people,user, broker CRUD

apiV1BrokerList.go

 	return
 }
 
+func apiV1BrokerDelete(w http.ResponseWriter, r *http.Request, ss *loan.Session) {
+	id := r.URL.Path[len(apiV1Prefix+"broker/"):]
+	e := loan.DeleteBroker(id)
+	if e != nil {
+		log.Error("cannot delete broker by id", id, e.Error())
+		apiV1Server500Error(w, r)
+		return
+	}
+
+	ue := UserExtra{}
+	ue.Login = ""
+	ue.Enabled = false
+	ue.License = ""
+	ue.Organization = ""
+	ue.BSB = ""
+	ue.ACC = ""
+
+	p := loan.People{}
+	readPeopleErr := p.Read(id)
+	u := loan.User{}
+	readUserErr := u.Read(id)
+	if readUserErr == nil {
+		ue.Role = "user"
+	} else if readPeopleErr == nil {
+		ue.Role = "people"
+	} else {
+		ue.Role = "invalid_role"
+	}
+
+	apiV1SendJson(ue, w, r, ss)
+}
+
+func apiV1BrokerPut(w http.ResponseWriter, r *http.Request, ss *loan.Session) {
+	id := r.URL.Path[len(apiV1Prefix+"broker/"):]
+	u := loan.User{}
+	e := u.Read(id)
+	if e != nil { // no such people
+		log.Error("cannot create broker without user, id=", id, e.Error())
+		apiV1Client403Error(w, r, ss)
+		return
+	}
+
+	b := loan.Broker{}
+	b.User = u
+	b.Organization = "SFM"
+
+	e = b.Write()
+	if e != nil { // no such people
+		log.Error("cannot create broker from existing user, id=", id, u, e.Error())
+		apiV1Server500Error(w, r)
+		return
+	}
+
+	ue := UserExtra{}
+	ue.Login = b.Login
+	ue.Enabled = b.Enabled
+	ue.Role = "broker"
+	ue.License = b.License
+	ue.Organization = b.Organization
+	ue.BSB = b.BSB
+	ue.ACC = b.ACC
+
+	apiV1SendJson(ue, w, r, ss)
+}
+
 func apiV1BrokerPost(w http.ResponseWriter, r *http.Request, ss *loan.Session) {
 	id := r.URL.Path[len(apiV1Prefix+"broker/"):]
 	b := loan.Broker{}

apiV1PeopleList.go

 	"biukop.com/sfm/loan"
 	"database/sql"
 	"encoding/json"
+	"github.com/brianvoe/gofakeit/v6"
 	log "github.com/sirupsen/logrus"
 	"net/http"
 )
 	apiV1SendJson(p, w, r, ss)
 }
 
+func apiV1PeoplePut(w http.ResponseWriter, r *http.Request, ss *loan.Session) {
+	p := loan.People{}
+	p.Id = gofakeit.UUID()
+	e := p.Write()
+	if e != nil {
+		log.Error("cannot create people by ", e.Error())
+		apiV1Server500Error(w, r)
+		return
+	}
+	p.WriteAvatar(randomDummyImage())
+	apiV1SendJson(p, w, r, ss)
+}
+
+func apiV1PeopleDelete(w http.ResponseWriter, r *http.Request, ss *loan.Session) {
+	id := r.URL.Path[len(apiV1Prefix+"people/"):]
+	e := loan.DeletePeople(id)
+	if e != nil {
+		log.Error("cannot delete people by ", id, e.Error())
+		apiV1Server500Error(w, r)
+		return
+	}
+	apiV1SendJson(id, w, r, ss)
+}
+
 func apiV1PeopleExtraGet(w http.ResponseWriter, r *http.Request, ss *loan.Session) {
 	id := r.URL.Path[len(apiV1Prefix+"people-extra/"):]
 	ret := UserExtra{}

apiV1User.go

 import (
 	"biukop.com/sfm/loan"
 	"encoding/json"
+	"github.com/brianvoe/gofakeit/v6"
 	log "github.com/sirupsen/logrus"
 	"net/http"
 )
 	return
 }
 
