func TwitterHandlerFunc(w http.ResponseWriter, r *http.Request) { user, permissions := auth.Challenge(w, r, true) if user == nil || permissions < 1 { http.Error(w, "Please Login", http.StatusUnauthorized) return } twitterURL := "https://api.twitter.com" + r.URL.Path + "?" + r.URL.RawQuery req, err := http.NewRequest("GET", twitterURL, nil) if err != nil { http.Error(w, "Failed to build request : "+err.Error(), http.StatusBadRequest) return } if strings.HasPrefix(r.URL.Path, "/1.1") { token, err = getToken() req.Header.Add("Authorization", "Bearer "+token.AccessToken) } resp, err := http.DefaultClient.Do(req) if err != nil { http.Error(w, "Failed to send request: "+err.Error(), http.StatusBadRequest) return } defer resp.Body.Close() if resp.StatusCode != 200 { io.Copy(w, resp.Body) //http.Error(w, "Unexpected status received: " + resp.Status, http.StatusBadRequest) return } w.Header().Set("Content-Type", "application/json") //encoder := json.NewEncoder(w) //err = encoder.Encode(token) //w.WriteHeader(http.StatusOK) io.Copy(w, resp.Body) }
// Generic Delete handler func Delete(w http.ResponseWriter, r *http.Request) { user, permissions := auth.Challenge(w, r, true) if user == nil || permissions < 1 { http.Error(w, "Please Login", http.StatusUnauthorized) return } w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept") vars := mux.Vars(r) var ( val interface{} // Generic container for the deleted object err error ) // Build a URI like representation of the datatype types := []string{vars["datatype"]} if childtype, ok := vars["childtype"]; ok { types = append(types, childtype) } // Switch based on that URI like representation and instantiate something in the generic container. Also infer the identifier from the vars and perform validation. switch strings.Join(types, "/") { case "items": item := new(data.Item) item.ID, err = strconv.ParseInt(vars["key"], 10, 64) val = item case "items/comments": comment := new(data.ItemComment) comment.ID, err = strconv.ParseInt(vars["childkey"], 10, 64) val = comment case "users": if vars["key"] != user.Username { http.Error(w, "Please don't delete other users", http.StatusUnauthorized) return } user := new(data.User) user.Username = vars["key"] val = user case "roles": role := new(data.Role) role.Title = vars["key"] val = role case "taxonomy": term := new(data.Term) term.Term = vars["key"] val = term default: http.NotFound(w, r) return } if err != nil { log.Println(err) http.Error(w, "Malformed key in URI", http.StatusBadRequest) return } // Perform the delete err = storage.Delete(val) if err == storage.ErrZeroAffected { http.Error(w, "No matches for query", http.StatusNotFound) return } else if err != nil { log.Println(err) http.Error(w, "Delete Database error, likely due to malformed request", http.StatusInternalServerError) return } // Confirm the delete w.WriteHeader(http.StatusNoContent) }
// Generic Create handler func Create(w http.ResponseWriter, r *http.Request) { vars := mux.Vars(r) user, permissions := auth.Challenge(w, r, true) if (user == nil || permissions < 1) && vars["datatype"] != "users" { // Allow anyone to create users for now http.Error(w, "Please Login", http.StatusUnauthorized) return } w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER") var val interface{} // Generic container for the new object // Build a URI like representation of the datatype types := []string{vars["datatype"]} if childtype, ok := vars["childtype"]; ok { types = append(types, childtype) } // Switch based on that URI like representation and instantiate something in the generic container switch strings.Join(types, "/") { case "items": val = new(data.Item) case "items/comments": val = new(data.ItemComment) case "items/geolocations": val = new(data.Geolocation) case "users": val = new(data.User) case "roles": val = new(data.Role) case "taxonomy": val = new(data.Term) default: http.NotFound(w, r) return } // Perform the JSON decode decoder := json.NewDecoder(r.Body) err := decoder.Decode(&val) if err != nil { log.Println(err) http.Error(w, "Malformed json.", http.StatusBadRequest) return } // Perform post decode actions, setting automated field, validate values, exectute hooks, etc ... switch v := val.(type) { case *data.Item: v.Author = user.Username case *data.ItemComment: v.ItemID, err = strconv.ParseInt(vars["key"], 10, 64) v.Author = user.Username case *data.Geolocation: v.ItemID, err = strconv.ParseInt(vars["key"], 10, 64) case *data.User: err := v.Validate() if err != nil { log.Println(err) http.Error(w, err.Error(), http.StatusBadRequest) return } v.HashAndSalt() v.Role = "public" // TODO: Temporary while anyone can sign up maybe this will change? case *data.Term: v.Author = user.Username } if err != nil { log.Println(err) http.Error(w, "Malformed key in URI", http.StatusBadRequest) return } // Perform the DB insert err = storage.Insert(val) if err != nil { log.Println(err) var errorMsg string switch dbErr := err.(type) { case *storage.StorageError: switch dbErr.Code() { case 1062: switch val.