Mercurial > gemma
annotate pkg/controllers/user.go @ 425:c49f4c1808b1
Simplified user validation with new UserName type.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Thu, 16 Aug 2018 17:31:25 +0200 |
parents | c70ddc6eb168 |
children | fc37e7072022 |
rev | line source |
---|---|
226
63dd5216eee4
Refactored gemma server to be more REST-like.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
218
diff
changeset
|
1 package controllers |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
2 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
3 import ( |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
4 "database/sql" |
254
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
5 "fmt" |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
6 "net/http" |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
7 |
241
3b688fe04c39
No omitempty if JSON serialising PostgreSQL errors.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
240
diff
changeset
|
8 "github.com/gorilla/mux" |
3b688fe04c39
No omitempty if JSON serialising PostgreSQL errors.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
240
diff
changeset
|
9 |
414
c1047fd04a3a
Moved project specific Go packages to new pkg folder.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
343
diff
changeset
|
10 "gemma.intevation.de/gemma/pkg/auth" |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
11 ) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
12 |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
13 const ( |
343
5b03f420957d
Use INSTEAD OF trigger for user creation
Tom Gottfried <tom@intevation.de>
parents:
342
diff
changeset
|
14 createUserSQL = `INSERT INTO users.list_users |
5b03f420957d
Use INSTEAD OF trigger for user creation
Tom Gottfried <tom@intevation.de>
parents:
342
diff
changeset
|
15 VALUES ($1, $2, $3, $4, NULL, $5)` |
5b03f420957d
Use INSTEAD OF trigger for user creation
Tom Gottfried <tom@intevation.de>
parents:
342
diff
changeset
|
16 createUserExtentSQL = `INSERT INTO users.list_users |
5b03f420957d
Use INSTEAD OF trigger for user creation
Tom Gottfried <tom@intevation.de>
parents:
342
diff
changeset
|
17 VALUES ($1, $2, $3, $4, |
188
ee3093966a6d
ST_SetSRID should be not need as the map extent column does not have any SRID code.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
187
diff
changeset
|
18 ST_MakeBox2D(ST_Point($5, $6), ST_Point($7, $8)), $9)` |
235
7d1f0ffdfa41
Implemented /users update controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
19 |
327
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
20 updateUserUnprivSQL = `UPDATE users.list_users |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
21 SET (pw, map_extent, email_address) |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
22 = ($2, ST_MakeBox2D(ST_Point($3, $4), ST_Point($5, $6)), $7) |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
23 WHERE username = $1` |
307
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
24 updateUserSQL = `UPDATE users.list_users |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
25 SET (rolname, username, pw, country, map_extent, email_address) |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
26 = ($2, $3, $4, $5, NULL, $6) |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
27 WHERE username = $1` |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
28 updateUserExtentSQL = `UPDATE users.list_users |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
29 SET (rolname, username, pw, country, map_extent, email_address) |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
30 = ($2, $3, $4, $5, ST_MakeBox2D(ST_Point($6, $7), ST_Point($8, $9)), $10) |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
31 WHERE username = $1` |
240
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
32 |
342
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
33 deleteUserSQL = `DELETE FROM users.list_users WHERE username = $1` |
250
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
34 |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
35 listUsersSQL = `SELECT |
253
322c3d0e05ef
The column in sys_admin.list_users is called rolname not rolename.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
250
diff
changeset
|
36 rolname, |
250
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
37 username, |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
38 country, |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
39 email_address, |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
40 ST_XMin(map_extent), ST_YMin(map_extent), |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
41 ST_XMax(map_extent), ST_YMax(map_extent) |
279
d89a19c297e0
list_users is now in users schema.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
261
diff
changeset
|
42 FROM users.list_users` |
254
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
43 |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
44 listUserSQL = `SELECT |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
45 rolname, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
46 country, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
47 email_address, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
48 ST_XMin(map_extent), ST_YMin(map_extent), |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
49 ST_XMax(map_extent), ST_YMax(map_extent) |
279
d89a19c297e0
list_users is now in users schema.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
261
diff
changeset
|
50 FROM users.list_users |
254
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
51 WHERE username = $1` |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
52 ) |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
53 |
240
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
54 func deleteUser( |
288
4befc5868ea6
Mark input in user controllers as unused if they don't need a JSON input.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
287
diff
changeset
|
55 _ interface{}, req *http.Request, |
257
dfc2b035e055
Slimming down the signature of the JSONHandler type to
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
254
diff
changeset
|
56 db *sql.DB, |
240
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
57 ) (jr JSONResult, err error) { |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
58 |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
59 user := mux.Vars(req)["user"] |
425
c49f4c1808b1
Simplified user validation with new UserName type.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
418
diff
changeset
|
60 if !UserName(user).isValid() { |
c49f4c1808b1
Simplified user validation with new UserName type.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
418
diff
changeset
|
61 err = JSONError{http.StatusBadRequest, "error: user invalid"} |
240
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
62 return |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
63 } |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
64 |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
65 session, _ := auth.GetSession(req) |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
66 if session.User == user { |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
