paadi/access-handler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
v1.0.6
access-handler/api.go
Adrian Zürcher 14994edcad add login for api handler
2025-10-24 16:22:17 +02:00

306 lines
7.8 KiB
Go
Raw Permalink Blame History

package AccessHandler
import (
"errors"
"fmt"
"net/http"
"strconv"
"gitea.tecamino.com/paadi/access-handler/models"
"gitea.tecamino.com/paadi/access-handler/utils"
"github.com/gin-gonic/gin"
)
func (aH *AccessHandlerAPI) AddUser(c *gin.Context) {
var user models.User
err := c.BindJSON(&user)
if err != nil {
aH.logger.Error("AddUser", err)
c.JSON(http.StatusInternalServerError, models.NewJsonErrorResponse(err))
return
}
if !user.IsValid() {
aH.logger.Error("AddUser", "user empty")
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse("user empty"))
return
}
// Check if a user with this email already exists
if err := aH.dbHandler.Exists(&models.User{}, "email", user.Email, false); err == nil {
// Found a user → skip create
aH.logger.Error("AddUser", "user with email "+user.Email+" already exists")
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse(fmt.Sprintf("user with email %s already exists", user.Email)))
return
}
hash, err := utils.HashPassword(user.Password)
if err != nil {
aH.logger.Error("AddUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
if !utils.IsValidEmail(user.Email) {
aH.logger.Error("AddUser", "not valid email address")
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(errors.New("not valid email address")))
return
}
// Hash the provided password before saving
hash, err = utils.HashPassword(user.Password)
if err != nil {
aH.logger.Error("AddUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
aH.logger.Debug("AddUser", "add new user "+user.Name+" with role "+user.Role)
// Insert the new user record
aH.dbHandler.AddNewColum(&models.User{
Name: user.Name,
Role: user.Role,
Email: user.Email,
Password: hash,
})
c.JSON(http.StatusOK, gin.H{
"message": fmt.Sprintf("user '%s' successfully added", user.Name),
})
}
func (aH *AccessHandlerAPI) GetUser(c *gin.Context) {
var i int
var err error
id := c.Query("id")
if id != "" {
i, err = strconv.Atoi(id)
if err != nil {
aH.logger.Error("GetUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
}
var users []models.User
err = aH.dbHandler.GetById(&users, uint(i))
if err != nil {
aH.logger.Error("GetUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, users)
}
func (aH *AccessHandlerAPI) UpdateUser(c *gin.Context) {
var user models.User
if err := c.BindJSON(&user); err != nil {
aH.logger.Error("UpdateUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
err := aH.dbHandler.UpdateValuesById(&user, user.Id)
if err != nil {
aH.logger.Error("UpdateUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, models.NewJsonMessageResponse("successfully updated user '"+user.Email+"'"))
}
func (aH *AccessHandlerAPI) DeleteUser(c *gin.Context) {
queryId := c.Query("id")
if queryId == "" || queryId == "null" || queryId == "undefined" {
aH.logger.Error("DeleteUser", "id query missing or wrong value: "+queryId)
c.JSON(http.StatusBadRequest, gin.H{
"message": "id query missing or wrong value: " + queryId,
})
return
}
var request struct {
Ids []int `json:"ids"`
}
err := c.BindJSON(&request)
if err != nil {
aH.logger.Error("DeleteUser", "id query missing or wrong value: "+queryId)
c.JSON(http.StatusInternalServerError, nil)
return
}
if len(request.Ids) == 0 {
aH.logger.Error("DeleteUser", "no ids given to be deleted")
c.JSON(http.StatusBadRequest, gin.H{
"message": "no ids given to be deleted",
})
return
}
var ownId string
removeIds := make([]uint, len(request.Ids))
for i, id := range request.Ids {
if queryId == fmt.Sprint(id) {
ownId = queryId
continue
}
removeIds[i] = uint(id)
}
if ownId != "" {
aH.logger.Error("DeleteUser", "can not delete logged in member id: "+queryId)
c.JSON(http.StatusBadRequest, gin.H{
"message": "can not delete logged in member id: " + queryId,
"id": queryId,
})
return
}
err = aH.dbHandler.DeleteById(&models.User{}, removeIds...)
