Jan Dittberner
335ce16547
- drop migration 2022052601_drop_unused_decisions_colums because it was implicitly part of an earlier migration - add /health endpoint for database health check - add tests for the health check endpoint - add tests for middleware secureHeaders, logRequest and tryAuthenticate - add models.UserModel.CreateUser method
99 lines
4 KiB
Go
99 lines
4 KiB
Go
/*
|
|
Copyright 2017-2022 CAcert Inc.
|
|
SPDX-License-Identifier: Apache-2.0
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"io/fs"
|
|
"net/http"
|
|
|
|
"github.com/julienschmidt/httprouter"
|
|
"github.com/justinas/alice"
|
|
"github.com/vearutop/statigz"
|
|
"github.com/vearutop/statigz/brotli"
|
|
|
|
"git.cacert.org/cacert-boardvoting/ui"
|
|
)
|
|
|
|
func (app *application) routes() http.Handler {
|
|
staticDir, _ := fs.Sub(ui.Files, "static")
|
|
|
|
staticData, ok := staticDir.(fs.ReadDirFS)
|
|
if !ok {
|
|
app.errorLog.Fatal("could not use uiStaticDir as fs.ReadDirFS")
|
|
}
|
|
|
|
fileServer := statigz.FileServer(staticData, brotli.AddEncoding, statigz.EncodeOnInit)
|
|
|
|
router := httprouter.New()
|
|
|
|
router.NotFound = http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { app.notFound(w) })
|
|
router.PanicHandler = func(w http.ResponseWriter, _ *http.Request, err interface{}) {
|
|
w.Header().Set("Connection", "close")
|
|
app.serverError(w, fmt.Errorf("%s", err))
|
|
}
|
|
|
|
router.Handler(
|
|
http.MethodGet,
|
|
"/",
|
|
http.RedirectHandler("/motions/", http.StatusMovedPermanently),
|
|
)
|
|
router.Handler(
|
|
http.MethodGet,
|
|
"/favicon.ico",
|
|
http.RedirectHandler("/static/images/favicon.ico", http.StatusMovedPermanently),
|
|
)
|
|
router.Handler(http.MethodGet, "/static/*filepath", http.StripPrefix("/static", fileServer))
|
|
|
|
dynamic := alice.New(
|
|
app.sessionManager.LoadAndSave,
|
|
app.tryAuthenticate,
|
|
)
|
|
|
|
canVote := dynamic.Append(app.userCanVote, noSurf)
|
|
canEditVote := dynamic.Append(app.userCanEditVote, noSurf)
|
|
canManageUsers := dynamic.Append(app.userCanChangeVoters, noSurf)
|
|
|
|
router.Handler(http.MethodGet, "/motions/", dynamic.ThenFunc(app.motionList))
|
|
router.Handler(http.MethodGet, "/motions/:tag", dynamic.ThenFunc(app.motionDetails))
|
|
router.Handler(http.MethodGet, "/motions/:tag/edit", canEditVote.ThenFunc(app.editMotionForm))
|
|
router.Handler(http.MethodPost, "/motions/:tag/edit", canEditVote.ThenFunc(app.editMotionSubmit))
|
|
router.Handler(http.MethodGet, "/motions/:tag/withdraw", canEditVote.ThenFunc(app.withdrawMotionForm))
|
|
router.Handler(http.MethodPost, "/motions/:tag/withdraw", canEditVote.ThenFunc(app.withdrawMotionSubmit))
|
|
router.Handler(http.MethodGet, "/vote/:tag/:choice", canVote.ThenFunc(app.voteForm))
|
|
router.Handler(http.MethodPost, "/vote/:tag/:choice", canVote.ThenFunc(app.voteSubmit))
|
|
router.Handler(http.MethodGet, "/proxy/:tag", canVote.ThenFunc(app.proxyVoteForm))
|
|
router.Handler(http.MethodPost, "/proxy/:tag", canVote.ThenFunc(app.proxyVoteSubmit))
|
|
router.Handler(http.MethodGet, "/newmotion/", canEditVote.ThenFunc(app.newMotionForm))
|
|
router.Handler(http.MethodPost, "/newmotion/", canEditVote.ThenFunc(app.newMotionSubmit))
|
|
|
|
router.Handler(http.MethodGet, "/users/", canManageUsers.ThenFunc(app.userList))
|
|
router.Handler(http.MethodPost, "/users/", canManageUsers.ThenFunc(app.submitUserRoles))
|
|
router.Handler(http.MethodGet, "/users/:id/", canManageUsers.ThenFunc(app.editUserForm))
|
|
router.Handler(http.MethodPost, "/users/:id/", canManageUsers.ThenFunc(app.editUserSubmit))
|
|
router.Handler(http.MethodGet, "/users/:id/add-mail", canManageUsers.ThenFunc(app.userAddEmailForm))
|
|
router.Handler(http.MethodPost, "/users/:id/add-mail", canManageUsers.ThenFunc(app.userAddEmailSubmit))
|
|
router.Handler(http.MethodGet, "/users/:id/delete", canManageUsers.ThenFunc(app.deleteUserForm))
|
|
router.Handler(http.MethodPost, "/users/:id/delete", canManageUsers.ThenFunc(app.deleteUserSubmit))
|
|
|
|
router.HandlerFunc(http.MethodGet, "/health", app.healthCheck)
|
|
|
|
standard := alice.New(app.logRequest, secureHeaders)
|
|
|
|
return standard.Then(router)
|
|
}
|