// @api get /admin/api/posts 获取文章列表
// @apiQuery page int 页码,从0开始
// @apiQuery size int 显示尺寸
// @apiQuery state int 状态
// @apiGroup admin
//
// @apiSuccess ok 200
// @apiParam count int 符合条件的所有记录数量,不包含page和size条件
// @apiParam posts array 当前页的记录数量
func adminGetPosts(w http.ResponseWriter, r *http.Request) {
var page, size, state int
var ok bool
if state, ok = util.QueryInt(w, r, "state", models.CommentStateAll); !ok {
return
}
sql := db.SQL().Table("#posts")
if state != models.PostStateAll {
sql.And("{state}=?", state)
}
count, err := sql.Count(true)
if err != nil {
logs.Error("adminGetPosts:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if page, ok = util.QueryInt(w, r, "page", 0); !ok {
return
}
if size, ok = util.QueryInt(w, r, "size", opt.PageSize); !ok {
return
}
sql.Limit(size, page*size)
maps, err := sql.SelectMapString(true, "*")
if err != nil {
logs.Error("adminGetPosts:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
util.RenderJSON(w, http.StatusOK, map[string]interface{}{"count": count, "posts": maps}, nil)
}
// @api put /admin/api/themes/current 更改当前的主题
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
// @apiParam value string 新值
//
// @apiSuccess 200 OK
func adminPutCurrentTheme(w http.ResponseWriter, r *http.Request) {
v := &struct {
Value string `json:"value"`
}{}
if !util.ReadJSON(w, r, v) {
return
}
if len(v.Value) == 0 {
util.RenderJSON(w, http.StatusBadRequest, &util.ErrorResult{Message: "必须指定一个值!"}, nil)
return
}
if err := app.SetOption("theme", v.Value, false); err != nil {
logs.Error("adminPutTheme:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if err := front.Switch(v.Value); err != nil {
logs.Error("adminPutTheme:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
lastUpdated()
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
func adminSetPostState(w http.ResponseWriter, r *http.Request, state int) {
id, ok := util.ParamID(w, r, "id")
if !ok {
return
}
p := &models.Post{ID: id}
if err := db.Select(p); err != nil {
logs.Error("adminSetPostState:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
// 不可能存在状态值为0的文章,出现此值,表明数据库没有该条记录
if p.State == models.PostStateAll {
util.RenderJSON(w, http.StatusNotFound, nil, nil)
return
}
p = &models.Post{ID: id, State: state}
if _, err := db.Update(p); err != nil {
logs.Error("adminSetPostState:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if err := stats.UpdatePostsSize(); err != nil {
logs.Error("admin.adminSetPostState:", err)
}
lastUpdated()
util.RenderJSON(w, http.StatusCreated, "{}", nil)
}
// @api patch /admin/api/options/{key} 修改设置项的值
// @apiParam key string 需要修改项的key
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
// @apiParam value string 新值
// @apiExample json
// { "value": "abcdef" }
// @apiSuccess 204 no content
func adminPatchOption(w http.ResponseWriter, r *http.Request) {
key, ok := util.ParamString(w, r, "key")
if !ok {
return
}
if _, found := app.GetOption(key); !found {
util.RenderJSON(w, http.StatusNotFound, nil, nil)
return
}
data := &struct {
Value string `json:"value"`
}{}
if !util.ReadJSON(w, r, data) {
return
}
if err := app.SetOption(key, data.Value, false); err != nil {
logs.Error("adminPatchOption:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
lastUpdated()
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
// @api put /admin/api/password 理发密码
// @apiGroup admin
// @apiRequest json
// @apiHeader Authorization xxx
