func userSqlError(w http.ResponseWriter, err error) { log.Printf("paf: %#v\n", err) if pgerr, ok := err.(*pq.Error); ok { log.Printf("pgerr: %#v\n", pgerr) switch pgerr.Code.Name() { case "foreign_key_violation": switch pgerr.Constraint { case "c_user.first_lang_isocode": routes.FieldError(w, "json.first_lang_isocode", "first_lang_isocode", "USER.FIELD_LANG.T_CHECK_BADLANG") case "c_user.second_lang_isocode": routes.FieldError(w, "json.second_lang_isocode", "second_lang_isocode", "USER.FIELD_LANG.T_CHECK_BADLANG") case "c_user.city_geonameid": routes.FieldError(w, "json.searchTextCity", "searchTextCity", "USER.FIELD_CITY.T_CHECK_MANDATORY") default: routes.ServerError(w, 500, "INTERNAL ERROR") } case "unique_violation": switch pgerr.Constraint { case "i_user.username": routes.FieldError(w, "json.username", "username", "USER.FIELD_USERNAME.T_CHECK_ALREADYEXISTS") default: routes.ServerError(w, 500, "INTERNAL ERROR") } default: log.Printf("unhandled postgresql error ! : %#v\n", pgerr) routes.ServerError(w, 500, "INTERNAL ERROR") } } else { log.Println("not a postgresql error !", err) routes.ServerError(w, 500, "INTERNAL ERROR") } }
// QueryGet get the query func QueryGet(w http.ResponseWriter, r *http.Request, proute routes.Proute) { params := proute.Params.(*QueryGetParams) fmt.Println("params: ", params) // get the user _user, _ := proute.Session.Get("user") user := _user.(model.User) tx, err := db.DB.Beginx() if err != nil { log.Println("can't start transaction") userSqlError(w, err) return } // check if project exists and is owned by the current user c := 0 err = tx.Get(&c, `SELECT count(*) FROM "project" WHERE "id"=$1 AND "user_id"=$2`, params.Project_id, user.Id) if err != nil { fmt.Println("search project query failed : ", err) userSqlError(w, err) _ = tx.Rollback() return } if c != 1 { routes.FieldError(w, "name", "name", "QUERY.SAVE.T_ERROR_PROJECT_NOT_FOUND") fmt.Println("project not found : ", params) tx.Rollback() return } res := []model.Saved_query{} err = tx.Select(&res, `SELECT * FROM "saved_query" WHERE "project_id"=$1`, params.Project_id) if err != nil { fmt.Println("search project saved queries failed : ", err) userSqlError(w, err) _ = tx.Rollback() return } err = tx.Commit() if err != nil { log.Println("can't commit") userSqlError(w, err) return } j, err := json.Marshal(res) if err != nil { log.Println("marshal failed: ", err) return } w.Write(j) }
func ChronologiesGetTree(w http.ResponseWriter, r *http.Request, proute routes.Proute) { params := proute.Params.(*ChronologyGetParams) // transaction begin... tx, err := db.DB.Beginx() if err != nil { userSqlError(w, err) return } // get the user _user, _ := proute.Session.Get("user") user := _user.(model.User) answer, err := chronologiesGetTree(tx, params.Id, user) if err != nil { _ = tx.Rollback() userSqlError(w, err) return } // commit... err = tx.Commit() if err != nil { log.Println("commit failed") userSqlError(w, err) _ = tx.Rollback() return } if params.Active && !answer.Active { routes.FieldError(w, "Active", "Active", "CHRONO.SERVER_ERROR.T_NOT_ACTIVE") return } j, err := json.Marshal(answer) if err != nil { log.Println("marshal failed: ", err) return } //log.Println("result: ", string(j)) w.Write(j) }
// QuerySave save the query func QuerySave(w http.ResponseWriter, r *http.Request, proute routes.Proute) { params := proute.Json.(*QuerySaveParams) fmt.Println("params: ", params) // get the user _user, _ := proute.Session.Get("user") user := _user.(model.User) tx, err := db.DB.Beginx() if err != nil { log.Println("can't start transaction") userSqlError(w, err) return } // check if project exists and is owned by the current user c := 0 err = tx.Get(&c, `SELECT count(*) FROM "project" WHERE "id"=$1 AND "user_id"=$2`, params.ProjectId, user.Id) if err != nil { fmt.Println("search project query failed : ", err) userSqlError(w, err) _ = tx.Rollback() return } if c != 1 { routes.FieldError(w, "name", "name", "QUERY.SAVE.T_ERROR_PROJECT_NOT_FOUND") tx.Rollback() return } err = tx.Get(&c, `SELECT count(*) FROM "saved_query" WHERE "project_id"=$1 AND "name"=$2`, params.ProjectId, params.Name) if err != nil { fmt.Println("search saved_query failed : ", err) userSqlError(w, err) _ = tx.Rollback() return } if c == 1 { // update _, err = tx.Exec(`UPDATE "saved_query" SET "params"=$3 WHERE "project_id"=$1 AND "name"=$2`, params.ProjectId, params.Name, params.Params) if err != nil { fmt.Println("update saved_query failed : ", err) userSqlError(w, err) _ = tx.Rollback() return } } else { _, err = tx.Exec(`INSERT INTO "saved_query" ("project_id", "name", "params") VALUES ($1, $2, $3)`, params.ProjectId, params.Name, params.Params) if err != nil { fmt.Println("insert saved_query failed : ", err) userSqlError(w, err) _ = tx.Rollback() return } } err = tx.Commit() if err != nil { log.Println("can't commit") userSqlError(w, err) return } j, err := json.Marshal(params) if err != nil { log.Println("marshal failed: ", err) return } w.Write(j) }
