func Auth(ctx banana.Context, p ...int) error {
bnuid, err := ctx.Req().Cookie(UID_COOKIE_NAME)
if err != nil {
if err == http.ErrNoCookie {
log.Println("cookies not found")
return ErrNotLogin
}
return err
}
isLogin, username, err := user.DecodeToken(bnuid.Value)
if err != nil {
log.Println("decode error")
return ErrNotLogin
}
if !isLogin {
log.Println("is not login")
return ErrNotLogin
}
privilege := 0
for _, x := range p {
privilege = privilege | x
}
can, err := user.Authentication(username, privilege)
if err != nil {
log.Println("auth error")
return err
}
if !can {
return ErrNoPermit
}
return nil
}
func SaveNewPost(ctx banana.Context) error {
err := Auth(ctx, PrivilegePostWrite)
switch err {
case ErrNoPermit:
return err
case ErrNotLogin:
return err
case nil:
default:
return err
}
r := ctx.Req()
cid, err := strconv.ParseInt(r.FormValue("category"), 10, 32)
if err != nil {
return err
}
p := post.New()
p.Title = r.FormValue("title")
p.Content = r.FormValue("content")
p.Category.Id = int(cid)
p.Description = r.FormValue("description")
p.Keywords.Parse(r.FormValue("keywords"))
err = p.Save()
if err != nil {
return err
}
return ctx.Json(p)
}
func UsersCreate(ctx banana.Context) error {
r := ctx.Req()
err := Auth(ctx, PrivilegeUserWrite)
switch err {
case ErrNoPermit:
return err
case ErrNotLogin:
return err
case nil:
default:
return err
}
username, pwd := r.FormValue("username"), r.FormValue("pwd")
p, err := strconv.ParseInt(r.FormValue("privilege"), 10, 32)
if err != nil {
return err
}
privilege := int(p) & (PrivilegePostDelete | PrivilegePostDelete | PrivilegePostWrite | PrivilegeUserDelete | PrivilegeUserRead | PrivilegeUserWrite | PrivilegeCategoryRead | PrivilegeCategoryWrite | PrivilegeCategoryDelete)
err = user.Add(username, pwd, privilege)
if err != nil {
return err
}
return ctx.Json(struct{}{})
}
func Latest(ctx banana.Context) error {
ps := post.Query(0, 10)
layout := ThemeLayout{}
layout.Content = ThemeBlock{theme.UI("home"), ps}
return ctx.Tpl(theme.UI("layout"), layout)
/*
posts, err := models.ZRange("pubtime", 0, 4)
if err != nil {
log.Fatal(err)
}
ctx.Tpl("home", posts)
*/
}
func Post(ctx banana.Context) error {
err := Auth(ctx, PrivilegePostRead)
switch err {
case ErrNoPermit:
return err
case ErrNotLogin:
http.Redirect(ctx.Res(), ctx.Req(), "/login?error", http.StatusFound)
return nil
case nil:
default:
return err
}
var (
idStr string
ok bool
)
if idStr, ok = ctx.Params()["id"]; !ok {
panic("no id")
}
id, err := strconv.ParseInt(idStr, 10, 32)
if err != nil {
panic(err)
}
p := post.ReadRaw(int(id))
categories, err := category.Query()
if err != nil {
return err
}
layout := ThemeLayout{}
layout.Content = ThemeBlock{theme.CP("post"), struct{ Post, Categories interface{} }{p, categories}}
return ctx.Tpl(theme.CP("layout"), layout)
}
func Read(ctx banana.Context) error {
var (
idStr string
ok bool
)
if idStr, ok = ctx.Params()["id"]; !ok {
return errors.New("no id")
}
id, err := strconv.ParseInt(idStr, 10, 32)
if err != nil {
return err
}
x := post.Read(int(id))
if yearStr, ok := ctx.Params()["year"]; ok {
t, err := strconv.ParseInt(yearStr, 10, 32)
if err != nil {
return err
}
if int(t) != x.PubTime.Year() {
return errors.New("404")
}
}
if monthStr, ok := ctx.Params()["month"]; ok {
t, err := strconv.ParseInt(monthStr, 10, 32)
if err != nil {
return err
}
if int(t) != int(x.PubTime.Month()) {
return errors.New("404")
}
}
if dayStr, ok := ctx.Params()["day"]; ok {
t, err := strconv.ParseInt(dayStr, 10, 32)
if err != nil {
return err
}
if int(t) != x.PubTime.Day() {
return errors.New("404")
}
}
layout := ThemeLayout{}
layout.Content = ThemeBlock{theme.UI("post"), x}
return ctx.Tpl(theme.UI("layout"), layout)
}
func DashBoard(ctx banana.Context) error {
err := Auth(ctx, PrivilegePostRead)
