diff options
| -rw-r--r-- | auth/:w | 182 | ||||
| -rw-r--r-- | errors/errors.go | 15 | ||||
| -rw-r--r-- | errors/status.go | 1 | ||||
| -rw-r--r-- | invoice/controller.go | 153 | ||||
| -rw-r--r-- | invoice/hooks.go | 57 | ||||
| -rw-r--r-- | invoice/invoice.go | 61 | ||||
| -rw-r--r-- | invoice/router.go | 32 | ||||
| -rw-r--r-- | invoice/service.go | 74 | ||||
| -rw-r--r-- | invoice/validators.go | 71 | ||||
| -rw-r--r-- | main.go | 4 |
10 files changed, 460 insertions, 190 deletions
diff --git a/auth/:w b/auth/:w deleted file mode 100644 index 7e3346e..0000000 --- a/auth/:w +++ /dev/null @@ -1,182 +0,0 @@ -/* openbills - Server for web based Libre Billing Software - * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <https://www.gnu.org/licenses/>. - */ - -package auth - -import ( - "github.com/gin-gonic/gin" - "github.com/golang-jwt/jwt/v5" - "github.com/spf13/viper" - "golang.org/x/crypto/bcrypt" - "vidhukant.com/openbills/user" - "net/http" - "time" - "vidhukant.com/openbills/errors" -) - -var ( - COST int - AUTH_KEY, REFRESH_KEY []byte -) -func init() { - COST = viper.GetInt("cryptography.password_hashing_cost") - AUTH_KEY = []byte(viper.GetString("cryptography.auth_key")) - REFRESH_KEY = []byte(viper.GetString("cryptography.refresh_key")) -} - -func handleSignUp (ctx *gin.Context) { - var user user.User - ctx.Bind(&user) - - var err error - - // hash password - var bytes []byte - bytes, err = bcrypt.GenerateFromPassword([]byte(user.Password), 14) - if err != nil { - // TODO: handle potential errors - ctx.Error(err) - ctx.Abort() - return - } - user.Password = string(bytes) - - err = user.Create() - if err != nil { - ctx.Error(err) - ctx.Abort() - return - } - - // remove password hash from response - user.Password = "" - - ctx.JSON(http.StatusOK, gin.H{ - "message": "success", - "data": user, - }) -} - -func handleSignIn (ctx *gin.Context) { - var req LoginReq - ctx.Bind(&req) - - var err error - var u user.User - - err = user.CheckPassword(&u, req.AccountName, req.Method, req.Password) - if err != nil { - // TODO: handle potential errors - ctx.Error(err) - ctx.Abort() - return - } - - authToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, - AuthClaims { - jwt.RegisteredClaims { - IssuedAt: jwt.NewNumericDate(time.Now()), - ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)), - }, - u.ID, - }, - ).SignedString(AUTH_KEY) - if err != nil { - // TODO: handle potential errors - ctx.Error(err) - ctx.Abort() - return - } - - refreshToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, - AuthClaims { - jwt.RegisteredClaims { - IssuedAt: jwt.NewNumericDate(time.Now()), - ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 6)), - }, - u.ID, - }, - ).SignedString(REFRESH_KEY) - if err != nil { - // TODO: handle potential errors - ctx.Error(err) - ctx.Abort() - return - } - - // remove password hash from response - u.Password = "" - - ctx.JSON(http.StatusOK, gin.H{ - "auth_token": authToken, - "refresh_token": refreshToken, - "message": "success", - "data": u, - }) -} - -func handleRefresh (ctx *gin.Context) { - var req RefreshReq - ctx.Bind(&req) - - tk, _ := jwt.ParseWithClaims(req.RefreshToken, &AuthClaims{}, func (token *jwt.Token) (interface{}, error) { - return []byte(REFRESH_KEY), nil - }) - - claims, ok := tk.Claims.