Ejemplo n.º 1
0
Archivo: messages.go Proyecto: ovh/tat
func checkDMTopic(ctx *gin.Context, topicName string) (*tat.Topic, string, error) {
	var topic = tat.Topic{}

	if !strings.HasPrefix(topicName, "/Private/"+getCtxUsername(ctx)+"/DM/") {
		log.Debugf("wrong topic name for DM:" + topicName)
		return &topic, "", errors.New("Wrong topic name for DM:" + topicName)
	}

	// /Private/usernameFrom/DM/usernameTO
	part := strings.Split(topicName, "/")
	if len(part) != 5 {
		log.Debugf("wrong topic name for DM")
		return &topic, "", errors.New("Wrong topic name for DM:" + topicName)
	}

	var userFrom = tat.User{}
	found, err := userDB.FindByUsername(&userFrom, getCtxUsername(ctx))
	if !found {
		return &topic, "", errors.New("User unknown")
	} else if err != nil {
		return &topic, "", errors.New("Error while fetching user.")
	}
	var userTo = tat.User{}
	usernameTo := part[4]
	found2, err2 := userDB.FindByUsername(&userTo, usernameTo)
	if !found2 {
		return &topic, "", errors.New("user unknown")
	} else if err2 != nil {
		return &topic, "", errors.New("Error while fetching user.")
	}

	if err3 := checkTopicParentDM(userFrom); err3 != nil {
		return &topic, "", errors.New(err3.Error())
	}

	if err4 := checkTopicParentDM(userTo); err4 != nil {
		return &topic, "", errors.New(err4.Error())
	}

	topic, err5 := insertTopicDM(userFrom, userTo)
	if err5 != nil {
		return &topic, "", errors.New(err5.Error())
	}

	if _, err6 := insertTopicDM(userTo, userFrom); err6 != nil {
		return &topic, "", errors.New(err6.Error())
	}

	topicCriteria := topicName + "," + "/Private/" + usernameTo + "/DM/" + userFrom.Username
	return &topic, topicCriteria, nil
}
Ejemplo n.º 2
0
Archivo: topics.go Proyecto: ovh/tat
func (t *TopicsController) innerOneTopic(ctx *gin.Context, topicRequest string) (*tat.TopicJSON, *tat.User, int, error) {
	var user = tat.User{}
	found, err := userDB.FindByUsername(&user, getCtxUsername(ctx))
	if !found {
		return nil, nil, http.StatusInternalServerError, fmt.Errorf("User unknown")
	} else if err != nil {
		return nil, nil, http.StatusInternalServerError, fmt.Errorf("Error while fetching user.")
	}
	topic, errfind := topicDB.FindByTopic(topicRequest, user.IsAdmin, true, true, &user)
	if errfind != nil {
		topic, _, err = checkDMTopic(ctx, topicRequest)
		if err != nil {
			return nil, nil, http.StatusBadRequest, fmt.Errorf("topic " + topicRequest + " does not exist or you have no access on it")
		}
	}

	filters := []tat.Filter{}
	for _, f := range topic.Filters {
		if f.UserID == user.ID {
			filters = append(filters, f)
		}
	}
	topic.Filters = filters
	out := &tat.TopicJSON{Topic: topic}
	out.IsTopicRw, out.IsTopicAdmin = topicDB.GetUserRights(topic, &user)
	return out, &user, http.StatusOK, nil
}
Ejemplo n.º 3
0
Archivo: groups.go Proyecto: ovh/tat
func (*GroupsController) preCheckUser(ctx *gin.Context, paramJSON *tat.ParamGroupUserJSON) (tat.Group, error) {
	user := tat.User{}
	found, err := userDB.FindByUsername(&user, paramJSON.Username)
	if err != nil {
		ctx.AbortWithError(http.StatusInternalServerError, err)
		return tat.Group{}, err
	}

	if !found {
		e := errors.New("username " + paramJSON.Username + " does not exist")
		ctx.AbortWithError(http.StatusInternalServerError, e)
		return tat.Group{}, e
	}

