Skip to content

Commit

Permalink
enable delete endpoint to non-admins
Browse files Browse the repository at this point in the history
  • Loading branch information
@fiji-flo
fiji-flo committed May 6, 2020
1 parent b2987eb commit e7dc886
Show file tree
Hide file tree
Showing 4 changed files with 70 additions and 4 deletions.
2 changes: 1 addition & 1 deletion src/api/groups.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ async fn add_group<T: AsyncCisClientTrait>(
Ok(HttpResponse::Created().finish())
}

#[guard(Staff, Admin, Medium)]
#[guard(Staff, Creator, Medium)]
async fn delete_group<T: AsyncCisClientTrait>(
cis_client: web::Data<T>,
pool: web::Data<Pool>,
Expand Down
12 changes: 9 additions & 3 deletions src/db/operations/members.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ use diesel::prelude::*;
use dino_park_gate::scope::ScopeAndUser;
use dino_park_trust::Trust;
use failure::Error;
use log::error;
use serde_json::Value;
use std::sync::Arc;
use uuid::Uuid;
Expand Down Expand Up @@ -138,7 +139,7 @@ pub async fn revoke_membership(
) -> Result<(), Error> {
let connection = pool.get()?;
let is_staff = internal::user::user_trust(&connection, &user.user_uuid)? == TrustType::Staff;
// are we droping nda membership -> remove all groups and invitations
// are we dropping nda membership -> remove all groups and invitations
if group_names
.iter()
.any(|group_name| is_nda_group(*group_name))
Expand Down Expand Up @@ -189,14 +190,19 @@ async fn _revoke_membership(
let user_profile = internal::user::user_profile_by_uuid(&connection, &user.user_uuid)?;
remove_group_from_profile(cis_client, group_names, user_profile.profile).await?;
for group_name in group_names {
db_leave(
if let Err(e) = db_leave(
&host.user_uuid,
&connection,
&group_name,
&user,
force,
comment.clone(),
)?;
) {
error!(
"({}) failed to revoke group membership of group {} for {}",
e, &group_name, user.user_uuid
);
}
}
Ok(())
}
Expand Down
59 changes: 59 additions & 0 deletions tests/api/delete.rs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
use crate::helpers::api::*;
use crate::helpers::db::reset;
use crate::helpers::misc::read_json;
use crate::helpers::misc::test_app;
use crate::helpers::misc::Soa;
use crate::helpers::users::basic_user;
use crate::helpers::users::user_uuid;
use actix_web::test;
use actix_web::App;
use failure::Error;
use serde_json::json;

#[actix_rt::test]
async fn delete_group() -> Result<(), Error> {
reset()?;
let app = App::new().service(test_app().await);
let mut app = test::init_service(app).await;
let creator = Soa::from(&basic_user(1, true)).creator().aal_medium();

let res = post(
&mut app,
"/groups/api/v1/groups",
json!({ "name": "some", "description": "some group" }),
&creator,
)
.await;
assert!(res.status().is_success());

let user2 = basic_user(2, true);
let res = post(
&mut app,
"/groups/api/v1/curators/some",
json!({ "member_uuid": user_uuid(&user2) }),
&creator,
)
.await;
assert!(res.status().is_success());

let res = get(&mut app, "/groups/api/v1/members/some", &creator).await;
assert!(res.status().is_success());
assert_eq!(
read_json(res).await["members"]
.as_array()
.map(|a| a.len())
.unwrap_or_default(),
2
);

let res = get(&mut app, "/groups/api/v1/groups", &creator).await;
assert_eq!(read_json(res).await["groups"][0]["name"], "some");

let res = delete(&mut app, "/groups/api/v1/groups/some", &creator).await;
assert!(res.status().is_success());

let res = get(&mut app, "/groups/api/v1/groups", &creator).await;
assert_eq!(read_json(res).await, json!({ "groups": [], "next": null }));

Ok(())
}
1 change: 1 addition & 0 deletions tests/api/mod.rs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
mod basics;
mod delete;
mod errors;
mod invitations;
mod requests;

0 comments on commit e7dc886

Please sign in to comment.