2020-12-20 19:00:59 +01:00
|
|
|
package sql
|
|
|
|
|
|
|
|
import (
|
|
|
|
"database/sql"
|
|
|
|
"github.com/ansible-semaphore/semaphore/db"
|
2024-02-27 12:06:05 +01:00
|
|
|
"github.com/Masterminds/squirrel"
|
2020-12-20 19:00:59 +01:00
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
"time"
|
|
|
|
)
|
|
|
|
|
2021-05-06 14:41:31 +02:00
|
|
|
func (d *SqlDb) CreateUserWithoutPassword(user db.User) (newUser db.User, err error) {
|
|
|
|
|
2021-12-18 14:16:34 +01:00
|
|
|
err = db.ValidateUser(user)
|
2021-05-06 14:41:31 +02:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
user.Password = ""
|
|
|
|
user.Created = db.GetParsedTime(time.Now())
|
|
|
|
|
|
|
|
err = d.sql.Insert(&user)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
newUser = user
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-03-12 22:13:39 +01:00
|
|
|
func (d *SqlDb) CreateUser(user db.UserWithPwd) (newUser db.User, err error) {
|
2021-05-06 14:41:31 +02:00
|
|
|
|
2021-12-18 14:16:34 +01:00
|
|
|
err = db.ValidateUser(user.User)
|
2021-05-06 14:41:31 +02:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-03-12 22:13:39 +01:00
|
|
|
pwdHash, err := bcrypt.GenerateFromPassword([]byte(user.Pwd), 11)
|
2020-12-20 19:00:59 +01:00
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-03-12 22:13:39 +01:00
|
|
|
user.Password = string(pwdHash)
|
|
|
|
user.Created = db.GetParsedTime(time.Now())
|
2020-12-20 19:00:59 +01:00
|
|
|
|
2021-03-12 22:13:39 +01:00
|
|
|
err = d.sql.Insert(&user.User)
|
2020-12-20 19:00:59 +01:00
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-03-12 22:13:39 +01:00
|
|
|
newUser = user.User
|
2020-12-20 19:00:59 +01:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *SqlDb) DeleteUser(userID int) error {
|
2021-08-24 17:20:34 +02:00
|
|
|
res, err := d.exec("delete from `user` where id=?", userID)
|
2020-12-20 19:00:59 +01:00
|
|
|
return validateMutationResult(res, err)
|
|
|
|
}
|
|
|
|
|
2021-03-12 22:13:39 +01:00
|
|
|
func (d *SqlDb) UpdateUser(user db.UserWithPwd) error {
|
|
|
|
var err error
|
|
|
|
|
|
|
|
if user.Pwd != "" {
|
|
|
|
var pwdHash []byte
|
|
|
|
pwdHash, err = bcrypt.GenerateFromPassword([]byte(user.Pwd), 11)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-08-24 17:20:34 +02:00
|
|
|
_, err = d.exec(
|
2022-03-26 22:55:33 +01:00
|
|
|
"update `user` set name=?, username=?, email=?, alert=?, admin=?, password=? where id=?",
|
2021-03-12 22:13:39 +01:00
|
|
|
user.Name,
|
|
|
|
user.Username,
|
|
|
|
user.Email,
|
|
|
|
user.Alert,
|
|
|
|
user.Admin,
|
|
|
|
string(pwdHash),
|
|
|
|
user.ID)
|
|
|
|
} else {
|
2021-08-24 17:20:34 +02:00
|
|
|
_, err = d.exec(
|
|
|
|
"update `user` set name=?, username=?, email=?, alert=?, admin=? where id=?",
|
2021-03-12 22:13:39 +01:00
|
|
|
user.Name,
|
|
|
|
user.Username,
|
|
|
|
user.Email,
|
|
|
|
user.Alert,
|
|
|
|
user.Admin,
|
|
|
|
user.ID)
|
|
|
|
}
|
2020-12-20 19:00:59 +01:00
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *SqlDb) SetUserPassword(userID int, password string) error {
|
|
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), 11)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-08-24 17:20:34 +02:00
|
|
|
_, err = d.exec(
|
|
|
|
"update `user` set password=? where id=?",
|
|
|
|
string(hash), userID)
|
2020-12-20 19:00:59 +01:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *SqlDb) CreateProjectUser(projectUser db.ProjectUser) (newProjectUser db.ProjectUser, err error) {
|
2021-08-24 17:20:34 +02:00
|
|
|
_, err = d.exec(
|
2023-07-07 23:15:30 +02:00
|
|
|
"insert into project__user (project_id, user_id, `role`) values (?, ?, ?)",
|
2020-12-20 19:00:59 +01:00
|
|
|
projectUser.ProjectID,
|
|
|
|
projectUser.UserID,
|
2023-07-07 23:15:30 +02:00
|
|
|
projectUser.Role)
|
2020-12-20 19:00:59 +01:00
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
newProjectUser = projectUser
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *SqlDb) GetProjectUser(projectID, userID int) (db.ProjectUser, error) {
|
|
|
|
var user db.ProjectUser
|
|
|
|
|
2021-08-24 17:20:34 +02:00
|
|
|
err := d.selectOne(&user,
|
2020-12-20 19:00:59 +01:00
|
|
|
"select * from project__user where project_id=? and user_id=?",
|
|
|
|
projectID,
|
|
|
|
userID)
|
|
|
|
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
err = db.ErrNotFound
|
|
|
|
}
|
|
|
|
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
|
2023-07-08 12:41:57 +02:00
|
|
|
func (d *SqlDb) GetProjectUsers(projectID int, params db.RetrieveQueryParams) (users []db.UserWithProjectRole, err error) {
|
2023-07-08 11:39:51 +02:00
|
|
|
q := squirrel.Select("u.*").
