Beispiel #1
0
func removeUser(user content.User, login data.Login) (resp responseError) {
	resp = newResponse()
	resp.val["Login"] = login

	if !user.Data().Admin {
		resp.err = errForbidden
		resp.errType = errTypeForbidden
		return
	}

	if user.Data().Login == login {
		resp.err = errCurrentUser
		resp.errType = errTypeCurrentUser
		return
	}

	u := user.Repo().UserByLogin(login)
	u.Delete()

	if resp.err = u.Err(); resp.err != nil {
		return
	}

	resp.val["Success"] = true
	return
}
Beispiel #2
0
func getAuthData(user content.User) (resp responseError) {
	resp = newResponse()

	in := user.Data()
	resp.val["Auth"] = true
	resp.val["User"] = user
	resp.val["ProfileData"] = in.ProfileData
	return
}
Beispiel #3
0
func setUserAttribute(user content.User, secret []byte, attr string, data []byte) (resp responseError) {
	resp = newResponse()
	in := user.Data()
	resp.val["Login"] = in.Login

	switch attr {
	case "FirstName":
		resp.err = json.Unmarshal(data, &in.FirstName)
	case "LastName":
		resp.err = json.Unmarshal(data, &in.LastName)
	case "Email":
		resp.err = json.Unmarshal(data, &in.Email)
	case "ProfileData":
		if resp.err = json.Unmarshal(data, &in.ProfileData); resp.err == nil {
			in.ProfileJSON = []byte{}
		}
	case "Active":
		in.Active = string(data) == "true"
	case "Password":
		passwd := struct {
			Current string
			New     string
		}{}
		if resp.err = json.Unmarshal(data, &passwd); resp.err != nil {
			/* TODO: non-fatal error */
			return
		}
		if user.Authenticate(passwd.Current, secret) {
			user.Password(passwd.New, secret)
			resp.err = user.Err()
		} else {
			resp.err = errors.New("Error change user password: current password is invalid")
		}
	default:
		resp.err = errors.New("Error getting user attribute: unknown attribute " + attr)
	}

	if resp.err != nil {
		return
	}

	user.Data(in)
	user.Update()
	if resp.err = user.Err(); resp.err != nil {
		return
	}

	resp.val["Success"] = true
	resp.val["Attribute"] = attr

	return
}
Beispiel #4
0
func listUsers(user content.User) (resp responseError) {
	resp = newResponse()

	if !user.Data().Admin {
		resp.err = errForbidden
		resp.errType = errTypeForbidden
		return
	}

	repo := user.Repo()
	resp.val["Users"], resp.err = repo.AllUsers(), repo.Err()
	return
}
Beispiel #5
0
func TestImplements(t *testing.T) {
	var article content.Article

	r := NewRepo(nil, nil)

	article = r.Article()
	article.Data()

	var userArticle content.UserArticle

	userArticle = r.UserArticle(nil)
	userArticle.Data()

	var scoredArticle content.ScoredArticle

	scoredArticle = r.ScoredArticle()
	scoredArticle.Data()

	var feed content.Feed

	feed = r.Feed()
	feed.Data()

	var userFeed content.UserFeed

	userFeed = r.UserFeed(nil)
	userFeed.Data()

	var taggedFeed content.TaggedFeed

	taggedFeed = r.TaggedFeed(nil)
	taggedFeed.Data()

	r.HasErr()

	var subscription content.Subscription

	subscription = r.Subscription()
	subscription.Data()

	var tag content.Tag

	tag = r.Tag(nil)
	tag.Value()

	var user content.User

	user = r.User()
	user.Data()
}
Beispiel #6
0
func getAuthData(user content.User, sess context.Session, capabilities capabilities) (resp responseError) {
	resp = newResponse()

	if sess != nil {
		sess.Set(readeef.AuthNameKey, user.Data().Login)
		if err := sess.Write(nil); err != nil {
			resp.err = fmt.Errorf("Error writing session data: %v", err)
		}
	}

	resp.val["Auth"] = true
	resp.val["Capabilities"] = capabilities
	resp.val["User"] = user
	return
}
Beispiel #7
0
func addUser(user content.User, login data.Login, password string, secret []byte) (resp responseError) {
	resp = newResponse()
	resp.val["Login"] = login

	if !user.Data().Admin {
		resp.err = errForbidden
		resp.errType = errTypeForbidden
		return
	}

	repo := user.Repo()
	u := repo.UserByLogin(login)

	if !u.HasErr() {
		/* TODO: non-fatal error */
		resp.err = errUserExists
		resp.errType = errTypeUserExists
		return
	} else {
		err := u.Err()
		if err != content.ErrNoContent {
			resp.err = err
			return
		}
	}

	resp.err = nil

	in := data.User{Login: login}
	u = repo.User()

	u.Data(in)
	u.Password(password, secret)
	u.Update()

	if resp.err = u.Err(); resp.err != nil {
		return
	}

	resp.val["Success"] = true

	return
}
Beispiel #8
0
func getUserAttribute(user content.User, attr string) (resp responseError) {
	resp = newResponse()
	in := user.Data()
	resp.val["Login"] = in.Login

	switch attr {
	case "FirstName":
		resp.val[attr] = in.FirstName
	case "LastName":
		resp.val[attr] = in.LastName
	case "Email":
		resp.val[attr] = in.Email
	case "ProfileData":
		resp.val[attr] = in.ProfileData
	default:
		resp.err = errors.New("Error getting user attribute: unknown attribute " + attr)
		return
	}

	return
}
Beispiel #9
0
func setAttributeForUser(user content.User, secret []byte, login data.Login, attr string, value []byte) (resp responseError) {
	if !user.Data().Admin {
		resp.err = errForbidden
		resp.errType = errTypeForbidden
		return
	}

	if user.Data().Login == login {
		resp.err = errCurrentUser
		resp.errType = errTypeCurrentUser
		return
	}

	if u := user.Repo().UserByLogin(login); u.HasErr() {
		resp.err = u.Err()
		return
	} else {
		resp = setUserAttribute(u, secret, attr, value)
	}

