func GetUser(c *echo.Context) error {
userId := c.Param("id")
if userId == "" {
return c.JSON(http.StatusBadRequest, hash{
"error": [1]hash{
hash{
"detail": "User id needed to retrieve account informations",
},
},
})
}
user, err := users.GetUser(userId)
if err != nil {
return err
}
if user == nil {
return c.JSON(http.StatusNotFound, hash{
"error": [1]hash{
hash{
"detail": "User Not Found",
},
},
})
}
return c.JSON(http.StatusOK, hash{
"data": hash{
"id": user.Id,
"type": "user",
"attributes": user,
},
})
}
func (c oauthConnector) GetUserFromAccessToken(accessToken string) (interface{}, error) {
rows, err := db.Query(
`SELECT user_id
FROM oauth_access_tokens
WHERE token = $1::varchar
AND expires_at > NOW()
`,
accessToken,
)
if err != nil {
return nil, err
}
defer rows.Close()
if !rows.Next() {
return nil, nil
}
var userId string
err = rows.Scan(&userId)
if err != nil {
return nil, err
}
return users.GetUser(userId)
}
func GetUser(c *echo.Context) error {
userId := c.Param("id")
if userId == "" {
return c.JSON(http.StatusBadRequest, hash{
"error": [1]hash{
hash{
"detail": "User id needed to retrieve account informations",
},
},
})
}
user, err := users.GetUser(userId)
if err != nil {
return err
}
if user == nil {
return c.JSON(http.StatusNotFound, hash{
"error": [1]hash{
hash{
"detail": "User Not Found",
},
},
})
}
return utils.JSON(c, http.StatusOK, user)
}
func Update(c *echo.Context) error {
u := users.User{}
err := utils.ParseJSONBody(c, &u)
if err != nil {
return nil
}
user, err := users.GetUser(u.GetID())
if err != nil {
return apiErrors.UserNotFound
}
if u.Password == "" {
return apiErrors.InvalidRequest.Detail("The password field is missing.")
}
err = users.UpdateUserPassword(user.GetID(), u.Password)
if err != nil {
log.Error(err)
return apiErrors.InternalError.Detail("Unable to update the password.")
}
return utils.JSON(c, http.StatusOK, user)
}
func Update(c *echo.Context) error {
updatedUser := users.User{}
user := c.Get("user").(*users.User)
err := utils.ParseJSONBody(c, &updatedUser)
if err != nil {
return apiErrors.InvalidRequest
}
currentUser, err := users.GetUser(updatedUser.GetID())
if err != nil {
return apiErrors.UserNotFound
}
if !user.IsAdmin && (updatedUser.GetID() != user.GetID()) {
return apiErrors.Unauthorized.Detail("You can only update your account")
}
if updatedUser.IsAdmin != currentUser.IsAdmin {
if currentUser.Id == user.GetID() {
return apiErrors.Unauthorized.Detail("You cannot grant administration rights")
}
err = users.UpdateUserPrivilege(updatedUser.GetID(), updatedUser.IsAdmin)
if err != nil {
log.Error(err)
return apiErrors.InternalError.Detail("Unable to update the rank")
}
} else if updatedUser.Password != "" {
err = users.UpdateUserPassword(updatedUser.GetID(), updatedUser.Password)
if err != nil {
log.Error(err)
return apiErrors.InternalError.Detail("Unable to update the password")
}
} else if updatedUser.Email != currentUser.Email {
err = users.UpdateUserEmail(updatedUser.GetID(), updatedUser.Email)
if err != nil {
log.Error(err)
return apiErrors.InternalError.Detail("Unable to update the email")
}
} else if updatedUser.FirstName != currentUser.FirstName {
err = users.UpdateUserFirstName(updatedUser.GetID(), updatedUser.FirstName)
if err != nil {
log.Error(err)
return apiErrors.InternalError.Detail("Unable to update the first name")
}
} else if updatedUser.LastName != currentUser.LastName {
err = users.UpdateUserLastName(updatedUser.GetID(), updatedUser.LastName)
if err != nil {
log.Error(err)
return apiErrors.InternalError.Detail("Unable to update the last name")
}
} else {
return apiErrors.InvalidRequest.Detail("No field sent")
}
return utils.JSON(c, http.StatusOK, &updatedUser)
}
func Delete(c *echo.Context) error {
userId := c.Param("id")
if len(userId) == 0 {
return c.JSON(http.StatusBadRequest, hash{
"error": [1]hash{
hash{
"detail": "User id needed for deletion",
},
},
})
}
user, err := users.GetUser(userId)
if err != nil {
return err
}
if user == nil {
return c.JSON(http.StatusNotFound, hash{
"error": [1]hash{
hash{
"detail": "User not found",
},
},
})
}
if user.IsAdmin {
return c.JSON(http.StatusUnauthorized, hash{
"error": [1]hash{
hash{
"detail": "Admins cannot be deleted",
},
},
})
}
err = users.DeleteUser(user.Id)
if err != nil {
log.Errorf("Unable to delete user: "******"meta": hash{},
})
}
/**
* Return the appropriate user for the download token and the filename.
