Added a few validation checks.

Temporarily removed auth.
Don't allow multiple accounts for person.

Dockerfile

@@ -1,9 +1,9 @@
 FROM progrium/busybox
 MAINTAINER Matt Aitchison <matt@lanciv.com>
 
-ADD ./stage/GoGradeMeAPI /bin/GoGradeMeAPI
+ADD ./stage/gogradeapi /bin/gogradeapi
 
 EXPOSE 5005
 
-ENTRYPOINT ["/bin/GoGradeMeAPI"]
+ENTRYPOINT ["/bin/gogradeapi"]
 # CMD ["-staticDir=/opt/www"]

Makefile

@@ -1,22 +1,31 @@
-NAME=GoGradeMeAPI
+NAME=gogradeapi
 HARDWARE=$(shell uname -m)
 VERSION=0.1.0
 
-build:
+build/container: stage/$(NAME) Dockerfile
+	docker build -t $(NAME) .
+	touch build/container
+
+build/$(NAME): *.go
+	GOOS=linux GOARCH=amd64 go build -o build/$(NAME)
+
+stage/$(NAME): build/$(NAME)
 	mkdir -p stage
-	GOOS=linux go build -o stage/$(NAME)
-	docker build -t gogrademe/api-server .
+	cp build/$(NAME) stage/$(NAME)
 
-release:
+release: build/container
 	rm -rf release
 	mkdir release
-	GOOS=linux go build -o release/$(NAME)
-	cd release && tar -zcf $(NAME)_$(VERSION)_linux_$(HARDWARE).tgz $(NAME)
-	GOOS=darwin go build -o release/$(NAME)
-	cd release && tar -zcf $(NAME)_$(VERSION)_darwin_$(HARDWARE).tgz $(NAME)
-	rm release/$(NAME)
-	echo "$(VERSION)" > release/version
-	echo "gogrademe/$(NAME)" > release/repo
-	gh-release
+	docker tag $(NAME) lanciv/$(NAME)
+	docker push lanciv/$(NAME)
+	#cd release && tar -zcf $(NAME)_$(VERSION)_linux_$(HARDWARE).tgz ../build/$(NAME)
+	#echo "$(VERSION)" > release/version
+	#echo "lanciv/$(NAME)" > release/repo
+	#gh-release
 
-.PHONY: release
+
+.PHONY: clean release
+clean:
+	rm -rf build
+	rm -rf release
+	rm -rf stage

handlers/CanCan.go

@@ -2,6 +2,7 @@ package handlers
 
 import (
 	"errors"
+	"log"
 
 	"github.com/gin-gonic/gin"
 
@@ -24,7 +25,7 @@ func Can(roles ...string) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		userID, err := c.Get("userId")
 		if err != nil && userID == nil {
-			c.Fail(401, err)
+			c.Fail(401, errors.New("UserID not found."))
 			return
 		}
 
@@ -33,15 +34,16 @@ func Can(roles ...string) gin.HandlerFunc {
 		user := m.User{}
 		err = store.UserH.One(&user, id)
 		if err != nil {
-			c.Fail(401, err)
+			c.Fail(401, errors.New("User not found."))
 			return
 		}
 
-		if !RoleIn(user.Role, roles) {
-
-			c.Fail(401, errors.New("Unauthorized"))
-			return
-		}
+		log.Println("DEBUG: AUTH DISABLED")
+		// if !RoleIn(user.Role, roles) {
+		//
+		// 	c.Fail(401, errors.New("Unauthorized"))
+		// 	return
+		// }
 
 	}
 }

handlers/cors.go

@@ -8,6 +8,7 @@ func CORSMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		c.Writer.Header().Set("Content-Type", "application/json")
 		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
+		c.Writer.Header().Set("Access-Control-Max-Age", "86400")
 		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
 		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
 		if c.Request.Method == "OPTIONS" {

handlers/users.go

@@ -50,7 +50,7 @@ func CreateUser(c *gin.Context) {
 		return
 	}
 
-	newUser, err := m.NewUserFor(u.Email, u.Password, "Teacher", u.PersonID)
+	newUser, err := m.NewUserFor(u.Email, u.Password, u.PersonID)
 	if err != nil {
 		writeError(c.Writer, serverError, 500, err)
 		return

model/person.go

@@ -20,6 +20,16 @@ type (
 	}
 )
 
+// RoleIn ...
+func isIn(val string, slice []string) bool {
+	for _, item := range slice {
+		if val == item {
+			return true
+		}
+	}
+	return false
+}
+
 func (p Person) Validate(req *http.Request, errs binding.Errors) binding.Errors {
 	if p.FirstName == "" {
 		errs = append(errs, RequiredErr("firstName"))
@@ -30,6 +40,10 @@ func (p Person) Validate(req *http.Request, errs binding.Errors) binding.Errors
 	if len(p.Types) == 0 {
 		errs = append(errs, RequiredErr("types"))
 	}
+	if isIn("Student", p.Types) && p.GradeLevel == "" {
+		errs = append(errs, RequiredErr("gradeLevel"))
+	}
+
 	return errs
 }
 

model/user.go

@@ -22,13 +22,12 @@ type User struct {
 	TimeStamp
 }
 
-func NewUserFor(email, password, role, personID string) (*User, error) {
+func NewUserFor(email, password, personID string) (*User, error) {
 	emailLower := strings.ToLower(email)
 
 	user := User{
 		Email:      email,
 		EmailLower: emailLower,
-		Role:       role,
 		PersonID:   personID,
 	}
 

store/bootstrap.go

@@ -124,10 +124,9 @@ func insertTestData() {
 
 func insertTestUsers() {
 
-	u, _ := m.NewUserFor("test@test.com", "somePassword", "Admin", person7.ID)
-	u2, _ := m.NewUserFor("Susan.Feathers@test.com", "somePassword", "Teacher", person9.ID)
-	Users.Store(u)
-	Users.Store(u2)
+	// u, _ := m.NewUserFor("test@test.com", "somePassword", "Admin", person7.ID)
+	// Users.Store(u)
+	// Users.Store(u2)
 }
 
 func insertTestTerms() {

store/users.go

@@ -13,6 +13,8 @@ var (
 
 	//ErrUserAlreadyExists err for duplicate user
 	ErrUserAlreadyExists = errors.New("User with email already exists.")
+	//ErrUserForPersonExists err for duplicate person
+	ErrUserForPersonExists = errors.New("User for person already exists.")
 
 	//ErrUserPasswordRequired err for trying to save without a password.
 	// TODO: Remove this after refactoring.
@@ -35,11 +37,20 @@ func userExist(email string) bool {
 	return !row.IsNil()
 }
 
+func userForPersonExist(personID string) bool {
+	row, _ := r.Table("users").Filter(r.Row.Field("personId").Eq(personID)).Run(sess)
+
+	return !row.IsNil()
+}
+
 // Store saves a user into the db
 func (us *UserStore) Store(u *m.User) error {
 	if userExist(u.Email) {
 		return ErrUserAlreadyExists
 	}
+	if userForPersonExist(u.PersonID) {
+		return ErrUserForPersonExists
+	}
 	res, err := r.Table("users").Insert(u).RunWrite(sess)
 	if err != nil {
 		return err