sum7/warehost
sum7
/
warehost
Archived
1
0
Fork 0
This repository has been archived on 2020-09-27. You can view files and clone it, but cannot push or open issues or pull requests.
warehost/modul/host/api.go

120 lines
5.2 KiB
Go

package host
import (
"net/http"
"strings"
"github.com/jinzhu/gorm"
"goji.io"
"goji.io/pat"
libapi "dev.sum7.eu/sum7/warehost/lib/api"
liblog "dev.sum7.eu/sum7/warehost/lib/log"
system "dev.sum7.eu/sum7/warehost/system"
)
//MODULNAME to get global name for the modul
const MODULNAME = "host"
var dbconnection *gorm.DB
var log *liblog.ModulLog
// BindAPI sets the routes to the api functions
func BindAPI(db *gorm.DB, router *goji.Mux, prefix string) {
dbconnection = db
log = liblog.NewModulLog(MODULNAME)
router.HandleFunc(pat.Post(prefix+"/signup"), libapi.SessionHandler(system.LoginHandler(signup)))
router.HandleFunc(pat.Get(prefix+"/signup"), libapi.SessionHandler(system.LoginHandler(checkSignup)))
router.HandleFunc(pat.Delete(prefix+"/delete"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(delete))))
router.HandleFunc(pat.Get(prefix+"/profil"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(profil))))
router.HandleFunc(pat.Get(prefix+"/domain"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainList))))
router.HandleFunc(pat.Get(prefix+"/domain/:domainid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainShow))))
router.HandleFunc(pat.Post(prefix+"/domain"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainAdd))))
router.HandleFunc(pat.Patch(prefix+"/domain/:domainid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainEdit))))
router.HandleFunc(pat.Delete(prefix+"/domain/:domainid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(domainDelete))))
router.HandleFunc(pat.Get(prefix+"/domain/:domainid/web"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(webList))))
router.HandleFunc(pat.Post(prefix+"/domain/:domainid/web"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(webAdd))))
router.HandleFunc(pat.Patch(prefix+"/domain/:domainid/web/:webid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(webEdit))))
router.HandleFunc(pat.Delete(prefix+"/domain/:domainid/web/:webid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(webDelete))))
router.HandleFunc(pat.Get(prefix+"/domain/:domainid/mail"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(mailList))))
router.HandleFunc(pat.Post(prefix+"/domain/:domainid/mail"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(mailAdd))))
router.HandleFunc(pat.Patch(prefix+"/domain/:domainid/mail/:mailid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(mailEdit))))
router.HandleFunc(pat.Delete(prefix+"/domain/:domainid/mail/:mailid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(mailDelete))))
router.HandleFunc(pat.Get(prefix+"/database"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseList))))
router.HandleFunc(pat.Post(prefix+"/database"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseAdd))))
router.HandleFunc(pat.Patch(prefix+"/database/:databaseid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseEdit))))
router.HandleFunc(pat.Delete(prefix+"/database/:databaseid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseDelete))))
// ADMIN APIS
router.HandleFunc(pat.Get(prefix+"/profils"), libapi.SessionHandler(system.LoginHandler(profilList)))
router.HandleFunc(pat.Patch(prefix+"/profil/:id"), libapi.SessionHandler(system.LoginHandler(toggleReseller)))
}
func checkSignupAllow(login *system.Login) bool {
run := login.Superadmin
if !run {
var profil Profil
dbconnection.Joins("LEFT JOIN invite invite ON invite.login=host_profil.login").Where("invite.invited=?", login.ID).Find(&profil)
run = profil.Reseller
}
return run
}
func checkSignup(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
login := ctx.Value("login").(*system.Login)
returndata := checkSignupAllow(login)
logger := log.GetLog(r, "checksignup")
if returndata {
logger.Info("done")
} else {
logger.Info("not allowed")
}
libapi.JSONWrite(w, r, returndata, nil)
}
func signup(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
login := ctx.Value("login").(*system.Login)
logger := log.GetLog(r, "signup")
if checkSignupAllow(login) {
profil := &Profil{LoginID: login.ID}
if err := dbconnection.Create(profil).Error; err != nil {
w.WriteHeader(http.StatusInternalServerError)
if strings.Contains(err.Error(), "duplicate key") {
logger.Warning("exists already")
libapi.JSONWrite(w, r, false, &libapi.ErrorResult{Message: "already signup"})
return
}
logger.Error("database: during create host profil: ", err)
libapi.JSONWrite(w, r, false, &libapi.ErrorResult{Message: "Internal Database Error"})
return
}
logger.Info("done")
libapi.JSONWrite(w, r, true, nil)
return
}
w.WriteHeader(http.StatusUnauthorized)
libapi.JSONWrite(w, r, false, &libapi.ErrorResult{Message: "You are not allowed to signup"})
}
func delete(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
logger := log.GetLog(r, "delete")
profil := ctx.Value("profil").(*Profil)
dbconnection.Unscoped().Delete(profil)
logger.Info("done")
libapi.JSONWrite(w, r, true, nil)
}
func profil(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
logger := log.GetLog(r, "profil")
profil := ctx.Value("profil").(*Profil)
logger.Info("done")
libapi.JSONWrite(w, r, profil, nil)
}