// Generic Update handler func Update(w http.ResponseWriter, r *http.Request) { user, permissions := auth.Challenge(w, r, true) if user == nil || permissions < 1 { http.Error(w, "Please Login", http.StatusUnauthorized) return } w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept") vars := mux.Vars(r) var ( val interface{} // Generic container for the updated object err error ) // Build a URI like representation of the datatype types := []string{vars["datatype"]} if childtype, ok := vars["childtype"]; ok { types = append(types, childtype) } // Switch based on that URI like representation and instantiate something in the generic container. Also infer the identifier from the vars and perform validation. switch strings.Join(types, "/") { case "items": v := new(data.Item) v.ID, err = strconv.ParseInt(vars["key"], 10, 64) val = v case "items/comments": v := new(data.ItemComment) v.ID, err = strconv.ParseInt(vars["childkey"], 10, 64) val = v case "users": if vars["key"] != user.Username { http.Error(w, "Please don't hack other users", http.StatusUnauthorized) return } v := new(data.User) v.Username = vars["key"] val = v case "users/direction": v := new(data.UserDirection) v.Username = vars["key"] val = v case "roles": v := new(data.Role) v.Title = vars["key"] val = v case "taxonomy": v := new(data.Term) v.Term = vars["key"] val = v case "taxonomy/ranking": v := new(data.TermRanking) v.Term = vars["key"] val = v default: http.NotFound(w, r) return } if err != nil { log.Println(err, vars) http.Error(w, "Malformed key in URI", http.StatusBadRequest) return } err = storage.Select(val) //Load previous values so that update is non distructive of empty fields if err == storage.ErrZeroAffected { http.NotFound(w, r) return } else if err != nil { log.Println(err) http.Error(w, "Select3 Database error, likely due to malformed request.", http.StatusInternalServerError) return } // Decode the JSON into our generic object. The decode will leave unscpecified fields untouched. decoder := json.NewDecoder(r.Body) err = decoder.Decode(&val) if err != nil { log.Println(err) http.Error(w, "Malformed json.", http.StatusBadRequest) return } // Validate JSON, run pre-update hooks, etc... //We must reset fields we set earlier incase they were changed during the JSON decode switch v := val.(type) { case (*data.Item): v.ID, err = strconv.ParseInt(vars["key"], 10, 64) v.Author = user.Username case (*data.ItemComment): v.ID, err = strconv.ParseInt(vars["childkey"], 10, 64) v.Author = user.Username case (*data.User): v.Username = vars["key"] case (*data.UserDirection): v.Username = vars["key"] v.LockUsername = user.Username case (*data.Role): v.Title = vars["key"] case (*data.Term): v.Term = vars["key"] v.Author = user.Username case (*data.TermRanking): v.Term = vars["key"] } if err != nil { log.Println(err, vars) http.Error(w, "Malformed key in URI", http.StatusBadRequest) return } // Run the update err = storage.Update(val) if err == storage.ErrZeroAffected { w.WriteHeader(http.StatusNotModified) return } else if err != nil { log.Println(err) http.Error(w, "Update2 Database error, likely due to malformed request.", http.StatusInternalServerError) return } w.Header().Set("Content-Type", "application/json") // Header are important when GZIP is enabled // Return the updated item encoder := json.NewEncoder(w) err = encoder.Encode(val) if err != nil { log.Println(err) } }