func AddRoutes(r martini.Router) {
r.Group("/api/v1", func(r martini.Router) {
addNeedRoutes(r)
addResourceRoutes(r)
addStaffRoutes(r)
}, MapCodec)
}
func addStaffRoutes(r martini.Router) {
r.Group("/staff", func(r martini.Router) {
r.Get("", func() string {
return "Staff stuff?"
})
}, ensureStaffMember)
}
func initCurrencyApi(r martini.Router) {
r.Group("/currencies", func(r martini.Router) {
r.Get("", func() string {
var _, body, _ = request.Get("http://api.fixer.io/latest?base=USD").End()
return body
})
})
}
func InitApplicationsRoutes(r martini.Router) {
r.Group("/admin/applications", func(router martini.Router) {
router.Get("/get/:id", getApplication)
router.Get("/list", getApplications)
router.Post("/create", createApplications)
router.Post("/update", updateApplications)
router.Post("/delete/:id", deleteApplication)
})
}
func InitUsersRoutes(r martini.Router) {
r.Group("/admin/users", func(router martini.Router) {
router.Get("/get/:id", getUser)
router.Get("/list", getUsers)
router.Get("/get/:id/roles/application/:appId", getUserRoles)
router.Post("/create", createUsers)
router.Post("/update", updateUsers)
router.Post("/delete/:id", deleteUser)
})
}
func addNeedRoutes(r martini.Router) {
r.Group("/needs", func(r martini.Router) {
r.Get("", func() string {
return "All my needs"
})
r.Get("/:id", func(p martini.Params) string {
return "Need(" + p["id"] + ")"
})
})
}
func InitRolesRoutes(r martini.Router) {
r.Group("/admin/roles", func(router martini.Router) {
router.Get("/get/:id", getRole)
router.Get("/list", getRoles)
router.Get("/application/:appId", getRolesByApplication)
router.Post("/create", createRoles)
router.Post("/update", updateRoles)
router.Post("/delete/:id", deleteRole)
})
}
func InitGroupsRoutes(r martini.Router) {
r.Group("/admin/groups", func(router martini.Router) {
router.Get("/get/:id", getGroup)
router.Get("/list", getGroups)
router.Get("/application/:appId", getGroupsByApplication)
router.Post("/create", createGroups)
router.Post("/update", updateGroups)
router.Post("/delete/:id", deleteGroup)
})
}
// AdminRoute manages routing for Restful API
func AdminRoute(r martini.Router) {
r.Get("/rest/metadata", AdminGetModels)
r.Get("/rest/metadata/:modelName", AdminGetMetaData)
r.Group("/rest/:modelName", func(restRoutes martini.Router) {
restRoutes.Get("", AdminGetList)
restRoutes.Get("/:id", AdminGetEntity)
restRoutes.Post("", AdminNewEntity)
restRoutes.Put("/:id", AdminUpdateEntity)
restRoutes.Delete("/:id", AdminDeleteEntity)
})
r.Get("/", AdminIndex)
}
func (us UserService) Register(router martini.Router) {
utils.Log.Debug("Registering UserService!")
router.Group("/users", func(rtr martini.Router) {
rtr.Post("", PreventReauth, binding.Bind(models.User{}), us.Create)
rtr.Post("/update", EnsureAuth, binding.Bind(models.User{}), us.Update)
})
router.Get("/signout", us.SignOut)
router.Get("/signup", PreventReauth, us.SignUp)
router.Get("/signin", PreventReauth, us.SignIn)
router.Get("/dashboard", EnsureAuth, us.Dashboard)
router.Get("/settings/edit", EnsureAuth, us.Edit)
router.Get("/settings/edit/:category", EnsureAuth, us.Edit)
router.Get("/wakatime/sync", EnsureAuth, us.SyncHeartbeats)
}
func (ps ProjectService) Register(router martini.Router) {
router.Group("/projects", func(rtr martini.Router) {
rtr.Get("/new", ps.New)
rtr.Post("", binding.Bind(models.Project{}), ps.Create)
}, EnsureAuth)
}
func initBooksApi(r martini.Router) {
r.Group("/books", func(r martini.Router) {
r.Get("", getBooks)
})
}
// BindRoutes binds API routes.