// @apiParam old string 旧密码
// @apiParam new string 新密码
// @apiExample json
// {
// "old": "123",
// "new": "456"
// }
//
// @apiSuccess 204 no content
func adminChangePassword(w http.ResponseWriter, r *http.Request) {
l := &struct {
Old string `json:"old"`
New string `json:"new"`
}{}
if !util.ReadJSON(w, r, l) {
return
}
errs := &util.ErrorResult{Message: "提交数据错误", Detail: map[string]string{}}
if len(l.New) == 0 {
errs.Add("new", "新密码不能为空")
}
if opt.Password != app.Password(l.Old) {
errs.Add("old", "旧密码错误")
}
if len(errs.Detail) > 0 {
util.RenderJSON(w, http.StatusBadRequest, errs, nil)
return
}
o := &models.Option{Key: "password", Value: app.Password(l.New)}
if _, err := db.Update(o); err != nil {
logs.Error("adminChangePassword:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
opt.Password = o.Value
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
// @api put /admin/api/feed/sitemap 重新生成sitemap
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
//
// @apiSuccess 200 Ok
func adminPutSitemap(w http.ResponseWriter, r *http.Request) {
err := feed.BuildSitemap()
if err != nil {
logs.Error(err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
util.RenderJSON(w, http.StatusOK, "{}", nil)
}
// @api post /admin/api/media 上传媒体文件
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
// @apiParam media file 文件内容
//
// @apiSuccess 201 文件上传成功
func adminPostMedia(w http.ResponseWriter, r *http.Request) {
files, err := u.Do("media", r)
if err != nil {
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
lastUpdated()
util.RenderJSON(w, http.StatusCreated, map[string]interface{}{"media": files[0]}, nil)
}
// @api put /admin/api/tags/{id} 修改某id的标签内容
// @apiParam id int 需要修改的标签id
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
// @apiParam name string 唯一名称
// @apiParam title string 显示的标题
// @apiParam description string 描述信息,可以是html
// @apiExample json
// {
// "name": "tag-1",
// "title":"标签1",
// "description": "<h1>desc</h1>"
// }
//
// @apiSuccess 204 no content
//
// @apiError 400 bad request
// @apiParam message string 错误信息
// @apiParam detail array 说细的错误信息,用于描述哪个字段有错
// @apiExample json
// {
// "message": "格式错误",
// "detail":[
// {"title":"不能包含特殊字符"},
// {"name": "已经存在同名"}
// ]
// }
func adminPutTag(w http.ResponseWriter, r *http.Request) {
t := &models.Tag{}
if !util.ReadJSON(w, r, t) {
return
}
// 检测是否为空
errs := &util.ErrorResult{Message: "格式错误", Detail: map[string]string{}}
if len(t.Name) == 0 {
errs.Add("name", "不能为空")
}
if len(t.Title) == 0 {
errs.Add("title", "不能为空")
}
if errs.HasErrors() {
util.RenderJSON(w, http.StatusBadRequest, errs, nil)
return
}
var ok bool
t.ID, ok = util.ParamID(w, r, "id")
if !ok {
return
}
// 检测是否存在同名
titleExists, nameExists, err := tagIsExists(t)
if err != nil {
logs.Error("adminPutTag:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if titleExists {
errs.Add("title", "与已有标签同名")
}
if nameExists {
errs.Add("name", "与已有标签同名")
}
if errs.HasErrors() {
util.RenderJSON(w, http.StatusBadRequest, errs, nil)
return
}
if _, err := db.Update(t); err != nil {
logs.Error("adminPutTag:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
lastUpdated()
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
// @api get /admin/api/posts/{id} 获取某一篇文章的详细内容
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
//
// @apiSuccess 200 OK
// @apiParam id int id值
// @apiParam name string 唯一名称,可以为空