if err != nil {
aH.logger.Error("DeleteUser", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, gin.H{
"message": "member(s) deleted",
})
}
func (aH *AccessHandlerAPI) AddRole(c *gin.Context) {
var role models.Role
err := c.BindJSON(&role)
if err != nil {
aH.logger.Error("AddRole", err)
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
if !role.IsValid() {
aH.logger.Error("AddRole", "user empty")
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse("user empty"))
return
}
// Check if a role with this name already exists
if err := aH.dbHandler.Exists(&models.Role{}, "role", role, false); err == nil {
aH.logger.Error("AddRole", fmt.Sprintf("role with name %s already exists", role.Role))
c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse(fmt.Sprintf("role with name %s already exists", role.Role)))
}
// Insert new role with provided permissions
aH.dbHandler.AddNewColum(&models.Role{
Role: role.Role,
Permissions: role.Permissions,
})
c.JSON(http.StatusOK, gin.H{
"message": fmt.Sprintf("role '%s' successfully added", role.Role),
})
}
func (aH *AccessHandlerAPI) GetRole(c *gin.Context) {
var i int
var err error
id := c.Query("id")
if id != "" {
i, err = strconv.Atoi(id)
if err != nil {
aH.logger.Error("GetRole", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
}
var role []models.Role
err = aH.dbHandler.GetById(&role, uint(i))
if err != nil {
aH.logger.Error("GetRole", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, role)
}
func (aH *AccessHandlerAPI) UpdateRole(c *gin.Context) {
var role models.Role
if err := c.BindJSON(&role); err != nil {
aH.logger.Error("UpdateRole", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
err := aH.dbHandler.UpdateValuesById(&role, role.Id)
if err != nil {
aH.logger.Error("UpdateRole", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, models.NewJsonMessageResponse("successfully updated role '"+role.Role+"'"))
}
func (aH *AccessHandlerAPI) DeleteRole(c *gin.Context) {
queryId := c.Query("id")
if queryId == "" || queryId == "null" || queryId == "undefined" {
aH.logger.Error("DeleteRole", "id query missing or wrong value: "+queryId)
c.JSON(http.StatusBadRequest, gin.H{
"message": "id query missing or wrong value: " + queryId,
})
return
}
var request struct {
Ids []int `json:"ids"`
}
err := c.BindJSON(&request)
if err != nil {
aH.logger.Error("DeleteRole", "id query missing or wrong value: "+queryId)
c.JSON(http.StatusInternalServerError, nil)
return
}
if len(request.Ids) == 0 {
aH.logger.Error("DeleteRole", "no ids given to be deleted")
c.JSON(http.StatusBadRequest, gin.H{
"message": "no ids given to be deleted",
})
return
}
var ownId string
removeIds := make([]uint, len(request.Ids))
for i, id := range request.Ids {
if queryId == fmt.Sprint(id) {
ownId = queryId
continue
}
removeIds[i] = uint(id)
}
if ownId != "" {
aH.logger.Error("DeleteRole", "can not delete logged in member role id: "+queryId)
c.JSON(http.StatusBadRequest, gin.H{
"message": "can not delete logged in member id: " + queryId,
"id": queryId,
})
return
}
err = aH.dbHandler.DeleteById(&models.Role{}, removeIds...)
if err != nil {
aH.logger.Error("DeleteRole", err)
c.JSON(http.StatusInternalServerError, nil)
return
}
c.JSON(http.StatusOK, gin.H{
"message": "role(s) deleted",
})
}
Reference in New Issue View Git Blame Copy Permalink