diff options
| author | Santo Cariotti <santo@dcariotti.me> | 2024-09-07 12:13:12 +0200 |
|---|---|---|
| committer | Santo Cariotti <santo@dcariotti.me> | 2024-09-07 12:13:12 +0200 |
| commit | 2c0c99ce01a69c8a5ec14eab737d7858cf11dcb1 (patch) | |
| tree | 00803615c8eb6a3cde0ba5bce197032843502228 /src | |
| parent | a434be7b14daee8505e45068db7413d7a8886cd8 (diff) | |
Use submodules mutations and query for types
Diffstat (limited to 'src')
| -rw-r--r-- | src/graphql/mutation.rs | 241 | ||||
| -rw-r--r-- | src/graphql/query.rs | 12 | ||||
| -rw-r--r-- | src/graphql/types/alert.rs | 252 | ||||
| -rw-r--r-- | src/graphql/types/jwt.rs | 36 | ||||
| -rw-r--r-- | src/graphql/types/notification.rs | 106 | ||||
| -rw-r--r-- | src/graphql/types/position.rs | 239 | ||||
| -rw-r--r-- | src/graphql/types/user.rs | 251 |
7 files changed, 599 insertions, 538 deletions
diff --git a/src/graphql/mutation.rs b/src/graphql/mutation.rs index 6e0a265..cef4b22 100644 --- a/src/graphql/mutation.rs +++ b/src/graphql/mutation.rs @@ -1,14 +1,10 @@ -use crate::{ - expo, - graphql::types::{ - alert, - jwt::{self, Authentication}, - notification, position, - user::{self, find_user}, - }, - state::AppState, +use crate::graphql::types::{ + alert, + jwt::{self}, + position, + user::{self}, }; -use async_graphql::{Context, Error, FieldResult, Object}; +use async_graphql::{Context,FieldResult, Object}; /// Mutation struct pub struct Mutation; @@ -36,27 +32,7 @@ impl Mutation { ctx: &Context<'ctx>, input: jwt::LoginCredentials, ) -> FieldResult<jwt::AuthBody> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - - let password = sha256::digest(input.password); - let rows = client - .query( - "SELECT id FROM users WHERE email = $1 AND password = $2", - &[&input.email, &password], - ) - .await - .unwrap(); - - let id: Vec<i32> = rows.iter().map(|row| row.get(0)).collect(); - if id.len() == 1 { - // Create a new claim using the found ID - let claims = jwt::Claims::new(id[0]); - let token = claims.get_token().unwrap(); - Ok(jwt::AuthBody::new(token, id[0])) - } else { - Err(Error::new("Invalid email or password")) - } + jwt::mutations::login(ctx, input).await } /// Make GraphQL call to register a notification device token for the user. @@ -79,28 +55,7 @@ impl Mutation { ctx: &Context<'ctx>, input: user::RegisterNotificationToken, ) -> FieldResult<user::User> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - - let auth: &Authentication = ctx.data().unwrap(); - match auth { - Authentication::NotLogged => Err(Error::new("Can't find the owner")), - Authentication::Logged(claims) => { - let user = find_user(client, claims.user_id) - .await - .expect("Should not be here"); - - client - .query( - "UPDATE users SET notification_token = $1 WHERE id = $2", - &[&input.token, &claims.user_id], - ) - .await - .unwrap(); - - Ok(user) - } - } + user::mutations::register_device(ctx, input).await } /// Make GraphQL request to create new position to track @@ -126,48 +81,7 @@ impl Mutation { ctx: &Context<'ctx>, input: position::PositionInput, ) -> FieldResult<position::Position> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - - let auth: &Authentication = ctx.data().unwrap(); - match auth { - Authentication::NotLogged => Err(Error::new("Can't find the owner")), - Authentication::Logged(claims) => { - let rows = client - .query( - "INSERT INTO positions (user_id, location, activity) - VALUES ( - $1, - ST_SetSRID(ST_MakePoint($2, $3), 4326), - $4 - ) - RETURNING id, user_id, extract(epoch from created_at)::double precision as created_at, ST_Y(location::geometry) AS latitude, ST_X(location::geometry) AS longitude, activity - ", - &[ - &claims.user_id, - &input.longitude, - &input.latitude, - &input.moving_activity, - ], - ) - .await - .unwrap(); - - let positions: Vec<position::Position> = rows - .iter() - .map(|row| position::Position { - id: row.get("id"), - user_id: row.get("user_id"), - created_at: row.get::<_, f64>("created_at") as i64, - latitude: row.get("latitude"), - longitude: row.get("longitude"), - moving_activity: row.get("activity"), - }) - .collect(); - - Ok(positions[0].clone()) - } - } + position::mutations::new_position(ctx, input).await } /// Make GraphQL request to create new alert. Only for admins. @@ -197,141 +111,6 @@ impl Mutation { ctx: &Context<'ctx>, input: alert::AlertInput, ) -> FieldResult<alert::Alert> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - - let auth: &Authentication = ctx.data().unwrap(); - match auth { - Authentication::NotLogged => Err(Error::new("Can't find the owner")), - Authentication::Logged(claims) => { - let claim_user = find_user(client, claims.user_id).await.unwrap(); - if !claim_user.is_admin { - return Err(Error::new("Unauthorized")); - } - - let points: String = input - .points - .iter() - .map(|x| { - format!