Move to a better way to support surrealdb objects with our http endpoints

Author: SirEndii

src/api/post.rs

@@ -1,11 +1,11 @@
-use std::path::PathBuf;
-use actix_web::{Error, get, HttpResponse, patch, put, Scope, web, post, delete};
+use crate::definitions::{Post, PostData, User};
+use crate::storage::database_manager::DatabaseManager;
+use crate::storage::storage_manager::StorageManager;
 use actix_web::web::Json;
+use actix_web::{delete, get, patch, post, put, web, Error, HttpResponse, Scope};
 use futures_util::StreamExt;
 use log::error;
-use crate::definitions::{BodyPost, BodyUser, Post, User};
-use crate::storage::database_manager::DatabaseManager;
-use crate::storage::storage_manager::StorageManager;
+use std::path::PathBuf;
 
 pub fn blog_service() -> Scope {
     web::scope("/api/v1/posts")
@@ -18,10 +18,10 @@ pub fn blog_service() -> Scope {
 #[get("")]
 async fn posts_get(
     user: User,
-    database_manager: web::Data<DatabaseManager>) -> Result<HttpResponse, Error> {
-
+    database_manager: web::Data<DatabaseManager>,
+) -> Result<HttpResponse, Error> {
     if !user.admin {
-        return Ok(HttpResponse::Unauthorized().finish())
+        return Ok(HttpResponse::Unauthorized().finish());
     }
 
     let posts = match database_manager.fetch_posts().await {
@@ -36,71 +36,56 @@ async fn posts_get(
 #[get("/{postId}")]
 async fn post_get(
     path: web::Path<String>,
-    database_manager: web::Data<DatabaseManager>) -> Result<HttpResponse, Error> {
-
+    database_manager: web::Data<DatabaseManager>,
+) -> Result<HttpResponse, Error> {
     let post_id = path.into_inner();
 
     let found_post: Option<Post> = match database_manager.fetch_post(post_id).await {
-        Ok(found_post) => {
-            found_post
-        }
+        Ok(found_post) => found_post,
         Err(_) => {
             return Ok(HttpResponse::InternalServerError().finish());
         }
     };
 
     match found_post {
-        Some(found_user) => {
-            Ok(HttpResponse::Ok().json(found_user))
-        }
-        None => {
-            Ok(HttpResponse::NotFound().finish())
-        }
+        Some(found_user) => Ok(HttpResponse::Ok().json(found_user)),
+        None => Ok(HttpResponse::NotFound().finish()),
     }
 }
 
 #[delete("/{postId}")]
 async fn post_delete(
     user: User,
     path: web::Path<String>,
-    database_manager: web::Data<DatabaseManager>) -> Result<HttpResponse, Error> {
-
+    database_manager: web::Data<DatabaseManager>,
+) -> Result<HttpResponse, Error> {
     let post_id = path.into_inner();
 
     if !user.admin {
-        return Ok(HttpResponse::Unauthorized().finish())
+        return Ok(HttpResponse::Unauthorized().finish());
     }
 
     match database_manager.delete_post(post_id).await {
-        Ok(_) => {
-            Ok(HttpResponse::Ok().finish())
-        },
-        Err(_) => {
-            Ok(HttpResponse::InternalServerError().finish())
-        }
+        Ok(_) => Ok(HttpResponse::Ok().finish()),
+        Err(_) => Ok(HttpResponse::InternalServerError().finish()),
     }
 }
 
 #[post("")]
 async fn post_post(
     user: User,
-    body: Json<BodyPost>,
-    database_manager: web::Data<DatabaseManager>) -> Result<HttpResponse, Error> {
-
+    body: Json<PostData>,
+    database_manager: web::Data<DatabaseManager>,
+) -> Result<HttpResponse, Error> {
     if !user.admin {
-        return Ok(HttpResponse::Unauthorized().finish())
+        return Ok(HttpResponse::Unauthorized().finish());
     }
 
-    let post = body.into_inner();
-
-    match database_manager.add_post(post).await {
-        Ok(_) => {
-        }
+    match database_manager.add_post(body.into_inner()).await {
+        Ok(_) => Ok(HttpResponse::Created().finish()),
         Err(err) => {
-            error!("Could not post post {err}");
-            return Ok(HttpResponse::InternalServerError().finish())
+            error!("Could not post post: {}", err);
+            Ok(HttpResponse::InternalServerError().finish())
         }
     }
-
-    Ok(HttpResponse::Ok().finish())
 }

src/api/users.rs

@@ -3,7 +3,7 @@ use actix_web::{Error, get, HttpResponse, patch, put, Scope, web, post, delete};
 use actix_web::web::Json;
 use futures_util::StreamExt;
 use log::error;
-use crate::definitions::{BodyUser, User};
+use crate::definitions::{ User, UserData};
 use crate::storage::database_manager::DatabaseManager;
 use crate::storage::storage_manager::StorageManager;
 
