Add method to get all users and change /users/* method

The method /user/* method now returns the full informatio for a user that also includes the roles of the user. Signed-off-by: trivernis <trivernis@protonmail.com>
4 years ago · fee0f1e1aa
parent 7f274b82ab
commit fee0f1e1aa
3 changed files with 50 additions and 3 deletions
--- a/src/database/models.rs
+++ b/src/database/models.rs
@ -63,3 +63,11 @@ pub struct UserInformation {
    pub name: String,
    pub email: String,
 }
+
+#[derive(Serialize, Deserialize, JsonSchema)]
+pub struct UserFullInformation {
+    pub id: i32,
+    pub name: String,
+    pub email: String,
+    pub roles: Vec<Role>,
+}
--- a/src/database/users.rs
+++ b/src/database/users.rs
@ -152,6 +152,19 @@ impl Users {
        Ok(serde_postgres::from_row::<UserInformation>(&result)?)
    }

+    pub fn get_users(&self) -> DatabaseResult<Vec<UserInformation>> {
+        log::trace!("Returning a list of all users...");
+        let mut connection = self.pool.get()?;
+        let results = connection.query("SELECT id, name, email FROM users", &[])?;
+        let mut users = Vec::new();
+
+        for result in results {
+            users.push(serde_postgres::from_row::<UserInformation>(&result)?);
+        }
+
+        Ok(users)
+    }
+
    /// Creates new tokens for a user login that can be used by services
    /// that need those tokens to verify a user login
    pub fn create_tokens(
--- a/src/server/http_server.rs
+++ b/src/server/http_server.rs
@ -11,7 +11,7 @@ use rouille::{Request, Response, Server};
 use serde::export::Formatter;
 use serde::Serialize;

-use crate::database::models::{Role, UserInformation};
+use crate::database::models::{Role, UserFullInformation, UserInformation};
 use crate::database::permissions::{
    ROLE_CREATE_PERM, ROLE_DELETE_PERM, ROLE_UPDATE_PERM, ROLE_VIEW_PERM, USER_UPDATE_PERM,
    USER_VIEW_PERM,
@ -132,6 +132,9 @@ impl UserHttpServer {
                (GET) (/users/{email: String}) => {
                    Self::get_user(&database, request, email).unwrap_or_else(HTTPError::into)
                },
+                (GET) (/users) => {
+                    Self::get_users(&database, request).unwrap_or_else(HTTPError::into)
+                },
                (POST) (/users/{email: String}/update) => {
                    Self::update_user(&database, request, email).unwrap_or_else(HTTPError::into)
                },
@ -209,11 +212,16 @@ impl UserHttpServer {
            "POST",
            "Change user information",
        )?;
-        doc.add_path::<(), UserInformation>(
+        doc.add_path::<(), UserFullInformation>(
            "/users/{email:String}",
            "GET",
            "See user information",
        )?;
+        doc.add_path::<(), Vec<UserInformation>>(
+            "/users",
+            "GET",
+            "Returns information for all users",
+        )?;

        Ok(doc)
    }
@ -278,6 +286,7 @@ impl UserHttpServer {
        Ok(Response::json(&roles))
    }

+    /// Creates a new role with the given permissions
    fn create_role(database: &Database, request: &Request) -> HTTPResult<Response> {
        require_permission!(database, request, ROLE_CREATE_PERM);
        let message: ModifyRoleRequest = serde_json::from_str(parse_string_body(request)?.as_str())
@ -306,6 +315,7 @@ impl UserHttpServer {
        .with_status_code(201))
    }

+    /// Updates information for a single role
    fn update_role(database: &Database, request: &Request, name: String) -> HTTPResult<Response> {
        require_permission!(database, request, ROLE_UPDATE_PERM);
        let message: ModifyRoleRequest = deserialize_body(&request)?;
@ -335,6 +345,7 @@ impl UserHttpServer {
        }))
    }

+    /// Deletes a role from the database
    fn delete_role(database: &Database, request: &Request, role: String) -> HTTPResult<Response> {
        require_permission!(database, request, ROLE_DELETE_PERM);
        database.roles.delete_role(&role)?;
@ -345,11 +356,26 @@ impl UserHttpServer {
        }))
    }

+    /// Returns information for a single user
    fn get_user(database: &Database, request: &Request, email: String) -> HTTPResult<Response> {
        require_permission!(database, request, USER_VIEW_PERM);
        let user = database.users.get_user_by_email(&email)?;
+        let roles = database.user_roles.by_user(user.id)?;
+
+        Ok(Response::json(&UserFullInformation {
+            id: user.id,
+            name: user.name,
+            email: user.email,
+            roles,
+        }))
+    }
+
+    /// Returns a list of all users
+    fn get_users(database: &Database, request: &Request) -> HTTPResult<Response> {
+        require_permission!(database, request, USER_VIEW_PERM);
+        let users = database.users.get_users()?;

-        Ok(Response::json(&user))
+        Ok(Response::json(&users))
    }

    fn update_user(database: &Database, request: &Request, email: String) -> HTTPResult<Response> {