z1glr/golunteer
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

changed names of database columns

Browse Source
This commit is contained in:
z1glr
2025-01-23 10:12:12 +00:00
parent 7265a4e36a
commit c752bc6c14
36 changed files with 604 additions and 605 deletions
Download Patch File Download Diff File Expand all files Collapse all files

134
backend/pkg/router/user.go
View File

@@ -5,76 +5,75 @@ import (
"github.com/johannesbuehl/golunteer/backend/pkg/db/users"
)
func getUsers(args HandlerArgs) responseMessage {
response := responseMessage{}
func (a *Handler) getUsers() {
// check admin
if !args.User.Admin {
response.Status = fiber.StatusForbidden
if !a.Admin {
a.Status = fiber.StatusForbidden
logger.Log().Msgf("user is no admin")
} else if users, err := users.Get(); err != nil {
response.Status = fiber.StatusInternalServerError
a.Status = fiber.StatusInternalServerError
logger.Error().Msgf("can't get users: %v", err)
} else {
response.Data = users
a.Data = users
}
return response
}
func postUser(args HandlerArgs) responseMessage {
response := responseMessage{}
func (a *Handler) postUser() {
// check admin
if !args.User.Admin {
response.Status = fiber.StatusForbidden
if !a.Admin {
a.Status = fiber.StatusForbidden
logger.Log().Msgf("user is no admin")
} else {
// parse the body
var body users.UserAdd
if err := args.C.BodyParser(&body); err != nil {
response.Status = fiber.StatusBadRequest
if err := a.C.BodyParser(&body); err != nil {
a.Status = fiber.StatusBadRequest
logger.Warn().Msgf("can't parse body: %v", err)
// validate the body
} else if err := validate.Struct(body); err != nil {
response.Status = fiber.StatusBadRequest
a.Status = fiber.StatusBadRequest
logger.Warn().Msgf("invalid body: %v", err)
} else if err := users.Add(body); err != nil {
response.Status = fiber.StatusInternalServerError
a.Status = fiber.StatusInternalServerError
logger.Warn().Msgf("can't add user: %v", err)
}
}
return response
}
func putPassword(args HandlerArgs) responseMessage {
response := responseMessage{}
func (a *Handler) putPassword() {
// parse the body
var body users.UserChangePassword
if err := args.C.BodyParser(&body); err != nil {
response.Status = fiber.StatusBadRequest
if err := a.C.BodyParser(&body); err != nil {
logger.Log().Msgf("can't parse body: %v", err)
a.Status = fiber.StatusBadRequest
// body has been parsed successfully
} else {
body.UserName = args.User.UserName
body.UserName = a.UserName
// validate the body
if err := validate.Struct(body); err != nil {
response.Status = fiber.StatusBadRequest
logger.Info().Msgf("invalid body: %v", err)
} else if tokenID, err := users.ChangePassword(body); err != nil {
response.Status = fiber.StatusInternalServerError
a.Status = fiber.StatusBadRequest
// send the password change to the database and get the new tokenID back
} else if tokenID, err := users.ChangePassword(body); err != nil {
logger.Error().Msgf("can't update password: %v", err)
a.Status = fiber.StatusInternalServerError
// sign a new JWT with the new tokenID
} else if jwt, err := config.SignJWT(JWTPayload{
UserName: body.UserName,
@@ -82,23 +81,22 @@ func putPassword(args HandlerArgs) responseMessage {
// if something failed, remove the current session-cookie
}); err != nil {
args.removeSessionCookie()
a.removeSessionCookie()
a.Status = fiber.StatusPartialContent
// set the new session-cookie
} else {
// update the token in the session-cookie
args.setSessionCookie(&jwt)
a.setSessionCookie(&jwt)
}
}
return response
}
func patchUser(args HandlerArgs) responseMessage {
response := responseMessage{}
func (a *Handler) patchUser() {
// check admin
if !args.User.Admin {
response.Status = fiber.StatusForbidden
if !a.Admin {
a.Status = fiber.StatusForbidden
logger.Log().Msgf("user is no admin")
} else {
@@ -108,20 +106,20 @@ func patchUser(args HandlerArgs) responseMessage {
