func (con User) Handler(c context.Context) http.Handler {
cfg := readeef.GetConfig(c)
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
user := readeef.GetUser(c, r)
action := webfw.GetMultiPatternIdentifier(c, r)
params := webfw.GetParams(c, r)
var resp responseError
switch action {
case "list":
resp = listUsers(user)
case "add":
buf := util.BufferPool.GetBuffer()
defer util.BufferPool.Put(buf)
buf.ReadFrom(r.Body)
resp = addUser(user, data.Login(params["login"]), buf.String(), []byte(cfg.Auth.Secret))
case "remove":
resp = removeUser(user, data.Login(params["login"]))
case "setAttr":
resp = setAttributeForUser(user, []byte(cfg.Auth.Secret), data.Login(params["login"]), params["attr"], []byte(params["value"]))
}
switch resp.err {
case errForbidden:
w.WriteHeader(http.StatusForbidden)
return
case errUserExists:
resp.val["Error"] = true
resp.val["ErrorType"] = resp.errType
resp.err = nil
case errCurrentUser:
resp.val["Error"] = true
resp.val["ErrorType"] = resp.errType
resp.err = nil
}
var b []byte
if resp.err == nil {
b, resp.err = json.Marshal(resp.val)
}
if resp.err != nil {
webfw.GetLogger(c).Print(resp.err)
w.WriteHeader(http.StatusInternalServerError)
return
}
w.Write(b)
})
}
func (con Login) Handler(c context.Context) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
l := webfw.GetLogger(c)
sess := webfw.GetSession(c, r)
renderData := renderer.RenderData{}
if r.Method == "GET" {
if v, ok := sess.Flash("form-error"); ok {
renderData["form-error"] = v
}
} else {
if err := r.ParseForm(); err != nil {
l.Fatal(err)
}
username := data.Login(r.Form.Get("username"))
password := r.Form.Get("password")
repo := GetRepo(c)
conf := GetConfig(c)
u := repo.UserByLogin(username)
formError := false
if u.Err() != nil {
sess.SetFlash("form-error", "login-incorrect")
formError = true
} else if !u.Authenticate(password, []byte(conf.Auth.Secret)) {
sess.SetFlash("form-error", "login-incorrect")
formError = true
} else {
sess.Set(AuthUserKey, u)
sess.Set(AuthNameKey, username)
}
if formError {
http.Redirect(w, r, r.URL.String(), http.StatusTemporaryRedirect)
} else {
var returnPath string
if v, ok := sess.Flash("return-to"); ok {
returnPath = v.(string)
} else {
returnPath = webfw.GetDispatcher(c).Pattern
}
http.Redirect(w, r, returnPath, http.StatusTemporaryRedirect)
}
return
}
err := webfw.GetRenderCtx(c, r)(w, renderData, "login.tmpl")
if err != nil {
l.Print(err)
}
}
}
func TestUser(t *testing.T) {
u := User{}
u.data.FirstName = "First"
u.data.LastName = "Last"
tests.CheckString(t, "First Last", u.String())
u.data.Email = "*****@*****.**"
tests.CheckString(t, "First Last <*****@*****.**>", u.String())
d := u.Data()
tests.CheckString(t, "*****@*****.**", d.Email)
d = u.Data(data.User{Email: ""})
tests.CheckString(t, "", d.Email)
tests.CheckString(t, "", d.FirstName)
tests.CheckBool(t, false, u.Validate() == nil)
u.data.Email = "example"
tests.CheckBool(t, false, u.Validate() == nil)
u.data.Email = "*****@*****.**"
tests.CheckBool(t, false, u.Validate() == nil)
u.data.Login = data.Login("login")
tests.CheckBool(t, true, u.Validate() == nil)
ejson, eerr := json.Marshal(u.data)
tests.CheckBool(t, true, eerr == nil)
ajson, aerr := json.Marshal(u)
tests.CheckBool(t, true, aerr == nil)
tests.CheckBytes(t, ejson, ajson)
tests.CheckBytes(t, []byte{}, u.data.MD5API)
tests.CheckString(t, "", u.data.HashType)
tests.CheckBytes(t, []byte{}, u.data.Hash)
u.Password("pass", []byte("secret"))
h := md5.Sum([]byte(fmt.Sprintf("%s:%s", "login", "pass")))
tests.CheckBytes(t, h[:], u.data.MD5API)
tests.CheckString(t, "sha1", u.data.HashType)
tests.CheckBytes(t, u.generateHash("pass", []byte("secret")), u.data.Hash)
}
func initAdminUser(repo content.Repo, secret []byte) error {
users := repo.AllUsers()
if repo.HasErr() {
return repo.Err()
}
if len(users) > 0 {
return nil
}
u := repo.User()
u.Data(data.User{Login: data.Login("admin"), Active: true, Admin: true})
u.Password("admin", secret)
u.Update()
return u.Err()
}
func main() {
confpath := flag.String("config", "", "config path")
flag.Parse()
cfg, err := readeef.ReadConfig(*confpath)
if err != nil {
exitWithError(fmt.Sprintf("Error reading config from path '%s': %v", *confpath, err))
}
logger := readeef.NewLogger(cfg)
