add: update user secondary role api

2025-06-23 19:49:52 -04:00 · 2025-06-23 19:49:52 -04:00 · 0ae64de989
commit 0ae64de989
parent 9528d71b2a
3 changed files with 113 additions and 67 deletions
--- a/crates/app/src/routes/api/v1/auth/profile.rs
+++ b/crates/app/src/routes/api/v1/auth/profile.rs
@ -3,8 +3,8 @@ use crate::{
    get_user_from_token,
    model::{ApiReturn, Error},
    routes::api::v1::{
-        AppendAssociations, DeleteUser, DisableTotp, RefreshGrantToken, UpdateUserIsVerified,
-        UpdateUserPassword, UpdateUserRole, UpdateUserUsername,
+        AppendAssociations, DeleteUser, DisableTotp, RefreshGrantToken, UpdateSecondaryUserRole,
+        UpdateUserIsVerified, UpdateUserPassword, UpdateUserRole, UpdateUserUsername,
    },
    State,
 };
@ -359,6 +359,34 @@ pub async fn update_user_role_request(
    }
 }

+/// Update the role of the given user.
+///
+/// Does not support third-party grants.
+pub async fn update_user_secondary_role_request(
+    jar: CookieJar,
+    Path(id): Path<usize>,
+    Extension(data): Extension<State>,
+    Json(req): Json<UpdateSecondaryUserRole>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data
+        .update_user_secondary_role(id, req.role, user, false)
+        .await
+    {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "User updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
 /// Update the current user's last seen value.
 pub async fn seen_request(jar: CookieJar, Extension(data): Extension<State>) -> impl IntoResponse {
    let data = &(data.read().await).0;