// @apiParam title string 标题
// @apiParam summary string 文章摘要
// @apiParam content string 文章内容
// @apiParam state int 状态
// @apiParam order int 排序
// @apiParam created int 创建时间
// @apiParam modified int 修改时间
// @apiParam template string 所使用的模板
// @apiParam allowPing bool 允许ping
// @apiParam allowComment bool 允许评论
// @apiParam tags array 关联的标签。
func adminGetPost(w http.ResponseWriter, r *http.Request) {
id, ok := util.ParamID(w, r, "id")
if !ok {
return
}
p := &models.Post{ID: id}
if err := db.Select(p); err != nil {
logs.Error("adminGetPost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
tags, err := getPostTags(id)
if err != nil {
logs.Error("adminGetPost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
obj := &struct {
ID int64 `json:"id"`
Name string `json:"name"`
Title string `json:"title"`
Summary string `json:"summary"`
Content string `json:"content"`
State int `json:"state"`
Order int `json:"order"`
Created int64 `json:"created"`
Modified int64 `json:"modified"`
Template string `json:"template"`
AllowPing bool `json:"allowPing"`
AllowComment bool `json:"allowComment"`
Tags []*models.Tag `json:"tags"`
}{
ID: p.ID,
Name: p.Name,
Title: p.Title,
Summary: p.Summary,
Content: p.Content,
State: p.State,
Order: p.Order,
Created: p.Created,
Modified: p.Modified,
Template: p.Template,
AllowPing: p.AllowPing,
AllowComment: p.AllowComment,
Tags: tags,
}
util.RenderJSON(w, http.StatusOK, obj, nil)
}
// @api get /admin/api/tags/{id} 获取指定id的标签内容
// @apiParam id int 标签的id
// @apiGroup admin
//
// @apiSuccess 200 OK
// @apiParam id int 标签的id
// @apiParam name string 标签的唯一名称,可能为空
// @apiParam title string 标签名称
// @apiParam description string 对标签的详细描述
func adminGetTag(w http.ResponseWriter, r *http.Request) {
id, ok := util.ParamID(w, r, "id")
if !ok {
return
}
t := &models.Tag{ID: id}
if err := db.Select(t); err != nil {
logs.Error("adminGetTag:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
util.RenderJSON(w, http.StatusOK, t, nil)
}
// @api post /admin/api/tags 添加新标签
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
// @apiParam name string 唯一名称
// @apiParam title string 显示的标题
// @apiParam description string 描述信息,可以是html
// @apiExample json
// {
// "name": "tag-1",
// "title":"标签1",
// "description": "<h1>desc</h1>"
// }
//
// @apiSuccess 201 created
// @apiError 400 bad request
// @apiParam message string 错误信息
// @apiParam detail array 说细的错误信息,用于描述哪个字段有错
// @apiExample json
// {
// "message": "格式错误",
// "detail":[
// {"title":"不能包含特殊字符"},
// {"name": "已经存在同名"}
// ]
// }
func adminPostTag(w http.ResponseWriter, r *http.Request) {
t := &models.Tag{}
if !util.ReadJSON(w, r, t) {
return
}
errs := &util.ErrorResult{Message: "格式错误"}
if t.ID != 0 {
errs.Add("id", "不允许的字段")
}
if len(t.Title) == 0 {
errs.Add("title", "不能为空")
}
if len(t.Name) == 0 {
errs.Add("name", "不能为空")
}
if errs.HasErrors() {
util.RenderJSON(w, http.StatusBadRequest, errs, nil)
return
}
t.ID = 0
titleExists, nameExists, err := tagIsExists(t)
if err != nil {
logs.Error("adminPostTag:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if titleExists {
errs.Add("title", "已有同名字体段")
}
if nameExists {
errs.Add("name", "已有同名字体段")
}
if errs.HasErrors() {
util.RenderJSON(w, http.StatusBadRequest, errs, nil)
return
}
if _, err := db.Insert(t); err != nil {
logs.Error("adminPostTag:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
lastUpdated()
util.RenderJSON(w, http.StatusCreated, "{}", nil)