+// create a new user from people
+func apiV1UserPut(w http.ResponseWriter, r *http.Request, ss *loan.Session) {
+	id := r.URL.Path[len(apiV1Prefix+"user/"):] //remove prefix
+
+	p := loan.People{}
+	e := p.Read(id)
+	if e != nil { // no such people
+		log.Error("cannot create User without people, id=", id, e.Error())
+		apiV1Client403Error(w, r, ss)
+		return
+	}
+
+	u := loan.User{}
+	u.Id = id
+	u.Login = id + "@local"
+	u.Enabled = false
+	u.Token = gofakeit.LetterN(45)
+	u.SetPass("")
+	e = u.Write()
+
+	if e != nil {
+		log.Error("Failed to upgrade user ", id)
+		apiV1Server500Error(w, r)
+		return
+	}
+
+	ue := UserExtra{}
+	ue.Login = u.Login
+	ue.Enabled = u.Enabled
+	ue.Role = "user"
+	ue.License = ""
+	ue.Organization = ""
+	ue.BSB = ""
+	ue.ACC = ""
+
+	apiV1SendJson(ue, w, r, ss)
+}
+
+func apiV1UserDelete(w http.ResponseWriter, r *http.Request, ss *loan.Session) {
+	id := r.URL.Path[len(apiV1Prefix+"user/"):] //remove prefix
+
+	if id == "" {
+		apiV1Client403Error(w, r, ss)
+		return
+	}
+	e := loan.DeleteUser(id)
+	if e != nil {
+		log.Error("Failed to delete user ", id)
+		apiV1Server500Error(w, r)
+		return
+	}
+
+	ue := UserExtra{}
+	ue.Login = ""
+	ue.Enabled = false
+	ue.Role = "people"
+	ue.License = ""
+	ue.Organization = ""
+	ue.BSB = ""
+	ue.ACC = ""
+	apiV1SendJson(ue, w, r, ss)
+}
+
 func apiV1UserPost(w http.ResponseWriter, r *http.Request, ss *loan.Session) {
 	id := r.URL.Path[len(apiV1Prefix+"user/"):] //remove prefix
 
 			log.Error("cannot save basic loan", e.Error())
 			apiV1SendJson(" [ Error Occurred ] : "+e.Error(), w, r, ss)
 		} else {
-			apiV1SendJson(input.Login, w, r, ss)
+			apiV1SendJson(input, w, r, ss)
 		}
 	}
 }

apiV1login.go

 	u, e := ss.GetUser()
 	if e == nil {
 		res.add("User", u.People)
-
-		if ss.GetRole() == "broker" {
-			broker := loan.Broker{}
-			e := broker.Read(ss.User)
-			if e != nil {
-				log.Error("fail to retrieve broker for session ", ss, e.Error())
-			} else {
-				ue := UserExtra{
-					Enabled:      broker.Enabled,
-					Login:        broker.Login,
-					BSB:          broker.BSB,
-					ACC:          broker.ACC,
-					License:      broker.License,
-					Organization: broker.Organization,
-				}
-				res.add("UserExtra", ue)
-			}
-		}
-
-		if ss.GetRole() == "admin" {
-			ue := UserExtra{
-				Enabled:      true,
-				Login:        u.Login,
-				BSB:          "",
-				ACC:          "",
-				License:      "",
-				Organization: "SFM",
-			}
-			res.add("UserExtra", ue)
-		}
+		res.add("UserExtra", getUserExtraForLogin(u, ss))
 	}
 	res.add("Biukop-Session", ss.Id)
 	res.add("Biukop-Mid", ss.Get("Biukop-Mid"))
 	res.sendJson(w)
 }
 
+func getUserExtraForLogin(u loan.User, ss *loan.Session) (ret UserExtra) {
+	if ss.GetRole() == "user" {
+		ret = UserExtra{
+			Enabled:      true,
+			Login:        u.Login,
+			BSB:          "",
+			ACC:          "",
+			License:      "",
+			Organization: "",
+			Role:         "user",
+		}
+	}
+
+	if ss.GetRole() == "broker" {
+		broker := loan.Broker{}
+		e := broker.Read(ss.User)
+		if e != nil {
+			log.Error("fail to retrieve broker for session ", ss, e.Error())
+		} else {
+			ret = UserExtra{
+				Enabled:      broker.Enabled,
+				Login:        broker.Login,
+				BSB:          broker.BSB,
+				ACC:          broker.ACC,
+				License:      broker.License,
+				Organization: broker.Organization,
+				Role:         "broker",
+			}
+		}
+	}
+
+	if ss.GetRole() == "admin" {
+		ret = UserExtra{
+			Enabled:      true,
+			Login:        u.Login,
+			BSB:          "",
+			ACC:          "",
+			License:      "",
+			Organization: "SFM",
+			Role:         "admin",
+		}
+	}
+	return
+}
+
 func (m *loginForm) getFromClient(r *http.Request) (e error) {
 
