Fix error messages, auth routes, and remove category unique constraint (#293)

* Fix error messages, auth routes, and remove category unique constraint * Run prepare * Remove debug secrets * Fix team member editing
2022-02-10 10:56:45 -07:00
parent eb4375258e
commit e576a58ead
8 changed files with 37 additions and 31 deletions
--- a/src/routes/auth.rs
+++ b/src/routes/auth.rs
@@ -8,13 +8,12 @@ use actix_web::http::StatusCode;
 use actix_web::web::{scope, Data, Query, ServiceConfig};
 use actix_web::{get, HttpResponse};
 use chrono::Utc;
-use log::info;
 use serde::{Deserialize, Serialize};
 use sqlx::postgres::PgPool;
 use thiserror::Error;

 pub fn config(cfg: &mut ServiceConfig) {
-    cfg.service(scope("/auth/").service(auth_callback).service(init));
+    cfg.service(scope("auth").service(auth_callback).service(init));
 }

 #[derive(Error, Debug)]
@@ -177,7 +176,7 @@ pub async fn auth_callback(

        let user_result = User::get_from_github_id(user.id, &mut *transaction).await?;
        match user_result {
-            Some(x) => info!("{:?}", x.id),
+            Some(_) => {}
            None => {
                let user_id = crate::database::models::generate_user_id(&mut transaction).await?;

--- a/src/routes/index.rs
+++ b/src/routes/index.rs
@@ -1,7 +1,7 @@
 use actix_web::{get, HttpResponse};
 use serde_json::json;

-#[get("/")]
+#[get("")]
 pub async fn index_get() -> HttpResponse {
    let data = json!({
        "name": "modrinth-labrinth",
--- a/src/routes/teams.rs
+++ b/src/routes/teams.rs
@@ -280,10 +280,17 @@ pub async fn edit_team_member(
                "You don't have permission to edit members of this team".to_string(),
            )
        })?;
+    let edit_member_db = TeamMember::get_from_user_id(id, user_id, &**pool)
+        .await?
+        .ok_or_else(|| {
+            ApiError::CustomAuthenticationError(
+                "You don't have permission to edit members of this team".to_string(),
+            )
+        })?;

    let mut transaction = pool.begin().await?;

-    if &*member.role == crate::models::teams::OWNER_ROLE {
+    if &*edit_member_db.role == crate::models::teams::OWNER_ROLE {
        return Err(ApiError::InvalidInputError(
            "The owner of a team cannot be edited".to_string(),
        ));