use crate::{ dates::GraphQLDate, graphql::types::{ alert, jwt::{self, Authentication}, position, user::find_user, }, state::AppState, }; use async_graphql::{Context, Error, FieldResult, Object}; use chrono::Utc; /// Mutation struct pub struct Mutation; #[Object] impl Mutation { /// Make GraphQL login async fn login<'ctx>( &self, ctx: &Context<'ctx>, input: jwt::LoginCredentials, ) -> FieldResult { let state = ctx.data::().expect("Can't connect to db"); let client = &*state.client; let password = sha256::digest(input.password); let rows = client .query( "SELECT id FROM users WHERE email = $1 AND password = $2", &[&input.email, &password], ) .await .unwrap(); let id: Vec = rows.iter().map(|row| row.get(0)).collect(); if id.len() == 1 { // Create a new claim using the found ID let claims = jwt::Claims::new(id[0]); let token = claims.get_token().unwrap(); Ok(jwt::AuthBody::new(token)) } else { Err(Error::new("Invalid email or password")) } } /// Make GraphQL request to create new position to track async fn new_position<'ctx>( &self, ctx: &Context<'ctx>, input: position::PositionInput, ) -> FieldResult { let state = ctx.data::().expect("Can't connect to db"); let client = &*state.client; let auth: &Authentication = ctx.data().unwrap(); match auth { Authentication::NotLogged => Err(Error::new("Can't find the owner")), Authentication::Logged(claims) => { let rows = client .query( "INSERT INTO positions (user_id, location, activity) VALUES ( $1, ST_SetSRID(ST_MakePoint($2, $3), 4326), $4 ) RETURNING id, user_id, created_at, ST_Y(location::geometry) AS latitude, ST_X(location::geometry) AS longitude, activity ", &[ &claims.user_id, &input.longitude, &input.latitude, &input.moving_activity, ], ) .await .unwrap(); let positions: Vec = rows .iter() .map(|row| position::Position { id: row.get("id"), user_id: row.get("user_id"), created_at: GraphQLDate(Utc::now()), latitude: row.get("latitude"), longitude: row.get("longitude"), moving_activity: row.get("activity"), }) .collect(); Ok(positions[0].clone()) } } } /// Make GraphQL request to create new alert. Only for admins. async fn new_alert<'ctx>( &self, ctx: &Context<'ctx>, input: alert::AlertInput, ) -> FieldResult { let state = ctx.data::().expect("Can't connect to db"); let client = &*state.client; let auth: &Authentication = ctx.data().unwrap(); match auth { Authentication::NotLogged => Err(Error::new("Can't find the owner")), Authentication::Logged(claims) => { let claim_user = find_user(client, claims.user_id) .await .expect("Should not be here"); if !claim_user.is_admin { return Err(Error::new("Unauthorized")); } let points: String = input .points .iter() .map(|x| { format!( "ST_SetSRID(ST_MakePoint({}, {}), 4326)", x.longitude, x.latitude ) }) .collect::>() .join(","); let polygon = format!( "ST_MakePolygon( ST_MakeLine( ARRAY[{}] ) )", points ); match client .query(&format!("SELECT ST_IsValid({}) as is_valid", polygon), &[]) .await { Ok(rows) => { let valids: Vec = rows .iter() .map(|row| alert::PolygonValid { is_valid: row.get("is_valid"), }) .collect(); if valids[0].is_valid == false { return Err(Error::new("Polygon is not valid")); } } Err(e) => return Err(e.into()), }; let query = format!("INSERT INTO alerts (user_id, area, level) VALUES($1, {}, $2) RETURNING id, user_id, created_at, ST_AsText(area) as area, level, reached_users ", polygon); match client.query(&query, &[&claims.user_id, &input.level]).await { Ok(rows) => { let alerts: Vec = rows .iter() .map(|row| alert::Alert { id: row.get("id"), user_id: row.get("user_id"), created_at: GraphQLDate(Utc::now()), area: row.get("area"), level: row.get("level"), reached_users: row.get("reached_users"), }) .collect(); // TODO: Send notifications Ok(alerts[0].clone()) } Err(e) => Err(e.into()), } } } } }