aiterp
/
aitestory
1
0
Fork 0
Code Pull Requests Activity
The backend for the AiteStory website
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15 Commits
1 Branch
0 Tags
8.1 MiB
Tree: e31d994d4b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e31d994d4b'
${ noResults }
aitestory/controllers/pagecontroller.go

289 lines
6.9 KiB
Raw Normal View History

Create Page is done
7 years ago
Page is done
7 years ago
Create Page is done
7 years ago
Page is done
7 years ago
Create Page is done
7 years ago
Page is done
7 years ago
Create Page is done
7 years ago
Page is done
7 years ago
Create Page is done
7 years ago
Page is done
7 years ago
Create Page is done
7 years ago
Page is done
7 years ago
Create Page is done
7 years ago
Page is done
7 years ago
Create Page is done
7 years ago
  1. package controllers
  3. import (
  4. "fmt"
  5. "net/http"
  6. "strings"
  7. "time"
  9. "git.aiterp.net/gisle/wrouter/response"
  11. "git.aiterp.net/AiteRP/aitestory/model"
  12. "git.aiterp.net/AiteRP/aitestory/viewmodel"
  14. "git.aiterp.net/AiteRP/aitestory/view"
  16. "git.aiterp.net/gisle/wrouter"
  17. "git.aiterp.net/gisle/wrouter/auth"
  18. )
  20. // PageController serves page creation, viewing, editing and deleting through the website.
  21. var PageController = wrouter.Router{}
  23. func pageCreate(path string, w http.ResponseWriter, req *http.Request, user *auth.User) bool {
  24. if (req.Method != "GET" && req.Method != "POST") || len(req.URL.Path) > len(path) {
  25. return false
  26. }
  28. pc := viewmodel.PageForm{}
  29. pc.Setup(user)
  30. pc.Operation = "Create"
  32. // Make sure the user is logged in
  33. if user == nil {
  34. // It's completely safe to eject logged-out users if they're not submitting
  35. if req.Method == "GET" {
  36. http.Redirect(w, req, "/user/login?form=/page/create", 302)
  37. return true
  38. }
  40. // Logged in users would probably want a chance to log in on another form, though.
  41. pc.Error = "You are not logged in."
  42. }
  44. // Respect the banhammer's authority
  45. if user != nil && user.Level == "restricted" {
  46. pc.Error = "Your user account is not permitted to do this"
  47. }
  49. // Handle submissions if nothing has complained yet
  50. if req.Method == "POST" && pc.Error == "" {
  51. // Validate form
  52. req.ParseForm()
  53. errs := pc.Page.ParseForm(req.Form)
  54. if len(errs) > 0 {
  55. pc.Error = "Validation failed: " + errs[0].Error()
  56. }
  58. // Parse the tags textbox
  59. pc.TagInput = req.Form.Get("tags")
  60. tagLines := strings.Split(pc.TagInput, "\n")
  61. for _, line := range tagLines {
  62. var tagType, tagName string
  64. // Skip empty lines, and allow some accidental letters
  65. if len(line) < 2 {
  66. continue
  67. }
  69. // Parse tokens
  70. tokens := strings.SplitN(line, ":", 2)
  71. if len(tokens) == 2 {
  72. tagType = strings.Trim(tokens[0], "  \t\r")
  73. tagName = strings.Trim(tokens[1], "  \t\r")
  74. } else {
  75. tagType = "*" // Permit untyped tags if it exists.
  76. tagName = strings.Trim(tokens[0], "  \t\r")
  77. }
  79. // Grab the tag
  80. tag, err := model.EnsureTag(tagType, tagName)
  81. if err != nil {
  82. pc.Error = "Check your tags: " + err.Error()
  83. break
  84. }
  86. // Take a copy of it
  87. pc.Page.Tags = append(pc.Page.Tags, *tag)
  88. }
  90. // If everything worked out, fill in the last bits and send it off
  91. if len(errs) == 0 && pc.Error == "" {
  92. pc.Page.Author = user.FullID()
  93. pc.Page.PublishDate = time.Now()
  94. pc.Page.EditDate = pc.Page.PublishDate.Add(-time.Hour)
  96. err := pc.Page.Insert()
  97. if err != nil {
  98. pc.Error = "Insert failed: " + err.Error()
  99. } else {
  100. // Let us see what you have wrought upon the world
  101. http.Redirect(w, req, "/page/"+pc.Page.ID, 302)
  102. return true
  103. }
  104. }
  105. } else {
  106. // Losing input makes the user sad, let's see to it
  107. // that it doesn't happen.
