2024-03-09 10:25:20 +01:00
|
|
|
package model
|
2024-02-18 16:37:13 +01:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"database/sql"
|
|
|
|
|
"fmt"
|
2024-03-06 16:58:41 +01:00
|
|
|
"log"
|
2024-03-07 20:11:28 +01:00
|
|
|
"time"
|
2024-02-18 16:37:13 +01:00
|
|
|
|
|
|
|
|
"github.com/go-sql-driver/mysql"
|
2024-02-22 18:49:51 +01:00
|
|
|
"golang.org/x/crypto/bcrypt"
|
2024-02-18 16:37:13 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type DB struct {
|
|
|
|
|
*sql.DB
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func OpenDB(dbName string) (*DB, error) {
|
|
|
|
|
var err error
|
|
|
|
|
db := DB{DB: &sql.DB{}}
|
|
|
|
|
|
|
|
|
|
cfg := mysql.NewConfig()
|
|
|
|
|
cfg.DBName = dbName
|
|
|
|
|
cfg.User, cfg.Passwd, err = getCredentials()
|
|
|
|
|
if err != nil {
|
2024-02-22 15:23:29 +01:00
|
|
|
return nil, fmt.Errorf("error reading user credentials for DB: %v", err)
|
2024-02-18 16:37:13 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
db.DB, err = sql.Open("mysql", cfg.FormatDSN())
|
|
|
|
|
if err != nil {
|
2024-02-22 15:23:29 +01:00
|
|
|
return nil, fmt.Errorf("error opening DB: %v", err)
|
2024-02-18 16:37:13 +01:00
|
|
|
}
|
|
|
|
|
if err = db.Ping(); err != nil {
|
2024-02-22 15:23:29 +01:00
|
|
|
return nil, fmt.Errorf("error pinging DB: %v", err)
|
2024-02-18 16:37:13 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return &db, nil
|
|
|
|
|
}
|
2024-02-22 18:49:51 +01:00
|
|
|
|
2024-03-07 15:31:00 +01:00
|
|
|
func (db *DB) UpdateAttribute(table string, id int64, attribute string, val interface{}) error {
|
2024-03-07 20:11:28 +01:00
|
|
|
query := fmt.Sprintf(`
|
|
|
|
|
UPDATE %s
|
|
|
|
|
SET %s = ?
|
2024-03-07 15:31:00 +01:00
|
|
|
WHERE id = ?
|
2024-03-07 20:11:28 +01:00
|
|
|
`, table, attribute)
|
|
|
|
|
if _, err := db.Exec(query, val, id); err != nil {
|
2024-03-07 15:31:00 +01:00
|
|
|
return fmt.Errorf("error updating article in DB: %v", err)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-03 13:56:49 +01:00
|
|
|
func (db *DB) AddUser(user *User, pass string) error {
|
2024-02-22 20:12:09 +01:00
|
|
|
hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("error creating password hash: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-22 18:49:51 +01:00
|
|
|
query := `
|
|
|
|
|
INSERT INTO users
|
2024-03-01 12:25:53 +01:00
|
|
|
(username, password, first_name, last_name, role)
|
2024-03-03 09:16:49 +01:00
|
|
|
VALUES (?, ?, ?, ?, ?)
|
2024-02-22 18:49:51 +01:00
|
|
|
`
|
2024-03-05 16:38:18 +01:00
|
|
|
if _, err = db.Exec(query, user.UserName, string(hashedPass), user.FirstName, user.LastName, user.Role); err != nil {
|
2024-02-22 18:49:51 +01:00
|
|
|
return fmt.Errorf("error inserting user into DB: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2024-02-22 19:27:41 +01:00
|
|
|
|
2024-03-01 12:25:53 +01:00
|
|
|
func (db *DB) GetID(userName string) (int64, error) {
|
2024-02-24 09:54:25 +01:00
|
|
|
var id int64
|
|
|
|
|
|
|
|
|
|
query := `
|
2024-03-03 09:16:49 +01:00
|
|
|
SELECT id
|
|
|
|
|
FROM users
|
|
|
|
|
WHERE username = ?
