Mercurial > gemma
comparison pkg/controllers/user.go @ 414:c1047fd04a3a
Moved project specific Go packages to new pkg folder.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Wed, 15 Aug 2018 17:30:50 +0200 |
parents | controllers/user.go@5b03f420957d |
children | c70ddc6eb168 |
comparison
equal
deleted
inserted
replaced
413:a9440a4826aa | 414:c1047fd04a3a |
---|---|
1 package controllers | |
2 | |
3 import ( | |
4 "database/sql" | |
5 "fmt" | |
6 "net/http" | |
7 | |
8 "github.com/gorilla/mux" | |
9 | |
10 "gemma.intevation.de/gemma/pkg/auth" | |
11 ) | |
12 | |
13 const ( | |
14 createUserSQL = `INSERT INTO users.list_users | |
15 VALUES ($1, $2, $3, $4, NULL, $5)` | |
16 createUserExtentSQL = `INSERT INTO users.list_users | |
17 VALUES ($1, $2, $3, $4, | |
18 ST_MakeBox2D(ST_Point($5, $6), ST_Point($7, $8)), $9)` | |
19 | |
20 updateUserUnprivSQL = `UPDATE users.list_users | |
21 SET (pw, map_extent, email_address) | |
22 = ($2, ST_MakeBox2D(ST_Point($3, $4), ST_Point($5, $6)), $7) | |
23 WHERE username = $1` | |
24 updateUserSQL = `UPDATE users.list_users | |
25 SET (rolname, username, pw, country, map_extent, email_address) | |
26 = ($2, $3, $4, $5, NULL, $6) | |
27 WHERE username = $1` | |
28 updateUserExtentSQL = `UPDATE users.list_users | |
29 SET (rolname, username, pw, country, map_extent, email_address) | |
30 = ($2, $3, $4, $5, ST_MakeBox2D(ST_Point($6, $7), ST_Point($8, $9)), $10) | |
31 WHERE username = $1` | |
32 | |
33 deleteUserSQL = `DELETE FROM users.list_users WHERE username = $1` | |
34 | |
35 listUsersSQL = `SELECT | |
36 rolname, | |
37 username, | |
38 country, | |
39 email_address, | |
40 ST_XMin(map_extent), ST_YMin(map_extent), | |
41 ST_XMax(map_extent), ST_YMax(map_extent) | |
42 FROM users.list_users` | |
43 | |
44 listUserSQL = `SELECT | |
45 rolname, | |
46 country, | |
47 email_address, | |
48 ST_XMin(map_extent), ST_YMin(map_extent), | |
49 ST_XMax(map_extent), ST_YMax(map_extent) | |
50 FROM users.list_users | |
51 WHERE username = $1` | |
52 ) | |
53 | |
54 func deleteUser( | |
55 _ interface{}, req *http.Request, | |
56 db *sql.DB, | |
57 ) (jr JSONResult, err error) { | |
58 | |
59 user := mux.Vars(req)["user"] | |
60 if user == "" { | |
61 err = JSONError{http.StatusBadRequest, "error: user empty"} | |
62 return | |
63 } | |
64 | |
65 session, _ := auth.GetSession(req) | |
66 if session.User == user { | |
67 err = JSONError{http.StatusBadRequest, "error: cannot delete yourself"} | |
68 return | |
69 } | |
70 | |
71 var res sql.Result | |
72 | |
73 if res, err = db.Exec(deleteUserSQL, user); err != nil { | |
74 return | |
75 } | |
76 | |
77 if n, err2 := res.RowsAffected(); err2 == nil && n == 0 { | |
78 err = JSONError{ | |
79 Code: http.StatusNotFound, | |
80 Message: fmt.Sprintf("Cannot find user %s.", user), | |
81 } | |
82 return | |
83 } | |
84 | |
85 // Running in a go routine should not be necessary. | |
86 go func() { auth.ConnPool.Logout(user) }() | |
87 | |
88 jr = JSONResult{Code: http.StatusNoContent} | |
89 return | |
90 } | |
91 | |
92 func updateUser( | |
93 input interface{}, req *http.Request, | |
94 db *sql.DB, | |
95 ) (jr JSONResult, err error) { | |
96 | |
97 user := mux.Vars(req)["user"] | |
98 if user == "" { | |
99 err = JSONError{http.StatusBadRequest, "error: user empty"} | |
100 return | |
101 } | |
102 | |
103 newUser := input.(*User) | |
104 var res sql.Result | |
105 | |
106 if s, _ := auth.GetSession(req); s.Roles.Has("sys_admin") { | |
107 if newUser.Extent == nil { | |
108 res, err = db.Exec( | |
109 updateUserSQL, | |
110 user, | |
111 newUser.Role, | |
112 newUser.User, | |
113 newUser.Password, | |
114 newUser.Country, | |
115 newUser.Email, | |
116 ) | |
117 } else { | |
118 res, err = db.Exec( | |
119 updateUserExtentSQL, | |
120 user, | |
121 newUser.Role, | |
122 newUser.User, | |
123 newUser.Password, | |
