2021-03-26 00:17:52 +08:00
|
|
|
package controller
|
|
|
|
|
|
|
|
|
|
import (
|
2021-04-18 02:03:01 +08:00
|
|
|
"encoding/json"
|
|
|
|
|
"errors"
|
2021-10-26 02:51:52 +08:00
|
|
|
"fmt"
|
2021-04-18 02:03:01 +08:00
|
|
|
"net/http"
|
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/gorilla/mux"
|
2021-10-22 03:28:58 +08:00
|
|
|
"github.com/gravitl/netmaker/auth"
|
2021-07-22 06:55:19 +08:00
|
|
|
"github.com/gravitl/netmaker/database"
|
2021-04-18 02:03:01 +08:00
|
|
|
"github.com/gravitl/netmaker/functions"
|
2021-10-22 03:28:58 +08:00
|
|
|
"github.com/gravitl/netmaker/logic"
|
2021-04-18 02:03:01 +08:00
|
|
|
"github.com/gravitl/netmaker/models"
|
2021-03-26 00:17:52 +08:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func userHandlers(r *mux.Router) {
|
|
|
|
|
|
2021-04-18 02:03:01 +08:00
|
|
|
r.HandleFunc("/api/users/adm/hasadmin", hasAdmin).Methods("GET")
|
|
|
|
|
r.HandleFunc("/api/users/adm/createadmin", createAdmin).Methods("POST")
|
|
|
|
|
r.HandleFunc("/api/users/adm/authenticate", authenticateUser).Methods("POST")
|
|
|
|
|
r.HandleFunc("/api/users/{username}", authorizeUser(http.HandlerFunc(updateUser))).Methods("PUT")
|
2021-10-26 03:13:23 +08:00
|
|
|
r.HandleFunc("/api/users/networks/{username}", authorizeUserAdm(http.HandlerFunc(updateUserNetworks))).Methods("PUT")
|
2021-07-02 12:03:46 +08:00
|
|
|
r.HandleFunc("/api/users/{username}/adm", authorizeUserAdm(http.HandlerFunc(updateUserAdm))).Methods("PUT")
|
|
|
|
|
r.HandleFunc("/api/users/{username}", authorizeUserAdm(http.HandlerFunc(createUser))).Methods("POST")
|
2021-04-18 02:03:01 +08:00
|
|
|
r.HandleFunc("/api/users/{username}", authorizeUser(http.HandlerFunc(deleteUser))).Methods("DELETE")
|
|
|
|
|
r.HandleFunc("/api/users/{username}", authorizeUser(http.HandlerFunc(getUser))).Methods("GET")
|
2021-07-15 04:47:05 +08:00
|
|
|
r.HandleFunc("/api/users", authorizeUserAdm(http.HandlerFunc(getUsers))).Methods("GET")
|
2021-10-22 03:28:58 +08:00
|
|
|
r.HandleFunc("/api/oauth/login", auth.HandleAuthLogin).Methods("GET")
|
|
|
|
|
r.HandleFunc("/api/oauth/callback", auth.HandleAuthCallback).Methods("GET")
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
2021-10-16 20:01:38 +08:00
|
|
|
// Node authenticates using its password and retrieves a JWT for authorization.
