From f01703339943c432c4f47113983d90e118b7ff2c Mon Sep 17 00:00:00 2001 From: Jan C Date: Mon, 15 Feb 2016 09:44:09 +0100 Subject: =?UTF-8?q?grils=20werden=20jetzt=20nicht=20mehr=20mit=20der=20dif?= =?UTF-8?q?ferenzpos=20sondern=20der=20TOTALEN=20position=20reordert,=20sp?= =?UTF-8?q?art=20datenbankged=C3=B6ns.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit diff --git a/assets_src/js/list.js b/assets_src/js/list.js index b3541e0..be7f007 100644 --- a/assets_src/js/list.js +++ b/assets_src/js/list.js @@ -28,6 +28,18 @@ async function updateGrilOrder(gril, pos) { } }); } +function getCurrentOrder(gril) { + const els = document.querySelectorAll('#gril-list > li') + + for (let i = 0; i < els.length; i++) { + if (els[i].id === gril) { + console.log(i); + return i; + } + } + return -1; +} + async function listButtonHandler(e) { let liFilter = x => x.tagName && x.tagName.toLowerCase() === 'li'; let item = dom.closest(e.target, liFilter); @@ -36,7 +48,7 @@ async function listButtonHandler(e) { switch (e.target.classList[0]) { case 'gril-sort-up': try { - await updateGrilOrder(item.id, -1); + await updateGrilOrder(item.id, getCurrentOrder(item.id) - 1); } catch(e) { alert(e.message); } @@ -44,7 +56,7 @@ async function listButtonHandler(e) { break; case 'gril-sort-down': try { - await updateGrilOrder(item.id, 1); + await updateGrilOrder(item.id, getCurrentOrder(item.id) + 1); } catch(e) { alert(e.message); } diff --git a/modules/lists/lists.go b/modules/lists/lists.go index b40ee18..e1b806d 100644 --- a/modules/lists/lists.go +++ b/modules/lists/lists.go @@ -69,6 +69,7 @@ func (m *Module) Init(g *grilist.Grilist) { m.g.Router.GET("/list/:id", m.viewList) m.g.Router.POST("/list/:id/order", m.updateGrilOrder) m.g.Router.POST("/list/:id", m.addGrilToList) + m.g.Router.DELETE("/list/:id/order", m.removeGrilFromList) m.g.Router.GET("/new/list", m.displayCreateList) m.g.Router.POST("/new/list", m.createList) } @@ -248,6 +249,12 @@ func (m *Module) viewList(w http.ResponseWriter, r *http.Request, p httprouter.P func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { slistID := p.ByName("id") + + user, err := m.g.Charakterin.GetUserFromRequest(r) + if err != nil { + http.Error(w, "403", http.StatusForbidden) + return + } listID, err := strconv.Atoi(slistID) if err != nil { @@ -272,6 +279,11 @@ func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprou http.Error(w, "invalid list", 404) return } + + if list.Owner.ID != user.ID { + http.Error(w, "403", http.StatusForbidden) + return + } rank := 0 if len(list.Grils) > 0 { @@ -369,52 +381,58 @@ func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httpr return } - diff, err := strconv.Atoi(values.Get("pos")) + pos, err := strconv.Atoi(values.Get("pos")) if err != nil { - http.Error(w, "invalid position diff", 400) + http.Error(w, "invalid position", 400) return } + + // rein in die DB damit + _, err = m.g.DB.Query(`SELECT grilist.set_gril_order($1, $2, $3, $4)`, user.ID, listID, grilID, pos) + if err != nil { + log.Println("error reordering gril:", err) + http.Error(w, "could not update gril order", 500) + return + } - list, err := m.FromID(listID) + w.WriteHeader(200) + w.Write([]byte("ok")) + return +} + +func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { + slistID := p.ByName("id") + + listID, err := strconv.Atoi(slistID) if err != nil { - http.Error(w, "invalid list", 404) + http.Error(w, "invalid list ID (type mismatch)", 400) return } - // find the gril in our list - var lgril *ListGril = nil - log.Println(list.Grils) - for _, g := range list.Grils { - if g.Gril.ID == grilID { - lgril = g - break - } - } - if lgril == nil { - http.Error(w, "gril not found in the list", 404) - return - } - - newPos := lgril.Order + diff - - if newPos < 0 { - newPos = 0 - } else if newPos >= len(list.Grils) { - newPos = len(list.Grils) - 1 - } - - if newPos == lgril.Order { - http.Error(w, "no change in order", 400) - return - } + values, err := readBody(r) + if err != nil { + http.Error(w, "invalid POST data", 400) + return + } - // rein in die DB damit - _, err = m.g.DB.Query(`SELECT grilist.set_gril_order($1, $2, $3, $4)`, user.ID, listID, grilID, newPos) + grilID, err := strconv.Atoi(values.Get("gril")) if err != nil { - log.Println("error reordering gril:", err) - http.Error(w, "could not update gril order", 500) + http.Error(w, "invalid gril ID", 404) return } + + res, err := m.g.DB.Exec(`DELETE FROM grilist.lists_grils WHERE list_id=$1 AND gril_id=$2`, listID, grilID) + if err != nil { + log.Println("error removing gril:", err) + http.Error(w, "could not remove gril", 500) + return + } + + if r, err := res.RowsAffected(); err != nil || r == 0 { + log.Println("invalid rows affected in removing gril") + http.Error(w, "gril not in list / other error", 500) + return + } w.WriteHeader(200) w.Write([]byte("ok")) -- cgit v0.10.1