Merge pull request #1 from prplnorangesoda/admin

Admin

.gitmodules

@@ -1,3 +1,4 @@
 [submodule "lucyleague-frontend"]
 	path = lucyleague-frontend
 	url = https://github.com/prplnorangesoda/lucyleague-frontend
+	branch = main

Cargo.toml

@@ -30,7 +30,8 @@ randomizer = "0.1.2"
 chrono = { version = "0.4", features = ["serde"] }
 actix-files = "0.6"
 serde_json = "1.0"
-steamopenid = "0.1.0"
+steamopenid = "0.3.0"
 inquire = "0.7.5"
 num-derive = "0.4.2"
 num-traits = "0.2.19"
+actix-http = "3.9.0"

README.md

@@ -0,0 +1,7 @@
+# LucyLeague
+
+Here's the backend for (hopefully [lucyleague.net](https://lucyleague.net) or [league.passtime.tf]). Please LET ME KNOW if there's anything stupid here like exposed API keys or insecure thingies.
+
+## Running locally
+
+This project is dockerized. Simply running `docker compose up` after cloning (AND MAKING A .env FILE!) should work out of the box. Submit an issue if this doesn't work!

backend-src/apiv1/admin.rs

@@ -0,0 +1,66 @@
+use std::str::FromStr;
+
+use actix_http::header::TryIntoHeaderValue;
+use actix_web::http::header;
+use actix_web::{get, http, post, web, Error, HttpResponse, Responder};
+
+use crate::apiv1::apimodels::*;
+use crate::db;
+use crate::errors::MyError;
+use crate::models::*;
+use crate::AppState;
+use deadpool_postgres::Client;
+
+struct AuthHeader(String);
+
+impl TryIntoHeaderValue for AuthHeader {
+    type Error = actix_web::error::HttpError;
+    fn try_into_value(self) -> Result<header::HeaderValue, Self::Error> {
+        Ok(header::HeaderValue::from_bytes(self.0.as_bytes())?)
+    }
+}
+
+pub struct AuthHeaderStringError;
+
+impl FromStr for AuthHeader {
+    type Err = AuthHeaderStringError;
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        Ok(AuthHeader("Hi".to_owned()))
+    }
+}
+impl http::header::Header for AuthHeader {
+    fn name() -> header::HeaderName {
+        header::AUTHORIZATION
+    }
+    fn parse<M: actix_web::HttpMessage>(msg: &M) -> Result<Self, actix_web::error::ParseError> {
+        actix_http::header::from_one_raw_str(msg.headers().get(Self::name()))
+    }
+}
+
+#[post("/api/v1/leagues")]
+pub async fn post_league(
+    league: web::Json<MiniLeague>,
+    state: web::Data<AppState>,
+    authorization: web::Header<AuthHeader>,
+) -> Result<HttpResponse, Error> {
+    println!("POST request at /api/v1/leagues");
+    let client: Client = state.pool.get().await.map_err(MyError::PoolError)?;
+    let league = league.into_inner();
+    let response = db::add_league(&client, league).await?;
+
+    Ok(HttpResponse::Ok().json(response))
+}
+
+/// Set a user or multiple users to a team.
+#[post("/api/v1/users/setteam")]
+pub async fn post_users_team(
+    user_team: web::Json<UserTeamBody>,
+    state: web::Data<AppState>,
+) -> Result<HttpResponse, Error> {
+    let client = state.pool.get().await.map_err(MyError::PoolError)?;
+    let user_team = user_team.into_inner();
+    // fetch the team to get its id
+    let team = db::get_team_from_id(&client, user_team.team_id).await?;
+    let users = db::get_team_players(&client, team).await?;
+    Ok(HttpResponse::Ok().json(users))
+}

backend-src/apiv1/apimodels.rs

@@ -0,0 +1,21 @@
+use serde::{Serialize, Deserialize};
+
+use crate::models::*;
+
+#[derive(Serialize, Deserialize)]
+pub struct UserTeamBody {
+    pub league_id: i64,
+    pub user_steamids: Vec<String>,
+    pub team_id: i64,
+}
+
+#[derive(Serialize, Deserialize)]
+pub struct UserResponse {
+    pub user: User,
+    pub teams: Vec<Team>,
+}
+#[derive(Serialize, Deserialize)]
+pub struct LeagueResponse {
+    pub info: League,
+    pub teams: Vec<Team>,
+}

backend-src/apiv1/mod.rs

@@ -5,7 +5,6 @@ use crate::db;
 use crate::errors::MyError;
 use crate::models::League;
 use crate::models::MiniUser;
-use crate::models::Team;
 use crate::models::User;
 use crate::steamapi;
 use crate::PlayerSummaryAccess;
@@ -14,8 +13,10 @@ use deadpool_postgres::{Client, Pool};
 use std::collections::HashMap;
 
 pub mod admin;
+mod apimodels; 
+
+use apimodels::*;
 
