246 lines
6.3 KiB
Go
246 lines
6.3 KiB
Go
package main
|
|
|
|
import (
|
|
api "code.dlmw.ch/dlmw/qv/internal"
|
|
"code.dlmw.ch/dlmw/qv/internal/validator"
|
|
"database/sql"
|
|
"encoding/json"
|
|
"errors"
|
|
"fmt"
|
|
"math/rand"
|
|
"net/http"
|
|
"slices"
|
|
"time"
|
|
)
|
|
|
|
type createElectionRequestWithValidator struct {
|
|
api.CreateElectionRequest
|
|
validator.Validator
|
|
}
|
|
|
|
func (r *createElectionRequestWithValidator) isValid() bool {
|
|
r.CheckField(validator.NotBlank(r.Name), "name", "must not be blank")
|
|
r.CheckField(validator.GreaterThan(r.Tokens, 0), "tokens", "must be greater than 0")
|
|
r.CheckField(validator.After(r.ExpiresAt, time.Now()), "expiresAt", "must expire in a future date")
|
|
r.CheckField(validator.GreaterThan(len(r.Choices), 1), "choices", "there must be more than 1 choice")
|
|
r.CheckField(validator.UniqueValues(r.Choices), "choices", "must not contain duplicate values")
|
|
|
|
for _, choice := range r.Choices {
|
|
r.CheckField(validator.NotBlank(choice), "choice", "must not be blank")
|
|
}
|
|
|
|
if r.AreVotersKnown {
|
|
r.CheckField(
|
|
validator.GreaterThan(r.MaxVoters, 0),
|
|
"maxVoters",
|
|
"must be greater than 0 when voters are known",
|
|
)
|
|
} else {
|
|
r.CheckField(
|
|
validator.GreaterThanOrEquals(r.MaxVoters, 0),
|
|
"maxVoters",
|
|
"must be a positive number",
|
|
)
|
|
}
|
|
|
|
return r.Valid()
|
|
}
|
|
|
|
func (app *application) createElection(w http.ResponseWriter, r *http.Request) {
|
|
var request createElectionRequestWithValidator
|
|
|
|
if err := app.unmarshalRequest(r, &request); err != nil {
|
|
app.clientError(w, http.StatusBadRequest, err.Error())
|
|
return
|
|
}
|
|
|
|
if !request.isValid() {
|
|
app.unprocessableEntityError(w, request.Validator)
|
|
return
|
|
}
|
|
|
|
electionId, err := app.elections.Insert(
|
|
request.Name,
|
|
request.Tokens,
|
|
request.AreVotersKnown,
|
|
request.MaxVoters,
|
|
request.Choices,
|
|
request.ExpiresAt,
|
|
)
|
|
if err != nil {
|
|
app.serverError(w, r, err)
|
|
return
|
|
}
|
|
|
|
var res []byte
|
|
if request.AreVotersKnown {
|
|
voterIdentities := make([]string, 0, request.MaxVoters)
|
|
for i := 0; i < request.MaxVoters; i++ {
|
|
randomIdentity := randomVoterIdentity()
|
|
_, err := app.voters.Insert(randomIdentity, electionId)
|
|
if err != nil {
|
|
app.serverError(w, r, err)
|
|
}
|
|
voterIdentities = append(voterIdentities, randomIdentity)
|
|
}
|
|
|
|
res, err = json.Marshal(api.CreateElectionResponse{VoterIdentities: &voterIdentities})
|
|
if err != nil {
|
|
app.serverError(w, r, err)
|
|
return
|
|
}
|
|
}
|
|
|
|
w.Header().Set("Location", fmt.Sprintf("/election/%v", electionId))
|
|
w.Write(res)
|
|
}
|
|
|
|
func randomVoterIdentity() string {
|
|
const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
|
b := make([]byte, 16)
|
|
for i := range b {
|
|
b[i] = charset[rand.Intn(len(charset))]
|
|
}
|
|
return string(b)
|
|
}
|
|
|
|
type createVotesRequestWithValidator struct {
|
|
api.CreateVotesRequest
|
|
validator.Validator
|
|
}
|
|
|
|
func (r *createVotesRequestWithValidator) isValid() bool {
|
|
r.CheckField(validator.GreaterThan(r.ElectionId, 0), "electionId", "must be greater than 0")
|
|
|
|
for _, choice := range r.Choices {
|
|
r.CheckField(validator.NotBlank(choice.ChoiceText), "choiceText", "must not be blank")
|
|
}
|
|
|
|
return r.Valid()
|
|
}
|
|
|
|
func (app *application) createVotes(w http.ResponseWriter, r *http.Request) {
|
|
var request createVotesRequestWithValidator
