Tsumanu/actix-admin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

change parameter match in for case auth_is_enabled

Browse Source
This commit is contained in:
Manuel Gugger 2022-08-18 13:58:26 +02:00
parent ddf25f97da
commit f5d0364244
9 changed files with 68 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
actix_admin_macros/src/lib.rs
View File

@ -39,18 +39,6 @@ pub fn derive_actix_admin(_input: proc_macro::TokenStream) -> proc_macro::TokenS
proc_macro::TokenStream::from(expanded) proc_macro::TokenStream::from(expanded)
} }
#[proc_macro_derive(DeriveActixAdminViewModelAccess, attributes(actix_admin))]
pub fn derive_actix_admin_view_model_access(_input: proc_macro::TokenStream) -> proc_macro::TokenStream {
let expanded = quote! {
impl ActixAdminViewModelAccessTrait for Entity {
fn user_can_access(session: &Session) -> bool {
true
}
}
};
proc_macro::TokenStream::from(expanded)
}
#[proc_macro_derive(DeriveActixAdminViewModel, attributes(actix_admin))] #[proc_macro_derive(DeriveActixAdminViewModel, attributes(actix_admin))]
pub fn derive_actix_admin_view_model(input: proc_macro::TokenStream) -> proc_macro::TokenStream { pub fn derive_actix_admin_view_model(input: proc_macro::TokenStream) -> proc_macro::TokenStream {
let fields = get_fields_for_tokenstream(input); let fields = get_fields_for_tokenstream(input);
@ -69,7 +57,8 @@ pub fn derive_actix_admin_view_model(input: proc_macro::TokenStream) -> proc_mac
primary_key: #name_primary_field_str.to_string(), primary_key: #name_primary_field_str.to_string(),
entity_name: entity.table_name().to_string(), entity_name: entity.table_name().to_string(),
fields: Entity::get_fields(), fields: Entity::get_fields(),
show_search: #has_searchable_fields show_search: #has_searchable_fields,
user_can_access: None
} }
} }
} }

4
src/builder.rs
View File

@ -12,7 +12,7 @@ pub struct ActixAdminBuilder {
pub trait ActixAdminBuilderTrait { pub trait ActixAdminBuilderTrait {
fn new(configuration: ActixAdminConfiguration) -> Self; fn new(configuration: ActixAdminConfiguration) -> Self;
fn add_entity<T: ActixAdminAppDataTrait + 'static, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait + 'static>( fn add_entity<T: ActixAdminAppDataTrait + 'static, E: ActixAdminViewModelTrait + 'static>(
&mut self, &mut self,
view_model: &ActixAdminViewModel, view_model: &ActixAdminViewModel,
); );
@ -32,7 +32,7 @@ impl ActixAdminBuilderTrait for ActixAdminBuilder {
} }
} }
fn add_entity<T: ActixAdminAppDataTrait + 'static, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait + 'static>( fn add_entity<T: ActixAdminAppDataTrait + 'static, E: ActixAdminViewModelTrait + 'static>(
&mut self, &mut self,
view_model: &ActixAdminViewModel, view_model: &ActixAdminViewModel,
) { ) {

4
src/lib.rs
View File

@ -13,8 +13,8 @@ pub mod builder;
pub mod prelude { pub mod prelude {
pub use crate::builder::{ ActixAdminBuilder, ActixAdminBuilderTrait}; pub use crate::builder::{ ActixAdminBuilder, ActixAdminBuilderTrait};
pub use crate::model::{ ActixAdminModel, ActixAdminModelTrait}; pub use crate::model::{ ActixAdminModel, ActixAdminModelTrait};
pub use crate::view_model::{ ActixAdminViewModel, ActixAdminViewModelTrait, ActixAdminViewModelAccessTrait, ActixAdminViewModelField, ActixAdminViewModelFieldType }; pub use crate::view_model::{ ActixAdminViewModel, ActixAdminViewModelTrait, ActixAdminViewModelField, ActixAdminViewModelSerializable, ActixAdminViewModelFieldType };
pub use actix_admin_macros::{ DeriveActixAdmin, DeriveActixAdminModel, DeriveActixAdminViewModel, DeriveActixAdminSelectList, DeriveActixAdminViewModelAccess }; pub use actix_admin_macros::{ DeriveActixAdmin, DeriveActixAdminModel, DeriveActixAdminViewModel, DeriveActixAdminSelectList };
pub use crate::{ ActixAdminAppDataTrait, ActixAdmin, ActixAdminConfiguration }; pub use crate::{ ActixAdminAppDataTrait, ActixAdmin, ActixAdminConfiguration };
pub use crate::{ hashmap, ActixAdminSelectListTrait }; pub use crate::{ hashmap, ActixAdminSelectListTrait };
} }

