-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathendpoints-notifications.go
More file actions
171 lines (123 loc) · 4.32 KB
/
endpoints-notifications.go
File metadata and controls
171 lines (123 loc) · 4.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
package main
import (
"fmt"
"log"
"net/http"
"github.com/caTUstrophy/backend/db"
"github.com/gin-gonic/gin"
"github.com/go-playground/validator"
"github.com/leebenson/conform"
)
// Structs
type UpdateNotificationPayload struct {
Read bool `conform:"trim" validate:"exists"`
}
// Functions
func (app *App) ListNotifications(c *gin.Context) {
// Check authorization for this function.
ok, User, message := app.Authorize(c.Request)
if !ok {
// Signal client an error and expect authorization.
c.Header("WWW-Authenticate", fmt.Sprintf("Bearer realm=\"CaTUstrophy\", error=\"invalid_token\", error_description=\"%s\"", message))
c.Status(http.StatusUnauthorized)
return
}
var Notifications []db.Notification
app.DB.Find(&Notifications, "\"user_id\" = ? AND \"read\" = ?", User.ID, "false")
// Instantiate final response slice.
response := make([]interface{}, len(Notifications))
// Range over all notifications and enrich with
// additional objects if necessary.
for i, notification := range Notifications {
jsonNotificationTmp := CopyNestedModel(notification, fieldsNotification)
jsonNotification, ok := jsonNotificationTmp.(map[string]interface{})
if !ok {
log.Println("[ListNotifications] Type assertion of jsonNotificationTmp went wrong.")
return
}
if notification.Type == db.NotificationMatching {
// Find matching element and connected elements.
var Matching db.Matching
app.DB.First(&Matching, "\"id\" = ?", notification.ItemID)
app.DB.Model(&Matching).Related(&Matching.Offer)
app.DB.Model(&Matching.Offer).Related(&Matching.Offer.User)
app.DB.Model(&Matching).Related(&Matching.Request)
app.DB.Model(&Matching.Request).Related(&Matching.Request.User)
// Marshal compiled matching model.
jsonMatchingTmp := CopyNestedModel(Matching, fieldsMatching)
jsonMatching, ok := jsonMatchingTmp.(map[string]interface{})
if !ok {
log.Println("[ListNotifications] Type assertion of jsonMatchingTmp went wrong.")
return
}
// Append marshalled matching to response JSON.
jsonNotification["Matching"] = jsonMatching
}
response[i] = jsonNotification
}
c.JSON(http.StatusOK, response)
}
func (app *App) UpdateNotification(c *gin.Context) {
// Check authorization for this function.
ok, User, message := app.Authorize(c.Request)
if !ok {
// Signal client an error and expect authorization.
c.Header("WWW-Authenticate", fmt.Sprintf("Bearer realm=\"CaTUstrophy\", error=\"invalid_token\", error_description=\"%s\"", message))
c.Status(http.StatusUnauthorized)
return
}
// Retrieve notificationID from request URL.
notificationID := app.getUUID(c, "notificationID")
if notificationID == "" {
c.JSON(http.StatusBadRequest, gin.H{
"Error": "notificationID is no valid UUID",
})
return
}
var Payload UpdateNotificationPayload
// Expect the update fields in request body.
err := c.BindJSON(&Payload)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"Error": "Supplied values in JSON body could not be parsed",
})
return
}
// Validate sent data for updating a notification.
conform.Strings(&Payload)
errs := app.Validator.Struct(&Payload)
if errs != nil {
errResp := make(map[string]string)
// Iterate over all validation errors.
for _, err := range errs.(validator.ValidationErrors) {
if err.Tag == "exists" {
errResp[err.Field] = "Has to be present"
}
}
// Send prepared error message to client.
c.JSON(http.StatusBadRequest, errResp)
return
}
var Notification db.Notification
app.DB.First(&Notification, "\"id\" = ?", notificationID)
// Check if user is actually owner of notification.
// This conforms to the scope 'C' level of this handler.
if Notification.UserID != User.ID {
// Signal client an error and expect authorization.
c.Header("WWW-Authenticate", "Bearer realm=\"CaTUstrophy\", error=\"invalid_token\", error_description=\"JWT was invalid\"")
c.Status(http.StatusUnauthorized)
return
}
// If Read flag from request was set to 'false' return an error.
if Payload.Read != true {
c.JSON(http.StatusBadRequest, gin.H{
"Read": "Can not be anything different than 'true'",
})
return
}
// All checks passed - set notification to read.
Notification.Read = true
app.DB.Save(&Notification)
response := CopyNestedModel(Notification, fieldsNotificationWithRead)
c.JSON(http.StatusOK, response)
}