diff --git a/backend/src/main.rs b/backend/src/main.rs index a1e0e93..6f4979d 100644 --- a/backend/src/main.rs +++ b/backend/src/main.rs @@ -1,1432 +1,287 @@ -use std::collections::HashMap; -use serde_derive::{Serialize, Deserialize}; -use mysql::*; -use mysql::prelude::*; -use std::convert::Infallible; -use std::net::SocketAddr; -use hyper::{Body, Client, Method, Request, Response, Server, StatusCode}; -use hyper::service::{make_service_fn, service_fn}; -use bcrypt::{DEFAULT_COST, hash, verify}; -use rand::{OsRng, Rng}; -use serde_json::Map; + use std::collections::HashMap; + use serde_derive::{Serialize, Deserialize}; + use mysql::*; + use mysql::prelude::*; + use std::convert::Infallible; + use std::net::SocketAddr; + use hyper::{Body, Client, Method, Request, Response, Server, StatusCode}; + use hyper::service::{make_service_fn, service_fn}; + use bcrypt::{DEFAULT_COST, hash, verify}; + use rand::{OsRng, Rng}; + use serde_json::Map; + use std::thread; + use std::time::Duration; + use tokio::time::sleep; -#[derive(Serialize, Deserialize)] -struct Proposal { - id: i32, - ladderid: i32, - winner: String, - proposer: i32, - approver: i32, - score: String, -} + #[derive(Serialize, Deserialize)] + struct SearchResult { + name: String, + surname: String, + } -#[derive(Serialize, Deserialize)] -struct User { - id: i32, - name: String, - surname: String, - role: String, - login: String, - phone: String, - mail: String, - ranking: i32, -} + #[derive(Serialize, Deserialize)] + struct Proposal { + id: i32, + ladderid: i32, + winner: String, + proposer: i32, + approver: i32, + score: String, + } -#[derive(Serialize, Deserialize)] -struct leaderboard { - name: String, - surname: String, - ranking: i32, -} + #[derive(Serialize, Deserialize)] + struct User { + id: i32, + name: String, + surname: String, + role: String, + login: String, + phone: String, + mail: String, + ranking: i32, + } -#[derive(Serialize, Deserialize)] -struct ladderRaw { - id: i32, - inAtype: String, - inA: String, - inBtype: String, - inB: String, - winner: String, - round: String, - scores: String, -} + #[derive(Serialize, Deserialize)] + struct leaderboard { + name: String, + surname: String, + ranking: i32, + } -#[derive(Serialize, Deserialize)] -struct Registration { - id: i32, - userid: i32, - tournamentid: String, - paymenttype: String, - paymentstatus: String, - approval: String, - partner: i32, -} + #[derive(Serialize, Deserialize)] + struct ladderRaw { + id: i32, + inAtype: String, + inA: String, + inBtype: String, + inB: String, + winner: String, + round: String, + scores: String, + } -#[derive(Serialize, Deserialize)] -struct Usera { - id: i32, - name: String, - surname: String, - role: String, - login: String, - phone: String, - mail: String, - deleted: i32, - ranking: i32, -} + #[derive(Serialize, Deserialize)] + struct Registration { + id: i32, + userid: i32, + tournamentid: String, + paymenttype: String, + paymentstatus: String, + approval: String, + partner: i32 + } -#[derive(Serialize, Deserialize)] -struct tournament { - id: i32, - name: String, - typeOfLadder: String, - pointsForTournament: i32, - places: i32, - roles: String, - creator: i32, - approved: i32, - state: i32, - currentRound: i32, -} + #[derive(Serialize, Deserialize)] + struct Usera { + id: i32, + name: String, + surname: String, + role: String, + login: String, + phone: String, + mail: String, + deleted: i32, + ranking: i32, + } -#[derive(Serialize, Deserialize)] -struct tournamenta { - id: i32, - name: String, - typeOfLadder: String, - pointsForTournament: i32, - places: i32, - roles: String, - creator: i32, - approved: i32, - deleted: i32, - state: i32, - currentRound: i32, -} + #[derive(Serialize, Deserialize)] + struct tournament { + id: i32, + name: String, + typeOfLadder: String, + pointsForTournament: i32, + places: i32, + roles: String, + creator: i32, + approved: i32, + state: i32, + currentRound: i32, + from: String, + to: String, + place: String, + categotry: String, + rang: String, + entryFee: i32, + director: String, + phone: String, + entriesTo: String, + additionalInformations: String, + visibility: String, + } -thread_local!(static POOL: Pool = Pool::new(Opts::from_url("mysql://inz:HaLzqw68CbabS8Smz3Vx!@10.1.6.101:3306/inz").unwrap()).unwrap()); + #[derive(Serialize, Deserialize)] + struct tournamenta { + id: i32, + name: String, + typeOfLadder: String, + pointsForTournament: i32, + places: i32, + roles: String, + creator: i32, + approved: i32, + deleted: i32, + state: i32, + currentRound: i32, + from: String, + to: String, + place: String, + categotry: String, + rang: String, + entryFee: i32, + director: String, + phone: String, + entriesTo: String, + additionalInformations: String, + visibility: String, + } -async fn hello_world(req: Request) -> Result> { - let mut response = Response::new(Body::empty()); - match (req.method(), req.uri().path()) { - (&Method::GET, "/proposals/pending") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - let urow = row.unwrap().unwrap(); - let uid: i32 = urow.get(0).unwrap(); - let res = poola.get_conn().unwrap() - .exec_map( - "SELECT * FROM inz.winProposals where proposer in (Select id from registrations where ? = userid or ? = partner ) or approver in (Select id from registrations where ? = userid or ? = partner );", (&uid, &uid, &uid, &uid), - |(id, ladderid, winner, proposer, approver, score)| { - Proposal { id, ladderid, winner, proposer, approver, score } - }, - ); - *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } + thread_local!(static POOL: Pool = Pool::new(Opts::from_url("mysql://inz:****!@*****:3306/inz").unwrap()).unwrap()); + + async fn hello_world(req: Request) -> Result> { + let mut response = Response::new(Body::empty()); + response.headers_mut().insert("Access-Control-Allow-Origin","*".parse().unwrap()); + response.headers_mut().insert("Access-Control-Allow-Methods","POST, GET, OPTIONS, PUT, DELETE".parse().unwrap()); + response.headers_mut().insert("Access-Control-Allow-Headers","*".parse().unwrap()); + if req.method() == &Method::OPTIONS{ + return Ok(response); } - (&Method::POST, "/proposal/approve") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - let mut row: Option> = None; - let mut row2: Option> = None; - let mut row3: Option> = None; - if !s.contains_key("id") { - *response.body_mut() = "{\"error\":\"id is required\"}".into(); - return Ok(response); - } - let id = s.get("id").unwrap().to_string(); - - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - let mut con2 = poola.get_conn().unwrap(); - let mut result2 = con2.exec_iter("Select ladderid, winner, score from winProposals where id =?;", (&id, )).unwrap(); - let mut it2 = result2.iter().unwrap(); - row2 = it2.next(); - let mut con3 = poola.get_conn().unwrap(); - let mut result3 = con3.exec_iter("Select userid, partner from registrations where id =(Select approver from winProposals where id =?);", (&id, )).unwrap(); - let mut it3 = result3.iter().unwrap(); - row3 = it3.next(); - }); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return Ok(response); - } - if row2.is_none() { - *response.status_mut() = StatusCode::BAD_REQUEST; - return Ok(response); - } - let urow = row.unwrap().unwrap(); - let urow2 = row2.unwrap().unwrap(); - let urow3 = row3.unwrap().unwrap(); - let uid: i32 = urow.get(0).unwrap(); - let user: i32 = urow3.get(0).unwrap(); - let partner: i32 = urow3.get(1).unwrap(); - if !(uid == user || uid == partner) { - *response.status_mut() = StatusCode::BAD_REQUEST; - return Ok(response); - } - let ladderid: i32 = urow2.get(0).unwrap(); - let winner: String = urow2.get(1).unwrap(); - let score: String = urow2.get(2).unwrap(); - POOL.with(|poola| { - poola.get_conn().unwrap().exec_drop("Update ladder set winner =?, scores=? where id = ?", (winner, score, ladderid)).unwrap(); - poola.get_conn().unwrap().exec_drop("delete from winProposals where id = ?", (id, )).unwrap(); - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::PUT, "/proposal") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - let mut row: Option> = None; - let mut row2: Option> = None; - let ladderid = s.get("ladderid").unwrap().to_string(); - - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - let mut con2 = poola.get_conn().unwrap(); - let mut result2 = con2.exec_iter("Select inAtype, inA, inBtype, inB from ladder where deleted = 0 and id =? and winner ='0';", (&ladderid, )).unwrap(); - let mut it2 = result2.iter().unwrap(); - row2 = it2.next(); - }); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return Ok(response); - } - if row2.is_none() { - *response.status_mut() = StatusCode::BAD_REQUEST; - return Ok(response); - } - let urow = row.unwrap().unwrap(); - let urow2 = row2.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let inAtype: String = urow2.get(0).unwrap(); - let mut inA: String = urow2.get(1).unwrap(); - let inBtype: String = urow2.get(2).unwrap(); - let mut inB: String = urow2.get(3).unwrap(); - if s.contains_key("score") && s.contains_key("winner") { - if s.get("winner").unwrap() != "A" && s.get("winner").unwrap() != "B" { - *response.body_mut() = "{\"error\":\"winner must be A or B\"}".into(); - return Ok(response); - } - if inAtype != "R" { - let mut res3: Option> = None; - POOL.with(|poola| { - res3 = poola.get_conn().unwrap() - .exec_iter("WITH RECURSIVE menu_tree -AS ( -SELECT if('A' ='A', inAtype, inBtype) as 'type', if('A' ='A', inA, inB) as 'val' from ladder where id =? - UNION ALL - SELECT if(mn.type ='W', if(la.winner ='A', inAtype, if(la.winner ='B', la.inBtype, null)), if(la.winner ='A', la.inBtype, if(la.winner ='B', la.inAtype, null))) , if(mn.type ='W', if(la.winner ='A', la.inA, if(la.winner ='B', la.inB, null)), if(la.winner ='A', la.inB, if(la.winner ='B', la.inA, null))) - FROM menu_tree mn, inz.ladder la - WHERE mn.val= la.id and mn.type != 'R' -) - SELECT * FROM menu_tree where type = 'R'", (&ladderid, ), - ).unwrap().iter().unwrap().next(); - }); - if !res3.is_none() { - let urow3 = res3.unwrap().unwrap(); - inA = urow3.get(1).unwrap(); - } else { - *response.status_mut() = StatusCode::BAD_REQUEST; - return Ok(response); - } - } - if inBtype != "R" { - let mut res3: Option> = None; - POOL.with(|poola| { - res3 = poola.get_conn().unwrap() - .exec_iter("WITH RECURSIVE menu_tree -AS ( -SELECT if('B' ='A', inAtype, inBtype) as 'type', if('B' ='A', inA, inB) as 'val' from ladder where id =? - UNION ALL - SELECT if(mn.type ='W', if(la.winner ='A', inAtype, if(la.winner ='B', la.inBtype, null)), if(la.winner ='A', la.inBtype, if(la.winner ='B', la.inAtype, null))) , if(mn.type ='W', if(la.winner ='A', la.inA, if(la.winner ='B', la.inB, null)), if(la.winner ='A', la.inB, if(la.winner ='B', la.inA, null))) - FROM menu_tree mn, inz.ladder la - WHERE mn.val= la.id and mn.type != 'R' -) - SELECT * FROM menu_tree where type = 'R'", (&ladderid, ), - ).unwrap().iter().unwrap().next(); - }); - if !res3.is_none() { - let urow3 = res3.unwrap().unwrap(); - inB = urow3.get(1).unwrap(); - } else { - *response.status_mut() = StatusCode::BAD_REQUEST; - return Ok(response); - } - } - let mut res3: Option> = None; - let mut res4: Option> = None; - POOL.with(|poola| { - res3 = poola.get_conn().unwrap() - .exec_iter("SELECT userid, partner FROM inz.registrations where id = ?;", (&inA, ), - ).unwrap().iter().unwrap().next(); - res4 = poola.get_conn().unwrap() - .exec_iter("SELECT userid, partner FROM inz.registrations where id = ?;", (&inB, ), - ).unwrap().iter().unwrap().next(); - }); - let urow3 = res3.unwrap().unwrap(); - let urow4 = res4.unwrap().unwrap(); - let mut prop = ""; - let mut acc = ""; - let u1: i32 = urow3.get(0).unwrap(); - let u2: i32 = urow3.get(1).unwrap(); - let u3: i32 = urow4.get(0).unwrap(); - let u4: i32 = urow4.get(1).unwrap(); - if u1 == id || u2 == id { - prop = &inA; - acc = &inB; - } else { - if u3 == id || u4 == id { - prop = &inB; - acc = &inA; - } else { - *response.status_mut() = StatusCode::BAD_REQUEST; - return Ok(response); - } - } - POOL.with(|poola| { - let nid = "{\"id\":".to_owned() + &poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`winProposals`(ladderid, winner, proposer, approver, score) VALUES (?,?,?,?,?);", (&ladderid, s.get("winner"), prop, acc, s.get("score"))).unwrap().last_insert_id().unwrap().to_string() + "\"}"; - *response.body_mut() = nid.into(); - }); - } else { - *response.body_mut() = "{\"error\":\"not all fields\"}".into(); - } - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::GET, "/ladders/solved") => { - let query: &str = req.uri().query().unwrap(); - let mut splited = query.split("="); - - let id = splited.next().unwrap(); - let val = splited.next().unwrap(); - if id != "id" { - *response.body_mut() = "{\"error\":\"id required\"}".into(); - return Ok(response); - } - POOL.with(|poola| { - let res = poola.get_conn().unwrap() - .exec_iter( - "SELECT id, inAtype, inA, inBtype, inB, winner, round, scores from ladder where deleted =0 and id = ?", (val, ), - ).unwrap().iter().unwrap().next(); - let res2 = poola.get_conn().unwrap() - .exec_iter("WITH RECURSIVE menu_tree -AS ( -SELECT if('A' ='A', inAtype, inBtype) as 'type', if('A' ='A', inA, inB) as 'val' from ladder where id =? - UNION ALL - SELECT if(mn.type ='W', if(la.winner ='A', inAtype, if(la.winner ='B', la.inBtype, null)), if(la.winner ='A', la.inBtype, if(la.winner ='B', la.inAtype, null))) , if(mn.type ='W', if(la.winner ='A', la.inA, if(la.winner ='B', la.inB, null)), if(la.winner ='A', la.inB, if(la.winner ='B', la.inA, null))) - FROM menu_tree mn, inz.ladder la - WHERE mn.val= la.id and mn.type != 'R' -) - SELECT * FROM menu_tree where type = 'R'", (val, ), - ).unwrap().iter().unwrap().next(); - let res3 = poola.get_conn().unwrap() - .exec_iter("WITH RECURSIVE menu_tree -AS ( -SELECT if('B' ='A', inAtype, inBtype) as 'type', if('B' ='A', inA, inB) as 'val' from ladder where id =? - UNION ALL - SELECT if(mn.type ='W', if(la.winner ='A', inAtype, if(la.winner ='B', la.inBtype, null)), if(la.winner ='A', la.inBtype, if(la.winner ='B', la.inAtype, null))) , if(mn.type ='W', if(la.winner ='A', la.inA, if(la.winner ='B', la.inB, null)), if(la.winner ='A', la.inB, if(la.winner ='B', la.inA, null))) - FROM menu_tree mn, inz.ladder la - WHERE mn.val= la.id and mn.type != 'R' -) - SELECT * FROM menu_tree where type = 'R'", (val, ), - ).unwrap().iter().unwrap().next(); - let ur = res.unwrap().unwrap(); - let id1: i32 = ur.get(0).unwrap(); - let mut inAtype: String = ur.get(1).unwrap(); - let mut inA: String = ur.get(2).unwrap(); - let mut inBtype: String = ur.get(3).unwrap(); - let mut inB: String = ur.get(4).unwrap(); - let winner: String = ur.get(5).unwrap(); - let round: String = ur.get(6).unwrap(); - let scores: String = ur.get(7).unwrap(); - if !res2.is_none() { - let urow3 = res2.unwrap().unwrap(); - inAtype = urow3.get(0).unwrap(); - inA = urow3.get(1).unwrap(); - } - if !res3.is_none() { - let urow4 = res3.unwrap().unwrap(); - inBtype = urow4.get(0).unwrap(); - inB = urow4.get(1).unwrap(); - } - let res = ladderRaw { id: id1, inAtype: inAtype, inA: inA, inBtype: inBtype, inB: inB, winner: winner, round: round, scores: scores }; - *response.body_mut() = serde_json::to_string(&res).unwrap().into(); - }); - } - (&Method::GET, "/ladders/raw") => { - let query: &str = req.uri().query().unwrap(); - let mut splited = query.split("="); - - let id = splited.next().unwrap(); - let val = splited.next().unwrap(); - if id != "tournamentid" { - *response.body_mut() = "{\"error\":\"tournamentid required\"}".into(); - return Ok(response); - } - POOL.with(|poola| { - let res = poola.get_conn().unwrap() - .exec_map( - "SELECT id, inAtype, inA, inBtype, inB, winner, round, scores from ladder where deleted =0 and tournamentid = ?", (val, ), - |(id, inAtype, inA, inBtype, inB, winner, round, scores)| { - ladderRaw { id, inAtype, inA, inBtype, inB, winner, round, scores } - }, - ); - *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - }); - } - (&Method::POST, "/ladder") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if !s.contains_key("id") { - *response.body_mut() = "{\"error\":\"id is required\"}".into(); - return Ok(response); - } - - let mut row: Option> = None; - let mut row3: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id, role from users where (role='2' or role='3' )and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - }); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return Ok(response); - } - - let urow = row.