GKaszewski/movies-diary
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: admin role

Browse Source
This commit is contained in:
Gabriel Kaszewski
2026-05-10 01:15:48 +02:00
parent d668d54cc3
commit 35fffeef67
16 changed files with 109 additions and 341 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.sqlx/query-21751a2efb5fc58f5c1057f332f537419b7067ff665a03e248e6ea0fe7b6919b.json → .sqlx/query-0acf3515a4d1bef7a2458d878481ba3b11c9f252311579f7daba335f70d78f07.json generated
View File

@@ -1,12 +1,12 @@
{
"db_name": "SQLite",
"query": "INSERT INTO users (id, email, username, password_hash, created_at) VALUES (?, ?, ?, ?, ?)",
"query": "INSERT INTO users (id, email, username, password_hash, created_at, role) VALUES (?, ?, ?, ?, ?, ?)",
"describe": {
"columns": [],
"parameters": {
"Right": 5
"Right": 6
},
"nullable": []
},
"hash": "21751a2efb5fc58f5c1057f332f537419b7067ff665a03e248e6ea0fe7b6919b"
"hash": "0acf3515a4d1bef7a2458d878481ba3b11c9f252311579f7daba335f70d78f07"
}

20
.sqlx/query-0cd1a7b7255a0ee753deffab7cbb48027d22900a570b98a636c780cb3e2efd23.json generated
View File

@@ -1,20 +0,0 @@
{
"db_name": "SQLite",
"query": "SELECT COUNT(*) FROM reviews WHERE user_id = ?",
"describe": {
"columns": [
{
"name": "COUNT(*)",
"ordinal": 0,
"type_info": "Integer"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false
]
},
"hash": "0cd1a7b7255a0ee753deffab7cbb48027d22900a570b98a636c780cb3e2efd23"
}

10
.sqlx/query-e51c6da943bd326a09632aa0cfd30c4f15ca554e229778b6cfa04889b7231b36.json → .sqlx/query-319b5d09824809a971f6c9546dde6389a0aca5a732531bb9ca9b99675d0a89f4.json generated
View File

@@ -1,6 +1,6 @@
{
"db_name": "SQLite",
"query": "SELECT id, email, username, password_hash FROM users WHERE id = ?",
"query": "SELECT id, email, username, password_hash, role FROM users WHERE username = ?",
"describe": {
"columns": [
{
@@ -22,6 +22,11 @@
"name": "password_hash",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 4,
"type_info": "Text"
}
],
"parameters": {
@@ -31,8 +36,9 @@
true,
false,
false,
false,
false
]
},
"hash": "e51c6da943bd326a09632aa0cfd30c4f15ca554e229778b6cfa04889b7231b36"
"hash": "319b5d09824809a971f6c9546dde6389a0aca5a732531bb9ca9b99675d0a89f4"
}

98
.sqlx/query-4ad3b7d450e46e8d4982a0517c7345b386fc7dc6cf3e72c924e2f5da49dfb469.json generated
View File

@@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "SELECT m.id, m.external_metadata_id, m.title, m.release_year, m.director, m.poster_path,\n r.id AS review_id, r.movie_id, r.user_id, r.rating, r.comment, r.watched_at, r.created_at, r.remote_actor_url\n FROM reviews r\n INNER JOIN movies m ON m.id = r.movie_id\n WHERE r.user_id = ?\n ORDER BY r.rating DESC, r.watched_at DESC\n LIMIT ? OFFSET ?",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "external_metadata_id",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "title",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "release_year",
"ordinal": 3,
"type_info": "Integer"
},
{
"name": "director",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "poster_path",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "review_id",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "movie_id",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "user_id",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "rating",
"ordinal": 9,
"type_info": "Integer"
},
{
"name": "comment",
"ordinal": 10,
"type_info": "Text"
},
{
"name": "watched_at",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "created_at",
"ordinal": 12,
"type_info": "Text"
},
{
"name": "remote_actor_url",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 3
},
"nullable": [
false,
true,
false,
false,
true,
true,
false,
false,
false,
false,
true,
false,
false,
true
]
},
"hash": "4ad3b7d450e46e8d4982a0517c7345b386fc7dc6cf3e72c924e2f5da49dfb469"
}

98
.sqlx/query-4c235060b78cc5c73e0400b39472467a36d3920ff4c020f5461b2cdb04361888.json generated
View File