*/
func checkDownloadToken(token, filename string) (*users.User, error) {
splt := strings.SplitN(token, ":", 2)
if len(splt) != 2 {
return nil, InvalidDownloadToken
}
accessTokenId := splt[0]
rows, err := db.Query(
"SELECT token, user_id FROM oauth_access_tokens WHERE id = $1::varchar",
accessTokenId,
)
if err != nil {
return nil, err
}
defer rows.Close()
if !rows.Next() {
return nil, InvalidDownloadToken
}
timeStone := time.Now().Unix()
timeStone = timeStone + (3600 - timeStone%3600)
var accessToken string
var userId string
err = rows.Scan(&accessToken, &userId)
if err != nil {
return nil, err
}
h := accessToken + ":" + filename + ":"
expected := sha1Hash(h + strconv.FormatInt(timeStone, 10))
if splt[1] != expected {
timeStone = timeStone + 3600
expected = sha1Hash(h + strconv.FormatInt(timeStone, 10))
if splt[1] != expected {
return nil, InvalidDownloadToken
}
}
return users.GetUser(userId)
}
func Delete(c *echo.Context) error {
userId := c.Param("id")
if len(userId) == 0 {
return c.JSON(http.StatusBadRequest, hash{
"error": [1]hash{
hash{
"detail": "User id needed for deletion",
},
},
})
}
user, err := users.GetUser(userId)
if err != nil {
return err
}
if user == nil {
return c.JSON(http.StatusNotFound, hash{
"error": [1]hash{
hash{
"detail": "User not found",
},
},
})
}
if user.IsAdmin {
return c.JSON(http.StatusUnauthorized, hash{
"error": [1]hash{
hash{
"detail": "Admins cannot be deleted",
},
},
})
}
err = ldap.DeleteAccount(user.Id)
if err != nil {
log.Errorf("Unable to delete user in ad: %s", err.Error())
switch err {
case ldap.DeleteFailed:
return c.JSON(http.StatusInternalServerError, hash{
"error": [1]hash{
hash{
"detail": err.Error(),
},
},
})
case ldap.UnknownUser:
log.Info("User doesn't exist in AD")
break
default:
return err
}
}
err = users.DeleteUser(user.Id)
if err != nil {
log.Errorf("Unable to delete user: "******"data": hash{
"success": true,
},
})
}
func Update(c *echo.Context) error {
var attr map[string]map[string]interface{}
err := utils.ParseJSONBody(c, &attr)
if err != nil {
return nil
}
data, ok := attr["data"]
if ok == false {
return c.JSON(http.StatusBadRequest, hash{
"error": [1]hash{
hash{
"detail": "data is missing",
},
},
})
}
attributes, ok := data["attributes"].(map[string]interface{})
if ok == false {
return c.JSON(http.StatusBadRequest, hash{
"error": [1]hash{
hash{
"detail": "attributes is missing",
},
},
})
}
activated, ok := attributes["activated"]
if ok == false {
return c.JSON(http.StatusBadRequest, hash{
"error": [1]hash{
hash{
"detail": "activated field is missing",
},
},
})
}
if activated != false {
return c.JSON(http.StatusBadRequest, hash{
"error": [1]hash{
hash{
"detail": "activated field must be false",
},
},
})
}
code, err := Disable(c.Param("id"))
if err != nil {
return c.JSON(code, hash{
"error": [1]hash{
hash{
"detail": err.Error(),
},
},
})
}
user, err := users.GetUser(c.Param("id"))
if user == nil {
return c.JSON(http.StatusOK, hash{
"data": hash{
"success": true,
},
})
}
return c.JSON(http.StatusOK, hash{
"data": hash{
"success": true,
"id": user.Id,
"type": "user",
"attributes": user,
},
})
}