(*AuthClaims) - if !ok { - ctx.Error(errors.ErrUnauthorized) - ctx.Abort() - return - } - - if !tk.Valid { - eat := claims.ExpiresAt.Unix() - if eat != 0 && eat < time.Now().Unix() { - ctx.Error(errors.ErrSessionExpired) - } else { - ctx.Error(errors.ErrUnauthorized) - } - - ctx.Abort() - return - } - - // TODO: if token is valid, check if user even exists before generating authToken - - authToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, - AuthClaims { - jwt.RegisteredClaims { - IssuedAt: jwt.NewNumericDate(time.Now()), - ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)), - }, - claims.UserID, - }, - ).SignedString(AUTH_KEY) - if err != nil { - // TODO: handle potential errors - ctx.Error(err) - ctx.Abort() - return - } - - ctx.JSON(http.StatusOK, gin.H{ - "auth_token": authToken, - "message": "success", - //"data": u, - }) -} diff --git a/errors/errors.go b/errors/errors.go index 9a5a215..9fed3a3 100644 --- a/errors/errors.go +++ b/errors/errors.go @@ -54,13 +54,14 @@ var ( ErrBrandNotFound = errors.New("This Brand Does Not Exist") // 409 - ErrNonUniqueGSTIN = errors.New("GSTIN Must Be Unique") - ErrNonUniquePhone = errors.New("Phone Number Is Already In Use") - ErrNonUniqueEmail = errors.New("Email Address Is Already In Use") - ErrNonUniqueUsername = errors.New("Username Is Already In Use") - ErrNonUniqueWebsite = errors.New("Website Is Already In Use") - ErrNonUniqueBrandName = errors.New("Brand Name Is Already In Use") - ErrNonUniqueBrandItem = errors.New("Item With Same Name And Brand Already Exists") + ErrNonUniqueGSTIN = errors.New("GSTIN Must Be Unique") + ErrNonUniquePhone = errors.New("Phone Number Is Already In Use") + ErrNonUniqueEmail = errors.New("Email Address Is Already In Use") + ErrNonUniqueUsername = errors.New("Username Is Already In Use") + ErrNonUniqueWebsite = errors.New("Website Is Already In Use") + ErrNonUniqueBrandName = errors.New("Brand Name Is Already In Use") + ErrNonUniqueBrandItem = errors.New("Item With Same Name And Brand Already Exists") + ErrNonUniqueInvoiceNumber = errors.New("Invoice Number Must Be Unique") // 500 ErrInternalServerError = errors.New("Internal Server Error") diff --git a/errors/status.go b/errors/status.go index c7fc2a4..c9113a9 100644 --- a/errors/status.go +++ b/errors/status.go @@ -71,6 +71,7 @@ func StatusCodeFromErr(err error) int { errors.Is(err, ErrNonUniqueEmail) || errors.Is(err, ErrNonUniqueWebsite) || errors.Is(err, ErrNonUniqueBrandName) || + errors.Is(err, ErrNonUniqueInvoiceNumber) || errors.Is(err, ErrNonUniqueBrandItem) { return http.StatusConflict } diff --git a/invoice/controller.go b/invoice/controller.go new file mode 100644 index 0000000..efcaa40 --- /dev/null +++ b/invoice/controller.go @@ -0,0 +1,153 @@ +/* openbills - Server for web based Libre Billing Software + * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +package invoice + +import ( + e "vidhukant.com/openbills/errors" + "github.com/gin-gonic/gin" + "net/http" + "strconv" +) + +func handleGetSingleInvoice (ctx *gin.Context) { + id, err := strconv.ParseUint(ctx.Param("id"), 10, 64) + if err != nil { + ctx.Error(e.ErrInvalidID) + return + } + + uId, ok := ctx.Get("UserID") + if !ok { + ctx.Error(e.ErrUnauthorized) + ctx.Abort() + return + } + + userId := uId.(uint) + + var invoice Invoice + + err = getInvoice(&invoice, uint(id)) + if err != nil { + ctx.Error(err) + ctx.Abort() + return + } + + if invoice.UserID != userId { + ctx.Error(e.ErrForbidden) + ctx.Abort() + return + } + + ctx.JSON(http.StatusOK, gin.H{ + "message": "success", + "data": invoice, + }) +} + +func handleGetInvoices (ctx *gin.Context) { + var invoices []Invoice + + uId, ok := ctx.Get("UserID") + if !ok { + ctx.Error(e.ErrUnauthorized) + ctx.Abort() + return + } + + userId := uId.