// title: event cancel
// path: /events/{uuid}/cancel
// method: POST
// produce: application/json
// responses:
// 200: OK
// 400: Invalid uuid or empty reason
// 404: Not found
func eventCancel(w http.ResponseWriter, r *http.Request, t auth.Token) error {
uuid := r.URL.Query().Get(":uuid")
if !bson.IsObjectIdHex(uuid) {
msg := fmt.Sprintf("uuid parameter is not ObjectId: %s", uuid)
return &errors.HTTP{Code: http.StatusBadRequest, Message: msg}
}
objID := bson.ObjectIdHex(uuid)
e, err := event.GetByID(objID)
if err != nil {
return &errors.HTTP{Code: http.StatusNotFound, Message: err.Error()}
}
reason := r.FormValue("reason")
if reason == "" {
return &errors.HTTP{Code: http.StatusBadRequest, Message: "reason is mandatory"}
}
scheme, err := permission.SafeGet(e.AllowedCancel.Scheme)
if err != nil {
return err
}
allowed := permission.Check(t, scheme, e.AllowedCancel.Contexts...)
if !allowed {
return permission.ErrUnauthorized
}
err = e.TryCancel(reason, t.GetUserName())
if err != nil {
if err == event.ErrNotCancelable {
return &errors.HTTP{Code: http.StatusBadRequest, Message: err.Error()}
}
return err
}
w.WriteHeader(http.StatusNoContent)
return nil
}
// title: event info
// path: /events/{uuid}
// method: GET
// produce: application/json
// responses:
// 200: OK
// 400: Invalid uuid
// 401: Unauthorized
// 404: Not found
func eventInfo(w http.ResponseWriter, r *http.Request, t auth.Token) error {
uuid := r.URL.Query().Get(":uuid")
if !bson.IsObjectIdHex(uuid) {
msg := fmt.Sprintf("uuid parameter is not ObjectId: %s", uuid)
return &errors.HTTP{Code: http.StatusBadRequest, Message: msg}
}
objID := bson.ObjectIdHex(uuid)
e, err := event.GetByID(objID)
if err != nil {
return &errors.HTTP{Code: http.StatusNotFound, Message: err.Error()}
}
scheme, err := permission.SafeGet(e.Allowed.Scheme)
if err != nil {
return err
}
allowed := permission.Check(t, scheme, e.Allowed.Contexts...)
if !allowed {
return permission.ErrUnauthorized
}
w.Header().Add("Content-Type", "application/json")
return json.NewEncoder(w).Encode(e)
}
