Initial framework for permissions system.

Author: penatem1

backend/migrations/2019-03-08-171503_create_access/down.sql

@@ -0,0 +1,3 @@
+-- This file should undo anything in `up.sql`
+DROP TABLE user_access;
+DROP TABLE access;

backend/migrations/2019-03-08-171503_create_access/up.sql

@@ -0,0 +1,25 @@
+-- Your SQL goes here
+CREATE TABLE access (
+  id SERIAL PRIMARY KEY,
+  access_name VARCHAR(255) NOT NULL
+);
+
+INSERT INTO access (access_name) VALUES
+  ("SearchUser"),
+  ("GetUser"),
+  ("CreateUser"),
+  ("UpdateUser"),
+  ("DeleteUser");
+
+CREATE TABLE user_access (
+  permission_id SERIAL PRIMARY KEY,
+  access_id BIGINT UNSIGNED NOT NULL,
+  user_id BIGINT UNSIGNED NOT NULL,
+  FOREIGN KEY (access_id)
+    REFERENCES access(id)
+    ON DELETE CASCADE,
+  FOREIGN KEY (user_id)
+    REFERENCES users(id)
+    ON DELETE CASCADE,
+  permission_level VARCHAR(255)
+);

backend/src/access/models.rs

@@ -0,0 +1,74 @@
+use diesel::Queryable;
+use serde::Deserialize;
+use serde::Serialize;
+
+use super::schema::{access, user_access};
+
+use crate::errors::{WebdevError, WebdevErrorKind};
+
+use crate::users::models::{User, UserList};
+
+#[derive(Queryable, Serialize, Deserialize)]
+pub struct Access {
+    pub id: u64,
+    pub access_name: String,
+}
+
+#[derive(Insertable, Serialize, Deserialize)]
+#[table_name = "access"]
+pub struct NewAccess {
+    pub access_name: String,
+}
+
+pub enum AccessRequest {
+    CreateAccess(NewAccess), //new access type of some name to be created
+    GetAccess(u64), //id of access name searched
+    DeleteAccess(u64), //if of access to be deleted
+    RenameAccess(Access), //Contains id to be changed to new access_name
+}
+
+impl AccessRequest {
+    fn from_rouille(request: &rouille::Request) -> Result<AccessRequest, WebdevError> {
+
+    }
+}
+
+
+
+#[derive(Queryable, Serialize, Deserialize)]
+pub struct UserAccess {
+    pub permission_id: u64,
+    pub access_id: u64,
+    pub user_id: u64,
+    pub permission_level: Option<String>,
+}
+
+#[derive(Insertable, Serialize, Deserialize)]
+#[table_name = "user_access"]
+pub struct NewUserAccess {
+    pub access_id: u64,
+    pub user_id: u64,
+    pub permission_level: Option<String>,
+}
+
+#[derive(AsChangeset, Serialize, Deserialize)]
+#[table_name = "user_access"]
+pub struct PartialUserAccess {
+    pub access_id: u64,
+    pub user_id: u64,
+    pub permission_level: Option<Option<String>>,
+}
+
+pub enum UserAccessRequest {
+    SearchAccess(UserList), //list of users with access id or (?) name
+    HasAccess(UserAccess), //entry allowing user of user_id to perform action of action_id
+    CreateAccess(NewUserAccess), //entry to add to database
+    UpdateAccess(u64, PartialUserAccess), //entry to update with new information
+    DeleteUserAccess(u64), //entry to delete from database
+}
+
+impl UserAccessRequest {
+    fn from_rouille(request: &rouille::Request) -> Result<UserAccessRequest, WebdevError> {
+
+    }
+}

backend/src/access/schema.rs

@@ -0,0 +1,26 @@
+table! {
+    access (id) {
+        id -> Unsigned<Bigint>,
+        access_name -> Varchar,
+    }
+}
+
+table! {
+    user_access (permission_id) {
+        permission_id -> Unsigned<Integer>,
+        access_id -> Unsigned<Bigint>,
+        user_id -> Unsigned<Bigint>,
+        permission_level -> Nullable<Varchar>,
+    }
+}
+
+use crate::users::schema::users;
+
+joinable!(user_access -> access (access_id));
+joinable!(user_access -> users (user_id));
+
+allow_tables_to_appear_in_same_query!(
+    access,
+    user_access,
+    users,
+);