Refactor packages to have more idiomatic code base

api/category.go

@@ -0,0 +1,103 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package api
+
+import (
+	"errors"
+
+	"github.com/miniflux/miniflux/http/handler"
+)
+
+// CreateCategory is the API handler to create a new category.
+func (c *Controller) CreateCategory(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	category, err := decodeCategoryPayload(request.Body())
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	category.UserID = userID
+	if err := category.ValidateCategoryCreation(); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if c, err := c.store.CategoryByTitle(userID, category.Title); err != nil || c != nil {
+		response.JSON().BadRequest(errors.New("This category already exists"))
+		return
+	}
+
+	err = c.store.CreateCategory(category)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to create this category"))
+		return
+	}
+
+	response.JSON().Created(category)
+}
+
+// UpdateCategory is the API handler to update a category.
+func (c *Controller) UpdateCategory(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	categoryID, err := request.IntegerParam("categoryID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	category, err := decodeCategoryPayload(request.Body())
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	category.UserID = ctx.UserID()
+	category.ID = categoryID
+	if err := category.ValidateCategoryModification(); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	err = c.store.UpdateCategory(category)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to update this category"))
+		return
+	}
+
+	response.JSON().Created(category)
+}
+
+// GetCategories is the API handler to get a list of categories for a given user.
+func (c *Controller) GetCategories(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	categories, err := c.store.Categories(ctx.UserID())
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch categories"))
+		return
+	}
+
+	response.JSON().Standard(categories)
+}
+
+// RemoveCategory is the API handler to remove a category.
+func (c *Controller) RemoveCategory(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	categoryID, err := request.IntegerParam("categoryID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if !c.store.CategoryExists(userID, categoryID) {
+		response.JSON().NotFound(errors.New("Category not found"))
+		return
+	}
+
+	if err := c.store.RemoveCategory(userID, categoryID); err != nil {
+		response.JSON().ServerError(errors.New("Unable to remove this category"))
+		return
+	}
+
+	response.JSON().NoContent()
+}

api/controller.go

@@ -0,0 +1,21 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package api
+
+import (
+	"github.com/miniflux/miniflux/reader/feed"
+	"github.com/miniflux/miniflux/storage"
+)
+
+// Controller holds all handlers for the API.
+type Controller struct {
+	store       *storage.Storage
+	feedHandler *feed.Handler
+}
+
+// NewController creates a new controller.
+func NewController(store *storage.Storage, feedHandler *feed.Handler) *Controller {
+	return &Controller{store: store, feedHandler: feedHandler}
+}

