-
Notifications
You must be signed in to change notification settings - Fork 1
/
users.go
311 lines (296 loc) · 11.2 KB
/
users.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
package main
import (
"encoding/json"
"errors"
"fmt"
"net/http"
"strconv"
"github.com/vocdoni/vote-frame/mongo"
"github.com/vocdoni/vote-frame/reputation"
"go.vocdoni.io/dvote/httprouter"
"go.vocdoni.io/dvote/httprouter/apirest"
"go.vocdoni.io/dvote/log"
)
func (v *vocdoniHandler) profileHandler(msg *apirest.APIdata, ctx *httprouter.HTTPContext) error {
token := msg.AuthToken
if token == "" {
return fmt.Errorf("missing auth token header")
}
auth, err := v.db.UpdateActivityAndGetData(token)
if err != nil {
return ctx.Send([]byte(err.Error()), apirest.HTTPstatusNotFound)
}
// get user data and access profile
user, err := v.db.User(auth.UserID)
if err != nil {
return ctx.Send([]byte("user not found"), apirest.HTTPstatusNotFound)
}
accessprofile, err := v.db.UserAccessProfile(auth.UserID)
if err != nil {
return ctx.Send([]byte("could not get user access profile"), apirest.HTTPstatusInternalErr)
}
profile := VotecasterProfile{
User: user,
Polls: []mongo.ElectionRanking{},
MutedUsers: []*mongo.User{},
Delegations: []*mongo.Delegation{},
Reputation: reputation.Reputation{},
WarpcastAPIEnabled: accessprofile.WarpcastAPIKey != "",
}
// Get the elections created by the user. If the user is not found, it
// continues with an empty list.
profile.Polls, err = v.db.ElectionsByUser(auth.UserID, 16)
if err != nil && !errors.Is(err, mongo.ErrElectionUnknown) {
log.Warnw("could not get user elections", "error", err)
}
// Get muted users by current user. If the user is not found, it continues
// with an empty list.
profile.MutedUsers, err = v.db.ListNotificationMutedUsers(auth.UserID)
if err != nil && !errors.Is(err, mongo.ErrUserUnknown) {
log.Warnw("could not get muted users", "error", err)
}
// get user delegations
if profile.Delegations, err = v.db.DelegationsFrom(auth.UserID, true); err != nil {
return fmt.Errorf("could not get user delegations: %v", err)
}
// get user reputation
rep, err := v.db.DetailedUserReputation(auth.UserID)
if err != nil && !errors.Is(err, mongo.ErrUserUnknown) || rep == nil {
log.Warnw("could not get user reputation", "error", err)
} else {
profile.Reputation = *reputation.ReputationToAPIResponse(rep)
}
// Marshal the response
data, err := json.Marshal(profile)
if err != nil {
return fmt.Errorf("could not marshal response: %v", err)
}
return ctx.Send(data, apirest.HTTPstatusOK)
}
func (v *vocdoniHandler) muteUserHandler(msg *apirest.APIdata, ctx *httprouter.HTTPContext) error {
// get the authenticated user
token := msg.AuthToken
if token == "" {
return ctx.Send([]byte("missing auth token header"), apirest.HTTPstatusBadRequest)
}
auth, err := v.db.UpdateActivityAndGetData(token)
if err != nil {
return ctx.Send([]byte(err.Error()), apirest.HTTPstatusNotFound)
}
// parse the username from the request
req := map[string]string{}
if err := json.Unmarshal(msg.Data, &req); err != nil {
return ctx.Send([]byte("could not parse request"), apirest.HTTPstatusBadRequest)
}
usernameToMute, ok := req["username"]
if !ok {
return ctx.Send([]byte("missing username"), apirest.HTTPstatusBadRequest)
}
// get the user to mute
userToMute, err := v.db.UserByUsername(usernameToMute)
if err != nil {
return ctx.Send([]byte("user not found"), apirest.HTTPstatusNotFound)
}
// check if the user is already muted
isMuted, err := v.db.IsUserNotificationMuted(auth.UserID, userToMute.UserID)
if err != nil {
return ctx.Send([]byte("could not check if user is muted"), apirest.HTTPstatusInternalErr)
}
// if the user is already muted, return an error
if isMuted {
return ctx.Send([]byte("user is already muted"), apirest.HTTPstatusBadRequest)