}
// @api get /admin/api/posts/count 获取各种状态下的文章数量
// @apiGroup admin
//
// @apiSuccess 200 OK
// @apiParam all int 评论的总量
// @apiParam draft int 等待审核的评论数量
// @apiParam published int 垃圾评论的数量
func adminGetPostsCount(w http.ResponseWriter, r *http.Request) {
data := map[string]int{
"all": stats.PostsSize,
"draft": stats.DraftPostsSize,
"published": stats.PublishedPostsSize,
}
util.RenderJSON(w, http.StatusOK, data, nil)
}
// @api get /admin/api/comments/count 获取各种状态下的评论数量
// @apiGroup admin
//
// @apiSuccess 200 OK
// @apiParam all int 评论的总量
// @apiParam waiting int 等待审核的评论数量
// @apiParam spam int 垃圾评论的数量
// @apiParam approved int 通过审核的评论数量
func adminGetCommentsCount(w http.ResponseWriter, r *http.Request) {
data := map[string]int{
"waiting": stats.WaitingCommentsSize,
"spam": stats.SpamCommentsSize,
"approved": stats.ApprovedCommentsSize,
"all": stats.CommentsSize,
}
util.RenderJSON(w, http.StatusOK, data, nil)
}
// 验证后台登录信息
func loginHandlerFunc(f func(w http.ResponseWriter, r *http.Request)) http.Handler {
h := func(w http.ResponseWriter, r *http.Request) {
if r.Header.Get("Authorization") != token {
util.RenderJSON(w, http.StatusUnauthorized, nil, nil)
return
}
f(w, r)
}
return http.HandlerFunc(h)
}
// @api get /admin/api/options/{key} 获取设置项的值,不能获取password字段。
// @apiParam key string 名称
//
// @apiRequest json
// @apiHeader Authorization xxx
//
// @apiSuccess 200 ok
// @api value any 设置项的值
// @apiExample json
// { "value": "20" }
func adminGetOption(w http.ResponseWriter, r *http.Request) {
key, ok := util.ParamString(w, r, "key")
if !ok {
return
}
if key == "password" {
util.RenderJSON(w, http.StatusNotFound, nil, nil)
return
}
val, found := app.GetOption(key)
if !found {
util.RenderJSON(w, http.StatusNotFound, nil, nil)
return
}
util.RenderJSON(w, http.StatusOK, map[string]interface{}{"value": val}, nil)
}
// @api put /admin/api/modules/{name}/stop 停止一个模块
// @apiParam name string 模块名称
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
//
// @apiSuccess 204 OK
func adminPutModuleStop(w http.ResponseWriter, r *http.Request) {
m := getModule(w, r)
if m == nil {
return
}
m.Stop()
logs.Infof("options:停止了[%v]模块的运行\n", m.Name)
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
// 从请求参数中解析出模块实例。
func getModule(w http.ResponseWriter, r *http.Request) *web.Module {
name, ok := util.ParamString(w, r, "name")
if name == moduleName { // 当前模块不能被控制
util.RenderJSON(w, http.StatusBadRequest, &util.ErrorResult{Message: "无法控制该模块!"}, nil)
return nil
}
if !ok {
util.RenderJSON(w, http.StatusNotFound, nil, nil)
return nil
}
m := web.GetModule(name)
if m == nil {
util.RenderJSON(w, http.StatusNotFound, nil, nil)
return nil
}
return m
}
// @api get /admin/api/modules 获取的模块列表
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
//
// @apiSuccess 200 OK
// @apiParam modules array 模块列表的数组
func adminGetModules(w http.ResponseWriter, r *http.Request) {
modules := web.Modules()
data := make([]map[string]interface{}, 0, len(modules))
for _, v := range modules {
data = append(data, map[string]interface{}{
"name": v.Name,
"isRunning": v.IsRunning(),
})
}
util.RenderJSON(w, http.StatusOK, map[string]interface{}{"modules": data}, nil)
}
// @api delete /admin/api/comments/{id} 删除某条评论
// @apiParam id int 评论的id值
// @apiGroup admin
//
// @apiSuccess 204 no content
func adminDeleteComment(w http.ResponseWriter, r *http.Request) {
id, ok := util.ParamID(w, r, "id")
