use actix_web::{web, Responder}; use askama::Template; use sqlx::PgPool; use crate::utils::{ApplicationError, TemplateResponse}; use brass_db::models::{Role, User, Vehicle}; #[derive(Template)] #[cfg_attr(not(test), template(path = "vehicles/overview.html"))] #[cfg_attr( test, template(path = "vehicles/overview.html", block = "content"), allow(dead_code) )] pub struct VehiclesOverviewTemplate { user: User, vehicles: Vec, } #[actix_web::get("/vehicles")] pub async fn get( user: web::ReqData, pool: web::Data, ) -> Result { if user.role != Role::Admin && user.role != Role::AreaManager { return Err(ApplicationError::Unauthorized); } let vehicles = Vehicle::read_all(pool.get_ref()).await?; let template = VehiclesOverviewTemplate { user: user.into_inner(), vehicles, }; Ok(template.to_response()?) } #[cfg(test)] mod tests { use crate::utils::test_helper::{ assert_snapshot, read_body, test_get, DbTestContext, RequestConfig, StatusCode, }; use brass_db::models::{Role, Vehicle}; use brass_macros::db_test; #[db_test] async fn user_cant_view_overview(context: &DbTestContext) { let app = context.app().await; let config = RequestConfig::new("/vehicles"); let response = test_get(&context.db_pool, &app, &config).await; assert_eq!(StatusCode::UNAUTHORIZED, response.status()); } #[db_test] async fn area_manager_can_view_overview(context: &DbTestContext) { let app = context.app().await; let config = RequestConfig::new("/vehicles").with_role(Role::AreaManager); let response = test_get(&context.db_pool, &app, &config).await; assert_eq!(StatusCode::OK, response.status()); } #[db_test] async fn produces_template_fine_when_user_is_admin(context: &DbTestContext) { let app = context.app().await; Vehicle::create(&context.db_pool, "11.49.1", "FF Leipzig Ost") .await .unwrap(); let config = RequestConfig::new("/vehicles").with_role(Role::Admin); let response = test_get(&context.db_pool, &app, &config).await; assert_eq!(StatusCode::OK, response.status()); let body = read_body(response).await; assert_snapshot!(body); } }