Yay banning people!
This commit is contained in:
parent
c108da9bb3
commit
c4e03dc189
|
@ -46,6 +46,9 @@ func Start(conf common.Conf, db *sql.DB) *gin.Engine {
|
||||||
gv1.POST("/friends/del", Method(v1.FriendsDelPOST, db, common.PrivilegeWrite))
|
gv1.POST("/friends/del", Method(v1.FriendsDelPOST, db, common.PrivilegeWrite))
|
||||||
gv1.GET("/friends/del/:id", Method(v1.FriendsDelGET, db, common.PrivilegeWrite))
|
gv1.GET("/friends/del/:id", Method(v1.FriendsDelGET, db, common.PrivilegeWrite))
|
||||||
|
|
||||||
|
// Admin: user managing
|
||||||
|
gv1.POST("/users/manage/set_allowed", Method(v1.UserManageSetAllowedPOST, db, common.PrivilegeManageUser))
|
||||||
|
|
||||||
// M E T A
|
// M E T A
|
||||||
// E T "wow thats so meta"
|
// E T "wow thats so meta"
|
||||||
// T E -- the one who said "wow thats so meta"
|
// T E -- the one who said "wow thats so meta"
|
||||||
|
|
|
@ -150,8 +150,7 @@ func FriendsAddPOST(md common.MethodData) (r common.Response) {
|
||||||
d := friendAddPOSTData{}
|
d := friendAddPOSTData{}
|
||||||
err := md.RequestData.Unmarshal(&d)
|
err := md.RequestData.Unmarshal(&d)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
md.Err(err)
|
r = ErrBadJSON
|
||||||
r = Err500
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
return addFriend(md, d.UserID)
|
return addFriend(md, d.UserID)
|
||||||
|
@ -196,7 +195,7 @@ func addFriend(md common.MethodData, u int) (r common.Response) {
|
||||||
|
|
||||||
// userExists makes sure an user exists.
|
// userExists makes sure an user exists.
|
||||||
func userExists(md common.MethodData, u int) (r bool) {
|
func userExists(md common.MethodData, u int) (r bool) {
|
||||||
err := md.DB.QueryRow("SELECT EXISTS(SELECT 1 FROM users WHERE id = ?)", u).Scan(&r)
|
err := md.DB.QueryRow("SELECT EXISTS(SELECT 1 FROM users WHERE id = ? AND users.allowed='1')", u).Scan(&r)
|
||||||
if err != nil && err != sql.ErrNoRows {
|
if err != nil && err != sql.ErrNoRows {
|
||||||
md.Err(err)
|
md.Err(err)
|
||||||
}
|
}
|
||||||
|
@ -221,8 +220,7 @@ func FriendsDelPOST(md common.MethodData) (r common.Response) {
|
||||||
d := friendAddPOSTData{}
|
d := friendAddPOSTData{}
|
||||||
err := md.RequestData.Unmarshal(&d)
|
err := md.RequestData.Unmarshal(&d)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
md.Err(err)
|
r = ErrBadJSON
|
||||||
r = Err500
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
return delFriend(md, d.UserID)
|
return delFriend(md, d.UserID)
|
||||||
|
|
39
app/v1/manage_user.go
Normal file
39
app/v1/manage_user.go
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
package v1
|
||||||
|
|
||||||
|
import "github.com/osuripple/api/common"
|
||||||
|
|
||||||
|
type setAllowedData struct {
|
||||||
|
UserID int `json:"user_id"`
|
||||||
|
Allowed int `json:"allowed"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// UserManageSetAllowedPOST allows to set the allowed status of an user.
|
||||||
|
func UserManageSetAllowedPOST(md common.MethodData) (r common.Response) {
|
||||||
|
data := setAllowedData{}
|
||||||
|
if err := md.RequestData.Unmarshal(&data); err != nil {
|
||||||
|
r = ErrBadJSON
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if data.Allowed < 0 || data.Allowed > 2 {
|
||||||
|
r.Code = 400
|
||||||
|
r.Message = "Allowed status must be between 0 and 2"
|
||||||
|
return
|
||||||
|
}
|
||||||
|
_, err := md.DB.Exec("UPDATE users SET allowed = ? WHERE id = ?", data.Allowed, data.UserID)
|
||||||
|
if err != nil {
|
||||||
|
md.Err(err)
|
||||||
|
r = Err500
|
||||||
|
return
|
||||||
|
}
|
||||||
|
query := `
|
||||||
|
SELECT users.id, users.username, register_datetime, rank,
|
||||||
|
latest_activity, users_stats.username_aka,
|
||||||
|
users_stats.country, users_stats.show_country
|
||||||
|
FROM users
|
||||||
|
LEFT JOIN users_stats
|
||||||
|
ON users.id=users_stats.id
|
||||||
|
WHERE users.id=?
|
||||||
|
LIMIT 1`
|
||||||
|
r = userPuts(md, md.DB.QueryRow(query, data.UserID))
|
||||||
|
return
|
||||||
|
}
|
|
@ -45,7 +45,7 @@ SELECT users.id, users.username, register_datetime, rank,
|
||||||
FROM users
|
FROM users
|
||||||
LEFT JOIN users_stats
|
LEFT JOIN users_stats
|
||||||
ON users.id=users_stats.id
|
ON users.id=users_stats.id
|
||||||
WHERE users.id=?
|
WHERE users.id=? AND users.allowed='1'
|
||||||
LIMIT 1`
|
LIMIT 1`
|
||||||
r = userPuts(md, md.DB.QueryRow(query, uid))
|
r = userPuts(md, md.DB.QueryRow(query, uid))
|
||||||
return
|
return
|
||||||
|
@ -62,7 +62,7 @@ SELECT users.id, users.username, register_datetime, rank,
|
||||||
FROM users
|
FROM users
|
||||||
LEFT JOIN users_stats
|
LEFT JOIN users_stats
|
||||||
ON users.id=users_stats.id
|
ON users.id=users_stats.id
|
||||||
WHERE users.username=?
|
WHERE users.username=? AND users.allowed='1'
|
||||||
LIMIT 1`
|
LIMIT 1`
|
||||||
r = userPuts(md, md.DB.QueryRow(query, username))
|
r = userPuts(md, md.DB.QueryRow(query, username))
|
||||||
return
|
return
|
||||||
|
|
Loading…
Reference in New Issue
Block a user