2020-06-08 19:07:53 +00:00
|
|
|
// Copyright or © or Copr. happyDNS (2020)
|
|
|
|
//
|
|
|
|
// contact@happydns.org
|
|
|
|
//
|
|
|
|
// This software is a computer program whose purpose is to provide a modern
|
|
|
|
// interface to interact with DNS systems.
|
|
|
|
//
|
|
|
|
// This software is governed by the CeCILL license under French law and abiding
|
|
|
|
// by the rules of distribution of free software. You can use, modify and/or
|
|
|
|
// redistribute the software under the terms of the CeCILL license as
|
|
|
|
// circulated by CEA, CNRS and INRIA at the following URL
|
|
|
|
// "http://www.cecill.info".
|
|
|
|
//
|
|
|
|
// As a counterpart to the access to the source code and rights to copy, modify
|
|
|
|
// and redistribute granted by the license, users are provided only with a
|
|
|
|
// limited warranty and the software's author, the holder of the economic
|
|
|
|
// rights, and the successive licensors have only limited liability.
|
|
|
|
//
|
|
|
|
// In this respect, the user's attention is drawn to the risks associated with
|
|
|
|
// loading, using, modifying and/or developing or reproducing the software by
|
|
|
|
// the user in light of its specific status of free software, that may mean
|
|
|
|
// that it is complicated to manipulate, and that also therefore means that it
|
|
|
|
// is reserved for developers and experienced professionals having in-depth
|
|
|
|
// computer knowledge. Users are therefore encouraged to load and test the
|
|
|
|
// software's suitability as regards their requirements in conditions enabling
|
|
|
|
// the security of their systems and/or data to be ensured and, more generally,
|
|
|
|
// to use and operate it in the same conditions as regards security.
|
|
|
|
//
|
|
|
|
// The fact that you are presently reading this means that you have had
|
|
|
|
// knowledge of the CeCILL license and that you accept its terms.
|
|
|
|
|
|
|
|
package admin
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"net/http"
|
2020-06-09 16:32:26 +00:00
|
|
|
"time"
|
2020-06-08 19:07:53 +00:00
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
"github.com/gin-gonic/gin"
|
2020-06-08 19:07:53 +00:00
|
|
|
|
2021-04-20 16:04:44 +00:00
|
|
|
"git.happydns.org/happydns/actions"
|
2020-06-08 19:07:53 +00:00
|
|
|
"git.happydns.org/happydns/api"
|
|
|
|
"git.happydns.org/happydns/config"
|
|
|
|
"git.happydns.org/happydns/model"
|
|
|
|
"git.happydns.org/happydns/storage"
|
2020-06-09 16:32:26 +00:00
|
|
|
"git.happydns.org/happydns/utils"
|
2020-06-08 19:07:53 +00:00
|
|
|
)
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func declareUsersRoutes(opts *config.Options, router *gin.RouterGroup) {
|
|
|
|
router.GET("/users", getUsers)
|
|
|
|
router.POST("/users", newUser)
|
|
|
|
router.DELETE("/users", deleteUsers)
|
|
|
|
|
|
|
|
apiUsersRoutes := router.Group("/users/:uid")
|
|
|
|
apiUsersRoutes.Use(userHandler)
|
|
|
|
|
|
|
|
apiUsersRoutes.GET("", getUser)
|
|
|
|
apiUsersRoutes.PUT("", updateUser)
|
|
|
|
apiUsersRoutes.DELETE("", deleteUser)
|
|
|
|
|
|
|
|
apiUsersRoutes.POST("/recover_link", func(c *gin.Context) {
|
|
|
|
recoverUserAcct(opts, c)
|
|
|
|
})
|
|
|
|
apiUsersRoutes.POST("/reset_password", resetUserPasswd)
|
|
|
|
apiUsersRoutes.POST("/send_recover_email", func(c *gin.Context) {
|
|
|
|
sendRecoverUserAcct(opts, c)
|
|
|
|
})
|
|
|
|
apiUsersRoutes.POST("/send_validation_email", func(c *gin.Context) {
|
|
|
|
sendValidateUserEmail(opts, c)
|
|
|
|
})
|
|
|
|
apiUsersRoutes.POST("/validation_link", func(c *gin.Context) {
|
|
|
|
emailValidationLink(opts, c)
|
|
|
|
})
|
|
|
|
apiUsersRoutes.POST("/validate_email", validateEmail)
|
|
|
|
|
|
|
|
declareDomainsRoutes(opts, apiUsersRoutes)
|
|
|
|
declareSourcesRoutes(opts, apiUsersRoutes)
|
|
|
|
|
|
|
|
router.POST("/tidy", tidyDB)
|
|
|
|
}
|
|
|
|
|
|
|
|
func userHandler(c *gin.Context) {
|
|
|
|
user, err := api.UserHandlerBase(c)
|
|
|
|
if err != nil {
|
|
|
|
user, err = storage.MainStore.GetUserByEmail(c.Param("uid"))
|
|
|
|
if err != nil {
|
|
|
|
c.AbortWithStatusJSON(http.StatusNotFound, gin.H{"errmsg": "User not found"})
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
2020-06-09 16:32:26 +00:00
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
c.Set("user", user)
|
2020-06-24 15:20:01 +00:00
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
c.Next()
|
2020-06-08 19:07:53 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func getUsers(c *gin.Context) {
|
|
|
|
users, err := storage.MainStore.GetUsers()
|
|
|
|
ApiResponse(c, users, err)
|
2020-06-08 19:07:53 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func newUser(c *gin.Context) {
|
2020-06-08 19:07:53 +00:00
|
|
|
uu := &happydns.User{}
|
