commit 66a4c5d48bc6acdf6f30b15824992507dd3ca15e
parent b4e222d59889b32fdbed2ad0c31249b1b497d245
Author: Miroslav Prasil <miroslav@prasil.info>
Date: Mon, 12 Nov 2018 17:13:25 +0000
Implement comparison between i32 and UserOrgType
Diffstat:
4 files changed, 112 insertions(+), 32 deletions(-)
diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
@@ -91,7 +91,7 @@ fn leave_organization(org_id: String, headers: Headers, conn: DbConn) -> EmptyRe
match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
None => err!("User not part of organization"),
Some(user_org) => {
- if user_org.type_ == UserOrgType::Owner as i32 {
+ if user_org.type_ == UserOrgType::Owner {
let num_owners = UserOrganization::find_by_org_and_type(
&org_id, UserOrgType::Owner as i32, &conn)
.len();
@@ -378,9 +378,9 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade
None => err!("Invalid type")
};
- if new_type != UserOrgType::User as i32 &&
- headers.org_user_type != UserOrgType::Owner as i32 {
- err!("Only Owners can invite Admins or Owners")
+ if new_type != UserOrgType::User &&
+ headers.org_user_type != UserOrgType::Owner {
+ err!("Only Owners can invite Managers, Admins or Owners")
}
for email in data.Emails.iter() {
@@ -452,9 +452,9 @@ fn confirm_invite(org_id: String, org_user_id: String, data: JsonUpcase<Value>,
None => err!("The specified user isn't a member of the organization")
};
- if user_to_confirm.type_ != UserOrgType::User as i32 &&
- headers.org_user_type != UserOrgType::Owner as i32 {
- err!("Only Owners can confirm Admins or Owners")
+ if user_to_confirm.type_ != UserOrgType::User &&
+ headers.org_user_type != UserOrgType::Owner {
+ err!("Only Owners can confirm Managers, Admins or Owners")
}
if user_to_confirm.status != UserOrgStatus::Accepted as i32 {
@@ -502,7 +502,7 @@ fn edit_user(org_id: String, org_user_id: String, data: JsonUpcase<EditUserData>
let data: EditUserData = data.into_inner().data;
let new_type = match UserOrgType::from_str(&data.Type.into_string()) {
- Some(new_type) => new_type as i32,
+ Some(new_type) => new_type,
None => err!("Invalid type")
};
@@ -511,21 +511,21 @@ fn edit_user(org_id: String, org_user_id: String, data: JsonUpcase<EditUserData>
None => err!("The specified user isn't member of the organization")
};
- if new_type != user_to_edit.type_ as i32 && (
- user_to_edit.type_ <= UserOrgType::Admin as i32 ||
- new_type <= UserOrgType::Admin as i32
+ if new_type != user_to_edit.type_ && (
+ user_to_edit.type_ >= UserOrgType::Admin ||
+ new_type >= UserOrgType::Admin
) &&
- headers.org_user_type != UserOrgType::Owner as i32 {
+ headers.org_user_type != UserOrgType::Owner {
err!("Only Owners can grant and remove Admin or Owner privileges")
}
- if user_to_edit.type_ == UserOrgType::Owner as i32 &&
- headers.org_user_type != UserOrgType::Owner as i32 {
+ if user_to_edit.type_ == UserOrgType::Owner &&
+ headers.org_user_type != UserOrgType::Owner {
err!("Only Owners can edit Owner users")
}
- if user_to_edit.type_ == UserOrgType::Owner as i32 &&
- new_type != UserOrgType::Owner as i32 {
+ if user_to_edit.type_ == UserOrgType::Owner &&
+ new_type != UserOrgType::Owner {
