func getLogUserID(r *http.Request, ec *ab.EntityController) string {
db := ab.GetDB(r)
userid := r.RemoteAddr
uid := ab.GetSession(r)["uid"]
if uid != "" {
userEntity, err := ec.Load(db, "user", uid)
if err != nil {
log.Println(err)
} else {
user := userEntity.(*User)
userid = user.Mail
}
}
return userid
}
func userService(ec *ab.EntityController) ab.Service {
res := ab.EntityResource(ec, &User{}, ab.EntityResourceConfig{
DisableList: true,
})
res.ExtraEndpoints = func(srv *ab.Server) error {
srv.Get("/api/user", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
sess := ab.GetSession(r)
if sess["uid"] != "" {
db := ab.GetDB(r)
user, err := ec.Load(db, "user", sess["uid"])
ab.MaybeFail(http.StatusInternalServerError, err)
ab.Render(r).
JSON(user)
}
}))
return nil
}
return res
}
func screeningService(ec *ab.EntityController) ab.Service {
res := ab.EntityResource(ec, &Screening{}, ab.EntityResourceConfig{
DisablePost: true,
DisableList: true,
DisableGet: true,
DisablePut: true,
DisableDelete: true,
})
res.ExtraEndpoints = func(srv *ab.Server) error {
srv.Post("/api/walkthrough/:id/screening", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
wid := ab.GetParams(r).ByName("id")
data := []string{}
ab.MustDecode(r, &data)
db := ab.GetDB(r)
uid := ab.GetSession(r)["uid"]
userEntity, err := ec.Load(db, "user", uid)
ab.MaybeFail(http.StatusInternalServerError, err)
user := userEntity.(*User)
wt, err := LoadActualRevision(db, ec, wid)
ab.MaybeFail(http.StatusBadRequest, err)
if wt.UID != uid && !user.Admin {
ab.Fail(http.StatusForbidden, nil)
}
if len(data) == 0 || len(data) != len(wt.Steps)-1 {
ab.Fail(http.StatusBadRequest, fmt.Errorf("got %d images, expected: %d", len(data), len(wt.Steps)-1))
}
screening := &Screening{
WID: wid,
UID: uid,
Steps: uint(len(wt.Steps) - 1),
Created: time.Now(),
Published: true,
}
err = ec.Insert(db, screening)
ab.MaybeFail(http.StatusInternalServerError, err)
images := map[string][]byte{}
for i, d := range data {
if d == "" {
continue
}
dataurl, err := dataurl.DecodeString(d)
if err != nil {
ab.LogTrace(r).Printf("data url error: %s", dataurl)
ab.Fail(http.StatusBadRequest, err)
}
if dataurl.ContentType() != "image/png" {
ab.Fail(http.StatusBadRequest, errors.New("not a png"))
}
fn := screening.ScreenshotPath(uint(i))
images[fn] = dataurl.Data
}
if len(images) == 0 {
ab.Fail(http.StatusBadRequest, errors.New("no images sent"))
}
for name, content := range images {
if err := ioutil.WriteFile(name, content, 0644); err != nil {
ab.LogUser(r).Println(err)
}
}
ab.Render(r).
SetCode(http.StatusCreated).
JSON(screening)
}), userLoggedInMiddleware)
lock := map[string]chan struct{}{}
var mtx sync.Mutex
srv.Get("/api/walkthrough/:id/screening", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
wid := ab.GetParams(r).ByName("id")
db := ab.GetDB(r)
screening, err := LoadActualScreeningForWalkthrough(db, ec, wid)
ab.MaybeFail(http.StatusInternalServerError, err)
if screening == nil {
ab.Fail(http.StatusNotFound, nil)
}
fn := screening.GIFPath()
reply := func() {
filelist := make([]string, int(screening.Steps))
for i := uint(0); i < screening.Steps; i++ {
filelist[i] = "/" + screening.ScreenshotPath(i)
}
ab.Render(r).AddOffer("image/gif", func(w http.ResponseWriter) {
f, err := os.Open(fn)
ab.MaybeFail(http.StatusInternalServerError, err)
defer f.Close()
io.Copy(w, f)
}).JSON(filelist)
}
if _, err := os.Stat(fn); err == nil {
reply()
return
}
// Short-circuits the gif generation process.
// If the client wants JSON, there is no need
// to go through the GIF generation, which is
// an expensive process.
