Create AdminUsers that are hardcoded to be me, Toby, or Justin

Author: carols10cents

src/controllers/util.rs

@@ -4,7 +4,7 @@ use conduit_cookie::RequestSession;
 use super::prelude::*;
 
 use crate::middleware::log_request;
-use crate::models::{ApiToken, User};
+use crate::models::{AdminUser, ApiToken, User};
 use crate::util::errors::{
     account_locked, forbidden, internal, AppError, AppResult, InsecurelyGeneratedTokenRevoked,
 };
@@ -28,6 +28,10 @@ impl AuthenticatedUser {
         self.user
     }
 
+    pub fn admin_user(self) -> AppResult<AdminUser> {
+        AdminUser::new(&self.user)
+    }
+
     /// Disallows token authenticated users
     pub fn forbid_api_token_auth(self) -> AppResult<Self> {
         if self.token_id.is_none() {

src/models.rs

@@ -12,7 +12,7 @@ pub use self::owner::{CrateOwner, Owner, OwnerKind};
 pub use self::rights::Rights;
 pub use self::team::{NewTeam, Team};
 pub use self::token::{ApiToken, CreatedApiToken};
-pub use self::user::{NewUser, User};
+pub use self::user::{AdminUser, NewUser, User};
 pub use self::version::{NewVersion, TopVersions, Version};
 
 pub mod helpers;

src/models/user.rs

@@ -4,7 +4,7 @@ use std::borrow::Cow;
 
 use crate::app::App;
 use crate::email::Emails;
-use crate::util::errors::AppResult;
+use crate::util::errors::{forbidden, AppResult};
 
 use crate::models::{ApiToken, Crate, CrateOwner, Email, NewEmail, Owner, OwnerKind, Rights};
 use crate::schema::{crate_owners, emails, users};
@@ -177,4 +177,52 @@ impl User {
             .first(conn)
             .optional()?)
     }
+
+    /// Attempt to turn this user into an AdminUser
+    pub fn admin(&self) -> AppResult<AdminUser> {
+        AdminUser::new(self)
+    }
+}
+
+pub struct AdminUser(User);
+
+impl AdminUser {
+    pub fn new(user: &User) -> AppResult<Self> {
+        match user.gh_login.as_str() {
+            "carols10cents" | "jtgeibel" | "Turbo87" => Ok(Self(user.clone())),
+            _ => Err(forbidden()),
+        }
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn hardcoded_admins() {
+        let user = User {
+            id: 3,
+            gh_access_token: "arbitrary".into(),
+            gh_login: "literally_anything".into(),
+            name: None,
+            gh_avatar: None,
+            gh_id: 7,
+            account_lock_reason: None,
+            account_lock_until: None,
+        };
+        assert!(user.admin().is_err());
+
+        let sneaky_user = User {
+            gh_login: "carols10cents_plus_extra_stuff".into(),
+            ..user
+        };
+        assert!(sneaky_user.admin().is_err());
+
+        let real_real_real = User {
+            gh_login: "carols10cents".into(),
+            ..sneaky_user
+        };
+        assert!(real_real_real.admin().is_ok());
+    }
 }

src/tests/user.rs

@@ -117,6 +117,7 @@ fn me() {
     let user = app.db_new_user("foo");
     let json = user.show_me();
 
+    assert!(!json.user.admin);
     assert_eq!(json.owned_crates.len(), 0);
 
     app.db(|conn| {
@@ -126,6 +127,11 @@ fn me() {
     let updated_json = user.show_me();
 
     assert_eq!(updated_json.owned_crates.len(), 1);
+
+    let admin_user = app.db_new_user("carols10cents");
+    let admin_json = admin_user.show_me();
+
+    assert!(admin_json.user.admin);
 }
 
 #[test]

src/views.rs

@@ -503,6 +503,7 @@ pub struct EncodablePrivateUser {
     pub email: Option<String>,
     pub avatar: Option<String>,
     pub url: Option<String>,
+    pub admin: bool,
 }
 
 impl EncodablePrivateUser {
@@ -513,6 +514,7 @@ impl EncodablePrivateUser {
         email_verified: bool,
         email_verification_sent: bool,
     ) -> Self {
+        let admin = user.admin().is_ok();
         let User {
             id,
             name,
@@ -531,6 +533,7 @@ impl EncodablePrivateUser {
             login: gh_login,
             name,
             url: Some(url),
+            admin,
         }
     }
 }