[web] website crud

.gitignore

@@ -1,4 +1,4 @@
-/webroot
+!/webroot
 /web_webroot
 cmd/warehost/warehost
 cmd/warehost-web/warehost-web

modul/web/api.go

@@ -1,6 +1,7 @@
 package web
 
 import (
+	"encoding/json"
 	"net/http"
 
 	"github.com/astaxie/session"
@@ -33,7 +34,9 @@ func NewAPI(config *libconfig.Config, sessions *session.Manager, dbconnection *g
 		log:          log.NewModulLog(MODULNAME),
 	}
 	router.GET(prefix+"/involve", libsystem.LoginHandler(api.Involve, sessions))
-	router.POST(prefix+"/web", libsystem.LoginHandler(api.WebsiteAdd, sessions))
+	router.POST(prefix+"/website", libsystem.LoginHandler(api.WebsiteAdd, sessions))
+	router.PUT(prefix+"/website/:websiteid", InvolveWebsiteHandler(api.WebsiteEdit, sessions, dbconnection))
+	router.DELETE(prefix+"/website/:websiteid", InvolveWebsiteHandler(api.WebsiteDelete, sessions, dbconnection))
 }
 
 // Involve to get Website where loggend in user has privilegs
@@ -51,6 +54,73 @@ func (api *API) Involve(w http.ResponseWriter, r *http.Request, _ httprouter.Par
 func (api *API) WebsiteAdd(w http.ResponseWriter, r *http.Request, _ httprouter.Params, sess session.Session, login *libsystem.Login) (returndata interface{}, returnerr *libapi.ErrorResult) {
 	returndata = false
 	logger := api.log.GetLog(r, "websiteadd")
-	logger.Warn("not implemented")
+	tx := api.dbconnection.Begin()
+	var websiteRequest Website
+	err := json.NewDecoder(r.Body).Decode(&websiteRequest)
+	if err != nil {
+		tx.Rollback()
+		logger.Error("fetch request")
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		returnerr = &libapi.ErrorResult{Message: "Internal Request Error"}
+		return
+	}
+	website := &Website{Name: websiteRequest.Name}
+	if err := tx.Create(website).Error; err != nil {
+		tx.Rollback()
+		logger.Error("error during Website")
+		returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
+		return
+	}
+
+	if err := tx.Create(&Manager{LoginID: login.ID, WebsiteID: website.ID}).Error; err != nil {
+		tx.Rollback()
+		logger.Error("error during Manager")
+		returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
+		return
+	}
+
+	tx.Commit()
+	returndata = true
+	logger.Info("okay")
+	return
+}
+
+// WebsiteEdit to edit website
+func (api *API) WebsiteEdit(w http.ResponseWriter, r *http.Request, _ httprouter.Params, sess session.Session, login *libsystem.Login, websiteid int64) (returndata interface{}, returnerr *libapi.ErrorResult) {
+	returndata = false
+	logger := api.log.GetLog(r, "websiteedit")
+	var websiteRequest Website
+	err := json.NewDecoder(r.Body).Decode(&websiteRequest)
+	if err != nil {
+		logger.Error("fetch request")
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		returnerr = &libapi.ErrorResult{Message: "Internal Request Error"}
+		return
+	}
+	websiteRequest.ID = websiteid
+	if err := api.dbconnection.Save(websiteRequest).Error; err != nil {
+		logger.Error("Database: during edit Website")
+		returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
+		return
+	}
+	returndata = true
+	logger.Warn("okay")
+	return
+}
+
+// WebsiteDelete to delete website
+func (api *API) WebsiteDelete(w http.ResponseWriter, r *http.Request, _ httprouter.Params, sess session.Session, login *libsystem.Login, websiteid int64) (returndata interface{}, returnerr *libapi.ErrorResult) {
+	returndata = false
+	logger := api.log.GetLog(r, "websitedelete")
+	website := &Website{
+		ID: websiteid,
+	}
+	if err := api.dbconnection.Unscoped().Delete(website).Error; err != nil {
+		logger.Error("database: during delete website")
+		returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
+		return
+	}
+	returndata = true
+	logger.Warn("okay")
 	return
 }

