func (this *TeamController) Checksk() {
team := strings.TrimSpace(this.GetString("team", ""))
sk := strings.TrimSpace(this.GetString("secretkey", ""))
if team == "" || sk == "" {
this.Ctx.Output.Body([]byte("-1"))
return
}
if utils.HasDangerousCharacters(team) || utils.HasDangerousCharacters(sk) {
this.Ctx.Output.Body([]byte("-2"))
return
}
t := ReadTeamByName(team)
if t == nil {
this.Ctx.Output.Body([]byte("-1"))
return
}
if t.Secretkey == sk {
this.Ctx.Output.Body([]byte("1"))
} else {
this.Ctx.Output.Body([]byte("0"))
}
}
func (this *TeamController) EditPost() {
targetTeam := this.Ctx.Input.GetData("TargetTeam").(*Team)
resume := this.MustGetString("resume", "")
userIdstr := this.MustGetString("users", "")
adminIdstr := this.MustGetString("admins", "")
if utils.HasDangerousCharacters(resume) || utils.HasDangerousCharacters(userIdstr) || utils.HasDangerousCharacters(userIdstr) {
this.ServeErrJson("parameter resume or users or admins is invalid")
return
}
loginUser := this.Ctx.Input.GetData("CurrentUser").(*User)
uid := loginUser.Id
if !targetTeam.IsAdmin(uid) && loginUser.Role != ROOT_ADMIN_ROLE {
this.ServeErrJson("you are not admin")
return
}
if targetTeam.Resume != resume {
targetTeam.Resume = resume
targetTeam.Update()
}
uuerr := targetTeam.UpdateUsers(userIdstr)
if uuerr != nil {
this.AutoServeError(uuerr)
}
uaerr := targetTeam.UpdateAdmins(adminIdstr)
this.AutoServeError(uaerr)
}
// 更新个人信息
func (this *UserController) ProfilePost() {
im := strings.TrimSpace(this.GetString("im", ""))
qq := strings.TrimSpace(this.GetString("qq", ""))
cnname := strings.TrimSpace(this.GetString("cnname", ""))
phone := strings.TrimSpace(this.GetString("phone", ""))
if utils.HasDangerousCharacters(im) {
this.ServeErrJson("im is invalid")
return
}
if utils.HasDangerousCharacters(qq) {
this.ServeErrJson("qq is invalid")
return
}
me := this.Ctx.Input.GetData("CurrentUser").(*User)
me.IM = im
me.QQ = qq
me.Cnname = cnname
me.Phone = phone
me.Update()
this.ServeOKJson()
}
func (this *UserController) EditPost() {
me := this.Ctx.Input.GetData("CurrentUser").(*User)
if me.Role != ROOT_ADMIN_ROLE {
this.ServeErrJson("no privilege")
return
}
cnname := strings.TrimSpace(this.GetString("cnname", ""))
email := strings.TrimSpace(this.GetString("email", ""))
phone := strings.TrimSpace(this.GetString("phone", ""))
im := strings.TrimSpace(this.GetString("im", ""))
qq := strings.TrimSpace(this.GetString("qq", ""))
if utils.HasDangerousCharacters(cnname) {
this.ServeErrJson("cnname is invalid")
return
}
if utils.HasDangerousCharacters(email) {
this.ServeErrJson("email is invalid")
return
}
if utils.HasDangerousCharacters(phone) {
this.ServeErrJson("phone is invalid")
return
}
if utils.HasDangerousCharacters(im) {
this.ServeErrJson("im is invalid")
return
}
if utils.HasDangerousCharacters(qq) {
this.ServeErrJson("qq is invalid")
return
}
targetUser := this.Ctx.Input.GetData("TargetUser").(*User)
if targetUser.Name == "root" {
this.ServeErrJson("no privilege")
return
}
targetUser.Cnname = cnname
targetUser.Email = email
targetUser.Phone = phone
targetUser.IM = im
targetUser.QQ = qq
_, err := targetUser.Update()
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
this.ServeOKJson()
}
func (this *TeamController) CreateTeamPost() {
name := strings.TrimSpace(this.GetString("name", ""))
if name == "" {
this.ServeErrJson("name is blank")
return
}
if utils.HasDangerousCharacters(name) {
this.ServeErrJson("name is invalid")
return
}
resume := strings.TrimSpace(this.GetString("resume", ""))
if utils.HasDangerousCharacters(resume) {
this.ServeErrJson("resume is invalid")
return
}
t := ReadTeamByName(name)
if t != nil {
this.ServeErrJson("name is already existent")
return
}
me := this.Ctx.Input.GetData("CurrentUser").(*User)
lastId, err := SaveTeamAttrs(name, resume, me.Id)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
if !me.IsRoot() {
this.ServeErrJson("you are not root!")
