Пример #1
0
func userSqlError(w http.ResponseWriter, err error) {
	log.Printf("paf: %#v\n", err)
	if pgerr, ok := err.(*pq.Error); ok {
		log.Printf("pgerr: %#v\n", pgerr)
		switch pgerr.Code.Name() {
		case "foreign_key_violation":
			switch pgerr.Constraint {
			case "c_user.first_lang_isocode":
				routes.FieldError(w, "json.first_lang_isocode", "first_lang_isocode", "USER.FIELD_LANG.T_CHECK_BADLANG")
			case "c_user.second_lang_isocode":
				routes.FieldError(w, "json.second_lang_isocode", "second_lang_isocode", "USER.FIELD_LANG.T_CHECK_BADLANG")
			case "c_user.city_geonameid":
				routes.FieldError(w, "json.searchTextCity", "searchTextCity", "USER.FIELD_CITY.T_CHECK_MANDATORY")
			default:
				routes.ServerError(w, 500, "INTERNAL ERROR")
			}
		case "unique_violation":
			switch pgerr.Constraint {
			case "i_user.username":
				routes.FieldError(w, "json.username", "username", "USER.FIELD_USERNAME.T_CHECK_ALREADYEXISTS")
			default:
				routes.ServerError(w, 500, "INTERNAL ERROR")
			}
		default:
			log.Printf("unhandled postgresql error ! : %#v\n", pgerr)
			routes.ServerError(w, 500, "INTERNAL ERROR")
		}
	} else {
		log.Println("not a postgresql error !", err)
		routes.ServerError(w, 500, "INTERNAL ERROR")
	}
}
Пример #2
0
// QueryGet get the query
func QueryGet(w http.ResponseWriter, r *http.Request, proute routes.Proute) {
	params := proute.Params.(*QueryGetParams)

	fmt.Println("params: ", params)

	// get the user
	_user, _ := proute.Session.Get("user")
	user := _user.(model.User)

	tx, err := db.DB.Beginx()
	if err != nil {
		log.Println("can't start transaction")
		userSqlError(w, err)
		return
	}

	// check if project exists and is owned by the current user
	c := 0
	err = tx.Get(&c, `SELECT count(*) FROM "project" WHERE "id"=$1 AND "user_id"=$2`, params.Project_id, user.Id)
	if err != nil {
		fmt.Println("search project query failed : ", err)
		userSqlError(w, err)
		_ = tx.Rollback()
		return
	}
	if c != 1 {
		routes.FieldError(w, "name", "name", "QUERY.SAVE.T_ERROR_PROJECT_NOT_FOUND")
		fmt.Println("project not found : ", params)
		tx.Rollback()
		return
	}

	res := []model.Saved_query{}
	err = tx.Select(&res, `SELECT * FROM "saved_query" WHERE "project_id"=$1`, params.Project_id)
	if err != nil {
		fmt.Println("search project saved queries failed : ", err)
		userSqlError(w, err)
		_ = tx.Rollback()
		return
	}

	err = tx.Commit()
	if err != nil {
		log.Println("can't commit")
		userSqlError(w, err)
		return
	}

	j, err := json.Marshal(res)
	if err != nil {
		log.Println("marshal failed: ", err)
		return
	}
	w.Write(j)

}
Пример #3
0
func ChronologiesGetTree(w http.ResponseWriter, r *http.Request, proute routes.Proute) {
	params := proute.Params.(*ChronologyGetParams)

	// transaction begin...
	tx, err := db.DB.Beginx()
	if err != nil {
		userSqlError(w, err)
		return
	}

	// get the user
	_user, _ := proute.Session.Get("user")
	user := _user.(model.User)

	answer, err := chronologiesGetTree(tx, params.Id, user)
	if err != nil {
		_ = tx.Rollback()
		userSqlError(w, err)
		return
	}

	// commit...
	err = tx.Commit()
	if err != nil {
		log.Println("commit failed")
		userSqlError(w, err)
		_ = tx.Rollback()
		return
	}

	if params.Active && !answer.Active {
		routes.FieldError(w, "Active", "Active", "CHRONO.SERVER_ERROR.T_NOT_ACTIVE")
		return
	}

	j, err := json.Marshal(answer)
	if err != nil {
		log.Println("marshal failed: ", err)
		return
	}
	//log.Println("result: ", string(j))
	w.Write(j)

}
Пример #4
0
// QuerySave save the query
func QuerySave(w http.ResponseWriter, r *http.Request, proute routes.Proute) {
	params := proute.Json.(*QuerySaveParams)

	fmt.Println("params: ", params)

	// get the user
	_user, _ := proute.Session.Get("user")
	user := _user.(model.User)

	tx, err := db.DB.Beginx()
	if err != nil {
		log.Println("can't start transaction")
		userSqlError(w, err)
		return
	}

	// check if project exists and is owned by the current user
	c := 0
	err = tx.Get(&c, `SELECT count(*) FROM "project" WHERE "id"=$1 AND "user_id"=$2`, params.ProjectId, user.Id)
	if err != nil {
		fmt.Println("search project query failed : ", err)
		userSqlError(w, err)
		_ = tx.Rollback()
		return
	}
	if c != 1 {
		routes.FieldError(w, "name", "name", "QUERY.SAVE.T_ERROR_PROJECT_NOT_FOUND")
		tx.Rollback()
		return
	}

