Esempio n. 1
0
func Auth(ctx banana.Context, p ...int) error {

	bnuid, err := ctx.Req().Cookie(UID_COOKIE_NAME)
	if err != nil {
		if err == http.ErrNoCookie {
			log.Println("cookies not found")
			return ErrNotLogin
		}
		return err
	}
	isLogin, username, err := user.DecodeToken(bnuid.Value)
	if err != nil {
		log.Println("decode error")
		return ErrNotLogin
	}
	if !isLogin {
		log.Println("is not login")
		return ErrNotLogin
	}
	privilege := 0
	for _, x := range p {
		privilege = privilege | x
	}

	can, err := user.Authentication(username, privilege)
	if err != nil {
		log.Println("auth error")
		return err
	}
	if !can {
		return ErrNoPermit
	}
	return nil
}
Esempio n. 2
0
func UsersCreatePage(ctx banana.Context) error {
	err := Auth(ctx, PrivilegeUserRead)
	switch err {
	case ErrNoPermit:
		return err
	case ErrNotLogin:
		http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/users", http.StatusFound)
		return nil
	case nil:
	default:
		return err
	}

	/*
		idStr, ok := ctx.Params()["id"]
		if !ok {
			http.Redirect(ctx.Res(), ctx.Req(), "/cp/users", http.StatusFound)
			return nil
		}
		id, err := strconv.ParseInt(idStr, 10, 32)
		if err != nil {
			http.Redirect(ctx.Res(), ctx.Req(), "/cp/users", http.StatusFound)
			return nil
		}
		u, err := user.FindOne(int(id))
		if err != nil {
			return err
		}
	*/
	u := 1
	layout := ThemeLayout{}
	layout.Content = ThemeBlock{theme.CP("user"), struct{ Info interface{} }{u}}
	return ctx.Tpl(theme.CP("layout"), layout)

}
Esempio n. 3
0
func UsersCreate(ctx banana.Context) error {
	r := ctx.Req()

	err := Auth(ctx, PrivilegeUserWrite)
	switch err {
	case ErrNoPermit:
		return err
	case ErrNotLogin:
		return err
	case nil:
	default:
		return err
	}

	username, pwd := r.FormValue("username"), r.FormValue("pwd")

	p, err := strconv.ParseInt(r.FormValue("privilege"), 10, 32)
	if err != nil {
		return err
	}
	privilege := int(p) & (PrivilegePostDelete | PrivilegePostDelete | PrivilegePostWrite | PrivilegeUserDelete | PrivilegeUserRead | PrivilegeUserWrite | PrivilegeCategoryRead | PrivilegeCategoryWrite | PrivilegeCategoryDelete)

	err = user.Add(username, pwd, privilege)
	if err != nil {
		return err
	}

	return ctx.Json(struct{}{})
}
Esempio n. 4
0
func Post(ctx banana.Context) error {
	err := Auth(ctx, PrivilegePostRead)
	switch err {
	case ErrNoPermit:
		return err
	case ErrNotLogin:
		http.Redirect(ctx.Res(), ctx.Req(), "/login?error", http.StatusFound)
		return nil
	case nil:
	default:
		return err
	}

	var (
		idStr string
		ok    bool
	)
	if idStr, ok = ctx.Params()["id"]; !ok {
		panic("no id")
	}
	id, err := strconv.ParseInt(idStr, 10, 32)
	if err != nil {
		panic(err)
	}
	p := post.ReadRaw(int(id))
	categories, err := category.Query()
	if err != nil {
		return err
	}

	layout := ThemeLayout{}
	layout.Content = ThemeBlock{theme.CP("post"), struct{ Post, Categories interface{} }{p, categories}}
	return ctx.Tpl(theme.CP("layout"), layout)
}
Esempio n. 5
0
func SaveNewPost(ctx banana.Context) error {

	err := Auth(ctx, PrivilegePostWrite)
	switch err {
	case ErrNoPermit:
		return err
	case ErrNotLogin:
		return err
	case nil:
	default:
		return err
	}

	r := ctx.Req()
	cid, err := strconv.ParseInt(r.FormValue("category"), 10, 32)
	if err != nil {
		return err
	}

	p := post.New()
	p.Title = r.FormValue("title")
	p.Content = r.FormValue("content")
	p.Category.Id = int(cid)
	p.Description = r.FormValue("description")
	p.Keywords.Parse(r.FormValue("keywords"))
	err = p.Save()
	if err != nil {
		return err
	}

	return ctx.Json(p)
}
Esempio n. 6
0
func DashBoard(ctx banana.Context) error {
	err := Auth(ctx, PrivilegePostRead)
	switch err {
	case ErrNoPermit:
		http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/dashboard", http.StatusFound)
		return err
	case ErrNotLogin:
		http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/dashboard", http.StatusFound)
		return err
	case nil:
	default:
		return err
	}

	layout := ThemeLayout{}
	layout.Content = ThemeBlock{theme.CP("starter"), 1}
	return ctx.Tpl(theme.CP("layout"), layout)
}
Esempio n. 7
0
func Posts(ctx banana.Context) error {

	err := Auth(ctx, PrivilegePostRead)
	switch err {
	case ErrNoPermit:
		return err
	case ErrNotLogin:
		http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/posts", http.StatusFound)
		return nil
	case nil:
	default:
		return err
	}

	ps := post.Query(0, 10)
	layout := ThemeLayout{}
	layout.Content = ThemeBlock{theme.CP("posts"), ps}
	return ctx.Tpl(theme.CP("layout"), layout)
}
Esempio n. 8
0
func Users(ctx banana.Context) error {
	err := Auth(ctx, PrivilegeUserRead)
	switch err {
	case ErrNoPermit:
		return err
	case ErrNotLogin:
		http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/users", http.StatusFound)
		return nil
	case nil:
	default:
		return err
	}

	users, err := user.Query(0, 10)
	if err != nil {
		return err
	}
	layout := ThemeLayout{}
	layout.Content = ThemeBlock{theme.CP("users"), struct{ List interface{} }{users}}
	return ctx.Tpl(theme.CP("layout"), layout)
}
Esempio n. 9
0
func NewPost(ctx banana.Context) error {
	err := Auth(ctx, PrivilegePostRead)
	switch err {
	case ErrNoPermit:
		return err
	case ErrNotLogin:
		http.Redirect(ctx.Res(), ctx.Req(), "/login?error", http.StatusFound)
		return nil
	case nil:
	default:
		return err
	}

	categories, err := category.Query()
	if err != nil {
		return err
	}

	p := post.New()
	layout := ThemeLayout{}
	layout.Content = ThemeBlock{theme.CP("post"), struct{ Post, Categories interface{} }{p, categories}}
	return ctx.Tpl(theme.CP("layout"), layout)
}
Esempio n. 10
0
func Login(ctx banana.Context) error {

	r := ctx.Req()
	username, pwd := r.FormValue("username"), r.FormValue("pwd")
	result, sign, err := user.Check(username, pwd)
	if err != nil {
		return err
	}
	if result {
		timeout := time.Now().Add(user.Expires)
		userCookie := &http.Cookie{}
		userCookie.Expires = timeout
		userCookie.Name = UID_COOKIE_NAME
		userCookie.Value = sign
		http.SetCookie(ctx.Res(), userCookie)
		http.Redirect(ctx.Res(), ctx.Req(), "/cp/dashboard", http.StatusFound)
	} else {
		http.Redirect(ctx.Res(), ctx.Req(), "/login?error", http.StatusFound)
	}

	return nil
}