diff --git a/apiV1BrokerList.go b/apiV1BrokerList.go index 4e5f323..40d9907 100644 --- a/apiV1BrokerList.go +++ b/apiV1BrokerList.go @@ -40,6 +40,71 @@ func decodeJsonBrokerEdit(r *http.Request) (ret loan.Broker, e error) { return } +func apiV1BrokerDelete(w http.ResponseWriter, r *http.Request, ss *loan.Session) { + id := r.URL.Path[len(apiV1Prefix+"broker/"):] + e := loan.DeleteBroker(id) + if e != nil { + log.Error("cannot delete broker by id", id, e.Error()) + apiV1Server500Error(w, r) + return + } + + ue := UserExtra{} + ue.Login = "" + ue.Enabled = false + ue.License = "" + ue.Organization = "" + ue.BSB = "" + ue.ACC = "" + + p := loan.People{} + readPeopleErr := p.Read(id) + u := loan.User{} + readUserErr := u.Read(id) + if readUserErr == nil { + ue.Role = "user" + } else if readPeopleErr == nil { + ue.Role = "people" + } else { + ue.Role = "invalid_role" + } + + apiV1SendJson(ue, w, r, ss) +} + +func apiV1BrokerPut(w http.ResponseWriter, r *http.Request, ss *loan.Session) { + id := r.URL.Path[len(apiV1Prefix+"broker/"):] + u := loan.User{} + e := u.Read(id) + if e != nil { // no such people + log.Error("cannot create broker without user, id=", id, e.Error()) + apiV1Client403Error(w, r, ss) + return + } + + b := loan.Broker{} + b.User = u + b.Organization = "SFM" + + e = b.Write() + if e != nil { // no such people + log.Error("cannot create broker from existing user, id=", id, u, e.Error()) + apiV1Server500Error(w, r) + return + } + + ue := UserExtra{} + ue.Login = b.Login + ue.Enabled = b.Enabled + ue.Role = "broker" + ue.License = b.License + ue.Organization = b.Organization + ue.BSB = b.BSB + ue.ACC = b.ACC + + apiV1SendJson(ue, w, r, ss) +} + func apiV1BrokerPost(w http.ResponseWriter, r *http.Request, ss *loan.Session) { id := r.URL.Path[len(apiV1Prefix+"broker/"):] b := loan.Broker{} diff --git a/apiV1PeopleList.go b/apiV1PeopleList.go index f71f344..06a21d7 100644 --- a/apiV1PeopleList.go +++ b/apiV1PeopleList.go @@ -4,6 +4,7 @@ import ( "biukop.com/sfm/loan" "database/sql" "encoding/json" + "github.com/brianvoe/gofakeit/v6" log "github.com/sirupsen/logrus" "net/http" ) @@ -77,6 +78,30 @@ func apiV1PeoplePost(w http.ResponseWriter, r *http.Request, ss *loan.Session) { apiV1SendJson(p, w, r, ss) } +func apiV1PeoplePut(w http.ResponseWriter, r *http.Request, ss *loan.Session) { + p := loan.People{} + p.Id = gofakeit.UUID() + e := p.Write() + if e != nil { + log.Error("cannot create people by ", e.Error()) + apiV1Server500Error(w, r) + return + } + p.WriteAvatar(randomDummyImage()) + apiV1SendJson(p, w, r, ss) +} + +func apiV1PeopleDelete(w http.ResponseWriter, r *http.Request, ss *loan.Session) { + id := r.URL.Path[len(apiV1Prefix+"people/"):] + e := loan.DeletePeople(id) + if e != nil { + log.Error("cannot delete people by ", id, e.Error()) + apiV1Server500Error(w, r) + return + } + apiV1SendJson(id, w, r, ss) +} + func apiV1PeopleExtraGet(w http.ResponseWriter, r *http.Request, ss *loan.Session) { id := r.URL.Path[len(apiV1Prefix+"people-extra/"):] ret := UserExtra{} diff --git a/apiV1User.go b/apiV1User.go index 3f8ebbd..0057324 100644 --- a/apiV1User.go +++ b/apiV1User.go @@ -3,6 +3,7 @@ package main import ( "biukop.com/sfm/loan" "encoding/json" + "github.com/brianvoe/gofakeit/v6" log "github.com/sirupsen/logrus" "net/http" ) @@ -28,6 +29,69 @@ func decodeJsonUserExtra(r *http.Request) (ret UserExtra, e error) { return } +// create a new user from people +func apiV1UserPut(w http.ResponseWriter, r *http.Request, ss *loan.Session) { + id := r.URL.Path[len(apiV1Prefix+"user/"):] //remove prefix + + p := loan.People{} + e := p.Read(id) + if e != nil { // no such people + log.Error("cannot create User without people, id=", id, e.Error()) + apiV1Client403Error(w, r, ss) + return + } + + u := loan.User{} + u.Id = id + u.Login = id + "@local" + u.Enabled = false + u.Token = gofakeit.LetterN(45) + u.SetPass("") + e = u.Write() + + if e != nil { + log.Error("Failed to upgrade user ", id) + apiV1Server500Error(w, r) + return + } + + ue := UserExtra{} + ue.Login = u.Login + ue.Enabled = u.Enabled + ue.Role = "user" + ue.License = "" + ue.Organization = "" + ue.BSB = "" + ue.ACC = "" + + apiV1SendJson(ue, w, r, ss) +} + +func apiV1UserDelete(w http.ResponseWriter, r *http.Request, ss *loan.Session) { + id := r.URL.Path[len(apiV1Prefix+"user/"):] //remove prefix + + if id == "" { + apiV1Client403Error(w, r, ss) + return + } + e := loan.DeleteUser(id) + if e != nil { + log.Error("Failed to delete user ", id) + apiV1Server500Error(w, r) + return + } + + ue := UserExtra{} + ue.Login = "" + ue.Enabled = false + ue.Role = "people" + ue.License = "" + ue.Organization = "" + ue.BSB = "" + ue.ACC = "" + apiV1SendJson(ue, w, r, ss) +} + func apiV1UserPost(w http.ResponseWriter, r *http.Request, ss *loan.Session) { id := r.URL.Path[len(apiV1Prefix+"user/"):] //remove prefix @@ -54,7 +118,7 @@ func apiV1UserPost(w http.ResponseWriter, r *http.Request, ss *loan.Session) { log.Error("cannot save basic loan", e.Error()) apiV1SendJson(" [ Error Occurred ] : "+e.Error(), w, r, ss) } else { - apiV1SendJson(input.Login, w, r, ss) + apiV1SendJson(input, w, r, ss) } } } diff --git a/apiV1login.go b/apiV1login.go index 0cd20f5..e89c868 100644 --- a/apiV1login.go +++ b/apiV1login.go @@ -52,36 +52,7 @@ func apiV1Login(w http.ResponseWriter, r *http.Request, ss *loan.Session) { u, e := ss.GetUser() if e == nil { res.add("User", u.People) - - if ss.GetRole() == "broker" { - broker := loan.Broker{} - e := broker.Read(ss.User) - if e != nil { - log.Error("fail to retrieve broker for session ", ss, e.Error()) - } else { - ue := UserExtra{ - Enabled: broker.Enabled, - Login: broker.Login, - BSB: broker.BSB, - ACC: broker.ACC, - License: broker.License, - Organization: broker.Organization, - } - res.add("UserExtra", ue) - } - } - - if ss.GetRole() == "admin" { - ue := UserExtra{ - Enabled: true, - Login: u.Login, - BSB: "", - ACC: "", - License: "", - Organization: "SFM", - } - res.add("UserExtra", ue) - } + res.add("UserExtra", getUserExtraForLogin(u, ss)) } res.add("Biukop-Session", ss.Id) res.add("Biukop-Mid", ss.Get("Biukop-Mid")) @@ -103,6 +74,51 @@ func apiV1Login(w http.ResponseWriter, r *http.Request, ss *loan.Session) { res.sendJson(w) } +func getUserExtraForLogin(u loan.User, ss *loan.Session) (ret UserExtra) { + if ss.GetRole() == "user" { + ret = UserExtra{ + Enabled: true, + Login: u.Login, + BSB: "", + ACC: "", + License: "", + Organization: "", + Role: "user", + } + } + + if