84 lines
3.0 KiB
Go
84 lines
3.0 KiB
Go
package accountapiimp
|
|
|
|
import (
|
|
"encoding/json"
|
|
"errors"
|
|
"net/http"
|
|
|
|
"github.com/tech/sendico/pkg/api/http/response"
|
|
"github.com/tech/sendico/pkg/merrors"
|
|
"github.com/tech/sendico/pkg/model"
|
|
"github.com/tech/sendico/pkg/mservice"
|
|
"github.com/tech/sendico/pkg/mutil/mzap"
|
|
"github.com/tech/sendico/server/interface/api/sresponse"
|
|
"go.uber.org/zap"
|
|
)
|
|
|
|
func (a *AccountAPI) updateEmployee(r *http.Request, account *model.Account, token *sresponse.TokenData) http.HandlerFunc {
|
|
orgRef, err := a.getCurrentOrganizationRef(r)
|
|
if err != nil {
|
|
a.logger.Warn("Failed to get current organization", zap.Error(err), mzap.StorableRef(account))
|
|
return response.BadRequest(a.logger, a.Name(), "invalid_organization_context", "Invalid organization context")
|
|
}
|
|
|
|
// Validate user input
|
|
var u model.AccountPublic
|
|
if err := json.NewDecoder(r.Body).Decode(&u); err != nil {
|
|
a.logger.Warn("Failed to decide profile update", zap.Error(err))
|
|
return response.Internal(a.logger, a.Name(), err)
|
|
}
|
|
|
|
ctx := r.Context()
|
|
res, err := a.enf.Enforce(ctx, a.accountsPermissionRef, account.ID, orgRef, u.ID, model.ActionUpdate)
|
|
if err != nil {
|
|
a.logger.Warn("Failed to check employee update permission", zap.Error(err), mzap.StorableRef(account), mzap.ObjRef("employee_ref", u.ID))
|
|
return response.Auto(a.logger, a.Name(), err)
|
|
}
|
|
if !res {
|
|
a.logger.Debug("Permission deined for employee update", mzap.StorableRef(account), mzap.ObjRef("employee_ref", u.ID))
|
|
return response.Auto(a.logger, a.Name(), merrors.AccessDenied(mservice.Accounts, string(model.ActionUpdate), u.ID))
|
|
}
|
|
|
|
if u.Login == "" {
|
|
a.logger.Debug("No email in request")
|
|
return a.reportEmailMissing()
|
|
}
|
|
if u.Name == "" {
|
|
a.logger.Debug("No name in request")
|
|
return response.BadRequest(a.logger, a.Name(), "name_missing", "name is required")
|
|
}
|
|
|
|
var acc model.Account
|
|
if err := a.db.Get(ctx, u.ID, &acc); err != nil {
|
|
a.logger.Warn("Failed to fetch employee account", zap.Error(err), mzap.ObjRef("employee_ref", u.ID))
|
|
return response.Auto(a.logger, a.Name(), err)
|
|
}
|
|
if acc.Login != u.Login {
|
|
// Change email address
|
|
verificationToken, err := a.accService.UpdateLogin(ctx, &acc, u.Login)
|
|
if err != nil {
|
|
if errors.Is(err, merrors.ErrDataConflict) {
|
|
a.logger.Debug("Duplicate login, denying change...", zap.Error(err), mzap.ObjRef("employee_ref", u.ID))
|
|
return a.reportDuplicateEmail()
|
|
}
|
|
a.logger.Warn("Error while updating login", zap.Error(err), mzap.ObjRef("employee_ref", u.ID))
|
|
return response.Internal(a.logger, a.Name(), err)
|
|
}
|
|
|
|
// Send verification email
|
|
if err = a.sendWelcomeEmail(&acc, verificationToken); err != nil {
|
|
a.logger.Warn("Failed to send verification email", zap.Error(err), mzap.StorableRef(&acc))
|
|
return response.Internal(a.logger, a.Name(), err)
|
|
}
|
|
} else {
|
|
// Save the user
|
|
acc.AccountPublic = u
|
|
if err = a.db.Update(ctx, &acc); err != nil {
|
|
a.logger.Warn("Failed to save account", zap.Error(err), mzap.StorableRef(&acc))
|
|
return response.Internal(a.logger, a.Name(), err)
|
|
}
|
|
}
|
|
|
|
return sresponse.Account(a.logger, &acc, token)
|
|
}
|