if r.Header.Get("Accept") == "application/json" {
reply()
return
}
mtx.Lock()
l, ok := lock[fn]
if ok {
mtx.Unlock()
select {
case <-l:
reply()
case <-time.After(5 * time.Second):
w.Header().Set("Retry-After", "30")
ab.Render(r).SetCode(http.StatusServiceUnavailable)
}
return
}
l = make(chan struct{})
lock[fn] = l
mtx.Unlock()
err = screening.createGIF(false)
defer func() {
mtx.Lock()
delete(lock, fn)
mtx.Unlock()
}()
if err != nil {
if _, ok := err.(*os.PathError); ok {
ab.Fail(http.StatusNotFound, err)
} else {
ab.Fail(http.StatusInternalServerError, err)
}
}
close(l)
reply()
}))
return nil
}
return res
}
func walkthroughService(ec *ab.EntityController, search *search.SearchService, baseurl string) ab.Service {
h := &walkthroughEntityResourceHelper{
controller: ec,
}
res := ab.EntityResource(ec, &Walkthrough{}, ab.EntityResourceConfig{
PostMiddlewares: []func(http.Handler) http.Handler{userLoggedInMiddleware},
PutMiddlewares: []func(http.Handler) http.Handler{userLoggedInMiddleware},
DeleteMiddlewares: []func(http.Handler) http.Handler{userLoggedInMiddleware},
EntityResourceLister: h,
EntityResourceLoader: h,
})
res.ExtraEndpoints = func(srv *ab.Server) error {
reindexing := false
var reindexingMutex sync.RWMutex
srv.Post("/api/reindexwalkthroughs", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
reindexingMutex.RLock()
idxing := reindexing
reindexingMutex.RUnlock()
if idxing {
ab.Fail(http.StatusServiceUnavailable, errors.New("reindexing is in progress"))
}
reindexingMutex.Lock()
reindexing = true
reindexingMutex.Unlock()
db := ab.GetDB(r)
go func() {
defer func() {
reindexingMutex.Lock()
reindexing = false
reindexingMutex.Unlock()
}()
err := search.PurgeIndex()
if err != nil {
log.Println(err)
return
}
wts, err := LoadAllActualWalkthroughs(db, ec, 0, 0)
if err != nil {
log.Println(err)
return
}
for _, wt := range wts {
err = search.IndexEntity("walkthrough", wt)
if err != nil {
log.Println(err)
return
}
}
}()
ab.Render(r).SetCode(http.StatusAccepted)
}), ab.RestrictPrivateAddressMiddleware())
srv.Get("/api/mysites", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
db := ab.GetDB(r)
uid := ab.GetSession(r)["uid"]
rows, err := db.Query("SELECT DISTINCT steps->0->'arg0' AS site FROM walkthrough WHERE uid = $1 AND published ORDER BY site", uid)
ab.MaybeFail(http.StatusInternalServerError, err)
defer rows.Close()
sites := []string{}
for rows.Next() {
var site sql.NullString
err = rows.Scan(&site)
ab.MaybeFail(http.StatusInternalServerError, err)
if site.Valid {
siteName := site.String
// strip surrounding "
siteName = siteName[1:]
siteName = siteName[:len(siteName)-1]
sites = append(sites, siteName)
}
}
ab.Render(r).JSON(sites)
}), userLoggedInMiddleware)
return nil
}
res.AddPostEvent(ab.ResourceEventCallback{
BeforeCallback: func(r *http.Request, d ab.Resource) {
wt := d.(*Walkthrough)
uid := UserDelegate.CurrentUser(r)
if wt.UID == "" {
wt.UID = uid
}
if wt.UID != uid {
ab.Fail(http.StatusBadRequest, errors.New("invalid user id"))
}
wt.Updated = time.Now()
wt.Revision = ""
wt.UUID = ""
},
AfterCallback: func(r *http.Request, d ab.Resource) {
db := ab.GetDB(r)
wt := d.(*Walkthrough)
search.IndexEntity("walkthrough", wt)
userEntity, err := ec.Load(db, "user", wt.UID)
if err != nil {
log.Println(err)
return
}
user := userEntity.(*User)
startURL := ""
if len(wt.Steps) > 0 && wt.Steps[0].Command == "open" {
startURL = wt.Steps[0].Arg0
}
message := fmt.Sprintf("%s has recorded a Walkthrough (<%s|%s>) on %s",
user.Mail,
baseurl+"walkthrough/"+wt.UUID,
html.EscapeString(wt.Name),
html.EscapeString(startURL),
)
DBLog(db, ec, "walkthroughrecord", message)
},
})
res.AddPutEvent(ab.ResourceEventCallback{
BeforeCallback: func(r *http.Request, d ab.Resource) {
db := ab.GetDB(r)
wt := d.(*Walkthrough)
uid := UserDelegate.CurrentUser(r)
currentUserEntity, err := ec.Load(db, "user", uid)
ab.MaybeFail(http.StatusBadRequest, err)
currentUser := currentUserEntity.(*User)
if wt.UID != uid {
if !currentUser.Admin {
ab.Fail(http.StatusForbidden, nil)
}
}
previousRevision, err := LoadActualRevision(db, ec, wt.UUID)
ab.MaybeFail(http.StatusBadRequest, err)
if previousRevision == nil {
ab.Fail(http.StatusNotFound, nil)
}
if previousRevision.UID != uid && !currentUser.Admin {
ab.Fail(http.StatusForbidden, nil)
}
wt.Updated = time.Now()
wt.Revision = ""
},
AfterCallback: func(r *http.Request, d ab.Resource) {
search.IndexEntity("walkthrough", d.(*Walkthrough))
},
})
res.AddDeleteEvent(ab.ResourceEventCallback{
InsideCallback: func(r *http.Request, d ab.Resource) {
db := ab.GetDB(r)
uid := UserDelegate.CurrentUser(r)
wt := d.(*Walkthrough)
currentUserEntity, err := ec.Load(db, "user", uid)
ab.MaybeFail(http.StatusBadRequest, err)
currentUser := currentUserEntity.(*User)
if wt.UID != uid {
if !currentUser.Admin {
ab.Fail(http.StatusForbidden, nil)
}
}
},
})
return res
}