nidus-sync/resource/user.go

package resource

import (
	"context"
	"fmt"
	"net/http"
	"strconv"

	"github.com/Gleipnir-Technology/nidus-sync/db/enums"
	"github.com/Gleipnir-Technology/nidus-sync/db/models"
	nhttp "github.com/Gleipnir-Technology/nidus-sync/http"
	"github.com/Gleipnir-Technology/nidus-sync/platform"
	"github.com/aarondl/opt/omit"
	"github.com/aarondl/opt/omitnull"
	"github.com/google/uuid"
	"github.com/gorilla/mux"
	"github.com/rs/zerolog/log"
)

type user struct {
	Avatar           omitnull.Val[string] `json:"avatar"`
	DisplayName      omit.Val[string]     `json:"display_name"`
	ID               omit.Val[int]        `json:"id"`
	Initials         omit.Val[string]     `json:"initials"`
	IsActive         omit.Val[bool]       `json:"is_active"`
	PasswordHash     omit.Val[string]     `json:"-"`
	PasswordHashType omit.Val[string]     `json:"-"`
	Role             omit.Val[string]     `json:"role"`
	Tags             omit.Val[[]string]   `json:"tags"`
	URI              omit.Val[string]     `json:"uri"`
	Username         omit.Val[string]     `json:"username"`
}

func User(r *router) *userR {
	return &userR{
		router: r,
	}
}
func (res *userR) response(u *platform.User) (*user, error) {
	if u == nil {
		return nil, fmt.Errorf("nil user")
	}
	avatar, err := res.router.UUIDToURI("avatar.ByUUIDGet", u.Avatar)
	if err != nil {
		return nil, fmt.Errorf("id to uri: %w", err)
	}
	uri, err := res.router.IDToURI("user.ByIDGet", u.ID)
	if err != nil {
		return nil, fmt.Errorf("id to uri: %w", err)
	}
	tags := make([]string, 0)
	if u.IsDronePilot {
		tags = append(tags, "drone pilot")
	}
	if u.IsWarrant {
		tags = append(tags, "warrant")
	}
	return &user{
		Avatar:      omitnull.FromPtr(avatar),
		DisplayName: omit.From(u.DisplayName),
		ID:          omit.From(int(u.ID)),
		Initials:    omit.From(u.Initials),
		IsActive:    omit.From(u.Active),
		Role:        omit.From(u.Role),
		Tags:        omit.From(tags),
		URI:         omit.From(uri),
		Username:    omit.From(u.Username),
	}, nil
}

type userR struct {
	router *router
}
type responseListUser struct {
	Users []*platform.User `json:"users"`
}

func (res *userR) ByIDGet(ctx context.Context, r *http.Request, user platform.User, query QueryParams) (*platform.User, *nhttp.ErrorWithStatus) {
	vars := mux.Vars(r)
	user_id_str := vars["id"]
	user_id, err := strconv.Atoi(user_id_str)
	u, err := platform.UserByID(ctx, int32(user_id))
	if err != nil {
		return nil, nhttp.NewError("get user: %w", err)
	}
	return u, nil
}

func (res *userR) ByIDPut(ctx context.Context, r *http.Request, user platform.User, updates user) (string, *nhttp.ErrorWithStatus) {
	vars := mux.Vars(r)
	user_id_str := vars["id"]
	user_id, err := strconv.Atoi(user_id_str)
	if err != nil {
		return "", nhttp.NewErrorStatus(http.StatusBadRequest, "user id conversion: %w", err)
	}
	user_changes := &models.UserSetter{}
	if !(user.HasRoot() || user.IsAccountOwner() || user.ID == user_id) {
		return "", nhttp.NewForbidden("Only account owners can change other users")
	}
	if updates.Avatar.IsValue() {
		avatar_uuid, err := res.router.UUIDFromURI("avatar.ByUUIDGet", updates.Avatar.MustGet())
		if err != nil {
			return "", nhttp.NewBadRequest("parse avatar uri: %w", err)
		}
		user_changes.Avatar = omitnull.FromPtr(avatar_uuid)
	} else if updates.Avatar.IsNull() {
		user_changes.Avatar = omitnull.FromPtr[uuid.UUID](nil)
	}
	if updates.DisplayName.IsValue() {
		user_changes.DisplayName = updates.DisplayName
	}
	if updates.Role.IsValue() {
		// Don't allow privilege escalation
		if user.HasRoot() || user.IsAccountOwner() {
			var role enums.Userrole
			v := updates.Role.MustGet()
			err := role.Scan(v)
			if err != nil {
				return "", nhttp.NewBadRequest("invalid role %s: %w", v, err)
			}
			user_changes.Role = omit.From(role)
		} else {
			return "", nhttp.NewBadRequest("you aren't allowed to change roles")
		}
	}
	if updates.Tags.IsValue() {
		for i, v := range updates.Tags.MustGet() {
			user_changes.IsDronePilot = omit.From(false)
			user_changes.IsWarrant = omit.From(false)
			switch v {
			case "drone pilot":
				user_changes.IsDronePilot = omit.From(true)
			case "warrant":
				user_changes.IsWarrant = omit.From(true)
			default:
				return "", nhttp.NewBadRequest("'%s' (item %d) is not a valid tag", v, i)
			}
		}
	}

