refactor(server/api): prelude helpers (requireUser/requireURLUUID/decodeBody); migrate admin_users.go (A2 1/N)

This commit is contained in:
2026-05-08 08:17:35 -04:00
parent bffa397250
commit c6f5706535
2 changed files with 62 additions and 26 deletions
+12 -26
View File
@@ -1,12 +1,10 @@
package api
import (
"encoding/json"
"errors"
"net/http"
"time"
"github.com/go-chi/chi/v5"
"github.com/jackc/pgerrcode"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgconn"
@@ -58,19 +56,16 @@ type updateUserAdminReq struct {
}
func (h *handlers) handleUpdateUserAdmin(w http.ResponseWriter, r *http.Request) {
caller, ok := auth.UserFromContext(r.Context())
caller, ok := requireUser(w, r)
if !ok {
writeErr(w, apierror.Unauthorized("auth_required", ""))
return
}
targetID, ok := parseUUID(chi.URLParam(r, "id"))
targetID, ok := requireURLUUID(w, r, "id")
if !ok {
writeErr(w, apierror.BadRequest("invalid_id", ""))
return
}
var req updateUserAdminReq
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
writeErr(w, apierror.BadRequest("invalid_body", ""))
if !decodeBody(w, r, &req) {
return
}
@@ -139,14 +134,12 @@ type adminCreateUserReq struct {
}
func (h *handlers) handleAdminCreateUser(w http.ResponseWriter, r *http.Request) {
caller, ok := auth.UserFromContext(r.Context())
caller, ok := requireUser(w, r)
if !ok {
writeErr(w, apierror.Unauthorized("auth_required", ""))
return
}
var req adminCreateUserReq
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
writeErr(w, apierror.BadRequest("invalid_body", ""))
if !decodeBody(w, r, &req) {
return
}
if !usernameRe.MatchString(req.Username) {
@@ -203,9 +196,8 @@ func (h *handlers) handleAdminCreateUser(w http.ResponseWriter, r *http.Request)
// --- Admin user delete -----------------------------------------------------
func (h *handlers) handleAdminDeleteUser(w http.ResponseWriter, r *http.Request) {
caller, ok := auth.UserFromContext(r.Context())
caller, ok := requireUser(w, r)
if !ok {
writeErr(w, apierror.Unauthorized("auth_required", ""))
return
}
@@ -248,19 +240,16 @@ type adminResetPasswordReq struct {
}
func (h *handlers) handleAdminResetPassword(w http.ResponseWriter, r *http.Request) {
caller, ok := auth.UserFromContext(r.Context())
caller, ok := requireUser(w, r)
if !ok {
writeErr(w, apierror.Unauthorized("auth_required", ""))
return
}
targetID, ok := parseUUID(chi.URLParam(r, "id"))
targetID, ok := requireURLUUID(w, r, "id")
if !ok {
writeErr(w, apierror.BadRequest("invalid_id", ""))
return
}
var req adminResetPasswordReq
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
writeErr(w, apierror.BadRequest("invalid_body", ""))
if !decodeBody(w, r, &req) {
return
}
if len(req.Password) < minPasswordLength {
@@ -304,19 +293,16 @@ type adminAutoApproveReq struct {
}
func (h *handlers) handleAdminAutoApproveToggle(w http.ResponseWriter, r *http.Request) {
caller, ok := auth.UserFromContext(r.Context())
caller, ok := requireUser(w, r)
if !ok {
writeErr(w, apierror.Unauthorized("auth_required", ""))
return
}
targetID, ok := parseUUID(chi.URLParam(r, "id"))
targetID, ok := requireURLUUID(w, r, "id")
if !ok {
writeErr(w, apierror.BadRequest("invalid_id", ""))
return
}
var req adminAutoApproveReq
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
writeErr(w, apierror.BadRequest("invalid_body", ""))
if !decodeBody(w, r, &req) {
return
}