// title: event cancel // path: /events/{uuid}/cancel // method: POST // produce: application/json // responses: // 200: OK // 400: Invalid uuid or empty reason // 404: Not found func eventCancel(w http.ResponseWriter, r *http.Request, t auth.Token) error { uuid := r.URL.Query().Get(":uuid") if !bson.IsObjectIdHex(uuid) { msg := fmt.Sprintf("uuid parameter is not ObjectId: %s", uuid) return &errors.HTTP{Code: http.StatusBadRequest, Message: msg} } objID := bson.ObjectIdHex(uuid) e, err := event.GetByID(objID) if err != nil { return &errors.HTTP{Code: http.StatusNotFound, Message: err.Error()} } reason := r.FormValue("reason") if reason == "" { return &errors.HTTP{Code: http.StatusBadRequest, Message: "reason is mandatory"} } scheme, err := permission.SafeGet(e.AllowedCancel.Scheme) if err != nil { return err } allowed := permission.Check(t, scheme, e.AllowedCancel.Contexts...) if !allowed { return permission.ErrUnauthorized } err = e.TryCancel(reason, t.GetUserName()) if err != nil { if err == event.ErrNotCancelable { return &errors.HTTP{Code: http.StatusBadRequest, Message: err.Error()} } return err } w.WriteHeader(http.StatusNoContent) return nil }
// title: event info // path: /events/{uuid} // method: GET // produce: application/json // responses: // 200: OK // 400: Invalid uuid // 401: Unauthorized // 404: Not found func eventInfo(w http.ResponseWriter, r *http.Request, t auth.Token) error { uuid := r.URL.Query().Get(":uuid") if !bson.IsObjectIdHex(uuid) { msg := fmt.Sprintf("uuid parameter is not ObjectId: %s", uuid) return &errors.HTTP{Code: http.StatusBadRequest, Message: msg} } objID := bson.ObjectIdHex(uuid) e, err := event.GetByID(objID) if err != nil { return &errors.HTTP{Code: http.StatusNotFound, Message: err.Error()} } scheme, err := permission.SafeGet(e.Allowed.Scheme) if err != nil { return err } allowed := permission.Check(t, scheme, e.Allowed.Contexts...) if !allowed { return permission.ErrUnauthorized } w.Header().Add("Content-Type", "application/json") return json.NewEncoder(w).Encode(e) }