package endpoints import ( "arbeitszeitmessung/helper" "arbeitszeitmessung/models" "arbeitszeitmessung/templates" "context" "encoding/json" "log" "net/http" "strconv" "time" ) // Frontend relevant backend functionality -> not used by the arduino devices func TimeHandler(w http.ResponseWriter, r *http.Request) { helper.SetCors(w) switch r.Method { case "GET": getBookings(w, r) case "POST": updateBooking(w, r) case "OPTIONS": // just support options header for non GET Requests from SWAGGER w.WriteHeader(http.StatusOK) default: http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) } } func parseTimestamp(r *http.Request, get_key string, fallback string) (time.Time, error) { _timestamp_get := r.URL.Query().Get(get_key) if _timestamp_get == "" { _timestamp_get = fallback } timestamp_get, err := time.Parse("2006-01-02", _timestamp_get) if err != nil { return time.Now(), err } return timestamp_get, nil } // Returns bookings from DB with similar card uid -> checks for card uid in http query params func getBookings(w http.ResponseWriter, r *http.Request) { var user models.User var err error if helper.GetEnv("GO_ENV", "production") == "debug" { user, err = (*models.User).GetByPersonalNummer(nil, 123) } else { if !Session.Exists(r.Context(), "user") { log.Println("No user in session storage!") http.Error(w, "Not logged in!", http.StatusForbidden) return } user, err = (*models.User).GetByPersonalNummer(nil, Session.GetInt(r.Context(), "user")) } if err != nil { log.Println("No user found with the given personal number!") http.Error(w, "No user found", http.StatusNotFound) return } // TODO add config for timeoffset tsFrom, err := parseTimestamp(r, "time_from", time.Now().AddDate(0, -1, 0).Format("2006-01-02")) if err != nil { log.Println("Error parsing 'from' time", err) http.Error(w, "Timestamp 'from' cannot be parsed!", http.StatusBadRequest) return } tsTo, err := parseTimestamp(r, "time_to", time.Now().Format("2006-01-02")) if err != nil { log.Println("Error parsing 'to' time", err) http.Error(w, "Timestamp 'to' cannot be parsed!", http.StatusBadRequest) return } tsTo = tsTo.AddDate(0, 0, 1) // so that today is inside bookings, err := (*models.Booking).GetBookingsGrouped(nil, user.CardUID, tsFrom, tsTo) if err != nil { log.Println("Error getting bookings: ", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } ctx := context.WithValue(r.Context(), "user", user) templates.TimePage(bookings).Render(ctx, w) } func updateBooking(w http.ResponseWriter, r *http.Request) { r.ParseForm() for index, possibleBooking := range r.PostForm { if index[:7] == "booking" { booking_id, err := strconv.Atoi(index[8:]) if err != nil { log.Println("Error parsing bookingId", err) continue } booking, err := (*models.Booking).GetBookingById(nil, booking_id) if err != nil { log.Println("Error getting booking!", err) continue } parsedTime, err := time.ParseInLocation("15:04", possibleBooking[0], time.Local) if err != nil { log.Println("Error parsing time!", err) continue } log.Println("Parsing time", parsedTime) booking.UpdateTime(parsedTime) } } getBookings(w, r) } func getBookingsAPI(w http.ResponseWriter, r *http.Request) { _user_pn := r.URL.Query().Get("personal_nummer") user_pn, err := strconv.Atoi(_user_pn) if err != nil { log.Println("No personal numver found!") http.Error(w, "No personal number found", http.StatusBadRequest) return } user, err := (*models.User).GetByPersonalNummer(nil, user_pn) if err != nil { log.Println("No user found with the given personal number!") http.Error(w, "No user found", http.StatusNotFound) return } // TODO add config for timeoffset tsFrom, err := parseTimestamp(r, "time_from", time.Now().AddDate(0, -1, 0).Format("2006-01-02")) if err != nil { log.Println("Error parsing 'from' time", err) http.Error(w, "Timestamp 'from' cannot be parsed!", http.StatusBadRequest) return } tsTo, err := parseTimestamp(r, "time_to", time.Now().Format("2006-01-02")) if err != nil { log.Println("Error parsing 'to' time", err) http.Error(w, "Timestamp 'to' cannot be parsed!", http.StatusBadRequest) return } tsTo = tsTo.AddDate(0, 0, 1) // so that today is inside bookings, err := (*models.Booking).GetBookingsGrouped(nil, user.CardUID, tsFrom, tsTo) if err != nil { log.Println("Error getting bookings: ", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } w.Header().Set("Content-Type", "application/json") json.NewEncoder(w).Encode(bookings) } // Updates a booking form the given json body func updateBookingAPI(w http.ResponseWriter, r *http.Request) { _booking_id := r.URL.Query().Get("counter_id") if _booking_id == "" { http.Error(w, "Missing bookingID query parameter", http.StatusBadRequest) return } booking_id, err := strconv.Atoi(_booking_id) if err != nil { http.Error(w, "Invalid bookingID query parameter", http.StatusBadRequest) return } bookingDB, err := (*models.Booking).GetBookingById(nil, booking_id) if err != nil { log.Println("Error getting booking: ", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } var booking models.Booking dec := json.NewDecoder(r.Body) dec.DisallowUnknownFields() err = dec.Decode(&booking) if err != nil { log.Println("Error parsing booking: ", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } if booking.CounterId != 0 && booking.CounterId != bookingDB.CounterId { log.Println("Booking Ids do not match") http.Error(w, "Booking Ids do not match", http.StatusBadRequest) return } bookingDB.Update(booking) bookingDB.Save() w.Header().Set("Content-Type", "application/json") json.NewEncoder(w).Encode(bookingDB) }