// Update handles PUT
func (ctl *AttributeController) Update(c *models.Context) {
_, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
key := c.RouteVars["key"]
// Exception from normal model is that we don't attempt to fetch before
// we update. We will be doing an upsert (update or insert) rather than
// a pure update. As such, the item may not exist before we update it and
// we allow that to be resolved later. This works in this case as the data
// structure is simple and we don't care about extended metadata
m := models.AttributeType{}
m.Key = key
m.Number = sql.NullFloat64{Float64: math.MaxFloat64}
err = c.Fill(&m)
if err != nil {
c.RespondWithErrorMessage(
fmt.Sprintf("The post data is invalid: %v", err.Error()),
http.StatusBadRequest,
)
return
}
perms := models.GetPermission(models.MakeAuthorisationContext(c, 0, itemTypeID, itemID))
if !perms.CanUpdate {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
status, err = m.Update(itemTypeID, itemID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
audit.Replace(
c.Site.ID,
h.ItemTypes[h.ItemTypeAttribute],
m.ID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
c.RespondWithSeeOther(
fmt.Sprintf(
"%s/%s",
fmt.Sprintf(h.APITypeAttribute, c.RouteVars["type"], itemID),
key,
),
)
}
// Delete handles DELETE
func (ctl *AttributeController) Delete(c *models.Context) {
_, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
key := c.RouteVars["key"]
m := models.AttributeType{}
m.Key = key
attributeID, status, err := models.GetAttributeID(itemTypeID, itemID, m.Key)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
m.ID = attributeID
status, err = m.Delete()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
audit.Delete(
c.Site.ID,
h.ItemTypes[h.ItemTypeAttribute],
m.ID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
c.RespondWithOK()
}
