starred/minne
1
0
Fork 0
mirror of https://github.com/perstarkse/minne.git synced 2026-04-23 17:28:34 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity

feat: registration settings

Browse Source
This commit is contained in:
Per Stark
2025-01-27 22:16:17 +01:00
parent f329987818
commit c6bc0c44f3
6 changed files with 87 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/bin/server.rs
View File

@@ -28,7 +28,7 @@ use zettle_db::{
}, },
html::{ html::{
account::{delete_account, set_api_key, show_account_page, update_timezone}, account::{delete_account, set_api_key, show_account_page, update_timezone},
admin_panel::show_admin_panel, admin_panel::{show_admin_panel, toggle_registration_status},
documentation::index::show_documentation_index, documentation::index::show_documentation_index,
gdpr::{accept_gdpr, deny_gdpr}, gdpr::{accept_gdpr, deny_gdpr},
index::index_handler, index::index_handler,
@@ -172,6 +172,7 @@ fn html_routes(
.route("/queue/:delivery_tag", delete(delete_task)) .route("/queue/:delivery_tag", delete(delete_task))
.route("/account", get(show_account_page)) .route("/account", get(show_account_page))
.route("/admin", get(show_admin_panel)) .route("/admin", get(show_admin_panel))
.route("/toggle-registrations", patch(toggle_registration_status))
.route("/set-api-key", post(set_api_key)) .route("/set-api-key", post(set_api_key))
.route("/update-timezone", patch(update_timezone)) .route("/update-timezone", patch(update_timezone))
.route("/delete-account", delete(delete_account)) .route("/delete-account", delete(delete_account))

63
src/server/routes/html/admin_panel.rs
View File

@@ -1,6 +1,7 @@
use axum::{ use axum::{
extract::State, extract::State,
response::{IntoResponse, Redirect}, response::{IntoResponse, Redirect},
Form,
}; };
use axum_session_auth::AuthSession; use axum_session_auth::AuthSession;
use axum_session_surreal::SessionSurrealPool; use axum_session_surreal::SessionSurrealPool;
@@ -13,6 +14,8 @@ use crate::{
storage::types::{analytics::Analytics, system_settings::SystemSettings, user::User}, storage::types::{analytics::Analytics, system_settings::SystemSettings, user::User},
}; };
use super::render_block;
page_data!(AdminPanelData, "auth/admin_panel.html", { page_data!(AdminPanelData, "auth/admin_panel.html", {
user: User, user: User,
settings: SystemSettings, settings: SystemSettings,
@@ -24,7 +27,7 @@ pub async fn show_admin_panel(
State(state): State<AppState>, State(state): State<AppState>,
auth: AuthSession<User, String, SessionSurrealPool<Any>, Surreal<Any>>, auth: AuthSession<User, String, SessionSurrealPool<Any>, Surreal<Any>>,
) -> Result<impl IntoResponse, HtmlError> { ) -> Result<impl IntoResponse, HtmlError> {
// Early return if the user is not authenticated // Early return if the user is not authenticated and admin
let user = match auth.current_user { let user = match auth.current_user {
Some(user) if user.admin => user, Some(user) if user.admin => user,
_ => return Ok(Redirect::to("/").into_response()), _ => return Ok(Redirect::to("/").into_response()),
@@ -55,3 +58,61 @@ pub async fn show_admin_panel(
Ok(output.into_response()) Ok(output.into_response())
} }
fn checkbox_to_bool<'de, D>(deserializer: D) -> Result<bool, D::Error>
where
D: serde::Deserializer<'de>,
{
match String::deserialize(deserializer) {
Ok(string) => Ok(string == "on"),
Err(_) => Ok(false),
}
}
#[derive(Deserialize)]
pub struct RegistrationToggleInput {
#[serde(default)]
#[serde(deserialize_with = "checkbox_to_bool")]
registration_open: bool,
}
#[derive(Serialize)]
pub struct RegistrationToggleData {
settings: SystemSettings,
}
pub async fn toggle_registration_status(
State(state): State<AppState>,
auth: AuthSession<User, String, SessionSurrealPool<Any>, Surreal<Any>>,
Form(input): Form<RegistrationToggleInput>,
) -> Result<impl IntoResponse, HtmlError> {
// Early return if the user is not authenticated and admin
let _user = match auth.current_user {
Some(user) if user.admin => user,
_ => return Ok(Redirect::to("/").into_response()),
};
let current_settings = SystemSettings::get_current(&state.surreal_db_client)
.await
.map_err(|e| HtmlError::new(e, state.templates.clone()))?;
let new_settings = SystemSettings {
registrations_enabled: input.registration_open,
..current_settings.clone()
};
SystemSettings::update(&state.surreal_db_client, new_settings.clone())
.await
.map_err(|e| HtmlError::new(e, state.templates.clone()))?;
let output = render_block(
AdminPanelData::template_name(),
"registration_status_input",
RegistrationToggleData {
settings: new_settings,
},
state.templates.clone(),
)?;
Ok(output.into_response())
}

