ripple-api/app/v1/user.go

// Package v1 implements the first version of the Ripple API.
package v1

import (
	"database/sql"
	"fmt"
	"strconv"
	"strings"
	"time"

	"github.com/osuripple/api/common"
)

type userData struct {
	ID             int       `json:"id"`
	Username       string    `json:"username"`
	UsernameAKA    string    `json:"username_aka"`
	RegisteredOn   time.Time `json:"registered_on"`
	Rank           int       `json:"rank"`
	LatestActivity time.Time `json:"latest_activity"`
	Country        string    `json:"country"`
	Badges         []int     `json:"badges"`
}

// UserGET is the API handler for GET /user/:id
func UserGET(md common.MethodData) (r common.Response) {
	var err error
	var uid int
	uidStr := md.C.Param("id")
	if uidStr == "self" {
		uid = md.User.UserID
	} else {
		uid, err = strconv.Atoi(uidStr)
		if err != nil {
			r.Code = 400
			r.Message = fmt.Sprintf("%s ain't a number", uidStr)
			return
		}
	}

	user := userData{}

	registeredOn := int64(0)
	latestActivity := int64(0)
	var badges string
	var showcountry bool
	err = md.DB.QueryRow("SELECT users.id, users.username, register_datetime, rank, latest_activity, users_stats.username_aka, users_stats.badges_shown, users_stats.country, users_stats.show_country FROM users LEFT JOIN users_stats ON users.id=users_stats.id WHERE users.id=? LIMIT 1", uid).Scan(
		&user.ID, &user.Username, &registeredOn, &user.Rank, &latestActivity, &user.UsernameAKA, &badges, &user.Country, &showcountry)
	switch {
	case err == sql.ErrNoRows:
		r.Code = 404
		r.Message = "No such user was found!"
		return
	case err != nil:
		md.C.Error(err)
		r = Err500
		return
	}

	user.RegisteredOn = time.Unix(registeredOn, 0)
	user.LatestActivity = time.Unix(latestActivity, 0)

	badgesSl := strings.Split(badges, ",")
	for _, badge := range badgesSl {
		if badge != "" && badge != "0" {
			// We are ignoring errors because who really gives a shit if something's gone wrong on our end in this
			// particular thing, we can just silently ignore this.
			nb, err := strconv.Atoi(badge)
			if err == nil && nb != 0 {
				user.Badges = append(user.Badges, nb)
			}
		}
	}

	// If the user wants to stay anonymous, don't show their country.
	// This can be overriden if we have the ReadConfidential privilege and the user we are accessing is the token owner.
	if !(showcountry || (md.User.Privileges.HasPrivilegeReadConfidential() && user.ID == md.User.UserID)) {
		user.Country = "XX"
	}

	r.Code = 200
	r.Data = user
	return
}
Initial commit 2016-04-03 17:59:27 +00:00			`// Package v1 implements the first version of the Ripple API.`
			`package v1`

			`import (`
			`"database/sql"`
			`"fmt"`
			`"strconv"`
			`"strings"`
			`"time"`

			`"github.com/osuripple/api/common"`
			`)`

			`type userData struct {`
			ID int `json:"id"`
			Username string `json:"username"`
			UsernameAKA string `json:"username_aka"`
			RegisteredOn time.Time `json:"registered_on"`
			Rank int `json:"rank"`
			LatestActivity time.Time `json:"latest_activity"`
			Country string `json:"country"`
			Badges []int `json:"badges"`
			`}`

			`// UserGET is the API handler for GET /user/:id`
			`func UserGET(md common.MethodData) (r common.Response) {`
			`var err error`
			`var uid int`
			`uidStr := md.C.Param("id")`
			`if uidStr == "self" {`
			`uid = md.User.UserID`
			`} else {`
			`uid, err = strconv.Atoi(uidStr)`
			`if err != nil {`
			`r.Code = 400`
			`r.Message = fmt.Sprintf("%s ain't a number", uidStr)`
			`return`
			`}`
			`}`

			`user := userData{}`

			`registeredOn := int64(0)`
			`latestActivity := int64(0)`
			`var badges string`
			`var showcountry bool`
add badge read API 2016-04-03 20:31:41 +00:00			`err = md.DB.QueryRow("SELECT users.id, users.username, register_datetime, rank, latest_activity, users_stats.username_aka, users_stats.badges_shown, users_stats.country, users_stats.show_country FROM users LEFT JOIN users_stats ON users.id=users_stats.id WHERE users.id=? LIMIT 1", uid).Scan(`
Initial commit 2016-04-03 17:59:27 +00:00			`&user.ID, &user.Username, &registeredOn, &user.Rank, &latestActivity, &user.UsernameAKA, &badges, &user.Country, &showcountry)`
			`switch {`
			`case err == sql.ErrNoRows:`
			`r.Code = 404`
			`r.Message = "No such user was found!"`
			`return`
			`case err != nil:`
			`md.C.Error(err)`
			`r = Err500`
			`return`
			`}`

			`user.RegisteredOn = time.Unix(registeredOn, 0)`
			`user.LatestActivity = time.Unix(latestActivity, 0)`

			`badgesSl := strings.Split(badges, ",")`
			`for _, badge := range badgesSl {`
			`if badge != "" && badge != "0" {`
			`// We are ignoring errors because who really gives a shit if something's gone wrong on our end in this`
			`// particular thing, we can just silently ignore this.`
			`nb, err := strconv.Atoi(badge)`
			`if err == nil && nb != 0 {`
			`user.Badges = append(user.Badges, nb)`
			`}`
			`}`
			`}`

Show country if we have confidential privileges and we're looking at our user 2016-04-03 19:49:51 +00:00			`// If the user wants to stay anonymous, don't show their country.`
			`// This can be overriden if we have the ReadConfidential privilege and the user we are accessing is the token owner.`
			`if !(showcountry \|\| (md.User.Privileges.HasPrivilegeReadConfidential() && user.ID == md.User.UserID)) {`
Initial commit 2016-04-03 17:59:27 +00:00			`user.Country = "XX"`
			`}`

			`r.Code = 200`
			`r.Data = user`
			`return`
			`}`