still moving codebase to new API (WIP)

domain/setting/endpoint.go

@@ -0,0 +1,248 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+// Package setting manages both global and user level settings
+package setting
+
+import (
+	"encoding/json"
+	"encoding/xml"
+	"io/ioutil"
+	"net/http"
+
+	"github.com/documize/community/core/env"
+	"github.com/documize/community/core/event"
+	"github.com/documize/community/core/response"
+	"github.com/documize/community/domain"
+	"github.com/documize/community/model/audit"
+)
+
+// Handler contains the runtime information such as logging and database.
+type Handler struct {
+	Runtime *env.Runtime
+	Store   *domain.Store
+}
+
+// SMTP returns installation-wide SMTP settings
+func (h *Handler) SMTP(w http.ResponseWriter, r *http.Request) {
+	method := "setting.SMTP"
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Global {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	config := h.Store.Setting.Get(ctx, "SMTP", "")
+
+	var y map[string]interface{}
+	json.Unmarshal([]byte(config), &y)
+
+	j, err := json.Marshal(y)
+	if err != nil {
+		response.WriteBadRequestError(w, method, err.Error())
+		return
+	}
+
+	response.WriteBytes(w, j)
+}
+
+// SetSMTP persists global SMTP configuration.
+func (h *Handler) SetSMTP(w http.ResponseWriter, r *http.Request) {
+	method := "setting.SetSMTP"
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Global {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	defer r.Body.Close()
+
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		response.WriteBadRequestError(w, method, err.Error())
+		return
+	}
+
+	var config string
+	config = string(body)
+
+	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	h.Store.Setting.Set(ctx, "SMTP", config)
+
+	h.Store.Audit.Record(ctx, audit.EventTypeSystemSMTP)
+
+	response.WriteEmpty(w)
+}
+
+// License returns product license
+func (h *Handler) License(w http.ResponseWriter, r *http.Request) {
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Global {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	config := h.Store.Setting.Get(ctx, "EDITION-LICENSE", "")
+	if len(config) == 0 {
+		config = "{}"
+	}
+
+	x := &licenseXML{Key: "", Signature: ""}
+	lj := licenseJSON{}
+
+	err := json.Unmarshal([]byte(config), &lj)
+	if err == nil {
+		x.Key = lj.Key
+		x.Signature = lj.Signature
+	} else {
+		h.Runtime.Log.Error("failed to JSON unmarshal EDITION-LICENSE", err)
+	}
+
+	output, err := xml.Marshal(x)
+	if err != nil {
+		h.Runtime.Log.Error("failed to XML marshal EDITION-LICENSE", err)
+	}
+
+	response.WriteBytes(w, output)
+}
+
+// SetLicense persists product license
+func (h *Handler) SetLicense(w http.ResponseWriter, r *http.Request) {
+	method := "setting.SetLicense"
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Global {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	defer r.Body.Close()
+
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		response.WriteBadRequestError(w, method, err.Error())
+		return
+	}
+
+	var config string
+	config = string(body)
+	lj := licenseJSON{}
+	x := licenseXML{Key: "", Signature: ""}
+
+	err = xml.Unmarshal([]byte(config), &x)
+	if err == nil {
+		lj.Key = x.Key
+		lj.Signature = x.Signature
+	} else {
+		h.Runtime.Log.Error("failed to XML unmarshal EDITION-LICENSE", err)
+	}
+
+	j, err := json.Marshal(lj)
+	js := "{}"
+	if err == nil {
+		js = string(j)
+	}
+
+	h.Store.Setting.Set(ctx, "EDITION-LICENSE", js)
+
+	event.Handler().Publish(string(event.TypeSystemLicenseChange))
+
+	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	h.Store.Audit.Record(ctx, audit.EventTypeSystemLicense)
+	ctx.Transaction.Commit()
+
+	response.WriteEmpty(w)
+}
+
+// AuthConfig returns installation-wide auth configuration
+func (h *Handler) AuthConfig(w http.ResponseWriter, r *http.Request) {
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Global {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	org, err := h.Store.Organization.GetOrganization(ctx, ctx.OrgID)
+	if err != nil {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	response.WriteJSON(w, org.AuthConfig)
+}
+
+// SetAuthConfig persists installation-wide authentication configuration
+func (h *Handler) SetAuthConfig(w http.ResponseWriter, r *http.Request) {
+	method := "SaveAuthConfig"
+	ctx := domain.GetRequestContext(r)
+
+	if !ctx.Global {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	defer r.Body.Close()
+
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		response.WriteBadRequestError(w, method, err.Error())
+		return
+	}
+
+	var data authData
+	err = json.Unmarshal(body, &data)
+	if err != nil {
+		response.WriteBadRequestError(w, method, err.Error())
+		return
+	}
+
+	org, err := h.Store.Organization.GetOrganization(ctx, ctx.OrgID)
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	org.AuthProvider = data.AuthProvider
+	org.AuthConfig = data.AuthConfig
+
+	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	err = h.Store.Organization.UpdateAuthConfig(ctx, org)
+	if err != nil {
+		ctx.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	h.Store.Audit.Record(ctx, audit.EventTypeSystemAuth)
+
+	ctx.Transaction.Commit()
+
+	response.WriteEmpty(w)
+}

