bisschen cleanup, RemoveGrilFromList wird jetzt auch gecheckt auf list owner

author: jan <jan@ruken.pw> 2016-10-12 14:19:30 (UTC)
committer: jan <jan@ruken.pw> 2016-10-12 14:19:30 (UTC)
commit: edccb755f60fd135e09db5c60385961eccc72818 (patch)
tree: 5fe8203a6becce2a6b6e0784e2d3b8729b52e03a
parent: def8ba82c69891244eb0f8eebe0cb0b3bb23955b (diff)
4 files changed, 43 insertions, 20 deletions
diff --git a/modules/grils/grils.go b/modules/grils/grils.go
index 4a9990f..d68c6df 100644
--- a/modules/grils/grils.go
+++ b/modules/grils/grils.go
@@ -15,6 +15,7 @@ import (
        "fagott.pw/grilist/frontend"
        "fagott.pw/grilist/grilist"
        "fagott.pw/grilist/models"
+        "fagott.pw/grilist/util"
        "github.com/julienschmidt/httprouter"
 )
@@ -239,9 +240,8 @@ func (m *GrilsModule) FromIDs(ids []int) ([]*models.Gril, error) {
 func (m *GrilsModule) viewGril(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
        user, _ := m.g.Charakterin.GetUserFromRequest(r)
        el := m.g.EventLogger(r)
-        sid := p.ByName("id")
-        id, err := strconv.Atoi(sid)
+        id, err := util.ParseIDFromParams(p)
        if err != nil {
                http.Redirect(w, r, "/", 302)
                return
diff --git a/modules/lists/lists.go b/modules/lists/lists.go
index cf6d7c5..39cc4d0 100644
--- a/modules/lists/lists.go
+++ b/modules/lists/lists.go
@@ -18,6 +18,7 @@ import (
        "fagott.pw/grilist/grilist"
        "fagott.pw/grilist/models"
        "fagott.pw/grilist/modules/grils"
+        "fagott.pw/grilist/util"
        "github.com/julienschmidt/httprouter"
 )
@@ -243,9 +244,7 @@ func (m *Module) ProvideDashboardData(user *charakterin.User) []grilist.Dashboar
 func (m *Module) viewList(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
        user, _ := m.g.Charakterin.GetUserFromRequest(r)
        el := m.g.EventLogger(r)
-        sid := p.ByName("id")
+        id, err := util.ParseIDFromParams(p)
-        id, err := strconv.Atoi(sid)
        if err != nil {
                log.Println("redir")
                http.Redirect(w, r, "/", 302)
@@ -283,7 +282,7 @@ func (m *Module) deleteList(w http.ResponseWriter, r *http.Request, p httprouter
                return
        }
-        id, err := strconv.Atoi(p.ByName("id"))
+        id, err := util.ParseIDFromParams(p)
        if err != nil {
                log.Println("invalid deleteList ID")
                http.Redirect(w, r, "/", 400)
@@ -370,7 +369,7 @@ func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p ht
                return
        }
-        id, err := strconv.Atoi(p.ByName("id"))
+        id, err := util.ParseIDFromParams(p)
        if err != nil {
                log.Println("invalid updateListSettings ID")
                http.Redirect(w, r, "/", 400)
@@ -477,7 +476,6 @@ func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p ht
 func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
        el := m.g.EventLogger(r)
-        slistID := p.ByName("id")
        user, err := m.g.Charakterin.GetUserFromRequest(r)
        if err != nil {
@@ -485,7 +483,7 @@ func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprou
                return
        }
-        listID, err := strconv.Atoi(slistID)
+        listID, err := util.ParseIDFromParams(p)
        if err != nil {
                log.Println("invalid list id")
                return
@@ -596,7 +594,6 @@ func (m *Module) createList(w http.ResponseWriter, r *http.Request, p httprouter
 func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
        el := m.g.EventLogger(r)
-        slistID := p.ByName("id")
        user, err := m.g.Charakterin.GetUserFromRequest(r)
        if err != nil {
@@ -604,7 +601,7 @@ func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httpr
                return
        }
-        listID, err := strconv.Atoi(slistID)
+        listID, err := util.ParseIDFromParams(p)
        if err != nil {