	err = tx.Get(&c, `SELECT count(*) FROM "saved_query" WHERE "project_id"=$1 AND "name"=$2`, params.ProjectId, params.Name)
	if err != nil {
		fmt.Println("search saved_query failed : ", err)
		userSqlError(w, err)
		_ = tx.Rollback()
		return
	}
	if c == 1 { // update
		_, err = tx.Exec(`UPDATE "saved_query" SET "params"=$3 WHERE "project_id"=$1 AND "name"=$2`, params.ProjectId, params.Name, params.Params)
		if err != nil {
			fmt.Println("update saved_query failed : ", err)
			userSqlError(w, err)
			_ = tx.Rollback()
			return
		}
	} else {
		_, err = tx.Exec(`INSERT INTO "saved_query" ("project_id", "name", "params") VALUES ($1, $2, $3)`, params.ProjectId, params.Name, params.Params)
		if err != nil {
			fmt.Println("insert saved_query failed : ", err)
			userSqlError(w, err)
			_ = tx.Rollback()
			return
		}
	}

	err = tx.Commit()
	if err != nil {
		log.Println("can't commit")
		userSqlError(w, err)
		return
	}

	j, err := json.Marshal(params)
	if err != nil {
		log.Println("marshal failed: ", err)
		return
	}
	w.Write(j)

}
Пример #5
0
// userSet is for UserCreate or UserUpdate
func userSet(w http.ResponseWriter, r *http.Request, proute routes.Proute, create bool) {

	u := proute.Json.(*Usercreate)

	// hack overrides
	//u.User.Password = u.Password

	// hack for city
	u.City_geonameid = u.CityAndCountry.City.Geonameid
	log.Println("city : ", u.City_geonameid)

	tx, err := db.DB.Beginx()
	if err != nil {
		log.Println("1")
		userSqlError(w, err)
		return
	}

	_me, ok := proute.Session.Get("user")
	if !ok {
		log.Println("userSet: can't get user in session...", _me)
		_ = tx.Rollback()
		return
	}

	me, ok := _me.(model.User)
	if !ok {
		log.Println("userSet: can't cast user...", _me)
		_ = tx.Rollback()
		return
	}

	permAdminUsers, err := me.HavePermissions(tx, "adminusers")
	if err != nil {
		tx.Rollback()
		userSqlError(w, err)
		return
	}

	if create || u.User.Id != me.Id {
		if !permAdminUsers {
			tx.Rollback()
			routes.ServerError(w, 403, "unauthorized")
			return
		}
	}

	// password
	if len(u.Password) > 0 {

		if len(u.Password) < 7 {
			tx.Rollback()
			routes.FieldError(w, "json.password", "password", "USER.FIELD_PASSWORD.T_CHECK_LENGTH")
			return
		}

		err = u.User.MakeNewPassword(u.Password)
		if err != nil {
			fmt.Println("password generate failed")
			tx.Rollback()
			userSqlError(w, err)
			return
		}
	}

	// photo...
	if u.File != nil {
		photo := model.Photo{
			Photo: string(u.File.Content),
		}
		err = photo.Create(tx)
		if err != nil {
			log.Println("1")
			userSqlError(w, err)
			tx.Rollback()
			return
		}
		u.Photo_id = photo.Id
	}

	// save the user
	if create {
		err = u.Create(tx)
	} else {
		tmpuser := model.User{
			Id: u.Id,
		}
		err = tmpuser.Get(tx)
		if err != nil {
			log.Println("can't get user for update", err)
			userSqlError(w, err)
			tx.Rollback()
			return
		}

		if !permAdminUsers { // in this case, we update tmpuser with only authorized fields
			// if we set a new password
			if len(u.User.Password) != 0 {
				tmpuser.Password = u.User.Password
			}

			// authorized self modified user field
			tmpuser.Username = u.User.Username
			tmpuser.Firstname = u.User.Firstname
			tmpuser.Lastname = u.User.Lastname
			tmpuser.First_lang_isocode = u.User.First_lang_isocode
			tmpuser.Second_lang_isocode = u.User.Second_lang_isocode
			tmpuser.Description = u.User.Description
			tmpuser.Email = u.User.Email
			tmpuser.City_geonameid = u.User.City_geonameid

			err = tmpuser.Update(tx)
		} else {
			// if we don't set a new password, we take it back from the db
			if len(u.User.Password) == 0 {
				u.User.Password = tmpuser.Password
			}

			log.Println("updating user id : ", u.Id, u)
			err = u.Update(tx)
		}
	}
	if err != nil {
		log.Println("2")
		userSqlError(w, err)
		tx.Rollback()
		return
	}

	// save the companies
	var companies []model.Company
	for _, form_company := range u.Companies {
		if form_company.Id > 0 {
			form_company.City_geonameid = form_company.CityAndCountry.City.Geonameid
			log.Println("updating company : ", form_company.Company)
			err = form_company.Update(tx)
			if err != nil {
				log.Println("error while updating a company", err)
				tx.Rollback()
				userSqlError(w, err)
				return
			}
			companies = append(companies, form_company.Company)
		} else if len(form_company.Name) > 0 {
			form_company.City_geonameid = form_company.CityAndCountry.City.Geonameid
			log.Println("creating company : ", form_company.Company)
			err = form_company.Create(tx)
			if err != nil {
				log.Println("error while adding a company", err)
				tx.Rollback()
				userSqlError(w, err)
				return
			}
			companies = append(companies, form_company.Company)
		}
	}

	err = u.SetCompanies(tx, companies)
	if err != nil {
		log.Println("7")
		tx.Rollback()
		userSqlError(w, err)
		return
	}

	if permAdminUsers {
		// save the groups
		err = u.SetGroups(tx, u.Groups)
		if err != nil {
			log.Println("set groups")
			tx.Rollback()
			userSqlError(w, err)
			return
		}
	}

	err = tx.Commit()
	if err != nil {
		log.Println("8")
		userSqlError(w, err)
		return
	}

	j, err := json.Marshal("ok")
	w.Write(j)
}