	return
}
Beispiel #10
0
func readState(u content.User, dbo *db.DB, logger webfw.Logger, opts data.ArticleUpdateStateOptions, read bool, join, joinPredicate, deleteJoin, deleteWhere string, insertArgs, deleteArgs []interface{}) {
	if u.HasErr() {
		return
	}

	s := dbo.SQL()

	var err error
	if readStateInsertTemplate == nil {
		readStateInsertTemplate, err = template.New("read-state-insert-sql").
			Parse(s.User.ReadStateInsertTemplate)

		if err != nil {
			u.Err(fmt.Errorf("Error generating read-state-insert template: %v", err))
			return
		}
	}
	if readStateDeleteTemplate == nil {
		readStateDeleteTemplate, err = template.New("read-state-delete-sql").
			Parse(s.User.ReadStateDeleteTemplate)

		if err != nil {
			u.Err(fmt.Errorf("Error generating read-state-delete template: %v", err))
			return
		}
	}

	tx, err := dbo.Beginx()
	if err != nil {
		u.Err(err)
		return
	}
	defer tx.Rollback()

	if read {
		args := append([]interface{}{u.Data().Login}, deleteArgs...)

		buf := util.BufferPool.GetBuffer()
		defer util.BufferPool.Put(buf)

		data := readStateDeleteData{}

		if deleteJoin != "" {
			data.Join = deleteJoin
		}

		if opts.FavoriteOnly {
			data.Join += s.User.ReadStateDeleteFavoriteJoin
		}

		if opts.UntaggedOnly {
			data.Join += s.User.ReadStateDeleteUntaggedJoin
		}

		where := []string{}

		if deleteWhere != "" {
			where = append(where, deleteWhere)
		}

		if !opts.BeforeDate.IsZero() {
			where = append(where, fmt.Sprintf("(a.date IS NULL OR a.date < $%d)", len(args)+1))
			args = append(args, opts.BeforeDate)
		}
		if !opts.AfterDate.IsZero() {
			where = append(where, fmt.Sprintf("a.date > $%d", len(args)+1))
			args = append(args, opts.AfterDate)
		}

		if opts.BeforeId > 0 {
			where = append(where, fmt.Sprintf("a.id < $%d", len(args)+1))
			args = append(args, opts.BeforeId)
		}
		if opts.AfterId > 0 {
			where = append(where, fmt.Sprintf("a.id > $%d", len(args)+1))
			args = append(args, opts.AfterId)
		}

		if opts.FavoriteOnly {
			where = append(where, "af.article_id IS NOT NULL")
		}

		if opts.UntaggedOnly {
			where = append(where, "uft.feed_id IS NULL")
		}

		if len(where) > 0 {
			data.Where = " WHERE " + strings.Join(where, " AND ")
		}

		if err := readStateDeleteTemplate.Execute(buf, data); err != nil {
			u.Err(fmt.Errorf("Error executing read-state-delete template: %v", err))
			return
		}

		sql := buf.String()
		logger.Debugf("Read state delete SQL:\n%s\nArgs:%v\n", sql, args)

		stmt, err := tx.Preparex(sql)

		if err != nil {
			u.Err(err)
			return
		}
		defer stmt.Close()

		_, err = stmt.Exec(args...)
		if err != nil {
			u.Err(err)
			return
		}
	} else {
		args := append([]interface{}{u.Data().Login}, insertArgs...)

		buf := util.BufferPool.GetBuffer()
		defer util.BufferPool.Put(buf)

		data := readStateInsertData{}

		if joinPredicate != "" {
			data.JoinPredicate = " AND " + joinPredicate
		}

		if opts.FavoriteOnly {
			data.Join += s.User.ReadStateInsertFavoriteJoin
		}

		if opts.UntaggedOnly {
			data.Join += s.User.ReadStateInsertUntaggedJoin
		}

		if join != "" {
			data.Join += joinPredicate
		}

		where := []string{}

		if !opts.BeforeDate.IsZero() {
			where = append(where, fmt.Sprintf("(a.date IS NULL OR a.date < $%d)", len(args)+1))
			args = append(args, opts.BeforeDate)
		}
		if !opts.AfterDate.IsZero() {
			where = append(where, fmt.Sprintf("a.date > $%d", len(args)+1))
			args = append(args, opts.AfterDate)
		}

		if opts.BeforeId > 0 {
			where = append(where, fmt.Sprintf("a.id < $%d", len(args)+1))
			args = append(args, opts.BeforeId)
		}
		if opts.AfterId > 0 {
			where = append(where, fmt.Sprintf("a.id > $%d", len(args)+1))
			args = append(args, opts.AfterId)
		}

		if opts.FavoriteOnly {
			where = append(where, "af.article_id IS NOT NULL")
		}

		if opts.UntaggedOnly {
			where = append(where, "uft.feed_id IS NULL")
		}

		if len(where) > 0 {
			data.Where = " WHERE " + strings.Join(where, " AND ")
		}

		if err := readStateInsertTemplate.Execute(buf, data); err != nil {
			u.Err(fmt.Errorf("Error executing read-state-insert template: %v", err))
			return
		}

		sql := buf.String()
		logger.Debugf("Read state insert SQL:\n%s\nArgs:%q\n", sql, args)

		stmt, err := tx.Preparex(sql)

		if err != nil {
			u.Err(err)
			return
		}
		defer stmt.Close()

