aiden
/
synctv
mirror of https://github.com/synctv-org/synctv
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
helm
docker-build-arm
dependabot/go_modules/gorm.io/driver/postgres-1.5.11
cache
build
api-v2
dependabot/go_modules/gorm.io/gorm-1.25.12
folder
zijiren233-patch-1
dev
v0.1.0
v0.1.1
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.3.0
v0.3.0-alpha-1
v0.3.0-alpha-2
v0.3.0-alpha-3
v0.3.0-beta-1
v0.3.1
v0.3.1-beta.1
v0.3.1-beta.2
v0.3.1-rc.2
v0.3.2
v0.3.2-alpha.2
v0.3.4
v0.3.5
v0.3.6
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.5.0
v0.5.0-alpha.1
v0.5.0-alpha.2
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.6.0
v0.6.1
v0.6.10
v0.6.11
v0.6.12
v0.6.13
v0.6.14
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.6.6
v0.6.7
v0.6.8
v0.6.9
v0.6.9-beta.1
v0.7.0
v0.7.1
v0.7.10
v0.7.11
v0.7.12
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.7.8
v0.7.9
v0.8.0
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.9.0
v0.9.0-beta.1
v0.9.0-beta.2
v0.9.1
v0.9.10
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.7
v0.9.7-beta.1
v0.9.7-beta.2
v0.9.7-beta.3
v0.9.7-beta.4
v0.9.7-beta.5
v0.9.7-beta.6
v0.9.7-beta.7
v0.9.7-beta.8
v0.9.8
v0.9.9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b4c40c265'
${ noResults }
synctv/server/handlers/admin.go

692 lines
18 KiB
Go
Raw Normal View History Unescape Escape

Feat: settings
1 year ago
package handlers
Feat: impl admin api
1 year ago
import (
"net/http"
"github.com/gin-gonic/gin"
Feat: oauth2 settings
1 year ago
"github.com/synctv-org/synctv/internal/bootstrap"
Feat: root and admin role api
1 year ago
"github.com/synctv-org/synctv/internal/db"
Feat: impl admin api
1 year ago
dbModel "github.com/synctv-org/synctv/internal/model"
Feat: pending user
1 year ago
"github.com/synctv-org/synctv/internal/op"
Feat: add setting cmd
1 year ago
"github.com/synctv-org/synctv/internal/settings"
Feat: impl admin api
1 year ago
"github.com/synctv-org/synctv/server/model"
Feat: root and admin role api
1 year ago
"gorm.io/gorm"
Feat: impl admin api
1 year ago
)
Feat: settings
1 year ago
Feat: get admin setting
1 year ago
func EditAdminSettings(ctx *gin.Context) {
Feat: impl admin api
1 year ago
// user := ctx.MustGet("user").(*op.User)
req := model.AdminSettingsReq{}
Feat: setting interface and boot strap
1 year ago
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
Feat: impl admin api
1 year ago
return
}
Feat: settings
1 year ago
Feat: impl admin api
1 year ago
for k, v := range req {
Feat: add setting cmd
1 year ago
err := settings.SetValue(k, v)
Feat: setting interface and boot strap
1 year ago
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
Feat: impl admin api
1 year ago
return
}
}
Opt: set setting use assertion judgment
1 year ago
ctx.Status(http.StatusNoContent)
Feat: settings
1 year ago
}
Feat: get admin setting
1 year ago
func AdminSettings(ctx *gin.Context) {
// user := ctx.MustGet("user").(*op.User)
Feat: setting interface and boot strap
1 year ago
group := ctx.Param("group")
Feat: oauth2 settings
1 year ago
switch group {
case "oauth2":
resp := make(model.AdminSettingsResp, len(bootstrap.ProviderGroupSettings))
for k, v := range bootstrap.ProviderGroupSettings {
if resp[k] == nil {
resp[k] = make(gin.H, len(v))
}
for _, s2 := range v {
resp[k][s2.Name()] = s2.Interface()
}
}
ctx.JSON(http.StatusOK, model.NewApiDataResp(resp))
case "":
Feat: get all admin settings
1 year ago
resp := make(model.AdminSettingsResp, len(settings.GroupSettings))
for sg, v := range settings.GroupSettings {
Feat: oauth2 settings
1 year ago
if resp[sg] == nil {
resp[sg] = make(gin.H, len(v))
Feat: get all admin settings
1 year ago
}
for _, s2 := range v {
Feat: oauth2 settings
1 year ago
resp[sg][s2.Name()] = s2.Interface()
Feat: get all admin settings
1 year ago