(type) { case *data.User: errorMsg = "User already exists" default: errorMsg = "Database entry already exists" } default: errorMsg = "Database error (" + dbErr.Error() + ")" } default: errorMsg = "Insert Database error, likely due to malformed request" } http.Error(w, errorMsg, http.StatusInternalServerError) return } // Exectute post insert hooks, etc ... switch v := val.(type) { case *data.Item: if v.Type == "streaming-video-v1" { c, err := conf.ReadConfigFile("rter.config") if err != nil { log.Println(err) return } baseUrl, err := c.GetString("videoserver", "base-url") if err != nil { log.Println(err) return } v.UploadURI = baseUrl + "/v1/ingest/" + strconv.FormatInt(v.ID, 10) v.ThumbnailURI = baseUrl + "/v1/videos/" + strconv.FormatInt(v.ID, 10) + "/thumb/000000001.jpg" v.ContentURI = baseUrl + "/v1/videos/" + strconv.FormatInt(v.ID, 10) host, _, err := net.SplitHostPort(r.RemoteAddr) if err != nil { log.Println(err) http.Error(w, "Problem building streaming tokens, not remote addresse available.", http.StatusBadRequest) return } t, err := token.GenerateToken(v.UploadURI, host, time.Duration(3600)*time.Second, "1122AABBCCDDEEFF") if err != nil { log.Println(err) http.Error(w, "Problem building streaming tokens, likely due to malformed request.", http.StatusInternalServerError) return } v.Token = t err = storage.Update(v) //FIXME: This is awful, but probably not workaroundable? if err != nil { log.Println(err) http.Error(w, "Update Database error, likely due to malformed request.", http.StatusInternalServerError) return } } } w.Header().Set("Content-Type", "application/json") // Header are important when GZIP is enabled w.WriteHeader(http.StatusCreated) // Return the object we've inserted in the database. encoder := json.NewEncoder(w) err = encoder.Encode(val) if err != nil { log.Println(err) } }
// Generic Update handler func Update(w http.ResponseWriter, r *http.Request) { user, permissions := auth.Challenge(w, r, true) if user == nil || permissions < 1 { http.Error(w, "Please Login", http.StatusUnauthorized) return } w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept") vars := mux.Vars(r) var ( val interface{} // Generic container for the updated object err error ) // Build a URI like representation of the datatype types := []string{vars["datatype"]} if childtype, ok := vars["childtype"]; ok { types = append(types, childtype) } // Switch based on that URI like representation and instantiate something in the generic container. Also infer the identifier from the vars and perform validation. switch strings.Join(types, "/") { case "items": v := new(data.Item) v.ID, err = strconv.ParseInt(vars["key"], 10, 64) val = v case "items/comments": v := new(data.ItemComment) v.ID, err = strconv.ParseInt(vars["childkey"], 10, 64) val = v case "users": if vars["key"] != user.Username { http.Error(w, "Please don't hack other users", http.StatusUnauthorized) return } v := new(data.User) v.Username = vars["key"] val = v case "users/direction": v := new(data.UserDirection) v.Username = vars["key"] val = v case "roles": v := new(data.Role) v.Title = vars["key"] val = v case "taxonomy": v := new(data.Term) v.Term = vars["key"] val = v case "taxonomy/ranking": v := new(data.TermRanking) v.Term = vars["key"] val = v default: http.NotFound(w, r) return } if err != nil { log.Println(err, vars) http.Error(w, "Malformed key in URI", http.StatusBadRequest) return } err = storage.Select(val) //Load previous values so that update is non distructive of empty fields if err == storage.ErrZeroAffected { http.NotFound(w, r) return } else if err != nil { log.Println(err) http.Error(w, "Select3 Database error, likely due to malformed request.", http.StatusInternalServerError) return } // Decode the JSON into our generic object. The decode will leave unscpecified fields untouched. decoder := json.NewDecoder(r.Body) err = decoder.Decode(&val) if err != nil { log.Println(err) http.Error(w, "Malformed json.", http.StatusBadRequest) return } // Validate JSON, run pre-update hooks, etc... //We must reset fields we set earlier incase they were changed during the JSON decode switch v := val.(type) { case (*data.Item): v.ID, err = strconv.ParseInt(vars["key"], 10, 64) v.Author = user.Username case (*data.ItemComment): v.ID, err = strconv.ParseInt(vars["childkey"], 10, 64) v.Author = user.Username case (*data.User): v.Username = vars["key"] case (*data.UserDirection): v.Username = vars["key"] v.LockUsername = user.Username case (*data.Role): v.Title = vars["key"] case (*data.Term): v.Term = vars["key"] v.Author = user.Username case (*data.TermRanking): v.Term = vars["key"] } if err != nil { log.Println(err, vars) http.Error(w, "Malformed key in URI", http.StatusBadRequest) return } // Run the update err = storage.Update(val) if err == storage.ErrZeroAffected { w.WriteHeader(http.StatusNotModified) return } else if err != nil { log.Println(err) http.Error(w, "Update2 Database error, likely due to malformed request.", http.StatusInternalServerError) return } w.Header().Set("Content-Type", "application/json") // Header are important when GZIP is enabled // Return the updated item encoder := json.NewEncoder(w) err = encoder.Encode(val) if err != nil { log.Println(err) } }