Allow admins to add, edit, delete user groups!

2025-08-02 20:15:26 +02:00 · 2018-02-27 14:16:23 +00:00 · 2018-02-27 14:16:23 +00:00 · 19b4a3de49
commit 19b4a3de49
parent 00f415214c
23 changed files with 1470 additions and 664 deletions
--- a/domain/group/endpoint.go
+++ b/domain/group/endpoint.go
@ -0,0 +1,218 @@
+// Copyright 2018 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+package group
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"net/http"
+
+	"github.com/documize/community/core/env"
+	"github.com/documize/community/core/request"
+	"github.com/documize/community/core/response"
+	"github.com/documize/community/core/uniqueid"
+	"github.com/documize/community/domain"
+	"github.com/documize/community/model/audit"
+	"github.com/documize/community/model/group"
+)
+
+// Handler contains the runtime information such as logging and database.
+type Handler struct {
+	Runtime *env.Runtime
+	Store   *domain.Store
+}
+
+// Add saves new user group.
+func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
+	method := "group.Add"
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Administrator {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	defer r.Body.Close()
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		response.WriteBadRequestError(w, method, "body")
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	var g group.Group
+	err = json.Unmarshal(body, &g)
+	if err != nil {
+		response.WriteBadRequestError(w, method, "group")
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	g.RefID = uniqueid.Generate()
+	g.OrgID = ctx.OrgID
+
+	if len(g.Name) == 0 {
+		response.WriteMissingDataError(w, method, "name")
+		return
+	}
+
+	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	err = h.Store.Group.Add(ctx, g)
+	if err != nil {
+		ctx.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	ctx.Transaction.Commit()
+
+	g, err = h.Store.Group.Get(ctx, g.RefID)
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	h.Store.Audit.Record(ctx, audit.EventTypeGroupAdd)
+
+	response.WriteJSON(w, g)
+}
+
+// Groups returns all user groups for org.
+func (h *Handler) Groups(w http.ResponseWriter, r *http.Request) {
+	method := "group.Groups"
+	ctx := domain.GetRequestContext(r)
+
+	g, err := h.Store.Group.GetAll(ctx)
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	response.WriteJSON(w, g)
+}
+
+// Update saves group name and description changes.
+func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
+	method := "group.Update"
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Administrator {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	groupID := request.Param(r, "groupID")
+	if len(groupID) == 0 {
+		response.WriteMissingDataError(w, method, "groupID")
+		return
+	}
+
+	defer r.Body.Close()
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		response.WriteBadRequestError(w, method, "body")
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	var g group.Group
+	err = json.Unmarshal(body, &g)
+	if err != nil {
+		response.WriteBadRequestError(w, method, "group")
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	g.OrgID = ctx.OrgID
+	g.RefID = groupID
+
+	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	err = h.Store.Group.Update(ctx, g)
+	if err != nil {
+		ctx.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	ctx.Transaction.Commit()
+
+	h.Store.Audit.Record(ctx, audit.EventTypeGroupUpdate)
+
+	g, err = h.Store.Group.Get(ctx, g.RefID)
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	response.WriteJSON(w, g)
+}
+
+// Delete removes group and associated member records.
+func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
+	method := "group.Delete"
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Administrator {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	groupID := request.Param(r, "groupID")
+	if len(groupID) == 0 {
+		response.WriteMissingDataError(w, method, "groupID")
+		return
+	}
+
+	g, err := h.Store.Group.Get(ctx, groupID)
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	_, err = h.Store.Group.Delete(ctx, g.RefID)
+	if err != nil {
+		ctx.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		h.Runtime.Log.Error(method, err)
+		return
+	}
+
+	ctx.Transaction.Commit()
+
+	h.Store.Audit.Record(ctx, audit.EventTypeGroupDelete)
+
+	response.WriteEmpty(w)
+}
--- a/domain/group/mysql/store.go
+++ b/domain/group/mysql/store.go
@ -0,0 +1,95 @@
+// Copyright 2018 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+package mysql
+
+import (
+	"database/sql"
+	"fmt"
+	"time"
+
+	"github.com/documize/community/core/env"
+	"github.com/documize/community/domain"
+	"github.com/documize/community/domain/store/mysql"
+	"github.com/documize/community/model/group"
+	"github.com/pkg/errors"
+)
+
+// Scope provides data access to MySQL.
