func EnsureAuth(r martini.Router, mainDb *d.MainDb) martini.Router { r.Get("/", func(r render.Render, prms martini.Params, req *http.Request) { flashMessage, fType := flash.GetMessage() query := req.URL.Query() result := map[string]interface{}{ fmt.Sprintf("flash_%v", fType): flashMessage, "from": query.Get("from"), } r.HTML(200, "login", AddCurrentUser(result, req, mainDb), render.HTMLOptions{Layout: "base"}) }) r.Post("/", binding.Bind(user{}), func(postedUser user, r render.Render, req *http.Request, w http.ResponseWriter) { userData, err := mainDb.Users.LoginUser(postedUser.LoginName, postedUser.Password) if err != nil { log.Printf("AUTH user %+v not found: %v", postedUser, err) flash.SetMessage("К сожалению, пользователь с такими данными не найден.", "error") r.Redirect(AUTH_URL) return } else { log.Printf("AUTH found user data: %v, %v, %v", userData.UserId, userData.UserName, userData.Auth) } user := NewUser(userData) StartAuthSession(user, w) redirect := req.URL.Query().Get(REDIRECT_PARAM) if redirect == "" { redirect = DefaultUrlMap.GetDefaultUrl(user.BelongsToCompany()) } http.Redirect(w, req, redirect, 302) }) return r }
func setupRoutes(r martini.Router) { // static r.Get("/", func(r render.Render) { r.HTML(http.StatusOK, "index", View("Dashboard")) }) r.NotFound(func(r render.Render) { r.HTML(http.StatusNotFound, "404", View("404 - Not Found")) }) // api r.Get("/api/hostname", DataHandler("hostname")) r.Get("/api/ip", DataHandler("ip")) r.Get("/api/cpu", DataHandler("cpu")) r.Get("/api/mem", DataHandler("mem")) r.Get("/api/disk", DataHandler("disk")) r.Get("/api/processes", DataHandler("top")) r.Get("/api/logged_on", DataHandler("logged_on")) r.Get("/api/users", DataHandler("passwd")) r.Get("/api/network", DataHandler("network")) r.Get("/api/env", DataHandler("env")) r.Get("/api/headers", DataHandler("headers")) r.Get("/api/debug/:method", DebugHandler) }
func EnsureWorkWithKeys(r martini.Router, qs *quests.QuestStorage, db *d.MainDb) martini.Router { //todo add group and refactor normal r.Post("/load/up", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(render render.Render, request *http.Request) { xlsFileReg := regexp.MustCompile(".+\\.xlsx?") file, header, err := request.FormFile("file") if err != nil { render.HTML(200, "new_keys", w.AddCurrentUser(GetKeysInfo(fmt.Sprintf("Ошибка загрузки файлика: %v", err), qs), request, db)) return } log.Printf("Form file information: file: %+v \nheader:%v, %v\nerr:%v", file, header.Filename, header.Header, err) defer file.Close() data, err := ioutil.ReadAll(file) if err != nil { render.HTML(200, "new_keys", w.AddCurrentUser(GetKeysInfo(fmt.Sprintf("Ошибка загрузки файлика: %v", err), qs), request, db)) return } if xlsFileReg.MatchString(header.Filename) { xlFile, err := xlsx.OpenBinary(data) log.Printf("file: %+v, err: %v", xlFile, err) if err != nil || xlFile == nil { render.HTML(200, "quests/new_keys", w.AddCurrentUser(GetKeysInfo(fmt.Sprintf("Ошибка обработки файлика: %v", err), qs), request, db)) return } skip_rows, _ := strconv.Atoi(request.FormValue("skip-rows")) skip_cols, _ := strconv.Atoi(request.FormValue("skip-cols")) parse_res, _ := w.ParseExportXlsx(xlFile, skip_rows, skip_cols) for _, prel := range parse_res { qs.AddStep(prel[0], prel[1], prel[2]) } } else { render.HTML(200, "new_keys", w.AddCurrentUser(GetKeysInfo("Файл имеет не то расширение :(", qs), request, db)) } render.Redirect("/new_keys") }) r.Get("/new_keys", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(r render.Render, req *http.Request) { log.Printf("CONSOLE WEB will show keys") r.HTML(200, "new_keys", w.AddCurrentUser(GetKeysInfo("", qs), req, db), render.HTMLOptions{Layout: "base"}) }) r.Post("/add_key", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(user auth.User, render render.Render, request *http.Request) { start_key := request.FormValue("start-key") next_key := request.FormValue("next-key") description := request.FormValue("description") log.Printf("CONSOLE WEB add key %s -> %s -> %s", start_key, description, next_key) if start_key != "" && description != "" { key, err := qs.AddStep(start_key, description, next_key) log.Printf("QW is error? %v key: %v", err, key) render.Redirect("/new_keys") } else { render.HTML(200, "console/new_keys", w.AddCurrentUser(GetKeysInfo("Невалидные значения ключа или ответа", qs), request, db)) } }) r.Post("/delete_key/:key", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(params martini.Params, render render.Render) { key := params["key"] err := qs.DeleteStep(key) log.Printf("CONSOLE WEB will delete %v (%v)", key, err) render.Redirect("/new_keys") }) r.Post("/update_key/:key", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(params martini.Params, render render.Render, request *http.Request) { key_id := params["key"] start_key := request.FormValue("start-key") next_key := request.FormValue("next-key") description := request.FormValue("description") err := qs.UpdateStep(key_id, start_key, description, next_key) log.Printf("CONSOLE WEB was update key %s %s %s %s\n err? %v", key_id, start_key, description, next_key, err) render.Redirect("/new_keys") }) r.Get("/delete_key_all", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(render render.Render) { log.Printf("CONSOLE WEB was delete all keys") qs.Steps.RemoveAll(bson.M{}) render.Redirect("/new_keys") }) return r }
func EnsureWorkWithUsers(r martini.Router, db *d.MainDb) martini.Router { r.Group("/users", func(r martini.Router) { r.Get("", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(r render.Render, req *http.Request) { r.HTML(200, "users", w.AddCurrentUser(GetUsersInfo("", db), req, db), render.HTMLOptions{Layout: "base"}) }) r.Post("/add", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(r render.Render, request *http.Request) { u_id := strings.TrimSpace(request.FormValue("user-id")) u_name := strings.TrimSpace(request.FormValue("user-name")) u_phone := request.FormValue("user-phone") u_email := request.FormValue("user-e-mail") u_role := strings.TrimSpace(request.FormValue("user-role")) u_pwd := request.FormValue("user-pwd") u_read_rights := strings.Fields(request.FormValue("read-rights")) u_write_rights := strings.Fields(request.FormValue("write-rights")) u_belongs_to := strings.TrimSpace(request.FormValue("belongs-to")) log.Printf("CONSOLE WEB add user [%s] '%s' +%s %s |%v| {%s}", u_id, u_name, u_phone, u_email, u_role, u_pwd) if u_name != "" && u_id != "" { db.Users.AddOrUpdateUserObject(d.UserData{ UserId: u_id, UserName: u_name, Email: u_email, Phone: u_phone, Role: u_role, Password: u.PHash(u_pwd), LastUpdate: time.Now(), ReadRights: u_read_rights, WriteRights: u_write_rights, BelongsTo: u_belongs_to, }) r.Redirect("/users") } else { r.HTML(200, "users", w.AddCurrentUser(GetUsersInfo("Невалидные значения имени и (или) идентификатора добавляемого пользователя", db), request, db), render.HTMLOptions{Layout: "base"}) } }) r.Post("/delete/:id", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(params martini.Params, render render.Render) { uid := params["id"] err := db.Users.UsersCollection.Remove(bson.M{"user_id": uid}) log.Printf("CONSOLE WEB will delete user %v (%v)", uid, err) render.Redirect("/users") }) r.Post("/update/:id", w.LoginRequired, w.AutHandler.CheckIncludeAnyRole(MANAGER), func(params martini.Params, render render.Render, request *http.Request) { u_id := params["id"] u_name := strings.TrimSpace(request.FormValue("user-name")) u_phone := request.FormValue("user-phone") u_email := request.FormValue("user-e-mail") u_role := request.FormValue("user-role") u_pwd := request.FormValue("user-pwd") u_read_rights := strings.Fields(request.FormValue("read-rights")) u_write_rights := strings.Fields(request.FormValue("write-rights")) u_belongs_to := strings.TrimSpace(request.FormValue("belongs-to")) upd := bson.M{} if u_name != "" { upd["user_name"] = u_name } if u_email != "" { upd["email"] = u_email } if u_phone != "" { upd["phone"] = u_phone } if u_role != "" { upd["role"] = u_role } if u_pwd != "" { upd["password"] = u.PHash(u_pwd) } if len(u_read_rights) > 0 { upd["read_rights"] = u_read_rights } if len(u_write_rights) > 0 { upd["write_rights"] = u_write_rights } if u_belongs_to != "" { upd["belongs_to"] = u_belongs_to } db.Users.UsersCollection.Update(bson.M{"user_id": u_id}, bson.M{"$set": upd}) log.Printf("CONSOLE WEB update user [%s] '%s' +%s %s |%v| {%v}", u_id, u_name, u_phone, u_email, u_role, u_pwd) render.Redirect("/users") }) }) return r }