                http.Error(w, "invalid list ID (type mismatch)", 400)
                return
@@ -664,7 +661,6 @@ func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httpr
 func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
        el := m.g.EventLogger(r)
-        slistID := p.ByName("id")
        user, err := m.g.Charakterin.GetUserFromRequest(r)
        if err != nil {
@@ -672,12 +668,17 @@ func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p ht
                return
        }
-        listID, err := strconv.Atoi(slistID)
+        listID, err := util.ParseIDFromParams(p)
        if err != nil {
                http.Error(w, "invalid list ID (type mismatch)", 400)
                return
        }
-        //TODO: noch mal gucken ob der User Rechte hat
+        list, err := m.FromID(listID, false)
+        if err != nil {
+                http.Error(w, "list not found", 404)
+                return
+        }
        values, err := readBody(r)
        if err != nil {
@@ -704,10 +705,7 @@ func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p ht
                return
        }
-        if l, ok := m.c.Get(listID); ok {
+        list.Grils = list.Grils[:0]
-                ls := l.(*models.List)
-                ls.Grils = ls.Grils[:0]
-        }
        w.WriteHeader(200)
        w.Write([]byte("ok"))
diff --git a/modules/user/user.go b/modules/user/user.go
index 9a9a3b6..59e0631 100644
--- a/modules/user/user.go
+++ b/modules/user/user.go
@@ -3,11 +3,11 @@ package user
 import (
        "log"
        "net/http"
-        "strconv"
        "fagott.pw/charakterin"
        "fagott.pw/grilist/grilist"
        "fagott.pw/grilist/modules/lists"
+        "fagott.pw/grilist/util"
        "github.com/julienschmidt/httprouter"
 )
@@ -45,7 +45,7 @@ func (m *Module) ProvideDashboardData(user *charakterin.User) []grilist.Dashboar
 func (m *Module) viewUser(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
        currentUser, _ := m.g.Charakterin.GetUserFromRequest(r)
-        userID, err := strconv.Atoi(p.ByName("id"))
+        userID, err := util.ParseIDFromParams(p)
        if err != nil {
                http.Redirect(w, r, "/", 302)
                return
diff --git a/util/util.go b/util/util.go
new file mode 100644
index 0000000..f3845c9
--- /dev/null
+++ b/util/util.go
@@ -0,0 +1,25 @@
+package util
+import (
+        "errors"
+        "strconv"
+        "github.com/julienschmidt/httprouter"
+)
+func ParseNumberFromParams(name string, p httprouter.Params, unsigned bool) (int, error) {
+        snum := p.ByName(name)
+        num, err := strconv.Atoi(snum)
+        if err != nil {
+                return 0, err
+        }
+        if unsigned && num < 0 {
+                return 0, errors.New("number is negative")
+        }
+        return num, err
+}
+func ParseIDFromParams(p httprouter.Params) (int, error) {
+        return ParseNumberFromParams("id", p, true)
+}
author	jan <jan@ruken.pw>	2016-10-12 14:19:30 (UTC)
committer	jan <jan@ruken.pw>	2016-10-12 14:19:30 (UTC)
commit	edccb755f60fd135e09db5c60385961eccc72818 (patch)
tree	5fe8203a6becce2a6b6e0784e2d3b8729b52e03a
parent	def8ba82c69891244eb0f8eebe0cb0b3bb23955b (diff)

diff --git a/modules/grils/grils.go b/modules/grils/grils.go index 4a9990f..d68c6df 100644 --- a/modules/grils/grils.go +++ b/modules/grils/grils.go
@@ -15,6 +15,7 @@ import (
15	"fagott.pw/grilist/frontend"	15	"fagott.pw/grilist/frontend"
16	"fagott.pw/grilist/grilist"	16	"fagott.pw/grilist/grilist"
17	"fagott.pw/grilist/models"	17	"fagott.pw/grilist/models"
		18	"fagott.pw/grilist/util"
18		19
19	"github.com/julienschmidt/httprouter"	20	"github.com/julienschmidt/httprouter"
20	)	21	)
@@ -239,9 +240,8 @@ func (m GrilsModule) FromIDs(ids []int) ([]models.Gril, error) {
239	func (m GrilsModule) viewGril(w http.ResponseWriter, r http.Request, p httprouter.Params) {	240	func (m GrilsModule) viewGril(w http.ResponseWriter, r http.Request, p httprouter.Params) {
