Chemical

backend/migrations/2019-01-13-203149_create_users/down.sql

@@ -1,2 +1,2 @@
 -- This file should undo anything in `up.sql`
-DROP TABLE users
+DROP TABLE users;

backend/migrations/2019-01-13-203149_create_users/up.sql

@@ -5,4 +5,4 @@ CREATE TABLE users (
   last_name VARCHAR(255) NOT NULL,
   banner_id INT(9) UNSIGNED NOT NULL,
   email VARCHAR(255)
-)
+);

backend/migrations/2019-03-08-171503_create_access/down.sql

@@ -0,0 +1,3 @@
+-- This file should undo anything in `up.sql`
+DROP TABLE user_access;
+DROP TABLE access;

backend/migrations/2019-03-08-171503_create_access/up.sql

@@ -0,0 +1,27 @@
+-- Your SQL goes here
+CREATE TABLE access (
+  id SERIAL PRIMARY KEY,
+  access_name VARCHAR(255) NOT NULL
+);
+
+INSERT INTO access (access_name) VALUES
+  ("SearchUser"),
+  ("GetUser"),
+  ("CreateUser"),
+  ("UpdateUser"),
+  ("DeleteUser");
+
+CREATE TABLE user_access (
+  permission_id SERIAL PRIMARY KEY,
+  access_id BIGINT UNSIGNED NOT NULL,
+  user_id BIGINT UNSIGNED NOT NULL,
+  FOREIGN KEY (access_id)
+    REFERENCES access(id)
+    ON DELETE CASCADE
+    ON UPDATE CASCADE,
+  FOREIGN KEY (user_id)
+    REFERENCES users(id)
+    ON DELETE CASCADE
+    ON UPDATE CASCADE,
+  permission_level VARCHAR(255)
+);

backend/migrations/2019-04-15-150025_chemicals/down.sql

@@ -0,0 +1,3 @@
+-- This file should undo anything in `up.sql`
+DROP chemical_inventory;
+DROP chemical;

backend/migrations/2019-04-15-150025_chemicals/up.sql

@@ -0,0 +1,30 @@
+-- Your SQL goes here
+CREATE TABLE chemical (
+  id SERIAL PRIMARY KEY,
+  name VARCHAR(255) NOT NULL,
+  purpose VARCHAR(1023) NOT NULL,
+  company_name VARCHAR(255) NOT NULL,
+  ingredients VARCHAR(1023) NOT NULL,
+  manual_link VARCHAR(1023) NOT NULL
+);
+
+CREATE TABLE chemical_inventory (
+  id SERIAL PRIMARY KEY,
+  purchaser_id BIGINT UNSIGNED NOT NULL,
+  custodian_id BIGINT UNSIGNED NOT NULL,
+  chemical_id BIGINT UNSIGNED NOT NULL,
+  storage_location VARCHAR(255) NOT NULL,
+  amount VARCHAR(255) NOT NULL,
+  FOREIGN KEY (purchaser_id)
+    REFERENCES users(id)
+    ON DELETE CASCADE
+    ON UPDATE CASCADE,
+  FOREIGN KEY (custodian_id)
+    REFERENCES users(id)
+    ON DELETE CASCADE
+    ON UPDATE CASCADE,
+  FOREIGN KEY (chemical_id)
+    REFERENCES chemical(id)
+    ON DELETE CASCADE
+    ON UPDATE CASCADE
+);

backend/src/access.rs

@@ -0,0 +1,3 @@
+pub mod models;
+pub mod requests;
+pub mod schema;

