ComputerSurge/komodo
3
0
Fork 0
forked from github-starred/komodo
Code Pull Requests 1 Actions Packages Releases Activity

move permissions admin check to early return

Browse Source
This commit is contained in:
beckerinj
2022-11-24 13:00:15 -08:00
parent 9c5d2da199
commit 47717760b2
1 changed files with 74 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

149
core/src/api/permissions.rs
View File

@@ -31,81 +31,80 @@ async fn update_permissions(
Extension(user): RequestUserExtension,
Json(update): Json<PermissionsUpdate>,
) -> anyhow::Result<()> {
if user.is_admin {
let target_user = db
.users
.find_one_by_id(&update.user_id)
.await
.context("failed at find target user query")?
.ok_or(anyhow!("failed to find a user with id {}", update.user_id))?;
if !target_user.enabled {
return Err(anyhow!("target user not enabled"));
}
match update.target_type {
PermissionsTarget::Server => {
let server = db
.servers
.find_one_by_id(&update.target_id)
.await
.context("failed at find server query")?
.ok_or(anyhow!(
"failed to find a server with id {}",
update.target_id
))?;
db.servers
.update_one::<Server>(
&update.target_id,
Update::Set(doc! {
format!("permissions.{}", update.user_id): update.permission.to_string()
}),
)
.await?;
Ok(())
}
PermissionsTarget::Deployment => {
let deployment = db
.deployments
.find_one_by_id(&update.target_id)
.await
.context("failed at find deployment query")?
.ok_or(anyhow!(
"failed to find a deployment with id {}",
update.target_id
))?;
db.deployments
.update_one::<Deployment>(
&update.target_id,
Update::Set(doc! {
format!("permissions.{}", update.user_id): update.permission.to_string()
}),
)
.await?;
Ok(())
}
PermissionsTarget::Build => {
let build = db
.builds
.find_one_by_id(&update.target_id)
.await
.context("failed at find build query")?
.ok_or(anyhow!(
"failed to find a build with id {}",
update.target_id
))?;
db.builds
.update_one::<Build>(
&update.target_id,
Update::Set(doc! {
format!("permissions.{}", update.user_id): update.permission.to_string()
}),
)
.await?;
Ok(())
}
}
} else {
Err(anyhow!(
if !user.is_admin {
return Err(anyhow!(
"user not authorized for this action (is not admin)"
))
));
}
let target_user = db
.users
.find_one_by_id(&update.user_id)
.await
.context("failed at find target user query")?
.ok_or(anyhow!("failed to find a user with id {}", update.user_id))?;
if !target_user.enabled {
return Err(anyhow!("target user not enabled"));
}
match update.target_type {
PermissionsTarget::Server => {
let server = db
.servers
.find_one_by_id(&update.target_id)
.await
.context("failed at find server query")?
.ok_or(anyhow!(
"failed to find a server with id {}",
update.target_id
))?;
db.servers
.update_one::<Server>(
&update.target_id,
Update::Set(doc! {
format!("permissions.{}", update.user_id): update.permission.to_string()
}),
)
.await?;
Ok(())
}
PermissionsTarget::Deployment => {
let deployment = db
.deployments
.find_one_by_id(&update.target_id)
.await
.context("failed at find deployment query")?
.ok_or(anyhow!(
"failed to find a deployment with id {}",
update.target_id
))?;
db.deployments
.update_one::<Deployment>(
&update.target_id,
Update::Set(doc! {
format!("permissions.{}", update.user_id): update.permission.to_string()
}),
)
.await?;
Ok(())
}
PermissionsTarget::Build => {
let build = db
.builds
.find_one_by_id(&update.target_id)
.await
.context("failed at find build query")?
.ok_or(anyhow!(
"failed to find a build with id {}",
update.target_id
))?;
db.builds
.update_one::<Build>(
&update.target_id,
Update::Set(doc! {
format!("permissions.{}", update.user_id): update.permission.to_string()
}),
)
.await?;
Ok(())
}
}
}