miniflux-v2/server/ui/controller/user.go

// Copyright 2017 Frédéric Guillot. All rights reserved.
// Use of this source code is governed by the Apache 2.0
// license that can be found in the LICENSE file.

package controller

import (
	"errors"

	"github.com/miniflux/miniflux/logger"
	"github.com/miniflux/miniflux/model"
	"github.com/miniflux/miniflux/server/core"
	"github.com/miniflux/miniflux/server/ui/form"
)

// ShowUsers shows the list of users.
func (c *Controller) ShowUsers(ctx *core.Context, request *core.Request, response *core.Response) {
	user := ctx.LoggedUser()

	if !user.IsAdmin {
		response.HTML().Forbidden()
		return
	}

	args, err := c.getCommonTemplateArgs(ctx)
	if err != nil {
		response.HTML().ServerError(err)
		return
	}

	users, err := c.store.Users()
	if err != nil {
		response.HTML().ServerError(err)
		return
	}

	response.HTML().Render("users", args.Merge(tplParams{
		"users": users,
		"menu":  "settings",
	}))
}

// CreateUser shows the user creation form.
func (c *Controller) CreateUser(ctx *core.Context, request *core.Request, response *core.Response) {
	user := ctx.LoggedUser()

	if !user.IsAdmin {
		response.HTML().Forbidden()
		return
	}

	args, err := c.getCommonTemplateArgs(ctx)
	if err != nil {
		response.HTML().ServerError(err)
		return
	}

	response.HTML().Render("create_user", args.Merge(tplParams{
		"menu": "settings",
		"form": &form.UserForm{},
	}))
}

// SaveUser validate and save the new user into the database.
func (c *Controller) SaveUser(ctx *core.Context, request *core.Request, response *core.Response) {
	user := ctx.LoggedUser()

	if !user.IsAdmin {
		response.HTML().Forbidden()
		return
	}

	args, err := c.getCommonTemplateArgs(ctx)
	if err != nil {
		response.HTML().ServerError(err)
		return
	}

	userForm := form.NewUserForm(request.Request())
	if err := userForm.ValidateCreation(); err != nil {
		response.HTML().Render("create_user", args.Merge(tplParams{
			"menu":         "settings",
			"form":         userForm,
			"errorMessage": err.Error(),
		}))
		return
	}

	if c.store.UserExists(userForm.Username) {
		response.HTML().Render("create_user", args.Merge(tplParams{
			"menu":         "settings",
			"form":         userForm,
			"errorMessage": "This user already exists.",
		}))
		return
	}

	newUser := userForm.ToUser()
	if err := c.store.CreateUser(newUser); err != nil {
		logger.Error("[Controller:SaveUser] %v", err)
		response.HTML().Render("edit_user", args.Merge(tplParams{
			"menu":         "settings",
			"form":         userForm,
			"errorMessage": "Unable to create this user.",
		}))
		return
	}

	response.Redirect(ctx.Route("users"))
}

// EditUser shows the form to edit a user.
func (c *Controller) EditUser(ctx *core.Context, request *core.Request, response *core.Response) {
	user := ctx.LoggedUser()

	if !user.IsAdmin {
		response.HTML().Forbidden()
		return
	}

	args, err := c.getCommonTemplateArgs(ctx)
	if err != nil {
		response.HTML().ServerError(err)
		return
	}

	selectedUser, err := c.getUserFromURL(ctx, request, response)
	if err != nil {
		return
	}

	response.HTML().Render("edit_user", args.Merge(tplParams{
		"menu":          "settings",
		"selected_user": selectedUser,
		"form": &form.UserForm{
			Username: selectedUser.Username,
			IsAdmin:  selectedUser.IsAdmin,
		},
	}))
}

