bouzoure/pop-camarades
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
pop-camarades/controllers/users.go

281 lines
5.7 KiB
Go
Raw Blame History

package controllers
import (
"errors"
"fmt"
"strconv"
"git.readonly.ch/bouzoure/popvaud-people/helpers"
"git.readonly.ch/bouzoure/popvaud-people/models"
"github.com/go-playground/validator"
"github.com/gofiber/fiber/v2"
"gorm.io/gorm"
)
type UserValidation struct {
Email string `validate:"required,min=6,max=100,email"`
Name string `validate:"required,min=2,max=100"`
Password string `validate:"required,min=10,max=100"`
}
func Users(c *fiber.Ctx) error {
db, err := helpers.GetDatabase()
if err != nil {
return err
}
var users []models.User
result := db.Order("name collate nocase asc").Find(&users)
if result.Error != nil && !errors.Is(result.Error, gorm.ErrRecordNotFound) {
return err
}
return c.Render("users", fiber.Map{
"PageTitle": "Utilisateurs",
"Users": users,
})
}
func UserShow(c *fiber.Ctx) error {
id := c.Params("id")
db, err := helpers.GetDatabase()
if err != nil {
return err
}
var user models.User
result := db.Find(&user, "id = ?", id)
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return fiber.NewError(fiber.StatusNotFound, "Not found")
}
if result.Error != nil {
return result.Error
}
title := fmt.Sprintf(
"%s | Utilisateurs",
user.Name,
)
return c.Render("user", fiber.Map{
"PageTitle": title,
"User": user,
})
}
func UserAdd(c *fiber.Ctx) error {
var user models.User
var errors []string
db, err := helpers.GetDatabase()
if err != nil {
return err
}
if c.Method() == "POST" {
data := UserValidation{
Email: c.FormValue("email"),
Name: c.FormValue("name"),
Password: c.FormValue("password"),
}
validate := validator.New()
validErrs := validate.Struct(data)
if validErrs != nil {
for _, validErr := range validErrs.(validator.ValidationErrors) {
switch validErr.Field() {
case "Email":
errors = append(errors, "L'adresse email doit être valide")
case "Name":
errors = append(errors, "Le nom doit contenir entre 2 et 100 caractères")
case "Password":
errors = append(errors, "Le mot de passe doit contenir entre 10 et 100 caractères")
}
}
}
user.Name = data.Name
user.Email = data.Email
passwordHash, err := helpers.HashPassword(data.Password)
if err != nil {
return err
}
user.Password = passwordHash
user.SkipWelcome = false
user.IsAdmin = (c.FormValue("is_admin") == "on")
if len(errors) == 0 {
result := db.Create(&user)
if result.Error != nil {
return result.Error
} else {
c.Redirect(fmt.Sprintf(
"/admin/users/%d",
user.ID,
))
}
}
}
return c.Render("user_form", fiber.Map{
"PageTitle": "Ajouter un utilisateur",
"User": user,
"Errors": errors,
})
}
func UserEdit(c *fiber.Ctx) error {
id := c.Params("id")
db, err := helpers.GetDatabase()
if err != nil {
return err
}
var user models.User
result := db.Find(&user, "id = ?", id)
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return fiber.NewError(fiber.StatusNotFound, "Not found")
}
if result.Error != nil {
return result.Error
}
title := fmt.Sprintf(
"%s | Modifier utilisateur",
user.Name,
)
var errors []string
if c.Method() == "POST" {
data := UserValidation{
Email: c.FormValue("email"),
Name: c.FormValue("name"),
Password: c.FormValue("password"),
}
validate := validator.New()
validErrs := validate.Struct(data)
if validErrs != nil {
for _, validErr := range validErrs.(validator.ValidationErrors) {
switch validErr.Field() {
case "Email":
errors = append(errors, "L'adresse email doit être valide")
case "Name":
errors = append(errors, "Le nom doit contenir entre 2 et 100 caractères")
case "Password":
if len(data.Password) > 0 {
errors = append(errors, "Le mot de passe doit contenir entre 10 et 100 caractères")
}
}
}
}
user.Name = data.Name
user.Email = data.Email
if len(data.Password) > 0 {
passwordHash, err := helpers.HashPassword(data.Password)
if err != nil {
return err
}
user.Password = passwordHash
user.SkipWelcome = false
}
if c.FormValue("reset_totp") == "on" {
user.TotpSecret.Valid = false
}
user.IsAdmin = (c.FormValue("is_admin") == "on")
var users []models.User
result := db.Find(&users, "is_admin = ?", true)
if result.Error != nil {
return result.Error
}
if !user.IsAdmin && result.RowsAffected < 2 {
errors = append(errors, "Il doit y avoir au moins un administrateur")
}
if len(errors) == 0 {
result2 := db.Save(&user)
if result2.Error != nil {
return result2.Error
} else {
c.Redirect(fmt.Sprintf(
"/admin/users/%d",
user.ID,
))
}
}
}
return c.Render("user_form", fiber.Map{
"PageTitle": title,
"User": user,
"Errors": errors,
})
}
func UserDelete(c *fiber.Ctx) error {
id := c.Params("id")
sess, err := helpers.GetSessionStore(c)
if err != nil {
return err
}
deleteUser, err := strconv.ParseUint(id, 10, 0)
if err != nil {
return err
}
currentUser := sess.Get("userid")
if deleteUser == uint64(currentUser.(uint)) {
return fiber.NewError(fiber.StatusForbidden, "Forbidden")
}
db, err := helpers.GetDatabase()
if err != nil {
return err
}
var user models.User
result := db.Find(&user, "id = ?", id)
if result.Error != nil {
return result.Error
}
user.Name = "Disabled Account"
user.Email = "disabled-account@invlalid.tld"
user.Password = ""
user.TotpSecret.Valid = false
user.IsAdmin = false
user.SkipWelcome = false
result2 := db.Save(&user)
if result2.Error != nil {
return result2.Error
}
result3 := db.Delete(&models.User{}, id)
if result3.Error != nil {
return result3.Error
}
return c.Redirect("/admin/users")
}
Reference in a new issue View git blame Copy permalink