ErrNoAuth from either BeforeAcceptUpdate or AcceptUpdate returns 401

author: Kevin Keuning <kkeuning@gmail.com> 2017-03-09 22:49:55 -0600
committer: Kevin Keuning <kkeuning@gmail.com> 2017-03-09 22:49:55 -0600
commit: d063005c74e1bef1f15f391bcf1b57a6398f9578 (patch)
tree: 49f7293f49237bd7594eeeb1df37130a1a375fa3 /system/api/update.go
parent: 3607a0094e5bf505d442801d108a9fe6f1ef2e6f (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/system/api/update.go b/system/api/update.go
index da79330..3a92a84 100644
--- a/system/api/update.go
+++ b/system/api/update.go
@@ -21,7 +21,6 @@ var ErrNoAuth = errors.New("Auth failed for update request.")
 // /api/content/update?type=Review&id=1
 type Updateable interface {
 	// AcceptUpdate allows external content update submissions of a specific type
-	// user.IsValid(req) may be checked in AcceptUpdate to validate the request
 	AcceptUpdate(http.ResponseWriter, *http.Request) error
 }
 
@@ -139,6 +138,10 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) {
 	err = hook.BeforeAcceptUpdate(res, req)
 	if err != nil {
 		log.Println("[Update] error calling BeforeAcceptUpdate:", err)
+		if err == ErrNoAuth {
+			// BeforeAcceptUpdate can check user.IsValid(req) for auth
+			res.WriteHeader(http.StatusUnauthorized)
+		}
 		return
 	}
 
@@ -146,6 +149,7 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) {
 	if err != nil {
 		log.Println("[Update] error calling AcceptUpdate:", err)
 		if err == ErrNoAuth {
+			// AcceptUpdate can check user.IsValid(req) for auth
 			res.WriteHeader(http.StatusUnauthorized)
 		}
 		return
author	Kevin Keuning <kkeuning@gmail.com>	2017-03-09 22:49:55 -0600
committer	Kevin Keuning <kkeuning@gmail.com>	2017-03-09 22:49:55 -0600
commit	d063005c74e1bef1f15f391bcf1b57a6398f9578 (patch)
tree	49f7293f49237bd7594eeeb1df37130a1a375fa3 /system/api/update.go
parent	3607a0094e5bf505d442801d108a9fe6f1ef2e6f (diff)