api/entry.go

@@ -0,0 +1,223 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package api
+
+import (
+	"errors"
+
+	"github.com/miniflux/miniflux/http/handler"
+	"github.com/miniflux/miniflux/model"
+)
+
+// GetFeedEntry is the API handler to get a single feed entry.
+func (c *Controller) GetFeedEntry(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	feedID, err := request.IntegerParam("feedID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	entryID, err := request.IntegerParam("entryID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	builder := c.store.NewEntryQueryBuilder(userID)
+	builder.WithFeedID(feedID)
+	builder.WithEntryID(entryID)
+
+	entry, err := builder.GetEntry()
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch this entry from the database"))
+		return
+	}
+
+	if entry == nil {
+		response.JSON().NotFound(errors.New("Entry not found"))
+		return
+	}
+
+	response.JSON().Standard(entry)
+}
+
+// GetEntry is the API handler to get a single entry.
+func (c *Controller) GetEntry(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	entryID, err := request.IntegerParam("entryID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	builder := c.store.NewEntryQueryBuilder(userID)
+	builder.WithEntryID(entryID)
+
+	entry, err := builder.GetEntry()
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch this entry from the database"))
+		return
+	}
+
+	if entry == nil {
+		response.JSON().NotFound(errors.New("Entry not found"))
+		return
+	}
+
+	response.JSON().Standard(entry)
+}
+
+// GetFeedEntries is the API handler to get all feed entries.
+func (c *Controller) GetFeedEntries(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	feedID, err := request.IntegerParam("feedID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	status := request.QueryStringParam("status", "")
+	if status != "" {
+		if err := model.ValidateEntryStatus(status); err != nil {
+			response.JSON().BadRequest(err)
+			return
+		}
+	}
+
+	order := request.QueryStringParam("order", model.DefaultSortingOrder)
+	if err := model.ValidateEntryOrder(order); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	direction := request.QueryStringParam("direction", model.DefaultSortingDirection)
+	if err := model.ValidateDirection(direction); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	limit := request.QueryIntegerParam("limit", 100)
+	offset := request.QueryIntegerParam("offset", 0)
+	if err := model.ValidateRange(offset, limit); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	builder := c.store.NewEntryQueryBuilder(userID)
+	builder.WithFeedID(feedID)
+	builder.WithStatus(status)
+	builder.WithOrder(order)
+	builder.WithDirection(direction)
+	builder.WithOffset(offset)
+	builder.WithLimit(limit)
+
+	entries, err := builder.GetEntries()
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch the list of entries"))
+		return
+	}
+
+	count, err := builder.CountEntries()
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to count the number of entries"))
+		return
+	}
+
+	response.JSON().Standard(&entriesResponse{Total: count, Entries: entries})
+}
+
+// GetEntries is the API handler to fetch entries.
+func (c *Controller) GetEntries(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+
+	status := request.QueryStringParam("status", "")
+	if status != "" {
+		if err := model.ValidateEntryStatus(status); err != nil {
+			response.JSON().BadRequest(err)
+			return
+		}
+	}
+
+	order := request.QueryStringParam("order", model.DefaultSortingOrder)
+	if err := model.ValidateEntryOrder(order); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	direction := request.QueryStringParam("direction", model.DefaultSortingDirection)
+	if err := model.ValidateDirection(direction); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	limit := request.QueryIntegerParam("limit", 100)
+	offset := request.QueryIntegerParam("offset", 0)
+	if err := model.ValidateRange(offset, limit); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	builder := c.store.NewEntryQueryBuilder(userID)
+	builder.WithStatus(status)
+	builder.WithOrder(order)
+	builder.WithDirection(direction)
+	builder.WithOffset(offset)
+	builder.WithLimit(limit)
+
+	entries, err := builder.GetEntries()
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch the list of entries"))
+		return
+	}
+
+	count, err := builder.CountEntries()
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to count the number of entries"))
+		return
+	}
+
+	response.JSON().Standard(&entriesResponse{Total: count, Entries: entries})
+}
+
+// SetEntryStatus is the API handler to change the status of entries.
+func (c *Controller) SetEntryStatus(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+
+	entryIDs, status, err := decodeEntryStatusPayload(request.Body())
+	if err != nil {
+		response.JSON().BadRequest(errors.New("Invalid JSON payload"))
+		return
+	}
+
+	if err := model.ValidateEntryStatus(status); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if err := c.store.SetEntriesStatus(userID, entryIDs, status); err != nil {
+		response.JSON().ServerError(errors.New("Unable to change entries status"))
+		return
+	}
+
+	response.JSON().NoContent()
+}
+
+// ToggleBookmark is the API handler to toggle bookmark status.
+func (c *Controller) ToggleBookmark(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	entryID, err := request.IntegerParam("entryID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if err := c.store.ToggleBookmark(userID, entryID); err != nil {
+		response.JSON().ServerError(errors.New("Unable to toggle bookmark value"))
+		return
+	}
+
+	response.JSON().NoContent()
+}

