register with optional role in the post request

2025-04-11 13:37:57 +02:00
parent 944131d5a6
commit 0fd2a589eb
5 changed files with 52 additions and 2 deletions
--- a/server/src/auth/handlers/register.rs
+++ b/server/src/auth/handlers/register.rs
@@ -5,6 +5,8 @@ use common::proto::multieko2::auth::{RegisterRequest, AuthResponse};
 use crate::db::PgPool;
 use crate::auth::models::AuthError;

+const DEFAULT_ROLE: &str = "accountant";
+
 pub async fn register(
    pool: &PgPool,
    payload: RegisterRequest,
@@ -18,20 +20,28 @@ pub async fn register(
    let password_hash = hash(payload.password, DEFAULT_COST)
        .map_err(|e| Status::internal(AuthError::HashingError(e.to_string()).to_string()))?;

+    let role_to_insert = if payload.role.is_empty() { DEFAULT_ROLE } else { &payload.role };
+
    // Insert user
    let user = sqlx::query!(
        r#"
        INSERT INTO users (username, email, password_hash, role)
-        VALUES ($1, $2, $3, 'accountant')
+        VALUES ($1, $2, $3, $4)
        RETURNING id, username, email, role
        "#,
        payload.username,
        payload.email,
-        password_hash
+        password_hash,
+        role_to_insert
    )
    .fetch_one(pool)
    .await
    .map_err(|e| {
+        if let Some(db_err) = e.as_database_error() {
+            if db_err.constraint() == Some("valid_roles") {
+                return Status::invalid_argument(format!("Invalid role specified: '{}'", role_to_insert));
+            }
+        }
        if e.to_string().contains("duplicate key") {
            Status::already_exists(AuthError::UserExists.to_string())
        } else {