func getDevices(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") user := r.AuthUser if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's devices.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } devices, err := r.GetDevicesByUser(user) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } Respond(w, r, http.StatusOK, "Successfully retrieved a list of devices", []interface{}{devices}) return }
func resetSecret(w http.ResponseWriter, r *twocloud.RequestBundle) { user := r.AuthUser username := r.Request.URL.Query().Get(":username") if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusForbidden, "You don't have access to that user's account.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } } resp, err := r.ResetSecret(user) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } Respond(w, r, http.StatusOK, "Successfully reset secret", []interface{}{resp}) return }
func newDevice(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") user := r.AuthUser if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's devices.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } var req twocloud.Device body, err := ioutil.ReadAll(r.Request.Body) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } err = json.Unmarshal(body, &req) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{}) return } if req.Name == "" { Respond(w, r, http.StatusBadRequest, "Name must be specified.", []interface{}{}) return } req.ClientType = strings.ToLower(req.ClientType) if !req.ValidClientType() { Respond(w, r, http.StatusBadRequest, "Invalid client type.", []interface{}{}) return } gcm_key := "" if req.Pushers != nil && req.Pushers.GCM != nil { gcm_key = req.Pushers.GCM.Key } device, err := r.AddDevice(req.Name, req.ClientType, r.Request.RemoteAddr, gcm_key, user) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } Respond(w, r, http.StatusCreated, "Successfully created a device", []interface{}{device}) return }
func deleteLink(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") user := r.AuthUser if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's links.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } deviceID, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{}) return } device, err := r.GetDevice(deviceID) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } if device.UserID != user.ID { Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{}) return } linkID, err := strconv.ParseUint(r.Request.URL.Query().Get(":link"), 10, 64) if err != nil { Respond(w, r, http.StatusBadRequest, "Invalid link ID", []interface{}{}) return } link, err := r.GetLink(linkID) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } err = r.DeleteLink(link) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } Respond(w, r, http.StatusOK, "Successfully deleted the link", []interface{}{link}) return }
func deleteNotification(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") user := r.AuthUser if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's notifications.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } notificationID, err := strconv.ParseUint(r.Request.URL.Query().Get(":notification"), 10, 64) if err != nil { Respond(w, r, http.StatusBadRequest, "Invalid notification ID", []interface{}{}) return } notification, err := r.GetNotification(notificationID) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } if notification.DestinationType == "user" && notification.Destination != user.ID { Respond(w, r, http.StatusBadRequest, "That notification doesn't belong to that user.", []interface{}{}) return } else if notification.DestinationType == "device" { device, err := r.GetDevice(notification.Destination) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } if device.UserID != user.ID { Respond(w, r, http.StatusBadRequest, "That notification does not belong to that user.", []interface{}{}) return } } err = r.DeleteNotification(notification) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } Respond(w, r, http.StatusOK, "Successfully deleted the notification", []interface{}{notification}) return }
func verifyEmail(w http.ResponseWriter, r *twocloud.RequestBundle) { var req verifyEmailRequest user := r.AuthUser username := r.Request.URL.Query().Get(":username") if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusForbidden, "You don't have access to that user's account.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } } body, err := ioutil.ReadAll(r.Request.Body) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } err = json.Unmarshal(body, &req) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{}) return } if req.Code == "" { Respond(w, r, http.StatusBadRequest, "Code must be set.", []interface{}{}) return } err = r.VerifyEmail(user, req.Code) if err == twocloud.InvalidConfirmationCodeError { Respond(w, r, http.StatusBadRequest, "Invalid confirmation code.", []interface{}{}) return } else if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } user.EmailUnconfirmed = false Respond(w, r, http.StatusOK, "Successfully verified email address", []interface{}{user}) return }
func getUser(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") includeSub := r.Request.URL.Query().Get("include_subscription") == "1" if username == "" { Respond(w, r, http.StatusNotFound, "User not found.", []interface{}{}) return } if strings.ToLower(username) == strings.ToLower(r.AuthUser.Username) { user := r.AuthUser user.Subscription = nil elems := []interface{}{user} if includeSub { elems = append(elems, r.AuthUser.Subscription) } setLastModified(w, user.LastActive) Respond(w, r, http.StatusOK, "Successfully retrieved user information", elems) return } if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusForbidden, "You don't have access to that user's account.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } user, err := r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } sub := user.Subscription user.Subscription = nil elems := []interface{}{user} if includeSub { elems = append(elems, sub) } setLastModified(w, user.LastActive) Respond(w, r, http.StatusOK, "Successfully retrieved user information", []interface{}{user}) return }