		_, err = stmt.Exec(args...)
		if err != nil {
			u.Err(err)
			return
		}
	}

	if err = tx.Commit(); err != nil {
		u.Err(err)
	}
}
Beispiel #11
0
func articleCount(u content.User, dbo *db.DB, logger webfw.Logger, opts data.ArticleCountOptions, join, where string, args []interface{}) (count int64) {
	if u.HasErr() {
		return
	}

	s := dbo.SQL()
	var err error
	if articleCountTemplate == nil {
		articleCountTemplate, err = template.New("article-count-sql").
			Parse(s.User.ArticleCountTemplate)

		if err != nil {
			u.Err(fmt.Errorf("Error generating article-count template: %v", err))
			return
		}
	}

	renderData := articleCountData{}
	containsUserFeeds := !opts.UnreadOnly && !opts.FavoriteOnly

	if containsUserFeeds {
		renderData.Join += s.User.ArticleCountUserFeedsJoin
	} else {
		if opts.UnreadOnly {
			renderData.Join += s.User.ArticleCountUnreadJoin
		}
		if opts.FavoriteOnly {
			renderData.Join += s.User.ArticleCountFavoriteJoin
		}
	}

	if opts.UntaggedOnly {
		renderData.Join += s.User.ArticleCountUntaggedJoin
	}

	if join != "" {
		renderData.Join += " " + join
	}

	args = append([]interface{}{u.Data().Login}, args...)

	whereSlice := []string{}

	if opts.UnreadOnly {
		whereSlice = append(whereSlice, "au.article_id IS NOT NULL AND au.user_login = $1")
	}
	if opts.FavoriteOnly {
		whereSlice = append(whereSlice, "af.article_id IS NOT NULL AND af.user_login = $1")
	}
	if opts.UntaggedOnly {
		whereSlice = append(whereSlice, "uft.feed_id IS NULL")
	}

	if where != "" {
		whereSlice = append(whereSlice, where)
	}

	if opts.BeforeId > 0 {
		whereSlice = append(whereSlice, fmt.Sprintf("a.id < $%d", len(args)+1))
		args = append(args, opts.BeforeId)
	}
	if opts.AfterId > 0 {
		whereSlice = append(whereSlice, fmt.Sprintf("a.id > $%d", len(args)+1))
		args = append(args, opts.AfterId)
	}

	if !opts.BeforeDate.IsZero() {
		whereSlice = append(whereSlice, fmt.Sprintf("(a.date IS NULL OR a.date < $%d)", len(args)+1))
		args = append(args, opts.BeforeDate)
	}

	if !opts.AfterDate.IsZero() {
		whereSlice = append(whereSlice, fmt.Sprintf("a.date > $%d", len(args)+1))
		args = append(args, opts.AfterDate)
	}

	if len(whereSlice) > 0 {
		renderData.Where = "WHERE " + strings.Join(whereSlice, " AND ")
	}

	buf := util.BufferPool.GetBuffer()
	defer util.BufferPool.Put(buf)

	if err := articleCountTemplate.Execute(buf, renderData); err != nil {
		u.Err(fmt.Errorf("Error executing article-count template: %v", err))
		return
	}

	sql := buf.String()

	logger.Debugf("Article count SQL:\n%s\nArgs:%v\n", sql, args)
	if err := dbo.Get(&count, sql, args...); err != nil {
		u.Err(err)
		return
	}

	return
}
Beispiel #12
0
func internalGetArticles(u content.User, dbo *db.DB, logger webfw.Logger, opts data.ArticleQueryOptions, sorting content.ArticleSorting, join, where string, args []interface{}) (ua []content.UserArticle) {
	renderData := getArticlesData{}
	s := dbo.SQL()
	if opts.IncludeScores {
		renderData.Columns += ", asco.score"
		renderData.Join += s.User.GetArticlesScoreJoin
	}

	if opts.UntaggedOnly {
		renderData.Join += s.User.GetArticlesUntaggedJoin
	}

	if join != "" {
		renderData.Join += " " + join
	}

	args = append([]interface{}{u.Data().Login}, args...)

	whereSlice := []string{}

	if opts.UnreadOnly {
		whereSlice = append(whereSlice, "au.article_id IS NOT NULL")
	} else if opts.ReadOnly {
		whereSlice = append(whereSlice, "au.article_id IS NULL")
	}

	if opts.UntaggedOnly {
		whereSlice = append(whereSlice, "uft.feed_id IS NULL")
	}

	if where != "" {
		whereSlice = append(whereSlice, where)
	}

	if opts.BeforeId > 0 {
		whereSlice = append(whereSlice, fmt.Sprintf("a.id < $%d", len(args)+1))
		args = append(args, opts.BeforeId)
	}
	if opts.AfterId > 0 {
		whereSlice = append(whereSlice, fmt.Sprintf("a.id > $%d", len(args)+1))
		args = append(args, opts.AfterId)
	}

	if opts.FavoriteOnly {
		whereSlice = append(whereSlice, "af.article_id IS NOT NULL")
	}

	if !opts.BeforeDate.IsZero() {
		whereSlice = append(whereSlice, fmt.Sprintf("(a.date IS NULL OR a.date < $%d)", len(args)+1))
		args = append(args, opts.BeforeDate)
	}

	if !opts.AfterDate.IsZero() {
		whereSlice = append(whereSlice, fmt.Sprintf("a.date > $%d", len(args)+1))
		args = append(args, opts.AfterDate)
	}

	if len(whereSlice) > 0 {
		renderData.Where = "WHERE " + strings.Join(whereSlice, " AND ")
	}

	sortingField := sorting.Field()
	sortingOrder := sorting.Order()

	fields := []string{}

	if opts.IncludeScores && opts.HighScoredFirst {
		field := "asco.score"
		if sortingOrder == data.DescendingOrder {
			field += " DESC"
		}
		fields = append(fields, field)
	}

	if opts.UnreadFirst {
		fields = append(fields, "read")
	}

	switch sortingField {
	case data.SortById:
		fields = append(fields, "a.id")
	case data.SortByDate:
		fields = append(fields, "a.date")
	}
	if len(fields) > 0 {
		renderData.Order = " ORDER BY " + strings.Join(fields, ", ")

		if sortingOrder == data.DescendingOrder {
			renderData.Order += " DESC"
		}
	}

	if opts.Limit > 0 {
		renderData.Limit = fmt.Sprintf(" LIMIT $%d OFFSET $%d", len(args)+1, len(args)+2)
		args = append(args, opts.Limit, opts.Offset)
	}

