--- a/controllers/user.go	Thu Jul 26 15:43:19 2018 +0200
+++ b/controllers/user.go	Thu Jul 26 17:07:03 2018 +0200
@@ -4,14 +4,11 @@
 	"database/sql"
 	"encoding/json"
 	"errors"
-	"log"
 	"net/http"
 	"regexp"
 	"strings"
 
-	"gemma.intevation.de/gemma/auth"
 	"github.com/gorilla/mux"
-	"github.com/jackc/pgx"
 )
 
 type (
@@ -120,138 +117,100 @@
 	return errNoValidRole
 }
 
-func updateUser(rw http.ResponseWriter, req *http.Request) {
+func updateUser(
+	rw http.ResponseWriter, req *http.Request,
+	input interface{},
+	db *sql.DB,
+) (jr JSONResult, err error) {
 
 	user := mux.Vars(req)["user"]
 	if user == "" {
-		http.Error(rw, "error: user empty", http.StatusBadRequest)
-		return
-	}
-
-	var newUser User
-
-	defer req.Body.Close()
-	if err := json.NewDecoder(req.Body).Decode(&newUser); err != nil {
-		http.Error(rw, "error: "+err.Error(), http.StatusBadRequest)
+		err = JSONError{http.StatusBadRequest, "error: user empty"}
 		return
 	}
 
-	token, _ := auth.GetToken(req)
-	err := auth.ConnPool.Do(token, func(db *sql.DB) (err error) {
-		if newUser.Extent == nil {
-			_, err = db.Exec(
-				updateUserSQL,
-				user,
-				string(newUser.Role),
-				newUser.User,
-				newUser.Password,
-				string(newUser.Country),
-				string(newUser.Email),
-			)
-		} else {
-			_, err = db.Exec(
-				updateUserExtentSQL,
-				user,
-				string(newUser.Role),
-				newUser.User,
-				newUser.Password,
-				string(newUser.Country),
-				newUser.Extent.X1, newUser.Extent.Y1,
-				newUser.Extent.X2, newUser.Extent.Y2,
-				string(newUser.Email),
-			)
-		}
-		return
-	})
+	newUser := input.(*User)
 
-	var res struct {
-		Result  string `json:"result"`
-		Code    string `json:"code,omitempty"`
-		Message string `json:"message,omitempty"`
+	if newUser.Extent == nil {
+		_, err = db.Exec(
+			updateUserSQL,
+			user,
+			string(newUser.Role),
+			newUser.User,
+			newUser.Password,
+			string(newUser.Country),
+			string(newUser.Email),
+		)
+	} else {
+		_, err = db.Exec(
+			updateUserExtentSQL,
+			user,
+			string(newUser.Role),
+			newUser.User,
+			newUser.Password,
+			string(newUser.Country),
+			newUser.Extent.X1, newUser.Extent.Y1,
+			newUser.Extent.X2, newUser.Extent.Y2,
+			string(newUser.Email),
+		)
 	}
 
 	if err != nil {
-		if pgErr, ok := err.(pgx.PgError); ok {
-			res.Result = "failure"
-			res.Code = pgErr.Code
-			res.Message = pgErr.Message
-		} else {
-			log.Printf("err: %v\n", err)
-			http.Error(rw,
-				"error: "+err.Error(),
-				http.StatusInternalServerError)
-			return
-		}
-	} else {
-		res.Result = "success"
-	}
-
-	rw.Header().Set("Content-Type", "application/json")
-	if err := json.NewEncoder(rw).Encode(&res); err != nil {
-		log.Printf("error: %v\n", err)
-	}
-}
-
-func createUser(rw http.ResponseWriter, req *http.Request) {
-
-	var user User
-
-	defer req.Body.Close()
-	if err := json.NewDecoder(req.Body).Decode(&user); err != nil {
-		http.Error(rw, "error: "+err.Error(), http.StatusBadRequest)
 		return
 	}
 
-	token, _ := auth.GetToken(req)
-	err := auth.ConnPool.Do(token, func(db *sql.DB) (err error) {
-		if user.Extent == nil {
-			_, err = db.Exec(
-				createUserSQL,
-				string(user.Role),
-				user.User,
-				user.Password,
-				string(user.Country),
-				string(user.Email),
-			)
-		} else {
-			_, err = db.Exec(
-				createUserExtentSQL,
-				string(user.Role),
-				user.User,
-				user.Password,
-				string(user.Country),
-				user.Extent.X1, user.Extent.Y1,
-				user.Extent.X2, user.Extent.Y2,
-				string(user.Email),
-			)
-		}
-		return
-	})
+	jr = JSONResult{
+		Code: http.StatusCreated,
+		Result: struct {
+			Result string `json:"result"`
+		}{
+			Result: "success",
+		},
+	}
+	return
+}
+
+func createUser(
+	rw http.ResponseWriter, req *http.Request,
+	input interface{},
+	db *sql.DB,
+) (jr JSONResult, err error) {
+
+	user := input.(*User)
 
-	var res struct {
-		Result  string `json:"result"`
-		Code    string `json:"code,omitempty"`
-		Message string `json:"message,omitempty"`
+	if user.Extent == nil {
+		_, err = db.Exec(
+			createUserSQL,
+			string(user.Role),
+			user.User,
+			user.Password,
+			string(user.Country),
+			string(user.Email),
+		)
+	} else {
+		_, err = db.Exec(
+			createUserExtentSQL,
+			string(user.Role),
+			user.User,
+			user.Password,
+			string(user.Country),
+			user.Extent.X1, user.Extent.Y1,
+			user.Extent.X2, user.Extent.Y2,
+			string(user.Email),
+		)
 	}
 
 	if err != nil {
-		if pgErr, ok := err.(pgx.PgError); ok {
-			res.Result = "failure"
-			res.Code = pgErr.Code
-			res.Message = pgErr.Message
-		} else {
-			log.Printf("err: %v\n", err)
-			http.Error(rw,
-				"error: "+err.Error(),
-				http.StatusInternalServerError)
-			return
-		}
-	} else {
-		res.Result = "success"
+		return
 	}
 
-	rw.Header().Set("Content-Type", "application/json")
-	if err := json.NewEncoder(rw).Encode(&res); err != nil {
-		log.Printf("error: %v\n", err)
+	jr = JSONResult{
+		Code: http.StatusCreated,
+		Result: struct {
+			Result string `json:"result"`
+		}{
+			Result: "success",
+		},
 	}
+	return
 }