示例#1
0
//-----------------------------------------------------------------------------
func (this *UserController) Login(userId string) {
	if !this.isAdmin() {
		http.Redirect(this.Response, this.Request, "/", http.StatusForbidden)
		return
	}

	id, err := strconv.Atoi(userId)
	if utils.HandleErr("[UserController::Login] user_id Atoi: ", err, this.Response) {
		return
	}

	if !db.IsExists("users", []string{"id"}, []interface{}{id}) {
		http.Error(this.Response, "Have not such user with the id", http.StatusInternalServerError)
		return
	}

	sid := utils.GetRandSeq(HASH_SIZE)
	params := map[string]interface{}{"sid": sid, "enabled": true}
	where := map[string]interface{}{"id": id}

	this.GetModel("users").Update(this.isAdmin(), id, params, where)
	sessions.SetSession(this.Response, map[string]interface{}{"sid": sid})

	http.Redirect(this.Response, this.Request, "/usercontroller/showcabinet", 200)
}
示例#2
0
func (this *RegistrationController) Register(login, password, email, role string) (result string, regId int) {
	result = "ok"
	salt := strconv.Itoa(int(time.Now().Unix()))
	pass := utils.GetMD5Hash(password + salt)

	passHasInvalidChars := false
	for i := 0; i < len(password); i++ {
		if strconv.IsPrint(rune(password[i])) == false {
			passHasInvalidChars = true
			break
		}
	}

	if db.IsExists("users", []string{"login"}, []interface{}{login}) == true {
		result = "loginExists"

	} else if !utils.MatchRegexp("^[a-zA-Z0-9]{2,36}$", login) {
		result = "badLogin"

	} else if !utils.MatchRegexp("^.{6,36}$", password) || passHasInvalidChars {
		result = "badPassword"

		// } else if bad email {

	} else {
		token := utils.GetRandSeq(HASH_SIZE)

		if !mailer.SendConfirmEmail(login, email, token) {
			return "badEmail", -1
		}

		var userId int
		this.GetModel("users").
			LoadModelData(map[string]interface{}{
				"login":   login,
				"pass":    pass,
				"salt":    salt,
				"role":    role,
				"token":   token,
				"enabled": false}).
			QueryInsert("RETURNING id").
			Scan(&userId)

		var faceId int
		this.GetModel("faces").
			LoadModelData(map[string]interface{}{"user_id": userId}).
			QueryInsert("RETURNING id").
			Scan(&faceId)

		this.GetModel("registrations").
			LoadModelData(map[string]interface{}{"face_id": faceId, "event_id": 1, "status": false}).
			QueryInsert("RETURNING id").
			Scan(&regId)

		return result, regId
	}

	return result, -1
}
示例#3
0
func (this *GroupController) IsRegGroup() {
	_, err := this.CheckSid()
	if err != nil {
		http.Redirect(this.Response, this.Request, "/", http.StatusUnauthorized)
		return
	}

	request, err := utils.ParseJS(this.Request, this.Response)
	if err != nil {
		utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
	}

	groupId, err := strconv.Atoi(request["group_id"].(string))
	if err != nil {
		utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
	}

	addDelFlag := !db.IsExists("group_registrations", []string{"group_id"}, []interface{}{groupId})
	utils.SendJSReply(map[string]interface{}{"result": "ok", "addDelFlag": addDelFlag}, this.Response)
}
示例#4
0
文件: persons.go 项目: FooBarrior/orc
func (this *PersonsModel) Add(userId int, params map[string]interface{}) error {
	var to, address string

	token := utils.GetRandSeq(HASH_SIZE)
	params["token"] = token

	log.Println("face_id: ", params["face_id"])
	log.Println("group_id: ", params["group_id"])
	log.Println("status: ", params["status"])

	if db.IsExists("persons", []string{"face_id", "group_id"}, []interface{}{params["face_id"], params["group_id"]}) {
		return errors.New("Участник уже состоит в группе")
	}

	query := `SELECT param_values.value
        FROM param_values
        INNER JOIN registrations ON registrations.id = param_values.reg_id
        INNER JOIN params ON params.id = param_values.param_id
        INNER JOIN events ON events.id = registrations.event_id
        INNER JOIN faces ON faces.id = registrations.face_id
        INNER JOIN users ON users.id = faces.user_id
        WHERE params.id in (5, 6, 7) AND users.id = $1 AND events.id = 1 ORDER BY params.id;`
	data := db.Query(query, []interface{}{userId})
	headName := ""
	if len(data) < 3 {
		return errors.New("Данные о руководителе группы отсутсвуют")