// userSet is for UserCreate or UserUpdate func userSet(w http.ResponseWriter, r *http.Request, proute routes.Proute, create bool) { u := proute.Json.(*Usercreate) // hack overrides //u.User.Password = u.Password // hack for city u.City_geonameid = u.CityAndCountry.City.Geonameid log.Println("city : ", u.City_geonameid) tx, err := db.DB.Beginx() if err != nil { log.Println("1") userSqlError(w, err) return } _me, ok := proute.Session.Get("user") if !ok { log.Println("userSet: can't get user in session...", _me) _ = tx.Rollback() return } me, ok := _me.(model.User) if !ok { log.Println("userSet: can't cast user...", _me) _ = tx.Rollback() return } permAdminUsers, err := me.HavePermissions(tx, "adminusers") if err != nil { tx.Rollback() userSqlError(w, err) return } if create || u.User.Id != me.Id { if !permAdminUsers { tx.Rollback() routes.ServerError(w, 403, "unauthorized") return } } // password if len(u.Password) > 0 { if len(u.Password) < 7 { tx.Rollback() routes.FieldError(w, "json.password", "password", "USER.FIELD_PASSWORD.T_CHECK_LENGTH") return } err = u.User.MakeNewPassword(u.Password) if err != nil { fmt.Println("password generate failed") tx.Rollback() userSqlError(w, err) return } } // photo... if u.File != nil { photo := model.Photo{ Photo: string(u.File.Content), } err = photo.Create(tx) if err != nil { log.Println("1") userSqlError(w, err) tx.Rollback() return } u.Photo_id = photo.Id } // save the user if create { err = u.Create(tx) } else { tmpuser := model.User{ Id: u.Id, } err = tmpuser.Get(tx) if err != nil { log.Println("can't get user for update", err) userSqlError(w, err) tx.Rollback() return } if !permAdminUsers { // in this case, we update tmpuser with only authorized fields // if we set a new password if len(u.User.Password) != 0 { tmpuser.Password = u.User.Password } // authorized self modified user field tmpuser.Username = u.User.Username tmpuser.Firstname = u.User.Firstname tmpuser.Lastname = u.User.Lastname tmpuser.First_lang_isocode = u.User.First_lang_isocode tmpuser.Second_lang_isocode = u.User.Second_lang_isocode tmpuser.Description = u.User.Description tmpuser.Email = u.User.Email tmpuser.City_geonameid = u.User.City_geonameid err = tmpuser.Update(tx) } else { // if we don't set a new password, we take it back from the db if len(u.User.Password) == 0 { u.User.Password = tmpuser.Password } log.Println("updating user id : ", u.Id, u) err = u.Update(tx) } } if err != nil { log.Println("2") userSqlError(w, err) tx.Rollback() return } // save the companies var companies []model.Company for _, form_company := range u.Companies { if form_company.Id > 0 { form_company.City_geonameid = form_company.CityAndCountry.City.Geonameid log.Println("updating company : ", form_company.Company) err = form_company.Update(tx) if err != nil { log.Println("error while updating a company", err) tx.Rollback() userSqlError(w, err) return } companies = append(companies, form_company.Company) } else if len(form_company.Name) > 0 { form_company.City_geonameid = form_company.CityAndCountry.City.Geonameid log.Println("creating company : ", form_company.Company) err = form_company.Create(tx) if err != nil { log.Println("error while adding a company", err) tx.Rollback() userSqlError(w, err) return } companies = append(companies, form_company.Company) } } err = u.SetCompanies(tx, companies) if err != nil { log.Println("7") tx.Rollback() userSqlError(w, err) return } if permAdminUsers { // save the groups err = u.SetGroups(tx, u.Groups) if err != nil { log.Println("set groups") tx.Rollback() userSqlError(w, err) return } } err = tx.Commit() if err != nil { log.Println("8") userSqlError(w, err) return } j, err := json.Marshal("ok") w.Write(j) }