Refactoring

Makefile

@@ -1,5 +1,5 @@
 BIN=guichet
-SRC=main.go model.go view.go controller.go utils.go model-user.go view-admin.go view-home.go view-invite.go view-login.go view-passwd.go view-user.go utils-http.go utils-ldap.go utils-config.go directory.go garage.go picture.go session.go utils-ssha.go 
+SRC=main.go model.go view.go controller.go utils.go model-user.go model-passwd.go view-admin.go view-home.go view-invite.go view-login.go view-passwd.go view-user.go utils-http.go utils-ldap.go utils-config.go directory.go garage.go picture.go session.go utils-ssha.go 
 
 # ssha.go profile.go admin.go invite.go directory.go utils.go picture.go login.go config.go http-utils.go home.go model-user.go gpas.go session.go model.go view.go controller.go utils-ldap.go
 

controller.go

@@ -65,7 +65,7 @@ func makeGVRouter() (*mux.Router, error) {
 
 	r.HandleFunc("/session/logout", handleLogout)
 
-	r.HandleFunc("/user", handleProfile)
+	r.HandleFunc("/user", handleUser)
 	r.HandleFunc("/user/new", handleInviteNewAccount)
 
 	r.HandleFunc("/picture/{name}", handleDownloadPicture)

view-passwd.go

@@ -1,169 +1,110 @@
-/*
-gpas is GVoisin password reset
-*/
-
-package main
-
-import (
-	"bytes"
-	"errors"
-	"fmt"
-	"html/template"
-	"log"
-
-	// "github.com/emersion/go-sasl"
-	// "github.com/emersion/go-smtp"
-	"net/smtp"
-
-	"github.com/go-ldap/ldap/v3"
-	// "strings"
-	b64 "encoding/base64"
-)
-
-// type InvitationAccount struct {
-// 	UID string
-// 	Password string
-// 	BaseDN string
-// }
-
-// var EMAIL_REGEXP := regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
-
-func passwordLost(user User, config *ConfigFile, ldapConn *ldap.Conn) error {
-	if user.CN == "" && user.Mail == "" && user.OtherMailbox == "" {
-		return errors.New("Il n'y a pas de quoi identifier l'utilisateur")
-	}
-	searchFilter := "(|"
-	if user.CN != "" {
-		searchFilter += "(cn=" + user.UID + ")"
-	}
-	if user.Mail != "" {
-		searchFilter += "(mail=" + user.Mail + ")"
-	}
-	if user.OtherMailbox != "" {
-		searchFilter += "(carLicense=" + user.OtherMailbox + ")"
-	}
-	searchFilter += ")"
-	searchReq := ldap.NewSearchRequest(config.UserBaseDN, ldap.ScopeSingleLevel, ldap.NeverDerefAliases, 0, 0, false, searchFilter, []string{"cn", "uid", "mail", "carLicense", "sn", "displayName", "givenName"}, nil)
-	searchRes, err := ldapConn.Search(searchReq)
-	if err != nil {
-		log.Printf(fmt.Sprintf("passwordLost 49 : %v %v", err, ldapConn))
-		log.Printf(fmt.Sprintf("passwordLost 50 : %v", searchReq))
-		log.Printf(fmt.Sprintf("passwordLost 51: %v", user))
-		return err
-	}
-	if len(searchRes.Entries) == 0 {
-		log.Printf("Il n'y a pas d'utilisateur qui correspond %v", searchReq)
-		return errors.New("Il n'y a pas d'utilisateur qui correspond")
-	}
-	// log.Printf(fmt.Sprintf("passwordLost 58 : %v", user))
-	// log.Printf(fmt.Sprintf("passwordLost 59 : %v", searchRes.Entries[0]))
-	// log.Printf(fmt.Sprintf("passwordLost 60 : %v", searchRes.Entries[0].GetAttributeValue("cn")))
-	// log.Printf(fmt.Sprintf("passwordLost 61 : %v", searchRes.Entries[0].GetAttributeValue("uid")))
-	// log.Printf(fmt.Sprintf("passwordLost 62 : %v", searchRes.Entries[0].GetAttributeValue("mail")))
-	// log.Printf(fmt.Sprintf("passwordLost 63 : %v", searchRes.Entries[0].GetAttributeValue("carLicense")))
-	// Préparation du courriel à envoyer
-	user.Password = suggestPassword()
-	code := b64.URLEncoding.EncodeToString([]byte(user.UID + ";" + user.Password))
