func getDevices(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
user := r.AuthUser
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's devices.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
devices, err := r.GetDevicesByUser(user)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
Respond(w, r, http.StatusOK, "Successfully retrieved a list of devices", []interface{}{devices})
return
}
func resetSecret(w http.ResponseWriter, r *twocloud.RequestBundle) {
user := r.AuthUser
username := r.Request.URL.Query().Get(":username")
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusForbidden, "You don't have access to that user's account.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
}
resp, err := r.ResetSecret(user)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
Respond(w, r, http.StatusOK, "Successfully reset secret", []interface{}{resp})
return
}
func newDevice(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
user := r.AuthUser
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's devices.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
var req twocloud.Device
body, err := ioutil.ReadAll(r.Request.Body)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
err = json.Unmarshal(body, &req)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{})
return
}
if req.Name == "" {
Respond(w, r, http.StatusBadRequest, "Name must be specified.", []interface{}{})
return
}
req.ClientType = strings.ToLower(req.ClientType)
if !req.ValidClientType() {
Respond(w, r, http.StatusBadRequest, "Invalid client type.", []interface{}{})
return
}
gcm_key := ""
if req.Pushers != nil && req.Pushers.GCM != nil {
gcm_key = req.Pushers.GCM.Key
}
device, err := r.AddDevice(req.Name, req.ClientType, r.Request.RemoteAddr, gcm_key, user)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
Respond(w, r, http.StatusCreated, "Successfully created a device", []interface{}{device})
return
}
func deleteLink(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
user := r.AuthUser
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's links.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
deviceID, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{})
return
}
device, err := r.GetDevice(deviceID)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
if device.UserID != user.ID {
Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{})
return
}
linkID, err := strconv.ParseUint(r.Request.URL.Query().Get(":link"), 10, 64)
if err != nil {
Respond(w, r, http.StatusBadRequest, "Invalid link ID", []interface{}{})
return
}
link, err := r.GetLink(linkID)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
err = r.DeleteLink(link)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
Respond(w, r, http.StatusOK, "Successfully deleted the link", []interface{}{link})
return
}
func deleteNotification(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
user := r.AuthUser
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's notifications.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
notificationID, err := strconv.ParseUint(r.Request.URL.Query().Get(":notification"), 10, 64)
if err != nil {
Respond(w, r, http.StatusBadRequest, "Invalid notification ID", []interface{}{})
return
}
notification, err := r.GetNotification(notificationID)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
if notification.DestinationType == "user" && notification.Destination != user.ID {
Respond(w, r, http.StatusBadRequest, "That notification doesn't belong to that user.", []interface{}{})
return
} else if notification.DestinationType == "device" {
device, err := r.GetDevice(notification.Destination)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
if device.UserID != user.ID {
Respond(w, r, http.StatusBadRequest, "That notification does not belong to that user.", []interface{}{})
return
}
}
err = r.DeleteNotification(notification)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
Respond(w, r, http.StatusOK, "Successfully deleted the notification", []interface{}{notification})
return
}
func verifyEmail(w http.ResponseWriter, r *twocloud.RequestBundle) {
var req verifyEmailRequest
user := r.AuthUser
username := r.Request.URL.Query().Get(":username")
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusForbidden, "You don't have access to that user's account.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
}
body, err := ioutil.ReadAll(r.Request.Body)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
err = json.Unmarshal(body, &req)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{})
return
}
if req.Code == "" {
Respond(w, r, http.StatusBadRequest, "Code must be set.", []interface{}{})
return
}
err = r.VerifyEmail(user, req.Code)
if err == twocloud.InvalidConfirmationCodeError {
Respond(w, r, http.StatusBadRequest, "Invalid confirmation code.", []interface{}{})
return
} else if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user.EmailUnconfirmed = false
Respond(w, r, http.StatusOK, "Successfully verified email address", []interface{}{user})
return
}
func getUser(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
includeSub := r.Request.URL.Query().Get("include_subscription") == "1"
if username == "" {
Respond(w, r, http.StatusNotFound, "User not found.", []interface{}{})
return
}
if strings.ToLower(username) == strings.ToLower(r.AuthUser.Username) {
user := r.AuthUser
user.Subscription = nil
elems := []interface{}{user}
if includeSub {
elems = append(elems, r.AuthUser.Subscription)
}
setLastModified(w, user.LastActive)
Respond(w, r, http.StatusOK, "Successfully retrieved user information", elems)
return
}
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusForbidden, "You don't have access to that user's account.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user, err := r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
sub := user.Subscription
