2022-06-29 21:26:05 -04:00
|
|
|
package controllers
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2023-02-09 01:07:31 -03:00
|
|
|
"errors"
|
2022-06-29 21:26:05 -04:00
|
|
|
"net/http"
|
|
|
|
"strconv"
|
|
|
|
|
2022-07-22 23:00:31 -04:00
|
|
|
"git.cromer.cl/Proyecto-Titulo/alai-server/backend/database"
|
2023-02-09 01:07:31 -03:00
|
|
|
"git.cromer.cl/Proyecto-Titulo/alai-server/backend/middlewares"
|
2022-07-22 23:00:31 -04:00
|
|
|
"git.cromer.cl/Proyecto-Titulo/alai-server/backend/models"
|
|
|
|
"git.cromer.cl/Proyecto-Titulo/alai-server/backend/utils"
|
|
|
|
|
2022-06-29 21:26:05 -04:00
|
|
|
"github.com/julienschmidt/httprouter"
|
|
|
|
)
|
|
|
|
|
2023-02-01 14:38:42 -03:00
|
|
|
func ListUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) {
|
2022-06-29 21:26:05 -04:00
|
|
|
gdb := database.Connect()
|
|
|
|
defer database.Close(gdb)
|
|
|
|
|
|
|
|
var users []models.User
|
|
|
|
|
2023-02-01 16:20:29 -03:00
|
|
|
queryParams := request.URL.Query()
|
|
|
|
|
2023-02-01 21:55:47 -03:00
|
|
|
limit, offset, err := utils.GetLimitOffset(queryParams)
|
|
|
|
if err != nil {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error())
|
|
|
|
return
|
2023-02-01 16:20:29 -03:00
|
|
|
}
|
|
|
|
|
2023-02-01 17:56:56 -03:00
|
|
|
filters := []string{
|
|
|
|
"name",
|
|
|
|
"username",
|
|
|
|
"email",
|
|
|
|
"password",
|
|
|
|
}
|
|
|
|
|
|
|
|
whereClause, err := utils.GenerateWhereFilter(filters, queryParams)
|
|
|
|
if err != nil {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
result := gdb.Model(&models.User{}).Where(whereClause).Order("ID asc").Limit(limit).Offset(offset).Find(&users)
|
2022-06-29 21:26:05 -04:00
|
|
|
if result.Error != nil {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error())
|
|
|
|
return
|
|
|
|
} else {
|
|
|
|
writer.Header().Set("Content-Type", "application/json")
|
|
|
|
writer.WriteHeader(http.StatusOK)
|
2023-02-12 02:49:33 -03:00
|
|
|
|
|
|
|
var usersPublic []models.UserPublic
|
|
|
|
for _, user := range users {
|
|
|
|
usersPublic = append(usersPublic, models.UserPublic{User: user})
|
|
|
|
}
|
|
|
|
|
|
|
|
json.NewEncoder(writer).Encode(usersPublic)
|
2022-06-29 21:26:05 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func GetUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) {
|
|
|
|
gdb := database.Connect()
|
|
|
|
defer database.Close(gdb)
|
|
|
|
|
|
|
|
var user models.User
|
|
|
|
|
|
|
|
result := gdb.Model(&models.User{}).Find(&user, params.ByName("id"))
|
|
|
|
if result.Error != nil {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error())
|
|
|
|
return
|
|
|
|
} else if result.RowsAffected == 0 {
|
2023-01-27 23:51:40 -03:00
|
|
|
writer.WriteHeader(http.StatusNotFound)
|
2022-06-29 21:26:05 -04:00
|
|
|
return
|
|
|
|
} else {
|
|
|
|
writer.Header().Set("Content-Type", "application/json")
|
|
|
|
writer.WriteHeader(http.StatusOK)
|
2023-02-12 02:49:33 -03:00
|
|
|
json.NewEncoder(writer).Encode(models.UserPublic{User: user})
|
2022-06-29 21:26:05 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-01-27 23:51:40 -03:00
|
|
|
func CreateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) {
|
2022-06-29 21:26:05 -04:00
|
|
|
gdb := database.Connect()
|
|
|
|
defer database.Close(gdb)
|
|
|
|
|
2023-01-30 09:33:59 -03:00
|
|
|
var user models.User
|
|
|
|
|
|
|
|
decoder := json.NewDecoder(request.Body)
|
|
|
|
|
|
|
|
err := decoder.Decode(&user)
|
2023-01-30 09:35:43 -03:00
|
|
|
if err != nil {
|
2023-01-30 09:33:59 -03:00
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error())
|
|
|
|
return
|
2023-01-27 23:51:40 -03:00
|
|
|
}
|
2023-01-30 09:33:59 -03:00
|
|
|
|
|
|
|
user.HashPassword(user.Password)
|
2022-06-29 21:26:05 -04:00
|
|
|
|
2023-01-27 23:51:40 -03:00
|
|
|
result := gdb.Create(&user)
|
|
|
|