2
src/storage/types/system_settings.rs
View File

@@ -3,7 +3,7 @@ use serde::{Deserialize, Serialize};
use crate::{error::AppError, storage::db::SurrealDbClient}; use crate::{error::AppError, storage::db::SurrealDbClient};
#[derive(Debug, Serialize, Deserialize)] #[derive(Debug, Serialize, Deserialize, Clone)]
pub struct SystemSettings { pub struct SystemSettings {
#[serde(deserialize_with = "deserialize_flexible_id")] #[serde(deserialize_with = "deserialize_flexible_id")]
pub id: String, pub id: String,

16
src/storage/types/user.rs
View File

@@ -41,6 +41,19 @@ impl Authentication<User, String, Surreal<Any>> for User {
} }
} }
fn validate_timezone(input: &str) -> String {
use chrono_tz::Tz;
// Check if it's a valid IANA timezone identifier
match input.parse::<Tz>() {
Ok(_) => input.to_owned(),
Err(_) => {
tracing::warn!("Invalid timezone '{}' received, defaulting to UTC", input);
"UTC".to_owned()
}
}
}
impl User { impl User {
pub async fn create_new( pub async fn create_new(
email: String, email: String,
@@ -54,6 +67,7 @@ impl User {
return Err(AppError::Auth("Registration is not allowed".into())); return Err(AppError::Auth("Registration is not allowed".into()));
} }
let validated_tz = validate_timezone(&timezone);
let now = Utc::now(); let now = Utc::now();
let id = Uuid::new_v4().to_string(); let id = Uuid::new_v4().to_string();
@@ -76,7 +90,7 @@ impl User {
.bind(("password", password)) .bind(("password", password))
.bind(("created_at", now)) .bind(("created_at", now))
.bind(("updated_at", now)) .bind(("updated_at", now))
.bind(("timezone", timezone)) .bind(("timezone", validated_tz))
.await? .await?
.take(1)?; .take(1)?;

8
templates/auth/admin_panel.html
View File

@@ -29,8 +29,12 @@
<fieldset class="fieldset p-4 shadow rounded-box"> <fieldset class="fieldset p-4 shadow rounded-box">
<legend class="fieldset-legend">Registration</legend> <legend class="fieldset-legend">Registration</legend>
<label class="fieldset-label"> <label class="fieldset-label">
<input type="checkbox" class="checkbox" hx-post="/toggle-registrations" hx-target="#registration-status" {% if {% block registration_status_input %}
settings.registrations_enabled %}checked{% endif %} /> <form hx-patch="/toggle-registrations" hx-swap="outerHTML" hx-trigger="change">
<input name="registration_open" type="checkbox" class="checkbox" {% if settings.registrations_enabled
%}checked{% endif %} />
</form>
{% endblock %}
Enable Registrations Enable Registrations
</label> </label>
<div id="registration-status" class="text-sm mt-2"></div> <div id="registration-status" class="text-sm mt-2"></div>

2
todo.md
View File

@@ -1,12 +1,12 @@
\[\] admin controls re registration \[\] admin controls re registration
\[\] archive ingressed webpage \[\] archive ingressed webpage
\[\] configs primarily get envs \[\] configs primarily get envs
\[\] html ingression
\[\] view content \[\] view content
\[\] view graph map \[\] view graph map
\[\] view latest \[\] view latest
\[x\] add user_id to ingress objects \[x\] add user_id to ingress objects
\[x\] gdpr \[x\] gdpr
\[x\] html ingression
\[x\] hx-redirect \[x\] hx-redirect
\[x\] ios shortcut generation \[x\] ios shortcut generation
\[x\] job queue \[x\] job queue