示例#1
0
func (m *MemberDetailHandler) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
	var user string = m.auth.GetAuthenticatedUser(req)
	var member *membersys.MembershipAgreement
	var memberid string = req.FormValue("email")
	var enc *json.Encoder
	var err error

	if user == "" {
		rw.WriteHeader(http.StatusUnauthorized)
		return
	}

	if len(memberid) == 0 {
		rw.WriteHeader(http.StatusLengthRequired)
		rw.Write([]byte("No email given"))
		return
	}

	member, err = m.database.GetMemberDetail(memberid)
	if err != nil {
		rw.WriteHeader(http.StatusInternalServerError)
		rw.Write([]byte("Error fetching member details: " +
			err.Error()))
		return
	}

	if member.MemberData.GetUsername() != user && len(m.admingroup) > 0 &&
		!m.auth.IsAuthenticatedScope(req, m.admingroup) {
		rw.WriteHeader(http.StatusForbidden)
		rw.Write([]byte("Only admin users may look at other accounts"))
		return
	}

	// Trash the membership agreement, transmitting it over HTTP doesn't
	// make much sense.
	member.AgreementPdf = make([]byte, 0)

	// The password hash is off limits too.
	member.MemberData.Pwhash = nil

	rw.Header().Set("Content-Type", "application/json; encoding=utf8")
	enc = json.NewEncoder(rw)
	if err = enc.Encode(member); err != nil {
		rw.WriteHeader(http.StatusInternalServerError)
		rw.Write([]byte("Error encoding JSON structure: " + err.Error()))
		return
	}
}
示例#2
0
// Serve the list of current membership applications to the requestor.
func (m *TotalListHandler) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
	var user string
	var all_records TotalRecordList
	var err error

	if user = m.auth.GetAuthenticatedUser(req); user == "" {
		m.auth.RequestAuthorization(rw, req)
		return
	}

	if len(m.admingroup) > 0 && !m.auth.IsAuthenticatedScope(req, m.admingroup) {
		var agreement *membersys.MembershipAgreement

		agreement, err = m.database.GetMemberDetailByUsername(user)
		if err != nil {
			log.Print("Can't get membership agreement for ", user, ": ", err)
			return
		}

		err = m.uniqueMemberTemplate.ExecuteTemplate(rw, "memberdetail.html",
			agreement.GetMemberData())
		if err != nil {
			log.Print("Can't run membership detail template: ", err)
		}

		return
	}

	all_records.Applicants, err = m.database.EnumerateMembershipRequests(
		req.FormValue("applicant_criterion"),
		req.FormValue("applicant_start"), m.pagesize)
	if err != nil {
		log.Print("Unable to list applicants from ",
			req.FormValue("applicant_start"), ": ", err)
	}

	all_records.Members, err = m.database.EnumerateMembers(
		req.FormValue("member_start"), m.pagesize)
	if err != nil {
		log.Print("Unable to list members from ",
			req.FormValue("member_start"), ": ", err)
	}

	all_records.Queue, err = m.database.EnumerateQueuedMembers(
		req.FormValue("queued_start"), m.pagesize)
	if err != nil {
		log.Print("Unable to list queued members from ",
			req.FormValue("queued_start"), ": ", err)
	}

	all_records.DeQueue, err = m.database.EnumerateDeQueuedMembers(
		req.FormValue("queued_start"), m.pagesize)
	if err != nil {
		log.Print("Unable to list dequeued members from ",
			req.FormValue("queued_start"), ": ", err)
	}

	all_records.Trash, err = m.database.EnumerateTrashedMembers(
		req.FormValue("trashed_start"), m.pagesize)
	if err != nil {
		log.Print("Unable to list trashed members from ",
			req.FormValue("trashed_start"), ": ", err)
	}

	all_records.ApprovalCsrfToken, err = m.auth.GenCSRFToken(
		req, applicantApprovalURL, 10*time.Minute)
	if err != nil {
		log.Print("Error generating approval CSRF token: ", err)
	}
	all_records.RejectionCsrfToken, err = m.auth.GenCSRFToken(
		req, applicantRejectionURL, 10*time.Minute)
	if err != nil {
		log.Print("Error generating rejection CSRF token: ", err)
	}
	all_records.UploadCsrfToken, err = m.auth.GenCSRFToken(
		req, applicantAgreementUploadURL, 10*time.Minute)
	if err != nil {
		log.Print("Error generating agreement upload CSRF token: ", err)
	}
	all_records.CancelCsrfToken, err = m.auth.GenCSRFToken(
		req, queueCancelURL, 10*time.Minute)
	if err != nil {
		log.Print("Error generating queue cancellation CSRF token: ", err)
	}
	all_records.GoodbyeCsrfToken, err = m.auth.GenCSRFToken(
		req, memberGoodbyeURL, 10*time.Minute)
	if err != nil {
		log.Print("Error generating member goodbye CSRF token: ", err)
	}

	all_records.PageSize = m.pagesize

	err = m.template.ExecuteTemplate(rw, "memberlist.html", all_records)
	if err != nil {
		log.Print("Error executing member list template: ", err)
	}
}
// Output a JSON list of all applicants currently waiting to become members.
func (a *ApplicantListHandler) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
	var applist applicantListType
	var enc *json.Encoder
	var err error