}
}
Feat: oauth2 settings
1 year ago
Feat: get all admin settings
1 year ago
ctx.JSON(http.StatusOK, model.NewApiDataResp(resp))
Feat: oauth2 settings
1 year ago
default:
s, ok := settings.GroupSettings[dbModel.SettingGroup(group)]
if !ok {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("group not found"))
return
}
resp := make(gin.H, len(s))
for _, v := range s {
resp[v.Name()] = v.Interface()
}
Feat: get admin setting
1 year ago
Feat: oauth2 settings
1 year ago
ctx.JSON(http.StatusOK, model.NewApiDataResp(resp))
Feat: get admin setting
1 year ago
}
}
Feat: setting interface and boot strap
1 year ago
Feat: root and admin role api
1 year ago
func Users(ctx *gin.Context) {
// user := ctx.MustGet("user").(*op.User)
page, pageSize, err := GetPageAndPageSize(ctx)
if err != nil {
Feat: setting interface and boot strap
1 year ago
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
Fix: sord and order
1 year ago
var desc = ctx.DefaultQuery("order", "desc") == "desc"
Feat: setting interface and boot strap
1 year ago
Feat: root and admin role api
1 year ago
scopes := []func(db *gorm.DB) *gorm.DB{}
Feat: setting interface and boot strap
1 year ago
Opt: search user and room default status query
1 year ago
switch ctx.Query("role") {
Refector: search user and room
1 year ago
case "admin":
scopes = append(scopes, db.WhereRole(dbModel.RoleAdmin))
case "user":
scopes = append(scopes, db.WhereRole(dbModel.RoleUser))
case "pending":
scopes = append(scopes, db.WhereRole(dbModel.RolePending))
case "banned":
scopes = append(scopes, db.WhereRole(dbModel.RoleBanned))
Opt: search user and room default status query
1 year ago
case "root":
scopes = append(scopes, db.WhereRole(dbModel.RoleRoot))
Feat: setting interface and boot strap
1 year ago
}
Fix: sord and order
1 year ago
switch ctx.DefaultQuery("sort", "name") {
Feat: root and admin role api
1 year ago
case "createdAt":
if desc {
scopes = append(scopes, db.OrderByCreatedAtDesc)
} else {
scopes = append(scopes, db.OrderByCreatedAtAsc)
}
case "name":
if desc {
scopes = append(scopes, db.OrderByDesc("username"))
} else {
scopes = append(scopes, db.OrderByAsc("username"))
}
default:
Fix: sord and order
1 year ago
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("not support sort"))
Feat: setting interface and boot strap
1 year ago
return
}
Refector: search user and room
1 year ago
if keyword := ctx.Query("keyword"); keyword != "" {
// search mode, all, name, id
switch ctx.DefaultQuery("search", "all") {
case "all":
scopes = append(scopes, db.WhereUsernameLikeOrIDIn(keyword, db.GerUsersIDByIDLike(keyword)))
case "name":
scopes = append(scopes, db.WhereUsernameLike(keyword))
case "id":
scopes = append(scopes, db.WhereIDIn(db.GerUsersIDByIDLike(keyword)))
}
}
Feat: root and admin role api
1 year ago
ctx.JSON(http.StatusOK, model.NewApiDataResp(gin.H{
Refector: search user and room
1 year ago
"total": db.GetAllUserCount(scopes...),
Fix: room user permission
1 year ago
"list": genUserListResp(db.GetAllUsers(append(scopes, db.Paginate(page, pageSize))...)),
Feat: root and admin role api
1 year ago
}))
}
Feat: setting interface and boot strap
1 year ago
Fix: room user permission
1 year ago
func genUserListResp(us []*dbModel.User) []*model.UserInfoResp {
Feat: root and admin role api
1 year ago
resp := make([]*model.UserInfoResp, len(us))
for i, v := range us {
resp[i] = &model.UserInfoResp{
ID: v.ID,
Username: v.Username,
Role: v.Role,
CreatedAt: v.CreatedAt.UnixMilli(),
}
}
return resp
Feat: setting interface and boot strap
1 year ago
}
Feat: pending user
1 year ago
Feat: add admin api: room users and user rooms
1 year ago
func GetRoomUsers(ctx *gin.Context) {
id := ctx.Query("id")
if len(id) != 32 {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("room id error"))
return