modul/web/lib.go

@@ -1 +1,50 @@
 package web
+
+import (
+	"net/http"
+	"strconv"
+
+	"github.com/astaxie/session"
+	"github.com/jinzhu/gorm"
+	"github.com/julienschmidt/httprouter"
+
+	libapi "dev.sum7.de/sum7/warehost/lib/api"
+	log "dev.sum7.de/sum7/warehost/lib/log"
+	libsystem "dev.sum7.de/sum7/warehost/system"
+)
+
+// Handle to handle request with session and current logged in user
+type Handle func(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *libsystem.Login, id int64) (interface{}, *libapi.ErrorResult)
+
+//InvolveWebsiteHandler for api function to Verifie User ist loggedin
+func InvolveWebsiteHandler(h Handle, sessions *session.Manager, dbconnection *gorm.DB) httprouter.Handle {
+	return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
+		sess := sessions.SessionStart(w, r)
+		err := &libapi.ErrorResult{Fields: []string{"session"}, Message: "Not logged in"}
+		var data interface{}
+		data = false
+
+		if login := sess.Get("login"); login != nil {
+			if loginObj := login.(libsystem.Login); loginObj.Active {
+				id, errI := strconv.ParseInt(ps.ByName("websiteid"), 10, 64)
+				if errI != nil {
+					err = &libapi.ErrorResult{Fields: []string{"websiteid"}, Message: "Not a valid websiteid"}
+					log.Log.Warn("invalid websiteid, no integer")
+				} else {
+					res := dbconnection.Where(map[string]int64{"website": id, "login": loginObj.ID}).Find(&Manager{})
+					if !res.RecordNotFound() {
+						data, err = h(w, r, ps, sess, &loginObj, id)
+					} else {
+						err = &libapi.ErrorResult{Fields: []string{"permission"}, Message: "No permission"}
+						log.Log.Info("no Permissions")
+					}
+				}
+			} else {
+				log.Log.Warn("user not active")
+			}
+		} else {
+			log.Log.Warn("not loggedin")
+		}
+		libapi.JSONOutput(w, r, sess, data, err)
+	}
+}

system/api.go

@@ -158,13 +158,13 @@ func (api *API) Password(w http.ResponseWriter, r *http.Request, _ httprouter.Pa
 func (api *API) Delete(w http.ResponseWriter, r *http.Request, _ httprouter.Params, sess session.Session, login *Login) (returndata interface{}, returnerr *libapi.ErrorResult) {
 	returndata = false
 	logger := api.log.GetLog(r, "delete")
-	logger.Warn("login delete")
 	sess.Delete("login")
 	if err := api.dbconnection.Unscoped().Delete(login).Error; err != nil {
 		logger.Warn("error detete login")
 		returnerr = &libapi.ErrorResult{Message: "Error delete login"}
 		return
 	}
+	logger.Warn("login delete")
 	returndata = true
 	return
 }
@@ -217,8 +217,7 @@ func (api *API) InviteAdd(w http.ResponseWriter, r *http.Request, _ httprouter.P
 func (api *API) LoginEdit(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *Login) (returndata interface{}, returnerr *libapi.ErrorResult) {
 	returndata = false
 	logger := api.log.GetLog(r, "loginedit")
-	tmpID64, err := strconv.ParseUint(ps.ByName("id"), 10, 32)
+	id, err := strconv.ParseInt(ps.ByName("id"), 10, 64)
-	id := uint(tmpID64)
 	if err != nil {
 		returnerr = &libapi.ErrorResult{Message: "Error invalid input"}
 		logger.Warn("invalid userinput, no integer")
@@ -236,7 +235,7 @@ func (api *API) LoginEdit(w http.ResponseWriter, r *http.Request, ps httprouter.
 	}
 