( - "ST_SetSRID(ST_MakePoint({}, {}), 4326)", - x.longitude, x.latitude - ) - }) - .collect::<Vec<String>>() - .join(","); - - let polygon = format!("ST_MakePolygon(ST_MakeLine(ARRAY[{}]))", points); - - let valid_query = format!("SELECT ST_IsValid({}) as is_valid", polygon); - let rows = client.query(&valid_query, &[]).await.unwrap(); - - let is_valid: bool = rows[0].get("is_valid"); - if !is_valid { - return Err(Error::new("Polygon is not valid")); - } - - let insert_query = format!( - "INSERT INTO alerts (user_id, area, level) - VALUES($1, {}, $2) - RETURNING id, user_id, extract(epoch from created_at)::double precision as created_at, ST_AsText(area) as area, - ST_AsText(ST_Buffer(area::geography, CASE WHEN level = 'One' THEN 0 WHEN level = 'Two' THEN 1000 WHEN level = 'Three' THEN 2000 ELSE 0 END)) as extended_area, level, reached_users", - polygon - ); - - let rows = client - .query(&insert_query, &[&claims.user_id, &input.level]) - .await - .unwrap(); - let mut alert = rows - .iter() - .map(|row| alert::Alert { - id: row.get("id"), - user_id: row.get("user_id"), - created_at: row.get::<_, f64>("created_at") as i64, - area: row.get("area"), - extended_area: row.get("extended_area"), - level: row.get("level"), - reached_users: row.get("reached_users"), - }) - .collect::<Vec<alert::Alert>>() - .first() - .cloned() - .ok_or_else(|| Error::new("Failed to create alert"))?; - - let distance: f64 = match alert.level { - alert::LevelAlert::One => 0.0, - alert::LevelAlert::Two => 1000.0, - alert::LevelAlert::Three => 2000.0, - }; - - let position_ids: Vec<i32> = client - .query( - " - SELECT id FROM positions - WHERE ST_DWithin( - location::geography, - (SELECT area::geography FROM alerts WHERE id = $1), - $2 - )", - &[&alert.id, &distance], - ) - .await - .unwrap() - .iter() - .map(|row| row.get(0)) - .collect(); - - let mut notification_ids = vec![]; - for id in &position_ids { - let notification = notification::Notification::insert_db(client, alert.id, *id) - .await - .unwrap(); - notification_ids.push(notification); - } - - alert.reached_users = notification_ids.len() as i32; - client - .query( - "UPDATE alerts SET reached_users = $1 WHERE id = $2", - &[&alert.reached_users, &alert.id], - ) - .await - .unwrap(); - - let placeholders: Vec<String> = (1..=position_ids.len()) - .map(|i| format!("${}", i)) - .collect(); - let query = format!( - "SELECT u.notification_token FROM positions p JOIN users u ON u.id = p.user_id - WHERE p.id IN ({}) AND notification_token IS NOT NULL", - placeholders.join(", ") - ); - - let tokens: Vec<String> = client - .query( - &query, - &position_ids - .iter() - .map(|id| id as &(dyn tokio_postgres::types::ToSql + Sync)) - .collect::<Vec<&(dyn tokio_postgres::types::ToSql + Sync)>>(), - ) - .await - .unwrap() - .iter() - .map(|row| format!("ExponentPushToken[{}]", row.get::<usize, String>(0))) - .collect(); - - expo::send( - tokens, - "New Alert!".to_string(), - "Keep an eye open".to_string(), - ) - .await - .unwrap(); - - Ok(alert) - } - } + alert::mutations::new_alert(ctx, input).await } } diff --git a/src/graphql/query.rs b/src/graphql/query.rs index 58685ed..e52bd2a 100644 --- a/src/graphql/query.rs +++ b/src/graphql/query.rs @@ -26,7 +26,7 @@ impl Query { #[graphql(desc = "Limit results")] limit: Option<i64>, #[graphql(desc = "Offset results")] offset: Option<i64>, ) -> Result<Option<Vec<user::User>>, String> { - user::get_users(ctx, limit, offset).await + user::query::get_users(ctx, limit, offset).await } /// Returns an user by ID. Admins can check everyone. @@ -43,7 +43,7 @@ impl Query { ctx: &Context<'ctx>, #[graphql(desc = "User to find")] id: i32, ) -> Result<user::User, String> { - user::get_user_by_id(ctx, id).await + user::query::get_user_by_id(ctx, id).await } /// Returns all the positions @@ -62,7 +62,7 @@ impl Query { #[graphql(desc = "Limit results")] limit: Option<i64>, #[graphql(desc = "Offset results")] offset: Option<i64>, ) -> Result<Option<Vec<position::Position>>, String> { - position::get_positions(ctx, user_id, limit, offset).await + position::query::get_positions(ctx, user_id, limit, offset).await } /// Returns all the last positions for each user. @@ -82,7 +82,7 @@ impl Query { position::MovingActivity, >, ) -> Result<Option<Vec<position::Position>>, String> { - position::last_positions(ctx, moving_activity).await + position::query::last_positions(ctx, moving_activity).await } /// Returns all the positions @@ -101,7 +101,7 @@ impl Query { #[graphql(desc = "Limit results")] limit: Option<i64>, #[graphql(desc = "Offset results")] offset: Option<i64>, ) -> Result<Option<Vec<alert::Alert>>, String> { - alert::get_alerts(ctx, id, limit, offset).await + alert::query::get_alerts(ctx, id, limit, offset).await } /// Returns all the notifications. They can be filtered by an alert id. @@ -123,6 +123,6 @@ impl Query { #[graphql(desc = "Limit results")] limit: Option<i64>, #[graphql(desc = "Offset results")] offset: Option<i64>, ) -> Result<Option<Vec<notification::Notification>>, String> { - notification::get_notifications(ctx, seen, alert_id, limit, offset).await + notification::query::get_notifications(ctx, seen, alert_id, limit, offset).await } } diff --git a/src/graphql/types/alert.rs b/src/graphql/types/alert.rs index ab82c2e..41ae4de 100644 --- a/src/graphql/types/alert.rs +++ b/src/graphql/types/alert.rs @@ -1,5 +1,9 @@ -use crate::{graphql::types::jwt::Authentication, state::AppState}; -use async_graphql::{Context, Enum, InputObject, SimpleObject}; +use crate::{ + expo, + graphql::types::{jwt::Authentication, notification::Notification, user::find_user}, + state::AppState, +}; +use async_graphql::{Context, Enum, FieldResult, InputObject, SimpleObject}; use serde::{Deserialize, Serialize}; use std::error::Error; use tokio_postgres::types::{to_sql_checked, FromSql, IsNull, ToSql, Type}; @@ -84,29 +88,32 @@ pub struct AlertInput { pub level: LevelAlert, } -/// Get alerts from the database -pub async fn get_alerts<'ctx>( - ctx: &Context<'ctx>, - - // Optional filter by id. - id: Option<i32>, - - // Optional limit results - limit: Option<i64>, - - // Optional offset results. It should be used with limit field. - offset: Option<i64>, -) -> Result<Option<Vec<Alert>>, String> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - let auth: &Authentication = ctx.data().unwrap(); - match auth { - Authentication::NotLogged => Err("Unauthorized".to_string()), - Authentication::Logged(_) => { - let rows = match id { - Some(id) => client - .query( - "SELECT id, +pub mod query { + use super::*; + + /// Get alerts from the database + pub async fn get_alerts<'ctx>( + ctx: &Context<'ctx>, + + // Optional filter by id. + id: Option<i32>, + + // Optional limit results + limit: Option<i64>, + + // Optional offset results. It should be used with limit field. + offset: Option<i64>, + ) -> Result<Option<Vec<Alert>>, String> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + let auth: &Authentication = ctx.data().unwrap(); + match auth { + Authentication::NotLogged => Err("Unauthorized".to_string()), + Authentication::Logged(_) => { + let rows = match id { + Some(id) => client + .query( + "SELECT id, user_id, extract(epoch from created_at)::double precision as created_at, ST_AsText(area) as area, @@ -125,13 +132,13 @@ pub async fn get_alerts<'ctx>( reached_users FROM alerts WHERE id = $1", - &[&id], - ) - .await - .unwrap(), - None => client - .query( - "SELECT id, + &[&id], + ) + .await + .unwrap(), + None => client + .query( + "SELECT id, user_id, extract(epoch from created_at)::double precision as created_at, ST_AsText(area) as area, @@ -152,26 +159,171 @@ pub async fn get_alerts<'ctx>( ORDER BY id DESC LIMIT $1 OFFSET $2", - &[&limit.unwrap_or(20), &offset.unwrap_or(0)], + &[&limit.unwrap_or(20), &offset.unwrap_or(0)], + ) + .await + .unwrap(), + }; + + let alerts: Vec<Alert> = rows + .iter() + .map(|row| Alert { + id: row.get("id"), + user_id: row.get("user_id"), + created_at: row.get::<_, f64>("created_at") as i64, + area: row.get("area"), + extended_area: row.get("extended_area"), + level: row.get("level"), + reached_users: row.get("reached_users"), + }) + .collect(); + + Ok(Some(alerts)) + } + } + } +} + +pub mod mutations { + use super::*; + + /// Create a new alert + pub async fn new_alert<'ctx>(ctx: &Context<'ctx>, input: AlertInput) -> FieldResult<Alert> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + + let auth: &Authentication = ctx.data().unwrap(); + match auth { + Authentication::NotLogged => Err(async_graphql::Error::new("Can't find the owner")), + Authentication::Logged(claims) => { + let claim_user = find_user(client, claims.user_id).await.unwrap(); + if !claim_user.is_admin { + return Err(async_graphql::Error::new("Unauthorized")); + } + + let points: String = input + .points + .iter() + .map(|x| { + format!( + "ST_SetSRID(ST_MakePoint({}, {}), 4326)", + x.longitude, x.latitude + ) + }) + .collect::<Vec<String>>() + .join(","); + + let polygon = format!("ST_MakePolygon(ST_MakeLine(ARRAY[{}]))", points); + + let valid_query = format!