	group, errfinding := groupDB.FindByName(paramJSON.Groupname)
	if errfinding != nil {
		ctx.AbortWithError(http.StatusInternalServerError, errfinding)
		return tat.Group{}, errfinding
	}

	if isTatAdmin(ctx) { // if Tat admin, ok
		return *group, nil
	}

	if !groupDB.IsUserAdmin(group, getCtxUsername(ctx)) {
		e := fmt.Errorf("user %s is not admin on group %s", user.Username, group.Name)
		ctx.AbortWithError(http.StatusInternalServerError, e)
		return tat.Group{}, e
	}

	return *group, nil
}
Ejemplo n.º 4
0
Archivo: topics.go Proyecto: ovh/tat
// Create creates a new topic
func (*TopicsController) Create(ctx *gin.Context) {
	var topicIn tat.TopicCreateJSON
	ctx.Bind(&topicIn)

	var user = tat.User{}
	found, err := userDB.FindByUsername(&user, getCtxUsername(ctx))
	if !found {
		ctx.JSON(http.StatusUnauthorized, gin.H{"error": "User unknown"})
		return
	} else if err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Error while fetching user."})
		return
	}

	var topic tat.Topic
	topic.Topic = topicIn.Topic
	topic.Description = topicIn.Description

	err = topicDB.Insert(&topic, &user)
	if err != nil {
		log.Errorf("Error while InsertTopic %s", err)
		ctx.JSON(tat.Error(err))
		return
	}
	ctx.JSON(http.StatusCreated, topic)
}
Ejemplo n.º 5
0
Archivo: users.go Proyecto: ovh/tat
// AddContact add a contact to user
func (*UsersController) AddContact(ctx *gin.Context) {
	contactIn, err := GetParam(ctx, "username")
	if err != nil {
		return
	}
	user, err := PreCheckUser(ctx)
	if err != nil {
		return
	}

	var contact = tat.User{}
	found, err := userDB.FindByUsername(&contact, contactIn)
	if !found {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("user with username %s does not exist", contactIn))
		return
	} else if err != nil {
		AbortWithReturnError(ctx, http.StatusInternalServerError, fmt.Errorf("Error while fetching user with username %s", contactIn))
		return
	}

	if err := userDB.AddContact(&user, contact.Username, contact.Fullname); err != nil {
		AbortWithReturnError(ctx, http.StatusInternalServerError, fmt.Errorf("Error while add contact %s to user:%s", contact.Username, user.Username))
		return
	}
	ctx.JSON(http.StatusCreated, "")
}
Ejemplo n.º 6
0
Archivo: users.go Proyecto: ovh/tat
// Contacts retrieves contacts presences since n seconds
func (*UsersController) Contacts(ctx *gin.Context) {
	sinceSeconds, err := GetParam(ctx, "sinceSeconds")
	if err != nil {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": "Error while getting seconds parameter"})
		return
	}
	seconds, err := strconv.ParseInt(sinceSeconds, 10, 64)
	if err != nil {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": "Invalid since parameter : must be an interger"})
		return
	}

	var user = tat.User{}
	found, err := userDB.FindByUsername(&user, getCtxUsername(ctx))
	if !found {
		ctx.JSON(http.StatusInternalServerError, errors.New("User unknown"))
		return
	} else if err != nil {
		ctx.JSON(http.StatusInternalServerError, errors.New("Error while fetching user"))
		return
	}
	criteria := tat.PresenceCriteria{}
	for _, contact := range user.Contacts {
		criteria.Username = criteria.Username + "," + contact.Username
	}
	criteria.DateMinPresence = strconv.FormatInt(time.Now().Unix()-seconds, 10)
	count, presences, _ := presenceDB.ListPresences(&criteria)