	err = platform.UserUpdate(ctx, user, user_id, user_changes)
	if err != nil {
		return "", nhttp.NewError("user update: %w", err)
	}
	return "", nil
}

func (res *userR) SelfGet(ctx context.Context, r *http.Request, user platform.User, query QueryParams) (*user, *nhttp.ErrorWithStatus) {
	resp, err := res.response(&user)
	if err != nil {
		return nil, nhttp.NewError("create response: %w", err)
	}
	return resp, nil
}

func (res *userR) List(ctx context.Context, r *http.Request, u platform.User, query QueryParams) ([]*user, *nhttp.ErrorWithStatus) {
	users, err := platform.UserList(ctx, u)
	if err != nil {
		return nil, nhttp.NewError("list users: %w", err)
	}
	results := make([]*user, len(users))
	log.Debug().Int("len", len(users)).Msg("building response")
	for i, v := range users {
		log.Debug().Int("i", i).Msg("making results")
		resp, err := res.response(v)
		if err != nil {
			return nil, nhttp.NewError("create response: %w", err)
		}
		results[i] = resp
	}
	return results, nil
}

type responseListUserSuggestion struct {
	Users []*platform.User `json:"users"`
}

func (res *userR) SuggestionGet(ctx context.Context, r *http.Request, user platform.User, query QueryParams) (*responseListUserSuggestion, *nhttp.ErrorWithStatus) {
	if query.Query == nil {
		return nil, nhttp.NewErrorStatus(http.StatusBadRequest, "you need to include a query")
	}
	users, err := platform.UserSuggestion(ctx, user, *query.Query)
	if err != nil {
		return nil, nhttp.NewError("query suggestions: %w", err)
	}
	return &responseListUserSuggestion{
		Users: users,
	}, nil
}
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`package resource`

			`import (`
			`"context"`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`"fmt"`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`"net/http"`
			`"strconv"`

Fix being able to set the role 2026-04-02 14:30:07 +00:00			`"github.com/Gleipnir-Technology/nidus-sync/db/enums"`
Add reverse parsing of a URI. Yay. I did it. All the work is worth it now. 2026-04-01 22:01:31 +00:00			`"github.com/Gleipnir-Technology/nidus-sync/db/models"`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`nhttp "github.com/Gleipnir-Technology/nidus-sync/http"`
			`"github.com/Gleipnir-Technology/nidus-sync/platform"`
Structure PUT by using omit.Value 2026-04-02 13:28:18 +00:00			`"github.com/aarondl/opt/omit"`
Add reverse parsing of a URI. Yay. I did it. All the work is worth it now. 2026-04-01 22:01:31 +00:00			`"github.com/aarondl/opt/omitnull"`
Fix user data displays 2026-04-02 14:03:07 +00:00			`"github.com/google/uuid"`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`"github.com/gorilla/mux"`
			`"github.com/rs/zerolog/log"`
			`)`

Add separate session endpoint for additional non-user data This is conceptually much cleaner that encumbering the user object. 2026-04-02 01:07:55 +00:00			`type user struct {`
Structure PUT by using omit.Value 2026-04-02 13:28:18 +00:00			Avatar omitnull.Val[string] `json:"avatar"`
			DisplayName omit.Val[string] `json:"display_name"`
			ID omit.Val[int] `json:"id"`
			Initials omit.Val[string] `json:"initials"`
			IsActive omit.Val[bool] `json:"is_active"`
			PasswordHash omit.Val[string] `json:"-"`
			PasswordHashType omit.Val[string] `json:"-"`
			Role omit.Val[string] `json:"role"`
			Tags omit.Val[[]string] `json:"tags"`
			URI omit.Val[string] `json:"uri"`
			Username omit.Val[string] `json:"username"`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`}`

