dan/Portfolio
1
0
Fork 0
mirror of https://github.com/danbulant/Portfolio synced 2026-05-24 12:35:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #164 from EETagent/candidate_delete_lock

Browse source 
(backend) Candidate delete lock
This commit is contained in:
Vojtěch Jungmann 2023-01-17 21:30:31 +01:00 committed by GitHub
commit 520ca6db16
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
api/src/routes/admin.rs
View file

@ -2,7 +2,7 @@ use std::net::{SocketAddr, IpAddr, Ipv4Addr};
use portfolio_core::{
crypto::random_12_char_string,
services::{admin_service::AdminService, candidate_service::CandidateService, application_service::ApplicationService, portfolio_service::PortfolioService}, models::{candidate::{CreateCandidateResponse, ApplicationDetails}, auth::AuthenticableTrait, application::ApplicationResponse}, sea_orm::prelude::Uuid, Query, error::ServiceError, utils::csv,
services::{admin_service::AdminService, application_service::ApplicationService, portfolio_service::PortfolioService}, models::{candidate::{CreateCandidateResponse, ApplicationDetails}, auth::AuthenticableTrait, application::ApplicationResponse}, sea_orm::prelude::Uuid, Query, error::ServiceError, utils::csv,
};
use requests::{AdminLoginRequest, RegisterRequest};
use rocket::http::{Cookie, Status, CookieJar};
@ -189,18 +189,12 @@ pub async fn delete_candidate(
.await
.map_err(|e| to_custom_error(ServiceError::DbError(e)))?
.ok_or(to_custom_error(ServiceError::CandidateNotFound))?;
let candidate = ApplicationService::find_related_candidate(db, &application).await.map_err(to_custom_error)?;
ApplicationService::delete(db, application).await.map_err(to_custom_error)?;
let remaining_applications = Query::find_applications_by_candidate_id(db, candidate.id).await
.map_err(|e| to_custom_error(ServiceError::DbError(e)))?;
ApplicationService::delete(db, application)
.await
.map_err(to_custom_error)
if remaining_applications.is_empty() {
CandidateService::delete_candidate(db, candidate).await.map_err(to_custom_error)?;
}
Ok(())
}
#[post("/candidate/<id>/reset_password")]

21
core/src/services/application_service.rs
View file

@ -1,11 +1,12 @@
use async_trait::async_trait;
use chrono::Duration;
use entity::{candidate, parent, application, session};
use log::warn;
use sea_orm::{DbConn, prelude::Uuid, IntoActiveModel};
use crate::{error::ServiceError, Query, utils::db::get_recipients, models::candidate_details::EncryptedApplicationDetails, models::{candidate::{ApplicationDetails, CreateCandidateResponse}, candidate_details::EncryptedString, auth::AuthenticableTrait, application::ApplicationResponse}, Mutation, crypto::{hash_password, self}};
use crate::{error::ServiceError, Query, utils::db::get_recipients, models::candidate_details::EncryptedApplicationDetails, models::{candidate::{ApplicationDetails, CreateCandidateResponse}, candidate_details::{EncryptedString, EncryptedCandidateDetails}, auth::AuthenticableTrait, application::ApplicationResponse}, Mutation, crypto::{hash_password, self}};
use super::{parent_service::ParentService, candidate_service::CandidateService, session_service::SessionService};
use super::{parent_service::ParentService, candidate_service::CandidateService, session_service::SessionService, portfolio_service::PortfolioService};
const FIELD_OF_STUDY_PREFIXES: [&str; 3] = ["101", "102", "103"];
@ -165,7 +166,23 @@ impl ApplicationService {
}
pub async fn delete(db: &DbConn, application: application::Model) -> Result<(), ServiceError> {
let candidate = ApplicationService::find_related_candidate(db, &application).await?;
let applications = Query::find_applications_by_candidate_id(db, candidate.id).await?;
if applications.len() <= 1 &&
(EncryptedCandidateDetails::from(&candidate).is_filled() ||
PortfolioService::get_submission_progress(candidate.id).await?.index() > 1) {
warn!("FAILED TO DELETE APPLICATION {} (CANDIDATE {}) - LOCKED", application.id, candidate.id);
return Err(ServiceError::Forbidden);
}
Mutation::delete_application(db, application).await?;
let remaining_applications = Query::find_applications_by_candidate_id(db, candidate.id).await?;
if remaining_applications.is_empty() {
CandidateService::delete_candidate(db, candidate).await?;
}
Ok(())
}