67 err = JSONError{http.StatusBadRequest, "error: cannot delete yourself"} |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
68 return |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
69 } |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
70 |
342
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
71 var res sql.Result |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
72 |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
73 if res, err = db.Exec(deleteUserSQL, user); err != nil { |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
74 return |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
75 } |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
76 |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
77 if n, err2 := res.RowsAffected(); err2 == nil && n == 0 { |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
78 err = JSONError{ |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
79 Code: http.StatusNotFound, |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
80 Message: fmt.Sprintf("Cannot find user %s.", user), |
c6bd6ed18942
Use INSTEAD OF trigger for user deletion
Tom Gottfried <tom@intevation.de>
parents:
328
diff
changeset
|
81 } |
240
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
82 return |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
83 } |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
84 |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
85 // Running in a go routine should not be necessary. |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
86 go func() { auth.ConnPool.Logout(user) }() |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
87 |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
88 jr = JSONResult{Code: http.StatusNoContent} |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
89 return |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
90 } |
9012e4045da4
Implemented /user delete controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
237
diff
changeset
|
91 |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
92 func updateUser( |
257
dfc2b035e055
Slimming down the signature of the JSONHandler type to
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
254
diff
changeset
|
93 input interface{}, req *http.Request, |
dfc2b035e055
Slimming down the signature of the JSONHandler type to
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
254
diff
changeset
|
94 db *sql.DB, |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
95 ) (jr JSONResult, err error) { |
235
7d1f0ffdfa41
Implemented /users update controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
96 |
418
c70ddc6eb168
Don't allow user names to contain any of the following characters \"':;
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
414
diff
changeset
|
97 user := UserName(mux.Vars(req)["user"]) |
425
c49f4c1808b1
Simplified user validation with new UserName type.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
418
diff
changeset
|
98 if !user.isValid() { |
418
c70ddc6eb168
Don't allow user names to contain any of the following characters \"':;
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
414
diff
changeset
|
99 err = JSONError{http.StatusBadRequest, "error: user invalid"} |
235
7d1f0ffdfa41
Implemented /users update controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
100 return |
7d1f0ffdfa41
Implemented /users update controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
101 } |
7d1f0ffdfa41
Implemented /users update controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
102 |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
103 newUser := input.(*User) |
307
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
104 var res sql.Result |
235
7d1f0ffdfa41
Implemented /users update controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
105 |
326
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
106 if s, _ := auth.GetSession(req); s.Roles.Has("sys_admin") { |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
107 if newUser.Extent == nil { |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
108 res, err = db.Exec( |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
109 updateUserSQL, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
110 user, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
111 newUser.Role, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
112 newUser.User, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
113 newUser.Password, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
114 newUser.Country, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
115 newUser.Email, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
116 ) |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
117 } else { |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
118 res, err = db.Exec( |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
119 updateUserExtentSQL, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
120 user, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
121 newUser.Role, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
122 newUser.User, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
123 newUser.Password, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
124 newUser.Country, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
125 newUser.Extent.X1, newUser.Extent.Y1, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
126 newUser.Extent.X2, newUser.Extent.Y2, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
127 newUser.Email, |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
128 ) |
a7b2db8b3d18
Added type for roles.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
314
diff
changeset
|
129 } |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
130 } else { |
328
003243ec5ce5
Don't crash if we doing update as unprivileged user without a bounding box.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
327
diff
changeset
|
131 if newUser.Extent == nil { |
003243ec5ce5
Don't crash if we doing update as unprivileged user without a bounding box.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
327
diff
changeset
|
132 err = JSONError{http.StatusBadRequest, "extent is mandatory"} |
003243ec5ce5
Don't crash if we doing update as unprivileged user without a bounding box.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
327
diff
changeset
|
133 return |
003243ec5ce5
Don't crash if we doing update as unprivileged user without a bounding box.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
327
diff
changeset
|
134 } |
327
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
135 res, err = db.Exec( |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
136 updateUserUnprivSQL, |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
137 user, |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
138 newUser.Password, |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
139 newUser.Extent.X1, newUser.Extent.Y1, |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
140 newUser.Extent.X2, newUser.Extent.Y2, |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
141 newUser.Email, |
363983d5c567
