func (PageResource) BeforeDelete(res kit.Resource, obj kit.Model, user kit.User) apperror.Error { // Note: other relationship deletion handling happens in models BeforeDelete() hook. // Files have to be deleted here, since they require the fileService. // Delete files. fileService := res.Registry().FileService() m2m, err := res.Backend().M2M(obj, "Files") if err != nil { return err } files, err := m2m.All() if err != nil { return err } // Delete m2m relation. if err := m2m.Clear(); err != nil { return err } for _, file := range files { if err := fileService.Delete(file.(kit.File), user); err != nil { return err } } return nil }
// ApiFindOne verifies the session and returns user and profile in meta if valid. func (SessionResourceHooks) ApiFindOne(res kit.Resource, rawId string, r kit.Request) kit.Response { if rawId == "" { return kit.NewErrorResponse("empty_token", "Empty token") } userService := res.Registry().UserService() user, session, err := userService.VerifySession(rawId) if err != nil { return kit.NewErrorResponse(err) } meta := make(map[string]interface{}) if user != nil { userData, err := res.Backend().ModelToMap(user, true, false) if err != nil { return kit.NewErrorResponse("marshal_error", err) } meta["user"] = userData if user.GetProfile() != nil { profileData, err := res.Backend().ModelToMap(user.GetProfile(), true, false) if err != nil { return kit.NewErrorResponse("marshal_error", err) } meta["profile"] = profileData } } return &kit.AppResponse{ Data: session, Meta: meta, } }
// Creating a session is equivalent to logging in. func (hooks SessionResourceHooks) ApiCreate(res kit.Resource, obj kit.Model, r kit.Request) kit.Response { userService := res.Registry().UserService() meta := r.GetMeta() isAnonymous, _ := meta.Bool("anonymous") // Find user. userIdentifier := meta.String("user") adaptor := meta.String("adaptor") data, _ := meta.Map("authData") var user kit.User if !isAnonymous { if adaptor == "" { return kit.NewErrorResponse("adaptor_missing", "Expected 'adaptor' in metadata.", true) } if data == nil { kit.NewErrorResponse("no_or_invalid_auth_data", "Expected 'authData' dictionary in metadata.") } var err apperror.Error user, err = userService.AuthenticateUser(userIdentifier, adaptor, data) if err != nil { return kit.NewErrorResponse(err) } } session, err := userService.StartSession(user, r.GetFrontend()) if err != nil { return kit.NewErrorResponse(err) } responseMeta := make(map[string]interface{}) if !isAnonymous { userData, err := res.Backend().ModelToMap(user, true, false) if err != nil { return kit.NewErrorResponse("marshal_error", err) } responseMeta["user"] = userData if user.GetProfile() != nil { profileData, err := res.Backend().ModelToMap(user.GetProfile(), true, false) if err != nil { return kit.NewErrorResponse("marshal_error", err) } responseMeta["profile"] = profileData } } return &kit.AppResponse{ Data: session, Meta: responseMeta, } }
func (SessionResourceHooks) ApiDelete(res kit.Resource, id string, r kit.Request) kit.Response { if id != r.GetSession().GetStrId() { return kit.NewErrorResponse("permission_denied", "Permission denied", 403) } if err := res.Backend().Delete(r.GetSession()); err != nil { return kit.NewErrorResponse("db_delete_error", err, true) } return &kit.AppResponse{} }
func (s *Service) RegisterResource(res kit.Resource) { if res.Backend() == nil { if s.defaultBackend == nil { s.registry.Logger().Panic("Registering resource without backend, but no default backend set on resources.Service") } s.defaultBackend.RegisterModel(res.Model()) res.SetBackend(s.defaultBackend) } if res.Collection() == "" { s.registry.Logger().Panic("Registering resource without a model type") } s.resources[res.Collection()] = res }
func (PageResource) Methods(res kit.Resource) []kit.Method { publish := &methods.Method{ Name: "cms.page.publish", Blocking: true, Handler: func(registry kit.Registry, r kit.Request, unblock func()) kit.Response { user := r.GetUser() if user == nil || !user.HasRole("admin") { return kit.NewErrorResponse("permission_denied") } id := utils.GetMapStringKey(r.GetData(), "id") if id == "" { return kit.NewErrorResponse("no_id_in_data", "Expected 'id' key in data.") } rawPage, err := res.Backend().FindOne("pages", id) if err != nil { return kit.NewErrorResponse("db_error", err) } else if rawPage == nil { return kit.NewErrorResponse("not_found", "The specified page id does not exist.") } err = res.ModelInfo().UpdateModelFromData(rawPage, map[string]interface{}{ "published": true, "published_at": time.Now(), }) if err != nil { return kit.NewErrorResponse("db_error", err) } return &kit.AppResponse{ Data: map[string]interface{}{"success": true}, } }, } return []kit.Method{publish} }