	buf := util.BufferPool.GetBuffer()
	defer util.BufferPool.Put(buf)

	if err := getArticlesTemplate.Execute(buf, renderData); err != nil {
		u.Err(fmt.Errorf("Error executing get-articles template: %v", err))
		return
	}

	sql := buf.String()
	var data []data.Article
	logger.Debugf("Articles SQL:\n%s\nArgs:%v\n", sql, args)
	if err := dbo.Select(&data, sql, args...); err != nil {
		u.Err(err)
		return
	}

	ua = make([]content.UserArticle, len(data))
	for i := range data {
		ua[i] = u.Repo().UserArticle(u)
		ua[i].Data(data[i])
	}

	processors := u.Repo().ArticleProcessors()
	if !opts.SkipProcessors && len(processors) > 0 {
		for _, p := range processors {
			if opts.SkipSessionProcessors {
				if _, ok := p.(processor.ProxyHTTP); ok {
					continue
				}
			}
			ua = p.ProcessArticles(ua)
		}
	}

	return
}
Beispiel #13
0
func (controller TtRss) Handler(c context.Context) http.Handler {
	repo := readeef.GetRepo(c)
	logger := webfw.GetLogger(c)
	config := readeef.GetConfig(c)

	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		action := webfw.GetMultiPatternIdentifier(c, r)

		if action == "redirecter" {
			http.Redirect(w, r, "/", http.StatusMovedPermanently)
		}

		req := ttRssRequest{}

		resp := ttRssResponse{}

		var err error
		var errType string
		var user content.User
		var con interface{}

		switch {
		default:
			var b []byte
			in := map[string]interface{}{}

			if b, err = ioutil.ReadAll(r.Body); err != nil {
				err = fmt.Errorf("reading request body: %s", err)
				break
			}

			if err = json.Unmarshal(b, &in); err != nil {
				err = fmt.Errorf("decoding JSON request: %s", err)
				break
			}

			req = ttRssConvertRequest(in)

			logger.Debugf("Request: %#v\n", req)

			resp.Seq = req.Seq

			if req.Op != "login" && req.Op != "isLoggedIn" {
				if sess, ok := ttRssSessions[req.Sid]; ok {
					user = repo.UserByLogin(data.Login(sess.login))
					if repo.Err() != nil {
						errType = "NOT_LOGGED_IN"
					} else {
						sess.lastVisit = time.Now()
						ttRssSessions[req.Sid] = sess
					}
				} else {
					errType = "NOT_LOGGED_IN"
				}
			}

			if errType != "" {
				logger.Debugf("TT-RSS Sessions: %#v\n", ttRssSessions)
				break
			}

			logger.Debugf("TT-RSS OP: %s\n", req.Op)
			switch req.Op {
			case "getApiLevel":
				con = ttRssGenericContent{Level: TTRSS_API_LEVEL}
			case "getVersion":
				con = ttRssGenericContent{Version: TTRSS_VERSION}
			case "login":
				user = repo.UserByLogin(data.Login(req.User))
				if repo.Err() != nil {
					errType = "LOGIN_ERROR"
					err = fmt.Errorf("getting TT-RSS user: %s", repo.Err())
					break
				}

				if !user.Authenticate(req.Password, []byte(config.Auth.Secret)) {
					errType = "LOGIN_ERROR"
					err = fmt.Errorf("authentication for TT-RSS user '%s'", user.Data().Login)
					break
				}

				var sessId string

				login := user.Data().Login

				for id, sess := range ttRssSessions {
					if sess.login == login {
						sessId = id
					}
				}

				if sessId == "" {
					sessId = strings.Replace(util.UUID(), "-", "", -1)
					ttRssSessions[sessId] = ttRssSession{login: login, lastVisit: time.Now()}
				}

				con = ttRssGenericContent{
					ApiLevel:  TTRSS_API_LEVEL,
					SessionId: sessId,
				}
			case "logout":
				delete(ttRssSessions, req.Sid)
				con = ttRssGenericContent{Status: "OK"}
			case "isLoggedIn":
				if _, ok := ttRssSessions[req.Sid]; ok {
					con = ttRssGenericContent{Status: true}
				} else {
					con = ttRssGenericContent{Status: false}
				}
			case "getUnread":
				var ar content.ArticleRepo
				o := data.ArticleCountOptions{UnreadOnly: true}

				if req.IsCat {
					tagId := data.TagId(req.FeedId)
					if tagId > 0 {
						ar = user.TagById(tagId)
					} else if tagId == TTRSS_CAT_UNCATEGORIZED {
						ar = user
						o.UntaggedOnly = true
					} else if tagId == TTRSS_CAT_SPECIAL {
						ar = user
						o.FavoriteOnly = true
					}
				} else {
					switch req.FeedId {
					case TTRSS_FAVORITE_ID:
						ar = user
						o.FavoriteOnly = true
					case TTRSS_FRESH_ID:
						ar = user
						o.AfterDate = time.Now().Add(TTRSS_FRESH_DURATION)
					case TTRSS_ALL_ID, 0:
						ar = user
					default:
						if req.FeedId > 0 {
							feed := user.FeedById(req.FeedId)
							if feed.HasErr() {
								err = feed.Err()
								break
							}

							ar = feed
						}

					}

				}

				if ar == nil {
					con = ttRssGenericContent{Unread: "0"}
				} else if con == nil {
					con = ttRssGenericContent{Unread: strconv.FormatInt(ar.Count(o), 10)}
				}
			case "getCounters":
				if req.OutputMode == "" {
					req.OutputMode = "flc"
				}
				cContent := ttRssCountersContent{}

				o := data.ArticleCountOptions{UnreadOnly: true}
				unreadCount := user.Count(o)
				cContent = append(cContent,
					ttRssCounter{Id: "global-unread", Counter: unreadCount})

				feeds := user.AllFeeds()
				cContent = append(cContent,
					ttRssCounter{Id: "subscribed-feeds", Counter: int64(len(feeds))})

