2020-02-05 14:51:46 +01:00
|
|
|
package resolvers
|
2020-01-31 17:36:48 +01:00
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
|
2020-12-17 22:51:43 +01:00
|
|
|
"github.com/photoview/photoview/api/graphql/auth"
|
|
|
|
"github.com/photoview/photoview/api/graphql/models"
|
2020-11-28 17:31:19 +01:00
|
|
|
"github.com/pkg/errors"
|
2020-02-22 14:05:33 +01:00
|
|
|
"golang.org/x/crypto/bcrypt"
|
2020-11-28 17:31:19 +01:00
|
|
|
"gorm.io/gorm"
|
2020-01-31 17:36:48 +01:00
|
|
|
)
|
|
|
|
|
2020-02-15 22:13:02 +01:00
|
|
|
func (r *queryResolver) User(ctx context.Context, filter *models.Filter) ([]*models.User, error) {
|
2020-02-05 14:51:46 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
var users []*models.User
|
2020-12-17 21:32:13 +01:00
|
|
|
|
2020-12-17 23:21:51 +01:00
|
|
|
if err := filter.FormatSQL(r.Database.Model(models.User{})).Scan(&users).Error; err != nil {
|
2020-02-05 14:51:46 +01:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return users, nil
|
|
|
|
}
|
|
|
|
|
2020-01-31 23:30:34 +01:00
|
|
|
func (r *queryResolver) MyUser(ctx context.Context) (*models.User, error) {
|
|
|
|
|
|
|
|
user := auth.UserFromContext(ctx)
|
|
|
|
if user == nil {
|
|
|
|
return nil, auth.ErrUnauthorized
|
|
|
|
}
|
|
|
|
|
|
|
|
return user, nil
|
|
|
|
}
|
|
|
|
|
2020-02-01 00:08:23 +01:00
|
|
|
func (r *mutationResolver) AuthorizeUser(ctx context.Context, username string, password string) (*models.AuthorizeResult, error) {
|
2020-01-31 17:36:48 +01:00
|
|
|
user, err := models.AuthorizeUser(r.Database, username, password)
|
|
|
|
if err != nil {
|
2020-02-01 00:08:23 +01:00
|
|
|
return &models.AuthorizeResult{
|
2020-01-31 17:36:48 +01:00
|
|
|
Success: false,
|
|
|
|
Status: err.Error(),
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2020-01-31 23:30:34 +01:00
|
|
|
var token *models.AccessToken
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
transactionError := r.Database.Transaction(func(tx *gorm.DB) error {
|
|
|
|
token, err = user.GenerateAccessToken(tx)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2020-01-31 17:36:48 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
if transactionError != nil {
|
|
|
|
return nil, transactionError
|
|
|
|
}
|
2020-02-14 14:29:41 +01:00
|
|
|
|
2020-02-01 00:08:23 +01:00
|
|
|
return &models.AuthorizeResult{
|
2020-01-31 17:36:48 +01:00
|
|
|
Success: true,
|
|
|
|
Status: "ok",
|
2020-01-31 18:51:24 +01:00
|
|
|
Token: &token.Value,
|
2020-01-31 17:36:48 +01:00
|
|
|
}, nil
|
|
|
|
}
|
2020-02-01 00:08:23 +01:00
|
|
|
func (r *mutationResolver) RegisterUser(ctx context.Context, username string, password string, rootPath string) (*models.AuthorizeResult, error) {
|
2020-02-14 14:29:41 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
var token *models.AccessToken
|
2020-01-31 17:36:48 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
transactionError := r.Database.Transaction(func(tx *gorm.DB) error {
|
|
|
|
user, err := models.RegisterUser(tx, username, &password, rootPath, false)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2020-02-14 14:29:41 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
token, err = user.GenerateAccessToken(tx)
|
|
|
|
if err != nil {
|
|
|
|
tx.Rollback()
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
if transactionError != nil {
|
|
|
|
return &models.AuthorizeResult{
|
|
|
|
Success: false,
|
|
|
|
Status: transactionError.Error(),
|
|
|
|
}, transactionError
|
2020-01-31 18:51:24 +01:00
|
|
|
}
|
2020-01-31 17:36:48 +01:00
|
|
|
|
2020-02-01 00:08:23 +01:00
|
|
|
return &models.AuthorizeResult{
|
2020-01-31 17:36:48 +01:00
|
|
|
Success: true,
|
|
|
|
Status: "ok",
|
2020-01-31 18:51:24 +01:00
|
|
|
Token: &token.Value,
|
2020-01-31 17:36:48 +01:00
|
|
|
}, nil
|
|
|
|
}
|
2020-02-05 16:49:51 +01:00
|
|
|
|
|
|
|
func (r *mutationResolver) InitialSetupWizard(ctx context.Context, username string, password string, rootPath string) (*models.AuthorizeResult, error) {
|
|
|
|
siteInfo, err := models.GetSiteInfo(r.Database)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2020-02-14 14:29:41 +01:00
|
|
|
if !siteInfo.InitialSetup {
|
|
|
|
return nil, errors.New("not initial setup")
|
|
|
|
}
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