13
src/routes/create_or_edit_get.rs
View File

@ -6,7 +6,7 @@ use crate::prelude::*;
use crate::TERA; use crate::TERA;
use super::{ add_auth_context, user_can_access_page, render_unauthorized}; use super::{ add_auth_context, user_can_access_page, render_unauthorized};
pub async fn create_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait>( pub async fn create_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
session: Session, session: Session,
_req: HttpRequest, _req: HttpRequest,
data: web::Data<T>, data: web::Data<T>,
@ -19,7 +19,7 @@ pub async fn create_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait +
create_or_edit_get::<T, E>(&session, &data, db, model).await create_or_edit_get::<T, E>(&session, &data, db, model).await
} }
pub async fn edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait>( pub async fn edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
session: Session, session: Session,
_req: HttpRequest, _req: HttpRequest,
data: web::Data<T>, data: web::Data<T>,
@ -32,7 +32,7 @@ pub async fn edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + A
create_or_edit_get::<T, E>(&session, &data, db, model).await create_or_edit_get::<T, E>(&session, &data, db, model).await
} }
async fn create_or_edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait>(session: &Session, data: &web::Data<T>, db: &sea_orm::DatabaseConnection, model: ActixAdminModel) -> Result<HttpResponse, Error>{ async fn create_or_edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(session: &Session, data: &web::Data<T>, db: &sea_orm::DatabaseConnection, model: ActixAdminModel) -> Result<HttpResponse, Error>{
let actix_admin = &data.get_actix_admin(); let actix_admin = &data.get_actix_admin();
let mut ctx = Context::new(); let mut ctx = Context::new();
add_auth_context(&session, actix_admin, &mut ctx); add_auth_context(&session, actix_admin, &mut ctx);
@ -40,12 +40,13 @@ async fn create_or_edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTra
ctx.insert("entity_names", entity_names); ctx.insert("entity_names", entity_names);
let entity_name = E::get_entity_name(); let entity_name = E::get_entity_name();
if !user_can_access_page::<E>(&session, actix_admin) { let view_model = actix_admin.view_models.get(&entity_name).unwrap();
if !user_can_access_page(&session, actix_admin, view_model) {
return render_unauthorized(&ctx); return render_unauthorized(&ctx);
} }
let view_model = actix_admin.view_models.get(&entity_name).unwrap(); ctx.insert("view_model", &ActixAdminViewModelSerializable::from(view_model.clone()));
ctx.insert("view_model", &view_model);
ctx.insert("select_lists", &E::get_select_lists(db).await); ctx.insert("select_lists", &E::get_select_lists(db).await);
ctx.insert("list_link", &E::get_list_link(&entity_name)); ctx.insert("list_link", &E::get_list_link(&entity_name));
ctx.insert("model", &model); ctx.insert("model", &model);

16
src/routes/create_or_edit_post.rs
View File

@ -7,7 +7,7 @@ use actix_multipart::Multipart;
use super::{ user_can_access_page, render_unauthorized}; use super::{ user_can_access_page, render_unauthorized};
use crate::prelude::*; use crate::prelude::*;
pub async fn create_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait>( pub async fn create_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
session: Session, session: Session,
data: web::Data<T>, data: web::Data<T>,
payload: Multipart, payload: Multipart,
@ -15,7 +15,7 @@ pub async fn create_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait
create_or_edit_post::<T, E>(&session, &data, payload, None).await create_or_edit_post::<T, E>(&session, &data, payload, None).await
} }
pub async fn edit_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait>( pub async fn edit_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
session: Session, session: Session,
data: web::Data<T>, data: web::Data<T>,
payload: Multipart, payload: Multipart,
@ -24,23 +24,25 @@ pub async fn edit_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait +
create_or_edit_post::<T, E>(&session, &data, payload, Some(id.into_inner())).await create_or_edit_post::<T, E>(&session, &data, payload, Some(id.into_inner())).await
} }
async fn create_or_edit_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait>(session: &Session, data: &web::Data<T>, payload: Multipart, id: Option<i32>) -> Result<HttpResponse, Error> { async fn create_or_edit_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(session: &Session, data: &web::Data<T>, payload: Multipart, id: Option<i32>) -> Result<HttpResponse, Error> {
let actix_admin = data.get_actix_admin(); let actix_admin = data.get_actix_admin();
if !user_can_access_page::<E>(&session, actix_admin) { let entity_name = E::get_entity_name();
let view_model = actix_admin.view_models.get(&entity_name).unwrap();
if !user_can_access_page(&session, actix_admin, view_model) {
let mut ctx = Context::new(); let mut ctx = Context::new();
ctx.insert("render_partial", &true); ctx.insert("render_partial", &true);
return render_unauthorized(&ctx); return render_unauthorized(&ctx);
} }
let db = &data.get_db(); let db = &data.get_db();
let entity_name = E::get_entity_name();
let view_model = actix_admin.view_models.get(&entity_name).unwrap();
let model = ActixAdminModel::create_from_payload(payload).await.unwrap(); let model = ActixAdminModel::create_from_payload(payload).await.unwrap();
if model.has_errors() { if model.has_errors() {
let mut ctx = Context::new(); let mut ctx = Context::new();
ctx.insert("entity_names", &actix_admin.entity_names); ctx.insert("entity_names", &actix_admin.entity_names);
ctx.insert("view_model", &view_model); ctx.insert("view_model", &ActixAdminViewModelSerializable::from(view_model.clone()));
ctx.insert("select_lists", &E::get_select_lists(db).await); ctx.insert("select_lists", &E::get_select_lists(db).await);
ctx.insert("list_link", &E::get_list_link(&entity_name)); ctx.insert("list_link", &E::get_list_link(&entity_name));
ctx.insert("model", &model); ctx.insert("model", &model);