("SELECT ST_IsValid({}) as is_valid", polygon); + let rows = client.query(&valid_query, &[]).await.unwrap(); + + let is_valid: bool = rows[0].get("is_valid"); + if !is_valid { + return Err(async_graphql::Error::new("Polygon is not valid")); + } + + let insert_query = format!( + "INSERT INTO alerts (user_id, area, level) + VALUES($1, {}, $2) + RETURNING id, user_id, extract(epoch from created_at)::double precision as created_at, ST_AsText(area) as area, + ST_AsText(ST_Buffer(area::geography, CASE WHEN level = 'One' THEN 0 WHEN level = 'Two' THEN 1000 WHEN level = 'Three' THEN 2000 ELSE 0 END)) as extended_area, level, reached_users", + polygon + ); + + let rows = client + .query(&insert_query, &[&claims.user_id, &input.level]) + .await + .unwrap(); + let mut alert = rows + .iter() + .map(|row| Alert { + id: row.get("id"), + user_id: row.get("user_id"), + created_at: row.get::<_, f64>("created_at") as i64, + area: row.get("area"), + extended_area: row.get("extended_area"), + level: row.get("level"), + reached_users: row.get("reached_users"), + }) + .collect::<Vec<Alert>>() + .first() + .cloned() + .ok_or_else(|| async_graphql::Error::new("Failed to create alert"))?; + + let distance: f64 = match alert.level { + LevelAlert::One => 0.0, + LevelAlert::Two => 1000.0, + LevelAlert::Three => 2000.0, + }; + + let position_ids: Vec<i32> = client + .query( + " + SELECT id FROM positions + WHERE ST_DWithin( + location::geography, + (SELECT area::geography FROM alerts WHERE id = $1), + $2 + )", + &[&alert.id, &distance], ) .await - .unwrap(), - }; - - let alerts: Vec<Alert> = rows - .iter() - .map(|row| Alert { - id: row.get("id"), - user_id: row.get("user_id"), - created_at: row.get::<_, f64>("created_at") as i64, - area: row.get("area"), - extended_area: row.get("extended_area"), - level: row.get("level"), - reached_users: row.get("reached_users"), - }) - .collect(); - - Ok(Some(alerts)) + .unwrap() + .iter() + .map(|row| row.get(0)) + .collect(); + + let mut notification_ids = vec![]; + for id in &position_ids { + let notification = Notification::insert_db(client, alert.id, *id) + .await + .unwrap(); + notification_ids.push(notification); + } + + alert.reached_users = notification_ids.len() as i32; + client + .query( + "UPDATE alerts SET reached_users = $1 WHERE id = $2", + &[&alert.reached_users, &alert.id], + ) + .await + .unwrap(); + + let placeholders: Vec<String> = (1..=position_ids.len()) + .map(|i| format!("${}", i)) + .collect(); + let query = format!( + "SELECT u.notification_token FROM positions p JOIN users u ON u.id = p.user_id + WHERE p.id IN ({}) AND notification_token IS NOT NULL", + placeholders.join(", ") + ); + + let tokens: Vec<String> = client + .query( + &query, + &position_ids + .iter() + .map(|id| id as &(dyn tokio_postgres::types::ToSql + Sync)) + .collect::<Vec<&(dyn tokio_postgres::types::ToSql + Sync)>>(), + ) + .await + .unwrap() + .iter() + .map(|row| format!("ExponentPushToken[{}]", row.get::<usize, String>(0))) + .collect(); + + expo::send( + tokens, + "New Alert!".to_string(), + "Keep an eye open".to_string(), + ) + .await + .unwrap(); + + Ok(alert) + } } } } diff --git a/src/graphql/types/jwt.rs b/src/graphql/types/jwt.rs index d27c6c3..5656dc5 100644 --- a/src/graphql/types/jwt.rs +++ b/src/graphql/types/jwt.rs @@ -1,5 +1,5 @@ -use crate::errors::AppError; -use async_graphql::{InputObject, SimpleObject}; +use crate::{errors::AppError, state::AppState}; +use async_graphql::{Context, Error, FieldResult, InputObject, SimpleObject}; use axum::{async_trait, extract::FromRequestParts, http::request::Parts}; use axum_extra::{ headers::{authorization::Bearer, Authorization}, @@ -121,3 +121,35 @@ where } } } + +pub mod mutations { + use super::*; + + /// Login mutation + pub async fn login<'ctx>( + ctx: &Context<'ctx>, + input: LoginCredentials, + ) -> FieldResult<AuthBody> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + + let password = sha256::digest(input.password); + let rows = client + .query( + "SELECT id FROM users WHERE email = $1 AND password = $2", + &[&input.email, &password], + ) + .await + .unwrap(); + + let id: Vec<i32> = rows.iter().map(|row| row.get(0)).collect(); + if id.len() == 1 { + // Create a new claim using the found ID + let claims = Claims::new(id[0]); + let token = claims.get_token().unwrap(); + Ok(AuthBody::new(token, id[0])) + } else { + Err(Error::new("Invalid email or password")) + } + } +} diff --git a/src/graphql/types/notification.rs b/src/graphql/types/notification.rs index 6a14d71..0773876 100644 --- a/src/graphql/types/notification.rs +++ b/src/graphql/types/notification.rs @@ -44,36 +44,39 @@ impl Notification { } } -/// Get