From 21fd3403b27a2d23337a4d2e63efcd5e50db8ff9 Mon Sep 17 00:00:00 2001 From: Jason Streifling Date: Fri, 12 Apr 2024 08:46:34 +0200 Subject: [PATCH] Added ability to delete other users --- cmd/main.go | 4 +- cmd/model/users.go | 24 +++++++---- cmd/view/users.go | 68 ++++++++++++++++++++++++++++--- web/templates/add-user.html | 2 +- web/templates/edit-user.html | 2 +- web/templates/hub.html | 7 +++- web/templates/show-all-users.html | 6 +-- 7 files changed, 92 insertions(+), 21 deletions(-) diff --git a/cmd/main.go b/cmd/main.go index 0528b88..75b1713 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -53,6 +53,7 @@ func main() { mux.HandleFunc("GET /create-user", view.CreateUser(config)) mux.HandleFunc("GET /edit-self", view.EditSelf(config, db, store)) mux.HandleFunc("GET /edit-user/{id}", view.EditUser(config, db)) + mux.HandleFunc("GET /delete-user/{id}", view.DeleteUser(config, db, store)) mux.HandleFunc("GET /hub", view.ShowHub(config, db, store)) mux.HandleFunc("GET /logout", view.Logout(config, store)) mux.HandleFunc("GET /pics/{pic}", view.ServeImage(config, store)) @@ -65,7 +66,8 @@ func main() { mux.HandleFunc("GET /rss", func(w http.ResponseWriter, r *http.Request) { http.ServeFile(w, r, config.RSSFile) }) - mux.HandleFunc("GET /show-all-users", view.ShowAllUsers(config, db)) + mux.HandleFunc("GET /show-all-users-edit", view.ShowAllUsers(config, db, store, "edit-user")) + mux.HandleFunc("GET /show-all-users-delete", view.ShowAllUsers(config, db, store, "delete-user")) mux.HandleFunc("GET /this-issue", view.ShowCurrentArticles(config, db)) mux.HandleFunc("GET /unpublished-articles", view.ShowUnpublishedArticles(config, db)) mux.HandleFunc("GET /write-article", view.WriteArticle(config, db)) diff --git a/cmd/model/users.go b/cmd/model/users.go index b2ae03f..08102db 100644 --- a/cmd/model/users.go +++ b/cmd/model/users.go @@ -14,6 +14,7 @@ const ( Publisher Editor Author + NonExistent ) type User struct { @@ -269,7 +270,7 @@ func (db *DB) AddFirstUser(u *User, pass string) (int64, error) { return 0, fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries) } -func (db *DB) GetAllUsers() ([]*User, error) { +func (db *DB) GetAllUsers() (map[int64]*User, error) { query := "SELECT id, username, first_name, last_name, role FROM users" rows, err := db.Query(query) @@ -277,14 +278,14 @@ func (db *DB) GetAllUsers() ([]*User, error) { return nil, fmt.Errorf("error getting all users from DB: %v", err) } - users := make([]*User, 0) + users := make(map[int64]*User, 0) for rows.Next() { user := new(User) if err = rows.Scan(&user.ID, &user.UserName, &user.FirstName, &user.LastName, &user.Role); err != nil { return nil, fmt.Errorf("error getting user info: %v", err) } - users = append(users, user) + users[user.ID] = user } return users, nil @@ -299,11 +300,7 @@ func (tx *Tx) SetPassword(id int64, newPass string) error { return fmt.Errorf("error creating password hash: %v", err) } - setQuery := ` - UPDATE users - SET password = ? - WHERE id = ? - ` + setQuery := "UPDATE users SET password = ? WHERE id = ?" if _, err = tx.Exec(setQuery, string(hashedPass), id); err != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil { log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) @@ -370,3 +367,14 @@ func (db *DB) UpdateUserAttributes(id int64, user, first, last, newPass, newPass return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries) } + +func (db *DB) DeleteUser(id int64) error { + query := "DELETE FROM users WHERE id = ?" + + _, err := db.Exec(query, id) + if err != nil { + return fmt.Errorf("error deleting user %v from DB: %v", id, err) + } + + return nil +} diff --git a/cmd/view/users.go b/cmd/view/users.go index d4e8d93..f650c0e 100644 --- a/cmd/view/users.go +++ b/cmd/view/users.go @@ -95,8 +95,16 @@ func AddUser(c *control.Config, db *model.DB, s *control.CookieStore) http.Handl return } + session, err := s.Get(r, "cookie") + if err != nil { + tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html") + msg := "Session nicht mehr gültig. Bitte erneut anmelden." + template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg) + } + tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html") - template.Must(tmpl, err).ExecuteTemplate(w, "page-content", 0) + tmpl = template.Must(tmpl, err) + tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int)) } } @@ -266,17 +274,32 @@ func AddFirstUser(c *control.Config, db *model.DB, s *control.CookieStore) http. } } -func ShowAllUsers(c *control.Config, db *model.DB) http.HandlerFunc { +func ShowAllUsers(c *control.Config, db *model.DB, s *control.CookieStore, action string) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { - users, err := db.GetAllUsers() + var err error + type htmlData struct { + Users map[int64]*model.User + Action string + } + + data := &htmlData{Action: action} + data.Users, err = db.GetAllUsers() if err != nil { log.Println(err) http.Error(w, err.Error(), http.StatusInternalServerError) return } + session, err := s.Get(r, "cookie") + if err != nil { + tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html") + msg := "Session nicht mehr gültig. Bitte erneut anmelden." + template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg) + } + + delete(data.Users, session.Values["id"].(int64)) tmpl, err := template.ParseFiles(c.WebDir + "/templates/show-all-users.html") - template.Must(tmpl, err).ExecuteTemplate(w, "page-content", users) + template.Must(tmpl, err).ExecuteTemplate(w, "page-content", data) } } @@ -372,8 +395,43 @@ func UpdateUser(c *control.Config, db *model.DB, s *control.CookieStore) http.Ha template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData) } + session, err := s.Get(r, "cookie") + if err != nil { + tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html") + msg := "Session nicht mehr gültig. Bitte erneut anmelden." + template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg) + } + tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html") tmpl = template.Must(tmpl, err) - tmpl.ExecuteTemplate(w, "page-content", 0) + tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int)) + } +} + +func DeleteUser(c *control.Config, db *model.DB, s *control.CookieStore) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + id, err := strconv.ParseInt(r.PathValue("id"), 10, 64) + if err != nil { + log.Println(err) + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + if err = db.DeleteUser(id); err != nil { + log.Println(err) + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + session, err := s.Get(r, "cookie") + if err != nil { + tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html") + msg := "Session nicht mehr gültig. Bitte erneut anmelden." + template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg) + } + + tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html") + tmpl = template.Must(tmpl, err) + tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int)) } } diff --git a/web/templates/add-user.html b/web/templates/add-user.html index bd51ef4..10376e1 100644 --- a/web/templates/add-user.html +++ b/web/templates/add-user.html @@ -40,7 +40,7 @@
- +
diff --git a/web/templates/edit-user.html b/web/templates/edit-user.html index fedb356..819f6df 100644 --- a/web/templates/edit-user.html +++ b/web/templates/edit-user.html @@ -44,7 +44,7 @@
- +
diff --git a/web/templates/hub.html b/web/templates/hub.html index 0f1c1d9..c696366 100644 --- a/web/templates/hub.html +++ b/web/templates/hub.html @@ -2,6 +2,7 @@
+ {{if lt . 4}}

Autor

@@ -11,6 +12,7 @@
+ {{end}} {{if lt . 3}}
@@ -36,9 +38,10 @@ {{if eq . 0}}

Administrator

-
+
- + +
{{end}} diff --git a/web/templates/show-all-users.html b/web/templates/show-all-users.html index ace8057..044433d 100644 --- a/web/templates/show-all-users.html +++ b/web/templates/show-all-users.html @@ -2,12 +2,12 @@

Alle Benutzer

- {{range .}} -