diff options
author | rtz12 <koenig@fagott.pw> | 2016-10-11 18:53:22 (UTC) |
---|---|---|
committer | rtz12 <koenig@fagott.pw> | 2016-10-11 18:53:22 (UTC) |
commit | fbd746aef8c78067593f901afb0f255574392499 (patch) | |
tree | 10b91eabfc5696d5e0fe27f1649bd72b9ed461e5 /modules/lists | |
parent | bf51b2e4a035a988b9e9cef737966846c619dace (diff) |
NSA implementiert
Diffstat (limited to 'modules/lists')
-rw-r--r-- | modules/lists/lists.go | 72 |
1 files changed, 69 insertions, 3 deletions
diff --git a/modules/lists/lists.go b/modules/lists/lists.go index d1913be..9c9eaf4 100644 --- a/modules/lists/lists.go +++ b/modules/lists/lists.go | |||
@@ -14,6 +14,7 @@ import ( | |||
14 | 14 | ||
15 | "fagott.pw/charakterin" | 15 | "fagott.pw/charakterin" |
16 | "fagott.pw/grilist/cache" | 16 | "fagott.pw/grilist/cache" |
17 | "fagott.pw/grilist/eventlogging" | ||
17 | "fagott.pw/grilist/frontend" | 18 | "fagott.pw/grilist/frontend" |
18 | "fagott.pw/grilist/grilist" | 19 | "fagott.pw/grilist/grilist" |
19 | "fagott.pw/grilist/modules/grils" | 20 | "fagott.pw/grilist/modules/grils" |
@@ -259,6 +260,7 @@ func (m *Module) ProvideDashboardData(user *charakterin.User) []grilist.Dashboar | |||
259 | 260 | ||
260 | func (m *Module) viewList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 261 | func (m *Module) viewList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |
261 | user, _ := m.g.Charakterin.GetUserFromRequest(r) | 262 | user, _ := m.g.Charakterin.GetUserFromRequest(r) |
263 | el := m.g.EventLogger(r) | ||
262 | sid := p.ByName("id") | 264 | sid := p.ByName("id") |
263 | 265 | ||
264 | id, err := strconv.Atoi(sid) | 266 | id, err := strconv.Atoi(sid) |
@@ -285,9 +287,13 @@ func (m *Module) viewList(w http.ResponseWriter, r *http.Request, p httprouter.P | |||
285 | } | 287 | } |
286 | 288 | ||
287 | m.g.Renderer.RenderPage("list", w, data) | 289 | m.g.Renderer.RenderPage("list", w, data) |
290 | el.ViewList(user, eventlogging.ViewListData{ | ||
291 | ListID: list.ID, | ||
292 | }) | ||
288 | } | 293 | } |
289 | 294 | ||
290 | func (m *Module) deleteList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 295 | func (m *Module) deleteList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |
296 | el := m.g.EventLogger(r) | ||
291 | user, err := m.g.Charakterin.GetUserFromRequest(r) | 297 | user, err := m.g.Charakterin.GetUserFromRequest(r) |
292 | if err != nil { | 298 | if err != nil { |
293 | log.Println("invalid deleteList user") | 299 | log.Println("invalid deleteList user") |
@@ -333,6 +339,9 @@ func (m *Module) deleteList(w http.ResponseWriter, r *http.Request, p httprouter | |||
333 | 339 | ||
334 | log.Printf("list %d has been deleted by the owner %d(%s)", list.ID, list.Owner.ID, list.Owner.GetName()) | 340 | log.Printf("list %d has been deleted by the owner %d(%s)", list.ID, list.Owner.ID, list.Owner.GetName()) |
335 | http.Redirect(w, r, "/", 302) | 341 | http.Redirect(w, r, "/", 302) |
342 | el.DeleteList(user, eventlogging.DeleteListData{ | ||
343 | ListID: list.ID, | ||
344 | }) | ||
336 | } | 345 | } |
337 | 346 | ||
338 | func (m *Module) viewListSettings(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 347 | func (m *Module) viewListSettings(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |
@@ -371,6 +380,7 @@ func (m *Module) viewListSettings(w http.ResponseWriter, r *http.Request, p http | |||
371 | } | 380 | } |
372 | 381 | ||
373 | func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 382 | func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |
383 | el := m.g.EventLogger(r) | ||
