func userSetPassword(w http.ResponseWriter, r *http.Request) *handler.Error { db := datastore.New() defer db.Close() c := context.New(r) u := user.Current(c, db) if !u.Validate(r.FormValue("oldpassword")) { return handler.NewError(nil, 400, "Old password incorrect!") } newPass := r.FormValue("password") if newPass != r.FormValue("repeatpassword") { return handler.NewError(nil, 400, "New password doesn't match!") } if len(newPass) > 100 { return handler.NewError(nil, 400, "Password length over 100. Seriously?!") } u.SetPassword(newPass) if err := db.C("users").UpdateId(u.Id, u); err != nil { return handler.NewError(err, 500, "Error updating user password!") } return nil }
// download provides the requested apk by the given bson.ObjectId func download(w http.ResponseWriter, r *http.Request) *handler.Error { var ( apk Apk buf bytes.Buffer ) db := datastore.New() defer db.Close() q := bson.M{"_id": bson.ObjectIdHex(r.FormValue("id"))} err := db.C("apks").Find(q).One(&apk) if err != nil { return handler.NewError(err, 404, "No record of apk.") } file, err := db.FS().OpenId(apk.FileId) if err != nil { return handler.NewError(err, 404, "No such apk.") } io.Copy(&buf, file) filename := fmt.Sprintf("%s-%s.apk", apk.Badging.ApplicationLabel, apk.Time) w.Header().Set("Content-Type", "application/vnd.android.package-archive") w.Header().Set("Content-Disposition", "attachment;filename="+filename) w.Write(buf.Bytes()) return nil }
// icon retrieves a previously saved apk icon. func icon(w http.ResponseWriter, r *http.Request) *handler.Error { db := datastore.New() defer db.Close() id := mux.Vars(r)["iconId"] if id == "" { w.Header().Set("Content-type", "image/png") w.Write([]byte{137, 80, 78, 71, 13, 10, 26, 10, 0, 0, 0, 13, 73, 72, 68, 82, 0, 0, 0, 1, 0, 0, 0, 1, 8, 6, 0, 0, 0, 31, 21, 196, 137, 0, 0, 0, 13, 73, 68, 65, 84, 8, 215, 99, 96, 96, 96, 96, 0, 0, 0, 5, 0, 1, 94, 243, 42, 58, 0, 0, 0, 0, 73, 69, 78, 68, 174, 66, 96, 130}) return nil } file, err := db.FS().OpenId(bson.ObjectIdHex(id)) if err != nil { return handler.NewError(err, 404, "No such icon.") } var buf bytes.Buffer io.Copy(&buf, file) // TODO set content type correctly w.Header().Set("Content-type", "image/png") w.Write(buf.Bytes()) return nil }
// report is a web handler that saves ACRA reports. func report(w http.ResponseWriter, r *http.Request) *handler.Error { if err := r.ParseForm(); err != nil { return handler.NewError(err, 500, "Error parsing form data.") } db := datastore.New() defer db.Close() // find apk var apk *Apk name := r.FormValue("PACKAGE_NAME") vc := r.FormValue("APP_VERSION_CODE") // TODO use user submitted formid that identifies user with public hash for locating correct package q := bson.M{"badging.package.name": name, "badging.package.versionCode": vc} if err := db.C("apks").Find(q).Sort("-time").One(&apk); err != nil { // return 200 so acra doesn't keep resubmitting the report return handler.NewError(err, 200, fmt.Sprintf("No apk by given name and version code found: NAME %s VC %s", name, vc)) } // save report using generic map to keep values not accounted for in Report struct. m := bson.M{} for k, v := range r.Form { if len(v) == 1 { m[k] = v[0] } } reportId := bson.NewObjectId() m["_id"] = reportId m["apkid"] = apk.Id m["time"] = time.Now() if err := db.C("reports").Insert(m); err != nil { return handler.NewError(err, 500, "Error inserting new report") } apk.ReportIds = append([]bson.ObjectId{reportId}, apk.ReportIds...) if err := db.C("apks").UpdateId(apk.Id, apk); err != nil { return handler.NewError(err, 500, "Error updating apk reportids") } // TODO send email notify if desired by user return nil }
func apkById(w http.ResponseWriter, r *http.Request) *handler.Error { db := datastore.New() defer db.Close() apkId := bson.ObjectIdHex(mux.Vars(r)["id"]) var apk *Apk // TODO confirm user has access to apk if err := db.C("apks").FindId(apkId).One(&apk); err != nil { return handler.NewError(err, 500, "Failed to locate apk.") } render.Json(w, apk) return nil }