func BindRoutes(r martini.Router) {
r.NotFound(func(req *http.Request, r render.Render) {
r.JSON(http.StatusNotFound, []string{"The requested url does not exists."})
})
r.Get("/api/status", Status)
// Registration
r.Group("/api", func(r martini.Router) {
r.Group("/accounts", func(r martini.Router) {
r.Post("/register", binding.Bind(accounts.RegisterViewModel{}), NotificatorHandler(), accounts.Register)
})
}, GatekeeperRouteHandler())
// DASHBOARD GATEKEEPER
r.Group("/api", func(r martini.Router) {
r.Group("/auth", func(r martini.Router) {
r.Post("/password", binding.Bind(auth.PasswordRequest{}), auth.Password)
})
}, GatekeeperRouteHandler(), AccountScopeHandler(), RepositoryScopeHandler())
//ADMIN
r.Group("/api", func(r martini.Router) {
r.Get("/accounts", accounts.Index)
r.Post("/accounts", binding.Bind(accounts.AccountViewModel{}), accounts.Post)
r.Delete("/:id", accounts.Delete)
}, AdminRouteHandler())
//Owner / Manager
r.Group("/api", func(r martini.Router) {
r.Group("/accounts", func(r martini.Router) {
r.Get("/:id", accounts.Get)
r.Put("/:id", binding.Bind(accounts.AccountViewModel{}), accounts.Put)
})
r.Get("/devices", devices.Index)
r.Post("/devices", binding.Bind(devices.DeviceViewModel{}), devices.Post)
r.Group("/devices", func(r martini.Router) {
r.Get("/:id", devices.Get)
r.Put("/:id", binding.Bind(devices.DeviceViewModel{}), devices.Put)
r.Post("/register", binding.Bind(devices.DeviceViewModel{}), devices.Post)
r.Delete("/:id", devices.Delete)
})
r.Get("/doors", doors.Index)
r.Post("/doors", binding.Bind(doors.DoorViewModel{}), doors.Post)
r.Group("/doors", func(r martini.Router) {
r.Get("/:id", doors.Get)
r.Put("/:id", binding.Bind(doors.DoorViewModel{}), doors.Put)
r.Delete("/:id", doors.Delete)
})
r.Post("/people", binding.Bind(people.PersonViewModel{}), people.Post)
r.Group("/people", func(r martini.Router) {
r.Post("/sync", BridgeHandler(), people.Sync)
r.Delete("/:id", people.Delete)
})
}, AccountScopeHandler(), RepositoryScopeHandler(), SecuredRouteHandler(), ManagerRestrictedRouteHandler())
//Account
r.Group("/api", func(r martini.Router) {
r.Group("/accounts", func(r martini.Router) {
r.Get("/:id", accounts.Get)
})
r.Post("/notifications", NotificatorHandler(), binding.Bind(notifications.ViewModel{}), notifications.Notify)
r.Get("/people", people.Index)
r.Group("/people", func(r martini.Router) {
r.Get("/:id", people.Get)
r.Put("/:id", binding.Bind(people.PersonViewModel{}), people.Put)
})
}, AccountScopeHandler(), RepositoryScopeHandler(), SecuredRouteHandler())
}
func EnsureWorkWithUsers(r martini.Router, db *d.MainDb) martini.Router {
r.Group("/users", func(r martini.Router) {
r.Get("", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(r render.Render, req *http.Request) {
r.HTML(200, "users", w.AddCurrentUser(GetUsersInfo("", db), req, db), render.HTMLOptions{Layout: "base"})
})
r.Post("/add", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(r render.Render, request *http.Request) {
u_id := strings.TrimSpace(request.FormValue("user-id"))
u_name := strings.TrimSpace(request.FormValue("user-name"))
u_phone := request.FormValue("user-phone")
u_email := request.FormValue("user-e-mail")
u_role := strings.TrimSpace(request.FormValue("user-role"))
u_pwd := request.FormValue("user-pwd")
u_read_rights := strings.Fields(request.FormValue("read-rights"))
u_write_rights := strings.Fields(request.FormValue("write-rights"))
u_belongs_to := strings.TrimSpace(request.FormValue("belongs-to"))
log.Printf("CONSOLE WEB add user [%s] '%s' +%s %s |%v| {%s}", u_id, u_name, u_phone, u_email, u_role, u_pwd)
if u_name != "" && u_id != "" {
db.Users.AddOrUpdateUserObject(d.UserData{
UserId: u_id,
UserName: u_name,
Email: u_email,
Phone: u_phone,
Role: u_role,
Password: u.PHash(u_pwd),
LastUpdate: time.Now(),
ReadRights: u_read_rights,
WriteRights: u_write_rights,
BelongsTo: u_belongs_to,
})
r.Redirect("/users")
} else {
r.HTML(200,
"users",
w.AddCurrentUser(GetUsersInfo("Невалидные значения имени и (или) идентификатора добавляемого пользователя", db), request, db),
render.HTMLOptions{Layout: "base"})
}
})
r.Post("/delete/:id", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(params martini.Params, render render.Render) {
uid := params["id"]
err := db.Users.UsersCollection.Remove(bson.M{"user_id": uid})
log.Printf("CONSOLE WEB will delete user %v (%v)", uid, err)
render.Redirect("/users")
})
r.Post("/update/:id", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(params martini.Params, render render.Render, request *http.Request) {
u_id := params["id"]
u_name := strings.TrimSpace(request.FormValue("user-name"))
u_phone := request.FormValue("user-phone")
u_email := request.FormValue("user-e-mail")
u_role := request.FormValue("user-role")
u_pwd := request.FormValue("user-pwd")
u_read_rights := strings.Fields(request.FormValue("read-rights"))
u_write_rights := strings.Fields(request.FormValue("write-rights"))
u_belongs_to := strings.TrimSpace(request.FormValue("belongs-to"))
upd := bson.M{}
if u_name != "" {
upd["user_name"] = u_name
}
if u_email != "" {
upd["email"] = u_email
}
if u_phone != "" {
upd["phone"] = u_phone
}
if u_role != "" {
upd["role"] = u_role
}
if u_pwd != "" {
upd["password"] = u.PHash(u_pwd)
}
if len(u_read_rights) > 0 {
upd["read_rights"] = u_read_rights
}
if len(u_write_rights) > 0 {
upd["write_rights"] = u_write_rights
}
if u_belongs_to != "" {
upd["belongs_to"] = u_belongs_to
}
db.Users.UsersCollection.Update(bson.M{"user_id": u_id}, bson.M{"$set": upd})
log.Printf("CONSOLE WEB update user [%s] '%s' +%s %s |%v| {%v}", u_id, u_name, u_phone, u_email, u_role, u_pwd)
render.Redirect("/users")
})
})
return r
}
