mirror of
https://github.com/renorris/openfsd
synced 2026-03-22 14:35:36 +08:00
335409c4b4
1. Database Enhancements (db/repositories.go): - Added ConfigRepository interface and implementations for PostgreSQL and SQLite - Updated Repositories struct to include ConfigRepository - Modified NewRepositories to initialize both UserRepo and ConfigRepo 2. FSD Server Improvements: - Removed hardcoded jwtSecret, now retrieved from ConfigRepository (fsd/conn.go, web/auth.go) - Added dynamic welcome message retrieval from ConfigRepository (fsd/conn.go) - Optimized METAR buffer size from 4096 to 512 bytes (fsd/metar.go) - Reduced minimum fields for DeleteATC and DeletePilot packets (fsd/packet.go) - Improved Haversine distance calculation with constants (fsd/postoffice.go) - Added thread-safety documentation for sendError (fsd/client.go) 3. Server Configuration (fsd/server.go): - Added NewDefaultServer to initialize server with environment-based config - Implemented automatic database migration and default admin user creation - Added configurable METAR worker count - Improved logging with slog and environment-based debug level 4. Web Interface Enhancements: - Added user and config editor frontend routes (web/frontend.go, web/routes.go) - Improved JWT handling by retrieving secret from ConfigRepository (web/auth.go) - Enhanced user management API endpoints (web/user.go) - Updated dashboard to display CID and conditional admin links (web/templates/dashboard.html) - Embedded templates using go:embed (web/templates.go) 5. Frontend JavaScript Improvements: - Added networkRatingFromInt helper for readable ratings (web/static/js/openfsd/dashboard.js) - Improved API request handling with auth/no-auth variants (web/static/js/openfsd/api.js) 6. Miscellaneous: - Added sethvargo/go-envconfig dependency for environment variable parsing - Fixed parseVisRange to use 64-bit float parsing (fsd/util.go) - Added strPtr utility function (fsd/util.go, web/main.go) - Improved SVG logo rendering in layout (web/templates/layout.html)
187 lines
5.1 KiB
Go
187 lines
5.1 KiB
Go
package main
|
|
|
|
import (
|
|
"database/sql"
|
|
"errors"
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/renorris/openfsd/db"
|
|
"github.com/renorris/openfsd/fsd"
|
|
"net/http"
|
|
)
|
|
|
|
// getUserByCID returns the user info of the specified CID.
|
|
//
|
|
// Only >= SUP can request CIDs other than what is indicated in their bearer token.
|
|
func (s *Server) getUserByCID(c *gin.Context) {
|
|
type RequestBody struct {
|
|
CID int `json:"cid" binding:"min=1,required"`
|
|
}
|
|
|
|
var reqBody RequestBody
|
|
if !bindJSONOrAbort(c, &reqBody) {
|
|
return
|
|
}
|
|
|
|
claims := getJwtContext(c)
|
|
|
|
if reqBody.CID != claims.CID && claims.NetworkRating < fsd.NetworkRatingSupervisor {
|
|
writeAPIV1Response(c, http.StatusForbidden, &genericAPIV1Forbidden)
|
|
return
|
|
}
|
|
|
|
user, err := s.dbRepo.UserRepo.GetUserByCID(reqBody.CID)
|
|
if err != nil {
|
|
if errors.Is(err, sql.ErrNoRows) {
|
|
writeAPIV1Response(c, http.StatusNotFound, &genericAPIV1NotFound)
|
|
return
|
|
}
|
|
writeAPIV1Response(c, http.StatusInternalServerError, &genericAPIV1InternalServerError)
|
|
return
|
|
}
|
|
|
|
type ResponseBody struct {
|
|
CID int `json:"cid"`
|
|
FirstName string `json:"first_name"`
|
|
LastName string `json:"last_name"`
|
|
NetworkRating int `json:"network_rating"`
|
|
}
|
|
|
|
resBody := ResponseBody{
|
|
CID: user.CID,
|
|
FirstName: safeStr(user.FirstName),
|
|
LastName: safeStr(user.LastName),
|
|
NetworkRating: user.NetworkRating,
|
|
}
|
|
|
|
res := newAPIV1Success(&resBody)
|
|
writeAPIV1Response(c, http.StatusOK, &res)
|
|
}
|
|
|
|
// updateUser updates the user with a specified CID.
|
|
//
|
|
// The CID itself is immutable and cannot be changed.
|
|
// Only >= SUP can update CIDs other than what is indicated in their bearer token.