2021-05-05 01:48:16 +00:00
|
|
|
err := c.ShouldBindJSON(&uu)
|
2020-06-08 19:07:53 +00:00
|
|
|
if err != nil {
|
2021-05-05 01:48:16 +00:00
|
|
|
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": fmt.Sprintf("Something is wrong in received data: %w", err)})
|
|
|
|
return
|
2020-06-08 19:07:53 +00:00
|
|
|
}
|
|
|
|
uu.Id = 0
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
ApiResponse(c, uu, storage.MainStore.CreateUser(uu))
|
2020-06-08 19:07:53 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func deleteUsers(c *gin.Context) {
|
|
|
|
ApiResponse(c, true, storage.MainStore.ClearUsers())
|
2020-06-08 19:07:53 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func getUser(c *gin.Context) {
|
|
|
|
user := c.MustGet("user").(*happydns.User)
|
2020-06-08 19:07:53 +00:00
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
c.JSON(http.StatusOK, user)
|
2020-06-08 19:07:53 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func updateUser(c *gin.Context) {
|
|
|
|
user := c.MustGet("user").(*happydns.User)
|
|
|
|
|
2020-06-08 19:07:53 +00:00
|
|
|
uu := &happydns.User{}
|
2021-05-05 01:48:16 +00:00
|
|
|
err := c.ShouldBindJSON(&uu)
|
2020-06-08 19:07:53 +00:00
|
|
|
if err != nil {
|
2021-05-05 01:48:16 +00:00
|
|
|
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": fmt.Sprintf("Something is wrong in received data: %w", err)})
|
|
|
|
return
|
2020-06-08 19:07:53 +00:00
|
|
|
}
|
|
|
|
uu.Id = user.Id
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
ApiResponse(c, uu, storage.MainStore.UpdateUser(uu))
|
2020-06-08 19:07:53 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func deleteUser(c *gin.Context) {
|
|
|
|
user := c.MustGet("user").(*happydns.User)
|
|
|
|
|
|
|
|
ApiResponse(c, true, storage.MainStore.DeleteUser(user))
|
2020-06-08 19:07:53 +00:00
|
|
|
}
|
2020-06-09 16:32:26 +00:00
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func emailValidationLink(opts *config.Options, c *gin.Context) {
|
|
|
|
user := c.MustGet("user").(*happydns.User)
|
|
|
|
|
|
|
|
ApiResponse(c, opts.GetRegistrationURL(user), nil)
|
2020-06-09 16:32:26 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func recoverUserAcct(opts *config.Options, c *gin.Context) {
|
|
|
|
user := c.MustGet("user").(*happydns.User)
|
|
|
|
|
|
|
|
ApiResponse(c, opts.GetAccountRecoveryURL(user), nil)
|
2020-06-09 16:32:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type resetPassword struct {
|
|
|
|
Password string
|
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func resetUserPasswd(c *gin.Context) {
|
|
|
|
user := c.MustGet("user").(*happydns.User)
|
|
|
|
|
2020-06-09 16:32:26 +00:00
|
|
|
urp := &resetPassword{}
|
2021-05-05 01:48:16 +00:00
|
|
|
err := c.ShouldBindJSON(&urp)
|
|
|
|
if err != nil {
|
|
|
|
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": fmt.Sprintf("Something is wrong in received data: %w", err)})
|
|
|
|
return
|
2020-06-09 16:32:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if urp.Password == "" {
|
|
|
|
urp.Password, err = utils.GeneratePassword()
|
|
|
|
if err != nil {
|
2021-05-05 01:48:16 +00:00
|
|
|
c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"errmsg": err.Error()})
|
|
|
|
return
|
2020-06-09 16:32:26 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
err = user.DefinePassword(urp.Password)
|
|
|
|
if err != nil {
|
2021-05-05 01:48:16 +00:00
|
|
|
c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"errmsg": err.Error()})
|
|
|
|
return
|
2020-06-09 16:32:26 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
ApiResponse(c, urp, storage.MainStore.UpdateUser(user))
|
2020-06-09 16:32:26 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func sendRecoverUserAcct(opts *config.Options, c *gin.Context) {
|
|
|
|
user := c.MustGet("user").(*happydns.User)
|
|
|
|
|
|
|
|
ApiResponse(c, true, actions.SendRecoveryLink(opts, user))
|
2020-06-09 16:32:26 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func sendValidateUserEmail(opts *config.Options, c *gin.Context) {
|
|
|
|
user := c.MustGet("user").(*happydns.User)
|
|
|
|
|
|
|
|
ApiResponse(c, true, actions.SendValidationLink(opts, user))
|
2020-06-09 16:32:26 +00:00
|
|
|
}
|
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func validateEmail(c *gin.Context) {
|
|
|
|
user := c.MustGet("user").(*happydns.User)
|
|
|
|
|
2020-06-09 16:32:26 +00:00
|
|
|
now := time.Now()
|
|
|
|
user.EmailValidated = &now
|
2021-05-05 01:48:16 +00:00
|
|
|
ApiResponse(c, user, storage.MainStore.UpdateUser(user))
|
2020-06-09 16:32:26 +00:00
|
|
|
}
|
2020-06-24 15:20:01 +00:00
|
|
|
|
2021-05-05 01:48:16 +00:00
|
|
|
func tidyDB(c *gin.Context) {
|
|
|
|
ApiResponse(c, true, storage.MainStore.Tidy())
|
2020-06-24 15:20:01 +00:00
|
|
|
}
|