if !ok {
return
}
c := &models.Comment{ID: id}
if _, err := db.Delete(c); err != nil {
logs.Error("adminDeleteComment:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if err := stats.UpdateCommentsSize(); err != nil {
logs.Error("admin.adminDeleteComment:", err)
}
lastUpdated()
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
// @api put /admin/api/comments/{id} 修改评论,只能修改管理员发布的评论
// @apiParam id int 需要修改的评论id
// @apiGroup admin
//
// @apiRequest json
// @apiParam content string 新的评论内容
// @apiExample json
// { "content", "content..." }
//
// @apiSuccess 200 ok
func adminPutComment(w http.ResponseWriter, r *http.Request) {
id, ok := util.ParamID(w, r, "id")
if !ok {
return
}
c := &models.Comment{ID: id}
cnt, err := db.Count(c)
if err != nil {
logs.Error("putComment:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if cnt == 0 {
util.RenderJSON(w, http.StatusNotFound, nil, nil)
return
}
ct := &struct {
Content string `json:"content"`
}{}
if !util.ReadJSON(w, r, ct) {
return
}
c.Content = ct.Content
if _, err = db.Update(c); err != nil {
logs.Error("putComment", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if err := stats.UpdateCommentsSize(); err != nil {
logs.Error("admin.adminPutComment:", err)
}
lastUpdated()
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
// @api post /admin/api/login 登录
// @apiGroup admin
//
// @apiRequest json
// @apiParam password string 登录密码
// @apiExample json
// { "password": "******" }
//
// @apiSuccess 201
// @apiHeader Cache-Control:no-cache
// @apiHeader Pragma:no-cache
// @apiParam token string 登录凭证;
// @apiExample json
// { "token": "adfwerqeqaeqe313aa" }
func adminPostLogin(w http.ResponseWriter, r *http.Request) {
inst := &struct {
Password string `json:"password"`
}{}
if !util.ReadJSON(w, r, inst) {
return
}
if app.Password(inst.Password) != opt.Password {
util.RenderJSON(w, http.StatusUnauthorized, nil, nil)
return
}
ret := make([]byte, 64)
n, err := io.ReadFull(rand.Reader, ret)
if err != nil {
logs.Error("login:无法产生一个随机的token", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if n == 0 {
logs.Error("login:无法产生一个随机的token")
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
token = utils.MD5(string(ret))
if len(token) == 0 {
logs.Error("login:无法正确生成登录的token")
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
// 记录日志出错,仅输出错误内容,但不返回500错误。
if err = writeLastLogs(r); err != nil {
logs.Error("login:"******"token": token}, nil)
}
// @api get /admin/api/tags 获取所有标签信息
// @apiGroup admin
//
// @apiRequest json
// @apiheader Authorization xxx
//
// @apiSuccess 200 OK
// @apiParam tags array 所有标签的列表
func adminGetTags(w http.ResponseWriter, r *http.Request) {
sql := `SELECT m.{name}, m.{title}, m.{description}, m.{id},count(r.{tagID}) AS {count}
FROM #tags AS m
LEFT JOIN #relationships AS r ON m.{id}=r.{tagID}
GROUP BY m.{id}`
rows, err := db.Query(true, sql)
if err != nil {
logs.Error("getTags:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
maps, err := fetch.MapString(false, rows)
rows.Close()
if err != nil {
logs.Error("getTags:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
util.RenderJSON(w, http.StatusOK, map[string]interface{}{"tags": maps}, nil)
}
// @api post /admin/api/comments 提交新评论
// @apiGroup admin
//
// @apiRequest json
// @apiParam parent int 评论的父级内容
// @apiParam postID int 评论的文章
// @apiParam content string 评论的内容
//
// @apiSuccess 201 created