return
}
uids := strings.TrimSpace(this.GetString("users", ""))
if utils.HasDangerousCharacters(uids) {
this.ServeErrJson("uids is invalid")
return
}
adminUids := strings.TrimSpace(this.GetString("admins", ""))
if utils.HasDangerousCharacters(uids) {
this.ServeErrJson("uids is invalid")
return
}
err = PutUsersInTeam(lastId, uids)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
}
uaerr := PutAdminInTeam(lastId, adminUids)
this.AutoServeError(uaerr)
}
func (this *UserController) Users() {
query := strings.TrimSpace(this.GetString("query", ""))
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
per := this.MustGetInt("per", 20)
users := QueryUsers(query)
total, err := users.Count()
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
pager := this.SetPaginator(per, total)
users = users.Limit(per, pager.Offset())
var us []User
_, err = users.All(&us)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
me := this.Ctx.Input.GetData("CurrentUser").(*User)
this.Data["Users"] = us
this.Data["Query"] = query
this.Data["Me"] = me
this.Data["IamRoot"] = me.Name == "root"
this.TplName = "user/list.html"
}
func (this *TeamController) EditPost() {
targetTeam := this.Ctx.Input.GetData("TargetTeam").(*Team)
resume := this.MustGetString("resume", "")
userIdstr := this.MustGetString("users", "")
if utils.HasDangerousCharacters(resume) || utils.HasDangerousCharacters(userIdstr) {
this.ServeErrJson("parameter resume or users is invalid")
return
}
if targetTeam.Resume != resume {
targetTeam.Resume = resume
targetTeam.Update()
}
this.AutoServeError(targetTeam.UpdateUsers(userIdstr))
}
func (this *TeamController) EditPost() {
targetTeam := this.Ctx.Input.GetData("TargetTeam").(*Team)
resume := this.MustGetString("resume", "")
userIdstr := this.MustGetString("users", "")
teamEmail := this.MustGetString("teamemail", "")
adminIdstr := this.MustGetString("admins", "")
if utils.HasDangerousCharacters(resume) || utils.HasDangerousCharacters(teamEmail) || utils.HasDangerousCharacters(userIdstr) || utils.HasDangerousCharacters(userIdstr) {
this.ServeErrJson("parameter resume or email or users or admins is invalid")
return
}
if teamEmail != "" {
mailArr := strings.Split(teamEmail, ",")
for _, mailStr := range mailArr {
if isOk, _ := regexp.MatchString("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,4})$", mailStr); !isOk {
this.ServeErrJson("Email is invalid!")
