# HG changeset patch # User Sascha L. Teichmann # Date 1532620562 -7200 # Node ID 9012e4045da40f7549e62c22448fd2904fa9f212 # Parent 713234a04a878ef78eeed45e949fc3df568a2b04 Implemented /user delete controller. diff -r 713234a04a87 -r 9012e4045da4 auth/pool.go --- a/auth/pool.go Thu Jul 26 17:15:22 2018 +0200 +++ b/auth/pool.go Thu Jul 26 17:56:02 2018 +0200 @@ -296,6 +296,21 @@ return <-res } +func (pcp *ConnectionPool) Logout(user string) { + pcp.cmds <- func(pcp *ConnectionPool) { + for token, con := range pcp.conns { + if con.session.User == user { + if db := con.db; db != nil { + con.db = nil + db.Close() + } + delete(pcp.conns, token) + pcp.remove(token) + } + } + } +} + func (pcp *ConnectionPool) Shutdown() error { if db := pcp.storage; db != nil { log.Println("info: shutdown persistent connection pool.") diff -r 713234a04a87 -r 9012e4045da4 controllers/json.go --- a/controllers/json.go Thu Jul 26 17:15:22 2018 +0200 +++ b/controllers/json.go Thu Jul 26 17:56:02 2018 +0200 @@ -90,9 +90,13 @@ jr.Code = http.StatusOK } - rw.Header().Set("Content-Type", "application/json") + if jr.Code != http.StatusNoContent { + rw.Header().Set("Content-Type", "application/json") + } rw.WriteHeader(jr.Code) - if err := json.NewEncoder(rw).Encode(jr.Result); err != nil { - log.Printf("error: %v\n", err) + if jr.Code != http.StatusNoContent { + if err := json.NewEncoder(rw).Encode(jr.Result); err != nil { + log.Printf("error: %v\n", err) + } } } diff -r 713234a04a87 -r 9012e4045da4 controllers/routes.go --- a/controllers/routes.go Thu Jul 26 17:15:22 2018 +0200 +++ b/controllers/routes.go Thu Jul 26 17:56:02 2018 +0200 @@ -24,6 +24,10 @@ Handle: updateUser, })).Methods(http.MethodPut) + api.Handle("/users/{user}", sysAdmin(&JSONHandler{ + Handle: deleteUser, + })).Methods(http.MethodPut) + api.HandleFunc("/login", login). Methods(http.MethodGet, http.MethodPost) api.Handle("/logout", auth.SessionMiddleware(http.HandlerFunc(logout))). diff -r 713234a04a87 -r 9012e4045da4 controllers/user.go --- a/controllers/user.go Thu Jul 26 17:15:22 2018 +0200 +++ b/controllers/user.go Thu Jul 26 17:56:02 2018 +0200 @@ -8,6 +8,7 @@ "regexp" "strings" + "gemma.intevation.de/gemma/auth" "github.com/gorilla/mux" ) @@ -41,6 +42,8 @@ updateUserSQL = `SELECT sys_admin.update_user($1, $2, $3, $4, $5, NULL, $6)` updateUserExtentSQL = `SELECT sys_admin.update_user($1, $2, $3, $4, $5, ST_MakeBox2D(ST_Point($6, $7), ST_Point($8, $9)), $10)` + + deleteUserSQL = `SELECT sys_admin.delete_user($1)` ) var ( @@ -117,10 +120,37 @@ return errNoValidRole } +func deleteUser( + rw http.ResponseWriter, req *http.Request, + input interface{}, db *sql.DB, +) (jr JSONResult, err error) { + + user := mux.Vars(req)["user"] + if user == "" { + err = JSONError{http.StatusBadRequest, "error: user empty"} + return + } + + session, _ := auth.GetSession(req) + if session.User == user { + err = JSONError{http.StatusBadRequest, "error: cannot delete yourself"} + return + } + + if _, err = db.Exec(deleteUserSQL, user); err != nil { + return + } + + // Running in a go routine should not be necessary. + go func() { auth.ConnPool.Logout(user) }() + + jr = JSONResult{Code: http.StatusNoContent} + return +} + func updateUser( rw http.ResponseWriter, req *http.Request, - input interface{}, - db *sql.DB, + input interface{}, db *sql.DB, ) (jr JSONResult, err error) { user := mux.Vars(req)["user"] @@ -172,8 +202,7 @@ func createUser( rw http.ResponseWriter, req *http.Request, - input interface{}, - db *sql.DB, + input interface{}, db *sql.DB, ) (jr JSONResult, err error) { user := input.(*User)