func getDevice(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") user := r.AuthUser if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's devices.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } id, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } device, err := r.GetDevice(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } if device.UserID != user.ID { Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{}) return } Respond(w, r, http.StatusOK, "Successfully retrieved device information", []interface{}{device}) return }
func updateDevice(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") deviceId := r.Request.URL.Query().Get(":device") user := r.AuthUser if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's devices.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } devID, err := strconv.ParseUint(deviceId, 10, 64) if err != nil { Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{}) return } device := r.Device if device.ID != devID { device, err = r.GetDevice(devID) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } if device.UserID != user.ID { Respond(w, r, http.StatusBadRequest, "The specified device does not belong to the specified user", []interface{}{}) return } var req twocloud.Device body, err := ioutil.ReadAll(r.Request.Body) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } err = json.Unmarshal(body, &req) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{}) return } req.ClientType = strings.ToLower(req.ClientType) gcm_key := "" if req.Pushers != nil && req.Pushers.GCM != nil { gcm_key = req.Pushers.GCM.Key } device, err = r.UpdateDevice(device, req.Name, req.ClientType, gcm_key) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } Respond(w, r, http.StatusCreated, "Successfully updated the device", []interface{}{device}) return }
func updateLink(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") user := r.AuthUser if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's links.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } deviceID, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{}) return } device, err := r.GetDevice(deviceID) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } if device.UserID != user.ID { Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{}) return } linkID, err := strconv.ParseUint(r.Request.URL.Query().Get(":link"), 10, 64) if err != nil { Respond(w, r, http.StatusBadRequest, "Invalid link ID", []interface{}{}) return } link, err := r.GetLink(linkID) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } var req twocloud.Link body, err := ioutil.ReadAll(r.Request.Body) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } err = json.Unmarshal(body, &req) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{}) return } if req.URL != nil { Respond(w, r, http.StatusBadRequest, "URL cannot be modified.", []interface{}{}) return } unread := link.Unread comment := link.Comment if device.ID == link.Sender.ID { comment = req.Comment } else if device.ID == link.Receiver.ID { unread = req.Unread } link, err = r.UpdateLink(link, unread, comment) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } Respond(w, r, http.StatusOK, "Successfully retrieved link information", []interface{}{link}) return }
func getLinks(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") user := r.AuthUser role := r.Request.URL.Query().Get("role") roleFlag := twocloud.RoleEither if role == "sender" { roleFlag = twocloud.RoleSender } else if role == "receiver" { roleFlag = twocloud.RoleReceiver } var after, before uint64 var err error afterstr := r.Request.URL.Query().Get("after") if afterstr != "" { after, err = strconv.ParseUint(afterstr, 10, 64) if err != nil { Respond(w, r, http.StatusBadRequest, "Invalid after ID.", []interface{}{}) return } } beforestr := r.Request.URL.Query().Get("before") if beforestr != "" { before, err = strconv.ParseUint(beforestr, 10, 64) if err != nil { Respond(w, r, http.StatusBadRequest, "Invalid before ID.", []interface{}{}) return } } count := 20 countstr := r.Request.URL.Query().Get("count") if countstr != "" { newcount, err := strconv.Atoi(countstr) if err != nil { Respond(w, r, http.StatusBadRequest, "Invalid count.", []interface{}{}) return } if newcount > 0 && newcount <= 100 { count = newcount } } var links []twocloud.Link if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's links.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } deviceID := r.Request.URL.Query().Get(":device") if deviceID != "" { id, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } device, err := r.GetDevice(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } if device.UserID != user.ID { Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{}) return } links, err = r.GetLinksByDevice(device, roleFlag, before, after, count) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } else { links, err = r.GetLinksByUser(user, roleFlag, before, after, count) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } Respond(w, r, http.StatusOK, "Successfully retrieved a list of links", []interface{}{links}) return }
func sendLinks(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") user := r.AuthUser if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's links.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } deviceID, err := strconv.ParseUint(r.Request.URL.Query().Get(":device"), 10, 64) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{}) return } device, err := r.GetDevice(deviceID) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } if device.UserID != user.ID { Respond(w, r, http.StatusBadRequest, "That device ID does not belong to that user.", []interface{}{}) return } var req LinksReq body, err := ioutil.ReadAll(r.Request.Body) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } err = json.Unmarshal(body, &req) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{}) return } links := []twocloud.Link{} for _, link := range req.Links { if link.URL == nil || link.URL.Address == "" { Respond(w, r, http.StatusBadRequest, "The address field must be specified.", []interface{}{}) return } link.Sender = r.Device link.Receiver = device link.Unread = true links = append(links, link) } links, err = r.AddLinks(links) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) } Respond(w, r, http.StatusCreated, "Successfully created links", []interface{}{links}) return }
