Shifty/shifty-backend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow sales person to insert extra_hours

Browse source
This commit is contained in:
Simon Goller 2024-06-26 14:54:14 +02:00
parent 9011f223c7
commit 29f94a8e37
5 changed files with 60 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.env
View file

@ -1 +1,2 @@
DATABASE_URL=sqlite:./localdb.sqlite3 DATABASE_URL=sqlite:/home/neosam/programming/rust/projects/shifty-backend/localdb.sqlite3
APP_URL=https://.goller.tech

2
app/src/main.rs
View file

@ -52,6 +52,7 @@ type WorkingHoursService = service_impl::working_hours::WorkingHoursServiceImpl<
type ExtraHoursService = service_impl::extra_hours::ExtraHoursServiceImpl< type ExtraHoursService = service_impl::extra_hours::ExtraHoursServiceImpl<
dao_impl::extra_hours::ExtraHoursDaoImpl, dao_impl::extra_hours::ExtraHoursDaoImpl,
PermissionService, PermissionService,
SalesPersonService,
ClockService, ClockService,
UuidService, UuidService,
>; >;
@ -173,6 +174,7 @@ impl RestStateImpl {
let extra_hours_service = Arc::new(service_impl::extra_hours::ExtraHoursServiceImpl::new( let extra_hours_service = Arc::new(service_impl::extra_hours::ExtraHoursServiceImpl::new(
extra_hours_dao, extra_hours_dao,
permission_service.clone(), permission_service.clone(),
sales_person_service.clone(),
clock_service, clock_service,
uuid_service, uuid_service,
)); ));

5
service/src/sales_person.rs
View file

@ -103,4 +103,9 @@ pub trait SalesPersonService {
&self, &self,
context: Authentication<Self::Context>, context: Authentication<Self::Context>,
) -> Result<Option<SalesPerson>, ServiceError>; ) -> Result<Option<SalesPerson>, ServiceError>;
async fn verify_user_is_sales_person(
&self,
sales_person_id: Uuid,
context: Authentication<Self::Context>,
) -> Result<(), ServiceError>;
} }

