2021-12-24 08:56:16 +00:00
|
|
|
package calendar
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
"gorm.io/gorm"
|
|
|
|
"kumoly.io/kumoly/app/auth"
|
|
|
|
"kumoly.io/kumoly/app/errors"
|
|
|
|
"kumoly.io/kumoly/app/history"
|
|
|
|
"kumoly.io/kumoly/app/server"
|
|
|
|
)
|
|
|
|
|
|
|
|
func ApiEventQuery(c *gin.Context) {
|
|
|
|
id := c.Query("id")
|
|
|
|
if id != "" {
|
|
|
|
e := &Event{}
|
|
|
|
err := HasEventAccess(c, e, id)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
server.OK(c, e)
|
|
|
|
} else {
|
|
|
|
grp := c.Query("grp")
|
|
|
|
events := []Event{}
|
|
|
|
cl, err := auth.GetContextClaims(c)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
var result *gorm.DB
|
|
|
|
|
2021-12-25 09:48:33 +00:00
|
|
|
if grp != "" {
|
|
|
|
if !auth.ACHas(c, auth.ADMIN, auth.SYSTEM, grp) {
|
|
|
|
panic(errors.ErrorForbidden)
|
2021-12-24 08:56:16 +00:00
|
|
|
}
|
2021-12-25 09:48:33 +00:00
|
|
|
result = db.Find(&events, `event_group_id in (
|
|
|
|
select id from event_groups where group_id = (
|
|
|
|
select id from groups where name = ?
|
|
|
|
)
|
|
|
|
)`, grp)
|
2021-12-24 08:56:16 +00:00
|
|
|
} else if !auth.ACHas(c, auth.ADMIN, auth.SYSTEM) {
|
2021-12-25 09:48:33 +00:00
|
|
|
result = db.Find(&events, `event_group_id in (
|
|
|
|
select eg.id from event_groups eg where eg.group_id in (
|
|
|
|
select g.id from groups g where g.name in ?
|
|
|
|
)
|
|
|
|
)`, cl.Groups)
|
|
|
|
|
2021-12-24 08:56:16 +00:00
|
|
|
} else {
|
|
|
|
result = db.Find(&events)
|
|
|
|
}
|
|
|
|
|
|
|
|
if result.Error != nil {
|
|
|
|
panic(result.Error)
|
|
|
|
}
|
|
|
|
server.OK(c, events)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func ApiEventNew(c *gin.Context) {
|
|
|
|
e := &Event{}
|
|
|
|
if err := c.ShouldBindJSON(e); err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
if e.ID != "" {
|
|
|
|
panic(errors.ErrorBadRequest)
|
|
|
|
}
|
|
|
|
if e.Start.IsZero() || e.End.IsZero() || e.Start.Before(e.End) {
|
|
|
|
panic(ErrorInvalidTime)
|
|
|
|
}
|
2021-12-25 09:48:33 +00:00
|
|
|
cal := 0
|
|
|
|
if db.Raw("select count(id) from calendars where id = ?", e.CalendarID).
|
|
|
|
Scan(&cal); cal != 1 {
|
|
|
|
panic(errors.ErrorNotFound)
|
|
|
|
}
|
|
|
|
if !auth.ACHas(c, auth.ADMIN, auth.SYSTEM, e.EventGroup.GroupName) {
|
2021-12-24 08:56:16 +00:00
|
|
|
panic(errors.ErrorForbidden)
|
|
|
|
}
|
2021-12-25 09:48:33 +00:00
|
|
|
if e.EventGroup.Name == "" {
|
|
|
|
e.EventGroup.Name = e.Name
|
|
|
|
}
|
|
|
|
if err := db.Transaction(func(tx *gorm.DB) error {
|
|
|
|
if err := tx.Create(e).Error; err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}); err != nil {
|
2021-12-24 08:56:16 +00:00
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
history.Send(history.Info().
|
|
|
|
Nm("Create").
|
2021-12-25 09:48:33 +00:00
|
|
|
Grp(e.EventGroup.GroupName).Bd(e).
|
2021-12-24 08:56:16 +00:00
|
|
|
Iss(c.GetString(auth.GinUserKey)).
|
|
|
|
Msg("Event created"))
|
|
|
|
server.OK(c, e)
|
|
|
|
}
|
|
|
|
|
|
|
|
func ApiEventUpdate(c *gin.Context) {
|
|
|
|
e := &Event{}
|
|
|
|
if err := c.ShouldBindJSON(e); err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
if e.ID == "" {
|
|
|
|
panic(errors.ErrorBadRequest)
|
|
|
|
}
|
|
|
|
if err := HasEventAccess(c, &Event{}, e.ID); err != nil {
|
|
|
|
panic(errors.ErrorForbidden)
|
|
|
|
}
|
|
|
|
if err := db.Save(e).Error; err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
history.Send(history.Info().
|
|
|
|
Nm("Update").
|
2021-12-25 09:48:33 +00:00
|
|
|
Grp(e.EventGroup.GroupName).Bd(e).
|
2021-12-24 08:56:16 +00:00
|
|
|
Iss(c.GetString(auth.GinUserKey)).
|
|
|
|
Msg("Event Updated"))
|
|
|
|
server.OK(c, e)
|
|
|
|
}
|
|
|
|
|
|
|
|
func ApiEventDelete(c *gin.Context) {
|
|
|
|
id := c.Query("id")
|
|
|
|
if id == "" {
|
|
|
|
panic(errors.ErrorBadRequest)
|
|
|
|
}
|
|
|
|
e := &Event{}
|
|
|
|
err := HasEventAccess(c, e, id)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
|
2021-12-25 09:48:33 +00:00
|
|
|
err = db.Delete(e, "id = ?", id).Error
|
2021-12-24 08:56:16 +00:00
|
|
|
if err != nil {
|
|
|
|
panic(errors.NewError(404, err))
|
|
|
|
}
|
2021-12-25 09:48:33 +00:00
|
|
|
db.Exec(`delete from event_groups where id = ?
|
|
|
|
and 0 = (select count(id) from events where event_group_id = ?)`,
|
|
|
|
e.EventGroupID, e.EventGroupID)
|
2021-12-24 08:56:16 +00:00
|
|
|
history.Send(history.Info().
|
|
|
|
Nm("Delete").
|
2021-12-25 09:48:33 +00:00
|
|
|
Grp(e.EventGroup.GroupName).Bd(e).
|
2021-12-24 08:56:16 +00:00
|
|
|
Iss(c.GetString(auth.GinUserKey)).
|
|
|
|
Msg("Event Deleted"))
|
|
|
|
server.OK(c, "ok")
|
|
|
|
}
|