package host import ( "net/http" "strings" "github.com/jinzhu/gorm" "goji.io" "goji.io/pat" libapi "dev.sum7.eu/sum7/warehost/lib/api" liblog "dev.sum7.eu/sum7/warehost/lib/log" system "dev.sum7.eu/sum7/warehost/system" ) //MODULNAME to get global name for the modul const MODULNAME = "host" var dbconnection *gorm.DB var log *liblog.ModulLog // BindAPI sets the routes to the api functions func BindAPI(db *gorm.DB, router *goji.Mux, prefix string) { dbconnection = db log = liblog.NewModulLog(MODULNAME) router.HandleFunc(pat.Post(prefix+"/signup"), libapi.SessionHandler(system.LoginHandler(signup))) router.HandleFunc(pat.Get(prefix+"/signup"), libapi.SessionHandler(system.LoginHandler(checkSignup))) router.HandleFunc(pat.Delete(prefix+"/delete"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(delete)))) router.HandleFunc(pat.Get(prefix+"/profil"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(profil)))) router.HandleFunc(pat.Get(prefix+"/domain"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainList)))) router.HandleFunc(pat.Get(prefix+"/domain/:domainid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainShow)))) router.HandleFunc(pat.Post(prefix+"/domain"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainAdd)))) router.HandleFunc(pat.Patch(prefix+"/domain/:domainid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainEdit)))) router.HandleFunc(pat.Delete(prefix+"/domain/:domainid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainDelete)))) router.HandleFunc(pat.Get(prefix+"/domain/:domainid/web"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(webList)))) router.HandleFunc(pat.Post(prefix+"/domain/:domainid/web"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(webAdd)))) router.HandleFunc(pat.Patch(prefix+"/domain/:domainid/web/:webid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(webEdit)))) router.HandleFunc(pat.Delete(prefix+"/domain/:domainid/web/:webid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(webDelete)))) router.HandleFunc(pat.Get(prefix+"/domain/:domainid/mail"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(mailList)))) router.HandleFunc(pat.Post(prefix+"/domain/:domainid/mail"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(mailAdd)))) router.HandleFunc(pat.Patch(prefix+"/domain/:domainid/mail/:mailid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(mailEdit)))) router.HandleFunc(pat.Delete(prefix+"/domain/:domainid/mail/:mailid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(mailDelete)))) router.HandleFunc(pat.Get(prefix+"/database"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseList)))) router.HandleFunc(pat.Post(prefix+"/database"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseAdd)))) router.HandleFunc(pat.Patch(prefix+"/database/:databaseid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseEdit)))) router.HandleFunc(pat.Delete(prefix+"/database/:databaseid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseDelete)))) // ADMIN APIS router.HandleFunc(pat.Get(prefix+"/profils"), libapi.SessionHandler(system.LoginHandler(profilList))) router.HandleFunc(pat.Patch(prefix+"/profil/:id"), libapi.SessionHandler(system.LoginHandler(toggleReseller))) } func checkSignupAllow(login *system.Login) bool { run := login.Superadmin if !run { var profil Profil dbconnection.Joins("LEFT JOIN invite invite ON invite.login=host_profil.login").Where("invite.invited=?", login.ID).Find(&profil) run = profil.Reseller } return run } func checkSignup(w http.ResponseWriter, r *http.Request) { ctx := r.Context() login := ctx.Value("login").(*system.Login) returndata := checkSignupAllow(login) logger := log.GetLog(r, "checksignup") if returndata { logger.Info("done") } else { logger.Info("not allowed") } libapi.JSONWrite(w, r, returndata, nil) } func signup(w http.ResponseWriter, r *http.Request) { ctx := r.Context() login := ctx.Value("login").(*system.Login) logger := log.GetLog(r, "signup") if checkSignupAllow(login) { profil := &Profil{LoginID: login.ID} if err := dbconnection.Create(profil).Error; err != nil { w.WriteHeader(http.StatusInternalServerError) if strings.Contains(err.Error(), "duplicate key") { logger.Warning("exists already") libapi.JSONWrite(w, r, false, &libapi.ErrorResult{Message: "already signup"}) return } logger.Error("database: during create host profil: ", err) libapi.JSONWrite(w, r, false, &libapi.ErrorResult{Message: "Internal Database Error"}) return } logger.Info("done") libapi.JSONWrite(w, r, true, nil) return } w.WriteHeader(http.StatusUnauthorized) libapi.JSONWrite(w, r, false, &libapi.ErrorResult{Message: "You are not allowed to signup"}) } func delete(w http.ResponseWriter, r *http.Request) { ctx := r.Context() logger := log.GetLog(r, "delete") profil := ctx.Value("profil").(*Profil) dbconnection.Unscoped().Delete(profil) logger.Info("done") libapi.JSONWrite(w, r, true, nil) } func profil(w http.ResponseWriter, r *http.Request) { ctx := r.Context() logger := log.GetLog(r, "profil") profil := ctx.Value("profil").(*Profil) logger.Info("done") libapi.JSONWrite(w, r, profil, nil) }