124 newUser.Country, | |
125 newUser.Extent.X1, newUser.Extent.Y1, | |
126 newUser.Extent.X2, newUser.Extent.Y2, | |
127 newUser.Email, | |
128 ) | |
129 } | |
130 } else { | |
131 if newUser.Extent == nil { | |
132 err = JSONError{http.StatusBadRequest, "extent is mandatory"} | |
133 return | |
134 } | |
135 res, err = db.Exec( | |
136 updateUserUnprivSQL, | |
137 user, | |
138 newUser.Password, | |
139 newUser.Extent.X1, newUser.Extent.Y1, | |
140 newUser.Extent.X2, newUser.Extent.Y2, | |
141 newUser.Email, | |
142 ) | |
143 } | |
144 | |
145 if err != nil { | |
146 return | |
147 } | |
148 | |
149 if n, err2 := res.RowsAffected(); err2 == nil && n == 0 { | |
150 err = JSONError{ | |
151 Code: http.StatusNotFound, | |
152 Message: fmt.Sprintf("Cannot find user %s.", user), | |
153 } | |
154 return | |
155 } | |
156 | |
157 if user != newUser.User { | |
158 // Running in a go routine should not be necessary. | |
159 go func() { auth.ConnPool.Logout(user) }() | |
160 } | |
161 | |
162 jr = JSONResult{ | |
163 Code: http.StatusCreated, | |
164 Result: struct { | |
165 Result string `json:"result"` | |
166 }{"success"}, | |
167 } | |
168 return | |
169 } | |
170 | |
171 func createUser( | |
172 input interface{}, req *http.Request, | |
173 db *sql.DB, | |
174 ) (jr JSONResult, err error) { | |
175 | |
176 user := input.(*User) | |
177 | |
178 if user.Extent == nil { | |
179 _, err = db.Exec( | |
180 createUserSQL, | |
181 user.Role, | |
182 user.User, | |
183 user.Password, | |
184 user.Country, | |
185 user.Email, | |
186 ) | |
187 } else { | |
188 _, err = db.Exec( | |
189 createUserExtentSQL, | |
190 user.Role, | |
191 user.User, | |
192 user.Password, | |
193 user.Country, | |
194 user.Extent.X1, user.Extent.Y1, | |
195 user.Extent.X2, user.Extent.Y2, | |
196 user.Email, | |
197 ) | |
198 } | |
199 | |
200 if err != nil { | |
201 return | |
202 } | |
203 | |
204 jr = JSONResult{ | |
205 Code: http.StatusCreated, | |
206 Result: struct { | |
207 Result string `json:"result"` | |
208 }{"success"}, | |
209 } | |
210 return | |
211 } | |
212 | |
213 func listUsers( | |
214 _ interface{}, req *http.Request, | |
215 db *sql.DB, | |
216 ) (jr JSONResult, err error) { | |
217 | |
218 var rows *sql.Rows | |
219 | |
220 rows, err = db.Query(listUsersSQL) | |
221 if err != nil { | |
222 return | |
223 } | |
224 defer rows.Close() | |
225 | |
226 var users []*User | |
227 | |
228 for rows.Next() { | |
229 user := &User{Extent: &BoundingBox{}} | |
230 if err = rows.Scan( | |
231 &user.Role, | |
232 &user.User, | |
233 &user.Country, | |
234 &user.Email, | |
235 &user.Extent.X1, &user.Extent.Y1, | |
236 &user.Extent.X2, &user.Extent.Y2, | |
237 ); err != nil { | |
238 return | |
239 } | |
240 users = append(users, user) | |
241 } | |
242 | |
243 jr = JSONResult{ | |
244 Result: struct { | |
245 Users []*User `json:"users"` | |
246 }{users}, | |
247 } | |
248 return | |
249 } | |
250 | |
251 func listUser( | |
252 _ interface{}, req *http.Request, | |
253 db *sql.DB, | |
254 ) (jr JSONResult, err error) { | |
255 | |
256 user := mux.Vars(req)["user"] | |
257 if user == "" { | |
258 err = JSONError{http.StatusBadRequest, "error: user empty"} | |
259 return | |
260 } | |
261 | |
262 result := &User{ | |
263 User: user, | |
264 Extent: &BoundingBox{}, | |
265 } | |
266 | |
267 err = db.QueryRow(listUserSQL, user).Scan( | |
268 &result.Role, | |
269 &result.Country, | |
270 &result.Email, | |
271 &result.Extent.X1, &result.Extent.Y1, | |
272 &result.Extent.X2, &result.Extent.Y2, | |
273 ) | |
274 | |
275 switch { | |
276 case err == sql.ErrNoRows: | |
277 err = JSONError{ | |
278 Code: http.StatusNotFound, | |
279 Message: fmt.Sprintf("Cannot find user %s.", user), | |
280 } | |
281 return | |
282 case err != nil: | |
283 return | |
284 } | |
285 | |
286 jr.Result = result | |
287 return | |
288 } |