feat: password reset for application

2026-06-17 21:41:20 +00:00 · 2023-01-14 22:18:03 +01:00 · 2023-01-14 22:18:03 +01:00 · eaddeaedd4
commit eaddeaedd4
parent 156bd3e739
4 changed files with 25 additions and 24 deletions
--- a/api/src/routes/admin.rs
+++ b/api/src/routes/admin.rs
@ -125,9 +125,6 @@ pub async fn list_candidates(

    }

-    /* let candidates = CandidateService::list_candidates(&private_key, db, field, page)
-        .await
-        .map_err(to_custom_error)?; */
    let candidates = ApplicationService::list_applications(&private_key, db)
        .await.map_err(to_custom_error)?;

@ -207,19 +204,18 @@ pub async fn reset_candidate_password(
    conn: Connection<'_, Db>,
    session: AdminAuth,
    id: i32,
-) -> Result<(), Custom<String>> {
+) -> Result<Json<CreateCandidateResponse>, Custom<String>> {
    // TODO
-    /* let db = conn.into_inner();
+    let db = conn.into_inner();
    let private_key = session.get_private_key();

-    let response = CandidateService::reset_password(private_key, db, id)
+    let response = ApplicationService::reset_password(private_key, db, id)
        .await
-        .map_err(to_custom_error)?; */
-
-        Ok(())
-    /* Ok(
+        .map_err(to_custom_error)?;
+    
+    Ok(
        Json(response)
-    ) */
+    )
 }

 #[get("/candidate/<id>/portfolio")]
--- a/core/src/models/application.rs
+++ b/core/src/models/application.rs
@ -1,6 +1,6 @@
 use serde::{Serialize, Deserialize};

-use crate::{database::query::application::ApplicationCandidateJoin, services::portfolio_service::SubmissionProgress, error::ServiceError};
+use crate::{database::query::application::ApplicationCandidateJoin, error::ServiceError};

 use super::candidate_details::EncryptedString;

--- a/core/src/models/candidate_details.rs
+++ b/core/src/models/candidate_details.rs
@ -502,7 +502,7 @@ pub mod tests {
        let db = get_memory_sqlite_connection().await;
        let _admin = insert_test_admin(&db).await;

-        let (application, candidate, parents) = put_user_data(&db).await;
+        let (_, candidate, parents) = put_user_data(&db).await;

        let encrypted_details = EncryptedApplicationDetails::try_from((&candidate, parents)).unwrap();

--- a/core/src/services/application_service.rs
+++ b/core/src/services/application_service.rs
@ -3,7 +3,7 @@ use chrono::Duration;
 use entity::{candidate, parent, application, session};
 use sea_orm::{DbConn, prelude::Uuid, IntoActiveModel};

-use crate::{error::ServiceError, Query, utils::db::get_recipients, models::candidate_details::{EncryptedApplicationDetails}, models::{candidate::ApplicationDetails, candidate_details::EncryptedString, auth::AuthenticableTrait, application::ApplicationResponse}, Mutation, crypto::{hash_password, self}};
+use crate::{error::ServiceError, Query, utils::db::get_recipients, models::candidate_details::{EncryptedApplicationDetails}, models::{candidate::{ApplicationDetails, CreateCandidateResponse}, candidate_details::EncryptedString, auth::AuthenticableTrait, application::ApplicationResponse}, Mutation, crypto::{hash_password, self}};

 use super::{parent_service::ParentService, candidate_service::CandidateService, session_service::SessionService};

@ -235,16 +235,16 @@ impl ApplicationService {
    }

    // TODO
-    /* pub async fn reset_password(
+    pub async fn reset_password(
        admin_private_key: String,
        db: &DbConn,
        id: i32,
    ) -> Result<CreateCandidateResponse, ServiceError> {
-        let candidate = Query::find_candidate_by_id(db, id).await?
+        let application = Query::find_application_by_id(db, id).await?
            .ok_or(ServiceError::CandidateNotFound)?;
+        let candidate = ApplicationService::find_related_candidate(db, &application).await?;
        let parents = Query::find_candidate_parents(db, &candidate).await?;
-
-            
+       
        let new_password_plain = crypto::random_12_char_string();
        let new_password_hash = crypto::hash_password(new_password_plain.clone()).await?;

@ -254,9 +254,9 @@ impl ApplicationService {
        ).await?;


-        Self::delete_old_sessions(db, &candidate, 0).await?;
-        let candidate = Mutation::update_candidate_password_and_keys(db,
-             candidate,
+        Self::delete_old_sessions(db, &application, 0).await?;
+        let application = Mutation::update_application_password_and_keys(db,
+             application,
             new_password_hash,
             pubkey.clone(),
             encrypted_priv_key
@ -264,7 +264,7 @@ impl ApplicationService {

        
        // user might no have filled his details yet, but personal id number is filled from beginning
-        let personal_id_number = EncryptedString::from(candidate.personal_identification_number.clone())
+        let personal_id_number = EncryptedString::from(application.personal_id_number.clone())
            .decrypt(&admin_private_key)
            .await?;

@ -274,7 +274,12 @@ impl ApplicationService {
            .decrypt(admin_private_key).await?;
        let enc_details = EncryptedApplicationDetails::new(&dec_details, recipients).await?;

-        Mutation::update_candidate_details(db, candidate, enc_details.candidate).await?;
+        Mutation::update_candidate_details(db, 
+            candidate,
+            enc_details.candidate,
+            application.id
+        ).await?;
+
        for i in 0..enc_details.parents.len() {
            Mutation::add_parent_details(db, parents[i].clone(), enc_details.parents[i].clone()).await?;
        }
@ -286,7 +291,7 @@ impl ApplicationService {
                password: new_password_plain,
            }
        )
-    } */
+    }
 }

 #[async_trait]