2014-02-07 10:10:01 +00:00
|
|
|
package handler
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"net/http"
|
2014-03-29 11:51:02 +00:00
|
|
|
"net/url"
|
2014-02-07 10:10:01 +00:00
|
|
|
"strconv"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/dchest/authcookie"
|
|
|
|
"github.com/drone/drone/pkg/database"
|
|
|
|
"github.com/drone/drone/pkg/mail"
|
|
|
|
. "github.com/drone/drone/pkg/model"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Display a list of ALL users in the system
|
|
|
|
func AdminUserList(w http.ResponseWriter, r *http.Request, u *User) error {
|
|
|
|
users, err := database.ListUsers()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
data := struct {
|
|
|
|
User *User
|
|
|
|
Users []*User
|
|
|
|
}{u, users}
|
|
|
|
|
|
|
|
return RenderTemplate(w, "admin_users.html", &data)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Invite a user to join the system
|
|
|
|
func AdminUserAdd(w http.ResponseWriter, r *http.Request, u *User) error {
|
|
|
|
return RenderTemplate(w, "admin_users_add.html", &struct{ User *User }{u})
|
|
|
|
}
|
|
|
|
|
2014-02-13 09:08:20 +00:00
|
|
|
func UserInvite(w http.ResponseWriter, r *http.Request) error {
|
2014-02-07 10:10:01 +00:00
|
|
|
// generate the password reset token
|
|
|
|
email := r.FormValue("email")
|
|
|
|
token := authcookie.New(email, time.Now().Add(12*time.Hour), secret)
|
|
|
|
|
|
|
|
// get settings
|
|
|
|
hostname := database.SettingsMust().URL().String()
|
|
|
|
emailEnabled := database.SettingsMust().SmtpServer != ""
|
|
|
|
|
|
|
|
if !emailEnabled {
|
|
|
|
// Email is not enabled, so must let the user know the signup link
|
|
|
|
link := fmt.Sprintf("%v/register?token=%v", hostname, token)
|
|
|
|
return RenderText(w, link, http.StatusOK)
|
|
|
|
}
|
|
|
|
|
|
|
|
// send data to template
|
|
|
|
data := struct {
|
|
|
|
Host string
|
|
|
|
Email string
|
|
|
|
Token string
|
|
|
|
}{hostname, email, token}
|
|
|
|
|
|
|
|
// send the email message async
|
2014-02-16 01:56:48 +00:00
|
|
|
go mail.SendActivation(email, data)
|
2014-02-07 10:10:01 +00:00
|
|
|
|
|
|
|
return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK)
|
|
|
|
}
|
|
|
|
|
2014-02-13 09:08:20 +00:00
|
|
|
// Invite a user to join the system
|
|
|
|
func AdminUserInvite(w http.ResponseWriter, r *http.Request, u *User) error {
|
|
|
|
return UserInvite(w, r)
|
|
|
|
}
|
|
|
|
|
2014-02-07 10:10:01 +00:00
|
|
|
// Form to edit a user
|
|
|
|
func AdminUserEdit(w http.ResponseWriter, r *http.Request, u *User) error {
|
|
|
|
idstr := r.FormValue("id")
|
|
|
|
id, err := strconv.Atoi(idstr)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// get the user from the database
|
|
|
|
user, err := database.GetUser(int64(id))
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
data := struct {
|
|
|
|
User *User
|
|
|
|
EditUser *User
|
|
|
|
}{u, user}
|
|
|
|
|
|
|
|
return RenderTemplate(w, "admin_users_edit.html", &data)
|
|
|
|
}
|
|
|
|
|
|
|
|
func AdminUserUpdate(w http.ResponseWriter, r *http.Request, u *User) error {
|
|
|
|
// get the ID from the URL parameter
|
|
|
|
idstr := r.FormValue("id")
|
|
|
|
id, err := strconv.Atoi(idstr)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// get the user from the database
|
|
|
|
user, err := database.GetUser(int64(id))
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// update if user is administrator or not
|
|
|
|
switch r.FormValue("Admin") {
|
|
|
|
case "true":
|
|
|
|
user.Admin = true
|
|
|
|
case "false":
|
|
|
|
user.Admin = false
|
|
|
|
}
|
|
|
|
|
|
|
|
// saving user
|
|
|
|
if err := database.SaveUser(user); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK)
|
|
|
|
}
|
|
|
|
|
|
|
|
func AdminUserDelete(w http.ResponseWriter, r *http.Request, u *User) error {
|
|
|
|
// get the ID from the URL parameter
|
|
|
|
idstr := r.FormValue("id")
|
|
|
|
id, err := strconv.Atoi(idstr)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// cannot delete self
|
|
|
|
if u.ID == int64(id) {
|
|
|
|
return RenderForbidden(w)
|
|
|
|
}
|
|
|
|
|
|
|
|
// delete the user
|
|
|
|
if err := database.DeleteUser(int64(id)); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
http.Redirect(w, r, "/account/admin/users", http.StatusSeeOther)
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2014-02-08 05:27:47 +00:00
|
|
|
// Return an HTML form for the User to update the site settings.
