delete roles

This commit is contained in:
c0repwn3r 2023-04-05 20:58:45 -04:00
parent 8bdcb5683e
commit 2279608f96
Signed by: core
GPG Key ID: FDBF740DADDCEECF
2 changed files with 101 additions and 1 deletions

View File

@ -92,6 +92,7 @@ async fn main() -> Result<(), Box<dyn Error>> {
.service(routes::v1::roles::create_role_request) .service(routes::v1::roles::create_role_request)
.service(routes::v1::roles::get_roles) .service(routes::v1::roles::get_roles)
.service(routes::v1::roles::get_role) .service(routes::v1::roles::get_role)
.service(routes::v1::roles::delete_role)
}).bind(CONFIG.server.bind)?.run().await?; }).bind(CONFIG.server.bind)?.run().await?;
Ok(()) Ok(())

View File

@ -25,6 +25,10 @@
//#GET /v1/roles/{role_id} t+parity:full t+type:documented t+status:done //#GET /v1/roles/{role_id} t+parity:full t+type:documented t+status:done
// This endpoint has full parity with the original API. It has been recreated from the original API documentation. // This endpoint has full parity with the original API. It has been recreated from the original API documentation.
// This endpoint is considered done. No major features should be added or removed, unless it fixes bugs. // This endpoint is considered done. No major features should be added or removed, unless it fixes bugs.
//
//#DELETE /v1/roles/{role_id} t+parity:full t+type:documented t+status:done
// This endpoint has full parity with the original API. It has been recreated from the original API documentation.
// This endpoint is considered done. No major features should be added or removed, unless it fixes bugs.
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use actix_web::{get, HttpRequest, HttpResponse, post}; use actix_web::{get, HttpRequest, HttpResponse, post};
@ -41,6 +45,7 @@ use trifid_api_entities::entity::firewall_rule;
use trifid_api_entities::entity::role; use trifid_api_entities::entity::role;
use crate::cursor::Cursor; use crate::cursor::Cursor;
use crate::tokens::random_id; use crate::tokens::random_id;
use actix_web::delete;
#[derive(Serialize, Deserialize, Debug, Clone)] #[derive(Serialize, Deserialize, Debug, Clone)]
pub struct CreateRoleRequest { pub struct CreateRoleRequest {
@ -653,4 +658,98 @@ pub struct GetRoleResponse {
pub metadata: GetRoleResponseMetadata pub metadata: GetRoleResponseMetadata
} }
#[derive(Serialize, Deserialize, Debug, Clone)] #[derive(Serialize, Deserialize, Debug, Clone)]
pub struct GetRoleResponseMetadata {} pub struct GetRoleResponseMetadata {}
#[delete("/v1/roles/{role_id}")]
pub async fn delete_role(net: Path<String>, req_info: HttpRequest, db: Data<AppState>) -> HttpResponse {
// For this endpoint, you either need to be a fully authenticated user OR a token with roles:delete
let session_info = enforce_2fa(&req_info, &db.conn).await.unwrap_or(TokenInfo::NotPresent);
let api_token_info = enforce_api_token(&req_info, &["roles:delete"], &db.conn).await.unwrap_or(TokenInfo::NotPresent);
// If neither are present, throw an error
if matches!(session_info, TokenInfo::NotPresent) && matches!(api_token_info, TokenInfo::NotPresent) {
return HttpResponse::Unauthorized().json(APIErrorsResponse {
errors: vec![
APIError {
code: "ERR_UNAUTHORIZED".to_string(),
message: "This endpoint requires either a fully authenticated user or a token with the roles:delete scope".to_string(),
path: None,
}
],
})
}
// If both are present, throw an error
if matches!(session_info, TokenInfo::AuthToken(_)) && matches!(api_token_info, TokenInfo::ApiToken(_)) {
return HttpResponse::BadRequest().json(APIErrorsResponse {
errors: vec![
APIError {
code: "ERR_AMBIGUOUS_AUTHENTICATION".to_string(),
message: "Both a user token and an API token with the proper scope was provided. Please only provide one.".to_string(),
path: None
}
],
})
}
let role: Option<role::Model> = match role::Entity::find().filter(role::Column::Id.eq(net.into_inner())).one(&db.conn).await {
Ok(r) => r,
Err(e) => {
error!("database error: {}", e);
return HttpResponse::InternalServerError().json(APIErrorsResponse {
errors: vec![
APIError {
code: "ERR_DB_ERROR".to_string(),
message: "There was an error performing the database request, please try again later.".to_string(),
path: None,
}
],
});
}
};
if let Some(role) = role {
match role.delete(&db.conn).await {
Ok(_) => (),
Err(e) => {
error!("database error: {}", e);
return HttpResponse::InternalServerError().json(APIErrorsResponse {
errors: vec![
APIError {
code: "ERR_DB_ERROR".to_string(),
message: "There was an error performing the database request, please try again later.".to_string(),
path: None,
}
],
});
}
};
HttpResponse::Ok().json(RoleDeleteResponse {
data: RoleDeleteResponseData {},
metadata: RoleDeleteResponseMetadata {},
})
} else {
HttpResponse::NotFound().json(APIErrorsResponse {
errors: vec![
APIError {
code: "ERR_MISSING_ROLE".to_string(),
message: "Role does not exist".to_string(),
path: None,
}
],
})
}
}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct RoleDeleteResponse {
data: RoleDeleteResponseData,
metadata: RoleDeleteResponseMetadata
}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct RoleDeleteResponseData {}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct RoleDeleteResponseMetadata {}