|
2021-03-26 00:17:52 +08:00
|
|
|
func authenticateUser(response http.ResponseWriter, request *http.Request) {
|
|
|
|
|
|
2021-10-16 20:01:38 +08:00
|
|
|
// Auth request consists of Mac Address and Password (from node that is authorizing
|
|
|
|
|
// in case of Master, auth is ignored and mac is set to "mastermac"
|
2021-04-18 02:03:01 +08:00
|
|
|
var authRequest models.UserAuthParams
|
|
|
|
|
var errorResponse = models.ErrorResponse{
|
|
|
|
|
Code: http.StatusInternalServerError, Message: "W1R3: It's not you it's me.",
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
decoder := json.NewDecoder(request.Body)
|
|
|
|
|
decoderErr := decoder.Decode(&authRequest)
|
|
|
|
|
defer request.Body.Close()
|
|
|
|
|
if decoderErr != nil {
|
|
|
|
|
returnErrorResponse(response, request, errorResponse)
|
2021-03-27 04:13:51 +08:00
|
|
|
return
|
2021-04-30 06:14:13 +08:00
|
|
|
}
|
|
|
|
|
|
2021-10-22 08:32:23 +08:00
|
|
|
jwt, err := logic.VerifyAuthRequest(authRequest)
|
2021-04-30 06:14:13 +08:00
|
|
|
if err != nil {
|
2021-04-30 23:30:19 +08:00
|
|
|
returnErrorResponse(response, request, formatError(err, "badrequest"))
|
|
|
|
|
return
|
2021-04-30 06:14:13 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if jwt == "" {
|
2021-10-16 20:01:38 +08:00
|
|
|
// very unlikely that err is !nil and no jwt returned, but handle it anyways.
|
2021-04-30 23:30:19 +08:00
|
|
|
returnErrorResponse(response, request, formatError(errors.New("No token returned"), "internal"))
|
2021-04-30 06:14:13 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-19 23:30:27 +08:00
|
|
|
username := authRequest.UserName
|
2021-04-30 06:14:13 +08:00
|
|
|
var successResponse = models.SuccessResponse{
|
|
|
|
|
Code: http.StatusOK,
|
2021-07-19 23:30:27 +08:00
|
|
|
Message: "W1R3: Device " + username + " Authorized",
|
2021-04-30 06:14:13 +08:00
|
|
|
Response: models.SuccessfulUserLoginResponse{
|
|
|
|
|
AuthToken: jwt,
|
2021-07-19 23:30:27 +08:00
|
|
|
UserName: username,
|
2021-04-30 06:14:13 +08:00
|
|
|
},
|
|
|
|
|
}
|
2021-10-16 20:01:38 +08:00
|
|
|
// Send back the JWT
|
2021-04-30 06:14:13 +08:00
|
|
|
successJSONResponse, jsonError := json.Marshal(successResponse)
|
|
|
|
|
|
|
|
|
|
if jsonError != nil {
|
|
|
|
|
returnErrorResponse(response, request, errorResponse)
|
|
|
|
|
return
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
2021-07-19 23:30:27 +08:00
|
|
|
functions.PrintUserLog(username, "was authenticated", 2)
|
2021-04-30 06:14:13 +08:00
|
|
|
response.Header().Set("Content-Type", "application/json")
|
|
|
|
|
response.Write(successJSONResponse)
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-16 20:01:38 +08:00
|
|
|
// The middleware for most requests to the API
|
|
|
|
|
// They all pass through here first
|
|
|
|
|
// This will validate the JWT (or check for master token)
|
|
|
|
|
// This will also check against the authNetwork and make sure the node should be accessing that endpoint,
|
|
|
|
|
// even if it's technically ok
|
|
|
|
|
// This is kind of a poor man's RBAC. There's probably a better/smarter way.