notifications from the database -pub async fn get_notifications<'ctx>( - ctx: &Context<'ctx>, +pub mod query { + use super::*; - // Filter for `seen` field - seen: bool, + /// Get notifications from the database + pub async fn get_notifications<'ctx>( + ctx: &Context<'ctx>, - // Optional filter by alert id - alert_id: Option<i32>, + // Filter for `seen` field + seen: bool, - // Optional limit results - limit: Option<i64>, + // Optional filter by alert id + alert_id: Option<i32>, - // Optional offset results. It should be used with limit field. - offset: Option<i64>, -) -> Result<Option<Vec<Notification>>, String> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - let auth: &Authentication = ctx.data().unwrap(); - match auth { - Authentication::NotLogged => Err("Unauthorized".to_string()), - Authentication::Logged(claims) => { - let claim_user = find_user(client, claims.user_id) - .await - .expect("Should not be here"); + // Optional limit results + limit: Option<i64>, - let limit = limit.unwrap_or(20); - let offset = offset.unwrap_or(0); + // Optional offset results. It should be used with limit field. + offset: Option<i64>, + ) -> Result<Option<Vec<Notification>>, String> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + let auth: &Authentication = ctx.data().unwrap(); + match auth { + Authentication::NotLogged => Err("Unauthorized".to_string()), + Authentication::Logged(claims) => { + let claim_user = find_user(client, claims.user_id) + .await + .expect("Should not be here"); + + let limit = limit.unwrap_or(20); + let offset = offset.unwrap_or(0); - let base_query = "SELECT n.id, + let base_query = "SELECT n.id, n.alert_id, n.position_id, n.seen, @@ -105,7 +108,7 @@ pub async fn get_notifications<'ctx>( JOIN alerts a ON n.alert_id = a.id JOIN positions p ON n.position_id = p.id".to_string(); - let rows = match alert_id { + let rows = match alert_id { Some(id) if claim_user.is_admin => client .query(&format!( @@ -136,33 +139,34 @@ pub async fn get_notifications<'ctx>( .unwrap(), }; - let notifications: Vec<Notification> = rows - .iter() - .map(|row| Notification { - id: row.get("id"), - alert: Alert { - id: row.get("alert_id"), - user_id: row.get("alert_user_id"), - created_at: row.get::<_, f64>("alert_created_at") as i64, - area: row.get("alert_area"), - extended_area: row.get("alert_extended_area"), - level: row.get("alert_level"), - reached_users: row.get("alert_reached_users"), - }, - position: Position { - id: row.get("position_id"), - user_id: row.get("position_user_id"), - created_at: row.get::<_, f64>("position_created_at") as i64, - latitude: row.get("position_latitude"), - longitude: row.get("position_longitude"), - moving_activity: row.get("position_activity"), - }, - seen: row.get("seen"), - created_at: row.get::<_, f64>("created_at") as i64, - }) - .collect(); + let notifications: Vec<Notification> = rows + .iter() + .map(|row| Notification { + id: row.get("id"), + alert: Alert { + id: row.get("alert_id"), + user_id: row.get("alert_user_id"), + created_at: row.get::<_, f64>("alert_created_at") as i64, + area: row.get("alert_area"), + extended_area: row.get("alert_extended_area"), + level: row.get("alert_level"), + reached_users: row.get("alert_reached_users"), + }, + position: Position { + id: row.get("position_id"), + user_id: row.get("position_user_id"), + created_at: row.get::<_, f64>("position_created_at") as i64, + latitude: row.get("position_latitude"), + longitude: row.get("position_longitude"), + moving_activity: row.get("position_activity"), + }, + seen: row.get("seen"), + created_at: row.get::<_, f64>("created_at") as i64, + }) + .collect(); - Ok(Some(notifications)) + Ok(Some(notifications)) + } } } } diff --git a/src/graphql/types/position.rs b/src/graphql/types/position.rs index dfa1830..4332a17 100644 --- a/src/graphql/types/position.rs +++ b/src/graphql/types/position.rs @@ -1,5 +1,5 @@ use crate::{graphql::types::jwt::Authentication, state::AppState}; -use async_graphql::{Context, Enum, InputObject, SimpleObject}; +use async_graphql::{Context, Enum,FieldResult, InputObject, SimpleObject}; use serde::{Deserialize, Serialize}; use std::error::Error; use tokio_postgres::types::{to_sql_checked, FromSql, IsNull, ToSql, Type}; @@ -85,35 +85,38 @@ pub struct PositionInput { pub moving_activity: MovingActivity, } -/// Get positions from the database -pub async fn get_positions<'ctx>( - ctx: &Context<'ctx>, - - // Optional filter by user id. If not defined returns only available positions: - // If claimed user is admin returns everything, otherwise only positions linked to that user. - user_id: Option<i32>, - - // Optional