Beispiel #1
0
func AdminUserUpdate(w http.ResponseWriter, r *http.Request, u *User) error {
	// get the ID from the URL parameter
	idstr := r.FormValue("id")
	id, err := strconv.Atoi(idstr)
	if err != nil {
		return err
	}

	// get the user from the database
	user, err := database.GetUser(int64(id))
	if err != nil {
		return err
	}

	// update if user is administrator or not
	switch r.FormValue("Admin") {
	case "true":
		user.Admin = true
	case "false":
		user.Admin = false
	}

	// saving user
	if err := database.SaveUser(user); err != nil {
		return err
	}

	return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK)
}
Beispiel #2
0
func RegisterPost(w http.ResponseWriter, r *http.Request) error {
	// verify the token and extract the username
	token := r.FormValue("token")
	email := authcookie.Login(token, secret)
	if len(email) == 0 {
		return RenderTemplate(w, "register.html", &struct{ Error string }{"Your registration email is expired."})
	}

	// set the email and name
	user := NewUser(r.FormValue("name"), email)

	// set the new password
	password := r.FormValue("password")
	if err := user.SetPassword(password); err != nil {
		return RenderTemplate(w, "register.html", &struct{ Error string }{err.Error()})
	}

	// verify fields are correct
	if err := user.Validate(); err != nil {
		return RenderTemplate(w, "register.html", &struct{ Error string }{err.Error()})
	}

	// save to the database
	if err := database.SaveUser(user); err != nil {
		return err
	}

	// add the user to the session object
	SetCookie(w, r, "_sess", user.Email)

	// redirect the user to their dashboard
	http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
	return nil
}
Beispiel #3
0
// TestUpdateUser tests the ability to updatee an
// existing User in the database.
func TestUpdateUser(t *testing.T) {
	Setup()
	defer Teardown()

	// get the user we plan to update
	user, err := database.GetUser(1)
	if err != nil {
		t.Error(err)
	}

	// update fields
	user.Email = "*****@*****.**"
	user.Password = "******"

	// update the database
	if err := database.SaveUser(user); err != nil {
		t.Error(err)
	}

	// get the updated user
	updatedUser, err := database.GetUser(1)
	if err != nil {
		t.Error(err)
	}

	// verify the updated fields
	if user.Email != updatedUser.Email {
		t.Errorf("Exepected Email %s, got %s", user.Email, updatedUser.Email)
	}

	if user.Password != updatedUser.Password {
		t.Errorf("Exepected Password %s, got %s", user.Email, updatedUser.Password)
	}
}
Beispiel #4
0
func ResetPost(w http.ResponseWriter, r *http.Request) error {
	// verify the token and extract the username
	token := r.FormValue("token")
	email, err := passwordreset.VerifyToken(token, database.GetPassEmail, secret)
	if err != nil {
		return RenderTemplate(w, "reset.html", &struct{ Error string }{"Your password reset request is expired."})
	}

	// get the user from the database
	user, err := database.GetUserEmail(email)
	if err != nil {
		return RenderTemplate(w, "reset.html", &struct{ Error string }{"Unable to locate user account."})
	}

	// get the new password
	password := r.FormValue("password")
	if err := user.SetPassword(password); err != nil {
		return RenderTemplate(w, "reset.html", &struct{ Error string }{err.Error()})
	}

	// save to the database
	if err := database.SaveUser(user); err != nil {
		return RenderTemplate(w, "reset.html", &struct{ Error string }{"Unable to update password. Please try again"})
	}

	// add the user to the session object
	SetCookie(w, r, "_sess", user.Email)

	http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
	return nil
}
Beispiel #5
0
// update a specific user's password
func UserPassUpdate(w http.ResponseWriter, r *http.Request, u *User) error {
	// set the name and email from the form data
	pass := r.FormValue("password")
	if err := u.SetPassword(pass); err != nil {
		return RenderError(w, err, http.StatusBadRequest)
	}
	// save the updated password to the database
	if err := database.SaveUser(u); err != nil {
		return RenderError(w, err, http.StatusBadRequest)
	}
	return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK)
}
Beispiel #6
0
func LinkGithub(w http.ResponseWriter, r *http.Request, u *User) error {