-	user.DN = "uid=" + searchRes.Entries[0].GetAttributeValue("cn") + ",ou=invitations,dc=resdigita,dc=org"
-	user.UID = searchRes.Entries[0].GetAttributeValue("cn")
-	user.CN = searchRes.Entries[0].GetAttributeValue("cn")
-	user.Mail = searchRes.Entries[0].GetAttributeValue("mail")
-	user.OtherMailbox = searchRes.Entries[0].GetAttributeValue("carLicense")
-	/* Check for outstanding invitation */
-	searchReq = ldap.NewSearchRequest(config.InvitationBaseDN, ldap.ScopeBaseObject,
-		ldap.NeverDerefAliases, 0, 0, false, "(uid="+user.UID+")", []string{"seeAlso"}, nil)
-	searchRes, err = ldapConn.Search(searchReq)
-	if err != nil {
-		log.Printf(fmt.Sprintf("passwordLost (Check existing invitation) : %v", err))
-		log.Printf(fmt.Sprintf("passwordLost (Check existing invitation) : %v", user))
-		return err
-	}
-	if len(searchRes.Entries) == 0 {
-		/* Add the invitation */
-		addReq := ldap.NewAddRequest(
-			user.DN,
-			nil)
-		addReq.Attribute("objectClass", []string{"top", "account", "simpleSecurityObject"})
-		addReq.Attribute("uid", []string{user.UID})
-		addReq.Attribute("userPassword", []string{"absdefghi"})
-		addReq.Attribute("seeAlso", []string{config.UserNameAttr + "=" + user.UID + "," + config.UserBaseDN})
-		err = ldapConn.Add(addReq)
-		if err != nil {
-			log.Printf(fmt.Sprintf("passwordLost 83 : %v", err))
-			log.Printf(fmt.Sprintf("passwordLost 84 : %v", user))
-			// log.Printf(fmt.Sprintf("passwordLost 85 : %v", searchRes.Entries[0]))
-			// For some reason I get here even if the entry exists already
-			return err
-		}
-	}
-	err = passwd(user, config, ldapConn)
-	if err != nil {
-		log.Printf(fmt.Sprintf("passwordLost 90 : %v", err))
-		log.Printf(fmt.Sprintf("passwordLost 91 : %v", user))
-		log.Printf(fmt.Sprintf("passwordLost 92 : %v", searchRes.Entries[0]))
-		return err
-	}
-	templateMail := template.Must(template.ParseFiles(templatePath + "/lost_password_email.txt"))
-	buf := bytes.NewBuffer([]byte{})
-	templateMail.Execute(buf, &CodeMailFields{
-		To:             user.OtherMailbox,
-		From:           config.MailFrom,
-		InviteFrom:     user.UID,
-		Code:           code,
-		WebBaseAddress: config.WebAddress,
-	})
-	// message := []byte("Hi " + user.OtherMailbox)
-	log.Printf("Sending mail to: %s", user.OtherMailbox)
-	// var auth sasl.Client = nil
-	// if config.SMTPUsername != "" {
-	// 	auth = sasl.NewPlainClient("", config.SMTPUsername, config.SMTPPassword)
-	// }
-	message := buf.Bytes()
-	auth := smtp.PlainAuth("", config.SMTPUsername, config.SMTPPassword, config.SMTPServer)
-	log.Printf("auth: %v", auth)
-	err = smtp.SendMail(config.SMTPServer+":587", auth, config.SMTPUsername, []string{user.OtherMailbox}, message)
-	if err != nil {
-		log.Printf("email send error %v", err)
-		return err
-	}
-	log.Printf("Mail sent.")
-	return nil
-}
-
-func passwordFound(user User, config *ConfigFile, ldapConn *ldap.Conn) (string, error) {
-	l, err := openLdap(config)
-	if err != nil {
-		log.Printf("passwordFound %v", err)
-		log.Printf("passwordFound Config : %v", config)
-		return "", err
-	}
-	if user.DN == "" && user.UID != "" {
-		user.DN = "uid=" + user.UID + ",ou=invitations,dc=resdigita,dc=org"
-	}
-	err = l.Bind(user.DN, user.Password)
-	if err != nil {
-		log.Printf("passwordFound %v", err)
-		log.Printf("passwordFound %v", user.DN)
-		log.Printf("passwordFound %v", user.UID)
-		return "", err
-	}
-	searchReq := ldap.NewSearchRequest(user.DN, ldap.ScopeBaseObject,
