shoutdotdev/src/guards.rs

macro_rules! require_team_membership {
    ($current_user:expr, $team_id:expr, $db_conn:expr) => {{
        let current_user_id = $current_user.id.clone();
        match $db_conn
            .interact(move |conn| {
                crate::team_memberships::TeamMembership::all()
                    .filter(crate::team_memberships::TeamMembership::with_user_id(
                        current_user_id,
                    ))
                    .filter(crate::team_memberships::TeamMembership::with_team_id(
                        $team_id,
                    ))
                    .first(conn)
                    .optional()
            })
            .await
            .unwrap()?
        {
            Some((team, _)) => team,
            None => {
                return Ok((
                    axum::http::StatusCode::FORBIDDEN,
                    "not a member of requested team".to_string(),
                )
                    .into_response());
            }
        }
    }};
}
pub(crate) use require_team_membership;

macro_rules! require_valid_csrf_token {
    ($csrf_token:expr, $current_user:expr, $db_conn:expr) => {{
        if !crate::csrf::validate_csrf_token(&$db_conn, &$csrf_token, Some($current_user.id))
            .await?
        {
            return Ok((
                axum::http::StatusCode::FORBIDDEN,
                "invalid CSRF token".to_string(),
            )
                .into_response());
        }
    }};
}
pub(crate) use require_valid_csrf_token;
misc back-end cleanup 2025-01-28 18:01:43 -08:00			`macro_rules! require_team_membership {`
			`($current_user:expr, $team_id:expr, $db_conn:expr) => {{`
			`let current_user_id = $current_user.id.clone();`
			`match $db_conn`
			`.interact(move \|conn\| {`
			`crate::team_memberships::TeamMembership::all()`
			`.filter(crate::team_memberships::TeamMembership::with_user_id(`
			`current_user_id,`
			`))`
			`.filter(crate::team_memberships::TeamMembership::with_team_id(`
			`$team_id,`
			`))`
			`.first(conn)`
			`.optional()`
			`})`
			`.await`
			`.unwrap()?`
			`{`
			`Some((team, _)) => team,`
			`None => {`
			`return Ok((`
			`axum::http::StatusCode::FORBIDDEN,`
			`"not a member of requested team".to_string(),`
			`)`
			`.into_response());`
			`}`
			`}`
			`}};`
			`}`
			`pub(crate) use require_team_membership;`

			`macro_rules! require_valid_csrf_token {`
			`($csrf_token:expr, $current_user:expr, $db_conn:expr) => {{`
			`if !crate::csrf::validate_csrf_token(&$db_conn, &$csrf_token, Some($current_user.id))`
			`.await?`
			`{`
			`return Ok((`
			`axum::http::StatusCode::FORBIDDEN,`
			`"invalid CSRF token".to_string(),`
			`)`
			`.into_response());`
			`}`
			`}};`
			`}`
			`pub(crate) use require_valid_csrf_token;`