Mercurial > gemma

view controllers/routes.go @ 263:13ad969a9138

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Enable listing of users for all roles with appropriate filters Waterway users should see their own account data and their should be a single interface for account data (i.e. users.list_users). Therefore, also the RLS policy on user_profiles for waterway_admin is translated to the view. current_user_country() moved because it's needed earlier during database setup, now.
author Tom Gottfried <tom@intevation.de>
date Fri, 27 Jul 2018 19:03:56 +0200
parents de6fdb316b8f
children d1b0d964af09
line wrap: on
line source

package controllers

import (
	"net/http"

	"gemma.intevation.de/gemma/auth"

	"github.com/gorilla/mux"
)

func BindRoutes(m *mux.Router) {

	api := m.PathPrefix("/api").Subrouter()

	sysAdmin := auth.EnsureRole("sys_admin")

	api.Handle("/users", sysAdmin(&JSONHandler{
		Handle: listUsers,
	})).Methods(http.MethodGet)

	api.Handle("/users", sysAdmin(&JSONHandler{
		Input:  func() interface{} { return new(User) },
		Handle: createUser,
	})).Methods(http.MethodPost)

	api.Handle("/users/{user}", sysAdmin(&JSONHandler{
		Handle: listUser,
	})).Methods(http.MethodGet)

	api.Handle("/users/{user}", sysAdmin(&JSONHandler{
		Input:  func() interface{} { return new(User) },
		Handle: updateUser,
	})).Methods(http.MethodPut)

	api.Handle("/users/{user}", sysAdmin(&JSONHandler{
		Handle: deleteUser,
	})).Methods(http.MethodDelete)

	api.HandleFunc("/login", login).
		Methods(http.MethodGet, http.MethodPost)
	api.Handle("/logout", auth.SessionMiddleware(http.HandlerFunc(logout))).
		Methods(http.MethodGet, http.MethodPost)
	api.Handle("/renew", auth.SessionMiddleware(http.HandlerFunc(renew))).
		Methods(http.MethodGet, http.MethodPost)

}