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - let tournamentid = s.get("id"); - if role == "2" { - POOL.with(|poola| { - let mut con3 = poola.get_conn().unwrap(); - let mut result3 = con3.exec_iter("Select creator from tournaments where id = (Select tournamentid from ladder where id =?);", (&tournamentid, )).unwrap(); - let mut it3 = result3.iter().unwrap(); - row3 = it3.next(); - }); - let urow3 = row3.unwrap().unwrap(); - let creator: i32 = urow3.get(0).unwrap(); - if creator != id { - *response.status_mut() = StatusCode::NOT_FOUND; - return Ok(response); - } - } - POOL.with(|poola| { - if s.contains_key("inAtype") { - if s.get("inAtype").unwrap() != "R" && s.get("inAtype").unwrap() != "W" && s.get("inAtype").unwrap() != "L" { - *response.body_mut() = "{\"error\":\"inAtype must be R, W or L\"}".into(); - return; - } - poola.get_conn().unwrap().exec_drop("Update ladder set inAtype =? where id = ? and deleted =0", (s.get("inAtype"), &tournamentid)).unwrap(); - } - if s.contains_key("inBtype") { - if s.get("inBtype").unwrap() != "R" && s.get("inBtype").unwrap() != "W" && s.get("inBtype").unwrap() != "L" { - *response.body_mut() = "{\"error\":\"inBtype must be R, W or L\"}".into(); - return; - } - poola.get_conn().unwrap().exec_drop("Update ladder set inBtype =? where id = ? and deleted =0", (s.get("inBtype"), &tournamentid)).unwrap(); - } - if s.contains_key("inA") { - poola.get_conn().unwrap().exec_drop("Update ladder set inA =? where id = ? and deleted =0", (s.get("inA"), &tournamentid)).unwrap(); - } - if s.contains_key("inB") { - poola.get_conn().unwrap().exec_drop("Update ladder set inB =? where id = ? and deleted =0", (s.get("inB"), &tournamentid)).unwrap(); - } - if s.contains_key("winner") { - poola.get_conn().unwrap().exec_drop("Update ladder set winner =? where id = ? and deleted =0", (s.get("winner"), &tournamentid)).unwrap(); - } - if s.contains_key("round") { - poola.get_conn().unwrap().exec_drop("Update ladder set round =? where id = ? and deleted =0", (s.get("round"), &tournamentid)).unwrap(); - } - if s.contains_key("scores") { - poola.get_conn().unwrap().exec_drop("Update ladder set scores =? where id = ? and deleted =0", (s.get("scores"), &tournamentid)).unwrap(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::DELETE, "/ladder") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if !s.contains_key("id") { - *response.body_mut() = "{\"error\":\"id is required\"}".into(); - return Ok(response); - } - - let mut row: Option> = None; - let mut row3: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id, role from users where (role='2' or role='3' )and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - }); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return Ok(response); - } - - let urow = row.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - let tournamentid = s.get("id"); - if role == "2" { - POOL.with(|poola| { - let mut con3 = poola.get_conn().unwrap(); - let mut result3 = con3.exec_iter("Select creator from tournaments where id = (Select tournamentid from ladder where id =?);", (&tournamentid, )).unwrap(); - let mut it3 = result3.iter().unwrap(); - row3 = it3.next(); - }); - let urow3 = row3.unwrap().unwrap(); - let creator: i32 = urow3.get(0).unwrap(); - if creator != id { - *response.status_mut() = StatusCode::NOT_FOUND; - return Ok(response); - } - } - POOL.with(|poola| { - poola.get_conn().unwrap().exec_drop("Update ladder set deleted =1 where id = ?", (&s.get("id"), )).unwrap(); - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::PUT, "/ladder") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if !s.contains_key("inAtype") || !s.contains_key("inA") || !s.contains_key("inBtype") || !s.contains_key("inB") || !s.contains_key("round") || !s.contains_key("tournamentid") { - *response.body_mut() = "{\"error\":\"no all fields\"}".into(); - return Ok(response); - } - if s.get("inBtype").unwrap() != "R" && s.get("inBtype").unwrap() != "W" && s.get("inBtype").unwrap() != "L" { - *response.body_mut() = "{\"error\":\"inBtype must be R, W or L\"}".into(); - return Ok(response); - } - if s.get("inAtype").unwrap() != "R" && s.get("inAtype").unwrap() != "W" && s.get("inAtype").unwrap() != "L" { - *response.body_mut() = "{\"error\":\"inAtype must be R, W or L\"}".into(); - return Ok(response); - } - let mut row: Option> = None; - let mut row3: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id, role from users where (role='2' or role='3' )and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - }); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return Ok(response); - } - - let urow = row.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - let tournamentid = s.get("tournamentid"); - if role == "2" { - POOL.with(|poola| { - let mut con3 = poola.get_conn().unwrap(); - let mut result3 = con3.exec_iter("Select creator from tournaments where id = ?;", (&tournamentid, )).unwrap(); - let mut it3 = result3.iter().unwrap(); - row3 = it3.next(); - }); - let urow3 = row3.unwrap().unwrap(); - let creator: i32 = urow3.get(0).unwrap(); - if creator != id { - *response.status_mut() = StatusCode::NOT_FOUND; - return Ok(response); - } - } - POOL.with(|poola| { - let nid = "{\"id\":".to_owned() + &poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`ladder`(`inAtype`,`inA`,`inBtype`,`inB`,`winner`,`round`,`scores`,`tournamentid`,`deleted`) VALUES (?,?,?,?,'0',?,'-1',?,0);", (s.get("inAtype"), s.get("inA"), s.get("inBtype"), s.get("inB"), s.get("round"), s.get("tournamentid"))).unwrap().last_insert_id().unwrap().to_string() + "\"}"; - *response.body_mut() = nid.into(); - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::GET, "/leaderboard") => { - POOL.with(|poola| { - let res = poola.get_conn().unwrap() - .query_map( - "SELECT name, surname, ranking from users where deleted =0 order by ranking DESC", - |(name, surname, ranking)| { - leaderboard { name, surname, ranking } - }, - ); - *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - }); - } - (&Method::POST, "/tournament/cancelTournament") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if !s.contains_key("id") { - *response.body_mut() = "{\"error\":\"id required\"}".into(); - return Ok(response); - } - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let urow = row.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - let mut conn1 = poola.get_conn().unwrap(); - let mut result1 = conn1.exec_iter("Select creator, state from tournaments where id = ?", (&s.get("id"), )).unwrap(); - let mut it1 = result1.iter().unwrap(); - let row1 = it1.next(); - let urow1 = row1.unwrap().unwrap(); - let creator: i32 = urow1.get(0).unwrap(); - let state: i32 = urow1.get(1).unwrap(); - if state == 3 { - *response.status_mut() = StatusCode::BAD_REQUEST; - return; - } - if role == "2" { - if creator != id { - return; - } - poola.get_conn().unwrap().exec_drop("Update tournaments set state =4 where id = ?", (&s.get("id"), )).unwrap(); - } else { - poola.get_conn().unwrap().exec_drop("Update tournaments set state =4 where id = ?", (&s.get("id"), )).unwrap(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/tournament/endTournament") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - - let parsed: serde_json::Value = serde_json::from_slice(&byte_stream).unwrap(); - if parsed.get("id") == None { - *response.body_mut() = "{\"error\":\"id required\"}".into(); - return Ok(response); - } - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let urow = row.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - let mut conn1 = poola.get_conn().unwrap(); - let mut result1 = conn1.exec_iter("Select creator, state, approved from tournaments where id = ? b", (&parsed.get("id"), )).unwrap(); - let mut it1 = result1.iter().unwrap(); - let row1 = it1.next(); - let urow1 = row1.unwrap().unwrap(); - let creator: i32 = urow1.get(0).unwrap(); - let state: i32 = urow1.get(1).unwrap(); - let approved: i32 = urow1.get(2).unwrap(); - if state != 2 { - *response.status_mut() = StatusCode::BAD_REQUEST; - return; - } - if role == "2" { - if creator != id { - return; - } - poola.get_conn().unwrap().exec_drop("Update tournaments set state =3 where id = ?", (&parsed.get("id"), )).unwrap(); - } else { - poola.get_conn().unwrap().exec_drop("Update tournaments set state =3 where id = ?", (&parsed.get("id"), )).unwrap(); - } - if approved == 2 { - let arr: &Vec = parsed.get("results").unwrap().as_array().unwrap(); - for i in 0..arr.len() { - let cur: &Map = arr.get(i).unwrap().as_object().unwrap(); - poola.get_conn().unwrap().exec_drop("Update users set ranking =ranking+? where id = (Select userid from registrations where id = ?) or id = (Select partner from registrations where id = ?)", (&cur.get("points"), &cur.get("rid"), &cur.get("rid"))).unwrap(); - } - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/tournament/startTournament") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if !s.contains_key("id") { - *response.body_mut() = "{\"error\":\"id required\"}".into(); - return Ok(response); - } - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let urow = row.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - let mut conn1 = poola.get_conn().unwrap(); - let mut result1 = conn1.exec_iter("Select creator, state from tournaments where id = ?", (&s.get("id"), )).unwrap(); - let mut it1 = result1.iter().unwrap(); - let row1 = it1.next(); - let urow1 = row1.unwrap().unwrap(); - let creator: i32 = urow1.get(0).unwrap(); - let state: i32 = urow1.get(1).unwrap(); - if state != 1 { - *response.status_mut() = StatusCode::BAD_REQUEST; - return; - } - if role == "2" { - if creator != id { - return; - } - poola.get_conn().unwrap().exec_drop("Update tournaments set state =2 where id = ?", (&s.get("id"), )).unwrap(); - } else { - poola.get_conn().unwrap().exec_drop("Update tournaments set state =2 where id = ?", (&s.get("id"), )).unwrap(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/tournament/closeRegistrations") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if !s.contains_key("id") { - *response.body_mut() = "{\"error\":\"id required\"}".into(); - return Ok(response); - } - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let urow = row.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - let mut conn1 = poola.get_conn().unwrap(); - let mut result1 = conn1.exec_iter("Select creator, state from tournaments where id = ?", (&s.get("id"), )).unwrap(); - let mut it1 = result1.iter().unwrap(); - let row1 = it1.next(); - let urow1 = row1.unwrap().unwrap(); - let creator: i32 = urow1.get(0).unwrap(); - let state: i32 = urow1.get(1).unwrap(); - if state != 0 { - *response.status_mut() = StatusCode::BAD_REQUEST; - return; - } - if role == "2" { - if creator != id { - return; - } - poola.get_conn().unwrap().exec_drop("Update tournaments set state =1 where id = ?", (&s.get("id"), )).unwrap(); - } else { - poola.get_conn().unwrap().exec_drop("Update tournaments set state =1 where id = ?", (&s.get("id"), )).unwrap(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/registration/approve") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if !s.contains_key("id") { - *response.body_mut() = "{\"error\":\"id required\"}".into(); - return Ok(response); - } - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let urow = row.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - if role == "2" { - let mut conn1 = poola.get_conn().unwrap(); - let mut result1 = conn1.exec_iter("Select userid from registrations where id = ?", (&s.get("id"), )).unwrap(); - let mut it1 = result1.iter().unwrap(); - let row1 = it1.next(); - let urow1 = row1.unwrap().unwrap(); - let userid: i32 = urow1.get(0).unwrap(); - if userid != id { - return; - } - poola.get_conn().unwrap().exec_drop("Update registrations set approval ='1' where id = ?", (&s.get("id"), )).unwrap(); - } else { - poola.get_conn().unwrap().exec_drop("Update registrations set approval ='1' where id = ?", (&s.get("id"), )).unwrap(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::GET, "/registrations") => { - if req.headers().contains_key("Authorization") { + match (req.method(), req.uri().path()) { + (&Method::GET, "/user/byId") => { let query: &str = req.uri().query().unwrap(); let mut splited = query.split("="); + let id = splited.next().unwrap(); let val = splited.next().unwrap(); if id != "id" { *response.body_mut() = "{\"error\":\"id required\"}".into(); return Ok(response); } - - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id,role from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - - let urow = row.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - if role == "1" { + POOL.with(|poola| { let res = poola.get_conn().unwrap() .exec_map( - "SELECT `registrations`.`id`,`registrations`.`userid`,`registrations`.`tournamentid`,`registrations`.`paymenttype`,`registrations`.`paymentstatus`,`registrations`.`approval`,`registrations`.`partner` FROM `inz`.