First commit

2025-06-27 16:36:00 +00:00 · 2017-11-19 21:10:04 -08:00 · 2017-11-19 21:10:04 -08:00 · 8ffb773f43
commit 8ffb773f43
2121 changed files with 1118910 additions and 0 deletions
--- a/server/api/controller/user.go
+++ b/server/api/controller/user.go
@ -0,0 +1,163 @@
+// Copyright 2017 Frédéric Guillot. All rights reserved.
+// Use of this source code is governed by the Apache 2.0
+// license that can be found in the LICENSE file.
+
+package api
+
+import (
+	"errors"
+	"github.com/miniflux/miniflux2/server/api/payload"
+	"github.com/miniflux/miniflux2/server/core"
+)
+
+// CreateUser is the API handler to create a new user.
+func (c *Controller) CreateUser(ctx *core.Context, request *core.Request, response *core.Response) {
+	if !ctx.IsAdminUser() {
+		response.Json().Forbidden()
+		return
+	}
+
+	user, err := payload.DecodeUserPayload(request.GetBody())
+	if err != nil {
+		response.Json().BadRequest(err)
+		return
+	}
+
+	if err := user.ValidateUserCreation(); err != nil {
+		response.Json().BadRequest(err)
+		return
+	}
+
+	if c.store.UserExists(user.Username) {
+		response.Json().BadRequest(errors.New("This user already exists"))
+		return
+	}
+
+	err = c.store.CreateUser(user)
+	if err != nil {
+		response.Json().ServerError(errors.New("Unable to create this user"))
+		return
+	}
+
+	user.Password = ""
+	response.Json().Created(user)
+}
+
+// UpdateUser is the API handler to update the given user.
+func (c *Controller) UpdateUser(ctx *core.Context, request *core.Request, response *core.Response) {
+	if !ctx.IsAdminUser() {
+		response.Json().Forbidden()
+		return
+	}
+
+	userID, err := request.GetIntegerParam("userID")
+	if err != nil {
+		response.Json().BadRequest(err)
+		return
+	}
+
+	user, err := payload.DecodeUserPayload(request.GetBody())
+	if err != nil {
+		response.Json().BadRequest(err)
+		return
+	}
+
+	if err := user.ValidateUserModification(); err != nil {
+		response.Json().BadRequest(err)
+		return
+	}
+
+	originalUser, err := c.store.GetUserById(userID)
+	if err != nil {
+		response.Json().BadRequest(errors.New("Unable to fetch this user from the database"))
+		return
+	}
+
+	if originalUser == nil {
+		response.Json().NotFound(errors.New("User not found"))
+		return
+	}
+
+	originalUser.Merge(user)
+	if err = c.store.UpdateUser(originalUser); err != nil {
+		response.Json().ServerError(errors.New("Unable to update this user"))
+		return
+	}
+
+	response.Json().Created(originalUser)
+}
+
+// GetUsers is the API handler to get the list of users.
+func (c *Controller) GetUsers(ctx *core.Context, request *core.Request, response *core.Response) {
+	if !ctx.IsAdminUser() {
+		response.Json().Forbidden()
+		return
+	}
+
+	users, err := c.store.GetUsers()
+	if err != nil {
+		response.Json().ServerError(errors.New("Unable to fetch the list of users"))
+		return
+	}
+
+	response.Json().Standard(users)
+}
+
+// GetUser is the API handler to fetch the given user.
+func (c *Controller) GetUser(ctx *core.Context, request *core.Request, response *core.Response) {
+	if !ctx.IsAdminUser() {
+		response.Json().Forbidden()
+		return
+	}
+
+	userID, err := request.GetIntegerParam("userID")
+	if err != nil {
+		response.Json().BadRequest(err)
+		return
+	}
+
+	user, err := c.store.GetUserById(userID)
+	if err != nil {
+		response.Json().BadRequest(errors.New("Unable to fetch this user from the database"))
+		return
+	}
+
+	if user == nil {
+		response.Json().NotFound(errors.New("User not found"))
+		return
+	}
+
+	response.Json().Standard(user)
+}
+
+// RemoveUser is the API handler to remove an existing user.
+func (c *Controller) RemoveUser(ctx *core.Context, request *core.Request, response *core.Response) {
+	if !ctx.IsAdminUser() {
+		response.Json().Forbidden()
+		return
+	}
+
+	userID, err := request.GetIntegerParam("userID")
+	if err != nil {
+		response.Json().BadRequest(err)
+		return
+	}
+
+	user, err := c.store.GetUserById(userID)
+	if err != nil {
+		response.Json().ServerError(errors.New("Unable to fetch this user from the database"))
+		return
+	}
+
+	if user == nil {
+		response.Json().NotFound(errors.New("User not found"))
+		return
+	}
+
+	if err := c.store.RemoveUser(user.ID); err != nil {
+		response.Json().BadRequest(errors.New("Unable to remove this user from the database"))
+		return
+	}
+
+	response.Json().NoContent()
+}