Allow Waterway User to update a limited set of profile attributes
Tom Gottfried <tom@intevation.de>
parents:
326
diff
changeset
|
142 ) |
235
7d1f0ffdfa41
Implemented /users update controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
143 } |
7d1f0ffdfa41
Implemented /users update controller.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
226
diff
changeset
|
144 |
311
74559e12a59f
sql.Result.RowsAffected is a driver specific feature. Check
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
307
diff
changeset
|
145 if err != nil { |
74559e12a59f
sql.Result.RowsAffected is a driver specific feature. Check
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
307
diff
changeset
|
146 return |
74559e12a59f
sql.Result.RowsAffected is a driver specific feature. Check
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
307
diff
changeset
|
147 } |
74559e12a59f
sql.Result.RowsAffected is a driver specific feature. Check
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
307
diff
changeset
|
148 |
74559e12a59f
sql.Result.RowsAffected is a driver specific feature. Check
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
307
diff
changeset
|
149 if n, err2 := res.RowsAffected(); err2 == nil && n == 0 { |
307
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
150 err = JSONError{ |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
151 Code: http.StatusNotFound, |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
152 Message: fmt.Sprintf("Cannot find user %s.", user), |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
153 } |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
154 return |
750a9c9cd965
Use SQL UPDATE to update users
Tom Gottfried <tom@intevation.de>
parents:
288
diff
changeset
|
155 } |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
156 |
261
ab9859981ee3
If a user got renamed kick her/him from the connection pool.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
257
diff
changeset
|
157 if user != newUser.User { |
ab9859981ee3
If a user got renamed kick her/him from the connection pool.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
257
diff
changeset
|
158 // Running in a go routine should not be necessary. |
418
c70ddc6eb168
Don't allow user names to contain any of the following characters \"':;
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
414
diff
changeset
|
159 go func() { auth.ConnPool.Logout(string(user)) }() |
261
ab9859981ee3
If a user got renamed kick her/him from the connection pool.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
257
diff
changeset
|
160 } |
ab9859981ee3
If a user got renamed kick her/him from the connection pool.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
257
diff
changeset
|
161 |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
162 jr = JSONResult{ |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
163 Code: http.StatusCreated, |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
164 Result: struct { |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
165 Result string `json:"result"` |
314
adceb47920fb
Cosmetics. Little less structure bloat.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
311
diff
changeset
|
166 }{"success"}, |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
167 } |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
168 return |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
169 } |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
170 |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
171 func createUser( |
257
dfc2b035e055
Slimming down the signature of the JSONHandler type to
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
254
diff
changeset
|
172 input interface{}, req *http.Request, |
dfc2b035e055
Slimming down the signature of the JSONHandler type to
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
254
diff
changeset
|
173 db *sql.DB, |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
174 ) (jr JSONResult, err error) { |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
175 |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
176 user := input.(*User) |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
177 |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
178 if user.Extent == nil { |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
179 _, err = db.Exec( |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
180 createUserSQL, |
243
d39f897fae16
Made models for email, user and country driver.Valuer to get rid of some conversions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
241
diff
changeset
|
181 user.Role, |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
182 user.User, |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
183 user.Password, |
243
d39f897fae16
Made models for email, user and country driver.Valuer to get rid of some conversions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
241
diff
changeset
|
184 user.Country, |
d39f897fae16
Made models for email, user and country driver.Valuer to get rid of some conversions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
241
diff
changeset
|
185 user.Email, |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
186 ) |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
187 } else { |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
188 _, err = db.Exec( |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
189 createUserExtentSQL, |
243
d39f897fae16
Made models for email, user and country driver.Valuer to get rid of some conversions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
241
diff
changeset
|
190 user.Role, |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
191 user.User, |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
192 user.Password, |
243
d39f897fae16
Made models for email, user and country driver.Valuer to get rid of some conversions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
241
diff
changeset
|
193 user.Country, |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
194 user.Extent.X1, user.Extent.Y1, |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
195 user.Extent.X2, user.Extent.Y2, |
243
d39f897fae16
Made models for email, user and country driver.Valuer to get rid of some conversions.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
241
diff
changeset
|
196 user.Email, |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
197 ) |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
198 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
199 |
187
51addc0533fe
More complete show case for creating users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
186
diff
changeset
|
200 if err != nil { |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
201 return |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
202 } |
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
203 |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
204 jr = JSONResult{ |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
205 Code: http.StatusCreated, |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
206 Result: struct { |
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
207 Result string `json:"result"` |
314
adceb47920fb