// Removing owner permmission, check that there are at least another owner
let num_owners = UserOrganization::find_by_org_and_type(
@@ -538,7 +538,7 @@ fn edit_user(org_id: String, org_user_id: String, data: JsonUpcase<EditUserData>
}
user_to_edit.access_all = data.AccessAll;
- user_to_edit.type_ = new_type;
+ user_to_edit.type_ = new_type as i32;
// Delete all the odd collections
for c in CollectionUser::find_by_organization_and_user_uuid(&org_id, &user_to_edit.user_uuid, &conn) {
@@ -591,12 +591,12 @@ fn delete_user(org_id: String, org_user_id: String, headers: AdminHeaders, conn:
None => err!("User to delete isn't member of the organization")
};
- if user_to_delete.type_ != UserOrgType::User as i32 &&
- headers.org_user_type != UserOrgType::Owner as i32 {
+ if user_to_delete.type_ != UserOrgType::User &&
+ headers.org_user_type != UserOrgType::Owner {
err!("Only Owners can delete Admins or Owners")
}
- if user_to_delete.type_ == UserOrgType::Owner as i32 {
+ if user_to_delete.type_ == UserOrgType::Owner {
// Removing owner, check that there are at least another owner
let num_owners = UserOrganization::find_by_org_and_type(
&org_id, UserOrgType::Owner as i32, &conn)
@@ -653,7 +653,7 @@ fn post_org_import(query: OrgIdData, data: JsonUpcase<ImportData>, headers: Head
None => err!("User is not part of the organization")
};
- if org_user.type_ > UserOrgType::Admin as i32 {
+ if org_user.type_ < UserOrgType::Admin {
err!("Only admins or owners can import into an organization")
}
diff --git a/src/auth.rs b/src/auth.rs
@@ -184,7 +184,7 @@ pub struct OrgHeaders {
pub host: String,
pub device: Device,
pub user: User,
- pub org_user_type: i32,
+ pub org_user_type: UserOrgType,
}
impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
@@ -225,7 +225,13 @@ impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
host: headers.host,
device: headers.device,
user: headers.user,
- org_user_type: org_user.type_,
+ org_user_type: {
+ if let Some(org_usr_type) = UserOrgType::from_i32(&org_user.type_) {
+ org_usr_type
+ } else { // This should only happen if the DB is corrupted
+ err_handler!("Unknown user type in the database")
+ }
+ },
})
}
}
@@ -238,7 +244,7 @@ pub struct AdminHeaders {
pub host: String,
pub device: Device,
pub user: User,
- pub org_user_type: i32,
+ pub org_user_type: UserOrgType,
}
impl<'a, 'r> FromRequest<'a, 'r> for AdminHeaders {
@@ -249,15 +255,15 @@ impl<'a, 'r> FromRequest<'a, 'r> for AdminHeaders {
Outcome::Forward(f) => Outcome::Forward(f),
Outcome::Failure(f) => Outcome::Failure(f),
Outcome::Success(headers) => {
- if headers.org_user_type > UserOrgType::Admin as i32 {
- err_handler!("You need to be Admin or Owner to call this endpoint")
- } else {
+ if headers.org_user_type >= UserOrgType::Admin {
Outcome::Success(Self{
host: headers.host,
device: headers.device,
user: headers.user,
org_user_type: headers.org_user_type,
})
+ } else {
+ err_handler!("You need to be Admin or Owner to call this endpoint")
}
}
}
@@ -278,14 +284,14 @@ impl<'a, 'r> FromRequest<'a, 'r> for OwnerHeaders {
Outcome::Forward(f) => Outcome::Forward(f),
Outcome::Failure(f) => Outcome::Failure(f),
Outcome::Success(headers) => {
