backend/user/model.go

package user

import (
	"bamort/database"
	"fmt"
	"strings"
	"time"

	"gorm.io/gorm"
)

// Role constants
const (
	RoleStandardUser = "standard"
	RoleMaintainer   = "maintainer"
	RoleAdmin        = "admin"
)

type User struct {
	UserID             uint       `gorm:"primaryKey" json:"id"`
	Username           string     `gorm:"unique" json:"username"`
	DisplayName        string     `gorm:"not null;default:''" json:"display_name"`
	PasswordHash       string     `json:"password"`
	Email              string     `gorm:"unique" json:"email"`
	Role               string     `gorm:"default:standard" json:"role"`
	PreferredLanguage  string     `gorm:"default:de" json:"preferred_language"`
	ResetPwHash        *string    `gorm:"index" json:"-"` // Hash für Password-Reset (wird nicht serialisiert)
	ResetPwHashExpires *time.Time `json:"-"`              // Ablaufzeit für Password-Reset-Hash
	CreatedAt          time.Time  `json:"created_at"`
	UpdatedAt          time.Time  `json:"updated_at"`
}

func (object *User) Create() error {
	if database.DB == nil {
		return fmt.Errorf("database connection is nil")
	}

	if strings.TrimSpace(object.DisplayName) == "" {
		object.DisplayName = object.Username
	}

	err := database.DB.Transaction(func(tx *gorm.DB) error {
		// Save the User record
		if err := tx.Create(&object).Error; err != nil {
			return fmt.Errorf("failed to save User: %w", err)
		}
		return nil
	})

	return err
}

func (object *User) First(value string) error {
	if database.DB == nil {
		return fmt.Errorf("database connection is nil")
	}

	err := database.DB.First(&object, "username = ?", value).Error
	if err != nil {
		// User found
		return err
	}
	return nil
}

func (object *User) FirstId(value uint) error {
	if database.DB == nil {
		return fmt.Errorf("database connection is nil")
	}

	err := database.DB.First(&object, "user_id = ?", value).Error
	if err != nil {
		// User found
		return err
	}
	return nil
}

func (object *User) Save() error {
	if database.DB == nil {
		return fmt.Errorf("database connection is nil")
	}

	if strings.TrimSpace(object.DisplayName) == "" {
		object.DisplayName = object.Username
	}

	err := database.DB.Save(&object).Error
	if err != nil {
		// User found
		return err
	}
	return nil
}

// FindByEmail findet einen User anhand der E-Mail-Adresse
func (object *User) FindByEmail(email string) error {
	if database.DB == nil {
		return fmt.Errorf("database connection is nil")
	}

	if email == "" {
		return fmt.Errorf("email cannot be empty")
	}

	err := database.DB.First(&object, "email = ?", email).Error
	return err
}

// FindByResetHash findet einen User anhand des Reset-Hashes
func (object *User) FindByResetHash(resetHash string) error {
	if database.DB == nil {
		return fmt.Errorf("database connection is nil")
	}

	err := database.DB.First(&object, "reset_pw_hash = ? AND reset_pw_hash_expires > ?", resetHash, time.Now()).Error
	return err
}

// SetPasswordResetHash setzt den Reset-Hash und die Ablaufzeit (14 Tage)
func (object *User) SetPasswordResetHash(resetHash string) error {
	expiryTime := time.Now().Add(14 * 24 * time.Hour) // 14 Tage gültig
	object.ResetPwHash = &resetHash
	object.ResetPwHashExpires = &expiryTime
	return object.Save()
}

// ClearPasswordResetHash entfernt den Reset-Hash
func (object *User) ClearPasswordResetHash() error {
	object.ResetPwHash = nil
	object.ResetPwHashExpires = nil
	return object.Save()
}

// IsResetHashValid prüft ob der Reset-Hash gültig und nicht abgelaufen ist
func (object *User) IsResetHashValid(resetHash string) bool {
	if object.ResetPwHash == nil || object.ResetPwHashExpires == nil {
		return false
	}
	return *object.ResetPwHash == resetHash && time.Now().Before(*object.ResetPwHashExpires)
}

// HasRole checks if the user has the specified role
func (u *User) HasRole(role string) bool {
	return u.Role == role
}

// IsAdmin checks if the user is an admin
func (u *User) IsAdmin() bool {
	return u.Role == RoleAdmin
}

