NULL references survey_users(ID) ON DELETE CASCADE,
|
||||
campaign_id UUID NOT NULL references survey_campaigns(ID) ON DELETE CASCADE,
|
||||
device_user_provided VARCHAR(400) NOT NULL,
|
||||
device_software_recognised VARCHAR(400) NOT NULL,
|
||||
ID SERIAL PRIMARY KEY NOT NULL,
|
||||
threads INTEGER
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS survey_benches (
|
||||
resp_id INTEGER NOT NULL references survey_responses(ID) ON DELETE CASCADE,
|
||||
difficulty INTEGER NOT NULL,
|
||||
duration FLOAT(8) NOT NULL
|
||||
);
|
||||
|
||||
|
||||
CREATE TABLE IF NOT EXISTS survey_response_tokens (
|
||||
resp_id INTEGER NOT NULL references survey_responses(ID) ON DELETE CASCADE,
|
||||
user_id UUID NOT NULL references survey_users(ID) ON DELETE CASCADE,
|
||||
ID UUID PRIMARY KEY NOT NULL UNIQUE
|
||||
);
|
||||
|
|
|
@ -23,8 +23,8 @@ use crate::errors::*;
|
|||
use crate::AppData;
|
||||
|
||||
#[my_codegen::post(
|
||||
path = "crate::V1_API_ROUTES.account.delete",
|
||||
wrap = "crate::api::v1::get_admin_check_login()"
|
||||
path = "crate::V1_API_ROUTES.admin.account.delete",
|
||||
wrap = "crate::api::v1::admin::get_admin_check_login()"
|
||||
)]
|
||||
async fn delete_account(
|
||||
id: Identity,
|
|
@ -29,7 +29,7 @@ pub struct Email {
|
|||
pub email: String,
|
||||
}
|
||||
|
||||
#[my_codegen::post(path = "crate::V1_API_ROUTES.account.email_exists")]
|
||||
#[my_codegen::post(path = "crate::V1_API_ROUTES.admin.account.email_exists")]
|
||||
pub async fn email_exists(
|
||||
payload: web::Json<AccountCheckPayload>,
|
||||
data: AppData,
|
||||
|
@ -54,8 +54,8 @@ pub async fn email_exists(
|
|||
|
||||
/// update email
|
||||
#[my_codegen::post(
|
||||
path = "crate::V1_API_ROUTES.account.update_email",
|
||||
wrap = "crate::api::v1::get_admin_check_login()"
|
||||
path = "crate::V1_API_ROUTES.admin.account.update_email",
|
||||
wrap = "crate::api::v1::admin::get_admin_check_login()"
|
||||
)]
|
||||
async fn set_email(
|
||||
id: Identity,
|
|
@ -42,14 +42,14 @@ pub mod routes {
|
|||
|
||||
impl Account {
|
||||
pub const fn new() -> Account {
|
||||
let get_secret = "/api/v1/account/secret/get";
|
||||
let update_secret = "/api/v1/account/secret/update";
|
||||
let delete = "/api/v1/account/delete";
|
||||
let email_exists = "/api/v1/account/email/exists";
|
||||
let username_exists = "/api/v1/account/username/exists";
|
||||
let update_username = "/api/v1/account/username/update";
|
||||
let update_email = "/api/v1/account/email/update";
|
||||
let update_password = "/api/v1/account/password/update";
|
||||
let get_secret = "/api/v1/admin/account/secret/get";
|
||||
let update_secret = "/api/v1/admin/account/secret/update";
|
||||
let delete = "/api/v1/admin/account/delete";
|
||||
let email_exists = "/api/v1/admin/account/email/exists";
|
||||
let username_exists = "/api/v1/admin/account/username/exists";
|
||||
let update_username = "/api/v1/admin/account/username/update";
|
||||
let update_email = "/api/v1/admin/account/email/update";
|
||||
let update_password = "/api/v1/admin/account/password/update";
|
||||
Account {
|
||||
delete,
|
||||
email_exists,
|
|
@ -20,7 +20,7 @@ use argon2_creds::Config;
