func updateUser(w http.ResponseWriter, r *twocloud.RequestBundle) {
var req modifyUserRequest
user := r.AuthUser
username := r.Request.URL.Query().Get(":username")
if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) {
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusForbidden, "You don't have access to that user's account.", []interface{}{})
return
}
id, err := r.GetUserID(username)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user, err = r.GetUser(id)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
}
body, err := ioutil.ReadAll(r.Request.Body)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
err = json.Unmarshal(body, &req)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{})
return
}
email := user.Email
given_name := user.Name.Given
family_name := user.Name.Family
name_changed := false
admin := false
for _, field := range req.Fields {
switch field {
case "email":
if req.User.Email == "" {
Respond(w, r, http.StatusBadRequest, "Email cannot be empty.", []interface{}{})
return
}
email = req.User.Email
break
case "name.given":
given_name = req.User.Name.Given
name_changed = true
break
case "name.family":
family_name = req.User.Name.Family
name_changed = true
break
case "admin":
if !r.AuthUser.IsAdmin {
Respond(w, r, http.StatusForbidden, "You don't have the ability to grant or revoke admin status.", []interface{}{})
return
}
admin = true
break
}
}
err = r.UpdateUser(user, email, given_name, family_name, name_changed)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user.Email = email
if name_changed {
user.Name.Given = given_name
user.Name.Family = family_name
}
if admin {
if req.User.IsAdmin && !user.IsAdmin {
err = r.MakeAdmin(user)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user.IsAdmin = true
} else if !req.User.IsAdmin && user.IsAdmin {
err = r.StripAdmin(user)
if err != nil {
r.Log.Error(err.Error())
Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{})
return
}
user.IsAdmin = false
}
}
Respond(w, r, http.StatusOK, "Successfully updated the user account", []interface{}{user})
return
}