api/feed.go

@@ -0,0 +1,178 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package api
+
+import (
+	"errors"
+
+	"github.com/miniflux/miniflux/http/handler"
+)
+
+// CreateFeed is the API handler to create a new feed.
+func (c *Controller) CreateFeed(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	feedURL, categoryID, err := decodeFeedCreationPayload(request.Body())
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if feedURL == "" {
+		response.JSON().BadRequest(errors.New("The feed_url is required"))
+		return
+	}
+
+	if categoryID <= 0 {
+		response.JSON().BadRequest(errors.New("The category_id is required"))
+		return
+	}
+
+	if c.store.FeedURLExists(userID, feedURL) {
+		response.JSON().BadRequest(errors.New("This feed_url already exists"))
+		return
+	}
+
+	if !c.store.CategoryExists(userID, categoryID) {
+		response.JSON().BadRequest(errors.New("This category_id doesn't exists or doesn't belongs to this user"))
+		return
+	}
+
+	feed, err := c.feedHandler.CreateFeed(userID, categoryID, feedURL, false)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to create this feed"))
+		return
+	}
+
+	type result struct {
+		FeedID int64 `json:"feed_id"`
+	}
+
+	response.JSON().Created(&result{FeedID: feed.ID})
+}
+
+// RefreshFeed is the API handler to refresh a feed.
+func (c *Controller) RefreshFeed(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	feedID, err := request.IntegerParam("feedID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if !c.store.FeedExists(userID, feedID) {
+		response.JSON().NotFound(errors.New("Unable to find this feed"))
+		return
+	}
+
+	err = c.feedHandler.RefreshFeed(userID, feedID)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to refresh this feed"))
+		return
+	}
+
+	response.JSON().NoContent()
+}
+
+// UpdateFeed is the API handler that is used to update a feed.
+func (c *Controller) UpdateFeed(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	feedID, err := request.IntegerParam("feedID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	newFeed, err := decodeFeedModificationPayload(request.Body())
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if newFeed.Category != nil && newFeed.Category.ID != 0 && !c.store.CategoryExists(userID, newFeed.Category.ID) {
+		response.JSON().BadRequest(errors.New("This category_id doesn't exists or doesn't belongs to this user"))
+		return
+	}
+
+	originalFeed, err := c.store.FeedByID(userID, feedID)
+	if err != nil {
+		response.JSON().NotFound(errors.New("Unable to find this feed"))
+		return
+	}
+
+	if originalFeed == nil {
+		response.JSON().NotFound(errors.New("Feed not found"))
+		return
+	}
+
+	originalFeed.Merge(newFeed)
+	if err := c.store.UpdateFeed(originalFeed); err != nil {
+		response.JSON().ServerError(errors.New("Unable to update this feed"))
+		return
+	}
+
+	originalFeed, err = c.store.FeedByID(userID, feedID)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch this feed"))
+		return
+	}
+
+	response.JSON().Created(originalFeed)
+}
+
+// GetFeeds is the API handler that get all feeds that belongs to the given user.
+func (c *Controller) GetFeeds(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	feeds, err := c.store.Feeds(ctx.UserID())
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch feeds from the database"))
+		return
+	}
+
+	response.JSON().Standard(feeds)
+}
+
+// GetFeed is the API handler to get a feed.
+func (c *Controller) GetFeed(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	feedID, err := request.IntegerParam("feedID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	feed, err := c.store.FeedByID(userID, feedID)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch this feed"))
+		return
+	}
+
+	if feed == nil {
+		response.JSON().NotFound(errors.New("Feed not found"))
+		return
+	}
+
+	response.JSON().Standard(feed)
+}
+
+// RemoveFeed is the API handler to remove a feed.
+func (c *Controller) RemoveFeed(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	feedID, err := request.IntegerParam("feedID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if !c.store.FeedExists(userID, feedID) {
+		response.JSON().NotFound(errors.New("Feed not found"))
+		return
+	}
+
+	if err := c.store.RemoveFeed(userID, feedID); err != nil {
+		response.JSON().ServerError(errors.New("Unable to remove this feed"))
+		return
+	}
+
+	response.JSON().NoContent()
+}