`registrations` where tournamentid= ? and (userid=? or partner -?);", (&val, id, id), - |(id, userid, tournamentid, paymenttype, paymentstatus, approval, partner)| { - Registration { id, userid, tournamentid, paymenttype, paymentstatus, approval, partner } + "SELECT name, surname FROM users where deleted =0 and id = ? ;", (&val, ), + |(name,surname)| { + SearchResult { name,surname } + }, + ); + *response.body_mut() = serde_json::to_string(&res.unwrap().get(0)).unwrap().into(); + }); + + } + (&Method::GET, "/proposals/pending") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + let urow = row.unwrap().unwrap(); + let uid: i32 = urow.get(0).unwrap(); + let res = poola.get_conn().unwrap() + .exec_map( + "SELECT * FROM inz.winProposals where proposer in (Select id from registrations where ? = userid or ? = partner ) or approver in (Select id from registrations where ? = userid or ? = partner );", (&uid, &uid, &uid, &uid), + |(id, ladderid, winner, proposer, approver, score)| { + Proposal { id, ladderid, winner, proposer, approver, score } }, ); *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - } else { - if role == "2" { - let mut conn1 = poola.get_conn().unwrap(); - let mut result1 = conn1.exec_iter("Select creator from tournaments where id = ?", (&val, )).unwrap(); - let mut it1 = result1.iter().unwrap(); - let row1 = it1.next(); - let urow1 = row1.unwrap().unwrap(); - let userid: i32 = urow1.get(0).unwrap(); - if userid != id { - let res = poola.get_conn().unwrap() - .exec_map( - "SELECT `registrations`.`id`,`registrations`.`userid`,`registrations`.`tournamentid`,`registrations`.`paymenttype`,`registrations`.`paymentstatus`,`registrations`.`approval`,`registrations`.`partner` FROM `inz`.`registrations` where tournamentid= ? and (userid=? or partner -?);", (&val, id, id), - |(id, userid, tournamentid, paymenttype, paymentstatus, approval, partner)| { - Registration { id, userid, tournamentid, paymenttype, paymentstatus, approval, partner } - }, - ); - *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - return; - } - - - let res = poola.get_conn().unwrap() - .exec_map( - "SELECT `registrations`.`id`,`registrations`.`userid`,`registrations`.`tournamentid`,`registrations`.`paymenttype`,`registrations`.`paymentstatus`,`registrations`.`approval`,`registrations`.`partner` FROM `inz`.`registrations` where tournamentid= ?;", (&val, ), - |(id, userid, tournamentid, paymenttype, paymentstatus, approval, partner)| { - Registration { id, userid, tournamentid, paymenttype, paymentstatus, approval, partner } - }, - ); - *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - } else { - let res = poola.get_conn().unwrap() - .exec_map( - "SELECT `registrations`.`id`,`registrations`.`userid`,`registrations`.`tournamentid`,`registrations`.`paymenttype`,`registrations`.`paymentstatus`,`registrations`.`approval` ,`registrations`.`partner` FROM `inz`.`registrations` where tournamentid= ?;", (&val, ), - |(id, userid, tournamentid, paymenttype, paymentstatus, approval, partner)| { - Registration { id, userid, tournamentid, paymenttype, paymentstatus, approval, partner } - }, - ); - *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - } - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/admin/user") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - let mut row: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - if !s.contains_key("id") { - *response.body_mut() = Body::from("{\"error\":\"id is required\"}"); - return; - } - let idi = s.get("id").unwrap(); - if s.contains_key("name") { - poola.get_conn().unwrap().exec_drop("Update users set name =? where id = ?", (s.get("name"), idi)).unwrap(); - } - if s.contains_key("surname") { - poola.get_conn().unwrap().exec_drop("Update users set surname =? where id = ?", (s.get("surname"), idi)).unwrap(); - } - if s.contains_key("password") { - poola.get_conn().unwrap().exec_drop("Update users set password =? where id = ?", (hash(s.get("password").unwrap().to_string(), DEFAULT_COST - 6).unwrap(), idi)).unwrap(); - } - if s.contains_key("mail") { - poola.get_conn().unwrap().exec_drop("Update users set mail =? where id = ?", (s.get("mail"), idi)).unwrap(); - } - if s.contains_key("phone") { - poola.get_conn().unwrap().exec_drop("Update users set phone =? where id = ?", (s.get("phone"), idi)).unwrap(); - } - if s.contains_key("role") { - poola.get_conn().unwrap().exec_drop("Update users set role =? where id = ?", (s.get("role"), idi)).unwrap(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::DELETE, "/admin/user") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - let mut row: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - if !s.contains_key("id") { - *response.body_mut() = Body::from("{\"error\":\"id is required\"}"); - return; - } - poola.get_conn().unwrap().exec_drop("Update users set deleted =1 where id = ?", (&s.get("id"), )).unwrap(); - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::GET, "/admin/users") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let mut row: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let res = poola.get_conn().unwrap() - .query_map( - "SELECT `id`, `name`, `surname`, `role`, `login`, `mail`, `phone`,`deleted`, `ranking` from users ", - |(id, name, surname, role, login, mail, phone, deleted, ranking)| { - Usera { id, name, surname, role, login, mail, phone, deleted, ranking } - }, - ); - *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::DELETE, "/admin/tournament") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - let mut row: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - if !s.contains_key("id") { - *response.body_mut() = Body::from("{\"error\":\"id is required\"}"); - return; - } - poola.get_conn().unwrap().exec_drop("Update tournaments set deleted =1 where id = ?", (&s.get("id"), )).unwrap(); - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/admin/tournament") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - let mut row: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - if !s.contains_key("id") { - *response.body_mut() = Body::from("{\"error\":\"id is required\"}"); - return; - } - if s.contains_key("name") { - poola.get_conn().unwrap().exec_drop("Update tournaments set name =? where id = ?", (s.get("name"), &s.get("id"))).unwrap(); - } - if s.contains_key("typeOfLadder") { - poola.get_conn().unwrap().exec_drop("Update tournaments set typeOfLadder =? where id = ?", (s.get("typeOfLadder"), &s.get("id"))).unwrap(); - } - if s.contains_key("pointsForTournament") { - poola.get_conn().unwrap().exec_drop("Update tournaments set pointsForTournament =? where id = ?", (s.get("pointsForTournament"), &s.get("id"))).unwrap(); - } - if s.contains_key("places") { - poola.get_conn().unwrap().exec_drop("Update tournaments set places =? where id = ?", (s.get("places"), &s.get("id"))).unwrap(); - } - if s.contains_key("roles") { - poola.get_conn().unwrap().exec_drop("Update tournaments set roles =? where id = ?", (s.get("roles"), &s.get("id"))).unwrap(); - } - if s.contains_key("currentRound") { - poola.get_conn().unwrap().exec_drop("Update tournaments set currentRound =? where id = ?", (s.get("currentRound"), &s.get("id"))).unwrap(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::GET, "/admin/tournaments") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let mut row: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let res = poola.get_conn().unwrap() - .query_map( - "SELECT id, name, typeOfLadder, pointsForTournament, places, roles, creator,approved,deleted, state, currentRound from tournaments ", - |(id, name, type_of_ladder, points_for_tournament, places, roles, creator, approved, deleted, state, currentRound)| { - tournamenta { id, name, typeOfLadder: type_of_ladder, places, roles, creator, pointsForTournament: points_for_tournament, approved, deleted, state, currentRound } - }, - ); - *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/admin/approveTurnament") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - let mut row: Option> = None; - let mut row2: Option> = None; - if s.contains_key("id") { - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - let mut con2 = poola.get_conn().unwrap(); - let mut result2 = con2.exec_iter("Select approved from tournaments where id =?;", (&s.get("id").unwrap(), )).unwrap(); - let mut it2 = result2.iter().unwrap(); - row2 = it2.next(); - }); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return Ok(response); - } - let urow2 = row2.unwrap().unwrap(); - let approved: i32 = urow2.get(0).unwrap(); - if approved == 1 { - POOL.with(|poola| { - poola.get_conn().unwrap().exec_drop("Update tournaments set approved =2 where id = ?", (s.get("id").unwrap(), )).unwrap(); - }); - } else { - *response.status_mut() = StatusCode::BAD_REQUEST; - return Ok(response); - } - } else { - *response.body_mut() = "{\"error\":\"missing id\"}".into(); - } - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/registration/payedUsingCash") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if !s.contains_key("id") { - *response.body_mut() = "{\"error\":\"id required\"}".into(); - return Ok(response); - } - - let mut row: Option> = None; - let mut row2: Option> = None; - let mut row3: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id, role from users where (role='2' or role='3' )and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - let mut con2 = poola.get_conn().unwrap(); - let mut result2 = con2.exec_iter("Select paymenttype,tournamentid from registrations where id =?;", (&s.get("id"), )).unwrap(); - let mut it2 = result2.iter().unwrap(); - row2 = it2.next(); - }); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return Ok(response); - } - if row2.is_none() { - *response.status_mut() = StatusCode::NOT_FOUND; - return Ok(response); - } - let urow = row.unwrap().unwrap(); - let urow2 = row2.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - let paymenttype: String = urow2.get(0).unwrap(); - let tournamentid: String = urow2.get(1).unwrap(); - if role == "2" { - POOL.with(|poola| { - let mut con3 = poola.get_conn().unwrap(); - let mut result3 = con3.exec_iter("Select creator from tournaments where id = ?;", (&tournamentid, )).unwrap(); - let mut it3 = result3.iter().unwrap(); - row3 = it3.next(); - }); - let urow3 = row3.unwrap().unwrap(); - let creator: i32 = urow3.get(0).unwrap(); - if creator != id { - *response.status_mut() = StatusCode::NOT_FOUND; - return Ok(response); - } - } - if paymenttype == "cash" { - POOL.with(|poola| { - poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus ='DONE' where id = ?", (&s.get("id"), )).unwrap(); }); } else { - *response.status_mut() = StatusCode::BAD_REQUEST; - return Ok(response); - } - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::GET, "/registration/paymentstatus") => { - if req.headers().contains_key("Authorization") { - let query: &str = req.uri().query().unwrap(); - let mut splited = query.split("="); - let id = splited.next().unwrap(); - let val = splited.next().unwrap(); - if id != "id" { - *response.body_mut() = "{\"error\":\"id required\"}".into(); - return Ok(response); - } - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); } - let token = tmp.next().unwrap().to_string(); - let mut row: Option> = None; - let mut row2: Option> = None; - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id, role from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let mut con2 = poola.get_conn().unwrap(); - let mut result2 = con2.exec_iter("Select paymentstatus, paymentreference, userid, paymenttype from registrations where id =?;", (&val, )).unwrap(); - let mut it2 = result2.iter().unwrap(); - row2 = it2.next(); - }); - if row2.is_none() { - *response.status_mut() = StatusCode::NOT_FOUND; - return Ok(response); - } - let urow = row.unwrap().unwrap(); - let urow2 = row2.unwrap().unwrap(); - let id: i32 = urow.get(0).unwrap(); - let role: String = urow.get(1).unwrap(); - let paymentstatus: String = urow2.get(0).unwrap(); - let paymentreference: String = urow2.get(1).unwrap(); - let userid: i32 = urow2.get(2).unwrap(); - let paymenttype: String = urow2.get(3).unwrap(); - if role == "1" || role == "2" { - if userid != id { - *response.status_mut() = StatusCode::NOT_FOUND; + } + (&Method::POST, "/proposal/approve") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; return Ok(response); } - } - if paymentstatus == "PENDING" && paymenttype != "cash" { - if paymenttype == "btc" { - let client = Client::new(); - let req = Request::builder() - .method(Method::GET) - .uri("http://10.1.6.101:8082/api/v1/stores/6N6yuxW7HGSbHnsLM1csvFqRz72DP2EkY5YFBz4jGdQK/invoices/".to_owned() + &paymentreference) - .header("content-type", "application/json") - .header("Authorization", "token 305562c7ec5f6d6870e534abf86084b085696f92").body(Body::empty()).unwrap(); - let resp = client.request(req).await.unwrap(); - let parsed: serde_json::Value = serde_json::from_slice(hyper::body::to_bytes(resp.into_body()).await.unwrap().as_ref()).unwrap(); - let stat: String = parsed.get("status").unwrap().as_str().unwrap().into(); - if stat == "New" { - *response.body_mut() = Body::from("{\"status\":\"PENDING\"}"); - } else { - if stat == "Settled" { - *response.body_mut() = Body::from("{\"status\":\"DONE\"}"); - POOL.with(|poola| { - poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus ='DONE' where id = ?", (val, )).unwrap(); - }); - } else { - if stat == "Processing" { - *response.body_mut() = Body::from("{\"status\":\"PROCESSING\"}"); - } else { - if stat == "Expired" { - *response.body_mut() = Body::from("{\"status\":\"EXPIRED\"}"); - POOL.with(|poola| { - poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus ='EXPIRED' where id = ?", (val, )).unwrap(); - }); - } else { - *response.body_mut() = Body::from("{\"status\":\"".to_owned() + &stat + "\"}"); - POOL.with(|poola| { - poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus ='?' where id = ?", (stat, val)).unwrap(); - }); - } - } - } - } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + let mut row: Option> = None; + let mut row2: Option> = None; + let mut row3: Option> = None; + if !s.contains_key("id") { + *response.body_mut() = "{\"error\":\"id is required\"}".into(); + return Ok(response); } - } else { - *response.body_mut() = Body::from("{\"status\":\"".to_owned() + &paymentstatus + "\"}"); - } - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::PUT, "/registration") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - let mut row: Option> = None; - let mut row2: Option> = None; - if s.contains_key("tournament") && s.contains_key("paymentmethod") && s.contains_key("partner") { - let tournament = s.get("tournament").unwrap().to_string(); - let partner = s.get("partner").unwrap().to_string(); + let id = s.get("id").unwrap().to_string(); POOL.with(|poola| { let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); let mut it = result.iter().unwrap(); row = it.next(); let mut con2 = poola.get_conn().unwrap(); + let mut result2 = con2.exec_iter("Select ladderid, winner, score from winProposals where id =?;", (&id, )).unwrap(); + let mut it2 = result2.iter().unwrap(); + row2 = it2.next(); + let mut con3 = poola.get_conn().unwrap(); + let mut result3 = con3.exec_iter("Select userid, partner from registrations where id =(Select approver from winProposals where id =?);", (&id, )).unwrap(); + let mut it3 = result3.iter().unwrap(); + row3 = it3.next(); + }); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return Ok(response); + } + if row2.is_none() { + *response.status_mut() = StatusCode::BAD_REQUEST; + return Ok(response); + } + let urow = row.unwrap().unwrap(); + let urow2 = row2.unwrap().unwrap(); + let urow3 = row3.unwrap().unwrap(); + let uid: i32 = urow.get(0).unwrap(); + let user: i32 = urow3.get(0).unwrap(); + let partner: i32 = urow3.get(1).unwrap(); + if !