var token *models.AccessToken
|
2020-02-05 16:49:51 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
transactionError := r.Database.Transaction(func(tx *gorm.DB) error {
|
|
|
|
if err := tx.Exec("UPDATE site_info SET initial_setup = false").Error; err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2020-02-14 14:29:41 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
user, err := models.RegisterUser(tx, username, &password, rootPath, true)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
token, err = user.GenerateAccessToken(tx)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
if transactionError != nil {
|
2020-02-14 14:29:41 +01:00
|
|
|
return &models.AuthorizeResult{
|
|
|
|
Success: false,
|
|
|
|
Status: err.Error(),
|
|
|
|
}, nil
|
2020-02-05 16:49:51 +01:00
|
|
|
}
|
|
|
|
|
2020-02-14 14:29:41 +01:00
|
|
|
return &models.AuthorizeResult{
|
|
|
|
Success: true,
|
|
|
|
Status: "ok",
|
|
|
|
Token: &token.Value,
|
|
|
|
}, nil
|
2020-02-05 16:49:51 +01:00
|
|
|
}
|
2020-02-16 12:22:00 +01:00
|
|
|
|
|
|
|
// Admin queries
|
2020-02-22 14:05:33 +01:00
|
|
|
func (r *mutationResolver) UpdateUser(ctx context.Context, id int, username *string, rootPath *string, password *string, admin *bool) (*models.User, error) {
|
2020-02-16 12:22:00 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
if username == nil && rootPath == nil && password == nil && admin == nil {
|
|
|
|
return nil, errors.New("no updates requested")
|
2020-02-16 12:22:00 +01:00
|
|
|
}
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
var user models.User
|
|
|
|
if err := r.Database.First(&user, id).Error; err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2020-02-16 12:22:00 +01:00
|
|
|
|
|
|
|
if username != nil {
|
2020-11-28 17:31:19 +01:00
|
|
|
user.Username = *username
|
2020-02-16 12:22:00 +01:00
|
|
|
}
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
if rootPath != nil {
|
|
|
|
user.RootPath = *rootPath
|
2020-02-16 12:22:00 +01:00
|
|
|
}
|
2020-11-28 17:31:19 +01:00
|
|
|
|
2020-02-22 14:05:33 +01:00
|
|
|
if password != nil {
|
|
|
|
hashedPassBytes, err := bcrypt.GenerateFromPassword([]byte(*password), 12)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
hashedPass := string(hashedPassBytes)
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
user.Password = &hashedPass
|
2020-02-22 14:05:33 +01:00
|
|
|
}
|
2020-02-16 12:22:00 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
if admin != nil {
|
|
|
|
user.Admin = *admin
|
2020-02-16 12:22:00 +01:00
|
|
|
}
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
if err := r.Database.Save(&user).Error; err != nil {
|
|
|
|
return nil, errors.Wrap(err, "failed to update user")
|
2020-02-16 12:22:00 +01:00
|
|
|
}
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
return &user, nil
|
2020-02-16 12:22:00 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func (r *mutationResolver) CreateUser(ctx context.Context, username string, rootPath string, password *string, admin bool) (*models.User, error) {
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
var user *models.User
|
2020-02-16 12:22:00 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
transactionError := r.Database.Transaction(func(tx *gorm.DB) error {
|
|
|
|
var err error
|
|
|
|
user, err = models.RegisterUser(tx, username, password, rootPath, admin)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
if transactionError != nil {
|
|
|
|
return nil, transactionError
|
2020-02-16 12:22:00 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return user, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r *mutationResolver) DeleteUser(ctx context.Context, id int) (*models.User, error) {
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
var user models.User
|
2020-02-16 12:22:00 +01:00
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
if err := r.Database.First(&user, id).Error; err != nil {
|
2020-02-16 12:22:00 +01:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
if err := r.Database.Delete(&user).Error; err != nil {
|
2020-02-16 12:22:00 +01:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2020-11-28 17:31:19 +01:00
|
|
|
return &user, nil
|
2020-02-16 12:22:00 +01:00
|
|
|
}
|