}
page, pageSize, err := GetPageAndPageSize(ctx)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
Fix: sord and order
1 year ago
var desc = ctx.DefaultQuery("order", "desc") == "desc"
Feat: add admin api: room users and user rooms
1 year ago
scopes := []func(db *gorm.DB) *gorm.DB{
Feat: user password and admin user
1 year ago
db.PreloadRoomUserRelations(db.WhereRoomID(id)),
Feat: add admin api: room users and user rooms
1 year ago
}
Fix: sord and order
1 year ago
switch ctx.DefaultQuery("sort", "name") {
Feat: add admin api: room users and user rooms
1 year ago
case "createdAt":
if desc {
scopes = append(scopes, db.OrderByCreatedAtDesc)
} else {
scopes = append(scopes, db.OrderByCreatedAtAsc)
}
case "name":
if desc {
scopes = append(scopes, db.OrderByDesc("username"))
} else {
scopes = append(scopes, db.OrderByAsc("username"))
}
default:
Fix: sord and order
1 year ago
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("not support sort"))
Feat: add admin api: room users and user rooms
1 year ago
return
}
if keyword := ctx.Query("keyword"); keyword != "" {
// search mode, all, name, id
switch ctx.DefaultQuery("search", "all") {
case "all":
scopes = append(scopes, db.WhereUsernameLikeOrIDIn(keyword, db.GerUsersIDByIDLike(keyword)))
case "name":
scopes = append(scopes, db.WhereUsernameLike(keyword))
case "id":
scopes = append(scopes, db.WhereIDIn(db.GerUsersIDByIDLike(keyword)))
}
}
ctx.JSON(http.StatusOK, model.NewApiDataResp(gin.H{
"total": db.GetAllUserCount(scopes...),
"list": genRoomUserListResp(db.GetAllUsers(append(scopes, db.Paginate(page, pageSize))...)),
}))
}
func genRoomUserListResp(us []*dbModel.User) []*model.RoomUsersResp {
resp := make([]*model.RoomUsersResp, len(us))
for i, v := range us {
resp[i] = &model.RoomUsersResp{
UserID: v.ID,
Username: v.Username,
Role: v.Role,
JoinAt: v.RoomUserRelations[0].CreatedAt.UnixMilli(),
RoomID: v.RoomUserRelations[0].RoomID,
Status: v.RoomUserRelations[0].Status,
Permissions: v.RoomUserRelations[0].Permissions,
}
}
return resp
}
Feat: ban user and room
1 year ago
func ApprovePendingUser(ctx *gin.Context) {
req := model.UserIDReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
user, err := db.GetUserByID(req.ID)
Feat: pending user
1 year ago
if err != nil {
Feat: ban user and room
1 year ago
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
Feat: pending user
1 year ago
}
Feat: ban user and room
1 year ago
Feat: pending user
1 year ago
if !user.IsPending() {
Feat: ban user and room
1 year ago
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("user is not pending"))
return
Feat: pending user
1 year ago
}
Feat: ban user and room
1 year ago
err = db.SetRoleByID(req.ID, dbModel.RoleUser)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorResp(err))
return
Feat: pending user
1 year ago
}
Feat: ban user and room
1 year ago
ctx.Status(http.StatusNoContent)
Feat: pending user
1 year ago
}
func BanUser(ctx *gin.Context) {
user := ctx.MustGet("user").(*op.User)
req := model.UserIDReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
Opt: admin api: ban user or room
1 year ago
u, err := db.GetUserByID(req.ID)
Feat: pending user
1 year ago
if err != nil {
Opt: admin api: ban user or room
1 year ago
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
Feat: pending user
1 year ago
return
}
Fix: root can ban root
1 year ago
if u.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("cannot ban root"))
return
}
Feat: add unban api
1 year ago
if u.IsAdmin() && !user.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("cannot ban admin"))
Feat: pending user
1 year ago
return
}
Feat: add unban api
1 year ago
err = op.SetRoleByID(req.ID, dbModel.RoleBanned)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorResp(err))
Feat: pending user
1 year ago
