Gestion des utilisateurs

controllers/users.go

@@ -0,0 +1,281 @@
+package controllers
+
+import (
+	"errors"
+	"fmt"
+	"strconv"
+
+	"git.readonly.ch/bouzoure/popvaud-people/helpers"
+	"git.readonly.ch/bouzoure/popvaud-people/models"
+	"github.com/go-playground/validator"
+	"github.com/gofiber/fiber/v2"
+	"gorm.io/gorm"
+)
+
+type UserValidation struct {
+	Email    string `validate:"required,min=6,max=100,email"`
+	Name     string `validate:"required,min=2,max=100"`
+	Password string `validate:"required,min=10,max=100"`
+}
+
+func Users(c *fiber.Ctx) error {
+	db, err := helpers.GetDatabase()
+	if err != nil {
+		return err
+	}
+
+	var users []models.User
+	result := db.Order("name collate nocase asc").Find(&users)
+
+	if result.Error != nil && !errors.Is(result.Error, gorm.ErrRecordNotFound) {
+		return err
+	}
+
+	return c.Render("users", fiber.Map{
+		"PageTitle": "Utilisateurs",
+		"Users":     users,
+	})
+}
+
+func UserShow(c *fiber.Ctx) error {
+	id := c.Params("id")
+
+	db, err := helpers.GetDatabase()
+	if err != nil {
+		return err
+	}
+
+	var user models.User
+	result := db.Find(&user, "id = ?", id)
+
+	if errors.Is(result.Error, gorm.ErrRecordNotFound) {
+		return fiber.NewError(fiber.StatusNotFound, "Not found")
+	}
+
+	if result.Error != nil {
+		return result.Error
+	}
+
+	title := fmt.Sprintf(
+		"%s | Utilisateurs",
+		user.Name,
+	)
+
+	return c.Render("user", fiber.Map{
+		"PageTitle": title,
+		"User":      user,
+	})
+}
+
+func UserAdd(c *fiber.Ctx) error {
+	var user models.User
+	var errors []string
+
+	db, err := helpers.GetDatabase()
+	if err != nil {
+		return err
+	}
+
+	if c.Method() == "POST" {
+		data := UserValidation{
+			Email:    c.FormValue("email"),
+			Name:     c.FormValue("name"),
+			Password: c.FormValue("password"),
+		}
+
+		validate := validator.New()
+		validErrs := validate.Struct(data)
+
+		if validErrs != nil {
+			for _, validErr := range validErrs.(validator.ValidationErrors) {
+				switch validErr.Field() {
+				case "Email":
+					errors = append(errors, "L'adresse email doit être valide")
+				case "Name":
+					errors = append(errors, "Le nom doit contenir entre 2 et 100 caractères")
+				case "Password":
+					errors = append(errors, "Le mot de passe doit contenir entre 10 et 100 caractères")
+				}
+			}
+		}
+
+		user.Name = data.Name
+		user.Email = data.Email
+
+		passwordHash, err := helpers.HashPassword(data.Password)
+		if err != nil {
+			return err
+		}
+
+		user.Password = passwordHash
+		user.SkipWelcome = false
+
+		user.IsAdmin = (c.FormValue("is_admin") == "on")
+
+		if len(errors) == 0 {
+			result := db.Create(&user)
+			if result.Error != nil {
+				return result.Error
+			} else {
+				c.Redirect(fmt.Sprintf(
+					"/admin/users/%d",
+					user.ID,
+				))
+			}
+		}
+	}
+
+	return c.Render("user_form", fiber.Map{
+		"PageTitle": "Ajouter un utilisateur",
+		"User":      user,
+		"Errors":    errors,
+	})
+}
+
+func UserEdit(c *fiber.Ctx) error {
+	id := c.Params("id")
+
+	db, err := helpers.GetDatabase()
+	if err != nil {
+		return err
+	}
+
+	var user models.User
+	result := db.Find(&user, "id = ?", id)
+
+	if errors.Is(result.Error, gorm.ErrRecordNotFound) {
+		return fiber.NewError(fiber.StatusNotFound, "Not found")
+	}
+
+	if result.Error != nil {
+		return result.Error
+	}
+
+	title := fmt.Sprintf(
+		"%s | Modifier utilisateur",
+		user.Name,
+	)
+
+	var errors []string
+	if c.Method() == "POST" {
+		data := UserValidation{
+			Email:    c.FormValue("email"),
+			Name:     c.FormValue("name"),
+			Password: c.FormValue("password"),
+		}
+
+		validate := validator.New()
+		validErrs := validate.Struct(data)
+
+		if validErrs != nil {
+			for _, validErr := range validErrs.(validator.ValidationErrors) {
+				switch validErr.Field() {
+				case "Email":
+					errors = append(errors, "L'adresse email doit être valide")
+				case "Name":
+					errors = append(errors, "Le nom doit contenir entre 2 et 100 caractères")
+				case "Password":
+					if len(data.Password) > 0 {
+						errors = append(errors, "Le mot de passe doit contenir entre 10 et 100 caractères")
+					}
+				}
+			}
+		}
+
+		user.Name = data.Name
+		user.Email = data.Email
+
+		if len(data.Password) > 0 {
+			passwordHash, err := helpers.HashPassword(data.Password)
+			if err != nil {
+				return err
+			}
+
+			user.Password = passwordHash
+			user.SkipWelcome = false
+		}
+
+		if c.FormValue("reset_totp") == "on" {
+			user.TotpSecret.Valid = false
+		}
+
+		user.IsAdmin = (c.FormValue("is_admin") == "on")
+
+		var users []models.User
+		result := db.Find(&users, "is_admin = ?", true)
+		if result.Error != nil {
+			return result.Error
+		}
+
+		if !user.IsAdmin && result.RowsAffected < 2 {
+			errors = append(errors, "Il doit y avoir au moins un administrateur")
+		}
+
+		if len(errors) == 0 {
+			result2 := db.Save(&user)
+			if result2.Error != nil {
+				return result2.Error
+			} else {
+				c.Redirect(fmt.Sprintf(
+					"/admin/users/%d",
+					user.ID,
+				))
+			}
+		}
+	}
+
+	return c.Render("user_form", fiber.Map{
+		"PageTitle": title,
+		"User":      user,
+		"Errors":    errors,
+	})
+}
+
+func UserDelete(c *fiber.Ctx) error {
+	id := c.Params("id")
+
+	sess, err := helpers.GetSessionStore(c)
+	if err != nil {
+		return err
+	}
+
+	deleteUser, err := strconv.ParseUint(id, 10, 0)
+	if err != nil {
+		return err
+	}
+
+	currentUser := sess.Get("userid")
+	if deleteUser == uint64(currentUser.(uint)) {
+		return fiber.NewError(fiber.StatusForbidden, "Forbidden")
+	}
+
+	db, err := helpers.GetDatabase()
+	if err != nil {
+		return err
+	}
+
+	var user models.User
+	result := db.Find(&user, "id = ?", id)
+	if result.Error != nil {
+		return result.Error
+	}
+
+	user.Name = "Disabled Account"
+	user.Email = "disabled-account@invlalid.tld"
+	user.Password = ""
+	user.TotpSecret.Valid = false
+	user.IsAdmin = false
+	user.SkipWelcome = false
+
+	result2 := db.Save(&user)
+	if result2.Error != nil {
+		return result2.Error
+	}
+
+	result3 := db.Delete(&models.User{}, id)
+	if result3.Error != nil {
+		return result3.Error
+	}
+
+	return c.Redirect("/admin/users")
+}