diff options
| author | Kevin Keuning <kkeuning@gmail.com> | 2017-03-02 12:48:17 -0600 |
|---|---|---|
| committer | Kevin Keuning <kkeuning@gmail.com> | 2017-03-02 12:48:17 -0600 |
| commit | 6358ca512c227b8f035401b57543e0190c635e8d (patch) | |
| tree | c48b2ea31d4125c1783a3ccf47a3972e3479c219 /system/api/update.go | |
| parent | a7db36aa56c1998bc56d593a38f2a1640a9298a0 (diff) | |
added UpdateContent for merge behavior on api updates, extended Hookable
Diffstat (limited to 'system/api/update.go')
| -rw-r--r-- | system/api/update.go | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/system/api/update.go b/system/api/update.go index a669a9a..00933fb 100644 --- a/system/api/update.go +++ b/system/api/update.go @@ -3,6 +3,7 @@ package api import ( "context" "encoding/json" + "errors" "fmt" "log" "net/http" @@ -10,15 +11,17 @@ import ( "time" "github.com/ponzu-cms/ponzu/system/admin/upload" - "github.com/ponzu-cms/ponzu/system/admin/user" "github.com/ponzu-cms/ponzu/system/db" "github.com/ponzu-cms/ponzu/system/item" ) +var ErrNoAuth = errors.New("Auth failed for update request.") + // Updateable accepts or rejects update POST requests to endpoints such as: // /api/content/update?type=Review&id=1 type Updateable interface { // AcceptUpdate allows external content update submissions of a specific type + // user.IsValid(req) may be checked in AcceptUpdate to validate the request AcceptUpdate(http.ResponseWriter, *http.Request) error } @@ -55,12 +58,6 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) { return } - if user.IsValid(req) == false { - log.Println("[Update] invalid user.") - res.WriteHeader(http.StatusBadRequest) - return - } - post := p() ext, ok := post.(Updateable) @@ -139,15 +136,18 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) { return } - err = hook.BeforeAccept(res, req) + err = hook.BeforeAcceptUpdate(res, req) if err != nil { - log.Println("[Update] error calling BeforeAccept:", err) + log.Println("[Update] error calling BeforeAcceptUpdate:", err) return } err = ext.AcceptUpdate(res, req) if err != nil { - log.Println("[Update] error calling Accept:", err) + log.Println("[Update] error calling AcceptUpdate:", err) + if err == ErrNoAuth { + res.WriteHeader(http.StatusUnauthorized) + } return } @@ -160,9 +160,9 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) { // set specifier for db bucket in case content is/isn't Trustable var spec string - _, err = db.SetContent(t+spec+":"+id, req.PostForm) + _, err = db.UpdateContent(t+spec+":"+id, req.PostForm) if err != nil { - log.Println("[Update] error calling SetContent:", err) + log.Println("[Update] error calling UpdateContent:", err) res.WriteHeader(http.StatusInternalServerError) return } @@ -177,9 +177,9 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) { return } - err = hook.AfterAccept(res, req) + err = hook.AfterAcceptUpdate(res, req) if err != nil { - log.Println("[Update] error calling AfterAccept:", err) + log.Println("[Update] error calling AfterAcceptUpdate:", err) return } |