Implemented http methods for authorization systems commands.

Author: penatem1

backend/migrations/2019-01-13-203149_create_users/up.sql

@@ -1,8 +1,8 @@
 -- Your SQL goes here
 CREATE TABLE users (
-  id SERIAL PRIMARY KEY,
+  id BIGINT SIGNED NOT NULL AUTO_INCREMENT UNIQUE PRIMARY KEY,
   first_name VARCHAR(255) NOT NULL,
   last_name VARCHAR(255) NOT NULL,
   banner_id INT(9) UNSIGNED NOT NULL,
   email VARCHAR(255)
-)
+)

backend/migrations/2019-03-08-171503_create_access/up.sql

@@ -1,6 +1,6 @@
 -- Your SQL goes here
 CREATE TABLE access (
-  id SERIAL PRIMARY KEY,
+  id BIGINT SIGNED NOT NULL AUTO_INCREMENT UNIQUE PRIMARY KEY,
   access_name VARCHAR(255) NOT NULL
 );
 
@@ -12,14 +12,16 @@ INSERT INTO access (access_name) VALUES
   ("DeleteUser");
 
 CREATE TABLE user_access (
-  permission_id SERIAL PRIMARY KEY,
-  access_id BIGINT UNSIGNED NOT NULL,
-  user_id BIGINT UNSIGNED NOT NULL,
+  permission_id BIGINT SIGNED NOT NULL AUTO_INCREMENT UNIQUE PRIMARY KEY,
+  access_id BIGINT SIGNED NOT NULL,
+  user_id BIGINT SIGNED NOT NULL,
   FOREIGN KEY (access_id)
     REFERENCES access(id)
-    ON DELETE CASCADE,
+    ON DELETE CASCADE
+    ON UPDATE CASCADE,
   FOREIGN KEY (user_id)
     REFERENCES users(id)
-    ON DELETE CASCADE,
+    ON DELETE CASCADE
+    ON UPDATE CASCADE,
   permission_level VARCHAR(255)
 );

backend/src/access/mod.rs

@@ -0,0 +1,3 @@
+pub mod models;
+pub mod requests;
+pub mod schema;

backend/src/access/models.rs

@@ -1,16 +1,24 @@
 use diesel::Queryable;
+
+use rouille::router;
+
 use serde::Deserialize;
 use serde::Serialize;
 
-use super::schema::{access, user_access};
+use url::form_urlencoded;
+
+use log::{trace, warn};
 
 use crate::errors::{WebdevError, WebdevErrorKind};
 
-use crate::users::models::{User, UserList};
+use crate::search::{NullableSearch, Search};
+
+use crate::users::models::UserList;
+use super::schema::{access, user_access};
 
 #[derive(Queryable, Serialize, Deserialize)]
 pub struct Access {
-    pub id: u64,
+    pub id: i64,
     pub access_name: String,
 }
 
@@ -20,55 +28,182 @@ pub struct NewAccess {
     pub access_name: String,
 }
 
+#[derive(AsChangeset, Serialize, Deserialize)]
+#[table_name = "access"]
+pub struct PartialAccess {
+    pub access_name: String,
+}
+
 pub enum AccessRequest {
+    GetAccess(i64), //id of access name searched
     CreateAccess(NewAccess), //new access type of some name to be created
-    GetAccess(u64), //id of access name searched
-    DeleteAccess(u64), //if of access to be deleted
-    RenameAccess(Access), //Contains id to be changed to new access_name
+    UpdateAccess(i64, PartialAccess), //Contains id to be changed to new access_name
+    DeleteAccess(i64), //if of access to be deleted
 }
 
 impl AccessRequest {
-    fn from_rouille(request: &rouille::Request) -> Result<AccessRequest, WebdevError> {
+    pub fn from_rouille(request: &rouille::Request) -> Result<AccessRequest, WebdevError> {
+        trace!("Creating AccessRequest from {:#?}", request);
+
+        router!(request,
+            (GET) (/{id: i64}) => {
+                Ok(AccessRequest::GetAccess(id))
+            },
+
+            (POST) (/) => {
+                let request_body = request.data().ok_or(WebdevError::new(WebdevErrorKind::Format))?;
+                let new_access: NewAccess = serde_json::from_reader(request_body)?;
+
+                Ok(AccessRequest::CreateAccess(new_access))
+            },
+
+            (POST) (/{id: i64}) => {
+                let request_body = request.data().ok_or(WebdevError::new(WebdevErrorKind::Format))?;
+                let update_access: PartialAccess = serde_json::from_reader(request_body)?;
 
+                Ok(AccessRequest::UpdateAccess(id, update_access))
+            },
+
+            (DELETE) (/{id: i64}) => {
+                Ok(AccessRequest::DeleteAccess(id))
+            },
+
+            _ => {
+                warn!("Could not create an access request for the given rouille request");
+                Err(WebdevError::new(WebdevErrorKind::NotFound))
+            }
+        ) //end router
+
+    }
+}
+
+pub enum AccessResponse {
+    OneAccess(Access),
+    NoResponse,
+}
+
+impl AccessResponse {
+    pub fn to_rouille(self) -> rouille::Response {
+        match self {
+            AccessResponse::OneAccess(access) => rouille::Response::json(&access),
+            AccessResponse::NoResponse => rouille::Response::empty_204(),
+        }
     }
 }
 