|
|||
use serde::{Deserialize, Serialize};
|
||||
use sqlx::Error::RowNotFound;
|
||||
|
||||
use crate::api::v1::auth::runners::Password;
|
||||
use crate::api::v1::admin::auth::runners::Password;
|
||||
use crate::errors::*;
|
||||
use crate::*;
|
||||
|
||||
|
@ -69,8 +69,8 @@ async fn update_password_runner(
|
|||
}
|
||||
|
||||
#[my_codegen::post(
|
||||
path = "crate::V1_API_ROUTES.account.update_password",
|
||||
wrap = "crate::api::v1::get_admin_check_login()"
|
||||
path = "crate::V1_API_ROUTES.admin.account.update_password",
|
||||
wrap = "crate::api::v1::admin::get_admin_check_login()"
|
||||
)]
|
||||
async fn update_user_password(
|
||||
id: Identity,
|
||||
|
@ -167,7 +167,7 @@ mod tests {
|
|||
bad_post_req_test(
|
||||
NAME,
|
||||
new_password,
|
||||
ROUTES.account.update_password,
|
||||
ROUTES.admin.account.update_password,
|
||||
&update_password,
|
||||
ServiceError::PasswordsDontMatch,
|
||||
)
|
||||
|
@ -182,7 +182,7 @@ mod tests {
|
|||
bad_post_req_test(
|
||||
NAME,
|
||||
new_password,
|
||||
ROUTES.account.update_password,
|
||||
ROUTES.admin.account.update_password,
|
||||
&update_password,
|
||||
ServiceError::WrongPassword,
|
||||
)
|
||||
|
@ -196,7 +196,7 @@ mod tests {
|
|||
|
||||
let update_password_resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&update_password, ROUTES.account.update_password)
|
||||
post_request!(&update_password, ROUTES.admin.account.update_password)
|
||||
.cookie(cookies)
|
||||
.to_request(),
|
||||
)
|
|
@ -30,8 +30,8 @@ pub struct Secret {
|
|||
}
|
||||
|
||||
#[my_codegen::get(
|
||||
path = "crate::V1_API_ROUTES.account.get_secret",
|
||||
wrap = "crate::api::v1::get_admin_check_login()"
|
||||
path = "crate::V1_API_ROUTES.admin.account.get_secret",
|
||||
wrap = "crate::api::v1::admin::get_admin_check_login()"
|
||||
)]
|
||||
async fn get_secret(id: Identity, data: AppData) -> ServiceResult<impl Responder> {
|
||||
let username = id.identity().unwrap();
|
||||
|
@ -48,8 +48,8 @@ async fn get_secret(id: Identity, data: AppData) -> ServiceResult<impl Responder
|
|||
}
|
||||
|
||||
#[my_codegen::post(
|
||||
path = "crate::V1_API_ROUTES.account.update_secret",
|
||||
wrap = "crate::api::v1::get_admin_check_login()"
|
||||
path = "crate::V1_API_ROUTES.admin.account.update_secret",
|
||||
wrap = "crate::api::v1::admin::get_admin_check_login()"
|
||||
)]
|
||||
async fn update_user_secret(
|
||||
id: Identity,
|
|
@ -21,7 +21,7 @@ use actix_web::test;
|
|||
use super::email::*;
|
||||
use super::username::Username;
|
||||
use super::*;
|
||||
use crate::api::v1::auth::runners::Password;
|
||||
use crate::api::v1::admin::auth::runners::Password;
|
||||
use crate::api::v1::ROUTES;
|
||||
use crate::data::Data;
|
||||
use crate::*;
|
||||
|
@ -49,7 +49,7 @@ async fn uname_email_exists_works() {
|
|||
&app,
|
||||
test::TestRequest::get()
|
||||
.cookie(cookies.clone())
|
||||
.uri(ROUTES.account.get_secret)
|
||||
.uri(ROUTES.admin.account.get_secret)
|
||||
.to_request(),
|
||||
)
|
||||
.await;
|
||||
|
@ -60,7 +60,7 @@ async fn uname_email_exists_works() {
|
|||
&app,
|
||||
test::TestRequest::post()
|
||||
