/
api_nodes.go
190 lines (171 loc) · 5.83 KB
/
api_nodes.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
package gateway
import (
"encoding/json"
"net/http"
"strings"
"github.com/gorilla/mux"
_http "github.com/mirisbowring/primboard/helper/http"
"github.com/mirisbowring/primboard/models"
"go.mongodb.org/mongo-driver/bson/primitive"
"go.mongodb.org/mongo-driver/mongo"
)
func (g *AppGateway) addGroupsToNode(w http.ResponseWriter, r *http.Request) {
// parse query
query, status := _http.ParseQueryString(w, r, "groups", false)
if status > 0 {
return
}
id, status := _http.ParsePathString(w, r, "id")
if status > 0 {
return
}
nodeID, err := primitive.ObjectIDFromHex(id)
if err != nil {
_http.RespondWithError(w, http.StatusBadRequest, "invalid node id specified")
return
}
// parse ids from string slice
groupIDs, err := ParseIDs(strings.Split(query, ","))
if err != nil {
_http.RespondWithError(w, http.StatusBadRequest, "could not decode groups query")
return
}
// verify that any valid id was passed
if len(groupIDs) == 0 {
_http.RespondWithError(w, http.StatusBadRequest, "no valid group ids have been passed")
}
// select valid groups from database
groups, err := models.GetUserGroupsByIDs(g.DB, groupIDs, g.GetUserPermissionW(w, false))
if err != nil {
_http.RespondWithError(w, http.StatusInternalServerError, "could not select matching groups from database")
return
}
// verify that there is any valid grup to share the node with
if len(groups) == 0 {
_http.RespondWithError(w, http.StatusForbidden, "you are not allowed to access one of the specified groups")
return
}
node := models.Node{ID: nodeID}
if err = node.AddUserGroups(g.DB, groupIDs, g.GetUserPermissionW(w, true)); err != nil {
_http.RespondWithError(w, http.StatusInternalServerError, "could not add usergroups to node")
return
}
_http.RespondWithJSON(w, http.StatusOK, node)
}
// AddNode handles the webrequest for Node creation
func (g *AppGateway) AddNode(w http.ResponseWriter, r *http.Request) {
var e models.Node
// decode request into model
decoder := json.NewDecoder(r.Body)
if err := decoder.Decode(&e); err != nil {
// an decode error occured
_http.RespondWithError(w, http.StatusBadRequest, "Invalid request payload")
return
}
defer r.Body.Close()
// settings creator
e.Creator = w.Header().Get("user")
// check mandatory fields
if err := e.VerifyNode(g.DB, g.GetUserPermissionW(w, false)); err != nil {
_http.RespondWithError(w, http.StatusBadRequest, err.Error())
return
}
// try to insert model into db
id := e.AddNode(g.DB)
if id.IsZero() {
_http.RespondWithError(w, http.StatusInternalServerError, "could not create node")
return
}
// creation successful
_http.RespondWithJSON(w, http.StatusCreated, id)
}
// DeleteNodeByID handles the webrequest for Node deletion
func (g *AppGateway) DeleteNodeByID(w http.ResponseWriter, r *http.Request) {
// parse request
vars := mux.Vars(r)
id, _ := primitive.ObjectIDFromHex(vars["id"])
// create model by passed id
e := models.Node{ID: id}
if err := e.GetNode(g.DB, g.GetUserPermissionW(w, true), models.NodeProject); err != nil {
_http.RespondWithError(w, http.StatusInternalServerError, "could not verify node id")
return
}
// verify that current user is the owner
if e.Creator != _http.GetUsernameFromHeader(w) {
_http.RespondWithError(w, http.StatusForbidden, "you are not allowed to delete this node from the system")
return
}
// try to delete model
result, err := e.DeleteNode(g.DB)
if err != nil {
_http.RespondWithError(w, http.StatusInternalServerError, err.Error())
return
}
// deletion successful
_http.RespondWithJSON(w, http.StatusOK, result)
}
// GetNodes handles the webrequest for receiving all nodes
func (g *AppGateway) GetNodes(w http.ResponseWriter, r *http.Request) {
es, err := models.GetAllNodes(g.DB, g.GetUserPermissionW(w, false), "")
if err != nil {
_http.RespondWithError(w, http.StatusInternalServerError, err.Error())
return
}
_http.RespondWithJSON(w, http.StatusOK, es)
}
// GetNodeByID handles the webrequest for receiving Node model by id
func (g *AppGateway) GetNodeByID(w http.ResponseWriter, r *http.Request) {
// parse request
vars := mux.Vars(r)
id, _ := primitive.ObjectIDFromHex(vars["id"])
// create model by passed id
e := models.Node{ID: id}
// try to select user
if err := e.GetNode(g.DB, g.GetUserPermissionW(w, false), models.NodeProject); err != nil {
switch err {
case mongo.ErrNoDocuments:
// model not found
_http.RespondWithError(w, http.StatusNotFound, "Node not found")
default:
// another error occured
_http.RespondWithError(w, http.StatusInternalServerError, err.Error())
}
return
}
// could select user from mongo
_http.RespondWithJSON(w, http.StatusOK, e)
}
// UpdateNodeByID handles the webrequest for updating the Node with the passed request body
func (g *AppGateway) UpdateNodeByID(w http.ResponseWriter, r *http.Request) {
// parse request
vars := mux.Vars(r)
id, _ := primitive.ObjectIDFromHex(vars["id"])
// store new model in tmp object
var ue models.Node
decoder := json.NewDecoder(r.Body)
if err := decoder.Decode(&ue); err != nil {
// error occured during encoding
_http.RespondWithError(w, http.StatusBadRequest, "Invalid Request payload")
return
}
defer r.Body.Close()
// verify the correctness of the update
if err := ue.VerifyNode(g.DB, g.GetUserPermissionW(w, false)); err != nil {
_http.RespondWithError(w, http.StatusBadRequest, err.Error())
return
}
// trying to update model with requested body
e := models.Node{ID: id}
_, err := e.UpdateNode(g.DB, ue, g.GetUserPermissionW(w, true))
if err != nil {
// Error occured during update
_http.RespondWithError(w, http.StatusInternalServerError, err.Error())
return
}
if err = e.GetNode(g.DB, g.GetUserPermissionW(w, false), models.NodeProject); err != nil {
_http.RespondWithError(w, http.StatusInternalServerError, err.Error())
return
}
// Update successful
_http.RespondWithJSON(w, http.StatusOK, e)
}