|
|
|
|
Column("pu.role").
|
2020-12-20 19:00:59 +01:00
|
|
|
From("project__user as pu").
|
2021-08-24 19:52:35 +02:00
|
|
|
LeftJoin("`user` as u on pu.user_id=u.id").
|
2020-12-20 19:00:59 +01:00
|
|
|
Where("pu.project_id=?", projectID)
|
|
|
|
|
|
|
|
sortDirection := "ASC"
|
|
|
|
if params.SortInverted {
|
|
|
|
sortDirection = "DESC"
|
|
|
|
}
|
|
|
|
|
|
|
|
switch params.SortBy {
|
|
|
|
case "name", "username", "email":
|
|
|
|
q = q.OrderBy("u." + params.SortBy + " " + sortDirection)
|
2023-07-08 11:39:51 +02:00
|
|
|
case "role":
|
2020-12-20 19:00:59 +01:00
|
|
|
q = q.OrderBy("pu." + params.SortBy + " " + sortDirection)
|
|
|
|
default:
|
|
|
|
q = q.OrderBy("u.name " + sortDirection)
|
|
|
|
}
|
|
|
|
|
|
|
|
query, args, err := q.ToSql()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-24 19:52:35 +02:00
|
|
|
_, err = d.selectAll(&users, query, args...)
|
2020-12-20 19:00:59 +01:00
|
|
|
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *SqlDb) UpdateProjectUser(projectUser db.ProjectUser) error {
|
2021-08-24 17:20:34 +02:00
|
|
|
_, err := d.exec(
|
2023-07-07 23:15:30 +02:00
|
|
|
"update `project__user` set role=? where user_id=? and project_id = ?",
|
|
|
|
projectUser.Role,
|
2020-12-20 19:00:59 +01:00
|
|
|
projectUser.UserID,
|
|
|
|
projectUser.ProjectID)
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *SqlDb) DeleteProjectUser(projectID, userID int) error {
|
2021-08-24 17:20:34 +02:00
|
|
|
_, err := d.exec("delete from project__user where user_id=? and project_id=?", userID, projectID)
|
2020-12-20 19:00:59 +01:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-07-07 23:15:30 +02:00
|
|
|
// GetUser retrieves a user from the database by ID
|
2020-12-20 19:00:59 +01:00
|
|
|
func (d *SqlDb) GetUser(userID int) (db.User, error) {
|
|
|
|
var user db.User
|
|
|
|
|
2021-08-24 17:20:34 +02:00
|
|
|
err := d.selectOne(&user, "select * from `user` where id=?", userID)
|
2020-12-20 19:00:59 +01:00
|
|
|
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
err = db.ErrNotFound
|
|
|
|
}
|
|
|
|
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *SqlDb) GetUsers(params db.RetrieveQueryParams) (users []db.User, err error) {
|
|
|
|
query, args, err := getSqlForTable("user", params)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-24 19:52:35 +02:00
|
|
|
_, err = d.selectAll(&users, query, args...)
|
2020-12-20 19:00:59 +01:00
|
|
|
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *SqlDb) GetUserByLoginOrEmail(login string, email string) (existingUser db.User, err error) {
|
2021-08-24 17:20:34 +02:00
|
|
|
err = d.selectOne(
|
|
|
|
&existingUser,
|
2022-01-31 22:30:36 +01:00
|
|
|
d.PrepareQuery("select * from `user` where email=? or username=?"),
|
2021-08-24 17:20:34 +02:00
|
|
|
email, login)
|
2021-08-11 16:54:27 +02:00
|
|
|
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
err = db.ErrNotFound
|
|
|
|
}
|
|
|
|
|
2020-12-20 19:00:59 +01:00
|
|
|
return
|
|
|
|
}
|