|
2024-02-24 09:54:25 +01:00
|
|
|
`
|
2024-03-01 12:25:53 +01:00
|
|
|
row := db.QueryRow(query, userName)
|
2024-02-24 09:54:25 +01:00
|
|
|
if err := row.Scan(&id); err != nil {
|
|
|
|
|
return 0, fmt.Errorf("user not in DB: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return id, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (db *DB) CheckPassword(id int64, pass string) error {
|
|
|
|
|
var queriedPass string
|
2024-02-22 19:27:41 +01:00
|
|
|
|
2024-02-24 09:54:25 +01:00
|
|
|
query := `
|
2024-03-03 09:16:49 +01:00
|
|
|
SELECT password
|
|
|
|
|
FROM users
|
|
|
|
|
WHERE id = ?
|
2024-02-22 19:27:41 +01:00
|
|
|
`
|
2024-02-24 09:54:25 +01:00
|
|
|
row := db.QueryRow(query, id)
|
|
|
|
|
if err := row.Scan(&queriedPass); err != nil {
|
2024-02-22 19:27:41 +01:00
|
|
|
return fmt.Errorf("error reading password from DB: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-24 09:54:25 +01:00
|
|
|
if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil {
|
|
|
|
|
return fmt.Errorf("incorrect password: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (db *DB) ChangePassword(id int64, oldPass, newPass string) error {
|
2024-03-06 15:37:59 +01:00
|
|
|
tx, err := db.Begin()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("error starting transaction: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-06 16:51:08 +01:00
|
|
|
var queriedPass string
|
|
|
|
|
getQuery := `
|
|
|
|
|
SELECT password
|
|
|
|
|
FROM users
|
|
|
|
|
WHERE id = ?
|
|
|
|
|
`
|
|
|
|
|
row := tx.QueryRow(getQuery, id)
|
|
|
|
|
if err := row.Scan(&queriedPass); err != nil {
|
2024-03-06 16:58:41 +01:00
|
|
|
if rollbackErr := tx.Rollback(); rollbackErr != nil {
|
|
|
|
|
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
|
|
|
|
|
}
|
2024-03-06 16:51:08 +01:00
|
|
|
return fmt.Errorf("error reading password from DB: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(oldPass)); err != nil {
|
2024-03-06 16:58:41 +01:00
|
|
|
if rollbackErr := tx.Rollback(); rollbackErr != nil {
|
|
|
|
|
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
|
|
|
|
|
}
|
2024-03-06 16:51:08 +01:00
|
|
|
return fmt.Errorf("incorrect password: %v", err)
|
2024-02-22 19:27:41 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
newHashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
|
|
|
|
|
if err != nil {
|
2024-03-06 16:58:41 +01:00
|
|
|
if rollbackErr := tx.Rollback(); rollbackErr != nil {
|
|
|
|
|
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
|
|
|
|
|
}
|
2024-02-22 19:27:41 +01:00
|
|
|
return fmt.Errorf("error creating password hash: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-06 16:51:08 +01:00
|
|
|
setQuery := `
|
2024-03-03 09:16:49 +01:00
|
|
|
UPDATE users
|
|
|
|
|
SET password = ?
|
|
|
|
|
WHERE id = ?
|
2024-02-22 19:27:41 +01:00
|
|
|
`
|
2024-03-06 16:51:08 +01:00
|
|
|
if _, err = tx.Exec(setQuery, string(newHashedPass), id); err != nil {
|
2024-03-06 16:58:41 +01:00
|
|
|
if rollbackErr := tx.Rollback(); rollbackErr != nil {
|
|
|
|
|
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
|
|
|
|
|
}
|
2024-02-22 19:27:41 +01:00
|
|
|
return fmt.Errorf("error updating password in DB: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-06 15:37:59 +01:00
|
|
|
if err = tx.Commit(); err != nil {
|
|
|
|
|
return fmt.Errorf("error committing transaction: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-22 19:27:41 +01:00
|
|
|
return nil
|
|
|
|
|
}
|
2024-02-24 14:49:29 +01:00
|
|
|
|
|
|
|
|
func (db *DB) CountEntries() (int64, error) {
|
|
|
|
|
var count int64
|
|
|
|
|
|
|
|
|
|
query := `SELECT COUNT(*) FROM users`
|
|
|
|
|
row := db.QueryRow(query)
|
|
|
|
|
if err := row.Scan(&count); err != nil {
|
|
|
|
|
return 0, fmt.Errorf("error counting rows in user DB: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return count, nil
|
|
|
|
|
}
|
2024-03-03 09:16:49 +01:00
|
|
|
|
|
|
|
|
// TODO: No need for ID field in general
|
|
|
|
|
func (db *DB) GetUser(id int64) (*User, error) {
|
|
|
|
|
user := new(User)
|
|
|
|
|
query := `
|
|
|
|
|
SELECT id, username, first_name, last_name, role
|
|
|
|
|
FROM users
|
|
|
|
|
WHERE id = ?