- if headers.org_user_type > UserOrgType::Owner as i32 {
- err_handler!("You need to be Owner to call this endpoint")
- } else {
+ if headers.org_user_type == UserOrgType::Owner {
Outcome::Success(Self{
host: headers.host,
device: headers.device,
user: headers.user,
})
+ } else {
+ err_handler!("You need to be Owner to call this endpoint")
}
}
}
diff --git a/src/db/models/organization.rs b/src/db/models/organization.rs
@@ -1,3 +1,4 @@
+use std::cmp::Ordering;
use serde_json::Value as JsonValue;
use uuid::Uuid;
@@ -32,10 +33,71 @@ pub enum UserOrgStatus {
Confirmed = 2,
}
+#[derive(Copy, Clone)]
+#[derive(PartialEq)]
+#[derive(Eq)]
pub enum UserOrgType {
Owner = 0,
Admin = 1,
User = 2,
+ Manager = 3,
+}
+
+impl Ord for UserOrgType {
+ fn cmp(&self, other: &UserOrgType) -> Ordering {
+ if self == other {
+ Ordering::Equal
+ } else {
+ match self {
+ UserOrgType::Owner => Ordering::Greater,
+ UserOrgType::Admin => match other {
+ UserOrgType::Owner => Ordering::Less,
+ _ => Ordering::Greater
+ },
+ UserOrgType::Manager => match other {
+ UserOrgType::Owner | UserOrgType::Admin => Ordering::Less,
+ _ => Ordering::Greater
+ },
+ UserOrgType::User => Ordering::Less
+ }
+ }
+ }
+}
+
+impl PartialOrd for UserOrgType {
+ fn partial_cmp(&self, other: &UserOrgType) -> Option<Ordering> {
+ Some(self.cmp(other))
+ }
+}
+
+impl PartialEq<i32> for UserOrgType {
+ fn eq(&self, other: &i32) -> bool {
+ *other == *self as i32
+ }
+}
+
+impl PartialOrd<i32> for UserOrgType {
+ fn partial_cmp(&self, other: &i32) -> Option<Ordering> {
+ if let Some(other) = Self::from_i32(other) {
+ return Some(self.cmp(&other))
+ }
+ return None
+ }
+}
+
+impl PartialEq<UserOrgType> for i32 {
+ fn eq(&self, other: &UserOrgType) -> bool {
+ *self == *other as i32
+ }
+}
+
+impl PartialOrd<UserOrgType> for i32 {
+ fn partial_cmp(&self, other: &UserOrgType) -> Option<Ordering> {
+ if let Some(self_type) = UserOrgType::from_i32(self) {
+ return Some(self_type.cmp(other))
+ }
+ return None
+ }
}
impl UserOrgType {
@@ -44,9 +106,21 @@ impl UserOrgType {
"0" | "Owner" => Some(UserOrgType::Owner),
"1" | "Admin" => Some(UserOrgType::Admin),
"2" | "User" => Some(UserOrgType::User),
+ "3" | "Manager" => Some(UserOrgType::Manager),
+ _ => None,
+ }
+ }
+
+ pub fn from_i32(i: &i32) -> Option<Self> {
+ match i {
+ 0 => Some(UserOrgType::Owner),
+ 1 => Some(UserOrgType::Admin),
+ 2 => Some(UserOrgType::User),
+ 3 => Some(UserOrgType::Manager),
_ => None,
}
}
+
}
/// Local methods
@@ -302,7 +376,7 @@ impl UserOrganization {
}
pub fn has_full_access(self) -> bool {
- self.access_all || self.type_ < UserOrgType::User as i32
+ self.access_all || self.type_ >= UserOrgType::Admin
}
pub fn find_by_uuid(uuid: &str, conn: &DbConn) -> Option<Self> {
diff --git a/src/db/models/user.rs b/src/db/models/user.rs
@@ -157,7 +157,7 @@ impl User {
pub fn delete(self, conn: &DbConn) -> QueryResult<()> {
for user_org in UserOrganization::find_by_user(&self.uuid, &*conn) {
- if user_org.type_ == UserOrgType::Owner as i32 {
+ if user_org.type_ == UserOrgType::Owner {
if UserOrganization::find_by_org_and_type(
&user_org.org_uuid,
UserOrgType::Owner as i32, &conn