	out := &tat.ContactsJSON{
		Contacts:               user.Contacts,
		CountContactsPresences: count,
		ContactsPresences:      &presences,
	}
	ctx.JSON(http.StatusOK, out)
}
Ejemplo n.º 7
0
Archivo: presences.go Proyecto: ovh/tat
// Delete deletes all presences of one user, on one topic
func (m *PresencesController) Delete(ctx *gin.Context) {
	presenceIn, topic, userAction, e := m.preCheckTopic(ctx)
	if e != nil {
		return
	}

	userToDelete := &tat.User{}
	if userAction.IsAdmin {
		found, err := userDB.FindByUsername(userToDelete, presenceIn.Username)
		if !found {
			e := errors.New("User unknown while fetching user " + presenceIn.Username + " for delete presence")
			ctx.JSON(http.StatusInternalServerError, gin.H{"error": e.Error()})
			return
		} else if err != nil {
			e := errors.New("Error while fetching user " + presenceIn.Username + " for delete presence")
			ctx.JSON(http.StatusInternalServerError, gin.H{"error": e.Error()})
			return
		}
	}

	if err := presenceDB.Delete(*userToDelete, topic); err != nil {
		log.Errorf("Error while DeletePresence %s", err)
		ctx.AbortWithError(http.StatusInternalServerError, err)
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
		return
	}
	ctx.JSON(http.StatusOK, nil)
}
Ejemplo n.º 8
0
Archivo: users.go Proyecto: ovh/tat
// Archive a user
func (*UsersController) Archive(ctx *gin.Context) {
	var archiveJSON tat.UsernameUserJSON
	ctx.Bind(&archiveJSON)

	var userToArchive = tat.User{}
	found, err := userDB.FindByUsername(&userToArchive, archiveJSON.Username)
	if !found {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("user with username %s does not exist", archiveJSON.Username))
		return
	} else if err != nil {
		AbortWithReturnError(ctx, http.StatusInternalServerError, fmt.Errorf("Error whil fetching user user with username %s", archiveJSON.Username))
		return
	}

	if userToArchive.IsArchived {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("user with username %s is already archived", archiveJSON.Username))
		return
	}

	if err := userDB.Archive(&userToArchive, getCtxUsername(ctx)); err != nil {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("archive user %s failed", archiveJSON.Username))
		return
	}

	ctx.JSON(http.StatusCreated, "")
}
Ejemplo n.º 9
0
Archivo: users.go Proyecto: ovh/tat
// Rename a username of one user
func (*UsersController) Rename(ctx *gin.Context) {
	var renameJSON tat.RenameUserJSON
	ctx.Bind(&renameJSON)

	var userToRename = tat.User{}
	found, err := userDB.FindByUsername(&userToRename, renameJSON.Username)
	if !found {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Errorf("user with username %s does not exist", renameJSON.Username)})
		return
	} else if err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Errorf("Error while fetching user with username %s", renameJSON.Username)})
		return
	}

	if err := userDB.Rename(&userToRename, renameJSON.NewUsername); err != nil {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Errorf("Rename %s user to %s failed", renameJSON.Username, renameJSON.NewUsername)})
		return
	}

	if err := messageDB.ChangeUsernameOnMessages(userToRename.Username, renameJSON.NewUsername); err != nil {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Errorf("Rename %s user to %s failed", renameJSON.Username, renameJSON.NewUsername)})
		return
	}
	ctx.JSON(http.StatusCreated, gin.H{"info": "user is renamed"})
}
Ejemplo n.º 10
0
Archivo: users.go Proyecto: ovh/tat
// Update changes fullname and email
func (*UsersController) Update(ctx *gin.Context) {
	var updateJSON tat.UpdateUserJSON
	ctx.Bind(&updateJSON)

	var userToUpdate = tat.User{}
	found, err := userDB.FindByUsername(&userToUpdate, updateJSON.Username)
	if !found {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Errorf("user with username %s does not exist", updateJSON.Username)})
		return
	} else if err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Errorf("Error while fetching user with username %s", updateJSON.Username)})
		return
	}

	if strings.TrimSpace(updateJSON.NewFullname) == "" || strings.TrimSpace(updateJSON.NewEmail) == "" {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Errorf("Invalid Fullname %s or Email %s", updateJSON.NewFullname, updateJSON.NewEmail)})
		return
	}

