backend/controller/

map.rs

//! `Map` endpoints.

use actix_web::web::Query;
use actix_web::{
    delete, get, patch, post,
    web::{Json, Path},
    HttpResponse, Result,
};
use uuid::Uuid;

use crate::service::map_access_control::{check_creation_permission, AccessRights};
use crate::{
    config::{
        auth::user_info::UserInfo,
        data::{SharedBroadcaster, SharedPool},
    },
    model::dto::{
        actions::{Action, ActionType, UpdateMapGeometryActionPayload},
        MapSearchParameters, NewMapDto, PageParameters, UpdateMapDto, UpdateMapGeometryDto,
    },
    service,
    service::map_access_control::check_permissions,
};

/// Endpoint for fetching or searching all [`Map`](crate::model::entity::Map).
/// Search parameters are taken from the URLs query string (e.g. .../`api/maps?is_inactive=false&per_page=5`).
/// If no page parameters are provided, the first page is returned.
///
/// # Errors
/// * If the connection to the database could not be established.
#[utoipa::path(
    context_path = "/api/maps",
    params(
        MapSearchParameters,
        PageParameters
    ),
    responses(
        (status = 200, description = "Fetch or search all maps", body = PageMapDto)
    ),
    security(
        ("oauth2" = [])
    )
)]
#[get("")]
pub async fn find(
    search_query: Query<MapSearchParameters>,
    page_query: Query<PageParameters>,
    pool: SharedPool,
    user_info: UserInfo,
) -> Result<HttpResponse> {
    let response = service::map::find(
        search_query.into_inner(),
        page_query.into_inner(),
        &pool,
        user_info,
    )
    .await?;
    Ok(HttpResponse::Ok().json(response))
}

/// Endpoint for fetching a [`Map`](crate::model::entity::Map).
///
/// # Errors
/// * If the connection to the database could not be established.
/// * If the current user does not have the appropriate permissions.
#[utoipa::path(
    context_path = "/api/maps",
    responses(
        (status = 200, description = "Fetch a map by id", body = MapDto)
    ),
    security(
        ("oauth2" = [])
    )
)]
#[get("/{map_id}")]
pub async fn find_by_id(
    map_id: Path<i32>,
    pool: SharedPool,
    user_info: UserInfo,
) -> Result<HttpResponse> {
    let id = map_id.into_inner();
    check_permissions(id, &pool, user_info, AccessRights::Read).await?;
    let response = service::map::find_by_id(id.into(), &pool).await?;
    Ok(HttpResponse::Ok().json(response))
}

/// Endpoint for creating a new [`Map`](crate::model::entity::Map).
///
/// # Errors
/// * If the connection to the database could not be established.
#[utoipa::path(
    context_path = "/api/maps",
    request_body = NewMapDto,
    responses(
        (status = 201, description = "Create a new map", body = MapDto)
    ),
    security(
        ("oauth2" = [])
    )
)]
#[post("")]
pub async fn create(
    new_map_json: Json<NewMapDto>,
    user_info: UserInfo,
    pool: SharedPool,
) -> Result<HttpResponse> {
    check_creation_permission(&user_info).await?;
    let response = service::map::create(new_map_json.0, user_info.id, &pool).await?;
    Ok(HttpResponse::Created().json(response))
}

/// Endpoint for updating a [`Map`](crate::model::entity::Map).
///
/// # Errors
/// * If the connection to the database could not be established.
/// * If the current user does not have the appropriate permissions.
#[utoipa::path(
    context_path = "/api/maps",
    request_body = UpdateMapDto,
    responses(
        (status = 200, description = "Update a map", body = MapDto)
    ),
    security(
        ("oauth2" = [])
    )
)]
#[patch("/{map_id}")]
pub async fn update(
    map_update_json: Json<UpdateMapDto>,
    map_id: Path<i32>,
    user_info: UserInfo,
    pool: SharedPool,
) -> Result<HttpResponse> {
    let id = map_id.into_inner();
    check_permissions(id, &pool, user_info, AccessRights::Write).await?;
    let response = service::map::update(map_update_json.0, id.into(), &pool).await?;
    Ok(HttpResponse::Ok().json(response))
}
/// Endpoint for updating the [`Geometry`](postgis_diesel::sql_types::Geometry) of a [`Map`](crate::model::entity::Map).
///
/// # Errors
/// * If the connection to the database could not be established.
/// * If the current user does not have the appropriate permissions.
#[utoipa::path(
context_path = "/api/maps",
request_body = UpdateMapDto,
responses(
(status = 200, description = "Update a map", body = MapDto)
),
security(
("oauth2" = [])
)
)]
#[patch("/{map_id}/geometry")]
pub async fn update_geometry(
    map_update_geometry_json: Json<UpdateMapGeometryDto>,
    map_id: Path<i32>,
    user_info: UserInfo,
    pool: SharedPool,
    broadcaster: SharedBroadcaster,
) -> Result<HttpResponse> {
    let map_id_inner = map_id.into_inner();
    let user_id = user_info.id;
    check_permissions(map_id_inner, &pool, user_info, AccessRights::Write).await?;

    let response = service::map::update_geometry(
        map_update_geometry_json.0.clone(),
        map_id_inner.into(),
        &pool,
    )
    .await?;

    broadcaster
        .broadcast(
            map_id_inner,
            Action {
                action_id: Uuid::now_v7(),
                user_id,
                action: ActionType::UpdateMapGeometry(UpdateMapGeometryActionPayload::new(
                    map_update_geometry_json.0,
                    map_id_inner,
                )),
            },
        )
        .await;

    Ok(HttpResponse::Ok().json(response))
}

/// Endpoint for soft-deleting a [`Map`](crate::model::entity::Map).
///
/// # Errors
/// * If the connection to the database could not be established.
/// * If the current user does not have the appropriate permissions.
#[utoipa::path(
    context_path = "/api/maps",
    responses(
        (status = 200, description = "Delete a map by id")
    ),
    security(
        ("oauth2" = [])
    )
)]
#[delete("/{map_id}")]
pub async fn delete_by_id(
    map_id: Path<i32>,
    user_info: UserInfo,
    pool: SharedPool,
) -> Result<HttpResponse> {
    let m_id = map_id.into_inner();
    check_permissions(m_id, &pool, user_info, AccessRights::Write).await?;
    service::map::delete_by_id(m_id.into(), &pool).await?;
    Ok(HttpResponse::Ok().finish())
}