242 lines
6.8 KiB
Go
242 lines
6.8 KiB
Go
package main
|
|
|
|
import (
|
|
"encoding/json"
|
|
"log"
|
|
"net/http"
|
|
"strconv"
|
|
)
|
|
|
|
func (app *App) handleListVolunteers(w http.ResponseWriter, r *http.Request) {
|
|
q := r.URL.Query()
|
|
search := q.Get("search")
|
|
since := q.Get("since")
|
|
|
|
var deptID *int
|
|
if d := q.Get("dept"); d != "" {
|
|
id, err := strconv.Atoi(d)
|
|
if err == nil {
|
|
deptID = &id
|
|
}
|
|
}
|
|
|
|
claims := claimsFromContext(r)
|
|
if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) && deptID == nil && len(claims.DeptIDs) > 0 {
|
|
deptID = &claims.DeptIDs[0]
|
|
}
|
|
|
|
volunteers, err := app.listVolunteers(search, deptID, since)
|
|
if err != nil {
|
|
writeError(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
writeJSON(w, volunteers)
|
|
}
|
|
|
|
func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
|
|
var body struct {
|
|
Name string `json:"name"`
|
|
TicketName string `json:"ticket_name"`
|
|
Email string `json:"email"`
|
|
DepartmentID *int `json:"department_id"`
|
|
IsLead bool `json:"is_lead"`
|
|
Note string `json:"note"`
|
|
}
|
|
if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
|
|
writeError(w, "invalid request", http.StatusBadRequest)
|
|
return
|
|
}
|
|
if body.Name == "" {
|
|
writeError(w, "name is required", http.StatusBadRequest)
|
|
return
|
|
}
|
|
if body.Email == "" {
|
|
writeError(w, "email is required", http.StatusBadRequest)
|
|
return
|
|
}
|
|
claims := claimsFromContext(r)
|
|
if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
|
|
if body.DepartmentID == nil || !inSlice(*body.DepartmentID, claims.DeptIDs) {
|
|
writeError(w, "forbidden: outside your department", http.StatusForbidden)
|
|
return
|
|
}
|
|
}
|
|
p, _ := app.getParticipantByEmail(body.Email)
|
|
if p == nil {
|
|
p, _ = app.createParticipant(Participant{PreferredName: body.Name, Email: body.Email, TicketName: body.TicketName})
|
|
} else if body.TicketName != "" && p.TicketName == "" {
|
|
app.db.Exec(`UPDATE participants SET ticket_name = ?, updated_at = ? WHERE id = ?`, body.TicketName, now(), p.ID)
|
|
}
|
|
if p == nil {
|
|
writeError(w, "failed to create participant", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
confirmToken, err := generateConfirmationToken()
|
|
if err != nil {
|
|
writeError(w, "internal error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
app.setParticipantConfirmationToken(p.ID, confirmToken)
|
|
v := Volunteer{
|
|
ParticipantID: p.ID,
|
|
DepartmentID: body.DepartmentID,
|
|
IsLead: body.IsLead,
|
|
Note: body.Note,
|
|
}
|
|
created, err := app.createVolunteer(v)
|
|
if err != nil {
|
|
writeError(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
go func() {
|
|
if err := app.sendConfirmationEmail(body.Email, body.Name, confirmToken); err != nil {
|
|
log.Printf("confirmation email to %s failed: %v", body.Email, err)
|
|
}
|
|
}()
|
|
w.WriteHeader(http.StatusCreated)
|
|
writeJSON(w, created)
|
|
}
|
|
|
|
func (app *App) handleGetVolunteer(w http.ResponseWriter, r *http.Request) {
|
|
id, err := strconv.Atoi(r.PathValue("id"))
|
|
if err != nil {
|
|
writeError(w, "invalid id", http.StatusBadRequest)
|
|
return
|
|
}
|
|
v, err := app.getVolunteer(id)
|
|
if err != nil || v == nil {
|
|
writeError(w, "not found", http.StatusNotFound)
|
|
return
|
|
}
|
|
writeJSON(w, v)
|
|
}
|
|
|
|
func (app *App) handleUpdateVolunteer(w http.ResponseWriter, r *http.Request) {
|
|
id, err := strconv.Atoi(r.PathValue("id"))
|
|
if err != nil {
|
|
writeError(w, "invalid id", http.StatusBadRequest)
|
|
return
|
|
}
|
|
var body struct {
|
|
DepartmentID *int `json:"department_id"`