	err2 := userDB.Update(&userToUpdate, strings.TrimSpace(updateJSON.NewFullname), strings.TrimSpace(updateJSON.NewEmail))
	if err2 != nil {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("Update %s user to fullname %s and email %s failed : %s", updateJSON.Username, updateJSON.NewFullname, updateJSON.NewEmail, err2.Error())})
		return
	}

	ctx.JSON(http.StatusCreated, gin.H{"info": "user updated"})
}
Ejemplo n.º 11
0
Archivo: users.go Proyecto: ovh/tat
// SetAdmin a "normal" user to an admin user
func (*UsersController) SetAdmin(ctx *gin.Context) {
	var convertJSON tat.UsernameUserJSON
	ctx.Bind(&convertJSON)

	var userToGrant = tat.User{}
	found, err := userDB.FindByUsername(&userToGrant, convertJSON.Username)
	if !found {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("user with username %s does not exist", convertJSON.Username))
		return
	} else if err != nil {
		AbortWithReturnError(ctx, http.StatusInternalServerError, fmt.Errorf("Error while fetching user with username %s", convertJSON.Username))
		return
	}

	if userToGrant.IsAdmin {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("user with username %s is already an admin user", convertJSON.Username))
		return
	}

	if err := userDB.ConvertToAdmin(&userToGrant, getCtxUsername(ctx)); err != nil {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("Convert %s to admin user failed", convertJSON.Username))
		return
	}

	ctx.JSON(http.StatusCreated, "")
}
Ejemplo n.º 12
0
Archivo: users.go Proyecto: ovh/tat
// UpdateSystemUser updates flags CanWriteNotifications and CanListUsersAsAdmin
func (*UsersController) UpdateSystemUser(ctx *gin.Context) {
	var convertJSON tat.ConvertUserJSON
	ctx.Bind(&convertJSON)

	if !strings.HasPrefix(convertJSON.Username, "tat.system") {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("Username does not begin with tat.system (%s), it's not possible to update this user", convertJSON.Username)})
		return
	}

	var userToConvert = tat.User{}
	found, err := userDB.FindByUsername(&userToConvert, convertJSON.Username)
	if !found {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("user with username %s does not exist", convertJSON.Username)})
		return
	} else if err != nil {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("Error while fetching user with username %s", convertJSON.Username)})
		return
	}

	if !userToConvert.IsSystem {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("user with username %s is not a system user", convertJSON.Username)})
		return
	}

	err2 := userDB.UpdateSystemUser(&userToConvert, convertJSON.CanWriteNotifications, convertJSON.CanListUsersAsAdmin)
	if err2 != nil {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("Error while update system user %s", convertJSON.Username)})
		return
	}

	ctx.JSON(http.StatusCreated, gin.H{"message": "Update successful"})
}
Ejemplo n.º 13
0
Archivo: topics.go Proyecto: ovh/tat
// Delete deletes requested topic only if user is Tat admin, or admin on topic
func (t *TopicsController) Delete(ctx *gin.Context) {
	topicRequest, err := GetParam(ctx, "topic")
	if err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Invalid Topic"})
		return
	}

	var user = tat.User{}
	found, err := userDB.FindByUsername(&user, getCtxUsername(ctx))
	if !found {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "User unknown"})
		return
	} else if err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Error while fetching user"})
		return
	}

	paramJSON := tat.ParamTopicUserJSON{
		Topic:     topicRequest,
		Username:  user.Username,
		Recursive: false,
	}

	topic, e := t.preCheckUser(ctx, &paramJSON)
	if e != nil {
		return
	}
	// If user delete a Topic under /Private/username, no check or RW to delete
	if !strings.HasPrefix(topic.Topic, "/Private/"+user.Username) {
		// check if user is Tat admin or admin on this topic
		hasRW := topicDB.IsUserAdmin(topic, &user)
		if !hasRW {
			ctx.JSON(http.StatusForbidden, gin.H{"error": fmt.Errorf("No RW access to topic %s (to delete it)", topic.Topic)})
			return
		}
	}

