From eb40fab2c1df7867bcc25f4b5d5f141b258f2654 Mon Sep 17 00:00:00 2001 From: Santo Cariotti Date: Sun, 16 Oct 2022 18:32:55 +0200 Subject: Remove warnings --- src/models/warning.rs | 16 ++++++++++++++++ src/routes/warning.rs | 21 ++++++++++++++++++++- 2 files changed, 36 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/models/warning.rs b/src/models/warning.rs index 59fb99e..c420dd0 100644 --- a/src/models/warning.rs +++ b/src/models/warning.rs @@ -93,6 +93,22 @@ impl Warning { } } + /// Delete a report + pub async fn delete(warning_id: i32) -> Result<(), AppError> { + let pool = unsafe { get_client() }; + + sqlx::query( + r#" + DELETE FROM warnings WHERE id = $1 + "#, + ) + .bind(warning_id) + .execute(pool) + .await?; + + Ok(()) + } + /// List all warnings. A staffer can see all the warnings, a user cannot pub async fn list(page: i64, user_id: Option) -> Result, AppError> { let pool = unsafe { get_client() }; diff --git a/src/routes/warning.rs b/src/routes/warning.rs index 42b750b..f33b339 100644 --- a/src/routes/warning.rs +++ b/src/routes/warning.rs @@ -11,6 +11,7 @@ use crate::{ }; use axum::{ extract::{Path, Query}, + http::StatusCode, routing::{get, post, put}, Json, Router, }; @@ -19,7 +20,7 @@ use axum::{ pub fn create_route() -> Router { Router::new() .route("/", get(list_warnings).post(create_warning)) - .route("/:id", put(edit_warning)) + .route("/:id", put(edit_warning).delete(delete_warning)) .route("/filter", post(filter_warnings)) } @@ -87,6 +88,24 @@ async fn edit_warning( Ok(Json(warning)) } +/// A staffer can delete a warning +async fn delete_warning( + claims: Claims, + Path(warning_id): Path, +) -> Result { + let user = User::find_by_id(claims.user_id).await?; + + if !user.is_staff.unwrap() { + return Err(AppError::Unauthorized); + } + + if Warning::delete(warning_id).await.is_ok() { + Ok(StatusCode::NO_CONTENT) + } else { + Ok(StatusCode::BAD_REQUEST) + } +} + /// Apply a filter to warnings list async fn filter_warnings( Json(payload): Json, -- cgit v1.2.3-71-g8e6c