	// get settings from database
	settings := database.SettingsMust()

	// github OAuth2 Data
	var oauth = oauth2.Client{
		RedirectURL:      settings.URL().String() + "/auth/login/github",
		AccessTokenURL:   "https://" + settings.GitHubDomain + "/login/oauth/access_token",
		AuthorizationURL: "https://" + settings.GitHubDomain + "/login/oauth/authorize",
		ClientId:         settings.GitHubKey,
		ClientSecret:     settings.GitHubSecret,
	}

	// get the OAuth code
	code := r.FormValue("code")
	if len(code) == 0 {
		scope := "repo,repo:status,user:email"
		state := "FqB4EbagQ2o"
		redirect := oauth.AuthorizeRedirect(scope, state)
		http.Redirect(w, r, redirect, http.StatusSeeOther)
		return nil
	}

	// exchange code for an auth token
	token, err := oauth.GrantToken(code)
	if err != nil {
		log.Println("Error granting GitHub authorization token")
		return err
	}

	// create the client
	client := github.New(token.AccessToken)
	client.ApiUrl = settings.GitHubApiUrl

	// get the user information
	githubUser, err := client.Users.Current()
	if err != nil {
		log.Println("Error retrieving currently authenticated GitHub user")
		return err
	}

	// save the github token to the user account
	u.GithubToken = token.AccessToken
	u.GithubLogin = githubUser.Login
	if err := database.SaveUser(u); err != nil {
		log.Println("Error persisting user's GitHub auth token to the database")
		return err
	}

	http.Redirect(w, r, "/new/github.com", http.StatusSeeOther)
	return nil
}
Beispiel #7
0
// update a specific user
func UserUpdate(w http.ResponseWriter, r *http.Request, u *User) error {
	// set the name and email from the form data
	u.Name = r.FormValue("name")
	u.SetEmail(r.FormValue("email"))

	if err := u.Validate(); err != nil {
		return RenderError(w, err, http.StatusBadRequest)
	}
	if err := database.SaveUser(u); err != nil {
		return RenderError(w, err, http.StatusBadRequest)
	}

	return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK)
}
Beispiel #8
0
func InstallPost(w http.ResponseWriter, r *http.Request) error {
	// we can only perform the inital installation if no
	// users exist in the system
	if users, err := database.ListUsers(); err != nil {
		return RenderError(w, err, http.StatusBadRequest)
	} else if len(users) != 0 {
		// if users exist in the systsem
		// we should render a NotFound page
		return RenderNotFound(w)
	}

	// set the email and name
	user := NewUser(r.FormValue("name"), r.FormValue("email"))
	user.Admin = true

	// set the new password
	if err := user.SetPassword(r.FormValue("password")); err != nil {
		return RenderError(w, err, http.StatusBadRequest)
	}

	// verify fields are correct
	if err := user.Validate(); err != nil {
		return RenderError(w, err, http.StatusBadRequest)
	}

	// save to the database
	if err := database.SaveUser(user); err != nil {
		return RenderError(w, err, http.StatusBadRequest)
	}

	// update settings
	settings := Settings{}
	settings.Domain = r.FormValue("Domain")
	settings.Scheme = r.FormValue("Scheme")
	settings.GitHubApiUrl = "https://api.github.com"
	settings.GitHubDomain = "github.com"
	settings.GitlabApiUrl = "https://gitlab.com"
	settings.GitlabDomain = "gitlab.com"
	database.SaveSettings(&settings)

	// add the user to the session object
	// so that he/she is loggedin
	SetCookie(w, r, "_sess", user.Email)