16
src/routes/delete.rs
View File

@ -5,7 +5,7 @@ use crate::prelude::*;
use tera::{Context}; use tera::{Context};
use super::{ user_can_access_page, render_unauthorized}; use super::{ user_can_access_page, render_unauthorized};
pub async fn delete<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait>( pub async fn delete<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
session: Session, session: Session,
_req: HttpRequest, _req: HttpRequest,
data: web::Data<T>, data: web::Data<T>,
@ -13,7 +13,11 @@ pub async fn delete<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + Act
id: web::Path<i32> id: web::Path<i32>
) -> Result<HttpResponse, Error> { ) -> Result<HttpResponse, Error> {
let actix_admin = data.get_actix_admin(); let actix_admin = data.get_actix_admin();
if !user_can_access_page::<E>(&session, actix_admin) { let entity_name = E::get_entity_name();
let view_model = actix_admin.view_models.get(&entity_name).unwrap();
if !user_can_access_page(&session, actix_admin, view_model) {
let mut ctx = Context::new(); let mut ctx = Context::new();
ctx.insert("render_partial", &true); ctx.insert("render_partial", &true);
return render_unauthorized(&ctx); return render_unauthorized(&ctx);
@ -26,14 +30,18 @@ pub async fn delete<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + Act
.finish()) .finish())
} }
pub async fn delete_many<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait>( pub async fn delete_many<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
session: Session, session: Session,
_req: HttpRequest, _req: HttpRequest,
data: web::Data<T>, data: web::Data<T>,
text: String, text: String,
) -> Result<HttpResponse, Error> { ) -> Result<HttpResponse, Error> {
let actix_admin = data.get_actix_admin(); let actix_admin = data.get_actix_admin();
if !user_can_access_page::<E>(&session, actix_admin) { let entity_name = E::get_entity_name();
let view_model = actix_admin.view_models.get(&entity_name).unwrap();
if !user_can_access_page(&session, actix_admin, view_model) {
let mut ctx = Context::new(); let mut ctx = Context::new();
ctx.insert("render_partial", &true); ctx.insert("render_partial", &true);
return render_unauthorized(&ctx); return render_unauthorized(&ctx);

13
src/routes/helpers.rs
View File

@ -17,16 +17,15 @@ pub fn add_auth_context(session: &Session, actix_admin: &ActixAdmin, ctx: &mut C
} }
} }
pub fn user_can_access_page<E: ActixAdminViewModelAccessTrait>(session: &Session, actix_admin: &ActixAdmin) -> bool { pub fn user_can_access_page(session: &Session, actix_admin: &ActixAdmin, view_model: &ActixAdminViewModel) -> bool {
let auth_is_enabled = &actix_admin.configuration.enable_auth; let auth_is_enabled = &actix_admin.configuration.enable_auth;
let user_is_logged_in = &actix_admin.configuration.user_is_logged_in; let user_is_logged_in = &actix_admin.configuration.user_is_logged_in;
let user_can_access_viewmodel = E::user_can_access(session); let user_can_access_view_model = &view_model.user_can_access;
match (auth_is_enabled, user_can_access_viewmodel, user_is_logged_in) { match (auth_is_enabled, user_is_logged_in, user_can_access_view_model) {
(true, true, Some(auth_func)) => auth_func(session), (true, Some(auth_func), Some(view_model_access_func)) => auth_func(session) && view_model_access_func(session),
(true, false, _) => false, (true, Some(auth_func), _) => auth_func(session),
(true, _, None) => false, (_, _, _) => !auth_is_enabled,
(false, _, _) => true
} }
} }