func errorsByApkId(w http.ResponseWriter, r *http.Request) *handler.Error { db := datastore.New() defer db.Close() apkId := bson.ObjectIdHex(mux.Vars(r)["apkId"]) var reports []*Report q := bson.M{"apkid": apkId} if err := db.C("reports").Find(q).All(&reports); err != nil { return handler.NewError(err, 500, "Error querying for apk reports.") } render.Json(w, groupErrors(reports)) return nil }
func userSetProfile(w http.ResponseWriter, r *http.Request) *handler.Error { db := datastore.New() defer db.Close() c := context.New(r) u := user.Current(c, db) u.Name = r.FormValue("name")[:100] u.Email = r.FormValue("email")[:100] if err := db.C("users").UpdateId(u.Id, u); err != nil { return handler.NewError(err, 500, "Error updating user profile") } return nil }
func exportCSV(w http.ResponseWriter, r *http.Request) *handler.Error { w.Header().Set("Content-Type", "text/csv") w.Header().Set("Content-Disposition", "attachment;filename=export.csv") wrtr := csv.NewWriter(w) var sampleReport Report csvHeaders := listFields(sampleReport) wrtr.Write(csvHeaders) db := datastore.New() defer db.Close() var reports []*Report q := bson.M{"apkid": bson.ObjectIdHex(r.FormValue("id"))} if err := db.C("reports").Find(q).All(&reports); err != nil { return handler.NewError(err, 500, "Error querying for apk reports.") } for _, report := range reports { var record []string s := reflect.ValueOf(report).Elem() t := s.Type() for i := 0; i < s.NumField(); i++ { f := s.Field(i) if ignoreField(t.Field(i).Name) { continue } record = append(record, f.String()) } wrtr.Write(record) } return nil }
func errorDetails(w http.ResponseWriter, r *http.Request) *handler.Error { db := datastore.New() defer db.Close() // get session user // c := context.New(r) // u := user.Current(c, db) apkId := mux.Vars(r)["apkId"] reportId := mux.Vars(r)["reportId"] var report *Report db.C("reports").FindId(bson.ObjectIdHex(reportId)).One(&report) // get info from related reports to attach here var reports []*Report q := bson.M{"apkid": bson.ObjectIdHex(apkId)} // TODO confirm user has access to project if err := db.C("reports").Find(q).All(&reports); err != nil { return handler.NewError(err, 500, "Error querying for apk reports.") } attachGroupDetails(report, reports) render.Json(w, report) return nil }
// upload is a web handler for receiving an apk. func upload(w http.ResponseWriter, r *http.Request) *handler.Error { // dont use memory for holding apk if err := r.ParseMultipartForm(0); err != nil { return handler.NewError(err, 500, "Unable to parse multipart form.") } f, _, err := r.FormFile("apk") if err != nil { return handler.NewError(err, 500, "Form file \"apk\" does not exist") } // dump badging and locate appropriate icon name within apk m := dumpBadging(f.(*os.File).Name()) k := fmt.Sprintf("application-icon-%s", m["densities"].([]interface{})[0]) res := m[k].(string) // locate tmp file and extract icon fi, err := f.(*os.File).Stat() if err != nil { return handler.NewError(err, 500, "Can't stat file.") } zr, err := zip.NewReader(f, fi.Size()) if err != nil { return handler.NewError(err, 500, "Not a valid zip archive") } icon := zipReadBytes(zr, res) // Link current user to package name, save badging, apk file, and icon file. db := datastore.New() defer db.Close() u := user.Current(context.New(r), db) apkFile, err := db.FS().Create("") if err != nil { return handler.NewError(err, 500, "Can't save apk") } defer apkFile.Close() io.Copy(apkFile, f) iconFile, err := db.FS().Create("") if err != nil { return handler.NewError(err, 500, "Can't save icon") } defer iconFile.Close() iconFile.Write(icon) // using bson.M to store all badging values, including those not specified in struct apkId := bson.NewObjectId() apkName := m["package"].(map[string]interface{})["name"].(string) apkM := bson.M{ "_id": apkId, "fileid": apkFile.Id(), "iconid": iconFile.Id(), "time": time.Now(), "badging": m, } if err = db.C("apks").Insert(apkM); err != nil { return handler.NewError(err, 500, "Error inserting apk info.") } project := ProjectByName(u, apkName) project.ApkIds = append([]bson.ObjectId{apkId}, project.ApkIds...) if _, err = db.C("projects").UpsertId(project.Id, project); err != nil { return handler.NewError(err, 500, "Error upserting project.") } http.Redirect(w, r, "/console/index", 302) return nil }