From af71442e79e851ec35e89044936ae9bf093ba301 Mon Sep 17 00:00:00 2001
From: Howl <the@howl.moe>
Date: Thu, 7 Apr 2016 11:20:35 +0200
Subject: [PATCH] Add basic friend logic

---
 app/start.go       |   3 ++
 app/v1/badge.go    |   1 +
 app/v1/friend.go   | 116 +++++++++++++++++++++++++++++++++++++++++++++
 common/paginate.go |  33 +++++++++++++
 4 files changed, 153 insertions(+)
 create mode 100644 app/v1/friend.go
 create mode 100644 common/paginate.go

diff --git a/app/start.go b/app/start.go
index fe1ac73..0099d6f 100644
--- a/app/start.go
+++ b/app/start.go
@@ -31,6 +31,9 @@ func Start(conf common.Conf, db *sql.DB) {
 			gv1.GET("/users/self", Method(v1.UserSelfGET, db, common.PrivilegeRead))
 			gv1.GET("/badges", Method(v1.BadgesGET, db, common.PrivilegeRead))
 			gv1.GET("/badges/:id", Method(v1.BadgeByIDGET, db, common.PrivilegeRead))
+
+			// ReadConfidential privilege required
+			gv1.GET("/friends", Method(v1.FriendsGET, db, common.PrivilegeReadConfidential))
 		}
 	}
 
diff --git a/app/v1/badge.go b/app/v1/badge.go
index e48981e..e8a9b6e 100644
--- a/app/v1/badge.go
+++ b/app/v1/badge.go
@@ -38,6 +38,7 @@ func BadgesGET(md common.MethodData) (r common.Response) {
 	if err != nil {
 		md.C.Error(err)
 		r = Err500
+		return
 	}
 	defer rows.Close()
 	for rows.Next() {
diff --git a/app/v1/friend.go b/app/v1/friend.go
new file mode 100644
index 0000000..f08307e
--- /dev/null
+++ b/app/v1/friend.go
@@ -0,0 +1,116 @@
+package v1
+
+import (
+	"database/sql"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/osuripple/api/common"
+)
+
+type friendData struct {
+	userData
+	IsMutual bool `json:"is_mutual"`
+}
+
+// FriendsGET is the API request handler for GET /friends.
+// It retrieves an user's friends, and whether the friendship is mutual or not.
+func FriendsGET(md common.MethodData) (r common.Response) {
+	var myFrienders []int
+	myFriendersRaw, err := md.DB.Query("SELECT user1 FROM users_relationships WHERE user2 = ?", md.User.UserID)
+	if err != nil {
+		md.C.Error(err)
+		r = Err500
+		return
+	}
+	defer myFriendersRaw.Close()
+	for myFriendersRaw.Next() {
+		var i int
+		err := myFriendersRaw.Scan(&i)
+		if err != nil {
+			md.C.Error(err)
+			continue
+		}
+		myFrienders = append(myFrienders, i)
+	}
+	if err := myFriendersRaw.Err(); err != nil {
+		md.C.Error(err)
+	}
+
+	// Yes.
+	myFriendsQuery := `
+SELECT 
+	users.id, users.username, users.register_datetime, users.rank, users.latest_activity,
+	
+	users_stats.username_aka, users_stats.badges_shown,
+	users_stats.country, users_stats.show_country
+FROM users_relationships
+LEFT JOIN users
+ON users_relationships.user2 = users.id
+LEFT JOIN users_stats
+ON users_relationships.user2=users_stats.id
+WHERE users_relationships.user1=?
+ORDER BY users_relationships.id`
+
+	results, err := md.DB.Query(myFriendsQuery+common.Paginate(md.C.Query("p"), md.C.Query("l")), md.User.UserID)
+	if err != nil {
+		md.C.Error(err)
+		r = Err500
+		return
+	}
+
+	var myFriends []friendData
+
+	defer results.Close()
+	for results.Next() {
+		newFriend := friendPuts(md, results)
+		for _, uid := range myFrienders {
+			if uid == newFriend.ID {
+				newFriend.IsMutual = true
+				break
+			}
+		}
+		myFriends = append(myFriends, newFriend)
+	}
+	if err := results.Err(); err != nil {
+		md.C.Error(err)
+	}
+	return
+}
+
+func friendPuts(md common.MethodData, row *sql.Rows) (user friendData) {
+	var err error
+
+	registeredOn := int64(0)
+	latestActivity := int64(0)
+	var badges string
+	var showcountry bool
+	err = row.Scan(&user.ID, &user.Username, &registeredOn, &user.Rank, &latestActivity, &user.UsernameAKA, &badges, &user.Country, &showcountry)
+	if err != nil {
+		md.C.Error(err)
+		return
+	}
+
+	user.RegisteredOn = time.Unix(registeredOn, 0)
+	user.LatestActivity = time.Unix(latestActivity, 0)
+
+	badgesSl := strings.Split(badges, ",")
+	for _, badge := range badgesSl {
+		if badge != "" && badge != "0" {
+			// We are ignoring errors because who really gives a shit if something's gone wrong on our end in this
+			// particular thing, we can just silently ignore this.
+			nb, err := strconv.Atoi(badge)
+			if err == nil && nb != 0 {
+				user.Badges = append(user.Badges, nb)
+			}
+		}
+	}
+
+	// If the user wants to stay anonymous, don't show their country.
+	// This can be overriden if we have the ReadConfidential privilege and the user we are accessing is the token owner.
+	if !(showcountry || (md.User.Privileges.HasPrivilegeReadConfidential() && user.ID == md.User.UserID)) {
+		user.Country = "XX"
+	}
+	return
+}
diff --git a/common/paginate.go b/common/paginate.go
new file mode 100644
index 0000000..27c9f9f
--- /dev/null
+++ b/common/paginate.go
@@ -0,0 +1,33 @@
+package common
+
+import (
+	"fmt"
+	"strconv"
+)
+
+// Paginate creates an additional SQL LIMIT clause for paginating.
+func Paginate(page, limit string) string {
+	var (
+		pInt int
+		lInt int
+		err  error
+	)
+	if page == "" {
+		pInt = 1
+	} else {
+		pInt, err = strconv.Atoi(page)
+		if err != nil {
+			pInt = 1
+		}
+	}
+	if limit == "" {
+		lInt = 50
+	} else {
+		lInt, err = strconv.Atoi(limit)
+		if err != nil {
+			lInt = 50
+		}
+	}
+	start := (pInt - 1) * lInt
+	return fmt.Sprintf(" LIMIT %d,%d ", start, lInt)
+}