func changeUserQuota(w http.ResponseWriter, r *http.Request, t auth.Token) error {
limit, err := strconv.Atoi(r.FormValue("limit"))
if err != nil {
return &errors.HTTP{
Code: http.StatusBadRequest,
Message: "Invalid limit",
}
}
email := r.URL.Query().Get(":email")
user, err := auth.GetUserByEmail(email)
if err == auth.ErrUserNotFound {
return &errors.HTTP{
Code: http.StatusNotFound,
Message: err.Error(),
}
} else if err != nil {
return err
}
return auth.ChangeQuota(user, limit)
}
// title: update user quota
// path: /users/{email}/quota
// method: PUT
// consume: application/x-www-form-urlencoded
// responses:
// 200: Quota updated
// 400: Invalid data
// 401: Unauthorized
// 404: User not found
func changeUserQuota(w http.ResponseWriter, r *http.Request, t auth.Token) (err error) {
r.ParseForm()
email := r.URL.Query().Get(":email")
allowed := permission.Check(t, permission.PermUserUpdateQuota, permission.Context(permission.CtxUser, email))
if !allowed {
return permission.ErrUnauthorized
}
user, err := auth.GetUserByEmail(email)
if err == auth.ErrUserNotFound {
return &errors.HTTP{
Code: http.StatusNotFound,
Message: err.Error(),
}
} else if err != nil {
return err
}
evt, err := event.New(&event.Opts{
Target: event.Target{Type: event.TargetTypeUser, Value: email},
Kind: permission.PermUserUpdateQuota,
Owner: t,
CustomData: event.FormToCustomData(r.Form),
Allowed: event.Allowed(permission.PermUserReadEvents, permission.Context(permission.CtxUser, email)),
})
if err != nil {
return err
}
defer func() { evt.Done(err) }()
limit, err := strconv.Atoi(r.FormValue("limit"))
if err != nil {
return &errors.HTTP{
Code: http.StatusBadRequest,
Message: "Invalid limit",
}
}
return auth.ChangeQuota(user, limit)
}