Beispiel #1
0
func rolesHandler(w http.ResponseWriter, r *http.Request, s string) {
	ctx := appengine.NewContext(r)
	u1 := user.Current(ctx)
	if u1 == nil {
		http.Redirect(w, r, "/", http.StatusSeeOther)
	} else {
		u2, uKey, err := usr.Exist(ctx, u1.Email)
		if err == usr.FindUserError {
			log.Printf("Error while login user: %v\n", err)
			// ALSO LOG THIS WITH DATASTORE LOG !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		if u2.Type == "inHouse" && u2.Status != "frozen" && (u2.IsAdmin() || u2.IsContentEditor()) {
			acc := new(account.Account)
			aKey := uKey.Parent()
			err = datastore.Get(ctx, aKey, acc)
			if err != nil {
				log.Printf("Error while getting user's account data: %v\n",
					err)
				// ALSO LOG THIS WITH DATASTORE LOG !!!!!!!!!!!!!!!!!!!!!!
				http.Error(w, err.Error(),
					http.StatusInternalServerError)
				return
			}
			p := new(content.Page)
			p, err = content.Get(ctx, s)
			if p == nil {
				http.Error(w, err.Error(), http.StatusInternalServerError)
				return
			}
			if err != nil {
				log.Printf("Error while getting page content. Error: %v\n", err)
			}
			p.D.Account = acc
			p.D.User = u2
			template.RenderRoles(w, p)
			// keyValue := *role
			// log.Println(keyValue)
			// log.Println(role.StringID())
			// log.Println(role.IntID())
			// log.Println(role.Parent())
			// log.Println(role.AppID())
			// log.Println(role.Kind())
			// log.Println(role.Namespace())
		} else {
			log.Printf("Unauthorized user %s trying to see "+
				"roles page !!!", u2.Email)
			fmt.Fprintf(w, "Permission denied !!!")
			return
		}
	}
}
Beispiel #2
0
func accountSettingsHandler(w http.ResponseWriter, r *http.Request, s string) {
	ctx := appengine.NewContext(r)
	u1 := user.Current(ctx)
	if u1 == nil {
		http.Redirect(w, r, "/", http.StatusSeeOther)
	} else {
		u2, uKey, err := usr.Exist(ctx, u1.Email)
		if err == usr.FindUserError {
			log.Printf("Error while login user: %v\n", err)
			// ALSO LOG THIS WITH DATASTORE LOG !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		if u2.Status == "frozen" || !u2.IsAdmin() {
			log.Printf("Unauthorized user %s trying to see "+
				"account settings page !!!", u2.Email)
			fmt.Fprintf(w, "Permission denied !!!")
			return
		}
		acc := new(account.Account)
		aKey := uKey.Parent()
		err = datastore.Get(ctx, aKey, acc)
		if err != nil {
			log.Printf("Error while getting user's account data: %v\n",
				err)
			// ALSO LOG THIS WITH DATASTORE LOG !!!!!!!!!!!!!!!!!!!!!!
			http.Error(w, err.Error(),
				http.StatusInternalServerError)
			return
		}
		p := new(content.Page)
		p, err = content.Get(ctx, s)
		if p == nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		if err != nil {
			log.Printf("Error while getting page content. Error: %v\n", err)
		}
		p.D.Account = acc
		p.D.User = u2
		template.RenderAccountSettings(w, p)
	}
}
Beispiel #3
0
func indexHandler(w http.ResponseWriter, r *http.Request, s string) {
	// HANDLE FOR /favicon.ico REQUEST !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
	/* if r.URL.Path != "/" {
		http.NotFound(w, r)
		return
	} */
	ctx := appengine.NewContext(r)
	u1 := user.Current(ctx)
	p := new(content.Page)
	if u1 == nil {
		url, err := user.LoginURL(ctx, r.URL.String())
		if err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		p, err = content.Get(ctx, "index")
		if p == nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		if err != nil {
			log.Printf("Error while getting index page content. Error: %v\n",
				err)
		}
		p.D.LoginURL = url
		template.RenderIndex(w, p)
	} else {
		acc := new(account.Account)
		var errAc error
		u2, uKey, err := usr.Exist(ctx, u1.Email)
		switch err {
		case datastore.Done:
			acc, u2, errAc = account.Create(r)
			if errAc != nil {
				log.Printf("Error while creating account: %v\n", errAc)
				// ALSO LOG THIS WITH DATASTORE LOG !!!!!!!!!!!!!!!!!!!!!!
				http.Error(w, errAc.Error(),
					http.StatusInternalServerError)
				return
			}
		case usr.ExistingEmail:
			aKey := uKey.Parent()
			// log.Println(uKey, aKey, acc)
			errAc = datastore.Get(ctx, aKey, acc)
			if errAc != nil {
				log.Printf("Error while getting user's account data: %v\n",
					errAc)
				// ALSO LOG THIS WITH DATASTORE LOG !!!!!!!!!!!!!!!!!!!!!!
				http.Error(w, errAc.Error(),
					http.StatusInternalServerError)
				return
			}
		case usr.FindUserError:
			log.Printf("Error while login user: %v\n", err)
			// ALSO LOG THIS WITH DATASTORE LOG !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		p, err = content.Get(ctx, "account")
		if p == nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		if err != nil {
			log.Printf("Error while getting account page content. Error: %v\n",
				err)
		}
		if err = cookie.Set(w, r, "session", u2.UUID); err != nil {
			// CHECK FOR DISABLED COOKIE CLIENTS
			if _, err = r.Cookie(s); err == http.ErrNoCookie {
				p.D.URLUUID = "?uuid=" + u2.UUID
				// ALSO SET URL PATH WITH UUID !!!!!!!!!!!!!!!!!!!!!!!!!!!!
			}
			log.Printf("Error while creating session cookie: %v\n", err)
		}
		p.D.Account = acc
		p.D.User = u2
		template.RenderAccount(w, p)
		// log.Printf("Selected language by user is %s", r.FormValue("lang"))
	}
	/* temp := template.Must(template.New("fdsfdfdf").Parse(pBody))
	err = temp.Execute(w, p)
	if err != nil {
		log.Print(err)
	} */
	// THE IF CONTROL BELOW IS IMPORTANT
	// WHEN PAGE LOADS THERE IS NO FILE SELECTED AND THIS CAUSE A PROBLEM FOR
	/* if r.Method == "POST" {
		var f multipart.File
		key := "uploadedFile"
		f, _, err := r.FormFile(key)
		if err != nil {
			fmt.Println("File input is empty.")
			return
		}
		defer f.Close()
		var bs []byte
		bs, err = ioutil.ReadAll(f)
		if err != nil {
			panic(err)
		}
		fmt.Fprintf(w, "File: %s\n Error: %v\n", string(bs), err)
	} */
}