func (a *App) RegisterResource(res kit.Resource) { if res.Backend() == nil { if a.registry.DefaultBackend() == nil { a.Logger().Panic("Registering resource without backend, but no default backend set.") } // Set backend. res.SetBackend(a.registry.DefaultBackend()) } if res.Registry() == nil { res.SetRegistry(a.registry) } res.SetDebug(a.Debug()) // Allow a resource to register custom http routes and methods. if res.Hooks() != nil { // Handle http routes. if resRoutes, ok := res.Hooks().(resources.ApiHttpRoutes); ok { for _, route := range resRoutes.HttpRoutes(res) { a.RegisterHttpHandler(route.Method(), route.Route(), route.Handler()) } } // Handle methods. if resMethods, ok := res.Hooks().(resources.MethodsHook); ok { for _, method := range resMethods.Methods(res) { a.RegisterMethod(method) } } } a.registry.AddResource(res) }
func Find(res kit.Resource, request kit.Request) (kit.Response, apperror.Error) { collection := res.Collection() info := res.Backend().ModelInfo(collection) var query *db.Query jsonQuery := request.GetContext().String("query") if jsonQuery != "" { var rawQuery map[string]interface{} if err := json.Unmarshal([]byte(jsonQuery), &rawQuery); err != nil { return nil, apperror.Wrap(err, "invalid_query_json") } rawQuery["collection"] = collection // A custom query was supplied. // Try to parse the query. var err apperror.Error query, err = db.ParseQuery(res.Backend(), rawQuery) if err != nil { return nil, apperror.Wrap(err, "invalid_query", "", false) } } if query == nil { query = res.Backend().Q(collection) } // Check paging parameters. var limit, offset int context := request.GetContext() if context.Has("limit") { val, err := context.Int("limit") if err != nil { return nil, &apperror.Err{ Public: true, Code: "non_numeric_limit_parameter", Message: "The get query contains a non-numeric ?limit", } } limit = val } if context.Has("offset") { val, err := context.Int("offset") if err != nil { return nil, &apperror.Err{ Public: true, Code: "non_numeric_offset_parameter", Message: "The get query contains a non-numeric ?offset", } } offset = val } var page, perPage int if context.Has("page") { val, err := context.Int("page") if err != nil { return nil, &apperror.Err{ Public: true, Code: "non_numeric_page_parameter", Message: "The get query contains a non-numeric ?page", } } page = val } if context.Has("per_page") { val, err := context.Int("per_page") if err != nil { return nil, &apperror.Err{ Public: true, Code: "non_numeric_per_page_parameter", Message: "The get query contains a non-numeric ?per_page", } } perPage = val } if perPage > 0 { limit = perPage } if page > 1 { offset = (page - 1) * limit } if limit > 0 { query.Limit(int(limit)).Offset(int(offset)) } // Add joins. if context.Has("joins") { parts := strings.Split(context.String("joins"), ",") for _, name := range parts { relation := info.FindRelation(name) if relation == nil { return nil, &apperror.Err{ Code: "invalid_join", Message: fmt.Sprintf("Tried to join a NON-existant relationship %v", name), Public: true, } } query.Join(relation.Name()) } } // Add filters. if context.Has("filters") { parts := strings.Split(context.String("filters"), ",") for _, filter := range parts { filterParts := strings.Split(filter, ":") if len(filterParts) != 2 { return nil, &apperror.Err{ Public: true, Code: "invalid_filter", Message: fmt.Sprintf("Invalid filter: %v", filter), } } fieldName := filterParts[0] // COnvert id query to pk field. if fieldName == "id" { fieldName = info.PkAttribute().BackendName() } var typ reflect.Type if attr := info.FindAttribute(fieldName); attr != nil { fieldName = attr.BackendName() typ = attr.Type() } else if rel := info.FindRelation(fieldName); rel != nil { if rel.RelationType() == db.RELATION_TYPE_HAS_ONE { fieldName = rel.LocalField() typ = info.Attribute(rel.LocalField()).Type() } else { return nil, &apperror.Err{ Public: true, Code: "cant_filter_on_relation", Message: fmt.Sprintf("Tried to filter on relationship field %v (only possible for has-one relations)", fieldName), } } } else { return nil, &apperror.Err{ Public: true, Code: "filter_for_inexistant_field", Message: fmt.Sprintf("Tried to filter with inexistant field %v", fieldName), } } converted, err := reflector.R(filterParts[1]).ConvertTo(typ) if err != nil { return nil, &apperror.Err{ Public: true, Code: "inconvertible_filter_value", Message: fmt.Sprintf("Coult not convert filter value %v for field %v (should be %v)", filterParts[1], fieldName, typ), } } query.Filter(fieldName, converted) } } return res.ApiFind(query, request), nil }