|
2014-02-07 10:10:01 +00:00
|
|
|
func AdminSettings(w http.ResponseWriter, r *http.Request, u *User) error {
|
|
|
|
// get settings from database
|
|
|
|
settings := database.SettingsMust()
|
|
|
|
|
|
|
|
data := struct {
|
|
|
|
User *User
|
|
|
|
Settings *Settings
|
|
|
|
}{u, settings}
|
|
|
|
|
|
|
|
return RenderTemplate(w, "admin_settings.html", &data)
|
|
|
|
}
|
|
|
|
|
|
|
|
func AdminSettingsUpdate(w http.ResponseWriter, r *http.Request, u *User) error {
|
|
|
|
// get settings from database
|
|
|
|
settings := database.SettingsMust()
|
|
|
|
|
|
|
|
// update smtp settings
|
|
|
|
settings.Domain = r.FormValue("Domain")
|
|
|
|
settings.Scheme = r.FormValue("Scheme")
|
|
|
|
|
|
|
|
// update bitbucket settings
|
|
|
|
settings.BitbucketKey = r.FormValue("BitbucketKey")
|
|
|
|
settings.BitbucketSecret = r.FormValue("BitbucketSecret")
|
|
|
|
|
|
|
|
// update github settings
|
|
|
|
settings.GitHubKey = r.FormValue("GitHubKey")
|
|
|
|
settings.GitHubSecret = r.FormValue("GitHubSecret")
|
2014-02-09 13:36:45 +00:00
|
|
|
settings.GitHubDomain = r.FormValue("GitHubDomain")
|
|
|
|
settings.GitHubApiUrl = r.FormValue("GitHubApiUrl")
|
2014-02-07 10:10:01 +00:00
|
|
|
|
2014-03-29 11:51:02 +00:00
|
|
|
// update gitlab settings
|
|
|
|
settings.GitlabApiUrl = r.FormValue("GitlabApiUrl")
|
|
|
|
glUrl, err := url.Parse(settings.GitlabApiUrl)
|
|
|
|
if err != nil {
|
|
|
|
return RenderError(w, err, http.StatusBadRequest)
|
|
|
|
}
|
|
|
|
settings.GitlabDomain = glUrl.Host
|
|
|
|
|
2014-02-07 10:10:01 +00:00
|
|
|
// update smtp settings
|
|
|
|
settings.SmtpServer = r.FormValue("SmtpServer")
|
|
|
|
settings.SmtpPort = r.FormValue("SmtpPort")
|
|
|
|
settings.SmtpAddress = r.FormValue("SmtpAddress")
|
|
|
|
settings.SmtpUsername = r.FormValue("SmtpUsername")
|
|
|
|
settings.SmtpPassword = r.FormValue("SmtpPassword")
|
|
|
|
|
2014-02-13 09:08:20 +00:00
|
|
|
settings.OpenInvitations = (r.FormValue("OpenInvitations") == "on")
|
|
|
|
|
2014-02-21 20:26:50 +00:00
|
|
|
// validate user input
|
|
|
|
if err := settings.Validate(); err != nil {
|
|
|
|
return RenderError(w, err, http.StatusBadRequest)
|
|
|
|
}
|
|
|
|
|
2014-02-07 10:10:01 +00:00
|
|
|
// persist changes
|
|
|
|
if err := database.SaveSettings(settings); err != nil {
|
|
|
|
return RenderError(w, err, http.StatusBadRequest)
|
|
|
|
}
|
|
|
|
|
|
|
|
// make sure the mail package is updated with the
|
|
|
|
// latest client information.
