84 lines
2.4 KiB
Rust
84 lines
2.4 KiB
Rust
use actix_web::{http::header::LOCATION, web, HttpResponse, Responder};
|
|
use sqlx::PgPool;
|
|
|
|
use crate::{
|
|
endpoints::vehicle::VehicleForm,
|
|
models::{Role, User, Vehicle},
|
|
utils::ApplicationError,
|
|
};
|
|
|
|
#[actix_web::post("/vehicles/new")]
|
|
pub async fn post(
|
|
user: web::ReqData<User>,
|
|
pool: web::Data<PgPool>,
|
|
form: web::Form<VehicleForm>,
|
|
) -> Result<impl Responder, ApplicationError> {
|
|
if user.role != Role::Admin && user.role != Role::AreaManager {
|
|
return Err(ApplicationError::Unauthorized);
|
|
}
|
|
|
|
Vehicle::create(pool.get_ref(), &form.radio_call_name, &form.station).await?;
|
|
|
|
Ok(HttpResponse::Found()
|
|
.insert_header((LOCATION, "/vehicles"))
|
|
.insert_header(("HX-LOCATION", "/vehicles"))
|
|
.finish())
|
|
}
|
|
|
|
#[cfg(test)]
|
|
mod tests {
|
|
use actix_http::StatusCode;
|
|
use brass_macros::db_test;
|
|
|
|
use crate::{
|
|
endpoints::vehicle::VehicleForm,
|
|
models::{Role, Vehicle},
|
|
utils::test_helper::{test_post, DbTestContext, RequestConfig},
|
|
};
|
|
|
|
#[db_test]
|
|
async fn creates_vehicle_when_user_is_admin(context: &DbTestContext) {
|
|
works_for_role(context, Role::Admin).await;
|
|
}
|
|
|
|
#[db_test]
|
|
async fn creates_vehicle_when_user_is_area_manager(context: &DbTestContext) {
|
|
works_for_role(context, Role::AreaManager).await;
|
|
}
|
|
|
|
async fn works_for_role(context: &DbTestContext, role: Role) {
|
|
let app = context.app().await;
|
|
|
|
let config = RequestConfig::new("/vehicles/new").with_role(role);
|
|
|
|
let request = VehicleForm {
|
|
station: "FF Leipzig Ost".to_string(),
|
|
radio_call_name: "11.49.1".to_string(),
|
|
};
|
|
|
|
let response = test_post(&context.db_pool, app, &config, request).await;
|
|
|
|
assert_eq!(StatusCode::FOUND, response.status());
|
|
|
|
let created_vehicle = Vehicle::read(&context.db_pool, 1).await.unwrap().unwrap();
|
|
|
|
assert_eq!("11.49.1".to_string(), created_vehicle.radio_call_name);
|
|
}
|
|
|
|
#[db_test]
|
|
async fn returns_unauthorized_when_user_is_staff(context: &DbTestContext) {
|
|
let app = context.app().await;
|
|
|
|
let config = RequestConfig::new("/vehicles/new");
|
|
|
|
let request = VehicleForm {
|
|
station: "FF Leipzig Ost".to_string(),
|
|
radio_call_name: "11.49.2".to_string(),
|
|
};
|
|
|
|
let response = test_post(&context.db_pool, app, &config, request).await;
|
|
|
|
assert_eq!(StatusCode::UNAUTHORIZED, response.status());
|
|
}
|
|
}
|