	} else {
		headName = data[0].(map[string]interface{})["value"].(string)
		headName += " " + data[1].(map[string]interface{})["value"].(string)
		headName += " " + data[2].(map[string]interface{})["value"].(string)
	}

	groupId, err := strconv.Atoi(params["group_id"].(string))
	if err != nil {
		return err
	}

	var groupName string
	db.QueryRow("SELECT name FROM groups WHERE id = $1;", []interface{}{groupId}).Scan(&groupName)

	query = `SELECT param_values.value
        FROM param_values
        INNER JOIN registrations ON registrations.id = param_values.reg_id
        INNER JOIN params ON params.id = param_values.param_id
        INNER JOIN events ON events.id = registrations.event_id
        INNER JOIN faces ON faces.id = registrations.face_id
        INNER JOIN users ON users.id = faces.user_id
        WHERE params.id in (4, 5, 6, 7) AND faces.id = $1 AND events.id = 1 ORDER BY params.id;`
	data = db.Query(query, []interface{}{params["face_id"]})
	if len(data) < 4 {
		return errors.New("Данные о приглашаемом участнике отсутсвуют.")

	} else {
		address = data[0].(map[string]interface{})["value"].(string)
		to = data[1].(map[string]interface{})["value"].(string)
		to += " " + data[2].(map[string]interface{})["value"].(string)
		to += " " + data[3].(map[string]interface{})["value"].(string)
	}

	if !mailer.InviteToGroup(to, address, token, headName, groupName) {
		return errors.New("Участник скорее всего указал неправильный email, отправить письмо-приглашенине невозможно")
	}

	this.LoadModelData(params).QueryInsert("").Scan()
	return nil
}
示例#5
0
func (this *GroupController) Register() {
	userId, err := this.CheckSid()
	if err != nil {
		http.Redirect(this.Response, this.Request, "/", http.StatusUnauthorized)
		return
	}

	request, err := utils.ParseJS(this.Request, this.Response)
	if err != nil {
		utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
	}

	groupId, err := strconv.Atoi(request["group_id"].(string))
	if err != nil {
		utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
	}

	eventId, err := strconv.Atoi(request["event_id"].(string))
	if err != nil {
		utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
	}

	var eventName string
	var teamEvent bool
	if err = this.GetModel("events").
		LoadWherePart(map[string]interface{}{"id": eventId}).
		SelectRow([]string{"name", "team"}).
		Scan(&eventName, &teamEvent); err != nil {
		utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
		return
	}

	faceId, groupName := 1, ""
	query := `SELECT groups.face_id, groups.name FROM groups
        INNER JOIN faces ON faces.id = groups.face_id
        INNER JOIN users ON users.id = faces.user_id
        WHERE users.id = $1 AND groups.id = $2;`
	err = db.QueryRow(query, []interface{}{userId, groupId}).Scan(&faceId, &groupName)

	if (err != nil || faceId == 1 || groupName == "") && !this.isAdmin() {
		utils.SendJSReply(map[string]interface{}{"result": "Вы не являетесь владельцем группы"}, this.Response)
		return
	}

	if db.IsExists("group_registrations", []string{"group_id", "event_id"}, []interface{}{groupId, eventId}) {
		utils.SendJSReply(map[string]interface{}{"result": "Группа уже зарегистрированна в этом мероприятии"}, this.Response)
		return
	}

	var groupregId int
	this.GetModel("group_registrations").
		LoadModelData(map[string]interface{}{"event_id": eventId, "group_id": groupId, "status": false}).
		QueryInsert("RETURNING id").
		Scan(&groupregId)

	query = `SELECT persons.status, persons.group_id, f.id as face_id,
        array_to_string(
        array(
            SELECT param_values.value
            FROM param_values
            INNER JOIN registrations ON registrations.id = param_values.reg_id
            INNER JOIN faces ON faces.id = registrations.face_id
            INNER JOIN events ON events.id = registrations.event_id
            INNER JOIN params ON params.id = param_values.param_id
            WHERE param_values.param_id IN (5, 6, 7) AND events.id = 1 AND faces.id = f.id ORDER BY param_values.param_id
        ), ' ') as name,

