Allow sales person to insert extra_hours

2024-06-26 14:54:14 +02:00 · 2024-06-26 14:54:14 +02:00 · 29f94a8e37
commit 29f94a8e37
parent 9011f223c7
5 changed files with 60 additions and 7 deletions
--- a/.env
+++ b/.env
@ -1 +1,2 @@
-DATABASE_URL=sqlite:./localdb.sqlite3
+DATABASE_URL=sqlite:/home/neosam/programming/rust/projects/shifty-backend/localdb.sqlite3
+APP_URL=https://.goller.tech
--- a/app/src/main.rs
+++ b/app/src/main.rs
@ -52,6 +52,7 @@ type WorkingHoursService = service_impl::working_hours::WorkingHoursServiceImpl<
 type ExtraHoursService = service_impl::extra_hours::ExtraHoursServiceImpl<
    dao_impl::extra_hours::ExtraHoursDaoImpl,
    PermissionService,
+    SalesPersonService,
    ClockService,
    UuidService,
 >;
@ -173,6 +174,7 @@ impl RestStateImpl {
        let extra_hours_service = Arc::new(service_impl::extra_hours::ExtraHoursServiceImpl::new(
            extra_hours_dao,
            permission_service.clone(),
+            sales_person_service.clone(),
            clock_service,
            uuid_service,
        ));
--- a/service/src/sales_person.rs
+++ b/service/src/sales_person.rs
@ -103,4 +103,9 @@ pub trait SalesPersonService {
        &self,
        context: Authentication<Self::Context>,
    ) -> Result<Option<SalesPerson>, ServiceError>;
+    async fn verify_user_is_sales_person(
+        &self,
+        sales_person_id: Uuid,
+        context: Authentication<Self::Context>,
+    ) -> Result<(), ServiceError>;
 }
--- a/service_impl/src/extra_hours.rs
+++ b/service_impl/src/extra_hours.rs
@ -7,37 +7,49 @@ use service::{
    permission::{Authentication, HR_PRIVILEGE},
    ServiceError,
 };
+use tokio::join;
 use uuid::Uuid;

 pub struct ExtraHoursServiceImpl<
    ExtraHoursDao: dao::extra_hours::ExtraHoursDao,
    PermissionService: service::PermissionService,
+    SalesPersonService: service::sales_person::SalesPersonService,
    ClockService: service::clock::ClockService,
    UuidService: service::uuid_service::UuidService,
 > {
    extra_hours_dao: Arc<ExtraHoursDao>,
    permission_service: Arc<PermissionService>,
+    sales_person_service: Arc<SalesPersonService>,
    clock_service: Arc<ClockService>,
    uuid_service: Arc<UuidService>,
 }

-impl<ExtraHoursDao, PermissionService, ClockService, UuidService>
-    ExtraHoursServiceImpl<ExtraHoursDao, PermissionService, ClockService, UuidService>
+impl<ExtraHoursDao, PermissionService, SalesPersonService, ClockService, UuidService>
+    ExtraHoursServiceImpl<
+        ExtraHoursDao,
+        PermissionService,
+        SalesPersonService,
+        ClockService,
+        UuidService,
+    >
 where
    ExtraHoursDao: dao::extra_hours::ExtraHoursDao + Sync + Send,
    PermissionService: service::PermissionService + Sync + Send,
+    SalesPersonService: service::sales_person::SalesPersonService + Sync + Send,
    ClockService: service::clock::ClockService + Sync + Send,
    UuidService: service::uuid_service::UuidService + Sync + Send,
 {
    pub fn new(
        extra_hours_dao: Arc<ExtraHoursDao>,
        permission_service: Arc<PermissionService>,
+        sales_person_service: Arc<SalesPersonService>,
        clock_service: Arc<ClockService>,
        uuid_service: Arc<UuidService>,
    ) -> Self {
        Self {
            extra_hours_dao,
            permission_service,
+            sales_person_service,
            clock_service,
            uuid_service,
        }
@ -48,10 +60,19 @@ where
 impl<
        ExtraHoursDao: dao::extra_hours::ExtraHoursDao + Sync + Send,
        PermissionService: service::PermissionService + Sync + Send,
+        SalesPersonService: service::sales_person::SalesPersonService<Context = PermissionService::Context>
+            + Sync
+            + Send,
        ClockService: service::clock::ClockService + Sync + Send,
        UuidService: service::uuid_service::UuidService + Sync + Send,
    > service::extra_hours::ExtraHoursService
-    for ExtraHoursServiceImpl<ExtraHoursDao, PermissionService, ClockService, UuidService>
+    for ExtraHoursServiceImpl<
+        ExtraHoursDao,
+        PermissionService,
+        SalesPersonService,
+        ClockService,
+        UuidService,
+    >
 {
    type Context = PermissionService::Context;

@ -64,14 +85,19 @@ impl<
    ) -> Result<Arc<[ExtraHours]>, ServiceError> {
        unimplemented!()
    }
+
    async fn create(
        &self,
        extra_hours: &ExtraHours,
        context: Authentication<Self::Context>,
    ) -> Result<ExtraHours, ServiceError> {
-        self.permission_service
-            .check_permission(HR_PRIVILEGE, context)
-            .await?;
+        let (hr_permission, sales_person_permission) = join!(
+            self.permission_service
+                .check_permission(HR_PRIVILEGE, context.clone()),
+            self.sales_person_service
+                .verify_user_is_sales_person(extra_hours.sales_person_id, context),
+        );
+        hr_permission.or(sales_person_permission)?;

        let mut extra_hours = extra_hours.to_owned();
        if !extra_hours.id.is_nil() {
--- a/service_impl/src/sales_person.rs
+++ b/service_impl/src/sales_person.rs
@ -337,4 +337,23 @@ where
            .get_sales_person_for_user(current_user, Authentication::Full)
            .await?)
    }
+
+    async fn verify_user_is_sales_person(
+        &self,
+        sales_person_id: Uuid,
+        context: Authentication<Self::Context>,
+    ) -> Result<(), ServiceError> {
+        let (Some(username), Some(sales_person_username)) = (
+            self.permission_service.current_user_id(context).await?,
+            self.get_assigned_user(sales_person_id, Authentication::Full)
+                .await?,
+        ) else {
+            return Err(ServiceError::Forbidden);
+        };
+        if username == sales_person_username {
+            Ok(())
+        } else {
+            Err(ServiceError::Forbidden)
+        }
+    }
 }