-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathprofile.go
137 lines (123 loc) · 3.82 KB
/
profile.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
package handler
import (
"database/sql"
"errors"
"net/http"
"github.com/USACE/instrumentation-api/api/internal/db"
"github.com/USACE/instrumentation-api/api/internal/dto"
"github.com/USACE/instrumentation-api/api/internal/httperr"
_ "github.com/USACE/instrumentation-api/api/internal/service"
"github.com/labstack/echo/v4"
)
// CreateProfile godoc
//
// @Summary creates a user profile
// @Tags profile
// @Produce json
// @Success 200 {object} db.ProfileCreateRow
// @Failure 400 {object} echo.HTTPError
// @Failure 404 {object} echo.HTTPError
// @Failure 500 {object} echo.HTTPError
// @Router /profiles [post]
// @Security ClaimsOnly
func (h *ApiHandler) CreateProfile(c echo.Context) error {
claims := c.Get("claims").(dto.ProfileClaims)
if !claims.X509Presented {
return httperr.Forbidden(errors.New("invalid value for claim x509_presented"))
}
if claims.CacUID == nil {
return httperr.Forbidden(errors.New("unable to create profile; cacUID claim is nil"))
}
pNew, err := h.DBService.ProfileCreate(c.Request().Context(), db.ProfileCreateParams{
Username: claims.PreferredUsername,
DisplayName: claims.Name,
Email: claims.Email,
Edipi: int64(*claims.CacUID),
})
if err != nil {
return httperr.InternalServerError(err)
}
return c.JSON(http.StatusCreated, pNew)
}
// GetMyProfile godoc
//
// @Summary gets profile for current authenticated user
// @Tags profile
// @Produce json
// @Success 200 {object} db.VProfile
// @Failure 400 {object} echo.HTTPError
// @Failure 404 {object} echo.HTTPError
// @Failure 500 {object} echo.HTTPError
// @Router /my_profile [get]
// @Security ClaimsOnly
func (h *ApiHandler) GetMyProfile(c echo.Context) error {
ctx := c.Request().Context()
claims := c.Get("claims").(dto.ProfileClaims)
p, err := h.DBService.ProfileGetWithTokensForClaims(ctx, claims)
if err != nil {
if errors.Is(err, sql.ErrNoRows) {
return h.CreateProfile(c)
}
return httperr.InternalServerError(err)
}
pValidated, err := h.DBService.ProfileUpdateForClaims(ctx, p, claims)
if err != nil {
return httperr.InternalServerError(err)
}
return c.JSON(http.StatusOK, pValidated)
}
// CreateToken godoc
//
// @Summary creates token for a profile
// @Tags profile
// @Produce json
// @Success 200 {object} service.Token
// @Failure 400 {object} echo.HTTPError
// @Failure 404 {object} echo.HTTPError
// @Failure 500 {object} echo.HTTPError
// @Router /my_tokens [post]
// @Security ClaimsOnly
func (h *ApiHandler) CreateToken(c echo.Context) error {
claims := c.Get("claims").(dto.ProfileClaims)
ctx := c.Request().Context()
p, err := h.DBService.ProfileGetWithTokensForClaims(ctx, claims)
if err != nil {
return httperr.InternalServerError(err)
}
token, err := h.DBService.ProfileTokenCreate(ctx, p.ID)
if err != nil {
return httperr.InternalServerError(err)
}
return c.JSON(http.StatusCreated, token)
}
// DeleteToken godoc
//
// @Summary deletes a token for a profile
// @Tags profile
// @Produce json
// @Param token_id path string true "token uuid" Format(uuid)
// @Success 200 {object} map[string]interface{}
// @Failure 400 {object} echo.HTTPError
// @Failure 404 {object} echo.HTTPError
// @Failure 500 {object} echo.HTTPError
// @Router /my_tokens/{token_id} [delete]
// @Security ClaimsOnly
func (h *ApiHandler) DeleteToken(c echo.Context) error {
claims := c.Get("claims").(dto.ProfileClaims)
ctx := c.Request().Context()
tokenID := c.Param("token_id")
if tokenID == "" {
return httperr.Message(http.StatusBadRequest, "bad token id")
}
p, err := h.DBService.ProfileGetWithTokensForClaims(ctx, claims)
if err != nil {
return httperr.InternalServerError(err)
}
if err := h.DBService.ProfileTokenDelete(ctx, db.ProfileTokenDeleteParams{
ProfileID: p.ID,
TokenID: tokenID,
}); err != nil {
return httperr.InternalServerError(err)
}
return c.JSON(http.StatusOK, make(map[string]interface{}))
}