go-common/app/admin/main/vip/http/privilege.go

package http

import (
	"io/ioutil"
	"mime/multipart"
	"net/http"
	"regexp"
	"strings"

	"go-common/app/admin/main/vip/model"
	"go-common/library/ecode"
	bm "go-common/library/net/http/blademaster"
	"go-common/library/net/http/blademaster/binding"
)

const (
	_maxnamelen    = 30
	_maxtitlelen   = 60
	_maxexplainlen = 1200
)

// regexp utf8 char 0x0e0d~0e4A
var (
	_emptyUnicodeReg = []*regexp.Regexp{
		regexp.MustCompile(`[\x{202e}]+`),  // right-to-left override
		regexp.MustCompile(`[\x{200b}]+`),  // zeroWithChar
		regexp.MustCompile(`[\x{1f6ab}]+`), // no_entry_sign
	}
	// trim
	returnReg  = regexp.MustCompile(`[\n]{3,}`)
	returnReg2 = regexp.MustCompile(`(\r\n){3,}`)
	spaceReg   = regexp.MustCompile(`[　]{5,}`) // Chinese quanjiao space character
)

func privileges(c *bm.Context) {
	var err error
	arg := new(struct {
		Langtype int8 `form:"lang_type"`
	})
	if err = c.Bind(arg); err != nil {
		return
	}
	c.JSON(vipSvc.Privileges(c, arg.Langtype))
}

func updatePrivilegeState(c *bm.Context) {
	var err error
	arg := new(model.ArgStatePrivilege)
	if err = c.Bind(arg); err != nil {
		return
	}
	c.JSON(nil, vipSvc.UpdatePrivilegeState(c, &model.Privilege{
		ID:    arg.ID,
		State: arg.Status,
	}))
}

func deletePrivilege(c *bm.Context) {
	var err error
	arg := new(model.ArgPivilegeID)
	if err = c.Bind(arg); err != nil {
		return
	}
	c.JSON(nil, vipSvc.DeletePrivilege(c, arg.ID))
}

func updateOrder(c *bm.Context) {
	var err error
	arg := new(model.ArgOrder)
	if err = c.Bind(arg); err != nil {
		return
	}
	c.JSON(nil, vipSvc.UpdateOrder(c, arg))
}

func addPrivilege(c *bm.Context) {
	var err error
	arg := new(model.ArgAddPrivilege)
	username, ok := c.Get("username")
	if !ok {
		c.JSON(nil, ecode.AccessDenied)
		return
	}
	arg.Operator = username.(string)
	if err = c.BindWith(arg, binding.FormMultipart); err != nil {
		return
	}
	if len(arg.Name) > _maxnamelen {
		c.JSON(nil, ecode.VipPrivilegeNameTooLongErr)
		return
	}
	if len(arg.Title) > _maxtitlelen {
		c.JSON(nil, ecode.VipPrivilegeTitleTooLongErr)
		return
	}
	if len(arg.Explain) > _maxexplainlen {
		c.JSON(nil, ecode.VipPrivilegeExplainTooLongErr)
		return
	}
	img := new(model.ArgImage)
	if img.IconBody, img.IconFileType, err = file(c, "icon"); err != nil {
		c.JSON(nil, err)
		return
	}
	if img.IconFileType == "" {
		c.JSON(nil, ecode.VipFileImgEmptyErr)
		return
	}
	if img.IconGrayBody, img.IconGrayFileType, err = file(c, "gray_icon"); err != nil {
		c.JSON(nil, err)
		return
	}
	if img.IconGrayFileType == "" {
		c.JSON(nil, ecode.VipFileImgEmptyErr)
		return
	}
	if img.WebImageBody, img.WebImageFileType, err = file(c, "web_image"); err != nil {
		c.JSON(nil, err)
		return
	}
	if img.AppImageBody, img.AppImageFileType, err = file(c, "app_image"); err != nil {
		c.JSON(nil, err)
		return
	}
	arg.Explain = filterContent(arg.Explain)
	c.JSON(nil, vipSvc.AddPrivilege(c, arg, img))
}

func updatePrivilege(c *bm.Context) {
	var (
		err error
	)
	arg := new(model.ArgUpdatePrivilege)
	username, ok := c.Get("username")
	if !ok {
		c.JSON(nil, ecode.AccessDenied)
		return
	}
	arg.Operator = username.(string)
	if err = c.BindWith(arg, binding.FormMultipart); err != nil {
		return
	}
	if len(arg.Name) > _maxnamelen {
		c.JSON(nil, ecode.VipPrivilegeNameTooLongErr)
		return
	}
	if len(arg.Title) > _maxtitlelen {
		c.JSON(nil, ecode.VipPrivilegeTitleTooLongErr)
		return
	}
	if len(arg.Explain) > _maxexplainlen {
		c.JSON(nil, ecode.VipPrivilegeExplainTooLongErr)
		return
	}
	img := new(model.ArgImage)
	if img.IconBody, img.IconFileType, err = file(c, "icon"); err != nil {
		c.JSON(nil, err)
		return
	}
	if img.IconGrayBody, img.IconGrayFileType, err = file(c, "gray_icon"); err != nil {
		c.JSON(nil, err)
		return
	}
	if img.WebImageBody, img.WebImageFileType, err = file(c, "web_image"); err != nil {
		c.JSON(nil, err)
		return
	}
	if img.AppImageBody, img.AppImageFileType, err = file(c, "app_image"); err != nil {
		c.JSON(nil, err)
		return
	}
	arg.Explain = filterContent(arg.Explain)
	c.JSON(nil, vipSvc.UpdatePrivilege(c, arg, img))
}

func file(c *bm.Context, name string) (body []byte, filetype string, err error) {
	var file multipart.File
	if file, _, err = c.Request.FormFile(name); err != nil {
		if err == http.ErrMissingFile {
			err = nil
			return
		}
		err = ecode.RequestErr
		return
	}
	if file == nil {
		return
	}
	defer file.Close()
	if body, err = ioutil.ReadAll(file); err != nil {
		err = ecode.RequestErr
		return
	}
	filetype = http.DetectContentType(body)
	if err = checkImgFileType(filetype); err != nil {
		return
	}
	err = checkFileBody(body)
	return
}

func checkImgFileType(filetype string) error {
	switch filetype {
	case "image/jpeg", "image/jpg":
	case "image/png":
	default:
		return ecode.VipFileTypeErr
	}
	return nil
}

func checkFileBody(body []byte) error {
	if len(body) == 0 {
		return ecode.FileNotExists
	}
	if len(body) > cf.Bfs.MaxFileSize {
		return ecode.FileTooLarge
	}
	return nil
}

func filterContent(str string) string {
	tmp := str
	// check params
	tmp = strings.TrimSpace(tmp)
	tmp = spaceReg.ReplaceAllString(tmp, "　　　")
	tmp = returnReg.ReplaceAllString(tmp, "\n\n\n")
	tmp = returnReg2.ReplaceAllString(tmp, "\n\n\n")
	// checkout empty
	for _, reg := range _emptyUnicodeReg {
		tmp = reg.ReplaceAllString(tmp, "")
	}
	return tmp
}