// IsMaintainer checks if the user is a maintainer or higher
func (u *User) IsMaintainer() bool {
	return u.Role == RoleMaintainer || u.Role == RoleAdmin
}

// IsStandardUser checks if the user is a standard user or higher
func (u *User) IsStandardUser() bool {
	return u.Role == RoleStandardUser || u.IsMaintainer()
}

// ValidateRole checks if the given role is valid
func ValidateRole(role string) bool {
	return role == RoleStandardUser || role == RoleMaintainer || role == RoleAdmin
}

func (u *User) DisplayNameOrUsername() string {
	if strings.TrimSpace(u.DisplayName) != "" {
		return u.DisplayName
	}
	return u.Username
}
moved Users from models to domain 2024-12-30 15:46:18 +01:00			`package user`

			`import (`
handle Import by upload vtt json and 2025-01-04 21:29:33 +01:00			`"bamort/database"`
			`"fmt"`
editing and maintenance and user suggestions 2026-02-03 17:21:43 +01:00			`"strings"`
moved Users from models to domain 2024-12-30 15:46:18 +01:00			`"time"`
handle Import by upload vtt json and 2025-01-04 21:29:33 +01:00
			`"gorm.io/gorm"`
moved Users from models to domain 2024-12-30 15:46:18 +01:00			`)`

We have a role concept 2025-12-30 08:00:04 +01:00			`// Role constants`
			`const (`
			`RoleStandardUser = "standard"`
			`RoleMaintainer = "maintainer"`
			`RoleAdmin = "admin"`
			`)`

moved Users from models to domain 2024-12-30 15:46:18 +01:00			`type User struct {`
Reset Passwort funktioniert 2025-08-13 08:28:47 +02:00			UserID uint `gorm:"primaryKey" json:"id"`
			Username string `gorm:"unique" json:"username"`
editing and maintenance and user suggestions 2026-02-03 17:21:43 +01:00			DisplayName string `gorm:"not null;default:''" json:"display_name"`
Reset Passwort funktioniert 2025-08-13 08:28:47 +02:00			PasswordHash string `json:"password"`
			Email string `gorm:"unique" json:"email"`
We have a role concept 2025-12-30 08:00:04 +01:00			Role string `gorm:"default:standard" json:"role"`
added language setting to the users profile 2026-01-14 15:35:51 +01:00			PreferredLanguage string `gorm:"default:de" json:"preferred_language"`
Reset Passwort funktioniert 2025-08-13 08:28:47 +02:00			ResetPwHash *string `gorm:"index" json:"-"` // Hash für Password-Reset (wird nicht serialisiert)
			ResetPwHashExpires *time.Time `json:"-"` // Ablaufzeit für Password-Reset-Hash
			CreatedAt time.Time `json:"created_at"`
			UpdatedAt time.Time `json:"updated_at"`
moved Users from models to domain 2024-12-30 15:46:18 +01:00			`}`
handle Import by upload vtt json and 2025-01-04 21:29:33 +01:00
			`func (object *User) Create() error {`
Tests in user package 2025-08-30 08:59:45 +02:00			`if database.DB == nil {`
			`return fmt.Errorf("database connection is nil")`
			`}`

editing and maintenance and user suggestions 2026-02-03 17:21:43 +01:00			`if strings.TrimSpace(object.DisplayName) == "" {`
			`object.DisplayName = object.Username`
			`}`

handle Import by upload vtt json and 2025-01-04 21:29:33 +01:00			`err := database.DB.Transaction(func(tx *gorm.DB) error {`
			`// Save the User record`
			`if err := tx.Create(&object).Error; err != nil {`
			`return fmt.Errorf("failed to save User: %w", err)`
			`}`
			`return nil`
			`})`

			`return err`
			`}`

			`func (object *User) First(value string) error {`
Tests in user package 2025-08-30 08:59:45 +02:00			`if database.DB == nil {`
			`return fmt.Errorf("database connection is nil")`
			`}`

handle Import by upload vtt json and 2025-01-04 21:29:33 +01:00			`err := database.DB.First(&object, "username = ?", value).Error`
			`if err != nil {`
			`// User found`
			`return err`
			`}`
			`return nil`
			`}`

			`func (object *User) FirstId(value uint) error {`
Tests in user package 2025-08-30 08:59:45 +02:00			`if database.DB == nil {`
			`return fmt.Errorf("database connection is nil")`
			`}`

handle Import by upload vtt json and 2025-01-04 21:29:33 +01:00			`err := database.DB.First(&object, "user_id = ?", value).Error`
			`if err != nil {`
			`// User found`
			`return err`
			`}`
			`return nil`
			`}`

