129 lines
3.2 KiB
Rust
129 lines
3.2 KiB
Rust
use actix_web::{post, web::Data, HttpRequest, HttpResponse};
|
|
use enumflags2::BitFlags;
|
|
use serde::Deserialize;
|
|
|
|
use crate::{
|
|
ctx::Ctx, db::models::Account, error::NekrochanError, perms::Permissions, qsform::QsForm,
|
|
web::tcx::account_from_auth,
|
|
};
|
|
|
|
#[derive(Deserialize)]
|
|
pub struct UpdatePermissionsForm {
|
|
account: String,
|
|
edit_posts: Option<String>,
|
|
manage_posts: Option<String>,
|
|
capcodes: Option<String>,
|
|
custom_capcodes: Option<String>,
|
|
staff_log: Option<String>,
|
|
reports: Option<String>,
|
|
bans: Option<String>,
|
|
banners: Option<String>,
|
|
board_config: Option<String>,
|
|
news: Option<String>,
|
|
jannytext: Option<String>,
|
|
view_ips: Option<String>,
|
|
bypass_bans: Option<String>,
|
|
bypass_board_lock: Option<String>,
|
|
bypass_thread_lock: Option<String>,
|
|
bypass_captcha: Option<String>,
|
|
bypass_antispam: Option<String>,
|
|
}
|
|
|
|
#[post("/staff/actions/update-permissions")]
|
|
pub async fn update_permissions(
|
|
ctx: Data<Ctx>,
|
|
req: HttpRequest,
|
|
QsForm(form): QsForm<UpdatePermissionsForm>,
|
|
) -> Result<HttpResponse, NekrochanError> {
|
|
let account = account_from_auth(&ctx, &req).await?;
|
|
|
|
if !account.perms().owner() {
|
|
return Err(NekrochanError::InsufficientPermissionError);
|
|
}
|
|
|
|
let updated_account = form.account;
|
|
let updated_account = Account::read(&ctx, updated_account.clone())
|
|
.await?
|
|
.ok_or(NekrochanError::AccountNotFound(updated_account))?;
|
|
|
|
let mut permissions = BitFlags::empty();
|
|
|
|
if form.edit_posts.is_some() {
|
|
permissions |= Permissions::EditPosts;
|
|
}
|
|
|
|
if form.manage_posts.is_some() {
|
|
permissions |= Permissions::ManagePosts;
|
|
}
|
|
|
|
if form.capcodes.is_some() {
|
|
permissions |= Permissions::Capcodes;
|
|
}
|
|
|
|
if form.custom_capcodes.is_some() {
|
|
permissions |= Permissions::CustomCapcodes;
|
|
}
|
|
|
|
if form.staff_log.is_some() {
|
|
permissions |= Permissions::StaffLog;
|
|
}
|
|
|
|
if form.reports.is_some() {
|
|
permissions |= Permissions::Reports;
|
|
}
|
|
|
|
if form.bans.is_some() {
|
|
permissions |= Permissions::Bans;
|
|
}
|
|
|
|
if form.banners.is_some() {
|
|
permissions |= Permissions::BoardBanners;
|
|
}
|
|
|
|
if form.board_config.is_some() {
|
|
permissions |= Permissions::BoardConfig;
|
|
}
|
|
|
|
if form.news.is_some() {
|
|
permissions |= Permissions::News;
|
|
}
|
|
|
|
if form.jannytext.is_some() {
|
|
permissions |= Permissions::Jannytext;
|
|
}
|
|
|
|
if form.view_ips.is_some() {
|
|
permissions |= Permissions::ViewIPs;
|
|
}
|
|
|
|
if form.bypass_bans.is_some() {
|
|
permissions |= Permissions::BypassBans;
|
|
}
|
|
|
|
if form.bypass_board_lock.is_some() {
|
|
permissions |= Permissions::BypassBoardLock;
|
|
}
|
|
|
|
if form.bypass_thread_lock.is_some() {
|
|
permissions |= Permissions::BypassThreadLock;
|
|
}
|
|
|
|
if form.bypass_captcha.is_some() {
|
|
permissions |= Permissions::BypassCaptcha;
|
|
}
|
|
|
|
if form.bypass_antispam.is_some() {
|
|
permissions |= Permissions::BypassAntispam;
|
|
}
|
|
|
|
updated_account
|
|
.update_permissions(&ctx, permissions.bits())
|
|
.await?;
|
|
|
|
let res = HttpResponse::SeeOther()
|
|
.append_header(("Location", "/staff/accounts"))
|
|
.finish();
|
|
|
|
Ok(res)
|
|
}
|