(uint) + + err := getInvoices(&invoices, userId) + if err != nil { + ctx.Error(err) + ctx.Abort() + return + } + + ctx.JSON(http.StatusOK, gin.H{ + "message": "success", + "data": invoices, + }) +} + +func handleSaveInvoice (ctx *gin.Context) { + var invoice Invoice + ctx.Bind(&invoice) + + uId, ok := ctx.Get("UserID") + if !ok { + ctx.Error(e.ErrUnauthorized) + ctx.Abort() + return + } + + userId := uId.(uint) + invoice.UserID = userId + + err := invoice.upsert() + if err != nil { + ctx.Error(err) + ctx.Abort() + return + } + + ctx.JSON(http.StatusOK, gin.H{ + "message": "success", + "data": invoice, + }) +} + +func handleDelInvoice (ctx *gin.Context) { + id, err := strconv.ParseUint(ctx.Param("id"), 10, 64) + if err != nil { + ctx.Error(e.ErrInvalidID) + return + } + + var invoice Invoice + invoice.ID = uint(id) + + uId, ok := ctx.Get("UserID") + if !ok { + ctx.Error(e.ErrUnauthorized) + ctx.Abort() + return + } + + userId := uId.(uint) + invoice.UserID = userId + + err = checkInvoiceOwnership(invoice.ID, invoice.UserID) + if err != nil { + ctx.Error(err) + ctx.Abort() + return + } + + err = invoice.del() + if err != nil { + ctx.Error(err) + ctx.Abort() + return + } + + ctx.JSON(http.StatusOK, gin.H{ + "message": "success", + }) +} diff --git a/invoice/hooks.go b/invoice/hooks.go new file mode 100644 index 0000000..3d933fb --- /dev/null +++ b/invoice/hooks.go @@ -0,0 +1,57 @@ +/* openbills - Server for web based Libre Billing Software + * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +package invoice + +import ( + "gorm.io/gorm" + "vidhukant.com/openbills/errors" +) + +func (i *Invoice) BeforeSave(tx *gorm.DB) error { + var err error + + err = i.validate() + if err != nil { + return err + } + + return nil +} + +func (i *Invoice) BeforeDelete(tx *gorm.DB) error { + // if ID is 0, invoice won't be deleted + if i.ID == 0 { + return errors.ErrNoWhereCondition + } + + var err error + + // delete billing address + err = db.Where("invoice_id = ?", i.ID).Delete(&InvoiceBillingAddress{}).Error + if err != nil { + return err + } + + // delete shipping address + err = db.Where("invoice_id = ?", i.ID).Delete(&InvoiceShippingAddress{}).Error + if err != nil { + return err + } + + return nil +} diff --git a/invoice/invoice.go b/invoice/invoice.go new file mode 100644 index 0000000..0f4a601 --- /dev/null +++ b/invoice/invoice.go @@ -0,0 +1,61 @@ +/* openbills - Server for web based Libre Billing Software + * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +package invoice + +import ( + "gorm.io/gorm" + d "vidhukant.com/openbills/db" + "vidhukant.com/openbills/user" + c "vidhukant.com/openbills/customer" + "time" +) + +var db *gorm.DB +func init() { + db = d.DB + + db.AutoMigrate(&Invoice{}, &InvoiceBillingAddress{}, &InvoiceShippingAddress{}) +} + +type InvoiceBillingAddress struct { + gorm.Model + c.Address + InvoiceID uint +} + +type InvoiceShippingAddress struct { + gorm.Model + c.Address + InvoiceID uint +} + +type Invoice struct { + gorm.Model + UserID uint `json:"-"` + User user.User `json:"-"` + InvoiceDate time.Time + InvoiceNumber uint + BillingAddress InvoiceBillingAddress + ShippingAddress InvoiceShippingAddress + Draft bool + + // Transporter Transporter + // DueDate string + // TransactionID string + // Client idk +} diff --git a/invoice/router.go b/invoice/router.go new file mode 100644 index 0000000..5536466 --- /dev/null +++ b/invoice/router.go @@ -0,0 +1,32 @@ +/* openbills - Server for