184 lines
4.6 KiB
Go
184 lines
4.6 KiB
Go
package handlers
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"strconv"
|
|
|
|
"gitea.tecamino.com/paadi/access-handler/models"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
func (aH *AccessHandler) AddRoleTable() error {
|
|
return aH.dbHandler.AddNewTable(models.Role{})
|
|
}
|
|
|
|
func (aH *AccessHandler) AddDefaultRole() (err error) {
|
|
role := "admin"
|
|
|
|
// Check if a role with this name already exists
|
|
if aH.dbHandler.Exists(&models.Role{}, "role", role, false) {
|
|
// Found a role → skip creation
|
|
aH.logger.Debug("AddDefaultRole", "role "+role+" exists already")
|
|
return nil
|
|
}
|
|
|
|
// Initialize default permissions for admin
|
|
permissions := models.Permissions{}
|
|
aH.logger.Debug("AddDefaultRole", "set default Permissions")
|
|
permissions.DefaultPermissions()
|
|
|
|
// Create the default admin role
|
|
aH.dbHandler.AddNewColum(&models.Role{
|
|
Role: role,
|
|
Permissions: permissions,
|
|
})
|
|
return
|
|
}
|
|
|
|
func (aH *AccessHandler) AddRole(c *gin.Context) {
|
|
var role models.Role
|
|
err := c.BindJSON(&role)
|
|
if err != nil {
|
|
aH.logger.Error("AddRole", err)
|
|
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
|
|
return
|
|
}
|
|
|
|
if !role.IsValid() {
|
|
aH.logger.Error("AddRole", "user empty")
|
|
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse("user empty"))
|
|
return
|
|
}
|
|
|
|
// Check if a role with this name already exists
|
|
if aH.dbHandler.Exists(&models.Role{}, "role", role.Role, false) {
|
|
aH.logger.Error("AddRole", fmt.Sprintf("role with name %s already exists", role.Role))
|
|
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse(fmt.Sprintf("role with name %s already exists", role.Role)))
|
|
return
|
|
}
|
|
|
|
// Insert new role with provided permissions
|
|
aH.dbHandler.AddNewColum(&models.Role{
|
|
Role: role.Role,
|
|
Permissions: role.Permissions,
|
|
})
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
"message": fmt.Sprintf("role '%s' successfully added", role.Role),
|
|
})
|
|
}
|
|
|
|
func (aH *AccessHandler) GetRole(c *gin.Context) {
|
|
var i int
|
|
var err error
|
|
var roles []models.Role
|
|
|
|
role := c.Query("role")
|
|
id := c.Query("id")
|
|
|
|
if role != "" {
|
|
err = aH.dbHandler.GetByKey(&roles, "", "role", role, false)
|
|
} else if id != "" {
|
|
i, err = strconv.Atoi(id)
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{
|
|
"message": err.Error(),
|
|
})
|
|
return
|
|
}
|
|
err = aH.dbHandler.GetById(&roles, "", uint(i))
|
|
} else {
|
|
err = aH.dbHandler.GetById(&roles, "", 0)
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
aH.logger.Error("GetRole", err)
|
|
c.JSON(http.StatusInternalServerError, nil)
|
|
return
|
|
}
|
|
c.JSON(http.StatusOK, roles)
|
|
}
|
|
|
|
func (aH *AccessHandler) UpdateRole(c *gin.Context) {
|
|
var role models.Role
|
|
if err := c.BindJSON(&role); err != nil {
|
|
aH.logger.Error("UpdateRole", err)
|
|
c.JSON(http.StatusInternalServerError, nil)
|
|
return
|
|
}
|
|
|
|
if role.Id != 0 {
|
|
err := aH.dbHandler.UpdateValuesById(&role, "", role.Id)
|
|
if err != nil {
|
|
aH.logger.Error("UpdateRole", err)
|
|
c.JSON(http.StatusInternalServerError, nil)
|
|
return
|
|
}
|
|
} else {
|
|
err := aH.dbHandler.UpdateValuesByKey(&role, "", "role", role.Role)
|
|
if err != nil {
|
|
aH.logger.Error("UpdateRole", err)
|
|
c.JSON(http.StatusInternalServerError, nil)
|
|
return
|
|
}
|
|
}
|
|
|
|
c.JSON(http.StatusOK, models.NewJsonMessageResponse("successfully updated role '"+role.Role+"'"))
|
|
}
|
|
|
|
func (aH *AccessHandler) DeleteRole(c *gin.Context) {
|
|
queryRole := c.Query("role")
|
|
if queryRole == "" || queryRole == "null" || queryRole == "undefined" {
|
|
aH.logger.Error("DeleteRole", "id query missing or wrong value: "+queryRole)
|
|
c.JSON(http.StatusInternalServerError, nil)
|
|
return
|
|
}
|
|
|
|
var request struct {
|
|
Roles []string `json:"roles"`
|
|
}
|
|
|
|
err := c.BindJSON(&request)
|
|
if err != nil {
|
|
aH.logger.Error("DeleteRole", err)
|
|
c.JSON(http.StatusBadRequest, nil)
|
|
return
|
|
}
|
|
|
|
if len(request.Roles) == 0 {
|
|
aH.logger.Error("DeleteRole", "no ids given to be deleted")
|
|
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse("no roles given to be deleted"))
|
|
return
|
|
}
|
|
|
|
var ownRole string
|
|
|
|
for _, role := range request.Roles {
|
|
if queryRole == role {
|
|
ownRole = role
|
|
continue
|
|
}
|
|
err = aH.dbHandler.DeleteByKey(&models.Role{}, "role", role, false)
|
|
if err != nil {
|
|
aH.logger.Error("DeleteRole", err)
|
|
c.JSON(http.StatusInternalServerError, nil)
|
|
return
|
|
}
|
|
}
|
|
|
|
if ownRole != "" {
|
|
aH.logger.Error("DeleteRole", "can not delete logged in role id: "+ownRole)
|
|
c.JSON(http.StatusBadRequest, gin.H{
|
|
"message": "can not delete logged in role id: " + ownRole,
|
|
"role": ownRole,
|
|
})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
"message": "role(s) deleted",
|
|
})
|
|
}
|