go-blog/controllers/user.go

294 lines
6.9 KiB
Go

// Copyright 2018 Lars Hoogestraat
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package controllers
import (
"fmt"
"net/http"
"git.hoogi.eu/snafu/go-blog/components/httperror"
"git.hoogi.eu/snafu/go-blog/middleware"
"git.hoogi.eu/snafu/go-blog/models"
)
//AdminUsersHandler returns an overview of the created users (admin only action)
func AdminUsersHandler(ctx *middleware.AppContext, w http.ResponseWriter, r *http.Request) *middleware.Template {
page := getPageParam(r)
total, err := ctx.UserService.Count(models.All)
if err != nil {
return &middleware.Template{
Name: tplAdminUsers,
Err: err,
Active: "users",
}
}
p := &models.Pagination{
Total: total,
Limit: 20,
CurrentPage: page,
RelURL: "admin/users/page",
}
users, err := ctx.UserService.List(p)
if err != nil {
return &middleware.Template{
Name: tplAdminUsers,
Err: err,
Active: "users",
}
}
var userInvites []models.UserInvite
if cu, _ := middleware.User(r); cu.IsAdmin {
userInvites, err = ctx.UserInviteService.List()
if err != nil {
return &middleware.Template{
Name: tplAdminUsers,
Err: err,
Active: "users",
Data: map[string]interface{}{
"users": users,
"pagination": p,
},
}
}
}
return &middleware.Template{
Name: tplAdminUsers,
Active: "users",
Data: map[string]interface{}{
"users": users,
"user_invites": userInvites,
"pagination": p,
},
}
}
//AdminUserNewHandler returns the form for adding new user (admin only action)
func AdminUserNewHandler(ctx *middleware.AppContext, w http.ResponseWriter, r *http.Request) *middleware.Template {
return &middleware.Template{
Name: tplAdminUserNew,
Active: "users",
}
}
//AdminUserNewPostHandler handles the creation of new users (admin only action)
func AdminUserNewPostHandler(ctx *middleware.AppContext, w http.ResponseWriter, r *http.Request) *middleware.Template {
u := &models.User{
DisplayName: r.FormValue("displayname"),
Username: r.FormValue("username"),
Email: r.FormValue("email"),
PlainPassword: []byte(r.FormValue("password")),
Active: convertCheckbox(r, "active"),
IsAdmin: convertCheckbox(r, "admin"),
}
userID, err := ctx.UserService.Create(u)
if err != nil {
return &middleware.Template{
Name: tplAdminUserNew,
Err: err,
Active: "users",
Data: map[string]interface{}{
"user": u,
},
}
}
return &middleware.Template{
RedirectPath: "admin/users",
Active: "users",
SuccessMsg: "Successfully added user " + u.Email,
Data: map[string]interface{}{
"userID": userID,
},
}
}
//AdminUserEditHandler returns the form for editing an user (admin only action)
func AdminUserEditHandler(ctx *middleware.AppContext, w http.ResponseWriter, r *http.Request) *middleware.Template {
userID, err := parseInt(getVar(r, "userID"))
if err != nil {
return &middleware.Template{
Name: tplAdminUsers,
Err: err,
}
}
u, err := ctx.UserService.GetByID(userID)
if err != nil {
return &middleware.Template{
Name: tplAdminUsers,
Err: err,
}
}
return &middleware.Template{
Name: tplAdminUserEdit,
Active: "users",
Data: map[string]interface{}{
"user": u,
},
}
}
//AdminUserEditPostHandler handles the updating of an user (admin only action)
func AdminUserEditPostHandler(ctx *middleware.AppContext, w http.ResponseWriter, r *http.Request) *middleware.Template {
userID, err := parseInt(getVar(r, "userID"))
if err != nil {
return &middleware.Template{
RedirectPath: "admin/users",
Active: "users",
Err: err,
}
}
u := &models.User{
ID: userID,
Email: r.FormValue("email"),
DisplayName: r.FormValue("displayname"),
Username: r.FormValue("username"),
PlainPassword: []byte(r.FormValue("password")),
Active: convertCheckbox(r, "active"),
IsAdmin: convertCheckbox(r, "admin"),
}
changePassword := false
if len(u.PlainPassword) > 0 {
changePassword = true
}
if err := ctx.UserService.Update(u, changePassword); err != nil {
return &middleware.Template{
Name: tplAdminUserEdit,
Err: err,
Active: "users",
Data: map[string]interface{}{
"user": u,
},
}
}
if changePassword {
session, err := ctx.SessionService.Get(w, r)
if err != nil {
return &middleware.Template{
Name: tplAdminUserEdit,
Err: err,
Active: "users",
Data: map[string]interface{}{
"user": u,
},
}
}
sids := ctx.SessionService.SessionProvider.SessionIDsFromValues("userid", u.ID)
for _, id := range sids {
if session.SessionID() != id {
ctx.SessionService.SessionProvider.Remove(id)
}
}
}
return &middleware.Template{
RedirectPath: "admin/users",
Active: "users",
SuccessMsg: "Successfully edited user " + u.Email,
}
}
//AdminUserDeleteHandler returns the form for removing user (admin only action)
func AdminUserDeleteHandler(ctx *middleware.AppContext, w http.ResponseWriter, r *http.Request) *middleware.Template {
userID, err := parseInt(getVar(r, "userID"))
user, err := ctx.UserService.GetByID(userID)
if err != nil {
return &middleware.Template{
RedirectPath: "admin/users",
Active: "users",
Err: err,
}
}
oneAdmin, err := ctx.UserService.OneAdmin()
if oneAdmin && user.IsAdmin {
return &middleware.Template{
RedirectPath: "admin/users",
Active: "users",
Err: httperror.New(http.StatusUnprocessableEntity,
"Could not remove administrator. No administrator would remain.",
fmt.Errorf("could not remove administrator %s no administrator would remain", user.Username)),
}
}
remove := models.Action{
ID: "removeUser",
ActionURL: fmt.Sprintf("/admin/user/delete/%d", user.ID),
BackLinkURL: "/admin/users",
Description: fmt.Sprintf("Please confirm removing of user %s?", user.Username),
WarnMsg: "All articles, sites and files belonging to this user will be deleted!",
Title: "Confirm removing of user",
}
return &middleware.Template{
Name: tplAdminAction,
Active: "users",
Data: map[string]interface{}{
"action": remove,
},
}
}
//AdminUserDeletePostHandler handles removing of a user (admin only action)
func AdminUserDeletePostHandler(ctx *middleware.AppContext, w http.ResponseWriter, r *http.Request) *middleware.Template {
userID, err := parseInt(getVar(r, "userID"))
if err != nil {
return &middleware.Template{
Name: tplAdminUsers,
Active: "users",
Err: err,
}
}
user, err := ctx.UserService.GetByID(userID)
if err != nil {
return &middleware.Template{
Name: tplAdminUsers,
Active: "users",
Err: err,
}
}
if err := ctx.UserService.Remove(user); err != nil {
return &middleware.Template{
Name: tplAdminUsers,
Active: "users",
Err: err,
}
}
return &middleware.Template{
RedirectPath: "admin/users",
Active: "users",
}
}