Ejemplo n.º 1
0
Archivo: ui.go Proyecto: vichuda/PiScan
// deleteItem attempts to lookup and remove the Item for the Account and
// Item.Id combination, returning a bool on success/fail, and the db lookup
// error (if any)
func deleteItem(db *sqlite3.Conn, acc *database.Account, id int64) (bool, error) {
	result := false

	item, itemErr := database.GetSingleItem(db, acc, id)
	if itemErr == nil {
		if item.Id == id {
			item.Delete(db)
			result = true
		}
	}

	return result, itemErr
}
Ejemplo n.º 2
0
// InputUnknownItem handles the form for user contributions of unknown
// barcode scans: a GET presents the form, and a POST responds to the
// user-contributed input
func InputUnknownItem(w http.ResponseWriter, r *http.Request, dbCoords database.ConnCoordinates, opts ...interface{}) {
	// attempt to connect to the db
	db, err := database.InitializeDB(dbCoords)
	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		return
	}
	defer db.Close()

	// get the Account for this request
	acc, accErr := database.GetDesignatedAccount(db)
	if accErr != nil {
		http.Error(w, accErr.Error(), http.StatusInternalServerError)
		return
	}

	// get the api server + port from the optional parameters
	apiHost, apiHostOk := opts[0].(string)
	if !apiHostOk {
		http.Error(w, BAD_REQUEST, http.StatusInternalServerError)
		return
	}

	// prepare the html page response
	form := &ItemForm{Title: "Contribute Product Information",
		CancelUrl:    HOME_URL,
		Unregistered: (acc.Email == database.ANONYMOUS_EMAIL)}

	//lookup the item from the request id
	// and show the input form (if a GET)
	// or process it (if a POST)
	if "GET" == r.Method {
		// derive the item id from the url path
		urlPaths := strings.Split(r.URL.Path[1:], "/")
		if len(urlPaths) >= 2 {
			itemId, itemIdErr := strconv.ParseInt(urlPaths[1], 10, 64)
			if itemIdErr == nil {
				item, itemErr := database.GetSingleItem(db, acc, itemId)
				if itemErr == nil {
					if item.Id != database.BAD_PK && item.Desc == "" {
						// requested item has been found and is valid
						form.Item = item
					}
				}
			}
		}

		if form.Item == nil {
			// no matching item was found
			http.Error(w, BAD_REQUEST, http.StatusInternalServerError)
			return
		}

	} else if "POST" == r.Method {
		// get the item id from the posted data
		r.ParseForm()
		idVal, idExists := r.PostForm["item"]
		barcodeVal, barcodeExists := r.PostForm["barcode"]
		prodNameVal, prodNameExists := r.PostForm["prodName"]
		if idExists && barcodeExists && prodNameExists {
			itemId, itemIdErr := strconv.ParseInt(idVal[0], 10, 64)
			if itemIdErr != nil {
				form.FormError = itemIdErr.Error()
			} else {
				item, itemErr := database.GetSingleItem(db, acc, itemId)
				if itemErr != nil {
					form.FormError = itemErr.Error()
				} else {
					// the hidden barcode value must match the retrieved item
					if item.Barcode == barcodeVal[0] {
						// update the item in the local client db
						item.Desc = prodNameVal[0]
						item.UserContributed = true
						item.Update(db)

						// also need to mark the contribution to POD in the server
						if acc.Email != database.ANONYMOUS_EMAIL {
							// get the form's prodDesc, brandName, brandUrl data
							prodDesc, prodDescExists := r.PostForm["prodDesc"]
							brandName, brandNameExists := r.PostForm["brandName"]
							brandUrl, brandUrlExists := r.PostForm["brandUrl"]

							// ping the server with the contribution data
							ping := func() {
								v := url.Values{}
								v.Set("email", acc.Email)
								v.Set("barcode", barcodeVal[0])
								v.Set("prodName", prodNameVal[0])
								if prodDescExists {
									v.Set("prodDesc", prodDesc[0])
								}
								if brandNameExists {
									v.Set("brandName", brandName[0])
								}
								if brandUrlExists {
									v.Set("brandUrl", brandUrl[0])
								}

								// use the account api code as the digest key
								hmac := digest.GenerateDigest(acc.APICode, v.Encode())
								v.Set("hmac", hmac)

								res, err := http.PostForm(strings.Join([]string{apiHost, "/contribute/"}, ""), v)
								if err == nil {
									res.Body.Close()
								}
							}

							go ping() // do not wait for the server to reply

						}

						// return success
						http.Redirect(w, r, HOME_URL, http.StatusFound)
						return
					} else {
						// bad form post: the hidden barcode value does not match the retrieved item
						form.FormError = BAD_POST
					}
				}
			}
		} else {
			// required form parameters are missing
			form.FormError = BAD_POST
		}
	}

	renderItemEditTemplate(w, form)
}