|
|
|
|
|
// TODO: Consider better RBAC implementations
|
2021-03-26 00:17:52 +08:00
|
|
|
func authorizeUser(next http.Handler) http.HandlerFunc {
|
2021-04-18 02:03:01 +08:00
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2021-07-15 04:47:05 +08:00
|
|
|
var params = mux.Vars(r)
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-10-16 20:01:38 +08:00
|
|
|
// get the auth token
|
2021-03-26 00:17:52 +08:00
|
|
|
bearerToken := r.Header.Get("Authorization")
|
2021-07-19 23:30:27 +08:00
|
|
|
username := params["username"]
|
|
|
|
|
err := ValidateUserToken(bearerToken, username, false)
|
2021-04-30 06:14:13 +08:00
|
|
|
if err != nil {
|
2021-04-30 23:30:19 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "unauthorized"))
|
2021-03-27 04:13:51 +08:00
|
|
|
return
|
2021-03-26 10:29:36 +08:00
|
|
|
}
|
2021-07-19 23:30:27 +08:00
|
|
|
r.Header.Set("user", username)
|
2021-04-30 06:14:13 +08:00
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-07-02 12:03:46 +08:00
|
|
|
func authorizeUserAdm(next http.Handler) http.HandlerFunc {
|
2021-07-15 04:47:05 +08:00
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
2021-07-02 12:03:46 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
//get the auth token
|
|
|
|
|
bearerToken := r.Header.Get("Authorization")
|
2021-07-19 23:30:27 +08:00
|
|
|
username := params["username"]
|
|
|
|
|
err := ValidateUserToken(bearerToken, username, true)
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "unauthorized"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-19 23:30:27 +08:00
|
|
|
r.Header.Set("user", username)
|
2021-07-15 04:47:05 +08:00
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-07-02 12:03:46 +08:00
|
|
|
|
2021-10-16 20:01:38 +08:00
|
|
|
// ValidateUserToken - self explained
|
2021-07-02 12:03:46 +08:00
|
|
|
func ValidateUserToken(token string, user string, adminonly bool) error {
|
2021-04-30 06:14:13 +08:00
|
|
|
var tokenSplit = strings.Split(token, " ")
|
|
|
|
|
//I put this in in case the user doesn't put in a token at all (in which case it's empty)
|
|
|
|
|
//There's probably a smarter way of handling this.
|
|
|
|
|
var authToken = "928rt238tghgwe@TY@$Y@#WQAEGB2FC#@HG#@$Hddd"
|
|
|
|
|
|
|
|
|
|
if len(tokenSplit) > 1 {
|
|
|
|
|
authToken = tokenSplit[1]
|
|
|
|
|
} else {
|
|
|
|
|
return errors.New("Missing Auth Token.")
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-10-27 00:27:29 +08:00
|
|
|
username, _, isadmin, err := logic.VerifyUserToken(authToken)
|
2021-04-30 06:14:13 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return errors.New("Error Verifying Auth Token")
|
|
|
|
|
}
|
2021-07-02 12:03:46 +08:00
|
|
|
isAuthorized := false
|
|
|
|
|
if adminonly {
|
|
|
|
|
isAuthorized = isadmin
|
|
|
|
|
} else {
|
|
|
|
|
isAuthorized = username == user || isadmin
|
|
|
|
|
}
|
2021-04-30 06:14:13 +08:00
|
|
|
if !isAuthorized {
|
|
|
|
|
return errors.New("You are unauthorized to access this endpoint.")
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
2021-04-30 06:14:13 +08:00
|
|
|
|
|
|
|
|
return nil
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func hasAdmin(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
|
2021-10-22 03:28:58 +08:00
|
|
|
hasadmin, err := logic.HasAdmin()
|
2021-08-10 01:30:40 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
2021-09-06 22:36:14 +08:00
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
|
|
|
|
json.NewEncoder(w).Encode(hasadmin)
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-16 20:01:38 +08:00
|
|
|
// GetUserInternal - gets an internal user
|
2021-07-24 06:24:34 +08:00
|
|
|
func GetUserInternal(username string) (models.User, error) {
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-18 02:03:01 +08:00
|
|
|
var user models.User
|
2021-07-22 06:55:19 +08:00
|
|
|
record, err := database.FetchRecord(database.USERS_TABLE_NAME, username)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return user, err
|
|
|
|
|
}
|
|
|
|
|
if err = json.Unmarshal([]byte(record), &user); err != nil {
|
|
|
|
|
return models.User{}, err
|
|
|
|
|
}
|
2021-04-18 02:03:01 +08:00
|
|
|
return user, err
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
2021-10-16 20:01:38 +08:00
|
|
|
// Get an individual node. Nothin fancy here folks.
|
2021-03-26 00:17:52 +08:00
|
|
|
func getUser(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
// set header.
