2022-02-13 23:39:27 +08:00
|
|
|
// Copyright 2021 The Casdoor Authors. All Rights Reserved.
|
2021-02-14 00:22:24 +08:00
|
|
|
//
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
//
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
//
|
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
|
|
package controllers
|
|
|
|
|
|
2021-08-28 11:13:38 +08:00
|
|
|
import (
|
2021-09-05 09:44:15 +08:00
|
|
|
"fmt"
|
2021-08-28 11:13:38 +08:00
|
|
|
"strconv"
|
|
|
|
|
|
2022-03-20 23:21:09 +08:00
|
|
|
"github.com/casdoor/casdoor/conf"
|
2022-01-20 14:11:46 +08:00
|
|
|
"github.com/casdoor/casdoor/object"
|
|
|
|
|
"github.com/casdoor/casdoor/util"
|
2021-08-28 11:13:38 +08:00
|
|
|
)
|
|
|
|
|
|
2022-08-20 21:09:32 +08:00
|
|
|
// ResponseJsonData ...
|
|
|
|
|
func (c *ApiController) ResponseJsonData(resp *Response, data ...interface{}) {
|
2021-08-08 16:00:19 +08:00
|
|
|
switch len(data) {
|
|
|
|
|
case 2:
|
|
|
|
|
resp.Data2 = data[1]
|
|
|
|
|
fallthrough
|
|
|
|
|
case 1:
|
|
|
|
|
resp.Data = data[0]
|
|
|
|
|
}
|
|
|
|
|
c.Data["json"] = resp
|
|
|
|
|
c.ServeJSON()
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-20 21:09:32 +08:00
|
|
|
// ResponseOk ...
|
|
|
|
|
func (c *ApiController) ResponseOk(data ...interface{}) {
|
|
|
|
|
resp := &Response{Status: "ok"}
|
|
|
|
|
c.ResponseJsonData(resp, data...)
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-07 22:02:56 +08:00
|
|
|
// ResponseError ...
|
2021-07-30 14:15:10 +08:00
|
|
|
func (c *ApiController) ResponseError(error string, data ...interface{}) {
|
2022-08-20 21:09:32 +08:00
|
|
|
resp := &Response{Status: "error", Msg: error}
|
|
|
|
|
c.ResponseJsonData(resp, data...)
|
2021-05-09 19:54:20 +08:00
|
|
|
}
|
2021-05-17 23:25:28 +08:00
|
|
|
|
2022-07-01 14:53:34 +08:00
|
|
|
// SetTokenErrorHttpStatus ...
|
|
|
|
|
func (c *ApiController) SetTokenErrorHttpStatus() {
|
|
|
|
|
_, ok := c.Data["json"].(*object.TokenError)
|
|
|
|
|
if ok {
|
2022-08-09 16:50:49 +08:00
|
|
|
if c.Data["json"].(*object.TokenError).Error == object.InvalidClient {
|
2022-07-01 14:53:34 +08:00
|
|
|
c.Ctx.Output.SetStatus(401)
|
|
|
|
|
c.Ctx.Output.Header("WWW-Authenticate", "Basic realm=\"OAuth2\"")
|
|
|
|
|
} else {
|
|
|
|
|
c.Ctx.Output.SetStatus(400)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
_, ok = c.Data["json"].(*object.TokenWrapper)
|
|
|
|
|
if ok {
|
|
|
|
|
c.Ctx.Output.SetStatus(200)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-07 22:02:56 +08:00
|
|
|
// RequireSignedIn ...
|
2021-05-17 23:25:28 +08:00
|
|
|
func (c *ApiController) RequireSignedIn() (string, bool) {
|
2021-07-18 07:15:22 +08:00
|
|
|
userId := c.GetSessionUsername()
|
2021-05-17 23:25:28 +08:00
|
|
|
if userId == "" {
|
2021-08-08 11:06:45 +08:00
|
|
|
c.ResponseError("Please sign in first")
|
2021-05-17 23:25:28 +08:00
|
|
|
return "", false
|
|
|
|
|
}
|
|
|
|
|
return userId, true
|
|
|
|
|
}
|
2021-08-28 11:13:38 +08:00
|
|
|
|
2022-09-18 15:43:49 +08:00
|
|
|
// RequireSignedInUser ...
|
|
|
|
|
func (c *ApiController) RequireSignedInUser() (*object.User, bool) {
|
|
|
|
|
userId, ok := c.RequireSignedIn()
|
|
|
|
|
if !ok {
|
|
|
|
|
return nil, false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
user := object.GetUser(userId)
|
|
|
|
|
if user == nil {
|
|
|
|
|
c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", userId))
|
|
|
|
|
return nil, false
|
|
|
|
|
}
|
|
|
|
|
return user, true
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-18 16:16:45 +08:00
|
|
|
// RequireAdmin ...
|
|
|
|
|
func (c *ApiController) RequireAdmin() (string, bool) {
|
|
|
|
|
user, ok := c.RequireSignedInUser()
|
|
|
|
|
if !ok {
|
|
|
|
|
return "", false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if user.Owner == "built-in" {
|
|
|
|
|
return "", true
|
|
|
|
|
}
|
|
|
|
|
return user.Owner, true
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-20 21:09:32 +08:00
|
|
|
func getInitScore() (int, error) {
|
|
|
|
|
return strconv.Atoi(conf.GetConfigString("initScore"))
|
2021-08-28 11:13:38 +08:00
|
|
|
}
|
2021-09-05 09:44:15 +08:00
|
|
|
|
|
|
|
|
func (c *ApiController) GetProviderFromContext(category string) (*object.Provider, *object.User, bool) {
|
|
|
|
|
providerName := c.Input().Get("provider")
|
|
|
|
|
if providerName != "" {
|
|
|
|
|
provider := object.GetProvider(util.GetId(providerName))
|
|
|
|
|
if provider == nil {
|
|
|
|
|
c.ResponseError(fmt.Sprintf("The provider: %s is not found", providerName))
|
|
|
|
|
return nil, nil, false
|
|
|
|
|
}
|
|
|
|
|
return provider, nil, true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userId, ok := c.RequireSignedIn()
|
|
|
|
|
if !ok {
|
|
|
|
|
return nil, nil, false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
application, user := object.GetApplicationByUserId(userId)
|
2021-09-05 10:30:51 +08:00
|
|
|
if application == nil {
|
|
|
|
|
c.ResponseError(fmt.Sprintf("No application is found for userId: \"%s\"", userId))
|
|
|
|
|
return nil, nil, false
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-05 09:44:15 +08:00
|
|
|
provider := application.GetProviderByCategory(category)
|
|
|
|
|
if provider == nil {
|
|
|
|
|
c.ResponseError(fmt.Sprintf("No provider for category: \"%s\" is found for application: %s", category, application.Name))
|
|
|
|
|
return nil, nil, false
|
|
|
|
|
}
|
2021-09-05 10:30:51 +08:00
|
|
|
|
2021-09-05 09:44:15 +08:00
|
|
|
return provider, user, true
|
|
|
|
|
}
|