user.Subscription = nil
elems := []interface{}{user}
if includeSub {
elems = append(elems, sub)
}
setLastModified(w, user.LastActive)
Respond(w, r, http.StatusOK, "Successfully retrieved user information", []interface{}{user})
return
}
func getDevice(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
user := r.AuthUser
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's devices.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
id, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
device, err := r.GetDevice(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
if device.UserID != user.ID {
Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{})
return
}
Respond(w, r, http.StatusOK, "Successfully retrieved device information", []interface{}{device})
return
}
func updateDevice(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
deviceId := r.Request.URL.Query().Get(":device")
user := r.AuthUser
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's devices.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
devID, err := strconv.ParseUint(deviceId, 10, 64)
if err != nil {
Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{})
return
}
device := r.Device
if device.ID != devID {
device, err = r.GetDevice(devID)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
if device.UserID != user.ID {
Respond(w, r, http.StatusBadRequest, "The specified device does not belong to the specified user", []interface{}{})
return
}
var req twocloud.Device
body, err := ioutil.ReadAll(r.Request.Body)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
err = json.Unmarshal(body, &req)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{})
return
}
req.ClientType = strings.ToLower(req.ClientType)
gcm_key := ""
if req.Pushers != nil && req.Pushers.GCM != nil {
gcm_key = req.Pushers.GCM.Key
}
device, err = r.UpdateDevice(device, req.Name, req.ClientType, gcm_key)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
Respond(w, r, http.StatusCreated, "Successfully updated the device", []interface{}{device})
return
}
func updateLink(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
user := r.AuthUser
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's links.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
deviceID, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{})
return
}
device, err := r.GetDevice(deviceID)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
if device.UserID != user.ID {
Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{})
return
}
linkID, err := strconv.ParseUint(r.Request.URL.Query().Get(":link"), 10, 64)
if err != nil {
Respond(w, r, http.StatusBadRequest, "Invalid link ID", []interface{}{})
return
}
link, err := r.GetLink(linkID)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
var req twocloud.Link
body, err := ioutil.ReadAll(r.Request.Body)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
err = json.Unmarshal(body, &req)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{})
return
}
if req.URL != nil {
Respond(w, r, http.StatusBadRequest, "URL cannot be modified.", []interface{}{})
return
}
unread := link.Unread
comment := link.Comment
if device.ID == link.Sender.ID {
comment = req.Comment
} else if device.ID == link.Receiver.ID {
unread = req.Unread
}
link, err = r.UpdateLink(link, unread, comment)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
Respond(w, r, http.StatusOK, "Successfully retrieved link information", []interface{}{link})
return
}
func getLinks(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
user := r.AuthUser
role := r.Request.URL.Query().Get("role")
roleFlag := twocloud.RoleEither
if role == "sender" {
roleFlag = twocloud.RoleSender
} else if role == "receiver" {
roleFlag = twocloud.RoleReceiver
}
var after, before uint64
var err error
afterstr := r.Request.URL.Query().Get("after")
if afterstr != "" {
after, err = strconv.ParseUint(afterstr, 10, 64)
if err != nil {
Respond(w, r, http.StatusBadRequest, "Invalid after ID.", []interface{}{})
return
}
}
beforestr := r.Request.URL.Query().Get("before")
if beforestr != "" {
before, err = strconv.ParseUint(beforestr, 10, 64)
if err != nil {
Respond(w, r, http.StatusBadRequest, "Invalid before ID.", []interface{}{})
return
}
}
count := 20
countstr := r.Request.URL.Query().Get("count")
if countstr != "" {
newcount, err := strconv.Atoi(countstr)
if err != nil {
Respond(w, r, http.StatusBadRequest, "Invalid count.", []interface{}{})
return
}
if newcount > 0 && newcount <= 100 {
count = newcount
}
}
var links []twocloud.Link
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's links.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
deviceID := r.Request.URL.Query().Get(":device")
if deviceID != "" {
id, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
device, err := r.GetDevice(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
if device.UserID != user.ID {
Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{})
return
}
links, err = r.GetLinksByDevice(device, roleFlag, before, after, count)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
} else {
links, err = r.GetLinksByUser(user, roleFlag, before, after, count)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
Respond(w, r, http.StatusOK, "Successfully retrieved a list of links", []interface{}{links})
return
}
func sendLinks(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
user := r.AuthUser
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's links.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
deviceID, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{})
return
}
device, err := r.GetDevice(deviceID)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
if device.UserID != user.ID {
Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{})
return
}
var req LinksReq
body, err := ioutil.ReadAll(r.Request.Body)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