	if !a.auth.IsAuthenticatedScope(req, a.admingroup) {
		rw.WriteHeader(http.StatusUnauthorized)
		return
	}

	if req.FormValue("single") == "true" && len(req.FormValue("start")) > 0 {
		var memberreq *membersys.MembershipAgreement
		var mwk *membersys.MemberWithKey
		var bigint *big.Int = big.NewInt(0)
		var uuid cassandra.UUID
		var ok bool
		bigint, ok = bigint.SetString(req.FormValue("start"), 10)
		if !ok {
			rw.WriteHeader(http.StatusInternalServerError)
			rw.Write([]byte("Unable to parse " + req.FormValue("start") +
				" as a number"))
			return
		}
		if bigint.BitLen() == 128 {
			uuid = cassandra.UUIDFromBytes(bigint.Bytes())
			memberreq, _, err = a.database.GetMembershipRequest(
				uuid.String(), "application", "applicant:")
			if err != nil {
				rw.WriteHeader(http.StatusInternalServerError)
				rw.Write([]byte("Unable to retrieve the membership request " +
					uuid.String() + ": " + err.Error()))
				return
			}
			mwk = new(membersys.MemberWithKey)
			mwk.Key = uuid.String()
			proto.Merge(&mwk.Member, memberreq.GetMemberData())
			applist.Applicants = []*membersys.MemberWithKey{mwk}
		}
	} else {
		applist.Applicants, err = a.database.EnumerateMembershipRequests(
			req.FormValue("criterion"), req.FormValue("start"), a.pagesize)
		if err != nil {
			log.Print("Error enumerating applications: ", err)
			rw.WriteHeader(http.StatusInternalServerError)
			rw.Write([]byte("Error enumerating applications: " + err.Error()))
			return
		}
	}

	applist.AgreementUploadCsrfToken, err = a.auth.GenCSRFToken(
		req, applicantAgreementUploadURL, 10*time.Minute)
	if err != nil {
		log.Print("Error generating CSRF token: ", err)
		rw.WriteHeader(http.StatusInternalServerError)
		rw.Write([]byte("Error generating CSRF token: " + err.Error()))
		return
	}

	applist.ApprovalCsrfToken, err = a.auth.GenCSRFToken(
		req, applicantApprovalURL, 10*time.Minute)
	if err != nil {
		log.Print("Error generating CSRF token: ", err)
		rw.WriteHeader(http.StatusInternalServerError)
		rw.Write([]byte("Error generating CSRF token: " + err.Error()))
		return
	}

	applist.RejectionCsrfToken, err = a.auth.GenCSRFToken(
		req, applicantRejectionURL, 10*time.Minute)
	if err != nil {
		log.Print("Error generating CSRF token: ", err)
		rw.WriteHeader(http.StatusInternalServerError)
		rw.Write([]byte("Error generating CSRF token: " + err.Error()))
		return
	}

	rw.Header().Set("Content-Type", "application/json; encoding=utf8")
	enc = json.NewEncoder(rw)
	if err = enc.Encode(applist); err != nil {
		log.Print("Error JSON encoding member list: ", err)
		rw.WriteHeader(http.StatusInternalServerError)
		rw.Write([]byte("Error encoding result: " + err.Error()))
		return
	}
}
func main() {
	var db *membersys.MembershipDB
	var agreement *membersys.MembershipAgreement
	var config membersys.MemberCreatorConfig
	var wm *membersys.WelcomeMail
	var config_contents []byte
	var config_path string
	var lookup_key string
	var help bool
	var err error

	flag.BoolVar(&help, "help", false, "Display help")
	flag.StringVar(&config_path, "config", "",
		"Path to the member creator configuration file")
	flag.StringVar(&lookup_key, "key", "",
		"Key of the user record to look up")
	flag.Parse()

	if help || config_path == "" {
		flag.Usage()
		os.Exit(1)
	}

	config_contents, err = ioutil.ReadFile(config_path)
	if err != nil {
		log.Fatal("Unable to read ", config_path, ": ", err)
	}
	err = proto.Unmarshal(config_contents, &config)
	if err != nil {
		err = proto.UnmarshalText(string(config_contents), &config)
	}
	if err != nil {
		log.Fatal("Error parsing ", config_path, ": ", err)
	}

	db, err = membersys.NewMembershipDB(
		config.DatabaseConfig.GetDatabaseServer(),
		config.DatabaseConfig.GetDatabaseName(),
		time.Duration(config.DatabaseConfig.GetDatabaseTimeout())*time.Millisecond)
	if err != nil {
		log.Fatal("Unable to connect to the cassandra DB ",
			config.DatabaseConfig.GetDatabaseServer(), " at ",
			config.DatabaseConfig.GetDatabaseName(), ": ", err)
	}

	wm, err = membersys.NewWelcomeMail(config.GetWelcomeMailConfig())
	if err != nil {
		log.Fatal("Error setting up mailer: ", err)
	}

	agreement, err = db.GetMemberDetail(lookup_key)
	if err != nil {
		log.Fatal("Error fetching member ", lookup_key, ": ", err)
	}

	err = wm.SendMail(agreement.GetMemberData())
	if err != nil {
		log.Fatal("Error sending mail to ",
			agreement.GetMemberData().GetEmail(), ": ", err)
	}
}