				cContent = append(cContent, ttRssCounter{Id: TTRSS_ARCHIVED_ID})

				cContent = append(cContent,
					ttRssCounter{Id: TTRSS_FAVORITE_ID,
						Counter:    user.Count(data.ArticleCountOptions{UnreadOnly: true, FavoriteOnly: true}),
						AuxCounter: user.Count(data.ArticleCountOptions{FavoriteOnly: true})})

				cContent = append(cContent, ttRssCounter{Id: TTRSS_PUBLISHED_ID})

				freshTime := time.Now().Add(TTRSS_FRESH_DURATION)
				cContent = append(cContent,
					ttRssCounter{Id: TTRSS_FRESH_ID,
						Counter:    user.Count(data.ArticleCountOptions{UnreadOnly: true, AfterDate: freshTime}),
						AuxCounter: 0})

				cContent = append(cContent,
					ttRssCounter{Id: TTRSS_ALL_ID,
						Counter:    user.Count(),
						AuxCounter: 0})

				for _, f := range feeds {
					cContent = append(cContent,
						ttRssCounter{Id: int64(f.Data().Id), Counter: f.Count(o)},
					)

				}

				cContent = append(cContent, ttRssCounter{Id: TTRSS_CAT_LABELS, Counter: 0, Kind: "cat"})

				for _, t := range user.Tags() {
					cContent = append(cContent,
						ttRssCounter{
							Id:      int64(t.Data().Id),
							Counter: t.Count(o),
							Kind:    "cat",
						},
					)
				}

				cContent = append(cContent,
					ttRssCounter{
						Id:      TTRSS_CAT_UNCATEGORIZED,
						Counter: user.Count(data.ArticleCountOptions{UnreadOnly: true, UntaggedOnly: true}),
						Kind:    "cat",
					},
				)

				if user.HasErr() {
					err = fmt.Errorf("Error getting user counters: %v\n", user.Err())
				}

				con = cContent
			case "getFeeds":
				fContent := ttRssFeedsContent{}

				if req.CatId == TTRSS_CAT_ALL || req.CatId == TTRSS_CAT_SPECIAL {
					unreadFav := user.Count(data.ArticleCountOptions{UnreadOnly: true, FavoriteOnly: true})

					if unreadFav > 0 || !req.UnreadOnly {
						fContent = append(fContent, ttRssFeed{
							Id:     TTRSS_FAVORITE_ID,
							Title:  ttRssSpecialTitle(TTRSS_FAVORITE_ID),
							Unread: unreadFav,
							CatId:  TTRSS_FAVORITE_ID,
						})
					}

					freshTime := time.Now().Add(TTRSS_FRESH_DURATION)
					unreadFresh := user.Count(data.ArticleCountOptions{UnreadOnly: true, AfterDate: freshTime})

					if unreadFresh > 0 || !req.UnreadOnly {
						fContent = append(fContent, ttRssFeed{
							Id:     TTRSS_FRESH_ID,
							Title:  ttRssSpecialTitle(TTRSS_FRESH_ID),
							Unread: unreadFresh,
							CatId:  TTRSS_FAVORITE_ID,
						})
					}

					unreadAll := user.Count(data.ArticleCountOptions{UnreadOnly: true})

					if unreadAll > 0 || !req.UnreadOnly {
						fContent = append(fContent, ttRssFeed{
							Id:     TTRSS_ALL_ID,
							Title:  ttRssSpecialTitle(TTRSS_ALL_ID),
							Unread: unreadAll,
							CatId:  TTRSS_FAVORITE_ID,
						})
					}
				}

				var feeds []content.UserFeed
				var catId int
				if req.CatId == TTRSS_CAT_ALL || req.CatId == TTRSS_CAT_ALL_EXCEPT_VIRTUAL {
					feeds = user.AllFeeds()
				} else {
					if req.CatId == TTRSS_CAT_UNCATEGORIZED {
						tagged := user.AllTaggedFeeds()
						for _, t := range tagged {
							if len(t.Tags()) == 0 {
								feeds = append(feeds, t)
							}
						}
					} else if req.CatId > 0 {
						catId = int(req.CatId)
						t := user.TagById(req.CatId)
						tagged := t.AllFeeds()
						if t.HasErr() {
							err = t.Err()
							break
						}
						for _, t := range tagged {
							feeds = append(feeds, t)
						}
					}
				}

				if len(feeds) > 0 {
					o := data.ArticleCountOptions{UnreadOnly: true}
					for i := range feeds {
						if req.Limit > 0 {
							if i < req.Offset || i >= req.Limit+req.Offset {
								continue
							}
						}

						d := feeds[i].Data()
						unread := feeds[i].Count(o)

						if unread > 0 || !req.UnreadOnly {
							fContent = append(fContent, ttRssFeed{
								Id:          d.Id,
								Title:       d.Title,
								FeedUrl:     d.Link,
								CatId:       catId,
								Unread:      unread,
								LastUpdated: time.Now().Unix(),
								OrderId:     0,
							})
						}
					}
				}

				if user.HasErr() {
					err = fmt.Errorf("Error getting user feeds: %v\n", user.Err())
				}

				con = fContent
			case "getCategories":
				cContent := ttRssCategoriesContent{}
				o := data.ArticleCountOptions{UnreadOnly: true}

				for _, t := range user.Tags() {
					td := t.Data()
					count := t.Count(o)

					if count > 0 || !req.UnreadOnly {
						cContent = append(cContent,
							ttRssCat{Id: strconv.FormatInt(int64(td.Id), 10), Title: string(td.Value), Unread: count},
						)
					}
				}

				count := user.Count(data.ArticleCountOptions{UnreadOnly: true, UntaggedOnly: true})
				if count > 0 || !req.UnreadOnly {
					cContent = append(cContent,
						ttRssCat{Id: strconv.FormatInt(TTRSS_CAT_UNCATEGORIZED, 10), Title: "Uncategorized", Unread: count},
					)
				}

				o.FavoriteOnly = true
				count = user.Count(o)