repo, err := repo.New(cfg.DB.Driver, cfg.DB.Connect, logger)
if err != nil {
exitWithError(fmt.Sprintf("Error connecting to database: %v", err))
}
switch flag.Arg(0) {
case "add":
if flag.NArg() != 3 {
exitWithError("Not enough arguments for 'add' command. Login and password must be specified")
}
login := flag.Arg(1)
pass := flag.Arg(2)
u := repo.User()
i := u.Data()
i.Login = data.Login(login)
i.Active = true
u.Data(i)
u.Password(pass, []byte(cfg.Auth.Secret))
u.Update()
if u.HasErr() {
exitWithError(fmt.Sprintf("Error setting password for user '%s': %v", login, u.Err()))
}
case "remove":
if flag.NArg() != 2 {
exitWithError("Not enough arguments for 'remove' command. Login must be specified")
}
login := flag.Arg(1)
u := repo.UserByLogin(data.Login(login))
u.Delete()
if u.HasErr() {
exitWithError(fmt.Sprintf("Error getting user '%s' from the database: %v", login, u.Err()))
}
case "get":
if flag.NArg() != 3 {
exitWithError("Not enough arguments for 'get' command. Login and user property must be specified")
}
login := flag.Arg(1)
prop := flag.Arg(2)
u := repo.UserByLogin(data.Login(login))
if repo.HasErr() {
exitWithError(fmt.Sprintf("Error getting user '%s' from the database: %v", login, repo.Err()))
}
lowerProp := strings.ToLower(prop)
switch lowerProp {
case "firstname", "first_name":
fmt.Printf("%s\n", u.Data().FirstName)
case "lastname", "last_name":
fmt.Printf("%s\n", u.Data().LastName)
case "email":
fmt.Printf("%s\n", u.Data().Email)
case "hashtype", "hash_type":
fmt.Printf("%s\n", u.Data().HashType)
case "salt":
fmt.Printf("%v\n", u.Data().Salt)
case "hash":
fmt.Printf("%v\n", u.Data().Hash)
case "md5api", "md5_api":
fmt.Printf("%v\n", u.Data().MD5API)
case "admin":
fmt.Printf("%v\n", u.Data().Admin)
case "active":
fmt.Printf("%v\n", u.Data().Active)
default:
exitWithError(fmt.Sprintf("Unknown user property '%s'", prop))
}
case "set":
if flag.NArg() != 4 {
exitWithError("Not enough arguments for 'set' command. Login, user property, and value must be specified")
}
login := flag.Arg(1)
prop := flag.Arg(2)
val := flag.Arg(3)
u := repo.UserByLogin(data.Login(login))
if repo.HasErr() {
exitWithError(fmt.Sprintf("Error getting user '%s' from the database: %v", login, repo.Err()))
}
in := u.Data()
lowerProp := strings.ToLower(prop)
switch lowerProp {
case "firstname", "first_name":
in.FirstName = val
case "lastname", "last_name":
in.LastName = val
case "email":
in.Email = val
case "password":
u.Password(val, []byte(cfg.Auth.Secret))
case "admin", "active":
enabled := false
if val == "1" || val == "true" || val == "on" {
enabled = true
}
if lowerProp == "admin" {
in.Admin = enabled
} else {
in.Active = enabled
}
default:
exitWithError(fmt.Sprintf("Unknown user property '%s'", prop))
}
u.Update()
if u.HasErr() {
exitWithError(fmt.Sprintf("Error updating the user database record for '%s': %v", login, u.Err()))
}
case "list":
users := repo.AllUsers()
if repo.HasErr() {
exitWithError(fmt.Sprintf("Error getting users from the database: %v", repo.Err()))
}
for _, u := range users {
fmt.Printf("%s\n", u.Data().Login)
}
case "list-detailed":
users := repo.AllUsers()
if repo.HasErr() {
exitWithError(fmt.Sprintf("Error getting users from the database: %v", repo.Err()))
}
for _, u := range users {
in := u.Data()
fmt.Printf("Login: %s", in.Login)
if in.FirstName != "" {
fmt.Printf(", first name: %s", in.FirstName)
}
if in.LastName != "" {
fmt.Printf(", last name: %s", in.LastName)
}
if in.Email != "" {
fmt.Printf(", email: %s", in.Email)
}
if in.HashType != "" {
fmt.Printf(", has type: %s", in.HashType)
}
fmt.Printf("\n")
}
default:
exitWithError(fmt.Sprintf("Unknown command '%s'", flag.Arg(0)))
}
}
func TestUser(t *testing.T) {
u := repo.User()
tests.CheckBool(t, false, u.HasErr(), u.Err())
u.Update()
tests.CheckBool(t, true, u.HasErr())
err := u.Err()
_, ok := err.(content.ValidationError)
tests.CheckBool(t, true, ok, err)
u.Data(data.User{Login: data.Login("login")})
tests.CheckBool(t, false, u.HasErr(), u.Err())
u.Update()
tests.CheckBool(t, false, u.HasErr(), u.Err())
u2 := repo.UserByLogin(data.Login("login"))
tests.CheckBool(t, false, u2.HasErr(), u2.Err())
tests.CheckString(t, "login", string(u2.Data().Login))
u.Delete()
tests.CheckBool(t, false, u.HasErr(), u.Err())
u2 = repo.UserByLogin(data.Login("login"))