func adminPostComment(w http.ResponseWriter, r *http.Request) {
c := &struct {
Parent int64 `json:"parent"`
PostID int64 `json:"postID"`
Content string `json:"content"`
}{}
if !util.ReadJSON(w, r, c) {
return
}
comm := &models.Comment{
Parent: c.Parent,
PostID: c.PostID,
Content: c.Content,
State: models.CommentStateApproved,
IP: "",
Agent: "",
Created: time.Now().Unix(),
IsAdmin: true,
AuthorURL: opt.SiteURL,
AuthorName: opt.ScreenName,
AuthorEmail: opt.Email,
}
if _, err := db.Insert(comm); err != nil {
logs.Error("adminPostComment:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if err := stats.UpdateCommentsSize(); err != nil {
logs.Error("admin.adminPostComment:", err)
}
lastUpdated()
util.RenderJSON(w, http.StatusCreated, nil, nil)
}
// @api get /admin/api/media 获取所有的文件列表
// @apiQuery parent string 上一级目录,相对于cfg.UploadDir设置项。
// @apiGroup admin
//
// @apiSuccess 200 成功获取列表
// @apiParam files array 文件列表
func adminGetMedia(w http.ResponseWriter, r *http.Request) {
parent := r.FormValue("parent")
if len(parent) == 0 {
parent = "/"
}
if strings.Index(parent, "..") >= 0 {
util.RenderJSON(w, http.StatusBadRequest, &util.ErrorResult{Message: "格式错误"}, nil)
return
}
parent = cfg.UploadDir + parent
fs, err := ioutil.ReadDir(parent)
if err != nil {
logs.Error("admin.adminGetMeida:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
type fileInfo struct {
Name string `json:"name"`
Type string `json:"type"`
}
list := make([]*fileInfo, 0, len(fs))
for _, file := range fs {
typ := "file"
if file.IsDir() {
typ = "dir"
}
suffix := strings.ToLower(filepath.Ext(file.Name()))
if suffix == ".jpeg" || suffix == ".jpg" || suffix == ".png" || suffix == ".svg" || suffix == ".gif" {
typ = "image"
}
list = append(list, &fileInfo{Name: file.Name(), Type: typ})
}
util.RenderJSON(w, http.StatusOK, map[string]interface{}{"list": list}, nil)
}
// @api delete /admin/api/tags/{id} 删除该id的标签,也将被从relationships表中删除。
// @apiParam id int 需要删除的标签id
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
//
// @apiSuccess 204 no content
func adminDeleteTag(w http.ResponseWriter, r *http.Request) {
id, ok := util.ParamID(w, r, "id")
if !ok {
return
}
tx, err := db.Begin()
if err != nil {
logs.Error("adminDeleteMeta:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if _, err := tx.Delete(&models.Tag{ID: id}); err != nil {
logs.Error("adminDeleteMeta:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
// 删除与之对应的关联数据。
sql := "DELETE FROM #relationships WHERE {tagID}=?"
if _, err := tx.Exec(true, sql, id); err != nil {
logs.Error("adminDeleteMeta:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if err := tx.Commit(); err != nil {
logs.Error("adminDeleteMeta:", err)
tx.Rollback()
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
lastUpdated()
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
// @api get /api/posts/{id}/comments
// @apiQuery page int 页码
// @apiGroup front
//
// @apiSuccess 200 OK
// @apiParam comments array 当前页的评论
func frontGetPostComments(w http.ResponseWriter, r *http.Request) {
id, ok := util.ParamID(w, r, "id")
if !ok {
return
}
p := &models.Post{ID: id}
if err := db.Select(p); err != nil {
logs.Error("frontGetPostComments:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if p.State != models.PostStatePublished {
util.RenderJSON(w, http.StatusNotFound, nil, nil)
return
}
sql := db.Where("{postID}=?", id).
And("{state}=?", models.CommentStateApproved).
