casdoor/controllers/util.go

// Copyright 2021 The Casdoor Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package controllers

import (
	"fmt"

	"github.com/casdoor/casdoor/conf"
	"github.com/casdoor/casdoor/i18n"
	"github.com/casdoor/casdoor/object"
	"github.com/casdoor/casdoor/util"
)

// ResponseJsonData ...
func (c *ApiController) ResponseJsonData(resp *Response, data ...interface{}) {
	switch len(data) {
	case 2:
		resp.Data2 = data[1]
		fallthrough
	case 1:
		resp.Data = data[0]
	}
	c.Data["json"] = resp
	c.ServeJSON()
}

// ResponseOk ...
func (c *ApiController) ResponseOk(data ...interface{}) {
	resp := &Response{Status: "ok"}
	c.ResponseJsonData(resp, data...)
}

// ResponseError ...
func (c *ApiController) ResponseError(error string, data ...interface{}) {
	resp := &Response{Status: "error", Msg: error}
	c.ResponseJsonData(resp, data...)
}

func (c *ApiController) T(error string) string {
	return i18n.Translate(c.GetAcceptLanguage(), error)
}

// GetAcceptLanguage ...
func (c *ApiController) GetAcceptLanguage() string {
	language := c.Ctx.Request.Header.Get("Accept-Language")
	return conf.GetLanguage(language)
}

// SetTokenErrorHttpStatus ...
func (c *ApiController) SetTokenErrorHttpStatus() {
	_, ok := c.Data["json"].(*object.TokenError)
	if ok {
		if c.Data["json"].(*object.TokenError).Error == object.InvalidClient {
			c.Ctx.Output.SetStatus(401)
			c.Ctx.Output.Header("WWW-Authenticate", "Basic realm=\"OAuth2\"")
		} else {
			c.Ctx.Output.SetStatus(400)
		}
	}
	_, ok = c.Data["json"].(*object.TokenWrapper)
	if ok {
		c.Ctx.Output.SetStatus(200)
	}
}

// RequireSignedIn ...
func (c *ApiController) RequireSignedIn() (string, bool) {
	userId := c.GetSessionUsername()
	if userId == "" {
		c.ResponseError(c.T("general:Please login first"), "Please login first")
		return "", false
	}
	return userId, true
}

// RequireSignedInUser ...
func (c *ApiController) RequireSignedInUser() (*object.User, bool) {
	userId, ok := c.RequireSignedIn()
	if !ok {
		return nil, false
	}

	user := object.GetUser(userId)
	if user == nil {
		c.ClearUserSession()
		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), userId))
		return nil, false
	}
	return user, true
}

// RequireAdmin ...
func (c *ApiController) RequireAdmin() (string, bool) {
	user, ok := c.RequireSignedInUser()
	if !ok {
		return "", false
	}

	if user.Owner == "built-in" {
		return "", true
	}
	return user.Owner, true
}

func (c *ApiController) GetProviderFromContext(category string) (*object.Provider, *object.User, bool) {
	providerName := c.Input().Get("provider")
	if providerName != "" {
		provider := object.GetProvider(util.GetId("admin", providerName))
		if provider == nil {
			c.ResponseError(fmt.Sprintf(c.T("util:The provider: %s is not found"), providerName))
			return nil, nil, false
		}
		return provider, nil, true
	}

	userId, ok := c.RequireSignedIn()
	if !ok {
		return nil, nil, false
	}

	application, user := object.GetApplicationByUserId(userId)
	if application == nil {
		c.ResponseError(fmt.Sprintf(c.T("util:No application is found for userId: %s"), userId))
		return nil, nil, false
	}

	provider := application.GetProviderByCategory(category)
	if provider == nil {
		c.ResponseError(fmt.Sprintf(c.T("util:No provider for category: %s is found for application: %s"), category, application.Name))
		return nil, nil, false
	}

	return provider, user, true
}

func checkQuotaForApplication(count int) error {
	quota := conf.GetConfigQuota().Application
	if quota == -1 {
		return nil
	}
	if count >= quota {
		return fmt.Errorf("application quota is exceeded")
	}
	return nil
}

func checkQuotaForOrganization(count int) error {
	quota := conf.GetConfigQuota().Organization
	if quota == -1 {
		return nil
	}
	if count >= quota {
		return fmt.Errorf("organization quota is exceeded")
	}
	return nil
}

func checkQuotaForProvider(count int) error {
	quota := conf.GetConfigQuota().Provider
	if quota == -1 {
		return nil
	}
	if count >= quota {
		return fmt.Errorf("provider quota is exceeded")
	}
	return nil
}