.cookie(cookies.clone())
|
||||
.uri(ROUTES.account.update_secret)
|
||||
.uri(ROUTES.admin.account.update_secret)
|
||||
.to_request(),
|
||||
)
|
||||
.await;
|
||||
|
@ -70,7 +70,7 @@ async fn uname_email_exists_works() {
|
|||
|
||||
let user_exists_resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&payload, ROUTES.account.username_exists)
|
||||
post_request!(&payload, ROUTES.admin.account.username_exists)
|
||||
.cookie(cookies.clone())
|
||||
.to_request(),
|
||||
)
|
||||
|
@ -83,7 +83,7 @@ async fn uname_email_exists_works() {
|
|||
|
||||
let user_doesnt_exist = test::call_service(
|
||||
&app,
|
||||
post_request!(&payload, ROUTES.account.username_exists)
|
||||
post_request!(&payload, ROUTES.admin.account.username_exists)
|
||||
.cookie(cookies.clone())
|
||||
.to_request(),
|
||||
)
|
||||
|
@ -94,7 +94,7 @@ async fn uname_email_exists_works() {
|
|||
|
||||
let email_doesnt_exist = test::call_service(
|
||||
&app,
|
||||
post_request!(&payload, ROUTES.account.email_exists)
|
||||
post_request!(&payload, ROUTES.admin.account.email_exists)
|
||||
.cookie(cookies.clone())
|
||||
.to_request(),
|
||||
)
|
||||
|
@ -107,7 +107,7 @@ async fn uname_email_exists_works() {
|
|||
|
||||
let email_exist = test::call_service(
|
||||
&app,
|
||||
post_request!(&payload, ROUTES.account.email_exists)
|
||||
post_request!(&payload, ROUTES.admin.account.email_exists)
|
||||
.cookie(cookies.clone())
|
||||
.to_request(),
|
||||
)
|
||||
|
@ -142,7 +142,7 @@ async fn email_udpate_password_validation_del_userworks() {
|
|||
};
|
||||
let email_update_resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&email_payload, ROUTES.account.update_email)
|
||||
post_request!(&email_payload, ROUTES.admin.account.update_email)
|
||||
//post_request!(&email_payload, EMAIL_UPDATE)
|
||||
.cookie(cookies.clone())
|
||||
.to_request(),
|
||||
|
@ -155,7 +155,7 @@ async fn email_udpate_password_validation_del_userworks() {
|
|||
bad_post_req_test(
|
||||
NAME,
|
||||
PASSWORD,
|
||||
ROUTES.account.update_email,
|
||||
ROUTES.admin.account.update_email,
|
||||
&email_payload,
|
||||
ServiceError::EmailTaken,
|
||||
)
|
||||
|
@ -168,7 +168,7 @@ async fn email_udpate_password_validation_del_userworks() {
|
|||
bad_post_req_test(
|
||||
NAME,
|
||||
PASSWORD,
|
||||
ROUTES.account.delete,
|
||||
ROUTES.admin.account.delete,
|
||||
&payload,
|
||||
ServiceError::WrongPassword,
|
||||
)
|
||||
|
@ -178,7 +178,7 @@ async fn email_udpate_password_validation_del_userworks() {
|
|||
payload.password = PASSWORD.into();
|
||||
let delete_user_resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&payload, ROUTES.account.delete)
|
||||
post_request!(&payload, ROUTES.admin.account.delete)
|
||||
.cookie(cookies.clone())
|
||||
.to_request(),
|
||||
)
|
||||
|
@ -189,7 +189,7 @@ async fn email_udpate_password_validation_del_userworks() {
|
|||
// try to delete an account that doesn't exist
|
||||
let account_not_found_resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&payload, ROUTES.account.delete)
|
||||
post_request!(&payload, ROUTES.admin.account.delete)
|
||||
.cookie(cookies)
|
||||
.to_request(),
|
||||
)
|
||||
|
