sum7/warehost
sum7
/
warehost
Archived
1
0
Fork 0

[host] add signup and delete

This commit is contained in:
Martin Geno 2016-10-16 19:00:53 +02:00
parent 0649adf82a
commit b2ccc6c987
7 changed files with 198 additions and 75 deletions

View File

@ -2,6 +2,7 @@ package host
import (
"net/http"
"strings"
"github.com/jinzhu/gorm"
"goji.io"
@ -10,6 +11,7 @@ import (
libapi "dev.sum7.eu/sum7/warehost/lib/api"
liblog "dev.sum7.eu/sum7/warehost/lib/log"
system "dev.sum7.eu/sum7/warehost/system"
)
//MODULNAME to get global name for the modul
@ -23,13 +25,45 @@ func BindAPI(db *gorm.DB, router *goji.Mux, prefix string) {
dbconnection = db
log = liblog.NewModulLog(MODULNAME)
router.HandleFuncC(pat.Get(prefix+"/status"), libapi.SessionHandler(status))
router.HandleFuncC(pat.Post(prefix+"/signup"), libapi.SessionHandler(system.LoginHandler(signup)))
router.HandleFuncC(pat.Delete(prefix+"/delete"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(delete))))
}
// Status to get Login and Server status
func status(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) {
returndata = true
logger := log.GetLog(r, "status")
logger.Info("status")
func signup(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) {
login := ctx.Value("login").(*system.Login)
returndata = false
logger := log.GetLog(r, "signup")
run := login.Superadmin
if !run {
var profil Profil
dbconnection.Joins("LEFT JOIN invite invite ON invite.login=host_profil.login").Where("invite.invited=?", login.ID).Find(&profil)
run = profil.Reseller
}
if run {
profil := &Profil{LoginID: login.ID}
if err := dbconnection.Create(profil).Error; err != nil {
if strings.Contains(err.Error(), "duplicate key") {
returndata = false
logger.Warning("exists already")
return
} else {
logger.Error("database: during create host profil: ", err)
returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
w.WriteHeader(http.StatusInternalServerError)
return
}
}
returndata = true
logger.Info("done")
return
}
w.WriteHeader(http.StatusUnauthorized)
logger.Info("not allowed")
return
}
func delete(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) {
profil := ctx.Value("profil").(*Profil)
returndata = true
dbconnection.Unscoped().Delete(profil)
return
}

65
modul/host/api_test.go Normal file
View File

@ -0,0 +1,65 @@
package host
import (
"net/http"
"testing"
"github.com/stretchr/testify/assert"
"dev.sum7.eu/sum7/warehost/system"
"dev.sum7.eu/sum7/warehost/test"
)
func loginTest(session *test.Request, assertion *assert.Assertions) {
result, w := session.JSONRequest("POST", "/login", system.RequestLogin{Username: "root", Password: "root"})
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, true)
}
func TestAPI(t *testing.T) {
assertion, db, router := test.Init(t)
defer db.Close()
//load system Models to database
system.SyncModels(db)
db.Unscoped().Delete(Profil{})
SyncModels(db)
// Bind API
system.BindAPI(db, router, "")
BindAPI(db, router, "/host")
session := test.NewSession(router)
/*
* TEST signup
*/
result, w := session.JSONRequest("POST", "/host/signup", nil)
assertion.Equal(w.StatusCode, http.StatusUnauthorized)
assertion.Equal(result.Data, false)
loginTest(session, assertion)
result, w = session.JSONRequest("POST", "/host/signup", nil)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, true)
result, w = session.JSONRequest("POST", "/host/signup", nil)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, false)
/*
* TEST delete
*/
session.Clean()
result, w = session.JSONRequest("DELETE", "/host/delete", nil)
assertion.Equal(w.StatusCode, http.StatusUnauthorized)
assertion.Equal(result.Data, false)
loginTest(session, assertion)
result, w = session.JSONRequest("DELETE", "/host/delete", nil)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, true)
}