func checkQuotaForUser(count int) error {
	quota := conf.GetConfigQuota().User
	if quota == -1 {
		return nil
	}
	if count >= quota {
		return fmt.Errorf("user quota is exceeded")
	}
	return nil
}

func getInvalidSmsReceivers(smsForm SmsForm) []string {
	var invalidReceivers []string
	for _, receiver := range smsForm.Receivers {
		// The receiver phone format: E164 like +8613854673829 +441932567890
		if !util.IsPhoneValid(receiver, "") {
			invalidReceivers = append(invalidReceivers, receiver)
		}
	}
	return invalidReceivers
}
Update license headers. 2022-02-13 23:39:27 +08:00			`// Copyright 2021 The Casdoor Authors. All Rights Reserved.`
Add github oauth. 2021-02-14 00:22:24 +08:00			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

			`package controllers`

Add getInitScore(). 2021-08-28 11:13:38 +08:00			`import (`
Refactor GetProviderFromContext(). 2021-09-05 09:44:15 +08:00			`"fmt"`
Add getInitScore(). 2021-08-28 11:13:38 +08:00
feat: support overriding configuration with env (#590) 2022-03-20 23:21:09 +08:00			`"github.com/casdoor/casdoor/conf"`
feat: support i18n in backend err messages (#1232) * feat: support i18n in backend err messages * use gofumpt to fmt code * fix review problems * support auto generate err message * delete beego/i18n moudle * fix Github action test problems * fix review problems * use gofumpt to format code * use gofumpt to fmt code 2022-10-23 15:16:24 +08:00			`"github.com/casdoor/casdoor/i18n"`
Update import path. 2022-01-20 14:11:46 +08:00			`"github.com/casdoor/casdoor/object"`
			`"github.com/casdoor/casdoor/util"`
Add getInitScore(). 2021-08-28 11:13:38 +08:00			`)`

feat: replace panic with details json error payload. (#1039) Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com> Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com> 2022-08-20 21:09:32 +08:00			`// ResponseJsonData ...`
			`func (c ApiController) ResponseJsonData(resp Response, data ...interface{}) {`
Use c.ResponseOk() for all places. 2021-08-08 16:00:19 +08:00			`switch len(data) {`
			`case 2:`
			`resp.Data2 = data[1]`
			`fallthrough`
			`case 1:`
			`resp.Data = data[0]`
			`}`
			`c.Data["json"] = resp`
			`c.ServeJSON()`
			`}`

feat: replace panic with details json error payload. (#1039) Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com> Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com> 2022-08-20 21:09:32 +08:00			`// ResponseOk ...`
			`func (c *ApiController) ResponseOk(data ...interface{}) {`
			`resp := &Response{Status: "ok"}`
			`c.ResponseJsonData(resp, data...)`
			`}`

fix: improve code specification (#231) 2021-08-07 22:02:56 +08:00			`// ResponseError ...`
feat: expose email and sms APIs as services to SDK (#202) Signed-off-by: Kininaru <shiftregister233@outlook.com> invalid receivers 2021-07-30 14:15:10 +08:00			`func (c *ApiController) ResponseError(error string, data ...interface{}) {`
feat: replace panic with details json error payload. (#1039) Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com> Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com> 2022-08-20 21:09:32 +08:00			`resp := &Response{Status: "error", Msg: error}`
			`c.ResponseJsonData(resp, data...)`
feat: set password for users Signed-off-by: Kininaru <shiftregister233@outlook.com> removed useless blank Signed-off-by: Kininaru <shiftregister233@outlook.com> add license header Signed-off-by: Kininaru <shiftregister233@outlook.com> i18n Signed-off-by: Kininaru <shiftregister233@outlook.com> database logic Signed-off-by: Kininaru <shiftregister233@outlook.com> i18n Signed-off-by: Kininaru <shiftregister233@outlook.com> i18n Signed-off-by: Kininaru <shiftregister233@outlook.com> 2021-05-09 19:54:20 +08:00			`}`
Refactor out c.RequireSignedIn() 2021-05-17 23:25:28 +08:00
feat: support i18n in backend err messages (#1232) * feat: support i18n in backend err messages * use gofumpt to fmt code * fix review problems * support auto generate err message * delete beego/i18n moudle * fix Github action test problems * fix review problems * use gofumpt to format code * use gofumpt to fmt code 2022-10-23 15:16:24 +08:00			`func (c *ApiController) T(error string) string {`
			`return i18n.Translate(c.GetAcceptLanguage(), error)`
			`}`

