Collections (#688)

* initial draft; unfinished * images, fixes * fixes * println * revisions * fixes * alternate context setup version * rev * partial revs * rev * clippy ,fmt * fmt/clippy/prepare * fixes * revs
2023-09-13 22:22:32 -07:00
parent 35cd277fcf
commit 9bd2cb3c7e
30 changed files with 2579 additions and 24 deletions
--- a/src/auth/checks.rs
+++ b/src/auth/checks.rs
@@ -1,6 +1,7 @@
 use crate::database;
 use crate::database::models::project_item::QueryProject;
 use crate::database::models::version_item::QueryVersion;
+use crate::database::models::Collection;
 use crate::database::{models, Project, Version};
 use crate::models::users::User;
 use crate::routes::ApiError;
@@ -192,3 +193,76 @@ pub async fn filter_authorized_versions(

    Ok(return_versions)
 }
+
+pub async fn is_authorized_collection(
+    collection_data: &Collection,
+    user_option: &Option<User>,
+) -> Result<bool, ApiError> {
+    let mut authorized = !collection_data.status.is_hidden();
+
+    if let Some(user) = &user_option {
+        if !authorized && (user.role.is_mod() || user.id == collection_data.user_id.into()) {
+            authorized = true;
+        }
+    }
+
+    Ok(authorized)
+}
+
+pub async fn filter_authorized_collections(
+    collections: Vec<Collection>,
+    user_option: &Option<User>,
+    pool: &web::Data<PgPool>,
+) -> Result<Vec<crate::models::collections::Collection>, ApiError> {
+    let mut return_collections = Vec::new();
+    let mut check_collections = Vec::new();
+
+    for collection in collections {
+        if !collection.status.is_hidden()
+            || user_option
+                .as_ref()
+                .map(|x| x.role.is_mod())
+                .unwrap_or(false)
+        {
+            return_collections.push(collection.into());
+        } else if user_option.is_some() {
+            check_collections.push(collection);
+        }
+    }
+
+    if !check_collections.is_empty() {
+        if let Some(user) = user_option {
+            let user_id: models::ids::UserId = user.id.into();
+
+            use futures::TryStreamExt;
+
+            sqlx::query!(
+                "
+                SELECT c.id id, c.user_id user_id FROM collections c
+                WHERE c.user_id = $2 AND c.id = ANY($1)
+                ",
+                &check_collections.iter().map(|x| x.id.0).collect::<Vec<_>>(),
+                user_id as database::models::ids::UserId,
+            )
+            .fetch_many(&***pool)
+            .try_for_each(|e| {
+                if let Some(row) = e.right() {
+                    check_collections.retain(|x| {
+                        let bool = x.id.0 == row.id && x.user_id.0 == row.user_id;
+
+                        if bool {
+                            return_collections.push(x.clone().into());
+                        }
+
+                        !bool
+                    });
+                }
+
+                futures::future::ready(Ok(()))
+            })
+            .await?;
+        }
+    }
+
+    Ok(return_collections)
+}
--- a/src/auth/validate.rs
+++ b/src/auth/validate.rs
@@ -24,7 +24,6 @@ where
        get_user_record_from_bearer_token(req, None, executor, redis, session_queue)
            .await?
            .ok_or_else(|| AuthenticationError::InvalidCredentials)?;
-
    let mut auth_providers = Vec::new();
    if db_user.github_id.is_some() {
        auth_providers.push(AuthProvider::GitHub)