// UpdateUser validate and update a user.
func (c *Controller) UpdateUser(ctx *core.Context, request *core.Request, response *core.Response) {
	user := ctx.LoggedUser()

	if !user.IsAdmin {
		response.HTML().Forbidden()
		return
	}

	args, err := c.getCommonTemplateArgs(ctx)
	if err != nil {
		response.HTML().ServerError(err)
		return
	}

	selectedUser, err := c.getUserFromURL(ctx, request, response)
	if err != nil {
		return
	}

	userForm := form.NewUserForm(request.Request())
	if err := userForm.ValidateModification(); err != nil {
		response.HTML().Render("edit_user", args.Merge(tplParams{
			"menu":          "settings",
			"selected_user": selectedUser,
			"form":          userForm,
			"errorMessage":  err.Error(),
		}))
		return
	}

	if c.store.AnotherUserExists(selectedUser.ID, userForm.Username) {
		response.HTML().Render("edit_user", args.Merge(tplParams{
			"menu":          "settings",
			"selected_user": selectedUser,
			"form":          userForm,
			"errorMessage":  "This user already exists.",
		}))
		return
	}

	userForm.Merge(selectedUser)
	if err := c.store.UpdateUser(selectedUser); err != nil {
		logger.Error("[Controller:UpdateUser] %v", err)
		response.HTML().Render("edit_user", args.Merge(tplParams{
			"menu":          "settings",
			"selected_user": selectedUser,
			"form":          userForm,
			"errorMessage":  "Unable to update this user.",
		}))
		return
	}

	response.Redirect(ctx.Route("users"))
}

// RemoveUser deletes a user from the database.
func (c *Controller) RemoveUser(ctx *core.Context, request *core.Request, response *core.Response) {
	user := ctx.LoggedUser()
	if !user.IsAdmin {
		response.HTML().Forbidden()
		return
	}

	selectedUser, err := c.getUserFromURL(ctx, request, response)
	if err != nil {
		return
	}

	if err := c.store.RemoveUser(selectedUser.ID); err != nil {
		response.HTML().ServerError(err)
		return
	}

	response.Redirect(ctx.Route("users"))
}

func (c *Controller) getUserFromURL(ctx *core.Context, request *core.Request, response *core.Response) (*model.User, error) {
	userID, err := request.IntegerParam("userID")
	if err != nil {
		response.HTML().BadRequest(err)
		return nil, err
	}

	user, err := c.store.UserByID(userID)
	if err != nil {
		response.HTML().ServerError(err)
		return nil, err
	}

	if user == nil {
		response.HTML().NotFound()
		return nil, errors.New("User not found")
	}

	return user, nil
}
First commit 2017-11-20 06:10:04 +01:00			`// Copyright 2017 Frédéric Guillot. All rights reserved.`
			`// Use of this source code is governed by the Apache 2.0`
			`// license that can be found in the LICENSE file.`

			`package controller`

			`import (`
			`"errors"`
Make sure golint pass on the code base 2017-11-28 06:30:04 +01:00
Add logger 2017-12-16 03:55:57 +01:00			`"github.com/miniflux/miniflux/logger"`
Rewrite imports 2017-12-13 06:48:13 +01:00			`"github.com/miniflux/miniflux/model"`
			`"github.com/miniflux/miniflux/server/core"`
			`"github.com/miniflux/miniflux/server/ui/form"`
First commit 2017-11-20 06:10:04 +01:00			`)`

Make sure golint pass on the code base 2017-11-28 06:30:04 +01:00			`// ShowUsers shows the list of users.`
First commit 2017-11-20 06:10:04 +01:00			`func (c Controller) ShowUsers(ctx core.Context, request core.Request, response core.Response) {`
Improve Context to be more idiomatic 2017-11-22 03:37:08 +01:00			`user := ctx.LoggedUser()`
First commit 2017-11-20 06:10:04 +01:00
			`if !user.IsAdmin {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Forbidden()`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

			`args, err := c.getCommonTemplateArgs(ctx)`
			`if err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().ServerError(err)`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

Make sure golint pass on the code base 2017-11-28 06:30:04 +01:00			`users, err := c.store.Users()`
First commit 2017-11-20 06:10:04 +01:00			`if err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().ServerError(err)`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Render("users", args.Merge(tplParams{`
First commit 2017-11-20 06:10:04 +01:00			`"users": users,`
			`"menu": "settings",`
			`}))`
			`}`