        (SELECT param_values.value
            FROM param_values
            INNER JOIN registrations ON registrations.id = param_values.reg_id
            INNER JOIN faces ON faces.id = registrations.face_id
            INNER JOIN events ON events.id = registrations.event_id
            INNER JOIN params ON params.id = param_values.param_id
            WHERE param_values.param_id = 4 AND events.id = 1 AND faces.id = f.id
        ) as email

        FROM persons
        INNER JOIN groups ON groups.id = persons.group_id
        INNER JOIN faces as f ON f.id = persons.face_id
        WHERE groups.id = $1;`
	data := db.Query(query, []interface{}{groupId})

	query = `SELECT params.id FROM events_forms
        INNER JOIN events ON events.id = events_forms.event_id
        INNER JOIN forms ON forms.id = events_forms.form_id
        INNER JOIN params ON forms.id = params.form_id
        WHERE events.id = $1 AND forms.personal = true ORDER BY forms.id;`
	params := db.Query(query, []interface{}{eventId})

	date := time.Now().Format("20060102T15:04:05Z00:00")

	for _, v := range data {
		status := v.(map[string]interface{})["status"].(bool)
		personFaceId := v.(map[string]interface{})["face_id"].(int)
		var personUserId int
		this.GetModel("faces").
			LoadWherePart(map[string]interface{}{"id": personFaceId}).
			SelectRow([]string{"user_id"}).
			Scan(&personUserId)

		if !status {
			continue
		}

		regId := this.regExists(personUserId, eventId)
		if regId == -1 {
			this.GetModel("registrations").
				LoadModelData(map[string]interface{}{
					"face_id":  personFaceId,
					"event_id": eventId,
					"status":   false}).
				QueryInsert("RETURNING id").
				Scan(&regId)

			for _, elem := range params {
				paramId := int(elem.(map[string]interface{})["id"].(int))
				this.GetModel("param_values").
					LoadModelData(map[string]interface{}{
						"param_id": paramId,
						"value":    " ",
						"date":     date,
						"user_id":  userId,
						"reg_id":   regId}).
					QueryInsert("").
					Scan()
			}
		}

		this.GetModel("regs_groupregs").
			LoadModelData(map[string]interface{}{"groupreg_id": groupregId, "reg_id": regId}).
			QueryInsert("").
			Scan()

		to := v.(map[string]interface{})["name"].(string)
		address := v.(map[string]interface{})["email"].(string)
		if !mailer.AttendAnEvent(to, address, eventName, groupName) {
			utils.SendJSReply(map[string]interface{}{"result": "Ошибка. Письмо с уведомлением не отправлено."}, this.Response)
		}
	}

	if teamEvent == true {
		query = `SELECT params.id FROM events_forms
            INNER JOIN events ON events.id = events_forms.event_id
            INNER JOIN forms ON forms.id = events_forms.form_id
            INNER JOIN params ON forms.id = params.form_id
            WHERE events.id = $1 AND forms.personal = false ORDER BY forms.id;`
		params := db.Query(query, []interface{}{eventId})

		var regId int
		this.GetModel("registrations").
			LoadModelData(map[string]interface{}{"face_id": faceId, "event_id": eventId, "status": false}).
			QueryInsert("RETURNING id").
			Scan(&regId)

		for _, elem := range params {
			this.GetModel("param_values").
				LoadModelData(map[string]interface{}{
					"param_id": int(elem.(map[string]interface{})["id"].(int)),
					"value":    " ",
					"date":     date,
					"user_id":  userId,
					"reg_id":   regId}).
				QueryInsert("").
				Scan()
		}

		this.GetModel("regs_groupregs").
			LoadModelData(map[string]interface{}{"groupreg_id": groupregId, "reg_id": regId}).
			QueryInsert("").
			Scan()
	}

	utils.SendJSReply(map[string]interface{}{"result": "ok"}, this.Response)
}