+ Adding API handlers for /badge/update/* routes

* Fixing permissions for routes The /badge/update routes all share the same perms for now
2021-05-30 19:54:20 -07:00 · 2021-05-30 19:54:20 -07:00 · 0e6168a961
commit 0e6168a961
parent 1884580bf8
2 changed files with 83 additions and 9 deletions
--- a/json-api/src/badges.rs
+++ b/json-api/src/badges.rs
@ -32,17 +32,86 @@ pub async fn new(p: &Pool, response: &mut Response<Body>, params: HashMap<String
    }
 }

-pub async fn update(_p: &Pool, _response: &mut Response<Body>, _params: HashMap<String, String>) {
-    /* TODO:
-     * This handler could actually benefit from being split into multiple handlers
-     * Concern: Permissions handling with is route could get ugly when handling updates to the
-     * permissions flag in each badge which is why we may want a 
-     *  /badge/update/color
-     *  /badge/update/name
-     *  /badge/update/permissions
-     */
+pub async fn update_perms(p: &Pool, response: &mut Response<Body>, params: HashMap<String, String>) {
+    let id = qs_param!(params, "badge_id",  u64);
+    let perms = qs_param!(params, "perms", u64);
+    if let (Some(id), Some(perms)) = (id, perms) {
+        match db::badges::update_perms(p, id, perms).await {
+            // TODO: add rtc update here
+            Ok(true) => {
+                #[cfg(feature = "rtc")]
+                {
+                    let payload = json!({ "id": id, "perms": perms});
+                    set_json_body(response, json!({"badge-update": payload}));
+                }
+            },
+            Ok(false) => {
+                *response.status_mut() = StatusCode::NOT_FOUND;
+            },
+            Err(e) => {
+                eprintln!("[HTTP][ERROR] /badge/update/perms {}", e);
+                *response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR;
+            }
+        }
+    } else {
+        *response.status_mut() = StatusCode::BAD_REQUEST;
+    }
 }

+pub async fn update_color(p: &Pool, response: &mut Response<Body>, params: HashMap<String, String>) {
+    let id = qs_param!(params, "badge_id", u64);
+    let color = qs_param!(params, "badge_color", u32);
+
+    if let (Some(id), Some(color)) = (id, color) {
+        match db::badges::update_color(p, id, color).await {
+            Ok(true) => {
+                // NOTE: this response iss more meant for rtc as the non-rtc mode
+                // isn't supposed respond with anything in particular
+                // TODO: rtc update here
+                #[cfg(feature = "rtc")]
+                {
+                    let payload = json!({"id": id, "color": color});
+                    set_json_body(response, json!({"badge-update": payload}));
+                }
+            },
+            Ok(false) => {
+                *response.status_mut() = StatusCode::NOT_FOUND;
+            },
+            Err(e) => {
+                eprintln!("[HTTP][ERROR] /badge/update/color {}", e);
+                *response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR;
+            }
+        }
+    } else {
+        *response.status_mut() = StatusCode::BAD_REQUEST;
+    }
+}
+
+pub async fn update_name(p: &Pool, response: &mut Response<Body>, params: HashMap<String, String>) {
+    let id = qs_param!(params, "badge_id", u64);
+    let name = qs_param!(params, "badge_name", String);
+
+    if let (Some(id), Some(name)) = (id, name) {
+        match db::badges::update_name(p, id, &name).await {
+            Ok(true) => {
+                #[cfg(feature = "rtc")]
+                {
+                    let  payload = json!({"id": id, "name": name});
+                    set_json_body(response, json!({"badge-update": payload}));
+                }
+            },
+            Ok(false) => {},
+            Err(e) => {
+                eprintln!("[HTTP][ERROR] /badges/update/name {}", e);
+                *response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR;
+            }
+        }
+    } else {
+        *response.status_mut() = StatusCode::BAD_REQUEST;
+    }
+}
+
+
 pub async fn delete(p: &Pool, response: &mut Response<Body>, params: HashMap<String, String>) {
    if let Some(id) = qs_param!(params, "badge_id", u64) {
        match db::badges::delete(p, id).await {
--- a/json-api/src/perms.rs
+++ b/json-api/src/perms.rs
@ -14,6 +14,7 @@ pub const _ADMIN: u64 = 1 << 62; // can make other admins but can't really touch
 pub const CREATE_CHANNEL:u64 = 64;
 pub const DELETE_CHANNEL:u64 = 128;
 pub const ADD_NEIGHBOR:u64 = 256;
+pub const MOD_BADGE:u64 = 512;

 // BELOW ARE COLLECTIVE PERMISSION SETS
 pub const OWNER: u64 = std::u64::MAX;
@ -26,6 +27,7 @@ pub fn get_perm_mask(path: &str) -> Option<u64> {
        INVITE_CREATE,
        CHANNELS_LIST, CHANNELS_CREATE, CHANNELS_DELETE,
        MESSAGE_SEND,
+        NEW_BADGE, DELETE_BADGE, UPDATE_COLOR_BADGE, UPDATE_PERMS_BADGE, UPDATE_NAME_BADGE
    };
    match path {
        INVITE_CREATE => Some(CREATE_TMP_INVITES),
@ -37,6 +39,9 @@ pub fn get_perm_mask(path: &str) -> Option<u64> {

        MESSAGE_SEND => Some(SEND_MESSAGES),

+        NEW_BADGE|DELETE_BADGE|UPDATE_COLOR_BADGE|UPDATE_NAME_BADGE|UPDATE_PERMS_BADGE =>
+            Some(MOD_BADGE),
+
        routes::ADD_NEIGHBOR => Some(ADD_NEIGHBOR),
        _ => Some(0)
    }