add: update user secondary role api

2025-06-23 19:49:52 -04:00 · 2025-06-23 19:49:52 -04:00 · 0ae64de989
commit 0ae64de989
parent 9528d71b2a
3 changed files with 113 additions and 67 deletions
--- a/crates/app/src/routes/api/v1/auth/profile.rs
+++ b/crates/app/src/routes/api/v1/auth/profile.rs
@ -3,8 +3,8 @@ use crate::{
    get_user_from_token,
    model::{ApiReturn, Error},
    routes::api::v1::{
-        AppendAssociations, DeleteUser, DisableTotp, RefreshGrantToken, UpdateUserIsVerified,
-        UpdateUserPassword, UpdateUserRole, UpdateUserUsername,
+        AppendAssociations, DeleteUser, DisableTotp, RefreshGrantToken, UpdateSecondaryUserRole,
+        UpdateUserIsVerified, UpdateUserPassword, UpdateUserRole, UpdateUserUsername,
    },
    State,
 };
@ -359,6 +359,34 @@ pub async fn update_user_role_request(
    }
 }

+/// Update the role of the given user.
+///
+/// Does not support third-party grants.
+pub async fn update_user_secondary_role_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(req): Json<UpdateSecondaryUserRole>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data
+        .update_user_secondary_role(id, req.role, user, false)
+        .await
+    {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "User updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
 /// Update the current user's last seen value.
 pub async fn seen_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
    let data = &(data.read().await).0;
--- a/crates/app/src/routes/api/v1/mod.rs
+++ b/crates/app/src/routes/api/v1/mod.rs
@ -26,7 +26,7 @@ use tetratto_core::model::{
    communities_permissions::CommunityPermission,
    journals::JournalPrivacyPermission,
    oauth::AppScope,
-    permissions::FinePermission,
+    permissions::{FinePermission, SecondaryPermission},
    reactions::AssetType,
    stacks::{StackMode, StackPrivacy, StackSort},
 };
@ -296,6 +296,10 @@ pub fn routes() -> Router {
            "/auth/user/{id}/role",
            post(auth::profile::update_user_role_request),
        )
+        .route(
+            "/auth/user/{id}/role/2",
+            post(auth::profile::update_user_secondary_role_request),
+        )
        .route(
            "/auth/user/{id}",
            delete(auth::profile::delete_user_request),
@ -738,6 +742,11 @@ pub struct UpdateUserRole {
    pub role: FinePermission,
 }

+#[derive(Deserialize)]
+pub struct UpdateSecondaryUserRole {
+    pub role: SecondaryPermission,
+}
+
 #[derive(Deserialize)]
 pub struct DeleteUser {
    pub password: String,