-pub use admin::*;
 /*
 https://rgl.gg/Login/Default.aspx?push=1&r=40
 &dnoa.userSuppliedIdentifier=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2F
@@ -34,16 +35,7 @@ pub struct AppState {
     pub steam_auth_url: String,
     pub steam_api_key: String,
 }
-#[derive(serde::Serialize, serde::Deserialize)]
-struct UserResponse {
-    user: User,
-    teams: Vec<Team>,
-}
-#[derive(serde::Serialize, serde::Deserialize)]
-struct LeagueResponse {
-    info: League,
-    teams: Vec<Team>,
-}
+
 
 #[get("/api/v1/leagues/{league_id}")]
 pub async fn get_league(
@@ -64,19 +56,6 @@ pub async fn get_league(
     Ok(HttpResponse::Ok().json(results))
 }
 
-#[post("/api/v1/leagues")]
-pub async fn post_league(
-    league: web::Json<MiniLeague>,
-    state: web::Data<AppState>,
-) -> Result<HttpResponse, Error> {
-    println!("POST request at /api/v1/leagues");
-    let client: Client = state.pool.get().await.map_err(MyError::PoolError)?;
-    let league = league.into_inner();
-    let response = db::add_league(&client, league).await?;
-
-    Ok(HttpResponse::Ok().json(response))
-}
-
 #[get("/login/landing")]
 pub async fn openid_landing(
     query: web::Query<HashMap<String, String>>,

backend-src/db.rs

@@ -6,18 +6,66 @@ use tokio_pg_mapper::FromTokioPostgresRow;
 use crate::{
     authorization::create_authorization_for_user,
     errors::MyError,
-    models::{Authorization, League, MiniLeague, MiniUser, Team, User},
+    models::{Authorization, League, MiniLeague, MiniUser, Team, User, UserTeam},
 };
 
 pub async fn initdb(client: &Client) -> Result<(), MyError> {
     let _stmt = include_str!("../sql/initdb.sql");
 
-    client
-        .batch_execute(_stmt)
-        .await?;
+    client.batch_execute(_stmt).await?;
     Ok(())
 }
 
+pub async fn get_team_from_id(client: &Client, team_id: i64) -> Result<Team, MyError> {
+    let _stmt = "SELECT $table_fields FROM teams WHERE teamid=$1";
+    let _stmt = _stmt.replace("$table_fields", &Team::sql_table_fields());
+    let stmt = client.prepare(&_stmt).await.unwrap();
+
+    let results = client
+        .query(&stmt, &[&team_id])
+        .await?
+        .iter()
+        .map(|row| Team::from_row_ref(row).unwrap())
+        .collect::<Vec<Team>>()
+        .pop()
+        .ok_or(MyError::NotFound);
+
+    results
+}
+
+pub async fn get_team_players(client: &Client, team: Team) -> Result<Vec<User>, MyError> {
+    let _stmt = "SELECT $table_fields FROM userTeam WHERE teamid=$1 AND leagueid=$2";
+    let _stmt = _stmt.replace("$table_fields", &UserTeam::sql_table_fields());
+    let stmt = client.prepare(&_stmt).await.unwrap();
+
+    let userids: Vec<i64> = client
+        .query(&stmt, &[&team.id, &team.leagueid])
+        .await?
+        .iter()
+        .map(|row| UserTeam::from_row_ref(row).unwrap().userid)
+        .collect();
+
+    mass_get_user_from_internal_id(client, &userids).await
+}
+
+async fn mass_get_user_from_internal_id(
+    client: &Client,
+    userids: &Vec<i64>,
+) -> Result<Vec<User>, MyError> {
+    let _stmt = "SELECT $table_fields FROM users WHERE id IN ($1)";
+    let _stmt = _stmt.replace("$table_fields", &User::sql_table_fields());
+    let stmt = client.prepare(&_stmt).await.unwrap();
+
+    let users: Vec<User> = client
+        .query(&stmt, &[userids])
+        .await?
+        .iter()
+        .map(|row| User::from_row_ref(row).unwrap())
+        .collect();
+
+    Ok(users)
+}
+
 pub async fn get_league(client: &Client, leagueid: i64) -> Result<League, MyError> {
     let _stmt = "SELECT $table_fields FROM leagues WHERE id=$1;";
     let _stmt = _stmt.replace("$table_fields", &League::sql_table_fields());

backend-src/main.rs

@@ -10,7 +10,7 @@ use tokio_postgres::NoTls;
 
 mod apiv1;
 mod authorization;
-mod checkpermission;
+mod permission;
 mod config;
 mod db;
 mod errors;
@@ -103,12 +103,11 @@ async fn main() -> io::Result<()> {
             )
             .service(get_league)
             .service(get_all_leagues)
-            .service(post_league)
+            .service(admin::post_league)
             .service(get_openid)
             .service(openid_landing)
             .service(
                 actix_files::Files::new("/", "./lucyleague-frontend/out")
-                    .show_files_listing()
                     .index_file("index.html"),
             )
     })

backend-src/models.rs

@@ -64,8 +64,8 @@ pub struct Team {
 #[derive(Deserialize, PostgresMapper, Serialize)]
 #[pg_mapper(table = "userTeam")]
 pub struct UserTeam {
-    pub userid: String,
-    pub teamid: String,
+    pub userid: i64,
+    pub teamid: i64,
 }
 
 #[derive(Deserialize, PostgresMapper, Serialize, Debug)]