lucifer
/
lucifer
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
The main server, and probably only repository in this org.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
37 Commits
3 Branches
1 Tag
3.3 MiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
lucifer/controllers/group-controller.go

340 lines
10 KiB
Raw Permalink Normal View History

lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
BridgeController: Added /api/bridge endpoints.
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
lucifer-server, sqlite, controllers: Added /api/light/
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
lucifer-server, sqlite, controllers: Added /api/light/
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
GroupController: Added PATCH /api/group/permission/:id and DELETE /api/group/:id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
GroupController: Added PATCH /api/group/permission/:id and DELETE /api/group/:id
5 years ago
GroupController: Added POST /api/group/ and PUT/PATCH /api/group/:group_id
5 years ago
lucifer-server, controllers, sqlite, models: Added read only API for groups and stuff.
5 years ago
  1. package controllers
  3. import (
  4. "database/sql"
  5. "encoding/json"
  6. "fmt"
  7. "log"
  8. "net/http"
  9. "strconv"
  11. "git.aiterp.net/lucifer/lucifer/internal/httperr"
  13. "git.aiterp.net/lucifer/lucifer/internal/respond"
  14. "git.aiterp.net/lucifer/lucifer/models"
  15. "github.com/gorilla/mux"
  16. )
  18. // The GroupController is a controller for all group stuff.
  19. type GroupController struct {
  20. groups models.GroupRepository
  21. users models.UserRepository
  22. lights models.LightRepository
  23. }
  25. // getGroups (`GET /:id`): Get user by id
  26. func (c *GroupController) getGroups(w http.ResponseWriter, r *http.Request) {
  27. user := models.UserFromContext(r.Context())
  29. groups, err := c.groups.ListByUser(r.Context(), *user)
  30. if err != nil {
  31. log.Printf("Getting groups for user %s (%d) failed: %s", user.Name, user.ID, err)
  32. respond.Error(w, http.StatusInternalServerError, "internal_error", "Failed to get groups.")
  33. return
  34. }
  36. respond.Data(w, groups)
  37. }
  39. // getGroup (`GET /:group_id`): Get user by id
  40. func (c *GroupController) getGroup(w http.ResponseWriter, r *http.Request) {
  41. session := models.SessionFromContext(r.Context())
  43. idStr := mux.Vars(r)["group_id"]
  44. id, err := strconv.ParseInt(idStr, 10, 32)
  45. if err != nil {
  46. respond.Error(w, http.StatusBadRequest, "invalid_id", "The id"+idStr+"is not valid.")
  47. return
  48. }
  50. group, err := c.groups.FindByID(r.Context(), int(id))
  51. if err != nil || !group.Permission(session.UserID).Read {
  52. respond.Error(w, http.StatusNotFound, "not_found", "The group cannot be found or you are not authorized to view it.")
  53. return
  54. }
  56. respond.Data(w, group)
  57. }
  59. // getGroupLights (`GET /:group_id/light/`): Get user by id
  60. func (c *GroupController) getGroupLights(w http.ResponseWriter, r *http.Request) {
  61. session := models.SessionFromContext(r.Context())
  63. idStr := mux.Vars(r)["group_id"]
  64. id, err := strconv.ParseInt(idStr, 10, 32)
  65. if err != nil {
  66. respond.Error(w, http.StatusBadRequest, "invalid_id", "The id "+idStr+" is not valid.")
  67. return
  68. }
  70. group, err := c.groups.FindByID(r.Context(), int(id))
  71. if err != nil || !group.Permission(session.UserID).Read {
  72. respond.Error(w, http.StatusNotFound, "group_not_found", "The group cannot be found or you are not authorized to view it.")
  73. return
  74. }
  76. lights, err := c.lights.ListByGroup(r.Context(), group)
  77. if err != nil && err != sql.ErrNoRows {
  78. log.Printf("Getting lights for group %s (%d) failed: %s", group.Name, group.ID, err)
  79. respond.Error(w, http.StatusInternalServerError, "internal_error", "Failed to get groups.")
  80. return
  81. }
  83. respond.Data(w, lights)
  84. }
  86. // getGroupLight (`GET /:group_id/light/:light_id`): Get user by id
  87. func (c *GroupController) getGroupLight(w http.ResponseWriter, r *http.Request) {
  88. session := models.SessionFromContext(r.Context())
  90. groupIDStr := mux.Vars(r)["group_id"]
  91. groupID, err := strconv.ParseInt(groupIDStr, 10, 32)
  92. if err != nil {
  93. respond.Error(w, http.StatusBadRequest, "invalid_id", "The group id "+groupIDStr+" is not valid.")