@ -229,7 +229,7 @@ async fn username_update_works() {
|
|||
};
|
||||
let username_update_resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&username_udpate, ROUTES.account.update_username)
|
||||
post_request!(&username_udpate, ROUTES.admin.account.update_username)
|
||||
.cookie(cookies)
|
||||
.to_request(),
|
||||
)
|
||||
|
@ -241,7 +241,7 @@ async fn username_update_works() {
|
|||
bad_post_req_test(
|
||||
NAME_CHANGE,
|
||||
PASSWORD,
|
||||
ROUTES.account.update_username,
|
||||
ROUTES.admin.account.update_username,
|
||||
&username_udpate,
|
||||
ServiceError::UsernameTaken,
|
||||
)
|
|
@ -24,7 +24,7 @@ use super::{AccountCheckPayload, AccountCheckResp};
|
|||
use crate::errors::*;
|
||||
use crate::AppData;
|
||||
|
||||
#[my_codegen::post(path = "crate::V1_API_ROUTES.account.username_exists")]
|
||||
#[my_codegen::post(path = "crate::V1_API_ROUTES.admin.account.username_exists")]
|
||||
async fn username_exists(
|
||||
payload: web::Json<AccountCheckPayload>,
|
||||
data: AppData,
|
||||
|
@ -66,8 +66,8 @@ pub struct Username {
|
|||
|
||||
/// update username
|
||||
#[my_codegen::post(
|
||||
path = "crate::V1_API_ROUTES.account.update_username",
|
||||
wrap = "crate::api::v1::get_admin_check_login()"
|
||||
path = "crate::V1_API_ROUTES.admin.account.update_username",
|
||||
wrap = "crate::api::v1::admin::get_admin_check_login()"
|
||||
)]
|
||||
async fn set_username(
|
||||
id: Identity,
|
|
@ -33,9 +33,9 @@ pub mod routes {
|
|||
|
||||
impl Auth {
|
||||
pub const fn new() -> Auth {
|
||||
let login = "/api/v1/signin";
|
||||
let login = "/api/v1/admin/signin";
|
||||
let logout = "/logout";
|
||||
let register = "/api/v1/signup";
|
||||
let register = "/api/v1/admin/signup";
|
||||
Auth {
|
||||
logout,
|
||||
login,
|
||||
|
@ -201,7 +201,7 @@ pub fn services(cfg: &mut web::ServiceConfig) {
|
|||
cfg.service(login);
|
||||
cfg.service(signout);
|
||||
}
|
||||
#[my_codegen::post(path = "crate::V1_API_ROUTES.auth.register")]
|
||||
#[my_codegen::post(path = "crate::V1_API_ROUTES.admin.auth.register")]
|
||||
async fn register(
|
||||
payload: web::Json<runners::Register>,
|
||||
data: AppData,
|
||||
|
@ -210,7 +210,7 @@ async fn register(
|
|||
Ok(HttpResponse::Ok())
|
||||
}
|
||||
|
||||
#[my_codegen::post(path = "crate::V1_API_ROUTES.auth.login")]
|
||||
#[my_codegen::post(path = "crate::V1_API_ROUTES.admin.auth.login")]
|
||||
async fn login(
|
||||
id: Identity,
|
||||
payload: web::Json<runners::Login>,
|
||||
|
@ -222,14 +222,14 @@ async fn login(
|
|||
Ok(HttpResponse::Ok())
|
||||
}
|
||||
#[my_codegen::get(
|
||||
path = "crate::V1_API_ROUTES.auth.logout",
|
||||
wrap = "crate::api::v1::get_admin_check_login()"
|
||||
path = "crate::V1_API_ROUTES.admin.auth.logout",
|
||||
wrap = "crate::api::v1::admin::get_admin_check_login()"
|
||||
)]
|
||||
async fn signout(id: Identity) -> impl Responder {
|
||||
if id.identity().is_some() {
|
||||
id.forget();
|
||||
}
|
||||
HttpResponse::Found()
|
||||
.append_header((header::LOCATION, crate::middleware::auth::AUTH))
|
||||
.append_header((header::LOCATION, crate::V1_API_ROUTES.admin.auth.register))
|
||||
.finish()
|
||||
}
|
|