			`// GetAcceptLanguage ...`
			`func (c *ApiController) GetAcceptLanguage() string {`
Fix router error message's i18n 2023-02-18 16:11:23 +08:00			`language := c.Ctx.Request.Header.Get("Accept-Language")`
			`return conf.GetLanguage(language)`
feat: support i18n in backend err messages (#1232) * feat: support i18n in backend err messages * use gofumpt to fmt code * fix review problems * support auto generate err message * delete beego/i18n moudle * fix Github action test problems * fix review problems * use gofumpt to format code * use gofumpt to fmt code 2022-10-23 15:16:24 +08:00			`}`

fix: fix OAuth error response (#835) * fix: fix OAuth error response * fix: provide more detailed error messages for TokenError 2022-07-01 14:53:34 +08:00			`// SetTokenErrorHttpStatus ...`
			`func (c *ApiController) SetTokenErrorHttpStatus() {`
			`_, ok := c.Data["json"].(*object.TokenError)`
			`if ok {`
style: golint (#988) 2022-08-09 16:50:49 +08:00			`if c.Data["json"].(*object.TokenError).Error == object.InvalidClient {`
fix: fix OAuth error response (#835) * fix: fix OAuth error response * fix: provide more detailed error messages for TokenError 2022-07-01 14:53:34 +08:00			`c.Ctx.Output.SetStatus(401)`
			`c.Ctx.Output.Header("WWW-Authenticate", "Basic realm=\"OAuth2\"")`
			`} else {`
			`c.Ctx.Output.SetStatus(400)`
			`}`
			`}`
			`_, ok = c.Data["json"].(*object.TokenWrapper)`
			`if ok {`
			`c.Ctx.Output.SetStatus(200)`
			`}`
			`}`

fix: improve code specification (#231) 2021-08-07 22:02:56 +08:00			`// RequireSignedIn ...`
Refactor out c.RequireSignedIn() 2021-05-17 23:25:28 +08:00			`func (c *ApiController) RequireSignedIn() (string, bool) {`
refactor: SessionUser -> SessionUsername Signed-off-by: Kininaru <shiftregister233@outlook.com> 2021-07-18 07:15:22 +08:00			`userId := c.GetSessionUsername()`
Refactor out c.RequireSignedIn() 2021-05-17 23:25:28 +08:00			`if userId == "" {`
Remove duplicated i18n words 2023-01-06 20:12:32 +08:00			`c.ResponseError(c.T("general:Please login first"), "Please login first")`
Refactor out c.RequireSignedIn() 2021-05-17 23:25:28 +08:00			`return "", false`
			`}`
			`return userId, true`
			`}`
Add getInitScore(). 2021-08-28 11:13:38 +08:00
Add RequireSignedInUser() 2022-09-18 15:43:49 +08:00			`// RequireSignedInUser ...`
			`func (c ApiController) RequireSignedInUser() (object.User, bool) {`
			`userId, ok := c.RequireSignedIn()`
			`if !ok {`
			`return nil, false`
			`}`

			`user := object.GetUser(userId)`
			`if user == nil {`
feat: clear the session of a signin but non-existent user (#1246) 2022-10-29 20:18:02 +08:00			`c.ClearUserSession()`
Remove duplicated i18n words 2023-01-06 20:12:32 +08:00			`c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), userId))`
Add RequireSignedInUser() 2022-09-18 15:43:49 +08:00			`return nil, false`
			`}`
			`return user, true`
			`}`

Show logs to org admin 2022-09-18 16:16:45 +08:00			`// RequireAdmin ...`
			`func (c *ApiController) RequireAdmin() (string, bool) {`
			`user, ok := c.RequireSignedInUser()`
			`if !ok {`
			`return "", false`
			`}`

			`if user.Owner == "built-in" {`
			`return "", true`
			`}`
			`return user.Owner, true`
			`}`

Refactor GetProviderFromContext(). 2021-09-05 09:44:15 +08:00			`func (c ApiController) GetProviderFromContext(category string) (object.Provider, *object.User, bool) {`
			`providerName := c.Input().Get("provider")`
			`if providerName != "" {`
feat: fix the bug that admin cannot upload avatar for other users (#1323) 2022-11-25 09:36:47 +08:00			`provider := object.GetProvider(util.GetId("admin", providerName))`
Refactor GetProviderFromContext(). 2021-09-05 09:44:15 +08:00			`if provider == nil {`
Add /api/get-message-answer API 2023-05-01 23:15:51 +08:00			`c.ResponseError(fmt.Sprintf(c.T("util:The provider: %s is not found"), providerName))`
Refactor GetProviderFromContext(). 2021-09-05 09:44:15 +08:00			`return nil, nil, false`
			`}`
			`return provider, nil, true`
			`}`

