[web] website crud
This commit is contained in:
parent
cd8a5fbf89
commit
b3b7222187
|
|
@ -1,4 +1,4 @@
|
|||
/webroot
|
||||
!/webroot
|
||||
/web_webroot
|
||||
cmd/warehost/warehost
|
||||
cmd/warehost-web/warehost-web
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package web
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
|
||||
"github.com/astaxie/session"
|
||||
|
|
@ -33,7 +34,9 @@ func NewAPI(config *libconfig.Config, sessions *session.Manager, dbconnection *g
|
|||
log: log.NewModulLog(MODULNAME),
|
||||
}
|
||||
router.GET(prefix+"/involve", libsystem.LoginHandler(api.Involve, sessions))
|
||||
router.POST(prefix+"/web", libsystem.LoginHandler(api.WebsiteAdd, sessions))
|
||||
router.POST(prefix+"/website", libsystem.LoginHandler(api.WebsiteAdd, sessions))
|
||||
router.PUT(prefix+"/website/:websiteid", InvolveWebsiteHandler(api.WebsiteEdit, sessions, dbconnection))
|
||||
router.DELETE(prefix+"/website/:websiteid", InvolveWebsiteHandler(api.WebsiteDelete, sessions, dbconnection))
|
||||
}
|
||||
|
||||
// Involve to get Website where loggend in user has privilegs
|
||||
|
|
@ -51,6 +54,73 @@ func (api *API) Involve(w http.ResponseWriter, r *http.Request, _ httprouter.Par
|
|||
func (api *API) WebsiteAdd(w http.ResponseWriter, r *http.Request, _ httprouter.Params, sess session.Session, login *libsystem.Login) (returndata interface{}, returnerr *libapi.ErrorResult) {
|
||||
returndata = false
|
||||
logger := api.log.GetLog(r, "websiteadd")
|
||||
logger.Warn("not implemented")
|
||||
tx := api.dbconnection.Begin()
|
||||
var websiteRequest Website
|
||||
err := json.NewDecoder(r.Body).Decode(&websiteRequest)
|
||||
if err != nil {
|
||||
tx.Rollback()
|
||||
logger.Error("fetch request")
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
returnerr = &libapi.ErrorResult{Message: "Internal Request Error"}
|
||||
return
|
||||
}
|
||||
website := &Website{Name: websiteRequest.Name}
|
||||
if err := tx.Create(website).Error; err != nil {
|
||||
tx.Rollback()
|
||||
logger.Error("error during Website")
|
||||
returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
|
||||
return
|
||||
}
|
||||
|
||||
if err := tx.Create(&Manager{LoginID: login.ID, WebsiteID: website.ID}).Error; err != nil {
|
||||
tx.Rollback()
|
||||
logger.Error("error during Manager")
|
||||
returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
|
||||
return
|
||||
}
|
||||
|
||||
tx.Commit()
|
||||
returndata = true
|
||||
logger.Info("okay")
|
||||
return
|
||||
}
|
||||
|
||||
// WebsiteEdit to edit website
|
||||
func (api *API) WebsiteEdit(w http.ResponseWriter, r *http.Request, _ httprouter.Params, sess session.Session, login *libsystem.Login, websiteid int64) (returndata interface{}, returnerr *libapi.ErrorResult) {
|
||||
returndata = false
|
||||
logger := api.log.GetLog(r, "websiteedit")
|
||||
var websiteRequest Website
|
||||
err := json.NewDecoder(r.Body).Decode(&websiteRequest)
|
||||
if err != nil {
|
||||
logger.Error("fetch request")
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
returnerr = &libapi.ErrorResult{Message: "Internal Request Error"}
|
||||
return
|
||||
}
|
||||
websiteRequest.ID = websiteid
|
||||
if err := api.dbconnection.Save(websiteRequest).Error; err != nil {
|
||||
logger.Error("Database: during edit Website")
|
||||
returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
|
||||
return
|
||||
}
|
||||
returndata = true
|
||||
logger.Warn("okay")
|
||||
return
|
||||
}
|
||||
|
||||
// WebsiteDelete to delete website
|
||||
func (api *API) WebsiteDelete(w http.ResponseWriter, r *http.Request, _ httprouter.Params, sess session.Session, login *libsystem.Login, websiteid int64) (returndata interface{}, returnerr *libapi.ErrorResult) {
|
||||
returndata = false
|
||||
logger := api.log.GetLog(r, "websitedelete")
|
||||
website := &Website{