|
|
|
|
|
`
|
|
|
|
|
|
|
|
|
|
row := db.QueryRow(query, id)
|
2024-03-05 16:38:18 +01:00
|
|
|
if err := row.Scan(&user.ID, &user.UserName, &user.FirstName, &user.LastName, &user.Role); err != nil {
|
2024-03-03 09:16:49 +01:00
|
|
|
return nil, fmt.Errorf("error reading user information: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return user, nil
|
|
|
|
|
}
|
2024-03-06 20:53:17 +01:00
|
|
|
|
|
|
|
|
func (db *DB) AddTag(tagName string) error {
|
2024-03-07 15:31:00 +01:00
|
|
|
query := "INSERT INTO tags (name) VALUES (?)"
|
2024-03-06 20:53:17 +01:00
|
|
|
if _, err := db.Exec(query, tagName); err != nil {
|
|
|
|
|
return fmt.Errorf("error inserting tag into DB: %v", err)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-07 20:11:28 +01:00
|
|
|
func (db *DB) GetTagList() ([]*Tag, error) {
|
2024-03-06 20:53:17 +01:00
|
|
|
query := "SELECT id, name FROM tags"
|
|
|
|
|
rows, err := db.Query(query)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("error querying tags: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-07 20:11:28 +01:00
|
|
|
tagList := make([]*Tag, 0)
|
2024-03-06 20:53:17 +01:00
|
|
|
for rows.Next() {
|
2024-03-07 20:11:28 +01:00
|
|
|
tag := new(Tag)
|
2024-03-06 20:53:17 +01:00
|
|
|
if err = rows.Scan(&tag.ID, &tag.Name); err != nil {
|
|
|
|
|
return nil, fmt.Errorf("error scanning tag row: %v", err)
|
|
|
|
|
}
|
|
|
|
|
tagList = append(tagList, tag)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return tagList, nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-07 15:31:00 +01:00
|
|
|
func (db *DB) AddArticle(a *Article) (int64, error) {
|
2024-03-06 20:53:17 +01:00
|
|
|
query := `
|
|
|
|
|
INSERT INTO articles
|
|
|
|
|
(title, description, content, published, author_id)
|
|
|
|
|
VALUES
|
2024-03-07 15:31:00 +01:00
|
|
|
(?, ?, ?, ?, ?)
|
2024-03-06 20:53:17 +01:00
|
|
|
`
|
2024-03-07 15:31:00 +01:00
|
|
|
|
|
|
|
|
result, err := db.Exec(query, a.Title, a.Desc, a.Content, a.Published, a.AuthorID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return 0, fmt.Errorf("error inserting article into DB: %v", err)
|
2024-03-06 20:53:17 +01:00
|
|
|
}
|
2024-03-07 15:31:00 +01:00
|
|
|
id, err := result.LastInsertId()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return 0, fmt.Errorf("error retrieving last ID: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return id, nil
|
2024-03-06 20:53:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (db *DB) GetArticle(id int64) (*Article, error) {
|
|
|
|
|
query := `
|
|
|
|
|
SELECT title, created, description, content, published, author_id
|
|
|
|
|
FROM articles
|
|
|
|
|
WHERE id = ?
