func GetUser(w http.ResponseWriter, r *http.Request) {
userIDStr := r.FormValue("userID")
if userIDStr == "me" {
response.OK(w, store.CurrentUser(r))
return
}
var parser store.Parser
userID := parser.Int(userIDStr)
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
user := context.Get(r, "user").(store.User)
otherUser, err := store.GetUserWithParams(userID, store.GetUserParams{user.ID()})
if err != nil {
response.ServerError(w, err)
return
}
if otherUser == nil {
response.ClientError(w, http.StatusNotFound)
return
}
response.OK(w, otherUser)
}
func RemoveMember(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
projectID := parser.Int(r.FormValue("projectID"))
userID := parser.Int(r.FormValue("userID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
user := context.Get(r, "user").(store.User)
if user.ID() != userID {
response.ClientError(w, http.StatusForbidden)
return
}
if exists, err := store.MemberExists(projectID, userID); err != nil {
response.ServerError(w, err)
return
} else if !exists {
response.OK(w, nil)
return
}
if err := store.RemoveMember(projectID, userID); err != nil {
response.ServerError(w, err)
return
}
response.OK(w, nil)
}
func UpdateMilestone(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
projectID := parser.Int(r.FormValue("projectID"))
milestoneID := parser.Int(r.FormValue("milestoneID"))
date := parser.Time(r.FormValue("date"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
user := context.Get(r, "user").(store.User)
if !user.IsAuthor(projectID) {
response.ClientError(w, http.StatusForbidden)
return
}
title := r.FormValue("title")
description := r.FormValue("description")
if err := store.UpdateMilestone(store.UpdateMilestoneParams{
MilestoneID: milestoneID,
Title: title,
Description: description,
Date: date,
}); err != nil {
response.ServerError(w, err)
return
}
response.OK(w, nil)
}
//
// /api/admin/project
//
// POST: create a new project
// PUT: update an existing project
// GET: get a project's information
//
func adminProject(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "POST":
switch r.FormValue("type") {
case "setFeaturedProject":
SetFeaturedProject(w, r)
case "unsetFeaturedProject":
UnsetFeaturedProject(w, r)
default:
response.ClientError(w, http.StatusBadRequest)
}
default:
response.ClientError(w, http.StatusMethodNotAllowed)
}
}
func PostChat(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
userID := parser.Int(r.FormValue("userID"))
channelID := parser.Int(r.FormValue("channelID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
chatParams := store.PostChatParams{
UserID: userID,
ChannelID: channelID,
ChannelType: r.FormValue("channelType"),
Text: r.FormValue("text"),
}
id, err := store.PostChat(chatParams)
if err != nil {
response.ServerError(w, err)
return
}
if err = store.NotifyChat(store.NotifyChatParams{id, chatParams}); err != nil {
debug.Warn(err)
return
}
response.OK(w, id)
}
//
// /task
//
func task(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "GET":
switch r.FormValue("type") {
case "project":
GetTasks(w, r)
case "latest":
LatestTasks(w, r)
case "personalized":
PersonalizedTasks(w, r)
default:
GetTask(w, r)
}
case "POST":
CreateTask(w, r)
case "PUT":
switch r.FormValue("type") {
case "toggleStatus":
ToggleTaskStatus(w, r)
default:
UpdateTask(w, r)
}
case "DELETE":
DeleteTask(w, r)
default:
response.ClientError(w, http.StatusMethodNotAllowed)
}
}
func SetFeaturedProject(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
const existSQL = `
SELECT COUNT(*) FROM featured_project
WHERE project_id = $1`
projectID := parser.Int(r.FormValue("projectID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
if exists, err := store.Exists(existSQL, projectID); err != nil {
response.ServerError(w, err)
return
} else if exists {
response.OK(w, nil)
return
}
if err := store.SetFeaturedProject(projectID); err != nil {
response.ServerError(w, err)
}
response.OK(w, nil)
}
func GetProject(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
projectID := parser.Int(r.FormValue("projectID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
p, err := store.GetProject(projectID)
if err != nil {
response.ServerError(w, err)
return
}
if p.Author, err = store.GetUser(p.AuthorID); err != nil {
response.ServerError(w, err)
return
}
user := context.Get(r, "user").(store.User)
