func MessageSend(r *gin.Context) { session, err := common.GetSession(r) if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } log.Printf("MessageSend(): user=%d", session.UserId) var msg model.MessagesModel if err = r.BindJSON(&msg); err != nil { r.AbortWithError(http.StatusBadRequest, err) return } // Ensure that we can't send as any other user msg.Sender = session.UserId // Set time to be now msg.Sent = time.Now() // Set unique key msg.Unique = model.NewNullStringValue(fmt.Sprintf("%d", time.Now().Unix())) err = model.MessageSend(msg) if err != nil { log.Print(err) r.AbortWithError(http.StatusInternalServerError, err) return } r.JSON(http.StatusOK, true) return }
func authMiddlewareLogout(c *gin.Context) { // As this exists outside of the normal middleware, we have to load it first, // *manually*. This is awful, but is the easiest way to keep it in the /auth // namespace. getAuthMiddleware().MiddlewareFunc()(c) session, err := common.GetSession(c) if err != nil { log.Printf("AuthLogout(): Expire session: %v", err) c.AbortWithError(http.StatusInternalServerError, err) return } log.Printf("AuthLogout(): Expire session %s", session.SessionId) common.ActiveSession.ExpireSession(session.SessionId) c.JSON(http.StatusOK, true) }
func UserInterface_GetCurrentProvider(r *gin.Context) { session, err := common.GetSession(r) if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } providerId, err := model.DbMap.SelectInt("SELECT IFNULL(userrealphy,0) FROM user WHERE id = ?", session.UserId) if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } r.JSON(http.StatusOK, providerId) return }
func UserInterface_GetCurrentUsername(r *gin.Context) { session, err := common.GetSession(r) if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } u, err := model.DbMap.Get(model.UserModel{}, session.UserId) if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } r.JSON(http.StatusOK, u.(model.UserModel).Description) return }
func MessagesView(r *gin.Context) { session, err := common.GetSession(r) if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } var o []model.MessagesModel unread_only, err := strconv.ParseBool(r.Query("unread_only")) if err != nil { unread_only = false } patient, err := strconv.ParseInt(r.Query("patient"), 10, 64) if err != nil { patient = 0 } if patient != 0 { if unread_only { _, err = model.DbMap.Select(&o, "SELECT m.*, u.userdescrip AS 'sender' FROM "+model.TABLE_MESSAGES+" m LEFT OUTER JOIN "+model.TABLE_USER+" u ON u.id = m.msgby WHERE (ISNULL(m.msgtag) OR LENGTH(m.msgtag) < 1) AND m.msgpatient = ? AND m.msgread=0 AND m.msgby = ?", patient, session.UserId) } else { _, err = model.DbMap.Select(&o, "SELECT m.*, u.userdescrip AS 'sender' FROM "+model.TABLE_MESSAGES+" m LEFT OUTER JOIN "+model.TABLE_USER+" u ON u.id = m.msgby WHERE (ISNULL(m.msgtag) OR LENGTH(m.msgtag) < 1) AND m.msgpatient = ? AND m.msgfor = ?", patient, session.UserId) } } else { if unread_only { _, err = model.DbMap.Select(&o, "SELECT m.*, u.userdescrip AS 'sender' FROM "+model.TABLE_MESSAGES+" m LEFT OUTER JOIN "+model.TABLE_USER+" u ON u.id = m.msgby WHERE (ISNULL(m.msgtag) OR LENGTH(m.msgtag) < 1) AND m.msgfor = ? AND m.msgread = 0", session.UserId) } else { _, err = model.DbMap.Select(&o, "SELECT m.*, u.userdescrip AS 'sender' FROM "+model.TABLE_MESSAGES+" m LEFT OUTER JOIN "+model.TABLE_USER+" u ON u.id = m.msgby WHERE (ISNULL(m.msgtag) OR LENGTH(m.msgtag) < 1) AND m.msgfor = ?", session.UserId) } } if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } r.JSON(http.StatusOK, o) return }
func MessageGet(r *gin.Context) { session, err := common.GetSession(r) if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } idString := r.Param("id") if idString == "" { log.Print("MessageGet(): No id provided") r.AbortWithStatus(http.StatusInternalServerError) return } id, err := strconv.ParseInt(idString, 10, 64) if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } msg, err := model.MessageById(id) if err != nil { log.Print(err.Error()) r.AbortWithError(http.StatusInternalServerError, err) return } // Access control: do not allow access from other user if msg.For != session.UserId { log.Print("MessageGet(): not allowed") r.AbortWithStatus(http.StatusInternalServerError) return } r.JSON(http.StatusOK, msg) return }