38
service_impl/src/extra_hours.rs
View file

@ -7,37 +7,49 @@ use service::{
permission::{Authentication, HR_PRIVILEGE}, permission::{Authentication, HR_PRIVILEGE},
ServiceError, ServiceError,
}; };
use tokio::join;
use uuid::Uuid; use uuid::Uuid;
pub struct ExtraHoursServiceImpl< pub struct ExtraHoursServiceImpl<
ExtraHoursDao: dao::extra_hours::ExtraHoursDao, ExtraHoursDao: dao::extra_hours::ExtraHoursDao,
PermissionService: service::PermissionService, PermissionService: service::PermissionService,
SalesPersonService: service::sales_person::SalesPersonService,
ClockService: service::clock::ClockService, ClockService: service::clock::ClockService,
UuidService: service::uuid_service::UuidService, UuidService: service::uuid_service::UuidService,
> { > {
extra_hours_dao: Arc<ExtraHoursDao>, extra_hours_dao: Arc<ExtraHoursDao>,
permission_service: Arc<PermissionService>, permission_service: Arc<PermissionService>,
sales_person_service: Arc<SalesPersonService>,
clock_service: Arc<ClockService>, clock_service: Arc<ClockService>,
uuid_service: Arc<UuidService>, uuid_service: Arc<UuidService>,
} }
impl<ExtraHoursDao, PermissionService, ClockService, UuidService> impl<ExtraHoursDao, PermissionService, SalesPersonService, ClockService, UuidService>
ExtraHoursServiceImpl<ExtraHoursDao, PermissionService, ClockService, UuidService> ExtraHoursServiceImpl<
ExtraHoursDao,
PermissionService,
SalesPersonService,
ClockService,
UuidService,
>
where where
ExtraHoursDao: dao::extra_hours::ExtraHoursDao + Sync + Send, ExtraHoursDao: dao::extra_hours::ExtraHoursDao + Sync + Send,
PermissionService: service::PermissionService + Sync + Send, PermissionService: service::PermissionService + Sync + Send,
SalesPersonService: service::sales_person::SalesPersonService + Sync + Send,
ClockService: service::clock::ClockService + Sync + Send, ClockService: service::clock::ClockService + Sync + Send,
UuidService: service::uuid_service::UuidService + Sync + Send, UuidService: service::uuid_service::UuidService + Sync + Send,
{ {
pub fn new( pub fn new(
extra_hours_dao: Arc<ExtraHoursDao>, extra_hours_dao: Arc<ExtraHoursDao>,
permission_service: Arc<PermissionService>, permission_service: Arc<PermissionService>,
sales_person_service: Arc<SalesPersonService>,
clock_service: Arc<ClockService>, clock_service: Arc<ClockService>,
uuid_service: Arc<UuidService>, uuid_service: Arc<UuidService>,
) -> Self { ) -> Self {
Self { Self {
extra_hours_dao, extra_hours_dao,
permission_service, permission_service,
sales_person_service,
clock_service, clock_service,
uuid_service, uuid_service,
} }
@ -48,10 +60,19 @@ where
impl< impl<
ExtraHoursDao: dao::extra_hours::ExtraHoursDao + Sync + Send, ExtraHoursDao: dao::extra_hours::ExtraHoursDao + Sync + Send,
PermissionService: service::PermissionService + Sync + Send, PermissionService: service::PermissionService + Sync + Send,
SalesPersonService: service::sales_person::SalesPersonService<Context = PermissionService::Context>
+ Sync
+ Send,
ClockService: service::clock::ClockService + Sync + Send, ClockService: service::clock::ClockService + Sync + Send,
UuidService: service::uuid_service::UuidService + Sync + Send, UuidService: service::uuid_service::UuidService + Sync + Send,
> service::extra_hours::ExtraHoursService > service::extra_hours::ExtraHoursService
for ExtraHoursServiceImpl<ExtraHoursDao, PermissionService, ClockService, UuidService> for ExtraHoursServiceImpl<
ExtraHoursDao,
PermissionService,
SalesPersonService,
ClockService,
UuidService,
>
{ {
type Context = PermissionService::Context; type Context = PermissionService::Context;
@ -64,14 +85,19 @@ impl<
) -> Result<Arc<[ExtraHours]>, ServiceError> { ) -> Result<Arc<[ExtraHours]>, ServiceError> {
unimplemented!() unimplemented!()
} }
async fn create( async fn create(
&self, &self,
extra_hours: &ExtraHours, extra_hours: &ExtraHours,
context: Authentication<Self::Context>, context: Authentication<Self::Context>,
) -> Result<ExtraHours, ServiceError> { ) -> Result<ExtraHours, ServiceError> {
self.permission_service let (hr_permission, sales_person_permission) = join!(
.check_permission(HR_PRIVILEGE, context) self.permission_service
.await?; .check_permission(HR_PRIVILEGE, context.clone()),
self.sales_person_service
.verify_user_is_sales_person(extra_hours.sales_person_id, context),
);
hr_permission.or(sales_person_permission)?;
let mut extra_hours = extra_hours.to_owned(); let mut extra_hours = extra_hours.to_owned();
if !extra_hours.id.is_nil() { if !extra_hours.id.is_nil() {

19
service_impl/src/sales_person.rs
View file

@ -337,4 +337,23 @@ where
.get_sales_person_for_user(current_user, Authentication::Full) .get_sales_person_for_user(current_user, Authentication::Full)
.await?) .await?)
} }
async fn verify_user_is_sales_person(
&self,
sales_person_id: Uuid,
context: Authentication<Self::Context>,
) -> Result<(), ServiceError> {
let (Some(username), Some(sales_person_username)) = (
self.permission_service.current_user_id(context).await?,
self.get_assigned_user(sales_person_id, Authentication::Full)
.await?,
) else {
return Err(ServiceError::Forbidden);
};
if username == sales_person_username {
Ok(())
} else {
Err(ServiceError::Forbidden)
}
}
} }