domain/setting/model.go

@@ -0,0 +1,38 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+// Package setting manages both global and user level settings
+package setting
+
+import "encoding/xml"
+
+type licenseXML struct {
+	XMLName   xml.Name `xml:"DocumizeLicense"`
+	Key       string
+	Signature string
+}
+
+type licenseJSON struct {
+	Key       string `json:"key"`
+	Signature string `json:"signature"`
+}
+
+type authData struct {
+	AuthProvider string `json:"authProvider"`
+	AuthConfig   string `json:"authConfig"`
+}
+
+/*
+<DocumizeLicense>
+  <Key>some key</Key>
+  <Signature>some signature</Signature>
+</DocumizeLicense>
+*/

domain/setting/mysql/setting.go

@@ -0,0 +1,135 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+package mysql
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/documize/community/core/env"
+	"github.com/documize/community/core/streamutil"
+	"github.com/documize/community/domain"
+	"github.com/pkg/errors"
+)
+
+// Scope provides data access to MySQL.
+type Scope struct {
+	Runtime *env.Runtime
+}
+
+// Get fetches a configuration JSON element from the config table.
+func (s Scope) Get(ctx domain.RequestContext, area, path string) (value string) {
+	if path != "" {
+		path = "." + path
+	}
+	sql := "SELECT JSON_EXTRACT(`config`,'$" + path + "') FROM `config` WHERE `key` = '" + area + "';"
+
+	stmt, err := s.Runtime.Db.Preparex(sql)
+	defer streamutil.Close(stmt)
+
+	if err != nil {
+		s.Runtime.Log.Error(fmt.Sprintf("setting.Get %s %s", area, path), err)
+		return ""
+	}
+
+	var item = make([]uint8, 0)
+
+	err = stmt.Get(&item)
+	if err != nil {
+		s.Runtime.Log.Error(fmt.Sprintf("setting.Get %s %s", area, path), err)
+		return ""
+	}
+
+	if len(item) > 1 {
+		q := []byte(`"`)
+		value = string(bytes.TrimPrefix(bytes.TrimSuffix(item, q), q))
+	}
+
+	return value
+}
+
+// Set writes a configuration JSON element to the config table.
+func (s Scope) Set(ctx domain.RequestContext, area, json string) error {
+	if area == "" {
+		return errors.New("no area")
+	}
+
+	sql := "INSERT INTO `config` (`key`,`config`) " +
+		"VALUES ('" + area + "','" + json +
+		"') ON DUPLICATE KEY UPDATE `config`='" + json + "';"
+
+	stmt, err := s.Runtime.Db.Preparex(sql)
+	defer streamutil.Close(stmt)
+
+	if err != nil {
+		err = errors.Wrap(err, "failed to save global config value")
+		return err
+	}
+
+	_, err = stmt.Exec()
+	return err
+}
+
+// GetUser fetches a configuration JSON element from the userconfig table for a given orgid/userid combination.
+// Errors return the empty string. A blank path returns the whole JSON object, as JSON.
+func (s Scope) GetUser(ctx domain.RequestContext, orgID, userID, area, path string) (value string) {
+	if path != "" {
+		path = "." + path
+	}
+
+	sql := "SELECT JSON_EXTRACT(`config`,'$" + path + "') FROM `userconfig` WHERE `key` = '" + area +
+		"' AND `orgid` = '" + orgID + "' AND `userid` = '" + userID + "';"
+
+	stmt, err := s.Runtime.Db.Preparex(sql)
+	defer streamutil.Close(stmt)
+
+	if err != nil {
+		return ""
+	}
+
+	var item = make([]uint8, 0)
+
+	err = stmt.Get(&item)
+	if err != nil {
+		s.Runtime.Log.Error(fmt.Sprintf("setting.GetUser for user %s %s %s", userID, area, path), err)
+		return ""
+	}
+
+	if len(item) > 1 {
+		q := []byte(`"`)
+		value = string(bytes.TrimPrefix(bytes.TrimSuffix(item, q), q))
+	}
+
+	return value
+}
+
+// SetUser writes a configuration JSON element to the userconfig table for the current user.
+func (s Scope) SetUser(ctx domain.RequestContext, orgID, userID, area, json string) error {
+	if area == "" {
+		return errors.New("no area")
+	}
+
+	sql := "INSERT INTO `userconfig` (`orgid`,`userid`,`key`,`config`) " +
+		"VALUES ('" + orgID + "','" + userID + "','" + area + "','" + json +
+		"') ON DUPLICATE KEY UPDATE `config`='" + json + "';"
+
+	stmt, err := s.Runtime.Db.Preparex(sql)
+	defer streamutil.Close(stmt)
+
+	if err != nil {
+		return err
+	}
+
+	_, err = stmt.Exec()
+
+	return err
+}