|
|
func (s *Server) updateUser(c *gin.Context) {
|
|
claims := getJwtContext(c)
|
|
if claims.NetworkRating < fsd.NetworkRatingSupervisor {
|
|
writeAPIV1Response(c, http.StatusForbidden, &genericAPIV1Forbidden)
|
|
return
|
|
}
|
|
|
|
type RequestBody struct {
|
|
CID int `json:"cid" binding:"min=1,required"`
|
|
Password *string `json:"password"`
|
|
FirstName *string `json:"first_name"`
|
|
LastName *string `json:"last_name"`
|
|
NetworkRating *int `json:"network_rating" binding:"min=-1,max=12"`
|
|
}
|
|
|
|
var reqBody RequestBody
|
|
if !bindJSONOrAbort(c, &reqBody) {
|
|
return
|
|
}
|
|
|
|
targetUser, err := s.dbRepo.UserRepo.GetUserByCID(reqBody.CID)
|
|
if err != nil {
|
|
writeAPIV1Response(c, http.StatusNotFound, &genericAPIV1NotFound)
|
|
return
|
|
}
|
|
|
|
if targetUser.NetworkRating > int(claims.NetworkRating) {
|
|
res := newAPIV1Failure("cannot update user with higher network rating")
|
|
writeAPIV1Response(c, http.StatusForbidden, &res)
|
|
return
|
|
}
|
|
|
|
// Update target user's fields depending on what was provided in the request
|
|
if reqBody.Password != nil {
|
|
targetUser.Password = *reqBody.Password
|
|
}
|
|
if reqBody.FirstName != nil {
|
|
targetUser.FirstName = reqBody.FirstName
|
|
}
|
|
if reqBody.LastName != nil {
|
|
targetUser.LastName = reqBody.LastName
|
|
}
|
|
if reqBody.NetworkRating != nil {
|
|
targetUser.NetworkRating = *reqBody.NetworkRating
|
|
}
|
|
|
|
err = s.dbRepo.UserRepo.UpdateUser(targetUser)
|
|
if err != nil {
|
|
if errors.Is(err, sql.ErrNoRows) {
|
|
writeAPIV1Response(c, http.StatusNotFound, &genericAPIV1NotFound)
|
|
return
|
|
}
|
|
writeAPIV1Response(c, http.StatusInternalServerError, &genericAPIV1InternalServerError)
|
|
return
|
|
}
|
|
|
|
type ResponseBody struct {
|
|
CID int `json:"cid"`
|
|
FirstName string `json:"first_name"`
|
|
LastName string `json:"last_name"`
|
|
NetworkRating int `json:"network_rating"`
|
|
}
|
|
|
|
resBody := ResponseBody{
|
|
CID: targetUser.CID,
|
|
FirstName: safeStr(targetUser.FirstName),
|
|
LastName: safeStr(targetUser.LastName),
|
|
NetworkRating: targetUser.NetworkRating,
|
|
}
|
|
|
|
res := newAPIV1Success(&resBody)
|
|
writeAPIV1Response(c, http.StatusOK, &res)
|
|
}
|
|
|
|
func (s *Server) createUser(c *gin.Context) {
|
|
type RequestBody struct {
|
|
Password string `json:"password" binding:"min=8,required"`
|
|
FirstName *string `json:"first_name"`
|
|
LastName *string `json:"last_name"`
|
|
NetworkRating int `json:"network_rating" binding:"min=-1,max=12,required"`
|
|
}
|
|
|
|
var reqBody RequestBody
|
|
if !bindJSONOrAbort(c, &reqBody) {
|
|
return
|
|
}
|
|
|
|
claims := getJwtContext(c)
|
|
if claims.NetworkRating < fsd.NetworkRatingSupervisor ||
|
|
reqBody.NetworkRating > int(claims.NetworkRating) {
|
|
writeAPIV1Response(c, http.StatusForbidden, &genericAPIV1Forbidden)
|
|
return
|
|
}
|
|
|
|
user := &db.User{
|
|
Password: reqBody.Password,
|
|
FirstName: reqBody.FirstName,
|
|
LastName: reqBody.LastName,
|
|
NetworkRating: reqBody.NetworkRating,
|
|
}
|
|
|
|
if err := s.dbRepo.UserRepo.CreateUser(user); err != nil {
|
|
writeAPIV1Response(c, http.StatusInternalServerError, &genericAPIV1InternalServerError)
|
|
return
|
|
}
|
|
|
|
type ResponseBody struct {
|
|
CID int `json:"cid"`
|
|
FirstName *string `json:"first_name"`
|
|
LastName *string `json:"last_name"`
|
|
NetworkRating int `json:"network_rating" binding:"min=-1,max=12,required"`
|
|
}
|
|
|
|
resBody := ResponseBody{
|
|
CID: user.CID,
|
|
FirstName: user.FirstName,
|
|
LastName: user.LastName,
|
|
NetworkRating: user.NetworkRating,
|
|
}
|
|
|
|
res := newAPIV1Success(&resBody)
|
|
writeAPIV1Response(c, http.StatusCreated, &res)
|
|
}
|