240	user, _ := m.g.Charakterin.GetUserFromRequest(r)	241	user, _ := m.g.Charakterin.GetUserFromRequest(r)
241	el := m.g.EventLogger(r)	242	el := m.g.EventLogger(r)
242	sid := p.ByName("id")
243		243
244	id, err := strconv.Atoi(sid)	244	id, err := util.ParseIDFromParams(p)
245	if err != nil {	245	if err != nil {
246	http.Redirect(w, r, "/", 302)	246	http.Redirect(w, r, "/", 302)
247	return	247	return


diff --git a/modules/lists/lists.go b/modules/lists/lists.go index cf6d7c5..39cc4d0 100644 --- a/modules/lists/lists.go +++ b/modules/lists/lists.go
@@ -18,6 +18,7 @@ import (
18	"fagott.pw/grilist/grilist"	18	"fagott.pw/grilist/grilist"
19	"fagott.pw/grilist/models"	19	"fagott.pw/grilist/models"
20	"fagott.pw/grilist/modules/grils"	20	"fagott.pw/grilist/modules/grils"
		21	"fagott.pw/grilist/util"
21	"github.com/julienschmidt/httprouter"	22	"github.com/julienschmidt/httprouter"
22	)	23	)
23		24
@@ -243,9 +244,7 @@ func (m Module) ProvideDashboardData(user charakterin.User) []grilist.Dashboar
243	func (m Module) viewList(w http.ResponseWriter, r http.Request, p httprouter.Params) {	244	func (m Module) viewList(w http.ResponseWriter, r http.Request, p httprouter.Params) {
244	user, _ := m.g.Charakterin.GetUserFromRequest(r)	245	user, _ := m.g.Charakterin.GetUserFromRequest(r)
245	el := m.g.EventLogger(r)	246	el := m.g.EventLogger(r)
246	sid := p.ByName("id")	247	id, err := util.ParseIDFromParams(p)
247
248	id, err := strconv.Atoi(sid)
249	if err != nil {	248	if err != nil {
250	log.Println("redir")	249	log.Println("redir")
251	http.Redirect(w, r, "/", 302)	250	http.Redirect(w, r, "/", 302)
@@ -283,7 +282,7 @@ func (m Module) deleteList(w http.ResponseWriter, r http.Request, p httprouter
283	return	282	return
284	}	283	}
285		284
286	id, err := strconv.Atoi(p.ByName("id"))	285	id, err := util.ParseIDFromParams(p)
287	if err != nil {	286	if err != nil {
288	log.Println("invalid deleteList ID")	287	log.Println("invalid deleteList ID")
289	http.Redirect(w, r, "/", 400)	288	http.Redirect(w, r, "/", 400)
@@ -370,7 +369,7 @@ func (m Module) updateListSettings(w http.ResponseWriter, r http.Request, p ht
370	return	369	return
371	}	370	}
372		371
373	id, err := strconv.Atoi(p.ByName("id"))	372	id, err := util.ParseIDFromParams(p)
374	if err != nil {	373	if err != nil {
375	log.Println("invalid updateListSettings ID")	374	log.Println("invalid updateListSettings ID")
376	http.Redirect(w, r, "/", 400)	375	http.Redirect(w, r, "/", 400)
@@ -477,7 +476,6 @@ func (m Module) updateListSettings(w http.ResponseWriter, r http.Request, p ht
477		476
478	func (m Module) addGrilToList(w http.ResponseWriter, r http.Request, p httprouter.Params) {	477	func (m Module) addGrilToList(w http.ResponseWriter, r http.Request, p httprouter.Params) {
479	el := m.g.EventLogger(r)	478	el := m.g.EventLogger(r)
480	slistID := p.ByName("id")
481		479
482	user, err := m.g.Charakterin.GetUserFromRequest(r)	480	user, err := m.g.Charakterin.GetUserFromRequest(r)
483	if err != nil {	481	if err != nil {
@@ -485,7 +483,7 @@ func (m Module) addGrilToList(w http.ResponseWriter, r http.Request, p httprou
485	return	483	return
486	}	484	}
487		485
488	listID, err := strconv.Atoi(slistID)	486	listID, err := util.ParseIDFromParams(p)
489	if err != nil {	487	if err != nil {
490	log.Println("invalid list id")	488	log.Println("invalid list id")
491	return	489	return
@@ -596,7 +594,6 @@ func (m Module) createList(w http.ResponseWriter, r http.Request, p httprouter
596		594
597	func (m Module) updateGrilOrder(w http.ResponseWriter, r http.Request, p httprouter.Params) {	595	func (m Module) updateGrilOrder(w http.ResponseWriter, r http.Request, p httprouter.Params) {
598	el := m.g.EventLogger(r)	596	el := m.g.EventLogger(r)
599	slistID := p.ByName("id")
600		597
601	user, err := m.g.Charakterin.GetUserFromRequest(r)	598	user, err := m.g.Charakterin.GetUserFromRequest(r)
602	if err != nil {	599	if err != nil {