Cosmetics. Little less structure bloat.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
311
diff
changeset
|
208 }{"success"}, |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
209 } |
237
3771788d3dae
Reduce boilerplate code when writing JSON parsing/generating endpoints.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
235
diff
changeset
|
210 return |
186
fe3a88f00b0a
Experimental user creation support.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
211 } |
250
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
212 |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
213 func listUsers( |
288
4befc5868ea6
Mark input in user controllers as unused if they don't need a JSON input.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
287
diff
changeset
|
214 _ interface{}, req *http.Request, |
257
dfc2b035e055
Slimming down the signature of the JSONHandler type to
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
254
diff
changeset
|
215 db *sql.DB, |
250
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
216 ) (jr JSONResult, err error) { |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
217 |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
218 var rows *sql.Rows |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
219 |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
220 rows, err = db.Query(listUsersSQL) |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
221 if err != nil { |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
222 return |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
223 } |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
224 defer rows.Close() |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
225 |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
226 var users []*User |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
227 |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
228 for rows.Next() { |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
229 user := &User{Extent: &BoundingBox{}} |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
230 if err = rows.Scan( |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
231 &user.Role, |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
232 &user.User, |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
233 &user.Country, |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
234 &user.Email, |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
235 &user.Extent.X1, &user.Extent.Y1, |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
236 &user.Extent.X2, &user.Extent.Y2, |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
237 ); err != nil { |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
238 return |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
239 } |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
240 users = append(users, user) |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
241 } |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
242 |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
243 jr = JSONResult{ |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
244 Result: struct { |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
245 Users []*User `json:"users"` |
314
adceb47920fb
Cosmetics. Little less structure bloat.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
311
diff
changeset
|
246 }{users}, |
250
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
247 } |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
248 return |
deabc2712634
Implemented /users GET as list of users.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
243
diff
changeset
|
249 } |
254
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
250 |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
251 func listUser( |
288
4befc5868ea6
Mark input in user controllers as unused if they don't need a JSON input.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
287
diff
changeset
|
252 _ interface{}, req *http.Request, |
257
dfc2b035e055
Slimming down the signature of the JSONHandler type to
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
254
diff
changeset
|
253 db *sql.DB, |
254
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
254 ) (jr JSONResult, err error) { |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
255 |
418
c70ddc6eb168
Don't allow user names to contain any of the following characters \"':;
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
414
diff
changeset
|
256 user := UserName(mux.Vars(req)["user"]) |
425
c49f4c1808b1
Simplified user validation with new UserName type.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
418
diff
changeset
|
257 if !user.isValid() { |
418
c70ddc6eb168
Don't allow user names to contain any of the following characters \"':;
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
414
diff
changeset
|
258 err = JSONError{http.StatusBadRequest, "error: user invalid"} |
254
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
259 return |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
260 } |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
261 |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
262 result := &User{ |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
263 User: user, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
264 Extent: &BoundingBox{}, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
265 } |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
266 |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
267 err = db.QueryRow(listUserSQL, user).Scan( |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
268 &result.Role, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
269 &result.Country, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
270 &result.Email, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
271 &result.Extent.X1, &result.Extent.Y1, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
272 &result.Extent.X2, &result.Extent.Y2, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
273 ) |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
274 |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
275 switch { |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
276 case err == sql.ErrNoRows: |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
277 err = JSONError{ |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
278 Code: http.StatusNotFound, |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
279 Message: fmt.Sprintf("Cannot find user %s.", user), |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
280 } |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
281 return |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
282 case err != nil: |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
283 return |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
284 } |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
285 |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
286 jr.Result = result |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
287 return |
de6fdb316b8f
Implemented /users/{user} GET a listing of given user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
253
diff
changeset
|
288 } |