// UpdateMany handles PUT for the collection
func (ctl *HuddleParticipantsController) UpdateMany(c *models.Context) {
// Validate inputs
huddleID, err := strconv.ParseInt(c.RouteVars["huddle_id"], 10, 64)
if err != nil {
c.RespondWithErrorMessage("huddle_id in URL is not a number", http.StatusBadRequest)
return
}
r, status, err := models.GetHuddle(c.Site.ID, c.Auth.ProfileID, huddleID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(
c, 0, h.ItemTypes[h.ItemTypeHuddle], huddleID),
)
if !perms.CanUpdate {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
if r.IsConfidential == true {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
// End Authorisation
ems := []models.HuddleParticipantType{}
err = c.Fill(&ems)
if err != nil {
c.RespondWithErrorMessage(
fmt.Sprintf("The post data is invalid: %v", err.Error()),
http.StatusBadRequest,
)
return
}
status, err = models.UpdateManyHuddleParticipants(c.Site.ID, huddleID, ems)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
c.RespondWithSeeOther(
fmt.Sprintf(
"%s/%d",
h.APITypeHuddle,
huddleID,
),
)
}
// ReadMany handles GET for the collection
func (ctl *HuddleParticipantsController) ReadMany(c *models.Context) {
// Validate inputs
huddleID, err := strconv.ParseInt(c.RouteVars["huddle_id"], 10, 64)
if err != nil {
c.RespondWithErrorMessage("huddle_id in URL is not a number", http.StatusBadRequest)
return
}
r, status, err := models.GetHuddle(c.Site.ID, c.Auth.ProfileID, huddleID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(
c, 0, h.ItemTypes[h.ItemTypeHuddle], huddleID),
)
if !perms.CanRead {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
// End Authorisation
limit, offset, status, err := h.GetLimitAndOffset(c.Request.URL.Query())
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
ems, total, pages, status, err := models.GetHuddleParticipants(c.Site.ID, huddleID, limit, offset)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
// Construct the response
m := models.HuddleParticipantsType{}
m.HuddleParticipants = h.ConstructArray(
ems,
fmt.Sprintf("%s/participants", r.GetLink()),
total,
limit,
offset,
pages,
c.Request.URL,
)
c.RespondWithData(m)
}
// Update handles PUT
func (ctl *HuddleParticipantController) Update(c *models.Context) {
huddleID, err := strconv.ParseInt(c.RouteVars["huddle_id"], 10, 64)
if err != nil {
c.RespondWithErrorMessage("huddle_id in URL is not a number", http.StatusBadRequest)
return
}
r, status, err := models.GetHuddle(c.Site.ID, c.Auth.ProfileID, huddleID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
profileID, err := strconv.ParseInt(c.RouteVars["profile_id"], 10, 64)
if err != nil {
c.RespondWithErrorMessage("profile_id in URL is not a number", http.StatusBadRequest)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(
c, 0, h.ItemTypes[h.ItemTypeHuddle], huddleID),
)
if !perms.CanUpdate {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
if r.IsConfidential == false {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
// End Authorisation
m := models.HuddleParticipantType{}
m.ID = profileID
status, err = m.Update(c.Site.ID, huddleID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
c.RespondWithSeeOther(m.GetLink(r.GetLink()))
}
// Delete handles DELETE
func (ctl *HuddleParticipantController) Delete(c *models.Context) {
huddleID, err := strconv.ParseInt(c.RouteVars["huddle_id"], 10, 64)
if err != nil {
c.RespondWithErrorMessage("huddle_id in URL is not a number", http.StatusBadRequest)
return
}
_, status, err := models.GetHuddle(c.Site.ID, c.Auth.ProfileID, huddleID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
profileID, err := strconv.ParseInt(c.RouteVars["profile_id"], 10, 64)
if err != nil {
c.RespondWithErrorMessage("profile_id in URL is not a number", http.StatusBadRequest)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(
c, 0, h.ItemTypes[h.ItemTypeHuddle], huddleID),
)
if !perms.CanDelete {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
// End Authorisation
if profileID != c.Auth.ProfileID {
c.RespondWithErrorMessage("Only the participant in question can remove a participant from a huddle", http.StatusBadRequest)
return
}
m := models.HuddleParticipantType{}
m.ID = profileID
status, err = m.Delete(huddleID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
c.RespondWithOK()
}
// Delete handles DELETE
func (ctl *HuddleController) Delete(c *models.Context) {
_, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(
c, 0, itemTypeID, itemID),
)
if !perms.CanDelete {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
// End Authorisation
m, status, err := models.GetHuddle(c.Site.ID, c.Auth.ProfileID, itemID)
if err != nil {
if status == http.StatusNotFound {
c.RespondWithOK()
return
}
c.RespondWithErrorDetail(err, status)
return
}
status, err = m.Delete(c.Site.ID, c.Auth.ProfileID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
audit.Delete(
c.Site.ID,
h.ItemTypes[h.ItemTypeHuddle],
m.ID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
c.RespondWithOK()
}
// Read handles GET
func (ctl *HuddleParticipantController) Read(c *models.Context) {
huddleID, err := strconv.ParseInt(c.RouteVars["huddle_id"], 10, 64)
if err != nil {
c.RespondWithErrorMessage("huddle_id in URL is not a number", http.StatusBadRequest)
return
}
_, status, err := models.GetHuddle(c.Site.ID, c.Auth.ProfileID, huddleID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(
c, 0, h.ItemTypes[h.ItemTypeHuddle], huddleID),
)
if !perms.CanRead {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
// End Authorisation
profileID, err := strconv.ParseInt(c.RouteVars["profile_id"], 10, 64)
if err != nil {
c.RespondWithErrorMessage("profile_id in URL is not a number", http.StatusBadRequest)
return
}
m, status, err := models.GetHuddleParticipant(c.Site.ID, huddleID, profileID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
c.RespondWithData(m)
}
// Read handles GET
func (ctl *HuddleController) Read(c *models.Context) {
_, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(
c, 0, itemTypeID, itemID),
)
if !perms.CanRead {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
// End Authorisation
// Get Huddle
m, status, err := models.GetHuddle(c.Site.ID, c.Auth.ProfileID, itemID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
// Get Comments
m.Comments, status, err = models.GetComments(c.Site.ID, h.ItemTypeHuddle, m.ID, c.Request.URL, c.Auth.ProfileID, m.Meta.Created)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
m.Meta.Permissions = perms
if c.Auth.ProfileID > 0 {
// Mark as read (to the last comment on this page if applicable)
read := m.Meta.Created
switch m.Comments.Items.(type) {
case []models.CommentSummaryType:
comments := m.Comments.Items.([]models.CommentSummaryType)
if len(comments) > 0 {
read = comments[len(comments)-1].Meta.Created
}
if m.Comments.Page >= m.Comments.Pages {
read = time.Now()
}
default:
}
models.MarkAsRead(h.ItemTypes[h.ItemTypeHuddle], m.ID, c.Auth.ProfileID, read)
models.UpdateUnreadHuddleCount(c.Auth.ProfileID)
// Get watcher status
watcherID, sendEmail, sendSms, _, status, err := models.GetWatcherAndIgnoreStatus(
h.ItemTypes[h.ItemTypeHuddle], m.ID, c.Auth.ProfileID,
)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
if watcherID > 0 {
m.Meta.Flags.Watched = true
m.Meta.Flags.SendEmail = sendEmail
m.Meta.Flags.SendSMS = sendSms
}
}
c.RespondWithData(m)
}