@@ -604,7 +601,7 @@ func (m Module) updateGrilOrder(w http.ResponseWriter, r http.Request, p httpr
604	return	601	return
605	}	602	}
606		603
607	listID, err := strconv.Atoi(slistID)	604	listID, err := util.ParseIDFromParams(p)
608	if err != nil {	605	if err != nil {
609	http.Error(w, "invalid list ID (type mismatch)", 400)	606	http.Error(w, "invalid list ID (type mismatch)", 400)
610	return	607	return
@@ -664,7 +661,6 @@ func (m Module) updateGrilOrder(w http.ResponseWriter, r http.Request, p httpr
664		661
665	func (m Module) removeGrilFromList(w http.ResponseWriter, r http.Request, p httprouter.Params) {	662	func (m Module) removeGrilFromList(w http.ResponseWriter, r http.Request, p httprouter.Params) {
666	el := m.g.EventLogger(r)	663	el := m.g.EventLogger(r)
667	slistID := p.ByName("id")
668		664
669	user, err := m.g.Charakterin.GetUserFromRequest(r)	665	user, err := m.g.Charakterin.GetUserFromRequest(r)
670	if err != nil {	666	if err != nil {
@@ -672,12 +668,17 @@ func (m Module) removeGrilFromList(w http.ResponseWriter, r http.Request, p ht
672	return	668	return
673	}	669	}
674		670
675	listID, err := strconv.Atoi(slistID)	671	listID, err := util.ParseIDFromParams(p)
676	if err != nil {	672	if err != nil {
677	http.Error(w, "invalid list ID (type mismatch)", 400)	673	http.Error(w, "invalid list ID (type mismatch)", 400)
678	return	674	return
679	}	675	}
680	//TODO: noch mal gucken ob der User Rechte hat	676
		677	list, err := m.FromID(listID, false)
		678	if err != nil {
		679	http.Error(w, "list not found", 404)
		680	return
		681	}
681		682
682	values, err := readBody(r)	683	values, err := readBody(r)
683	if err != nil {	684	if err != nil {
@@ -704,10 +705,7 @@ func (m Module) removeGrilFromList(w http.ResponseWriter, r http.Request, p ht
704	return	705	return
705	}	706	}
706		707
707	if l, ok := m.c.Get(listID); ok {	708	list.Grils = list.Grils[:0]
708	ls := l.(*models.List)
709	ls.Grils = ls.Grils[:0]
710	}
711		709
712	w.WriteHeader(200)	710	w.WriteHeader(200)
713	w.Write([]byte("ok"))	711	w.Write([]byte("ok"))


diff --git a/modules/user/user.go b/modules/user/user.go index 9a9a3b6..59e0631 100644 --- a/modules/user/user.go +++ b/modules/user/user.go
@@ -3,11 +3,11 @@ package user
3	import (	3	import (
4	"log"	4	"log"
5	"net/http"	5	"net/http"
6	"strconv"
7		6
8	"fagott.pw/charakterin"	7	"fagott.pw/charakterin"
9	"fagott.pw/grilist/grilist"	8	"fagott.pw/grilist/grilist"
10	"fagott.pw/grilist/modules/lists"	9	"fagott.pw/grilist/modules/lists"
		10	"fagott.pw/grilist/util"
11		11
12	"github.com/julienschmidt/httprouter"	12	"github.com/julienschmidt/httprouter"
13	)	13	)
@@ -45,7 +45,7 @@ func (m Module) ProvideDashboardData(user charakterin.User) []grilist.Dashboar
45	func (m Module) viewUser(w http.ResponseWriter, r http.Request, p httprouter.Params) {	45	func (m Module) viewUser(w http.ResponseWriter, r http.Request, p httprouter.Params) {
46	currentUser, _ := m.g.Charakterin.GetUserFromRequest(r)	46	currentUser, _ := m.g.Charakterin.GetUserFromRequest(r)
47		47
48	userID, err := strconv.Atoi(p.ByName("id"))	48	userID, err := util.ParseIDFromParams(p)
49	if err != nil {	49	if err != nil {
50	http.Redirect(w, r, "/", 302)	50	http.Redirect(w, r, "/", 302)
51	return	51	return


diff --git a/util/util.go b/util/util.go new file mode 100644 index 0000000..f3845c9 --- /dev/null +++ b/util/util.go
@@ -0,0 +1,25 @@
		1	package util
		2
		3	import (
		4	"errors"
		5	"strconv"
		6
		7	"github.com/julienschmidt/httprouter"
		8	)
		9
		10	func ParseNumberFromParams(name string, p httprouter.Params, unsigned bool) (int, error) {
		11	snum := p.ByName(name)
		12	num, err := strconv.Atoi(snum)
		13	if err != nil {
		14	return 0, err
		15	}
		16
		17	if unsigned && num < 0 {
		18	return 0, errors.New("number is negative")
		19	}
		20	return num, err
		21	}
		22
		23	func ParseIDFromParams(p httprouter.Params) (int, error) {
		24	return ParseNumberFromParams("id", p, true)
		25	}