aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Duncan <pabs@pablotron.org>2016-05-22 23:58:47 -0400
committerPaul Duncan <pabs@pablotron.org>2016-05-22 23:58:47 -0400
commit6e69acdadc8ab1473678f0cc5d2203de7905e091 (patch)
tree21fcbdeea2004f6f52bf1d877cf2fb5187a0e35c
parentaaa8b83a6b4f07697a19621a3906512443e8a5e9 (diff)
downloadguff-6e69acdadc8ab1473678f0cc5d2203de7905e091.tar.bz2
guff-6e69acdadc8ab1473678f0cc5d2203de7905e091.zip
functioning add_user and set_user api and model calls
-rw-r--r--src/guff.cr144
1 files changed, 115 insertions, 29 deletions
diff --git a/src/guff.cr b/src/guff.cr
index b36abc4..923f8f6 100644
--- a/src/guff.cr
+++ b/src/guff.cr
@@ -199,6 +199,16 @@ module Guff
end
end
+ module Password
+ def self.create(password : String) : String
+ Crypto::Bcrypt::Password.create(password).to_s
+ end
+
+ def self.test(hash : String, password : String) : Bool
+ Crypto::Bcrypt::Password.new(hash) == password
+ end
+ end
+
module Models
abstract class Model
def initialize(@context : Context)
@@ -351,6 +361,30 @@ module Guff
end
class UserModel < Model
+ SQL = {
+ add_user: "
+ INSERT INTO users(
+ role_id,
+ name,
+ email,
+ password,
+ is_active
+ ) VALUES (
+ (SELECT role_id FROM roles where role = ?),
+ ?,
+ ?,
+ ?,
+ ?
+ )
+ ",
+
+ set_user: "
+ UPDATE users
+ SET %s
+ WHERE user_id = ?
+ ",
+ }
+
def login(user : String, pass : String) : String?
if @context.development?
if user == "test" && pass == "test"
@@ -380,39 +414,67 @@ module Guff
end
def add_user(
- name : String? = nil,
- email : String? = nil,
- password : String? = nil,
- groups : Array(String)? = nil,
- active : Bool? = nil,
+ name : String,
+ email : String,
+ password : String,
+ role : String,
+ active : Bool,
) : Int64
- # TODO create user
- user_id = 0_i64
-
- # set user attributes
- set_user(
- user_id: user_id,
- email: email,
- password: password,
- groups: groups,
- active: active,
- )
+ @context.dbs.rw.query(SQL[:add_user], [
+ role,
+ name,
+ email,
+ Password.create(password),
+ active ? "1" : "0",
+ ])
- # return user id
- user_id
+ @context.dbs.rw.last_insert_row_id.to_i64
end
def set_user(
user_id : Int64,
- name : String? = nil,
- email : String? = nil,
- password : String? = nil,
- groups : Array(String)? = nil,
- active : Bool? = nil,
+ name : String? = nil,
+ email : String? = nil,
+ password : String? = nil,
+ role : String? = nil,
+ active : Bool? = nil,
)
+ sets = [] of String
+ args = [] of String
+
+ if name
+ sets << "name = ?"
+ args << name
+ end
+
+ if email
+ sets << "email = ?"
+ args << email
+ end
+
+ if role
+ sets << "role_id = (SELECT role_id FROM roles WHERE role = ?)"
+ args << role
+ end
+
+ if password
+ sets << "password = ?"
+ args << Password.create(password)
+ end
+
+ if active != nil
+ sets << "is_active = ?"
+ args << (active ? "1" : "0")
+ end
+
+ if sets.size > 0
+ args << user_id.to_s
+ @context.dbs.rw.query(SQL[:set_user] % sets.join(", "), args)
+ end
end
def get_users
+ # TODO
end
end
@@ -684,14 +746,32 @@ module Guff
module UserAPI
def do_user_add_user(params : HTTP::Params)
user_id = @context.models.user.add_user(
- name: params["name"]?,
+ name: params["name"],
email: params["email"],
+ password: params["password"],
+ active: (params["active"] == "t"),
+ role: params["role"],
+ )
+
+ { "user_id": user_id }
+ end
+
+ def do_user_set_user(params : HTTP::Params)
+ @context.models.user.set_user(
+ user_id: params["user_id"].to_i64,
+ name: params["name"]?,
+ email: params["email"]?,
password: params["password"]?,
active: params["active"]? ? (params["active"] == "t") : nil,
- # groups: params["groups"]? ? JSON.parse(params["groups"]) : nil,
+ role: params["role"]?,
)
- { "user_id": user_id }
+ nil
+ end
+
+ def do_user_get_users(params : HTTP::Params)
+ # @context.models.user.get_users
+ nil
end
end
end
@@ -879,7 +959,13 @@ module Guff
(@context.development? && context.request.method == "GET")
if md = PATH_RE.match(context.request.path.not_nil!)
namespace, method = %w{namespace method}.map { |k| md[k] }
- params = HTTP::Params.parse(context.request.body || "")
+
+ # get query parameteres
+ params = if (context.request.method == "GET")
+ context.request.query_params
+ else
+ HTTP::Params.parse(context.request.body || "")
+ end
code, data = begin
{ 200, api_method_dispatch(API_MODULES) }
@@ -1383,7 +1469,7 @@ module Guff
CREATE TABLE sites (
site_id INTEGER PRIMARY KEY,
- name TEXT UNIQUE NOT NULL
+ name TEXT UNIQUE NOT NULL
CHECK (LENGTH(name) > 0),
is_active BOOLEAN NOT NULL DEFAULT false,
@@ -1571,7 +1657,7 @@ module Guff
}
private def add_admin_user(db : Database, password : String)
- pass_hash = Crypto::Bcrypt::Password.create(password).to_s
+ pass_hash = Password.create(password)
# STDERR.puts "DEBUG: adding admin user (pass_hash = #{pass_hash}"
db.query(ADD_ADMIN_USER_SQL, [pass_hash])
end