  108. req.ParseForm()
  109. pc.Page.ParseForm(req.Form)
  110. pc.TagInput = req.Form.Get("tags")
  111. }
  113. view.Render(w, "page/create", 200, pc)
  115. return true
  116. }
  118. func pageView(path string, w http.ResponseWriter, req *http.Request, user *auth.User) bool {
  119. if req.Method != "GET" || strings.LastIndex(req.URL.Path, "/") > len(path) {
  120. return false
  121. }
  123. page, err := model.FindPage(req.URL.Path[len(path):])
  124. if err != nil {
  125. response.Text(w, 500, err.Error())
  126. return true
  127. } else if page == nil {
  128. return false
  129. }
  131. pv := viewmodel.PageView{}
  132. pv.Page = page
  133. pv.Setup(user)
  135. view.Render(w, "page/view", 200, pv)
  137. return true
  138. }
  140. func pageDelete(path string, w http.ResponseWriter, req *http.Request, user *auth.User) bool {
  141. if (req.Method != "GET" && req.Method != "POST") || strings.LastIndex(req.URL.Path, "/") > len(path) {
  142. return false
  143. }
  145. page, err := model.FindPage(req.URL.Path[len(path):])
  146. if err != nil {
  147. response.Text(w, 500, err.Error())
  148. return true
  149. } else if page == nil {
  150. return false
  151. }
  153. pv := viewmodel.PageView{}
  154. pv.Page = page
  155. pv.Setup(user)
  157. if user == nil || user.FullID() != page.Author {
  158. view.Render(w, "message/error-access", http.StatusForbidden, path)
  159. return true
  160. }
  162. if req.Method == "POST" {
  163. req.ParseForm()
  165. // Catch sneaky shenanigans
  166. if req.Form.Get("aft") != user.Session.ID {
  167. view.Render(w, "message/error-forgery", http.StatusForbidden, path)
  168. return true
  169. }
  171. // Thy will be done
  172. err := page.Delete()
  173. if err != nil {
  174. // It wasn't done D:
  175. view.Render(w, "message/error-internal", http.StatusInternalServerError, err)
  176. return true
  177. }
  179. // It has been done
  180. view.Render(w, "message/page-deleted", 200, pv)
  181. return true
  182. }
  184. view.Render(w, "page/delete", 200, pv)
  185. return true
  186. }
  188. func pageEdit(path string, w http.ResponseWriter, req *http.Request, user *auth.User) bool {
  189. if (req.Method != "GET" && req.Method != "POST") || strings.LastIndex(req.URL.Path, "/") > len(path) {
  190. return false
  191. }
  193. page, err := model.FindPage(req.URL.Path[len(path):])
  194. if err != nil {
  195. response.Text(w, 500, err.Error())
  196. return true
  197. } else if page == nil {
  198. return false
  199. }
  201. pf := viewmodel.PageForm{}
  202. pf.Setup(user)
  204. pf.Operation = "Edit"
  205. pf.Page = *page
  207. if user == nil {
  208. pf.Error = "You are not logged in"
  209. }
  211. if user != nil && user.FullID() != page.Author {
  212. pf.Error = "Permission denied"
  213. }
  215. if req.Method == "POST" {
  216. req.ParseForm()
  218. errs := pf.Page.ParseForm(req.Form)
  219. if len(errs) > 0 {
  220. pf.Error = "Validation failed: " + errs[0].Error()
  221. }
  223. if len(errs) == 0 && pf.Error == "" {
  224. pf.TagInput = req.Form.Get("tags")
  225. pf.Page.Tags = make([]model.Tag, 0, strings.Count(pf.TagInput, "\n"))
  226. tagLines := strings.Split(pf.TagInput, "\n")
  227. for _, line := range tagLines {
  228. var tagType, tagName string
  230. // Skip empty lines, and allow some accidental letters
  231. if len(line) < 2 {
  232. continue
  233. }
  235. // Parse tokens
  236. tokens := strings.SplitN(line, ":", 2)
  237. if len(tokens) == 2 {
  238. tagType = strings.Trim(tokens[0], "  \t\r")
  239. tagName = strings.Trim(tokens[1], "  \t\r")
  240. } else {
  241. tagType = "*" // Permit untyped tags if it exists.
  242. tagName = strings.Trim(tokens[0], "  \t\r")
  243. }
  245. // Grab the tag
  246. tag, err := model.EnsureTag(tagType, tagName)
  247. if err != nil {
  248. pf.Error = "Check your tags: " + err.Error()
  249. break
  250. }
  252. // Take a copy of it
  253. pf.Page.Tags = append(pf.Page.Tags, *tag)
  254. }
  256. if pf.Error == "" {
  257. pf.Page.EditDate = time.Now()
  259. err := pf.Page.Update()
  260. if err != nil {
  261. pf.Error = "Edit failed: " + err.Error()
  262. } else {
  263. http.Redirect(w, req, "/page/"+pf.Page.ID, 302)
  264. return true
  265. }
  266. }
  267. }
  268. } else {
  269. for _, tag := range page.Tags {
  270. line := fmt.Sprintf("%s: %s\n", tag.Type, tag.Name)
  272. if page.PrimaryTag().ID == tag.ID {
  273. pf.TagInput = line + pf.TagInput
  274. } else {
  275. pf.TagInput += line
  276. }
  277. }
  278. }
  280. view.Render(w, "page/edit", 200, pf)
  281. return true
  282. }
  284. func init() {
  285. PageController.Function("/create", pageCreate)
  286. PageController.Function("/edit/", pageEdit)
  287. PageController.Function("/delete/", pageDelete)
  288. PageController.Function("/", pageView)
  289. }