func markNotificationRead(w http.ResponseWriter, r *twocloud.RequestBundle) { username := r.Request.URL.Query().Get(":username") user := r.AuthUser var err error if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusUnauthorized, "You don't have access to that user's notifications.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } } notificationID, err := strconv.ParseUint(r.Request.URL.Query().Get(":notification"), 10, 64) if err != nil { Respond(w, r, http.StatusBadRequest, "Invalid notification ID", []interface{}{}) return } notification, err := r.GetNotification(notificationID) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } if notification.DestinationType == "user" && notification.Destination != user.ID { Respond(w, r, http.StatusBadRequest, "That notification doesn't belong to that user.", []interface{}{}) return } else if notification.DestinationType == "device" { device, err := r.GetDevice(notification.Destination) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } if device.UserID != user.ID { Respond(w, r, http.StatusBadRequest, "That notification does not belong to that user.", []interface{}{}) return } } var req twocloud.Notification body, err := ioutil.ReadAll(r.Request.Body) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } err = json.Unmarshal(body, &req) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{}) return } if req.Unread { Respond(w, r, http.StatusBadRequest, "Unread cannot be true.", []interface{}{}) return } notification.Unread = req.Unread notification, err = r.MarkNotificationRead(notification) if err != nil { Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } Respond(w, r, http.StatusOK, "Successfully updated the notification", []interface{}{notification}) return }
func sendNotification(w http.ResponseWriter, r *twocloud.RequestBundle) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusForbidden, "You don't have permission to send notifications.", []interface{}{}) return } var req notificationReq body, err := ioutil.ReadAll(r.Request.Body) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } err = json.Unmarshal(body, &req) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{}) return } username := r.Request.URL.Query().Get(":username") if username != "" { deviceIDstr := r.Request.URL.Query().Get(":device") if deviceIDstr != "" { deviceID, err := strconv.ParseUint(deviceIDstr, 10, 64) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Invalid device ID", []interface{}{}) return } device, err := r.GetDevice(deviceID) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } notifications, err := r.SendNotificationsToDevice(device, req.Notifications) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } Respond(w, r, http.StatusCreated, "Successfully created notifications", []interface{}{notifications}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } user, err := r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } notifications, err := r.SendNotificationsToUser(user, req.Notifications) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } Respond(w, r, http.StatusCreated, "Successfully created notifications", []interface{}{notifications}) return } notifications, err := r.BroadcastNotifications(req.Notifications, req.Filter) if err == twocloud.InvalidBroadcastFilter { Respond(w, r, http.StatusBadRequest, err.Error(), []interface{}{}) return } else if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error", []interface{}{}) return } Respond(w, r, http.StatusCreated, "Successfully created notifications", []interface{}{notifications}) return }
func updateUser(w http.ResponseWriter, r *twocloud.RequestBundle) { var req modifyUserRequest user := r.AuthUser username := r.Request.URL.Query().Get(":username") if strings.ToLower(username) != strings.ToLower(r.AuthUser.Username) { if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusForbidden, "You don't have access to that user's account.", []interface{}{}) return } id, err := r.GetUserID(username) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } user, err = r.GetUser(id) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } } body, err := ioutil.ReadAll(r.Request.Body) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } err = json.Unmarshal(body, &req) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusBadRequest, "Error decoding request.", []interface{}{}) return } email := user.Email given_name := user.Name.Given family_name := user.Name.Family name_changed := false admin := false for _, field := range req.Fields { switch field { case "email": if req.User.Email == "" { Respond(w, r, http.StatusBadRequest, "Email cannot be empty.", []interface{}{}) return } email = req.User.Email break case "name.given": given_name = req.User.Name.Given name_changed = true break case "name.family": family_name = req.User.Name.Family name_changed = true break case "admin": if !r.AuthUser.IsAdmin { Respond(w, r, http.StatusForbidden, "You don't have the ability to grant or revoke admin status.", []interface{}{}) return } admin = true break } } err = r.UpdateUser(user, email, given_name, family_name, name_changed) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } user.Email = email if name_changed { user.Name.Given = given_name user.Name.Family = family_name } if admin { if req.User.IsAdmin && !user.IsAdmin { err = r.MakeAdmin(user) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } user.IsAdmin = true } else if !req.User.IsAdmin && user.IsAdmin { err = r.StripAdmin(user) if err != nil { r.Log.Error(err.Error()) Respond(w, r, http.StatusInternalServerError, "Internal server error.", []interface{}{}) return } user.IsAdmin = false } } Respond(w, r, http.StatusOK, "Successfully updated the user account", []interface{}{user}) return }