switch err {
case ErrNoPermit:
http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/dashboard", http.StatusFound)
return err
case ErrNotLogin:
http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/dashboard", http.StatusFound)
return err
case nil:
default:
return err
}
layout := ThemeLayout{}
layout.Content = ThemeBlock{theme.CP("starter"), 1}
return ctx.Tpl(theme.CP("layout"), layout)
}
func UsersCreatePage(ctx banana.Context) error {
err := Auth(ctx, PrivilegeUserRead)
switch err {
case ErrNoPermit:
return err
case ErrNotLogin:
http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/users", http.StatusFound)
return nil
case nil:
default:
return err
}
/*
idStr, ok := ctx.Params()["id"]
if !ok {
http.Redirect(ctx.Res(), ctx.Req(), "/cp/users", http.StatusFound)
return nil
}
id, err := strconv.ParseInt(idStr, 10, 32)
if err != nil {
http.Redirect(ctx.Res(), ctx.Req(), "/cp/users", http.StatusFound)
return nil
}
u, err := user.FindOne(int(id))
if err != nil {
return err
}
*/
u := 1
layout := ThemeLayout{}
layout.Content = ThemeBlock{theme.CP("user"), struct{ Info interface{} }{u}}
return ctx.Tpl(theme.CP("layout"), layout)
}
func Category(ctx banana.Context) error {
c, ok := ctx.Params()["category"]
if !ok {
return errors.New("no category")
}
ps, err := post.QueryByCategory(c, 0, 10)
if err != nil {
return err
}
var ca = category.Category{}
if len(ps) > 0 {
ca = ps[0].Category
}
layout := ThemeLayout{}
layout.Content = ThemeBlock{theme.UI("category"), struct {
List []post.Post
Bread category.Category
}{ps, ca}}
return ctx.Tpl(theme.UI("layout"), layout)
}
func Posts(ctx banana.Context) error {
err := Auth(ctx, PrivilegePostRead)
switch err {
case ErrNoPermit:
return err
case ErrNotLogin:
http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/posts", http.StatusFound)
return nil
case nil:
default:
return err
}
ps := post.Query(0, 10)
layout := ThemeLayout{}
layout.Content = ThemeBlock{theme.CP("posts"), ps}
return ctx.Tpl(theme.CP("layout"), layout)
}
func Users(ctx banana.Context) error {
err := Auth(ctx, PrivilegeUserRead)
switch err {
case ErrNoPermit:
return err
case ErrNotLogin:
http.Redirect(ctx.Res(), ctx.Req(), "/login?error&u=/cp/users", http.StatusFound)
return nil
case nil:
default:
return err
}
users, err := user.Query(0, 10)
if err != nil {
return err
}
layout := ThemeLayout{}
layout.Content = ThemeBlock{theme.CP("users"), struct{ List interface{} }{users}}
return ctx.Tpl(theme.CP("layout"), layout)
}
func NewPost(ctx banana.Context) error {
err := Auth(ctx, PrivilegePostRead)
switch err {
case ErrNoPermit:
return err
case ErrNotLogin:
http.Redirect(ctx.Res(), ctx.Req(), "/login?error", http.StatusFound)
return nil
case nil:
default:
return err
}
categories, err := category.Query()
if err != nil {
return err
}
p := post.New()
layout := ThemeLayout{}
layout.Content = ThemeBlock{theme.CP("post"), struct{ Post, Categories interface{} }{p, categories}}
return ctx.Tpl(theme.CP("layout"), layout)
}
func Login(ctx banana.Context) error {
r := ctx.Req()
username, pwd := r.FormValue("username"), r.FormValue("pwd")
result, sign, err := user.Check(username, pwd)
if err != nil {
return err
}
if result {
timeout := time.Now().Add(user.Expires)
userCookie := &http.Cookie{}
userCookie.Expires = timeout
userCookie.Name = UID_COOKIE_NAME
userCookie.Value = sign
http.SetCookie(ctx.Res(), userCookie)
http.Redirect(ctx.Res(), ctx.Req(), "/cp/dashboard", http.StatusFound)
} else {
http.Redirect(ctx.Res(), ctx.Req(), "/login?error", http.StatusFound)
}
return nil
}
func LoginPage(ctx banana.Context) error {
return ctx.Tpl(theme.CP("login"), 0)
}
func Query(ctx banana.Context) error {
posts := post.Query(0, 10)
layout := HomeLayout{}
layout.Content = posts
return ctx.Tpl(theme.UI("home"), layout)
}