Make sure golint pass on the code base 2017-11-28 06:30:04 +01:00			`// CreateUser shows the user creation form.`
First commit 2017-11-20 06:10:04 +01:00			`func (c Controller) CreateUser(ctx core.Context, request core.Request, response core.Response) {`
Improve Context to be more idiomatic 2017-11-22 03:37:08 +01:00			`user := ctx.LoggedUser()`
First commit 2017-11-20 06:10:04 +01:00
			`if !user.IsAdmin {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Forbidden()`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

			`args, err := c.getCommonTemplateArgs(ctx)`
			`if err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().ServerError(err)`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Render("create_user", args.Merge(tplParams{`
First commit 2017-11-20 06:10:04 +01:00			`"menu": "settings",`
			`"form": &form.UserForm{},`
			`}))`
			`}`

Make sure golint pass on the code base 2017-11-28 06:30:04 +01:00			`// SaveUser validate and save the new user into the database.`
First commit 2017-11-20 06:10:04 +01:00			`func (c Controller) SaveUser(ctx core.Context, request core.Request, response core.Response) {`
Improve Context to be more idiomatic 2017-11-22 03:37:08 +01:00			`user := ctx.LoggedUser()`
First commit 2017-11-20 06:10:04 +01:00
			`if !user.IsAdmin {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Forbidden()`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

			`args, err := c.getCommonTemplateArgs(ctx)`
			`if err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().ServerError(err)`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

Improve Request to be more idiomatic 2017-11-22 03:14:45 +01:00			`userForm := form.NewUserForm(request.Request())`
First commit 2017-11-20 06:10:04 +01:00			`if err := userForm.ValidateCreation(); err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Render("create_user", args.Merge(tplParams{`
First commit 2017-11-20 06:10:04 +01:00			`"menu": "settings",`
			`"form": userForm,`
			`"errorMessage": err.Error(),`
			`}))`
			`return`
			`}`

			`if c.store.UserExists(userForm.Username) {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Render("create_user", args.Merge(tplParams{`
First commit 2017-11-20 06:10:04 +01:00			`"menu": "settings",`
			`"form": userForm,`
			`"errorMessage": "This user already exists.",`
			`}))`
			`return`
			`}`

			`newUser := userForm.ToUser()`
			`if err := c.store.CreateUser(newUser); err != nil {`
Add logger 2017-12-16 03:55:57 +01:00			`logger.Error("[Controller:SaveUser] %v", err)`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Render("edit_user", args.Merge(tplParams{`
First commit 2017-11-20 06:10:04 +01:00			`"menu": "settings",`
			`"form": userForm,`
			`"errorMessage": "Unable to create this user.",`
			`}))`
			`return`
			`}`

Improve Context to be more idiomatic 2017-11-22 03:37:08 +01:00			`response.Redirect(ctx.Route("users"))`
First commit 2017-11-20 06:10:04 +01:00			`}`

Make sure golint pass on the code base 2017-11-28 06:30:04 +01:00			`// EditUser shows the form to edit a user.`
First commit 2017-11-20 06:10:04 +01:00			`func (c Controller) EditUser(ctx core.Context, request core.Request, response core.Response) {`
Improve Context to be more idiomatic 2017-11-22 03:37:08 +01:00			`user := ctx.LoggedUser()`
First commit 2017-11-20 06:10:04 +01:00
			`if !user.IsAdmin {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Forbidden()`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

			`args, err := c.getCommonTemplateArgs(ctx)`
			`if err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().ServerError(err)`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

			`selectedUser, err := c.getUserFromURL(ctx, request, response)`
			`if err != nil {`
			`return`
			`}`

Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Render("edit_user", args.Merge(tplParams{`
First commit 2017-11-20 06:10:04 +01:00			`"menu": "settings",`
			`"selected_user": selectedUser,`
			`"form": &form.UserForm{`
			`Username: selectedUser.Username,`
			`IsAdmin: selectedUser.IsAdmin,`
			`},`
			`}))`
			`}`

Make sure golint pass on the code base 2017-11-28 06:30:04 +01:00			`// UpdateUser validate and update a user.`
First commit 2017-11-20 06:10:04 +01:00			`func (c Controller) UpdateUser(ctx core.Context, request core.Request, response core.Response) {`
Improve Context to be more idiomatic 2017-11-22 03:37:08 +01:00			`user := ctx.LoggedUser()`
First commit 2017-11-20 06:10:04 +01:00
			`if !user.IsAdmin {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Forbidden()`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

