github.com/saadullahsaeed/fragmenta-cms@v1.5.4/src/users/actions/update.go (about) 1 package useractions 2 3 import ( 4 "net/http" 5 6 "github.com/fragmenta/auth" 7 "github.com/fragmenta/auth/can" 8 "github.com/fragmenta/mux" 9 "github.com/fragmenta/server" 10 "github.com/fragmenta/view" 11 12 "github.com/fragmenta/fragmenta-cms/src/lib/session" 13 "github.com/fragmenta/fragmenta-cms/src/users" 14 ) 15 16 // HandleUpdateShow renders the form to update a user. 17 func HandleUpdateShow(w http.ResponseWriter, r *http.Request) error { 18 19 // Get the user params for id 20 params, err := mux.Params(r) 21 if err != nil { 22 return server.InternalError(err) 23 } 24 25 // Find the user 26 user, err := users.Find(params.GetInt(users.KeyName)) 27 if err != nil { 28 return server.NotFoundError(err) 29 } 30 31 // Authorise update user 32 currentUser := session.CurrentUser(w, r) 33 err = can.Update(user, currentUser) 34 if err != nil { 35 return server.NotAuthorizedError(err) 36 } 37 38 // Render the template 39 view := view.NewRenderer(w, r) 40 view.AddKey("currentUser", currentUser) 41 view.AddKey("user", user) 42 return view.Render() 43 } 44 45 // HandleUpdate handles the POST of the form to update a user 46 func HandleUpdate(w http.ResponseWriter, r *http.Request) error { 47 48 // Get the user params for id 49 params, err := mux.Params(r) 50 if err != nil { 51 return server.InternalError(err) 52 } 53 54 // Find the user 55 user, err := users.Find(params.GetInt(users.KeyName)) 56 if err != nil { 57 return server.NotFoundError(err) 58 } 59 60 // Check the authenticity token 61 err = session.CheckAuthenticity(w, r) 62 if err != nil { 63 return err 64 } 65 66 // Authorise update user 67 err = can.Update(user, user) 68 if err != nil { 69 return server.NotAuthorizedError(err) 70 } 71 72 // Convert the password param to a password_hash 73 hash, err := auth.HashPassword(params.Get("password")) 74 if err != nil { 75 return server.InternalError(err, "Problem hashing password") 76 } 77 params.SetString("password_hash", hash) 78 79 // Validate the params, removing any we don't accept 80 userParams := user.ValidateParams(params.Map(), users.AllowedParams()) 81 82 err = user.Update(userParams) 83 if err != nil { 84 return server.InternalError(err) 85 } 86 87 // Redirect to user 88 return server.Redirect(w, r, user.ShowURL()) 89 }