p.IsMember = store.IsMember(projectID, user.ID())
response.OK(w, p)
}
func GetFriends(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
userID := parser.Int(r.FormValue("userID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
users, err := store.GetFriends(userID)
if err != nil {
response.ServerError(w, err)
return
}
for i := range users {
if _, ok := h.connections[users[i].ID()]; ok {
users[i].SetStatus("Online")
} else {
users[i].SetStatus("Offline")
}
}
response.OK(w, users)
}
func UpdateTask(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
projectID := parser.Int(r.FormValue("projectID"))
if parser.Err != nil {
response.ServerError(w, parser.Err)
return
}
user := context.Get(r, "user").(store.User)
if !user.IsMember(projectID) {
response.ClientError(w, http.StatusForbidden)
return
}
var taskID int64
if err := store.UpdateTask(store.UpdateTaskParams{
TaskID: r.FormValue("taskID"),
Title: r.FormValue("title"),
Description: r.FormValue("description"),
Tags: r.Form["tags"],
StartDate: r.FormValue("startDate"),
EndDate: r.FormValue("endDate"),
}); err != nil {
response.ServerError(w, err)
return
}
response.OK(w, taskID)
}
func GetChats(w http.ResponseWriter, r *http.Request) {
if err := r.ParseForm(); err != nil {
response.ServerError(w, err)
return
}
var parser store.Parser
var startID int64
var count int64 = 10
if v, ok := r.Form["count"]; ok {
count = parser.Int(v[0])
}
if v, ok := r.Form["startID"]; ok {
startID = parser.Int(v[0])
}
channelID := parser.Int(r.FormValue("channelID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
channelType := r.FormValue("channelType")
user := context.Get(r, "user").(store.User)
chats, err := store.GetChats(user.ID(), channelID, channelType, startID, count)
if err != nil {
response.ServerError(w, err)
return
}
response.OK(w, chats)
}
//
// /logout
//
func logout(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "POST":
session.Clear(w, r)
response.OK(w, "Successfully logged out.")
default:
response.ClientError(w, http.StatusMethodNotAllowed)
}
}
// middleware that restricts access to users only
func apiMiddleware(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
user := store.CurrentUser(r)
if user != nil && user.Exists() {
context.Set(r, "user", user)
next(w, r)
} else {
response.ClientError(w, http.StatusForbidden)
}
}
//
// /login
//
func login(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "POST":
Login(w, r)
case "GET":
response.OK(w, store.CurrentUser(r))
default:
response.ClientError(w, http.StatusMethodNotAllowed)
}
}
//
// /chat
//
func chat(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "GET":
GetChats(w, r)
case "POST":
PostChat(w, r)
default:
response.ClientError(w, http.StatusMethodNotAllowed)
}
}
func UpdateProject(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
projectID := parser.Int(r.FormValue("projectID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
user := context.Get(r, "user").(store.User)
if !user.IsAuthor(projectID) {
response.ClientError(w, http.StatusForbidden)
return
}
for k, v := range r.Form {
var err error
if len(v) == 0 {
continue
}
switch k {
case "title":
err = store.UpdateProjectTitle(projectID, v[0])
case "tagline":
err = store.UpdateProjectTagline(projectID, v[0])
case "description":
err = store.UpdateProjectDescription(projectID, v[0])
}
if err != nil {
response.ServerError(w, err)
return
}
}
if _, err := store.SaveProjectImage(w, r, projectID); err != nil {
response.ServerError(w, err)
return
}
response.OK(w, nil)
}
//
// /api/admin/user
//
// PUT:
// GET:
//
func adminUser(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "PUT":
switch r.FormValue("type") {
case "setAdmin":
store.SetAdmin(w, r)
case "unsetAdmin":
store.UnsetAdmin(w, r)
default:
response.ClientError(w, http.StatusBadRequest)
}
case "GET":
switch r.FormValue("type") {
default:
store.GetAdmins(w, r)
}
default:
response.ClientError(w, http.StatusMethodNotAllowed)
}
}
func DeleteProject(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
projectID := parser.Int(r.FormValue("projectID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
user := context.Get(r, "user").(store.User)
if !user.IsAuthor(projectID) {
response.ClientError(w, http.StatusUnauthorized)
return
}
if err := store.DeleteProject(projectID); err != nil {
response.ServerError(w, err)
return
}
