1
0
mirror of https://github.com/osmarks/mycorrhiza.git synced 2024-10-30 19:56:16 +00:00
mycorrhiza/web/admin.go

131 lines
3.5 KiB
Go
Raw Normal View History

package web
import (
"fmt"
"io"
"log"
"mime"
"net/http"
2021-06-29 10:34:36 +00:00
"sort"
"strings"
"github.com/bouncepaw/mycorrhiza/cfg"
"github.com/bouncepaw/mycorrhiza/user"
"github.com/bouncepaw/mycorrhiza/util"
"github.com/bouncepaw/mycorrhiza/views"
)
// initAdmin sets up /admin routes if auth is used. Call it after you have decided if you want to use auth.
func initAdmin() {
if cfg.UseAuth {
http.HandleFunc("/admin/", handlerAdmin)
http.HandleFunc("/admin/shutdown/", handlerAdminShutdown)
http.HandleFunc("/admin/reindex-users/", handlerAdminReindexUsers)
2021-06-29 10:34:36 +00:00
http.HandleFunc("/admin/users/", handlerAdminUsers)
}
}
// handlerAdmin provides the admin panel.
func handlerAdmin(w http.ResponseWriter, rq *http.Request) {
util.PrepareRq(rq)
if user.CanProceed(rq, "admin") {
w.Header().Set("Content-Type", "text/html;charset=utf-8")
w.WriteHeader(http.StatusOK)
_, err := io.WriteString(w, views.BaseHTML("Admin panel", views.AdminPanelHTML(), user.FromRequest(rq)))
if err != nil {
log.Println(err)
}
}
}
// handlerAdminShutdown kills the wiki.
func handlerAdminShutdown(w http.ResponseWriter, rq *http.Request) {
util.PrepareRq(rq)
if user.CanProceed(rq, "admin/shutdown") && rq.Method == "POST" {
log.Fatal("An admin commanded the wiki to shutdown")
}
}
// handlerAdminReindexUsers reinitialises the user system.
func handlerAdminReindexUsers(w http.ResponseWriter, rq *http.Request) {
util.PrepareRq(rq)
if user.CanProceed(rq, "admin") && rq.Method == "POST" {
user.ReadUsersFromFilesystem()
redirectTo := rq.Referer()
if redirectTo == "" {
redirectTo = "/hypha/" + cfg.UserHypha
}
http.Redirect(w, rq, redirectTo, http.StatusSeeOther)
}
}
2021-06-29 10:34:36 +00:00
func handlerAdminUsers(w http.ResponseWriter, r *http.Request) {
util.PrepareRq(r)
if user.CanProceed(r, "admin") {
path := strings.TrimPrefix(r.URL.Path, "/admin/users")
parts := strings.Split(path, "/")[1:]
// Users dashboard
if len(parts) == 0 {
// Get a sorted list of users
var userList []*user.User
for u := range user.YieldUsers() {
userList = append(userList, u)
}
sort.Slice(userList, func(i, j int) bool {
less := userList[i].RegisteredAt.Before(userList[j].RegisteredAt)
return less
})
html := views.AdminUsersPanelHTML(userList)
html = views.BaseHTML("Manage users", html, user.FromRequest(r))
w.Header().Set("Content-Type", mime.TypeByExtension(".html"))
if _, err := io.WriteString(w, html); err != nil {
log.Println(err)
}
return
2021-06-29 10:34:36 +00:00
}
// User edit page
if len(parts) == 2 && parts[1] == "edit" {
u := user.UserByName(parts[0])
2021-06-29 10:34:36 +00:00
if u != nil && u.Name != "anon" {
if r.Method == http.MethodGet {
html := views.AdminUsersUserHTML(u)
html = views.BaseHTML(fmt.Sprintf("User %s", u.Name), html, user.FromRequest(r))
2021-06-29 10:34:36 +00:00
w.Header().Set("Content-Type", mime.TypeByExtension(".html"))
if _, err := io.WriteString(w, html); err != nil {
log.Println(err)
}
return
} else if r.Method == http.MethodPost {
oldGroup := u.Group
newGroup := r.PostFormValue("group")
if user.ValidGroup(newGroup) {
u.Group = newGroup
if err := user.SaveUserDatabase(); err != nil {
u.Group = oldGroup
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
io.WriteString(w, err.Error())
} else {
http.Redirect(w, r, "/admin/users/", http.StatusSeeOther)
}
} else {
w.WriteHeader(http.StatusBadRequest)
io.WriteString(w, "invalid group")
}
return
}
}
2021-06-29 10:34:36 +00:00
}
util.HTTP404Page(w, "404 page not found")
2021-06-29 10:34:36 +00:00
}
}