@ -31,7 +31,7 @@ pub mod routes {
|
|||
|
||||
impl Challenges {
|
||||
pub const fn new() -> Challenges {
|
||||
let add = "/api/v1/challenges/add";
|
||||
let add = "/api/v1/admin/challenges/add";
|
||||
Challenges { add }
|
||||
}
|
||||
}
|
52
src/api/v1/admin/mod.rs
Normal file
52
src/api/v1/admin/mod.rs
Normal file
|
@ -0,0 +1,52 @@
|
|||
/*
|
||||
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
use actix_web::web::ServiceConfig;
|
||||
|
||||
pub mod account;
|
||||
pub mod auth;
|
||||
#[cfg(test)]
|
||||
mod tests;
|
||||
|
||||
pub use super::{get_random, get_uuid};
|
||||
|
||||
pub fn services(cfg: &mut ServiceConfig) {
|
||||
auth::services(cfg);
|
||||
account::services(cfg);
|
||||
}
|
||||
|
||||
pub fn get_admin_check_login() -> crate::CheckLogin {
|
||||
crate::CheckLogin::new(crate::V1_API_ROUTES.admin.auth.register)
|
||||
}
|
||||
|
||||
pub mod routes {
|
||||
use super::account::routes::Account;
|
||||
use super::auth::routes::Auth;
|
||||
|
||||
pub struct Admin {
|
||||
pub auth: Auth,
|
||||
pub account: Account,
|
||||
}
|
||||
|
||||
impl Admin {
|
||||
pub const fn new() -> Admin {
|
||||
Admin {
|
||||
account: Account::new(),
|
||||
auth: Auth::new(),
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -18,7 +18,7 @@
|
|||
use actix_web::http::{header, StatusCode};
|
||||
use actix_web::test;
|
||||
|
||||
use crate::api::v1::auth::runners::{Login, Register};
|
||||
use crate::api::v1::admin::auth::runners::{Login, Register};
|
||||
use crate::api::v1::ROUTES;
|
||||
use crate::data::Data;
|
||||
use crate::errors::*;
|
||||
|
@ -44,8 +44,10 @@ async fn auth_works() {
|
|||
confirm_password: PASSWORD.into(),
|
||||
email: None,
|
||||
};
|
||||
let resp =
|
||||
test::call_service(&app, post_request!(&msg, ROUTES.auth.register).to_request())
|
||||
let resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&msg, ROUTES.admin.auth.register).to_request(),
|
||||
)
|
||||
.await;
|
||||
assert_eq!(resp.status(), StatusCode::OK);
|
||||
// delete user
|
||||
|
@ -68,7 +70,7 @@ async fn auth_works() {
|
|||
bad_post_req_test(
|
||||
NAME,
|
||||
PASSWORD,
|
||||
ROUTES.auth.register,
|
||||
ROUTES.admin.auth.register,
|
||||
&msg,
|
||||
ServiceError::UsernameTaken,
|
||||
)
|
||||
|
@ -79,7 +81,7 @@ async fn auth_works() {
|
|||
bad_post_req_test(
|
||||
NAME,
|
||||
PASSWORD,
|
||||
ROUTES.auth.register,
|
||||
ROUTES.admin.auth.register,
|
||||
&msg,
|
||||
ServiceError::EmailTaken,
|
||||
)
|
||||
|
@ -93,7 +95,7 @@ async fn auth_works() {
|
|||
bad_post_req_test(
|
||||
NAME,
|
||||
PASSWORD,
|
||||
ROUTES.auth.login,
|
||||
ROUTES.admin.auth.login,
|
||||
&creds,
|
||||
ServiceError::AccountNotFound,
|
||||
)
|
||||
|
@ -103,7 +105,7 @@ async fn auth_works() {
|
|||
bad_post_req_test(
|
||||
NAME,
|
||||
PASSWORD,
|
||||
ROUTES.auth.login,
|
||||
ROUTES.admin.auth.login,
|
||||
&creds,
|
||||
ServiceError::AccountNotFound,
|
||||
)
|
||||
|
@ -116,7 +118,7 @@ async fn auth_works() {
|
|||
bad_post_req_test(
|
||||
NAME,
|
||||
PASSWORD,
|
||||
ROUTES.auth.login,
|
||||
ROUTES.admin.auth.login,
|
||||
&creds,
|
||||
ServiceError::WrongPassword,
|
||||
)
|
||||
|
