git » repo » main » tree

[main] / services / docs / api / api.rb 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/usr/bin/env ruby

require 'json'
require 'openssl'
require 'pg'
require 'redis'
require 'sinatra'

helpers do
  def db(user_name)
    redis = Redis.new(url: ENV["REDIS_URI"])
    connection_string = redis.get(user_name)
    PG.connect(connection_string)
  end

  def user_name(req)
    docs_session = req.cookies["docs_session"]
    user_name, split, origin_sign = docs_session.rpartition("--")
    sign = OpenSSL::HMAC.hexdigest("sha1", ENV["DOCS_SECRET"], user_name)
    if origin_sign != sign
      raise "Invalid session"
    end
    user_name
  end
end

get '/users' do
  begin
    db = db(user_name(request))
    res = db.exec("select id, login, org from users order by id desc limit 100")
    {:users => res.to_a}.to_json
  rescue => e
    status 400
    {:error => e.message}.to_json
  end
end

put '/users/:id' do |user_id|
  begin
    db = db(user_name(request))
    data = JSON.parse request.body.read

    res = db.exec(
      "update users \
      set org = '#{data["org"]}' \
      where id = '#{user_id}' \
      returning id, login, org"
    )
    status 204
  rescue => e
    status 400
    {:error => e.message}.to_json
  end
end

get '/docs' do
  begin
    db = db(user_name(request))
    res = db.exec(
      "select \
        *, (select login || '@' || org as owner_login from users where id = owner), \
        (select array_agg(x) from (select (select login || '@' || org from users as u where u.id = uid) as x from unnest(shares) as tmp(uid)) as xx) as shares_logins \
      from docs
      order by id desc"
    )
    {:docs => res.to_a}.to_json
  rescue => e
    status 400
    {:error => e.message}.to_json
  end
end

post '/docs' do
  begin
    db = db(user_name(request))
    data = JSON.parse request.body.read

    res = db.exec(
      "insert into docs (title, shares) values \
      ('#{data["title"]}', '{#{data["shares"].join(",")}}') \
      returning id"
    )
    status 201
    {:id => res[0]["id"]}.to_json
  rescue => e
    status 400
    {:error => e.message}.to_json
  end
end

get '/contents/:id' do |doc_id|
  begin
    db = db(user_name(request))
    res = db.exec(
      "select data
      from contents
      where doc_id = '#{doc_id}'"
    )
    if res.num_tuples > 0
      res[0]["data"]
    else
      status 403
    end
  rescue => e
    status 400
    {:error => e.message}.to_json
  end
end

post '/contents' do
  begin
    db = db(user_name(request))
    data = JSON.parse request.body.read

    res = db.exec(
      "insert into contents (doc_id, data) values \
      ('#{data["doc_id"]}', '#{data["data"]}') \
      returning id"
    )
    status 201
    {:id => res[0]["id"]}.to_json
  rescue => e
    status 400
    {:error => e.message}.to_json
  end
end