func Update(c *echo.Context) error { u := users.User{} err := utils.ParseJSONBody(c, &u) if err != nil { return nil } user, err := users.GetUser(u.GetID()) if err != nil { return apiErrors.UserNotFound } if u.Password == "" { return apiErrors.InvalidRequest.Detail("The password field is missing.") } err = users.UpdateUserPassword(user.GetID(), u.Password) if err != nil { log.Error(err) return apiErrors.InternalError.Detail("Unable to update the password.") } return utils.JSON(c, http.StatusOK, user) }
func Update(c *echo.Context) error { updatedUser := users.User{} user := c.Get("user").(*users.User) err := utils.ParseJSONBody(c, &updatedUser) if err != nil { return apiErrors.InvalidRequest } currentUser, err := users.GetUser(updatedUser.GetID()) if err != nil { return apiErrors.UserNotFound } if !user.IsAdmin && (updatedUser.GetID() != user.GetID()) { return apiErrors.Unauthorized.Detail("You can only update your account") } if updatedUser.IsAdmin != currentUser.IsAdmin { if currentUser.Id == user.GetID() { return apiErrors.Unauthorized.Detail("You cannot grant administration rights") } err = users.UpdateUserPrivilege(updatedUser.GetID(), updatedUser.IsAdmin) if err != nil { log.Error(err) return apiErrors.InternalError.Detail("Unable to update the rank") } } else if updatedUser.Password != "" { err = users.UpdateUserPassword(updatedUser.GetID(), updatedUser.Password) if err != nil { log.Error(err) return apiErrors.InternalError.Detail("Unable to update the password") } } else if updatedUser.Email != currentUser.Email { err = users.UpdateUserEmail(updatedUser.GetID(), updatedUser.Email) if err != nil { log.Error(err) return apiErrors.InternalError.Detail("Unable to update the email") } } else if updatedUser.FirstName != currentUser.FirstName { err = users.UpdateUserFirstName(updatedUser.GetID(), updatedUser.FirstName) if err != nil { log.Error(err) return apiErrors.InternalError.Detail("Unable to update the first name") } } else if updatedUser.LastName != currentUser.LastName { err = users.UpdateUserLastName(updatedUser.GetID(), updatedUser.LastName) if err != nil { log.Error(err) return apiErrors.InternalError.Detail("Unable to update the last name") } } else { return apiErrors.InvalidRequest.Detail("No field sent") } return utils.JSON(c, http.StatusOK, &updatedUser) }
func UpdatePassword(c *echo.Context) error { userId := c.Param("id") if userId == "" { return c.JSON(http.StatusBadRequest, hash{ "error": [1]hash{ hash{ "detail": "User id needed to modify account", }, }, }) } var user struct { Data struct { Password string } } err := utils.ParseJSONBody(c, &user) if err != nil { return nil } exists, err := users.UserExists(userId) if err != nil { log.Errorf("Unable to check user existance: %s", err.Error()) return err } if !exists { return c.JSON(http.StatusNotFound, hash{ "error": [1]hash{ hash{ "detail": "User not found", }, }, }) } err = users.UpdateUserPassword(userId, user.Data.Password) if err != nil { log.Errorf("Unable to update user password: %s", err.Error()) return err } return c.JSON(http.StatusOK, hash{ "data": hash{ "success": true, }, }) }