(uid == user || uid == partner) { + *response.status_mut() = StatusCode::BAD_REQUEST; + return Ok(response); + } + let ladderid: i32 = urow2.get(0).unwrap(); + let winner: String = urow2.get(1).unwrap(); + let score: String = urow2.get(2).unwrap(); + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update ladder set winner =?, scores=? where id = ?", (winner, score, ladderid)).unwrap(); + poola.get_conn().unwrap().exec_drop("delete from winProposals where id = ?", (id, )).unwrap(); + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::PUT, "/proposal") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + let mut row: Option> = None; + let mut row2: Option> = None; + let ladderid = s.get("ladderid").unwrap().to_string(); - let mut result2 = con2.exec_iter("Select id from tournaments where state = 0 and id =?;", (&tournament, )).unwrap(); + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + let mut con2 = poola.get_conn().unwrap(); + let mut result2 = con2.exec_iter("Select inAtype, inA, inBtype, inB from ladder where deleted = 0 and id =? and winner ='0';", (&ladderid, )).unwrap(); let mut it2 = result2.iter().unwrap(); row2 = it2.next(); }); @@ -1439,365 +294,1767 @@ SELECT if('B' ='A', inAtype, inBtype) as 'type', if('B' ='A', inA, inB) as 'val' return Ok(response); } let urow = row.unwrap().unwrap(); + let urow2 = row2.unwrap().unwrap(); let id: i32 = urow.get(0).unwrap(); - let paymentmethod = s.get("paymentmethod").unwrap().to_string(); - if paymentmethod == "btc" { - let client = Client::new(); - let req = Request::builder() - .method(Method::POST) - .uri("http://10.1.6.101:8082/api/v1/stores/6N6yuxW7HGSbHnsLM1csvFqRz72DP2EkY5YFBz4jGdQK/invoices") - .header("content-type", "application/json") - .header("Authorization", "token 305562c7ec5f6d6870e534abf86084b085696f92") - .body(Body::from("{\"metadata\": {\"orderId\": \"id123\"},\"checkout\": {\"speedPolicy\": \"LowMediumSpeed\",\"redirectURL\":\"https://www.google.com\"},\"amount\": \"1.00\",\"currency\": \"PLN\"}")).unwrap(); - let resp = client.request(req).await.unwrap(); - let parsed: serde_json::Value = serde_json::from_slice(hyper::body::to_bytes(resp.into_body()).await.unwrap().as_ref()).unwrap(); + let inAtype: String = urow2.get(0).unwrap(); + let mut inA: String = urow2.get(1).unwrap(); + let inBtype: String = urow2.get(2).unwrap(); + let mut inB: String = urow2.get(3).unwrap(); + if s.contains_key("score") && s.contains_key("winner") { + if s.get("winner").unwrap() != "A" && s.get("winner").unwrap() != "B" { + *response.body_mut() = "{\"error\":\"winner must be A or B\"}".into(); + return Ok(response); + } + if inAtype != "R" { + let mut res3: Option> = None; + POOL.with(|poola| { + res3 = poola.get_conn().unwrap() + .exec_iter("WITH RECURSIVE menu_tree + AS ( + SELECT if('A' ='A', inAtype, inBtype) as 'type', if('A' ='A', inA, inB) as 'val' from ladder where id =? + UNION ALL + SELECT if(mn.type ='W', if(la.winner ='A', inAtype, if(la.winner ='B', la.inBtype, null)), if(la.winner ='A', la.inBtype, if(la.winner ='B', la.inAtype, null))) , if(mn.type ='W', if(la.winner ='A', la.inA, if(la.winner ='B', la.inB, null)), if(la.winner ='A', la.inB, if(la.winner ='B', la.inA, null))) + FROM menu_tree mn, inz.ladder la + WHERE mn.val= la.id and mn.type != 'R' + ) + SELECT * FROM menu_tree where type = 'R'", (&ladderid, ), + ).unwrap().iter().unwrap().next(); + }); + if !res3.is_none() { + let urow3 = res3.unwrap().unwrap(); + inA = urow3.get(1).unwrap(); + } else { + *response.status_mut() = StatusCode::BAD_REQUEST; + return Ok(response); + } + } + if inBtype != "R" { + let mut res3: Option> = None; + POOL.with(|poola| { + res3 = poola.get_conn().unwrap() + .exec_iter("WITH RECURSIVE menu_tree + AS ( + SELECT if('B' ='A', inAtype, inBtype) as 'type', if('B' ='A', inA, inB) as 'val' from ladder where id =? + UNION ALL + SELECT if(mn.type ='W', if(la.winner ='A', inAtype, if(la.winner ='B', la.inBtype, null)), if(la.winner ='A', la.inBtype, if(la.winner ='B', la.inAtype, null))) , if(mn.type ='W', if(la.winner ='A', la.inA, if(la.winner ='B', la.inB, null)), if(la.winner ='A', la.inB, if(la.winner ='B', la.inA, null))) + FROM menu_tree mn, inz.ladder la + WHERE mn.val= la.id and mn.type != 'R' + ) + SELECT * FROM menu_tree where type = 'R'", (&ladderid, ), + ).unwrap().iter().unwrap().next(); + }); + if !res3.is_none() { + let urow3 = res3.unwrap().unwrap(); + inB = urow3.get(1).unwrap(); + } else { + *response.status_mut() = StatusCode::BAD_REQUEST; + return Ok(response); + } + } + let mut res3: Option> = None; + let mut res4: Option> = None; POOL.with(|poola| { - let tmp: String = parsed.get("id").unwrap().as_str().unwrap().into(); - let nid: String = poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`registrations`(`userid`,`tournamentid`,`paymenttype`,`paymentstatus`,`approval`,`paymentreference`, `partner`)VALUES(?,?,'btc','PENDING',0,?,?);", (id, tournament, &tmp, partner)).unwrap().last_insert_id().unwrap().to_string(); - let mut checkout: String = parsed.get("checkoutLink").unwrap().as_str().unwrap().into(); - checkout = checkout.replace("http://10.1.6.101:8082/", "https://btcpay.dragonmaster.pl/"); - *response.body_mut() = Body::from("{\"id\":\"".to_owned() + &nid + "\",\"url\":\"" + &*checkout + "\"}"); + res3 = poola.get_conn().unwrap() + .exec_iter("SELECT userid, partner FROM inz.registrations where id = ?;", (&inA, ), + ).unwrap().iter().unwrap().next(); + res4 = poola.get_conn().unwrap() + .exec_iter("SELECT userid, partner FROM inz.registrations where id = ?;", (&inB, ), + ).unwrap().iter().unwrap().next(); + }); + let urow3 = res3.unwrap().unwrap(); + let urow4 = res4.unwrap().unwrap(); + let mut prop = ""; + let mut acc = ""; + let u1: i32 = urow3.get(0).unwrap(); + let u2: i32 = urow3.get(1).unwrap(); + let u3: i32 = urow4.get(0).unwrap(); + let u4: i32 = urow4.get(1).unwrap(); + if u1 == id || u2 == id { + prop = &inA; + acc = &inB; + } else { + if u3 == id || u4 == id { + prop = &inB; + acc = &inA; + } else { + *response.status_mut() = StatusCode::BAD_REQUEST; + return Ok(response); + } + } + POOL.with(|poola| { + let nid = "{\"id\":".to_owned() + &poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`winProposals`(ladderid, winner, proposer, approver, score) VALUES (?,?,?,?,?);", (&ladderid, s.get("winner"), prop, acc, s.get("score"))).unwrap().last_insert_id().unwrap().to_string() + "\"}"; + *response.body_mut() = nid.into(); }); } else { - if paymentmethod == "cash" { - POOL.with(|poola| { - let nid = "{\"id\":\"".to_owned() + &poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`registrations`(`userid`,`tournamentid`,`paymenttype`,`paymentstatus`,`approval`,`paymentreference`, `partner`)VALUES(?,?,'cash','PENDING',0,'N/A',?);", (id, tournament, partner)).unwrap().last_insert_id().unwrap().to_string() + "\"}"; - *response.body_mut() = nid.into(); - }); - } else { - *response.body_mut() = "{\"error\":\"bad payment method\"}".into(); - } + *response.body_mut() = "{\"error\":\"not all fields\"}".into(); } } else { - *response.body_mut() = "{\"error\":\"not all fields\"}".into(); - } - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/tournament") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select role, id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let urow = row.unwrap().unwrap(); - let role: String = urow.get(0).unwrap(); - let id: i32 = urow.get(1).unwrap(); - if role == "1" { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - if s.contains_key("id") { - let tid = s.get("id").unwrap().to_string(); - if role != "3" { - let creator: i32 = poola.get_conn().unwrap().exec_first("Select creator from tournaments where id = ?", (&tid, )).unwrap().unwrap(); - if creator != id { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - } - if s.contains_key("name") { - poola.get_conn().unwrap().exec_drop("Update tournaments set name =? where id = ? and deleted =0", (s.get("name"), &tid)).unwrap(); - } - if s.contains_key("typeOfLadder") { - poola.get_conn().unwrap().exec_drop("Update tournaments set typeOfLadder =? where id = ? and deleted =0", (s.get("typeOfLadder"), &tid)).unwrap(); - } - if s.contains_key("pointsForTournament") { - poola.get_conn().unwrap().exec_drop("Update tournaments set pointsForTournament =? where id = ? and deleted =0", (s.get("pointsForTournament"), &tid)).unwrap(); - } - if s.contains_key("places") { - poola.get_conn().unwrap().exec_drop("Update tournaments set places =? where id = ? and deleted =0", (s.get("places"), &tid)).unwrap(); - } - if s.contains_key("roles") { - poola.get_conn().unwrap().exec_drop("Update tournaments set roles =? where id = ? and deleted =0", (s.get("roles"), &tid)).unwrap(); - } - if s.contains_key("currentRound") { - poola.get_conn().unwrap().exec_drop("Update tournaments set currentRound =? where id = ? and deleted =0", (s.get("currentRound"), &tid)).unwrap(); - } - *response.body_mut() = "{}".into(); - } else { - *response.body_mut() = "{\"error\":\"not all fields\"}".into(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; } - } - (&Method::DELETE, "/tournament") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); + (&Method::GET, "/ladders/solved") => { + let query: &str = req.uri().query().unwrap(); + let mut splited = query.split("="); - let mut result = con.exec_iter("Select role, id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let urow = row.unwrap().unwrap(); - let role: String = urow.get(0).unwrap(); - let id: i32 = urow.get(1).unwrap(); - if role == "1" { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - if s.contains_key("id") { - let tid = s.get("id").unwrap().to_string(); - if role != "3" { - let creator: i32 = poola.get_conn().unwrap().exec_first("Select creator from tournaments where id = ?", (&tid, )).unwrap().unwrap(); - if creator != id { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - } - poola.get_conn().unwrap().exec_drop("Update tournaments set deleted =1 where id = ?", (tid, )).unwrap(); - *response.body_mut() = "{}".into(); - } else { - *response.body_mut() = "{\"error\":\"not all fields\"}".into(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::GET, "/tournaments") => { - POOL.with(|poola| { - let res = poola.get_conn().unwrap() - .query_map( - "SELECT id, name, typeOfLadder, pointsForTournament, places, roles, creator,approved, state, currentRound from tournaments where deleted =0", - |(id, name, type_of_ladder, points_for_tournament, places, roles, creator, approved, state, currentRound)| { - tournament { id, name, typeOfLadder: type_of_ladder, places, roles, creator, pointsForTournament: points_for_tournament, approved, state, currentRound } - }, - ); - *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); - }); - } - (&Method::PUT, "/tournament") => { - if req.headers().contains_key("Authorization") { - let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; + let id = splited.next().unwrap(); + let val = splited.next().unwrap(); + if id != "id" { + *response.body_mut() = "{\"error\":\"id required\"}".into(); return Ok(response); } - let token = tmp.next().unwrap().to_string(); - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); + let res = poola.get_conn().unwrap() + .exec_iter( + "SELECT id, inAtype, inA, inBtype, inB, winner, round, scores from ladder where deleted =0 and id = ?", (val, ), + ).unwrap().iter().unwrap().next(); + let res2 = poola.get_conn().unwrap() + .exec_iter("WITH RECURSIVE menu_tree + AS ( + SELECT if('A' ='A', inAtype, inBtype) as 'type', if('A' ='A', inA, inB) as 'val' from ladder where id =? + UNION ALL + SELECT if(mn.type ='W', if(la.winner ='A', inAtype, if(la.winner ='B', la.inBtype, null)), if(la.winner ='A', la.inBtype, if(la.winner ='B', la.inAtype, null))) , if(mn.type ='W', if(la.winner ='A', la.inA, if(la.winner ='B', la.inB, null)), if(la.winner ='A', la.inB, if(la.winner ='B', la.inA, null))) + FROM menu_tree mn, inz.ladder la + WHERE mn.val= la.id and mn.type != 'R' + ) + SELECT * FROM menu_tree where type = 'R'", (val, ), + ).unwrap().iter().unwrap().next(); + let res3 = poola.get_conn().unwrap() + .exec_iter("WITH RECURSIVE menu_tree + AS ( + SELECT if('B' ='A', inAtype, inBtype) as 'type', if('B' ='A', inA, inB) as 'val' from ladder where id =? + UNION ALL + SELECT if(mn.type ='W', if(la.winner ='A', inAtype, if(la.winner ='B', la.inBtype, null)), if(la.winner ='A', la.inBtype, if(la.winner ='B', la.inAtype, null))) , if(mn.type ='W', if(la.winner ='A', la.inA, if(la.winner ='B', la.inB, null)), if(la.winner ='A', la.inB, if(la.winner ='B', la.inA, null))) + FROM menu_tree mn, inz.ladder la + WHERE mn.val= la.id and mn.type != 'R' + ) + SELECT * FROM menu_tree where type = 'R'", (val, ), + ).unwrap().iter().unwrap().next(); + let ur = res.unwrap().unwrap(); + let id1: i32 = ur.get(0).unwrap(); + let mut inAtype: String = ur.get(1).unwrap(); + let mut inA: String = ur.get(2).unwrap(); + let mut inBtype: String = ur.get(3).unwrap(); + let mut inB: String = ur.get(4).unwrap(); + let winner: String = ur.get(5).unwrap(); + let round: String = ur.get(6).unwrap(); + let scores: String = ur.get(7).unwrap(); + if !res2.is_none() { + let urow3 = res2.unwrap().unwrap(); + inAtype = urow3.get(0).unwrap(); + inA = urow3.get(1).unwrap(); + } + if !res3.is_none() { + let urow4 = res3.unwrap().unwrap(); + inBtype = urow4.get(0).unwrap(); + inB = urow4.get(1).unwrap(); + } + let res = ladderRaw { id: id1, inAtype: inAtype, inA: inA, inBtype: inBtype, inB: inB, winner: winner, round: round, scores: scores }; + *response.body_mut() = serde_json::to_string(&res).unwrap().into(); + }); + } + (&Method::GET, "/ladders/raw") => { + let query: &str = req.uri().query().unwrap(); + let mut splited = query.split("="); - let mut result = con.exec_iter("Select role, id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let urow = row.unwrap().unwrap(); - let role: String = urow.get(0).unwrap(); - let id: i32 = urow.get(1).unwrap(); - if role == "1" { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - if s.contains_key("name") && s.contains_key("typeOfLadder") && s.contains_key("pointsForTournament") && s.contains_key("places") && s.contains_key("roles") && s.contains_key("ranked") { - let name = s.get("name").unwrap().to_string(); - let type_of_ladder = s.get("typeOfLadder").unwrap().to_string(); - let points_for_tournament = s.get("pointsForTournament").unwrap().to_string(); - let places = s.get("places").unwrap().to_string(); - let roles = s.get("roles").unwrap().to_string(); - let mut ranked = s.get("ranked").unwrap().to_string(); - if ranked != "0" && ranked != "1" { - ranked = String::from("0"); - } - let str = "{\"id\":".to_owned() + &poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`tournaments`(`name`,`typeOfLadder`,`pointsForTournament`,`places`,`roles`,`creator`,`deleted`,`approved`,`state`,`currentRound`) VALUES (?,?,?,?,?,?,0,?,0,0);", (name, type_of_ladder, points_for_tournament, places, roles, id, ranked)).unwrap().last_insert_id().unwrap().to_string() + "}"; - *response.body_mut() = str.into(); - } else { - *response.body_mut() = "{\"error\":\"not all fields\"}".into(); - } - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::POST, "/user") => { - let headers = (&req).headers(); - let mut tmp = headers.get("Authorization").unwrap().to_str().unwrap().split(" "); - let aa = tmp.next().unwrap(); - if aa != "Bearer" { - *response.status_mut() = StatusCode::UNAUTHORIZED; - return Ok(response); - } - let token = tmp.next().unwrap().to_string(); - if req.headers().contains_key("Authorization") { - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + let id = splited.next().unwrap(); + let val = splited.next().unwrap(); + if id != "tournamentid" { + *response.body_mut() = "{\"error\":\"tournamentid required\"}".into(); + return Ok(response); + } POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("Select id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if row.is_none() { - *response.status_mut() = StatusCode::FORBIDDEN; - return; - } - let urow = row.unwrap().unwrap(); - let idi: i32 = urow.get(0).unwrap(); - if s.contains_key("name") { - poola.get_conn().unwrap().exec_drop("Update users set name =? where id = ?", (s.get("name"), idi)).unwrap(); - } - if s.contains_key("surname") { - poola.get_conn().unwrap().exec_drop("Update users set surname =? where id = ?", (s.get("surname"), idi)).unwrap(); - } - if s.contains_key("password") { - poola.get_conn().unwrap().exec_drop("Update users set password =? where id = ?", (hash(s.get("password").unwrap().to_string(), DEFAULT_COST - 6).unwrap(), idi)).unwrap(); - } - if s.contains_key("mail") { - poola.get_conn().unwrap().exec_drop("Update users set mail =? where id = ?", (s.get("mail"), idi)).unwrap(); - } - if s.contains_key("phone") { - poola.get_conn().unwrap().exec_drop("Update users set phone =? where id = ?", (s.get("phone"), idi)).unwrap(); - } + let res = poola.get_conn().unwrap() + .exec_map( + "SELECT id, inAtype, inA, inBtype, inB, winner, round, scores from ladder where deleted =0 and tournamentid = ?", (val, ), + |(id, inAtype, inA, inBtype, inB, winner, round, scores)| { + ladderRaw { id, inAtype, inA, inBtype, inB, winner, round, scores } + }, + ); + *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; } - } - (&Method::GET, "/user") => { - if req.headers().contains_key("Authorization") { - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); + (&Method::POST, "/ladder") => { + if req.headers().contains_key("Authorization") { let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); let aa = tmp.next().unwrap(); if aa != "Bearer" { *response.status_mut() = StatusCode::UNAUTHORIZED; - return; + return Ok(response); } - let token = tmp.next().unwrap(); - let mut result = con.exec_iter("Select * from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if !s.contains_key("id") { + *response.body_mut() = "{\"error\":\"id is required\"}".into(); + return Ok(response); + } + + let mut row: Option> = None; + let mut row3: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id, role from users where (role='2' or role='3' )and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + }); if row.is_none() { *response.status_mut() = StatusCode::FORBIDDEN; - return; + return Ok(response); + } + + let urow = row.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + let tournamentid = s.get("id"); + if role == "2" { + POOL.with(|poola| { + let mut con3 = poola.get_conn().unwrap(); + let mut result3 = con3.exec_iter("Select creator from tournaments where id = (Select tournamentid from ladder where id =?);", (&tournamentid, )).unwrap(); + let mut it3 = result3.iter().unwrap(); + row3 = it3.next(); + }); + let urow3 = row3.unwrap().unwrap(); + let creator: i32 = urow3.get(0).unwrap(); + if creator != id { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + } + POOL.with(|poola| { + if s.contains_key("inAtype") { + if s.get("inAtype").unwrap() != "R" && s.get("inAtype").unwrap() != "W" && s.get("inAtype").unwrap() != "L" { + *response.body_mut() = "{\"error\":\"inAtype must be R, W or L\"}".into(); + return; + } + poola.get_conn().unwrap().exec_drop("Update ladder set inAtype =? where id = ? and deleted =0", (s.get("inAtype"), &tournamentid)).unwrap(); + } + if s.contains_key("inBtype") { + if s.get("inBtype").unwrap() != "R" && s.get("inBtype").unwrap() != "W" && s.get("inBtype").unwrap() != "L" { + *response.body_mut() = "{\"error\":\"inBtype must be R, W or L\"}".into(); + return; + } + poola.get_conn().unwrap().exec_drop("Update ladder set inBtype =? where id = ? and deleted =0", (s.get("inBtype"), &tournamentid)).unwrap(); + } + if s.contains_key("inA") { + poola.get_conn().unwrap().exec_drop("Update ladder set inA =? where id = ? and deleted =0", (s.get("inA"), &tournamentid)).unwrap(); + } + if s.contains_key("inB") { + poola.get_conn().unwrap().exec_drop("Update ladder set inB =? where id = ? and deleted =0", (s.get("inB"), &tournamentid)).unwrap(); + } + if s.contains_key("winner") { + poola.get_conn().unwrap().exec_drop("Update ladder set winner =? where id = ? and deleted =0", (s.get("winner"), &tournamentid)).unwrap(); + } + if s.contains_key("round") { + poola.get_conn().unwrap().exec_drop("Update ladder set round =? where id = ? and deleted =0", (s.get("round"), &tournamentid)).unwrap(); + } + if s.contains_key("scores") { + poola.get_conn().unwrap().exec_drop("Update ladder set scores =? where id = ? and deleted =0", (s.get("scores"), &tournamentid)).unwrap(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::DELETE, "/ladder") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if !s.contains_key("id") { + *response.body_mut() = "{\"error\":\"id is required\"}".into(); + return Ok(response); + } + + let mut row: Option> = None; + let mut row3: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id, role from users where (role='2' or role='3' )and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + }); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return Ok(response); + } + + let urow = row.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + let tournamentid = s.get("id"); + if role == "2" { + POOL.with(|poola| { + let mut con3 = poola.get_conn().unwrap(); + let mut result3 = con3.exec_iter("Select creator from tournaments where id = (Select tournamentid from ladder where id =?);", (&tournamentid, )).unwrap(); + let mut it3 = result3.iter().unwrap(); + row3 = it3.next(); + }); + let urow3 = row3.unwrap().unwrap(); + let creator: i32 = urow3.get(0).unwrap(); + if creator != id { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + } + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update ladder set deleted =1 where id = ?", (&s.get("id"), )).unwrap(); + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::PUT, "/ladder") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if !s.contains_key("inAtype") || !s.contains_key("inA") || !s.contains_key("inBtype") || !s.contains_key("inB") || !s.contains_key("round") || !s.contains_key("tournamentid") { + *response.body_mut() = "{\"error\":\"no all fields\"}".into(); + return Ok(response); + } + + let mut row: Option> = None; + let mut row3: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id, role from users where (role='2' or role='3' )and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + }); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return Ok(response); + } + let tournamentid = s.get("tournamentid"); + + if s.get("inBtype").unwrap() == "R" { + let mut row4: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from registrations where id= ? and paymentstatus = 'DONE' and tournamentid =?", (&s.get("inB"),&tournamentid )).unwrap(); + let mut it = result.iter().unwrap(); + row4 = it.next(); + }); + if row4.is_none() { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + }else { + if s.get("inBtype").unwrap() == "W" || s.get("inBtype").unwrap() == "L" { + let mut row4: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from ladder where id= ? and tournamentid=?", (&s.get("inB"),&tournamentid )).unwrap(); + let mut it = result.iter().unwrap(); + row4 = it.next(); + }); + if row4.is_none() { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + } else { + *response.body_mut() = "{\"error\":\"inBtype must be R, W or L\"}".into(); + return Ok(response); + } + } + if s.get("inAtype").unwrap() == "R" { + let mut row4: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from registrations where id= ? and paymentstatus = 'DONE' and tournamentid=?", (&s.get("inA"),&tournamentid )).unwrap(); + let mut it = result.iter().unwrap(); + row4 = it.next(); + }); + if row4.is_none() { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + }else { + if s.get("inAtype").unwrap() == "W" || s.get("inAtype").unwrap() == "L" { + let mut row4: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from ladder where id= ? and tournamentid=?", (&s.get("inA"),&tournamentid )).unwrap(); + let mut it = result.iter().unwrap(); + row4 = it.next(); + }); + if row4.is_none() { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + } else { + *response.body_mut() = "{\"error\":\"inAtype must be R, W or L\"}".into(); + return Ok(response); + } } let urow = row.unwrap().unwrap(); - let a = User { id: urow.get(0).unwrap(), name: urow.get(1).unwrap(), surname: urow.get(2).unwrap(), role: urow.get(3).unwrap(), login: urow.get(4).unwrap(), phone: urow.get(7).unwrap(), mail: urow.get(6).unwrap(), ranking: urow.get(8).unwrap() }; - - *response.body_mut() = serde_json::to_string(&a).unwrap().into(); - }); - } else { - *response.status_mut() = StatusCode::UNAUTHORIZED; - } - } - (&Method::PUT, "/user/create") => { - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if s.contains_key("username") && s.contains_key("name") && s.contains_key("surname") && s.contains_key("password") && s.contains_key("mail") && s.contains_key("phone") { - let username = s.get("username").unwrap().to_string(); - let name = s.get("name").unwrap().to_string(); - let surname = s.get("surname").unwrap().to_string(); - let password = hash(s.get("password").unwrap().to_string(), DEFAULT_COST - 6).unwrap(); - let mail = s.get("mail").unwrap().to_string(); - let phone = s.get("phone").unwrap().to_string(); - POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut a = con.exec_iter("select `login` from users where login = ?", (&username, )).unwrap(); - let it = a.iter().unwrap().next(); - if it.is_none() { - poola.get_conn().unwrap().exec_drop("INSERT INTO `inz`.`users`(`name`,`surname`,`role`,`login`,`password`,`mail`,`phone`,`deleted`,`ranking`)VALUES (?,?,1,?,?,?,?,0,0);", (name, surname, username, password, mail, phone)).unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + if role == "2" { + POOL.with(|poola| { + let mut con3 = poola.get_conn().unwrap(); + let mut result3 = con3.exec_iter("Select creator from tournaments where id = ?;", (&tournamentid, )).unwrap(); + let mut it3 = result3.iter().unwrap(); + row3 = it3.next(); + }); + let urow3 = row3.unwrap().unwrap(); + let creator: i32 = urow3.get(0).unwrap(); + if creator != id { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } } - }); - *response.body_mut() = "{}".into(); - } else { - *response.body_mut() = "{\"error\":\"not all fields\"}".into(); + POOL.with(|poola| { + let nid = "{\"id\":".to_owned() + &poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`ladder`(`inAtype`,`inA`,`inBtype`,`inB`,`winner`,`round`,`scores`,`tournamentid`,`deleted`) VALUES (?,?,?,?,'0',?,'-1',?,0);", (s.get("inAtype"), s.get("inA"), s.get("inBtype"), s.get("inB"), s.get("round"), s.get("tournamentid"))).unwrap().last_insert_id().unwrap().to_string() + "\"}"; + *response.body_mut() = nid.into(); + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } } - } - (&Method::POST, "/user/login") => { - let byte_stream = hyper::body::to_bytes(req).await.unwrap(); - let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); - if s.contains_key("username") && s.contains_key("password") { - let username = s.get("username").unwrap().to_string(); - let password = s.get("password").unwrap().to_string(); - *response.body_mut() = POOL.with(|poola| { - let mut con = poola.get_conn().unwrap(); - let mut result = con.exec_iter("SELECT * FROM `inz`.`users` where login = ? and `deleted`=0;", (&username, )).unwrap(); - let mut it = result.iter().unwrap(); - let row = it.next(); - if !row.is_none() { + (&Method::GET, "/leaderboard") => { + POOL.with(|poola| { + let res = poola.get_conn().unwrap() + .query_map( + "SELECT name, surname, ranking from users where deleted =0 order by ranking DESC", + |(name, surname, ranking)| { + leaderboard { name, surname, ranking } + }, + ); + *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); + }); + } + (&Method::POST, "/tournament/cancelTournament") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if !s.contains_key("id") { + *response.body_mut() = "{\"error\":\"id required\"}".into(); + return Ok(response); + } + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } let urow = row.unwrap().unwrap(); - let pas: String = urow.get(5).unwrap(); let id: i32 = urow.get(0).unwrap(); - if verify(&password, &pas).unwrap() { - let mut rand: OsRng = OsRng::new().expect("Error opening random number generator"); - if !it.next().is_none() { - return Body::from("{\"error\":\"wrong username or password\"}"); + let role: String = urow.get(1).unwrap(); + let mut conn1 = poola.get_conn().unwrap(); + let mut result1 = conn1.exec_iter("Select creator, state from tournaments where id = ?", (&s.get("id"), )).unwrap(); + let mut it1 = result1.iter().unwrap(); + let row1 = it1.next(); + let urow1 = row1.unwrap().unwrap(); + let creator: i32 = urow1.get(0).unwrap(); + let state: i32 = urow1.get(1).unwrap(); + if state == 3 { + *response.status_mut() = StatusCode::BAD_REQUEST; + return; + } + if role == "2" { + if creator != id { + return; } - const CHARSET: &[u8] = b"ABCDEFGHIJKLMNOPQRSTUVWXYZ\ - abcdefghijklmnopqrstuvwxyz\ - 0123456789"; - const PASSWORD_LEN: usize = 80; - let password: String = (0..PASSWORD_LEN) - .map(|_| { - let idx = rand.gen_range(0, CHARSET.len()); - CHARSET[idx] as char - }) - .collect(); - poola.get_conn().unwrap().exec_drop("DELETE FROM `inz`.