limit results - limit: Option<i64>, - - // Optional offset results. It should be used with limit field. - offset: Option<i64>, -) -> Result<Option<Vec<Position>>, String> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - let auth: &Authentication = ctx.data().unwrap(); - match auth { - Authentication::NotLogged => Err("Unauthorized".to_string()), - Authentication::Logged(claims) => { - let rows; - let claim_user = find_user(client, claims.user_id) - .await - .expect("Should not be here"); - - if claim_user.is_admin { - match user_id { - Some(id) => { - rows = client.query(" +pub mod query { + use super::*; + + /// Get positions from the database + pub async fn get_positions<'ctx>( + ctx: &Context<'ctx>, + + // Optional filter by user id. If not defined returns only available positions: + // If claimed user is admin returns everything, otherwise only positions linked to that user. + user_id: Option<i32>, + + // Optional limit results + limit: Option<i64>, + + // Optional offset results. It should be used with limit field. + offset: Option<i64>, + ) -> Result<Option<Vec<Position>>, String> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + let auth: &Authentication = ctx.data().unwrap(); + match auth { + Authentication::NotLogged => Err("Unauthorized".to_string()), + Authentication::Logged(claims) => { + let rows; + let claim_user = find_user(client, claims.user_id) + .await + .expect("Should not be here"); + + if claim_user.is_admin { + match user_id { + Some(id) => { + rows = client.query(" SELECT id, user_id, extract(epoch from created_at)::double precision as created_at, ST_Y(location::geometry) AS latitude, ST_X(location::geometry) AS longitude, activity FROM positions WHERE user_id = $1 @@ -121,19 +124,19 @@ pub async fn get_positions<'ctx>( LIMIT $2 OFFSET $3", &[&id, &limit.unwrap_or(20), &offset.unwrap_or(0)]).await.unwrap(); - } - None => { - rows = client.query(" + } + None => { + rows = client.query(" SELECT id, user_id, extract(epoch from created_at)::double precision as created_at, ST_Y(location::geometry) AS latitude, ST_X(location::geometry) AS longitude, activity FROM positions ORDER BY id DESC LIMIT $1 OFFSET $2", &[&limit.unwrap_or(20), &offset.unwrap_or(0)]).await.unwrap(); + } } - } - } else { - rows = client.query(" + } else { + rows = client.query(" SELECT id, user_id, extract(epoch from created_at)::double precision as created_at, ST_Y(location::geometry) AS latitude, ST_X(location::geometry) AS longitude, activity FROM positions WHERE user_id = $1 @@ -141,50 +144,50 @@ pub async fn get_positions<'ctx>( LIMIT $2 OFFSET $3", &[&claim_user.id, &limit.unwrap_or(20), &offset.unwrap_or(0)]).await.unwrap(); - } + } - let positions: Vec<Position> = rows - .iter() - .map(|row| Position { - id: row.get("id"), - user_id: row.get("user_id"), - created_at: row.get::<_, f64>("created_at") as i64, - latitude: row.get("latitude"), - longitude: row.get("longitude"), - moving_activity: row.get("activity"), - }) - .collect(); - - Ok(Some(positions)) + let positions: Vec<Position> = rows + .iter() + .map(|row| Position { + id: row.get("id"), + user_id: row.get("user_id"), + created_at: row.get::<_, f64>("created_at") as i64, + latitude: row.get("latitude"), + longitude: row.get("longitude"), + moving_activity: row.get("activity"), + }) + .collect(); + + Ok(Some(positions)) + } } } -} -/// Get last positions from the database for each user. -/// It is restricted to only admin users. -pub async fn last_positions<'ctx>( - ctx: &Context<'ctx>, - - // Optional filter by moving activity - moving_activity: Option<MovingActivity>, -) -> Result<Option<Vec<Position>>, String> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - let auth: &Authentication = ctx.data().unwrap(); - match auth { - Authentication::NotLogged => Err("Unauthorized".to_string()), - Authentication::Logged(claims) => { - let claim_user = find_user(client, claims.user_id) - .await - .expect("Should not be here"); - - if !claim_user.is_admin { - return Err("Unauthorized".to_string()); - } + /// Get last positions from the database for each user. + /// It is restricted to only admin users. + pub async fn last_positions<'ctx>( + ctx: &Context<'ctx>, + + // Optional filter by moving activity + moving_activity: Option<MovingActivity>, + ) -> Result<Option<Vec<Position>>, String> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + let auth: &Authentication = ctx.data().unwrap(); + match auth { + Authentication::NotLogged => Err("Unauthorized".to_string()), + Authentication::Logged(claims) => { + let claim_user = find_user(client, claims.user_id) + .await + .expect("Should not be