}
// mute the user
if err := v.db.AddNotificationMutedUser(auth.UserID, userToMute.UserID); err != nil {
return ctx.Send([]byte("could not mute user"), apirest.HTTPstatusInternalErr)
}
return ctx.Send([]byte("Ok"), apirest.HTTPstatusOK)
}
func (v *vocdoniHandler) unmuteUserHandler(msg *apirest.APIdata, ctx *httprouter.HTTPContext) error {
// get the authenticated user
token := msg.AuthToken
if token == "" {
return ctx.Send([]byte("missing auth token header"), apirest.HTTPstatusBadRequest)
}
auth, err := v.db.UpdateActivityAndGetData(token)
if err != nil {
return ctx.Send([]byte(err.Error()), apirest.HTTPstatusNotFound)
}
// get the muted username from the request
mutedUsername := ctx.URLParam("username")
if mutedUsername == "" {
return ctx.Send([]byte("missing username"), apirest.HTTPstatusBadRequest)
}
// get the muted user from the database
mutedUser, err := v.db.UserByUsername(mutedUsername)
if err != nil {
return ctx.Send([]byte("user not found"), apirest.HTTPstatusNotFound)
}
// check if the user is muted
isMuted, err := v.db.IsUserNotificationMuted(auth.UserID, mutedUser.UserID)
if err != nil {
return ctx.Send([]byte("could not check if user is muted"), apirest.HTTPstatusInternalErr)
}
// if the user is not muted, return an error
if !isMuted {
return ctx.Send([]byte("user is not muted"), apirest.HTTPstatusBadRequest)
}
// unmute the user
if err := v.db.DelNotificationMutedUser(auth.UserID, mutedUser.UserID); err != nil {
return ctx.Send([]byte("could not mute user"), apirest.HTTPstatusInternalErr)
}
return ctx.Send([]byte("Ok"), apirest.HTTPstatusOK)
}
func (v *vocdoniHandler) delegateVoteHandler(msg *apirest.APIdata, ctx *httprouter.HTTPContext) error {
// extract userFID from auth token
userFID, err := v.db.UserFromAuthToken(msg.AuthToken)
if err != nil {
return fmt.Errorf("cannot get user from auth token: %w", err)
}
// parse the username from the request
req := mongo.Delegation{}
if err := json.Unmarshal(msg.Data, &req); err != nil {
return ctx.Send([]byte("could not parse request"), apirest.HTTPstatusBadRequest)
}
// check if the required fields are present
if req.To == 0 || req.CommuniyID == "" {
return ctx.Send([]byte("missing required fields"), apirest.HTTPstatusBadRequest)
}
req.From = userFID
// check if the user is trying to delegate to themselves
if req.From == req.To {
return ctx.Send([]byte("cannot delegate to yourself"), apirest.HTTPstatusBadRequest)
}
// check if the user is trying to delegate to a non-existing user
_, err = v.db.User(req.To)
if err != nil {
return ctx.Send([]byte("failed to get user to delegate to"), apirest.HTTPstatusInternalErr)
}
// check if the user is trying to delegate to a non-existing community
_, err = v.db.Community(req.CommuniyID)
if err != nil {
return ctx.Send([]byte("failed to get community to delegate to"), apirest.HTTPstatusInternalErr)
}
// get current delegations for the community to prevent circular delegations
delegations, err := v.db.DelegationsByCommunity(req.CommuniyID, true, false)
if err != nil {
return ctx.Send([]byte("could not get delegations"), apirest.HTTPstatusInternalErr)
}
// check if the delegation would create a circular delegation
for _, delegation := range delegations {
// prevent duplicated and overwrite delegations
if delegation.From == req.From {
return ctx.Send([]byte("vote already delegated"), apirest.HTTPstatusBadRequest)
}
// prevent circular delegation
if delegation.From == req.To && delegation.To == req.From {
return ctx.Send([]byte("circular delegation"), apirest.HTTPstatusBadRequest)
}
}
// delegate the vote
if _, err := v.db.SetDelegation(req); err != nil {
return ctx.Send([]byte("could not delegate vote"), apirest.HTTPstatusInternalErr)
