pen/Turnpike
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactored user/volunteer/participant identity.

Browse source
This commit is contained in:
Pen Anderson 2026-03-10 14:08:00 -05:00
parent e640bf8bed
commit 1eb6a99ff6
28 changed files with 469 additions and 265 deletions
Download patch file Download diff file Expand all files Collapse all files

36
handle_users.go
View file

@ -17,17 +17,18 @@ func (app *App) handleListUsers(w http.ResponseWriter, r *http.Request) {
func (app *App) handleCreateUser(w http.ResponseWriter, r *http.Request) {
var body struct {
Username string `json:"username"`
Password string `json:"password"`
Role string `json:"role"`
DepartmentIDs []int `json:"department_ids"`
Email string `json:"email"`
PreferredName string `json:"preferred_name"`
Password string `json:"password"`
Roles []string `json:"roles"`
DepartmentIDs []int `json:"department_ids"`
}
if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
writeError(w, "invalid request", http.StatusBadRequest)
return
}
if body.Username == "" || body.Password == "" || body.Role == "" {
writeError(w, "username, password, and role are required", http.StatusBadRequest)
if body.Email == "" || body.Password == "" || len(body.Roles) == 0 {
writeError(w, "email, password, and at least one role are required", http.StatusBadRequest)
return
}
hash, err := hashPassword(body.Password)
@ -38,7 +39,7 @@ func (app *App) handleCreateUser(w http.ResponseWriter, r *http.Request) {
if body.DepartmentIDs == nil {
body.DepartmentIDs = []int{}
}
user, err := app.createUser(body.Username, hash, body.Role, body.DepartmentIDs)
user, err := app.createUser(body.Email, body.PreferredName, hash, body.Roles, body.DepartmentIDs)
if err != nil {
writeError(w, err.Error(), http.StatusInternalServerError)
return
@ -53,10 +54,15 @@ func (app *App) handleUpdateUser(w http.ResponseWriter, r *http.Request) {
writeError(w, "invalid id", http.StatusBadRequest)
return
}
target, _ := app.getUser(id)
if target == nil {
writeError(w, "not found", http.StatusNotFound)
return
}
var body struct {
Role string `json:"role"`
Password string `json:"password"`
DepartmentIDs []int `json:"department_ids"`
Roles []string `json:"roles"`
Password string `json:"password"`
DepartmentIDs []int `json:"department_ids"`
}
if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
writeError(w, "invalid request", http.StatusBadRequest)
@ -65,8 +71,8 @@ func (app *App) handleUpdateUser(w http.ResponseWriter, r *http.Request) {
if body.DepartmentIDs == nil {
body.DepartmentIDs = []int{}
}
if body.Role != "" {
if err := app.updateUser(id, body.Role, body.DepartmentIDs); err != nil {
if body.Roles != nil {
if err := app.updateUserRoles(id, body.Roles, body.DepartmentIDs); err != nil {
writeError(w, err.Error(), http.StatusInternalServerError)
return
}
@ -82,7 +88,7 @@ func (app *App) handleUpdateUser(w http.ResponseWriter, r *http.Request) {
return
}
}
user, _ := app.getUserByID(id)
user, _ := app.getUser(id)
writeJSON(w, user)
}
@ -93,11 +99,11 @@ func (app *App) handleDeleteUser(w http.ResponseWriter, r *http.Request) {
return
}
claims := claimsFromContext(r)
if claims.UserID == id {
if claims.ParticipantID == id {
writeError(w, "cannot delete yourself", http.StatusBadRequest)
return
}
if err := app.deleteUser(id); err != nil {
if err := app.removeUser(id); err != nil {
writeError(w, err.Error(), http.StatusInternalServerError)
return
}