@@ -93,7 +93,7 @@ async fn user_delete(
 #[post("")]
 async fn user_post(
     user: User,
-    body: Json<BodyUser>,
+    body: Json<UserData>,
     database_manager: web::Data<DatabaseManager>) -> Result<HttpResponse, Error> {
 
     if !user.admin {
@@ -106,7 +106,7 @@ async fn user_post(
         Ok(_) => {
         }
         Err(err) => {
-            error!("Could not update user {err}");
+            error!("Could not create user {err}");
             return Ok(HttpResponse::InternalServerError().finish())
         }
     }
@@ -145,9 +145,10 @@ async fn user_exists(
 #[patch("/{userId}")]
 async fn user_patch(
     user: User,
-    body: Json<BodyUser>,
+    body: Json<UserData>,
     path: web::Path<String>,
-    database_manager: web::Data<DatabaseManager>) -> Result<HttpResponse, Error> {
+    database_manager: web::Data<DatabaseManager>
+) -> Result<HttpResponse, Error> {
     let user_id = path.into_inner();
 
     if !user.admin && !user.compare(&user_id) {
@@ -167,7 +168,6 @@ async fn user_patch(
         }
         Some(mut modified_user) => {
             // Apply partial updates based on the fields provided in the request body
-            // Can we make this a bit more clean? Especially if we have more fields in the future, this is ass to maintain
             if let Some(name) = body.name.clone() {
                 modified_user.name = name;
             }
@@ -188,10 +188,17 @@ async fn user_patch(
             }
 
             match database_manager.update_user(&modified_user).await {
-                Ok(_) => {
-                    // We use the body here since I do not want to send the password back in the response
-                    //if it was not included in the request.
-                    Ok(HttpResponse::Ok().json(body))
+                Ok(updated_user) => {
+                    // Create a new UserData instance without the password
+                    let response_data = UserData {
+                        name: updated_user.as_ref().map(|u| u.name.clone()),
+                        admin: updated_user.as_ref().map(|u| u.admin.clone()),
+                        email: updated_user.as_ref().map(|u| u.email.clone()),
+                        password: None,
+                        firstname: updated_user.as_ref().and_then(|u| u.firstname.clone()),
+                        lastname: updated_user.as_ref().and_then(|u| u.lastname.clone()),
+                    };
+                    Ok(HttpResponse::Ok().json(response_data))
                 }
                 Err(err) => {
                     error!("Couldn't patch user {}", err);
@@ -202,6 +209,7 @@ async fn user_patch(
     }
 }
 
+
 #[put("/{userId}/image")]
 async fn user_picture_put(
     user: User,

src/auth.rs

@@ -6,6 +6,7 @@ use actix_web::dev::Payload;
 use actix_web::web::{Data, Json};
 use actix_web_httpauth::extractors::bearer::BearerAuth;
 use jsonwebtoken::{encode, decode, Header as JwtHeader, Algorithm, Validation, EncodingKey, DecodingKey, errors::Result as JwtResult};
+use log::error;
 use serde::{Deserialize, Serialize};
 use crate::definitions::{User};
 use crate::storage::database_manager::DatabaseManager;
@@ -68,7 +69,10 @@ impl FromRequest for User {
                                         None => Err(error::ErrorUnauthorized("User not found"))
                                     }
                                 },
-                                Err(_) => Err(error::ErrorUnauthorized("Failed to fetch user from database"))
+                                Err(err) => {
+                                    error!("{}", err);
+                                    Err(error::ErrorUnauthorized("Failed to fetch user from database"))
+                                }
                             }
                         },
                         Err(_) => Err(error::ErrorUnauthorized("Invalid token"))
@@ -128,7 +132,10 @@ async fn auth_login(
                 None => Err(error::ErrorUnauthorized("Invalid credentials"))
             }
         },
-        Err(_) => Err(error::ErrorInternalServerError("Failed to fetch user from database"))
+        Err(err) => {
+            error!("{}", err);
+            Err(error::ErrorUnauthorized("Failed to fetch user from database"))
+        }
     }
 }
 

src/definitions.rs

@@ -1,8 +1,7 @@
 use std::cmp::PartialEq;
 use std::fmt;
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
-use surrealdb::Datetime;
-use surrealdb::sql::Id;
+use surrealdb::sql::{Datetime, Id, Thing};
 
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct IntelliThing {
@@ -21,25 +20,49 @@ impl PartialEq for IntelliThing {
     }
 }
 
