diff options
author | Saturnino Abril <saturnino.abril@gmail.com> | 2017-02-21 21:07:57 +0900 |
---|---|---|
committer | George Goldberg <george@gberg.me> | 2017-02-21 12:07:57 +0000 |
commit | 5c19d9be7f20d4528331a0f9f6673d20bf16d57a (patch) | |
tree | 172c6483af5c7984724d1381cb4fc7616542bbd6 /api4/user.go | |
parent | 7068307a1c12d7e045f68e73448ab728fc2b10c7 (diff) | |
download | chat-5c19d9be7f20d4528331a0f9f6673d20bf16d57a.tar.gz chat-5c19d9be7f20d4528331a0f9f6673d20bf16d57a.tar.bz2 chat-5c19d9be7f20d4528331a0f9f6673d20bf16d57a.zip |
Implement endpoint for APIv4: GET /users/{user_id}/audits (#5472)
Diffstat (limited to 'api4/user.go')
-rw-r--r-- | api4/user.go | 111 |
1 files changed, 66 insertions, 45 deletions
diff --git a/api4/user.go b/api4/user.go index 5337cedf0..4c40ef4b4 100644 --- a/api4/user.go +++ b/api4/user.go @@ -36,6 +36,7 @@ func InitUser() { BaseRoutes.User.Handle("/sessions", ApiSessionRequired(getSessions)).Methods("GET") BaseRoutes.User.Handle("/sessions/revoke", ApiSessionRequired(revokeSession)).Methods("POST") + BaseRoutes.User.Handle("/audits", ApiSessionRequired(getAudits)).Methods("GET") } @@ -481,51 +482,71 @@ func Logout(c *Context, w http.ResponseWriter, r *http.Request) { } func getSessions(c *Context, w http.ResponseWriter, r *http.Request) { - c.RequireUserId() - if c.Err != nil { - return - } - - if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) { - c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) - return - } - - if sessions, err := app.GetSessions(c.Params.UserId); err != nil { - c.Err = err - return - } else { - for _, session := range sessions { - session.Sanitize() - } - - w.Write([]byte(model.SessionsToJson(sessions))) - return - } + c.RequireUserId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) { + c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) + return + } + + if sessions, err := app.GetSessions(c.Params.UserId); err != nil { + c.Err = err + return + } else { + for _, session := range sessions { + session.Sanitize() + } + + w.Write([]byte(model.SessionsToJson(sessions))) + return + } } func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) { - c.RequireUserId() - if c.Err != nil { - return - } - - if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) { - c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) - return - } - - props := model.MapFromJson(r.Body) - sessionId := props["session_id"] - - if sessionId == "" { - c.SetInvalidParam("session_id") - } - - if err := app.RevokeSessionById(sessionId); err != nil { - c.Err = err - return - } - - ReturnStatusOK(w) -}
\ No newline at end of file + c.RequireUserId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) { + c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) + return + } + + props := model.MapFromJson(r.Body) + sessionId := props["session_id"] + + if sessionId == "" { + c.SetInvalidParam("session_id") + } + + if err := app.RevokeSessionById(sessionId); err != nil { + c.Err = err + return + } + + ReturnStatusOK(w) +} + +func getAudits(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireUserId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) { + c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) + return + } + + if audits, err := app.GetAuditsPage(c.Params.UserId, c.Params.Page, c.Params.PerPage); err != nil { + c.Err = err + return + } else { + w.Write([]byte(audits.ToJson())) + return + } +} |