 	api.dbconnection.Where("id = ?", invitedLogin.ID).First(&invitedLogin)
-	invite := login.GetInvitedby(api.dbconnection)
+	invite := invitedLogin.GetInvitedby(api.dbconnection)
 	if !login.Superadmin && !invite.Admin && invitedLogin.CreateAt.Before(invitedLogin.LastLoginAt) {
 		logger.Warn("no permission")
 		returnerr = &libapi.ErrorResult{Message: "Error no permission to edit this invite"}
@@ -262,8 +261,7 @@ func (api *API) LoginEdit(w http.ResponseWriter, r *http.Request, ps httprouter.
 func (api *API) LoginDelete(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *Login) (returndata interface{}, returnerr *libapi.ErrorResult) {
 	returndata = false
 	logger := api.log.GetLog(r, "logindelete")
-	tmpID64, err := strconv.ParseUint(ps.ByName("id"), 10, 32)
+	id, err := strconv.ParseInt(ps.ByName("id"), 10, 64)
-	id := uint(tmpID64)
 	if err != nil {
 		returnerr = &libapi.ErrorResult{Message: "Error invalid input"}
 		logger.Warn("invalid userinput, no integer")
@@ -272,7 +270,7 @@ func (api *API) LoginDelete(w http.ResponseWriter, r *http.Request, ps httproute
 	logger = logger.WithField("id", id)
 	var invitedLogin = Login{ID: id}
 	api.dbconnection.Where("id = ?", invitedLogin.ID).First(&invitedLogin)
-	invite := login.GetInvitedby(api.dbconnection)
+	invite := invitedLogin.GetInvitedby(api.dbconnection)
 	if !login.Superadmin && !invite.Admin && invitedLogin.CreateAt.Before(invitedLogin.LastLoginAt) {
 		logger.Warn("no permission")
 		returnerr = &libapi.ErrorResult{Message: "Error no permission to delete this invite"}

system/lib.go

@@ -7,6 +7,7 @@ import (
 	"github.com/julienschmidt/httprouter"
 
 	libapi "dev.sum7.de/sum7/warehost/lib/api"
+	log "dev.sum7.de/sum7/warehost/lib/log"
 )
 
 // Handle to handle request with session and current logged in user
@@ -23,7 +24,11 @@ func LoginHandler(h Handle, sessions *session.Manager) httprouter.Handle {
 		if login := sess.Get("login"); login != nil {
 			if loginObj := login.(Login); loginObj.Active {
 				data, err = h(w, r, ps, sess, &loginObj)
+			} else {
+				log.Log.Warn("user not active")
 			}
+		} else {
+			log.Log.Warn("not loggedin")
 		}
 		libapi.JSONOutput(w, r, sess, data, err)
 	}

system/models.go

@@ -34,7 +34,7 @@ type ChangePasswordRequest struct {
 
 // Login found
 type Login struct {
-	ID          uint
+	ID          int64
 	Username    string    `gorm:"type:varchar(255);unique;column:mail" json:"username"`
 	Password    string    `gorm:"type:varchar(255);column:password" json:"-"`
 	Active      bool      `gorm:"default:false;column:active" json:"active"`
@@ -47,9 +47,9 @@ type Login struct {
 
 // Invite struct
 type Invite struct {
-	LoginID   uint  `sql:"type:bigint REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:login;primary_key"`
+	LoginID   int64 `sql:"type:bigint REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:login;primary_key"`
 	Login     Login `gorm:"column:login" json:"login"`
-	InvitedID uint  `sql:"type:bigint REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:invited;primary_key"`
+	InvitedID int64 `sql:"type:bigint REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:invited;primary_key"`
 	Invited   Login `gorm:"column:invited" json:"invited"`
 	Admin     bool  `sql:"default:false" json:"admin"`
 }

webroot

@@ -1 +1 @@
-Subproject commit 908f09a014e1ad086771b11b0931929e844ffe25
+Subproject commit c9fd753cfa6904337406706a94dbc5f4af43d4bb