@ -126,7 +128,7 @@ async fn auth_works() {
|
|||
let signout_resp = test::call_service(
|
||||
&app,
|
||||
test::TestRequest::get()
|
||||
.uri(ROUTES.auth.logout)
|
||||
.uri(ROUTES.admin.auth.logout)
|
||||
.cookie(cookies)
|
||||
.to_request(),
|
||||
)
|
||||
|
@ -135,7 +137,7 @@ async fn auth_works() {
|
|||
let headers = signout_resp.headers();
|
||||
assert_eq!(
|
||||
headers.get(header::LOCATION).unwrap(),
|
||||
crate::middleware::auth::AUTH
|
||||
crate::V1_API_ROUTES.admin.auth.register,
|
||||
)
|
||||
}
|
||||
|
||||
|
@ -159,7 +161,7 @@ async fn serverside_password_validation_works() {
|
|||
};
|
||||
let resp = test::call_service(
|
||||
&app,
|
||||
post_request!(®ister_msg, ROUTES.auth.register).to_request(),
|
||||
post_request!(®ister_msg, ROUTES.admin.auth.register).to_request(),
|
||||
)
|
||||
.await;
|
||||
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
|
|
@ -29,12 +29,6 @@ async fn protected_routes_work() {
|
|||
const PASSWORD: &str = "longpassword2";
|
||||
const EMAIL: &str = "testuser119@a.com2";
|
||||
|
||||
let _post_protected_urls = [
|
||||
"/api/v1/account/secret/",
|
||||
"/api/v1/account/email/",
|
||||
"/api/v1/account/delete",
|
||||
];
|
||||
|
||||
let get_protected_urls = ["/logout"];
|
||||
|
||||
{
|
||||
|
@ -61,7 +55,7 @@ async fn protected_routes_work() {
|
|||
)
|
||||
.await;
|
||||
|
||||
if url == &V1_API_ROUTES.auth.logout {
|
||||
if url == &V1_API_ROUTES.admin.auth.logout {
|
||||
assert_eq!(authenticated_resp.status(), StatusCode::FOUND);
|
||||
} else {
|
||||
assert_eq!(authenticated_resp.status(), StatusCode::OK);
|
|
@ -37,7 +37,7 @@ pub mod routes {
|
|||
|
||||
impl Benches {
|
||||
pub const fn new() -> Benches {
|
||||
let submit = "/api/v1/benches/submit";
|
||||
let submit = "/api/v1/benches/{campaign_id}/submit";
|
||||
let register = "/api/v1/benches/register";
|
||||
let scope = "/api/v1/benches/";
|
||||
Benches {
|
||||
|
@ -46,6 +46,9 @@ pub mod routes {
|
|||
scope,
|
||||
}
|
||||
}
|
||||
pub fn submit_route(&self, campaign_id: &str) -> String {
|
||||
self.submit.replace("{campaign_id}", &campaign_id)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -128,8 +131,11 @@ async fn submit(
|
|||
data: AppData,
|
||||
id: Identity,
|
||||
payload: web::Json<Submission>,
|
||||
path: web::Path<String>,
|
||||
) -> ServiceResult<impl Responder> {
|
||||
let username = id.identity().unwrap();
|
||||
let path = path.into_inner();
|
||||
let campaign_id = Uuid::parse_str(&path).map_err(|_| ServiceError::NotAnId)?;
|
||||
|
||||
let user_id = Uuid::from_str(&username).unwrap();
|
||||
let payload = payload.into_inner();
|
||||
|
@ -137,11 +143,13 @@ async fn submit(
|
|||
sqlx::query!(
|
||||
"INSERT INTO survey_responses (
|
||||
user_id,
|
||||
campaign_id,
|
||||
device_user_provided,
|
||||
device_software_recognised,
|
||||
threads
|
||||
) VALUES ($1, $2, $3, $4);",
|
||||
) VALUES ($1, $2, $3, $4, $5);",
|
||||
&user_id,
|
||||
&campaign_id,
|
||||
&payload.device_user_provided,
|
||||
&payload.device_software_recognised,
|
||||
&payload.threads
|
||||
|
|
|
@ -1,62 +0,0 @@
|
|||
/*
|
||||
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
