app/auth/api_user.go

191 lines
3.8 KiB
Go
Raw Normal View History

2021-12-16 04:11:33 +00:00
package auth
import (
"encoding/base64"
"github.com/gin-gonic/gin"
"gorm.io/gorm"
"kumoly.io/kumoly/app/errors"
"kumoly.io/kumoly/app/server"
)
func ApiUsers(c *gin.Context) {
users := []User{}
result := DB.Preload("Groups").Preload("Profile").Find(&users)
if result.Error != nil {
panic(result.Error)
}
server.Res(c, &server.Response{Data: users})
}
type apiUserNewReq struct {
Name string `json:"username" example:"user" binding:"required"`
PwdB64 string `json:"password" example:"YWRtaW4=" binding:"required,base64"`
}
func ApiUserNew(c *gin.Context) {
var data apiUserNewReq
if err := c.ShouldBindJSON(&data); err != nil {
panic(err)
}
pwd, err := base64.URLEncoding.DecodeString(data.PwdB64)
if err != nil {
panic(err)
}
usr := &User{
Username: data.Name,
Password: string(pwd),
}
err = NewUser(usr, DB)
if err != nil {
panic(err)
}
server.Res(c, &server.Response{Data: usr})
}
func ApiUserDelete(c *gin.Context) {
var err error
id := c.Param("id")
if id == "" {
panic(errors.ErrorBadRequest)
}
usr := &User{
ID: id,
}
err = DB.First(usr, "id = ?", id).Error
if err != nil {
panic(errors.NewError(404, err))
}
if IsLastAdminUser(id) {
panic(ErrorDelLastAdmin)
}
prof := &Profile{}
profExist := true
err = DB.First(prof, "user_id = ?", id).Error
if err != nil {
profExist = false
}
grp := &Group{}
grpExist := false
err = DB.Where("name = ?", usr.Username).First(grp).Error
if err == nil {
grpExist = true
}
err = DB.Transaction(func(tx *gorm.DB) error {
if grpExist {
err = tx.Model(&grp).Association("Users").Clear()
if err != nil {
return err
}
}
err = tx.Model(&usr).Association("Groups").Clear()
if err != nil {
return err
}
err = tx.Model(&usr).Association("Profile").Clear()
if err != nil {
return err
}
if profExist {
err = tx.Delete(&prof).Error
if err != nil {
return err
}
}
err = tx.Delete(usr).Error
if err != nil {
return err
}
err = tx.Delete(grp).Error
return err
})
if err != nil {
panic(err)
}
server.Res(c, &server.Response{Data: "ok"})
}
type apiUserChangePasswdReq struct {
UserID string `json:"uid" example:"c35icut3sbav3gg5j1b0" binding:"required"`
PwdB64 string `json:"old" `
NewPwdB64 string `json:"new" example:"YWRtaW4=" binding:"required,base64"`
}
func ApiUserChangePasswd(c *gin.Context) {
var err error
var data apiUserChangePasswdReq
if err = c.ShouldBindJSON(&data); err != nil {
panic(err)
}
usr := &User{}
err = DB.First(usr, "id = ?", data.UserID).Error
if err != nil {
panic(errors.NewError(404, err))
}
if !ACHas(c, ADMIN) {
if !ACHas(c, usr.Username) {
panic(errors.ErrorForbidden)
}
old_pwd, err := base64.URLEncoding.DecodeString(data.PwdB64)
if err != nil {
panic(err)
}
err = usr.ValidatePassword(string(old_pwd))
if err != nil {
panic(err)
}
}
new_pwd, err := base64.URLEncoding.DecodeString(data.NewPwdB64)
if err != nil {
panic(err)
}
err = usr.ChangePassword(DB, string(new_pwd))
if err != nil {
panic(err)
}
server.Res(c, &server.Response{Data: "ok"})
}
func ApiUserActivate(c *gin.Context) {
usr := &User{}
uid := c.Param("id")
if uid == "" {
panic(errors.ErrorBadRequest)
}
err := DB.Where("id = ?", uid).First(usr).Error
if err != nil {
panic(errors.NewError(404, err))
}
err = DB.Model(&usr).Update("activated", true).Error
if err != nil {
panic(err)
}
server.Res(c, &server.Response{Data: "ok"})
}
func ApiUserDeactivate(c *gin.Context) {
usr := &User{}
uid := c.Param("id")
if uid == "" {
panic(errors.ErrorBadRequest)
}
err := DB.Where("id = ?", uid).First(usr).Error
if err != nil {
panic(errors.NewError(404, err))
}
if IsLastAdminUser(uid) {
panic(ErrorDelLastAdmin)
}
err = DB.Model(&usr).Update("activated", false).Error
if err != nil {
panic(err)
}
server.Res(c, &server.Response{Data: "ok"})
}