Properly set Avatar value to null 2026-04-01 20:35:00 +00:00			`func User(r router) userR {`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`return &userR{`
			`router: r,`
			`}`
			`}`
Add separate session endpoint for additional non-user data This is conceptually much cleaner that encumbering the user object. 2026-04-02 01:07:55 +00:00			`func (res userR) response(u platform.User) (*user, error) {`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`if u == nil {`
			`return nil, fmt.Errorf("nil user")`
			`}`
Properly set Avatar value to null 2026-04-01 20:35:00 +00:00			`avatar, err := res.router.UUIDToURI("avatar.ByUUIDGet", u.Avatar)`
			`if err != nil {`
			`return nil, fmt.Errorf("id to uri: %w", err)`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`}`
Properly set Avatar value to null 2026-04-01 20:35:00 +00:00			`uri, err := res.router.IDToURI("user.ByIDGet", u.ID)`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`if err != nil {`
Properly set Avatar value to null 2026-04-01 20:35:00 +00:00			`return nil, fmt.Errorf("id to uri: %w", err)`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`}`
Fix saving of tags on users 2026-04-02 15:25:51 +00:00			`tags := make([]string, 0)`
			`if u.IsDronePilot {`
			`tags = append(tags, "drone pilot")`
			`}`
			`if u.IsWarrant {`
			`tags = append(tags, "warrant")`
			`}`
Add separate session endpoint for additional non-user data This is conceptually much cleaner that encumbering the user object. 2026-04-02 01:07:55 +00:00			`return &user{`
Structure PUT by using omit.Value 2026-04-02 13:28:18 +00:00			`Avatar: omitnull.FromPtr(avatar),`
			`DisplayName: omit.From(u.DisplayName),`
			`ID: omit.From(int(u.ID)),`
			`Initials: omit.From(u.Initials),`
			`IsActive: omit.From(u.Active),`
			`Role: omit.From(u.Role),`
Fix saving of tags on users 2026-04-02 15:25:51 +00:00			`Tags: omit.From(tags),`
Structure PUT by using omit.Value 2026-04-02 13:28:18 +00:00			`URI: omit.From(uri),`
			`Username: omit.From(u.Username),`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`}, nil`
			`}`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`type userR struct {`
Properly set Avatar value to null 2026-04-01 20:35:00 +00:00			`router *router`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`}`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`type responseListUser struct {`
			Users []*platform.User `json:"users"`
			`}`

			`func (res userR) ByIDGet(ctx context.Context, r http.Request, user platform.User, query QueryParams) (platform.User, nhttp.ErrorWithStatus) {`
			`vars := mux.Vars(r)`
			`user_id_str := vars["id"]`
			`user_id, err := strconv.Atoi(user_id_str)`
			`u, err := platform.UserByID(ctx, int32(user_id))`
			`if err != nil {`
			`return nil, nhttp.NewError("get user: %w", err)`
			`}`
			`return u, nil`
			`}`

Add separate session endpoint for additional non-user data This is conceptually much cleaner that encumbering the user object. 2026-04-02 01:07:55 +00:00			`func (res userR) ByIDPut(ctx context.Context, r http.Request, user platform.User, updates user) (string, *nhttp.ErrorWithStatus) {`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`vars := mux.Vars(r)`
			`user_id_str := vars["id"]`
			`user_id, err := strconv.Atoi(user_id_str)`
			`if err != nil {`
Structure PUT by using omit.Value 2026-04-02 13:28:18 +00:00			`return "", nhttp.NewErrorStatus(http.StatusBadRequest, "user id conversion: %w", err)`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`}`
Add reverse parsing of a URI. Yay. I did it. All the work is worth it now. 2026-04-01 22:01:31 +00:00			`user_changes := &models.UserSetter{}`
Fix being able to set the role 2026-04-02 14:30:07 +00:00			`if !(user.HasRoot() \|\| user.IsAccountOwner() \|\| user.ID == user_id) {`
Make it possible to change more user fields 2026-04-02 14:22:45 +00:00			`return "", nhttp.NewForbidden("Only account owners can change other users")`
			`}`
Structure PUT by using omit.Value 2026-04-02 13:28:18 +00:00			`if updates.Avatar.IsValue() {`
			`avatar_uuid, err := res.router.UUIDFromURI("avatar.ByUUIDGet", updates.Avatar.MustGet())`
Add reverse parsing of a URI. Yay. I did it. All the work is worth it now. 2026-04-01 22:01:31 +00:00			`if err != nil {`
			`return "", nhttp.NewBadRequest("parse avatar uri: %w", err)`
			`}`
			`user_changes.Avatar = omitnull.FromPtr(avatar_uuid)`
Fix user data displays 2026-04-02 14:03:07 +00:00			`} else if updates.Avatar.IsNull() {`
			`user_changes.Avatar = omitnull.FromPtr[uuid.UUID](nil)`
Add reverse parsing of a URI. Yay. I did it. All the work is worth it now. 2026-04-01 22:01:31 +00:00			`}`
Structure PUT by using omit.Value 2026-04-02 13:28:18 +00:00			`if updates.DisplayName.IsValue() {`
			`user_changes.DisplayName = updates.DisplayName`
			`}`
Make it possible to change more user fields 2026-04-02 14:22:45 +00:00			`if updates.Role.IsValue() {`
			`// Don't allow privilege escalation`
Fix being able to set the role 2026-04-02 14:30:07 +00:00			`if user.HasRoot() \|\| user.IsAccountOwner() {`
			`var role enums.Userrole`
			`v := updates.Role.MustGet()`
			`err := role.Scan(v)`
			`if err != nil {`
			`return "", nhttp.NewBadRequest("invalid role %s: %w", v, err)`
			`}`
			`user_changes.Role = omit.From(role)`
Make it possible to change more user fields 2026-04-02 14:22:45 +00:00			`} else {`
			`return "", nhttp.NewBadRequest("you aren't allowed to change roles")`
			`}`
			`}`
			`if updates.Tags.IsValue() {`
			`for i, v := range updates.Tags.MustGet() {`
			`user_changes.IsDronePilot = omit.From(false)`
			`user_changes.IsWarrant = omit.From(false)`
			`switch v {`
			`case "drone pilot":`
			`user_changes.IsDronePilot = omit.From(true)`
			`case "warrant":`
			`user_changes.IsWarrant = omit.From(true)`
			`default:`
			`return "", nhttp.NewBadRequest("'%s' (item %d) is not a valid tag", v, i)`
			`}`
			`}`
			`}`