use std::collections::HashMap;
|
||||
use std::sync::Arc;
|
||||
|
||||
use sqlx::PgPool;
|
||||
use uuid::Uuid;
|
||||
|
||||
#[derive(Clone, Debug)]
|
||||
pub struct ChallengeCache {
|
||||
store: HashMap<Uuid, Arc<Vec<i32>>>,
|
||||
db: PgPool,
|
||||
}
|
||||
|
||||
impl ChallengeCache {
|
||||
pub fn new(db: PgPool) -> Self {
|
||||
let store = HashMap::default();
|
||||
Self { db, store }
|
||||
}
|
||||
|
||||
async fn get_db(&self, id: &Uuid) -> Vec<i32> {
|
||||
struct Foo {
|
||||
challenges: Vec<i32>,
|
||||
}
|
||||
let res = sqlx::query_as!(
|
||||
Foo,
|
||||
"SELECT challenges FROM survey_surveys WHERE id = $1",
|
||||
&id
|
||||
)
|
||||
.fetch_one(&self.db)
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
res.challenges
|
||||
}
|
||||
|
||||
pub async fn get(&mut self, k: &Uuid) -> Arc<Vec<i32>> {
|
||||
match self.store.get(k) {
|
||||
Some(val) => val.clone(),
|
||||
None => {
|
||||
let resp = self.get_db(k).await;
|
||||
let resp = Arc::new(resp);
|
||||
self.store.insert(k.clone(), resp.clone());
|
||||
resp
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -17,20 +17,16 @@
|
|||
use actix_web::web::ServiceConfig;
|
||||
use uuid::Uuid;
|
||||
|
||||
pub mod account;
|
||||
pub mod auth;
|
||||
pub mod admin;
|
||||
pub mod bench;
|
||||
mod meta;
|
||||
pub mod routes;
|
||||
pub use routes::ROUTES;
|
||||
#[cfg(test)]
|
||||
mod tests;
|
||||
|
||||
pub fn services(cfg: &mut ServiceConfig) {
|
||||
meta::services(cfg);
|
||||
auth::services(cfg);
|
||||
bench::services(cfg);
|
||||
account::services(cfg);
|
||||
admin::services(cfg);
|
||||
}
|
||||
|
||||
pub fn get_random(len: usize) -> String {
|
||||
|
@ -49,7 +45,3 @@ pub fn get_random(len: usize) -> String {
|
|||
pub fn get_uuid() -> Uuid {
|
||||
Uuid::new_v4()
|
||||
}
|
||||
|
||||
pub fn get_admin_check_login() -> crate::CheckLogin {
|
||||
crate::CheckLogin::new(crate::V1_API_ROUTES.auth.register)
|
||||
}
|
||||
|
|
|
@ -14,16 +14,14 @@
|
|||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
use super::account::routes::Account;
|
||||
use super::auth::routes::Auth;
|
||||
use super::admin::routes::Admin;
|
||||
use super::bench::routes::Benches;
|
||||
use super::meta::routes::Meta;
|
||||
|
||||
pub const ROUTES: Routes = Routes::new();
|
||||
|
||||
pub struct Routes {
|
||||
pub auth: Auth,
|
||||
pub account: Account,
|
||||
pub admin: Admin,
|
||||
pub meta: Meta,
|
||||
pub benches: Benches,
|
||||
}
|
||||
|
@ -31,8 +29,7 @@ pub struct Routes {
|
|||
impl Routes {
|
||||
const fn new() -> Routes {
|
||||
Routes {
|
||||
account: Account::new(),
|
||||
auth: Auth::new(),
|
||||
admin: Admin::new(),
|
||||
meta: Meta::new(),
|
||||
benches: Benches::new(),
|
||||
}
|
||||
|
|
|
@ -53,6 +53,10 @@ pub enum ServiceError {
|
|||
#[display(fmt = "The value you entered for email is not an email")] //405j
|
||||
NotAnEmail,
|
||||
|
||||
#[display(fmt = "The value you entered for campaign id is not a valid campaign ID")]
|
||||
//405j
|
||||
NotAnId,
|
||||
|
||||
/// when the a token name is already taken
|
||||
/// token not found
|
||||
#[display(fmt = "Token not found. Is token registered?")]