	// send the user to the settings page
	// to complete the configuration.
	http.Redirect(w, r, "/account/admin/settings", http.StatusSeeOther)
	return nil
}
Beispiel #9
0
func (g *GitlabHandler) Link(w http.ResponseWriter, r *http.Request, u *User) error {
	token := strings.TrimSpace(r.FormValue("token"))

	if len(u.GitlabToken) == 0 || token != u.GitlabToken && len(token) > 0 {
		u.GitlabToken = token
		settings := database.SettingsMust()
		gl := gogitlab.NewGitlab(settings.GitlabApiUrl, g.apiPath, u.GitlabToken)
		_, err := gl.CurrentUser()
		if err != nil {
			return fmt.Errorf("Private Token is not valid: %q", err)
		}
		if err := database.SaveUser(u); err != nil {
			return RenderError(w, err, http.StatusBadRequest)
		}
	}

	http.Redirect(w, r, "/new/gitlab", http.StatusSeeOther)
	return nil
}
Beispiel #10
0
func Setup() {
	// create an in-memory database
	database.Init("sqlite3", ":memory:")

	// create dummy user data
	user1 := User{
		Password: "******",
		Name:     "Brad Rydzewski",
		Email:    "*****@*****.**",
		Gravatar: "8c58a0be77ee441bb8f8595b7f1b4e87",
		Token:    "123",
		Admin:    true}
	user2 := User{
		Password: "******",
		Name:     "Thomas Burke",
		Email:    "*****@*****.**",
		Gravatar: "c62f7126273f7fa786274274a5dec8ce",
		Token:    "456",
		Admin:    false}
	user3 := User{
		Password: "******",
		Name:     "Carlos Morales",
		Email:    "*****@*****.**",
		Gravatar: "c2180a539620d90d68eaeb848364f1c2",
		Token:    "789",
		Admin:    false}

	database.SaveUser(&user1)
	database.SaveUser(&user2)
	database.SaveUser(&user3)

	// create dummy team data
	team1 := Team{
		Slug:     "drone",
		Name:     "Drone",
		Email:    "*****@*****.**",
		Gravatar: "8c58a0be77ee441bb8f8595b7f1b4e87"}
	team2 := Team{
		Slug:     "github",
		Name:     "Github",
		Email:    "*****@*****.**",
		Gravatar: "61024896f291303615bcd4f7a0dcfb74"}
	team3 := Team{
		Slug:     "golang",
		Name:     "Golang",
		Email:    "*****@*****.**",
		Gravatar: "991695cc770c6b8354b68cd18c280b95"}

	database.SaveTeam(&team1)
	database.SaveTeam(&team2)
	database.SaveTeam(&team3)

	// create team membership data
	database.SaveMember(user1.ID, team1.ID, RoleOwner)
	database.SaveMember(user2.ID, team1.ID, RoleAdmin)
	database.SaveMember(user3.ID, team1.ID, RoleWrite)
	database.SaveMember(user1.ID, team2.ID, RoleOwner)
	database.SaveMember(user2.ID, team2.ID, RoleAdmin)
	database.SaveMember(user3.ID, team2.ID, RoleWrite)
	database.SaveMember(user1.ID, team3.ID, RoleRead)

	// create dummy repo data
	repo1 := Repo{
		Slug:       "github.com/drone/drone",
		Host:       "github.com",
		Owner:      "drone",
		Name:       "drone",
		Private:    true,
		Disabled:   false,
		SCM:        "git",
		URL:        "[email protected]:drone/drone.git",
		Username:   "******",
		Password:   "******",
		PublicKey:  "public key",
		PrivateKey: "private key",
		UserID:     user1.ID,
		TeamID:     team1.ID,
	}
	repo2 := Repo{
		Slug:       "bitbucket.org/drone/test",
		Host:       "bitbucket.org",
		Owner:      "drone",
		Name:       "test",
		Private:    false,
		Disabled:   false,
		SCM:        "hg",
		URL:        "https://bitbucket.org/drone/test",
		Username:   "******",
		Password:   "******",
		PublicKey:  "public key",
		PrivateKey: "private key",
		UserID:     user1.ID,
		TeamID:     team1.ID,
	}
	repo3 := Repo{
		Slug:       "bitbucket.org/brydzewski/test",
		Host:       "bitbucket.org",
		Owner:      "brydzewski",
		Name:       "test",
		Private:    false,
		Disabled:   false,
		SCM:        "hg",
		URL:        "https://bitbucket.org/brydzewski/test",
		Username:   "******",
		Password:   "******",
		PublicKey:  "public key",
		PrivateKey: "private key",
		UserID:     user2.ID,
	}

