Esempio n. 1
0
// HandleDownload sends a single file
func HandleDownload(context router.Context) error {

	// Find the file
	file, err := files.Find(context.ParamInt("id"))
	if err != nil {
		return router.InternalError(err)
	}

	// Authorise access to this file - only the file owners can access their own files
	err = authorise.Resource(context, file)
	if err != nil {
		return router.NotAuthorizedError(err)
	}

	// If we are permitted, send the file to the user
	//w.Header().Set("Content-Type", "text/plain; charset=utf-8")
	//http.DetectContentType(data []byte) string
	h := context.Header()
	h.Set("Content-Type", "application/pgp-encrypted")
	h.Set("Content-Disposition", fmt.Sprintf("attachment; filename=\"%s\"", file.Name()))
	h.Set("Content-Transfer-Encoding", "binary")

	http.ServeFile(context, context.Request(), file.Path)
	return nil
}
Esempio n. 2
0
// HandleShowPath serves requests to a custom page url
func HandleShowPath(context router.Context) error {

	// Setup context for template
	path := context.Path()

	q := pages.Query().Where("url=?", path).Limit(1)
	pages, err := pages.FindAll(q)
	if err != nil || len(pages) == 0 {
		return router.NotFoundError(err)
	}

	// Get the first of pages to render
	page := pages[0]

	// If not published, check authorisation
	if !page.IsPublished() {
		// Authorise
		err = authorise.Resource(context, page)
		if err != nil {
			return router.NotAuthorizedError(err)
		}
	}

	return render(context, page)
}
Esempio n. 3
0
// HandleUpdateShow handles the POST of the form to update a file
func HandleUpdate(context router.Context) error {

	// Find the file
	file, err := files.Find(context.ParamInt("id"))
	if err != nil {
		return router.NotFoundError(err)
	}

	// Authorise update file
	err = authorise.Resource(context, file)
	if err != nil {
		return router.NotAuthorizedError(err)
	}

	// Update the file from params
	params, err := context.Params()
	if err != nil {
		return router.InternalError(err)
	}

	// Find the to user, by querying users on username or email
	// Set the user id if found, else return 404 error, user not found

	// TODO: Make *sure* this only accepts the params we want
	err = file.Update(params.Map())
	if err != nil {
		return router.InternalError(err)
	}

	// Redirect to file
	return router.Redirect(context, file.URLShow())
}
Esempio n. 4
0
// HandleShow displays a single page
func HandleShow(context router.Context) error {

	// Find the page
	page, err := pages.Find(context.ParamInt("id"))
	if err != nil {
		return router.InternalError(err)
	}

	// Authorise access
	err = authorise.Resource(context, page)
	if err != nil {
		return router.NotAuthorizedError(err)
	}

	return render(context, page)
}
Esempio n. 5
0
// HandleCreate handles the POST of the create form for users
func HandleCreate(context router.Context) error {

	// Authorise
	err := authorise.Resource(context, nil)
	if err != nil {
		return router.NotAuthorizedError(err)
	}

	// Setup context
	params, err := context.Params()
	if err != nil {
		return router.InternalError(err)
	}

	// Default to customer role etc - admins will have to promote afterwards
	params.Set("role", fmt.Sprintf("%d", users.RoleCustomer))
	params.Set("status", fmt.Sprintf("%d", status.Published))

	id, err := users.Create(params.Map())
	if err != nil {
		return err
	}

	// Log creation
	context.Logf("#info Created user id,%d", id)

	// Redirect to the new user
	user, err := users.Find(id)
	if err != nil {
		return router.InternalError(err)
	}

	// Save the details in a secure cookie
	session, err := auth.Session(context, context.Request())
	if err != nil {
		return router.InternalError(err)
	}

	context.Logf("#info CREATE for user: %d", user.Id)
	session.Set(auth.SessionUserKey, fmt.Sprintf("%d", user.Id))
	session.Save(context)

	// Send them to their user profile page
	return router.Redirect(context, user.URLShow())
}
Esempio n. 6
0
// HandleUpdateShow renders the form to update a user
func HandleUpdateShow(context router.Context) error {

	// Find the user
	user, err := users.Find(context.ParamInt("id"))
	if err != nil {
		return router.NotFoundError(err)
	}

	// Authorise update user
	err = authorise.Resource(context, user)
	if err != nil {
		return router.NotAuthorizedError(err)
	}

	// Render the template
	view := view.New(context)
	view.AddKey("user", user)

	return view.Render()
}
Esempio n. 7
0
// HandleUpdateShow renders the form to update a page
func HandleUpdateShow(context router.Context) error {

	// Find the page
	page, err := pages.Find(context.ParamInt("id"))
	if err != nil {
		return router.NotFoundError(err)
	}

	// Authorise update page
	err = authorise.Resource(context, page)
	if err != nil {
		return router.NotAuthorizedError(err)
	}

	// Render the template
	view := view.New(context)
	view.AddKey("page", page)

	return view.Render()
}
Esempio n. 8
0
// HandleDestroy handles a DESTROY request for users
func HandleDestroy(context router.Context) error {

	// Find the user
	user, err := users.Find(context.ParamInt("id"))
	if err != nil {
		return router.NotFoundError(err)
	}

	// Authorise destroy user
	err = authorise.Resource(context, user)
	if err != nil {
		return router.NotAuthorizedError(err)
	}

	// Destroy the user
	user.Destroy()

	// Redirect to users root
	return router.Redirect(context, user.URLIndex())
}