-		ldap.NeverDerefAliases, 0, 0, false, "(uid="+user.UID+")", []string{"seeAlso"}, nil)
-	var searchRes *ldap.SearchResult
-	searchRes, err = ldapConn.Search(searchReq)
-	if err != nil {
-		log.Printf("passwordFound %v", err)
-		log.Printf("passwordFound %v", searchReq)
-		log.Printf("passwordFound %v", ldapConn)
-		log.Printf("passwordFound %v", searchRes)
-		return "", err
-	}
-	if len(searchRes.Entries) == 0 {
-		log.Printf("passwordFound %v", err)
-		log.Printf("passwordFound %v", searchReq)
-		log.Printf("passwordFound %v", ldapConn)
-		log.Printf("passwordFound %v", searchRes)
-		return "", err
-	}
-	return searchRes.Entries[0].GetAttributeValue("seeAlso"), err
-}
+package main
+
+import (
+	b64 "encoding/base64"
+	"fmt"
+	"log"
+	"net/http"
+	"strings"
+
+	"github.com/gorilla/mux"
+)
+
+func handleFoundPassword(w http.ResponseWriter, r *http.Request) {
+	templateFoundPasswordPage := getTemplate("passwd.html")
+	data := PasswdTplData{
+		Common: NestedCommonTplData{
+			CanAdmin: false,
+			LoggedIn: false},
+	}
+	code := mux.Vars(r)["code"]
+	// code = strings.TrimSpace(strings.Join([]string{code}, ""))
+	newCode, _ := b64.URLEncoding.DecodeString(code)
+	ldapConn, err := openNewUserLdap(config)
+	if err != nil {
+		log.Printf(fmt.Sprint("handleFoundPassword / openNewUserLdap / %v", err))
+		data.Common.ErrorMessage = err.Error()
+	}
+	codeArray := strings.Split(string(newCode), ";")
+	user := User{
+		UID:      codeArray[0],
+		Password: codeArray[1],
+		DN:       "uid=" + codeArray[0] + ",ou=invitations,dc=resdigita,dc=org",
+	}
+	user.SeeAlso, err = passwordFound(user, config, ldapConn)
+	if err != nil {
+		log.Printf("handleFoundPassword / passwordFound %v", err)
+		log.Printf("handleFoundPassword / passwordFound %v", err)
+		data.Common.ErrorMessage = err.Error()
+	}
+	if r.Method == "POST" {
+		r.ParseForm()
+
+		password := strings.Join(r.Form["password"], "")
+		password2 := strings.Join(r.Form["password2"], "")
+
+		if len(password) < 8 {
+			data.TooShortError = true
+		} else if password2 != password {
+			data.NoMatchError = true
+		} else {
+			err := passwd(User{
+				DN:       user.SeeAlso,
+				Password: password,
+			}, config, ldapConn)
+			if err != nil {
+				data.Common.ErrorMessage = err.Error()
+			} else {
+				data.Common.Success = true
+			}
+		}
+	}
+	data.Common.CanAdmin = false
+	templateFoundPasswordPage.Execute(w, data)
+}
+
+func handlePasswd(w http.ResponseWriter, r *http.Request) {
+	templatePasswd := getTemplate("passwd.html")
+	data := &PasswdTplData{
+		Common: NestedCommonTplData{
+			CanAdmin:     false,
+			LoggedIn:     true,
+			ErrorMessage: "",
+			Success:      false,
+		},
+	}
+
+	login := checkLogin(w, r)
+	if login == nil {
+		data.Common.LoggedIn = false
+		templatePasswd.Execute(w, data)
+		return
+	}
+	data.Login.Status = login
+	data.Common.CanAdmin = login.Common.CanAdmin
+
+	if r.Method == "POST" {
+		r.ParseForm()
+
+		password := strings.Join(r.Form["password"], "")
+		password2 := strings.Join(r.Form["password2"], "")
+
+		if len(password) < 8 {
+			data.TooShortError = true
+		} else if password2 != password {
+			data.NoMatchError = true
+		} else {
+			err := passwd(User{
+				DN:       login.Info.DN,
+				Password: password,
+			}, config, login.conn)
+			if err != nil {
+				data.Common.ErrorMessage = err.Error()
+			} else {
+				data.Common.Success = true
+			}
+		}
+	}
+	data.Common.CanAdmin = false
+	templatePasswd.Execute(w, data)
+}