err = json.Unmarshal(body, &req)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{})
return
}
links := []twocloud.Link{}
for _, link := range req.Links {
if link.URL == nil || link.URL.Address == "" {
Respond(w, r, http.StatusBadRequest, "The address field must be specified.", []interface{}{})
return
}
link.Sender = r.Device
link.Receiver = device
link.Unread = true
links = append(links, link)
}
links, err = r.AddLinks(links)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
}
Respond(w, r, http.StatusCreated, "Successfully created links", []interface{}{links})
return
}
func markNotificationRead(w http.ResponseWriter, r *twocloud.RequestBundle) {
username := r.Request.URL.Query().Get(":username")
user := r.AuthUser
var err error
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's notifications.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
}
notificationID, err := strconv.ParseUint(r.Request.URL.Query().Get(":notification"), 10, 64)
if err != nil {
Respond(w, r, http.StatusBadRequest, "Invalid notification ID", []interface{}{})
return
}
notification, err := r.GetNotification(notificationID)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
if notification.DestinationType == "user" && notification.Destination != user.ID {
Respond(w, r, http.StatusBadRequest, "That notification doesn't belong to that user.", []interface{}{})
return
} else if notification.DestinationType == "device" {
device, err := r.GetDevice(notification.Destination)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
if device.UserID != user.ID {
Respond(w, r, http.StatusBadRequest, "That notification does not belong to that user.", []interface{}{})
return
}
}
var req twocloud.Notification
body, err := ioutil.ReadAll(r.Request.Body)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
err = json.Unmarshal(body, &req)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{})
return
}
if req.Unread {
Respond(w, r, http.StatusBadRequest, "Unread cannot be true.", []interface{}{})
return
}
notification.Unread = req.Unread
notification, err = r.MarkNotificationRead(notification)
if err != nil {
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
Respond(w, r, http.StatusOK, "Successfully updated the notification", []interface{}{notification})
return
}
func sendNotification(w http.ResponseWriter, r *twocloud.RequestBundle) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusForbidden, "You don't have permission to send notifications.", []interface{}{})
return
}
var req notificationReq
body, err := ioutil.ReadAll(r.Request.Body)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
err = json.Unmarshal(body, &req)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{})
return
}
username := r.Request.URL.Query().Get(":username")
if username != "" {
deviceIDstr := r.Request.URL.Query().Get(":device")
if deviceIDstr != "" {
deviceID, err := strconv.ParseUint(deviceIDstr, 10, 64)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{})
return
}
device, err := r.GetDevice(deviceID)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
notifications, err := r.SendNotificationsToDevice(device, req.Notifications)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
Respond(w, r, http.StatusCreated, "Successfully created notifications", []interface{}{notifications})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
user, err := r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
notifications, err := r.SendNotificationsToUser(user, req.Notifications)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
Respond(w, r, http.StatusCreated, "Successfully created notifications", []interface{}{notifications})
return
}
notifications, err := r.BroadcastNotifications(req.Notifications, req.Filter)
if err == twocloud.InvalidBroadcastFilter {
Respond(w, r, http.StatusBadRequest, err.Error(), []interface{}{})
return
} else if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{})
return
}
Respond(w, r, http.StatusCreated, "Successfully created notifications", []interface{}{notifications})
return
}
func updateUser(w http.ResponseWriter, r *twocloud.RequestBundle) {
var req modifyUserRequest
user := r.AuthUser
username := r.Request.URL.Query().Get(":username")
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusForbidden, "You don't have access to that user's account.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
}
body, err := ioutil.ReadAll(r.Request.Body)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
err = json.Unmarshal(body, &req)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{})
return
}
email := user.Email
given_name := user.Name.Given
family_name := user.Name.Family
name_changed := false
admin := false
for _, field := range req.Fields {
switch field {
case "email":
if req.User.Email == "" {
Respond(w, r, http.StatusBadRequest, "Email cannot be empty.", []interface{}{})
return
}
email = req.User.Email
break
case "name.given":
given_name = req.User.Name.Given
name_changed = true
break
case "name.family":
family_name = req.User.Name.Family
name_changed = true
break
case "admin":
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusForbidden, "You don't have the ability to grant or revoke admin status.", []interface{}{})
return
}
admin = true
break
}
}
err = r.UpdateUser(user, email, given_name, family_name, name_changed)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user.Email = email
if name_changed {
user.Name.Given = given_name
user.Name.Family = family_name
}
if admin {
if req.User.IsAdmin && !user.IsAdmin {
err = r.MakeAdmin(user)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user.IsAdmin = true
} else if !req.User.IsAdmin && user.IsAdmin {
err = r.StripAdmin(user)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user.IsAdmin = false
}
}
Respond(w, r, http.StatusOK, "Successfully updated the user account", []interface{}{user})
return
}