				if count > 0 || !req.UnreadOnly {
					cContent = append(cContent,
						ttRssCat{Id: strconv.FormatInt(TTRSS_CAT_SPECIAL, 10), Title: "Special", Unread: count},
					)
				}

				con = cContent
			case "getHeadlines":
				if req.FeedId == 0 {
					errType = "INCORRECT_USAGE"
					break
				}

				limit := req.Limit
				if limit == 0 {
					limit = 200
				}

				var articles []content.UserArticle
				var articleRepo content.ArticleRepo
				var feedTitle string
				firstId := data.ArticleId(0)
				o := data.ArticleQueryOptions{Limit: limit, Offset: req.Skip, UnreadFirst: true, SkipSessionProcessors: true}

				if req.IsCat {
					if req.FeedId == TTRSS_CAT_UNCATEGORIZED {
						ttRssSetupSorting(req, user)
						articleRepo = user
						o.UntaggedOnly = true
						feedTitle = "Uncategorized"
					} else if req.FeedId > 0 {
						t := user.TagById(data.TagId(req.FeedId))
						ttRssSetupSorting(req, t)
						articleRepo = t
						feedTitle = string(t.Data().Value)
					}
				} else {
					if req.FeedId == TTRSS_FAVORITE_ID {
						ttRssSetupSorting(req, user)
						o.FavoriteOnly = true
						articleRepo = user
						feedTitle = "Starred articles"
					} else if req.FeedId == TTRSS_FRESH_ID {
						ttRssSetupSorting(req, user)
						o.AfterDate = time.Now().Add(TTRSS_FRESH_DURATION)
						articleRepo = user
						feedTitle = "Fresh articles"
					} else if req.FeedId == TTRSS_ALL_ID {
						ttRssSetupSorting(req, user)
						articleRepo = user
						feedTitle = "All articles"
					} else if req.FeedId > 0 {
						feed := user.FeedById(req.FeedId)

						ttRssSetupSorting(req, feed)
						articleRepo = feed
						feedTitle = feed.Data().Title
					}
				}

				if req.SinceId > 0 {
					o.AfterId = req.SinceId
				}

				if articleRepo != nil {
					if req.Search != "" {
						if controller.sp != nil {
							if as, ok := articleRepo.(content.ArticleSearch); ok {
								articles = as.Query(req.Search, controller.sp, limit, req.Skip)
							}
						}
					} else {
						var skip bool

						switch req.ViewMode {
						case "all_articles":
						case "adaptive":
						case "unread":
							o.UnreadOnly = true
						case "marked":
							o.FavoriteOnly = true
						default:
							skip = true
						}

						if !skip {
							articles = articleRepo.Articles(o)
						}
					}
				}

				if len(articles) > 0 {
					firstId = articles[0].Data().Id
				}

				headlines := ttRssHeadlinesFromArticles(articles, feedTitle, req.ShowContent, req.ShowExcerpt)
				if req.IncludeHeader {
					header := ttRssHeadlinesHeader{Id: req.FeedId, FirstId: firstId, IsCat: req.IsCat}
					hContent := ttRssHeadlinesHeaderContent{}

					hContent = append(hContent, header)
					hContent = append(hContent, headlines)

					con = hContent
				} else {
					con = headlines
				}
			case "updateArticle":
				articles := user.ArticlesById(req.ArticleIds, data.ArticleQueryOptions{SkipSessionProcessors: true})
				updateCount := int64(0)

				switch req.Field {
				case 0, 2:
					for _, a := range articles {
						d := a.Data()
						updated := false

						switch req.Field {
						case 0:
							switch req.Mode {
							case 0:
								if d.Favorite {
									updated = true
									d.Favorite = false
								}
							case 1:
								if !d.Favorite {
									updated = true
									d.Favorite = true
								}
							case 2:
								updated = true
								d.Favorite = !d.Favorite
							}
							if updated {
								a.Favorite(d.Favorite)
							}
						case 2:
							switch req.Mode {
							case 0:
								if !d.Read {
									updated = true
									d.Read = true
								}
							case 1:
								if d.Read {
									updated = true
									d.Read = false
								}
							case 2:
								updated = true
								d.Read = !d.Read
							}
							if updated {
								a.Read(d.Read)
							}
						}

						if updated {
							if a.HasErr() {
								err = a.Err()
								break
							}

							updateCount++
						}
					}

					if err != nil {
						break
					}

					con = ttRssGenericContent{Status: "OK", Updated: updateCount}
				}
			case "getArticle":
				articles := user.ArticlesById(req.ArticleId, data.ArticleQueryOptions{SkipSessionProcessors: true})
				feedTitles := map[data.FeedId]string{}

				for _, a := range articles {
					d := a.Data()
					if _, ok := feedTitles[d.FeedId]; !ok {
						f := repo.FeedById(d.FeedId)
						feedTitles[d.FeedId] = f.Data().Title
					}
				}

				cContent := ttRssArticlesContent{}

				for _, a := range articles {
					d := a.Data()
					title := feedTitles[d.FeedId]
					h := ttRssArticle{
						Id:        strconv.FormatInt(int64(d.Id), 10),
						Unread:    !d.Read,
						Marked:    d.Favorite,
						Updated:   d.Date.Unix(),
						Title:     d.Title,
						Link:      d.Link,
						FeedId:    strconv.FormatInt(int64(d.FeedId), 10),
						FeedTitle: title,
						Content:   d.Description,
					}

					cContent = append(cContent, h)
				}

				con = cContent
			case "getConfig":
				con = ttRssConfigContent{DaemonIsRunning: true, NumFeeds: len(user.AllFeeds())}
			case "updateFeed":
				con = ttRssGenericContent{Status: "OK"}
			case "catchupFeed":
				var ar content.ArticleRepo
				o := data.ArticleUpdateStateOptions{BeforeDate: time.Now()}

				if req.IsCat {
					tagId := data.TagId(req.FeedId)
					ar = user.TagById(tagId)