return
}
Feat: add unban api
1 year ago
ctx.Status(http.StatusNoContent)
}
func UnBanUser(ctx *gin.Context) {
// user := ctx.MustGet("user").(*op.User)
req := model.UserIDReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
u, err := db.GetUserByID(req.ID)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
if !u.IsBanned() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("user is not banned"))
return
}
err = op.SetRoleByID(req.ID, dbModel.RoleUser)
Feat: pending user
1 year ago
if err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorResp(err))
return
}
ctx.Status(http.StatusNoContent)
}
Feat: ban user and room
1 year ago
Refector: search user and room
1 year ago
func Rooms(ctx *gin.Context) {
Feat: ban user and room
1 year ago
// user := ctx.MustGet("user").(*op.User)
page, pageSize, err := GetPageAndPageSize(ctx)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
Fix: sord and order
1 year ago
var desc = ctx.DefaultQuery("order", "desc") == "desc"
Feat: ban user and room
1 year ago
Refector: search user and room
1 year ago
scopes := []func(db *gorm.DB) *gorm.DB{}
Feat: ban user and room
1 year ago
Opt: search user and room default status query
1 year ago
switch ctx.Query("status") {
Refector: search user and room
1 year ago
case "active":
scopes = append(scopes, db.WhereStatus(dbModel.RoomStatusActive))
case "pending":
scopes = append(scopes, db.WhereStatus(dbModel.RoomStatusPending))
case "banned":
scopes = append(scopes, db.WhereStatus(dbModel.RoomStatusBanned))
Feat: ban user and room
1 year ago
}
Fix: sord and order
1 year ago
switch ctx.DefaultQuery("sort", "name") {
Feat: ban user and room
1 year ago
case "createdAt":
if desc {
scopes = append(scopes, db.OrderByCreatedAtDesc)
} else {
scopes = append(scopes, db.OrderByCreatedAtAsc)
}
case "name":
if desc {
scopes = append(scopes, db.OrderByDesc("name"))
} else {
scopes = append(scopes, db.OrderByAsc("name"))
}
default:
Fix: sord and order
1 year ago
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("not support sort"))
Feat: ban user and room
1 year ago
return
}
if keyword := ctx.Query("keyword"); keyword != "" {
// search mode, all, name, creator
switch ctx.DefaultQuery("search", "all") {
case "all":
Refector: search user and room
1 year ago
scopes = append(scopes, db.WhereRoomNameLikeOrCreatorInOrIDLike(keyword, db.GerUsersIDByUsernameLike(keyword), keyword))
Feat: ban user and room
1 year ago
case "name":
scopes = append(scopes, db.WhereRoomNameLike(keyword))
case "creator":
scopes = append(scopes, db.WhereCreatorIDIn(db.GerUsersIDByUsernameLike(keyword)))
Feat: add admin api: room users and user rooms
1 year ago
case "creatorId":
scopes = append(scopes, db.WhereCreatorID(keyword))
case "id":
scopes = append(scopes, db.WhereIDLike(keyword))
}
}
ctx.JSON(http.StatusOK, model.NewApiDataResp(gin.H{
"total": db.GetAllRoomsCount(scopes...),
"list": genRoomListResp(append(scopes, db.Paginate(page, pageSize))...),
}))
}
func GetUserRooms(ctx *gin.Context) {
id := ctx.Query("id")
if len(id) != 32 {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("user id error"))
return
}
page, pageSize, err := GetPageAndPageSize(ctx)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
Fix: sord and order
1 year ago
var desc = ctx.DefaultQuery("order", "desc") == "desc"
Feat: add admin api: room users and user rooms
1 year ago
scopes := []func(db *gorm.DB) *gorm.DB{
db.WhereCreatorID(id),
}
Fix: GetUserRooms add status query
1 year ago
switch ctx.Query("status") {
case "active":
scopes = append(scopes, db.WhereStatus(dbModel.RoomStatusActive))
case "pending":
scopes = append(scopes, db.WhereStatus(dbModel.RoomStatusPending))
case "banned":
scopes = append(scopes, db.WhereStatus(dbModel.RoomStatusBanned))
}
Fix: sord and order
1 year ago