`sessions`WHERE user = ?;", (id, )).unwrap(); - poola.get_conn().unwrap().exec_drop("INSERT INTO `inz`.`sessions`(`user`,`token`,`expire`)VALUES (?,?,DATE_ADD(NOW(), INTERVAL 30 MINUTE));", (id, &password)).unwrap(); - return Body::from("{\"token\":\"".to_owned() + &password + "\"}"); + poola.get_conn().unwrap().exec_drop("Update tournaments set state =4 where id = ?", (&s.get("id"), )).unwrap(); } else { - return Body::from("{\"error\":\"wrong username or password\"}"); + poola.get_conn().unwrap().exec_drop("Update tournaments set state =4 where id = ?", (&s.get("id"), )).unwrap(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::POST, "/tournament/endTournament") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + + let parsed: serde_json::Value = serde_json::from_slice(&byte_stream).unwrap(); + if parsed.get("id") == None { + *response.body_mut() = "{\"error\":\"id required\"}".into(); + return Ok(response); + } + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let urow = row.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + let mut conn1 = poola.get_conn().unwrap(); + let mut result1 = conn1.exec_iter("Select creator, state, approved from tournaments where id = ? b", (&parsed.get("id"), )).unwrap(); + let mut it1 = result1.iter().unwrap(); + let row1 = it1.next(); + let urow1 = row1.unwrap().unwrap(); + let creator: i32 = urow1.get(0).unwrap(); + let state: i32 = urow1.get(1).unwrap(); + let approved: i32 = urow1.get(2).unwrap(); + if state != 2 { + *response.status_mut() = StatusCode::BAD_REQUEST; + return; + } + if role == "2" { + if creator != id { + return; + } + poola.get_conn().unwrap().exec_drop("Update tournaments set state =3 where id = ?", (&parsed.get("id"), )).unwrap(); + } else { + poola.get_conn().unwrap().exec_drop("Update tournaments set state =3 where id = ?", (&parsed.get("id"), )).unwrap(); + } + if approved == 2 { + let arr: &Vec = parsed.get("results").unwrap().as_array().unwrap(); + for i in 0..arr.len() { + let cur: &Map = arr.get(i).unwrap().as_object().unwrap(); + poola.get_conn().unwrap().exec_drop("Update users set ranking =ranking+? where id = (Select userid from registrations where id = ?) or id = (Select partner from registrations where id = ?)", (&cur.get("points"), &cur.get("rid"), &cur.get("rid"))).unwrap(); + } + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::POST, "/tournament/startTournament") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if !s.contains_key("id") { + *response.body_mut() = "{\"error\":\"id required\"}".into(); + return Ok(response); + } + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let urow = row.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + let mut conn1 = poola.get_conn().unwrap(); + let mut result1 = conn1.exec_iter("Select creator, state from tournaments where id = ?", (&s.get("id"), )).unwrap(); + let mut it1 = result1.iter().unwrap(); + let row1 = it1.next(); + let urow1 = row1.unwrap().unwrap(); + let creator: i32 = urow1.get(0).unwrap(); + let state: i32 = urow1.get(1).unwrap(); + if state != 1 { + *response.status_mut() = StatusCode::BAD_REQUEST; + return; + } + if role == "2" { + if creator != id { + return; + } + poola.get_conn().unwrap().exec_drop("Update tournaments set state =2 where id = ?", (&s.get("id"), )).unwrap(); + } else { + poola.get_conn().unwrap().exec_drop("Update tournaments set state =2 where id = ?", (&s.get("id"), )).unwrap(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::POST, "/tournament/closeRegistrations") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if !s.contains_key("id") { + *response.body_mut() = "{\"error\":\"id required\"}".into(); + return Ok(response); + } + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let urow = row.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + let mut conn1 = poola.get_conn().unwrap(); + let mut result1 = conn1.exec_iter("Select creator, state from tournaments where id = ?", (&s.get("id"), )).unwrap(); + let mut it1 = result1.iter().unwrap(); + let row1 = it1.next(); + let urow1 = row1.unwrap().unwrap(); + let creator: i32 = urow1.get(0).unwrap(); + let state: i32 = urow1.get(1).unwrap(); + if state != 0 { + *response.status_mut() = StatusCode::BAD_REQUEST; + return; + } + if role == "2" { + if creator != id { + return; + } + poola.get_conn().unwrap().exec_drop("Update tournaments set state =1 where id = ?", (&s.get("id"), )).unwrap(); + } else { + poola.get_conn().unwrap().exec_drop("Update tournaments set state =1 where id = ?", (&s.get("id"), )).unwrap(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::POST, "/registration/approve") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if !s.contains_key("id") { + *response.body_mut() = "{\"error\":\"id required\"}".into(); + return Ok(response); + } + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id,role from users where (role = '2' OR role = '3')AND id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let urow = row.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + if role == "2" { + let mut conn1 = poola.get_conn().unwrap(); + let mut result1 = conn1.exec_iter("Select userid from registrations where id = ?", (&s.get("id"), )).unwrap(); + let mut it1 = result1.iter().unwrap(); + let row1 = it1.next(); + let urow1 = row1.unwrap().unwrap(); + let userid: i32 = urow1.get(0).unwrap(); + if userid != id { + return; + } + poola.get_conn().unwrap().exec_drop("Update registrations set approval ='1' where id = ?", (&s.get("id"), )).unwrap(); + } else { + poola.get_conn().unwrap().exec_drop("Update registrations set approval ='1' where id = ?", (&s.get("id"), )).unwrap(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::GET, "/registrations") => { + if req.headers().contains_key("Authorization") { + let query: &str = req.uri().query().unwrap(); + let mut splited = query.split("="); + let id = splited.next().unwrap(); + let val = splited.next().unwrap(); + if id != "id" { + *response.body_mut() = "{\"error\":\"id required\"}".into(); + return Ok(response); + } + + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id,role from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + + let urow = row.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + if role == "1" { + let res = poola.get_conn().unwrap() + .exec_map( + "SELECT `registrations`.`id`,`registrations`.`userid`,`registrations`.`tournamentid`,`registrations`.`paymenttype`,`registrations`.`paymentstatus`,`registrations`.`approval`,`registrations`.`partner` FROM `inz`.`registrations` where tournamentid= ? and (userid=? or partner =?);", (&val, id, id), + |(id, userid, tournamentid, paymenttype, paymentstatus, approval, partner)| { + Registration { id, userid, tournamentid, paymenttype, paymentstatus, approval, partner } + }, + ); + *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); + } else { + if role == "2" { + let mut conn1 = poola.get_conn().unwrap(); + let mut result1 = conn1.exec_iter("Select creator from tournaments where id = ?", (&val, )).unwrap(); + let mut it1 = result1.iter().unwrap(); + let row1 = it1.next(); + let urow1 = row1.unwrap().unwrap(); + let userid: i32 = urow1.get(0).unwrap(); + if userid != id { + let res = poola.get_conn().unwrap() + .exec_map( + "SELECT `registrations`.`id`,`registrations`.`userid`,`registrations`.`tournamentid`,`registrations`.`paymenttype`,`registrations`.`paymentstatus`,`registrations`.`approval`,`registrations`.`partner` FROM `inz`.`registrations` where tournamentid= ? and (userid=? or partner =?);", (&val, id, id), + |(id, userid, tournamentid, paymenttype, paymentstatus, approval, partner)| { + Registration { id, userid, tournamentid, paymenttype, paymentstatus, approval, partner } + }, + ); + *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); + return; + } + + + let res = poola.get_conn().unwrap() + .exec_map( + "SELECT `registrations`.`id`,`registrations`.`userid`,`registrations`.`tournamentid`,`registrations`.`paymenttype`,`registrations`.`paymentstatus`,`registrations`.`approval`,`registrations`.`partner` FROM `inz`.`registrations` where tournamentid= ?;", (&val, ), + |(id, userid, tournamentid, paymenttype, paymentstatus, approval, partner)| { + Registration { id, userid, tournamentid, paymenttype, paymentstatus, approval, partner } + }, + ); + *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); + } else { + let res = poola.get_conn().unwrap() + .exec_map( + "SELECT `registrations`.`id`,`registrations`.`userid`,`registrations`.`tournamentid`,`registrations`.`paymenttype`,`registrations`.`paymentstatus`,`registrations`.`approval` ,`registrations`.`partner` FROM `inz`.`registrations` where tournamentid= ?;", (&val, ), + |(id, userid, tournamentid, paymenttype, paymentstatus, approval, partner)| { + Registration { id, userid, tournamentid, paymenttype, paymentstatus, approval, partner } + }, + ); + *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); + } + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::POST, "/admin/user") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + let mut row: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + if !s.contains_key("id") { + *response.body_mut() = Body::from("{\"error\":\"id is required\"}"); + return; + } + let idi = s.get("id").unwrap(); + if s.contains_key("name") { + poola.get_conn().unwrap().exec_drop("Update users set name =? where id = ?", (s.get("name"), idi)).unwrap(); + } + if s.contains_key("surname") { + poola.get_conn().unwrap().exec_drop("Update users set surname =? where id = ?", (s.get("surname"), idi)).unwrap(); + } + if s.contains_key("password") { + poola.get_conn().unwrap().exec_drop("Update users set password =? where id = ?", (hash(s.get("password").unwrap().to_string(), DEFAULT_COST - 6).unwrap(), idi)).unwrap(); + } + if s.contains_key("mail") { + poola.get_conn().unwrap().exec_drop("Update users set mail =? where id = ?", (s.get("mail"), idi)).unwrap(); + } + if s.contains_key("phone") { + poola.get_conn().unwrap().exec_drop("Update users set phone =? where id = ?", (s.get("phone"), idi)).unwrap(); + } + if s.contains_key("role") { + poola.get_conn().unwrap().exec_drop("Update users set role =? where id = ?", (s.get("role"), idi)).unwrap(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::DELETE, "/admin/user") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + let mut row: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + if !s.contains_key("id") { + *response.body_mut() = Body::from("{\"error\":\"id is required\"}"); + return; + } + poola.get_conn().unwrap().exec_drop("Update users set deleted =1 where id = ?", (&s.get("id"), )).unwrap(); + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::GET, "/admin/users") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let mut row: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let res = poola.get_conn().unwrap() + .query_map( + "SELECT `id`, `name`, `surname`, `role`, `login`, `mail`, `phone`,`deleted`, `ranking` from users ", + |(id, name, surname, role, login, mail, phone, deleted, ranking)| { + Usera { id, name, surname, role, login, mail, phone, deleted, ranking } + }, + ); + *response.body_mut() = serde_json::to_string(&res.unwrap()).unwrap().into(); + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::DELETE, "/admin/tournament") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + let mut row: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + if !s.contains_key("id") { + *response.body_mut() = Body::from("{\"error\":\"id is required\"}"); + return; + } + poola.get_conn().unwrap().exec_drop("Update tournaments set deleted =1 where id = ?", (&s.get("id"), )).unwrap(); + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::POST, "/admin/tournament") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + let mut row: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + if !s.contains_key("id") { + *response.body_mut() = Body::from("{\"error\":\"id is required\"}"); + return; + } + if s.contains_key("name") { + poola.get_conn().unwrap().exec_drop("Update tournaments set name =? where id = ?", (s.get("name"), &s.get("id"))).unwrap(); + } + if s.contains_key("typeOfLadder") { + poola.get_conn().unwrap().exec_drop("Update tournaments set typeOfLadder =? where id = ?", (s.get("typeOfLadder"), &s.get("id"))).unwrap(); + } + if s.contains_key("pointsForTournament") { + poola.get_conn().unwrap().exec_drop("Update tournaments set pointsForTournament =? where id = ?", (s.get("pointsForTournament"), &s.get("id"))).unwrap(); + } + if s.contains_key("places") { + poola.get_conn().unwrap().exec_drop("Update tournaments set places =? where id = ?", (s.get("places"), &s.get("id"))).unwrap(); + } + if s.contains_key("roles") { + poola.get_conn().unwrap().exec_drop("Update tournaments set roles =? where id = ?", (s.get("roles"), &s.get("id"))).unwrap(); + } + if s.contains_key("currentRound") { + poola.get_conn().unwrap().exec_drop("Update tournaments set currentRound =? where id = ?", (s.get("currentRound"), &s.get("id"))).unwrap(); + } + if s.contains_key("from") { + poola.get_conn().unwrap().exec_drop("Update tournaments set `from` =? where id = ? ", (s.get("from"), &s.get("id"))).unwrap(); + } + if s.contains_key("to") { + poola.get_conn().unwrap().exec_drop("Update tournaments set `to` =? where id = ? ", (s.get("to"), &s.get("id"))).unwrap(); + } + if s.contains_key("place") { + poola.get_conn().unwrap().exec_drop("Update tournaments set place =? where id = ? ", (s.get("place"), &s.get("id"))).unwrap(); + } + if s.contains_key("categotry") { + poola.get_conn().unwrap().exec_drop("Update tournaments set categotry =? where id = ? ", (s.get("categotry"), &s.get("id"))).unwrap(); + } + if s.contains_key("rang") { + poola.get_conn().unwrap().exec_drop("Update tournaments set rang =? where id = ? ", (s.get("rang"), &s.get("id"))).unwrap(); + } + if s.contains_key("entryFee") { + poola.get_conn().unwrap().exec_drop("Update tournaments set entryFee =? where id = ? ", (s.get("entryFee"), &s.get("id"))).unwrap(); + } + if