tests.CheckBool(t, true, u2.HasErr())
tests.CheckBool(t, true, u2.Err() == content.ErrNoContent)
u = createUser(data.User{Login: data.Login("login")})
now := time.Now()
uf := createUserFeed(u, data.Feed{Link: "http://sugr.org/en/sitemap.xml", Title: "User feed 1"})
uf.AddArticles([]content.Article{
createArticle(data.Article{Title: "article1", Date: now, Link: "http://sugr.org/bg/products/gearshift"}),
createArticle(data.Article{Title: "article2", Date: now.Add(2 * time.Hour), Link: "http://sugr.org/bg/products/readeef"}),
createArticle(data.Article{Title: "article3", Date: now.Add(-3 * time.Hour), Link: "http://sugr.org/bg/about/us"}),
})
u.AddFeed(uf)
var id1, id2, id3 data.ArticleId
for _, a := range uf.AllArticles() {
d := a.Data()
switch d.Title {
case "article1":
id1 = d.Id
case "article2":
id2 = d.Id
case "article3":
id3 = d.Id
default:
tests.CheckBool(t, true, false, "Unknown article")
}
}
tests.CheckBool(t, false, uf.HasErr(), uf.Err())
tests.CheckInt64(t, 1, int64(len(u.AllFeeds())))
tests.CheckString(t, "http://sugr.org/en/sitemap.xml", u.AllFeeds()[0].Data().Link)
tests.CheckString(t, "User feed 1", u.AllFeeds()[0].Data().Title)
a := u.ArticleById(10000000)
tests.CheckBool(t, true, a.Err() == content.ErrNoContent)
a = u.ArticleById(id1)
tests.CheckBool(t, false, a.HasErr(), a.Err())
tests.CheckString(t, "article1", a.Data().Title)
a2 := u.ArticlesById([]data.ArticleId{100000000, id1, id2})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 2, int64(len(a2)))
for i := range a2 {
d := a2[i].Data()
switch d.Title {
case "article1":
case "article2":
default:
tests.CheckBool(t, false, true, "Unknown article")
}
}
u.SortingById()
ua := u.Articles()
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 3, int64(len(ua)))
tests.CheckInt64(t, int64(id1), int64(ua[0].Data().Id))
tests.CheckString(t, "article2", ua[1].Data().Title)
tests.CheckInt64(t, now.Add(-3*time.Hour).Unix(), ua[2].Data().Date.Unix())
u.SortingByDate()
ua = u.Articles()
tests.CheckInt64(t, int64(id3), int64(ua[0].Data().Id))
tests.CheckString(t, "article1", ua[1].Data().Title)
tests.CheckInt64(t, now.Add(2*time.Hour).Unix(), ua[2].Data().Date.Unix())
u.Reverse()
ua = u.Articles()
tests.CheckInt64(t, int64(id2), int64(ua[0].Data().Id))
tests.CheckString(t, "article1", ua[1].Data().Title)
tests.CheckInt64(t, now.Add(-3*time.Hour).Unix(), ua[2].Data().Date.Unix())
ua[1].Read(false)
ua[2].Read(false)
u.Reverse()
u.SortingById()
ua = u.Articles(data.ArticleQueryOptions{UnreadOnly: true})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 2, int64(len(ua)))
tests.CheckInt64(t, int64(id1), int64(ua[0].Data().Id))
tests.CheckString(t, "article3", ua[1].Data().Title)
u.ArticleById(id2).Read(false)
ua = u.Articles(data.ArticleQueryOptions{UnreadOnly: true})
tests.CheckInt64(t, 3, int64(len(ua)))
u.ReadState(true, data.ArticleUpdateStateOptions{BeforeDate: now.Add(time.Minute)})
tests.CheckBool(t, false, u.HasErr(), u.Err())
ua = u.Articles(data.ArticleQueryOptions{UnreadOnly: true})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 1, int64(len(ua)))
tests.CheckInt64(t, int64(id2), int64(ua[0].Data().Id))
u.ArticleById(id1).Read(false)
u.ReadState(true, data.ArticleUpdateStateOptions{AfterDate: now.Add(time.Minute)})
tests.CheckBool(t, false, u.HasErr(), u.Err())
ua = u.Articles(data.ArticleQueryOptions{UnreadOnly: true})
tests.CheckInt64(t, 1, int64(len(ua)))
tests.CheckInt64(t, int64(id1), int64(ua[0].Data().Id))
u.ArticleById(id1).Favorite(true)
u.ArticleById(id3).Favorite(true)
uIds := u.Ids(data.ArticleIdQueryOptions{UnreadOnly: true})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 1, int64(len(uIds)))
tests.CheckInt64(t, int64(id1), int64(uIds[0]))
fIds := u.Ids(data.ArticleIdQueryOptions{FavoriteOnly: true})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 2, int64(len(fIds)))
for i := range fIds {
switch fIds[i] {
case id1:
case id3:
default:
tests.CheckBool(t, false, true, "Unknown article id")
}
}
tests.CheckInt64(t, 3, u.Count())
tests.CheckBool(t, false, u.HasErr(), u.Err())
ua = u.Articles(data.ArticleQueryOptions{FavoriteOnly: true})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 2, int64(len(ua)))
for i := range ua {
d := ua[i].Data()
switch d.Id {