switch ctx.DefaultQuery("sort", "name") {
Feat: add admin api: room users and user rooms
1 year ago
case "createdAt":
if desc {
scopes = append(scopes, db.OrderByCreatedAtDesc)
} else {
scopes = append(scopes, db.OrderByCreatedAtAsc)
}
case "name":
if desc {
scopes = append(scopes, db.OrderByDesc("name"))
} else {
scopes = append(scopes, db.OrderByAsc("name"))
}
default:
Fix: sord and order
1 year ago
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("not support sort"))
Feat: add admin api: room users and user rooms
1 year ago
return
}
if keyword := ctx.Query("keyword"); keyword != "" {
// search mode, all, name, creator
switch ctx.DefaultQuery("search", "all") {
case "all":
scopes = append(scopes, db.WhereRoomNameLikeOrIDLike(keyword, keyword))
case "name":
scopes = append(scopes, db.WhereRoomNameLike(keyword))
Refector: search user and room
1 year ago
case "id":
scopes = append(scopes, db.WhereIDLike(keyword))
Feat: ban user and room
1 year ago
}
}
ctx.JSON(http.StatusOK, model.NewApiDataResp(gin.H{
Refector: search user and room
1 year ago
"total": db.GetAllRoomsCount(scopes...),
Feat: ban user and room
1 year ago
"list": genRoomListResp(append(scopes, db.Paginate(page, pageSize))...),
}))
}
func ApprovePendingRoom(ctx *gin.Context) {
req := model.RoomIDReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
room, err := db.GetRoomByID(req.Id)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
if !room.IsPending() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("room is not pending"))
return
}
err = db.SetRoomStatus(req.Id, dbModel.RoomStatusActive)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorResp(err))
return
}
ctx.Status(http.StatusNoContent)
}
func BanRoom(ctx *gin.Context) {
user := ctx.MustGet("user").(*op.User)
req := model.RoomIDReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
Opt: admin api: ban user or room
1 year ago
r, err := db.GetRoomByID(req.Id)
Feat: ban user and room
1 year ago
if err != nil {
Opt: admin api: ban user or room
1 year ago
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
Feat: ban user and room
1 year ago
return
}
Opt: admin api: ban user or room
1 year ago
creator, err := db.GetUserByID(r.CreatorID)
Feat: ban user and room
1 year ago
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
Fix: admin api edit root need no permission
1 year ago
if creator.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("cannot ban root"))
return
}
Feat: add unban api
1 year ago
if creator.IsAdmin() && !user.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("cannot ban admin"))
Feat: ban user and room
1 year ago
return
}
Feat: add unban api
1 year ago
err = op.SetRoomStatus(req.Id, dbModel.RoomStatusBanned)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorResp(err))
Feat: ban user and room
1 year ago
return
}
Feat: add unban api
1 year ago
ctx.Status(http.StatusNoContent)
}
func UnBanRoom(ctx *gin.Context) {
// user := ctx.MustGet("user").(*op.User)
req := model.RoomIDReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
r, err := db.GetRoomByID(req.Id)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
if !r.IsBanned() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("room is not banned"))
return
}
err = op.SetRoomStatus(req.Id, dbModel.RoomStatusActive)
Feat: ban user and room
1 year ago
if err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorResp(err))
return
}
ctx.Status(http.StatusNoContent)
}
Feat: user password and admin user
1 year ago
func AddUser(ctx *gin.Context) {
Fix: admin api edit root need no permission
1 year ago
user := ctx.MustGet("user").(*op.User)
Feat: user password and admin user
1 year ago
req := model.AddUserReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
Fix: admin api edit root need no permission
1 year ago