api/icon.go

@@ -0,0 +1,43 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package api
+
+import (
+	"errors"
+
+	"github.com/miniflux/miniflux/http/handler"
+)
+
+// FeedIcon returns a feed icon.
+func (c *Controller) FeedIcon(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	userID := ctx.UserID()
+	feedID, err := request.IntegerParam("feedID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if !c.store.HasIcon(feedID) {
+		response.JSON().NotFound(errors.New("This feed doesn't have any icon"))
+		return
+	}
+
+	icon, err := c.store.IconByFeedID(userID, feedID)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch feed icon"))
+		return
+	}
+
+	if icon == nil {
+		response.JSON().NotFound(errors.New("This feed doesn't have any icon"))
+		return
+	}
+
+	response.JSON().Standard(&feedIcon{
+		ID:       icon.ID,
+		MimeType: icon.MimeType,
+		Data:     icon.DataURL(),
+	})
+}

api/payload.go

@@ -0,0 +1,101 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package api
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+
+	"github.com/miniflux/miniflux/model"
+)
+
+type feedIcon struct {
+	ID       int64  `json:"id"`
+	MimeType string `json:"mime_type"`
+	Data     string `json:"data"`
+}
+
+type entriesResponse struct {
+	Total   int           `json:"total"`
+	Entries model.Entries `json:"entries"`
+}
+
+func decodeUserPayload(data io.Reader) (*model.User, error) {
+	var user model.User
+
+	decoder := json.NewDecoder(data)
+	if err := decoder.Decode(&user); err != nil {
+		return nil, fmt.Errorf("Unable to decode user JSON object: %v", err)
+	}
+
+	return &user, nil
+}
+
+func decodeURLPayload(data io.Reader) (string, error) {
+	type payload struct {
+		URL string `json:"url"`
+	}
+
+	var p payload
+	decoder := json.NewDecoder(data)
+	if err := decoder.Decode(&p); err != nil {
+		return "", fmt.Errorf("invalid JSON payload: %v", err)
+	}
+
+	return p.URL, nil
+}
+
+func decodeEntryStatusPayload(data io.Reader) ([]int64, string, error) {
+	type payload struct {
+		EntryIDs []int64 `json:"entry_ids"`
+		Status   string  `json:"status"`
+	}
+
+	var p payload
+	decoder := json.NewDecoder(data)
+	if err := decoder.Decode(&p); err != nil {
+		return nil, "", fmt.Errorf("invalid JSON payload: %v", err)
+	}
+
+	return p.EntryIDs, p.Status, nil
+}
+
+func decodeFeedCreationPayload(data io.Reader) (string, int64, error) {
+	type payload struct {
+		FeedURL    string `json:"feed_url"`
+		CategoryID int64  `json:"category_id"`
+	}
+
+	var p payload
+	decoder := json.NewDecoder(data)
+	if err := decoder.Decode(&p); err != nil {
+		return "", 0, fmt.Errorf("invalid JSON payload: %v", err)
+	}
+
+	return p.FeedURL, p.CategoryID, nil
+}
+
+func decodeFeedModificationPayload(data io.Reader) (*model.Feed, error) {
+	var feed model.Feed
+
+	decoder := json.NewDecoder(data)
+	if err := decoder.Decode(&feed); err != nil {
+		return nil, fmt.Errorf("Unable to decode feed JSON object: %v", err)
+	}
+
+	return &feed, nil
+}
+
+func decodeCategoryPayload(data io.Reader) (*model.Category, error) {
+	var category model.Category
+
+	decoder := json.NewDecoder(data)
+	if err := decoder.Decode(&category); err != nil {
+		return nil, fmt.Errorf("Unable to decode category JSON object: %v", err)
+	}
+
+	return &category, nil
+}

api/subscription.go

@@ -0,0 +1,35 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package api
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/miniflux/miniflux/http/handler"
+	"github.com/miniflux/miniflux/reader/subscription"
+)
+
+// GetSubscriptions is the API handler to find subscriptions.
+func (c *Controller) GetSubscriptions(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	websiteURL, err := decodeURLPayload(request.Body())
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	subscriptions, err := subscription.FindSubscriptions(websiteURL)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to discover subscriptions"))
+		return
+	}
+
+	if subscriptions == nil {
+		response.JSON().NotFound(fmt.Errorf("No subscription found"))
+		return
+	}
+
+	response.JSON().Standard(subscriptions)
+}