Table("#comments")
var page int
if page, ok = util.QueryInt(w, r, "page", 0); !ok {
return
}
sql.Limit(opt.PageSize, page*opt.PageSize)
maps, err := sql.SelectMap(true, "*")
if err != nil {
logs.Error("frontGetComments:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
util.RenderJSON(w, http.StatusOK, map[string]interface{}{"comments": maps}, nil)
}
// @api delete /admin/api/posts/{id} 删除文章
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
//
// @apiSuccess 204 no content
func adminDeletePost(w http.ResponseWriter, r *http.Request) {
id, ok := util.ParamID(w, r, "id")
if !ok {
return
}
tx, err := db.Begin()
if err != nil {
logs.Error("deletePost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
tx.Rollback()
return
}
// 删除文章
sql := "DELETE FROM #posts WHERE {id}=?"
if _, err := tx.Exec(true, sql, id); err != nil {
logs.Error("deletePost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
tx.Rollback()
return
}
// 删除评论
sql = "DELETE FROM #comments WHERE {postID}=?"
if _, err := tx.Exec(true, sql, id); err != nil {
logs.Error("deletePost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
tx.Rollback()
return
}
//删除关联数据
sql = "DELETE FROM #relationships WHERE {postID}=?"
if _, err := tx.Exec(true, sql, id); err != nil {
logs.Error("deletePost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
tx.Rollback()
return
}
if err := tx.Commit(); err != nil {
tx.Rollback()
logs.Error("deletePost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
if err := stats.UpdatePostsSize(); err != nil {
logs.Error("admin.adminDeletePost:", err)
}
lastUpdated()
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
// @api get /admin/api/state 获取当前网站的些基本状态
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
//
// @apiSuccess 200 OK
// @apiParam posts int 文章的数量
// @apiParam draftPosts int 草稿的数量
// @apiParam publishedPosts int 正式文章的数量
// @apiParam comments int 评论数量
// @apiParam waitingComments int 待审评论数量
// @apiParam spamComments int 垃圾评论数量
// @apiParam approvedComments int 已审评论数量
// @apiParam screenName string 用户的当前昵称
func adminGetState(w http.ResponseWriter, r *http.Request) {
data := map[string]interface{}{
"posts": stats.PostsSize,
"draftPosts": stats.DraftPostsSize,
"publishedPosts": stats.PublishedPostsSize,
"comments": stats.CommentsSize,
"waitingComments": stats.WaitingCommentsSize,
"spamComments": stats.SpamCommentsSize,
"approvedComments": stats.ApprovedCommentsSize,
"lastUpdated": opt.LastUpdated,
"screenName": opt.ScreenName,
"last": opt.Last,
}
util.RenderJSON(w, http.StatusOK, data, nil)
}
// @api put /admin/api/posts/{id} 修改文章
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
// @apiParam name string 唯一名称,可以为空
// @apiParam title string 标题
// @apiParam summary string 文章摘要
// @apiParam content string 文章内容
// @apiParam state int 状态
// @apiParam order int 排序
// @apiParam template string 所使用的模板
// @apiParam allowPing bool 允许ping
// @apiParam allowComment bool 允许评论
// @apiParam tags array 关联的标签
//
// @apiSuccess 200 no content
func adminPutPost(w http.ResponseWriter, r *http.Request) {
id, ok := util.ParamID(w, r, "id")
if !ok {
return
}
p := &struct {
Name string `json:"name"`
Title string `json:"title"`
Summary string `json:"summary"`
Content string `json:"content"`
State int `json:"state"`
Order int `json:"order"`
Template string `json:"template"`
AllowPing bool `json:"allowPing"`
AllowComment bool `json:"allowComment"`
Tags []int64 `json:"tags"`
}{}
if !util.ReadJSON(w, r, p) {
return
}
op := &models.Post{ID: id}
if err := db.Select(op); err != nil {
logs.Error("adminPutPost-0:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
pp := &models.Post{
ID: id,
Name: p.Name,
Title: p.Title,
Summary: p.Summary,
Content: p.Content,
State: p.State,
Order: p.Order,
Template: p.Template,
AllowPing: p.AllowPing,
AllowComment: p.AllowComment,
Modified: time.Now().Unix(),
Created: op.Created,
}
// TODO 是否有必要检测标签是否真实存在
tx, err := db.Begin()
if err != nil {
logs.Error("adminPutPost-1:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
tx.Rollback()
return
}
// 更新文档内容
if _, err := tx.UpdateZero(pp); err != nil {
logs.Error("adminPutPost-2:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
tx.Rollback()
return
}
// 删除旧的关联内容
sql := "DELETE FROM #relationships WHERE {postID}=?"