case id1:
case id3:
default:
tests.CheckBool(t, false, true, "Unknown article id")
}
}
u.SortingById()
ua = u.Articles(data.ArticleQueryOptions{AfterId: id1})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 2, int64(len(ua)))
for i := range ua {
d := ua[i].Data()
switch d.Id {
case id2:
case id3:
default:
tests.CheckBool(t, false, true, "Unknown article id")
}
}
u.Reverse()
ua = u.Articles(data.ArticleQueryOptions{BeforeId: id2})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 1, int64(len(ua)))
tests.CheckString(t, "article1", ua[0].Data().Title)
asc1 := createArticleScores(data.ArticleScores{ArticleId: id1, Score1: 2, Score2: 2})
asc2 := createArticleScores(data.ArticleScores{ArticleId: id2, Score1: 1, Score2: 3})
sa := u.Articles(data.ArticleQueryOptions{AfterDate: now.Add(-20 * time.Hour), BeforeDate: now.Add(20 * time.Hour), IncludeScores: true, HighScoredFirst: true})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 2, int64(len(sa)))
for i := range sa {
switch sa[i].Data().Id {
case 1:
tests.CheckInt64(t, asc1.Calculate(), sa[i].Data().Score)
case 2:
tests.CheckInt64(t, asc2.Calculate(), sa[i].Data().Score)
}
}
ua = u.Articles()
ua[0].Read(true)
ua[1].Read(true)
ua[2].Read(false)
ua[0].Favorite(true)
ua[1].Favorite(false)
ua[2].Favorite(true)
count := u.Count()
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 3, count)
count = u.Count(data.ArticleCountOptions{UnreadOnly: true})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 1, count)
count = u.Count(data.ArticleCountOptions{FavoriteOnly: true})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 2, count)
count = u.Count(data.ArticleCountOptions{FavoriteOnly: true, UnreadOnly: true})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 1, count)
count = u.Count(data.ArticleCountOptions{BeforeId: id2})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 1, count)
count = u.Count(data.ArticleCountOptions{AfterId: id1})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 2, count)
count = u.Count(data.ArticleCountOptions{BeforeId: id3, AfterId: id1})
tests.CheckBool(t, false, u.HasErr(), u.Err())
tests.CheckInt64(t, 1, count)
}
func (controller TtRss) Handler(c context.Context) http.Handler {
repo := readeef.GetRepo(c)
logger := webfw.GetLogger(c)
config := readeef.GetConfig(c)
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
action := webfw.GetMultiPatternIdentifier(c, r)
if action == "redirecter" {
http.Redirect(w, r, "/", http.StatusMovedPermanently)
}
req := ttRssRequest{}
resp := ttRssResponse{}
var err error
var errType string
var user content.User
var con interface{}
switch {
default:
var b []byte
in := map[string]interface{}{}
if b, err = ioutil.ReadAll(r.Body); err != nil {
err = fmt.Errorf("reading request body: %s", err)
break
}
if err = json.Unmarshal(b, &in); err != nil {
err = fmt.Errorf("decoding JSON request: %s", err)
break
}
req = ttRssConvertRequest(in)
logger.Debugf("Request: %#v\n", req)
resp.Seq = req.Seq
if req.Op != "login" && req.Op != "isLoggedIn" {
if sess, ok := ttRssSessions[req.Sid]; ok {
user = repo.UserByLogin(data.Login(sess.login))
if repo.Err() != nil {
errType = "NOT_LOGGED_IN"
} else {
sess.lastVisit = time.Now()
ttRssSessions[req.Sid] = sess
}
} else {
errType = "NOT_LOGGED_IN"
}
}
if errType != "" {
logger.Debugf("TT-RSS Sessions: %#v\n", ttRssSessions)
break
}
logger.Debugf("TT-RSS OP: %s\n", req.Op)
switch req.Op {
case "getApiLevel":
con = ttRssGenericContent{Level: TTRSS_API_LEVEL}
case "getVersion":
con = ttRssGenericContent{Version: TTRSS_VERSION}
case "login":
user = repo.UserByLogin(data.Login(req.User))
if repo.Err() != nil {
errType = "LOGIN_ERROR"
err = fmt.Errorf("getting TT-RSS user: %s", repo.Err())
break
}
if !user.Authenticate(req.Password, []byte(config.Auth.Secret)) {
errType = "LOGIN_ERROR"
err = fmt.Errorf("authentication for TT-RSS user '%s'", user.Data().Login)
break
}
var sessId string
login := user.Data().Login
for id, sess := range ttRssSessions {
if sess.login == login {
sessId = id
}
}
if sessId == "" {
sessId = strings.Replace(util.UUID(), "-", "", -1)
ttRssSessions[sessId] = ttRssSession{login: login, lastVisit: time.Now()}
}
con = ttRssGenericContent{
ApiLevel: TTRSS_API_LEVEL,
SessionId: sessId,
}
case "logout":