30
modul/host/lib.go Normal file
View File

@ -0,0 +1,30 @@
package host
import (
"net/http"
"golang.org/x/net/context"
libapi "dev.sum7.eu/sum7/warehost/lib/api"
liblog "dev.sum7.eu/sum7/warehost/lib/log"
libsystem "dev.sum7.eu/sum7/warehost/system"
)
//ProfilHandler for api function to get host.Profil
func ProfilHandler(h libapi.Handle) libapi.Handle {
return func(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) {
login := ctx.Value("login").(*libsystem.Login)
returnerr = &libapi.ErrorResult{Fields: []string{"session"}, Message: "no profil found"}
returndata = false
profil := &Profil{LoginID: login.ID}
res := dbconnection.Find(profil)
if !res.RecordNotFound() {
ctx = context.WithValue(ctx, "profil", profil)
returndata, returnerr = h(ctx, w, r)
return
}
liblog.Log.Warn("no profil found")
return
}
}

View File

@ -7,7 +7,7 @@ import (
// Profil struct
type Profil struct {
ID int64
LoginID int64 `sql:"type:bigint NOT NULL REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:login" json:"login"`
LoginID int64 `sql:"type:bigint NOT NULL UNIQUE REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:login" json:"login"`
Reseller bool `sql:"default:false;column:reseller" json:"reseller"`
}

View File

@ -4,7 +4,6 @@ import (
"net/http"
"strconv"
"github.com/astaxie/session"
"goji.io/pat"
"golang.org/x/net/context"
@ -13,35 +12,27 @@ import (
libsystem "dev.sum7.eu/sum7/warehost/system"
)
//InvolveWebsiteHandler for api function to Verifie User ist libloggedin
//InvolveWebsiteHandler for api function to Verifie User ist loggedin
func InvolveWebsiteHandler(h libapi.Handle) libapi.Handle {
return func(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) {
sess := ctx.Value("session").(session.Session)
returnerr = &libapi.ErrorResult{Fields: []string{"session"}, Message: "Not liblogged in"}
login := ctx.Value("login").(libsystem.Login)
returnerr = &libapi.ErrorResult{Fields: []string{"session"}, Message: "Not logged in"}
returndata = false
if login := sess.Get("login"); login != nil {
if loginObj := login.(libsystem.Login); loginObj.Active {
id, err := strconv.ParseInt(pat.Param(ctx, "websiteid"), 10, 64)
if err == nil {
res := dbconnection.Where(map[string]int64{"website": id, "login": loginObj.ID}).Find(&Manager{})
if !res.RecordNotFound() {
ctx = context.WithValue(ctx, "websiteid", id)
returndata, returnerr = h(ctx, w, r)
return
}
returnerr = &libapi.ErrorResult{Fields: []string{"permission"}, Message: "No permission"}
liblog.Log.Info("no Permissions")
return
}
returnerr = &libapi.ErrorResult{Fields: []string{"websiteid"}, Message: "Not a valid websiteid"}
liblog.Log.Warn("invalid websiteid, no integer")
id, err := strconv.ParseInt(pat.Param(ctx, "websiteid"), 10, 64)
if err == nil {
res := dbconnection.Where(map[string]int64{"website": id, "login": login.ID}).Find(&Manager{})
if !res.RecordNotFound() {
ctx = context.WithValue(ctx, "websiteid", id)
returndata, returnerr = h(ctx, w, r)
return
}
liblog.Log.Warn("user not active")
returnerr = &libapi.ErrorResult{Fields: []string{"permission"}, Message: "No permission"}
liblog.Log.Info("no Permissions")
return
}
liblog.Log.Warn("not libloggedin")
returnerr = &libapi.ErrorResult{Fields: []string{"websiteid"}, Message: "Not a valid websiteid"}
liblog.Log.Warn("invalid websiteid, no integer")
return
}
}