			`func (object *User) Save() error {`
Tests in user package 2025-08-30 08:59:45 +02:00			`if database.DB == nil {`
			`return fmt.Errorf("database connection is nil")`
			`}`

editing and maintenance and user suggestions 2026-02-03 17:21:43 +01:00			`if strings.TrimSpace(object.DisplayName) == "" {`
			`object.DisplayName = object.Username`
			`}`

handle Import by upload vtt json and 2025-01-04 21:29:33 +01:00			`err := database.DB.Save(&object).Error`
			`if err != nil {`
			`// User found`
			`return err`
			`}`
			`return nil`
			`}`
Reset Passwort funktioniert 2025-08-13 08:28:47 +02:00
			`// FindByEmail findet einen User anhand der E-Mail-Adresse`
			`func (object *User) FindByEmail(email string) error {`
Tests in user package 2025-08-30 08:59:45 +02:00			`if database.DB == nil {`
			`return fmt.Errorf("database connection is nil")`
			`}`

Tests in user package 2025-08-30 08:59:45 +02:00			`if email == "" {`
			`return fmt.Errorf("email cannot be empty")`
			`}`

Reset Passwort funktioniert 2025-08-13 08:28:47 +02:00			`err := database.DB.First(&object, "email = ?", email).Error`
			`return err`
			`}`

			`// FindByResetHash findet einen User anhand des Reset-Hashes`
			`func (object *User) FindByResetHash(resetHash string) error {`
Tests in user package 2025-08-30 08:59:45 +02:00			`if database.DB == nil {`
			`return fmt.Errorf("database connection is nil")`
			`}`

Reset Passwort funktioniert 2025-08-13 08:28:47 +02:00			`err := database.DB.First(&object, "reset_pw_hash = ? AND reset_pw_hash_expires > ?", resetHash, time.Now()).Error`
			`return err`
			`}`

			`// SetPasswordResetHash setzt den Reset-Hash und die Ablaufzeit (14 Tage)`
			`func (object *User) SetPasswordResetHash(resetHash string) error {`
			`expiryTime := time.Now().Add(14 * 24 * time.Hour) // 14 Tage gültig`
			`object.ResetPwHash = &resetHash`
			`object.ResetPwHashExpires = &expiryTime`
			`return object.Save()`
			`}`

			`// ClearPasswordResetHash entfernt den Reset-Hash`
			`func (object *User) ClearPasswordResetHash() error {`
			`object.ResetPwHash = nil`
			`object.ResetPwHashExpires = nil`
			`return object.Save()`
			`}`

			`// IsResetHashValid prüft ob der Reset-Hash gültig und nicht abgelaufen ist`
			`func (object *User) IsResetHashValid(resetHash string) bool {`
			`if object.ResetPwHash == nil \|\| object.ResetPwHashExpires == nil {`
			`return false`
			`}`
			`return object.ResetPwHash == resetHash && time.Now().Before(object.ResetPwHashExpires)`
			`}`
We have a role concept 2025-12-30 08:00:04 +01:00
			`// HasRole checks if the user has the specified role`
			`func (u *User) HasRole(role string) bool {`
			`return u.Role == role`
			`}`

			`// IsAdmin checks if the user is an admin`
			`func (u *User) IsAdmin() bool {`
			`return u.Role == RoleAdmin`
			`}`

			`// IsMaintainer checks if the user is a maintainer or higher`
			`func (u *User) IsMaintainer() bool {`
			`return u.Role == RoleMaintainer \|\| u.Role == RoleAdmin`
			`}`

			`// IsStandardUser checks if the user is a standard user or higher`
			`func (u *User) IsStandardUser() bool {`
			`return u.Role == RoleStandardUser \|\| u.IsMaintainer()`
			`}`

			`// ValidateRole checks if the given role is valid`
			`func ValidateRole(role string) bool {`
			`return role == RoleStandardUser \|\| role == RoleMaintainer \|\| role == RoleAdmin`
			`}`
editing and maintenance and user suggestions 2026-02-03 17:21:43 +01:00
			`func (u *User) DisplayNameOrUsername() string {`
			`if strings.TrimSpace(u.DisplayName) != "" {`
			`return u.DisplayName`
			`}`
			`return u.Username`
			`}`