	c := &tat.MessageCriteria{Topic: topic.Topic, OnlyCount: "true"}
	count, err := messageDB.CountMessages(c, user.Username, *topic)
	if err != nil {
		log.Errorf("Error while list Messages in Delete %s", err)
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Error while list Messages in Delete topic"})
		return
	}

	if count > 0 {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Could not delete this topic, this topic have messages"})
		return
	}

	if err = topicDB.Delete(topic, &user); err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
		return
	}
	ctx.JSON(http.StatusOK, gin.H{"info": fmt.Sprintf("Topic %s is deleted", topic.Topic)})
}
Ejemplo n.º 14
0
Archivo: topics.go Proyecto: ovh/tat
// List returns the list of topics that can be viewed by user
func (t *TopicsController) List(ctx *gin.Context) {
	var user = &tat.User{}
	found, err := userDB.FindByUsername(user, getCtxUsername(ctx))
	if !found {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "User unknown"})
		return
	} else if err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Error while fetching user."})
		return
	}
	criteria := t.buildCriteria(ctx, user)
	count, topics, err := topicDB.ListTopics(criteria, user, false, false, false)
	if err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Error while fetching topics."})
		return
	}

	out := &tat.TopicsJSON{Topics: topics, Count: count}

	if criteria.GetNbMsgUnread == "true" {
		c := &tat.PresenceCriteria{
			Username: user.Username,
		}
		count, presences, err := presenceDB.ListPresencesAllFields(c)
		if err != nil {
			ctx.AbortWithError(http.StatusInternalServerError, err)
			return
		}

		unread := make(map[string]int)
		knownPresence := false
		for _, topic := range topics {
			if tat.ArrayContains(user.OffNotificationsTopics, topic.Topic) {
				continue
			}
			knownPresence = false
			for _, presence := range presences {
				if topic.Topic != presence.Topic {
					continue
				}
				knownPresence = true
				if topic.DateLastMessage > presence.DatePresence {
					unread[presence.Topic] = 1
				}
				break
			}
			if !knownPresence {
				unread[topic.Topic] = -1
			}
		}
		out.TopicsMsgUnread = unread
		out.CountTopicsMsgUnread = count
	}
	ctx.JSON(http.StatusOK, out)
}
Ejemplo n.º 15
0
Archivo: topics.go Proyecto: ovh/tat
// preCheckUser checks if user in paramJSON exists and if current user is admin on topic
func (t *TopicsController) preCheckUser(ctx *gin.Context, paramJSON *tat.ParamTopicUserJSON) (*tat.Topic, error) {
	user := tat.User{}
	found, err := userDB.FindByUsername(&user, paramJSON.Username)
	if !found {
		e := errors.New("username " + paramJSON.Username + " does not exist")
		ctx.AbortWithError(http.StatusInternalServerError, e)
		return nil, e
	} else if err != nil {
		e := errors.New("Error while fetching username username " + paramJSON.Username)
		ctx.AbortWithError(http.StatusInternalServerError, e)
		return nil, e
	}
	return t.preCheckUserAdminOnTopic(ctx, paramJSON.Topic)
}
Ejemplo n.º 16
0
Archivo: presences.go Proyecto: ovh/tat
func (*PresencesController) preCheckUser(ctx *gin.Context) (*tat.User, error) {
	var user = &tat.User{}
	found, err := userDB.FindByUsername(user, getCtxUsername(ctx))
	var e error
	if !found {
		e = errors.New("User unknown")
	} else if err != nil {
		e = errors.New("Error while fetching user")
	}
	if e != nil {
		ctx.AbortWithError(http.StatusInternalServerError, e)
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": e.Error()})
		return nil, e
	}
	return user, nil
}
Ejemplo n.º 17
0
Archivo: commons.go Proyecto: ovh/tat
// PreCheckUser has to be called as a middleware on Gin Route.
// Check if username exists in database, return user if ok
func PreCheckUser(ctx *gin.Context) (tat.User, error) {
	var tatUser = tat.User{}
	found, err := userDB.FindByUsername(&tatUser, getCtxUsername(ctx))
	var e error
	if !found {
		e = errors.New("User unknown")
	} else if err != nil {
		e = errors.New("Error while fetching user")
	}
	if e != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": e})
		ctx.AbortWithError(http.StatusInternalServerError, e)
		return tatUser, e
	}
	return tatUser, nil
}
Ejemplo n.º 18
0
Archivo: users.go Proyecto: ovh/tat
// Create a new user, record Username, Fullname and Email
// A mail is sent to ask user for validation
func (u *UsersController) Create(ctx *gin.Context) {
	var userJSON tat.UserCreateJSON
	ctx.Bind(&userJSON)
	var userIn tat.User
	userIn.Username = u.computeUsername(userJSON)
	userIn.Fullname = strings.TrimSpace(userJSON.Fullname)
	userIn.Email = strings.TrimSpace(userJSON.Email)
	callback := strings.TrimSpace(userJSON.Callback)