web based Libre Billing Software + * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +package invoice + +import ( + "github.com/gin-gonic/gin" +) + +func Routes(route *gin.RouterGroup) { + g := route.Group("/invoice") + { + g.GET("/", handleGetInvoices) + g.GET("/:id", handleGetSingleInvoice) + g.POST("/", handleSaveInvoice) + g.DELETE("/:id", handleDelInvoice) + } +} diff --git a/invoice/service.go b/invoice/service.go new file mode 100644 index 0000000..6b59949 --- /dev/null +++ b/invoice/service.go @@ -0,0 +1,74 @@ +/* openbills - Server for web based Libre Billing Software + * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +package invoice + +import ( + e "vidhukant.com/openbills/errors" +) + +func getInvoice(invoice *Invoice, id uint) error { + res := db.Preload("BillingAddress").Preload("ShippingAddress").Find(&invoice, id) + + // TODO: handle potential errors + if res.Error != nil { + return res.Error + } + + if res.RowsAffected == 0 { + return e.ErrNotFound + } + + return nil +} + +func getInvoices(invoices *[]Invoice, userId uint) error { + res := db.Where("user_id = ?", userId).Find(&invoices) + + // TODO: handle potential errors + if res.Error != nil { + return res.Error + } + + if res.RowsAffected == 0 { + return e.ErrEmptyResponse + } + + return nil +} + +func (i *Invoice) upsert() error { + res := db.Save(i) + // TODO: handle potential errors + return res.Error +} + +func (i *Invoice) del() error { + res := db.Where("id = ? and user_id = ?", i.ID, i.UserID).Delete(i) + + // TODO: handle potential errors + if res.Error != nil { + return res.Error + } + + // returns 404 if either row doesn't exist or if the user doesn't own it + if res.RowsAffected == 0 { + return e.ErrNotFound + } + + return nil +} diff --git a/invoice/validators.go b/invoice/validators.go new file mode 100644 index 0000000..645bdff --- /dev/null +++ b/invoice/validators.go @@ -0,0 +1,71 @@ +/* openbills - Server for web based Libre Billing Software + * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +package invoice + +import ( + //"regexp" + //"strings" + //"net/mail" + //"net/url" + "vidhukant.com/openbills/errors" + //e "errors" +) + +func (i *Invoice) validate() error { + var count int64 + err := db.Model(&Invoice{}). + Where("user_id = ? and invoice_number = ?", i.UserID, i.InvoiceNumber). + Count(&count). + Error + + if err != nil { + return err + } + + if count > 0 { + return errors.ErrNonUniqueInvoiceNumber + } + + return nil +} + +func checkInvoiceOwnership(invoiceId, userId uint) error { + var invoice Invoice + err := db. + Select("id", "user_id"). + Where("id = ?", invoiceId). + Find(&invoice). + Error + + // TODO: handle potential errors + if err != nil { + return err + } + + // invoice doesn't exist + if invoice.ID == 0 { + return errors.ErrNotFound + } + + // user doesn't own this invoice + if invoice.UserID != userId { + return errors.ErrForbidden + } + + return nil +} @@ -30,6 +30,7 @@ import ( "vidhukant.com/openbills/auth" "vidhukant.com/openbills/customer" "vidhukant.com/openbills/item" + "vidhukant.com/openbills/invoice" "github.com/gin-gonic/gin" "github.com/spf13/viper" @@ -37,7 +38,7 @@ import ( "log" ) -const OPENBILLS_VERSION = "v0.0.10" +const OPENBILLS_VERSION = "v0.0.11" func init() { if viper.GetBool("production_mode") { @@ -63,6 +64,7 @@ func main() { { customer.Routes(protected) item.Routes(protected) + invoice.Routes(protected) } log.Printf("\x1b[46m\x1b[30m[info]\x1b[0m Running OpenBills Server %s\n", OPENBILLS_VERSION) |