delete(ttRssSessions, req.Sid)
con = ttRssGenericContent{Status: "OK"}
case "isLoggedIn":
if _, ok := ttRssSessions[req.Sid]; ok {
con = ttRssGenericContent{Status: true}
} else {
con = ttRssGenericContent{Status: false}
}
case "getUnread":
var ar content.ArticleRepo
o := data.ArticleCountOptions{UnreadOnly: true}
if req.IsCat {
tagId := data.TagId(req.FeedId)
if tagId > 0 {
ar = user.TagById(tagId)
} else if tagId == TTRSS_CAT_UNCATEGORIZED {
ar = user
o.UntaggedOnly = true
} else if tagId == TTRSS_CAT_SPECIAL {
ar = user
o.FavoriteOnly = true
}
} else {
switch req.FeedId {
case TTRSS_FAVORITE_ID:
ar = user
o.FavoriteOnly = true
case TTRSS_FRESH_ID:
ar = user
o.AfterDate = time.Now().Add(TTRSS_FRESH_DURATION)
case TTRSS_ALL_ID, 0:
ar = user
default:
if req.FeedId > 0 {
feed := user.FeedById(req.FeedId)
if feed.HasErr() {
err = feed.Err()
break
}
ar = feed
}
}
}
if ar == nil {
con = ttRssGenericContent{Unread: "0"}
} else if con == nil {
con = ttRssGenericContent{Unread: strconv.FormatInt(ar.Count(o), 10)}
}
case "getCounters":
if req.OutputMode == "" {
req.OutputMode = "flc"
}
cContent := ttRssCountersContent{}
o := data.ArticleCountOptions{UnreadOnly: true}
unreadCount := user.Count(o)
cContent = append(cContent,
ttRssCounter{Id: "global-unread", Counter: unreadCount})
feeds := user.AllFeeds()
cContent = append(cContent,
ttRssCounter{Id: "subscribed-feeds", Counter: int64(len(feeds))})
cContent = append(cContent, ttRssCounter{Id: TTRSS_ARCHIVED_ID})
cContent = append(cContent,
ttRssCounter{Id: TTRSS_FAVORITE_ID,
Counter: user.Count(data.ArticleCountOptions{UnreadOnly: true, FavoriteOnly: true}),
AuxCounter: user.Count(data.ArticleCountOptions{FavoriteOnly: true})})
cContent = append(cContent, ttRssCounter{Id: TTRSS_PUBLISHED_ID})
freshTime := time.Now().Add(TTRSS_FRESH_DURATION)
cContent = append(cContent,
ttRssCounter{Id: TTRSS_FRESH_ID,
Counter: user.Count(data.ArticleCountOptions{UnreadOnly: true, AfterDate: freshTime}),
AuxCounter: 0})
cContent = append(cContent,
ttRssCounter{Id: TTRSS_ALL_ID,
Counter: user.Count(),
AuxCounter: 0})
for _, f := range feeds {
cContent = append(cContent,
ttRssCounter{Id: int64(f.Data().Id), Counter: f.Count(o)},
)
}
cContent = append(cContent, ttRssCounter{Id: TTRSS_CAT_LABELS, Counter: 0, Kind: "cat"})
for _, t := range user.Tags() {
cContent = append(cContent,
ttRssCounter{
Id: int64(t.Data().Id),
Counter: t.Count(o),
Kind: "cat",
},
)
}
cContent = append(cContent,
ttRssCounter{
Id: TTRSS_CAT_UNCATEGORIZED,
Counter: user.Count(data.ArticleCountOptions{UnreadOnly: true, UntaggedOnly: true}),
Kind: "cat",
},
)
if user.HasErr() {
err = fmt.Errorf("Error getting user counters: %v\n", user.Err())
}
con = cContent
case "getFeeds":
fContent := ttRssFeedsContent{}
if req.CatId == TTRSS_CAT_ALL || req.CatId == TTRSS_CAT_SPECIAL {
unreadFav := user.Count(data.ArticleCountOptions{UnreadOnly: true, FavoriteOnly: true})
if unreadFav > 0 || !req.UnreadOnly {
fContent = append(fContent, ttRssFeed{
Id: TTRSS_FAVORITE_ID,
Title: ttRssSpecialTitle(TTRSS_FAVORITE_ID),
Unread: unreadFav,
CatId: TTRSS_FAVORITE_ID,
})
}
freshTime := time.Now().Add(TTRSS_FRESH_DURATION)
unreadFresh := user.Count(data.ArticleCountOptions{UnreadOnly: true, AfterDate: freshTime})
if unreadFresh > 0 || !req.UnreadOnly {
fContent = append(fContent, ttRssFeed{
Id: TTRSS_FRESH_ID,
Title: ttRssSpecialTitle(TTRSS_FRESH_ID),
Unread: unreadFresh,
CatId: TTRSS_FAVORITE_ID,
})
}
unreadAll := user.Count(data.ArticleCountOptions{UnreadOnly: true})
if unreadAll > 0 || !req.UnreadOnly {
fContent = append(fContent, ttRssFeed{
Id: TTRSS_ALL_ID,
Title: ttRssSpecialTitle(TTRSS_ALL_ID),
Unread: unreadAll,
CatId: TTRSS_FAVORITE_ID,
})
}
}
var feeds []content.UserFeed
var catId int
if req.CatId == TTRSS_CAT_ALL || req.CatId == TTRSS_CAT_ALL_EXCEPT_VIRTUAL {
feeds = user.AllFeeds()
} else {
if req.CatId == TTRSS_CAT_UNCATEGORIZED {
tagged := user.AllTaggedFeeds()
for _, t := range tagged {
if len(t.Tags()) == 0 {
feeds = append(feeds, t)
}
}
} else if req.CatId > 0 {
catId = int(req.CatId)
t := user.TagById(req.CatId)
tagged := t.AllFeeds()
if t.HasErr() {
err = t.Err()
break
}
for _, t := range tagged {
feeds = append(feeds, t)
}
}
}
if len(feeds) > 0 {
o := data.ArticleCountOptions{UnreadOnly: true}
