gemma: controllers/routes.go annotate

annotate controllers/routes.go @ 319:ac760b0f22a9

Add special role for password reset As password reset is exposed without requiring a login, let this role have privileges limited to reseting passwords, and only reseting passwords.

author	Tom Gottfried <tom@intevation.de>
date	Thu, 02 Aug 2018 13:06:39 +0200
parents	69e291f26bbd
children	bd292a554b6e

rev	line source
226 63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	1 package controllers
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	2
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	3 import (
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	4 "net/http"
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	5
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	6 "gemma.intevation.de/gemma/auth"
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	7
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	8 "github.com/gorilla/mux"
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	9 )
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	10
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	11 func BindRoutes(m *mux.Router) {
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	12
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	13 api := m.PathPrefix("/api").Subrouter()
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	14
270 d1b0d964af09 Dont restrict listing/updating of users to sys_admins. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 254 diff changeset	15 var (
d1b0d964af09 Dont restrict listing/updating of users to sys_admins. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 254 diff changeset	16 sysAdmin = auth.EnsureRole("sys_admin")
d1b0d964af09 Dont restrict listing/updating of users to sys_admins. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 254 diff changeset	17 all = auth.EnsureRole("sys_admin", "waterway_admin", "waterway_user")
d1b0d964af09 Dont restrict listing/updating of users to sys_admins. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 254 diff changeset	18 )
226 63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	19
281 3c5420976910 A user should see her/him self if asking for users listing. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 270 diff changeset	20 api.Handle("/users", all(&JSONHandler{
250 deabc2712634 Implemented /users GET as list of users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 242 diff changeset	21 Handle: listUsers,
deabc2712634 Implemented /users GET as list of users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 242 diff changeset	22 })).Methods(http.MethodGet)
deabc2712634 Implemented /users GET as list of users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 242 diff changeset	23
deabc2712634 Implemented /users GET as list of users. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 242 diff changeset	24 api.Handle("/users", sysAdmin(&JSONHandler{
239 713234a04a87 Renamed JSONHandler.Process to JSONHandler.Handler as it sounds more symmetrical. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 237 diff changeset	25 Input: func() interface{} { return new(User) },
713234a04a87 Renamed JSONHandler.Process to JSONHandler.Handler as it sounds more symmetrical. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 237 diff changeset	26 Handle: createUser,
237 3771788d3dae Reduce boilerplate code when writing JSON parsing/generating endpoints. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 235 diff changeset	27 })).Methods(http.MethodPost)
3771788d3dae Reduce boilerplate code when writing JSON parsing/generating endpoints. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 235 diff changeset	28
270 d1b0d964af09 Dont restrict listing/updating of users to sys_admins. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 254 diff changeset	29 api.Handle("/users/{user}", all(&JSONHandler{
254 de6fdb316b8f Implemented /users/{user} GET a listing of given user. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 250 diff changeset	30 Handle: listUser,
de6fdb316b8f Implemented /users/{user} GET a listing of given user. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 250 diff changeset	31 })).Methods(http.MethodGet)
de6fdb316b8f Implemented /users/{user} GET a listing of given user. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 250 diff changeset	32
270 d1b0d964af09 Dont restrict listing/updating of users to sys_admins. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 254 diff changeset	33 api.Handle("/users/{user}", all(&JSONHandler{
239 713234a04a87 Renamed JSONHandler.Process to JSONHandler.Handler as it sounds more symmetrical. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 237 diff changeset	34 Input: func() interface{} { return new(User) },
713234a04a87 Renamed JSONHandler.Process to JSONHandler.Handler as it sounds more symmetrical. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 237 diff changeset	35 Handle: updateUser,
237 3771788d3dae Reduce boilerplate code when writing JSON parsing/generating endpoints. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 235 diff changeset	36 })).Methods(http.MethodPut)
226 63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	37
240 9012e4045da4 Implemented /user delete controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 239 diff changeset	38 api.Handle("/users/{user}", sysAdmin(&JSONHandler{
9012e4045da4 Implemented /user delete controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 239 diff changeset	39 Handle: deleteUser,
242 24eb518b0394 /users delete should be handled by HTTP DELETE not PUT. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 240 diff changeset	40 })).Methods(http.MethodDelete)
240 9012e4045da4 Implemented /user delete controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 239 diff changeset	41
302 0777aa6de45b Password reset. Part I Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 281 diff changeset	42 api.Handle("/users/passwordreset", &JSONHandler{
0777aa6de45b Password reset. Part I Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 281 diff changeset	43 Input: func() interface{} { return new(PWResetUser) },
304 69e291f26bbd Password reset: Part II. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 302 diff changeset	44 Handle: passwordResetRequest,
69e291f26bbd Password reset: Part II. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 302 diff changeset	45 }).Methods(http.MethodPost)
69e291f26bbd Password reset: Part II. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 302 diff changeset	46
69e291f26bbd Password reset: Part II. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 302 diff changeset	47 api.Handle("/users/passwordreset/{hash}", &JSONHandler{
302 0777aa6de45b Password reset. Part I Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 281 diff changeset	48 Handle: passwordReset,
304 69e291f26bbd Password reset: Part II. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 302 diff changeset	49 }).Methods(http.MethodGet)
302 0777aa6de45b Password reset. Part I Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 281 diff changeset	50
231 694f959ba3e7 Fixed bad route to /logout controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 226 diff changeset	51 api.HandleFunc("/login", login).
226 63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	52 Methods(http.MethodGet, http.MethodPost)
231 694f959ba3e7 Fixed bad route to /logout controller. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 226 diff changeset	53 api.Handle("/logout", auth.SessionMiddleware(http.HandlerFunc(logout))).
226 63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	54 Methods(http.MethodGet, http.MethodPost)
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	55 api.Handle("/renew", auth.SessionMiddleware(http.HandlerFunc(renew))).
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	56 Methods(http.MethodGet, http.MethodPost)
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	57
63dd5216eee4 Refactored gemma server to be more REST-like. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	58 }

Mercurial > gemma

annotate controllers/routes.go @ 319:ac760b0f22a9