Mercurial > gemma
view controllers/user.go @ 240:9012e4045da4
Implemented /user delete controller.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Thu, 26 Jul 2018 17:56:02 +0200 |
parents | 3771788d3dae |
children | 3b688fe04c39 |
line wrap: on
line source
package controllers import ( "database/sql" "encoding/json" "errors" "net/http" "regexp" "strings" "gemma.intevation.de/gemma/auth" "github.com/gorilla/mux" ) type ( Email string Country string Role string BoundingBox struct { X1 float64 `json:"x1"` Y1 float64 `json:"y1"` X2 float64 `json:"x2"` Y2 float64 `json:"y2"` } User struct { User string `json:"user"` Role Role `json:"role"` Password string `json:"password"` Email Email `json:"email"` Country Country `json:"country"` Extent *BoundingBox `json:"extent"` } ) const ( createUserSQL = `SELECT sys_admin.create_user($1, $2, $3, $4, NULL, $5)` createUserExtentSQL = `SELECT sys_admin.create_user($1, $2, $3, $4, ST_MakeBox2D(ST_Point($5, $6), ST_Point($7, $8)), $9)` updateUserSQL = `SELECT sys_admin.update_user($1, $2, $3, $4, $5, NULL, $6)` updateUserExtentSQL = `SELECT sys_admin.update_user($1, $2, $3, $4, $5, ST_MakeBox2D(ST_Point($6, $7), ST_Point($8, $9)), $10)` deleteUserSQL = `SELECT sys_admin.delete_user($1)` ) var ( // https://stackoverflow.com/questions/201323/how-to-validate-an-email-address-using-a-regular-expression emailRe = regexp.MustCompile( `(?:[a-z0-9!#$%&'*+/=?^_` + "`" + `{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_` + "`" + `{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]` + `|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")` + `@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?` + `|\[(?:(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9]))\.){3}` + `(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9])|[a-z0-9-]*[a-z0-9]` + `:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]` + `|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])`) errNoEmailAddress = errors.New("Not a valid email address") ) func (e *Email) UnmarshalJSON(data []byte) error { var s string if err := json.Unmarshal(data, &s); err != nil { return err } if !emailRe.MatchString(s) { return errNoEmailAddress } *e = Email(s) return nil } var ( validCountries = []string{ "AT", "BG", "DE", "HU", "HR", "MD", "RO", "RS", "SK", "UA", } errNoValidCountry = errors.New("Not a valid country") ) func (c *Country) UnmarshalJSON(data []byte) error { var s string if err := json.Unmarshal(data, &s); err != nil { return err } s = strings.ToUpper(s) for _, v := range validCountries { if v == s { *c = Country(v) return nil } } return errNoValidCountry } var ( validRoles = []string{ "waterway_user", "waterway_admin", "sys_admin", } errNoValidRole = errors.New("Not a valid role") ) func (r *Role) UnmarshalJSON(data []byte) error { var s string if err := json.Unmarshal(data, &s); err != nil { return err } s = strings.ToLower(s) for _, v := range validRoles { if v == s { *r = Role(v) return nil } } return errNoValidRole } func deleteUser( rw http.ResponseWriter, req *http.Request, input interface{}, db *sql.DB, ) (jr JSONResult, err error) { user := mux.Vars(req)["user"] if user == "" { err = JSONError{http.StatusBadRequest, "error: user empty"} return } session, _ := auth.GetSession(req) if session.User == user { err = JSONError{http.StatusBadRequest, "error: cannot delete yourself"} return } if _, err = db.Exec(deleteUserSQL, user); err != nil { return } // Running in a go routine should not be necessary. go func() { auth.ConnPool.Logout(user) }() jr = JSONResult{Code: http.StatusNoContent} return } func updateUser( rw http.ResponseWriter, req *http.Request, input interface{}, db *sql.DB, ) (jr JSONResult, err error) { user := mux.Vars(req)["user"] if user == "" { err = JSONError{http.StatusBadRequest, "error: user empty"} return } newUser := input.(*User) if newUser.Extent == nil { _, err = db.Exec( updateUserSQL, user, string(newUser.Role), newUser.User, newUser.Password, string(newUser.Country), string(newUser.Email), ) } else { _, err = db.Exec( updateUserExtentSQL, user, string(newUser.Role), newUser.User, newUser.Password, string(newUser.Country), newUser.Extent.X1, newUser.Extent.Y1, newUser.Extent.X2, newUser.Extent.Y2, string(newUser.Email), ) } if err != nil { return } jr = JSONResult{ Code: http.StatusCreated, Result: struct { Result string `json:"result"` }{ Result: "success", }, } return } func createUser( rw http.ResponseWriter, req *http.Request, input interface{}, db *sql.DB, ) (jr JSONResult, err error) { user := input.(*User) if user.Extent == nil { _, err = db.Exec( createUserSQL, string(user.Role), user.User, user.Password, string(user.Country), string(user.Email), ) } else { _, err = db.Exec( createUserExtentSQL, string(user.Role), user.User, user.Password, string(user.Country), user.Extent.X1, user.Extent.Y1, user.Extent.X2, user.Extent.Y2, string(user.Email), ) } if err != nil { return } jr = JSONResult{ Code: http.StatusCreated, Result: struct { Result string `json:"result"` }{ Result: "success", }, } return }