api/user.go

@@ -0,0 +1,185 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package api
+
+import (
+	"errors"
+
+	"github.com/miniflux/miniflux/http/handler"
+)
+
+// CreateUser is the API handler to create a new user.
+func (c *Controller) CreateUser(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	if !ctx.IsAdminUser() {
+		response.JSON().Forbidden()
+		return
+	}
+
+	user, err := decodeUserPayload(request.Body())
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if err := user.ValidateUserCreation(); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if c.store.UserExists(user.Username) {
+		response.JSON().BadRequest(errors.New("This user already exists"))
+		return
+	}
+
+	err = c.store.CreateUser(user)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to create this user"))
+		return
+	}
+
+	user.Password = ""
+	response.JSON().Created(user)
+}
+
+// UpdateUser is the API handler to update the given user.
+func (c *Controller) UpdateUser(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	if !ctx.IsAdminUser() {
+		response.JSON().Forbidden()
+		return
+	}
+
+	userID, err := request.IntegerParam("userID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	user, err := decodeUserPayload(request.Body())
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	if err := user.ValidateUserModification(); err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	originalUser, err := c.store.UserByID(userID)
+	if err != nil {
+		response.JSON().BadRequest(errors.New("Unable to fetch this user from the database"))
+		return
+	}
+
+	if originalUser == nil {
+		response.JSON().NotFound(errors.New("User not found"))
+		return
+	}
+
+	originalUser.Merge(user)
+	if err = c.store.UpdateUser(originalUser); err != nil {
+		response.JSON().ServerError(errors.New("Unable to update this user"))
+		return
+	}
+
+	response.JSON().Created(originalUser)
+}
+
+// Users is the API handler to get the list of users.
+func (c *Controller) Users(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	if !ctx.IsAdminUser() {
+		response.JSON().Forbidden()
+		return
+	}
+
+	users, err := c.store.Users()
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch the list of users"))
+		return
+	}
+
+	response.JSON().Standard(users)
+}
+
+// UserByID is the API handler to fetch the given user by the ID.
+func (c *Controller) UserByID(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	if !ctx.IsAdminUser() {
+		response.JSON().Forbidden()
+		return
+	}
+
+	userID, err := request.IntegerParam("userID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	user, err := c.store.UserByID(userID)
+	if err != nil {
+		response.JSON().BadRequest(errors.New("Unable to fetch this user from the database"))
+		return
+	}
+
+	if user == nil {
+		response.JSON().NotFound(errors.New("User not found"))
+		return
+	}
+
+	response.JSON().Standard(user)
+}
+
+// UserByUsername is the API handler to fetch the given user by the username.
+func (c *Controller) UserByUsername(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	if !ctx.IsAdminUser() {
+		response.JSON().Forbidden()
+		return
+	}
+
+	username := request.StringParam("username", "")
+	user, err := c.store.UserByUsername(username)
+	if err != nil {
+		response.JSON().BadRequest(errors.New("Unable to fetch this user from the database"))
+		return
+	}
+
+	if user == nil {
+		response.JSON().NotFound(errors.New("User not found"))
+		return
+	}
+
+	response.JSON().Standard(user)
+}
+
+// RemoveUser is the API handler to remove an existing user.
+func (c *Controller) RemoveUser(ctx *handler.Context, request *handler.Request, response *handler.Response) {
+	if !ctx.IsAdminUser() {
+		response.JSON().Forbidden()
+		return
+	}
+
+	userID, err := request.IntegerParam("userID")
+	if err != nil {
+		response.JSON().BadRequest(err)
+		return
+	}
+
+	user, err := c.store.UserByID(userID)
+	if err != nil {
+		response.JSON().ServerError(errors.New("Unable to fetch this user from the database"))
+		return
+	}
+
+	if user == nil {
+		response.JSON().NotFound(errors.New("User not found"))
+		return
+	}
+
+	if err := c.store.RemoveUser(user.ID); err != nil {
+		response.JSON().BadRequest(errors.New("Unable to remove this user from the database"))
+		return
+	}
+
+	response.JSON().NoContent()
+}