Permission changes
This commit is contained in:
@ -111,3 +111,11 @@ pub async fn delete_for_folder(folder_id: Uuid, user_id: i32, pool: &Pool) -> sq
|
||||
.await
|
||||
.map(|_| ())
|
||||
}
|
||||
|
||||
pub async fn get_top_level_permitted_folders(user_id: i32, pool: &Pool) -> sqlx::Result<Vec<Uuid>> {
|
||||
sqlx::query_file!("sql/get_top_level_folder.sql", user_id)
|
||||
.fetch(pool)
|
||||
.map_ok(|record| record.folder_id)
|
||||
.try_collect()
|
||||
.await
|
||||
}
|
||||
|
||||
11
src/endpoints/permissions/get_top_level_permitted_folders.rs
Normal file
11
src/endpoints/permissions/get_top_level_permitted_folders.rs
Normal file
@ -0,0 +1,11 @@
|
||||
use crate::prelude::*;
|
||||
|
||||
pub async fn get_top_level(
|
||||
State(state): State<AppState>,
|
||||
claims: Claims,
|
||||
) -> Result<Json<Vec<Uuid>>, StatusCode> {
|
||||
let folders = db::permissions::get_top_level_permitted_folders(claims.user_id, &state.pool)
|
||||
.await
|
||||
.handle_internal()?;
|
||||
Ok(Json(folders))
|
||||
}
|
||||
@ -1,3 +1,4 @@
|
||||
pub mod delete;
|
||||
pub mod get;
|
||||
pub mod get_top_level_permitted_folders;
|
||||
pub mod set;
|
||||
|
||||
@ -14,6 +14,13 @@ pub async fn set(
|
||||
State(state): State<AppState>,
|
||||
Json(params): Json<Params>,
|
||||
) -> Result<StatusCode, StatusCode> {
|
||||
let root = db::folder::get_root(claims.user_id, &state.pool)
|
||||
.await
|
||||
.handle_internal()?;
|
||||
if params.folder_id == root {
|
||||
return Err(StatusCode::BAD_REQUEST);
|
||||
}
|
||||
|
||||
db::folder::get_permissions(params.folder_id, claims.user_id, &state.pool)
|
||||
.await
|
||||
.handle_internal()?
|
||||
|
||||
13
src/main.rs
13
src/main.rs
@ -7,7 +7,7 @@ mod prelude;
|
||||
|
||||
use std::{env, net::Ipv4Addr};
|
||||
|
||||
use axum::{routing::get, Router};
|
||||
use axum::Router;
|
||||
use file_storage::FileStorage;
|
||||
use tokio::net::TcpListener;
|
||||
|
||||
@ -84,8 +84,11 @@ async fn main() -> anyhow::Result<()> {
|
||||
}
|
||||
|
||||
fn app(state: AppState) -> Router {
|
||||
use axum::http::header;
|
||||
use endpoints::{file, folder, permissions};
|
||||
use axum::{http::header, routing::get};
|
||||
use endpoints::{
|
||||
file, folder,
|
||||
permissions::{self, get_top_level_permitted_folders::get_top_level},
|
||||
};
|
||||
use tower_http::ServiceBuilderExt as _;
|
||||
|
||||
let sensitive_headers = [header::AUTHORIZATION, header::COOKIE];
|
||||
@ -116,6 +119,10 @@ fn app(state: AppState) -> Router {
|
||||
.post(permissions::set::set)
|
||||
.delete(permissions::delete::delete),
|
||||
)
|
||||
.route(
|
||||
"/permissions/get_top_level_permitted_folders",
|
||||
get(get_top_level),
|
||||
)
|
||||
.layer(middleware)
|
||||
.with_state(state)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user