|
||||
ID: websiteid,
|
||||
}
|
||||
if err := api.dbconnection.Unscoped().Delete(website).Error; err != nil {
|
||||
logger.Error("database: during delete website")
|
||||
returnerr = &libapi.ErrorResult{Message: "Internal Database Error"}
|
||||
return
|
||||
}
|
||||
returndata = true
|
||||
logger.Warn("okay")
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1 +1,50 @@
|
|||
package web
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"strconv"
|
||||
|
||||
"github.com/astaxie/session"
|
||||
"github.com/jinzhu/gorm"
|
||||
"github.com/julienschmidt/httprouter"
|
||||
|
||||
libapi "dev.sum7.de/sum7/warehost/lib/api"
|
||||
log "dev.sum7.de/sum7/warehost/lib/log"
|
||||
libsystem "dev.sum7.de/sum7/warehost/system"
|
||||
)
|
||||
|
||||
// Handle to handle request with session and current logged in user
|
||||
type Handle func(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *libsystem.Login, id int64) (interface{}, *libapi.ErrorResult)
|
||||
|
||||
//InvolveWebsiteHandler for api function to Verifie User ist loggedin
|
||||
func InvolveWebsiteHandler(h Handle, sessions *session.Manager, dbconnection *gorm.DB) httprouter.Handle {
|
||||
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
||||
sess := sessions.SessionStart(w, r)
|
||||
err := &libapi.ErrorResult{Fields: []string{"session"}, Message: "Not logged in"}
|
||||
var data interface{}
|
||||
data = false
|
||||
|
||||
if login := sess.Get("login"); login != nil {
|
||||
if loginObj := login.(libsystem.Login); loginObj.Active {
|
||||
id, errI := strconv.ParseInt(ps.ByName("websiteid"), 10, 64)
|
||||
if errI != nil {
|
||||
err = &libapi.ErrorResult{Fields: []string{"websiteid"}, Message: "Not a valid websiteid"}
|
||||
log.Log.Warn("invalid websiteid, no integer")
|
||||
} else {
|
||||
res := dbconnection.Where(map[string]int64{"website": id, "login": loginObj.ID}).Find(&Manager{})
|
||||
if !res.RecordNotFound() {
|
||||
data, err = h(w, r, ps, sess, &loginObj, id)
|
||||
} else {
|
||||
err = &libapi.ErrorResult{Fields: []string{"permission"}, Message: "No permission"}
|
||||
log.Log.Info("no Permissions")
|
||||
}
|
||||
}
|
||||
} else {
|
||||
log.Log.Warn("user not active")
|
||||
}
|
||||
} else {
|
||||
log.Log.Warn("not loggedin")
|
||||
}
|
||||
libapi.JSONOutput(w, r, sess, data, err)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -158,13 +158,13 @@ func (api *API) Password(w http.ResponseWriter, r *http.Request, _ httprouter.Pa
|
|||
func (api *API) Delete(w http.ResponseWriter, r *http.Request, _ httprouter.Params, sess session.Session, login *Login) (returndata interface{}, returnerr *libapi.ErrorResult) {
|
||||
returndata = false
|
||||
logger := api.log.GetLog(r, "delete")
|
||||
logger.Warn("login delete")
|
||||
sess.Delete("login")
|
||||
if err := api.dbconnection.Unscoped().Delete(login).Error; err != nil {
|
||||
logger.Warn("error detete login")
|
||||
returnerr = &libapi.ErrorResult{Message: "Error delete login"}
|
||||
return
|
||||
}
|
||||
logger.Warn("login delete")
|
||||
returndata = true
|
||||
return
|
||||
}
|
||||
|
|
@ -217,8 +217,7 @@ func (api *API) InviteAdd(w http.ResponseWriter, r *http.Request, _ httprouter.P
|
|||
func (api *API) LoginEdit(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *Login) (returndata interface{}, returnerr *libapi.ErrorResult) {
|
||||
returndata = false
|
||||
logger := api.log.GetLog(r, "loginedit")
|
||||
tmpID64, err := strconv.ParseUint(ps.ByName("id"), 10, 32)
|
||||
id := uint(tmpID64)
|
||||
id, err := strconv.ParseInt(ps.ByName("id"), 10, 64)
|
||||
if err != nil {
|
||||
returnerr = &libapi.ErrorResult{Message: "Error invalid input"}
|
||||
logger.Warn("invalid userinput, no integer")
|
||||
|
|
@ -236,7 +235,7 @@ func (api *API) LoginEdit(w http.ResponseWriter, r *http.Request, ps httprouter.
