paadi/access-handler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add api handler

Browse Source
This commit is contained in:
Adrian Zürcher
2025-10-24 16:09:01 +02:00
parent a797700685
commit 090cf0c1cc
10 changed files with 535 additions and 357 deletions
Download Patch File Download Diff File Expand all files Collapse all files

305
api.go Normal file
View File

@@ -0,0 +1,305 @@
package AccessHandler
import (
"errors"
"fmt"
"net/http"
"strconv"
"gitea.tecamino.com/paadi/access-handler/models"
"gitea.tecamino.com/paadi/access-handler/utils"
"github.com/gin-gonic/gin"
)
func (aH *AccessHandlerAPI) AddUser(c *gin.Context) {
var user models.User
err := c.BindJSON(&user)
if err != nil {
aH.logger.Error("AddUser", err)
c.JSON(http.StatusInternalServerError, models.NewJsonErrorResponse(err))
return
}
if !user.IsValid() {
aH.logger.Error("AddUser", "user empty")
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse("user empty"))
return
}
// Check if a user with this email already exists
if err := aH.dbHandler.Exists(&models.User{}, "email", user.Email, false); err == nil {
// Found a user → skip create
aH.logger.Error("AddUser", "user with email "+user.Email+" already exists")
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse(fmt.Sprintf("user with email %s already exists", user.Email)))
return
}
hash, err := utils.HashPassword(user.Password)
if err != nil {
aH.logger.Error("AddUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
if !utils.IsValidEmail(user.Email) {
aH.logger.Error("AddUser", "not valid email address")
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(errors.New("not valid email address")))
return
}
// Hash the provided password before saving
hash, err = utils.HashPassword(user.Password)
if err != nil {
aH.logger.Error("AddUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
aH.logger.Debug("AddUser", "add new user "+user.Name+" with role "+user.Role)
// Insert the new user record
aH.dbHandler.AddNewColum(&models.User{
Name: user.Name,
Role: user.Role,
Email: user.Email,
Password: hash,
})
c.JSON(http.StatusOK, gin.H{
"message": fmt.Sprintf("user '%s' successfully added", user.Name),
})
}
func (aH *AccessHandlerAPI) GetUser(c *gin.Context) {
var i int
var err error
id := c.Query("id")
if id != "" {
i, err = strconv.Atoi(id)
if err != nil {
aH.logger.Error("GetUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
}
var users []models.User
err = aH.dbHandler.GetById(&users, uint(i))
if err != nil {
aH.logger.Error("GetUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, users)
}
func (aH *AccessHandlerAPI) UpdateUser(c *gin.Context) {
var user models.User
if err := c.BindJSON(&user); err != nil {
aH.logger.Error("UpdateUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
err := aH.dbHandler.UpdateValuesById(&user, user.Id)
if err != nil {
aH.logger.Error("UpdateUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, models.NewJsonMessageResponse("successfully updated user '"+user.Email+"'"))
}
func (aH *AccessHandlerAPI) DeleteUser(c *gin.Context) {
queryId := c.Query("id")
if queryId == "" || queryId == "null" || queryId == "undefined" {
aH.logger.Error("DeleteUser", "id query missing or wrong value: "+queryId)
c.JSON(http.StatusBadRequest, gin.H{
"message": "id query missing or wrong value: " + queryId,
})
return
}
var request struct {
Ids []int `json:"ids"`
}
err := c.BindJSON(&request)
if err != nil {
aH.logger.Error("DeleteUser", "id query missing or wrong value: "+queryId)
c.JSON(http.StatusInternalServerError, nil)
return
}
if len(request.Ids) == 0 {
aH.logger.Error("DeleteUser", "no ids given to be deleted")
c.JSON(http.StatusBadRequest, gin.H{
"message": "no ids given to be deleted",
})
return
}
var ownId string
removeIds := make([]uint, len(request.Ids))
for i, id := range request.Ids {
if queryId == fmt.Sprint(id) {
ownId = queryId
continue
}
removeIds[i] = uint(id)
}
if ownId != "" {
aH.logger.Error("DeleteUser", "can not delete logged in member id: "+queryId)
c.JSON(http.StatusBadRequest, gin.H{
"message": "can not delete logged in member id: " + queryId,
"id": queryId,
})
return
}
err = aH.dbHandler.DeleteById(&models.User{}, removeIds...)
if err != nil {
aH.logger.Error("DeleteUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, gin.H{
"message": "member(s) deleted",
})
}
func (aH *AccessHandlerAPI) AddRole(c *gin.Context) {
var role models.Role
err := c.BindJSON(&role)
if err != nil {
aH.logger.Error("AddRole", err)
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
if !role.IsValid() {
aH.logger.Error("AddRole", "user empty")
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse("user empty"))
return
}
// Check if a role with this name already exists
if err := aH.dbHandler.Exists(&models.Role{}, "role", role, false); err == nil {
aH.logger.Error("AddRole", fmt.Sprintf("role with name %s already exists", role.Role))
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse(fmt.Sprintf("role with name %s already exists", role.Role)))
}
// Insert new role with provided permissions
aH.dbHandler.AddNewColum(&models.Role{
Role: role.Role,
Permissions: role.Permissions,
})
c.JSON(http.StatusOK, gin.H{
"message": fmt.Sprintf("role '%s' successfully added", role.Role),
})
}
func (aH *AccessHandlerAPI) GetRole(c *gin.Context) {
var i int
var err error
id := c.Query("id")
if id != "" {
i, err = strconv.Atoi(id)
if err != nil {
aH.logger.Error("GetRole", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
}
var role []models.Role
err = aH.dbHandler.GetById(&role, uint(i))
if err != nil {
aH.logger.Error("GetRole", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, role)
}
func (aH *AccessHandlerAPI) UpdateRole(c *gin.Context) {
var role models.Role
if err := c.BindJSON(&role); err != nil {
aH.logger.Error("UpdateRole", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
err := aH.dbHandler.UpdateValuesById(&role, role.Id)
if err != nil {
aH.logger.Error("UpdateRole", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, models.NewJsonMessageResponse("successfully updated role '"+role.Role+"'"))
}
func (aH *AccessHandlerAPI) DeleteRole(c *gin.Context) {
queryId := c.Query("id")
if queryId == "" || queryId == "null" || queryId == "undefined" {
aH.logger.Error("DeleteRole", "id query missing or wrong value: "+queryId)
c.JSON(http.StatusBadRequest, gin.H{
"message": "id query missing or wrong value: " + queryId,
})
return
}
var request struct {
Ids []int `json:"ids"`
}
err := c.BindJSON(&request)
if err != nil {
aH.logger.Error("DeleteRole", "id query missing or wrong value: "+queryId)
c.JSON(http.StatusInternalServerError, nil)
return
}
if len(request.Ids) == 0 {
aH.logger.Error("DeleteRole", "no ids given to be deleted")
c.JSON(http.StatusBadRequest, gin.H{
"message": "no ids given to be deleted",
})
return
}
var ownId string
removeIds := make([]uint, len(request.Ids))
for i, id := range request.Ids {
if queryId == fmt.Sprint(id) {
ownId = queryId
continue
}
removeIds[i] = uint(id)
}
if ownId != "" {
aH.logger.Error("DeleteRole", "can not delete logged in member role id: "+queryId)
c.JSON(http.StatusBadRequest, gin.H{
"message": "can not delete logged in member id: " + queryId,
"id": queryId,
})
return
}
err = aH.dbHandler.DeleteById(&models.Role{}, removeIds...)
if err != nil {
aH.logger.Error("DeleteUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, gin.H{
"message": "role(s) deleted",
})
}