NewName string `json:"newName"`
}
if err := args.C.BodyParser(&body); err != nil {
response.Status = fiber.StatusBadRequest
if err := a.C.BodyParser(&body); err != nil {
a.Status = fiber.StatusBadRequest
logger.Log().Msgf("can't parse body: %v", err)
// prevent to demoting self from admin
} else if !body.Admin && body.UserName == args.User.UserName {
response.Status = fiber.StatusBadRequest
} else if !body.Admin && body.UserName == a.UserName {
a.Status = fiber.StatusBadRequest
logger.Warn().Msgf("can't demote self from admin")
} else {
// check for an empty user-name
if len(body.UserName) == 0 {
response.Status = fiber.StatusBadRequest
a.Status = fiber.StatusBadRequest
logger.Warn().Msgf("username is empty")
@@ -135,36 +133,36 @@ func patchUser(args HandlerArgs) responseMessage {
}
if _, err = users.ChangePassword(usePasswordChange); err != nil {
response.Status = fiber.StatusInternalServerError
a.Status = fiber.StatusInternalServerError
logger.Error().Msgf("can't change password: %v", err)
return response
return
}
}
// only change the name, if it differs
if body.NewName != body.UserName {
if err := users.ChangeName(body.UserName, body.NewName); err != nil {
response.Status = fiber.StatusInternalServerError
a.Status = fiber.StatusInternalServerError
logger.Error().Msgf("can't change user-name: %v", err)
return response
return
}
}
// set the admin-status
if err := users.SetAdmin(body.NewName, body.Admin); err != nil {
response.Status = fiber.StatusInternalServerError
a.Status = fiber.StatusInternalServerError
logger.Error().Msgf("updating admin-status failed: %v", err)
} else {
// if we modified ourself, update the session-cookie
if body.UserName == args.User.UserName {
if body.UserName == a.UserName {
// get the tokenID
if tokenID, err := users.TokenID(body.NewName); err != nil {
response.Status = fiber.StatusInternalServerError
a.Status = fiber.StatusInternalServerError
logger.Error().Msgf("can't get tokenID: %v", err)
@@ -172,65 +170,51 @@ func patchUser(args HandlerArgs) responseMessage {
UserName: body.NewName,
TokenID: tokenID,
}); err != nil {
response.Status = fiber.StatusInternalServerError
a.Status = fiber.StatusInternalServerError
logger.Error().Msgf("JWT-signing failed: %v", err)
// remove the session-cookie
args.removeSessionCookie()
a.removeSessionCookie()
} else {
args.setSessionCookie(&jwt)
a.setSessionCookie(&jwt)
}
}
}
}
}
}
return response
}
func deleteUser(args HandlerArgs) responseMessage {
func (a *Handler) deleteUser() {
// check admin
if !args.User.Admin {
if !a.Admin {
logger.Warn().Msg("user-deletion failed: user is no admin")
return responseMessage{
Status: fiber.StatusUnauthorized,
}
a.Status = fiber.StatusUnauthorized
// get the username from the query
} else if userName := args.C.Query("userName"); userName == "" {
} else if userName := a.C.Query("userName"); userName == "" {
logger.Log().Msg("user-deletion failed: query is missing \"userName\"")
return responseMessage{
Status: fiber.StatusBadRequest,
}
a.Status = fiber.StatusBadRequest
// check wether the user tries to delete himself
} else if userName == args.User.UserName {
} else if userName == a.UserName {
logger.Log().Msg("user-deletion failed: self-deletion is illegal")
return responseMessage{
Status: fiber.StatusBadRequest,
}
a.Status = fiber.StatusBadRequest
// check wether the user tries to delete the admin
} else if userName == "admin" {
logger.Log().Msg("user-deletion failed: admin-deletion is illegal")
return responseMessage{
Status: fiber.StatusBadRequest,
}
a.Status = fiber.StatusBadRequest
// delete the user
} else if err := users.Delete(userName); err != nil {
logger.Error().Msgf("user-deletion failed: user doesn't exist")
return responseMessage{
Status: fiber.StatusNotFound,
}
} else {
return responseMessage{}
a.Status = fiber.StatusNotFound
}
}