From f31167dd9536fc9df88db93f0420443991d8f8ba Mon Sep 17 00:00:00 2001 From: Greg Burri Date: Thu, 1 May 2025 20:56:20 +0200 Subject: [PATCH] Factorize RON error response for not authorized content --- backend/src/ron_utils.rs | 11 ++++++- backend/src/services/ron/rights.rs | 47 +++++++----------------------- 2 files changed, 20 insertions(+), 38 deletions(-) diff --git a/backend/src/ron_utils.rs b/backend/src/ron_utils.rs index 40403a4..bd1999d 100644 --- a/backend/src/ron_utils.rs +++ b/backend/src/ron_utils.rs @@ -1,12 +1,14 @@ use axum::{ body::Bytes, http::{HeaderValue, StatusCode, header}, - response::{IntoResponse, Response}, + response::{ErrorResponse, IntoResponse, Response}, }; use common::ron_api; use ron::de::from_bytes; use serde::{Serialize, de::DeserializeOwned}; +use crate::consts; + pub const RON_CONTENT_TYPE: HeaderValue = HeaderValue::from_static("application/ron"); #[derive(Debug, Serialize, Clone)] @@ -42,6 +44,13 @@ pub fn ron_error(status: StatusCode, message: &str) -> impl IntoResponse { ) } +pub fn ron_error_not_autorized() -> ErrorResponse { + ErrorResponse::from(ron_error( + StatusCode::UNAUTHORIZED, + consts::NOT_AUTHORIZED_MESSAGE, + )) +} + pub fn ron_response_ok(ron: T) -> impl IntoResponse where T: Serialize, diff --git a/backend/src/services/ron/rights.rs b/backend/src/services/ron/rights.rs index 30c58a6..a0b0cec 100644 --- a/backend/src/services/ron/rights.rs +++ b/backend/src/services/ron/rights.rs @@ -1,9 +1,6 @@ -use axum::{ - http::StatusCode, - response::{ErrorResponse, Result}, -}; +use axum::response::Result; -use crate::{consts, data::db, data::model, ron_utils::ron_error}; +use crate::{data::db, data::model, ron_utils::ron_error_not_autorized}; pub async fn check_user_rights_recipe( connection: &db::Connection, @@ -12,10 +9,7 @@ pub async fn check_user_rights_recipe( ) -> Result<()> { match user { Some(user) if connection.can_edit_recipe(user.id, recipe_id).await? => Ok(()), - _ => Err(ErrorResponse::from(ron_error( - StatusCode::UNAUTHORIZED, - consts::NOT_AUTHORIZED_MESSAGE, - ))), + _ => Err(ron_error_not_autorized()), } } @@ -26,10 +20,7 @@ pub async fn check_user_rights_recipe_group( ) -> Result<()> { match user { Some(user) if connection.can_edit_recipe_group(user.id, group_id).await? => Ok(()), - _ => Err(ErrorResponse::from(ron_error( - StatusCode::UNAUTHORIZED, - consts::NOT_AUTHORIZED_MESSAGE, - ))), + _ => Err(ron_error_not_autorized()), } } @@ -46,10 +37,7 @@ pub async fn check_user_rights_recipe_groups( { Ok(()) } - _ => Err(ErrorResponse::from(ron_error( - StatusCode::UNAUTHORIZED, - consts::NOT_AUTHORIZED_MESSAGE, - ))), + _ => Err(ron_error_not_autorized()), } } @@ -60,10 +48,7 @@ pub async fn check_user_rights_recipe_step( ) -> Result<()> { match user { Some(user) if connection.can_edit_recipe_step(user.id, step_id).await? => Ok(()), - _ => Err(ErrorResponse::from(ron_error( - StatusCode::UNAUTHORIZED, - consts::NOT_AUTHORIZED_MESSAGE, - ))), + _ => Err(ron_error_not_autorized()), } } @@ -80,10 +65,7 @@ pub async fn check_user_rights_recipe_steps( { Ok(()) } - _ => Err(ErrorResponse::from(ron_error( - StatusCode::UNAUTHORIZED, - consts::NOT_AUTHORIZED_MESSAGE, - ))), + _ => Err(ron_error_not_autorized()), } } @@ -100,10 +82,7 @@ pub async fn check_user_rights_recipe_ingredient( { Ok(()) } - _ => Err(ErrorResponse::from(ron_error( - StatusCode::UNAUTHORIZED, - consts::NOT_AUTHORIZED_MESSAGE, - ))), + _ => Err(ron_error_not_autorized()), } } @@ -120,10 +99,7 @@ pub async fn check_user_rights_recipe_ingredients( { Ok(()) } - _ => Err(ErrorResponse::from(ron_error( - StatusCode::UNAUTHORIZED, - consts::NOT_AUTHORIZED_MESSAGE, - ))), + _ => Err(ron_error_not_autorized()), } } @@ -140,9 +116,6 @@ pub async fn check_user_rights_shopping_list_entry( { Ok(()) } - _ => Err(ErrorResponse::from(ron_error( - StatusCode::UNAUTHORIZED, - consts::NOT_AUTHORIZED_MESSAGE, - ))), + _ => Err(ron_error_not_autorized()), } }