Beispiel #1
0
func UpdatePage(w http.ResponseWriter, r *http.Request) {
	if r.Method != "POST" {
		http.Error(w, "Method Not Allowed", 405)
		return
	}

	user, err := currentUser(r)
	if err != nil {
		http.Redirect(w, r, "/signin", 301)
		return
	}

	vars := mux.Vars(r)

	page_id, err := strconv.Atoi(vars["id"])
	if err != nil {
		http.Error(w, err.Error(), 400)
		return
	}

	page, err := models.FindPage(page_id)
	if err != nil {
		http.Error(w, err.Error(), 500)
		return
	}

	if page == nil {
		http.Redirect(w, r, "/newpage?title="+vars["title"], 301)
		return
	}

	r.ParseForm()

	page.Title = r.Form["title"][0]
	page.Body = r.Form["body"][0]

	validation_errors, err := page.ValidationErrors()
	if err != nil {
		http.Error(w, err.Error(), 500)
		return
	}

	if len(validation_errors) != 0 {
		pages := []models.Page{*page}
		//TODO Show all errors
		o := ViewObject{CurrentUser: user, Pages: &pages, Error: validation_errors[0]}
		render(w, "edit_pages", o)
		return
	}

	err = page.Update()
	if err != nil {
		http.Error(w, err.Error(), 500)
		return
	}

	setFlash(w, r, "Page has updated.")
	http.Redirect(w, r, "/pages/"+page.Title, 301)
	return
}
Beispiel #2
0
func DeletePage(w http.ResponseWriter, r *http.Request) {
	//TODO CSRF
	if r.Method != "POST" {
		http.Error(w, "Method Not Allowed", 405)
		return
	}

	_, err := currentUser(r)
	if err != nil {
		http.Redirect(w, r, "/signin", 301)
		return
	}

	vars := mux.Vars(r)

	page_id, err := strconv.Atoi(vars["id"])
	if err != nil {
		http.Error(w, err.Error(), 400)
		return
	}

	page, err := models.FindPage(page_id)
	if err != nil {
		http.Error(w, err.Error(), 500)
		return
	}

	if page == nil {
		http.Redirect(w, r, "/newpage?title="+vars["title"], 301)
		return
	}

	err = page.Delete()
	if err != nil {
		http.Error(w, err.Error(), 500)
		return
	}

	setFlash(w, r, "Page has removed.")
	http.Redirect(w, r, "/pages", 301)
	return
}