// HandleShow serve a get request at /users/1
func HandleShow(context router.Context) error {
// No auth - this is public
// Find the user
user, err := users.Find(context.ParamInt("id"))
if err != nil {
context.Logf("#error parsing user id: %s", err)
return router.NotFoundError(err)
}
// Get the user comments
q := comments.Where("user_id=?", user.Id).Limit(10).Order("created_at desc")
userComments, err := comments.FindAll(q)
if err != nil {
return router.InternalError(err)
}
// Get the user stories
q = stories.Where("user_id=?", user.Id).Limit(50).Order("created_at desc")
userStories, err := stories.FindAll(q)
if err != nil {
return router.InternalError(err)
}
// Render the Template
view := view.New(context)
view.AddKey("user", user)
view.AddKey("comments", userComments)
view.AddKey("stories", userStories)
view.AddKey("meta_title", user.Name)
view.AddKey("meta_desc", user.Name)
return view.Render()
}
// HandleCreate handles the POST of the create form for stories
func HandleCreate(context router.Context) error {
// Check csrf token
err := authorise.AuthenticityToken(context)
if err != nil {
return router.NotAuthorizedError(err)
}
// Check permissions - if not logged in and above 1 points, redirect to error
if !authorise.CurrentUser(context).CanSubmit() {
return router.NotAuthorizedError(nil, "Sorry", "You need to be registered and have more than 1 points to submit stories.")
}
// Get user details
user := authorise.CurrentUser(context)
ip := getUserIP(context)
// Check that no story with this url already exists
q := stories.Where("url=?", context.Param("url"))
duplicates, err := stories.FindAll(q)
if err != nil {
return router.InternalError(err)
}
if len(duplicates) > 0 {
dupe := duplicates[0]
// Add a point to dupe
addStoryVote(dupe, user, ip, 1)
return router.Redirect(context, dupe.URLShow())
}
// Setup context
params, err := context.Params()
if err != nil {
return router.InternalError(err)
}
// Set a few params
params.SetInt("points", 1)
params.SetInt("user_id", user.Id)
params.Set("user_name", user.Name)
id, err := stories.Create(params.Map())
if err != nil {
return err // Create returns a router.Error
}
// Log creation
context.Logf("#info Created story id,%d", id)
// Redirect to the new story
story, err := stories.Find(id)
if err != nil {
return router.InternalError(err)
}
// We need to add a vote to the story here too by adding a join to the new id
err = recordStoryVote(story, user, ip, +1)
if err != nil {
return err
}
// Re-rank stories
err = updateStoriesRank()
if err != nil {
return err
}
return router.Redirect(context, story.URLIndex())
}
// HandleCreate handles the POST of the create form for stories
func HandleCreate(context router.Context) error {
// Check csrf token
err := authorise.AuthenticityToken(context)
if err != nil {
return router.NotAuthorizedError(err)
}
// Check permissions - if not logged in and above 1 points, redirect to error
if !authorise.CurrentUser(context).CanSubmit() {
return router.NotAuthorizedError(nil, "Sorry", "You need to be registered and have more than 1 points to submit stories.")
}
// Get params
params, err := context.Params()
if err != nil {
return router.InternalError(err)
}
// Get user details
user := authorise.CurrentUser(context)
ip := getUserIP(context)
url := params.Get("url")
// Strip trailing slashes on url before comparisons
// we could possibly also strip url fragments
if strings.HasSuffix(url, "/") {
url = strings.Trim(url, "/")
params.Set("url", url)
}
// Check that no story with this url already exists
q := stories.Where("url=?", url)
duplicates, err := stories.FindAll(q)
if err != nil {
return router.InternalError(err)
}
if len(duplicates) > 0 {
dupe := duplicates[0]
// Add a point to dupe and return
addStoryVote(dupe, user, ip, 1)
return router.Redirect(context, dupe.URLShow())
}
// Clean params according to role
accepted := stories.AllowedParams()
if authorise.CurrentUser(context).Admin() {
accepted = stories.AllowedParamsAdmin()
}
cleanedParams := params.Clean(accepted)
// Set a few params
cleanedParams["points"] = "1"
cleanedParams["user_id"] = fmt.Sprintf("%d", user.Id)
cleanedParams["user_name"] = user.Name
id, err := stories.Create(cleanedParams)
if err != nil {
return err // Create returns a router.Error
}
// Log creation
context.Logf("#info Created story id,%d", id)
// Redirect to the new story
story, err := stories.Find(id)
if err != nil {
return router.InternalError(err)
}
// We need to add a vote to the story here too by adding a join to the new id
err = recordStoryVote(story, user, ip, +1)
if err != nil {
return err
}
// Re-rank stories
err = updateStoriesRank()
if err != nil {
return err
}
return router.Redirect(context, story.URLIndex())
}
// HandleCreate handles the POST of the create form for stories
func HandleCreate(context router.Context) error {
// Check csrf token
err := authorise.AuthenticityToken(context)
if err != nil {
return router.NotAuthorizedError(err)
}
// Check permissions - if not logged in and above 1 points, redirect to error
if !authorise.CurrentUser(context).CanSubmit() {
return router.NotAuthorizedError(nil, "Sorry", "You need to be registered and have more than 1 points to submit stories.")
}
// Get params
params, err := context.Params()
if err != nil {
return router.InternalError(err)
}
// Get user details
user := authorise.CurrentUser(context)
ip := getUserIP(context)
// Process urls
url := params.Get("url")
// Strip trailing slashes on url before comparisons
if strings.HasSuffix(url, "/") {
url = strings.Trim(url, "/")
}
// Strip ?utm_source etc - remove all after ?utm_source
if strings.Contains(url, "?utm_") {
url = strings.Split(url, "?utm_")[0]
}
// Strip url fragments (For example trailing # on medium urls)
if strings.Contains(url, "#") {
url = strings.Split(url, "#")[0]
}
// Rewrite mobile youtube links
if strings.HasPrefix(url, "https://m.youtube.com") {
url = strings.Replace(url, "https://m.youtube.com", "https://www.youtube.com", 1)
}
params.Set("url", url)
// Check that no story with this url already exists
q := stories.Where("url=?", url)
duplicates, err := stories.FindAll(q)
if err != nil {
return router.InternalError(err)
}
if len(duplicates) > 0 {
story := duplicates[0]
// Check we have no votes already from this user, if we do fail
if storyHasUserVote(story, user) {
return router.NotAuthorizedError(err, "Vote Failed", "Sorry you are not allowed to vote twice, nice try!")
}
// Add a point to dupe and return
addStoryVote(story, user, ip, 1)
return router.Redirect(context, story.URLShow())
}
// Clean params according to role
accepted := stories.AllowedParams()
if authorise.CurrentUser(context).Admin() {
accepted = stories.AllowedParamsAdmin()
}
cleanedParams := params.Clean(accepted)
// Set a few params
cleanedParams["points"] = "1"
cleanedParams["user_id"] = fmt.Sprintf("%d", user.Id)
cleanedParams["user_name"] = user.Name
id, err := stories.Create(cleanedParams)
if err != nil {
return err // Create returns a router.Error
}
// Log creation
context.Logf("#info Created story id,%d", id)
// Redirect to the new story
story, err := stories.Find(id)
if err != nil {
return router.InternalError(err)
}
// We need to add a vote to the story here too by adding a join to the new id
err = recordStoryVote(story, user, ip, +1)
if err != nil {
return err
}
// Re-rank stories
err = updateStoriesRank()
if err != nil {
return err
}
return router.Redirect(context, story.URLIndex())
}