implemented the handover, doing the cleanup

2025-02-13 15:31:02 +01:00 · 2025-02-13 15:31:02 +01:00 · ea202cf393
commit ea202cf393
parent 55a2ee1bfb
5 changed files with 95 additions and 15 deletions
--- a/src/db/admin.rs
+++ b/src/db/admin.rs
@ -1,4 +1,6 @@
-use super::schema::{ServiceStatus, TrxHook};
+use uuid::Uuid;
+
+use super::schema::{DbHook, ServiceStatus, TrxHook};

 /// Aggregates info on the current service status, incl. accounts and tags
 pub async fn get_service_status(trx: &mut TrxHook<'_>) -> sqlx::Result<ServiceStatus> {
@ -19,3 +21,15 @@ pub async fn get_service_status(trx: &mut TrxHook<'_>) -> sqlx::Result<ServiceSt
 		active_tags_count,
 	})
 }
+
+pub async fn handover_tag(db: &mut DbHook, tag_id: i32, target_user_id: &Uuid) -> sqlx::Result<()> {
+	sqlx::query!(
+		"update doll_profiles set bound_to_id = $1 where id = $2",
+		target_user_id,
+		tag_id
+	)
+	.execute(&mut **db)
+	.await?;
+
+	Ok(())
+}
--- a/src/main.rs
+++ b/src/main.rs
@ -89,7 +89,8 @@ fn rocket() -> _ {
 			routes![
 				admin::index,
 				admin::handle_in_page_forms,
-				admin::show_confirm_tag_handover
+				admin::show_confirm_tag_handover,
+				admin::handle_tag_handover,
 			],
 		)
 		.mount(
--- a/src/pages.rs
+++ b/src/pages.rs
@ -2,6 +2,7 @@ use std::collections::HashMap;

 use rocket::{
 	fairing::Fairing,
+	http::CookieJar,
 	outcome::try_outcome,
 	request::{FromRequest, Outcome},
 	serde::Serialize,
@ -81,3 +82,23 @@ pub struct FakeContext {
 	/// NOP, used to placehold global errors
 	pub form_errors: Vec<()>,
 }
+
+/// writes a toast msg into an encrypted cookie
+/// (note: this overwrites any existing toast)
+pub fn write_toast(jar: &CookieJar<'_>, message: String) {
+	jar.add_private(("toast", message))
+}
+
+/// gets a toast from the encrypted toast cookie if any is set,
+/// then removes the cookie
+pub fn pop_toast(jar: &CookieJar<'_>) -> Option<String> {
+	let toast = jar
+		.get_private("toast")
+		.map(|c| String::from(c.value_trimmed()));
+
+	if toast.is_some() {
+		jar.remove_private("toast");
+	}
+
+	toast
+}
--- a/src/routes/admin.rs
+++ b/src/routes/admin.rs
@ -1,5 +1,8 @@
+use std::net::IpAddr;
+
 use rocket::{
 	form::{Context, Contextual, Error, Form},
+	http::CookieJar,
 	response::Redirect,
 	serde::Serialize,
 };
@ -10,7 +13,7 @@ use crate::{
 	auth::session::Admin,
 	db::{admin, doll, schema::DollTagsDb, user},
 	ids::{id_public_to_db, PublicId},
-	pages::CommonTemplateState,
+	pages::{write_toast, CommonTemplateState},
 };

 use super::error_handlers::PageResult;
@ -154,13 +157,54 @@ pub async fn handle_in_page_forms(
 	.into())
 }

-#[get("/tag-handover/<id>/<username>")]
-pub async fn show_confirm_tag_handover(id: PublicId, username: &str) -> &'static str {
-	println!("woof id: {}, username: {}", id.0, username);
-	println!(
-		"woof generated url: {}",
-		uri!("/admin", show_confirm_tag_handover(id, username))
-	);
+#[get("/tag-handover/<id>/<dest_username>")]
+pub fn show_confirm_tag_handover(
+	meta: CommonTemplateState,
+	user: Admin,
+	id: PublicId,
+	dest_username: &str,
+) -> Template {
+	let tag_id = id.0;

-	"blep"
+	Template::render(
+		"admin/confirm_tag_handover",
+		context! {
+			meta: meta.for_user(&user.0),
+			tag_id,
+			dest_username,
+			proceed_url: uri!("/admin", handle_tag_handover(id, dest_username)),
+		},
+	)
+}
+
+#[get("/YES-GIMME/<id>/<dest_username>")]
+pub async fn handle_tag_handover<'a>(
+	mut db: DollTagsDb,
+	user: Admin,
+	client_ip: IpAddr,
+	jar: &'a CookieJar<'_>,
+	id: PublicId,
+	dest_username: &'a str,
+) -> PageResult {
+	let dest_user = match user::get(&mut *db, dest_username).await? {
+		Some(u) => u,
+		None => {
+			warn!(
+				"[audit|{}] [{}] tried to hand over tag {} to nonexistent user {}",
+				client_ip,
+				user.0.id.to_string(),
+				id.0,
+				dest_username
+			);
+			write_toast(jar, String::from("this username doesn't exist"));
+			return Ok(Redirect::to("/admin").into());
+		}
+	};
+
+	admin::handover_tag(&mut *db, id.0, &dest_user.id).await?;
+	write_toast(
+		jar,
+		format!("tag successfully handed over to {}", dest_username),
+	);
+	todo!("meow")
 }
--- a/templates/admin/confirm_tag_handover.html.tera
+++ b/templates/admin/confirm_tag_handover.html.tera
@ -4,15 +4,15 @@
 <section>
 	<h2>Confirm tag handover?</h2>
 	<p>
-		You are about to hand over the tag <code>WOOF</code> to the user named "".<br />
+		You are about to hand over the tag <code>{{tag_id|pretty_id}}</code> to the user named "{{dest_username}}".<br />
 		It will give full control of the tag to them and will not let you edit it anymore as it is a complete handover.
 	</p>

 	<p>Do you wish to proceed?</p>

 	<div>
-		<a href="/" class="btn">Yes, hand it over to them</a>
-		<a href="/" class="btn">No, cancel the handover</a>
+		<a href="{{proceed_url}}" class="btn">Yes, hand it over to them</a>
+		<a href="/admin" class="btn">No, cancel the handover</a>
 	</div>
 </section>
-{% endblock main %}
+{% endblock main %}