Skip to content

Commit

Permalink
use fetch_one() to check valid id
Browse files Browse the repository at this point in the history
  • Loading branch information
@KavikaPalletenne
KavikaPalletenne committed Nov 13, 2024
1 parent c1d0acd commit bedd8c8
Show file tree
Hide file tree
Showing 6 changed files with 65 additions and 37 deletions.
8 changes: 4 additions & 4 deletions backend/server/src/handler/organisation.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,12 +91,12 @@ impl OrganisationHandler {
}

pub async fn remove_admin(
State(state): State<AppState>,
mut transaction: DBTransaction<'_>,
Path(id): Path<i64>,
_super_user: SuperUser,
Json(request_body): Json<AdminToRemove>,
) -> Result<impl IntoResponse, ChaosError> {
Organisation::remove_admin(id, request_body.user_id, &state.db).await?;
Organisation::remove_admin(id, request_body.user_id, &mut transaction.tx).await?;

Ok((
StatusCode::OK,
Expand All @@ -105,12 +105,12 @@ impl OrganisationHandler {
}

pub async fn remove_member(
State(state): State<AppState>,
mut transaction: DBTransaction<'_>,
Path(id): Path<i64>,
_admin: OrganisationAdmin,
Json(request_body): Json<AdminToRemove>,
) -> Result<impl IntoResponse, ChaosError> {
Organisation::remove_member(id, request_body.user_id, &state.db).await?;
Organisation::remove_member(id, request_body.user_id, &mut transaction.tx).await?;

Ok((
StatusCode::OK,
Expand Down
12 changes: 6 additions & 6 deletions backend/server/src/models/application.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -364,16 +364,16 @@ impl Application {
new_status: ApplicationStatus,
pool: &Pool<Postgres>,
) -> Result<(), ChaosError> {
sqlx::query!(
_ = sqlx::query!(
"
UPDATE applications
SET status = $2
WHERE id = $1;
WHERE id = $1 RETURNING id
",
id,
new_status as ApplicationStatus
)
.execute(pool)
.fetch_one(pool)
.await?;

Ok(())
Expand All @@ -384,16 +384,16 @@ impl Application {
new_status: ApplicationStatus,
pool: &Pool<Postgres>,
) -> Result<(), ChaosError> {
sqlx::query!(
_ = sqlx::query!(
"
UPDATE applications
SET private_status = $2
WHERE id = $1;
WHERE id = $1 RETURNING id
",
id,
new_status as ApplicationStatus
)
.execute(pool)
.fetch_one(pool)
.await?;

Ok(())
Expand Down
18 changes: 9 additions & 9 deletions backend/server/src/models/campaign.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,19 +96,19 @@ impl Campaign {
update: CampaignUpdate,
pool: &Pool<Postgres>,
) -> Result<(), ChaosError> {
sqlx::query!(
_ = sqlx::query!(
"
UPDATE campaigns
SET name = $1, description = $2, starts_at = $3, ends_at = $4
WHERE id = $5
WHERE id = $5 RETURNING id
",
update.name,
update.description,
update.starts_at,
update.ends_at,
id
)
.execute(pool)
.fetch_one(pool)
.await?;

Ok(())
Expand All @@ -125,17 +125,17 @@ impl Campaign {
let image_id = Uuid::new_v4();
let current_time = dt;

sqlx::query!(
_ = sqlx::query!(
"
UPDATE campaigns
SET cover_image = $1, updated_at = $2
WHERE id = $3
WHERE id = $3 RETURNING id
",
image_id,
current_time,
id
)
.execute(pool)
.fetch_one(pool)
.await?;

let upload_url =
Expand All @@ -146,13 +146,13 @@ impl Campaign {

/// Delete a campaign from the database
pub async fn delete(id: i64, pool: &Pool<Postgres>) -> Result<(), ChaosError> {
sqlx::query!(
_ = sqlx::query!(
"
DELETE FROM campaigns WHERE id = $1
DELETE FROM campaigns WHERE id = $1 RETURNING id
",
id
)
.execute(pool)
.fetch_one(pool)
.await?;

Ok(())
Expand Down
48 changes: 38 additions & 10 deletions backend/server/src/models/organisation.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,13 +115,13 @@ impl Organisation {
}

pub async fn delete(id: i64, pool: &Pool<Postgres>) -> Result<(), ChaosError> {
sqlx::query!(
_ = sqlx::query!(
"
DELETE FROM organisations WHERE id = $1
DELETE FROM organisations WHERE id = $1 RETURNING id
",
id
)
.execute(pool)
.fetch_one(pool)
.await?;