if req.Role == dbModel.RoleRoot && !user.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("you cannot add root user"))
return
}
Fix: add user use create instead of createorload
1 year ago
_, err := op.CreateUser(req.Username, req.Password, db.WithRole(req.Role))
Feat: user password and admin user
1 year ago
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
ctx.Status(http.StatusNoContent)
}
func DeleteUser(ctx *gin.Context) {
user := ctx.MustGet("user").(*op.User)
req := model.UserIDReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
u, err := db.GetUserByID(req.ID)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorResp(err))
return
}
Fix: can not del root user
1 year ago
if u.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("cannot delete root"))
return
}
Feat: user password and admin user
1 year ago
if u.IsAdmin() && !user.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("cannot delete admin"))
return
}
if err := op.DeleteUserByID(req.ID); err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorResp(err))
return
}
ctx.Status(http.StatusNoContent)
}
Feat: admin username password, room password
1 year ago
func AdminUserPassword(ctx *gin.Context) {
user := ctx.MustGet("user").(*op.User)
req := model.AdminUserPasswordReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp(err.Error()))
return
}
u, err := op.LoadOrInitUserByID(req.ID)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("user not found"))
return
}
Fix: admin api edit root need no permission
1 year ago
if u.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("cannot change root password"))
return
}
Feat: admin username password, room password
1 year ago
if u.IsAdmin() && !user.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("cannot change admin password"))
return
}
if err := u.SetPassword(req.Password); err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorStringResp(err.Error()))
return
}
ctx.Status(http.StatusNoContent)
}
func AdminUsername(ctx *gin.Context) {
user := ctx.MustGet("user").(*op.User)
req := model.AdminUsernameReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp(err.Error()))
return
}
u, err := op.LoadOrInitUserByID(req.ID)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("user not found"))
return
}
Fix: admin api edit root need no permission
1 year ago
if u.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("cannot change root username"))
return
}
Feat: admin username password, room password
1 year ago
if u.IsAdmin() && !user.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("cannot change admin username"))
return
}
if err := u.SetUsername(req.Username); err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorStringResp(err.Error()))
return
}
ctx.Status(http.StatusNoContent)
}
func AdminRoomPassword(ctx *gin.Context) {
user := ctx.MustGet("user").(*op.User)
req := model.AdminRoomPasswordReq{}
if err := model.Decode(ctx, &req); err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp(err.Error()))
return
}
r, err := op.LoadOrInitRoomByID(req.ID)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("room not found"))
return
}
creator, err := op.LoadOrInitUserByID(r.CreatorID)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("room creator not found"))
return
}
Fix: admin api edit root need no permission
1 year ago
if creator.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("cannot change root room password"))
return
}
Feat: admin username password, room password
1 year ago
if creator.IsAdmin() && !user.IsRoot() {
ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("cannot change admin room password"))
return
}
if err := r.SetPassword(req.Password); err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorStringResp(err.Error()))
return
}
ctx.Status(http.StatusNoContent)
}