 
 
 #[derive(Queryable, Serialize, Deserialize)]
 pub struct UserAccess {
-    pub permission_id: u64,
-    pub access_id: u64,
-    pub user_id: u64,
+    pub permission_id: i64,
+    pub access_id: i64,
+    pub user_id: i64,
     pub permission_level: Option<String>,
 }
 
 #[derive(Insertable, Serialize, Deserialize)]
 #[table_name = "user_access"]
 pub struct NewUserAccess {
-    pub access_id: u64,
-    pub user_id: u64,
+    pub access_id: i64,
+    pub user_id: i64,
     pub permission_level: Option<String>,
 }
 
 #[derive(AsChangeset, Serialize, Deserialize)]
 #[table_name = "user_access"]
 pub struct PartialUserAccess {
-    pub access_id: u64,
-    pub user_id: u64,
+    pub access_id: i64,
+    pub user_id: i64,
     pub permission_level: Option<Option<String>>,
 }
 
+pub struct SearchUserAccess {
+    pub access_id: Search<i64>,
+    pub user_id: Search<i64>,
+    pub permission_level: NullableSearch<String>,
+}
+
 pub enum UserAccessRequest {
-    SearchAccess(UserList), //list of users with access id or (?) name
-    HasAccess(UserAccess), //entry allowing user of user_id to perform action of action_id
+    SearchAccess(SearchUserAccess), //list of users with access id or (?) name
+    CheckAccess(i64, i64), //entry allowing user of user_id to perform action of action_id
     CreateAccess(NewUserAccess), //entry to add to database
-    UpdateAccess(u64, PartialUserAccess), //entry to update with new information
-    DeleteUserAccess(u64), //entry to delete from database
+    UpdateAccess(i64, PartialUserAccess), //entry to update with new information
+    DeleteAccess(i64), //entry to delete from database
 }
 
 impl UserAccessRequest {
-    fn from_rouille(request: &rouille::Request) -> Result<UserAccessRequest, WebdevError> {
+    pub fn from_rouille(request: &rouille::Request) -> Result<UserAccessRequest, WebdevError> {
+        trace!("Creating UserAccessRequest from {:#?}", request);
+
+        let url_queries = form_urlencoded::parse(request.raw_query_string().as_bytes());
+
+        router!(request,
+            (GET) (/) => {
+
+                let mut access_id = Search::NoSearch;
+                let mut user_id = Search::NoSearch;
+                let mut permission_level = NullableSearch::NoSearch;
+
+                for (field, query) in url_queries {
+                    match field.as_ref() {
+                        "access_id" => access_id = Search::from_query(query.as_ref())?,
+                        "user_id" => user_id = Search::from_query(query.as_ref())?,
+                        "permission_level" => permission_level = NullableSearch::from_query(query.as_ref())?,
+                        _ => return Err(WebdevError::new(WebdevErrorKind::Format)),
+                    }
+                }
+
+                Ok(UserAccessRequest::SearchAccess(SearchUserAccess {
+                    access_id,
+                    user_id,
+                    permission_level,
+                }))
+            },
+
+            (GET) (/{user_id:i64}/{access_id: i64}) => {
+                Ok(UserAccessRequest::CheckAccess(user_id, access_id))
+            },
+
+            (POST) (/) => {
+                let request_body = request.data().ok_or(WebdevError::new(WebdevErrorKind::Format))?;
+                let new_user_access: NewUserAccess = serde_json::from_reader(request_body)?;
+
+                Ok(UserAccessRequest::CreateAccess(new_user_access))
+            },
+
+            (POST) (/{id: i64}) => {
+                let request_body = request.data().ok_or(WebdevError::new(WebdevErrorKind::Format))?;
+                let update_user_access: PartialUserAccess = serde_json::from_reader(request_body)?;
+
+                Ok(UserAccessRequest::UpdateAccess(id, update_user_access))
+            },
+
+            (DELETE) (/{id: i64}) => {
+                Ok(UserAccessRequest::DeleteAccess(id))
+            },
+
+            _ => {
+                warn!("Could not create a user access request for the given rouille request");
+                Err(WebdevError::new(WebdevErrorKind::NotFound))
+            }
+        ) //end router
+    }
+}
+
+pub enum UserAccessResponse {
+    ManyUsers(UserList),
+    AccessState(bool),
+    OneUserAccess(UserAccess),
+    NoResponse,
+}
 
+impl UserAccessResponse {
+    pub fn to_rouille(self) -> rouille::Response {
+        match self {
+            UserAccessResponse::ManyUsers(users) => rouille::Response::json(&users),
+            UserAccessResponse::AccessState(state) => rouille::Response::text(if state {"true"} else {"false"}),
+            UserAccessResponse::OneUserAccess(user_access) => rouille::Response::json(&user_access),
+            UserAccessResponse::NoResponse => rouille::Response::empty_204(),
+        }
     }
 }