	database.SaveRepo(&repo1)
	database.SaveRepo(&repo2)
	database.SaveRepo(&repo3)

	commit1 := Commit{
		RepoID:   repo1.ID,
		Status:   "Success",
		Hash:     "4f4c4594be6d6ddbc1c0dd521334f7ecba92b608",
		Branch:   "master",
		Author:   user1.Email,
		Gravatar: user1.Gravatar,
		Message:  "commit message",
	}
	commit2 := Commit{
		RepoID:   repo1.ID,
		Status:   "Failure",
		Hash:     "0eb2fa13e9f4139e803b6ad37831708d4786c74a",
		Branch:   "master",
		Author:   user1.Email,
		Gravatar: user1.Gravatar,
		Message:  "commit message",
	}
	commit3 := Commit{
		RepoID:   repo1.ID,
		Status:   "Failure",
		Hash:     "60a7fe87ccf01d0152e53242528399e05acaf047",
		Branch:   "dev",
		Author:   user1.Email,
		Gravatar: user1.Gravatar,
		Message:  "commit message",
	}
	commit4 := Commit{
		RepoID:   repo2.ID,
		Status:   "Success",
		Hash:     "a4078d1e9a0842cdd214adbf0512578799a4f2ba",
		Branch:   "master",
		Author:   user1.Email,
		Gravatar: user1.Gravatar,
		Message:  "commit message",
	}

	// create dummy commit data
	database.SaveCommit(&commit1)
	database.SaveCommit(&commit2)
	database.SaveCommit(&commit3)
	database.SaveCommit(&commit4)

	// create dummy build data
	database.SaveBuild(&Build{CommitID: commit1.ID, Slug: "node_0.10", Status: "Success", Duration: 60})
	database.SaveBuild(&Build{CommitID: commit1.ID, Slug: "node_0.09", Status: "Success", Duration: 70})
	database.SaveBuild(&Build{CommitID: commit2.ID, Slug: "node_0.10", Status: "Success", Duration: 10})
	database.SaveBuild(&Build{CommitID: commit2.ID, Slug: "node_0.09", Status: "Failure", Duration: 65})
	database.SaveBuild(&Build{CommitID: commit3.ID, Slug: "node_0.10", Status: "Failure", Duration: 50})
	database.SaveBuild(&Build{CommitID: commit3.ID, Slug: "node_0.09", Status: "Failure", Duration: 55})
}
Beispiel #11
0
func RepoCreateGithubLimited(w http.ResponseWriter, r *http.Request, u *User) error {
	teamName := r.FormValue("team")
	owner := r.FormValue("owner")
	name := r.FormValue("name")

	readToken := r.FormValue("read-token")
	writeToken := r.FormValue("write-token")

	u.GithubToken = readToken
	u.GithubWriteToken = writeToken

	// get the github settings from the database
	settings := database.SettingsMust()
	fmt.Printf("got settings: %s\n", settings)