374 | user, err := m.g.Charakterin.GetUserFromRequest(r) | 384 | user, err := m.g.Charakterin.GetUserFromRequest(r) |
375 | if err != nil { | 385 | if err != nil { |
376 | log.Println("invalid updateListSettings user") | 386 | log.Println("invalid updateListSettings user") |
@@ -435,6 +445,18 @@ func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p ht | |||
435 | return | 445 | return |
436 | } | 446 | } |
437 | 447 | ||
448 | rows, err := m.g.DB.Query("SELECT name, description FROM grilist.lists WHERE id = $1;", id) | ||
449 | if err != nil { | ||
450 | log.Println("could not get list info", id) | ||
451 | renderWithError("interner fehler", false, false) | ||
452 | return | ||
453 | } | ||
454 | defer rows.Close() | ||
455 | |||
456 | var oldName string | ||
457 | var oldDescription string | ||
458 | rows.Scan(&oldName, &oldDescription) | ||
459 | |||
438 | if list.Name != name && list.Description != description { | 460 | if list.Name != name && list.Description != description { |
439 | _, err = m.g.DB.Query(`UPDATE grilist.lists SET name = $2, description = $3 WHERE id = $1`, id, name, description) | 461 | _, err = m.g.DB.Query(`UPDATE grilist.lists SET name = $2, description = $3 WHERE id = $1`, id, name, description) |
440 | if err != nil { | 462 | if err != nil { |
@@ -462,9 +484,17 @@ func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p ht | |||
462 | list.Description = description | 484 | list.Description = description |
463 | 485 | ||
464 | m.viewListSettings(w, r, p) | 486 | m.viewListSettings(w, r, p) |
487 | el.EditList(user, eventlogging.EditListData{ | ||
488 | ListID: id, | ||
489 | OldName: oldName, | ||
490 | OldDescription: oldDescription, | ||
491 | NewName: name, | ||
492 | NewDescription: description, | ||
493 | }) | ||
465 | } | 494 | } |
466 | 495 | ||
467 | func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 496 | func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |
497 | el := m.g.EventLogger(r) | ||
468 | slistID := p.ByName("id") | 498 | slistID := p.ByName("id") |
469 | 499 | ||
470 | user, err := m.g.Charakterin.GetUserFromRequest(r) | 500 | user, err := m.g.Charakterin.GetUserFromRequest(r) |
@@ -531,7 +561,10 @@ func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprou | |||
531 | data["Value"] = value | 561 | data["Value"] = value |
532 | list.Grils = append(list.Grils, lg) | 562 | list.Grils = append(list.Grils, lg) |
533 | m.g.Renderer.RenderPage("list_gril", w, data) | 563 | m.g.Renderer.RenderPage("list_gril", w, data) |
534 | return | 564 | el.AddGrilToList(user, eventlogging.AddGrilToListData{ |
565 | ListID: list.ID, | ||
566 | GrilID: gril.ID, | ||
567 | }) | ||
535 | } | 568 | } |
536 | 569 | ||
537 | func (m *Module) displayCreateList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 570 | func (m *Module) displayCreateList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |
@@ -548,6 +581,7 @@ func (m *Module) displayCreateList(w http.ResponseWriter, r *http.Request, p htt | |||
548 | } | 581 | } |
549 | 582 | ||
550 | func (m *Module) createList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 583 | func (m *Module) createList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |
584 | el := m.g.EventLogger(r) | ||
551 | user, err := m.g.Charakterin.GetUserFromRequest(r) | 585 | user, err := m.g.Charakterin.GetUserFromRequest(r) |
552 | if err != nil { | 586 | if err != nil { |
553 | log.Println(err) | 587 | log.Println(err) |
@@ -571,9 +605,15 @@ func (m *Module) createList(w http.ResponseWriter, r *http.Request, p httprouter | |||
