package controllers import ( "errors" "fmt" "strconv" "git.readonly.ch/bouzoure/pop-camarades/helpers" "git.readonly.ch/bouzoure/pop-camarades/models" "github.com/go-playground/validator/v10" "github.com/gofiber/fiber/v2" "gorm.io/gorm" ) type UserValidation struct { Email string `validate:"required,min=6,max=100,email"` Name string `validate:"required,min=2,max=100"` Password string `validate:"required,min=10,max=100"` } func Users(c *fiber.Ctx) error { db, err := helpers.GetDatabase() if err != nil { return err } var users []models.User result := db.Order("name collate nocase asc").Find(&users) if result.Error != nil && !errors.Is(result.Error, gorm.ErrRecordNotFound) { return err } return c.Render("users", fiber.Map{ "PageTitle": "Utilisateurs", "Users": users, }) } func UserShow(c *fiber.Ctx) error { id := c.Params("id") db, err := helpers.GetDatabase() if err != nil { return err } var user models.User result := db.Find(&user, "id = ?", id) if errors.Is(result.Error, gorm.ErrRecordNotFound) { return fiber.NewError(fiber.StatusNotFound, "Not found") } if result.Error != nil { return result.Error } title := fmt.Sprintf( "%s | Utilisateurs", user.Name, ) var userRoles []models.UserRole db.Joins("Role").Joins("Section").Order("Section__name collate nocase asc").Find( &userRoles, "user_id = ?", id, ) return c.Render("user", fiber.Map{ "PageTitle": title, "User": user, "UserRoles": userRoles, }) } func UserAdd(c *fiber.Ctx) error { var user models.User var errors []string db, err := helpers.GetDatabase() if err != nil { return err } if c.Method() == "POST" { data := UserValidation{ Email: c.FormValue("email"), Name: c.FormValue("name"), Password: c.FormValue("password"), } validate := validator.New() validErrs := validate.Struct(data) if validErrs != nil { for _, validErr := range validErrs.(validator.ValidationErrors) { switch validErr.Field() { case "Email": errors = append(errors, "L'adresse email doit être valide") case "Name": errors = append(errors, "Le nom doit contenir entre 2 et 100 caractères") case "Password": errors = append(errors, "Le mot de passe doit contenir entre 10 et 100 caractères") } } } user.Name = data.Name user.Email = data.Email var usersEmail []models.User result := db.Find(&usersEmail, "email = ?", user.Email) if result.Error != nil { return result.Error } if result.RowsAffected > 0 { errors = append(errors, "L'adresse email est déjà utilisée par un autre utilisateur") } passwordHash, err := helpers.HashPassword(data.Password) if err != nil { return err } user.Password = passwordHash user.SkipWelcome = false user.IsAdmin = (c.FormValue("is_admin") == "on") if len(errors) == 0 { result = db.Create(&user) if result.Error != nil { return result.Error } else { c.Redirect(fmt.Sprintf( "/admin/users/%d", user.ID, )) } } } return c.Render("user_form", fiber.Map{ "PageTitle": "Ajouter un utilisateur", "User": user, "Errors": errors, }) } func UserEdit(c *fiber.Ctx) error { id := c.Params("id") db, err := helpers.GetDatabase() if err != nil { return err } var user models.User result := db.Find(&user, "id = ?", id) if errors.Is(result.Error, gorm.ErrRecordNotFound) { return fiber.NewError(fiber.StatusNotFound, "Not found") } if result.Error != nil { return result.Error } title := fmt.Sprintf( "%s | Modifier utilisateur", user.Name, ) var errors []string if c.Method() == "POST" { data := UserValidation{ Email: c.FormValue("email"), Name: c.FormValue("name"), Password: c.FormValue("password"), } validate := validator.New() validErrs := validate.Struct(data) if validErrs != nil { for _, validErr := range validErrs.