backend/src/access/models.rs

@@ -0,0 +1,238 @@
+use diesel::Queryable;
+
+use rouille::router;
+
+use serde::Deserialize;
+use serde::Serialize;
+
+use url::form_urlencoded;
+
+use log::{trace, warn};
+
+use crate::errors::{WebdevError, WebdevErrorKind};
+
+use crate::search::{NullableSearch, Search};
+
+use super::schema::{access, user_access};
+
+#[derive(Queryable, Serialize, Deserialize)]
+pub struct Access {
+    pub id: u64,
+    pub access_name: String,
+}
+
+#[derive(Insertable, Serialize, Deserialize)]
+#[table_name = "access"]
+pub struct NewAccess {
+    pub access_name: String,
+}
+
+#[derive(AsChangeset, Serialize, Deserialize)]
+#[table_name = "access"]
+pub struct PartialAccess {
+    pub access_name: String,
+}
+
+pub enum AccessRequest {
+    GetAccess(u64),                   //id of access name searched
+    CreateAccess(NewAccess), //new access type of some name to be created
+    UpdateAccess(u64, PartialAccess), //Contains id to be changed to new access_name
+    DeleteAccess(u64),                //if of access to be deleted
+}
+
+impl AccessRequest {
+    pub fn from_rouille(
+        request: &rouille::Request,
+    ) -> Result<AccessRequest, WebdevError> {
+        trace!("Creating AccessRequest from {:#?}", request);
+
+        router!(request,
+            (GET) (/{id: u64}) => {
+                Ok(AccessRequest::GetAccess(id))
+            },
+
+            (POST) (/) => {
+                let request_body = request.data().ok_or(WebdevError::new(WebdevErrorKind::Format))?;
+                let new_access: NewAccess = serde_json::from_reader(request_body)?;
+
+                Ok(AccessRequest::CreateAccess(new_access))
+            },
+
+            (POST) (/{id: u64}) => {
+                let request_body = request.data().ok_or(WebdevError::new(WebdevErrorKind::Format))?;
+                let update_access: PartialAccess = serde_json::from_reader(request_body)?;
+
+                Ok(AccessRequest::UpdateAccess(id, update_access))
+            },
+
+            (DELETE) (/{id: u64}) => {
+                Ok(AccessRequest::DeleteAccess(id))
+            },
+
+            _ => {
+                warn!("Could not create an access request for the given rouille request");
+                Err(WebdevError::new(WebdevErrorKind::NotFound))
+            }
+        ) //end router
+    }
+}
+
+pub enum AccessResponse {
+    OneAccess(Access),
+    NoResponse,
+}
+
+impl AccessResponse {
+    pub fn to_rouille(self) -> rouille::Response {
+        match self {
+            AccessResponse::OneAccess(access) => {
+                rouille::Response::json(&access)
+            }
+            AccessResponse::NoResponse => rouille::Response::empty_204(),
+        }
+    }
+}
+
+#[derive(Queryable, Serialize, Deserialize)]
+pub struct UserAccess {
+    pub permission_id: u64,
+    pub access_id: u64,
+    pub user_id: u64,
+    pub permission_level: Option<String>,
+}
+
+#[derive(Insertable, Serialize, Deserialize)]
+#[table_name = "user_access"]
+pub struct NewUserAccess {
+    pub access_id: u64,
+    pub user_id: u64,
+    pub permission_level: Option<String>,
+}
+
+#[derive(AsChangeset, Serialize, Deserialize)]
+#[table_name = "user_access"]
+pub struct PartialUserAccess {
+    pub access_id: u64,
+    pub user_id: u64,
+    pub permission_level: Option<Option<String>>,
+}
+
+pub struct SearchUserAccess {
+    pub access_id: Search<u64>,
+    pub user_id: Search<u64>,
+    pub permission_level: NullableSearch<String>,
+}
+
+pub enum UserAccessRequest {
+    SearchAccess(SearchUserAccess), //list of users with access id or (?) name
+    GetAccess(u64),                 //get individual access entry from its id
+    CheckAccess(u64, u64), //entry allowing user of user_id to perform action of action_id
+    CreateAccess(NewUserAccess), //entry to add to database
+    UpdateAccess(u64, PartialUserAccess), //entry to update with new information
+    DeleteAccess(u64),     //entry to delete from database
+}
+
+impl UserAccessRequest {
+    pub fn from_rouille(
+        request: &rouille::Request,
+    ) -> Result<UserAccessRequest, WebdevError> {
+        trace!("Creating UserAccessRequest from {:#?}", request);
+
+        let url_queries =
+            form_urlencoded::parse(request.raw_query_string().as_bytes());
+
+        router!(request,
+            (GET) (/) => {
+
+                let mut access_id_search = Search::NoSearch;
+                let mut user_id_search = Search::NoSearch;
+                let mut permission_level_search = NullableSearch::NoSearch;
+
+                for (field, query) in url_queries {
+                    match field.as_ref() as &str {
+                        "access_id" => access_id_search = Search::from_query(query.as_ref())?,
+                        "user_id" => user_id_search = Search::from_query(query.as_ref())?,
+                        "permission_level" => permission_level_search = NullableSearch::from_query(query.as_ref())?,
+                        _ => return Err(WebdevError::new(WebdevErrorKind::Format)),
+                    }
+                }
+
+                Ok(UserAccessRequest::SearchAccess(SearchUserAccess {
+                    access_id: access_id_search,
+                    user_id: user_id_search,
+                    permission_level: permission_level_search,
+                }))
+            },
+
+            (GET) (/{permission_id: u64}) => {
+                Ok(UserAccessRequest::GetAccess(permission_id))
+            },
+
+            (GET) (/{user_id:u64}/{access_id: u64}) => {
+                Ok(UserAccessRequest::CheckAccess(user_id, access_id))
+            },
+
+            (POST) (/) => {
+                let request_body = request.data().ok_or(WebdevError::new(WebdevErrorKind::Format))?;
+                let new_user_access: NewUserAccess = serde_json::from_reader(request_body)?;
+
+                Ok(UserAccessRequest::CreateAccess(new_user_access))
+            },
+
+            (POST) (/{id: u64}) => {
+                let request_body = request.data().ok_or(WebdevError::new(WebdevErrorKind::Format))?;
+                let update_user_access: PartialUserAccess = serde_json::from_reader(request_body)?;
+
+                Ok(UserAccessRequest::UpdateAccess(id, update_user_access))
+            },
+
+            (DELETE) (/{id: u64}) => {
+                Ok(UserAccessRequest::DeleteAccess(id))
+            },
+
+            _ => {
+                warn!("Could not create a user access request for the given rouille request");
+                Err(WebdevError::new(WebdevErrorKind::NotFound))
+            }
+        ) //end router
+    }
+}
+
+pub enum UserAccessResponse {
+    AccessState(bool),
+    ManyUserAccess(JoinedUserAccessList),
+    OneUserAccess(UserAccess),
+    NoResponse,
+}
+
+impl UserAccessResponse {
+    pub fn to_rouille(self) -> rouille::Response {
+        match self {
+            UserAccessResponse::AccessState(state) => {
+                rouille::Response::text(if state { "true" } else { "false" })
+            }
+            UserAccessResponse::ManyUserAccess(user_accesses) => {
+                rouille::Response::json(&user_accesses)
+            }
+            UserAccessResponse::OneUserAccess(user_access) => {
+                rouille::Response::json(&user_access)
+            }
+            UserAccessResponse::NoResponse => rouille::Response::empty_204(),
+        }
+    }
+}
+
+#[derive(Queryable, Serialize, Deserialize)]
+pub struct JoinedUserAccess {
+    pub permission_id: u64,
+    pub user_id: u64,
+    pub access_id: u64,
+    pub first_name: String,
+    pub last_name: String,
+    pub banner_id: u32,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct JoinedUserAccessList {
+    pub entries: Vec<JoinedUserAccess>,
+}