|
|
|
|
//mail.SetClient(&mail.SMTPClient{
|
|
|
|
// Host: settings.SmtpServer,
|
|
|
|
// Port: settings.SmtpPort,
|
|
|
|
// User: settings.SmtpUsername,
|
|
|
|
// Pass: settings.SmtpPassword,
|
|
|
|
// From: settings.SmtpAddress,
|
|
|
|
//})
|
|
|
|
|
|
|
|
return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK)
|
|
|
|
}
|
|
|
|
|
|
|
|
func Install(w http.ResponseWriter, r *http.Request) error {
|
|
|
|
// we can only perform the inital installation if no
|
|
|
|
// users exist in the system
|
|
|
|
if users, err := database.ListUsers(); err != nil {
|
|
|
|
return RenderError(w, err, http.StatusBadRequest)
|
|
|
|
} else if len(users) != 0 {
|
|
|
|
// if users exist in the systsem
|
|
|
|
// we should render a NotFound page
|
|
|
|
return RenderNotFound(w)
|
|
|
|
}
|
|
|
|
|
|
|
|
return RenderTemplate(w, "install.html", true)
|
|
|
|
}
|
|
|
|
|
|
|
|
func InstallPost(w http.ResponseWriter, r *http.Request) error {
|
|
|
|
// we can only perform the inital installation if no
|
|
|
|
// users exist in the system
|
|
|
|
if users, err := database.ListUsers(); err != nil {
|
|
|
|
return RenderError(w, err, http.StatusBadRequest)
|
|
|
|
} else if len(users) != 0 {
|
|
|
|
// if users exist in the systsem
|
|
|
|
// we should render a NotFound page
|
|
|
|
return RenderNotFound(w)
|
|
|
|
}
|
|
|
|
|
|
|
|
// set the email and name
|
|
|
|
user := NewUser(r.FormValue("name"), r.FormValue("email"))
|
|
|
|
user.Admin = true
|
|
|
|
|
|
|
|
// set the new password
|
|
|
|
if err := user.SetPassword(r.FormValue("password")); err != nil {
|
|
|
|
return RenderError(w, err, http.StatusBadRequest)
|
|
|
|
}
|
|
|
|
|
|
|
|
// verify fields are correct
|
|
|
|
if err := user.Validate(); err != nil {
|
|
|
|
return RenderError(w, err, http.StatusBadRequest)
|
|
|
|
}
|
|
|
|
|
|
|
|
// save to the database
|
|
|
|
if err := database.SaveUser(user); err != nil {
|
|
|
|
return RenderError(w, err, http.StatusBadRequest)
|
|
|
|
}
|
|
|
|
|
|
|
|
// update settings
|
|
|
|
settings := Settings{}
|
|
|
|
settings.Domain = r.FormValue("Domain")
|
|
|
|
settings.Scheme = r.FormValue("Scheme")
|
2014-02-21 20:26:50 +00:00
|
|
|
settings.GitHubApiUrl = "https://api.github.com"
|
|
|
|
settings.GitHubDomain = "github.com"
|
2014-03-29 11:51:02 +00:00
|
|
|
settings.GitlabApiUrl = "https://gitlab.com"
|
|
|
|
settings.GitlabDomain = "gitlab.com"
|
2014-02-07 10:10:01 +00:00
|
|
|
database.SaveSettings(&settings)
|
|
|
|
|
|
|
|
// add the user to the session object
|
|
|
|
// so that he/she is loggedin
|
|
|
|
SetCookie(w, r, "_sess", user.Email)
|
|
|
|
|
|
|
|
// send the user to the settings page
|
|
|
|
// to complete the configuration.
|
|
|
|
http.Redirect(w, r, "/account/admin/settings", http.StatusSeeOther)
|
|
|
|
return nil
|
|
|
|
}
|