571 | } | 605 | } |
572 | 606 | ||
573 | http.Redirect(w, r, fmt.Sprintf("/list/%d", id), 302) | 607 | http.Redirect(w, r, fmt.Sprintf("/list/%d", id), 302) |
608 | el.CreateList(user, eventlogging.CreateListData{ | ||
609 | ListID: id, | ||
610 | Name: values.Get("name"), | ||
611 | Description: values.Get("description"), | ||
612 | }) | ||
574 | } | 613 | } |
575 | 614 | ||
576 | func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 615 | func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |
616 | el := m.g.EventLogger(r) | ||
577 | slistID := p.ByName("id") | 617 | slistID := p.ByName("id") |
578 | 618 | ||
579 | user, err := m.g.Charakterin.GetUserFromRequest(r) | 619 | user, err := m.g.Charakterin.GetUserFromRequest(r) |
@@ -606,6 +646,16 @@ func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httpr | |||
606 | return | 646 | return |
607 | } | 647 | } |
608 | 648 | ||
649 | var oldOrder int | ||
650 | err = m.g.DB.QueryRow( | ||
651 | `SELECT "order" FROM grilist.lists_grils WHERE list_id = $1 AND gril_id = $2;`, | ||
652 | listID, grilID).Scan(&oldOrder) | ||
653 | if err != nil { | ||
654 | log.Println(err) | ||
655 | http.Error(w, "Internal Server Error", 500) | ||
656 | return | ||
657 | } | ||
658 | |||
609 | // rein in die DB damit | 659 | // rein in die DB damit |
610 | _, err = m.g.DB.Exec(`SELECT grilist.set_gril_order($1, $2, $3, $4)`, user.ID, listID, grilID, pos) | 660 | _, err = m.g.DB.Exec(`SELECT grilist.set_gril_order($1, $2, $3, $4)`, user.ID, listID, grilID, pos) |
611 | if err != nil { | 661 | if err != nil { |
@@ -622,17 +672,30 @@ func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httpr | |||
622 | 672 | ||
623 | w.WriteHeader(200) | 673 | w.WriteHeader(200) |
624 | w.Write([]byte("ok")) | 674 | w.Write([]byte("ok")) |
625 | return | 675 | el.ChangeGrilOrder(user, eventlogging.ChangeGrilOrderData{ |
676 | ListID: listID, | ||
677 | GrilID: grilID, | ||
678 | OldOrder: oldOrder, | ||
679 | NewOrder: pos, | ||
680 | }) | ||
626 | } | 681 | } |
627 | 682 | ||
628 | func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 683 | func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |
684 | el := m.g.EventLogger(r) | ||
629 | slistID := p.ByName("id") | 685 | slistID := p.ByName("id") |
630 | 686 | ||
687 | user, err := m.g.Charakterin.GetUserFromRequest(r) | ||
688 | if err != nil { | ||
689 | http.Error(w, "Unauthorized", 401) | ||
690 | return | ||
691 | } | ||
692 | |||
631 | listID, err := strconv.Atoi(slistID) | 693 | listID, err := strconv.Atoi(slistID) |
632 | if err != nil { | 694 | if err != nil { |
633 | http.Error(w, "invalid list ID (type mismatch)", 400) | 695 | http.Error(w, "invalid list ID (type mismatch)", 400) |
634 | return | 696 | return |
635 | } | 697 | } |
698 | //TODO: noch mal gucken ob der User Rechte hat | ||
636 | 699 | ||
637 | values, err := readBody(r) | 700 | values, err := readBody(r) |
638 | if err != nil { | 701 | if err != nil { |
@@ -666,7 +729,10 @@ func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p ht | |||
666 | 729 | ||
667 | w.WriteHeader(200) | 730 | w.WriteHeader(200) |
668 | w.Write([]byte("ok")) | 731 | w.Write([]byte("ok")) |
669 | return | 732 | el.DeleteGrilFromList(user, eventlogging.DeleteGrilFromListData{ |
733 | ListID: listID, | ||
734 | GrilID: grilID, | ||
735 | }) | ||
670 | } | 736 | } |
671 | 737 | ||
672 | func (m *Module) APIgetUserLists(w http.ResponseWriter, r *http.Request, p httprouter.Params) { | 738 | func (m *Module) APIgetUserLists(w http.ResponseWriter, r *http.Request, p httprouter.Params) { |