func MessageSend(r *gin.Context) {
session, err := common.GetSession(r)
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
log.Printf("MessageSend(): user=%d", session.UserId)
var msg model.MessagesModel
if err = r.BindJSON(&msg); err != nil {
r.AbortWithError(http.StatusBadRequest, err)
return
}
// Ensure that we can't send as any other user
msg.Sender = session.UserId
// Set time to be now
msg.Sent = time.Now()
// Set unique key
msg.Unique = model.NewNullStringValue(fmt.Sprintf("%d", time.Now().Unix()))
err = model.MessageSend(msg)
if err != nil {
log.Print(err)
r.AbortWithError(http.StatusInternalServerError, err)
return
}
r.JSON(http.StatusOK, true)
return
}
func authMiddlewareLogout(c *gin.Context) {
// As this exists outside of the normal middleware, we have to load it first,
// *manually*. This is awful, but is the easiest way to keep it in the /auth
// namespace.
getAuthMiddleware().MiddlewareFunc()(c)
session, err := common.GetSession(c)
if err != nil {
log.Printf("AuthLogout(): Expire session: %v", err)
c.AbortWithError(http.StatusInternalServerError, err)
return
}
log.Printf("AuthLogout(): Expire session %s", session.SessionId)
common.ActiveSession.ExpireSession(session.SessionId)
c.JSON(http.StatusOK, true)
}
func UserInterface_GetCurrentProvider(r *gin.Context) {
session, err := common.GetSession(r)
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
providerId, err := model.DbMap.SelectInt("SELECT IFNULL(userrealphy,0) FROM user WHERE id = ?", session.UserId)
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
r.JSON(http.StatusOK, providerId)
return
}
func UserInterface_GetCurrentUsername(r *gin.Context) {
session, err := common.GetSession(r)
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
u, err := model.DbMap.Get(model.UserModel{}, session.UserId)
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
r.JSON(http.StatusOK, u.(model.UserModel).Description)
return
}
func MessagesView(r *gin.Context) {
session, err := common.GetSession(r)
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
var o []model.MessagesModel
unread_only, err := strconv.ParseBool(r.Query("unread_only"))
if err != nil {
unread_only = false
}
patient, err := strconv.ParseInt(r.Query("patient"), 10, 64)
if err != nil {
patient = 0
}
if patient != 0 {
if unread_only {
_, err = model.DbMap.Select(&o, "SELECT m.*, u.userdescrip AS 'sender' FROM "+model.TABLE_MESSAGES+" m LEFT OUTER JOIN "+model.TABLE_USER+" u ON u.id = m.msgby WHERE (ISNULL(m.msgtag) OR LENGTH(m.msgtag) < 1) AND m.msgpatient = ? AND m.msgread=0 AND m.msgby = ?", patient, session.UserId)
} else {
_, err = model.DbMap.Select(&o, "SELECT m.*, u.userdescrip AS 'sender' FROM "+model.TABLE_MESSAGES+" m LEFT OUTER JOIN "+model.TABLE_USER+" u ON u.id = m.msgby WHERE (ISNULL(m.msgtag) OR LENGTH(m.msgtag) < 1) AND m.msgpatient = ? AND m.msgfor = ?", patient, session.UserId)
}
} else {
if unread_only {
_, err = model.DbMap.Select(&o, "SELECT m.*, u.userdescrip AS 'sender' FROM "+model.TABLE_MESSAGES+" m LEFT OUTER JOIN "+model.TABLE_USER+" u ON u.id = m.msgby WHERE (ISNULL(m.msgtag) OR LENGTH(m.msgtag) < 1) AND m.msgfor = ? AND m.msgread = 0", session.UserId)
} else {
_, err = model.DbMap.Select(&o, "SELECT m.*, u.userdescrip AS 'sender' FROM "+model.TABLE_MESSAGES+" m LEFT OUTER JOIN "+model.TABLE_USER+" u ON u.id = m.msgby WHERE (ISNULL(m.msgtag) OR LENGTH(m.msgtag) < 1) AND m.msgfor = ?", session.UserId)
}
}
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
r.JSON(http.StatusOK, o)
return
}
func MessageGet(r *gin.Context) {
session, err := common.GetSession(r)
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
idString := r.Param("id")
if idString == "" {
log.Print("MessageGet(): No id provided")
r.AbortWithStatus(http.StatusInternalServerError)
return
}
id, err := strconv.ParseInt(idString, 10, 64)
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
msg, err := model.MessageById(id)
if err != nil {
log.Print(err.Error())
r.AbortWithError(http.StatusInternalServerError, err)
return
}
// Access control: do not allow access from other user
if msg.For != session.UserId {
log.Print("MessageGet(): not allowed")
r.AbortWithStatus(http.StatusInternalServerError)
return
}
r.JSON(http.StatusOK, msg)
return
}