Ok(())
Expand Down Expand Up @@ -175,6 +175,13 @@ impl Organisation {
admin_id_list: Vec<i64>,
transaction: &mut Transaction<'_, Postgres>,
) -> Result<(), ChaosError> {
let _ = sqlx::query!(
"SELECT id FROM organisations WHERE id = $1",
organisation_id
)
.fetch_one(transaction.deref_mut())
.await?;

sqlx::query!(
"DELETE FROM organisation_members WHERE organisation_id = $1 AND role = $2",
organisation_id,
Expand Down Expand Up @@ -205,6 +212,13 @@ impl Organisation {
member_id_list: Vec<i64>,
transaction: &mut Transaction<'_, Postgres>,
) -> Result<(), ChaosError> {
let _ = sqlx::query!(
"SELECT id FROM organisations WHERE id = $1",
organisation_id
)
.fetch_one(transaction.deref_mut())
.await?;

sqlx::query!(
"DELETE FROM organisation_members WHERE organisation_id = $1 AND role = $2",
organisation_id,
Expand Down Expand Up @@ -233,8 +247,15 @@ impl Organisation {
pub async fn remove_admin(
organisation_id: i64,
admin_to_remove: i64,
pool: &Pool<Postgres>,
transaction: &mut Transaction<'_, Postgres>,
) -> Result<(), ChaosError> {
let _ = sqlx::query!(
"SELECT id FROM organisations WHERE id = $1",
organisation_id
)
.fetch_one(transaction.deref_mut())
.await?;

sqlx::query!(
"
UPDATE organisation_members SET role = $3 WHERE user_id = $1 AND organisation_id = $2
Expand All @@ -243,7 +264,7 @@ impl Organisation {
organisation_id,
OrganisationRole::User as OrganisationRole
)
.execute(pool)
.execute(transaction.deref_mut())
.await?;

Ok(())
Expand All @@ -252,16 +273,23 @@ impl Organisation {
pub async fn remove_member(
organisation_id: i64,
user_id: i64,
pool: &Pool<Postgres>,
transaction: &mut Transaction<'_, Postgres>,
) -> Result<(), ChaosError> {
let _ = sqlx::query!(
"SELECT id FROM organisations WHERE id = $1",
organisation_id
)
.fetch_one(transaction.deref_mut())
.await?;

sqlx::query!(
"
DELETE FROM organisation_members WHERE user_id = $1 AND organisation_id = $2
",
user_id,
organisation_id
)
.execute(pool)
.execute(transaction.deref_mut())
.await?;

Ok(())
Expand All @@ -276,17 +304,17 @@ impl Organisation {

let logo_id = Uuid::new_v4();
let current_time = dt;
sqlx::query!(
_ = sqlx::query!(
"
UPDATE organisations
SET logo = $2, updated_at = $3
WHERE id = $1
WHERE id = $1 RETURNING id
",
id,
logo_id,
current_time
)
.execute(pool)
.fetch_one(pool)
.await?;

let upload_url =
Expand Down
4 changes: 2 additions & 2 deletions backend/server/src/models/rating.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ impl Rating {
UPDATE application_ratings
SET rating = $2, comment = $3, updated_at = $4
WHERE id = $1
RETURNING id;
RETURNING id
",
rating_id,
rating,
Expand Down Expand Up @@ -145,7 +145,7 @@ impl Rating {
let _ = sqlx::query!(
"
DELETE FROM application_ratings WHERE id = $1
RETURNING id;
RETURNING id
",
rating_id
)
Expand Down
12 changes: 6 additions & 6 deletions backend/server/src/models/role.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,13 +82,13 @@ impl Role {
}

pub async fn delete(id: i64, pool: &Pool<Postgres>) -> Result<(), ChaosError> {
sqlx::query!(
let _ = sqlx::query!(
"
DELETE FROM campaign_roles WHERE id = $1
DELETE FROM campaign_roles WHERE id = $1 RETURNING id
",
id
)
.execute(pool)
.fetch_one(pool)
.await?;

Ok(())
Expand All @@ -99,11 +99,11 @@ impl Role {
role_data: RoleUpdate,
pool: &Pool<Postgres>,
) -> Result<(), ChaosError> {
sqlx::query!(
let _ = sqlx::query!(
"
UPDATE campaign_roles
SET (name, description, min_available, max_available, finalised) = ($2, $3, $4, $5, $6)
WHERE id = $1;
WHERE id = $1 RETURNING id
",
id,
role_data.name,
Expand All @@ -112,7 +112,7 @@ impl Role {
role_data.max_avaliable,
role_data.finalised
)
.execute(pool)
.fetch_one(pool)
.await?;

Ok(())
Expand Down

0 comments on commit bedd8c8

Please sign in to comment.