|
|
|
|
if err := app.unmarshalRequest(r, &request); err != nil {
|
|
app.clientError(w, http.StatusBadRequest, err.Error())
|
|
return
|
|
}
|
|
|
|
if !request.isValid() {
|
|
app.unprocessableEntityError(w, request.Validator)
|
|
return
|
|
}
|
|
|
|
election, err := app.elections.GetById(request.ElectionId)
|
|
if err != nil {
|
|
if errors.Is(err, sql.ErrNoRows) {
|
|
app.unprocessableEntityErrorSingle(w, fmt.Errorf("election with id %v doesn't exist", request.ElectionId))
|
|
return
|
|
}
|
|
app.serverError(w, r, err)
|
|
}
|
|
|
|
for _, c := range request.Choices {
|
|
choiceExists := slices.Contains(election.Choices, c.ChoiceText)
|
|
if !choiceExists {
|
|
app.unprocessableEntityErrorSingle(w, fmt.Errorf("choice %v doesn't exist", c.ChoiceText))
|
|
return
|
|
}
|
|
}
|
|
|
|
tokensUsed := 0
|
|
for _, c := range request.Choices {
|
|
tokensUsed += c.Tokens
|
|
}
|
|
|
|
if tokensUsed > election.Tokens {
|
|
app.unprocessableEntityErrorSingle(w, fmt.Errorf("you used too many tokens; must not exceed %v tokens", election.Tokens))
|
|
return
|
|
}
|
|
|
|
electionHasExpired := election.ExpiresAt.Before(time.Now())
|
|
if electionHasExpired {
|
|
app.unprocessableEntityErrorSingle(w, fmt.Errorf("election has expired"))
|
|
return
|
|
}
|
|
|
|
// this snippet of code also inserts in the `voters` table
|
|
voterIdentity := func() string {
|
|
var voterIdentity string
|
|
if election.AreVotersKnown {
|
|
if request.VoterIdentity == nil || validator.Blank(*request.VoterIdentity) {
|
|
app.unprocessableEntityErrorSingle(w, fmt.Errorf("election has known voters; you must provide an identity provided by the organizer"))
|
|
return ""
|
|
}
|
|
|
|
voterIdentity = *request.VoterIdentity
|
|
hasCastVotes, err := app.votes.Exists(voterIdentity, election.ID)
|
|
if err != nil {
|
|
app.serverError(w, r, err)
|
|
return ""
|
|
}
|
|
if hasCastVotes {
|
|
app.unprocessableEntityErrorSingle(w, fmt.Errorf("you already voted"))
|
|
return ""
|
|
}
|
|
|
|
voterExists, err := app.voters.Exists(voterIdentity, election.ID)
|
|
if err != nil {
|
|
app.serverError(w, r, err)
|
|
return ""
|
|
}
|
|
if !voterExists {
|
|
app.unprocessableEntityErrorSingle(w, fmt.Errorf("invalid voter identity"))
|
|
return ""
|
|
}
|
|
} else {
|
|
voterIdentity = r.RemoteAddr
|
|
|
|
// if voters are known, voter will always exist
|
|
voterExists, err := app.voters.Exists(voterIdentity, election.ID)
|
|
if err != nil {
|
|
app.serverError(w, r, err)
|
|
return ""
|
|
}
|
|
if voterExists {
|
|
app.unprocessableEntityErrorSingle(w, fmt.Errorf("you already voted"))
|
|
return ""
|
|
}
|
|
|
|
_, err = app.voters.Insert(voterIdentity, election.ID)
|
|
if err != nil {
|
|
app.serverError(w, r, err)
|
|
return ""
|
|
}
|
|
}
|
|
return voterIdentity
|
|
}()
|
|
|
|
if voterIdentity == "" {
|
|
return
|
|
}
|
|
|
|
if !election.AreVotersKnown {
|
|
voterCount, err := app.voters.CountByElection(election.ID)
|
|
if err != nil && !errors.Is(sql.ErrNoRows, err) {
|
|
app.serverError(w, r, err)
|
|
return
|
|
}
|
|
// if voters are known, voterCount == election.MaxVoters in all cases
|
|
if voterCount == election.MaxVoters {
|
|
app.unprocessableEntityErrorSingle(w, fmt.Errorf("maximum voters reached"))
|
|
return
|
|
}
|
|
}
|
|
|
|
for _, c := range request.Choices {
|
|
_, err := app.votes.Insert(voterIdentity, election.ID, c.ChoiceText, c.Tokens)
|
|
if err != nil {
|
|
app.serverError(w, r, err)
|
|
}
|
|
}
|
|
|
|
w.WriteHeader(http.StatusCreated)
|
|
}
|