here"); - let rows = client + if !claim_user.is_admin { + return Err("Unauthorized".to_string()); + } + + let rows = client .query( - "SELECT DISTINCT ON (user_id) + "SELECT DISTINCT ON (user_id) id, user_id, extract(epoch from created_at)::double precision as created_at, ST_Y(location::geometry) AS latitude, ST_X(location::geometry) AS longitude, activity FROM positions ORDER BY user_id, created_at DESC", &[], @@ -192,20 +195,74 @@ pub async fn last_positions<'ctx>( .await .unwrap(); - let positions: Vec<Position> = match moving_activity { - Some(activity) => rows - .iter() - .map(|row| Position { - id: row.get("id"), - user_id: row.get("user_id"), - created_at: row.get::<_, f64>("created_at") as i64, - latitude: row.get("latitude"), - longitude: row.get("longitude"), - moving_activity: row.get("activity"), - }) - .filter(|x| x.moving_activity == activity) - .collect(), - None => rows + let positions: Vec<Position> = match moving_activity { + Some(activity) => rows + .iter() + .map(|row| Position { + id: row.get("id"), + user_id: row.get("user_id"), + created_at: row.get::<_, f64>("created_at") as i64, + latitude: row.get("latitude"), + longitude: row.get("longitude"), + moving_activity: row.get("activity"), + }) + .filter(|x| x.moving_activity == activity) + .collect(), + None => rows + .iter() + .map(|row| Position { + id: row.get("id"), + user_id: row.get("user_id"), + created_at: row.get::<_, f64>("created_at") as i64, + latitude: row.get("latitude"), + longitude: row.get("longitude"), + moving_activity: row.get("activity"), + }) + .collect(), + }; + + Ok(Some(positions)) + } + } + } +} + +pub mod mutations { + use super::*; + + /// Create a new position for a logged user + pub async fn new_position<'ctx>( + ctx: &Context<'ctx>, + input: PositionInput, + ) -> FieldResult<Position> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + + let auth: &Authentication = ctx.data().unwrap(); + match auth { + Authentication::NotLogged => Err(async_graphql::Error::new("Can't find the owner")), + Authentication::Logged(claims) => { + let rows = client + .query( + "INSERT INTO positions (user_id, location, activity) + VALUES ( + $1, + ST_SetSRID(ST_MakePoint($2, $3), 4326), + $4 + ) + RETURNING id, user_id, extract(epoch from created_at)::double precision as created_at, ST_Y(location::geometry) AS latitude, ST_X(location::geometry) AS longitude, activity + ", + &[ + &claims.user_id, + &input.longitude, + &input.latitude, + &input.moving_activity, + ], + ) + .await + .unwrap(); + + let positions: Vec<Position> = rows .iter() .map(|row| Position { id: row.get("id"), @@ -215,10 +272,10 @@ pub async fn last_positions<'ctx>( longitude: row.get("longitude"), moving_activity: row.get("activity"), }) - .collect(), - }; + .collect(); - Ok(Some(positions)) + Ok(positions[0].clone()) + } } } } diff --git a/src/graphql/types/user.rs b/src/graphql/types/user.rs index 798fd8c..0e287ea 100644 --- a/src/graphql/types/user.rs +++ b/src/graphql/types/user.rs @@ -1,5 +1,5 @@ use crate::{errors::AppError, state::AppState}; -use async_graphql::{Context, InputObject, Object}; +use async_graphql::{Context, Error, FieldResult, InputObject, Object}; use serde::{Deserialize, Serialize}; use tokio_postgres::Client; @@ -53,112 +53,6 @@ pub struct RegisterNotificationToken { pub token: String, } -/// Get users from the database -pub async fn get_users<'ctx>( - ctx: &Context<'ctx>, - - // Optional limit results - limit: Option<i64>, - // Optional offset results. It should be used with limit field. - offset: Option<i64>, -) -> Result<Option<Vec<User>>, String> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - let auth: &Authentication = ctx.data().unwrap(); - match auth { - Authentication::NotLogged => Err("Unauthorized".to_string()), - Authentication::Logged(claims) => { - let claim_user = find_user(client, claims.user_id) - .await - .expect("Should not be here"); - - if !claim_user.is_admin { - return Err("Unauthorized".to_string()); - } - - let rows = client - .query( - "SELECT id, email, name, address, is_admin FROM users LIMIT $1 OFFSET $2", - &[&limit.unwrap_or(20), &offset.unwrap_or(0)], - ) - .await - .unwrap(); - - let users: Vec<User> = rows - .iter() - .map(|row| User { - id: row.get("id"), - email: row.get("email"), - password: String::new(), - name: row.get("name"), - address: row.get("address"), - notification_token: None, - is_admin: row.get("is_admin"), - }) - .collect(); - - Ok(Some(users)) - } - } -} - -/// Get users from the database -pub async fn get_user_by_id<'ctx>(ctx: &Context<'ctx>, id: i32) -> Result<User, String> { - let state = ctx.data::<AppState>().expect("Can't