45 lines
1.5 KiB
Rust
45 lines
1.5 KiB
Rust
macro_rules! require_team_membership {
|
|
($current_user:expr, $team_id:expr, $db_conn:expr) => {{
|
|
let current_user_id = $current_user.id.clone();
|
|
match $db_conn
|
|
.interact(move |conn| {
|
|
crate::team_memberships::TeamMembership::all()
|
|
.filter(crate::team_memberships::TeamMembership::with_user_id(
|
|
current_user_id,
|
|
))
|
|
.filter(crate::team_memberships::TeamMembership::with_team_id(
|
|
$team_id,
|
|
))
|
|
.first(conn)
|
|
.optional()
|
|
})
|
|
.await
|
|
.unwrap()?
|
|
{
|
|
Some((team, _)) => team,
|
|
None => {
|
|
return Ok((
|
|
axum::http::StatusCode::FORBIDDEN,
|
|
"not a member of requested team".to_string(),
|
|
)
|
|
.into_response());
|
|
}
|
|
}
|
|
}};
|
|
}
|
|
pub(crate) use require_team_membership;
|
|
|
|
macro_rules! require_valid_csrf_token {
|
|
($csrf_token:expr, $current_user:expr, $db_conn:expr) => {{
|
|
if !crate::csrf::validate_csrf_token(&$db_conn, &$csrf_token, Some($current_user.id))
|
|
.await?
|
|
{
|
|
return Ok((
|
|
axum::http::StatusCode::FORBIDDEN,
|
|
"invalid CSRF token".to_string(),
|
|
)
|
|
.into_response());
|
|
}
|
|
}};
|
|
}
|
|
pub(crate) use require_valid_csrf_token;
|