Schwarztee/brass
1
0
Fork 0
Code Issues 19 Pull Requests Packages Projects 1 Releases Wiki Activity

feat: area manager can create vehicle

Browse Source 
refs #21
This commit is contained in:
Max Hohlfeld 2025-04-28 22:27:06 +02:00
parent e1b5d593f5
commit 8e535c9e6b
3 changed files with 175 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
web/snapshots/brass_web__endpoints__vehicle__get_new__tests__inner_produces_template_fine_when_user_is_admin.snap Normal file
View File

@ -0,0 +1,62 @@
---
source: web/src/endpoints/vehicle/get_new.rs
expression: body
snapshot_kind: text
---
<section class="section">
<div class="container"><form method="post" action="/vehicles/new">
<h1 class="title">Neues Fahrzeug anlegen</h1>
<div class="field is-horizontal">
<div class="field-label">
<label class="label">Funkkenner</label>
</div>
<div class="field-body">
<div class="field">
<div class="control">
<input class="input" type="text" name="radio_call_name" required placeholder="11.49.1" />
</div>
</div>
</div>
</div>
<div class="field is-horizontal">
<div class="field-label">
<label class="label">Wache</label>
</div>
<div class="field-body">
<div class="field">
<div class="control">
<input class="input" type="text" name="station" required placeholder="FF Leipzig Ost" />
</div>
</div>
</div>
</div>
<div class="field is-horizontal">
<div class="field-label"></div>
<div class="field-body">
<div class="field is-grouped">
<div class="control">
<button class="button is-success">
<svg class="icon">
<use href="/static/feather-sprite.svg#check-circle" />
</svg>
<span>Erstellen</span>
</button>
</div>
<div class="control">
<a class="button is-link is-light" hx-boost="true" href="/vehicles">
<svg class="icon">
<use href="/static/feather-sprite.svg#arrow-left" />
</svg>
<span>Zurück</span>
</a>
</div>
</div>
</div>
</div>
</form>
</div>
</section>

56
web/src/endpoints/vehicle/get_new.rs
View File

@ -8,7 +8,7 @@ use crate::{
#[actix_web::get("/vehicles/new")] #[actix_web::get("/vehicles/new")]
pub async fn get(user: web::ReqData<User>) -> Result<impl Responder, ApplicationError> { pub async fn get(user: web::ReqData<User>) -> Result<impl Responder, ApplicationError> {
if user.role != Role::Admin { if user.role != Role::Admin && user.role != Role::AreaManager {
return Err(ApplicationError::Unauthorized); return Err(ApplicationError::Unauthorized);
} }
@ -19,3 +19,57 @@ pub async fn get(user: web::ReqData<User>) -> Result<impl Responder, Application
Ok(template.to_response()?) Ok(template.to_response()?)
} }
#[cfg(test)]
mod tests {
use crate::{
models::{Function, Role},
utils::test_helper::{
assert_snapshot, read_body, test_get, DbTestContext, RequestConfig, StatusCode,
},
};
use brass_macros::db_test;
#[db_test]
async fn returns_not_found_for_user(context: &DbTestContext) {
let app = context.app().await;
let config = RequestConfig::new("/vehicles/new");
let response = test_get(&context.db_pool, &app, &config).await;
assert_eq!(StatusCode::UNAUTHORIZED, response.status());
}
#[db_test]
async fn area_manager_can_edit(context: &DbTestContext) {
let app = context.app().await;
let config = RequestConfig {
uri: "/vehicles/new".to_string(),
role: Role::AreaManager,
function: vec![Function::Posten],
user_area: 1,
};
let response = test_get(&context.db_pool, &app, &config).await;
assert_eq!(StatusCode::OK, response.status());
}
#[db_test]
async fn produces_template_fine_when_user_is_admin(context: &DbTestContext) {
let app = context.app().await;
let config = RequestConfig {
uri: "/vehicles/new".to_string(),
role: Role::Admin,
function: vec![Function::Posten],
user_area: 1,
};
let response = test_get(&context.db_pool, &app, &config).await;
assert_eq!(StatusCode::OK, response.status());
let body = read_body(response).await;
assert_snapshot!(body);
}
}

59
web/src/endpoints/vehicle/post_new.rs
View File

@ -13,7 +13,7 @@ pub async fn post(
pool: web::Data<PgPool>, pool: web::Data<PgPool>,
form: web::Form<VehicleForm>, form: web::Form<VehicleForm>,
) -> Result<impl Responder, ApplicationError> { ) -> Result<impl Responder, ApplicationError> {
if user.role != Role::Admin { if user.role != Role::Admin && user.role != Role::AreaManager {
return Err(ApplicationError::Unauthorized); return Err(ApplicationError::Unauthorized);
} }
@ -24,3 +24,60 @@ pub async fn post(
.insert_header(("HX-LOCATION", "/vehicles")) .insert_header(("HX-LOCATION", "/vehicles"))
.finish()) .finish())
} }
#[cfg(test)]
mod tests {
use actix_http::StatusCode;
use brass_macros::db_test;
use crate::{
endpoints::vehicle::VehicleForm,
models::{Role, Vehicle},
utils::test_helper::{test_post, DbTestContext, RequestConfig},
};
#[db_test]
async fn creates_vehicle_when_user_is_admin(context: &DbTestContext) {
works_for_role(context, Role::Admin).await;
}
#[db_test]
async fn creates_vehicle_when_user_is_area_manager(context: &DbTestContext) {
works_for_role(context, Role::AreaManager).await;
}
async fn works_for_role(context: &DbTestContext, role: Role) {
let app = context.app().await;
let config = RequestConfig::new("/vehicles/new").with_role(role);
let request = VehicleForm {
station: "FF Leipzig Ost".to_string(),
radio_call_name: "11.49.1".to_string(),
};
let response = test_post(&context.db_pool, app, &config, request).await;
assert_eq!(StatusCode::FOUND, response.status());
let created_vehicle = Vehicle::read(&context.db_pool, 1).await.unwrap().unwrap();
assert_eq!("11.49.1".to_string(), created_vehicle.radio_call_name);
}
#[db_test]
async fn returns_unauthorized_when_user_is_staff(context: &DbTestContext) {
let app = context.app().await;
let config = RequestConfig::new("/vehicles/new");
let request = VehicleForm {
station: "FF Leipzig Ost".to_string(),
radio_call_name: "11.49.2".to_string(),
};
let response = test_post(&context.db_pool, app, &config, request).await;
assert_eq!(StatusCode::UNAUTHORIZED, response.status());
}
}