@@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "SELECT m.id, m.external_metadata_id, m.title, m.release_year, m.director, m.poster_path,\n r.id AS review_id, r.movie_id, r.user_id, r.rating, r.comment, r.watched_at, r.created_at, r.remote_actor_url\n FROM reviews r\n INNER JOIN movies m ON m.id = r.movie_id\n WHERE r.user_id = ?\n ORDER BY r.watched_at DESC\n LIMIT ? OFFSET ?",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "external_metadata_id",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "title",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "release_year",
"ordinal": 3,
"type_info": "Integer"
},
{
"name": "director",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "poster_path",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "review_id",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "movie_id",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "user_id",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "rating",
"ordinal": 9,
"type_info": "Integer"
},
{
"name": "comment",
"ordinal": 10,
"type_info": "Text"
},
{
"name": "watched_at",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "created_at",
"ordinal": 12,
"type_info": "Text"
},
{
"name": "remote_actor_url",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 3
},
"nullable": [
false,
true,
false,
false,
true,
true,
false,
false,
false,
false,
true,
false,
false,
true
]
},
"hash": "4c235060b78cc5c73e0400b39472467a36d3920ff4c020f5461b2cdb04361888"
}

104
.sqlx/query-70843058606802f0958d216a47473f78b29854518c48c2da3cc11a94d6d37bb1.json generated
View File

@@ -1,104 +0,0 @@
{
"db_name": "SQLite",
"query": "SELECT m.id, m.external_metadata_id, m.title, m.release_year, m.director, m.poster_path,\n r.id AS review_id, r.movie_id, r.user_id, r.rating, r.comment, r.watched_at, r.created_at, r.remote_actor_url,\n COALESCE(u.email, r.remote_actor_url) AS \"user_email!: String\"\n FROM reviews r\n INNER JOIN movies m ON m.id = r.movie_id\n LEFT JOIN users u ON u.id = r.user_id\n ORDER BY r.watched_at DESC\n LIMIT ? OFFSET ?",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "external_metadata_id",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "title",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "release_year",
"ordinal": 3,
"type_info": "Integer"
},
{
"name": "director",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "poster_path",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "review_id",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "movie_id",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "user_id",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "rating",
"ordinal": 9,
"type_info": "Integer"
},
{
"name": "comment",
"ordinal": 10,
"type_info": "Text"
},
{
"name": "watched_at",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "created_at",
"ordinal": 12,
"type_info": "Text"
},
{
"name": "remote_actor_url",
"ordinal": 13,
"type_info": "Text"
},
{
"name": "user_email!: String",
"ordinal": 14,
"type_info": "Text"
}
],
"parameters": {
"Right": 2
},
"nullable": [
false,
true,
false,
false,
true,
true,
false,
false,
false,
false,
true,
false,
false,
true,
true
]
},
"hash": "70843058606802f0958d216a47473f78b29854518c48c2da3cc11a94d6d37bb1"
}

10
.sqlx/query-4eeae6aa887319cab4a9fd673c3a75dec1e6681739d722481233a3d9e7a01955.json → .sqlx/query-79af0324db4d0b8e4bd66e12816583598865630241deffbb8b4175fa7a755099.json generated
View File

@@ -1,6 +1,6 @@
{
"db_name": "SQLite",
"query": "SELECT id, email, username, password_hash FROM users WHERE email = ?",
"query": "SELECT id, email, username, password_hash, role FROM users WHERE id = ?",
"describe": {
"columns": [
{
@@ -22,6 +22,11 @@
"name": "password_hash",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 4,
"type_info": "Text"
}
],
"parameters": {
@@ -31,8 +36,9 @@
true,
false,
false,
false,
false
]
},
"hash": "4eeae6aa887319cab4a9fd673c3a75dec1e6681739d722481233a3d9e7a01955"
"hash": "79af0324db4d0b8e4bd66e12816583598865630241deffbb8b4175fa7a755099"
}

10
.sqlx/query-0e36417429360e7e332f60768c2283a78b18c57cb72978921ccc0df963a756ba.json → .sqlx/query-c43249558d535343e387586fa00499fe813b18b9e7d8d241462f0689969dc64f.json generated
View File

@@ -1,6 +1,6 @@
{
"db_name": "SQLite",
"query": "SELECT id, email, username, password_hash FROM users WHERE username = ?",
"query": "SELECT id, email, username, password_hash, role FROM users WHERE email = ?",
"describe": {
"columns": [
{
@@ -22,6 +22,11 @@
"name": "password_hash",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 4,
"type_info": "Text"
}
],
"parameters": {
@@ -31,8 +36,9 @@
true,
false,
false,
false,
false
]
},
"hash": "0e36417429360e7e332f60768c2283a78b18c57cb72978921ccc0df963a756ba"
"hash": "c43249558d535343e387586fa00499fe813b18b9e7d8d241462f0689969dc64f"
}

