Shorter check for claimed user

author: Santo Cariotti <santo@dcariotti.me> 2022-09-25 13:47:57 +0000
committer: Santo Cariotti <santo@dcariotti.me> 2022-09-25 13:48:57 +0000
commit: 42055921eecc62d31fa6117b2b192941bcd3896e (patch)
tree: 6b6bd8eb5647e31e3a781f099596c22780731412 /src/routes
parent: 3a14419097ed710fb8b062d20078523c03b5b428 (diff)
1 files changed, 21 insertions, 21 deletions
diff --git a/src/routes/user.rs b/src/routes/user.rs
index 5dc2c37..efa6dd5 100644
--- a/src/routes/user.rs
+++ b/src/routes/user.rs
@@ -117,31 +117,31 @@ async fn edit_user(
         }
     };
 
-    let claimed = match User::find_by_id(claims.user_id).await {
-        Ok(user) => user,
-        Err(_) => {
-            return Err(AppError::NotFound("User not found".to_string()));
-        }
-    };
-
-    if !(claimed.id == user.id || claimed.is_staff.unwrap()) {
-        return Err(AppError::Unauthorized);
+    // If the user of the access token is different than the user they want to edit, checks if the
+    // first user is an admin
+    if claims.user_id != user.id {
+        match User::find_by_id(claims.user_id).await {
+            Ok(user) => {
+                if !(user.is_staff.unwrap()) {
+                    return Err(AppError::Unauthorized);
+                }
+            }
+            Err(_) => {
+                return Err(AppError::NotFound("User not found".to_string()));
+            }
+        };
     }
 
-    if user.email != payload.email {
-        if User::email_has_taken(&payload.email).await? {
-            return Err(AppError::BadRequest(
-                "An user with this email already exists".to_string(),
-            ));
-        }
+    if user.email != payload.email && User::email_has_taken(&payload.email).await? {
+        return Err(AppError::BadRequest(
+            "An user with this email already exists".to_string(),
+        ));
     }
 
-    if user.username != payload.username {
-        if User::username_has_taken(&payload.username).await? {
-            return Err(AppError::BadRequest(
-                "An user with this username already exists".to_string(),
-            ));
-        }
+    if user.username != payload.username && User::username_has_taken(&payload.username).await? {
+        return Err(AppError::BadRequest(
+            "An user with this username already exists".to_string(),
+        ));
     }
 
     user.edit(payload).await?;
author	Santo Cariotti <santo@dcariotti.me>	2022-09-25 13:47:57 +0000
committer	Santo Cariotti <santo@dcariotti.me>	2022-09-25 13:48:57 +0000
commit	42055921eecc62d31fa6117b2b192941bcd3896e (patch)
tree	6b6bd8eb5647e31e3a781f099596c22780731412 /src/routes
parent	3a14419097ed710fb8b062d20078523c03b5b428 (diff)