camper/pkg/campsite/admin.go

226 lines
6.1 KiB
Go
Raw Normal View History

/*
* SPDX-FileCopyrightText: 2023 jordi fita mas <jfita@peritasoft.com>
* SPDX-License-Identifier: AGPL-3.0-only
*/
package campsite
import (
"context"
"net/http"
"dev.tandem.ws/tandem/camper/pkg/auth"
"dev.tandem.ws/tandem/camper/pkg/campsite/types"
"dev.tandem.ws/tandem/camper/pkg/database"
"dev.tandem.ws/tandem/camper/pkg/form"
httplib "dev.tandem.ws/tandem/camper/pkg/http"
"dev.tandem.ws/tandem/camper/pkg/locale"
"dev.tandem.ws/tandem/camper/pkg/template"
"dev.tandem.ws/tandem/camper/pkg/uuid"
)
type AdminHandler struct {
types *types.AdminHandler
}
func NewAdminHandler() *AdminHandler {
return &AdminHandler{
types: &types.AdminHandler{},
}
}
func (h *AdminHandler) Handler(user *auth.User, company *auth.Company, conn *database.Conn) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
var head string
head, r.URL.Path = httplib.ShiftPath(r.URL.Path)
switch head {
case "new":
switch r.Method {
case http.MethodGet:
f := newCampsiteForm(r.Context(), conn)
f.MustRender(w, r, user, company)
default:
httplib.MethodNotAllowed(w, r, http.MethodGet)
}
case "types":
Add the company’s slug in the URL before company-dependent handlers I really doubt that they are going to use more than a single company, but the application is based on Numerus, that **does** have multiple company, and followed the same architecture and philosophy: use the URL to choose the company to manage, even if the user has a single company. The reason i use the slug instead of the ID is because i do not want to make the ID public in case the application is really used by employees of many unrelated companies: they need not need to guess how many companies there are based on the ID. I validate this slug to be a valid UUID instead of relaying on the query’s empty result because casting a string with a malformed value to UUID results in an error other than data not found. Not with that select, but it would fail with a function parameter, and i want to add that UUID check to all functions that do use slugs. I based uuid.Valid function on Parse() from Google’s uuid package[0] instead of using regular expression, as it was my first idea, because that function is an order of magnitude faster in benchmarks: goos: linux goarch: amd64 pkg: dev.tandem.ws/tandem/numerus/pkg cpu: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz BenchmarkValidUuid-4 36946050 29.37 ns/op BenchmarkValidUuid_Re-4 3633169 306.70 ns/op The regular expression used for the benchmark was: var re = regexp.MustCompile("^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[8|9|aA|bB][a-fA-F0-9]{3}-[a-fA-F0-9]{12}$") And the input parameter for both functions was the following valid UUID, because most of the time the passed UUID will be valid: "f47ac10b-58cc-0372-8567-0e02b2c3d479" I did not use the uuid package as is, even though it is in Debian’s repository, because i only need to check whether the value is valid, not convert it to a byte array. As far as i know, that package can not do that. Adding the Company struct into auth was not my intention, as it makes little sense name-wise, but i need to have the Company when rendering templates and the company package has templates to render, thus using the company package for the Company struct would create a dependency loop between template and company. I’ve chosen the auth package only because User is also there; User and Company are very much related in this application, but not enough to include the company inside the user, or vice versa, as the User comes from the cookie while the company from the URL. Finally, had to move methodNotAllowed to the http package, as an exported function, because it is used now from other packages, namely campsite. [0]: https://github.com/google/uuid
2023-07-31 16:51:50 +00:00
h.types.Handler(user, company, conn).ServeHTTP(w, r)
case "":
switch r.Method {
case http.MethodGet:
serveCampsiteIndex(w, r, user, company, conn)
case http.MethodPost:
addCampsite(w, r, user, company, conn)
default:
httplib.MethodNotAllowed(w, r, http.MethodGet, http.MethodPost)
}
default:
if !uuid.Valid(head) {
http.NotFound(w, r)
return
}
f := newCampsiteForm(r.Context(), conn)
if err := f.FillFromDatabase(r.Context(), conn, head); err != nil {