			`userId, ok := c.RequireSignedIn()`
			`if !ok {`
			`return nil, nil, false`
			`}`

			`application, user := object.GetApplicationByUserId(userId)`
Improve SendEmail() and SendSms() APIs. 2021-09-05 10:30:51 +08:00			`if application == nil {`
feat: refactor backend i18n (#1373) * fix: handle the dataSourceName when DB changes * reduce duplication of code * feat: refactor translation error message * feat: use json intsead of ini file * remove useless translation * fix translate problems * remove useless addition * fix pr problems * fix pr problems * fix split problem * use gofumpt to fmt code * use crowdin to execute backend translation * fix pr problems * refactor: change translation file structure same as frontend * delete useless output * update go.mod 2022-12-07 13:13:23 +08:00			`c.ResponseError(fmt.Sprintf(c.T("util:No application is found for userId: %s"), userId))`
Improve SendEmail() and SendSms() APIs. 2021-09-05 10:30:51 +08:00			`return nil, nil, false`
			`}`

Refactor GetProviderFromContext(). 2021-09-05 09:44:15 +08:00			`provider := application.GetProviderByCategory(category)`
			`if provider == nil {`
feat: refactor backend i18n (#1373) * fix: handle the dataSourceName when DB changes * reduce duplication of code * feat: refactor translation error message * feat: use json intsead of ini file * remove useless translation * fix translate problems * remove useless addition * fix pr problems * fix pr problems * fix split problem * use gofumpt to fmt code * use crowdin to execute backend translation * fix pr problems * refactor: change translation file structure same as frontend * delete useless output * update go.mod 2022-12-07 13:13:23 +08:00			`c.ResponseError(fmt.Sprintf(c.T("util:No provider for category: %s is found for application: %s"), category, application.Name))`
Refactor GetProviderFromContext(). 2021-09-05 09:44:15 +08:00			`return nil, nil, false`
			`}`
Improve SendEmail() and SendSms() APIs. 2021-09-05 10:30:51 +08:00
Refactor GetProviderFromContext(). 2021-09-05 09:44:15 +08:00			`return provider, user, true`
			`}`
feat: add quota limitation to organizations, users, providers and applications (#1339) 2022-11-29 11:01:41 +08:00
			`func checkQuotaForApplication(count int) error {`
			`quota := conf.GetConfigQuota().Application`
			`if quota == -1 {`
			`return nil`
			`}`
			`if count >= quota {`
			`return fmt.Errorf("application quota is exceeded")`
			`}`
			`return nil`
			`}`

			`func checkQuotaForOrganization(count int) error {`
			`quota := conf.GetConfigQuota().Organization`
			`if quota == -1 {`
			`return nil`
			`}`
			`if count >= quota {`
			`return fmt.Errorf("organization quota is exceeded")`
			`}`
			`return nil`
			`}`

			`func checkQuotaForProvider(count int) error {`
			`quota := conf.GetConfigQuota().Provider`
			`if quota == -1 {`
			`return nil`
			`}`
			`if count >= quota {`
			`return fmt.Errorf("provider quota is exceeded")`
			`}`
			`return nil`
			`}`

			`func checkQuotaForUser(count int) error {`
			`quota := conf.GetConfigQuota().User`
			`if quota == -1 {`
			`return nil`
			`}`
			`if count >= quota {`
			`return fmt.Errorf("user quota is exceeded")`
			`}`
			`return nil`
			`}`
feat: add SMS test feature (#1606) * feat: add SMS test * fix: Add missing translation * fix: Delete redundant information * fix: remove unnecessary field * Update sms.go --------- Co-authored-by: hsluoyz <hsluoyz@qq.com> 2023-03-03 22:15:02 +08:00
Improve SMS code 2023-03-03 22:44:22 +08:00			`func getInvalidSmsReceivers(smsForm SmsForm) []string {`
feat: add SMS test feature (#1606) * feat: add SMS test * fix: Add missing translation * fix: Delete redundant information * fix: remove unnecessary field * Update sms.go --------- Co-authored-by: hsluoyz <hsluoyz@qq.com> 2023-03-03 22:15:02 +08:00			`var invalidReceivers []string`
			`for _, receiver := range smsForm.Receivers {`
			`// The receiver phone format: E164 like +8613854673829 +441932567890`
			`if !util.IsPhoneValid(receiver, "") {`
			`invalidReceivers = append(invalidReceivers, receiver)`
			`}`
			`}`
			`return invalidReceivers`
			`}`