func staffPortal(w http.ResponseWriter, r *http.Request) *webapp.Error { c := appengine.NewContext(r) teachers := classes.Teachers(c) sort.Sort(classes.TeachersByName(teachers)) announcements := staff.CurrentAnnouncements(c, time.Now()) sort.Sort(staff.AnnouncementsByExpiration(announcements)) sessions := classes.Sessions(c, time.Now()) sort.Sort(classes.SessionsByStartDate(sessions)) yins := yogassage.Classes(c, time.Now()) sort.Sort(yogassage.ByDate(yins)) data := map[string]interface{}{ "Teachers": teachers, "Announcements": announcements, "Sessions": sessions, "YinYogassageClasses": yins, } if err := staffPage.Execute(w, data); err != nil { return webapp.InternalError(err) } return nil }
func editClass(w http.ResponseWriter, r *http.Request) *webapp.Error { idString := r.FormValue("class") if idString == "" { return missingFields(w) } id, err := strconv.ParseInt(idString, 10, 64) if err != nil { return invalidData(w, fmt.Sprintf("Invalid class ID")) } c := appengine.NewContext(r) class, err := classes.ClassWithID(c, id) switch err { case nil: break case classes.ErrClassNotFound: return invalidData(w, "No such class.") default: return webapp.InternalError(fmt.Errorf("failed to look up class %d: %s", id, err)) } staffAccount, ok := staffContext(r) if !ok { return webapp.UnauthorizedError(fmt.Errorf("only staff may edit classes")) } if r.Method == "POST" { c.Infof("updating class %d", class.ID) token, err := auth.TokenForRequest(c, staffAccount.ID, r.URL.Path) if err != nil { return webapp.UnauthorizedError(fmt.Errorf("didn't find an auth token")) } if !token.IsValid(r.FormValue(auth.TokenFieldName), time.Now()) { return webapp.UnauthorizedError(fmt.Errorf("invalid auth token")) } fields, err := webapp.ParseRequiredValues(r, "name", "description", "maxstudents", "dayofweek", "starttime", "length", "dropinonly") if err != nil { return missingFields(w) } class.Title = fields["name"] class.LongDescription = []byte(fields["description"]) class.DropInOnly = fields["dropinonly"] == "yes" weekday, err := parseWeekday(fields["dayofweek"]) if err != nil { return invalidData(w, "Invalid weekday") } class.Weekday = weekday maxStudents, err := strconv.ParseInt(fields["maxstudents"], 10, 32) if err != nil || maxStudents <= 0 { return invalidData(w, "Invalid student capacity") } class.Capacity = int32(maxStudents) length, err := parseMinutes(fields["length"]) if err != nil { return invalidData(w, "Invalid length") } class.Length = length start, err := parseLocalTime(fields["starttime"]) if err != nil { return invalidData(w, "Invalid start time; please use HH:MMpm format (e.g., 3:04pm)") } class.StartTime = start if email := r.FormValue("teacher"); email == "" { class.Teacher = nil } else { teacher, err := classes.TeacherWithEmail(c, email) if err != nil { return invalidData(w, "Invalid teacher selected") } class.Teacher = teacher.Key(c) } if err := class.Update(c); err != nil { return webapp.InternalError(fmt.Errorf("failed to update class %d: %s", class.ID, err)) } token.Delete(c) http.Redirect(w, r, "/staff", http.StatusSeeOther) return nil } token, err := auth.NewToken(staffAccount.ID, r.URL.Path, time.Now()) if err != nil { return webapp.InternalError(err) } if err := token.Store(c); err != nil { return webapp.InternalError(err) } data := map[string]interface{}{ "Token": token.Encode(), "Class": class, "Teacher": class.TeacherEntity(c), "Teachers": classes.Teachers(c), "DaysInOrder": daysInOrder, } if err := editClassPage.Execute(w, data); err != nil { return webapp.InternalError(err) } return nil }