diff options
Diffstat (limited to 'api4/user.go')
-rw-r--r-- | api4/user.go | 231 |
1 files changed, 118 insertions, 113 deletions
diff --git a/api4/user.go b/api4/user.go index b73354cfd..8d4a264f8 100644 --- a/api4/user.go +++ b/api4/user.go @@ -122,17 +122,16 @@ func getUser(c *Context, w http.ResponseWriter, r *http.Request) { if c.HandleEtag(etag, "Get User", w, r) { return + } + + if c.Session.UserId == user.Id { + user.Sanitize(map[string]bool{}) } else { - if c.Session.UserId == user.Id { - user.Sanitize(map[string]bool{}) - } else { - c.App.SanitizeProfile(user, c.IsSystemAdmin()) - } - c.App.UpdateLastActivityAtIfNeeded(c.Session) - w.Header().Set(model.HEADER_ETAG_SERVER, etag) - w.Write([]byte(user.ToJson())) - return + c.App.SanitizeProfile(user, c.IsSystemAdmin()) } + c.App.UpdateLastActivityAtIfNeeded(c.Session) + w.Header().Set(model.HEADER_ETAG_SERVER, etag) + w.Write([]byte(user.ToJson())) } func getUserByUsername(c *Context, w http.ResponseWriter, r *http.Request) { @@ -155,16 +154,15 @@ func getUserByUsername(c *Context, w http.ResponseWriter, r *http.Request) { if c.HandleEtag(etag, "Get User", w, r) { return + } + + if c.Session.UserId == user.Id { + user.Sanitize(map[string]bool{}) } else { - if c.Session.UserId == user.Id { - user.Sanitize(map[string]bool{}) - } else { - c.App.SanitizeProfile(user, c.IsSystemAdmin()) - } - w.Header().Set(model.HEADER_ETAG_SERVER, etag) - w.Write([]byte(user.ToJson())) - return + c.App.SanitizeProfile(user, c.IsSystemAdmin()) } + w.Header().Set(model.HEADER_ETAG_SERVER, etag) + w.Write([]byte(user.ToJson())) } func getUserByEmail(c *Context, w http.ResponseWriter, r *http.Request) { @@ -187,12 +185,11 @@ func getUserByEmail(c *Context, w http.ResponseWriter, r *http.Request) { if c.HandleEtag(etag, "Get User", w, r) { return - } else { - c.App.SanitizeProfile(user, c.IsSystemAdmin()) - w.Header().Set(model.HEADER_ETAG_SERVER, etag) - w.Write([]byte(user.ToJson())) - return } + + c.App.SanitizeProfile(user, c.IsSystemAdmin()) + w.Header().Set(model.HEADER_ETAG_SERVER, etag) + w.Write([]byte(user.ToJson())) } func getProfileImage(c *Context, w http.ResponseWriter, r *http.Request) { @@ -201,38 +198,39 @@ func getProfileImage(c *Context, w http.ResponseWriter, r *http.Request) { return } - if users, err := c.App.GetUsersByIds([]string{c.Params.UserId}, c.IsSystemAdmin()); err != nil { + users, err := c.App.GetUsersByIds([]string{c.Params.UserId}, c.IsSystemAdmin()) + if err != nil { c.Err = err return - } else { - if len(users) == 0 { - c.Err = model.NewAppError("getProfileImage", "api.user.get_profile_image.not_found.app_error", nil, "", http.StatusNotFound) - return - } + } - user := users[0] - etag := strconv.FormatInt(user.LastPictureUpdate, 10) - if c.HandleEtag(etag, "Get Profile Image", w, r) { - return - } + if len(users) == 0 { + c.Err = model.NewAppError("getProfileImage", "api.user.get_profile_image.not_found.app_error", nil, "", http.StatusNotFound) + return + } - var img []byte - img, readFailed, err := c.App.GetProfileImage(user) - if err != nil { - c.Err = err - return - } + user := users[0] + etag := strconv.FormatInt(user.LastPictureUpdate, 10) + if c.HandleEtag(etag, "Get Profile Image", w, r) { + return + } - if readFailed { - w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 5*60)) // 5 mins - } else { - w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 24*60*60)) // 24 hrs - w.Header().Set(model.HEADER_ETAG_SERVER, etag) - } + var img []byte + img, readFailed, err := c.App.GetProfileImage(user) + if err != nil { + c.Err = err + return + } - w.Header().Set("Content-Type", "image/png") - w.Write(img) + if readFailed { + w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 5*60)) // 5 mins + } else { + w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 24*60*60)) // 24 hrs + w.Header().Set(model.HEADER_ETAG_SERVER, etag) } + + w.Header().Set("Content-Type", "image/png") + w.Write(img) } func setProfileImage(c *Context, w http.ResponseWriter, r *http.Request) { @@ -292,13 +290,13 @@ func getTotalUsersStats(c *Context, w http.ResponseWriter, r *http.Request) { return } - if stats, err := c.App.GetTotalUsersStats(); err != nil { + stats, err := c.App.GetTotalUsersStats() + if err != nil { c.Err = err return - } else { - w.Write([]byte(stats.ToJson())) - return } + + w.Write([]byte(stats.ToJson())) } func getUsers(c *Context, w http.ResponseWriter, r *http.Request) { @@ -402,13 +400,13 @@ func getUsers(c *Context, w http.ResponseWriter, r *http.Request) { if err != nil { c.Err = err return - } else { - if len(etag) > 0 { - w.Header().Set(model.HEADER_ETAG_SERVER, etag) - } - c.App.UpdateLastActivityAtIfNeeded(c.Session) - w.Write([]byte(model.UserListToJson(profiles))) } + + if len(etag) > 0 { + w.Header().Set(model.HEADER_ETAG_SERVER, etag) + } + c.App.UpdateLastActivityAtIfNeeded(c.Session) + w.Write([]byte(model.UserListToJson(profiles))) } func getUsersByIds(c *Context, w http.ResponseWriter, r *http.Request) { @@ -421,12 +419,13 @@ func getUsersByIds(c *Context, w http.ResponseWriter, r *http.Request) { // No permission check required - if users, err := c.App.GetUsersByIds(userIds, c.IsSystemAdmin()); err != nil { + users, err := c.App.GetUsersByIds(userIds, c.IsSystemAdmin()) + if err != nil { c.Err = err return - } else { - w.Write([]byte(model.UserListToJson(users))) } + + w.Write([]byte(model.UserListToJson(users))) } func getUsersByNames(c *Context, w http.ResponseWriter, r *http.Request) { @@ -439,12 +438,13 @@ func getUsersByNames(c *Context, w http.ResponseWriter, r *http.Request) { // No permission check required - if users, err := c.App.GetUsersByUsernames(usernames, c.IsSystemAdmin()); err != nil { + users, err := c.App.GetUsersByUsernames(usernames, c.IsSystemAdmin()) + if err != nil { c.Err = err return - } else { - w.Write([]byte(model.UserListToJson(users))) } + + w.Write([]byte(model.UserListToJson(users))) } func searchUsers(c *Context, w http.ResponseWriter, r *http.Request) { @@ -500,12 +500,13 @@ func searchUsers(c *Context, w http.ResponseWriter, r *http.Request) { } } - if profiles, err := c.App.SearchUsers(props, searchOptions, c.IsSystemAdmin()); err != nil { + profiles, err := c.App.SearchUsers(props, searchOptions, c.IsSystemAdmin()) + if err != nil { c.Err = err return - } else { - w.Write([]byte(model.UserListToJson(profiles))) } + + w.Write([]byte(model.UserListToJson(profiles))) } func autocompleteUsers(c *Context, w http.ResponseWriter, r *http.Request) { @@ -565,9 +566,9 @@ func autocompleteUsers(c *Context, w http.ResponseWriter, r *http.Request) { if err != nil { c.Err = err return - } else { - w.Write([]byte((autocomplete.ToJson()))) } + + w.Write([]byte((autocomplete.ToJson()))) } func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { @@ -601,13 +602,14 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { } } - if ruser, err := c.App.UpdateUserAsUser(user, c.IsSystemAdmin()); err != nil { + ruser, err := c.App.UpdateUserAsUser(user, c.IsSystemAdmin()) + if err != nil { c.Err = err return - } else { - c.LogAudit("") - w.Write([]byte(ruser.ToJson())) } + + c.LogAudit("") + w.Write([]byte(ruser.ToJson())) } func patchUser(c *Context, w http.ResponseWriter, r *http.Request) { @@ -646,14 +648,15 @@ func patchUser(c *Context, w http.ResponseWriter, r *http.Request) { } } - if ruser, err := c.App.PatchUser(c.Params.UserId, patch, c.IsSystemAdmin()); err != nil { + ruser, err := c.App.PatchUser(c.Params.UserId, patch, c.IsSystemAdmin()) + if err != nil { c.Err = err return - } else { - c.App.SetAutoResponderStatus(ruser, ouser.NotifyProps) - c.LogAudit("") - w.Write([]byte(ruser.ToJson())) } + + c.App.SetAutoResponderStatus(ruser, ouser.NotifyProps) + c.LogAudit("") + w.Write([]byte(ruser.ToJson())) } func deleteUser(c *Context, w http.ResponseWriter, r *http.Request) { @@ -707,10 +710,9 @@ func updateUserRoles(c *Context, w http.ResponseWriter, r *http.Request) { if _, err := c.App.UpdateUserRoles(c.Params.UserId, newRoles, true); err != nil { c.Err = err return - } else { - c.LogAuditWithUserId(c.Params.UserId, "roles="+newRoles) } + c.LogAuditWithUserId(c.Params.UserId, "roles="+newRoles) ReturnStatusOK(w) } @@ -752,17 +754,17 @@ func updateUserActive(c *Context, w http.ResponseWriter, r *http.Request) { if _, err := c.App.UpdateActive(user, active); err != nil { c.Err = err - } else { - c.LogAuditWithUserId(user.Id, fmt.Sprintf("active=%v", active)) - if isSelfDeactive { - c.App.Go(func() { - if err = c.App.SendDeactivateAccountEmail(user.Email, user.Locale, c.App.GetSiteURL()); err != nil { - mlog.Error(err.Error()) - } - }) - } - ReturnStatusOK(w) } + + c.LogAuditWithUserId(user.Id, fmt.Sprintf("active=%v", active)) + if isSelfDeactive { + c.App.Go(func() { + if err = c.App.SendDeactivateAccountEmail(user.Email, user.Locale, c.App.GetSiteURL()); err != nil { + mlog.Error(err.Error()) + } + }) + } + ReturnStatusOK(w) } func updateUserAuth(c *Context, w http.ResponseWriter, r *http.Request) { @@ -782,12 +784,13 @@ func updateUserAuth(c *Context, w http.ResponseWriter, r *http.Request) { return } - if user, err := c.App.UpdateUserAuth(c.Params.UserId, userAuth); err != nil { + user, err := c.App.UpdateUserAuth(c.Params.UserId, userAuth) + if err != nil { c.Err = err - } else { - c.LogAuditWithUserId(c.Params.UserId, fmt.Sprintf("updated user auth to service=%v", user.AuthService)) - w.Write([]byte(user.ToJson())) } + + c.LogAuditWithUserId(c.Params.UserId, fmt.Sprintf("updated user auth to service=%v", user.AuthService)) + w.Write([]byte(user.ToJson())) } func checkUserMfa(c *Context, w http.ResponseWriter, r *http.Request) { @@ -921,10 +924,10 @@ func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) { c.LogAudit("failed") c.Err = err return - } else { - c.LogAudit("completed") - ReturnStatusOK(w) } + + c.LogAudit("completed") + ReturnStatusOK(w) } func resetPassword(c *Context, w http.ResponseWriter, r *http.Request) { @@ -960,14 +963,17 @@ func sendPasswordReset(c *Context, w http.ResponseWriter, r *http.Request) { return } - if sent, err := c.App.SendPasswordReset(email, c.App.GetSiteURL()); err != nil { + sent, err := c.App.SendPasswordReset(email, c.App.GetSiteURL()) + if err != nil { if *c.App.Config().ServiceSettings.ExperimentalEnableHardenedMode { ReturnStatusOK(w) } else { c.Err = err } return - } else if sent { + } + + if sent { c.LogAudit("sent=" + email) } @@ -1064,17 +1070,17 @@ func getSessions(c *Context, w http.ResponseWriter, r *http.Request) { return } - if sessions, err := c.App.GetSessions(c.Params.UserId); err != nil { + sessions, err := c.App.GetSessions(c.Params.UserId) + if err != nil { c.Err = err return - } else { - for _, session := range sessions { - session.Sanitize() - } + } - w.Write([]byte(model.SessionsToJson(sessions))) - return + for _, session := range sessions { + session.Sanitize() } + + w.Write([]byte(model.SessionsToJson(sessions))) } func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) { @@ -1194,13 +1200,13 @@ func getUserAudits(c *Context, w http.ResponseWriter, r *http.Request) { return } - if audits, err := c.App.GetAuditsPage(c.Params.UserId, c.Params.Page, c.Params.PerPage); err != nil { + audits, err := c.App.GetAuditsPage(c.Params.UserId, c.Params.Page, c.Params.PerPage) + if err != nil { c.Err = err return - } else { - w.Write([]byte(audits.ToJson())) - return } + + w.Write([]byte(audits.ToJson())) } func verifyUserEmail(c *Context, w http.ResponseWriter, r *http.Request) { @@ -1215,11 +1221,10 @@ func verifyUserEmail(c *Context, w http.ResponseWriter, r *http.Request) { if err := c.App.VerifyEmailFromToken(token); err != nil { c.Err = model.NewAppError("verifyUserEmail", "api.user.verify_email.bad_link.app_error", nil, err.Error(), http.StatusBadRequest) return - } else { - c.LogAudit("Email Verified") - ReturnStatusOK(w) - return } + + c.LogAudit("Email Verified") + ReturnStatusOK(w) } func sendVerificationEmail(c *Context, w http.ResponseWriter, r *http.Request) { |