예제 #1
0
func addUserUpvotedPostIDsToData(r *http.Request, postModel *models.PostModel, data map[string]interface{}) error {
	if user, ok := context.SessionUser(r); ok {
		userUpvotedPostIDs, err := postModel.GetVotedPostIds(nil, squirrel.Eq{"post_votes.user_id": user.ID})
		if err != nil {
			return errors.Wrap(err, "get upvoted post ids error")
		}
		data["UserUpvotedPostIDs"] = userUpvotedPostIDs
	}
	return nil
}
예제 #2
0
func getLogin(a *application.App, w http.ResponseWriter, r *http.Request) error {
	if _, ok := context.SessionUser(r); ok {
		return httperror.StatusError{http.StatusOK, errors.New("Already logged in")}
	}

	// TODO: replace code with CSRF token
	url := a.Config.OAuth2.AuthCodeURL("uteach-login") + "&connection=Username-Password-Authentication" // connection required by Auth0
	http.Redirect(w, r, url, http.StatusFound)
	return nil
}
예제 #3
0
func updatePostVote(a *application.App, w http.ResponseWriter, r *http.Request, voted bool) error {
	post := context.Post(r)
	user, _ := context.SessionUser(r)
	pm := models.NewPostModel(a.DB)

	if err := pm.UpdatePostVoteForUser(nil, post, user, voted); err != nil {
		return errors.Wrap(err, "update post vote error")
	}
	w.WriteHeader(http.StatusOK)
	return nil
}
예제 #4
0
// MustLogin ensures the next handler is only accessible by users that are logged in.
func (m *Middleware) MustLogin(next http.Handler) http.Handler {
	fn := func(w http.ResponseWriter, r *http.Request) {
		if _, ok := context.SessionUser(r); !ok {
			httperror.HandleError(w, httperror.StatusError{http.StatusForbidden, nil})
			return
		}

		next.ServeHTTP(w, r)
	}

	return http.HandlerFunc(fn)
}
예제 #5
0
func postNewPost(a *application.App, w http.ResponseWriter, r *http.Request) (err error) {
	title := r.FormValue("title")
	text := r.FormValue("text")
	topic := context.Topic(r)
	user, _ := context.SessionUser(r)

	// we want the post and tags to be created together so use one tx. If one part fails the rest won't be committed.
	tx, err := a.DB.Beginx()
	if err != nil {
		return errors.Wrap(err, "begin transacion error")
	}

	defer func() {
		if err != nil {
			tx.Rollback()
			return
		}
		err = tx.Commit()
		err = errors.Wrap(err, "commit error")
	}()

	postModel := models.NewPostModel(a.DB)
	post := &models.Post{Title: title, Content: text, Topic: topic, Creator: user}
	if err = postModel.Add(tx, post); err != nil {
		return errors.Wrap(err, "add post error")
	}

	tagIDStr := r.FormValue("tag")
	if tagIDStr != "" {
		tagID, err := strconv.ParseInt(tagIDStr, 10, 64)
		if err != nil {
			return httperror.StatusError{http.StatusBadRequest, err}
		}

		tagModel := models.NewTagModel(a.DB)
		tag, err := tagModel.FindOne(nil, squirrel.Eq{"tags.id": tagID})
		if err != nil {
			return errors.Wrap(err, "find one error")
		}

		if err = tagModel.AddPostTag(tx, post, tag); err != nil {
			return errors.Wrap(err, "add post tag error")
		}
	}

	http.Redirect(w, r, post.URL(), http.StatusFound)
	return nil
}
예제 #6
0
func (m *Middleware) isPostCreator(r *http.Request) bool {
	post := context.Post(r)
	user, ok := context.SessionUser(r)
	return ok && *post.Creator == *user
}
예제 #7
0
func (m *Middleware) isAdmin(r *http.Request) bool {
	user, ok := context.SessionUser(r)
	return ok && user.IsAdmin
}