}
return ctx.Send([]byte("Ok"), apirest.HTTPstatusOK)
}
func (v *vocdoniHandler) removeVoteDelegationHandler(msg *apirest.APIdata, ctx *httprouter.HTTPContext) error {
// get the authenticated user
token := msg.AuthToken
if token == "" {
return ctx.Send([]byte("missing auth token header"), apirest.HTTPstatusBadRequest)
}
auth, err := v.db.UpdateActivityAndGetData(token)
if err != nil {
return ctx.Send([]byte(err.Error()), apirest.HTTPstatusNotFound)
}
// get the delegation ID from the request and retrieve the delegation from
// the database
delegationID := ctx.URLParam("delegationID")
delegation, err := v.db.Delegation(delegationID)
if err != nil {
return ctx.Send([]byte("delegation not found"), apirest.HTTPstatusNotFound)
}
// check if the user is trying to remove a delegation that does not belong to
// them
if delegation.From != auth.UserID {
return ctx.Send([]byte("delegation does not belong to user"), apirest.HTTPstatusBadRequest)
}
// remove the delegation
if err := v.db.DeleteDelegation(delegationID); err != nil {
return ctx.Send([]byte("could not remove delegation"), apirest.HTTPstatusInternalErr)
}
return ctx.Send([]byte("Ok"), apirest.HTTPstatusOK)
}
func (v *vocdoniHandler) profilePublicHandler(msg *apirest.APIdata, ctx *httprouter.HTTPContext) error {
var user *mongo.User
var err error
// Get the user by username if provided
if handle := ctx.URLParam("userHandle"); handle != "" {
user, err = v.db.UserByUsername(handle)
if err != nil {
return ctx.Send([]byte("user not found"), apirest.HTTPstatusNotFound)
}
}
// Else get the user by FID
if user == nil {
if ctx.URLParam("fid") == "" {
return ctx.Send([]byte("missing user handle or fid"), apirest.HTTPstatusBadRequest)
}
fid, err := strconv.ParseUint(ctx.URLParam("fid"), 10, 64)
if err != nil {
return ctx.Send([]byte("invalid fid"), apirest.HTTPstatusBadRequest)
}
user, err = v.db.User(fid)
if err != nil {
return ctx.Send([]byte("user not found"), apirest.HTTPstatusNotFound)
}
}
// Get the elections created by the user. If the user is not found, it
// continues with an empty list.
userElections, err := v.db.ElectionsByUser(user.UserID, 16)
if err != nil && !errors.Is(err, mongo.ErrElectionUnknown) {
return fmt.Errorf("could not get user elections: %v", err)
}
// Get muted users by current user. If the user is not found, it continues
// with an empty list.
mutedUsers, err := v.db.ListNotificationMutedUsers(user.UserID)
if err != nil && !errors.Is(err, mongo.ErrUserUnknown) {
return fmt.Errorf("could not get muted users: %v", err)
}
// get user reputation
rep, err := v.repUpdater.UserReputation(user.UserID, true)
if err != nil {
return fmt.Errorf("could not get user reputation: %v", err)
}
// Marshal the response
data, err := json.Marshal(map[string]any{
"user": user,
"reputation": rep,
"polls": userElections,
"mutedUsers": mutedUsers,
})
if err != nil {
return fmt.Errorf("could not marshal response: %v", err)
}
return ctx.Send(data, apirest.HTTPstatusOK)
}
func (v *vocdoniHandler) registerWarpcastApiKey(msg *apirest.APIdata, ctx *httprouter.HTTPContext) error {
token := msg.AuthToken
if token == "" {
return fmt.Errorf("missing auth token header")
}
auth, err := v.db.UpdateActivityAndGetData(token)
if err != nil {
return ctx.Send([]byte(err.Error()), http.StatusNotFound)
}
// decode the api key
var apiKey WarpcastAPIKey
if err := json.Unmarshal(msg.Data, &apiKey); err != nil {
return ctx.Send([]byte("could not parse request"), apirest.HTTPstatusBadRequest)
}
// store the api key
if err := v.db.SetWarpcastAPIKey(auth.UserID, apiKey.APIKey); err != nil {
return ctx.Send([]byte("could not store api key: "+err.Error()), http.StatusInternalServerError)
}
return ctx.Send([]byte("ok"), apirest.HTTPstatusOK)
}