	if len(userIn.Username) < 3 || len(userIn.Fullname) < 3 || len(userIn.Email) < 7 {
		err := fmt.Errorf("Invalid username (%s) or fullname (%s) or email (%s)", userIn.Username, userIn.Fullname, userIn.Email)
		AbortWithReturnError(ctx, http.StatusInternalServerError, err)
		return
	}

	if err := u.checkAllowedDomains(userJSON); err != nil {
		ctx.JSON(http.StatusForbidden, gin.H{"error": err.Error()})
		return
	}

	user := tat.User{}
	foundEmail, errEmail := userDB.FindByEmail(&user, userJSON.Email)
	foundUsername, errUsername := userDB.FindByUsername(&user, userJSON.Username)
	foundFullname, errFullname := userDB.FindByFullname(&user, userJSON.Fullname)

	if foundEmail || foundUsername || foundFullname || errEmail != nil || errUsername != nil || errFullname != nil {
		e := fmt.Errorf("Please check your username, email or fullname. If you are already registered, please reset your password")
		AbortWithReturnError(ctx, http.StatusBadRequest, e)
		return
	}

	tokenVerify, err := userDB.Insert(&userIn)
	if err != nil {
		log.Errorf("Error while InsertUser %s", err)
		ctx.AbortWithError(http.StatusInternalServerError, err)
		return
	}

	go userDB.SendVerifyEmail(userIn.Username, userIn.Email, tokenVerify, callback)

	info := ""
	if viper.GetBool("username_from_email") {
		info = fmt.Sprintf(" Note that configuration of Tat forced your username to %s", userIn.Username)
	}
	ctx.JSON(http.StatusCreated, gin.H{"info": fmt.Sprintf("please check your mail to validate your account.%s", info)})
}
Ejemplo n.º 19
0
Archivo: users.go Proyecto: ovh/tat
// Me retrieves all information about me (exception information about Authentication)
func (*UsersController) Me(ctx *gin.Context) {
	var user = tat.User{}
	found, err := userDB.FindByUsername(&user, getCtxUsername(ctx))
	if !found {
		ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
		return
	} else if err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Error while fetching user"})
		return
	}
	gs, errGetGroupsOnlyName := groupDB.GetUserGroupsOnlyName(user.Username)
	if errGetGroupsOnlyName != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Error while getting groups"})
		return
	}
	user.Groups = gs
	out := &tat.UserJSON{User: user}
	ctx.JSON(http.StatusOK, out)
}
Ejemplo n.º 20
0
Archivo: users.go Proyecto: ovh/tat
// Check if user have his Private topics
// /Private/username, /Private/username/Tasks
func (u *UsersController) Check(ctx *gin.Context) {

	var userJSON tat.CheckTopicsUserJSON
	ctx.Bind(&userJSON)