if _, err := tx.Exec(true, sql, pp.ID); err != nil {
logs.Error("adminPutPost-3:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
tx.Rollback()
return
}
// 添加新的关联
if len(p.Tags) > 0 {
rs := make([]interface{}, 0, len(p.Tags))
for _, tag := range p.Tags {
rs = append(rs, &models.Relationship{TagID: tag, PostID: pp.ID})
}
if err := tx.MultInsert(rs...); err != nil {
logs.Error("adminPutPost-4:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
tx.Rollback()
return
}
}
if err := tx.Commit(); err != nil {
logs.Error("adminPutPost-5:", err)
tx.Rollback()
return
}
if err := stats.UpdatePostsSize(); err != nil {
logs.Error("admin.adminPutPost:", err)
}
lastUpdated()
util.RenderJSON(w, http.StatusNoContent, nil, nil)
}
// @api post /admin/api/posts 新建文章
// @apiGroup admin
//
// @apiRequest json
// @apiHeader Authorization xxx
// @apiParam name string 唯一名称,可以为空
// @apiParam title string 标题
// @apiParam summary string 文章摘要
// @apiParam content string 文章内容
// @apiParam state int 状态
// @apiParam order int 排序
// @apiParam template string 所使用的模板
// @apiParam allowPing bool 允许ping
// @apiParam allowComment bool 允许评论
// @apiParam tags array 关联的标签
//
// @apiSuccess 201 created
func adminPostPost(w http.ResponseWriter, r *http.Request) {
p := &struct {
Name string `json:"name"`
Title string `json:"title"`
Summary string `json:"summary"`
Content string `json:"content"`
State int `json:"state"`
Order int `json:"order"`
Template string `json:"template"`
AllowPing bool `json:"allowPing"`
AllowComment bool `json:"allowComment"`
Tags []int64 `json:"tags"`
}{}
if !util.ReadJSON(w, r, p) {
return
}
t := time.Now().Unix()
pp := &models.Post{
Name: p.Name,
Title: p.Title,
Summary: p.Summary,
Content: p.Content,
State: p.State,
Order: p.Order,
Template: p.Template,
AllowPing: p.AllowPing,
AllowComment: p.AllowComment,
Created: t,
Modified: t,
}
tx, err := db.Begin()
if err != nil {
logs.Error("adminPostPost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
// 插入文章
result, err := tx.Insert(pp)
if err != nil {
tx.Rollback()
logs.Error("adminPostPost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
postID, err := result.LastInsertId()
if err != nil {
tx.Rollback()
logs.Error("adminPostPost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
// 插入relationship
rs := make([]interface{}, 0, len(p.Tags))
for _, tag := range p.Tags {
rs = append(rs, &models.Relationship{PostID: postID, TagID: tag})
}
if err := tx.MultInsert(rs...); err != nil {
tx.Rollback()
logs.Error("adminPostPost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
// commit
if err := tx.Commit(); err != nil {
tx.Rollback()
logs.Error("adminPostPost:", err)
util.RenderJSON(w, http.StatusInternalServerError, nil, nil)
return
}
lastUpdated()
util.RenderJSON(w, http.StatusCreated, "{}", nil)
}