if result.Error != nil {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error())
|
2022-06-29 21:26:05 -04:00
|
|
|
return
|
2023-01-27 23:51:40 -03:00
|
|
|
} else {
|
|
|
|
writer.WriteHeader(http.StatusNoContent)
|
2022-06-29 21:26:05 -04:00
|
|
|
}
|
2023-01-27 23:51:40 -03:00
|
|
|
}
|
2022-06-29 21:26:05 -04:00
|
|
|
|
2023-01-27 23:51:40 -03:00
|
|
|
func UpdateUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) {
|
|
|
|
gdb := database.Connect()
|
|
|
|
defer database.Close(gdb)
|
|
|
|
|
2023-02-09 01:07:31 -03:00
|
|
|
claims := request.Context().Value(middlewares.JWTContextKey).(*utils.JWTClaim)
|
|
|
|
username := claims.Username
|
|
|
|
|
2023-01-27 23:51:40 -03:00
|
|
|
var user models.User
|
|
|
|
|
2023-01-30 09:33:59 -03:00
|
|
|
decoder := json.NewDecoder(request.Body)
|
2023-01-27 23:51:40 -03:00
|
|
|
|
2023-01-30 09:33:59 -03:00
|
|
|
err := decoder.Decode(&user)
|
2023-01-30 09:35:43 -03:00
|
|
|
if err != nil {
|
2023-01-30 09:33:59 -03:00
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error())
|
|
|
|
return
|
|
|
|
}
|
2023-01-27 23:51:40 -03:00
|
|
|
|
2023-01-30 09:33:59 -03:00
|
|
|
user.ID, err = strconv.ParseUint(params.ByName("id"), 10, 64)
|
2023-01-30 09:35:43 -03:00
|
|
|
if err != nil {
|
2023-01-30 09:33:59 -03:00
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, err.Error())
|
|
|
|
return
|
2022-06-29 21:26:05 -04:00
|
|
|
}
|
|
|
|
|
2023-02-09 01:07:31 -03:00
|
|
|
if user.NewPassword != "" {
|
|
|
|
var tmpUser models.User
|
|
|
|
|
2023-02-10 22:37:00 -03:00
|
|
|
result := gdb.Where(&models.User{Username: username}).Find(&tmpUser)
|
2023-02-09 01:07:31 -03:00
|
|
|
if result.Error != nil {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error())
|
|
|
|
return
|
|
|
|
} else if result.RowsAffected == 0 {
|
|
|
|
writer.WriteHeader(http.StatusNotFound)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// If the logged in user and the modified user are no the same, password can't be changed
|
|
|
|
if tmpUser.ID != user.ID {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, errors.New("only the same user may change password").Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
err = tmpUser.CheckPassword(user.Password)
|
|
|
|
if err != nil {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, errors.New("incorrect user or password").Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
user.HashPassword(user.NewPassword)
|
|
|
|
} else {
|
|
|
|
user.Password = ""
|
2023-01-30 09:33:59 -03:00
|
|
|
}
|
2023-01-27 23:51:40 -03:00
|
|
|
|
|
|
|
result := gdb.Updates(&user)
|
|
|
|
if result.Error != nil {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error())
|
2022-07-22 22:17:29 -04:00
|
|
|
return
|
2023-01-27 23:51:40 -03:00
|
|
|
} else if result.RowsAffected == 0 {
|
|
|
|
writer.WriteHeader(http.StatusNotFound)
|
|
|
|
return
|
|
|
|
} else {
|
|
|
|
writer.WriteHeader(http.StatusNoContent)
|
2022-07-22 22:17:29 -04:00
|
|
|
}
|
2023-01-27 23:51:40 -03:00
|
|
|
}
|
2022-06-29 21:26:05 -04:00
|
|
|
|
2023-01-27 23:51:40 -03:00
|
|
|
func DeleteUser(writer http.ResponseWriter, request *http.Request, params httprouter.Params) {
|
|
|
|
gdb := database.Connect()
|
|
|
|
defer database.Close(gdb)
|
2022-06-29 21:26:05 -04:00
|
|
|
|
2023-01-27 23:51:40 -03:00
|
|
|
var user models.User
|
|
|
|
user.ID, _ = strconv.ParseUint(params.ByName("id"), 10, 64)
|
|
|
|
|
2023-02-06 22:33:25 -03:00
|
|
|
result := gdb.Unscoped().Delete(&user)
|
2023-01-27 23:51:40 -03:00
|
|
|
if result.Error != nil {
|
|
|
|
utils.JSONErrorOutput(writer, http.StatusBadRequest, result.Error.Error())
|
|
|
|
return
|
|
|
|
} else if result.RowsAffected == 0 {
|
|
|
|
writer.WriteHeader(http.StatusNotFound)
|
|
|
|
return
|
|
|
|
} else {
|
|
|
|
writer.WriteHeader(http.StatusNoContent)
|
|
|
|
}
|
2022-06-29 21:26:05 -04:00
|
|
|
}
|