// HandleDownload sends a single file
func HandleDownload(context router.Context) error {
// Find the file
file, err := files.Find(context.ParamInt("id"))
if err != nil {
return router.InternalError(err)
}
// Authorise access to this file - only the file owners can access their own files
err = authorise.Resource(context, file)
if err != nil {
return router.NotAuthorizedError(err)
}
// If we are permitted, send the file to the user
//w.Header().Set("Content-Type", "text/plain; charset=utf-8")
//http.DetectContentType(data []byte) string
h := context.Header()
h.Set("Content-Type", "application/pgp-encrypted")
h.Set("Content-Disposition", fmt.Sprintf("attachment; filename=\"%s\"", file.Name()))
h.Set("Content-Transfer-Encoding", "binary")
http.ServeFile(context, context.Request(), file.Path)
return nil
}
// HandleShowPath serves requests to a custom page url
func HandleShowPath(context router.Context) error {
// Setup context for template
path := context.Path()
q := pages.Query().Where("url=?", path).Limit(1)
pages, err := pages.FindAll(q)
if err != nil || len(pages) == 0 {
return router.NotFoundError(err)
}
// Get the first of pages to render
page := pages[0]
// If not published, check authorisation
if !page.IsPublished() {
// Authorise
err = authorise.Resource(context, page)
if err != nil {
return router.NotAuthorizedError(err)
}
}
return render(context, page)
}
// HandleUpdateShow handles the POST of the form to update a file
func HandleUpdate(context router.Context) error {
// Find the file
file, err := files.Find(context.ParamInt("id"))
if err != nil {
return router.NotFoundError(err)
}
// Authorise update file
err = authorise.Resource(context, file)
if err != nil {
return router.NotAuthorizedError(err)
}
// Update the file from params
params, err := context.Params()
if err != nil {
return router.InternalError(err)
}
// Find the to user, by querying users on username or email
// Set the user id if found, else return 404 error, user not found
// TODO: Make *sure* this only accepts the params we want
err = file.Update(params.Map())
if err != nil {
return router.InternalError(err)
}
// Redirect to file
return router.Redirect(context, file.URLShow())
}
// HandleShow displays a single page
func HandleShow(context router.Context) error {
// Find the page
page, err := pages.Find(context.ParamInt("id"))
if err != nil {
return router.InternalError(err)
}
// Authorise access
err = authorise.Resource(context, page)
if err != nil {
return router.NotAuthorizedError(err)
}
return render(context, page)
}
// HandleCreate handles the POST of the create form for users
func HandleCreate(context router.Context) error {
// Authorise
err := authorise.Resource(context, nil)
if err != nil {
return router.NotAuthorizedError(err)
}
// Setup context
params, err := context.Params()
if err != nil {
return router.InternalError(err)
}
// Default to customer role etc - admins will have to promote afterwards
params.Set("role", fmt.Sprintf("%d", users.RoleCustomer))
params.Set("status", fmt.Sprintf("%d", status.Published))
id, err := users.Create(params.Map())
if err != nil {
return err
}
// Log creation
context.Logf("#info Created user id,%d", id)
// Redirect to the new user
user, err := users.Find(id)
if err != nil {
return router.InternalError(err)
}
// Save the details in a secure cookie
session, err := auth.Session(context, context.Request())
if err != nil {
return router.InternalError(err)
}
context.Logf("#info CREATE for user: %d", user.Id)
session.Set(auth.SessionUserKey, fmt.Sprintf("%d", user.Id))
session.Save(context)
// Send them to their user profile page
return router.Redirect(context, user.URLShow())
}
// HandleUpdateShow renders the form to update a user
func HandleUpdateShow(context router.Context) error {
// Find the user
user, err := users.Find(context.ParamInt("id"))
if err != nil {
return router.NotFoundError(err)
}
// Authorise update user
err = authorise.Resource(context, user)
if err != nil {
return router.NotAuthorizedError(err)
}
// Render the template
view := view.New(context)
view.AddKey("user", user)
return view.Render()
}
// HandleUpdateShow renders the form to update a page
func HandleUpdateShow(context router.Context) error {
// Find the page
page, err := pages.Find(context.ParamInt("id"))
if err != nil {
return router.NotFoundError(err)
}
// Authorise update page
err = authorise.Resource(context, page)
if err != nil {
return router.NotAuthorizedError(err)
}
// Render the template
view := view.New(context)
view.AddKey("page", page)
return view.Render()
}
// HandleDestroy handles a DESTROY request for users
func HandleDestroy(context router.Context) error {
// Find the user
user, err := users.Find(context.ParamInt("id"))
if err != nil {
return router.NotFoundError(err)
}
// Authorise destroy user
err = authorise.Resource(context, user)
if err != nil {
return router.NotAuthorizedError(err)
}
// Destroy the user
user.Destroy()
// Redirect to users root
return router.Redirect(context, user.URLIndex())
}