  94. return
  95. }
  97. idStr := mux.Vars(r)["light_id"]
  98. id, err := strconv.ParseInt(idStr, 10, 32)
  99. if err != nil {
  100. respond.Error(w, http.StatusBadRequest, "invalid_id", "The light id "+idStr+" is not valid.")
  101. return
  102. }
  104. group, err := c.groups.FindByID(r.Context(), int(groupID))
  105. if err != nil || !group.Permission(session.UserID).Read {
  106. respond.Error(w, http.StatusNotFound, "group_not_found", "The group cannot be found or you are not authorized to view it.")
  107. return
  108. }
  110. light, err := c.lights.FindByID(r.Context(), int(id))
  111. if err != nil || light.GroupID != group.ID {
  112. fmt.Println(light, id)
  113. respond.Error(w, http.StatusNotFound, "light_not_found", "The light cannot be found in this group.")
  114. return
  115. }
  117. respond.Data(w, light)
  118. }
  120. // postGroup (`POST /`): Create a group.
  121. func (c *GroupController) postGroup(w http.ResponseWriter, r *http.Request) {
  122. user := models.UserFromContext(r.Context())
  124. postData := struct {
  125. Name string
  126. }{}
  127. if err := json.NewDecoder(r.Body).Decode(&postData); err != nil {
  128. respond.Error(w, http.StatusBadRequest, "invalid_json", "Input is not valid JSON.")
  129. return
  130. }
  131. if postData.Name == "" {
  132. respond.Error(w, http.StatusBadRequest, "invalid_name", "The name cannot be blank.")
  133. return
  134. }
  136. group, err := c.groups.Insert(r.Context(), models.Group{Name: postData.Name})
  137. if err != nil {
  138. httperr.Respond(w, err)
  139. return
  140. }
  142. permission := models.GroupPermission{
  143. GroupID: group.ID,
  144. UserID: user.ID,
  145. Read: true,
  146. Write: true,
  147. Delete: true,
  148. Create: true,
  149. Manage: true,
  150. }
  152. err = c.groups.UpdatePermissions(r.Context(), permission)
  153. if err != nil {
  154. httperr.Respond(w, err)
  155. return
  156. }
  158. group.Permissions = []models.GroupPermission{permission}
  159. respond.Data(w, group)
  160. }
  162. // updateGroup (`PUT/PATCH /:group_id`): Create a group.
  163. func (c *GroupController) updateGroup(w http.ResponseWriter, r *http.Request) {
  164. user := models.UserFromContext(r.Context())
  166. groupIDStr := mux.Vars(r)["group_id"]
  167. groupID, err := strconv.ParseInt(groupIDStr, 10, 32)
  168. if err != nil {
  169. respond.Error(w, http.StatusBadRequest, "invalid_id", "The group id "+groupIDStr+" is not valid.")
  170. return
  171. }
  173. postData := struct {
  174. Name string
  175. }{}
  176. if err := json.NewDecoder(r.Body).Decode(&postData); err != nil {
  177. respond.Error(w, http.StatusBadRequest, "invalid_json", "Input is not valid JSON.")
  178. return
  179. }
  180. if postData.Name == "" {
  181. respond.Error(w, http.StatusBadRequest, "invalid_name", "The name cannot be blank.")
  182. return
  183. }
  185. group, err := c.groups.FindByID(r.Context(), int(groupID))
  186. if err != nil {
  187. respond.Error(w, http.StatusNotFound, "group_not_found", "The group cannot be found or you are not authorized to view it.")
  188. return
  189. } else if !group.Permission(user.ID).Manage {
  190. respond.Error(w, http.StatusNotFound, "permission_denied", "Your transgression will be remembered.")
  191. return
  192. }
  194. group.Name = postData.Name
  195. err = c.groups.Update(r.Context(), group)
  196. if err != nil {
  197. httperr.Respond(w, err)
  198. return
  199. }
  201. respond.Data(w, group)
  202. }
  204. // updateGroupPermission (`PUT/PATCH /:group_id/permission/:user_id`): Update a user's permission on a group.
  205. func (c *GroupController) updateGroupPermission(w http.ResponseWriter, r *http.Request) {
  206. user := models.UserFromContext(r.Context())
  208. groupIDStr := mux.Vars(r)["group_id"]
  209. groupID, err := strconv.ParseInt(groupIDStr, 10, 32)
  210. if err != nil {
  211. respond.Error(w, http.StatusBadRequest, "invalid_id", "The group id "+groupIDStr+" is not valid.")
  212. return
  213. }
  215. userIDStr := mux.Vars(r)["user_id"]
  216. userID, err := strconv.ParseInt(userIDStr, 10, 32)
  217. if err != nil {
  218. respond.Error(w, http.StatusBadRequest, "invalid_id", "The user id "+userIDStr+" is not valid.")