return
}
}
}
loginUser := this.Ctx.Input.GetData("CurrentUser").(*User)
uid := loginUser.Id
if !targetTeam.IsAdmin(uid) && loginUser.Role != ROOT_ADMIN_ROLE && targetTeam.Creator != loginUser.Id {
this.ServeErrJson("you are not admin")
return
}
if targetTeam.Resume != resume || targetTeam.Email != teamEmail {
targetTeam.Resume = resume
targetTeam.Email = teamEmail
ClearTeamCacheById(targetTeam.Id)
targetTeam.Update()
}
uuerr := targetTeam.UpdateUsers(userIdstr)
if uuerr != nil {
this.AutoServeError(uuerr)
}
uaerr := targetTeam.UpdateAdmins(adminIdstr)
this.AutoServeError(uaerr)
}
func (this *TeamController) Teams() {
query := strings.TrimSpace(this.GetString("query", ""))
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
per := this.MustGetInt("per", 10)
me := this.Ctx.Input.GetData("CurrentUser").(*User)
var teams orm.QuerySeter
if me.Role == ROOT_ADMIN_ROLE {
teams = QueryAllTeams(query)
} else {
var err error
teams, err = QueryMineTeams(query, me.Id)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
}
total, err := teams.Count()
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
pager := this.SetPaginator(per, total)
teams = teams.Limit(per, pager.Offset())
var ts []Team
_, err = teams.All(&ts)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
nteams := make([]map[string]interface{}, 0)
for _, v := range ts {
cu := ReadUserById(v.Creator)
t := make(map[string]interface{})
t["Id"] = v.Id
t["Name"] = v.Name
t["Resume"] = v.Resume
t["CreatorCnname"] = cu.Cnname
t["CreatorName"] = cu.Name
t["IsAdmin"] = (v.IsAdmin(me.Id) || me.Role == ROOT_ADMIN_ROLE)
nteams = append(nteams, t)
}
this.Data["Teams"] = nteams
this.Data["Query"] = query
this.Data["Me"] = me
this.Data["IamRoot"] = me.Role == ROOT_ADMIN_ROLE
this.TplName = "team/list.html"
}
func (this *UserController) Query() {
query := strings.TrimSpace(this.GetString("query", ""))
limit := this.MustGetInt("limit", 10)
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
var users []User
QueryUsers(query).Limit(limit).All(&users, "Id", "Name", "Cnname", "Email")
this.Data["json"] = map[string]interface{}{"users": users}
this.ServeJSON()
}
func (this *TeamController) Teams() {
query := strings.TrimSpace(this.GetString("query", ""))
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
per := this.MustGetInt("per", 10)
me := this.Ctx.Input.GetData("CurrentUser").(*User)
teams, err := QueryMineTeams(query, me.Id)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
total, err := teams.Count()
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
pager := this.SetPaginator(per, total)
teams = teams.Limit(per, pager.Offset())
var ts []Team
_, err = teams.All(&ts)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
this.Data["Teams"] = ts
this.Data["Query"] = query
this.Data["Me"] = me
this.Data["IamRoot"] = me.Name == "root"
this.TplNames = "team/list.html"
}
func (this *TeamController) CreateTeamPost() {
name := strings.TrimSpace(this.GetString("name", ""))
if name == "" {
this.ServeErrJson("name is blank")
return
}
if utils.HasDangerousCharacters(name) {
this.ServeErrJson("name is invalid")
return
}
resume := strings.TrimSpace(this.GetString("resume", ""))
if utils.HasDangerousCharacters(resume) {
this.ServeErrJson("resume is invalid")
return
}
email := strings.TrimSpace(this.GetString("email", ""))
if utils.HasDangerousCharacters(email) {
this.ServeErrJson("email is invalid")
return
}
if email != "" {
mailArr := strings.Split(email, ",")
for _, mailStr := range mailArr {
if isOk, _ := regexp.MatchString("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,4})$", mailStr); !isOk {
this.ServeErrJson("Email is invalid!")
return
}
}
}
t := ReadTeamByName(name)
if t != nil {
this.ServeErrJson("name is already existent")
return
}
sk := utils.RandStr(32)
me := this.Ctx.Input.GetData("CurrentUser").(*User)
lastId, err := SaveTeamAttrs(name, resume, me.Id, email, sk)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
if !me.IsRoot() {
this.ServeErrJson("you are not root!")