ss.GetRole() == "broker" { + broker := loan.Broker{} + e := broker.Read(ss.User) + if e != nil { + log.Error("fail to retrieve broker for session ", ss, e.Error()) + } else { + ret = UserExtra{ + Enabled: broker.Enabled, + Login: broker.Login, + BSB: broker.BSB, + ACC: broker.ACC, + License: broker.License, + Organization: broker.Organization, + Role: "broker", + } + } + } + + if ss.GetRole() == "admin" { + ret = UserExtra{ + Enabled: true, + Login: u.Login, + BSB: "", + ACC: "", + License: "", + Organization: "SFM", + Role: "admin", + } + } + return +} + func (m *loginForm) getFromClient(r *http.Request) (e error) { e = apiV1DecodeRequestBody(m, r) diff --git a/apiv1.go b/apiv1.go index 90e9b62..9d7eb40 100644 --- a/apiv1.go +++ b/apiv1.go @@ -40,11 +40,22 @@ func setupApiV1Handler() []apiV1HandlerMap { {"GET", "loan/", apiV1LoanSingleGet}, {"DELETE", "loan/", apiV1LoanSingleDelete}, {"GET", "loan-by-client/", apiV1LoanByClient}, + {"GET", "people/", apiV1PeopleGet}, - {"GET", "people-extra/", apiV1PeopleExtraGet}, {"POST", "people/", apiV1PeoplePost}, + {"PUT", "people/", apiV1PeoplePut}, + {"DELETE", "people/", apiV1PeopleDelete}, + {"GET", "people-extra/", apiV1PeopleExtraGet}, + + {"POST", "user/", apiV1UserPost}, + {"PUT", "user/", apiV1UserPut}, + {"DELETE", "user/", apiV1UserDelete}, + {"GET", "broker/", apiV1BrokerGet}, {"POST", "broker/", apiV1BrokerPost}, + {"PUT", "broker/", apiV1BrokerPut}, + {"DELETE", "broker/", apiV1BrokerDelete}, + {"POST", "change-pass/", apiV1ChangePass}, {"POST", "loan/basic/", apiV1LoanSinglePostBasic}, {"GET", "avatar/", apiV1Avatar}, @@ -55,7 +66,6 @@ func setupApiV1Handler() []apiV1HandlerMap { {"GET", "broker-list/", apiV1BrokerList}, {"POST", "sync-people/", apiV1SyncPeople}, {"POST", "payIn/", apiV1PayInPost}, - {"POST", "user/", apiV1UserPost}, {"DELETE", "payIn/", apiV1PayInDelete}, {"GET", "user-reward/", apiV1UserReward}, {"GET", "login-available/", apiV1LoginAvailable}, @@ -75,13 +85,25 @@ func setupApiV1Handler() []apiV1HandlerMap { {"GET", "loan/", apiV1LoanSingleGet}, {"DELETE", "loan/", apiV1LoanSingleDelete}, {"GET", "loan-by-client/", apiV1LoanByClient}, + {"GET", "people/", apiV1PeopleGet}, - {"GET", "people-extra/", apiV1PeopleExtraGet}, {"POST", "people/", apiV1PeoplePost}, + {"PUT", "people/", apiV1PeoplePut}, + {"DELETE", "people/", apiV1PeopleDelete}, + {"GET", "people-extra/", apiV1PeopleExtraGet}, + + {"POST", "user/", apiV1UserPost}, + {"PUT", "user/", apiV1UserPut}, + {"DELETE", "user/", apiV1UserDelete}, + {"GET", "broker/", apiV1BrokerGet}, {"POST", "broker/", apiV1BrokerPost}, + {"PUT", "broker/", apiV1BrokerPut}, + {"DELETE", "broker/", apiV1BrokerDelete}, + {"POST", "change-pass/", apiV1ChangePass}, {"POST", "loan/basic/", apiV1LoanSinglePostBasic}, + {"GET", "avatar/", apiV1Avatar}, {"POST", "avatar/", apiV1AvatarPost}, {"POST", "reward/", apiV1RewardPost}, @@ -90,7 +112,6 @@ func setupApiV1Handler() []apiV1HandlerMap { {"GET", "broker-list/", apiV1BrokerList}, {"POST", "sync-people/", apiV1SyncPeople}, {"POST", "payIn/", apiV1PayInPost}, - {"POST", "user/", apiV1UserPost}, {"DELETE", "payIn/", apiV1PayInDelete}, {"GET", "user-reward/", apiV1UserReward}, {"GET", "login-available/", apiV1LoginAvailable},