(validator.ValidationErrors) { switch validErr.Field() { case "Email": errors = append(errors, "L'adresse email doit être valide") case "Name": errors = append(errors, "Le nom doit contenir entre 2 et 100 caractères") case "Password": if len(data.Password) > 0 { errors = append(errors, "Le mot de passe doit contenir entre 10 et 100 caractères") } } } } user.Name = data.Name user.Email = data.Email var usersEmail []models.User result := db.Find(&usersEmail, "email = ? AND id <> ?", user.Email, user.ID) if result.Error != nil { return result.Error } if result.RowsAffected > 0 { errors = append(errors, "L'adresse email est déjà utilisée par un autre utilisateur") } if len(data.Password) > 0 { passwordHash, err := helpers.HashPassword(data.Password) if err != nil { return err } user.Password = passwordHash user.SkipWelcome = false } if c.FormValue("reset_totp") == "on" { user.TotpSecret.Valid = false } user.IsAdmin = (c.FormValue("is_admin") == "on") if !user.IsAdmin { var users []models.User result = db.Find(&users, "is_admin = ? AND id <> ?", true, user.ID) if result.Error != nil { return result.Error } if result.RowsAffected < 1 { errors = append(errors, "Il doit y avoir au moins un administrateur") } } if len(errors) == 0 { result2 := db.Save(&user) if result2.Error != nil { return result2.Error } else { c.Redirect(fmt.Sprintf( "/admin/users/%d", user.ID, )) } } } return c.Render("user_form", fiber.Map{ "PageTitle": title, "User": user, "Errors": errors, }) } func UserPermissions(c *fiber.Ctx) error { id := c.Params("id") db, err := helpers.GetDatabase() if err != nil { return err } var user models.User result := db.Find(&user, "id = ?", id) if errors.Is(result.Error, gorm.ErrRecordNotFound) { return fiber.NewError(fiber.StatusNotFound, "Not found") } if result.Error != nil { return result.Error } title := fmt.Sprintf( "%s | Permissions utilisateur", user.Name, ) var roles []models.Role db.Order("name collate nocase asc").Find(&roles) var sections []models.Section db.Order("name collate nocase asc").Find(§ions) var errors []string if c.Method() == "POST" { var newUserRoles []models.UserRole for _, section := range sections { key := fmt.Sprintf("section-%d", section.ID) value := c.FormValue(key, "0") valueInt, err := strconv.ParseUint(value, 10, 0) if err == nil && valueInt > 0 { roleID := uint(valueInt) roleFound := false for _, role := range roles { if role.ID == roleID { roleFound = true break } } if roleFound { newUserRoles = append(newUserRoles, models.UserRole{ UserID: user.ID, RoleID: roleID, SectionID: section.ID, }) } } } db.Delete(&models.UserRole{}, "user_id = ?", id) for _, newUserRole := range newUserRoles { db.Create(&newUserRole) } if len(errors) == 0 { result2 := db.Save(&user) if result2.Error != nil { return result2.Error } else { c.Redirect(fmt.Sprintf( "/admin/users/%d", user.ID, )) } } } var userRoles []models.UserRole db.Find(&userRoles, "user_id = ?", id) return c.Render("user_permissions", fiber.Map{ "PageTitle": title, "User": user, "Roles": roles, "Sections": sections, "UserRoles": userRoles, "Errors": errors, }) } func UserDelete(c *fiber.Ctx) error { id := c.Params("id") sess, err := helpers.GetSessionStore(c) if err != nil { return err } deleteUser, err := strconv.ParseUint(id, 10, 0) if err != nil { return err } currentUser := sess.Get("userid") if deleteUser == uint64(currentUser.(uint)) { return fiber.NewError(fiber.StatusForbidden, "Forbidden") } db, err := helpers.GetDatabase() if err != nil { return err } var user models.User result := db.Find(&user, "id = ?", id) if result.Error != nil { return result.Error } user.Name = "Disabled Account" user.Email = "disabled-account@invlalid.tld" user.Password = "" user.TotpSecret.Valid = false user.IsAdmin = false user.SkipWelcome = false result2 := db.Save(&user) if result2.Error != nil { return result2.Error } result3 := db.Delete(&models.User{}, id) if result3.Error != nil { return result3.Error } return c.Redirect("/admin/users") }