return
}
uids := strings.TrimSpace(this.GetString("users", ""))
if utils.HasDangerousCharacters(uids) {
this.ServeErrJson("uids is invalid")
return
}
adminUids := strings.TrimSpace(this.GetString("admins", ""))
if utils.HasDangerousCharacters(uids) {
this.ServeErrJson("uids is invalid")
return
}
err = PutUsersInTeam(lastId, uids)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
}
uaerr := PutAdminInTeam(lastId, adminUids)
this.AutoServeError(uaerr)
}
func (this *UserController) CreateUserPost() {
name := strings.TrimSpace(this.GetString("name", ""))
password := strings.TrimSpace(this.GetString("password", ""))
cnname := strings.TrimSpace(this.GetString("cnname", ""))
email := strings.TrimSpace(this.GetString("email", ""))
phone := strings.TrimSpace(this.GetString("phone", ""))
im := strings.TrimSpace(this.GetString("im", ""))
qq := strings.TrimSpace(this.GetString("qq", ""))
if !utils.IsUsernameValid(name) {
this.ServeErrJson("name pattern is invalid")
return
}
if ReadUserIdByName(name) > 0 {
this.ServeErrJson("name is already existent")
return
}
if password == "" {
this.ServeErrJson("password is blank")
return
}
if utils.HasDangerousCharacters(cnname) {
this.ServeErrJson("cnname is invalid")
return
}
if utils.HasDangerousCharacters(email) {
this.ServeErrJson("email is invalid")
return
}
if utils.HasDangerousCharacters(phone) {
this.ServeErrJson("phone is invalid")
return
}
if utils.HasDangerousCharacters(im) {
this.ServeErrJson("im is invalid")
return
}
if utils.HasDangerousCharacters(qq) {
this.ServeErrJson("qq is invalid")
return
}
lastId, err := InsertRegisterUser(name, str.Md5Encode(g.Config().Salt+password))
if err != nil {
this.ServeErrJson("insert user fail " + err.Error())
return
}
targetUser := ReadUserById(lastId)
targetUser.Cnname = cnname
targetUser.Email = email
targetUser.Phone = phone
targetUser.IM = im
targetUser.QQ = qq
if _, err := targetUser.Update(); err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
this.ServeOKJson()
}
func (this *UserController) Users() {
query := strings.TrimSpace(this.GetString("query", ""))
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
var us []User
var total int64
per := this.MustGetInt("per", 20)
var pager *web.Paginator
if !g.Config().Ldap.Enabled {
users := QueryUsers(query)
total, err := users.Count()
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
pager = this.SetPaginator(per, total)
users = users.Limit(per, pager.Offset())
_, err = users.All(&us)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
} else {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
query,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
u := User{
Name: query,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userMail,
}
total = 1
//查询此用户的role
obj := ReadUserByName(query)
if obj != nil {
u.Role = obj.Role
u.QQ = obj.QQ
u.IM = obj.IM
}
us = append(us, u)
}
pager = this.SetPaginator(per, total)
}
me := this.Ctx.Input.GetData("CurrentUser").(*User)
this.Data["Users"] = us
this.Data["Query"] = query
this.Data["Me"] = me
this.Data["IamRoot"] = me.Role == ROOT_ADMIN_ROLE
this.TplName = "user/list.html"
}
func (this *UserController) Query() {
query := strings.TrimSpace(this.GetString("query", ""))
query = strings.ToLower(query)
limit := this.MustGetInt("limit", 10)
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
var users []User
QueryUsers(query).Limit(limit).All(&users, "Id", "Name", "Cnname", "Email", "Phone")
isInLdap := false
for _, v := range users {
if strings.ToLower(v.Name) == query {
isInLdap = true
}
}
if isInLdap == false {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
query,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil && len(user_attributes) > 0 {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
u := ReadUserByName(query)
if u == nil {
// 说明用户不存在
u = &User{
Name: query,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userMail,
Created: time.Now(),
}
_, err = u.Save()
if err != nil {
this.ServeErrJson("insert user fail " + err.Error())
return
}
}
users = append(users, *u)
}
}
this.Data["json"] = map[string]interface{}{"users": users}
this.ServeJSON()
}