|
|||
}
|
||||
|
||||
api.dbconnection.Where("id = ?", invitedLogin.ID).First(&invitedLogin)
|
||||
invite := login.GetInvitedby(api.dbconnection)
|
||||
invite := invitedLogin.GetInvitedby(api.dbconnection)
|
||||
if !login.Superadmin && !invite.Admin && invitedLogin.CreateAt.Before(invitedLogin.LastLoginAt) {
|
||||
logger.Warn("no permission")
|
||||
returnerr = &libapi.ErrorResult{Message: "Error no permission to edit this invite"}
|
||||
|
|
@ -262,8 +261,7 @@ func (api *API) LoginEdit(w http.ResponseWriter, r *http.Request, ps httprouter.
|
|||
func (api *API) LoginDelete(w http.ResponseWriter, r *http.Request, ps httprouter.Params, sess session.Session, login *Login) (returndata interface{}, returnerr *libapi.ErrorResult) {
|
||||
returndata = false
|
||||
logger := api.log.GetLog(r, "logindelete")
|
||||
tmpID64, err := strconv.ParseUint(ps.ByName("id"), 10, 32)
|
||||
id := uint(tmpID64)
|
||||
id, err := strconv.ParseInt(ps.ByName("id"), 10, 64)
|
||||
if err != nil {
|
||||
returnerr = &libapi.ErrorResult{Message: "Error invalid input"}
|
||||
logger.Warn("invalid userinput, no integer")
|
||||
|
|
@ -272,7 +270,7 @@ func (api *API) LoginDelete(w http.ResponseWriter, r *http.Request, ps httproute
|
|||
logger = logger.WithField("id", id)
|
||||
var invitedLogin = Login{ID: id}
|
||||
api.dbconnection.Where("id = ?", invitedLogin.ID).First(&invitedLogin)
|
||||
invite := login.GetInvitedby(api.dbconnection)
|
||||
invite := invitedLogin.GetInvitedby(api.dbconnection)
|
||||
if !login.Superadmin && !invite.Admin && invitedLogin.CreateAt.Before(invitedLogin.LastLoginAt) {
|
||||
logger.Warn("no permission")
|
||||
returnerr = &libapi.ErrorResult{Message: "Error no permission to delete this invite"}
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ import (
|
|||
"github.com/julienschmidt/httprouter"
|
||||
|
||||
libapi "dev.sum7.de/sum7/warehost/lib/api"
|
||||
log "dev.sum7.de/sum7/warehost/lib/log"
|
||||
)
|
||||
|
||||
// Handle to handle request with session and current logged in user
|
||||
|
|
@ -23,7 +24,11 @@ func LoginHandler(h Handle, sessions *session.Manager) httprouter.Handle {
|
|||
if login := sess.Get("login"); login != nil {
|
||||
if loginObj := login.(Login); loginObj.Active {
|
||||
data, err = h(w, r, ps, sess, &loginObj)
|
||||
} else {
|
||||
log.Log.Warn("user not active")
|
||||
}
|
||||
} else {
|
||||
log.Log.Warn("not loggedin")
|
||||
}
|
||||
libapi.JSONOutput(w, r, sess, data, err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ type ChangePasswordRequest struct {
|
|||
|
||||
// Login found
|
||||
type Login struct {
|
||||
ID uint
|
||||
ID int64
|
||||
Username string `gorm:"type:varchar(255);unique;column:mail" json:"username"`
|
||||
Password string `gorm:"type:varchar(255);column:password" json:"-"`
|
||||
Active bool `gorm:"default:false;column:active" json:"active"`
|
||||
|
|
@ -47,9 +47,9 @@ type Login struct {
|
|||
|
||||
// Invite struct
|
||||
type Invite struct {
|
||||
LoginID uint `sql:"type:bigint REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:login;primary_key"`
|
||||
LoginID int64 `sql:"type:bigint REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:login;primary_key"`
|
||||
Login Login `gorm:"column:login" json:"login"`
|
||||
InvitedID uint `sql:"type:bigint REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:invited;primary_key"`
|
||||
InvitedID int64 `sql:"type:bigint REFERENCES login(id) ON UPDATE CASCADE ON DELETE CASCADE;column:invited;primary_key"`
|
||||
Invited Login `gorm:"column:invited" json:"invited"`
|
||||
Admin bool `sql:"default:false" json:"admin"`
|
||||
}
|
||||
|
|
|
|||
2
webroot
2
webroot
|
|
@ -1 +1 @@
|
|||
Subproject commit 908f09a014e1ad086771b11b0931929e844ffe25
|
||||
Subproject commit c9fd753cfa6904337406706a94dbc5f4af43d4bb
|
||||
Reference in New Issue