connect to db"); - let client = &*state.client; - let auth: &Authentication = ctx.data().unwrap(); - match auth { - Authentication::NotLogged => Err("Unauthorized".to_string()), - Authentication::Logged(claims) => { - let claim_user = find_user(client, claims.user_id) - .await - .expect("Should not be here"); - - let rows; - if claim_user.is_admin { - rows = client - .query( - "SELECT id, email, name, address, is_admin FROM users - WHERE id = $1", - &[&id], - ) - .await - .unwrap(); - } else if claims.user_id != id { - return Err("Unauthorized".to_string()); - } else { - rows = client - .query( - "SELECT id, email, name, address, is_admin FROM users - WHERE id = $1", - &[&claims.user_id], - ) - .await - .unwrap(); - } - - let users: Vec<User> = rows - .iter() - .map(|row| User { - id: row.get("id"), - email: row.get("email"), - password: String::new(), - name: row.get("name"), - address: row.get("address"), - notification_token: None, - is_admin: row.get("is_admin"), - }) - .collect(); - - if users.is_empty() { - return Err("Not found".to_string()); - } - - Ok(users[0].clone()) - } - } -} - /// Find an user with id = `id` using the PostgreSQL `client` pub async fn find_user(client: &Client, id: i32) -> Result<User, AppError> { let rows = client @@ -188,3 +82,146 @@ pub async fn find_user(client: &Client, id: i32) -> Result<User, AppError> { Err(AppError::NotFound("User".to_string())) } } + +pub mod query { + use super::*; + + /// Get users from the database + pub async fn get_users<'ctx>( + ctx: &Context<'ctx>, + + // Optional limit results + limit: Option<i64>, + // Optional offset results. It should be used with limit field. + offset: Option<i64>, + ) -> Result<Option<Vec<User>>, String> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + let auth: &Authentication = ctx.data().unwrap(); + match auth { + Authentication::NotLogged => Err("Unauthorized".to_string()), + Authentication::Logged(claims) => { + let claim_user = find_user(client, claims.user_id) + .await + .expect("Should not be here"); + + if !claim_user.is_admin { + return Err("Unauthorized".to_string()); + } + + let rows = client + .query( + "SELECT id, email, name, address, is_admin FROM users LIMIT $1 OFFSET $2", + &[&limit.unwrap_or(20), &offset.unwrap_or(0)], + ) + .await + .unwrap(); + + let users: Vec<User> = rows + .iter() + .map(|row| User { + id: row.get("id"), + email: row.get("email"), + password: String::new(), + name: row.get("name"), + address: row.get("address"), + notification_token: None, + is_admin: row.get("is_admin"), + }) + .collect(); + + Ok(Some(users)) + } + } + } + + /// Get users from the database + pub async fn get_user_by_id<'ctx>(ctx: &Context<'ctx>, id: i32) -> Result<User, String> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + let auth: &Authentication = ctx.data().unwrap(); + match auth { + Authentication::NotLogged => Err("Unauthorized".to_string()), + Authentication::Logged(claims) => { + let claim_user = find_user(client, claims.user_id) + .await + .expect("Should not be here"); + + let rows; + if claim_user.is_admin { + rows = client + .query( + "SELECT id, email, name, address, is_admin FROM users + WHERE id = $1", + &[&id], + ) + .await + .unwrap(); + } else if claims.user_id != id { + return Err("Unauthorized".to_string()); + } else { + rows = client + .query( + "SELECT id, email, name, address, is_admin FROM users + WHERE id = $1", + &[&claims.user_id], + ) + .await + .unwrap(); + } + + let users: Vec<User> = rows + .iter() + .map(|row| User { + id: row.get("id"), + email: row.get("email"), + password: String::new(), + name: row.get("name"), + address: row.get("address"), + notification_token: None, + is_admin: row.get("is_admin"), + }) + .collect(); + + if users.is_empty() { + return Err("Not found".to_string()); + } + + Ok(users[0].clone()) + } + } + } +} + +pub mod mutations { + use super::*; + + /// Register device mutation edits the `notification_token` value for a logged user + pub async fn register_device<'ctx>( + ctx: &Context<'ctx>, + input: RegisterNotificationToken, + ) -> FieldResult<User> { + let state = ctx.data::<AppState>().expect("Can't connect to db"); + let client = &*state.client; + + let auth: &Authentication = ctx.data().unwrap(); + match auth { + Authentication::NotLogged => Err(Error::new("Can't find the owner")), + Authentication::Logged(claims) => { + let user = find_user(client, claims.user_id) + .await + .expect("Should not be here"); + + client + .query( + "UPDATE users SET notification_token = $1 WHERE id = $2", + &[&input.token, &claims.user_id], + ) + .await + .unwrap(); + + Ok(user) + } + } + } +} |