View File

@ -4,12 +4,20 @@ import (
"net/http"
"testing"
"github.com/stretchr/testify/assert"
"dev.sum7.eu/sum7/warehost/test"
)
func loginTest(session *test.Request, assertion *assert.Assertions) {
result, w := session.JSONRequest("POST", "/login", RequestLogin{Username: "root", Password: "root"})
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, true)
}
func TestAPI(t *testing.T) {
assert, db, router := test.Init(t)
assertion, db, router := test.Init(t)
defer db.Close()
//load system Models to database
@ -23,105 +31,98 @@ func TestAPI(t *testing.T) {
* TEST status
*/
result, w := session.JSONRequest("GET", "/status", nil)
assert.Equal(w.StatusCode, http.StatusOK)
assert.Nil(result.Error)
assert.Equal(result.Data, true)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Nil(result.Error)
assertion.Equal(result.Data, true)
/*
* TEST login
*/
result, w = session.JSONRequest("POST", "/login", RequestLogin{Username: "root", Password: "root2"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, false)
assert.Equal(result.Error.Fields[0], "password")
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, false)
assertion.Equal(result.Error.Fields[0], "password")
result, w = session.JSONRequest("POST", "/login", RequestLogin{Username: "root2", Password: "root"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, false)
assert.Equal(result.Error.Fields[0], "username")
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, false)
assertion.Equal(result.Error.Fields[0], "username")
result, w = session.JSONRequest("POST", "/login", []byte{2, 3})
assert.Equal(w.StatusCode, http.StatusBadRequest)
assertion.Equal(w.StatusCode, http.StatusBadRequest)
result, w = session.JSONRequest("POST", "/login", RequestLogin{Username: "root", Password: "root"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, true)
//login before
loginTest(session, assertion)
/*
* TEST logout
*/
result, w = session.JSONRequest("GET", "/logout", nil)
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, true)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, true)
// Test if crash on if not login in
result, w = session.JSONRequest("GET", "/logout", nil)
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, false)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, false)
/*
* TEST password
*/
result, w = session.JSONRequest("POST", "/password", ChangePasswordRequest{CurrentPassword: "root", NewPassword: "root-bug"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, false)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, false)
//login before
result, w = session.JSONRequest("POST", "/login", RequestLogin{Username: "root", Password: "root"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, true)
loginTest(session, assertion)
result, w = session.JSONRequest("POST", "/password", []byte{2, 3})
assert.Equal(w.StatusCode, http.StatusBadRequest)
assertion.Equal(w.StatusCode, http.StatusBadRequest)
result, w = session.JSONRequest("POST", "/password", ChangePasswordRequest{CurrentPassword: "root-wrong", NewPassword: "root-bug"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, false)
assert.Equal(result.Error.Fields[0], "currentpassword")
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, false)
assertion.Equal(result.Error.Fields[0], "currentpassword")
result, w = session.JSONRequest("POST", "/password", ChangePasswordRequest{CurrentPassword: "root", NewPassword: ""})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, false)
assert.Equal(result.Error.Fields[0], "newpassword")
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, false)
assertion.Equal(result.Error.Fields[0], "newpassword")
result, w = session.JSONRequest("POST", "/password", ChangePasswordRequest{CurrentPassword: "root", NewPassword: "root-tmp"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, true)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, true)
result, w = session.JSONRequest("POST", "/password", ChangePasswordRequest{CurrentPassword: "root-tmp", NewPassword: "root"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, true)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, true)
/*
* TEST inviteList
*/
session.Clean()
result, w = session.JSONRequest("GET", "/invite", nil)
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, false)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, false)
//login before
result, w = session.JSONRequest("POST", "/login", RequestLogin{Username: "root", Password: "root"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, true)
loginTest(session, assertion)
result, w = session.JSONRequest("GET", "/invite", nil)
assert.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(w.StatusCode, http.StatusOK)
/*
* TEST loginList
*/
session.Clean()
result, w = session.JSONRequest("GET", "/user", nil)
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, false)
assertion.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(result.Data, false)
//login before
result, w = session.JSONRequest("POST", "/login", RequestLogin{Username: "root", Password: "root"})
assert.Equal(w.StatusCode, http.StatusOK)
assert.Equal(result.Data, true)
loginTest(session, assertion)
result, w = session.JSONRequest("GET", "/user", nil)
assert.Equal(w.StatusCode, http.StatusOK)
assertion.Equal(w.StatusCode, http.StatusOK)
}

View File

@ -23,9 +23,11 @@ func LoginHandler(h libapi.Handle) libapi.Handle {
return
}
returnerr = &libapi.ErrorResult{Fields: []string{"session"}, Message: "Not active user"}
w.WriteHeader(http.StatusUnauthorized)
liblog.Log.Warn("user not active")
return
}
w.WriteHeader(http.StatusUnauthorized)
returnerr = &libapi.ErrorResult{Fields: []string{"session"}, Message: "Not logged in"}
liblog.Log.Warn("not loggedin")
return