for i := range feeds {
if req.Limit > 0 {
if i < req.Offset || i >= req.Limit+req.Offset {
continue
}
}
d := feeds[i].Data()
unread := feeds[i].Count(o)
if unread > 0 || !req.UnreadOnly {
fContent = append(fContent, ttRssFeed{
Id: d.Id,
Title: d.Title,
FeedUrl: d.Link,
CatId: catId,
Unread: unread,
LastUpdated: time.Now().Unix(),
OrderId: 0,
})
}
}
}
if user.HasErr() {
err = fmt.Errorf("Error getting user feeds: %v\n", user.Err())
}
con = fContent
case "getCategories":
cContent := ttRssCategoriesContent{}
o := data.ArticleCountOptions{UnreadOnly: true}
for _, t := range user.Tags() {
td := t.Data()
count := t.Count(o)
if count > 0 || !req.UnreadOnly {
cContent = append(cContent,
ttRssCat{Id: strconv.FormatInt(int64(td.Id), 10), Title: string(td.Value), Unread: count},
)
}
}
count := user.Count(data.ArticleCountOptions{UnreadOnly: true, UntaggedOnly: true})
if count > 0 || !req.UnreadOnly {
cContent = append(cContent,
ttRssCat{Id: strconv.FormatInt(TTRSS_CAT_UNCATEGORIZED, 10), Title: "Uncategorized", Unread: count},
)
}
o.FavoriteOnly = true
count = user.Count(o)
if count > 0 || !req.UnreadOnly {
cContent = append(cContent,
ttRssCat{Id: strconv.FormatInt(TTRSS_CAT_SPECIAL, 10), Title: "Special", Unread: count},
)
}
con = cContent
case "getHeadlines":
if req.FeedId == 0 {
errType = "INCORRECT_USAGE"
break
}
limit := req.Limit
if limit == 0 {
limit = 200
}
var articles []content.UserArticle
var articleRepo content.ArticleRepo
var feedTitle string
firstId := data.ArticleId(0)
o := data.ArticleQueryOptions{Limit: limit, Offset: req.Skip, UnreadFirst: true, SkipSessionProcessors: true}
if req.IsCat {
if req.FeedId == TTRSS_CAT_UNCATEGORIZED {
ttRssSetupSorting(req, user)
articleRepo = user
o.UntaggedOnly = true
feedTitle = "Uncategorized"
} else if req.FeedId > 0 {
t := user.TagById(data.TagId(req.FeedId))
ttRssSetupSorting(req, t)
articleRepo = t
feedTitle = string(t.Data().Value)
}
} else {
if req.FeedId == TTRSS_FAVORITE_ID {
ttRssSetupSorting(req, user)
o.FavoriteOnly = true
articleRepo = user
feedTitle = "Starred articles"
} else if req.FeedId == TTRSS_FRESH_ID {
ttRssSetupSorting(req, user)
o.AfterDate = time.Now().Add(TTRSS_FRESH_DURATION)
articleRepo = user
feedTitle = "Fresh articles"
} else if req.FeedId == TTRSS_ALL_ID {
ttRssSetupSorting(req, user)
articleRepo = user
feedTitle = "All articles"
} else if req.FeedId > 0 {
feed := user.FeedById(req.FeedId)
ttRssSetupSorting(req, feed)
articleRepo = feed
feedTitle = feed.Data().Title
}
}
if req.SinceId > 0 {
o.AfterId = req.SinceId
}
if articleRepo != nil {
if req.Search != "" {
if controller.sp != nil {
if as, ok := articleRepo.(content.ArticleSearch); ok {
articles = as.Query(req.Search, controller.sp, limit, req.Skip)
}
}
} else {
var skip bool
switch req.ViewMode {
case "all_articles":
case "adaptive":
case "unread":
o.UnreadOnly = true
case "marked":
o.FavoriteOnly = true
default:
skip = true
}
if !skip {
articles = articleRepo.Articles(o)
}
}
}
if len(articles) > 0 {
firstId = articles[0].Data().Id
}
headlines := ttRssHeadlinesFromArticles(articles, feedTitle, req.ShowContent, req.ShowExcerpt)
if req.IncludeHeader {
header := ttRssHeadlinesHeader{Id: req.FeedId, FirstId: firstId, IsCat: req.IsCat}
hContent := ttRssHeadlinesHeaderContent{}
hContent = append(hContent, header)
hContent = append(hContent, headlines)
con = hContent
} else {
con = headlines
}
case "updateArticle":
articles := user.ArticlesById(req.ArticleIds, data.ArticleQueryOptions{SkipSessionProcessors: true})
updateCount := int64(0)
switch req.Field {
case 0, 2:
for _, a := range articles {
d := a.Data()
updated := false
switch req.Field {
case 0:
switch req.Mode {
case 0:
if d.Favorite {
updated = true
d.Favorite = false
}
case 1:
if !d.Favorite {
updated = true
d.Favorite = true
}
case 2:
updated = true
d.Favorite = !d.Favorite
}
if updated {
a.Favorite(d.Favorite)
}
case 2:
switch req.Mode {
case 0:
if !d.Read {
updated = true
d.Read = true
}
case 1:
if d.Read {
updated = true
d.Read = false
}
case 2:
updated = true
d.Read = !d.Read
}
if updated {
a.Read(d.Read)
}
}
if updated {
if a.HasErr() {
err = a.Err()
break
}
updateCount++
}
}
if err != nil {
break
}
con = ttRssGenericContent{Status: "OK", Updated: updateCount}
}
case "getArticle":
