ErrNoAuth from either BeforeAcceptUpdate or AcceptUpdate returns 401

author: Kevin Keuning <kkeuning@gmail.com> 2017-03-09 22:49:55 -0600
committer: Kevin Keuning <kkeuning@gmail.com> 2017-03-09 23:20:48 -0600
commit: c9d2f7761088af120fe1dc12f8dd1044d60c1b03 (patch)
tree: 640bb67e0772e0caf30602b6245d930ca77d392a /system/api/update.go
parent: 2382cfa169c53f995272f82d99986528b00415e6 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/system/api/update.go b/system/api/update.go
index da79330..3a92a84 100644
--- a/system/api/update.go
+++ b/system/api/update.go
@@ -21,7 +21,6 @@ var ErrNoAuth = errors.New("Auth failed for update request.")
 // /api/content/update?type=Review&id=1
 type Updateable interface {
 	// AcceptUpdate allows external content update submissions of a specific type
-	// user.IsValid(req) may be checked in AcceptUpdate to validate the request
 	AcceptUpdate(http.ResponseWriter, *http.Request) error
 }
 
@@ -139,6 +138,10 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) {
 	err = hook.BeforeAcceptUpdate(res, req)
 	if err != nil {
 		log.Println("[Update] error calling BeforeAcceptUpdate:", err)
+		if err == ErrNoAuth {
+			// BeforeAcceptUpdate can check user.IsValid(req) for auth
+			res.WriteHeader(http.StatusUnauthorized)
+		}
 		return
 	}
 
@@ -146,6 +149,7 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) {
 	if err != nil {
 		log.Println("[Update] error calling AcceptUpdate:", err)
 		if err == ErrNoAuth {
+			// AcceptUpdate can check user.IsValid(req) for auth
 			res.WriteHeader(http.StatusUnauthorized)
 		}
 		return
author	Kevin Keuning <kkeuning@gmail.com>	2017-03-09 22:49:55 -0600
committer	Kevin Keuning <kkeuning@gmail.com>	2017-03-09 23:20:48 -0600
commit	c9d2f7761088af120fe1dc12f8dd1044d60c1b03 (patch)
tree	640bb67e0772e0caf30602b6245d930ca77d392a /system/api/update.go
parent	2382cfa169c53f995272f82d99986528b00415e6 (diff)