|
||||
|
@ -117,6 +121,7 @@ impl ResponseError for ServiceError {
|
|||
ServiceError::UsernameTaken => StatusCode::BAD_REQUEST,
|
||||
ServiceError::EmailTaken => StatusCode::BAD_REQUEST,
|
||||
ServiceError::NotAnEmail => StatusCode::BAD_REQUEST,
|
||||
ServiceError::NotAnId => StatusCode::BAD_REQUEST,
|
||||
ServiceError::WrongPassword => StatusCode::UNAUTHORIZED,
|
||||
ServiceError::AccountNotFound => StatusCode::NOT_FOUND,
|
||||
|
||||
|
|
|
@ -142,7 +142,7 @@ pub fn get_identity_service() -> IdentityService<CookieIdentityPolicy> {
|
|||
let cookie_secret = &SETTINGS.server.cookie_secret;
|
||||
IdentityService::new(
|
||||
CookieIdentityPolicy::new(cookie_secret.as_bytes())
|
||||
.path("/admin")
|
||||
.path("/api/v1/admin")
|
||||
.name("survey-auth")
|
||||
.max_age_secs(60 * 24)
|
||||
.domain(&SETTINGS.server.domain)
|
||||
|
|
|
@ -24,8 +24,6 @@ use actix_web::{http, Error, FromRequest, HttpResponse};
|
|||
|
||||
use futures::future::{ok, Either, Ready};
|
||||
|
||||
pub const AUTH: &str = crate::V1_API_ROUTES.auth.register;
|
||||
|
||||
pub struct CheckLogin {
|
||||
login: &'static str,
|
||||
}
|
||||
|
|
|
@ -22,7 +22,7 @@ use actix_web::{dev::ServiceResponse, error::ResponseError, http::StatusCode};
|
|||
use serde::Serialize;
|
||||
|
||||
use super::*;
|
||||
use crate::api::v1::auth::runners::{Login, Register};
|
||||
use crate::api::v1::admin::auth::runners::{Login, Register};
|
||||
use crate::data::Data;
|
||||
use crate::errors::*;
|
||||
use crate::V1_API_ROUTES;
|
||||
|
@ -121,7 +121,7 @@ pub async fn register(name: &str, email: &str, password: &str) {
|
|||
};
|
||||
let resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&msg, V1_API_ROUTES.auth.register).to_request(),
|
||||
post_request!(&msg, V1_API_ROUTES.admin.auth.register).to_request(),
|
||||
)
|
||||
.await;
|
||||
assert_eq!(resp.status(), StatusCode::OK);
|
||||
|
@ -139,7 +139,7 @@ pub async fn signin(name: &str, password: &str) -> (Arc<Data>, Login, ServiceRes
|
|||
};
|
||||
let signin_resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&creds, V1_API_ROUTES.auth.login).to_request(),
|
||||
post_request!(&creds, V1_API_ROUTES.admin.auth.login).to_request(),
|
||||
)
|
||||
.await;
|
||||
assert_eq!(signin_resp.status(), StatusCode::OK);
|
||||
|
|
Loading…
Reference in a new issue