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
|
2021-04-18 02:03:01 +08:00
|
|
|
var params = mux.Vars(r)
|
2021-07-19 23:30:27 +08:00
|
|
|
usernameFetched := params["username"]
|
2021-10-22 03:28:58 +08:00
|
|
|
user, err := logic.GetUser(usernameFetched)
|
2021-03-26 00:17:52 +08:00
|
|
|
|
|
|
|
|
if err != nil {
|
2021-05-09 22:52:42 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
2021-03-26 00:17:52 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-07-19 23:30:27 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "fetched user "+usernameFetched, 2)
|
2021-03-26 00:17:52 +08:00
|
|
|
json.NewEncoder(w).Encode(user)
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-16 20:01:38 +08:00
|
|
|
// Get an individual node. Nothin fancy here folks.
|
2021-07-02 12:03:46 +08:00
|
|
|
func getUsers(w http.ResponseWriter, r *http.Request) {
|
2021-07-15 04:47:05 +08:00
|
|
|
// set header.
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2021-07-02 12:03:46 +08:00
|
|
|
|
2021-10-22 03:28:58 +08:00
|
|
|
users, err := logic.GetUsers()
|
2021-07-02 12:03:46 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-02 12:03:46 +08:00
|
|
|
|
2021-07-19 23:30:27 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "fetched users", 2)
|
2021-07-15 04:47:05 +08:00
|
|
|
json.NewEncoder(w).Encode(users)
|
2021-07-02 12:03:46 +08:00
|
|
|
}
|
|
|
|
|
|
2021-03-26 00:17:52 +08:00
|
|
|
func createAdmin(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
|
|
|
|
|
var admin models.User
|
2021-10-16 20:01:38 +08:00
|
|
|
// get node from body of request
|
2021-03-26 00:17:52 +08:00
|
|
|
_ = json.NewDecoder(r.Body).Decode(&admin)
|
2021-10-15 04:36:14 +08:00
|
|
|
|
2021-10-22 03:28:58 +08:00
|
|
|
admin, err := logic.CreateAdmin(admin)
|
2021-04-30 23:30:19 +08:00
|
|
|
|
2021-04-18 02:03:01 +08:00
|
|
|
if err != nil {
|
2021-04-30 23:30:19 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
2021-04-18 02:03:01 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-07-19 23:30:27 +08:00
|
|
|
functions.PrintUserLog(admin.UserName, "was made a new admin", 1)
|
2021-03-26 00:17:52 +08:00
|
|
|
json.NewEncoder(w).Encode(admin)
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-02 12:03:46 +08:00
|
|
|
func createUser(w http.ResponseWriter, r *http.Request) {
|
2021-07-15 04:47:05 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2021-07-02 12:03:46 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
var user models.User
|
2021-10-16 20:01:38 +08:00
|
|
|
// get node from body of request
|
2021-07-15 04:47:05 +08:00
|
|
|
_ = json.NewDecoder(r.Body).Decode(&user)
|
2021-07-02 12:03:46 +08:00
|
|
|
|
2021-10-22 03:28:58 +08:00
|
|
|
user, err := logic.CreateUser(user)
|
2021-07-02 12:03:46 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-19 23:30:27 +08:00
|
|
|
functions.PrintUserLog(user.UserName, "was created", 1)
|
2021-07-15 04:47:05 +08:00
|
|
|
json.NewEncoder(w).Encode(user)
|
2021-07-02 12:03:46 +08:00
|
|
|
}
|
|
|
|
|
|
2021-10-26 02:51:52 +08:00
|
|
|
func updateUserNetworks(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
var user models.User
|
|
|
|
|
// start here
|
|
|
|
|
username := params["username"]
|
|
|
|
|
user, err := GetUserInternal(username)
|
|
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
var userchange models.User
|
|
|
|
|
// we decode our body request params
|
|
|
|
|
err = json.NewDecoder(r.Body).Decode(&userchange)
|
|
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-26 04:38:59 +08:00
|
|
|
err = logic.UpdateUserNetworks(userchange.Networks, userchange.IsAdmin, &user)
|
2021-10-26 02:51:52 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-10-26 04:38:59 +08:00
|
|
|
functions.PrintUserLog(username, "status was updated", 1)
|
2021-10-26 02:51:52 +08:00
|
|
|
json.NewEncoder(w).Encode(user)
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-26 00:17:52 +08:00