|
|
IsLead bool `json:"is_lead"`
|
|
Note string `json:"note"`
|
|
}
|
|
if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
|
|
writeError(w, "invalid request", http.StatusBadRequest)
|
|
return
|
|
}
|
|
claims := claimsFromContext(r)
|
|
if hasAnyRole(claims.Roles, []string{"colead"}) && !hasAnyRole(claims.Roles, []string{"admin", "staffing"}) {
|
|
existing, _ := app.getVolunteer(id)
|
|
if existing == nil || existing.DepartmentID == nil || !inSlice(*existing.DepartmentID, claims.DeptIDs) {
|
|
writeError(w, "forbidden: outside your department", http.StatusForbidden)
|
|
return
|
|
}
|
|
}
|
|
v := Volunteer{
|
|
ID: id,
|
|
DepartmentID: body.DepartmentID,
|
|
IsLead: body.IsLead,
|
|
Note: body.Note,
|
|
}
|
|
if err := app.updateVolunteer(v); err != nil {
|
|
writeError(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
if v.IsLead {
|
|
app.confirmVolunteer(id)
|
|
}
|
|
updated, _ := app.getVolunteer(id)
|
|
writeJSON(w, updated)
|
|
}
|
|
|
|
func (app *App) handleDeleteVolunteer(w http.ResponseWriter, r *http.Request) {
|
|
id, err := strconv.Atoi(r.PathValue("id"))
|
|
if err != nil {
|
|
writeError(w, "invalid id", http.StatusBadRequest)
|
|
return
|
|
}
|
|
if err := app.deleteVolunteer(id); err != nil {
|
|
writeError(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
w.WriteHeader(http.StatusNoContent)
|
|
}
|
|
|
|
func (app *App) handleMarkVolunteerReady(w http.ResponseWriter, r *http.Request) {
|
|
id, err := strconv.Atoi(r.PathValue("id"))
|
|
if err != nil {
|
|
writeError(w, "invalid id", http.StatusBadRequest)
|
|
return
|
|
}
|
|
claims := claimsFromContext(r)
|
|
v, err := app.markVolunteerReady(id, claims.ParticipantID)
|
|
if err != nil {
|
|
writeError(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
app.broker.publish("checkin", map[string]any{"type": "volunteer", "volunteer": v})
|
|
writeJSON(w, v)
|
|
}
|
|
|
|
func (app *App) handleConfirmVolunteer(w http.ResponseWriter, r *http.Request) {
|
|
id, err := strconv.Atoi(r.PathValue("id"))
|
|
if err != nil {
|
|
writeError(w, "invalid id", http.StatusBadRequest)
|
|
return
|
|
}
|
|
v, err := app.confirmVolunteer(id)
|
|
if err != nil {
|
|
writeError(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
writeJSON(w, v)
|
|
}
|
|
|
|
func (app *App) handleAssignShift(w http.ResponseWriter, r *http.Request) {
|
|
volunteerID, err := strconv.Atoi(r.PathValue("id"))
|
|
if err != nil {
|
|
writeError(w, "invalid volunteer id", http.StatusBadRequest)
|
|
return
|
|
}
|
|
var body struct {
|
|
ShiftID int `json:"shift_id"`
|
|
}
|
|
if err := json.NewDecoder(r.Body).Decode(&body); err != nil || body.ShiftID == 0 {
|
|
writeError(w, "shift_id required", http.StatusBadRequest)
|
|
return
|
|
}
|
|
if err := app.assignShift(volunteerID, body.ShiftID); err != nil {
|
|
writeError(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
w.WriteHeader(http.StatusNoContent)
|
|
}
|
|
|
|
func (app *App) handleUnassignShift(w http.ResponseWriter, r *http.Request) {
|
|
volunteerID, err := strconv.Atoi(r.PathValue("id"))
|
|
if err != nil {
|
|
writeError(w, "invalid volunteer id", http.StatusBadRequest)
|
|
return
|
|
}
|
|
shiftID, err := strconv.Atoi(r.PathValue("shift_id"))
|
|
if err != nil {
|
|
writeError(w, "invalid shift id", http.StatusBadRequest)
|
|
return
|
|
}
|
|
if err := app.unassignShift(volunteerID, shiftID); err != nil {
|
|
writeError(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
w.WriteHeader(http.StatusNoContent)
|
|
}
|
|
|
|
func inSlice(v int, s []int) bool {
|
|
for _, x := range s {
|
|
if x == v {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|