  219. return
  220. }
  222. putData := struct {
  223. Read *bool `json:"read"`
  224. Write *bool `json:"write"`
  225. Create *bool `json:"create"`
  226. Delete *bool `json:"delete"`
  227. Manage *bool `json:"manage"`
  228. }{}
  229. if err := json.NewDecoder(r.Body).Decode(&putData); err != nil {
  230. respond.Error(w, http.StatusBadRequest, "invalid_json", "Input is not valid JSON.")
  231. return
  232. }
  233. if putData.Manage != nil {
  234. respond.Error(w, http.StatusBadRequest, "cannot_change_manage", "You cannot change the manage permission.")
  235. return
  236. }
  238. group, err := c.groups.FindByID(r.Context(), int(groupID))
  239. if err != nil {
  240. respond.Error(w, http.StatusNotFound, "group_not_found", "The group could not be found.")
  241. return
  242. } else if !group.Permission(user.ID).Manage {
  243. respond.Error(w, http.StatusForbidden, "permission_denied", "This transgression has been dispatched to the North Pole for review.")
  244. return
  245. }
  247. user2, err := c.users.FindByID(r.Context(), int(userID))
  248. if err == sql.ErrNoRows {
  249. respond.Error(w, http.StatusNotFound, "user_not_Found", "The user could not be found.")
  250. return
  251. } else if err != nil {
  252. httperr.Respond(w, err)
  253. return
  254. }
  256. permissions := group.Permission(user2.ID)
  257. if putData.Read != nil {
  258. permissions.Read = *putData.Read
  259. }
  260. if putData.Write != nil {
  261. permissions.Write = *putData.Write
  262. }
  263. if putData.Create != nil {
  264. permissions.Create = *putData.Create
  265. }
  266. if putData.Delete != nil {
  267. permissions.Delete = *putData.Delete
  268. }
  270. err = c.groups.UpdatePermissions(r.Context(), permissions)
  271. if err != nil {
  272. httperr.Respond(w, err)
  273. return
  274. }
  276. respond.Data(w, permissions)
  277. }
  279. // deleteGroup (`DELETE /:group_id`): Delete a group.
  280. func (c *GroupController) deleteGroup(w http.ResponseWriter, r *http.Request) {
  281. user := models.UserFromContext(r.Context())
  283. groupIDStr := mux.Vars(r)["group_id"]
  284. groupID, err := strconv.ParseInt(groupIDStr, 10, 32)
  285. if err != nil {
  286. respond.Error(w, http.StatusBadRequest, "invalid_id", "The group id "+groupIDStr+" is not valid.")
  287. return
  288. }
  290. group, err := c.groups.FindByID(r.Context(), int(groupID))
  291. if err != nil {
  292. respond.Error(w, http.StatusNotFound, "group_not_found", "The group cannot be found.")
  293. return
  294. } else if !group.Permission(user.ID).Manage {
  295. respond.Error(w, http.StatusNotFound, "permission_denied", "Your transgression will be remembered.")
  296. return
  297. }
  299. lights, err := c.lights.ListByGroup(r.Context(), group)
  300. if err != nil && err != sql.ErrNoRows {
  301. httperr.Respond(w, err)
  302. return
  303. }
  305. for _, light := range lights {
  306. light.GroupID = 0
  307. err := c.lights.Update(r.Context(), light)
  308. if err != nil {
  309. httperr.Respond(w, err)
  310. return
  311. }
  312. }
  314. err = c.groups.Remove(r.Context(), group)
  315. if err != nil {
  316. httperr.Respond(w, err)
  317. return
  318. }
  320. respond.Data(w, group)
  321. }
  323. // Mount mounts the controller
  324. func (c *GroupController) Mount(router *mux.Router, prefix string) {
  325. sub := router.PathPrefix(prefix).Subrouter()
  327. sub.HandleFunc("/", c.getGroups).Methods("GET")
  328. sub.HandleFunc("/", c.postGroup).Methods("POST")
  329. sub.HandleFunc("/{group_id}", c.getGroup).Methods("GET")
  330. sub.HandleFunc("/{group_id}", c.updateGroup).Methods("PUT", "PATCH")
  331. sub.HandleFunc("/{group_id}", c.deleteGroup).Methods("DELETE")
  332. sub.HandleFunc("/{group_id}/permission/{user_id}", c.updateGroupPermission).Methods("PUT", "PATCH")
  333. sub.HandleFunc("/{group_id}/light/", c.getGroupLights).Methods("GET")
  334. sub.HandleFunc("/{group_id}/light/{light_id}", c.getGroupLight).Methods("GET")
  335. }
  337. // NewGroupController creates a new GroupController.
  338. func NewGroupController(groups models.GroupRepository, users models.UserRepository, lights models.LightRepository) *GroupController {
  339. return &GroupController{groups: groups, users: users, lights: lights}
  340. }