feat: bal and user permission checks

src/utils/auth.rs

@@ -0,0 +1,42 @@
+use sea_orm::ConnectionTrait;
+
+use crate::entities::prelude::*;
+
+pub async fn user_is_bal_owner<C>(
+    user_id: u32,
+    bal_id: u32,
+    db_conn: &C
+) -> bool
+where C: ConnectionTrait,
+{
+    match Bal::get_by_id(db_conn, bal_id).await {
+        Some(bal) => user_id == bal.user_id,
+        None => false
+    }
+}
+
+pub async fn user_is_book_instance_owner<C>(
+    user_id: u32,
+    book_instance_id: u32,
+    db_conn: &C
+) -> bool
+where C: ConnectionTrait,
+{
+    match BookInstance::get_by_id(db_conn, book_instance_id).await {
+        Some(instance) => user_is_bal_owner(user_id, instance.bal_id, db_conn).await,
+        None => false
+    }
+}
+
+pub async fn user_is_owner_owner<C>(
+    user_id: u32,
+    owner_id: u32,
+    db_conn: &C
+) -> bool
+where C: ConnectionTrait,
+{
+    match Owner::get_by_id(db_conn, owner_id).await {
+        Some(owner) => owner.user_id == user_id,
+        None => false
+    }
+}

src/utils/events.rs

@@ -11,18 +11,28 @@ pub enum Event {
 
 #[derive(Clone, Debug)]
 pub enum WebsocketMessage {
-    NewOwner(Arc<owner::Model>)
+    NewOwner(Arc<owner::Model>),
+    Ping
 }
 
 impl WebsocketMessage {
-    pub fn to_json(self) -> Value {
+    pub fn to_json(&self) -> Value {
         json!({
             "type": match self {
                 Self::NewOwner(_) => "new_owner",
+                Self::Ping => "ping",
             },
             "data": match self {
                 Self::NewOwner(owner) => json!(owner),
+                Self::Ping => json!(null),
             }
         })
     }
+
+    pub fn should_user_receive(&self, user_id: u32) -> bool {
+        match self {
+            Self::NewOwner(owner) => owner.user_id == user_id,
+            _ => true
+        }
+    }
 }

src/utils/mod.rs

@@ -1,3 +1,4 @@
+pub mod auth;
 pub mod cli;
 pub mod events;
 pub mod open_library;