13
src/routes/list.rs
View File

@ -1,7 +1,6 @@
use actix_web::{error, web, Error, HttpRequest, HttpResponse}; use actix_web::{error, web, Error, HttpRequest, HttpResponse};
use serde::{Deserialize}; use serde::{Deserialize};
use tera::{Context}; use tera::{Context};
use crate::prelude::*; use crate::prelude::*;
use crate::ActixAdminViewModelTrait; use crate::ActixAdminViewModelTrait;
@ -21,24 +20,24 @@ pub struct Params {
search: Option<String> search: Option<String>
} }
pub async fn list<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + ActixAdminViewModelAccessTrait>( pub async fn list<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
session: Session, session: Session,
req: HttpRequest, req: HttpRequest,
data: web::Data<T>, data: web::Data<T>,
) -> Result<HttpResponse, Error> { ) -> Result<HttpResponse, Error> {
let actix_admin = data.get_actix_admin(); let actix_admin = data.get_actix_admin();
let entity_name = E::get_entity_name();
let view_model: &ActixAdminViewModel = actix_admin.view_models.get(&entity_name).unwrap();
let mut ctx = Context::new(); let mut ctx = Context::new();
add_auth_context(&session, actix_admin, &mut ctx); add_auth_context(&session, actix_admin, &mut ctx);
ctx.insert("entity_names", &actix_admin.entity_names); ctx.insert("entity_names", &actix_admin.entity_names);
if !user_can_access_page::<E>(&session, actix_admin) { if !user_can_access_page(&session, actix_admin, view_model) {
return render_unauthorized(&ctx); return render_unauthorized(&ctx);
} }
let entity_name = E::get_entity_name();
let view_model: &ActixAdminViewModel = actix_admin.view_models.get(&entity_name).unwrap();
let params = web::Query::<Params>::from_query(req.query_string()).unwrap(); let params = web::Query::<Params>::from_query(req.query_string()).unwrap();
let page = params.page.unwrap_or(1); let page = params.page.unwrap_or(1);
@ -60,7 +59,7 @@ pub async fn list<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait + Actix
ctx.insert("entities_per_page", &entities_per_page); ctx.insert("entities_per_page", &entities_per_page);
ctx.insert("render_partial", &render_partial); ctx.insert("render_partial", &render_partial);
ctx.insert("num_pages", &num_pages); ctx.insert("num_pages", &num_pages);
ctx.insert("view_model", &view_model); ctx.insert("view_model", &ActixAdminViewModelSerializable::from(view_model.clone()));
ctx.insert("search", &search); ctx.insert("search", &search);
let body = TERA let body = TERA

25
src/view_model.rs
View File

@ -4,6 +4,7 @@ use serde::{Serialize, Deserialize};
use std::collections::HashMap; use std::collections::HashMap;
use crate::ActixAdminModel; use crate::ActixAdminModel;
use actix_session::{Session}; use actix_session::{Session};
use std::convert::From;
#[async_trait(?Send)] #[async_trait(?Send)]
pub trait ActixAdminViewModelTrait { pub trait ActixAdminViewModelTrait {
@ -28,18 +29,36 @@ pub trait ActixAdminViewModelTrait {
} }
} }
pub trait ActixAdminViewModelAccessTrait { #[derive(Clone)]
fn user_can_access(session: &Session) -> bool; pub struct ActixAdminViewModel {
pub entity_name: String,
pub primary_key: String,
pub fields: Vec<ActixAdminViewModelField>,
pub show_search: bool,
pub user_can_access: Option<fn(&Session) -> bool>
} }
#[derive(Clone, Debug, Serialize)] #[derive(Clone, Debug, Serialize)]
pub struct ActixAdminViewModel { pub struct ActixAdminViewModelSerializable {
pub entity_name: String, pub entity_name: String,
pub primary_key: String, pub primary_key: String,
pub fields: Vec<ActixAdminViewModelField>, pub fields: Vec<ActixAdminViewModelField>,
pub show_search: bool pub show_search: bool
} }
// TODO: better alternative to serialize only specific fields for ActixAdminViewModel
impl From<ActixAdminViewModel> for ActixAdminViewModelSerializable {
fn from(entity: ActixAdminViewModel) -> Self {
ActixAdminViewModelSerializable {
entity_name: entity.entity_name,
primary_key: entity.primary_key,
fields: entity.fields,
show_search: entity.show_search
}
}
}
#[derive(Clone, Debug, Serialize, Deserialize)] #[derive(Clone, Debug, Serialize, Deserialize)]
pub enum ActixAdminViewModelFieldType { pub enum ActixAdminViewModelFieldType {
Number, Number,