					if tagId == TTRSS_CAT_UNCATEGORIZED {
						o.UntaggedOnly = true
					}
				} else {
					ar = user.FeedById(req.FeedId)
				}

				if ar != nil {
					ar.ReadState(true, o)

					if e, ok := ar.(content.Error); ok {
						if e.HasErr() {
							err = e.Err()
							break
						}
					}

					con = ttRssGenericContent{Status: "OK"}
				}
			case "getPref":
				switch req.PrefName {
				case "DEFAULT_UPDATE_INTERVAL":
					con = ttRssGenericContent{Value: int(config.FeedManager.Converted.UpdateInterval.Minutes())}
				case "DEFAULT_ARTICLE_LIMIT":
					con = ttRssGenericContent{Value: 200}
				case "HIDE_READ_FEEDS":
					con = ttRssGenericContent{Value: user.Data().ProfileData["unreadOnly"]}
				case "FEEDS_SORT_BY_UNREAD", "ENABLE_FEED_CATS", "SHOW_CONTENT_PREVIEW":
					con = ttRssGenericContent{Value: true}
				case "FRESH_ARTICLE_MAX_AGE":
					con = ttRssGenericContent{Value: (-1 * TTRSS_FRESH_DURATION).Hours()}
				}
			case "getLabels":
				con = []interface{}{}
			case "setArticleLabel":
				con = ttRssGenericContent{Status: "OK", Updated: 0}
			case "shareToPublished":
				errType = "Publishing failed"
			case "subscribeToFeed":
				f := repo.FeedByLink(req.FeedUrl)
				for _, u := range f.Users() {
					if u.Data().Login == user.Data().Login {
						con = ttRssSubscribeContent{Status: struct {
							Code int `json:"code"`
						}{0}}
						break
					}
				}

				if f.HasErr() {
					err = f.Err()
					break
				}

				f, err := controller.fm.AddFeedByLink(req.FeedUrl)
				if err != nil {
					errType = "INCORRECT_USAGE"
					break
				}

				uf := user.AddFeed(f)
				if uf.HasErr() {
					err = uf.Err()
					break
				}

				con = ttRssSubscribeContent{Status: struct {
					Code int `json:"code"`
				}{1}}
			case "unsubscribeFeed":
				f := user.FeedById(req.FeedId)
				f.Detach()
				users := f.Users()

				if f.HasErr() {
					err = f.Err()
					if err == content.ErrNoContent {
						errType = "FEED_NOT_FOUND"
					}
					break
				}

				if len(users) == 0 {
					controller.fm.RemoveFeed(f)
				}

				con = ttRssGenericContent{Status: "OK"}
			case "getFeedTree":
				items := []ttRssCategory{}

				special := ttRssCategory{Id: "CAT:-1", Items: []ttRssCategory{}, Name: "Special", Type: "category", BareId: -1}

				special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_ALL_ID, false))
				special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_FRESH_ID, false))
				special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_FAVORITE_ID, false))
				special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_PUBLISHED_ID, false))
				special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_ARCHIVED_ID, false))
				special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_RECENTLY_READ_ID, false))

				items = append(items, special)

				tf := user.AllTaggedFeeds()

				uncat := ttRssCategory{Id: "CAT:0", Items: []ttRssCategory{}, BareId: 0, Name: "Uncategorized", Type: "category"}
				tagCategories := map[content.Tag]ttRssCategory{}

				for _, f := range tf {
					tags := f.Tags()

					item := ttRssFeedListCategoryFeed(user, f, f.Data().Id, true)
					if len(tags) > 0 {
						for _, t := range tags {
							var c ttRssCategory
							if cached, ok := tagCategories[t]; ok {
								c = cached
							} else {
								c = ttRssCategory{
									Id:     "CAT:" + strconv.FormatInt(int64(t.Data().Id), 10),
									BareId: data.FeedId(t.Data().Id),
									Name:   string(t.Data().Value),
									Type:   "category",
									Items:  []ttRssCategory{},
								}
							}

							c.Items = append(c.Items, item)
							tagCategories[t] = c
						}
					} else {
						uncat.Items = append(uncat.Items, item)
					}
				}

				categories := []ttRssCategory{uncat}
				for _, c := range tagCategories {
					categories = append(categories, c)
				}

				for _, c := range categories {
					if len(c.Items) == 1 {
						c.Param = "(1 feed)"
					} else {
						c.Param = fmt.Sprintf("(%d feed)", len(c.Items))
					}
					items = append(items, c)
				}

				fl := ttRssCategory{Identifier: "id", Label: "name"}
				fl.Items = items

				if user.HasErr() {
					err = user.Err()
				} else {
					con = ttRssFeedTreeContent{Categories: fl}
				}
			default:
				errType = "UNKNOWN_METHOD"
				con = ttRssGenericContent{Method: req.Op}
			}
		}

		if err == nil && errType == "" {
			resp.Status = TTRSS_API_STATUS_OK
		} else {
			logger.Infof("Error processing TT-RSS API request: %s %v\n", errType, err)
			resp.Status = TTRSS_API_STATUS_ERR
			con = ttRssErrorContent{Error: errType}
		}

		var b []byte
		b, err = json.Marshal(con)
		if err == nil {
			resp.Content = json.RawMessage(b)
		}

		b, err = json.Marshal(&resp)

		if err == nil {
			w.Header().Set("Content-Type", "text/json")
			w.Header().Set("Api-Content-Length", strconv.Itoa(len(b)))
			w.Write(b)

			logger.Debugf("Output for %s: %s\n", req.Op, string(b))
		} else {
			logger.Print(fmt.Errorf("TT-RSS error %s: %v", req.Op, err))

			w.WriteHeader(http.StatusInternalServerError)
		}

	})
}
Beispiel #14
0
func (mw Auth) Handler(ph http.Handler, c context.Context) http.Handler {
	logger := webfw.GetLogger(c)
	handler := func(w http.ResponseWriter, r *http.Request) {
		for _, prefix := range mw.IgnoreURLPrefix {
			if prefix[0] == '/' {
				prefix = prefix[1:]
			}

