3pp-mirror/pushbits
1
0
Fork 0
mirror of https://github.com/pushbits/server.git synced 2025-06-08 21:51:59 +02:00
Code Issues Projects Releases Packages Wiki Activity

Handle unbound members when binding request

Browse source
This commit is contained in:
eikendev 2020-08-03 15:37:16 +02:00
parent 9a65fb4356
commit 76c2fe9c22
No known key found for this signature in database
GPG key ID: A1BDB1B28C8EF694
4 changed files with 51 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

18
api/application.go
View file

@ -97,6 +97,19 @@ func (h *ApplicationHandler) deleteApplication(ctx *gin.Context, a *model.Applic
return nil return nil
} }
func (h *ApplicationHandler) updateApplication(ctx *gin.Context, a *model.Application, updateApplication *model.UpdateApplication) error {
if updateApplication.Name != nil {
a.Name = *updateApplication.Name
}
err := h.DB.UpdateApplication(a)
if success := successOrAbort(ctx, http.StatusInternalServerError, err); !success {
return err
}
return nil
}
// CreateApplication creates an application. // CreateApplication creates an application.
func (h *ApplicationHandler) CreateApplication(ctx *gin.Context) { func (h *ApplicationHandler) CreateApplication(ctx *gin.Context) {
var createApplication model.CreateApplication var createApplication model.CreateApplication
@ -153,10 +166,7 @@ func (h *ApplicationHandler) UpdateApplication(ctx *gin.Context) {
log.Printf("Updating application %s.\n", application.Name) log.Printf("Updating application %s.\n", application.Name)
// TODO: Handle unbound members. if err := h.updateApplication(ctx, application, &updateApplication); err != nil {
application.Name = updateApplication.Name
if success := successOrAbort(ctx, http.StatusInternalServerError, h.DB.UpdateApplication(application)); !success {
return return
} }

48
api/user.go
View file

@ -72,8 +72,8 @@ func (h *UserHandler) getUser(ctx *gin.Context) (*model.User, error) {
return application, nil return application, nil
} }
func (h *UserHandler) deleteApplications(ctx *gin.Context, user *model.User) error { func (h *UserHandler) deleteApplications(ctx *gin.Context, u *model.User) error {
applications, err := h.DB.GetApplications(user) applications, err := h.DB.GetApplications(u)
if success := successOrAbort(ctx, http.StatusInternalServerError, err); !success { if success := successOrAbort(ctx, http.StatusInternalServerError, err); !success {
return err return err
} }
@ -112,6 +112,34 @@ func (h *UserHandler) updateChannels(ctx *gin.Context, u *model.User, channelID
return nil return nil
} }
func (h *UserHandler) updateUser(ctx *gin.Context, u *model.User, updateUser model.UpdateUser) error {
if updateUser.MatrixID != nil && u.MatrixID != *updateUser.MatrixID {
if err := h.updateChannels(ctx, u, *updateUser.MatrixID); err != nil {
return err
}
}
if updateUser.Name != nil {
u.Name = *updateUser.Name
}
if updateUser.Password != nil {
u.PasswordHash = h.CM.CreatePasswordHash(*updateUser.Password)
}
if updateUser.MatrixID != nil {
u.MatrixID = *updateUser.MatrixID
}
if updateUser.IsAdmin != nil {
u.IsAdmin = *updateUser.IsAdmin
}
err := h.DB.UpdateUser(u)
if success := successOrAbort(ctx, http.StatusInternalServerError, err); !success {
return err
}
return nil
}
// CreateUser creates a new user. // CreateUser creates a new user.
// This method assumes that the requesting user has privileges. // This method assumes that the requesting user has privileges.
func (h *UserHandler) CreateUser(ctx *gin.Context) { func (h *UserHandler) CreateUser(ctx *gin.Context) {
@ -184,7 +212,7 @@ func (h *UserHandler) UpdateUser(ctx *gin.Context) {
requestingUser := authentication.GetUser(ctx) requestingUser := authentication.GetUser(ctx)
// Last privileged user must not be taken privileges. Assumes that the current user has privileges. // Last privileged user must not be taken privileges. Assumes that the current user has privileges.
if user.ID == requestingUser.ID && !updateUser.IsAdmin { if user.ID == requestingUser.ID && updateUser.IsAdmin != nil && !(*updateUser.IsAdmin) {
if err := h.requireMultipleAdmins(ctx); err != nil { if err := h.requireMultipleAdmins(ctx); err != nil {
return return
} }
@ -192,19 +220,7 @@ func (h *UserHandler) UpdateUser(ctx *gin.Context) {
log.Printf("Updating user %s.\n", user.Name) log.Printf("Updating user %s.\n", user.Name)
if user.MatrixID != updateUser.MatrixID { if err := h.updateUser(ctx, user, updateUser); err != nil {
if err := h.updateChannels(ctx, user, updateUser.MatrixID); err != nil {
return
}
}
// TODO: Handle unbound members.
user.Name = updateUser.Name
user.PasswordHash = h.CM.CreatePasswordHash(updateUser.Password)
user.MatrixID = updateUser.MatrixID
user.IsAdmin = updateUser.IsAdmin
if success := successOrAbort(ctx, http.StatusInternalServerError, h.DB.UpdateUser(user)); !success {
return return
} }

2
model/application.go
View file

@ -16,5 +16,5 @@ type CreateApplication struct {
// UpdateApplication is used to process queries for updating applications. // UpdateApplication is used to process queries for updating applications.
type UpdateApplication struct { type UpdateApplication struct {
Name string `json:"name"` Name *string `json:"name"`
} }

8
model/user.go
View file

@ -69,8 +69,8 @@ func (u *User) IntoExternalUser() *ExternalUser {
// UpdateUser is used to process queries for updating users. // UpdateUser is used to process queries for updating users.
type UpdateUser struct { type UpdateUser struct {
Name string `json:"name"` Name *string `json:"name"`
Password string `json:"password"` Password *string `json:"password"`
IsAdmin bool `json:"is_admin"` IsAdmin *bool `json:"is_admin"`
MatrixID string `json:"matrix_id"` MatrixID *string `json:"matrix_id"`
} }