diff options
| author |  Frédéric Guillot <fred@miniflux.net>
| 2017-11-19 21:10:04 -0800 |
|---|---|---|
| committer | Frédéric Guillot <fred@miniflux.net>
| 2017-11-19 22:01:46 -0800 |
| commit | 8ffb773f43c8dc54801ca1d111854e7e881c93c9 (patch) | |
| tree | 38133a2fc612597a75fed1d13e5b4042f58a2b7e /server/api/controller/user.go | |
| download | v2-8ffb773f43c8dc54801ca1d111854e7e881c93c9.tar.gz v2-8ffb773f43c8dc54801ca1d111854e7e881c93c9.tar.zst v2-8ffb773f43c8dc54801ca1d111854e7e881c93c9.zip | |
First commit
Diffstat (limited to 'server/api/controller/user.go')
| -rw-r--r-- | server/api/controller/user.go | 163 |
1 files changed, 163 insertions, 0 deletions
diff --git a/server/api/controller/user.go b/server/api/controller/user.go new file mode 100644 index 00000000..c8276b3c --- /dev/null +++ b/server/api/controller/user.go @@ -0,0 +1,163 @@ +// Copyright 2017 Frédéric Guillot. All rights reserved. +// Use of this source code is governed by the Apache 2.0 +// license that can be found in the LICENSE file. + +package api + +import ( + "errors" + "github.com/miniflux/miniflux2/server/api/payload" + "github.com/miniflux/miniflux2/server/core" +) + +// CreateUser is the API handler to create a new user. +func (c *Controller) CreateUser(ctx *core.Context, request *core.Request, response *core.Response) { + if !ctx.IsAdminUser() { + response.Json().Forbidden() + return + } + + user, err := payload.DecodeUserPayload(request.GetBody()) + if err != nil { + response.Json().BadRequest(err) + return + } + + if err := user.ValidateUserCreation(); err != nil { + response.Json().BadRequest(err) + return + } + + if c.store.UserExists(user.Username) { + response.Json().BadRequest(errors.New("This user already exists")) + return + } + + err = c.store.CreateUser(user) + if err != nil { + response.Json().ServerError(errors.New("Unable to create this user")) + return + } + + user.Password = "" + response.Json().Created(user) +} + +// UpdateUser is the API handler to update the given user. +func (c *Controller) UpdateUser(ctx *core.Context, request *core.Request, response *core.Response) { + if !ctx.IsAdminUser() { + response.Json().Forbidden() + return + } + + userID, err := request.GetIntegerParam("userID") + if err != nil { + response.Json().BadRequest(err) + return + } + + user, err := payload.DecodeUserPayload(request.GetBody()) + if err != nil { + response.Json().BadRequest(err) + return + } + + if err := user.ValidateUserModification(); err != nil { + response.Json().BadRequest(err) + return + } + + originalUser, err := c.store.GetUserById(userID) + if err != nil { + response.Json().BadRequest(errors.New("Unable to fetch this user from the database")) + return + } + + if originalUser == nil { + response.Json().NotFound(errors.New("User not found")) + return + } + + originalUser.Merge(user) + if err = c.store.UpdateUser(originalUser); err != nil { + response.Json().ServerError(errors.New("Unable to update this user")) + return + } + + response.Json().Created(originalUser) +} + +// GetUsers is the API handler to get the list of users. +func (c *Controller) GetUsers(ctx *core.Context, request *core.Request, response *core.Response) { + if !ctx.IsAdminUser() { + response.Json().Forbidden() + return + } + + users, err := c.store.GetUsers() + if err != nil { + response.Json().ServerError(errors.New("Unable to fetch the list of users")) + return + } + + response.Json().Standard(users) +} + +// GetUser is the API handler to fetch the given user. +func (c *Controller) GetUser(ctx *core.Context, request *core.Request, response *core.Response) { + if !ctx.IsAdminUser() { + response.Json().Forbidden() + return + } + + userID, err := request.GetIntegerParam("userID") + if err != nil { + response.Json().BadRequest(err) + return + } + + user, err := c.store.GetUserById(userID) + if err != nil { + response.Json().BadRequest(errors.New("Unable to fetch this user from the database")) + return + } + + if user == nil { + response.Json().NotFound(errors.New("User not found")) + return + } + + response.Json().Standard(user) +} + +// RemoveUser is the API handler to remove an existing user. +func (c *Controller) RemoveUser(ctx *core.Context, request *core.Request, response *core.Response) { + if !ctx.IsAdminUser() { + response.Json().Forbidden() + return + } + + userID, err := request.GetIntegerParam("userID") + if err != nil { + response.Json().BadRequest(err) + return + } + + user, err := c.store.GetUserById(userID) + if err != nil { + response.Json().ServerError(errors.New("Unable to fetch this user from the database")) + return + } + + if user == nil { + response.Json().NotFound(errors.New("User not found")) + return + } + + if err := c.store.RemoveUser(user.ID); err != nil { + response.Json().BadRequest(errors.New("Unable to remove this user from the database")) + return + } + + response.Json().NoContent() +} |