	// create the GitHub client
	rClient := github.New(readToken)
	wClient := github.New(writeToken)
	rClient.ApiUrl = settings.GitHubApiUrl
	wClient.ApiUrl = settings.GitHubApiUrl

	githubRepo, err := rClient.Repos.Find(owner, name)
	if err != nil {
		fmt.Printf("err1, %s\n", err)
		return err
	}

	repo, err := NewGitHubRepo(settings.GitHubDomain, owner, name, githubRepo.Private)

	if err != nil {
		fmt.Printf("err2, %s\n", err)
		return err
	}

	repo.URL = fmt.Sprintf("https://%s@%s/%s/%s", readToken, settings.GitHubDomain, owner, name)

	repo.UserID = u.ID
	repo.Private = githubRepo.Private

	// if the user chose to assign to a team account
	// we need to retrieve the team, verify the user
	// has access, and then set the team id.
	if len(teamName) > 0 {
		team, err := database.GetTeamSlug(teamName)
		if err != nil {
			return fmt.Errorf("Unable to find Team %s.", teamName)
		}

		// user must be an admin member of the team
		if ok, _ := database.IsMemberAdmin(u.ID, team.ID); !ok {
			return fmt.Errorf("Invalid permission to access Team %s.", teamName)
		}
		repo.TeamID = team.ID
	}

	// create a hook so that we get notified when code                                                                                                                                                                                            // is pushed to the repository and can execute a build.
	link := fmt.Sprintf("%s://%s/hook/github.com?id=%s", settings.Scheme, settings.Domain, repo.Slug)

	// add the hook
	if _, err := wClient.Hooks.CreateUpdate(owner, name, link); err != nil {
		return fmt.Errorf("Unable to add Hook to your GitHub repository. %s", err.Error())
	}

	// Save to the database
	if err := database.SaveRepo(repo); err != nil {
		return fmt.Errorf("Error saving repository to the database. %s", err)
	}
	// Save user to the database
	if err := database.SaveUser(u); err != nil {
		return fmt.Errorf("Error saving user to the database. %s", err)
	}

	return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK)

}
Beispiel #12
0
func LinkBitbucket(w http.ResponseWriter, r *http.Request, u *User) error {

	// get settings from database
	settings := database.SettingsMust()

	// bitbucket oauth1 consumer
	var consumer = oauth1.Consumer{
		RequestTokenURL:  "https://bitbucket.org/api/1.0/oauth/request_token/",
		AuthorizationURL: "https://bitbucket.org/!api/1.0/oauth/authenticate",
		AccessTokenURL:   "https://bitbucket.org/api/1.0/oauth/access_token/",
		CallbackURL:      settings.URL().String() + "/auth/login/bitbucket",
		ConsumerKey:      settings.BitbucketKey,
		ConsumerSecret:   settings.BitbucketSecret,
	}

	// get the oauth verifier
	verifier := r.FormValue("oauth_verifier")
	if len(verifier) == 0 {
		// Generate a Request Token
		requestToken, err := consumer.RequestToken()
		if err != nil {
			return err
		}

		// add the request token as a signed cookie
		SetCookie(w, r, "bitbucket_token", requestToken.Encode())

		url, _ := consumer.AuthorizeRedirect(requestToken)
		http.Redirect(w, r, url, http.StatusSeeOther)
		return nil
	}

	// remove bitbucket token data once before redirecting
	// back to the application.
	defer DelCookie(w, r, "bitbucket_token")

	// get the tokens from the request
	requestTokenStr := GetCookie(r, "bitbucket_token")
	requestToken, err := oauth1.ParseRequestTokenStr(requestTokenStr)
	if err != nil {
		return err
	}

	// exchange for an access token
	accessToken, err := consumer.AuthorizeToken(requestToken, verifier)
	if err != nil {
		return err
	}

	// create the Bitbucket client
	client := bitbucket.New(
		settings.BitbucketKey,
		settings.BitbucketSecret,
		accessToken.Token(),
		accessToken.Secret(),
	)

	// get the currently authenticated Bitbucket User
	user, err := client.Users.Current()
	if err != nil {
		return err
	}

	// update the user account
	u.BitbucketLogin = user.User.Username
	u.BitbucketToken = accessToken.Token()
	u.BitbucketSecret = accessToken.Secret()
	if err := database.SaveUser(u); err != nil {
		return err
	}

	http.Redirect(w, r, "/new/bitbucket.org", http.StatusSeeOther)
	return nil
}