Esempio n. 1
0
func Update(c *echo.Context) error {
	u := users.User{}

	err := utils.ParseJSONBody(c, &u)
	if err != nil {
		return nil
	}

	user, err := users.GetUser(u.GetID())
	if err != nil {
		return apiErrors.UserNotFound
	}

	if u.Password == "" {
		return apiErrors.InvalidRequest.Detail("The password field is missing.")
	}

	err = users.UpdateUserPassword(user.GetID(), u.Password)
	if err != nil {
		log.Error(err)
		return apiErrors.InternalError.Detail("Unable to update the password.")
	}

	return utils.JSON(c, http.StatusOK, user)
}
Esempio n. 2
0
func Update(c *echo.Context) error {
	updatedUser := users.User{}
	user := c.Get("user").(*users.User)

	err := utils.ParseJSONBody(c, &updatedUser)
	if err != nil {
		return apiErrors.InvalidRequest
	}

	currentUser, err := users.GetUser(updatedUser.GetID())
	if err != nil {
		return apiErrors.UserNotFound
	}

	if !user.IsAdmin && (updatedUser.GetID() != user.GetID()) {
		return apiErrors.Unauthorized.Detail("You can only update your account")
	}

	if updatedUser.IsAdmin != currentUser.IsAdmin {
		if currentUser.Id == user.GetID() {
			return apiErrors.Unauthorized.Detail("You cannot grant administration rights")
		}
		err = users.UpdateUserPrivilege(updatedUser.GetID(), updatedUser.IsAdmin)
		if err != nil {
			log.Error(err)
			return apiErrors.InternalError.Detail("Unable to update the rank")
		}
	} else if updatedUser.Password != "" {
		err = users.UpdateUserPassword(updatedUser.GetID(), updatedUser.Password)
		if err != nil {
			log.Error(err)
			return apiErrors.InternalError.Detail("Unable to update the password")
		}
	} else if updatedUser.Email != currentUser.Email {
		err = users.UpdateUserEmail(updatedUser.GetID(), updatedUser.Email)
		if err != nil {
			log.Error(err)
			return apiErrors.InternalError.Detail("Unable to update the email")
		}
	} else if updatedUser.FirstName != currentUser.FirstName {
		err = users.UpdateUserFirstName(updatedUser.GetID(), updatedUser.FirstName)
		if err != nil {
			log.Error(err)
			return apiErrors.InternalError.Detail("Unable to update the first name")
		}
	} else if updatedUser.LastName != currentUser.LastName {
		err = users.UpdateUserLastName(updatedUser.GetID(), updatedUser.LastName)
		if err != nil {
			log.Error(err)
			return apiErrors.InternalError.Detail("Unable to update the last name")
		}
	} else {
		return apiErrors.InvalidRequest.Detail("No field sent")
	}

	return utils.JSON(c, http.StatusOK, &updatedUser)
}
Esempio n. 3
0
func UpdatePassword(c *echo.Context) error {
	userId := c.Param("id")
	if userId == "" {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "User id needed to modify account",
				},
			},
		})
	}

	var user struct {
		Data struct {
			Password string
		}
	}

	err := utils.ParseJSONBody(c, &user)
	if err != nil {
		return nil
	}

	exists, err := users.UserExists(userId)
	if err != nil {
		log.Errorf("Unable to check user existance: %s", err.Error())
		return err
	}

	if !exists {
		return c.JSON(http.StatusNotFound, hash{
			"error": [1]hash{
				hash{
					"detail": "User not found",
				},
			},
		})
	}

	err = users.UpdateUserPassword(userId, user.Data.Password)
	if err != nil {
		log.Errorf("Unable to update user password: %s", err.Error())
		return err
	}

	return c.JSON(http.StatusOK, hash{
		"data": hash{
			"success": true,
		},
	})
}