+#[derive(Serialize, Deserialize, Debug, Clone)]
+pub struct UserData {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    #[serde(default)]
+    pub(crate) admin: Option<bool>,
+    pub(crate) name: Option<String>,
+    pub(crate) email: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub(crate) password: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub(crate) firstname: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub(crate) lastname: Option<String>,
+}
+
 #[derive(Serialize, Deserialize, Debug)]
 pub struct User {
     #[serde(serialize_with = "serialize_record_id")]
     pub(crate) id: IntelliThing,
     pub(crate) admin: bool,
     pub(crate) name: String,
     pub(crate) email: String,
-    #[serde(skip_serializing)]
     pub(crate) password: String,
     pub(crate) firstname: Option<String>,
     pub(crate) lastname: Option<String>,
 }
 
+#[derive(Serialize, Deserialize, Debug)]
+pub struct PostData {
+    #[serde(serialize_with = "serialize_option_record_id", deserialize_with = "deserialize_record_id")]
+    pub(crate) author: Option<IntelliThing>,
+    pub(crate) likes: Option<i32>,
+    pub(crate) views: Option<i32>,
+    pub(crate) title: Option<String>,
+    pub(crate) posted: Option<Datetime>,
+}
+
 #[derive(Serialize, Deserialize, Debug)]
 pub struct Post {
     #[serde(serialize_with = "serialize_record_id")]
     pub(crate) id: IntelliThing,
-    #[serde(serialize_with = "serialize_record_id")]
-    pub(crate) author: IntelliThing,
+    #[serde(deserialize_with="deserialize_thing")]
+    pub(crate) author: Thing,
     pub(crate) likes: i32,
     pub(crate) views: i32,
     pub(crate) title: String,
@@ -58,29 +81,21 @@ impl User {
     }
 }
 
+impl PostData {
+    pub fn to_surreal(&self) -> surrealdb::Result<Post> {
+        let author = self.author.as_ref().map(|author| {
+            Thing::from(("user", author.id.clone()))
+        });
 
-// Used by the http endpoint to allow patching the user
-#[derive(Serialize, Deserialize, Debug)]
-pub struct BodyUser {
-    #[serde(serialize_with = "serialize_option_record_id", deserialize_with = "deserialize_record_id")]
-    pub(crate) id: Option<IntelliThing>,
-    pub(crate) name: Option<String>,
-    pub(crate) email: Option<String>,
-    pub(crate) admin: Option<bool>,
-    pub(crate) password: Option<String>,
-    pub(crate) firstname: Option<String>,
-    pub(crate) lastname: Option<String>,
-}
-
-// Used by the http endpoint to allow patching the post
-#[derive(Serialize, Deserialize, Debug)]
-pub struct BodyPost {
-    #[serde(serialize_with = "serialize_option_record_id", deserialize_with = "deserialize_record_id")]
-    pub(crate) author: Option<IntelliThing>,
-    pub(crate) likes: Option<i32>,
-    pub(crate) views: Option<i32>,
-    pub(crate) title: Option<String>,
-    pub(crate) posted: Option<Datetime>,
+        Ok(Post {
+            id: IntelliThing { id: Id::rand() }, // This will be generated by SurrealDB
+            author: Thing::from(("user", Id::rand())),
+            likes: self.likes.unwrap_or(0),
+            views: self.views.unwrap_or(0),
+            title: self.title.clone().unwrap_or_default(),
+            posted: self.posted.clone().unwrap_or(Datetime::default()),
+        })
+    }
 }
 
 fn serialize_record_id<S>(record_id: &IntelliThing, serializer: S) -> Result<S::Ok, S::Error>
@@ -90,6 +105,13 @@ fn serialize_record_id<S>(record_id: &IntelliThing, serializer: S) -> Result<S::
     serializer.serialize_str(&record_id.id.to_string())
 }
 
+fn serialize_thing<S>(record_id: &Thing, serializer: S) -> Result<S::Ok, S::Error>
+where
+    S: Serializer,
+{
+    serializer.serialize_str(&record_id.id.to_string())
+}
+
 fn serialize_option_record_id<S>(record_id: &Option<IntelliThing>, serializer: S) -> Result<S::Ok, S::Error>
 where
     S: Serializer,
@@ -109,4 +131,11 @@ where D: Deserializer<'de> {
     let buf = String::deserialize(deserializer)?;
 
     Ok(Some(IntelliThing { id: Id::String(buf) }))
+}
+
+fn deserialize_thing<'de, D>(deserializer: D) -> Result<Thing, D::Error>
+where D: Deserializer<'de> {
+    let buf = String::deserialize(deserializer)?;
+
+    Ok(Thing::from(("", Id::from(buf))))
 }