// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved. // SPDX-License-Identifier: Apache-2.0 package ui // import "miniflux.app/v2/ui" import ( "net/http" "miniflux.app/v2/http/request" "miniflux.app/v2/http/response/html" "miniflux.app/v2/http/route" "miniflux.app/v2/logger" "miniflux.app/v2/ui/form" "miniflux.app/v2/ui/session" "miniflux.app/v2/ui/view" ) func (h *handler) updateUser(w http.ResponseWriter, r *http.Request) { loggedUser, err := h.store.UserByID(request.UserID(r)) if err != nil { html.ServerError(w, r, err) return } if !loggedUser.IsAdmin { html.Forbidden(w, r) return } userID := request.RouteInt64Param(r, "userID") selectedUser, err := h.store.UserByID(userID) if err != nil { html.ServerError(w, r, err) return } if selectedUser == nil { html.NotFound(w, r) return } userForm := form.NewUserForm(r) sess := session.New(h.store, request.SessionID(r)) view := view.New(h.tpl, r, sess) view.Set("menu", "settings") view.Set("user", loggedUser) view.Set("countUnread", h.store.CountUnreadEntries(loggedUser.ID)) view.Set("countErrorFeeds", h.store.CountUserFeedsWithErrors(loggedUser.ID)) view.Set("selected_user", selectedUser) view.Set("form", userForm) if err := userForm.ValidateModification(); err != nil { view.Set("errorMessage", err.Error()) html.OK(w, r, view.Render("edit_user")) return } if h.store.AnotherUserExists(selectedUser.ID, userForm.Username) { view.Set("errorMessage", "error.user_already_exists") html.OK(w, r, view.Render("edit_user")) return } userForm.Merge(selectedUser) if err := h.store.UpdateUser(selectedUser); err != nil { logger.Error("[UI:UpdateUser] %v", err) view.Set("errorMessage", "error.unable_to_update_user") html.OK(w, r, view.Render("edit_user")) return } html.Redirect(w, r, route.Path(h.router, "users")) }