summaryrefslogtreecommitdiffstats
path: root/api4/user.go
diff options
context:
space:
mode:
Diffstat (limited to 'api4/user.go')
-rw-r--r--api4/user.go111
1 files changed, 66 insertions, 45 deletions
diff --git a/api4/user.go b/api4/user.go
index 5337cedf0..4c40ef4b4 100644
--- a/api4/user.go
+++ b/api4/user.go
@@ -36,6 +36,7 @@ func InitUser() {
BaseRoutes.User.Handle("/sessions", ApiSessionRequired(getSessions)).Methods("GET")
BaseRoutes.User.Handle("/sessions/revoke", ApiSessionRequired(revokeSession)).Methods("POST")
+ BaseRoutes.User.Handle("/audits", ApiSessionRequired(getAudits)).Methods("GET")
}
@@ -481,51 +482,71 @@ func Logout(c *Context, w http.ResponseWriter, r *http.Request) {
}
func getSessions(c *Context, w http.ResponseWriter, r *http.Request) {
- c.RequireUserId()
- if c.Err != nil {
- return
- }
-
- if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
- c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
- return
- }
-
- if sessions, err := app.GetSessions(c.Params.UserId); err != nil {
- c.Err = err
- return
- } else {
- for _, session := range sessions {
- session.Sanitize()
- }
-
- w.Write([]byte(model.SessionsToJson(sessions)))
- return
- }
+ c.RequireUserId()
+ if c.Err != nil {
+ return
+ }
+
+ if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
+ c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+ return
+ }
+
+ if sessions, err := app.GetSessions(c.Params.UserId); err != nil {
+ c.Err = err
+ return
+ } else {
+ for _, session := range sessions {
+ session.Sanitize()
+ }
+
+ w.Write([]byte(model.SessionsToJson(sessions)))
+ return
+ }
}
func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) {
- c.RequireUserId()
- if c.Err != nil {
- return
- }
-
- if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
- c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
- return
- }
-
- props := model.MapFromJson(r.Body)
- sessionId := props["session_id"]
-
- if sessionId == "" {
- c.SetInvalidParam("session_id")
- }
-
- if err := app.RevokeSessionById(sessionId); err != nil {
- c.Err = err
- return
- }
-
- ReturnStatusOK(w)
-} \ No newline at end of file
+ c.RequireUserId()
+ if c.Err != nil {
+ return
+ }
+
+ if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
+ c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+ return
+ }
+
+ props := model.MapFromJson(r.Body)
+ sessionId := props["session_id"]
+
+ if sessionId == "" {
+ c.SetInvalidParam("session_id")
+ }
+
+ if err := app.RevokeSessionById(sessionId); err != nil {
+ c.Err = err
+ return
+ }
+
+ ReturnStatusOK(w)
+}
+
+func getAudits(c *Context, w http.ResponseWriter, r *http.Request) {
+ c.RequireUserId()
+ if c.Err != nil {
+ return
+ }
+
+ if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
+ c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+ return
+ }
+
+ if audits, err := app.GetAuditsPage(c.Params.UserId, c.Params.Page, c.Params.PerPage); err != nil {
+ c.Err = err
+ return
+ } else {
+ w.Write([]byte(audits.ToJson()))
+ return
+ }
+}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-01 22:51:13 +0000