Groups can now be ordered (via drag and drop)

2025-01-10 22:38:34 +01:00 · 2025-01-10 22:38:34 +01:00 · 975d1ceee2
commit 975d1ceee2
parent 16c484c2d1
14 changed files with 461 additions and 54 deletions
--- a/backend/src/services/ron.rs
+++ b/backend/src/services/ron.rs
@ -104,6 +104,25 @@ async fn check_user_rights_recipe_group(
    }
 }

+async fn check_user_rights_recipe_groups(
+    connection: &db::Connection,
+    user: &Option<model::User>,
+    group_ids: &[i64],
+) -> Result<()> {
+    if user.is_none()
+        || !connection
+            .can_edit_recipe_all_groups(user.as_ref().unwrap().id, group_ids)
+            .await?
+    {
+        Err(ErrorResponse::from(ron_error(
+            StatusCode::UNAUTHORIZED,
+            NOT_AUTHORIZED_MESSAGE,
+        )))
+    } else {
+        Ok(())
+    }
+}
+
 async fn check_user_rights_recipe_step(
    connection: &db::Connection,
    user: &Option<model::User>,
@ -396,6 +415,17 @@ pub async fn set_group_comment(
    Ok(StatusCode::OK)
 }

+#[debug_handler]
+pub async fn set_group_orders(
+    State(connection): State<db::Connection>,
+    Extension(user): Extension<Option<model::User>>,
+    ExtractRon(ron): ExtractRon<common::ron_api::SetGroupOrders>,
+) -> Result<impl IntoResponse> {
+    check_user_rights_recipe_groups(&connection, &user, &ron.group_ids).await?;
+    connection.set_groups_order(&ron.group_ids).await?;
+    Ok(StatusCode::OK)
+}
+
 #[debug_handler]
 pub async fn add_step(
    State(connection): State<db::Connection>,
--- a/backend/src/services/user.rs
+++ b/backend/src/services/user.rs
@ -463,19 +463,34 @@ pub async fn ask_reset_password_post(

 #[debug_handler]
 pub async fn reset_password_get(
+    State(connection): State<db::Connection>,
    Extension(user): Extension<Option<model::User>>,
    Extension(tr): Extension<translation::Tr>,
    Query(query): Query<HashMap<String, String>>,
 ) -> Result<Response> {
    if let Some(reset_token) = query.get("reset_token") {
-        Ok(ResetPasswordTemplate {
-            user,
-            tr,
-            reset_token,
-            message: "",
-            message_password: "",
+        // Check if the token is valid.
+        if connection
+            .is_reset_password_token_valid(
+                reset_token,
+                Duration::seconds(consts::VALIDATION_PASSWORD_RESET_TOKEN_DURATION),
+            )
+            .await?
+        {
+            Ok(ResetPasswordTemplate {
+                user,
+                tr,
+                reset_token,
+                message: "",
+                message_password: "",
+            }
+            .into_response())
+        } else {
+            Ok(
+                MessageTemplate::new_with_user(tr.t(Sentence::AskResetTokenMissing), tr, user)
+                    .into_response(),
+            )
        }
-        .into_response())
    } else {
        Ok(
            MessageTemplate::new_with_user(tr.t(Sentence::AskResetTokenMissing), tr, user)