4
Dockerfile
View File

@@ -46,7 +46,9 @@ RUN sqlite3 /build/dev.db \
sqlite3 /build/dev.db \
< crates/adapters/sqlite/migrations/0005_activitypub_v2.sql && \
sqlite3 /build/dev.db \
< crates/adapters/sqlite/migrations/0006_follower_activity_id.sql
< crates/adapters/sqlite/migrations/0006_follower_activity_id.sql && \
sqlite3 /build/dev.db \
< crates/adapters/sqlite/migrations/0007_user_role.sql
ENV DATABASE_URL=sqlite:///build/dev.db

1
crates/adapters/sqlite/migrations/0007_user_role.sql Normal file
View File

@@ -0,0 +1 @@
ALTER TABLE users ADD COLUMN role TEXT NOT NULL DEFAULT 'standard';

30
crates/adapters/sqlite/src/users.rs
View File

@@ -5,7 +5,7 @@ use sqlx::SqlitePool;
use super::models::UserSummaryRow;
use domain::{
errors::DomainError,
models::User,
models::{User, UserRole},
ports::UserRepository,
value_objects::{Email, PasswordHash, UserId, Username},
};
@@ -24,11 +24,19 @@ impl SqliteUserRepository {
DomainError::InfrastructureError("Database operation failed".into())
}
fn parse_role(s: &str) -> UserRole {
match s {
"admin" => UserRole::Admin,
_ => UserRole::Standard,
}
}
fn row_to_user(
id_str: String,
email_str: String,
username_str: String,
hash_str: String,
role: UserRole,
) -> Result<User, DomainError> {
let id = uuid::Uuid::parse_str(&id_str)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
@@ -43,6 +51,7 @@ impl SqliteUserRepository {
email,
username,
hash,
role,
))
}
}
@@ -52,7 +61,7 @@ impl UserRepository for SqliteUserRepository {
async fn find_by_email(&self, email: &Email) -> Result<Option<User>, DomainError> {
let email_str = email.value();
let row = sqlx::query!(
"SELECT id, email, username, password_hash FROM users WHERE email = ?",
"SELECT id, email, username, password_hash, role FROM users WHERE email = ?",
email_str
)
.fetch_optional(&self.pool)
@@ -65,6 +74,7 @@ impl UserRepository for SqliteUserRepository {
r.email,
r.username,
r.password_hash,
Self::parse_role(&r.role),
)
})
.transpose()
@@ -73,7 +83,7 @@ impl UserRepository for SqliteUserRepository {
async fn find_by_username(&self, username: &Username) -> Result<Option<User>, DomainError> {
let username_str = username.value();
let row = sqlx::query!(
"SELECT id, email, username, password_hash FROM users WHERE username = ?",
"SELECT id, email, username, password_hash, role FROM users WHERE username = ?",
username_str
)
.fetch_optional(&self.pool)
@@ -86,6 +96,7 @@ impl UserRepository for SqliteUserRepository {
r.email,
r.username,
r.password_hash,
Self::parse_role(&r.role),
)
})
.transpose()
@@ -111,9 +122,13 @@ impl UserRepository for SqliteUserRepository {
let hash = user.password_hash().value();
let created_at = Utc::now().to_rfc3339();
let role = match user.role() {
UserRole::Admin => "admin",
UserRole::Standard => "standard",
};
sqlx::query!(
"INSERT INTO users (id, email, username, password_hash, created_at) VALUES (?, ?, ?, ?, ?)",
id, email, username, hash, created_at
"INSERT INTO users (id, email, username, password_hash, created_at, role) VALUES (?, ?, ?, ?, ?, ?)",
id, email, username, hash, created_at, role
)
.execute(&self.pool)
.await
@@ -125,7 +140,7 @@ impl UserRepository for SqliteUserRepository {
async fn find_by_id(&self, id: &UserId) -> Result<Option<User>, DomainError> {
let id_str = id.value().to_string();
let row = sqlx::query!(
"SELECT id, email, username, password_hash FROM users WHERE id = ?",
"SELECT id, email, username, password_hash, role FROM users WHERE id = ?",
id_str
)
.fetch_optional(&self.pool)
@@ -138,6 +153,7 @@ impl UserRepository for SqliteUserRepository {
r.email,
r.username,
r.password_hash,
Self::parse_role(&r.role),
)
})
.transpose()
@@ -172,7 +188,7 @@ mod tests {
async fn setup() -> (SqlitePool, SqliteUserRepository) {
let pool = SqlitePool::connect(":memory:").await.unwrap();
sqlx::query(
"CREATE TABLE users (id TEXT PRIMARY KEY, email TEXT NOT NULL UNIQUE, username TEXT NOT NULL UNIQUE, password_hash TEXT NOT NULL, created_at TEXT NOT NULL)"
"CREATE TABLE users (id TEXT PRIMARY KEY, email TEXT NOT NULL UNIQUE, username TEXT NOT NULL UNIQUE, password_hash TEXT NOT NULL, created_at TEXT NOT NULL, role TEXT NOT NULL DEFAULT 'standard')"
)
.execute(&pool)
.await