if database.ErrorIsNotFound(err) {
http.NotFound(w, r)
return
}
panic(err)
}
switch r.Method {
case http.MethodGet:
f.MustRender(w, r, user, company)
case http.MethodPut:
editCampsite(w, r, user, company, conn, f)
default:
httplib.MethodNotAllowed(w, r, http.MethodGet, http.MethodPut)
}
}
}
}
func serveCampsiteIndex(w http.ResponseWriter, r *http.Request, user *auth.User, company *auth.Company, conn *database.Conn) {
campsites, err := collectCampsiteEntries(r.Context(), company, conn)
if err != nil {
panic(err)
}
page := &campsiteIndex{
Campsites: campsites,
}
page.MustRender(w, r, user, company)
}
func collectCampsiteEntries(ctx context.Context, company *auth.Company, conn *database.Conn) ([]*campsiteEntry, error) {
rows, err := conn.Query(ctx, `
select campsite.slug
, campsite.label
, campsite_type.name
, campsite.active
from campsite
join campsite_type using (campsite_type_id)
where campsite.company_id = $1
order by label`, company.ID)
if err != nil {
return nil, err
}
defer rows.Close()
var campsites []*campsiteEntry
for rows.Next() {
entry := &campsiteEntry{}
if err = rows.Scan(&entry.Slug, &entry.Label, &entry.Type, &entry.Active); err != nil {
return nil, err
}
campsites = append(campsites, entry)
}
return campsites, nil
}
type campsiteEntry struct {
Slug string
Label string
Type string
Active bool
}
type campsiteIndex struct {
Campsites []*campsiteEntry
}
func (page *campsiteIndex) MustRender(w http.ResponseWriter, r *http.Request, user *auth.User, company *auth.Company) {
template.MustRenderAdmin(w, r, user, company, "campsite/index.gohtml", page)
}
func addCampsite(w http.ResponseWriter, r *http.Request, user *auth.User, company *auth.Company, conn *database.Conn) {
f := newCampsiteForm(r.Context(), conn)
if err := f.Parse(r); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := user.VerifyCSRFToken(r); err != nil {
http.Error(w, err.Error(), http.StatusForbidden)
return
}
if !f.Valid(user.Locale) {
if !httplib.IsHTMxRequest(r) {
w.WriteHeader(http.StatusUnprocessableEntity)
}
f.MustRender(w, r, user, company)
return
}
conn.MustExec(r.Context(), "select add_campsite($1, $2)", f.CampsiteType, f.Label)
httplib.Redirect(w, r, "/admin/campsites", http.StatusSeeOther)
}
func editCampsite(w http.ResponseWriter, r *http.Request, user *auth.User, company *auth.Company, conn *database.Conn, f *campsiteForm) {
if err := f.Parse(r); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := user.VerifyCSRFToken(r); err != nil {
http.Error(w, err.Error(), http.StatusForbidden)
return
}
if !f.Valid(user.Locale) {
if !httplib.IsHTMxRequest(r) {
w.WriteHeader(http.StatusUnprocessableEntity)
}
f.MustRender(w, r, user, company)
return
}
conn.MustExec(r.Context(), "select edit_campsite($1, $2, $3, $4)", f.Slug, f.CampsiteType, f.Label, f.Active)
httplib.Redirect(w, r, "/admin/campsites", http.StatusSeeOther)
}
type campsiteForm struct {
Slug string
Active *form.Checkbox
CampsiteType *form.Select
Label *form.Input
}
func newCampsiteForm(ctx context.Context, conn *database.Conn) *campsiteForm {
campsiteTypes := form.MustGetOptions(ctx, conn, "select campsite_type_id::text, name from campsite_type where active")
return &campsiteForm{
Active: &form.Checkbox{
Name: "active",
Checked: true,
},
CampsiteType: &form.Select{
Name: "description",
Options: campsiteTypes,
},
Label: &form.Input{
Name: "label",
},
}
}
func (f *campsiteForm) FillFromDatabase(ctx context.Context, conn *database.Conn, slug string) error {
f.Slug = slug
row := conn.QueryRow(ctx, "select array[campsite_type_id::text], label, active from campsite where slug = $1", slug)
return row.Scan(&f.CampsiteType.Selected, &f.Label.Val, &f.Active.Checked)
}
func (f *campsiteForm) Parse(r *http.Request) error {
if err := r.ParseForm(); err != nil {
return err
}
f.Active.FillValue(r)
f.CampsiteType.FillValue(r)
f.Label.FillValue(r)
return nil
}
func (f *campsiteForm) Valid(l *locale.Locale) bool {
v := form.NewValidator(l)
v.CheckSelectedOptions(f.CampsiteType, l.GettextNoop("Selected campsite type is not valid."))
v.CheckRequired(f.Label, l.GettextNoop("Label can not be empty."))
return v.AllOK
}
func (f *campsiteForm) MustRender(w http.ResponseWriter, r *http.Request, user *auth.User, company *auth.Company) {
template.MustRenderAdmin(w, r, user, company, "campsite/form.gohtml", f)
}