articles := user.ArticlesById(req.ArticleId, data.ArticleQueryOptions{SkipSessionProcessors: true})
feedTitles := map[data.FeedId]string{}
for _, a := range articles {
d := a.Data()
if _, ok := feedTitles[d.FeedId]; !ok {
f := repo.FeedById(d.FeedId)
feedTitles[d.FeedId] = f.Data().Title
}
}
cContent := ttRssArticlesContent{}
for _, a := range articles {
d := a.Data()
title := feedTitles[d.FeedId]
h := ttRssArticle{
Id: strconv.FormatInt(int64(d.Id), 10),
Unread: !d.Read,
Marked: d.Favorite,
Updated: d.Date.Unix(),
Title: d.Title,
Link: d.Link,
FeedId: strconv.FormatInt(int64(d.FeedId), 10),
FeedTitle: title,
Content: d.Description,
}
cContent = append(cContent, h)
}
con = cContent
case "getConfig":
con = ttRssConfigContent{DaemonIsRunning: true, NumFeeds: len(user.AllFeeds())}
case "updateFeed":
con = ttRssGenericContent{Status: "OK"}
case "catchupFeed":
var ar content.ArticleRepo
o := data.ArticleUpdateStateOptions{BeforeDate: time.Now()}
if req.IsCat {
tagId := data.TagId(req.FeedId)
ar = user.TagById(tagId)
if tagId == TTRSS_CAT_UNCATEGORIZED {
o.UntaggedOnly = true
}
} else {
ar = user.FeedById(req.FeedId)
}
if ar != nil {
ar.ReadState(true, o)
if e, ok := ar.(content.Error); ok {
if e.HasErr() {
err = e.Err()
break
}
}
con = ttRssGenericContent{Status: "OK"}
}
case "getPref":
switch req.PrefName {
case "DEFAULT_UPDATE_INTERVAL":
con = ttRssGenericContent{Value: int(config.FeedManager.Converted.UpdateInterval.Minutes())}
case "DEFAULT_ARTICLE_LIMIT":
con = ttRssGenericContent{Value: 200}
case "HIDE_READ_FEEDS":
con = ttRssGenericContent{Value: user.Data().ProfileData["unreadOnly"]}
case "FEEDS_SORT_BY_UNREAD", "ENABLE_FEED_CATS", "SHOW_CONTENT_PREVIEW":
con = ttRssGenericContent{Value: true}
case "FRESH_ARTICLE_MAX_AGE":
con = ttRssGenericContent{Value: (-1 * TTRSS_FRESH_DURATION).Hours()}
}
case "getLabels":
con = []interface{}{}
case "setArticleLabel":
con = ttRssGenericContent{Status: "OK", Updated: 0}
case "shareToPublished":
errType = "Publishing failed"
case "subscribeToFeed":
f := repo.FeedByLink(req.FeedUrl)
for _, u := range f.Users() {
if u.Data().Login == user.Data().Login {
con = ttRssSubscribeContent{Status: struct {
Code int `json:"code"`
}{0}}
break
}
}
if f.HasErr() {
err = f.Err()
break
}
f, err := controller.fm.AddFeedByLink(req.FeedUrl)
if err != nil {
errType = "INCORRECT_USAGE"
break
}
uf := user.AddFeed(f)
if uf.HasErr() {
err = uf.Err()
break
}
con = ttRssSubscribeContent{Status: struct {
Code int `json:"code"`
}{1}}
case "unsubscribeFeed":
f := user.FeedById(req.FeedId)
f.Detach()
users := f.Users()
if f.HasErr() {
err = f.Err()
if err == content.ErrNoContent {
errType = "FEED_NOT_FOUND"
}
break
}
if len(users) == 0 {
controller.fm.RemoveFeed(f)
}
con = ttRssGenericContent{Status: "OK"}
case "getFeedTree":
items := []ttRssCategory{}
special := ttRssCategory{Id: "CAT:-1", Items: []ttRssCategory{}, Name: "Special", Type: "category", BareId: -1}
special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_ALL_ID, false))
special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_FRESH_ID, false))
special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_FAVORITE_ID, false))
special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_PUBLISHED_ID, false))
special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_ARCHIVED_ID, false))
special.Items = append(special.Items, ttRssFeedListCategoryFeed(user, nil, TTRSS_RECENTLY_READ_ID, false))
items = append(items, special)
tf := user.AllTaggedFeeds()
uncat := ttRssCategory{Id: "CAT:0", Items: []ttRssCategory{}, BareId: 0, Name: "Uncategorized", Type: "category"}
tagCategories := map[content.Tag]ttRssCategory{}
for _, f := range tf {
tags := f.Tags()
item := ttRssFeedListCategoryFeed(user, f, f.Data().Id, true)
if len(tags) > 0 {
for _, t := range tags {
var c ttRssCategory
if cached, ok := tagCategories[t]; ok {
c = cached
} else {
c = ttRssCategory{
Id: "CAT:" + strconv.FormatInt(int64(t.Data().Id), 10),
BareId: data.FeedId(t.Data().Id),
Name: string(t.Data().Value),
Type: "category",
Items: []ttRssCategory{},
}
}
c.Items = append(c.Items, item)
tagCategories[t] = c
}
} else {
uncat.Items = append(uncat.Items, item)
}
}
categories := []ttRssCategory{uncat}
for _, c := range tagCategories {