			`args, err := c.getCommonTemplateArgs(ctx)`
			`if err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().ServerError(err)`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

			`selectedUser, err := c.getUserFromURL(ctx, request, response)`
			`if err != nil {`
			`return`
			`}`

Improve Request to be more idiomatic 2017-11-22 03:14:45 +01:00			`userForm := form.NewUserForm(request.Request())`
First commit 2017-11-20 06:10:04 +01:00			`if err := userForm.ValidateModification(); err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Render("edit_user", args.Merge(tplParams{`
First commit 2017-11-20 06:10:04 +01:00			`"menu": "settings",`
			`"selected_user": selectedUser,`
			`"form": userForm,`
			`"errorMessage": err.Error(),`
			`}))`
			`return`
			`}`

			`if c.store.AnotherUserExists(selectedUser.ID, userForm.Username) {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Render("edit_user", args.Merge(tplParams{`
First commit 2017-11-20 06:10:04 +01:00			`"menu": "settings",`
			`"selected_user": selectedUser,`
			`"form": userForm,`
			`"errorMessage": "This user already exists.",`
			`}))`
			`return`
			`}`

			`userForm.Merge(selectedUser)`
			`if err := c.store.UpdateUser(selectedUser); err != nil {`
Add logger 2017-12-16 03:55:57 +01:00			`logger.Error("[Controller:UpdateUser] %v", err)`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Render("edit_user", args.Merge(tplParams{`
First commit 2017-11-20 06:10:04 +01:00			`"menu": "settings",`
			`"selected_user": selectedUser,`
			`"form": userForm,`
			`"errorMessage": "Unable to update this user.",`
			`}))`
			`return`
			`}`

Improve Context to be more idiomatic 2017-11-22 03:37:08 +01:00			`response.Redirect(ctx.Route("users"))`
First commit 2017-11-20 06:10:04 +01:00			`}`

Make sure golint pass on the code base 2017-11-28 06:30:04 +01:00			`// RemoveUser deletes a user from the database.`
First commit 2017-11-20 06:10:04 +01:00			`func (c Controller) RemoveUser(ctx core.Context, request core.Request, response core.Response) {`
Improve Context to be more idiomatic 2017-11-22 03:37:08 +01:00			`user := ctx.LoggedUser()`
First commit 2017-11-20 06:10:04 +01:00			`if !user.IsAdmin {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().Forbidden()`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

			`selectedUser, err := c.getUserFromURL(ctx, request, response)`
			`if err != nil {`
			`return`
			`}`

			`if err := c.store.RemoveUser(selectedUser.ID); err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().ServerError(err)`
First commit 2017-11-20 06:10:04 +01:00			`return`
			`}`

Improve Context to be more idiomatic 2017-11-22 03:37:08 +01:00			`response.Redirect(ctx.Route("users"))`
First commit 2017-11-20 06:10:04 +01:00			`}`

			`func (c Controller) getUserFromURL(ctx core.Context, request core.Request, response core.Response) (*model.User, error) {`
Improve Request to be more idiomatic 2017-11-22 03:14:45 +01:00			`userID, err := request.IntegerParam("userID")`
First commit 2017-11-20 06:10:04 +01:00			`if err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().BadRequest(err)`
First commit 2017-11-20 06:10:04 +01:00			`return nil, err`
			`}`

Make sure golint pass on the code base 2017-11-28 06:30:04 +01:00			`user, err := c.store.UserByID(userID)`
First commit 2017-11-20 06:10:04 +01:00			`if err != nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().ServerError(err)`
First commit 2017-11-20 06:10:04 +01:00			`return nil, err`
			`}`

			`if user == nil {`
Improve Response to be more idiomatic 2017-11-22 03:30:16 +01:00			`response.HTML().NotFound()`
First commit 2017-11-20 06:10:04 +01:00			`return nil, errors.New("User not found")`
			`}`

			`return user, nil`
			`}`