Add method to get information for a single user

Signed-off-by: trivernis <trivernis@protonmail.com>
4 years ago · 7f274b82ab
parent 0fae280c18
commit 7f274b82ab
4 changed files with 31 additions and 2 deletions
--- a/src/database/permissions.rs
+++ b/src/database/permissions.rs
@ -13,16 +13,18 @@ pub(crate) const ROLE_UPDATE_PERM: &str = "ROLE_UPDATE";
 pub(crate) const ROLE_DELETE_PERM: &str = "ROLE_DELETE";

 pub(crate) const USER_UPDATE_PERM: &str = "USER_UPDATE";
+pub(crate) const USER_VIEW_PERM: &str = "USER_VIEW";

 pub(crate) const USER_MANAGEMENT_PERMISSIONS: &[(&'static str, &'static str)] = &[
    (ROLE_CREATE_PERM, "Allows the user to create roles"),
    (ROLE_UPDATE_PERM, "Allows the user to update roles"),
    (ROLE_DELETE_PERM, "Allows the user to delete roles"),
-    (ROLE_VIEW_PERM, "Allows to see information for roles"),
+    (ROLE_VIEW_PERM, "Allows to see information of roles"),
    (
        USER_UPDATE_PERM,
        "Allows changing the name, password and email of a user",
    ),
+    (USER_VIEW_PERM, "Allows to see information of users"),
 ];

 /// The permissions table that stores defined
--- a/src/database/users.rs
+++ b/src/database/users.rs
@ -85,6 +85,12 @@ impl Users {
        email: &String,
        password: &Option<String>,
    ) -> DatabaseResult<UserInformation> {
+        log::trace!(
+            "Updating user {} with new entries name: {},  email: {}",
+            old_email,
+            name,
+            email
+        );
        let mut connection = self.pool.get()?;
        if connection
            .query_opt("SELECT email FROM users WHERE email = $1", &[&old_email])?
@ -124,6 +130,7 @@ impl Users {

    /// Returns information about a user by Id
    pub fn get_user(&self, id: i32) -> DatabaseResult<UserInformation> {
+        log::trace!("Looking up entry for user with id {}", id);
        let mut connection = self.pool.get()?;
        let result = connection
            .query_opt("SELECT id, name, email FROM users WHERE id = $1", &[&id])?
@ -133,6 +140,7 @@ impl Users {
    }

    pub fn get_user_by_email(&self, email: &String) -> DatabaseResult<UserInformation> {
+        log::trace!("Looking up entry for user with email {}", email);
        let mut connection = self.pool.get()?;
        let result = connection
            .query_opt(
@ -151,6 +159,7 @@ impl Users {
        email: &String,
        password: &String,
    ) -> DatabaseResult<SessionTokens> {
+        log::trace!("Creating new tokens for user with email {}", email);
        if self.validate_login(&email, password)? {
            let mut connection = self.pool.get()?;
            let row = connection.query_one("SELECT id FROM users WHERE email = $1", &[&email])?;
--- a/src/server/documentation/mod.rs
+++ b/src/server/documentation/mod.rs
@ -23,7 +23,6 @@ impl RESTDocumentation {
    }

    pub fn get(&self, path: String) -> String {
-        log::trace!("Rendering help for {}.", path);
        format!(
            "<html><head><style type='text/css'>{}</style></head><body>{}</body></html>",
            include_str!("style.css"),
@ -47,6 +46,7 @@ impl RESTDocumentation {
        method: &str,
        description: &str,
    ) -> Result<(), serde_json::error::Error> {
+        log::trace!("Prerendering documentation for {}", path);
        let input_schema = schema_for!(I);
        let output_schema = schema_for!(O);

@ -65,6 +65,8 @@ impl RESTDocumentation {
            self.base_path, method, path, description, input_json, output_json
        );
        self.paths.insert(path.to_string(), content);
+        log::trace!("Documentation for {} rendered", path);
+
        Ok(())
    }
 }
--- a/src/server/http_server.rs
+++ b/src/server/http_server.rs
@ -14,6 +14,7 @@ use serde::Serialize;
 use crate::database::models::{Role, UserInformation};
 use crate::database::permissions::{
    ROLE_CREATE_PERM, ROLE_DELETE_PERM, ROLE_UPDATE_PERM, ROLE_VIEW_PERM, USER_UPDATE_PERM,
+    USER_VIEW_PERM,
 };
 use crate::database::tokens::SessionTokens;
 use crate::database::Database;
@ -128,6 +129,9 @@ impl UserHttpServer {
                (POST) (/roles/{name: String}/delete) => {
                    Self::delete_role(&database, request, name).unwrap_or_else(HTTPError::into)
                },
+                (GET) (/users/{email: String}) => {
+                    Self::get_user(&database, request, email).unwrap_or_else(HTTPError::into)
+                },
                (POST) (/users/{email: String}/update) => {
                    Self::update_user(&database, request, email).unwrap_or_else(HTTPError::into)
                },
@ -205,6 +209,11 @@ impl UserHttpServer {
            "POST",
            "Change user information",
        )?;
+        doc.add_path::<(), UserInformation>(
+            "/users/{email:String}",
+            "GET",
+            "See user information",
+        )?;

        Ok(doc)
    }
@ -336,6 +345,13 @@ impl UserHttpServer {
        }))
    }

+    fn get_user(database: &Database, request: &Request, email: String) -> HTTPResult<Response> {
+        require_permission!(database, request, USER_VIEW_PERM);
+        let user = database.users.get_user_by_email(&email)?;
+
+        Ok(Response::json(&user))
+    }
+
    fn update_user(database: &Database, request: &Request, email: String) -> HTTPResult<Response> {
        let (_, id) = validate_request_token(request, database)?;
        let message = deserialize_body::<UpdateUserRequest>(&request)?;