|
|
|
|
|
`
|
|
|
|
|
row := db.QueryRow(query, id)
|
|
|
|
|
|
|
|
|
|
article := new(Article)
|
2024-03-07 20:11:28 +01:00
|
|
|
var created []byte
|
|
|
|
|
var err error
|
|
|
|
|
|
|
|
|
|
if err := row.Scan(&article.Title, &created, &article.Desc,
|
2024-03-06 20:53:17 +01:00
|
|
|
&article.Content, &article.Published, &article.AuthorID); err != nil {
|
|
|
|
|
return nil, fmt.Errorf("error scanning article row: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-07 20:11:28 +01:00
|
|
|
article.ID = id
|
|
|
|
|
article.Created, err = time.Parse("2006-01-02 15:04:05", string(created))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("error parsing created: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-06 20:53:17 +01:00
|
|
|
return article, nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-09 10:12:46 +01:00
|
|
|
func (db *DB) GetCertainArticles(published bool) ([]*Article, error) {
|
2024-03-06 20:53:17 +01:00
|
|
|
query := `
|
2024-03-07 20:11:28 +01:00
|
|
|
SELECT id, title, created, description, content, author_id
|
2024-03-06 20:53:17 +01:00
|
|
|
FROM articles
|
|
|
|
|
WHERE published = ?
|
|
|
|
|
`
|
2024-03-09 10:12:46 +01:00
|
|
|
rows, err := db.Query(query, published)
|
2024-03-06 20:53:17 +01:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("error querying articles: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-07 20:11:28 +01:00
|
|
|
articleList := make([]*Article, 0)
|
2024-03-06 20:53:17 +01:00
|
|
|
for rows.Next() {
|
2024-03-07 20:11:28 +01:00
|
|
|
article := new(Article)
|
|
|
|
|
var created []byte
|
|
|
|
|
|
|
|
|
|
if err = rows.Scan(&article.ID, &article.Title, &created, &article.Desc,
|
|
|
|
|
&article.Content, &article.AuthorID); err != nil {
|
2024-03-06 20:53:17 +01:00
|
|
|
return nil, fmt.Errorf("error scanning article row: %v", err)
|
|
|
|
|
}
|
2024-03-07 20:11:28 +01:00
|
|
|
|
|
|
|
|
article.Published = false
|
|
|
|
|
article.Created, err = time.Parse("2006-01-02 15:04:05", string(created))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("error parsing created: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-06 20:53:17 +01:00
|
|
|
articleList = append(articleList, article)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return articleList, nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-07 15:31:00 +01:00
|
|
|
func (db *DB) WriteArticleTags(articleID int64, tagIDs []int64) error {
|
|
|
|
|
tx, err := db.Begin()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("error starting transaction: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, tagID := range tagIDs {
|
|
|
|
|
query := `
|
|
|
|
|
INSERT INTO articles_tags (article_id, tag_id)
|
|
|
|
|
VALUES (?, ?)
|
|
|
|
|
`
|
|
|
|
|
if _, err := tx.Exec(query, articleID, tagID); err != nil {
|
|
|
|
|
if rollbackErr := tx.Rollback(); rollbackErr != nil {
|
|
|
|
|
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
|
|
|
|
|
}
|
|
|
|
|
return fmt.Errorf("error inserting into articles_tags: %v", err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err = tx.Commit(); err != nil {
|
|
|
|
|
return fmt.Errorf("error committing transaction: %v", err)
|
2024-03-06 20:53:17 +01:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2024-03-07 20:11:28 +01:00
|
|
|
|
|
|
|
|
func (db *DB) GetArticleTags(articleID int64) ([]*Tag, error) {
|
|
|
|
|
query := `
|
|
|
|
|
SELECT t.id, t.name
|
|
|
|
|
FROM articles a
|
|
|
|
|
INNER JOIN articles_tags at ON a.id = at.article_id
|
|
|
|
|
INNER JOIN tags t ON at.tag_id = t.id
|
|
|
|
|
WHERE a.id = ?
|
|
|
|
|
`
|
|
|
|
|
rows, err := db.Query(query, articleID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("error querying articles_tags: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tags := make([]*Tag, 0)
|
|
|
|
|
for rows.Next() {
|
|
|
|
|
tag := new(Tag)
|
|
|
|
|
if err = rows.Scan(&tag.ID, &tag.Name); err != nil {
|
|
|
|
|
return nil, fmt.Errorf("error scanning rows: %v", err)
|
|
|
|
|
}
|
|
|
|
|
tags = append(tags, tag)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return tags, nil
|
|
|
|
|
}
|