|
|
|
func updateUser(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
var user models.User
|
2021-10-16 20:01:38 +08:00
|
|
|
// start here
|
2021-07-19 23:30:27 +08:00
|
|
|
username := params["username"]
|
2021-07-24 06:24:34 +08:00
|
|
|
user, err := GetUserInternal(username)
|
2021-04-18 02:03:01 +08:00
|
|
|
if err != nil {
|
2021-05-09 22:52:42 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
2021-04-18 02:03:01 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-10-26 02:51:52 +08:00
|
|
|
if auth.IsOauthUser(&user) == nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(fmt.Errorf("can not update user info for oauth user %s", username), "forbidden"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-04-18 02:03:01 +08:00
|
|
|
var userchange models.User
|
|
|
|
|
// we decode our body request params
|
|
|
|
|
err = json.NewDecoder(r.Body).Decode(&userchange)
|
2021-03-26 00:17:52 +08:00
|
|
|
if err != nil {
|
2021-05-09 22:52:42 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
2021-04-18 02:03:01 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-07-02 12:03:46 +08:00
|
|
|
userchange.Networks = nil
|
2021-10-22 03:28:58 +08:00
|
|
|
user, err = logic.UpdateUser(userchange, user)
|
2021-03-26 00:17:52 +08:00
|
|
|
if err != nil {
|
2021-04-30 23:30:19 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
2021-03-26 00:17:52 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-07-19 23:30:27 +08:00
|
|
|
functions.PrintUserLog(username, "was updated", 1)
|
2021-03-26 00:17:52 +08:00
|
|
|
json.NewEncoder(w).Encode(user)
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-02 12:03:46 +08:00
|
|
|
func updateUserAdm(w http.ResponseWriter, r *http.Request) {
|
2021-07-15 04:47:05 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
var user models.User
|
2021-10-16 20:01:38 +08:00
|
|
|
// start here
|
2021-07-19 23:30:27 +08:00
|
|
|
username := params["username"]
|
2021-07-24 06:24:34 +08:00
|
|
|
user, err := GetUserInternal(username)
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-10-26 02:51:52 +08:00
|
|
|
if auth.IsOauthUser(&user) != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(fmt.Errorf("can not update user info for oauth user"), "forbidden"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
var userchange models.User
|
|
|
|
|
// we decode our body request params
|
|
|
|
|
err = json.NewDecoder(r.Body).Decode(&userchange)
|
|
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-10-22 03:28:58 +08:00
|
|
|
user, err = logic.UpdateUser(userchange, user)
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-19 23:30:27 +08:00
|
|
|
functions.PrintUserLog(username, "was updated (admin)", 1)
|
2021-07-15 04:47:05 +08:00
|
|
|
json.NewEncoder(w).Encode(user)
|
2021-07-02 12:03:46 +08:00
|
|
|
}
|
|
|
|
|
|
2021-03-26 00:17:52 +08:00
|
|
|
func deleteUser(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
// Set header
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
|
|
|
|
|
// get params
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
|
2021-07-19 23:30:27 +08:00
|
|
|
username := params["username"]
|
2021-10-22 03:28:58 +08:00
|
|
|
success, err := logic.DeleteUser(username)
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-15 10:59:25 +08:00
|
|
|
if err != nil {
|
2021-04-18 02:03:01 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
2021-03-26 00:17:52 +08:00
|
|
|
return
|
2021-04-15 10:59:25 +08:00
|
|
|
} else if !success {
|
2021-07-24 06:24:34 +08:00
|
|
|
returnErrorResponse(w, r, formatError(errors.New("delete unsuccessful."), "badrequest"))
|
2021-04-18 02:03:01 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-07-19 23:30:27 +08:00
|
|
|
functions.PrintUserLog(username, "was deleted", 1)
|
2021-03-26 00:17:52 +08:00
|
|
|
json.NewEncoder(w).Encode(params["username"] + " deleted.")
|
|
|
|
|
}
|