 	e = apiV1DecodeRequestBody(m, r)

apiv1.go

 			{"GET", "loan/", apiV1LoanSingleGet},
 			{"DELETE", "loan/", apiV1LoanSingleDelete},
 			{"GET", "loan-by-client/", apiV1LoanByClient},
+
 			{"GET", "people/", apiV1PeopleGet},
-			{"GET", "people-extra/", apiV1PeopleExtraGet},
 			{"POST", "people/", apiV1PeoplePost},
+			{"PUT", "people/", apiV1PeoplePut},
+			{"DELETE", "people/", apiV1PeopleDelete},
+			{"GET", "people-extra/", apiV1PeopleExtraGet},
+
+			{"POST", "user/", apiV1UserPost},
+			{"PUT", "user/", apiV1UserPut},
+			{"DELETE", "user/", apiV1UserDelete},
+
 			{"GET", "broker/", apiV1BrokerGet},
 			{"POST", "broker/", apiV1BrokerPost},
+			{"PUT", "broker/", apiV1BrokerPut},
+			{"DELETE", "broker/", apiV1BrokerDelete},
+
 			{"POST", "change-pass/", apiV1ChangePass},
 			{"POST", "loan/basic/", apiV1LoanSinglePostBasic},
 			{"GET", "avatar/", apiV1Avatar},
 			{"GET", "broker-list/", apiV1BrokerList},
 			{"POST", "sync-people/", apiV1SyncPeople},
 			{"POST", "payIn/", apiV1PayInPost},
-			{"POST", "user/", apiV1UserPost},
 			{"DELETE", "payIn/", apiV1PayInDelete},
 			{"GET", "user-reward/", apiV1UserReward},
 			{"GET", "login-available/", apiV1LoginAvailable},
 			{"GET", "loan/", apiV1LoanSingleGet},
 			{"DELETE", "loan/", apiV1LoanSingleDelete},
 			{"GET", "loan-by-client/", apiV1LoanByClient},
+
 			{"GET", "people/", apiV1PeopleGet},
-			{"GET", "people-extra/", apiV1PeopleExtraGet},
 			{"POST", "people/", apiV1PeoplePost},
+			{"PUT", "people/", apiV1PeoplePut},
+			{"DELETE", "people/", apiV1PeopleDelete},
+			{"GET", "people-extra/", apiV1PeopleExtraGet},
+
+			{"POST", "user/", apiV1UserPost},
+			{"PUT", "user/", apiV1UserPut},
+			{"DELETE", "user/", apiV1UserDelete},
+
 			{"GET", "broker/", apiV1BrokerGet},
 			{"POST", "broker/", apiV1BrokerPost},
+			{"PUT", "broker/", apiV1BrokerPut},
+			{"DELETE", "broker/", apiV1BrokerDelete},
+
 			{"POST", "change-pass/", apiV1ChangePass},
 			{"POST", "loan/basic/", apiV1LoanSinglePostBasic},
+
 			{"GET", "avatar/", apiV1Avatar},
 			{"POST", "avatar/", apiV1AvatarPost},
 			{"POST", "reward/", apiV1RewardPost},
 			{"GET", "broker-list/", apiV1BrokerList},
 			{"POST", "sync-people/", apiV1SyncPeople},
 			{"POST", "payIn/", apiV1PayInPost},
-			{"POST", "user/", apiV1UserPost},
 			{"DELETE", "payIn/", apiV1PayInDelete},
 			{"GET", "user-reward/", apiV1UserReward},
 			{"GET", "login-available/", apiV1LoginAvailable},