			if strings.HasPrefix(r.URL.Path, mw.Pattern+prefix+"/") {
				ph.ServeHTTP(w, r)
				return
			}
		}

		route, _, ok := webfw.GetDispatcher(c).RequestRoute(r)
		if !ok {
			ph.ServeHTTP(w, r)
			return
		}

		repo := GetRepo(c)

		switch ac := route.Controller.(type) {
		case AuthController:
			if !ac.LoginRequired(c, r) {
				ph.ServeHTTP(w, r)
				return
			}

			sess := webfw.GetSession(c, r)

			var u content.User
			validUser := false
			if uv, ok := sess.Get(AuthUserKey); ok {
				if u, ok = uv.(content.User); ok {
					validUser = true
				}
			}

			if !validUser {
				if uv, ok := sess.Get(AuthNameKey); ok {
					if n, ok := uv.(data.Login); ok {
						u = repo.UserByLogin(n)

						if u.HasErr() {
							logger.Print(u.Err())
						} else {
							validUser = true
							sess.Set(AuthUserKey, u)
						}
					}
				}
			}

			if validUser && !u.Data().Active {
				logger.Infoln("User " + u.Data().Login + " is inactive")
				validUser = false
			}

			if !validUser {
				d := webfw.GetDispatcher(c)
				sess.SetFlash(CtxKey("return-to"), r.URL.Path)
				path := d.NameToPath("auth-login", webfw.MethodGet)

				if path == "" {
					path = "/"
				}

				http.Redirect(w, r, path, http.StatusMovedPermanently)
				return
			}

		case ApiAuthController:
			if !ac.AuthRequired(c, r) {
				ph.ServeHTTP(w, r)
				return
			}

			url, login, signature, nonce, date, t := authData(r)

			validUser := false

			var u content.User

			if login != "" && signature != "" && !t.IsZero() {
				switch {
				default:
					u = repo.UserByLogin(data.Login(login))
					if u.HasErr() {
						logger.Printf("Error getting db user '%s': %v\n", login, u.Err())
						break
					}

					decoded, err := base64.StdEncoding.DecodeString(signature)
					if err != nil {
						logger.Printf("Error decoding auth header: %v\n", err)
						break
					}

					if t.Add(30 * time.Second).Before(time.Now()) {
						break
					}

					if !mw.Nonce.Check(nonce) {
						break
					}
					mw.Nonce.Remove(nonce)

					buf := util.BufferPool.GetBuffer()
					defer util.BufferPool.Put(buf)

					buf.ReadFrom(r.Body)
					r.Body = ioutil.NopCloser(buf)

					bodyHash := md5.New()
					if _, err := bodyHash.Write(buf.Bytes()); err != nil {
						logger.Printf("Error generating the hash for the request body: %v\n", err)
						break
					}

					contentMD5 := base64.StdEncoding.EncodeToString(bodyHash.Sum(nil))

					message := fmt.Sprintf("%s\n%s\n%s\n%s\n%s\n%s\n",
						url, r.Method, contentMD5, r.Header.Get("Content-Type"),
						date, nonce)

					b := make([]byte, base64.StdEncoding.EncodedLen(len(u.Data().MD5API)))
					base64.StdEncoding.Encode(b, u.Data().MD5API)

					hm := hmac.New(sha256.New, b)
					if _, err := hm.Write([]byte(message)); err != nil {
						logger.Printf("Error generating the hashed message: %v\n", err)
						break
					}

					if !hmac.Equal(hm.Sum(nil), decoded) {
						logger.Printf("Error matching the supplied auth message to the generated one.\n")
						break
					}

					if !u.Data().Active {
						logger.Println("User " + u.Data().Login + " is inactive")
						break
					}

					validUser = true
				}
			}

			if validUser {
				c.Set(r, context.BaseCtxKey("user"), u)
			} else {
				if rej, ok := ac.(AuthRejectHandler); ok {
					rej.AuthReject(c, r)
				} else {
					w.WriteHeader(http.StatusUnauthorized)
					return
				}
			}
		}

		ph.ServeHTTP(w, r)
	}

	return http.HandlerFunc(handler)
}
Beispiel #15
0
func getArticles(u content.User, dbo *db.DB, logger webfw.Logger, sorting content.ArticleSorting, columns, join, where, order string, args []interface{}, paging ...int) (ua []content.UserArticle) {
	if u.HasErr() {
		return
	}

	sql := dbo.SQL("get_article_columns")
	if columns != "" {
		sql += ", " + columns
	}

	sql += dbo.SQL("get_article_tables")
	if join != "" {
		sql += " " + join
	}

	sql += dbo.SQL("get_article_joins")

	args = append([]interface{}{u.Data().Login}, args...)
	if where != "" {
		sql += " AND " + where
	}

	sortingField := sorting.Field()
	sortingOrder := sorting.Order()

	fields := []string{}
	if order != "" {
		fields = append(fields, order)
	}
	switch sortingField {
	case data.SortById:
		fields = append(fields, "a.id")
	case data.SortByDate:
		fields = append(fields, "a.date")
	}
	if len(fields) > 0 {
		sql += " ORDER BY "

		sql += strings.Join(fields, ",")

		if sortingOrder == data.DescendingOrder {
			sql += " DESC"
		}
	}

	if len(paging) > 0 {
		limit, offset := pagingLimit(paging)

		sql += fmt.Sprintf(" LIMIT $%d OFFSET $%d", len(args)+1, len(args)+2)
		args = append(args, limit, offset)
	}

	var data []data.Article
	logger.Debugf("Articles SQL:\n%s\nArgs:%q\n", sql, args)
	if err := dbo.Select(&data, sql, args...); err != nil {
		u.Err(err)
		return
	}

	ua = make([]content.UserArticle, len(data))
	for i := range data {
		ua[i] = u.Repo().UserArticle(u)
		ua[i].Data(data[i])
	}

	return
}