diff --git a/json-api/src/badges.rs b/json-api/src/badges.rs index 81bafed..e93f335 100644 --- a/json-api/src/badges.rs +++ b/json-api/src/badges.rs @@ -32,17 +32,86 @@ pub async fn new(p: &Pool, response: &mut Response, params: HashMap, _params: HashMap) { - /* TODO: - * This handler could actually benefit from being split into multiple handlers - * Concern: Permissions handling with is route could get ugly when handling updates to the - * permissions flag in each badge which is why we may want a - * /badge/update/color - * /badge/update/name - * /badge/update/permissions - */ +pub async fn update_perms(p: &Pool, response: &mut Response, params: HashMap) { + let id = qs_param!(params, "badge_id", u64); + let perms = qs_param!(params, "perms", u64); + if let (Some(id), Some(perms)) = (id, perms) { + match db::badges::update_perms(p, id, perms).await { + // TODO: add rtc update here + Ok(true) => { + #[cfg(feature = "rtc")] + { + let payload = json!({ "id": id, "perms": perms}); + set_json_body(response, json!({"badge-update": payload})); + } + }, + Ok(false) => { + *response.status_mut() = StatusCode::NOT_FOUND; + }, + Err(e) => { + eprintln!("[HTTP][ERROR] /badge/update/perms {}", e); + *response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR; + } + } + } else { + *response.status_mut() = StatusCode::BAD_REQUEST; + } } +pub async fn update_color(p: &Pool, response: &mut Response, params: HashMap) { + let id = qs_param!(params, "badge_id", u64); + let color = qs_param!(params, "badge_color", u32); + + if let (Some(id), Some(color)) = (id, color) { + match db::badges::update_color(p, id, color).await { + Ok(true) => { + // NOTE: this response iss more meant for rtc as the non-rtc mode + // isn't supposed respond with anything in particular + // TODO: rtc update here + #[cfg(feature = "rtc")] + { + let payload = json!({"id": id, "color": color}); + set_json_body(response, json!({"badge-update": payload})); + } + }, + Ok(false) => { + *response.status_mut() = StatusCode::NOT_FOUND; + }, + Err(e) => { + eprintln!("[HTTP][ERROR] /badge/update/color {}", e); + *response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR; + } + } + } else { + *response.status_mut() = StatusCode::BAD_REQUEST; + } +} + +pub async fn update_name(p: &Pool, response: &mut Response, params: HashMap) { + let id = qs_param!(params, "badge_id", u64); + let name = qs_param!(params, "badge_name", String); + + if let (Some(id), Some(name)) = (id, name) { + match db::badges::update_name(p, id, &name).await { + Ok(true) => { + #[cfg(feature = "rtc")] + { + let payload = json!({"id": id, "name": name}); + set_json_body(response, json!({"badge-update": payload})); + } + }, + Ok(false) => {}, + Err(e) => { + eprintln!("[HTTP][ERROR] /badges/update/name {}", e); + *response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR; + } + } + } else { + *response.status_mut() = StatusCode::BAD_REQUEST; + } +} + + pub async fn delete(p: &Pool, response: &mut Response, params: HashMap) { if let Some(id) = qs_param!(params, "badge_id", u64) { match db::badges::delete(p, id).await { diff --git a/json-api/src/perms.rs b/json-api/src/perms.rs index ea98e12..d0f3d3c 100644 --- a/json-api/src/perms.rs +++ b/json-api/src/perms.rs @@ -14,6 +14,7 @@ pub const _ADMIN: u64 = 1 << 62; // can make other admins but can't really touch pub const CREATE_CHANNEL:u64 = 64; pub const DELETE_CHANNEL:u64 = 128; pub const ADD_NEIGHBOR:u64 = 256; +pub const MOD_BADGE:u64 = 512; // BELOW ARE COLLECTIVE PERMISSION SETS pub const OWNER: u64 = std::u64::MAX; @@ -26,6 +27,7 @@ pub fn get_perm_mask(path: &str) -> Option { INVITE_CREATE, CHANNELS_LIST, CHANNELS_CREATE, CHANNELS_DELETE, MESSAGE_SEND, + NEW_BADGE, DELETE_BADGE, UPDATE_COLOR_BADGE, UPDATE_PERMS_BADGE, UPDATE_NAME_BADGE }; match path { INVITE_CREATE => Some(CREATE_TMP_INVITES), @@ -37,6 +39,9 @@ pub fn get_perm_mask(path: &str) -> Option { MESSAGE_SEND => Some(SEND_MESSAGES), + NEW_BADGE|DELETE_BADGE|UPDATE_COLOR_BADGE|UPDATE_NAME_BADGE|UPDATE_PERMS_BADGE => + Some(MOD_BADGE), + routes::ADD_NEIGHBOR => Some(ADD_NEIGHBOR), _ => Some(0) }