categories = append(categories, c)
}
for _, c := range categories {
if len(c.Items) == 1 {
c.Param = "(1 feed)"
} else {
c.Param = fmt.Sprintf("(%d feed)", len(c.Items))
}
items = append(items, c)
}
fl := ttRssCategory{Identifier: "id", Label: "name"}
fl.Items = items
if user.HasErr() {
err = user.Err()
} else {
con = ttRssFeedTreeContent{Categories: fl}
}
default:
errType = "UNKNOWN_METHOD"
con = ttRssGenericContent{Method: req.Op}
}
}
if err == nil && errType == "" {
resp.Status = TTRSS_API_STATUS_OK
} else {
logger.Infof("Error processing TT-RSS API request: %s %v\n", errType, err)
resp.Status = TTRSS_API_STATUS_ERR
con = ttRssErrorContent{Error: errType}
}
var b []byte
b, err = json.Marshal(con)
if err == nil {
resp.Content = json.RawMessage(b)
}
b, err = json.Marshal(&resp)
if err == nil {
w.Header().Set("Content-Type", "text/json")
w.Header().Set("Api-Content-Length", strconv.Itoa(len(b)))
w.Write(b)
logger.Debugf("Output for %s: %s\n", req.Op, string(b))
} else {
logger.Print(fmt.Errorf("TT-RSS error %s: %v", req.Op, err))
w.WriteHeader(http.StatusInternalServerError)
}
})
}
func (mw Auth) Handler(ph http.Handler, c context.Context) http.Handler {
logger := webfw.GetLogger(c)
handler := func(w http.ResponseWriter, r *http.Request) {
for _, prefix := range mw.IgnoreURLPrefix {
if prefix[0] == '/' {
prefix = prefix[1:]
}
if strings.HasPrefix(r.URL.Path, mw.Pattern+prefix+"/") {
ph.ServeHTTP(w, r)
return
}
}
route, _, ok := webfw.GetDispatcher(c).RequestRoute(r)
if !ok {
ph.ServeHTTP(w, r)
return
}
repo := GetRepo(c)
switch ac := route.Controller.(type) {
case AuthController:
if !ac.LoginRequired(c, r) {
ph.ServeHTTP(w, r)
return
}
sess := webfw.GetSession(c, r)
var u content.User
validUser := false
if uv, ok := sess.Get(AuthUserKey); ok {
if u, ok = uv.(content.User); ok {
validUser = true
}
}
if !validUser {
if uv, ok := sess.Get(AuthNameKey); ok {
if n, ok := uv.(data.Login); ok {
u = repo.UserByLogin(n)
if u.HasErr() {
logger.Print(u.Err())
} else {
validUser = true
sess.Set(AuthUserKey, u)
}
}
}
}
if validUser && !u.Data().Active {
logger.Infoln("User " + u.Data().Login + " is inactive")
validUser = false
}
if !validUser {
d := webfw.GetDispatcher(c)
sess.SetFlash(CtxKey("return-to"), r.URL.Path)
path := d.NameToPath("auth-login", webfw.MethodGet)
if path == "" {
path = "/"
}
http.Redirect(w, r, path, http.StatusMovedPermanently)
return
}
case ApiAuthController:
if !ac.AuthRequired(c, r) {
ph.ServeHTTP(w, r)
return
}
url, login, signature, nonce, date, t := authData(r)
validUser := false
var u content.User
if login != "" && signature != "" && !t.IsZero() {
switch {
default:
u = repo.UserByLogin(data.Login(login))
if u.HasErr() {
logger.Printf("Error getting db user '%s': %v\n", login, u.Err())
break
}
decoded, err := base64.StdEncoding.DecodeString(signature)
if err != nil {
logger.Printf("Error decoding auth header: %v\n", err)
break
}
if t.Add(30 * time.Second).Before(time.Now()) {
break
}
if !mw.Nonce.Check(nonce) {
break
}
mw.Nonce.Remove(nonce)
buf := util.BufferPool.GetBuffer()
defer util.BufferPool.Put(buf)
buf.ReadFrom(r.Body)
r.Body = ioutil.NopCloser(buf)
bodyHash := md5.New()
if _, err := bodyHash.Write(buf.Bytes()); err != nil {
logger.Printf("Error generating the hash for the request body: %v\n", err)
break
}
contentMD5 := base64.StdEncoding.EncodeToString(bodyHash.Sum(nil))
message := fmt.Sprintf("%s\n%s\n%s\n%s\n%s\n%s\n",
url, r.Method, contentMD5, r.Header.Get("Content-Type"),
date, nonce)
b := make([]byte, base64.StdEncoding.EncodedLen(len(u.Data().MD5API)))
base64.StdEncoding.Encode(b, u.Data().MD5API)
hm := hmac.New(sha256.New, b)
if _, err := hm.Write([]byte(message)); err != nil {
logger.Printf("Error generating the hashed message: %v\n", err)
break
}
if !hmac.Equal(hm.Sum(nil), decoded) {
logger.Printf("Error matching the supplied auth message to the generated one.\n")
break
}
if !u.Data().Active {
logger.Println("User " + u.Data().Login + " is inactive")
break
}
validUser = true
}
}
if validUser {
c.Set(r, context.BaseCtxKey("user"), u)
} else {
if rej, ok := ac.(AuthRejectHandler); ok {
rej.AuthReject(c, r)
} else {
w.WriteHeader(http.StatusUnauthorized)
return
}
}
}
ph.ServeHTTP(w, r)
}
return http.HandlerFunc(handler)
}