+type Scope struct {
+	Runtime *env.Runtime
+}
+
+// Add inserts new user group into store.
+func (s Scope) Add(ctx domain.RequestContext, g group.Group) (err error) {
+	g.Created = time.Now().UTC()
+	g.Revised = time.Now().UTC()
+
+	_, err = ctx.Transaction.Exec("INSERT INTO role (refid, orgid, role, purpose, created, revised) VALUES (?, ?, ?, ?, ?, ?)",
+		g.RefID, g.OrgID, g.Name, g.Purpose, g.Created, g.Revised)
+
+	if err != nil {
+		err = errors.Wrap(err, "insert group")
+	}
+
+	return
+}
+
+// Get returns requested group.
+func (s Scope) Get(ctx domain.RequestContext, refID string) (g group.Group, err error) {
+	err = s.Runtime.Db.Get(&g,
+		`SELECT id, refid, orgid, role as name, purpose, created, revised FROM role WHERE orgid=? AND refid=?`,
+		ctx.OrgID, refID)
+
+	if err != nil {
+		err = errors.Wrap(err, "select group")
+	}
+
+	return
+}
+
+// GetAll returns all user groups for current orgID.
+func (s Scope) GetAll(ctx domain.RequestContext) (groups []group.Group, err error) {
+	err = s.Runtime.Db.Select(&groups,
+		`select id, refid, orgid, role as name, purpose, created, revised FROM role WHERE orgid=? ORDER BY role`,
+		ctx.OrgID)
+
+	if err == sql.ErrNoRows || len(groups) == 0 {
+		groups = []group.Group{}
+		err = nil
+	}
+	if err != nil {
+		err = errors.Wrap(err, "select groups")
+	}
+
+	return
+}
+
+// Update group name and description.
+func (s Scope) Update(ctx domain.RequestContext, g group.Group) (err error) {
+	g.Revised = time.Now().UTC()
+
+	_, err = ctx.Transaction.Exec("UPDATE role SET role=?, purpose=?, revised=? WHERE orgid=? AND refid=?",
+		g.Name, g.Purpose, g.Revised, ctx.OrgID, g.RefID)
+
+	if err != nil {
+		err = errors.Wrap(err, "update group")
+	}
+
+	return
+}
+
+// Delete removes group from store.
+func (s Scope) Delete(ctx domain.RequestContext, refID string) (rows int64, err error) {
+	b := mysql.BaseQuery{}
+	b.DeleteConstrained(ctx.Transaction, "role", ctx.OrgID, refID)
+	return b.DeleteWhere(ctx.Transaction, fmt.Sprintf("DELETE FROM rolemember WHERE orgid=\"%s\" AND roleid=\"%s\"", ctx.OrgID, refID))
+}
--- a/domain/storer.go
+++ b/domain/storer.go
@ -20,6 +20,7 @@ import (
 	"github.com/documize/community/model/block"
 	"github.com/documize/community/model/category"
 	"github.com/documize/community/model/doc"
+	"github.com/documize/community/model/group"
 	"github.com/documize/community/model/link"
 	"github.com/documize/community/model/org"
 	"github.com/documize/community/model/page"
@ -39,6 +40,7 @@ type Store struct {
 	Block        BlockStorer
 	Category     CategoryStorer
 	Document     DocumentStorer
+	Group        GroupStorer
 	Link         LinkStorer
 	Organization OrganizationStorer
 	Page         PageStorer
@ -265,3 +267,12 @@ type PageStorer interface {
 	GetDocumentRevisions(ctx RequestContext, documentID string) (revisions []page.Revision, err error)
 	DeletePageRevisions(ctx RequestContext, pageID string) (rows int64, err error)
 }
+
+// GroupStorer defines required methods for persisting user groups and memberships
+type GroupStorer interface {
+	Add(ctx RequestContext, g group.Group) (err error)
+	Get(ctx RequestContext, refID string) (g group.Group, err error)
+	GetAll(ctx RequestContext) (g []group.Group, err error)
+	Update(ctx RequestContext, g group.Group) (err error)
+	Delete(ctx RequestContext, refID string) (rows int64, err error)
+}