3
crates/application/src/commands.rs
View File

@@ -1,5 +1,5 @@
use chrono::NaiveDateTime;
use domain::models::ExportFormat;
use domain::models::{ExportFormat, UserRole};
use uuid::Uuid;
pub struct LogReviewCommand {
@@ -30,6 +30,7 @@ pub struct RegisterCommand {
pub email: String,
pub username: String,
pub password: String,
pub role: UserRole,
}
pub struct DeleteReviewCommand {

2
crates/application/src/use_cases/register.rs
View File

@@ -41,6 +41,6 @@ pub async fn execute(ctx: &AppContext, cmd: RegisterCommand) -> Result<(), Domai
let hash = ctx.password_hasher.hash(&cmd.password).await?;
ctx.user_repository
.save(&User::new(email, username, hash))
.save(&User::new(email, username, hash, cmd.role))
.await
}

23
crates/domain/src/models/mod.rs
View File

@@ -1,3 +1,5 @@
use std::default;
use chrono::{NaiveDateTime, Utc};
use crate::{
@@ -254,21 +256,35 @@ impl ReviewHistory {
}
}
#[derive(Clone, Debug, Default)]
pub enum UserRole {
#[default]
Standard,
Admin,
}
#[derive(Clone, Debug)]
pub struct User {
id: UserId,
email: Email,
username: Username,
password_hash: PasswordHash,
role: UserRole,
}
impl User {
pub fn new(email: Email, username: Username, password_hash: PasswordHash) -> Self {
pub fn new(
email: Email,
username: Username,
password_hash: PasswordHash,
role: UserRole,
) -> Self {
Self {
id: UserId::generate(),
email,
username,
password_hash,
role,
}
}
@@ -277,12 +293,14 @@ impl User {
email: Email,
username: Username,
password_hash: PasswordHash,
role: UserRole,
) -> Self {
Self {
id,
email,
username,
password_hash,
role,
}
}
@@ -302,6 +320,9 @@ impl User {
pub fn password_hash(&self) -> &PasswordHash {
&self.password_hash
}
pub fn role(&self) -> &UserRole {
&self.role
}
}
#[derive(Clone, Debug)]

29
crates/presentation/src/extractors.rs
View File

@@ -1,6 +1,6 @@
use axum::{
extract::{FromRef, FromRequestParts},
http::{header, header::AUTHORIZATION, request::Parts},
http::{StatusCode, header, header::AUTHORIZATION, request::Parts},
response::{IntoResponse, Redirect},
};
use domain::{errors::DomainError, value_objects::UserId};
@@ -91,6 +91,33 @@ where
}
}
pub struct AdminUser(pub UserId);
impl<S> FromRequestParts<S> for AdminUser
where
AppState: FromRef<S>,
S: Send + Sync,
{
type Rejection = axum::response::Response;
async fn from_request_parts(parts: &mut Parts, state: &S) -> Result<Self, Self::Rejection> {
let app_state = AppState::from_ref(state);
let RequiredCookieUser(user_id) =
RequiredCookieUser::from_request_parts(parts, state).await?;
let user = app_state
.app_ctx
.user_repository
.find_by_id(&user_id)
.await
.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR.into_response())?
.ok_or_else(|| StatusCode::UNAUTHORIZED.into_response())?;
match user.role() {
domain::models::UserRole::Admin => Ok(AdminUser(user_id)),
_ => Err(StatusCode::FORBIDDEN.into_response()),
}
}
}
#[cfg(test)]
mod tests {
use super::*;

2
crates/presentation/src/handlers.rs
View File

@@ -203,6 +203,7 @@ pub mod html {
email: form.email,
username: form.username,
password: form.password,
role: domain::models::UserRole::Standard,
},
)
.await
@@ -1181,6 +1182,7 @@ pub mod api {
email: req.email,
username: req.username,
password: req.password,
role: domain::models::UserRole::Standard,
},
)
.await?;