view-user.go

@@ -1,16 +1,15 @@
 package main
 
 import (
-	b64 "encoding/base64"
-	"fmt"
-	"log"
+	// b64 "encoding/base64"
+	// "fmt"
+	// "log"
 	"net/http"
 	"strings"
-
-	"github.com/gorilla/mux"
+	// "github.com/gorilla/mux"
 )
 
-func handleProfile(w http.ResponseWriter, r *http.Request) {
+func handleUser(w http.ResponseWriter, r *http.Request) {
 	templateProfile := getTemplate("user.html")
 
 	login := checkLogin(w, r)
@@ -65,14 +64,14 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
 		if user.DisplayName != "" {
 			err := modify(user, config, login.conn)
 			if err != nil {
-				data.Common.ErrorMessage = "handleProfile : " + err.Error()
+				data.Common.ErrorMessage = "handleUser : " + err.Error()
 			} else {
 				data.Common.Success = true
 			}
 		}
 		findUser, err := get(user, config, login.conn)
 		if err != nil {
-			data.Common.ErrorMessage = "handleProfile : " + err.Error()
+			data.Common.ErrorMessage = "handleUser : " + err.Error()
 		}
 		data.DisplayName = findUser.DisplayName
 		data.GivenName = findUser.GivenName
@@ -120,101 +119,3 @@ func handleProfile(w http.ResponseWriter, r *http.Request) {
 
 	templateProfile.Execute(w, data)
 }
-
-func handleFoundPassword(w http.ResponseWriter, r *http.Request) {
-	templateFoundPasswordPage := getTemplate("passwd.html")
-	data := PasswdTplData{
-		Common: NestedCommonTplData{
-			CanAdmin: false,
-			LoggedIn: false},
-	}
-	code := mux.Vars(r)["code"]
-	// code = strings.TrimSpace(strings.Join([]string{code}, ""))
-	newCode, _ := b64.URLEncoding.DecodeString(code)
-	ldapConn, err := openNewUserLdap(config)
-	if err != nil {
-		log.Printf(fmt.Sprint("handleFoundPassword / openNewUserLdap / %v", err))
-		data.Common.ErrorMessage = err.Error()
-	}
-	codeArray := strings.Split(string(newCode), ";")
-	user := User{
-		UID:      codeArray[0],
-		Password: codeArray[1],
-		DN:       "uid=" + codeArray[0] + ",ou=invitations,dc=resdigita,dc=org",
-	}
-	user.SeeAlso, err = passwordFound(user, config, ldapConn)
-	if err != nil {
-		log.Printf("handleFoundPassword / passwordFound %v", err)
-		log.Printf("handleFoundPassword / passwordFound %v", err)
-		data.Common.ErrorMessage = err.Error()
-	}
-	if r.Method == "POST" {
-		r.ParseForm()
-
-		password := strings.Join(r.Form["password"], "")
-		password2 := strings.Join(r.Form["password2"], "")
-
-		if len(password) < 8 {
-			data.TooShortError = true
-		} else if password2 != password {
-			data.NoMatchError = true
-		} else {
-			err := passwd(User{
-				DN:       user.SeeAlso,
-				Password: password,
-			}, config, ldapConn)
-			if err != nil {
-				data.Common.ErrorMessage = err.Error()
-			} else {
-				data.Common.Success = true
-			}
-		}
-	}
-	data.Common.CanAdmin = false
-	templateFoundPasswordPage.Execute(w, data)
-}
-
-func handlePasswd(w http.ResponseWriter, r *http.Request) {
-	templatePasswd := getTemplate("passwd.html")
-	data := &PasswdTplData{
-		Common: NestedCommonTplData{
-			CanAdmin:     false,
-			LoggedIn:     true,
-			ErrorMessage: "",
-			Success:      false,
-		},
-	}
-
-	login := checkLogin(w, r)
-	if login == nil {
-		templatePasswd.Execute(w, data)
-		return
-	}
-	data.Login.Status = login
-	data.Common.CanAdmin = login.Common.CanAdmin
-
-	if r.Method == "POST" {
-		r.ParseForm()
-
-		password := strings.Join(r.Form["password"], "")
-		password2 := strings.Join(r.Form["password2"], "")
-
-		if len(password) < 8 {
-			data.TooShortError = true
-		} else if password2 != password {
-			data.NoMatchError = true
-		} else {
-			err := passwd(User{
-				DN:       login.Info.DN,
-				Password: password,
-			}, config, login.conn)
-			if err != nil {
-				data.Common.ErrorMessage = err.Error()
-			} else {
-				data.Common.Success = true
-			}
-		}
-	}
-	data.Common.CanAdmin = false
-	templatePasswd.Execute(w, data)
-}