}
func loginSuccess(w http.ResponseWriter, r *http.Request, email string) {
session.Set(w, r, email)
user := store.CurrentUser(r)
if !user.Exists() {
response.ClientError(w, http.StatusForbidden)
return
}
response.OK(w, user)
}
//
// /
//
func index(w http.ResponseWriter, r *http.Request) {
if r.Method != "GET" {
response.ClientError(w, http.StatusMethodNotAllowed)
}
if r.URL.Path == "/" {
http.ServeFile(w, r, "index.html")
} else if strings.IndexRune(r.URL.Path, '.') >= 0 {
http.ServeFile(w, r, r.URL.Path[1:])
}
}
func CreateTask(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
projectID := parser.Int(r.FormValue("projectID"))
startDate := parser.Time(r.FormValue("startDate"))
endDate := parser.Time(r.FormValue("endDate"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
if startDate.After(endDate) {
response.ClientError(w, http.StatusBadRequest)
return
}
user := context.Get(r, "user").(store.User)
if !user.IsMember(projectID) {
response.ClientError(w, http.StatusForbidden)
return
}
var taskID int64
var err error
if taskID, err = store.CreateTask(store.CreateTaskParams{
AuthorID: user.ID(),
ProjectID: projectID,
Title: r.FormValue("title"),
Description: r.FormValue("description"),
Done: false,
Tags: strings.Split(r.FormValue("tags"), ","),
StartDate: startDate,
EndDate: endDate,
}); err != nil {
response.ServerError(w, err)
return
}
response.OK(w, taskID)
}
func GetTask(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
taskID := parser.Int(r.FormValue("taskID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
task, err := store.GetTask(taskID)
if err != nil {
response.ServerError(w, err)
return
}
if task == nil {
response.ClientError(w, http.StatusNotFound)
return
}
response.OK(w, task)
}
//
// /project/member
//
func member(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "GET":
GetMembers(w, r)
case "POST":
AddMember(w, r)
case "DELETE":
RemoveMember(w, r)
default:
response.ClientError(w, http.StatusMethodNotAllowed)
}
}
//
// /task/worker
//
func worker(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "GET":
GetWorkers(w, r)
case "POST":
AssignWorker(w, r)
case "DELETE":
UnassignWorker(w, r)
default:
response.ClientError(w, http.StatusMethodNotAllowed)
}
}
func UnassignWorker(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
taskID := parser.Int(r.FormValue("taskID"))
userID := parser.Int(r.FormValue("userID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
store.DeleteWorker(taskID, userID)
}
func ToggleTaskStatus(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
projectID := parser.Int(r.FormValue("projectID"))
taskID := parser.Int(r.FormValue("taskID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
user := context.Get(r, "user").(store.User)
if !user.IsMember(projectID) {
response.ClientError(w, http.StatusForbidden)
return
}
if err := store.ToggleTaskStatus(taskID); err != nil {
response.ServerError(w, err)
return
}
response.OK(w, taskID)
}
//
// /user/project
//
func userProject(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "GET":
switch r.FormValue("type") {
case "involved":
InvolvedProjects(w, r)
case "completed":
CompletedProjects(w, r)
default:
CreatedProjects(w, r)
}
default:
response.ClientError(w, http.StatusMethodNotAllowed)
}
}
func UnsetFeaturedProject(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
projectID := parser.Int(r.FormValue("projectID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
if err := store.UnsetFeaturedProject(projectID); err != nil {
response.ServerError(w, err)
return
}
response.OK(w, nil)
}
func DeleteMilestone(w http.ResponseWriter, r *http.Request) {
var parser store.Parser
milestoneID := parser.Int(r.FormValue("milestoneID"))
if parser.Err != nil {
response.ClientError(w, http.StatusBadRequest)
return
}
if err := store.DeleteMilestone(milestoneID); err != nil {
response.ServerError(w, err)
return
}
response.OK(w, nil)
}
func UpdateAvatar(w http.ResponseWriter, r *http.Request) {
user := context.Get(r, "user").(store.User)
url := fmt.Sprintf(store.UserAvatarURL, user.ID())
finalURL, header, err := httputil.SaveFileWithExtension(w, r, "image", url)
if err != nil || header == nil {
response.ClientError(w, http.StatusBadRequest)
return
}
if err = user.UpdateAvatarURL(finalURL); err != nil {
response.ServerError(w, err)
return
}
response.OK(w, nil)
}