Add reverse parsing of a URI. Yay. I did it. All the work is worth it now. 2026-04-01 22:01:31 +00:00			`err = platform.UserUpdate(ctx, user, user_id, user_changes)`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`if err != nil {`
			`return "", nhttp.NewError("user update: %w", err)`
			`}`
			`return "", nil`
			`}`

Add separate session endpoint for additional non-user data This is conceptually much cleaner that encumbering the user object. 2026-04-02 01:07:55 +00:00			`func (res userR) SelfGet(ctx context.Context, r http.Request, user platform.User, query QueryParams) (user, nhttp.ErrorWithStatus) {`
			`resp, err := res.response(&user)`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`if err != nil {`
Add separate session endpoint for additional non-user data This is conceptually much cleaner that encumbering the user object. 2026-04-02 01:07:55 +00:00			`return nil, nhttp.NewError("create response: %w", err)`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`}`
Add separate session endpoint for additional non-user data This is conceptually much cleaner that encumbering the user object. 2026-04-02 01:07:55 +00:00			`return resp, nil`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`}`

Add separate session endpoint for additional non-user data This is conceptually much cleaner that encumbering the user object. 2026-04-02 01:07:55 +00:00			`func (res userR) List(ctx context.Context, r http.Request, u platform.User, query QueryParams) ([]user, nhttp.ErrorWithStatus) {`
			`users, err := platform.UserList(ctx, u)`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`if err != nil {`
			`return nil, nhttp.NewError("list users: %w", err)`
			`}`
Add separate session endpoint for additional non-user data This is conceptually much cleaner that encumbering the user object. 2026-04-02 01:07:55 +00:00			`results := make([]*user, len(users))`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`log.Debug().Int("len", len(users)).Msg("building response")`
			`for i, v := range users {`
			`log.Debug().Int("i", i).Msg("making results")`
			`resp, err := res.response(v)`
			`if err != nil {`
			`return nil, nhttp.NewError("create response: %w", err)`
			`}`
			`results[i] = resp`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`}`
Start creating user resources without ID. 2026-04-01 20:22:15 +00:00			`return results, nil`
Move QueryParams to resource module 2026-04-01 18:12:46 +00:00			`}`

			`type responseListUserSuggestion struct {`
			Users []*platform.User `json:"users"`
			`}`

			`func (res userR) SuggestionGet(ctx context.Context, r http.Request, user platform.User, query QueryParams) (responseListUserSuggestion, nhttp.ErrorWithStatus) {`
			`if query.Query == nil {`
			`return nil, nhttp.NewErrorStatus(http.StatusBadRequest, "you need to include a query")`
			`}`
			`users, err := platform.UserSuggestion(ctx, user, *query.Query)`
			`if err != nil {`
			`return nil, nhttp.NewError("query suggestions: %w", err)`
			`}`
			`return &responseListUserSuggestion{`
			`Users: users,`
			`}, nil`
			`}`