aboutsummaryrefslogtreecommitdiffstats
path: root/rust/src
diff options
context:
space:
mode:
Diffstat (limited to 'rust/src')
-rw-r--r--rust/src/api_server.rs6
-rw-r--r--rust/src/api_wrappers.rs13
-rw-r--r--rust/src/bin/fatcatd.rs7
-rw-r--r--rust/src/database_models.rs2
-rw-r--r--rust/src/lib.rs3
5 files changed, 24 insertions, 7 deletions
diff --git a/rust/src/api_server.rs b/rust/src/api_server.rs
index 853f7bc2..be9f1883 100644
--- a/rust/src/api_server.rs
+++ b/rust/src/api_server.rs
@@ -384,7 +384,7 @@ impl Server {
) -> Result<Editgroup> {
let row: EditgroupRow = insert_into(editgroup::table)
.values((
- editgroup::editor_id.eq(FatCatId::from_str(&entity.editor_id)?.to_uuid()),
+ editgroup::editor_id.eq(FatCatId::from_str(&entity.editor_id.unwrap())?.to_uuid()),
editgroup::description.eq(entity.description),
editgroup::extra_json.eq(entity.extra),
))
@@ -392,7 +392,7 @@ impl Server {
Ok(Editgroup {
editgroup_id: Some(uuid2fcid(&row.id)),
- editor_id: uuid2fcid(&row.editor_id),
+ editor_id: Some(uuid2fcid(&row.editor_id)),
description: row.description,
edits: None,
extra: row.extra_json,
@@ -467,7 +467,7 @@ impl Server {
let eg = Editgroup {
editgroup_id: Some(uuid2fcid(&row.id)),
- editor_id: uuid2fcid(&row.editor_id),
+ editor_id: Some(uuid2fcid(&row.editor_id)),
description: row.description,
edits: Some(edits),
extra: row.extra_json,
diff --git a/rust/src/api_wrappers.rs b/rust/src/api_wrappers.rs
index ae070e02..3dec1c26 100644
--- a/rust/src/api_wrappers.rs
+++ b/rust/src/api_wrappers.rs
@@ -988,6 +988,19 @@ impl Api for Server {
.auth_confectionary
.require_auth(&conn, &context.auth_data)?;
auth_context.require_role(FatcatRole::Editor)?;
+ let mut entity = entity.clone();
+ match entity.editor_id.clone() {
+ Some(editor_id) => {
+ if !auth_context.has_role(FatcatRole::Admin) {
+ if editor_id != auth_context.editor_id.to_string() {
+ bail!("not authorized to create editgroups in others' names");
+ }
+ }
+ },
+ None => {
+ entity.editor_id = Some(auth_context.editor_id.to_string());
+ }
+ };
self.create_editgroup_handler(entity, &conn)
}) {
Ok(eg) => CreateEditgroupResponse::SuccessfullyCreated(eg),
diff --git a/rust/src/bin/fatcatd.rs b/rust/src/bin/fatcatd.rs
index 04f88948..682f5038 100644
--- a/rust/src/bin/fatcatd.rs
+++ b/rust/src/bin/fatcatd.rs
@@ -45,7 +45,12 @@ fn main() {
);
info!(
logger,
- "all auth keys: {:?}", server.auth_confectionary.root_keys.keys().collect::<Vec<&String>>(),
+ "all auth keys: {:?}",
+ server
+ .auth_confectionary
+ .root_keys
+ .keys()
+ .collect::<Vec<&String>>(),
);
let mut router = fatcat_api_spec::router(server);
diff --git a/rust/src/database_models.rs b/rust/src/database_models.rs
index f6cca3e1..7a65f901 100644
--- a/rust/src/database_models.rs
+++ b/rust/src/database_models.rs
@@ -564,7 +564,7 @@ impl EditgroupRow {
pub fn into_model_partial(self) -> Editgroup {
Editgroup {
editgroup_id: Some(uuid2fcid(&self.id)),
- editor_id: uuid2fcid(&self.editor_id),
+ editor_id: Some(uuid2fcid(&self.editor_id)),
description: self.description,
extra: self.extra_json,
edits: None,
diff --git a/rust/src/lib.rs b/rust/src/lib.rs
index 7d00641a..b3e6c813 100644
--- a/rust/src/lib.rs
+++ b/rust/src/lib.rs
@@ -134,9 +134,8 @@ pub fn env_confectionary() -> Result<AuthConfectionary> {
}
info!("Loading alt auth key: {}", pair[0]);
confectionary.add_keypair(pair[0].to_string(), pair[1].to_string())?;
-
}
- },
+ }
Err(_) => (),
}
Ok(confectionary)