s.contains_key("director") { + poola.get_conn().unwrap().exec_drop("Update tournaments set director =? where id = ? ", (s.get("director"), &s.get("id"))).unwrap(); + } + if s.contains_key("phone") { + poola.get_conn().unwrap().exec_drop("Update tournaments set phone =? where id = ? ", (s.get("phone"), &s.get("id"))).unwrap(); + } + if s.contains_key("entriesTo") { + poola.get_conn().unwrap().exec_drop("Update tournaments set entriesTo =? where id = ? ", (s.get("entriesTo"), &s.get("id"))).unwrap(); + } + if s.contains_key("additionalInformations") { + poola.get_conn().unwrap().exec_drop("Update tournaments set additionalInformations =? where id = ? ", (s.get("additionalInformations"), &s.get("id"))).unwrap(); + } + if s.contains_key("visibility") { + poola.get_conn().unwrap().exec_drop("Update tournaments set visibility =? where id = ? ", (s.get("visibility"), &s.get("id"))).unwrap(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::GET, "/admin/tournaments") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let mut row: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let mut res = Vec::new() ; + poola.get_conn().unwrap() + .query_iter( + "SELECT id, name, typeOfLadder, pointsForTournament, places, roles, creator,approved,deleted, state, currentRound,`from`, `to`, place, categotry, rang, entryFee, director, phone,entriesTo, additionalInformations,visibility from tournaments ", + ).unwrap().for_each(|row| { + let result_set = row.unwrap(); + res.push(tournamenta { id: result_set.get(0).unwrap(), name:result_set.get(1).unwrap(), typeOfLadder: result_set.get(2).unwrap(), places:result_set.get(4).unwrap(), roles:result_set.get(5).unwrap(), creator:result_set.get(6).unwrap(), pointsForTournament: result_set.get(3).unwrap(), approved:result_set.get(7).unwrap(), deleted:result_set.get(8).unwrap(), state:result_set.get(9).unwrap(), currentRound:result_set.get(10).unwrap() ,from:result_set.get(11).unwrap(), to:result_set.get(12).unwrap(), place:result_set.get(13).unwrap(), categotry:result_set.get(14).unwrap(), rang:result_set.get(15).unwrap(), entryFee:result_set.get(16).unwrap(), director:result_set.get(17).unwrap(), phone:result_set.get(18).unwrap(), entriesTo:result_set.get(19).unwrap(),additionalInformations:result_set.get(20).unwrap(),visibility:result_set.get(21).unwrap()}); + }); + + *response.body_mut() = serde_json::to_string(&res).unwrap().into(); + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::POST, "/admin/approveTurnament") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + let mut row: Option> = None; + let mut row2: Option> = None; + if s.contains_key("id") { + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where role ='3' and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + let mut con2 = poola.get_conn().unwrap(); + let mut result2 = con2.exec_iter("Select approved from tournaments where id =?;", (&s.get("id").unwrap(), )).unwrap(); + let mut it2 = result2.iter().unwrap(); + row2 = it2.next(); + }); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return Ok(response); + } + let urow2 = row2.unwrap().unwrap(); + let approved: i32 = urow2.get(0).unwrap(); + if approved == 1 { + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update tournaments set approved =2 where id = ?", (s.get("id").unwrap(), )).unwrap(); + }); + } else { + *response.status_mut() = StatusCode::BAD_REQUEST; + return Ok(response); } } else { - hash("asd", DEFAULT_COST - 6).unwrap(); - return Body::from("{\"error\":\"wrong username or password\"}"); + *response.body_mut() = "{\"error\":\"missing id\"}".into(); } - }); - } else { - *response.body_mut() = "{\"error\":\"not all fields\"}".into(); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } } - } + (&Method::POST, "/registration/payedUsingCash") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if !s.contains_key("id") { + *response.body_mut() = "{\"error\":\"id required\"}".into(); + return Ok(response); + } - _ => { - *response.status_mut() = StatusCode::NOT_FOUND; - } - }; - Ok(response) -} + let mut row: Option> = None; + let mut row2: Option> = None; + let mut row3: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id, role from users where (role='2' or role='3' )and id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + let mut con2 = poola.get_conn().unwrap(); + let mut result2 = con2.exec_iter("Select paymenttype,tournamentid from registrations where id =?;", (&s.get("id"), )).unwrap(); + let mut it2 = result2.iter().unwrap(); + row2 = it2.next(); + }); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return Ok(response); + } + if row2.is_none() { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + let urow = row.unwrap().unwrap(); + let urow2 = row2.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + let paymenttype: String = urow2.get(0).unwrap(); + let tournamentid: String = urow2.get(1).unwrap(); + if role == "2" { + POOL.with(|poola| { + let mut con3 = poola.get_conn().unwrap(); + let mut result3 = con3.exec_iter("Select creator from tournaments where id = ?;", (&tournamentid, )).unwrap(); + let mut it3 = result3.iter().unwrap(); + row3 = it3.next(); + }); + let urow3 = row3.unwrap().unwrap(); + let creator: i32 = urow3.get(0).unwrap(); + if creator != id { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + } + if paymenttype == "cash" { + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus ='DONE' where id = ?", (&s.get("id"), )).unwrap(); + }); + } else { + *response.status_mut() = StatusCode::BAD_REQUEST; + return Ok(response); + } + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::GET, "/registration/paymentstatus") => { + if req.headers().contains_key("Authorization") { + let query: &str = req.uri().query().unwrap(); + let mut splited = query.split("="); + let id = splited.next().unwrap(); + let val = splited.next().unwrap(); + if id != "id" { + *response.body_mut() = "{\"error\":\"id required\"}".into(); + return Ok(response); + } + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let mut row: Option> = None; + let mut row2: Option> = None; + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id, role from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let mut con2 = poola.get_conn().unwrap(); + let mut result2 = con2.exec_iter("Select paymentstatus, paymentreference, userid, paymenttype from registrations where id =?;", (&val, )).unwrap(); + let mut it2 = result2.iter().unwrap(); + row2 = it2.next(); + }); + if row2.is_none() { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + let urow = row.unwrap().unwrap(); + let urow2 = row2.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let role: String = urow.get(1).unwrap(); + let paymentstatus: String = urow2.get(0).unwrap(); + let paymentreference: String = urow2.get(1).unwrap(); + let userid: i32 = urow2.get(2).unwrap(); + let paymenttype: String = urow2.get(3).unwrap(); + if role == "1" || role == "2" { + if userid != id { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + } + if paymentstatus == "PENDING" && paymenttype != "cash" { + if paymenttype == "btc" { + let client = Client::new(); + let req = Request::builder() + .method(Method::GET) + .uri("http://10.1.6.101:8082/api/v1/stores/****/invoices/".to_owned() + &paymentreference) + .header("content-type", "application/json") + .header("Authorization", "token *****").body(Body::empty()).unwrap(); + let resp = client.request(req).await.unwrap(); + let parsed: serde_json::Value = serde_json::from_slice(hyper::body::to_bytes(resp.into_body()).await.unwrap().as_ref()).unwrap(); + let stat: String = parsed.get("status").unwrap().as_str().unwrap().into(); + if stat == "New" { + *response.body_mut() = Body::from("{\"status\":\"PENDING\"}"); + } else { + if stat == "Settled" { + *response.body_mut() = Body::from("{\"status\":\"DONE\"}"); + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus ='DONE' where id = ?", (val, )).unwrap(); + }); + } else { + if stat == "Processing" { + *response.body_mut() = Body::from("{\"status\":\"PROCESSING\"}"); + } else { + if stat == "Expired" { + *response.body_mut() = Body::from("{\"status\":\"EXPIRED\"}"); + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus ='EXPIRED' where id = ?", (val, )).unwrap(); + }); + } else { + *response.body_mut() = Body::from("{\"status\":\"".to_owned() + &stat + "\"}"); + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus =? where id = ?", (stat, val)).unwrap(); + }); + } + } + } + } + } + } else { + *response.body_mut() = Body::from("{\"status\":\"".to_owned() + &paymentstatus + "\"}"); + } + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::PUT, "/registration") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + let mut row: Option> = None; + let mut row2: Option> = None; + let mut row3: Option> = None; + if s.contains_key("tournament") && s.contains_key("paymentmethod") && s.contains_key("partner") { + let tournament = s.get("tournament").unwrap().to_string(); + let partner = s.get("partner").unwrap().to_string(); -#[tokio::main] -async fn main() { - let addr = SocketAddr::from(([0, 0, 0, 0], 1000)); - let make_svc = make_service_fn(|_conn| async { - Ok::<_, Infallible>(service_fn(hello_world)) - }); - let server = Server::bind(&addr).serve(make_svc); + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + + let mut result = con.exec_iter("Select id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + row = it.next(); + let mut con2 = poola.get_conn().unwrap(); + + let mut result2 = con2.exec_iter("Select id, entryFee from tournaments where state = 0 and id =?;", (&tournament, )).unwrap(); + let mut it2 = result2.iter().unwrap(); + row2 = it2.next(); + let mut con3 = poola.get_conn().unwrap(); + + let mut result3 = con3.exec_iter("SELECT id FROM inz.users where id= ?;", (&partner, )).unwrap(); + let mut it3 = result3.iter().unwrap(); + row3 = it3.next(); + }); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return Ok(response); + } + if row2.is_none() { + *response.status_mut() = StatusCode::BAD_REQUEST; + return Ok(response); + } + if row3.is_none() { + *response.status_mut() = StatusCode::NOT_FOUND; + return Ok(response); + } + let urow = row.unwrap().unwrap(); + let urow2 = row2.unwrap().unwrap(); + let id: i32 = urow.get(0).unwrap(); + let fee: i32 = urow2.get(1).unwrap(); + let paymentmethod = s.get("paymentmethod").unwrap().to_string(); + if paymentmethod == "btc" { + let client = Client::new(); + let req = Request::builder() + .method(Method::POST) + .uri("http://10.1.6.101:8082/api/v1/stores/*****/invoices") + .header("content-type", "application/json") + .header("X-Forwarded-Host", "btcpay.dragonmaster.pl") + .header("X-Forwarded-Proto", "https") + .header("Authorization", "token *****") + .body(Body::from("{\"metadata\": {\"orderId\": \"id123\"},\"checkout\": {\"speedPolicy\": \"LowMediumSpeed\",\"redirectURL\":\"https://example.com\"},\"amount\": \"".to_owned()+ &*fee.to_string() +"\",\"currency\": \"PLN\"}")).unwrap(); + let resp = client.request(req).await.unwrap(); + let parsed: serde_json::Value = serde_json::from_slice(hyper::body::to_bytes(resp.into_body()).await.unwrap().as_ref()).unwrap(); + POOL.with(|poola| { + let tmp: String = parsed.get("id").unwrap().as_str().unwrap().into(); + let nid: String = poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`registrations`(`userid`,`tournamentid`,`paymenttype`,`paymentstatus`,`approval`,`paymentreference`, `partner`)VALUES(?,?,'btc','PENDING',0,?,?);", (id, tournament, &tmp, partner)).unwrap().last_insert_id().unwrap().to_string(); + let mut checkout: String = parsed.get("checkoutLink").unwrap().as_str().unwrap().into(); + *response.body_mut() = Body::from("{\"id\":\"".to_owned() + &nid + "\",\"url\":\"" + &*checkout + "\"}"); + }); + } else { + if paymentmethod == "cash" { + POOL.with(|poola| { + let nid = "{\"id\":\"".to_owned() + &poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`registrations`(`userid`,`tournamentid`,`paymenttype`,`paymentstatus`,`approval`,`paymentreference`, `partner`)VALUES(?,?,'cash','PENDING',0,'N/A',?);", (id, tournament, partner)).unwrap().last_insert_id().unwrap().to_string() + "\"}"; + *response.body_mut() = nid.into(); + }); + } else { + *response.body_mut() = "{\"error\":\"bad payment method\"}".into(); + } + } + } else { + *response.body_mut() = "{\"error\":\"not all fields\"}".into(); + } + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::POST, "/tournament") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select role, id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let urow = row.unwrap().unwrap(); + let role: String = urow.get(0).unwrap(); + let id: i32 = urow.get(1).unwrap(); + if role == "1" { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + if s.contains_key("id") { + let tid = s.get("id").unwrap().to_string(); + if role != "3" { + let creator: i32 = poola.get_conn().unwrap().exec_first("Select creator from tournaments where id = ?", (&tid, )).unwrap().unwrap(); + if creator != id { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + } + if s.contains_key("name") { + poola.get_conn().unwrap().exec_drop("Update tournaments set name =? where id = ? and deleted =0", (s.get("name"), &tid)).unwrap(); + } + if s.contains_key("typeOfLadder") { + poola.get_conn().unwrap().exec_drop("Update tournaments set typeOfLadder =? where id = ? and deleted =0", (s.get("typeOfLadder"), &tid)).unwrap(); + } + if s.contains_key("pointsForTournament") { + poola.get_conn().unwrap().exec_drop("Update tournaments set pointsForTournament =? where id = ? and deleted =0", (s.get("pointsForTournament"), &tid)).unwrap(); + } + if s.contains_key("places") { + poola.get_conn().unwrap().exec_drop("Update tournaments set places =? where id = ? and deleted =0", (s.get("places"), &tid)).unwrap(); + } + if s.contains_key("roles") { + poola.get_conn().unwrap().exec_drop("Update tournaments set roles =? where id = ? and deleted =0", (s.get("roles"), &tid)).unwrap(); + } + if s.contains_key("currentRound") { + poola.get_conn().unwrap().exec_drop("Update tournaments set currentRound =? where id = ? and deleted =0", (s.get("currentRound"), &tid)).unwrap(); + } + if s.contains_key("from") { + poola.get_conn().unwrap().exec_drop("Update tournaments set `from` =? where id = ? and deleted =0", (s.get("from"), &tid)).unwrap(); + } + if s.contains_key("to") { + poola.get_conn().unwrap().exec_drop("Update tournaments set `to` =? where id = ? and deleted =0", (s.get("to"), &tid)).unwrap(); + } + if s.contains_key("place") { + poola.get_conn().unwrap().exec_drop("Update tournaments set place =? where id = ? and deleted =0", (s.get("place"), &tid)).unwrap(); + } + if s.contains_key("categotry") { + poola.get_conn().unwrap().exec_drop("Update tournaments set categotry =? where id = ? and deleted =0", (s.get("categotry"), &tid)).unwrap(); + } + if s.contains_key("rang") { + poola.get_conn().unwrap().exec_drop("Update tournaments set rang =? where id = ? and deleted =0", (s.get("rang"), &tid)).unwrap(); + } + if s.contains_key("entryFee") { + poola.get_conn().unwrap().exec_drop("Update tournaments set entryFee =? where id = ? and deleted =0", (s.get("entryFee"), &tid)).unwrap(); + } + if s.contains_key("director") { + poola.get_conn().unwrap().exec_drop("Update tournaments set director =? where id = ? and deleted =0", (s.get("director"), &tid)).unwrap(); + } + if s.contains_key("phone") { + poola.get_conn().unwrap().exec_drop("Update tournaments set phone =? where id = ? and deleted =0", (s.get("phone"), &tid)).unwrap(); + } + if s.contains_key("entriesTo") { + poola.get_conn().unwrap().exec_drop("Update tournaments set entriesTo =? where id = ? and deleted =0", (s.get("entriesTo"), &tid)).unwrap(); + } + if s.contains_key("additionalInformations") { + poola.get_conn().unwrap().exec_drop("Update tournaments set additionalInformations =? where id = ? and deleted =0", (s.get("additionalInformations"), &tid)).unwrap(); + } + if s.contains_key("visibility") { + poola.get_conn().unwrap().exec_drop("Update tournaments set visibility =? where id = ? and deleted =0", (s.get("visibility"), &tid)).unwrap(); + } + + *response.body_mut() = "{}".into(); + } else { + *response.body_mut() = "{\"error\":\"not all fields\"}".into(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::DELETE, "/tournament") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + + let mut result = con.exec_iter("Select role, id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let urow = row.unwrap().unwrap(); + let role: String = urow.get(0).unwrap(); + let id: i32 = urow.get(1).unwrap(); + if role == "1" { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + if s.contains_key("id") { + let tid = s.get("id").unwrap().to_string(); + if role != "3" { + let creator: i32 = poola.get_conn().unwrap().exec_first("Select creator from tournaments where id = ?", (&tid, )).unwrap().unwrap(); + if creator != id { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + } + poola.get_conn().unwrap().exec_drop("Update tournaments set deleted =1 where id = ?", (tid, )).unwrap(); + *response.body_mut() = "{}".into(); + } else { + *response.body_mut() = "{\"error\":\"not all fields\"}".into(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::GET, "/tournaments") => { + POOL.with(|poola| { + let mut res = Vec::new() ; + poola.get_conn().unwrap() + .query_iter( + "SELECT id, name, typeOfLadder, pointsForTournament, places, roles, creator,approved, state, currentRound,`from`, `to`, place, categotry, rang, entryFee, director, phone,entriesTo, additionalInformations, visibility from tournaments where deleted =0 order by id desc", + ).unwrap().for_each(|row| { + let result_set = row.unwrap(); + res.push(tournament { id:from_value(result_set.get(0).unwrap()), name:from_value(result_set.get(1).unwrap()), typeOfLadder:from_value(result_set.get(2).unwrap()), places:from_value(result_set.get(4).unwrap()), roles:from_value(result_set.get(5).unwrap()), creator:from_value(result_set.get(6).unwrap()), pointsForTournament:from_value(result_set.get(3).unwrap()), approved:from_value(result_set.get(7).unwrap()), state:from_value(result_set.get(8).unwrap()), currentRound:from_value(result_set.get(9).unwrap()),from:from_value(result_set.get(10).unwrap()), to:from_value(result_set.get(11).unwrap()), place:from_value(result_set.get(12).unwrap()), categotry:from_value(result_set.get(13).unwrap()), rang:from_value(result_set.get(14).unwrap()), entryFee:from_value(result_set.get(15).unwrap()), director:from_value(result_set.get(16).unwrap()), phone:from_value(result_set.get(17).unwrap()),entriesTo:from_value(result_set.get(18).unwrap()), additionalInformations:from_value(result_set.get(19).unwrap()), + visibility:from_value( result_set.get(20).unwrap()) + }); + }); + + *response.body_mut() = serde_json::to_string(&res).unwrap().into(); + }); + } + (&Method::PUT, "/tournament") => { + if req.headers().contains_key("Authorization") { + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + + let mut result = con.exec_iter("Select role, id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let urow = row.unwrap().unwrap(); + let role: String = urow.get(0).unwrap(); + let id: i32 = urow.get(1).unwrap(); + if role == "1" { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + if s.contains_key("name") && s.contains_key("typeOfLadder") && s.contains_key("pointsForTournament") && s.contains_key("places") && s.contains_key("roles") && s.contains_key("ranked") && s.contains_key("from") && s.contains_key("to") && s.contains_key("place") && s.contains_key("categotry") && s.contains_key("rang") && s.contains_key("entryFee") && s.contains_key("director") && s.contains_key("phone") && s.contains_key("entriesTo")&& s.contains_key("additionalInformations") && s.contains_key("visibility"){ + let name = s.get("name").unwrap().to_string(); + let type_of_ladder = s.get("typeOfLadder").unwrap().to_string(); + let points_for_tournament = s.get("pointsForTournament").unwrap().to_string(); + let places = s.get("places").unwrap().to_string(); + let roles = s.get("roles").unwrap().to_string(); + let mut ranked = s.get("ranked").unwrap().to_string(); + if ranked != "0" && ranked != "1" { + ranked = String::from("0"); + } + let from = s.get("from").unwrap().to_string(); + let to = s.get("to").unwrap().to_string(); + let place = s.get("place").unwrap().to_string(); + let categotry = s.get("categotry").unwrap().to_string(); + let rang = s.get("rang").unwrap().to_string(); + let entryFee = s.get("entryFee").unwrap().to_string(); + let director = s.get("director").unwrap().to_string(); + let phone = s.get("phone").unwrap().to_string(); + let entriesTo = s.get("entriesTo").unwrap().to_string(); + let visibility = s.get("visibility").unwrap().to_string(); + let additionalInformations = s.get("additionalInformations").unwrap().to_string(); + let id2 = &poola.get_conn().unwrap().exec_iter("INSERT INTO `inz`.`tournaments`(`name`,`typeOfLadder`,`pointsForTournament`,`places`,`roles`,`creator`,`deleted`,`approved`,`state`,`currentRound`,`from`,`to`,`place`,`categotry`,`rang`,`entryFee`,`director`,`phone`,`entriesTo`,`additionalInformations`,`visibility`) VALUES (?,?,?,?,?,?,0,?,0,0,'1000-01-01 01:01:01','1000-01-01 01:01:01','','','',0,'','','1000-01-01 01:01:01','','TRUE');", (name, type_of_ladder, points_for_tournament, places, roles, id, ranked)).unwrap().last_insert_id().unwrap().to_string(); + let _ = &poola.get_conn().unwrap().exec_drop("Update tournaments set `from` =?, `to`=?, `place`=?, `categotry`=?, `rang`=?, `entryFee`=?, `director`=?, `phone`=?, `entriesTo`=?, `additionalInformations`=?, `visibility`=? where id = ?;", (from,to,place,categotry,rang,entryFee,director,phone,entriesTo,additionalInformations,visibility, &id2 )).unwrap(); + let str = "{\"id\":".to_owned() + id2 + "}"; + *response.body_mut() = str.into(); + } else { + *response.body_mut() = "{\"error\":\"not all fields\"}".into(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::POST, "/user") => { + let headers = (&req).headers(); + let mut tmp = headers.get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return Ok(response); + } + let token = tmp.next().unwrap().to_string(); + if req.headers().contains_key("Authorization") { + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("Select id from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let urow = row.unwrap().unwrap(); + let idi: i32 = urow.get(0).unwrap(); + if s.contains_key("name") { + poola.get_conn().unwrap().exec_drop("Update users set name =? where id = ?", (s.get("name"), idi)).unwrap(); + } + if s.contains_key("surname") { + poola.get_conn().unwrap().exec_drop("Update users set surname =? where id = ?", (s.get("surname"), idi)).unwrap(); + } + if s.contains_key("password") { + poola.get_conn().unwrap().exec_drop("Update users set password =? where id = ?", (hash(s.get("password").unwrap().to_string(), DEFAULT_COST - 6).unwrap(), idi)).unwrap(); + } + if s.contains_key("mail") { + poola.get_conn().unwrap().exec_drop("Update users set mail =? where id = ?", (s.get("mail"), idi)).unwrap(); + } + if s.contains_key("phone") { + poola.get_conn().unwrap().exec_drop("Update users set phone =? where id = ?", (s.get("phone"), idi)).unwrap(); + } + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::GET, "/user") => { + if req.headers().contains_key("Authorization") { + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut tmp = req.headers().get("Authorization").unwrap().to_str().unwrap().split(" "); + let aa = tmp.next().unwrap(); + if aa != "Bearer" { + *response.status_mut() = StatusCode::UNAUTHORIZED; + return; + } + let token = tmp.next().unwrap(); + let mut result = con.exec_iter("Select * from users where id =(SELECT user FROM `inz`.`sessions` where token = ? and expire > NOW());", (&token, )).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if row.is_none() { + *response.status_mut() = StatusCode::FORBIDDEN; + return; + } + let urow = row.unwrap().unwrap(); + let a = User { id: urow.get(0).unwrap(), name: urow.get(1).unwrap(), surname: urow.get(2).unwrap(), role: urow.get(3).unwrap(), login: urow.get(4).unwrap(), phone: urow.get(7).unwrap(), mail: urow.get(6).unwrap(), ranking: urow.get(8).unwrap() }; + + *response.body_mut() = serde_json::to_string(&a).unwrap().into(); + }); + } else { + *response.status_mut() = StatusCode::UNAUTHORIZED; + } + } + (&Method::PUT, "/user/create") => { + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if s.contains_key("username") && s.contains_key("name") && s.contains_key("surname") && s.contains_key("password") && s.contains_key("mail") && s.contains_key("phone") { + let username = s.get("username").unwrap().to_string(); + let name = s.get("name").unwrap().to_string(); + let surname = s.get("surname").unwrap().to_string(); + let password = hash(s.get("password").unwrap().to_string(), DEFAULT_COST - 6).unwrap(); + let mail = s.get("mail").unwrap().to_string(); + let phone = s.get("phone").unwrap().to_string(); + POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut a = con.exec_iter("select `login` from users where login = ?", (&username, )).unwrap(); + let it = a.iter().unwrap().next(); + if it.is_none() { + poola.get_conn().unwrap().exec_drop("INSERT INTO `inz`.`users`(`name`,`surname`,`role`,`login`,`password`,`mail`,`phone`,`deleted`,`ranking`)VALUES (?,?,1,?,?,?,?,0,0);", (name, surname, username, password, mail, phone)).unwrap(); + } + }); + *response.body_mut() = "{}".into(); + } else { + *response.body_mut() = "{\"error\":\"not all fields\"}".into(); + } + } + (&Method::POST, "/user/login") => { + let byte_stream = hyper::body::to_bytes(req).await.unwrap(); + let s: HashMap = serde_json::from_slice(&byte_stream).unwrap(); + if s.contains_key("username") && s.contains_key("password") { + let username = s.get("username").unwrap().to_string(); + let password = s.get("password").unwrap().to_string(); + *response.body_mut() = POOL.with(|poola| { + let mut con = poola.get_conn().unwrap(); + let mut result = con.exec_iter("SELECT * FROM `inz`.`users` where (login = ? or mail = ?) and `deleted`=0;", (&username, &username)).unwrap(); + let mut it = result.iter().unwrap(); + let row = it.next(); + if !row.is_none() { + let urow = row.unwrap().unwrap(); + let pas: String = urow.get(5).unwrap(); + let id: i32 = urow.get(0).unwrap(); + if verify(&password, &pas).unwrap() { + let mut rand: OsRng = OsRng::new().expect("Error opening random number generator"); + if !it.next().is_none() { + return Body::from("{\"error\":\"wrong username or password\"}"); + } + const CHARSET: &[u8] = b"ABCDEFGHIJKLMNOPQRSTUVWXYZ\ + abcdefghijklmnopqrstuvwxyz\ + 0123456789"; + const PASSWORD_LEN: usize = 80; + let password: String = (0..PASSWORD_LEN) + .map(|_| { + let idx = rand.gen_range(0, CHARSET.len()); + CHARSET[idx] as char + }) + .collect(); + poola.get_conn().unwrap().exec_drop("DELETE FROM `inz`.`sessions`WHERE user = ?;", (id, )).unwrap(); + poola.get_conn().unwrap().exec_drop("INSERT INTO `inz`.`sessions`(`user`,`token`,`expire`)VALUES (?,?,DATE_ADD(NOW(), INTERVAL 30 MINUTE));", (id, &password)).unwrap(); + return Body::from("{\"token\":\"".to_owned() + &password + "\"}"); + } else { + return Body::from("{\"error\":\"wrong username or password\"}"); + } + } else { + hash("asd", DEFAULT_COST - 6).unwrap(); + return Body::from("{\"error\":\"wrong username or password\"}"); + } + }); + } else { + *response.body_mut() = "{\"error\":\"not all fields\"}".into(); + } + } + + _ => { + *response.status_mut() = StatusCode::NOT_FOUND; + } + }; + Ok(response) + } + + #[tokio::main] + async fn main() { + let addr = SocketAddr::from(([0, 0, 0, 0], 1000)); + let make_svc = make_service_fn(|_conn| async { + Ok::<_, Infallible>(service_fn(hello_world)) + }); + let server = Server::bind(&addr).serve(make_svc); + tokio::spawn(async move { + loop + { + sleep(Duration::from_secs(60*5)).await; + POOL.with(|poola| { + poola.get_conn().unwrap() + .query_iter( + "Select id, paymentreference from registrations where paymentstatus = 'PENDING' and paymenttype ='btc'", + ).unwrap().for_each(|row| { + tokio::spawn(async move { + let result_set = row.unwrap(); + let reference: &String = &from_value(result_set.get(1).unwrap()); + let id: &String = &from_value(result_set.get(0).unwrap()); + let client = Client::new(); + let req = Request::builder() + .method(Method::GET) + .uri("http://10.1.6.101:8082/api/v1/stores/5QsjqLbqHNgiP4GnAqy2apKaTcxWDj7zFFSpNKZGEseR/invoices/".to_owned() + reference) + .header("content-type", "application/json") + .header("Authorization", "token 8b1d0a2a653e9f40ac402dbce66fccb3ccd1b9c5").body(Body::empty()).unwrap(); + let resp = client.request(req).await.unwrap(); + let parsed: serde_json::Value = serde_json::from_slice(hyper::body::to_bytes(resp.into_body()).await.unwrap().as_ref()).unwrap(); + let stat: String = parsed.get("status").unwrap().as_str().unwrap().into(); + if stat == "New" {} else { + if stat == "Settled" { + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus ='DONE' where id = ?", (id, )).unwrap(); + }); + } else { + if stat == "Processing" {} else { + if stat == "Expired" { + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus ='EXPIRED' where id = ?", (id, )).unwrap(); + }); + } else { + POOL.with(|poola| { + poola.get_conn().unwrap().exec_drop("Update registrations set paymentstatus =? where id = ?", (stat, id)).unwrap(); + }); + } + } + } + } + }); + }); + }); + } + }); if let Err(e) = server.await { eprintln!("server error: {}", e); }