	var userToCheck = tat.User{}
	found, err := userDB.FindByUsername(&userToCheck, userJSON.Username)
	if !found {
		ctx.JSON(http.StatusBadRequest, gin.H{"error": fmt.Errorf("user with username %s does not exist", userJSON.Username)})
		return
	} else if err != nil {
		ctx.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Errorf("Error while fetching user with username %s", userJSON.Username)})
		return
	}

	topicsInfo := userDB.CheckTopics(&userToCheck, userJSON.FixPrivateTopics)
	defaultGroupInfo := userDB.CheckDefaultGroup(&userToCheck, userJSON.FixDefaultGroup)

	ctx.JSON(http.StatusCreated, gin.H{"topics": topicsInfo, "defaultGroup": defaultGroupInfo})
}
Ejemplo n.º 21
0
Archivo: users.go Proyecto: ovh/tat
// Convert a "normal" user to a "system" user
func (*UsersController) Convert(ctx *gin.Context) {
	var convertJSON tat.ConvertUserJSON
	ctx.Bind(&convertJSON)

	if !strings.HasPrefix(convertJSON.Username, "tat.system") {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("Username does not begin with tat.system (%s), it's not possible to convert this user", convertJSON.Username))
		return
	}

	var userToConvert = tat.User{}
	found, err := userDB.FindByUsername(&userToConvert, convertJSON.Username)
	if !found {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("user with username %s does not exist", convertJSON.Username))
		return
	} else if err != nil {
		AbortWithReturnError(ctx, http.StatusInternalServerError, fmt.Errorf("Error while fetching user with username %s", convertJSON.Username))
		return
	}

	if userToConvert.IsSystem {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("user with username %s is already a system user", convertJSON.Username))
		return
	}

	newPassword, err := userDB.ConvertToSystem(&userToConvert, getCtxUsername(ctx), convertJSON.CanWriteNotifications, convertJSON.CanListUsersAsAdmin)
	if err != nil {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("Convert %s to system user failed", convertJSON.Username))
		return
	}

	ctx.JSON(http.StatusOK, gin.H{
		"message":  "Verification successful",
		"username": userToConvert.Username,
		"password": newPassword,
		"url":      fmt.Sprintf("%s://%s:%s%s", viper.GetString("exposed_scheme"), viper.GetString("exposed_host"), viper.GetString("exposed_port"), viper.GetString("exposed_path")),
	})
}
Ejemplo n.º 22
0
Archivo: users.go Proyecto: ovh/tat
// ResetSystemUser reset password for a system user
func (*UsersController) ResetSystemUser(ctx *gin.Context) {
	var systemUserJSON resetSystemUserJSON
	ctx.Bind(&systemUserJSON)

	if !strings.HasPrefix(systemUserJSON.Username, "tat.system") {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("Username does not begin with tat.system (%s), it's not possible to reset password for this user", systemUserJSON.Username))
		return
	}

	var systemUserToReset = tat.User{}
	found, err := userDB.FindByUsername(&systemUserToReset, systemUserJSON.Username)
	if !found {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("user with username %s does not exist", systemUserJSON.Username))
		return
	} else if err != nil {
		AbortWithReturnError(ctx, http.StatusInternalServerError, fmt.Errorf("Error while fetching user with username %s", systemUserJSON.Username))
		return
	}

	if !systemUserToReset.IsSystem {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("user with username %s is not a system user", systemUserJSON.Username))
		return
	}

	newPassword, err := userDB.ResetSystemUserPassword(&systemUserToReset)
	if err != nil {
		AbortWithReturnError(ctx, http.StatusBadRequest, fmt.Errorf("Reset password for %s (system user) failed", systemUserJSON.Username))
		return
	}

	ctx.JSON(http.StatusOK, gin.H{
		"message":  "Reset password successful",
		"username": systemUserToReset.Username,
		"password": newPassword,
		"url":      fmt.Sprintf("%s://%s:%s%s", viper.GetString("exposed_scheme"), viper.GetString("exposed_host"), viper.GetString("exposed_port"), viper.GetString("exposed_path")),
	})
}